Saturday, 21. November 2009, 01:10:36
BEeF, vulnerabilities, browser, security
...
One of the reasons behind Firefox's popularity is the availability of a vast library of extensions. Users install extensions to modify Firefox and make their browsing experience more user-friendly and powerful. The problem is, unbeknown to them, these extensions can also expose them to risk...
Zero-day vulnerabilities in Firefox extensionshttp://www.net-security.org/secworld.php?id=8527In essence, when you rely on multiple third-parties for your browser security, then you need to check for updates more frequently.
Friday, 13. November 2009, 03:35:54
flashblock, vulnerability, noscript, security
...
Slashdot just linked to a
Foreground Security article that describes an Adobe Flash attack from any domain that allows file uploads, and browsing of said content.
No patch from Adobe currently exists, and according to them:
"Unfortunately, there is no easy solution. This issue is very difficult to solve without also breaking existing, legitimate content elsewhere on the web."
Don't expect a fix from Adobe anytime soon.
Most frightening is the fact that the majority of Internet users have Adobe Flash installed and enabled -- which means all these users are vulnerable to this attack.
Ironically, the Foreground Security article includes a Flash tutorial video. Phishing anyone?
About the only mitigation factor is to disable Flash:
- If you use Opera, press [F12], uncheck "Enable plug-ins" -- until you actually need them.
- If you use Firefox, download and install the FlashBlock and NoScript extensions.
- Internet Explorer users should explore using Toggle Flash
Good luck.
Thursday, 12. November 2009, 04:11:09
software, Secunia, inspector, vulerability
...
I've been using
Secunia's Personal Software Inspector (PSI), and must admit, it's an eye-opener! For those more technical, use the
Advanced interface mode, as it will also identify End-of-Life programs, Unpatched software, and Secure Browsing attack vectors.
The tool installs easily, scans your local drives in a reasonable amount of time, and provides excellent details on program threat levels, links to vulnerability information, direct links to download updates/patches and newer software versions, links to support information, and links to open the folder or ignore the program in future scans. It also provides some nice charts showing your weekly vulnerability assessment over time.
In case you're wondering, the tool does communicate upstream to Secunia servers to download patch information, etc. So, if you've installed any illegal software, and don't want to be tracked using it, then consider this a forewarning.
The Secunia PSI tool does want to auto-run at startup, and does consume some local resources as it tracks file modifications in near real-time -- which is noticeable, especially with on-access virus-scanning enabled. The Secunia PSI tool also wants to re-run a full system scan approximately every 17 days. My advice would be to manually run the tool weekly or bi-weekly, and avoid letting it auto-run at startup.
So, give yourself some peace of mind and scan your software today! After all, patching Microsoft software using Windows Updates is just one small step in your overall system security.
Enjoy.
Saturday, 24. October 2009, 14:07:11
Windows 7, virus, VirusTotal.com, humor
...
I recently downloaded the
Windows 7 Upgrade Advisor (from Microsoft) to my Vista x64 laptop running COMODO Internet Security. When I did, I was immediately presented with:
As of 10/24/2009, Comodo is still the only AV product (out of 41 on
VirusTotal.com) to flag this Microsoft tool as "
Heur.Suspicious".
For more info, visit:
http://www.virustotal.com/analisis/1f052ea5f3a65d871092a9dd3d943969ff211ce58768fdb87c6c405f5caeb52d-1256391917Somewhat humorous.
Thursday, 6. August 2009, 23:40:19
eRecovery, restore, laptop, eMachines
...
So, like many others who have discovered that the Gateway Recovery Management (eRecoveryUI.exe) doesn't work (returns error code 205) on new PCs -- especially 64-bit versions of Microsoft Windows Vista -- I present the following fix...
OVERVIEWLaunching the [old] Gateway Recovery Management console presented two tabs (Backup / Restore), with two options on the Backup tab: 1) Create factory default disc; and 2) Create driver and applications backup disc. FYI, this program is developed by Acer and OEM'd to others like Gateway and eMachines:
PROBLEMWhen trying to burn a backup to DVD or CD, the eRecoveryUI.exe utility always dies with "error 205 (insert blank disc)". Sadly, there's no mention of this issue on Gateway's website.
REASONIt appears this general 32-bit utililty was not fully-tested with Vista x64, nor was it tested with all DVD RW drives shipped from Gateway. Some have mentioned DVD drive speed discrepencies. Whatever the true reason, upgrading the program fixes the problem (see below).
SOLUTIONLuckily, I discovered Acer makes this utility for Gateway, and they support their products pretty well. This thread describes the problem, and gave a hint as to the solution:
http://forum.notebookreview.com/showthread.php?t=362793&page=3Unfortunatley, since the Acer website had changed, the download link was no longer valid. So, I used Google's cache to retrieve the contents of the old Acer support page, and found the corresponding Acer products that mimicked my Gateway laptop:
Product
Aspire 5810TZ
Related Products
Aspire 4810T,Aspire 4810Tz,Aspire 5810T
Issue
Error 205 may occur when making eRecovery Factory Disc.
Download
eRyBurnSpeedFix_v1.0.0.1.zip
Solution
An update to the eRecovery application is available.
Please download and unzip the attached file
Run the program eRyBurnSpeedFix.exe. It will auto-update the eRecovery application
Date
06-26-09
Here's a link to the Google cache entry (may expire soon):
http://74.125.95.132/search?q=cache:BOmak6-jNsgJ:www.acerpanam.com/synapse/forms/portal20.cfm%3Frecordid%3D1351%26formid%3D3390%26website%3DAcerPanAm.com%26siteid%3D7117%26areaid%3D2+eRyBurnSpeedFix&cd=1&hl=en&ct=clnk&gl=us&client=opera
Thus, I headed to the
Acer Support website, and did a support search for their 4810T product, and found the fix!
http://support.acer.com/acerpanam/notebook/0000/Acer/Aspire4810T/Aspire4810Tfaq5.shtmlFYI: Here's the direct download link:
http://support.acer.com/acerpanam/manuals/acer/0000/documents/Recovery%20Management_v4.00.3008.zipAfter downloading, you will need to uninstall the old Gateway Recovery Management console via Control Panel > Programs prior to applying this update. Then, unzip the file, and run the executable via right-click, "Run as Administrator". Be sure any AV or security software is disabled to ensure flawless installation. When finished, you'll be pleasantly surprised to see that the Acer program is smart enough to style/skin the OEM'd program for Gateway, and properly names it "Gateway Recovery Management".
Here's what the newly upgraded utility resembles:
I am now able to successfullyl create backups and restore files to/from my Gateway DVD RW drive!
Enjoy.
--
Other references:
http://forum.notebookreview.com/showthread.php?t=394016
Wednesday, 29. April 2009, 12:47:54
reviewer, mcafee, reputation, siteadvisor
Personal plug:
http://user.siteadvisor.com/forums/member.php?u=25488
Only time will tell if I can achieve "Experienced Reviewer" status.
Sunday, 22. March 2009, 19:47:40
hd, activex, plug-in, flicker
...
The flickering/resizing problem primarly impacts any non-MSIE browser (Opera, Firefox, Safari, etc.) running the Flash 9 or 10 plug-in.
That being said, here are some work-arounds to the problem:
- Try appending either &fmt=6, &fmt=8, or &fmt=16 to the YouTube URL. For example, if your YouTube URL is http://www.youtube.com/watch?v=S0lb50nc_EQ, then change the URL to http://www.youtube.com/watch?v=S0lb50nc_EQ&fmt=8
- Or, downgrade your Flash plug-in to version 8.0 (not recommended): http://kb.adobe.com/selfservice/viewContent.do?externalId=tn_14266&sliceId=2
These YouTube query string hacks purportedly only work with videos that were uploaded at resolutions higher than 320x240. To see these YouTube videos in HD, try appending either
&fmt=18 or
&fmt=22 to the URL, instead.
For more info, visit:
http://www.youtube.com/watch?v=Fwuo_MqLgsYEnjoy.
Thursday, 5. March 2009, 13:54:38
AT&T, exploit, CingularOne.com, javascript
!!! PLEASE REFRAIN FROM VISITING CINGULARONE.COM !!!
Alright, I have (and many others) given fair warning to AT&T, but the issue has not been addressed. Time to shed some light on the fact that AT&T's CingularOne.com website has been hijacked, and is currently hosting a JavaScript exploit that loads content from remote malicious domains.
Here's some visual proof:
Again, please refrain from visiting AT&T's CingularOne.com website until this issue has been fixed.
However, if you just must sneak a peek, then disabling JavaScript and inline frames should mitigate any infection vectors. But to be safe, ensure your anti-virus on-access scanning is enabled, and your AV definitions are updated.
Friday, 20. February 2009, 12:25:49
blocking, stylesheet, facebook, ads
...
Can you guess what it does?
A#adcolumn_more_ads,
A.ad_title,
A.next_ad,
DIV#adcolumn,
DIV#adcolumn_advertise,
DIV#highlights_ad,
DIV#home_sponsor,
DIV#home_sponsor_nile,
DIV#sidebar_ads,
DIV#ssponsor,
DIV.adcolumn,
DIV.adcolumn_header,
DIV.adcolumn_wrapper,
DIV.ads_feedback,
DIV.clearfix UIHotStory_First UIHotStory UIHotStory_Ad UIHotStory_Medium,
DIV.emu_ad,
DIV.emu_sponsor,
DIV.UIHotStory UIStory emu_sponsor,
DIV.UIHotStory_Ad,
DIV.UIHotStory_Sponsored,
DIV.UIStandardFrame_SidebarAds,
IMG.spritemap_icons sx_ad,
SPAN.sponsored
{ display: none !important; }
Yep, it hides those annoying ads -- typically along the right edge of the screen.
If you're an
Opera user:
- Save this facebook.css file to your local drive.
- Visit Facebook.com with Opera
- Right-click on the page, select "Edit Site Preferences..."
- Goto the Display tab, and click the [Choose...] button.
- Locate the facebook.css file saved-off in step 1.
- Press [OK] to close Site Preferences, then reload the Facebook page.
Enjoy.
NOTE: This blog entry has been updated to reflect the new Facebook redesign of March 14, 2009.
Tuesday, 17. February 2009, 13:29:12
Pandora, Wii, music, FInetune
...
Got a
Wii connected to the Internet? Like
Pandora? Wish Pandora worked on the Wii? Well, here's a streamlined Flash application that really does work nicely on the Wii, and it has some interesting configuration options too:
FineTune.comNote: The FineTune.com music library and station configuration options aren't as feature-complete as Pandora's, but for what it's worth, it looks and operates nicely on the Wii.
Enjoy.
Saturday, 14. February 2009, 03:25:09
page cannot be displayed, regedit, BadProxyExpiresTime, proxy
...
- Using IE7?
- Behind a proxy?
- Ever seen this error?
Then most likely, you (or IE7's anti-phishing feature, or an RSS feed, etc.) have tried to load some content from a server registered in DNS, but has not returned a result within 30 seconds. Afterwhich, all IE7 tabs with Internet-content become unresponsive, and IE7 continually reports the error listed in the subject of this post.
So, what's the answer? Simple: Inform IE7 never to mark your proxy as 'bad', using the
BadProxyExpiresTime registry hack. Here's how:
http://support.microsoft.com/kb/320507If this registry hack scares you, then here's a work-around: Toggle IE's "
Work Offline" feature. To do so, pull-down IE's File menu, and select "Work Offline" -- then repeat, to enable online mode. This little trick should reset the internals of wininet.dll to allow browsing once again.
Tuesday, 14. October 2008, 21:08:58
windows, access, accesses, 567
...
1 2 3 4 5 Next »
Showing posts 1 -
12 of 60.
![FallenWalnut1[1].jpg](http://files.myopera.com/Lee_Harvey/albums/3090/thumbs/FallenWalnut1%5B1%5D.jpg_thumb.jpg)
![WalnutTree1[1].jpg](http://files.myopera.com/Lee_Harvey/albums/3090/thumbs/WalnutTree1%5B1%5D.jpg_thumb.jpg)
WIDGETIZE