Who knew that there were so many ways to threaten the security of your DNS? Find out all of the scary details about these attacks and what you can do to prevent them.
Today I’m announcing the second winner of my giveaway for a one-year license to the 2013 edition of VIPRE Internet Security. I already gave away a license to a lucky LockerGnome reader who had commented to my initial post about the Internet security software, announcing the winner in Tuesday’s followup post. Before I announce the winner, I want to let you know why I now believe this solution to be the best anti-virus for Windows PCs.
Is Your Windows PC Well-Protected?
Viruses, malware, spam: these are the bane of all computer users, especially those who use Windows. The reason is obvious: Windows is the most-used operating system, and that makes it a popular target for programmers who enjoy messing with other people’s lives. I’ll admit, there have been times when I’ve wished I had the programming chops to work up a script that would wreak havoc on somebody else’s system. Vengeful thoughts such as these entered my mind more often when I was younger and more sensitive to the character assassinations some trolls directed at me. I’m older now, I have a thicker skin, and I’m more experienced — and I now understand just how devastating viruses can be. Having your home system infected or your Web server attacked due to the efforts of a script kiddie is not simply a nuisance, but it can seriously have an impact on a person’s livelihood.
Not all script kiddies are bad, and some of them grow up to be skilled practitioners at the craft of programming. Many of the more skilled programmers among them even join the ranks of the computer security elite. That is, they decide at some point that it’s far more interesting to employ their knowledge of how to exploit a system’s vulnerabilities to the benefit, rather than to the detriment, of humankind. Sure, it’s fun to hack things — many in my mastermind group are intensely curious about how things work, and benevolent hacking is one of the many topics that come up within the community. Simple workarounds in order to enable a program to run on a system it wasn’t explicitly intended to run on can be rightfully referred to as hacks.
Scripts designed to take down systems, however, can not only cost a person both time and money, but they can literally destroy lives. I’m not joking around here. Imagine a new pet owner who has heard that certain foods regularly consumed by people have the potential to injure or even kill pets. Imagine this pet owner comes home from work to find the box of chocolates left on the coffee table empty. A few moments later, this person finds their pet, a lovely little dog, curled up in a ball in its favorite hiding spot, his tiny body shaking and clearly in distress. This pet owner fires up his nearest computer, opens up his browser, and heads to his veterinarian’s website in order to discover its emergency phone number, only to find that the website has been attacked and brought down by malicious hackers. So now this pet owner must race to find another solution, searching the Web or jumping in his car (if he owns one) to race his dog to the vet in the hopes that he’ll be able to save his dog’s life.
Am I being overly dramatic? Does this seem like a far-fetched scenario to you? Believe me, hacktivists (hacker activists) have engaged in malicious attacks on the websites of whichever businesses, large or small, they’ve determined they don’t like. Some of the sites they’ve compromised have resulted in problems for thousands of people — hundreds of thousands (and in the case of larger businesses, maybe millions) — who daily rely on the resources these sites have to offer. So it shouldn’t seem a stretch to believe that some disgruntled former employee of a veterinarian’s office with some minor scripting skills would be able to bring down the business’ website. It is essential for consumers, many of them small business owners running one version of Windows or another, to have the best protection available for their system(s).
How is VIPRE the Best Anti-Virus for Windows Computers?
The most competitive factor among anti-virus applications is the ability to keep the latest malicious software from infecting computers. It’s true that developers of computer security programs have to make a product that provides a great user experience and performs well (in this case, by “performing well” I mean that it doesn’t noticeably impact the other activities you’re doing with your computer, such as ripping a CD or compressing a batch of images into a zipped file you can more easily send to a client via email or Dropbox). But the most well-designed Internet security app isn’t worth a hill of beans (where did that saying come from, I wonder?) if it doesn’t actively track and catch the very latest malware that has been released into the wild by some unscrupulous scripter. So how do you know which program is currently the best at catching malware? By checking the results of independent organizations such as AV-Comparatives and AV-TEST, both institutions that test and compare various software, including security software and its nemesis, malware.
Here is your evidence, then, that VIPRE Internet Security is the best anti-virus for Windows computers. According to AV-Comparatives, the application beats out the competition in important categories, including the detection of actively running widespread malware and the detection of a representative set of malware discovered in the last two or three months. What this indicates is that the utility is on top of malware threats — which isn’t an easy feat. Google reports discovering thousands of new unsafe sites every day. Many of these sites aren’t even intended to be unsafe; they are sites that have been compromised and now represent a threat to visitors. For VIPRE to be able to stay on top of the malware threat speaks volumes about its utility.
Hmm… After trying different Linux distros (Ubuntu, Xubuntu, and Fedora) and after fixing many driver issues, I returned to Windows 7 because of college (compatibility and all…). So with this really compelling offer, I would like to use VIPRE Internet Security 2013.
Zlate Jovanov left that comment to my computer security post a week ago, and is the recipient of one-year license to use VIPRE Internet Security 2013. Congratulations, Zlate!
Test out VIPRE for yourself and let me know what you think!
Last week I installed a better Internet security application than I’d been using on my Windows test system.
As I described at the time, VIPRE Internet Security 2013’s installation process was clear and simple, and my first test of the software’s functionality returned improved results over a competing solution I’d installed prior to testing. I mentioned that I’d be reporting my experience with the computer security program after testing it further. Now that’s I’ve been using VIPRE for a week, here are my findings.
Computer Security That Doesn’t Slow Down My Computer
As I mentioned last week, many anti-virus solutions are notorious for slowing down PCs. This is mainly because much of the computer security software developers feel the need to add what many would say unnecessary features to their software. More features usually results in more resources being used up by the application, in some cases slowing your computer to a crawl. Why do vendors feel the need to continuously add features? Because they want to continue to selling new versions of their software, and they recognize (incorrectly, in some cases) that consumers tend to see the latest versions of an application as somehow improved over prior versions. It’s often necessary to release a new version of software every year or so due to various circumstances.
The introduction of Windows 8, for example, has required many developers to make some major interface changes to their programs so that the software will fit both aesthetically and functionally into the new operating system’s Metro UI. Consumers expect these types of alterations, and most often their pleased when the look and feel of an application matches the look and feel of the OS they’re working with every day. Yet on occasion, developers seem to pay more attention to the overall impression their apps deliver at the cost of functionality.
In the case of VIPRE, GFI Software (the developers of the VIPRE line of computer security software) seems to have focused on delivering the best functionality it can to consumers. And in doing this, it turned out a program that is as efficient in appearance as it is in executing its tasks. As I mentioned last week, the software is simple and elegant in appearance. More important, the interface is intuitive — it took me no time at all to dive right in and run a deep scan of my system (which was completed in record time, compared to another app I used).
Over the course of the past week I used my PC more actively than I have in quite some time. I’ve installed a number of new applications, visited some well-known “malicious” websites that have tried to infect my computer through my browser, and VIPRE has caught every instance of a threat to my PC. I’ve played some fairly resource-intensive games on my computer and performed some tasks that I know require some heavy lifting (such as multimedia production). I’m pleased to report that I’ve experienced no noticeable performance hits to my system. Apparently, the programmers at GFI know how to build computer security software that won’t slow down your computer.
VIPRE Includes Enterprise-Level Computer Security Features
One thing I failed to mention in my review last week was a feature I hadn’t known about at the time. VIPRE provides automatic application patching, a feature usually only found in enterprise-level computer security solutions. This is an extremely useful feature to have, since many computer users (even the most cautious and tech-savvy, such as myself) tend to put off installing the latest patches (security fixes) because we’re so wrapped up in other tasks (such as testing out new software).
Though I have my Windows PCs set to automatically download and install the latest patches as soon as they become available, writers of viruses and scripts (programs) take advantage of exploits they find in other popular applications computer users are likely to have installed on their systems. By building in automatic updating of many of the most popular applications VIPRE detects you have installed on your system, GTI Software stands out from the pack of consumer-level anti-virus applications. The program also reminds you to update your software to their latest versions if you haven’t already done so. This proactive approach is comforting, to say the least.
Most consumers have to pay a hefty expense for enterprise-level anti-virus suites in order to take advantage of this feature (and without this feature, many consumers end up paying a hefty expense when their systems become infected because they forgot to update their applications).
Computer Security That Comes at a Fair Price
Another thing that I failed to mention last week is the price of the computer security software. One license of VIPRE Internet Security 2013 will set you back $49.99. This is a fair price for everything the program has to offer, but check this out: a license to install the application on up to 10 different PCs costs only $20 more. Now that’s what I call a deal. Many of us have more than one computer system at our disposal, and being able to have all of them protected as thoroughly as this software does for $69.99 is basically unbeatable.
You can even purchase lifetime protection for $299.99, which may sound like a pretty penny if you’re only using two computers, but the cost of losing data due to an infection would cost far more than $300 for most users who rely on their computers. We’re giving away a free 1-year license to VIPRE Internet Security 2013 to a random reader who posts a comment stating why they would use VIPRE as opposed to using nothing at all. So get in on the giveaway and post your comments — you can’t win if you don’t play!
Is location-based social media an incredibly innovative technology that will garner relationships and bring them to the real world, or a creepy way to help evildoers find out where you are, or where you aren’t? One thing is for sure, this new trend is big business and a lot of money is being thrown at companies that are at the forefront.
SchneiderMike knows a thing or two about this latest trend and where it may be headed. In this interview we cover topics including the hype behind Color, security, and the future of location-based social networking.
Tech Interruption is dedicated to arguing about the tech issues of today and trying to predict the future. They have had some pretty serious heavy-hitting guests on their show in the past and tend to focus on what’s hot at any moment in time – which is why they’re so focused on location-based technology right now.
Mike and I were laughing that BlogWorld was happening in the same building at the same time as a book expo. It’s confusing, eh? Who reads books? Mike quickly jumped in to tell me about a recent conversation with his publisher. He would love to see more communication between readers while they are reading. He’d love to see people put notes and treat it more like a community while reading something on your device of choice. I’m surprised someone like Amazon hasn’t thought of this yet.
There’s a group trying to take textbooks to this level – at least on the iPad – but I don’t know about regular old novels. Anyone can publish and sell a book and anyone can read one. There’s just no glue to hold everyone together. There needs to be something ridiculously awesome in order to pull people together in this way.
So how could location-based services be used around books? It might be interesting to see where people are that are reading the same thing you are. It’s hard to peg down what people want to see and know about others, which is why we’re not seeing anything much in the way of “fast” innovation in this area.
People are giving out so much information about themselves. They throw it out there without realizing the possible ramifications. You have to be completely serious and conscious about who you’re pushing your location to online. The most important thing is you – your family, your life and your safety. Before giving out your location to anyone, ask yourself if it is something you need to do and check to see who it’s going out to. What are they going to do with this information? Is it going to bring any value to yourself or others?
Be sure to check out what Mike and the rest of the Tech Interruption team are up to. They’ve got some fantastic work ethics and a lot of passion.
Apple was silent for far too long on the matter of the Mac Defender Malware, a Rogue anti-virus application like those seen on Windows machines for the past few years. This type of malware tricks users into thinking they are protecting their computer by displaying false “infection” messages and offering a fix in exchange for money. There have been thousands of reports by irate OS X customers in recent weeks. Many of the people who called Apple support were referred vaguely to the forums for help. It was almost as if Apple didn’t want to have to acknowledge that they are not invulnerable after all.
Late on Tuesday, the Cupertino company finally released a support article which explains how to eradicate this nasty piece of so-called software. The article begins by admitting that a recent scam has targeted their fans by “redirecting them from legitimate websites to fake websites which tell them that their computer is infected with a virus. The user is then offered Mac Defender “anti-virus” software to solve the issue.” The rest of the piece gives detailed instructions on ridding yourself of this pesky problem.
Within the next few days, Apple promises to release an update to OS X which will automagically find and remove Mac Defender and all of its known variants. The update should also help protect users by giving warnings if they download the malware. The problem, as Windows users and security experts know, is that these malware writers pump out newer versions very quickly… which take a while to detect and fix.
Rogue anti-virus programs are quite the lucrative business. According to McAfee, the number of these types of programs has increased by nearly 400% since 2009, causing computer users a loss of about $300 million. I don’t really care if you’re a Mac or Windows fanatic. If something pops up on your screen that you haven’t already installed yourself and then claims you are infected… click NOTHING. Don’t be fooled into downloading or buying anything. Look for a fix immediately, and follow the recommended guidelines. One of the most reputable sites out there which is FULL of guides of this sort is Bleeping Computer. If you have trouble fixing the machine up yourself, their free forums are full of security experts who will gladly help you – for nothing more than your thanks.
Newsflash: your Apple machine actually can become infected. Wait, what? You didn’t already know that? Seriously? I’ve been telling you for years that it’s possible. Other writers have attempted to educate you. Your Mac is not a steel wall against malware, people. It’s always been possible for an Apple computer to be infested with some type of malware – it just hasn’t happened very often.
Photo credit to Precise Security.
We can argue until we’re blue in the face about the reasons why we haven’t seen much malware aimed at the Mac. Apple lovers will of course tell you that it’s nearly impossible for their precious machines to fall prey to hackers and script kiddies. Security experts will teach you that the reason is as simple as a popularity contest. Until recently, Microsoft computers were much more prevalent. It didn’t pay to expend time and energy writing malicious code for a Mac. Windows was everywhere – malware was written for the masses.
Many of us have said repeatedly that as Apple gained in popularity among consumers, so would malware written specifically for the operating system. While it still obviously isn’t as much of an issue as it is on the Microsoft platform… it IS out there, and it is growing. A quick glance through the Apple forums will show you several new cases every day of people begging for help removing the latest threat: a Rogue software known as “Mac Defender.”
Apple fanboys and security researchers are going to argue for weeks. Many will tell you that you still have nothing to worry about and you don’t need to protect your Mac with any type of anti-malware/virus/spam software. They’ll try to convince you to continue feeling all warm and fuzzy. You’re supposed to keep believing that your machine isn’t susceptible unless you use it in a stupid way. After all, smart computer users could never get infected, right?
I’m here to tell you that it’s better to be safe than sorry. Weigh your options and take a good look at the possibility that something could happen. Isn’t your information worth protecting? Resign yourself to the fact that malware is indeed “out there” which could infect your Mac and educate yourself as to how to stay safe.
Let me guess: you happen to think you’re pretty secure when you are online. After all, you use secure passwords! You didn’t subscribe to the Playstation Network. You are pretty smug, aren’t you? I have some news for you, though: even geeks and smart people can have their information stolen, and it’s easier than you think. Even the most seemingly innocent websites can contain malware or be capable of taking your information and using it for nefarious purposes. Heck, you might even get into hot water simply by trying to figure out what type of Royal you might be.
On Friday, women the world over lived out their fantasy by watching the Royal wedding. HRH William married his long-time sweetheart, Kate, in what was said to be a ceremony full of beauty… you know, the stuff fairy tales are made of. I actually know some pretty smart women – and even they were entranced by what unfolded at Westminster Abbey. With their heads in the clouds, they were only too happy to attempt to figure out what their Royal name might be. They chose one of those “OMG GET YOUR ROYAL NAME HERE!” random generator sites and happily Tweeted their results.
The problem is that this can actually compromise your security, ladies. The same holds true with the sites which I’ve seen men use to figure out their Star Wars name, their ideal woman’s name and yeah… you’re seeing a pattern here, right? Sites such as these tend to pair part of your real first name with things such as your pet’s name, your hometown’s name and more. Think about it a moment…
What types of “security” questions are you asked to answer when you choose a password for a new website? Yup! You give your pet’s name, your city’s name and even the name of your high school mascot. OMG! Those same things were just entered into that silly site – along with your actual moniker. Ding ding ding! Any criminal who hacks said website – or who set up the game solely for this information mining to begin with – has access to your security answers.
Do yourself a favor, friends. Think twice before you answer questions on ANY website which seem harmless. Ask yourself if the answers could possibly have been used elsewhere, especially for security purposes. Compromising your information is so much easier than you realize it is. Your Royal name isn’t worth that, I promise.
Ivan Kaspersky, son of a Russian software giant, has been missing since April 19th. It is believed that the young man was abducted. Security powerhouse Eugene Kaspersky, the CEO and co-founder of antivirus company Kaspersky Lab, has asked only that the media stop spreading rumors and speculation. Nothing official has come forth from the Kaspersky camp, despite claims from local law enforcement that the allegation is true. There has reportedly even been a ransom demand to the tune of $4.3 million.
Many blogs are claiming that a kidnapping is par for the course within any big business in that country. Could that really be what motivated the people behind this?
Malware writers infect your machines and muck up your day for one reason: to make money. We’re talking about mass quantities of green, people. The little script kiddies you find writing simple botnets for IRC are in it for kicks. REAL malware makers are out to make cold, hard cash. It’s a multi-million dollar business – and one that unfortunately won’t disappear any time soon.
Let’s imagine for a moment what else the alleged kidnappers could ask for – other than cash – in exchange for young Ivan’s safe return. How much do you suppose Kaspersky’s technologies and databases are worth to those with nefarious things on their minds? I’m quite sure they are worth far more than four million smackers… especially to criminals who have no regard for the rest of us. It’s more than possible that these people would much rather get their hands on information than money.
It’s true that kidnapping for ransom is on the rise in Russia. People are being targeted for their fortunes instead of the type of business they are in. We are hopeful that this is nothing more than a case of a young kid taking some time for himself without letting family members know. If it turns out to be true, we further hope that it is directly related only to the fact that the senior Kaspersky has amassed a fortune in his lifetime and not to the type of work he does.
We will be following this story as the details unfold. Our thoughts and support go out to the Kaspersky family during this time of uncertainty.
Using Apple’s FaceTime, you can chat with someone in another part of your house or a person on the other side of the world. It’s simple to use your iPod touch, iPhone or iPad as a webcam when using this built-in feature. You’ll need to create an Apple account for each computer you want to connect with and let other users know which one they should use to chat with you. There are also a number of other ways you can use FaceTime – which don’t necessarily involve other people.
I was expecting a package recently and was afraid I might not hear the doorbell. I’ve been looking forward to this delivery for a while and couldn’t spare the time to sit next to the front door waiting for mister deliveryman. Instead, I connected my iPod touch to FaceTime with a computer up in my home office. The iPod was pointed out the front window so that I could easily monitor everything going on outside the door without leaving my desk or interrupting my work flow.
This will also work when you want to keep an eye on your home while you are away, of course. You’ll need to set up your Mac to automatically accept incoming FaceTime calls in order to do this.
With this script enabled, you can call yourself from your iPhone or iPod touch and the Mac will automagically pick up the call. When you disconnect, the script will close FaceTime and continue to watch for a new call. Once you get home, you can quit the app to keep FaceTime from answering everything that comes in. This lets you quickly check up on anyone – or anything – in your home while you’re out and about. I like to use it to make sure Wicket isn’t surfing those bad doggie sites.
What other uses can you think of for Apple’s FaceTime?
UPDATE! – Earlier today, Samsung reported that this fiasco was nothing more than a case of mis-identification on the part of VIPRE. Apparently, VIPRE can be fooled by Microsoft’s Live Application multi-language supporter. This doesn’t explain why a supervisor with Samsung originally stated that a keylogger was intentionally placed on the machines in order to monitor what customers are doing with the machines. We will continue to monitor this situation and update again if any new information becomes available.
Here we go again, folks. Mohamed Hassan recently purchased a new Samsung R525 laptop. Like any geek worth his (or her) salt, he ran a full system scan with his favorite antivirus product prior to using it for the first time. Much to his surprise, he found a commercial-grade keylogger within seconds. The name of this nasty little program is StarLogger – and Samsung has admitted it was placed there on purpose.
StarLogger is not a nice piece of software. It records every keystroke on a machine – including on password-protected ones. The program automatically begins to run when the computer is booted. It will then randomly email results and includes screenshots. Samsung claims that this was only done in order to “monitor the performance of the machine and to find out how it is being used.”
Yup, you read that correctly. Samsung wants to know everything you’re doing on your personal laptop. Isn’t that nice of them?! Not only is this creepy on a level I have no words to describe, it’s also likely illegal. Back when we dealt with the whole Sony CD rootkit, then FTC chairman Deborah Platt Majoras stated that the “installations of secret software which create security risks are intrusive and unlawful.” It’s assumed that the company will fight the legalities and come up with some half-baked excuse as to why they should be allowed to do this.
Think of it this way, though: if a nefarious person managed to hack into the databases at Samsung… imagine the potential catastrophe there. I don’t care how secure a company thinks it is, it can still happen. We’ve seen it time and time again. Every word you type into your machine – including passwords, banking information and much MUCH more – will fall into the hands of criminals.
At least Samsung is owning up to what they’ve done, and is already at work to correct it:
Samsung has launched an investigation into the matter and is working with Mich Kabay and Mohamed Hassan in the investigation. Samsung engineers are collaborating with the computer security expert, Mohamed Hassan, MSIA, CISSP, CISA, with faculty at the Norwich University Center for Advanced Computing and Digital Forensics, and with the antivirus vendor whose product identified a possible keylogger (or which may have issued a false positive). The company and the University will post news as fast as possible on Network World. A Samsung executive is personally delivering a randomly selected laptop purchased at a retail store to the Norwich scientists. Prof. Kabay praises Samsung for its immediate, positive and collaborative response to this situation.
I’m sorry, but that’s simply not enough. What is there to investigate? If the software was placed there intentionally then I’m not sure why time and money needs to be wasted determining what it’s doing there. The company needs to own up to this colossal breach of trust and security and take quick steps to correct it.
What are your thoughts?