Sunday, June 28, 2009

Few easy steps to download streamed content

In order to have a good streaming experience while watching your favorite videos online, you need to have a good internet connection speed but sometimes, streaming can still be frustrating because you need to buffer again if you want to watch the video another time. There is also sometimes a browser or plugin issue that can lead to stutter in the video stream. Well to avoid this kind of problems or if you want to have a copy of the streamed content for yourself then you can always download it. Yes, downloading a stream content can be much faster than waiting for the video to load to 100%. With just a few steps, you can save a copy of your favorite videos online.

First we need to have the pre-requisites or the needed software for you to be able to start downloading. Install the following:
- Mozilla Firefox (Grab it here if you don't have one)
- Free download Manager (Grab it here if you don't have one)

After you installed the required software, we need to install the additional feature we want:
-Install downloadhelper as a Mozilla plugin (Grab it here). It's installation is very straightforward and after restarting firefox your ready to download from streamed content.

And now for the main part which is downloading from streamed videos online:

1. Start free download manager which we previously installed. (We will need it later)
2. Go to a streaming website. We will make youtube as an example. Just pick any videos and click play. Don't wait for it to buffer, just click pause and you should see the downloadhelper icon is animated (it is located just on the left side of the address bar). Downloadhelper can download the videos itself but we will use free download manager to boost the download much faster.
3. You should see a small arrow beside the downloadhelper icon, click on it, you should then see the title of the streamed content. Hover on the title and click copy url.
4. Open free download manager and "add a download". You can do this by clicking on the "plus" icon and just paste the url there. Click ok to start downloading.

This method will work on almost all video hosting providers including youtube, veoh, megavideo, zshare and many more. Supported content are the following - flv,ram,mpg,mpeg,avi,rm,wmv,mov,asf,mp3,rar,movie,divx,rbs,mp4,mpeg4.
...read more ⇒

Friday, June 26, 2009

Need to download in Megaupload?

It is free to download a file from megaupload but it all comes with limitations. One of the most complained about is the country download slot limit. Apparently, there is a limit megaupload imposes on every country on how many can download but offers a solution of installing a megaupload toolbar or registering a paid subscription.

But do we really need to pay or install this toolbar to be able to download numerous files from megaupload? It's a big "NO". There is a way to bypass this limitation and you can only do this by using the world's #1 browser. Yes, we need the firefox magic. We are all aware that apart from being secure and fast, many loves firefox customizable feature and thousands of add-ons we can install. And thankfully there are a number of add-ons that we can add to firefox to do the megaupload bypass.

1. The first one is the Megaupload SX 3.2 add-on. It works perfectly but there is a compatibility issue of the current version. It only works with older version of firefox >3.0. If you are using firefox version 3.0 and above there is no need to revert as we have another option below.

2. We can also use Megaupload Integration. It is still an experimental add-on but worked like a charm with many people and I personally tested this one out using firefox 3.0.11. Some complained that it's not working for them but still worth the try.

Enjoy your limitless download slot limit! Haven't switched to Mozilla yet? Grab firefox browser here.
...read more ⇒

Wednesday, June 24, 2009

Microsoft security essentials beta released by Microsoft

The free antivirus (AV) from Microsoft, "Microsoft Security Essentials beta version" has been released. It is now available for download at Microsoft web site (click here for the download page) but it is only available to customers in the United States, Israel (English only), People's Republic of China (Simplified Chinese only) and Brazil (Brazilian Portuguese only).

This new AV from Microsoft will be replacing the companies previous AV, Windows Live OneCare that will be phased out this November. This AV will be offering protection against viruses, trojans, worms and spywares. A comprehensive review can be found here.

System requirements of Microsoft Security Essentials:

* Operating System: Windows XP (Service Pack 2 or Service Pack 3); Windows Vista;
Windows 7 (Beta or Release Candidate)
* For Windows XP, a Personal Computer with a:
o CPU with clock speed of 500 MHz or higher
o Memory: 256 MB RAM or higher
* For Windows Vista and Windows 7, a Personal Computer with a:
o CPU with clock speed of 1.0 GHz or higher
o Memory: 1 GB RAM or higher
* VGA (Display): 800 x 600 or higher
* Storage: 140 MB of available hard-disk space
* An Internet connection is required for installation and to download the latest virus and
spyware definitions for Microsoft Microsoft Security Essentials.
* Internet Browser:
o Windows Internet Explorer 6.0 or later
o Mozilla Firefox 2.0 or later
...read more ⇒

Tuesday, June 23, 2009

A free antivirus from Microsoft

Microsoft joins the fray of anti-virus market and will be offering a free anti-virus software named "Microsoft Security Essentials". The beta version is anticipated to be released this month. What will this anti-virus will offer?

* It's free.
* People download it from a trusted source.
* There is no registration, trials or license renewals.
* It stays automatically up-to-date.
* It does its job with the click of just one button.

"Microsoft Security Essentials" screenshot leaked in Internet:

How well will this anti-virus perform?

No one really knows yet until it is fully deployed and tested by users. But one thing is for sure, it will not perform as well as commercial anti-virus and with many free AV programs like AVG and Avira, it will be up for a tight competition.

Performance chart comparison with other Microsoft's security products:

...read more ⇒

Sunday, June 21, 2009

Wrong assumptions in safe surfing

These are the most famous myths on security and safe internet surfing. Know them and you are better prepared to protect your yourself and your data.

I don't keep important things on my PC, so I don't have to worry about security.

There was a time when this statement was partially true, but that time has long since passed. Current viruses, worms, and other threats, including the famous Conficker and Gumblar spread blindly across the Internet to thousands or millions of PCs in a matter of hours, without regard for who owns them, what is stored there, or the value of the information they hold. The purpose of such attacks is nothing less than to wreak havoc. If you ignore the reality of these attacks, you are certain to be hit at one time or another. Even if your computer is not attacked directly, it can be used as a zombie to launch a denial-of-service or other attack on a network or to send spam or pornography to other PCs without being traced. Therefore, your civic responsibility is to protect your PC so that others are protected.

I can protect my PC if I disconnect from the Internet or turn it off when I'm not using it.

Wrong. If you connect to the Internet at all, you are a target. You could download a virus when you connect and not activate it until days later when you read your e-mail off-line. Even if you rarely connect to the Internet, you can get a virus from a file off of a network, floppy disk, or USB flash memory drive. Virus propagates in many ways and Internet is just one of them.

I can protect myself from viruses by not opening suspicious e-mail attachments.

Wrong again. The next virus you get may come from your best friend's or boss' computer if his e-mail address book was used to propagate an attack. Many worms propagate this way, infected computers automatically sends malicious codes to all email contacts of the victim. And it is possible to activate some viruses simply by reading or previewing an e-mail. You simply must have a PC-based antivirus package as most comes with an email scanner.

I don't visit unknown or anonymous website so I don't need to worry about web-based attacks.

It is true that not visiting unknown and suspicious websites can protect you but this does not mean your 100% safe. Some legitimate websites are sometimes infected through web attacks like gumblar. And visiting the website can infect your PC immediately.

I have a Macintosh (or a Linux-based system), not a Windows system, so I don't have to worry about being attacked.

It is true that most attacks target Microsoft Windows–based PCs, but there have been attacks against Mac OS and Linux systems as well. Some experts have predicted that the Mac virus problem will get worse, because Mac OS X uses a version of Unix. And although these systems have some useful security features, they can still be attacked. See this post for Mac OS virus attacks.

My system came with an antivirus package, so I'm protected.

Not quite. First, if you haven't activated your antivirus package to scan incoming traffic automatically, you are not protected against e-mail and Web browser attacks. Second, new threats appear daily, so an antivirus package is only as good as its last update. Activate the auto-update features to stay on top of the latest threats. Third, an antivirus package can't protect you from every threat. In most cases you need a combination of solutions, including, at minimum, antivirus, a personal firewall and an anti adware/spyware. See this post on basic virus prevention.
...read more ⇒

Friday, June 19, 2009

Collecta: A search engine for social networkers

It's not just Microsoft and Google that's waving the search engine wars. Another specialized search engine is also trying to make a ground in this market. Collecta is a "real-time" search engine that scans through the web and specializes in searching through micro-blogging sites, news stories, blogs, flickr, youtube and other social sites.

The users interface of Collecta is also very user friendly and straightforward. You can also search various queries at the same time. The page is separated into three columns with the result showing up on the middle and the content of the selected item is on the right side.

The results are real-time and you also have the option to pause it. This six month old search engine is gaining popularity in this field but it will only fit to those searching within the social network eg tweets or blog post. Searching general information is still dominated by the old leader in search engine which is Google.
...read more ⇒

Thursday, June 18, 2009

Speeding up Windows XP

These are advanced steps in speeding up your Windows XP machine. If you don't want to tinker so much with hardware and software follow the steps posted here

1.) To decrease a system's boot time and increase system performance, use the money you save by not buying defragmentation software -- the built-in Windows defragmenter works just fine -- and instead equip the computer with an Ultra-133 or Serial ATA hard drive with 8-MB cache buffer.

2.) If a PC has less than 512 MB of RAM, add more memory. This is a relatively inexpensive and easy upgrade that can dramatically improve system performance.

3.) Ensure that Windows XP is utilizing the NTFS file system. If you're not sure, here's how to check: First, double-click the My Computer icon, right-click on the C: Drive, then select Properties. Next, examine the File System type; if it says FAT32, then back-up any important data. Next, click Start, click Run, type CMD, and then click OK. At the prompt, type CONVERT C: /FS:NTFS and press the Enter key. This process may take a while; it's important that the computer be uninterrupted and virus-free. The file system used by the bootable drive will be either FAT32 or NTFS. I highly recommend NTFS for its superior security, reliability, and efficiency with larger disk drives.

4.) Disable file indexing. The indexing service extracts information from documents and other files on the hard drive and creates a "searchable keyword index." As you can imagine, this process can be quite taxing on any system.

The idea is that the user can search for a word, phrase, or property inside a document, should they have hundreds or thousands of documents and not know the file name of the document they want. Windows XP's built-in search functionality can still perform these kinds of searches without the Indexing service. It just takes longer. The OS has to open each file at the time of the request to help find what the user is looking for.

Most people never need this feature of search. Those who do are typically in a large corporate environment where thousands of documents are located on at least one server. But if you're a typical system builder, most of your clients are small and medium businesses. And if your clients have no need for this search feature, I recommend disabling it.

Here's how: First, double-click the My Computer icon. Next, right-click on the C: Drive, then select Properties. Uncheck "Allow Indexing Service to index this disk for fast file searching." Next, apply changes to "C: subfolders and files," and click OK. If a warning or error message appears (such as "Access is denied"), click the Ignore All button.

5.) Update the PC's video and motherboard chipset drivers. Also, update and configure the BIOS. For more information on how to configure your BIOS properly, see this article on my site.

6.) Empty the Windows Prefetch folder every three months or so. Windows XP can "prefetch" portions of data and applications that are used frequently. This makes processes appear to load faster when called upon by the user. That's fine. But over time, the prefetch folder may become overloaded with references to files and applications no longer in use. When that happens, Windows XP is wasting time, and slowing system performance, by pre-loading them. Nothing critical is in this folder, and the entire contents are safe to delete.

7.) Once a month, run a disk cleanup. Here's how: Double-click the My Computer icon. Then right-click on the C: drive and select Properties. Click the Disk Cleanup button -- it's just to the right of the Capacity pie graph -- and delete all temporary files.

8.) In your Device Manager, double-click on the IDE ATA/ATAPI Controllers device, and ensure that DMA is enabled for each drive you have connected to the Primary and Secondary controller. Do this by double-clicking on Primary IDE Channel. Then click the Advanced Settings tab. Ensure the Transfer Mode is set to "DMA if available" for both Device 0 and Device 1. Then repeat this process with the Secondary IDE Channel.

9.) Upgrade the cabling. As hard-drive technology improves, the cabling requirements to achieve these performance boosts have become more stringent. Be sure to use 80-wire Ultra-133 cables on all of your IDE devices with the connectors properly assigned to the matching Master/Slave/Motherboard sockets. A single device must be at the end of the cable; connecting a single drive to the middle connector on a ribbon cable will cause signaling problems. With Ultra DMA hard drives, these signaling problems will prevent the drive from performing at its maximum potential. Also, because these cables inherently support "cable select," the location of each drive on the cable is important. For these reasons, the cable is designed so drive positioning is explicitly clear.

10.) Remove all spyware from the computer. Use free programs such as AdAware by Lavasoft or SpyBot Search & Destroy. Once these programs are installed, be sure to check for and download any updates before starting your search. Anything either program finds can be safely removed. Any free software that requires spyware to run will no longer function once the spyware portion has been removed; if your customer really wants the program even though it contains spyware, simply reinstall it. For more information on removing Spyware visit this Web Pro News page.

11.) Remove any unnecessary programs and/or items from Windows Startup routine using the MSCONFIG utility. Here's how: First, click Start, click Run, type MSCONFIG, and click OK. Click the StartUp tab, then uncheck any items you don't want to start when Windows starts. Unsure what some items are? Visit the WinTasks Process Library. It contains known system processes, applications, as well as spyware references and explanations. Or quickly identify them by searching for the filenames using Google or another Web search engine.

12.) Remove any unnecessary or unused programs from the Add/Remove Programs section of the Control Panel.

13.) Turn off any and all unnecessary animations, and disable active desktop. In fact, for optimal performance, turn off all animations. Windows XP offers many different settings in this area. Here's how to do it: First click on the System icon in the Control Panel. Next, click on the Advanced tab. Select the Settings button located under Performance. Feel free to play around with the options offered here, as nothing you can change will alter the reliability of the computer -- only its responsiveness.

14.) If your customer is an advanced user who is comfortable editing their registry, try some of the performance registry tweaks offered at Tweak XP.

15.) Visit Microsoft's Windows update site regularly, and download all updates labeled Critical. Download any optional updates at your discretion.

16.) Update the customer's anti-virus software on a weekly, even daily, basis. Make sure they have only one anti-virus software package installed. Mixing anti-virus software is a sure way to spell disaster for performance and reliability.

17.) Make sure the customer has fewer than 500 type fonts installed on their computer. The more fonts they have, the slower the system will become. While Windows XP handles fonts much more efficiently than did the previous versions of Windows, too many fonts -- that is, anything over 500 -- will noticeably tax the system.

18.) Do not partition the hard drive. Windows XP's NTFS file system runs more efficiently on one large partition. The data is no safer on a separate partition, and a reformat is never necessary to reinstall an operating system. The same excuses people offer for using partitions apply to using a folder instead. For example, instead of putting all your data on the D: drive, put it in a folder called "D drive." You'll achieve the same organizational benefits that a separate partition offers, but without the degradation in system performance. Also, your free space won't be limited by the size of the partition; instead, it will be limited by the size of the entire hard drive. This means you won't need to resize any partitions, ever. That task can be time-consuming and also can result in lost data.

19.) Check the system's RAM to ensure it is operating properly. I recommend using a free program called MemTest86. The download will make a bootable CD or diskette (your choice), which will run 10 extensive tests on the PC's memory automatically after you boot to the disk you created. Allow all tests to run until at least three passes of the 10 tests are completed. If the program encounters any errors, turn off and unplug the computer, remove a stick of memory (assuming you have more than one), and run the test again. Remember, bad memory cannot be repaired, but only replaced.

20.) If the PC has a CD or DVD recorder, check the drive manufacturer's Web site for updated firmware. In some cases you'll be able to upgrade the recorder to a faster speed. Best of all, it's free.

21.) Disable unnecessary services. Windows XP loads a lot of services that your customer most likely does not need. To determine which services you can disable for your client, visit the Black Viper site for Windows XP configurations.

22.) If you're sick of a single Windows Explorer window crashing and then taking the rest of your OS down with it, then follow this tip: open My Computer, click on Tools, then Folder Options. Now click on the View tab. Scroll down to "Launch folder windows in a separate process," and enable this option. You'll have to reboot your machine for this option to take effect.

23.) At least once a year, open the computer's cases and blow out all the dust and debris. While you're in there, check that all the fans are turning properly. Also inspect the motherboard capacitors for bulging or leaks. For more information on this leaking-capacitor phenomena, you can read numerous articles on my site.

I have used this steps numerous times and a noticeable performance boost is guaranteed. This was posted for some time already and this is worth sharing thanks to the one who originally post this.

...read more ⇒

Wednesday, June 17, 2009

Important Security Enhancements for your PC

1. Check Windows Update and Office Update regularly. It is also recommended to enable automatic update on Windows as it will offer patches and fixes to security flaws.

2. Make sure that your Windows firewall is enabled or install a personal firewall.

3. Install a free spyware blocker. A good free software you can try is spybot search and destroy.

4. Block pop-up spam messages in Windows NT, 2000, or XP by disabling the Windows Messenger service (this is unrelated to the instant messaging program). Open Control Panel | Administrative Tools | Services and you'll see Messenger. Right-click and go to Properties. Set Start-up Type to Disabled and press the Stop button.

5. Use strong passwords and change them periodically. Passwords should have at least seven characters; use letters and numbers and have at least one symbol.This will make it much harder for anyone to gain access to your accounts.

6. If you're using Outlook or Outlook Express, use the current version or one with the Outlook Security Update installed. The update and current versions patch numerous vulnerabilities.

7. Buy antivirus software and keep it up to date. If you're not willing to pay, try Grisoft AVG Free Edition or Avira antivir personal edition. See this post for more information on computer virus.

8. If you have a wireless network, turn on the security features: Use MAC filtering, turn off SSID broadcast, and even use WEP with the biggest key you can get.

9. Be skeptical of things on the Internet. Don't assume that e-mail "From:" a particular person is actually from that person until you have further reason to believe it's that person. Don't assume that an attachment is what it says it is. Don't give out your password to anyone, even if that person claims to be from "support." Be careful with scareware tactics.

...read more ⇒

Monday, June 15, 2009

Microsoft uses charity to boost IE downloads

Microsft has once reigned in the browser competition with 90% of the share until other browsers like Mozilla came along. Since then competition is much tighter and IE is on continuous decline having only 65.5% of its once 90% share. Clearly Microsoft will need to do something to recover from the fall. 

As a method to boost IE downloads and users, Microsoft launched "broswer for the better" website. This is a special website for downloading Internet Explorer 8 (IE version 8) for charity purposes. The site says that "for every download of Windows Internet Explorer 8, Microsoft will donate 8 meals to feeding america to help accelerate an end to hunger." The download is also free.

This move by Microsoft is aiming to boost awareness of their new IE browser. With the stripping of IE in Windows 7 in Europe, Microsoft is trying to make up for it by boosting IE users in America. To draw attention to the food donation program, Microsoft also staged events in San Francisco and New York.

...read more ⇒

Sunday, June 14, 2009

Browser Wars: No IE in Windows 7 for Europe

With the antitrust concern by European regulators, Microsoft will be stripping out Internet Explorer in their Windows 7 release in Europe. This is in-line with the concern that Microsoft is having an unfair advantage in their browser in integrating it with their Operating Systems. Microsoft said that it will be offering another version of Windows 7 in Europe with no IE. Pc manufacturers however can also add it back depending on their choice and Microsoft will also be providing a separate IE8 installation for free for users who want to install it. 

This action is also a surprise for Microsoft had been arguing before that IE is a part of their Operating System and it can't be easily stripped out. But competing browsers are not happy with it. This action is only for Europe and Microsoft already stated that it will not strip out IE in any other region. This action will only cover Windows 7 and not any previous Windows version. Aside from that, pc manufacturers also have the option to have IE in their release or not. With Microsoft resources, they can easily have a deal with manufacturers to include IE. Other browsers don't have the resources to do so except for Google. Competing browsers said that this will not restore true competition and users should be given the option to choose a browser the first time they access the Internet.

...read more ⇒

Thursday, June 11, 2009

More Mac Viruses?

Threats from malwares have been around for some time and it is already common to find new variants each day. It usually targets Windows Operating System (OS) but the tide is changing. The once thought very safe OS is getting more attacks from so called malwares.

The Operating System that caught the eye of attackers is Apple's Mac OS that is officially sold with Mac computers. Originally, Mac OS remained safe from malware threats as Windows was far more popular than Mac that time. But as many users turned to Mac, it is now also targeted by attacks usually by trojans. According to Sophos a security software vendor, the first Mac OS virus was detected on  February 2006. It was named OSX/Leap-A and propagated through ichat instant messaging system in sending itself to the victim's contacts. This virus caught the shock of Mac users and the notion of Mac as totally virus free OS is changed forever.

Since this discover, more and more viruses were found targeting Mac OS. Usually embedded from pirated software like the one found on iWorks 09 or the Photoshop CS4 which are all downloadable via torrents. A more recent attack however involves a worm that infects users through accessing a pornographic website. The malicious website asks the users to download a certain ActiveX component to view the videos but instead downloads a trojan dubbed as OSX/Jahlavc. This virus is not just for Mac but can also infect Windows PC as well. With more and more attacks for Mac, it is now clear that users must protect themselves as the threat is real. Antivirus and security vendors had already released versions for Mac.

...read more ⇒

Wednesday, June 10, 2009

Vmware exploit

Immunity, a penetration-testing company has disclosed a flaw in VMware - "a virtualization software for Windows, Linux and Mac OS X that runs different virtual Operating System (OS)" that enables one to hack and gain control of the hosts Operating System.

They use their penetration-testing tool Canvas 6.47 specifically the cloudburst module for the test attack. The vulnerablity they say is in the virtual-machine display of VMware that can be exploited by a maliciouse video file that when executed, grants access to an intruder to take oveer the hosts OS.

This vulnerability however is not found on all versions of VMware. The bug is only found on VMware Workstations 6.5.1 and earlier but affects all host including Linux OS. 

This is also not the first flaw found on VMware, as previous bug were also reported in 2007. A memory corruption vulnerability (CVE-2007-4496) and a bug in the shared folders implementation (CVE-2007-1744). All the vulnerabilities however is already patched including the latest flaw. An updated VMware system is no longer vulnerable but it is still critical in the sense that not all keeps their system updated.

...read more ⇒

Monday, June 8, 2009

Mozilla to come with a new twist

Mozilla Firefox is targeting to add more users in their 300 million strong with their customized browsers. This new feature will target the enterprise sector that will enable companies to customize their own mozilla firefox browsers with their own preferences.

Mike Beltzner, Director of Mozilla Corp said that this new customization program will be launched soon after the release of Mozilla Firefox 3.5 in late June. This new "Build your own browser program" is good to fit enterprises that wants to customize their company broswer and install it in mulitple corporate desktops. An example customization is the bookmarks which will enable companies to place their own pre-defined bookmarks of their websites or company portals. "Personas for firefox" which is available to firefox users for some time will also be integrated with this customization program that will enable companies to brand their browsers with their own design or logo. After the company has built their own browsers, it will then be sent to Mozilla that will generate the installer for them making it possible for multiple desktop installations. 

This move from Firefox is aiming to get a greater share in the enterprise market which is currently in the hands of Microsoft's Internet Explorer (IE). This will make Firefox compete with IE in this sector and in the long run, companies might switch to Firefox as the default browser. A beta version for the new Firefox 3.5 is also available for download here

...read more ⇒

Saturday, June 6, 2009

Are you "IN" for the tweet?

Twitter was created in 2006 by Jack Dorsey, it is a free social networking and micro-blogging service that enables its users to send and read other users' updates known as tweets. These tweets are text-based posts of up to 140 characters, displayed on the user's profile page and delivered to other users who have subscribed to them or better known as followers. Senders can restrict delivery to those in their circle of friends or, by default, allow anybody to access them. Users can send and receive tweets via the Twitter website, Short Message Service (SMS) or external applications.

Since then, twitter gained popularity in the social networking world and even made it's use in the media for quick tweets on the latest news. It even made its way to space as astronaut "Michael J. Massimino" tweeted updates on their Hubble repair mission. Many also thought it's a great way in staying connected with friends and family but some also complained of others tweeting so much that even eating breakfast or taking a bath is tweeted to friends.

A research was also done by Participatory marketing network (PMC) together with Pace University's Lubin School of Business regarding who uses twitter and why. Here are their findings:

-99% of consumers between ages 18 to 24 had at least one active profile in a social networking site
-22% of the said group used twitter
-Twitter is primarily used for: 85% following friends, 54% following celebrities, 29% follow family and 29% follow companies.

Another study conducted by Harvard School of Business revealed that out of a 300,000 twitter users, only 10% of those are active and are contributing to 90% of all the tweets. This concludes that even with its gaining popularity, microblogging is not fully embraced by the social networking society and the data proves that twitter is more of a broadcast medium than network of peers.
...read more ⇒

Microsoft patches vital security flaws

Attackers particularly attack Microsoft OS and its applications due to its popularity and security holes. But Microsoft is fighting back, Microsoft states that installing updates are important and will keep you from being hacked and infected with malwares. In line with this, Microsoft has announced that it will be releasing a mega update of 10 software patches this coming week and the updates would patch security holes in Windows and Microsoft applications namely Internet Explorer, Office, MS Word and MS Excel.

MS Office application has been targeted for attacks since April and since then, only one update has been offered by Microsoft for powerpoint. This update will also contain critical updates for Internet Explorer (IE) and is applicable to all supported Windows OS. It is stated that this update is very important especially in Windows Vista IE7 and IE8. An update for powerpoint in Mac is also underway to be released this coming week.

This update is important as it will reduce the ways hacker can attack but does not mean it will all be safe. One security expert in SANS ISC said that this update lacks a critical patch in Windows DirectX. Claiming that the bug in DirectX should be fixed soon as it can be used by hackers to gain entry and control of the system. The stated date for the release of the patch is on June 9. Windows and Mac (for powerpoint patch) users are adviced to install the update as soon as it is available.

As more softwares are developed, security flaws will also rise. Patching critical holes is an ongoing battle for Microsoft and hackers a like. It is a battle of who is going to find the flaws first and exploit it.

...read more ⇒

Thursday, June 4, 2009

Bing Hijack?

Microsoft's new search (decision) engine Bing, came live last Monday and is now having a 6% share of the search market. Many already tried the new search engine but few are not enthusiastic. There are few claiming that there browsers search address bar were hijacked by Bing and can't change it back to their preferences. The problem however is only found on IE6 (Internet explorer version 6) users. They claim that search on the browser is automatically directed to Bing instead of their set preferences. Many were outrageous that Microsoft intentionally place the bug to boost Bing's popularity. Microsoft however have published a statement that it is indeed a bug on IE6 and the it has already been fixed. They apologized for the trouble but stressed out to users of IE6 to upgrade to the latest version which is the IE8.

Internet Explorer version 6 is an old browser, over 8 years since its release. It was released in 2001 just before the release of Windows XP. But even with its age, it still has a considerable amount of users. Statcounter claimed that IE6 is accounted for 21.6% of users in the last month. With this, Microsoft is urging the upgrade to the newer version to avoid inconveniences like the Bing bug.

For those looking for a fix please see this post.

...read more ⇒

Wednesday, June 3, 2009

Attack on web sites continue

After the gumblar attack last month, another string of web attack continues as 40,000+ web site got hacked and is now part of a large network that redirects users to a site with malicous software. A web security expert said that the attack on web sites is probably done through SQL injection in which makes use of imporperly configured web applications to accept malicious data and get hacked. It could also be possible that the FTP credentials of those sites got stolen as what happened in the previous Gumblar attack. With this magnitude, the attackers is most probably deploying an automated tool to determine vulnerable web sites.

These compromised websites  hosts a malicous script that redirects user to a fake google analytics web site that tests out the vulnerability of the users browser. If no vulnerability is found it is then redirected again to another bogus website that employs "scareware tactics". Prompting the user to download a fake free security software probably an antivirus which contains trojans and other malicous code that infects the user's PC.

To deter such attacks, it is very important to update your Windows, your internet browser and the plug-ins installed. Web applications that are commonly used for attack are java, javascript and adobe. Make sure that you regularly update these components as they get patched when security issues are found. Another important things is to spot scareware applications and not to be fooled by them. More information on scareware can be found on this post.  

...read more ⇒

Tuesday, June 2, 2009

Anonymous Proxy

"Client - server" is the most common model of exchanging information in the Internet. A client sends a request (request for files) and a server sends a reply (required files). For full support and understanding between a client and a server the client sends additional information about itself: a version and a name of an operating system, configuration of a browser and etc. This information can be necessary for the server in order to know which web-page should be given to the client as some browsers may not be compatible with the web-page's design or technologies used. However, as long as web-pages do not usually depend on browsers, it makes sense to hide this information from the web-server.

What your browser transmits to a web-server:

Name and version of the operating system
Name and version of the browser
browser configuration (display resolution, color depth, plug-ins, javascript support, adobe, etc)
IP-address of the client
Other information

The most important part of such information is information about the IP-address. Using your IP it is possible to know about you the following:
a country where you are from
a city
your provider
your physical address


Anonymity at work in Internet is determined by what environment variables are "hidden" from a web-server.

If a proxy server is not used, then environment variables look in the following way:

HTTP_VIA = not determined
HTTP_X_FORWARDED_FOR = not determined

According to how environment variables is "hidden" by proxy servers, there are several types of proxies

1. Transparent Proxies

They do not hide information about your IP address:

HTTP_VIA = proxy IP

The function of such proxy servers is not the improvement of your anonymity in Internet. Their purpose is information cashing, organization of joint access to Internet of several computers, etc.

2. Anonymous Proxies

All proxy servers, that hide a client's IP address in any way are called anonymous proxies

3. Simple Anonymous Proxies

These proxy servers do not hide a fact that a proxy is used, however they replace your IP with its own:
HTTP_VIA = proxy IP

These proxies are the most widespread among other anonymous proxy servers.

4. Distorting Proxies

As well as simple anonymous proxy servers these proxies do not hide the fact that a proxy server is used. However a clients IP address (your IP address) is replaced with another IP:

HTTP_VIA = proxy IP
HTTP_X_FORWARDED_FOR = random IP address

5. High Anonymity Proxies

These proxy servers are also called "high anonymity proxy". In contrast to other types of anonymity proxy servers they hide a fact of using a proxy:

HTTP_VIA = not determined
HTTP_X_FORWARDED_FOR = not determined

That means that values of variables are the same as if proxy is not used, with the exception of one very important thing which is a proxy IP is used instead of your IP address.

...read more ⇒

Monday, June 1, 2009

Why is my internet connection slow?

In our internet connection, we use different mediums or cable types. The most common is the cat5 UTP cable which we commonly use in our PC's for DSL or broadband connections. Cat 5 can have 10mbps (megabit/second) to 1Gbps (gigabit/second) speed depending on the ethernet type used. These are the carrying capacity of the medium or cable but bandwidth largely depends on your provider or ISP (Internet Service Provider). ISP often offers different subscription plans for example a 1 mbps subscription or 2 mbps. Our often question is why is my internet much slower than it shoud be?To answer that question we'll have to discuss "Bandwidth", "Throughput" and "Goodput".
  • Bandwidth - Is considered as the theoritical speed. It is the capacity of a medium to carry data in a given amount of time. The standard measure of bandwidth is in bps or bits per second. As technologies have improved, bandwidth is more commonly associated with kbps or kilobits per second or mbps or megabit per second.
  • Throughput - Is the actual transfer rate of data over the medium in a period of time. Bandwidth is the capacity for moving data, but attaining that capacity is rare because of factors such as interference and errors. Many factors influence throughput, including: the amount of traffic, the type of traffic, and the number of network devices encountered in transmission.
  • Goodput - Is the transfer rate of actual usable data bits. Goodput is the data throughput less the protocol overhead bits, error corrections, and retransmission requests. The difference between between goodput and throughput can vary greatly depending on the quality of network connections and devices.

So having a bandwidth of 1 mbps is just theoritical, with interference in the cables and errors in collision, it is rarely attained. What we must be looking for is the Goodput which is the actual speed. If you are browsing a webpage for example, you are sending a request to the webserver hosting the webpage. The request and reply comes with an address so that it can find its way to your computer, it also has some error control so that a part of it is missing can be retransmitted. Goodput is minus all of this termed as "overhead". Goodput is the actual data itself or in our example, the actual webpage. If your wondering why your 2 mbps is as slow as 256 kbps then this may be the answer. It depends greatly on the quality your ISP deployed its network. If it is poorly managed and configured, most of your bandwidth may be consumed by errors.

...read more ⇒