Guard Privacy & Online Security News & Information

Guard Privacy & Online Security Home : Guard Privacy Blog Home : February 2007

February 5, 2007 20:54 - Kids At Greater Risk To Online Porn

More than 40 percent of teens and young kids surveyed have recently come across nudity and pornography on the Internet without searching for it.

Study lead author Janis Wolak, a research assistant professor at the University of New Hampshire, and colleagues launched a three-month telephone survey of 1,422 kids aged 10-17 and the findings published today in the journal Pediatrics.

Forty-two percent of the kids surveyed said they'd encountered online pornography over the past year. Of those, two-thirds said their exposure to the material was unwanted. By contrast, just 25 percent of all kids interviewed in a 1999-2000 survey said they'd had unwanted exposure to online pornography.

The kids most likely to have purposely looked for pornography were those who used file-sharing programs to download images, were harassed online, talked online with strangers about sex, or used the Internet at the homes of friends.

According to the researchers, the survey results are probably within 2.5 percentage points of the real numbers among American kids who use the Internet as a whole.

What should parents do? "Talking to your kids about safe online use is important, but it won't necessarily help them avoid unintentional exposure to pornography," said David S. Bickham, a staff scientist at the Center on Media and Child Health at Children's Hospital Boston.

"Make sure whatever e-mail service your child is using has a very good spam filter -- this will keep most of the pornography spam at bay. Talk to kids about keeping e-mail addresses private. This means not giving out addresses to enter Web sites or having your address posted anywhere online."

Also, consider filtering software. "While exposure to pornography online is beginning to be a normative experience, installing filtering software on your computer will help delay the initial exposure," Bickham added.

For the best and safest content filtering software see SafeEyes

To reference this entry please copy the url in this link: (Permalink)

February 7, 2007 17:09 - Vista Security Not So Hot!

Windows Vista has only just left the starting blocks but security watchers have wasted no time in challenging claims that it provides improved security defenses.

VB tests on 15 anti-virus products designed for Vista found four including Microsoft's Live One Care, failed to reach the standard required for its VB100 certification.

Virus Bulletin's VB100 tests pit each anti-virus package against a test-set from the WildList database of viruses known to be circulating on computers around the world. To earn VB100 certification, products must be able to detect all of these viruses without generating any false alarms when scanning a set of clean files.

With all the delays in getting Vista released, there was no excuse for vendors not getting their products working, says Virus Bulletin technical consultant John Hawes.

Microsoft's rivals have also questioned the effectiveness of Vista's security. For instance, anti-spyware vendor Webroot criticises ineffective blocking capabilities in Windows Defender, Microsoft's antispyware.

In tests conducted by Webroot researchers Windows Defender failed to block 84 per cent of a testing sample-set that included 15 of the most common variations of existing spyware and malware.

While Vista contains a number of security improvements, notably better anti-spyware defenses, additional protection is required. "Although many improvements have been made, Vista cannot fend off today's malware without help from security products," Hawes stated.

To reference this entry please copy the url in this link: (Permalink)

February 9, 2007 12:37 - Vista Security Takes A Further Hammering

The claim of Microsoft that Vista has significant security features over all previous Windows operating systems, including XP, seems to be in tatters.

Many of us expected that Microsoft was setting itself an unachievable benchmark in its claims for Vista -- its record of designing out security flaws in its systems and software and its response to fixing the critical ones has been appalling. So, what should be different with Vista?

In my Wednesday's blog, I warned of the poor performance of Microsoft Vista's anti-virus and anti-spyware programs. Now, it is reported that the Vista firewall fails on outbound security.

Good firewalls will not only filter out third parties trying to breach our computer defenses to access our computers, they can also warn us and stop unauthorized parties sending out our personal information.

However, PC World reports that, as shipped, the Vista Firewall offers little outbound protection, and it's not clear how outbound protection can be configured to protect against spyware, Trojans and bots.

Competing firewalls, such as ZoneAlarm -- which I and others consider to be the best on the market -- offer user-configurable outbound protection, also known as outbound filtering.

But by default, most outbound filtering in the Windows Vista firewall is turned off. In addition, there may be no practical way to use outbound filtering to stop all unwanted outbound connections.

In the Security panel, you can only turn inbound filtering on or off, and configure how inbound filtering works. To work with outbound filtering, you instead have to use the Microsoft Management Console, to set up rules. However, every outbound rule allows outbound connections but none block connections!

To stop all malware from making outbound connections, you'd have to know the details of the thousands of pieces of malware in existence, and create rules for each one individually. Even that wouldn't work, because you wouldn't know about malware that has not yet been detected.

In short, the article concludes, "it's an impossible task."

To reference this entry please copy the url in this link: (Permalink)

February 16, 2007 15:41 - New Pharming Attack Takes Over Home Routers

Symantec and Indiana University researchers have issued a warning that hackers are able to install malicious code into phony Web sites, which can then log into home broadband routers. The term used for this threat is 'Drive-By Pharming'.

The attack works because most of popular home routers ship with default passwords, default internal IP address ranges, and web-based configuration interfaces.

The malware exploit is a single line of JavaScript loaded with a default router IP address, a default password, and the ability to reconfigure the router to use the attacker's DNS servers.

Most people never change the password from the original factory default, so the script has a high probability of logging in successfully. Then, the JavaScript code changes the router?s settings so that the third party can exercise full control. This allows attackers to direct you and your browser to whichever Websites they wish.

The attacker could, for example, redirect paypal.com to his own phishing server in order to steal money. Another example is to bounce windowsupdate.com to his own malware distribution site to try to create a botnet.

So how do you protect yourself from such an attack? It's a simple fix... change the default password of your router.

To reference this entry please copy the url in this link: (Permalink)

February 21, 2007 20:16 - Windows Defender Fails Again In Spyware Tests

Windows Defender has been further criticized in a new test that found it could detect barely half of the malware thrown at it and scoring well below other antispyware products.

According to Australian testing company Enex Testlab, in full scanning mode the anti-malware scanner could only pick up 53.3% of an unspecified list of malware threats thrown at it, with the quick scan scoring a detection rate of only 48%. Other antispyware programs fared a lot better.

These results follow earlier in-house research by security rival Webroot. Webroot found that Windows Defender failed to block 84 percent of a testing sample-set that included "15 of the most common variations of existing spyware and malware". These threats included adware, system monitors, key loggers and Trojans.

In my article, Commercial & Free Spyware Remover Evaluation, you'll see how my tests show a similar pattern of poor detection and removal rates for Windows Defender. However, in its defense, Defender is free. None of the freeware programs compares with the commercial products, simply because the commercial developers can re-invest sales income into ongoing improvements into spyware protection.

When you read my article you'll see that no one spyware blocker will remove all spyware. True, commercial antispyware will remove 60-80 percent of spyware, but spyware is so dangerous you will want to aim to remove as close as possible to 100 percent. So, free antispyware has its place, because, in some cases, it will remove spyware not detected by its bigger, more expensive brothers!

My advice... go for the CounterSpy Free Trial -- I'm sure you'll end up buying it -- and use the free Windows Defender, Lavasoft Ad-Aware, and Spybot - Search & Destroy. If you can afford it, also try and buy Webroot Spy Sweeper. With this array of defenses, you'll have the best antispyware currently available.

To reference this entry please copy the url in this link: (Permalink)

February 26, 2007 21:03 - Fix Your Firefox Web Browser

Security holes in Firefox have allowed potential attackers to crash a browser, connect people to a phishing or pharming website and gain access to information on a victim's computer.

The Mozilla Foundation has issued updates for the free software to improve security, stability and compatibility with Microsoft Corp.'s new version of Windows. This new upgrade of Firefox is version 2.0.0.2

"It's critical that Firefox users keep themselves updated to protect against software vulnerabilities. Firefox users cannot fool themselves into thinking that security is just a problem for Microsoft products," said Graham Cluley, senior technology consultant for Sophos. "It makes sense for all computer users to remain alert about the latest security flaws, and ensure they are running the latest patched version of their chosen internet browser."

"It has been much more common for hackers to target users of Microsoft Internet Explorer than Firefox, but that doesn't mean that Firefox users should stick their heads in the sand about security," continued Cluley. "Mozilla will stop releasing security and stability updates for Firefox 1.5 in April, so there really are no excuses for not upgrading to the latest edition of version 2.0."

To upgrade to Firefox 2.0.0.2 visit the Mozilla website

To reference this entry please copy the url in this link: (Permalink)

January 2007 « 

 

 RSS
RSS Feed For This News

Guard Privacy Blog Home | Archives | Guard Privacy... Hot New Topics | Internet Privacy & Security Risks... News! | Spyware & Spyware Blockers... News! | | Guard Privacy From Spyware | Guard privacy With Anonymizers