Recent software security updates.

Adobe Acrobat Reader 9.3
Adobe Flash 10.42.34
Frefox 3.6 for Windows
Firefox 3.5.6-1 for Fedora
Java 6.0 update 18
Microsoft IIS stack overflow issues
Microsoft Internet exploder exploits
Microsoft video codecs
VMware video codec
Wordpress 2.9.1

Howto: Secure passwords

An article published in the New York Times January 22, 2010, written by Ashlee Vance, indicates that far too many people use simple passwords.

There is an easy solution for this issue. Roboform2GO can be installed on a USB flash drive.  It can store the URL and passwords for 10 websites for free, and unlimited websites once you pay for and register the software.   The application works well with all versions of Windows that use either Firefox or Internet Explorer browsers.   I happened upon this very useful program while servicing a client system.    I have been a proponent ever since.  You can use a “master password” to secure your passwords. You remember ONE password, Roboform stores the rest for you, in an encrypted format.   The software can also generate extremely secure passwords in real time with adjustable criterion. Need a 12 digit pass phrase with 2 numerals and one special character? No problem.  It encrypts all of your passwords on the USB Flash drive.  You can also install the software directly to your computer.    For $59+shipping you can have all your passwords secured on one USB flash drive.  It’s a small price to pay for serious password security.    It also prevents key loggers from stealing your passwords.

Email jaguar07 at Evanscomputers DOT com or call 714-458-0190 to order today!

New virus infections spreading fast!

Many of my clients have had to contact me in the past week related to new Virus infections.

The axiom: an ounce of prevention is worth a pound of cure  is extremely accurate.

Prevention is fairly simple.

Get a reputable anti-virus product installed,  keep it updated.  Most of the better products ship with software firewalls.

I personally use ESET Smart Security Suite 4 for all of my Windows systems.  I use Clamav, Selinux, and IP chains for my servers.

The misconception that an email attachment or an infected file from portable media is the only way to get infected will be the demise of many small and medium sized businesses this year.

AV Comparatives Offers comparative unbiased Anti-Virus reviews.

Secure Email – oxymoron – WhiteGate™

The following is a direct quote from Funcom related to support for Age of Conan:

Our Game Masters will not deal with account issues or issues related to accounts in-game.

The reason for this is simple: privacy concerns.  In order to deal with many account issues, we require very detailed personal or financial information, and we do not consider in-game chat to be a secure environment in which to do so.  The risk of a miss tell that goes to a public channel, and the desire to protect individual credit card or bank information makes this a very poor security choice.

For this reason, our GM’s will always direct you to contact  E-Mail communications between our customers and Funcom are the most efficient and secure method to correct any account inquiries that you might have.

Obviously FunCom presumes email to be a secure form of communication.   Email has NEVER been a secure form of communication.   It is even LESS secure than a typical cell phone conversation.   If you want secure email you have to employ gpg or pgp to encrypt each individual email before you send or receive each message.

WhiteGate of the week goes to FunCom!  – Great Job!

Slow browsing

If you are experiencing really slow web browsing but downloads seem to be at normal speed, you may be a victim of a DNS (domain name service) cache poisoning attack.   This can affect any operating system connected to the Internet. Many of my professional clients have been impacted by this recently.  It is becoming a common issue.   The simple test to see if you are being impacted is to download a file from a known source such as Microsoft or Apple.  If the download proceeds normal speed, but web browsing is slow and sluggish, you may be affected.

On windows based systems:

Open a command prompt and type in “ipconfig  /flushdns” without the quotes.  Press enter.  To prevent future issues you can disable the DNS client service in the Admin Tools–> Services section.

On Mac systems:

Leopard and newer

Open a bsh shell prompt and type in “dnscacheutil -flushdns” without the quotes.

Earlier than 10.5.2

Open a bsh shell prompt and type in “lookupd -flushcache” without the quotes.

On Nix systems:

From a console with root priveledges “/etc/init.d/nscd.restart” without the quotes.    G/K/Ubuntu users  “su /etc/init.d/nscd.restart” without the quotes.

Most security programs have no mechanism to prevent this from occurring.  I do recommend ESET’s Smart Security Suite for Windows.  It will prevent this issue.