Rob's PC Solutions

Chrome takes No. 2 browser spot from Firefox

rpcsadmin — Fri, 02 Dec 2011 23:57:00 +0000

Chrome takes No. 2 browser spot from Firefox

Microsoft's Internet Explorer holding onto market-leading share of desktop browser market

By Ann Bednarz, Network World
December 01, 2011 11:59 AM ET

Google's Chrome has narrowly overtaken Mozilla's Firefox as the second most popular desktop browser behind Microsoft's Internet Explorer, which is holding onto its market-leading share of the market, according to one Web analytics firm.

StatCounter's monthly statistics for November show IE in the lead with 40.63% of the global market, followed by Chrome with 25.69%, Firefox with 25.23%, Safari with 5.92% and Opera with 1.82%.

BROWSER WARS: IE vs. Firefox vs. Chrome vs. Safari vs. Opera

"We can look forward to a fascinating battle between Microsoft and Google as the pace of growth of Chrome suggests that it will become a real rival to Internet Explorer globally," said Aodhan Cullen, CEO of StatCounter, in a statement. "Our stats measure actual browser usage, not downloads, so while Chrome has been highly effective in ensuring downloads our stats show that people are actually using it to access the web also."

While Chrome for the first time surpassed Firefox on a global basis, that's not the case in the U.S., where IE maintains a larger share of the market (50.66%), and Firefox (20.09%) retains a lead over Chrome (17.3%), StatCounter reports. (See also: "Firefox 8 adds Twitter search, tightens add-on controls")

Two years ago, in November 2009, Chrome accounted for just 4.66% of worldwide browser usage. Chrome exceeded 20% of the global Internet browser market in June of this year for the first time, according to StatCounter. On a country basis, it surpassed Firefox and became the No. 2 browser in Ireland in May and in the U.K. in July. Chrome's steady increase since its introduction in 2008 has come at the expense of IE, primarily, and Firefox to a lesser degree.

Hackers launch millions of Java exploits, says Microsoft

rpcsadmin — Fri, 02 Dec 2011 23:55:18 +0000

By Gregg Keizer, Computerworld
November 29, 2011 03:05 PM ET

Hackers launch millions of Java exploits, says Microsoft

Cryin' shame: 60% of Windows PCs lack 18-month-old Java update, adds expert

Hackers continue to launch attacks exploiting vulnerabilities in Oracle's Java software in record numbers, Microsoft said Monday.

Citing research from a recent report, Tim Rains, a director in the company's Trustworthy Computing group, said that up to half of all attacks detected and blocked by Microsoft's security software over a 12-month period were Java exploits.

Altogether, Microsoft stopped more than 27 million Java exploits from mid-2010 through mid-2011.

Computer infected? Blame yourself, Microsoft report concludes

Most of those exploits targeted long-ago-patched vulnerabilities, said Rains.

The most commonly-blocked Java attacks — to the tune of over 2.5 million of them — in the first half of 2011 exploited a bug disclosed in March 2010 and patched by Oracle the same month. Second on the popularity chart for the full 12-month stretch was an exploit of a bug patched in early December 2008, nearly three years ago.

Other bugs that made the actively-exploited list were quashed in November 2009 and March 2010.

Rain's comments followed a similar message from Microsoft in October 2010, when the company said an "unprecedented wave" of attacks were exploiting Java flaws.

Microsoft's findings were no surprise to outside security researchers.

"Most [Windows] machines are just not up-to-date with Java," said Wolfgang Kandek, chief technology officer at Qualys, a California developer of security risk and compliance management software and services.

Qualys regularly mines data from the customers' machines it protects to get a feel for updating practices. And for Java, those practices are pathetic.

"Java updates lag behind seriously," said Kandek, like Rains reiterating a 2010 take . "Eighty-four percent of the machines we see don't have the June 2011 Java update installed, 81% don't have the February 2011 update and 60% don't have the March 2010 update."

Qualys doesn't have enough scanning data yet to measure the patch rate for the October 2011 update , Oracle's latest, but Kandek estimated that as many as 90% of Windows PCs hadn't deployed those fixes.

Enterprises typically patch vulnerabilities in Microsoft's Windows much faster, Kandek continued, citing a "half-life" — meaning that half of all machines are patched — of 29 days for run-of-the-mill Windows bugs. Critical patches are deployed even quicker: Their half-life is about 15 days.

The pervasiveness of Java is one explanation for the high volume of attacks exploiting its bugs, said Andrew Storms, director of security operations for nCircle Security, in an interview conducted via instant message.

But its virtual invisibility to users is another.

"Java is not something [most users] interact with … similar to how Adobe Flash or Reader became the big, but silent, target," said Storms. "It's on everyone's computer, but rarely do you interact with it. [So] from the attackers' perspective, using Java as the silent killer is a smart move. If people don't know what it is or know what it does, they are less likely to update it. As such, you have to imagine there are tons and tons of old vulnerable installs out there."

Some of Qualys' enterprise customers are among those running out-of-date editions, said Kandek. "One issue is internal applications that require older versions of Java," he said.

Qualys' recommendation to companies in that boat: Block Java's use outside the network perimeter.

Criminal developers who craft exploit kits are constantly adding new Java exploits to their wares, Kandek continued, to supplement the older-but-still-effective exploits of older bugs. Those kits already have been equipped with exploits of the bugs Oracle patched in October.

Qualys provides its clients with an exploit mapper that shows which vulnerabilities are being leveraged in such kits. "If they cannot patch every vulnerability, this gives them a list of those that we know are being used in the wild right now," Kandek said.

Others have taken a much more aggressive line on Java.

Noted security blogger Brian Krebs , a former Washington Post reporter, has repeatedly urged consumers to uninstall Java from their Windows machines.

On Monday, echoing Kandek's claim that exploit kits are now armed with attack code that targets Java vulnerabilities Oracle patched in October, Krebs again advised users to scrub the Java plug-in from their browsers.

Microsoft's Rains didn't go that far, instead telling users that they should update Java, and keep it up to date.

"There is just too little focus, even now, on Java and its updates," said Kandek. "It's being exploited … right now."

Incoming search terms:

java exploit 2012
java vulnerability 2012
java exploits 2012
java vulnerabilities 2012
exploit java 2012
java exploit virus 2012
java exploits
2012 java exploits
virus java exploit 2012
java exploits March 2012

The P4ssw0rd Myth?

rpcsadmin — Fri, 02 Dec 2011 23:52:37 +0000

by AVG Blogs

The P4ssw0rd Myth?

It’s nothing new that there are bad people out there on the internet who, if they should get the chance, would steal your personal details and your banking ones too.

The news is full of hacking these days, with companies, multinational organisations, governments and individuals on the receiving end of some pretty serious privacy breaches.

Obviously, most of us don’t have a say in government or company security policy so it’s up to us to keep our own digital lives safe and while this can involve a number of steps including both software and hardware, it often comes down to passwords.

Your password is your basic online defence, the key to much of your information. We at AVG and other security experts recommend you to use a different password for each site (or at least a few variations) limiting any damage were your password to be compromised. However, we understand that most people aren’t overly worried by hacking and multiple passwords can be difficult to remember.

Interestingly, randomly generated passwords have become all the rage over the last few years and we at AVG have recommended passwords with a mix of characters and symbols. Sometimes these come in the form of passwords that are generated completely at random such as PhuR7Tr$.

Of course, the difficulty comes in remembering these random passwords, and that’s not even taking into account if you were a good citizen and have a dozen or so of them for the various websites you use.

Maybe there is another way, below is an episode of the famous webcomic xkcd which touches on this very subject.

This comic is saying that the password in the top frames “Tr0ub4dor&3″ is easier for password cracking software to guess than “correcthorsebatterystaple”. And it is absolutely true that people make passwords hard to remember because that means that they are “safer”.

The important thing to take away from this comic is that longer passwords are better because each additional character adds much more time to the breaking of the password.

Steve Gibson from the Security Now podcast did a lot of work in this arena and found that this password “D0g…………………” is harder to break than this password “PrXyc.N(n4k77#L!eVdAfp9″. Steve Gibson makes this very clear in his password haystack reference guide and tester:

“Once an exhaustive password search begins, the most important factor is password length!”

That’s what xkcd is trying to get through here. Complexity does not matter unless you have length in passwords. Complexity is more difficult for humans to remember. Length is not.

Incoming search terms:

password complexity myth
steve gibson data recovery myth

AVG Anti Virus

rpcsadmin — Fri, 29 Jul 2011 23:01:06 +0000

AVG Anti Virus

Should I Change My Password

rpcsadmin — Thu, 14 Jul 2011 22:50:32 +0000

Should I change my password?

It seems that the first half of 2011 has been jam packed with report after report of this or that major online service falling prey to damaging security breaches, e.g. Sony, Epsilon, Sega, Nintendo, Fox, Washington Post, Gannett, Distribute.IT, Groupon etc. Groups like LulzSec and Anonymous have been triumphantly publicising their successful penetrations. Of course we hope that the information gathered by those claiming to be ‘white hat’ hackers will never fall into the hands of the bad guys. But can we be sure?

Then there are the succesful penetrations that are made by cyber criminals. Of course these often go unreported by the online services hacked.

So just how can we know if the bad guys have our details? Well of course, a definitive answer is elusive. You’ll probably really only know for sure should the services that are hacked fess up and tell you, or you become the victim of identity theft.

Well as a public service a Sydney, Australia based information security technology professional, Daniel Grzelak, has put together a web site “Should I Change My Password?” –https://shouldichangemypassword.com/, where you can check if you have compromised online accounts by checking your e-mail address.

Daniel has gathered together a number of databases that have been released by hackers into the public domain. He’s then securely stored a hash of the e-mail address, the date of last compromise, and the number of times compromised in an online database that you can easily search. As of 25th June 2011 there were just over 1 million records in the database.

You can now just visit the web site and type in your e-mail address. Daniel promises that he will not capture or store your e-mail address. If there is a match, you will be told how many times and get tips for creating strong passwords and using them safely.

Please remember, just because Daniel’s web site gives you the green light, it’s only saying your account usernames and passwords may be safe. We’d still recommend that you work your way through the various online services you use and make sure you are using different passwords on different services. And of course weak passwords like ’123456′ and ‘password’ simply won’t do. You need to ensure all of your passwords are strong ones.

Steps To Strong Password Perfection:

Don’t:

Use cardinal numbers in order, i.e. ’123456′ is not clever.
Base a password on personal data, e.g. dog’s name, car registration, your name. Never use your mother’s maiden name or any password that your bank might use.
Choose a word found in a dictionary in any language – password dictionaries make these particularly easy to crack in a ‘dictionary attack’.
Use simple transformation or substitution, e.g. Pa$$w0rd.
Use fewer than 8 characters and solely alpha- or numeric characters.
Tick the ‘remember this password’ box.

Do:

Use a mixture of four keyboard character types – lower case letters, upper case letters, numbers and other special characters such as #, $, -, +, @, ! etc. Unfortunately, some older systems restrict the special characters your can use.
Use long paswords of 8 characters or more – the longer the password, the harder it is for hackers to use brute force attacks. However, some older systems don’t allow this and have limits of 8 or 14 characters.
Use different passwords of different accounts and change them at least twice per year.
Always change default passwords from ‘password’ or ‘admin’.
Think illogically; computers rely on logic to operate.
Be obtuse, think outside the box, invent new words!

The Australian government’s “Stay Smart Online” tips recommend your passwords have a minimum of 8 characters. However, security researchers last year reported that using easily available fast processing power, they were able to crack a 12 character password in just 5 seconds. So my critical strong passwords are more than 20 characters long – and I’m not saying how much more than 20 characters long.

Lloyd Borrett, AVG Security Evangelist

Source: http://twitter.blog.avg.com/2011/07/should-i-change-my-password.html

Apple to support reps: “Do not attempt to remove malware”

rpcsadmin — Fri, 20 May 2011 22:53:04 +0000

Apple to support reps: "Do not attempt to remove malware"

By Ed Bott | May 19, 2011, 5:00am PDT

Apple is actively conducting an internal investigation into the Mac Defender malware attack I wrote about yesterday (here and here). An internal document with a Last Modified date of Monday, May 16, 2011 notes that this is an “Issue/Investigation In Progress.”

The document (shown below) provides specific instructions for support personnel to follow when dealing with a customer who has called AppleCare to request help with this specific attack.

There are two different resolution paths, depending on whether the customer says Mac Defender / Mac Security has or has not been installed.

According to this document, if the caller says he or she has not installed the software, the support rep should “suggest they quit the installer and delete the software immediately.” That is followed by this disclaimer:

AppleCare does not provide support for removal of the malware. You should not confirm or deny whether the customer’s Mac is infected or not.

If the software is already installed, support personnel are instructed to make sure all security updates have been installed using Software Update. They are then to direct the customer to the “What is Malware?” Help document using Finder. The final step is clear:

Explain that Apple does not make recommendations for specific software to assist in removing malware. The customer can be directed to the Apple Online Store and the Mac App Store for antivirus software options.

Finally, that is followed by these four bullet points.

Important:

Do not confirm or deny that any such software has been installed.

Do not attempt to remove or uninstall any malware software.

Do not send any escalations or contact Tier 2 for support about removing the software, or provide impact data.

Do not refer customers to the Apple Retail Store. The ARS does not provide any additional support for malware.

Apple has not responded to a request for comment on the ongoing Mac Defender attack or this policy.

http://www.zdnet.com/blog/bott/apple-to-support-reps-do-not-attempt-to-remove-malware/3362?tag=nl.e539

Modern Mac owners need to ignore the dinosaurs and get protection

rpcsadmin — Fri, 20 May 2011 22:51:55 +0000

Modern Mac owners need to ignore the dinosaurs and get protection

By Adrian Kingsley-Hughes | May 19, 2011, 6:12am PDT

I can’t believe that we’re still having a discussion over whether or not the bad guys have begun targeting Mac users. I really can’t. I’m truly staggered by the fact that people who have been around computers for decades and who are supposedly keeping their finger on the tech pulse are still clinging on for dear life to the notion that Mac is somehow immune of invulnerable to modern malware.

John Gruber, the guy behind the Mac site Daring Fireball says that those who dare to suggest that there’s a problem are crying wolf. To back up his ‘claim’ (and I can’t put enough quotes around that word so I won’t bother trying) he pulls quotes from the internet going all the way back to 2005. His point seems to be that because someone made a prediction in 2005 that a wave of Mac malware was coming, and it didn’t materialize, then it can’t possibly happen in 2011 either because of some ancient lore that says that things never change and the past always equals the future.

It’s a shame the world isn’t that simple.

I’ve one word to describe these people who choose to ignore the real problems facing the modern Mac user and instead choose to live in the past – Dinosaurs.

The Mac dinosaur, it its natural habitat!

Look around you, do you see any dinosaurs? No. Here’s why …

I bet the dinosaurs didn’t see that coming either!

Times have changed. The old-guard, fervor-filled dinosaurs of the past who for some reason (ego, self esteem, ignorance …) want to frantically and fanatically cheer lead have been replaced by the modern Mac user who sees the Mac as a tool rather than an idol. What is a modern Mac user? Well, for starters I see them as someone who started using a Mac since its transition from the PowerPC architecture to Intel architecture, a move which began in mid-2006. Much of the zealotry and nonsense spouted today dates back to the PowerPC years when owning a Mac was seen by many as a deviant pastime. Times have changed.

The modern Mac user also uses their machine in a very different way to the dinosaurs of old. People nowadays surf a lot more, social media has in many ways replaced email as the preferred method of communication. Multimedia on the web has exploded. More people doing more things in ways that we couldn’t really have dreamed possible a decade ago.

The modern Mac user is also very likely to be someone who, prior to owning a Mac, owned a PC (this is based on data from Apple which says that around 50% of those buying a new Mac are first-time buyer). This is important to bear in mind since these users are likely to have bought their bad Windows habits (bad habits that perhaps caused them to switch to Mac in the first place?) with them to the new platform.

The threats posed by the bad guys are also different. Very different. Rather than rely on viruses which spread by using system vulnerabilities, the bad guys have turned to the Trojan. This is malware disguised as something desirable – a game, a software utility, a porn video – and it relies on the user choosing to install it onto their system. It’s hard to protect against this kind of stuff because the user chooses to override the operating system’s desire to be cautious when it comes to installing stuff. Getting people to install their own malware has been a popular trick used against Windows users for some time now, and there’s no reason to think that the same trick wouldn’t work against the modern Mac users, especially given how many of them were Windows users not long ago.

The piece of malware that’s currently making the rounds is called Mac Defender (there are other variants called Mac Protector and Mac Security). It’s not particularly sophisticated. Infections goes something like this:

A user does a Google image search.
Among the listings are poisoned listings.
Clicking on these listings will take the Mac user to a web page that looks a lot like the Mac OS X Finder (the website uses browser and OS detect scripts to deliver different views and malware for different operating systems).
The fake Finder displays a ‘Scanning for viruses’ message followed by the inevitable ‘Your computer is at risk!’ message and offers a ‘Fix your problem’ link.
Link goes to the page where the user can download the Trojan.
Users install the Trojan
Trojan nags users for money to remove malware.

This scheme will be familiar to most Windows users. While the trick might not be older than dirt, it sure has been around for a while. And against novices who are scared of malware, it’s a pretty efficient way to get them to install the very malware they’re afraid of onto their systems.

How big a problem is Mac Defender? It’s hard to get a accurate picture. Personally, I’ve head from nearly a dozen people affected by it and a few dozen more who have been redirected to the fake Finder screen. My colleague Ed Bott has uncovered 42 separate discussion threads on Apple’s support forum and a confidential internal Apple document has seen some 20,000 page views since it was created (I’m assuming Apple support folks were accessing the document because of calls received and not for fun).

Fortunately, it’s pretty easy to remove … here’s a simple guide for removing Mac Defender. Unfortunately, Mac malware is likely to become more sophisticated and harder to remove.

Regular readers of this blog will know that I don’t feel the need to be a fanboy or cheerleader for one multibillion dollar corporation over another, and that instead I offer up what is my honest opinion as to what’s best for the user (usually the advice I give mirrors closely what I do myself). My advice for the modern Mac owner is simple – Ignore the dinosaurs and protect yourself for malware. Personally I use Sophos Free Antivirus for Mac but there’s plenty to choose from.

It’s that simple.

Ignore the dinosaurs. Download protection. Install it. Get on with life.

http://www.zdnet.com/blog/hardware/modern-mac-owners-need-to-ignore-the-dinosaurs-and-get-protection/12857?tag=nl.e539