 | ||
 |
|
||||
| Feedback | Subscribe/Unsubscribe to this Newsletter | Back Issues of this Newsletter | 37211 PC Users Group Home Page
View this page in:
| Francais
| Deutsch
| Italiano
| Português
| Español
Just a few "Golden Nuggets" of info that I've mined from the internet
********************************************************
1) Free software and services
2) Articles
3) Reviews
4) Edtorial
5) The Ezboard Forum
6) Hardware
----------------------------------------------------------------
http://www.zipnall.com/
http://pcusers.org/pcfree.html
ZipNAll (as in Rock'N'Roll) is a compression management program. ZipNAll
supports all archive types(zip, lzh, arj, rar, ace, gz, arc, cab, tar, z,
uue, uu etc.), can extract from context menus, supports Drag'n'Drop, Self
Extracting archives (zip, lzh, arj) and has Korean and English menus.
http://www.reviewbooth.com/
http://pcusers.org/pctechy.html
ReviewBooth - The source for hardware reviews and software reviews.
ReviewBooth catalogs published hardware reviews and software reviews. The
hardware reviews section covers audio, desktop systems, product guides,
handhelds / PDAs, laptops / Notebooks, mainboards, modems, monitors,
peripherals, digital cameras, video cards, scanners, servers, storage
devices, and miscellaneous hardware. The software reviews section covers
data warehouse, database, enterprise management, graphics, networking,
office / productivity, programming, web development & management, Web
miscellaneous, and miscellaneous software.
http://www.lookoff.com/
http://pcusers.org/pcreference.html#search
Lookoff.com - an entire site devoted to helping you to navigate the Internet using advanced tools and techniques that experts use. Specific topics will be found more efficiently with specific search tools. The site overview has access to on-line books on the Internet, privacy, search engines, the most detailed search engine reviews on the web, a message board, search tips and news.
----------------------------------------------------------------
http://listserv.aol.com/cgi-bin/wa?A2=ind0011D&L=tourbus&P=R344&m=51
http://pcusers.org/pcreference.html#articles
The New Domains. On November 16th the Internet Corporation for Assigned Names and Numbers (ICANN) gave their official stamp of approval to seven new Internet domain suffixes. Read this TOURBUS article to see if this will make life better or worse for netizens.
http://pcmech.com/article.htm?more
http://pcusers.org/pcreference.html#resources
More Backup Options. How to completely backup and restore your Windows
configuration without reinstalling anything (almost).
http://www.winmag.com/specreps/business/101/2001/default.htm
The 101 Best Business Sites for 2001
http://www.winmag.com/fixes/2000/1211.htm
http://pcusers.org/pcreference.html#resources
When Registry Disaster Strikes
http://www.thetechzone.com/articles/how_to/case_mod/lazy_man/index.shtml
http://pcusers.org/pcreference.html#resources
The $5.13 Lazy Man's Case Modification.
----------------------------------------------------------------
GRC'S LEAKTEST REVIEW
By Roger Imai
The link below is to ZDNet news coverage of the release of Gibson Research Corporation's new tool LeakTest. This is my initial reaction, based on what I know so far. Steve Gibson reports that the freeware ZoneAlarm is effective against secret outbound information "leaks," while the commercial Norton Personal Firewall can be fooled by Trojan agents into granting permission for outbound transmissions, simply by renaming themselves as a trusted application. BlackIce Defender supposedly doesn't even have the capability to detect secret outbound transmissions.
http://www.zdnet.com/zdnn/stories/news/0,4586,2663028,00.html
I think it's pretty odd that nobody seems to be asking how much of a real threat this represents. Personally, I don't believe that this is at all that serious a threat, at least for informed users, and here's why:
ANTI-VIRUSES PREVENT TROJANS FROM RENAMING THEMSELVES
Gibson claims that any virus can fool Norton Personal Firewall by renaming itself and masquerading as a trusted application. I don't think this can happen. Real-time anti-virus utilities such as NAV Auto-Protect or McAfee VirusShield should block any RENAME attempt. Their default behavior is to "scan file for viruses on COPY, MOVE, or RENAME operations." Gibson's "test" in which the user renames the LeakTest executable is not at all a fair test, because LeakTest is neither a known, nor actual, Trojan. While it won't prevent a user from renaming the LeakTest executable, the anti-virus WILL scan it when it's renamed. If I tried to rename an actual high-risk file, such as the BackOrifice Trojan -- provided NAV even ALLOWS it to be written to disk in the first place -- the anti-virus would block the rename procedure, because it would recognize the high-risk code. Even then, THAT scenario can't occur. I know, because I tried to download the BackOrifice hacker tools once, and the anti-virus I was using at the time (McAfee VirusShield) scanned the Zip file contents, and blocked the SAVE operation, informing me that it intercepted dangerous code.
LEAKTEST IS AN AD-WARE EDUCATION TOOL, NOT A SECURITY TOOL
Another point the above ZDNet article failed to address was the fact that legitimate ad-supported software never attempts to rename the feedback module to assume a fictitious identity. A malicious application that tries to do this will be detected by the real-time anti-virus. This will stop it before LeakTest even has a chance to intercept its activity. LeakTest would be useful only if you choose to override the anti-virus and permit the rename operation.
Now, if I run LeakTest without renaming it, NPF prompts me to allow or block LeakTest's transmission attempt, just as it would any other unrecognized outbound transmission. On the other hand, if I saw that prompt for no apparent reason, or for an application I didn't recognize, I would suspect that it was a stealth Trojan working. That's exactly how NPF SHOULD work, and that's NOT a vulnerability, unless one habitually responds recklessly to warning prompts.
Anyone who is intelligently running real-time virus protection and a port monitor should not be exposed to the possibility of secret outbound transmissions that LeakTest supposedly guards against. It's important to remember that not all hidden feedback is SECRET either. Some can actually be good. Properly informed, we should be able to allow recognized software to send legitimate feedback. For instance, Ad-aware detected my Alexa search tool as spyware. I chose to ignore the alert, because I knew of Alexa's interest-tracking, and I WANTED it enabled, for the benefits it returned to me. Alexa had an intelligent feature that used my history of clicks to show me things I was interested in, by-passing things I wasn't interested in. (Alexa, btw, also has a very well-defined privacy policy which agrees with me.)
HOW USEFUL IS LEAKTEST?
LeakTest, which detects outbound feedback, could be considered yet a fourth level of security. But, at most, it would be useful ONLY if the user were negligent about maintaining the first three security levels. At the least, it could provide an interesting view of transmissions that are normally transparent (hidden.)
What are these three security layers? An informed user employs three basic layers of security: (1) a periodic, on-demand, FULL virus scan, along with a continuous background scan of active memory, and disk operations, and e-mail attachments, (2) a continuous port monitor (firewall,) and (3) an on-demand spyware detection and removal tool. These layers defend against the three main types of vulnerabilities, (a) malicious programs, (b) malicious people, and (3) privacy risks (secret spyware which gather data which COULD be used for illegal or coercive purposes.)
No matter how smart any security tool is, of course, a user can always turn it into a stupid one by choosing the wrong settings. A Trojan that attempts to rename itself would be detected and automatically quarantined or killed -- unless the user turns off background scanning.
An informed user always recognizes that HE is his own greatest security risk, because the most common forms of damage are caused by user-initiated actions.
For more information:
Gibson Research Corporation
OptOut! and LeakTest
http://grc.com/
Lavasoft
Ad-aware and Ad-search
http://www.lavasoft.de/
PRIVACY RISKS -- ARE THEY BEING HYPED TOO MUCH?
This is just my opinion: I think the recent claims by GRC about outbound transmissions are hype -- but I think it's good hype. Some people accuse Mr. Gibson of being an alarmist, but I think he's performing a public service, because his alarmism has the positive effect of stimulating discussion of privacy issues. Besides, good planners do not dismiss the worst-case scenarios. His alerts at least provide incentive to become more informed about how ad-sponsored host software and their feedback agents work.
LeakTest may not attack the biggest threats on the Internet, but it highlights some very interesting technology, which may expand public consciousness of potential privacy threats. And it probably will help ad-tracking services to develop better privacy policies, as well as better define ethical standards for the data-gathering industry.
----------------------------------------------------------------
WHAT IS SPYWARE, REALLY?
By Roger Imai
Most of us know by now what viruses and hackers are. But there's still a lot of paranoia and confusion about what really is spyware. Not all hidden transmissions are initiated by spyware, and they should be distinguished from CLANDESTINE transmissions. Real spyware should be defined by the intent. This is a gray area, where vendors may claim one standard, while behaving another way. But "intent" is a good place to start thinking about it.
Ad-aware by Lavasoft detects applications that install ANY kind of feedback agent, disclosed or not. It reports Alexa as spyware, although Alexa is openly offered with full disclosure. I don't consider Alexa's hidden feedback activities to be REAL spyware, because they are simply intended to be unobtrusive, NOT SECRET -- since detailed information about how it works is clearly available BEFORE you install Alexa. Other legitimate reporting occurs with Netscape Navigator's and IE's crash-reporting add-ins which enable sending a report to the development team when a user crashes his browser. These tools ask permission to send your crash report. Other applications offer automatic update checks over the Internet. Streaming media players such as Windows Media Player 7 and RealMedia RealPlayer 8 allow reporting performance data to aid site operators in tweaking their servers for best service -- and allow turning off the feature. I think there are a lot of "good spyware." And a lot of it is subjective. Some of the media player reporting may violate some people's sense of privacy, by reporting all the MP3s they have on their disk, for instance. (At least in Windows Media Player 7, though, I know that you can turn this behavior off.)
Ad-aware doesn't judge whether these reporting agents are good or bad. It leaves it up to you to decide for yourself whether you want to keep them or not. In my opinion, real spyware is a feedback agent that attempts to evade, not just detection, but disclosure. "Hidden" doesn't necessarily mean "secret." Whether something is spyware or not, in my opinion, depends on, not the software itself, but on how much information is disclosed or available about it before installation.
Until recently, you had to install some "free" software before discovering what kind of feedback mechanisms they used, by running Ad-aware or OptOut! to find them. But now, when ad-sponsored software don't provide enough pre-installation information about their activity, there is now an Ad-aware companion tool called Ad-search, which allows you to find out beforehand whether or not an Internet application carries spyware, and which data-collection network it belongs to, so you can make an intelligent decision. Both Ad-aware and Ad-search are endorsed by Steve Gibson of Gibson Reseach.
----------------------------------------------------------------
http://pub7.ezboard.com/f37211pcusersgroupproblemsandsolutions
Al and Louise have a problem on setting up and using multiple address books
in Outlook . Stop by at the Problems and Solutions Forum and tell us your
solutions.
----------------------------------------------------------------
http://www.techextreme.com/display.asp?ID=270&Page=1
Pentium IV Bible
http://www.thetechzone.com/reviews/roundup/heatsink/index.shtml
The Holiday Heatsink Roundup
********************************************************
This newsletter is sponsored by the 37211 PC Users Group. All comments,
suggestions or submissions should be sent to david.donoho@pcusers.org.
Guidelines for submission of articles are at http://pcusers.org/articlesubmit.html .
The Dave's Diggins newsletter subscription list is not publicly accessible nor is it provided or sold to anyone for any other purpose.
Disclaimer: The tips and other information provided in the Dave's Diggins' newsletter are believed to be accurate, but we cannot and do not guarantee that all the information listed within or linked from, this publication will work on all systems, for all users, at all times. All information herein is offered as-is and without warranty of any kind. Neither the 37211 PC Users Group, nor its officers and contributors are responsible for any loss, injury, or damage, direct or consequential, resulting from application of any information presented here.
| ||
|
|
||||