Recognizing and Avoiding Spyware

What is spyware?

Despite its name, the term "spyware" doesn't refer to something used by undercover operatives, but rather by the advertising industry. In fact, spyware is also known as "adware." It refers to a category of software that, when installed on your computer, may send you pop-up ads, redirect your browser to certain web sites, or monitor the web sites that you visit. Some extreme, invasive versions of spyware may track exactly what keys you type. Attackers may also use spyware for malicious purposes.

Because of the extra processing, spyware may cause your computer to become slow or sluggish. There are also privacy implications:

• What information is being gathered?
  
• Who is receiving it?
  
• How is it being used?
  

How do you know if there is spyware on your computer?

The following symptoms may indicate that spyware is installed on your computer:

• you are subjected to endless pop-up windows
  
• you are redirected to web sites other than the one you typed into your browser
  
• new, unexpected toolbars appear in your web browser
  
• new, unexpected icons appear in the task tray at the bottom of your screen
  
• your browser's home page suddenly changed
  
• the search engine your browser opens when you click "search" has been changed
  
• certain keys fail to work in your browser (e.g., the tab key doesn't work when you are moving to the next field within a form)
  
• random Windows error messages begin to appear
  
• your computer suddenly seems very slow when opening programs or processing tasks (saving files, etc.)
  

How can you prevent spyware from installing on your computer?

To avoid unintentionally installing it yourself, follow these good security practices:

• Don't click on links within pop-up windows - Because pop-up windows are often a product of spyware, clicking on the window may install spyware software on your computer. To close the pop-up window, click on the "X" icon in the title bar instead of a "close" link within the window.
  
• Choose "no" when asked unexpected questions - Be wary of unexpected dialog boxes asking whether you want to run a particular program or perform another type of task. Always select "no" or "cancel," or close the dialog box by clicking the "X" icon in the title bar.
  
• Be wary of free downloadable software - There are many sites that offer customized toolbars or other features that appeal to users. Don't download programs from sites you don't trust, and realize that you may be exposing your computer to spyware by downloading some of these programs.
  
• Don't follow email links claiming to offer anti-spyware software - Like email viruses, the links may serve the opposite purpose and actually install the spyware it claims to be eliminating.
  

As an additional good security practice, especially if you are concerned that you might have spyware on your machine and want to minimize the impact, consider taking the following action:

• Adjust your browser preferences to limit pop-up windows and cookies - Pop-up windows are often generated by some kind of scripting or active content. Adjusting the settings within your browser to reduce or prevent scripting or active content may reduce the number of pop-up windows that appear. Some browsers offer a specific option to block or limit pop-up windows. Certain types of cookies are sometimes considered spyware because they reveal what web pages you have visited. You can adjust your privacy settings to only allow cookies for the web site you are.
  

  How do you remove spyware?
  

• Run a full scan on your computer with your anti-virus software - Some anti-virus software will find and remove spyware, but it may not find the spyware when it is monitoring your computer in real time. Set your anti-virus software to prompt you to run a full scan periodically.
  
• Run a legitimate product specifically designed to remove spyware - Many vendors offer products that will scan your computer for spyware and remove any spyware software. Popular products include Lavasoft's Ad-Aware, Webroot's SpySweeper, PestPatrol, and Spybot Search and Destroy.
  
• Make sure that your anti-virus and anti-spyware software are compatible - Take a phased approach to installing the software to ensure that you don't unintentionally introduce problems.
  

Avoiding Copyright Infringement

How does copyright infringement apply to the internet?

Copyright infringement occurs when you use or distribute information without permission from the person or organization that owns the legal rights to the information. Including an image or cartoon on your web site or in a document, illegally downloading music, and pirating software are all common copyright violations. While these activities may seem harmless, they could have serious legal and security implications.

How do you know if you have permission to use something?

If you find something on a web site that you'd like to use (e.g., a document, a chart, an application), search for information about permissions to use, download, redistribute, or reproduce. Most web sites have a "terms of use" page that explains how you are allowed to use information from the site. You can often find a link to this page in the site's contact information or privacy policy, or at the bottom of the page that contains the information you are interested in using.

There may be restrictions based on the purpose, method, and audience. You may also have to adhere to specific conditions about how much information you are allowed to use or how the information is presented and attributed. If you can't locate the terms of use, or if it seems unclear, contact the individual or organization that holds the copyright to ask permission.

What consequences could you face?

• Prosecution - When you illegally download, reproduce, or distribute information, you risk legal action. Penalties may range from warnings and mandatory removal of all references to costly fines. Depending on the severity of the crime, jail time may also be a possibility. To offset their own court costs and the money they feel they lose because of pirated software; vendors may increase the prices of their products.
  
• Infection - Attackers could take advantage of sites or networks that offer unauthorized downloads (music, movies, software, etc.) by including code into the files that would infect your computer once it was installed. Because you wouldn't know the source or identity of the infection (or maybe that it was even there), you might not be able to easily identify or remove it. Pirated software with hidden Trojan horses is often advertised as discounted software in spam email messages.

Reviewing End-User License Agreements

What is an end-user license agreement?

An end-user license agreement (EULA) is a contract between you and the software's vendor or developer. Some software packages state that by simply removing the shrink-wrap on the package, you agree to the contract. However, you may be more familiar with the type of EULA that is presented as a dialog box that appears the first time you open the software. It usually requires you to accept the conditions of the contract before you can proceed. Some EULAs only apply to certain features of the software, so you may only encounter them when you attempt to use those features.

Unfortunately, many users don't read EULAs before accepting them. The terms of each contract differ, and you may be agreeing to conditions that you later consider unfair or that expose you to security risks you didn't expect.

What terms may be included?

EULAs are legal contracts, and the vendor or developer may include almost any conditions. These conditions are often designed to protect the developer or vendor against liability, but they may also include additional terms that give the vendor some control over your computer. The following topics are often covered in EULAs:

• Distribution - There are often limitations placed on the number of times you are allowed to install the software and restrictions about reproducing the software for distribution.
  
• Warranty - Developers or vendors often include disclaimers that they are not liable for any problem that results from the software being used incorrectly. They may also protect themselves from liability for software flaws, software failure, or incompatibility with other programs on your computer.
  

The following topics, while not standard, are examples of other conditions that have been included in EULAs. They present security implications that you should consider before accepting the agreement.

• Monitoring - Agreeing to the EULA may give the vendor permission to monitor your computer activity and communicate the information back to the vendor or to another third party. Depending on what information is being collected, this type of monitoring could have both security and privacy implications.
  
• Software installation - Some agreements allow the vendor to install additional software on your computer. This may include updated versions of the software program you installed (the determination of which version you are running may be a result of the monitoring described above). Vendors may also incorporate statements that allow them or other third parties to install additional software programs on your computer. This software may be unnecessary, may affect the functionality of other programs on your computer, and may introduce security risks.
  

How Anonymous Are You?

What information is collected?

When you visit a web site, a certain amount of information is automatically sent to the site. This information may include the following:

• IP address - Each computer on the internet is assigned a specific, unique IP (internet protocol) address. Your computer may have a static IP address or a dynamic IP address. If you have a static IP address, it never changes. However, some ISPs own a block of addresses and assign an open one each time you connect to the internet—this is a dynamic IP address. You can determine your computer's IP address at any given time by visiting www.showmyip.com
  
• Domain name - The internet is divided into domains, and every user's account is associated with one of those domains. You can identify the domain by looking at the end of URL; for example, .edu indicates an educational institution, .gov indicates a US government agency, .org refers to organization, and .com is for commercial use. Many countries also have specific domain names. The list of active domain names is available from the Internet Assigned Numbers Authority (IANA).
  
• Software details - It may be possible for an organization to determine which browser, including the version that you used to access its site. The organization may also be able to determine what operating system your computer is running.
  
• Page visits - Information about which pages you visited, how long you stayed on a given page, and whether you came to the site from a search engine is often available to the organization operating the web site.
  

If a web site uses cookies, the organization may be able to collect even more information, such as your browsing patterns, which include other sites you've visited. If the site you're visiting is malicious, files on your computer, as well as passwords stored in the temporary memory, may be at risk.

How is this information used?

Generally, organizations use the information that is gathered automatically for legitimate purposes, such as generating statistics about their sites. By analyzing the statistics, the organizations can better understand the popularity of the site and which areas of content are being accessed the most. They may be able to use this information to modify the site to better support the behaviour of the people visiting it.

Another way to apply information gathered about users is marketing. If the site uses cookies to determine other sites or pages you have visited, it may use this information to advertise certain products. The products may be on the same site or may be offered by partner sites.

However, some sites may collect your information for malicious purposes. If attackers are able to access files, passwords, or personal information on your computer, they may be able to use this data to their advantage. The attackers may be able to steal your identity, using and abusing your personal information for financial gain. A common practice is for attackers to use this type of information once or twice, then sell or trade it to other people. The attackers profit from the sale or trade, and increasing the number of transactions makes it more difficult to trace any activity back to them. The attackers may also alter the security settings on your computer so that they can access and use your computer for other malicious activity.

Are you exposing any other personal information?

While using cookies may be one method for gathering information, the easiest way for attackers to get access to personal information is to ask for it. By representing a malicious site as a legitimate one, attackers may be able to convince you to give them your address, credit card information, social security number, or other personal data.

How can you limit the amount of information collected about you?

• Be careful supplying personal information - Unless you trust a site, don't give your address, password, or credit card information. Look for indications that the site uses SSL to encrypt your information. Although some sites require you to supply your social security number (e.g., sites associated with financial transactions such as loans or credit cards), be especially wary of providing this information online.
  
• Limit cookies - If an attacker can access your computer, he or she may be able to find personal data stored in cookies. You may not realize the extent of the information stored on your computer until it is too late. However, you can limit the use of cookies.
  
• Browse safely - Be careful which web sites you visit; if it seems suspicious, leave the site. Also make sure to take precautions by increasing your security settings, keeping your virus definitions up to date, and scanning your computer for spyware.

Apple Updates for Multiple Vulnerabilities

Systems Affected

• Apple Mac OS X versions prior to and including 10.4.11 (Tiger) and 10.5.4 (Leopard)
  
• Apple Mac OS X Server versions prior to and including 10.4.11 (Tiger) and 10.5.4 (Leopard)
  

Overview

Apple has released Security Update 2008-006 and Mac OS X version 10.5.5 to correct multiple vulnerabilities affecting Apple Mac OS X and Mac OS X Server. Attackers could exploit these vulnerabilities to execute arbitrary code, gain access to sensitive information, or cause a denial of service.

I. Description

Apple Security Update 2008-006 and Apple Mac OS X version 10.5.5 address a number of vulnerabilities affecting Apple Mac OS X and Mac OS X Server versions prior to and including 10.4.11 and 10.5.4. The update also addresses vulnerabilities in other vendors' products that ship with Apple Mac OS X or Mac OS X Server.

II. Impact

The impacts of these vulnerabilities vary. Potential consequences include arbitrary code execution, sensitive information disclosure, denial of service, privilege escalation, or DNS cache poisoning.

III. Solution

Upgrade

Install Apple Security Update 2008-006 or Apple Mac OS X version 10.5.5. These and other updates are available via Software Update or via Apple Downloads.

Google Chrome Announcement

The Best Explanation for Chrome... Its a great browser

Multiple Web Browsers Affected by Clickjacking

Info Netz is aware of public reports of a new cross-browser exploit technique called "Clickjacking." According to one of the reports, Clickjacking gives an attacker the ability to trick a user into clicking on something only barely or momentarily noticeable. Therefore, if a user clicks on a web page, they may actually be clicking on content from another page. A separate report indicates that this flaw affects most web browsers and that no fix is available; but that disabling browser scripting and plug-ins may help mitigate some of the risks.

An additional report suggests that Firefox users consider using the NoScript plug-in as an added preventative measure. Disabling IFRAMEs by default, as outlined in the Securing Your Web Browser document (will be posted soon), is reported to protect against the vulnerability.

Info Netz encourages users to review the report and follow the security recommendations as described in the Securing Your Web Browser ( will be posted soon) document to help mitigate some of the risks.

Info Netz will provide additional information as it becomes available.

Mozilla Releases Firefox 3.0.2

Mozilla has released Firefox 3.0.2 to address multiple vulnerabilities. The impacts of these vulnerabilities include arbitrary code execution, enabling cross-site scripting, privilege escalation, information disclosure, and denial of service. As described in the Mozilla Foundation Security Advisories, some of these vulnerabilities may also affect Thunderbird and SeaMonkey.

I encourage users to do the following to help mitigate the risks:

• Review the Mozilla Foundation Security Advisories.
  
• Update to Firefox 3.0.2.

Protecting Portable Devices: Data Security

Why do you need another layer of protection?

Although there are ways to physically protect your laptop, PDA, or other portable device, there is no guarantee that it won't be stolen. After all, as the name suggests, portable devices are designed to be easily transported. The theft itself is, at the very least, frustrating, inconvenient, and unnerving, but the exposure of information on the device could have serious consequences. Also, remember that any devices that are connected to the internet, especially if it is a wireless connection, are also susceptible to network attacks.

What can you do?

• Use passwords correctly - In the process of getting to the information on your portable device, you probably encounter multiple prompts for passwords. Take advantage of this security. Don't choose options that allow your computer to remember passwords, don't choose passwords that thieves could easily guess, use different passwords for different programs, and take advantage of additional authentication methods.
  
• Consider storing important data separately - There are many forms of storage media, including floppy disks, zip disks, CDs, DVDs, and removable flash drives (also known as USB drives or thumb drives). By saving your data on removable media and keeping it in a different location (e.g., in your suitcase instead of your laptop bag), you can protect your data even if your laptop is stolen. You should make sure to secure the location where you keep your data to prevent easy access.
  
• Encrypt files - By encrypting files, you ensure that unauthorized people can't view data even if they can physically access it. You may also want to consider options for full disk encryption, which prevents a thief from even starting your laptop without a passphrase. When you use encryption, it is important to remember your passwords and passphrases; if you forget or lose them, you may lose your data.
  
• Install and maintain anti-virus software - Protect laptops and PDAs from viruses the same way you protect your desktop computer. Make sure to keep your virus definitions up to date.
  
• Install and maintain a firewall - While always important for restricting traffic coming into and leaving your computer, firewalls are especially important if you are travelling and utilizing different networks. Firewalls can help prevent outsiders from gaining unwanted access.
  
• Back up your data - Make sure to back up any data you have on your computer onto a CD-ROM, DVD-ROM, or network. Not only will this ensure that you will still have access to the information if your device is stolen, but it could help you identify exactly which information a thief may be able to access. You may be able to take measures to reduce the amount of damage that exposure could cause.
  

Multiple DNS implementations vulnerable to cache poisoning

Systems Affected

Systems implementing:

• Caching DNS resolvers
  
• DNS stub resolvers
  

Affected systems include both client and server systems, and any other networked systems that include this functionality.

Overview

Deficiencies in the DNS protocol and common DNS implementations facilitate DNS cache poisoning attacks. Effective attack techniques against these vulnerabilities have been demonstrated.

 

I. Description

DNS cache poisoning (sometimes referred to as cache pollution) is an attack technique that allows an attacker to introduce forged DNS information into the cache of a caching nameserver. The general concept has been known for some time, and a number of inherent deficiencies in the DNS protocol and defects in common DNS implementations that facilitate DNS cache poisoning have previously been identified and described in public literature.

Recent research into these and other related vulnerabilities has produced extremely effective exploitation methods to achieve cache poisoning. Tools and techniques have been developed that can reliably poison a domain of the attacker's choosing on most current implementations. As a result, the consensus of DNS software implementers is to implement source port randomization in their resolvers as mitigation.

II. Impact

An attacker with the ability to conduct a successful cache poisoning attack can cause a nameserver's clients to contact the incorrect, and possibly malicious, hosts for particular services. Consequently, web traffic, email, and other important network data can be redirected to systems under the attacker's control.

III. Solution

Apply a patch from your vendor

Patches have been released by a number of vendors to implement source port randomization in the nameserver. This change significantly reduces the practicality of cache poisoning attacks.

As mentioned above, stub resolvers are also vulnerable to these attacks. Stub resolvers that will issue queries in response to attacker behaviour, and may receive packets from an attacker, should be patched. System administrators should be alert for patches to client operating systems that implement port randomization in the stub resolver.

Workarounds

Restrict access

Administrators, particularly those who are unable to apply a patch, can limit exposure to this vulnerability by restricting sources that can ask for recursion. Note that restricting access will still allow attackers with access to authorized hosts to exploit this vulnerability.

Filter traffic at network perimeters

Because the ability to spoof IP addresses is necessary to conduct these attacks, administrators should take care to filter spoofed addresses at the network perimeter. It is important to understand your network's configuration and service requirements before deciding what changes are appropriate.

Run a local DNS cache

In lieu of strong port randomization characteristics in a stub resolver, administrators can protect their systems by using local caching full-service resolvers, both on the client systems and on servers that are topologically close on the network to the client systems. This should be done in conjunction with the network segmentation and filtering strategies mentioned above.

Disable recursion

Disable recursion on any nameserver responding to DNS requests made by untrusted systems.

Protecting Portable Devices: Physical Security

What is at risk?

Only you can determine what is actually at risk. If a thief steals your laptop or PDA, the most obvious loss is the machine itself. However, if the thief is able to access the information on the computer or PDA, all of the information stored on the device is at risk, as well as any additional information that could be accessed as a result of the data stored on the device itself.

Sensitive corporate information or customer account information should not be accessed by unauthorized people. You've probably heard news stories about organizations panicking because laptops with confidential information on them have been lost or stolen. But even if there isn't any sensitive corporate information on your laptop or PDA, think of the other information at risk: information about appointments, passwords, email addresses and other contact information, personal information for online accounts, etc.

How can you protect your laptop or PDA?

Password-protect your computer - Make sure that you have to enter a password to log in to your.

Keep your laptop or PDA with you at all times - When traveling, keep your laptop with you. Meal times are optimum times for thieves to check hotel rooms for unattended laptops. If you are attending a conference or trade show, be especially wary—these venues offer thieves a wider selection of devices that are likely to contain sensitive information, and the conference sessions offer more opportunities for thieves to access guest rooms.

Downplay your laptop or PDA - There is no need to advertise to thieves that you have a laptop or PDA. Avoid using your portable device in public areas, and consider non-traditional bags for carrying your laptop.

Consider an alarm or lock - Many companies sell alarms or locks that you can use to protect or secure your laptop. If you travel often or will be in a heavily populated area, you may want to consider investing in an alarm for your laptop bag or a lock to secure your laptop to a piece of furniture.

Back up your files - If your portable device is stolen, it's bad enough that someone else may be able to access your information. To avoid losing all of the information, make backups of important information and store the backups in a separate location. Not only will you still be able to access the information, but you'll be able to identify and report exactly what information is at risk.

What can you do if your laptop or PDA is lost or stolen?

Report the loss or theft to the appropriate authorities. These parties may include representatives from law enforcement agencies, as well as hotel or conference staff. If your device contained sensitive corporate or customer account information, immediately report the loss or theft to your organization so that they can act quickly.

Fake Antivirus Software Circulating

HACKING-TECHNOLOGY is aware of public reports indicating an increase in the instances of fake antivirus software circulating. These software applications are malicious code, not legitimate antivirus applications. These instances of malicious code are noted as being distributed through spam email messages containing malicious links, instant messages containing malicious links, private messages on social networking sites, infection from other malware, and from visiting compromised websites. Quite often, this malware attempts to convince users that there is something wrong with their systems. This leads to an attempt persuade the users into purchasing an illegitimate antivirus application. If the user purchases the bogus software, the attacker may be able to obtain personal and credit card information for use in additional scams and fraudulent activity.

HACKINGTECHNOLOGY encourages users to perform the following preventative measures to help mitigate the risks:

1) Install legitimate antivirus software from a trusted vendor, and keep its virus signature files up-to-date.
2) Do not follow unsolicited web links found in email messages or instant messages.
3) Use caution when visiting untrusted websites.
4) Do not install untrusted software.

Google Chrome Download Vulnerability

We are aware of a vulnerability that affects the Google Chrome web browser. This vulnerability is due to a default configuration that allows files to be downloaded without prompting the user. In addition, downloaded files can be opened with a single click, which could allow a user to inadvertently open a malicious file.

We encourage users to enable the "Ask where to save each file before downloading" option within the "Minor Tweaks" tab in the browser preferences. Although this does not fix the underlying vulnerability, selecting this option will warn the user before files are downloaded. Users should still exercise caution when visiting and downloading items from untrusted websites.

Understanding Your Computer: Operating Systems

What is an operating system?

An operating system (OS) is the main program on a computer. It performs a variety of functions, including

• determining what types of software you can install
• coordinating the applications running on the computer at any given time
• making sure that individual pieces of hardware, such as printers, keyboards, and disk drives, all communicate properly
• allowing applications such as word processors, email clients, and web browsers to perform tasks on the system (e.g., drawing windows on the screen, opening files, communicating on a network) and utilize other system resources (e.g., printers, disk drives)
• reporting error messages

The OS also determines how you see information and perform tasks. Some operating systems use a graphical user interface (GUI), which presents information through pictures (icons, buttons, dialog boxes, etc.) as well as words. Other operating systems can rely solely on text.

How do you choose an operating system?

In very simplistic terms, when you choose to buy a computer, you are usually also choosing an operating system. Although you may change it, vendors typically ship computers with a particular operating system. There are multiple operating systems, each with different features and benefits, but the following three are the most common:

• Windows - Windows, with versions including Windows Me, Windows 2000, and Windows XP, is the most common operating system for home users. It is produced by Microsoft and is typically included on machines purchased in electronics stores or from vendors such as Dell or Gateway. The Windows OS uses a GUI, which many users find more appealing and easier to use than text-based interfaces.
• Mac OS X - Produced by Apple, Mac OS X is the operating system used on Macintosh computers. With the exception of a different GUI, it is similar to the Windows interface in the way it operates.
• Linux and other UNIX-derived operating systems - Linux and other systems derived from the UNIX operating system are frequently used for specialized workstations and servers, such as web and email servers. Because they are often more difficult for general users or require specialized knowledge and skills to operate, they are not very popular with home users. However, as they continue to develop and become easier to use, they may become more popular on typical home user systems.

Understanding Your Computer: Email Clients

How do email clients work?

Every email address has two basic parts: the user name and the domain name. When you are sending email to someone else, your domain's server has to communicate with your recipient's domain server.

For example, let's assume that your email address is johndoe@example.com, and the person you are contacting is at janesmith@anotherexample.org. In very basic terms, after you hit send, the server hosting your domain (example.com) looks at the email address and then contacts the server hosting the recipient's domain (anotherexample.org) to let it know that it has a message for someone at that domain. Once the connection has been established, the server hosting the recipient's domain (anotherexample.org) then looks at the user name of the email address and routes the message to that account.

How many email clients are there?

There are many different email clients and services, each with its own interface. Some are web-based, some are stand-alone graphics-based, and some are text-based. The following are some well-known email programs:

Web-based

*Hotmail

*Yahoo! Mail

*Gmail

Stand-alone graphics-based

*Outlook and Outlook Express

*Thunderbird

*Pegasus

Text-based

*Pine

How do you choose an email client?

There is usually an email client included with the installation of your operating system, but many other alternatives are available. Be wary of "home-brewed" software, because it may not be as secure or reliable as software that is tested and actively maintained. Some of the factors to consider when deciding which email client best suits your needs include

security - Do you feel that your email program offers you the level of security you want for sending, receiving, and reading email messages? How does it handle attachments (see Using Caution with Email Attachments for more information)? If you are dealing with sensitive information, do you have the option of sending and receiving signed and/or encrypted messages?

privacy - If you are using a web-based service, have you read its privacy policy? Do you know what information is being collected and who has access to it? Are there options for filtering spam?

functionality - Does the software send, receive, and interpret email messages appropriately?

reliability - For web-based services, is the server reliable, or is your email frequently unavailable due to maintenance, security problems, a high volume of users, or other reasons?

availability - Do you need to be able to access your account from any computer?

ease of use - Are the menus and options easy to understand and use?

visual appeal - Do you find the interface appealing?

Each email client may have a different way of organizing drafted, sent, saved, and deleted mail. Familiarize yourself with the software so that you can find and store messages easily, and so that you don't unintentionally lose messages. Once you have chosen the software you want to use for your email, protect yourself and your contacts by following good security practices.

Can you have use more than one email client?

You can have more than one email client, although you may have issues with compatibility. Some email accounts, such as those issued through your internet service provider (ISP) or place of employment, are only accessible from a computer that has appropriate privileges and settings for you to access that account. You can use any stand-alone email client to read those messages, but if you have more than one client installed on your machine, you should choose one as your default. When you click an email link in a browser or email message, your computer will open that default email client that you chose.

Most vendors give you the option to download their email software directly from their web sites. Make sure to verify the authenticity of the site before downloading any files, and follow other good security practices, like using a firewall and keeping anti-virus software up to date, to further minimize risk.

You can also maintain free email accounts through browser-based email clients (e.g., Yahoo!, Hotmail, Gmail) that you can access from any computer. Because these accounts are maintained directly on the vendors' servers, they don't interfere with other email accounts.

Google takes on Microsoft with new browser

Google opened up another front in its battle with Microsoft last night, with the surprise launch of a new web browser to add to its growing list of applications.

The search giant said Chrome had been created to better handle interactive applications and resource-hungry web pages such as video clips and online games. It is also less likely to crash, it claimed.

A test version of the browser will be available for download later today.

Analysts said Chrome, which was announced at the same time as new YouTube-like video communications services from Google, could take market share from Microsoft's Internet Explorer, as well as other browsers such as Opera and Firefox.

Details of Chrome were rushed out last night after someone at Google accidentally sent a comic book announcing the browser to a website that tracks the company.

In a blog posting late last night, Google said its engineers had decided to "completely rethink the browser" because the web has evolved from offering mainly simple text pages to rich, interactive applications.

"What we really needed was not just a browser, but also a modern platform for web pages and applications, and that's what we set out to build," said Sundar Pichai, VP product management, and Linus Upson, engineering director.

Early reaction from bloggers and industry analysts was broadly positive.

Roger Kay, president of Endpoint Technologies Associates, said Chrome would help attract computer users to Google's range of web-based applications.

"This gives Google another opportunity to protect its flank and to create a new branding position,'' said Kay.

"We like this move by Google and believe it can help to increase or at least maintain its leading search market share."

Needham & Co analyst Mark May said the move would allow Google to claim a significant slice of "online real estate".

"The market share gains by Firefox in a short period of time show to us that users are looking for better browser experiences," he said.

Open-source

Chrome is open-source, meaning developers can access and make changes to its underlying source code. Typically for a Google offering, it is available in test format as a beta.

Like other browsers it offers tabbing, letting the reader keep multiple web pages open. But with Chrome each tab runs as a separate process, so the applications should be more stable and secure.

"By keeping each tab in an isolated 'sandbox', we were able to prevent one tab from crashing another and provide improved protection from rogue sites," said Pichai and Upson.

According to recent figures, Internet Explorer has around 58% of the browser market, followed by Firefox with 19%. Google dominates the search market, with around 64.1% of all searches in August.

Video for business

Google also announced yesterday that it has added a video component to its Google Apps Premier Edition, a package of business software aimed at corporate users.

It will allow employees to share speeches, product training, sales meetings or other employee video messages without risking unauthorised disclosure outside the company.

"What YouTube did in the consumer world, Google Video for business is going to do in the enterprise," said Matthew Glotzbach, product management director of Google's enterprise division, the unit responsible for Google Apps.

It will be available for free for six months, starting Monday.

the above said information is from infoworld USA.

Keeping Children Safe Online

What unique risks are associated with children?

When a child is using your computer, normal safeguards and security practices may not be sufficient. Children present additional challenges because of their natural characteristics: innocence, curiosity, desire for independence, and fear of punishment. You need to consider these characteristics when determining how to protect your data and the child.

You may think that because the child is only playing a game, or researching a term paper, or typing a homework assignment, he or she can't cause any harm. But what if, when saving her paper, the child deletes a necessary program file? Or what if she unintentionally visits a malicious web page that infects your computer with a virus? These are just two possible scenarios. Mistakes happen, but the child may not realize what she's done or may not tell you what happened because she's afraid of getting punished.

Online predators present another significant threat, particularly to children. Because the nature of the internet is so anonymous, it is easy for people to misrepresent themselves and manipulate or trick other users. Adults often fall victim to these ploys, and children, who are usually much more open and trusting, are even easier targets. The threat is even greater if a child has access to email or instant messaging programs, visits chat rooms, and/or uses social networking sites.

What can you do?

* Be involved - Consider activities you can work on together, whether it be playing a game, researching a topic you had been talking about (e.g., family vacation spots, a particular hobby, a historical figure), or putting together a family newsletter. This will allow you to supervise your child's online activities while teaching her good computer habits.

* Keep your computer in an open area - If your computer is in a high-traffic area, you will be able to easily monitor the computer activity. Not only does this accessibility deter a child from doing something she knows she's not allowed to do, it also gives you the opportunity to intervene if you notice a behavior that could have negative consequences.

* Set rules and warn about dangers - Make sure your child knows the boundaries of what she is allowed to do on the computer. These boundaries should be appropriate for the child's age, knowledge, and maturity, but they may include rules about how long she is allowed to be on the computer, what sites she is allowed to visit, what software programs she can use, and what tasks or activities she is allowed to do. You should also talk to children about the dangers of the internet so that they recognize suspicious behavior or activity. The goal isn't to scare them, it's to make them more aware.

* Monitor computer activity - Be aware of what your child is doing on the computer, including which web sites she is visiting. If she is using email, instant messaging, or chat rooms, try to get a sense of who she is corresponding with and whether she actually knows them.

* Keep lines of communication open - Let your child know that she can approach you with any questions or concerns about behaviors or problems she may have encountered on the computer.

* Consider partitioning your computer into separate accounts - Most operating systems (including Windows XP, Mac OS X, and Linux) give you the option of creating a different user account for each user. If you're worried that your child may accidentally access, modify, and/or delete your files, you can give her a separate account and decrease the amount of access and number of privileges she has.

If you don't have separate accounts, you need to be especially careful about your security settings. In addition to limiting functionality within your browser, avoid letting your browser remember passwords and other personal information. Also, it is always important to keep your virus definitions up to date.

* Consider implementing parental controls - You may be able to set some parental controls within your browser. For example, Internet Explorer allows you to restrict or allow certain web sites to be viewed on your computer, and you can protect these settings with a password. To find those options, click Tools on your menu bar, select Internet Options..., choose the Content tab, and click the Enable... button under Content Advisor.

There are other resources you can use to control and/or monitor your child's online activity. Some ISPs offer services designed to protect children online. Contact your ISP to see if any of these services are available. There are also special software programs you can install on your computer. Different programs offer different features and capabilities, so you can find one that best suits your needs. The following web sites offer lists of software, as well as other useful information about protecting children online:

* GetNetWise - http://kids.getnetwise.org/ - Click Tools for Families to reach a page that allows you to search for software based on characteristics like what the tool does and what operating system you have on your computer.

* Yahooligans! Parents' Guide - http://yahooligans.yahoo.com/parents/ - Click Blocking and Filtering under Related Websites on the left sidebar to reach a list of software.

Evaluating Your Web Browser's Security Settings

Why are security settings for web browsers important?

Your web browser is your primary connection to the rest of the internet, and multiple applications may rely on your browser, or elements within your browser, to function. This makes the security settings within your browser even more important. Many web applications try to enhance your browsing experience by enabling different types of functionality, but this functionality might be unnecessary and may leave you susceptible to being attacked. The safest policy is to disable the majority of those features unless you decide they are necessary. If you determine that a site is trustworthy, you can choose to enable the functionality temporarily and then disable it once you are finished visiting the site.

Where can you find the settings?

Each web browser is different, so you may have to look around. For example, in Internet Explorer, you can find them by clicking Tools on your menu bar, selecting Internet Options..., choosing the Security tab, and clicking the Custom Level... button. However, in Firefox, you click Tools on the menu bar and select Options.... Click the Content, Privacy, and Security tabs to explore the basic security options. Browsers have different security options and configurations, so familiarize yourself with the menu options, check the help feature, or refer to the vendor's web site.

While every application has settings that are selected by default, you may discover that your browser also has predefined security levels that you can select. For example, Internet Explorer offers custom settings that allow you to select a particular level of security; features are enabled or disabled based on your selection. Even with these guides, it is helpful to have an understanding of what the different terms mean so that you can evaluate the features to determine which settings are appropriate for you.

How do you know what your settings should be?

Ideally, you would set your security for the highest level possible. However, restricting certain features may limit some web pages from loading or functioning properly. The best approach is to adopt the highest level of security and only enable features when you require their functionality.

What do the different terms mean?

Different browsers use different terms, but here are some terms and options you may find:

* Zones - Your browser may give you the option of putting web sites into different segments, or zones, and allow you to define different security restrictions for each zone.

For example, Internet Explorer identifies the following zones:

* Internet - This is the general zone for all public web sites. When you browse the internet, the settings for this zone are automatically applied to the sites you visit. To give you the best protection as you browse, you should set the security to the highest level; at the very least, you should maintain a medium level.

* Local intranet - If you are in an office setting that has its own intranet, this zone contains those internal pages. Because the web content is maintained on an internal web server, it is usually safe to have less restrictive settings for these pages. However, some viruses have tapped into this zone, so be aware of what sites are listed and what privileges they are being given.

* Trusted sites - If you believe that certain sites are designed with security in mind, and you feel that content from the site can be trusted not to contain malicious materials, you can add them to your trusted sites and apply settings accordingly. You may also require that only sites that implement Secure Sockets Layer (SSL) can be active in this zone. This permits you to verify that the site you are visiting is the site that it claims to be. is an optional zone but may be useful if you personally maintain multiple web sites or if your organization has multiple sites. Even if you trust them, avoid applying low security levels to external sites—if they are attacked, you might also become a victim.

* Restricted sites - If there are particular sites you think might not be safe, you can identify them and define heightened security settings. Because the security settings may not be enough to protect you, the best precaution is to avoid navigating to any sites that make you question whether or not they're safe.

* JavaScript - Some web sites rely on web scripts such as JavaScript to achieve a certain appearance or functionality, but these scripts may be used in attacks.

* Java and ActiveX controls - These programs are used to develop or execute active content that provides some functionality, but they may put you at risk.

* Plug-ins - Sometimes browsers require the installation of additional software known as plug-ins to provide additional functionality. Like Java and ActiveX controls, plug-ins may be used in an attack, so before installing them, make sure that they are necessary and that the site you have to download them from is trustworthy.

You may also find options that allow you to take the following security measures:

* Manage cookies - You can disable, restrict, or allow cookies as appropriate. Generally, it is best to disable cookies and then enable them if you visit a site you trust that requires them.

* Block pop-up windows - Although turning this feature on could restrict the functionality of certain web sites, it will also minimize the number of pop-up ads you receive, some of which may be malicious.

Understanding Your Computer: Web Browsers

How do web browsers work?

A web browser is an application that finds and displays web pages. It coordinates communication between your computer and the web server where a particular web site "lives."

When you open your browser and type in a web address (URL) for a web site, the browser contacts that server, requests the web page you asked for, and displays the page on your computer. The browser translates the code (written in a language such as HTML or XML) for the different elements of the page (text, images, sounds) into the appropriate format and displays the resulting page.

How many browsers are there?

There are many different browsers. Most users are familiar with graphical browsers, which display both text and graphics and may also display multimedia elements such as sound or video clips. However, there are also text-based browsers. The following are some well-known browsers:

* Internet Explorer
* Firefox
* AOL
* Opera
* Safari - a browser specifically designed for Macintosh computers
* Lynx - a text-based browser desirable for vision-impaired users because of the availability of special devices that read the text

How do you choose a browser?

A browser is usually included with the installation of your operating system, but you are not restricted to that choice. Some of the factors to consider when deciding which browser best suits your needs include

* compatibility - Does the browser work with your operating system?

* security - Do you feel that your browser offers you the level of security you want?

* ease of use - Are the menus and options easy to understand and use?

* functionality - Does the browser interpret web content correctly? If you need to install other plug-ins or devices to translate certain types of content, do they work?

* appeal - Do you find the interface and way the browser interprets web content visually appealing?

Can you have more than one browser installed at the same time?

If you decide to change your browser or add another one, you don't have to uninstall the browser that's currently on your computer—you can have more than one browser on your computer at once. However, you will be prompted to choose one as your default browser. Anytime you follow a link in an email message or document, or you double-click a shortcut to a web page on your desktop, the page will open using your default browser. You can manually open the page in another browser.

Most vendors give you the option to download their browsers directly from their web sites. Make sure to verify the authenticity of the site before downloading any files. To further minimize risk, follow other good security practices, like using a firewall and keeping anti-virus software up to date.

Shopping Safely Online

Why do online shoppers have to take special precautions?

The Internet offers a convenience that is not available from any other shopping outlet. From the comfort of your home, you can search for items from countless vendors, compare prices with a few simple mouse clicks, and make purchases without waiting in line. However, the Internet is also convenient for attackers, giving them multiple ways to access the personal and financial information of unsuspecting shoppers. Attackers who are able to obtain this information may use it for their own financial gain, either by making purchases themselves or by selling the information to someone else.

How do attackers target online shoppers?

There are three common ways that attackers can take advantage of online shoppers:

* Targeting vulnerable computers - If you do not take steps to protect your computer from viruses or other malicious code, an attacker may be able to gain access to your computer and all of the information on it. It is also important for vendors to protect their computers to prevent attackers from accessing customer databases.

* Creating fraudulent sites and email messages - Unlike traditional shopping, where you know that a store is actually the store it claims to be, attackers can create malicious web sites that mimic legitimate ones or create email messages that appear to have been sent from a legitimate source. Charities may also be misrepresented in this way, especially after natural disasters or during holiday seasons. Attackers create these malicious sites and email messages to try to convince you to supply personal and financial information.

* Intercepting insecure transactions - If a vendor does not use encryption, an attacker may be able to intercept your information as it is being transmitted.

How can you protect yourself?

* Use and maintain anti-virus software, a firewall, and anti-spyware software - Protect yourself against viruses and Trojan horses that may steal or modify the data on your own computer and leave you vulnerable by using anti-virus software and a firewall. Make sure to keep your virus definitions up to date. Spyware or adware hidden in software programs may also give attackers access to your data, so use a legitimate anti-spyware program to scan your computer and remove any of these files.

* Keep software, particularly your web browser, up to date - Install software patches so that attackers cannot take advantage of known problems or vulnerabilities. Many operating systems offer automatic updates. If this option is available, you should enable it.

* Evaluate your software's settings - The default settings of most software enable all available functionality. However, attackers may be able to take advantage of this functionality to access your computer. It is especially important to check the settings for software that connects to the Internet (browsers, email clients, etc.). Apply the highest level of security available that still gives you the functionality you need.

* Do business with reputable vendors - Before providing any personal or financial information, make sure that you are interacting with a reputable, established vendor. Some attackers may try to trick you by creating malicious web sites that appear to be legitimate, so you should verify the legitimacy before supplying any information. Locate and note phone numbers and physical addresses of vendors in case there is a problem with your transaction or your bill.

* Take advantage of security features - Passwords and other security features add layers of protection if used appropriately.

* Be wary of emails requesting information - Attackers may attempt to gather information by sending emails requesting that you confirm purchase or account information. Legitimate businesses will not solicit this type of information through email.

* Check privacy policies - Before providing personal or financial information, check the web site's privacy policy. Make sure you understand how your information will be stored and used.

* Make sure your information is being encrypted - Many sites use SSL, or secure sockets layer, to encrypt information. Indications that your information will be encrypted include a URL that begins with "https:" instead of "http:" and a lock icon in the bottom right corner of the window.

* Use a credit card - Unlike debit cards, credit cards may have a limit on the monetary amount you will be responsible for paying if your information is stolen and used by someone else. You can further minimize damage by using a single credit card with a low credit line for all of your online purchases.

* Check your statements - Keep a record of your purchases and copies of confirmation pages, and compare them to your bank statements. If there is a discrepancy, report it immediately.

Understanding Voice over Internet Protocol (VoIP)

What is voice over internet protocol (VoIP)?
Voice over internet protocol (VoIP), also known as IP telephony, allows you to use your internet connection to make telephone calls. Instead of relying on an analog line like traditional telephones, VoIP uses digital technology and requires a high-speed broadband connection such as DSL or cable. There are a variety of providers who offer VoIP, and they offer different services. The most common application of VoIP for personal or home use is internet-based phone services that rely on a telephone switch. With this application, you will still have a phone number, will still dial phone numbers, and will likely have an adapter that allows you to use a regular telephone. The person you are calling will not likely notice a difference from a traditional phone call. Some service providers also offer the ability to use your VoIP adapter any place you have a high-speed internet connection, allowing you to take it with you when you travel.

What are the security implications of VoIP?
Because VoIP relies on your internet connection, it may be vulnerable to any threats and problems that face your computer. The technology is still new, so there is some controversy about the potential for attack, but VoIP could make your telephone vulnerable to viruses and other malicious code. Attackers may be able to perform activities such as intercepting your communications, eavesdropping, conducting effective phishing attacks by manipulating your caller ID, and causing your service to crash. Activities that consume a large amount of network resources, like large file downloads, online gaming, and streaming multimedia, will also affect your VoIP service.
There are also inherent problems to routing your telephone over your broadband connection. Unlike traditional telephone lines, which operate despite an electrical outage, if you lose power, your VoIP may be unavailable. There are also concerns that home security systems or emergency numbers such as 911 may not work properly.

How can you protect yourself?
Keep software up to date - If the vendor releases patches for the software operating your device, install them as soon as possible. These patches may be called firmware updates. Installing them will prevent attackers from being able to take advantage of known problems or vulnerabilities.
Use and maintain anti-virus software - Anti-virus software recognizes and protects your computer against most known viruses. However, attackers are continually writing new viruses, so it is important to keep your anti-virus software current.
Take advantage of security options - Some service providers may offer encryption as one of their services. If you are concerned about privacy and confidentiality, you may want to consider this and other available options.
Install or enable a firewall - Firewalls may be able to prevent some types of infection by blocking malicious traffic before it can enter your computer. Some operating systems actually include a firewall, but you need to make sure it is enabled.
Evaluate your security settings - Both your computer and your VoIP equipment/software offer a variety of features that you can tailor to meet your needs and requirements. However, enabling certain features may leave you more vulnerable to being attacked, so disable any unnecessary features. Examine your settings, particularly the security settings, and select options that meet your needs without putting you at increased risk.

Using Instant Messaging and Chat Rooms Safely

What are the differences between some of the tools used for real-time communication?
Instant messaging (IM) - Commonly used for recreation, instant messaging is also becoming more widely used within corporations for communication between employees. IM, regardless of the specific software you choose, provides an interface for individuals to communicate one-on-one.

Chat rooms - Whether public or private, chat rooms are forums for particular groups of people to interact. Many chat rooms are based upon a shared characteristic; for example, there are chat rooms for people of particular age groups or interests. Although most IM clients support "chats" among multiple users, IM is traditionally one-to-one while chats are traditionally many-to-many.

Bots - A "chat robot," or "bot," is software that can interact with users through chat mechanisms, whether in IM or chat rooms. In some cases, users may be able to obtain current weather reports, stock status, or movie listings. In these instances, users are often aware that they are not interacting with an actual human. However, some users may be fooled by more sophisticated bots into thinking the responses they are receiving are from another person.
There are many software packages that incorporate one or more of these capabilities. A number of different technologies might be supported, including IM, Internet Relay Chat (IRC), or Jabber.
What are the dangers?
Identities can be elusive or ambiguous - Not only is it sometimes difficult to identify whether the "person" you are talking to is human, but human nature and behavior isn't predictable. People may lie about their identity, accounts may be compromised, users may forget to log out, or an account may be shared by multiple people. All of these things make it difficult to know who you're really talking to during a conversation.

Users are especially susceptible to certain types of attack - Trying to convince someone to run a program or click on a link is a common attack method, but it can be especially effective through IM and chat rooms. In a setting where a user feels comfortable with the "person" he or she is talking to, a malicious piece of software or an attacker has a better chance of convincing someone to fall into the trap (see Avoiding Social Engineering and Phishing Attacks for more information).

You don't know who else might be seeing the conversation - Online interactions are easily saved, and if you're using a free commercial service the exchanges may be archived on a server. You have no control over what happens to those logs. You also don't know if there's someone looking over the shoulder of the person you're talking to, or if an attacker might be "sniffing" your conversation.

The software you're using may contain vulnerabilities - Like any other software, chat software may have vulnerabilities that attackers can exploit.

Default security settings may be inappropriate - The default security settings in chat software tend to be relatively permissive to make it more open and "usable," and this can make you more susceptible to attacks.
How can you use these tools safely?
Evaluate your security settings - Check the default settings in your software and adjust them if they are too permissive. Make sure to disable automatic downloads. Some chat software offers the ability to limit interactions to only certain users, and you may want to take advantage of these restrictions.

Be conscious of what information you reveal - Be wary of revealing personal information unless you know who you are really talking to. You should also be careful about discussing anything you or your employer might consider sensitive business information over public IM or chat services (even if you are talking to someone you know in a one-to-one conversation).

Try to verify the identity of the person you are talking to, if it matters - In some forums and situations, the identity of the "person" you are talking to may not matter. However, if you need to have a degree of trust in that person, either because you are sharing certain types of information or being asked to take some action like following a link or running a program, make sure the "person" you are talking to is actually that person.

Don't believe everything you read - The information or advice you receive in a chat room or by IM may be false or, worse, malicious. Try to verify the information or instructions from outside sources before taking any action.

Keep software up to date - This includes the chat software, your browser, your operating system, your mail client, and, especially, your anti-virus software (see Understanding Patches and Understanding Anti-Virus Software for more information).

Wireless Network

How do wireless networks work?

As the name suggests, wireless networks, sometimes called WiFi, allow you to connect to the internet without relying on wires. If your home, office, airport, or even local coffee shop has a wireless connection, you can access the network from anywhere that is within that wireless area.

Wireless networks rely on radio waves rather than wires to connect computers to the internet. A transmitter, known as a wireless access point or gateway, is wired into an internet connection. This provides a "hotspot" that transmits the connectivity over radio waves. Hotspots have identifying information, including an item called an SSID (service set identifier), that allow computers to locate them. Computers that have a wireless card and have permission to access the wireless frequency can take advantage of the network connection. Some computers may automatically identify open wireless networks in a given area, while others may require that you locate and manually enter information such as the SSID.

What security threats are associated with wireless networks?

Because wireless networks do not require a wire between a computer and the internet connection, it is possible for attackers who are within range to hijack or intercept an unprotected connection. A practice known as wardriving involves individuals equipped with a computer, a wireless card, and a GPS device driving through areas in search of wireless networks and identifying the specific coordinates of a network location. This information is then usually posted online. Some individuals who participate in or take advantage of wardriving have malicious intent and could use this information to hijack your home wireless network or intercept the connection between your computer and a particular hotspot.

What can you do to minimize the risks to your wireless network?

• Change default passwords - Most network devices, including wireless access points, are pre-configured with default administrator passwords to simplify setup. These default passwords are easily found online, so they don't provide any protection. Changing default passwords makes it harder for attackers to take control of the device.
  
• Restrict access - Only allow authorized users to access your network. Each piece of hardware connected to a network has a MAC (media access control) address. You can restrict or allow access to your network by filtering MAC addresses. Consult your user documentation to get specific information about enabling these features. There are also several technologies available that require wireless users to authenticate before accessing the network.
  
• Encrypt the data on your network - WEP (Wired Equivalent Privacy) and WPA (Wi-Fi Protected Access) both encrypt information on wireless devices. However, WEP has a number of security issues that make it less effective than WPA, so you should specifically look for gear that supports encryption via WPA. Encrypting the data would prevent anyone who might be able to access your network from viewing your data.
  
• Protect your SSID - To avoid outsiders easily accessing your network, avoid publicizing your SSID. Consult your user documentation to see if you can change the default SSID to make it more difficult to guess.
  
• Install a firewall - While it is a good security practice to install a firewall on your network, you should also install a firewall directly on your wireless devices (a host-based firewall). Attackers who can directly tap into your wireless network may be able to circumvent your network firewall—a host-based firewall will add a layer of protection to the data on your computer.
  
• Maintain anti-virus software - You can reduce the damage attackers may be able to inflict on your network and wireless computer by installing anti-virus software and keeping your virus definitions up to date. Many of these programs also have additional features that may protect against or detect spyware and Trojan horses.