Dear Friends, Visitors and  Guests,

Yep, I have packed up the ol’ chuckwagon, and headed on down that dusty information superhighway to my new digs right here:

http://MyPCSecurityBlog.com

Please drop by and visit me in my new home, for the latest computer security news, alerts and fixes.  Leave a comment or three, if you like.

Happy (and safe!) surfing,

Syd

Here is a quick list for safe surfing on the Internet.  If you exchange sensitive information with your bank, broker, PayPal, eBay, utility company, government office, etc., please read this.  You can easily print it if you like.

I assume you have anti-virus and anti-spyware programs and a firewall, at least, and that everything is up to date including Windows.

1. Before sending confidential info, click on the little gold padlock on the upper or lower part of your screen and check the site’s security certificate.  If it is out of date, or says Unknown or Self-issued, that means trouble.  You could be on a phony site.

2. Even if the certificate is OK, make sure the inner pages on the site are also secure, and begin with https://…  although this is not foolproof.

3. Never allow your browser or a web site to remember your user name or password.  Never send your Social Insurance/Security Number or birth date to a site unless you are sure it is secure.

4. Avoid public computers, or anyone else’s computer, to exchange confidential data.

5. When you are done, log out properly.  Do not just minimize or close the page.

6. In Internet Explorer, click Tools, Internet Options, General tab.  Delete your Cookies, Temporary Internet Files and clear the History.

7. If you are on a wireless network, make sure you are using WPA or WPA2, not the older insecure WEP.  Do not use the default settings your router came with.  These usually provide little or no security.

For more on setting up wireless security for your home, click here:  http://mypcsecurityblog.com/?p=47

8. Check your statements or paperwork as soon as it arrives.  Report discrepancies promptly to the company.

Syd Tash is a noted computer security consultant and author of How to Protect Your Computer Online.  He has been keeping Internet surfers safe and secure since the last century.  Find out how he does it; protect your own computer with five layers of protection right here:  => http://mypcsecuritysite.com/

You may include these Tips in your web sites and publications provided they remain unchanged and include the above paragraph, with the author’s name and web site.

One of the annoyances of the computer age is receiving a file from a friend or co-worker, and not being able to open it because you do not have the correct program on your PC.  Well, fear not.

Here is a free site you can go to, which will convert your file into a wide variety of other formats:  http://youconvertit.com/

Click one of the five selections.  You can even convert measurements from one format to another (click Units).

Here is how it works.  You enter your email address, and browse your hard drive to the file you want to convert.  Find the format you want to convert to, and click Convert.

You will soon get an email with a link to a site where you can download your brand spanking new converted file.

Syd Tash is a noted computer security consultant and author of How to Protect Your Computer Online.  He has been keeping Internet surfers safe and secure since the last century.  Find out how he does it; protect your own computer with five layers of protection right here:  => http://mypcsecuritysite.com/

You may include these Tips in your web sites and publications provided they remain unchanged and include the above paragraph, with the author’s name and web site.

Boy, time flies when you are having fun, right?  Nov. 13, 2007 is Patch Tuesday from Microsoft again.  It promises to be a relatively quiet day this time, probably with only two updates.

One will be a critical update for Windows, while the other less serious fix is rated “important”.

One of the fixes is believed to address the antipiracy function in Windows, that has been causing annoying problems for a long time.  The bug is in a driver written by Macrovision, and affects Windows XP, Server 2003 but not Vista.

There have been attacks that exploit this flaw.  If you are surfing the Net with a Limited Account (good idea!) an attacker could raise his privileges on your PC.  

He could gain access to your files and info, essentially as if he had an Administrator Account.

Make yourself a note to update Windows on Tuesday.  Or watch that it updates itself automatically.  To see your Update settings in XP, click Start, Control Panel, System, Automatic Updates.

Syd Tash is a noted computer security consultant and author of How to Protect Your Computer Online.  He has been keeping Internet surfers safe and secure since the last century.  Find out how he does it; protect your own computer with five layers of protection right here:  => http://mypcsecuritysite.com/

You may include these Tips in your web sites and publications provided they remain unchanged and include the above paragraph, with the author’s name and web site.

Yep, the Christmas season will soon be upon us, and as expected, the spam blasts have started. 

You will probably get sad tales of woe filling your inbox, which then beg shamelessly for cash.  Or they may be a little more subtle, and ask you to reply.

These recent emails seem to be better written and more realistic than your usual garden variety scam.  They do not use high-tech tricks much.

Instead they rely on social engineering, which just means tugging (hard) on your heartstrings to convince you to click on a link, send money, or reply.

People are more disposed to open their hearts and their wallets at this time of year.  But be on guard.  The first is good, but you had better keep a firm grip on the second.

The Nigerian and similar scams are still going strong, where the crooks bluntly ask for money.

Use common sense on the web, and keep reading these Tips.  In fact, if you would like to receive the most important and urgent of these Tips every week, right in your inbox, click here and click Send in your email program.

You will get an email to confirm your address.  Click on the link inside, and you are all set.  You can unsubscribe anytime.

Syd Tash is a noted computer security consultant and author of How to Protect Your Computer Online.  He has been keeping Internet surfers safe and secure since the last century.  Find out how he does it; protect your own computer with five layers of protection right here:  => http://mypcsecuritysite.com/

You may include these Tips in your web sites and publications provided they remain unchanged and include the above paragraph, with the author’s name and web site.

AbsolutePoker.com is a leading Internet poker site based in Costa Rica.  Recently, an employee of the company hacked the system so that he could see his oponents’ hole cards in a high-stakes, no-limit game of Texas hold ‘em.

The hacker’s illegitimate winnings are estimated at up to $700,000.  But none of the ill-gotten cash was actually withdrawn from his account.

The company acknowledged the security breach, and claimed it has now plugged it.  It is also working on fixing its internal communications, so that these scams do not escape its notice in the future. 

It also promised to refund all money to the victims of the scheme.

So why and how did the employee do it?  Apparently he wanted to prove it could be done, and that management was wrong to assume the system was secure.  He seems to have used an internal AbsolutePoker account created during the testing or beta phase.

When these allegations first surfaced the company denied any cheating occurred, and even claimed it was impossible.  When confronted with clear evidence from complaining victims and independent experts, the company changed its tune.

AbsolutePoker is owned by members of the Kahnawake Mohawk tribe in Quebec, Canada.  If you play poker or bet online, take note.

 Syd Tash is a noted computer security consultant and author of How to Protect Your Computer Online.  He has been keeping Internet surfers safe and secure since the last century.  Find out how he does it; protect your own computer with five layers of protection right here:  => http://MyPCSecuritySite.com

 You may include these Tips in your web sites and publications provided they remain unchanged and include the above paragraph, with the author’s name and web site.

Apple has patched a bunch of bugs in QuickTime, updating it to version 7.3 for Windows and Macs.  Most of the bugs can be considered critical, except that Apple does not rate the flaws. 

However, some of the bugs could be exploited for “arbitrary code execution”, as Apple calls it.  This simply means that an attacker could run his own program on your PC, or in other words hijack your computer and take control of it.

QuickTime has been repeatedly patched against Java flaws.  Rather than patch it yet again, Apple has restricted QuickTime for Java in most cases.  QuickTime will no longer be accessible to untrusted Java code.

To update QuickTime, launch it and click Help, Update Existing Software.

iTunes was also updated to version 7.5, fixing performance and stability bugs.  To update both iTunes and QuickTime at once, launch iTunes and click Help, Check for Updates.

Syd Tash is a noted computer security consultant and author of How to Protect Your Computer Online.  He has been keeping Internet surfers safe and secure since the last century.  Find out how he does it; protect your own computer with five layers of protection right here:  => http://mypcsecuritysite.com/

You may include these Tips in your web sites and publications provided they remain unchanged and include the above paragraph, with the author’s name and web site.

Mozilla has released yet another update to its open-source Firefox browser.  This update fixes bugs caused by earlier updates, including crash at startup, poor rendering of web pages and non-functioning extensions.

Mozilla calls this a stability fix, and says it does not address security issues.

There are several more fixes on the way for the Apple version.  These will patch some flaws in the new Leopard release of the OS X  operating system.  No word yet on when that will be ready.

You should update to Firefox version 2.0.0.9 now.  Launch the browser and click Help, Check for Updates.

Syd Tash is a noted computer security consultant and author of How to Protect Your Computer Online.  He has been keeping Internet surfers safe and secure since the last century.  Find out how he does it; protect your own computer with five layers of protection right here:  => http://mypcsecuritysite.com/

You may include these Tips in your web sites and publications provided they remain unchanged and include the above paragraph, with the author’s name and web site.

 A British security company recently surveyed 300,000 PCs and found that about 16%, or one in six, had some active spyware or malware installed.

This could include keyloggers, which record your every keystroke, and other programs that look for passwords and credit card numbers. 

Worst of all, perhaps, it could also include fake antispyware software, leading users to think they are protected when in fact they are in more danger.

These types of malware programs are hitting the Internet at a rate of up to 10,000 a day, says the company.

Of those 300,000 computers checked, some, incredibly, had no security programs at all.  Naturally, they had much higher rates of infection than other PCs that were partially or fully protected.

About 60% of businesses that scan their computers for malware, find at least one infected machine on their premises.

Keep all your security software up to date, and run your scans on a regular schedule.  Use common sense, do not open spam, and you will be fine.

Syd Tash is a noted computer security consultant and author of How to Protect Your Computer Online.  He has been keeping Internet surfers safe and secure since the last century.  Find out how he does it; protect your own computer with five layers of protection right here:  => http://mypcsecuritysite.com/

You may include these Tips in your web sites and publications provided they remain unchanged and include the above paragraph, with the author’s name and web site.

If you live in the U.S., Google has a service that might interest you.  Or, on the other hand, it might annoy you.

Type your or any phone number into the search bar and hit enter.  You will get the person’s name and address.  Then click on the “Map” link, and you will be taken to Google Maps or MapQuest. 

There you will find a map of the person’s house and surrounding area.  In other words, Google is now a big reverse phone book, complete with directions to the owner’s phone.

If you have kids, this is bad news.  Your child just has to let drop his or her phone number, and someone can quickly find where he lives.

The good news is, you can stop Google from spilling the beans on you.  In the search results, click on your phone number.  Click on the link to request removal.

If you have an unlisted number or cellphone, these may not be listed.  At the moment, it appears only American numbers are listed in Google.

Syd Tash is a noted computer security consultant and author of How to Protect Your Computer Online.  He has been keeping Internet surfers safe and secure since the last century.  Find out how he does it; protect your own computer with five layers of protection right here:  => http://mypcsecuritysite.com/

You may include these Tips in your web sites and publications provided they remain unchanged and include the above paragraph, with the author’s name and web site.