PreparedPC

NebuAd CEO Asked “Have You Stopped Beating the Consumer?”

On August 14, 2008, In Security and Privacy, Web Browsing, By PreparedPC

Bob Dykes, CEO of NebuAd, was recently questioned at a House subcommittee meeting by Rep. Edward Markey (D – MA), chairman of the House Subcommittee on Telecommunications and the Internet. NebuAd is one of the advertising companies which use deep packet inspection (DPI) to examine the (unencrypted) web traffic of the customers of the internet service providers (ISPs) who partner with them.

Kansas-based ISP Embarq is one of NebuAd’s partners. At issue was a data-gathering test conducted earlier this year by NebuAd against 26,000 of Embarq’s customers.

Embarq did notify its customers about the test, noting that customer’s web surfing data would be retained, and that they could opt-out of the test if they wanted.

Rep. Markey encouraged Mr. Dykes to offer an opt-in model, instead of the current opt-in option. (more…)

Protect Your Eyes: Use OpenDNS’s Free Web-filtering Service to Block Adult Sites and More

On August 11, 2008, In Web Browsing, By PreparedPC

We recently mentioned that you can point your router or browser to OpenDNS’s DNS servers to protect your computers from the DNS Poisoned Cache vulnerability brought to light by Dan Kaminsky. While many Internet Service Providers (ISPs) have patched their DNS servers, others have not yet done so.

There is another reason to consider OpenDNS, as you can use it as a free web-filtering service. How-To Geek posted a well-written tutorial describing this in detail.

What is Web Filtering? (more…)

Giving that PC Away? Use DBAN to Wipe That Hard Drive Clean

On August 8, 2008, In Security and Privacy, By PreparedPC

Photo by Jeff Epp

If you’re going to donate your old PC or sell it, make sure you don’t leave any personal information on the hard drive. The open-source [free for personal use] DBAN (Darik’s Boot and Nuke) will completely and securely wipe your computer’s hard drive.

Another occasion to use DBAN is to completely destroy a virus. While this is a drastic measure, there are some cases when a computer can be infected with a virus so pesky that it can survive a hard drive format. In other words, if you’re dealing with a nasty virus and decide to simply format the drive and reinstall Windows, you might still be facing that virus after all that work. If you’re going to go to the trouble of reinstalling Windows, use DBAN to completely wipe the hard drive clean first.

Preparing Your DBAN Media (more…)

Tagged with: consider • feature • free • identity theft • wipe drive

DNS Exploit Code “In the Wild”; Are You Vulnerable?

On August 5, 2008, In Security and Privacy, By PreparedPC

UPDATE: After Dan Kaminsky’s Blackhat presentation, Steve Friedl posted the specifics of the bug in An Illustrated Guide to the Kaminsky DNS Vulnerability.

As we mentioned last month, security researcher Dan Kaminsky discovered a serious exploit in the Domain Name Server (DNS) systems used by the thousands of internet service providers (ISPs).

- The good news: In an unprecedented cooperative effort, Mr. Kaminsky led a team of engineers from many vendors who secretly worked together to create patches to fix the exploit. The patches were simultaneously released in early July, 2008.

- The bad news: Since then, code that demonstrates how to take advantage of this exploit has been found “in the wild”

- The really bad news: Many ISPs still haven’t patched their DNS servers.

What Does This Mean to Me?
If your ISP’s DNS is not patched, and they are attacked using this exploit, you may unknowingly be redirected to a phishing site. For example, you may think you’re browsing to www.MyBank.com, but actually your browser is redirected to a look-alike site. If you enter your user name and password, these could be stolen, and the bad folks who created the look-alike site could access your account and wreak havoc.

What Can I Do? (more…)

Turn .ISO Files into DVDs/CDs with ImgBurn

On July 30, 2008, In Utilities, By PreparedPC

Photo by: Ghirigori Baumann

An .ISO file is an “image,” containing the complete contents of a CD or DVD. It’s a common way that versions of Linux (or many of its variants) are released. For example, you might want to download a copy of F-Secure Rescue CD 3.00 so you can scan a hard drive for any malware.

Also, if you create a BartPE .ISO file as we discussed earlier in “Backup Your Hard drive Now – While You Still Have Time,” you’ll need a way to turn the .ISO into a bootable CD.

If you have Nero or a similar program, you can burn that image to a CD or DVD. Alternatively, you can use the free utility ImgBurn to do the same thing. (more…)

WordPress Users – Wait Until 2.6.1 To Upgrade

On July 25, 2008, In WordPress, By PreparedPC

OK, we admit it. While we at PreparedPC.com don’t always live on the cutting edge, we did get googly-eyed when we read about the new features in WordPress 2.6.

After reading the Wordpress upgrade guide, we decided to make the leap. After backing up and carefully copying files to right places, and reactivating the plug-ins, we launched our browser and checked to make sure everything was OK.

It wasn’t. The categories that should have been listed on the sidebar were GONE!

No problem though, thanks to David Cumps. He ran into the exact same issue. He identified that a bug in the 2.6 upgrade script deleted the category descriptions from the WordPress database table wp_term_taxonomy. He also graciously wrote up specific instructions to fix the issue by manually updating the database table. This worked perfectly!

Now that the upgrade is behind us, we look forward to taking advantage of the new features to make the useful information on this site even prettier.

Takeaway: Software upgrades are never fun, especially when something breaks. Apparently this issue will be fixed in WordPress 2.6.1, so wait a little longer if you plan to upgrade.

Thank you again to David Cumps.

Clean Up Your (Browser’s) Act – Profanity Filter for Firefox

On July 25, 2008, In Web Browsing, By PreparedPC

Just as your ears might be assaulted by someone’s foul mouth as you walk down the street, you might unwittingly come across some family un-friendly language on a web page. You may not browse to any overtly nasty sites, but on sites that allow unmoderated comments, some people might leave some profanity-laced prose.

The Profanity Filter for Firefox, a Greasemonkey script, can help by actually replacing foul words on web pages with “***”. It actually runs after the page loads, so the original page (including any profanity) is displayed on the screen momentarily before the script replaces any words.

(more…)

JKDefrag For Your Hard Drive’s Health

On July 21, 2008, In Utilities, By PreparedPC

JKDefrag 3.34

JKDefrag is a freeware utility that handles that unglamorous but important task of defragmenting your hard drive(s). JKDefrag falls into that happy category of programs that handle a task better than Microsoft’s own utility for the job. Running JKDefrag is quite safe because it “hooks into” Windows’ defragmentation API (Application Programmer’s Interface), sending defragmentation requests to the operating system, so that Windows (not JKDefrag) does the actual work of moving files to the right area of the hard drive. (more…)

Phorm, NebuAd, and Front Porch May Soon Be Your ISP’s Friend, But Not Yours

On July 14, 2008, In Security and Privacy, By PreparedPC

An emerging and intrusive technology may soon be coming to your ISP. Three companies, NebuAd, Front Porch and Phorm, are best-known for using deep packet inspection of ISPs’ user’s browsing habits as a way to present targeted advertising to users. Advertising on the web is nothing new, but the way these companies’ services work is something you should know about.

Basically, these companies, with the consent of ISPs, install an appliance into the ISP’s network. This device acts as a proxy: when you browse to a page, this proxy device intercepts your request, then inspects the content of the requested page for key words, and uses this information to present targeted ads to the user. (Steve Gibson goes into detail regarding how Phorm’s WebWise service gathers information in his Security Now! podcast #151.)

So with these companies’ devices placed inside of your ISP’s network, ISPs make money, and their customers’ surfing habits get analyzed.

(more…)

DNS Patch for Windows Released. Why You Need It (Unless You Use Vista)

On July 11, 2008, In Security and Privacy, By PreparedPC

As part of the most recent 2nd-Tuesday-of-the-month “patch Tuesday” (July 8, 2008), Microsoft released patches for Windows 2000, Windows XP, Windows Server 2003 and Windows Server 2008. Windows Vista (neither the 32- or 64-bit versions) is NOT affected. Windows 2000/XP users who are using ZoneAlarm could lose internet connectivity after applying the patch. Read ZoneAlarm’s press release about that here.

(This patch does require a reboot.)

For specific information, read Microsoft Security Bulletin MS08-037 and Knowledge Base Article 953230.

DNS (Domain Name System) translates “friendly” site names (like preparedpc.com) into numeric addresses used by the internet computers. The problem: a basic flaw in unpatched DNS installations (more…)