Thursday, April 30, 2009

LandzDown Forum Stops Updates for Security Products with IAC/Ask

Update information for security software products including/bundling and/or having default (pre-checked) opt-out installation of the Ask Toolbar and Search Assistant is discontinued at LandzDown Forum.

1. BitDefender
2. Comodo Firewall Pro
3. StopZilla
4. Symantec
5. Webroot
6. ZoneAlarm (Check Point)

Further information on products including the "pay-per-install" IAC product is available at Calendar of Updates, Products with Ask Toolbar.

For background information about IAC/Ask practices, see the topics below.


LandzDown Forum Members' attention is also directed to Calendar Of Updates Installers Hall of Shame which include toolbars and other potentially unwanted add-ons. Please be alert to the installation process any time you are installing a new software.

Announcement: Security Products Including IAC/Ask






Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Tuesday, April 28, 2009

BitDefender Joins the Dark Side

To quote my friend and one of the most ethical people I know, Bill Pytlovany, the developer of WinPatrol:
BitDefender has joined the dark side. By end of year, @WinPatrol may be alone in not having an Ask Toolbar. http://bit.ly/NcP3C
The link from the Twitter quote leads to a thread at Wilders Security where member EsoxLucius confirms with a screen capture the inclusion of Ask in the BitDefender product:
- This is not a masked ask toolbar, it is a BitDefender toolbar with and added search box (in this case ask)

- No search, browsing habits, browsing history is captured and sent anywhere.

- The ask.com search box is mentioned in the first step of the installation.

- The choice regarding what toolbar to use is not mine to make and I can't really say why IAC.
As a result of the inclusion of the Ask search engine in the BitDefender Anti-Phising product, Calendar of Updates (CoU) has discontinued providing update information on BitDefender. (See the CoU list of products with the Ask Toolbar.)

Granted, it is stated in the installation of the BitDefender Anti-Phishing toolbar that Ask is included. The problem is how many people read beyond seeing the buttons to click Next > Next > Finish?

Based on the history of IAC/Ask, one can only guess that BitDefender also succumbed to the pay-per-install offer by IAC. The popular browsers (IE 7, IE 8, Firefox, Opera and Safari) all include anti-phishing. A separate anti-phishing toolbar certainly appears redundant to me, particularly one that forces the use of a pay-per install search engine.




Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Monday, April 27, 2009

Talking About Windows

Talking About Windows went live today to provide a behind-the-scenes look at the next generation of Windows. It is a video blog with contributions provided by Microsoft engineers who helped build Windows 7.

Of special interest are videos by Mark Russinovich, Microsoft Technical Fellow, and Jon Devaan, Sr. VP Windows Operating System. In addition to Microsoft engineers, also included are videos by IT professionals.

Join the conversation with Microsoft and other IT professionals.

Facebook fans can join the Talking About Windows Group. The site introduction is presented at the Windows Team Blog.







Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Mozilla Firefox 3.0.10 Update

Mozilla Firefox pushed out an unexpected early release of version 3.0.10. According to a comment posted by Aza Dotzler on the Firefox Extension Guru blog:
"Some people are experiencing stability issues with 3.0.9 and the quick release of 3.0.10 is designed to remedy those issues."
There isn't much other information available at this time other than from What’s New in Firefox 3.0.10:

"Firefox 3.0.10 fixes two issues found in Firefox 3.0.9:

See the complete list of bugs fixed."

To get the update, click "Help > Check for Updates".






Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Sunday, April 26, 2009

Comodo Software Removed from Softpedia

Softpedia has long followed a strict code of ethics, defining adware as a software that falls into at least one of the following categories:
(1) Displays ad banners or other types of advertising material during its runtime
(2) Attempts to change the homepage for web browsers installed on the system
(3) Attempts to change the default search engine for web browsers installed on the system
(4) Offers to download or install software or components (such as browser toolbars) that the program does not require to fully function
(5) At program startup/shutdown , opens web pages featuring advertising or similar income generating content
(6) Creates desktop or start menu shortcuts for items unrelated to the program's functionality

Softpedia reports that Comodo Internet Security strikes out on numbers 2, 3 and 4. Number 4, is the reason I stopped recommending Comodo firewall a year ago when the Comodo SafeSurf toolbar included the Ask Toolbar. Stefan Fintea, the Softpedia Software News Editor, explains:
"Aside from the fact that SafeSurf is a component that the program (CIS) does not require to fully function, therefore it alone would be a good reason to mark CIS as adware, this utility also installs Ask Toolbar without asking for the user’s permission. This type of behavior is clearly not the one described in the Comodo email and could be easily classified as spyware (since adware would imply prior user consent)."
For background on Ask toolbar issues see Edelman on 'Deceptive Door Openers' and Ask toolbars.

Via BillP

References



Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Saturday, April 25, 2009

Interview: Toby Richards on Microsoft Most Valuable Professionals

Lets Talk Computers conducted an in-depth interview of Toby Richards (Microsoft General Manager, Community & Online Support) on the Microsoft Most Valuable Professional (MVP) program:
"Microsoft (NASDAQ: MSFT) is the worldwide leader in software, services, and solutions that help people and businesses realize their full potential. Toby Richards, General Manager, Community & Online Support, with Microsoft, talks about Microsoft's "Most Valuable Professional" Award Program and what transpired at the 2009 Summit."
Listen to the interview available via Real Audio or Windows Media Player at Let's Talk Computers.

Additional information on the Microsoft MVP program:




Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Friday, April 24, 2009

Windows 7 RC Expected April 30

It was announced today on the Windows Blog that the Windows 7 Release Candidate (RC) is on track for April 30 for download by MSDN and TechNet subscribers. It was also indicated that broader, public availability will begin on May 5.

Windows 7 Release Candidate Update



Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Thursday, April 23, 2009

WinPatrol Discount for Bill Pytlovany's Birthday!

I had planned a special message to post for my favorite developer's birthday but learned that, instead, in celebration of his birthday, Bill Pytlovany is offering a 50% discount for WinPatrol Plus!

"On today, April 24th, I’m offering WinPatrol PLUS for $14.98 USD which is a savings of 50%. ( Approx. 11.50 EUR ). So if you’ve been thinking about upgrading or have friends who need WinPatrol PLUS today is the day!

Just go to http://www.winpatrol.com to upgrade.

The 50% discount will be valid from April 24th, at 12:01 AM EST until April 24th, 11:59 PM EST. This sale includes WinPatrol 1 GB wirstbands and sport shirts while supply lasts."
If you have been putting off making that one-time purchase, now is the time to take advantage of this special. Even if you are a Plus subscriber, stop by Bits From Bill and thank Bill for providing such a great product and wish him a very Happy Birthday.

Be sure to check out The BillP WinPatrol Story.



Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Awards: Kodak OLED Wireless Frame & Kodak EKTAR 100 film


The Technical Image Press Association (TIPA) Awards are considered the most coveted photo and imaging awards. TIPA awarded both the Kodak OLED Wireless Frame and Kodak Professional Ektar 100 film as the best in Europe for 2009.

Although time is running out, you still have an opportunity to win a Kodak OLED Wireless Frame in the OLED-Info Kodak Photo frame contest. (For additional information about OLED technology, see OLED technology explained.)

About the TIPA Awards:
"The best imaging products of 2009 were voted on at the Technical Image Press Association (TIPA) General Assembly held from 2-4 April 2009 in Budapest. The editors of the 25 member photo magazines from 10 European countries met to discuss the association's new strategies and projects as well as vote for the best imaging products launched by the industry in the last 12 months."
References:


Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Tuesday, April 21, 2009

Firefox Update v. 3.0.9

Firefox 3.0.9 fixes several issues found in Firefox 3.0.8:

Fixed several security issues, including:
  • MFSA 2009-22 Firefox allows Refresh header to redirect to javascript: URIs
  • MFSA 2009-21 POST data sent to wrong site when saving web page with embedded frame
  • MFSA 2009-20 Malicious search plugins can inject code into arbitrary sites
  • MFSA 2009-19 Same-origin violations in XMLHttpRequest and XPCNativeWrapper.toString
  • MFSA 2009-18 XSS hazard using third-party stylesheets and XBL bindings
  • MFSA 2009-17 Same-origin violations when Adobe Flash loaded via view-source: scheme
  • MFSA 2009-16 jar: scheme ignores the content-disposition: header on the inner URI
  • MFSA 2009-15 URL spoofing with box drawing character
  • MFSA 2009-14 Crashes with evidence of memory corruption (rv:1.9.0.9)
The update also included the following:
  • Fixed several stability issues.
  • Many users experienced an issue where a corrupt local database caused Firefox to “lose” its stored cookies. (bug 470578)
  • Fixed an issue where, starting with Firefox 3.0.7, inline image attachments on popular webmail services (like AOL and AIM) would not display. (bug 482659)
  • Large forms would sometimes take a long time to submit. (bug 426991)
  • In certain cases, new windows would not have proper focus. (bug 446568)

To get the update, Click Help > Check for Updates

Release Notes





Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Security Garden Visitor

What a day! Have you heard of mileage runs? The concept was new to me but I learned not long ago that people who travel frequently will use mileage runs to maximize their frequent flyer miles or other status associated with their account.

My friend Aaron Hulett works for Microsoft in Washington State but his family is in Michigan and, as his friends know, Cedar Point is in Ohio. There is no doubt that Aaron enjoys a challenge, which his recent series of mileage runs are evidence.

When I announced to my LandzDown Family that our staff unit was being eliminated and I would soon be retiring from Kodak, Aaron invited me to lunch! He worked out an incredible schedule that took him from SEA (Seattle Airport in Washington) across country with a connection that allowed a layover here.

Finally, after knowing Aaron since 2003 via a former security vendor association, following him through his summer internship at Microsoft, college graduation, relocation to Seattle and full-time employment at Microsoft, hours on end in IRC, today was the day!

Windblown from the after-lunch walk on the pier, here we are outside the Kodak Research Laboratories.



Thank you, Aaron. Your visit was very special. {{{HUGS}}}






Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Thursday, April 16, 2009

Microsoft Fix it Gadget

The Microsoft Fix it Team just made a great service even better! How? By making the Fix it Solutions easily located. As I write this, the team has published over 140 solutions to assist in automate settings changes or repairs. Although you can still browse or search the Microsoft Fix it Solutions Center, there are two additional tools available.

First is the Fix it Solutions Page that includes a filter, a Fix it solutions search bar, a cloud display of solution description labels and the ability to sort by different criteria. Be sure to add the Fix it Solutions Page to your bookmarks.

Now we come to my favorite, the Microsoft Fix it Vista Sidebar gadget . It is amazing how much was packed into the sidebar gadget.

As you can see in the first image below view, the gadget includes links to the Fix it blog and Facebook group. The primary view is dependent on the settings you select in the gadget options.

Know what type of solution you are looking for? Merely click the left or right triangle (to the side of the page indicator) to access the gadget search box. Click again to toggle to the description view, which provides a scroll bar.







Windows 7 Beta testers, rest assured, the Microsoft Fix it gadget it works beautifully on Windows 7 as well. In fact, on Windows 7 the Fix it gadget has the additional options to increase the size or drag the gadget to another location.




Microsoft Fixit Gadget download link: gadget



Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Breaking: Time Warner Cable Drops New Internet Price Plan

Shortly after publishing the last post, I learned of the following news announcement:
"Rochester, N.Y. -- Sen. Charles Schumer (D-NY) announced Thursday that Time Warner Cable will shelve plans for a tiered pricing system for Internet use.

Time Warner Cable had intended to use Rochester as a test market for the new plan that would have placed heavy internet users into a higher price tier.

Schumer said he called management Wednesday to oppose Rochester being used as a test market.

"We are celebrating," Schumer said.

Schumer said he would work with Time Warner on future changes."
Update: (Hat Tip, Bugbatter)

The report from digtriad.com certainly does not sound like what Senator Schumer reported:
"Time Warner Cable Chief Executive Officer Glenn Britt said, It is clear from the public response over the last two weeks that there is a great deal of misunderstanding about our plans to roll out additional tests on consumption based billing. As a result, we will not proceed with implementation of additional tests until further consultation with our customers and other interested parties, ensuring that community needs are being met. While we continue to believe that consumption based billing may be the best pricing plan for consumers, we want to do everything we can to inform our customers of our plans and have the benefit of their views as part of our testing process."
Full report: Time Warner Disconnects Their Consumption Based Billing Test





Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Frontier Stuffs Time Warner's Tiered Plan (for now)

Time Warner Cable (TWC) recently announced plans to bring consumption-based billing to Rochester, N.Y.; Greensboro, S.C.; and San Antonio and Austin, Texas. This tiered/metered plan would provide for levels of service ranging from 1 gigabyte for $15 to 100 gigabytes for $75, with $1/GB over the subscribed limit.

Via engadget it appears that Frontier Communications Co., the local Rochester telephone/DSL provider, has shelved their plans to introduce a similar metered billing offering. Thus, it appears that TWC's plans are up a creek for now.
"That move bodes poorly for the future of metered Internet billing. Because the idea is unpopular with consumers, cable and phone companies need to match each other's moves in introducing it, or one of them gains a competitive advantage by offering the standard all-you-can-eat service."
Services in the Rochester area are fairly limited. Satellite has not been broadly accepted in the area. Frontier's DSL and TWC's Road Runner are essentially the only providers. As can be seen at Stop the Cap! Alternatives!, broadband service providers in this area are very limited. Let us hope that Rep. Massa stays true to his promise:
"Internet access is as essential to our economy as water is to our survival," said Congressman Eric Massa. "With limited choices in broadband providers, and virtual monopolies in many market areas, I view this as nothing more than a large corporation making a move to force customers into paying more money. I firmly oppose capping internet usage and I will be taking a leadership role in stopping this outrageous, job killing initiative." {Emphasis added}
With my interests in the computer security arena, I can envision asking someone with a severely infected computer why they had not installed the latest security updates and their response being that they had used up their metered service limit conducting a job search and filing unemployment claims!

Visit Stop the Cap! for information and news to "Fight Back Against Usage Caps for Cable, DSL, and Fiber Optic Broadband".

References:



Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Wednesday, April 15, 2009

Zune HD to Include OLED!

Until I saw the anticipated specifications for the upcoming new Zune device, I did not think all that much about it. Many people consider the incorporation of NVIDIA Tegra to power HD content exciting or that it includes a web browser.

As far as I am concerned, the ultimate clincher that will make the Zune HD a major hit is the OLED full touch screen. OLED is an amazing technology that will make using the Zune HD a pure delight.

From a Neowin Exclusive: Lets talk some Zune HD specs:
"An overview of the Zune HD specs:
16APR09 Edit Note: Neowin has struck the 120GB version from the list.

OLED Background
:


Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Tuesday, April 14, 2009

U.S. Tax Season and Phishing Scams

Yes, I waited until close to the last minute to file our tax returns. Figuring it out both ways, it worked out better for us by filing our return as married/separate.

If you are in the mad scramble to file your return on time, don't fall into any phishing scams. As US-Cert reported today:
"Phishing scams may appear as a tax refund, an offer to assist in filing for a refund, or contain details about fake e-file websites. These messages may appear to be from the IRS and directly ask users for personal information. These messages may also contain a link and instruct the user to follow the link to a website that requests personal information or contains malicious code.

US-CERT encourages users to take the following measures to protect themselves from this type of phishing scam:
Reference: US Tax Season and Phishing Scams



Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

April 2009 Microsoft Security Bulletin Release

Eight new Microsoft security bulletins have been released today. Summaries for the April 2009 bulletins may be found at http://www.microsoft.com/technet/security/bulletin/MS09-Apr.mspx.

MS09-009: Vulnerabilities in Microsoft Office Excel Could Cause Remote Code Execution (968557)
Maximum Severity Rating: Critical
Vulnerability Impact: Remote Code Execution
Restart Requirement: May require restart
Affected Software: Microsoft Office
MS09-010: Vulnerabilities in WordPad and Office Text Converters Could Allow Remote Code Execution (960477)
Maximum Severity Rating: Critical
Vulnerability Impact: Remote Code Execution
Restart Requirement: Requires restart
Affected Software: Microsoft Windows, Microsoft Office
MS09-011: Vulnerability in Microsoft DirectShow Could Allow Remote Code Execution (961373)
Maximum Severity Rating: Critical
Vulnerability Impact: Remote Code Execution
Restart Requirement: May require restart
Affected Software: Microsoft Windows
MS09-012: Vulnerabilities in Windows Could Allow Elevation of Privilege (959454)
Maximum Severity Rating: Important
Vulnerability Impact: Elevation of Privilege
Restart Requirement: Requires restart
Affected Software: Microsoft Windows
MS09-013: Vulnerabilities in Windows HTTP Services Could Allow Remote Code Execution (960803)
Maximum Severity Rating: Critical
Vulnerability Impact: Remote Code Execution
Restart Requirement: Requires restart
Affected Software: Microsoft Windows
MS09-014: Cumulative Security Update for Internet Explorer (963027)
Maximum Severity Rating: Critical
Vulnerability Impact: Remote Code Execution
Restart Requirement: Requires restart
Affected Software: Microsoft Windows, Internet Explorer
MS09-015: Blended Threat Vulnerability in SearchPath Could Allow Elevation of Privilege (959426)
Maximum Severity Rating: Moderate
Vulnerability Impact: Elevation of Privilege
Restart Requirement: Requires restart
Affected Software: Microsoft Windows
MS09-016: Vulnerabilities in Microsoft ISA Server and Forefront Threat
Management Gateway (Medium Business Edition) Could Cause Denial of Service (961759)
Maximum Severity Rating: Important
Vulnerability Impact: Denial of Service
Restart Requirement: Requires restart
Affected Software: Microsoft Forefront Edge Security



Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Saturday, April 11, 2009

Happy Easter

The paska (Ukrainian Easter bread) is ready as well as the other goodies we will enjoy tomorrow. Sending wishes to everyone for a Joyous Easter.








Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Thursday, April 09, 2009

MSRC Security Bulletin Release - Advance Notice, April 2009

On April 14, 2009, Microsoft is planning to release eight new security bulletins. Below is a summary in order of severity.

Critical:

Bulletin ID: Windows 1
Maximum Severity Rating: Critical
Vulnerability Impact: Remote Code Execution
Restart Requirement: Requires restart
Affected Software: Microsoft Windows, Microsoft Office
Bulletin ID: Windows 2
Maximum Severity Rating: Critical
Vulnerability Impact: Remote Code Execution
Restart Requirement: Requires restart
Affected Software: Microsoft Windows
Bulletin ID: Windows 3
Maximum Severity Rating: Critical
Vulnerability Impact: Remote Code Execution
Restart Requirement: May require restart
Affected Software: Microsoft Windows
Bulletin ID: IE
Maximum Severity Rating: Critical
Vulnerability Impact: Remote Code Execution
Restart Requirement: Requires restart
Affected Software: Microsoft Windows, Internet Explorer
Bulletin ID: Excel
Maximum Severity Rating: Critical
Vulnerability Impact: Remote Code Execution
Restart Requirement: May require restart
Affected Software: Microsoft Office
Important:

Bulletin ID: Windows 4
Maximum Severity Rating: Important
Vulnerability Impact: Elevation of Privilege
Restart Requirement: Requires restart
Affected Software: Microsoft Windows
Bulletin ID: ISA
Maximum Severity Rating: Important
Vulnerability Impact: Denial of Service
Restart Requirement: Requires restart
Affected Software: Microsoft Forefront Edge Security
Moderate:

Bulletin ID: Windows 5
Maximum Severity Rating: Moderate
Vulnerability Impact: Elevation of Privilege
Restart Requirement: Requires restart
Affected Software: Microsoft Windows

References:




Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Monday, April 06, 2009

Spring Cleaning (humor)

Spring is the time of year when we like to open windows to air things out and give our homes a top to bottom spit and polish. This is also a good time to remove the accumulated dust from our PC.

There is, however, one area on our PCs that is frequently neglected -- the inside of the computer monitor. I read recently that all computer screens on the inside are covered with bacteria, dust, germs, etc. that can be dangerous to your health.
"This is caused by a variety of reasons and it can prove to be a health hazard for everyone that uses the computer. Some at the CDC in Atlanta have recently said that this problem can be as dangerous as cigarette smoking because of the time that most of us are now spending on computers for work and personal reasons."

The link below is to a special program that I discovered. It is free for personal use and is claimed to be able to correct this fast growing potential health problem.

Click the link to clean the inside of your computer screen

--- Screen Cleaner ---







Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...