Month: September 2009

New York Times Serves Up Malware

Some folks who visited the NYT’s web site over the weekend were greeted with a warning that their system was infected with all sorts of crap. Their ad system had been hijacked by folks posing as a legitimate client (in this case, Vonage) so that the false ads were served up, trying to get people to buy their worthless software.

This isn’t the first time this has happened, sadly. According to the story, FoxNews was hit in the past as well. While I know media companies are desperate for ad revenue, they need to be more diligant about screening this type of thing.

Personally, I wouldn’t lose a night’s sleep if the creators of these scam anti-malware products were to disappear off the face of the earth. In some sort of gruesome way would be fine, too.

Reading some comments on other sites about this, folks are debating various anti-virus products. Avast vs. NOD vs. Avira vs. whatever is a moot point if you don’t keep it regularly updated. I’ve had good luck with Avira, but I know people who swear by NOD and Avast. AVG is fine, but its spyware catching capabilities are pretty minimal in my experience. But for cripe’s sake, update it. So many new computers come with a 90-day trial of some sort of anti-virus product that will stop updating after 90 days (I’m looking at you, Norton). People have been just starting becoming accustomed to clicking “Ignore” on the sales pitch warnings that pop up, so they will have a two-year old computer with an anti-virus program that hasn’t been updated in a long time. Even if it isn’t that great of a program, it’s worthless if it’s out of date.

I’ve also heard folks saying “If Windows were up-to-date and patched, this kind of thing wouldn’t happen.” Sorry, that’s not always the case, either. Hidden PDF files exploiting weaknesses in Acrobat Reader have caused more trouble in the computers I remove malware from than Windows being out of date. (Generally the site’s that have these kinds of embedded PDFs are sites people really shouldn’t be on, but that’s another rant for another time.)

And lastly, you need additional protection on-top of your anti-virus program, as they won’t catch everything. I’ve had really good luck with Malwarebytes’ Anti-Malware and SuperAntispyware. Both have free versions, but each offers a for-pay version that offers real-time protection that is probably superior to whatever protection your anti-virus program offers. I keep copies of both on a USB key. And while some of these really nasty nasties (like one I ran into last week) will detect if you’re trying to run one of those programs and block it, a simple renaming of the executable will usually do the trick.

September 15, 2009

Time Killer For The Evening

Frantic 2 has some obnoxious music, but it’s still a fun, frantic, game.

September 14, 2009

For The Paranoid Moms Out There

Worried your newborn baby will be the victim of a drive-by shooting or subject to a chemical attack? Worry no more with Bullet Proof Baby.

September 14, 2009

“Missing” Wired Magazine Author Found

In the last Wired Magazine, Evan Ratliff wrote a great article about disappearing in the digital age. Part of the article was a contest: Ratliff would attempt to disappear for a month — you find him, you get $5000. His credit card transactions and IP addresses and other such stuff would be posted to a blog, where you could then analyze them and try to track the guy down (with $3000 going to Evan if he wasn’t found).

Just a few days before the 30 days were up, Ratliff was caught. Some folks at Newscloud managed to track down what city he was heading to, and notified some folks at New Orleans that he was going to be in town who subsequently, with a little competition with some other folks in town, managed to track the guy down, take his picture, give the codeword, and win the contest.

The whole blog and all its past entries are an entertaining read, especially the big clue that everybody missed that gave his itinerary pretty clearly.

September 14, 2009

Mapping The Seven Deadly Sins

It appears that folks the Dakotas, Iowa, and Nebraska are saints, with the sinners living in Florida, Louisiana, Mississippi, the Carolinas, Georgia, and that area of the U.S. in general (though lets not forget about California, which has its fair share of evildoers) . Full story.

September 14, 2009

802.11n Finally Ratified

It only took them six years to ratify the new wireless standard </sarcasm> so we now have four wireless standards. This will undoubtedly cause more confusion among the consumer as to what the heck the difference is between 802.11a, 802.11b, 802.11g and 802.11n are, along with speed and compatibility differences/issues between them all.

All I know is that since I use the WiFi at my house primarily for ‘net access, 802.11g is plenty fast for my needs. For any file serving/moving in my house, it’s all over wired ethernet anyway (which is faster than 802.11n — or at least lower latency and overhead on a 100mbs connection). While my laptop has a 802.11n card in it (a draft-spec), I probably won’t be moving to a 802.11n router until there are a lot more on the DD-WRT supported list.

Just the same, here’s a good guide on buying a new router and some brief differences between the specs.

September 14, 2009

Best Antivirus Product Commercial Ever

Dokken vs. Chicken:

September 13, 2009

Death To Acrobat Reader

Acrobat Reader is a constant sore spot for me. Thanks to the various security holes it has in older versions, I’ve had to clean up many a system that have been infected by hidden embedded PDFs that take advantage of those security problems. When I’m cleaning up a system, one of the most common things I’ll do it just flat-out turn off JavaScript in Acrobat or install another PDF reader. Just to be safe, I’ll still turn off JavaScript in FoxIt. Has anybody seen useful JavaScript in PDF files? I haven’t.

Ideally, PDF would be a browser-native format that wouldn’t require plugins or external programs to view them. But there are at least a few other ways to do things: Thanks to Waxy, I now know how I’m going to embed PDFs into pages: Use an undocumnted featured in Google Docs to stick it right on the page. That way hopefully nobody will have Acrobat Reader execute to view the file, which will cause much less trouble for everybody involved.

Apparently other services offer similar functionality, like PDFMeNot.

Sadly, though, if you try to print the embedded document, it still appears to open your default PDF reader, but it’s a step in the right direction.

September 13, 2009

Techcrunch Gets Punk’d By Facebook

So TechCrunch discovers a new “feature” on Facebook that nobody else has reported on. They go live with a story about Facebook’s new “Fax Your Photos” feature. The problem? The feature doesn’t actually exist unless you’re on TechCrunch’s network — TechCrunch got pranked pretty good.

September 13, 2009

Way To Screw Up Big Time, CNN

While I generally think CNN is a better cable news station than some (**cough**Fox News**cough**), it is ridiculous how bad they screwed up this morning.

CNN unnerved the nation Friday morning with live reports of Coast Guard teams firing on a suspect vessel on the Potomac River that would not stop when ordered. We know now it was just radio chatter, part of a “routine and low-level” Coast Guard exercise. And to top it all off, it came on the morning of the anniversary of the attacks of Sept. 11, 2001.

At one point, CNN reported on the air that a reporter had seen a boat challenge Coast Guard vessels and refuse to stop. We now know that did not happen.

Speaking of 9/11, have things changed for the better or worse eight years later? Discuss.

September 11, 2009