Free Republic

"...These machines must go. There is no way to know if one's vote is accurately accounted for..."

The USCC launched a probe against Lenovo, but many wonder if the accusations are warranted The United States government is planning to spend roughly $13M USD on computers from Lenovo. The company, famous for buying up IBM's PC manufacturing arm, is working on a deal with the US government to produce roughly 16,000 computers. Just recently, the U.S.-China Economic Security Review Commission (USCC) has requested that Lenovo be probed for any concerns about possible spying, eavesdropping or worse. The supposed problem presented by the USCC is that the 16,000 computers are being built by a Chinese-mainland company. The USCC argues...

Excerpts - NEW YORK (CNNMoney.com) -- A disgruntled hacker with a personal grudge against Symantec, which provides anti-virus software to leading Fortune 500 companies, could be behind a new, crippling computer virus that's already hit a division of at least one big U.S. corporation on Thursday. If it spreads, technology experts warn the latest strains of the insidious RINBOT computer virus could hijack network systems of businesses worldwide. ~ snip ~ Cluley said this strain appears to be hitting MS SQL servers. It looks for networks that run the Microsoft Windows operating system, including Windows 2000, Windows 95, Windows 98,...

IT security and control firm Sophos is welcoming news that a US man has pleaded guilty to charges of writing and distributing a Trojan horse designed to steal usernames and passwords from computer users. "The Trojan has been the key development in cybercrime in recent years - hackers use them to steal info and money from unsuspecting internet users" Graham Cluley, Sophos Richard C Honour, 31, faces a maximum penalty of five years in prison and a fine of $250,000 after admitting releasing malware that infected users of DarkMyst, an IRC chatroom popular with players of online role-playing games. Honour,...

** Flurry of techish bills introduced in new Congress Members of Congress introduced a flurry of new technology-related bills this week, including two bills that would require companies with data breaches to notify affected customers. Senators Patrick Leahy, a Vermont Democrat, and Bernie Sanders, a Vermont independent, introduced the Personal Data Privacy and Security Act. In addition to requiring data breach notification, the bill would also require data brokers to disclose what information they hold on individuals. The bill would allow individuals to correct information held by data brokers, and it would require companies that have databases with personal information...

TiVo revealed the other day that it's offering TV networks and ad agencies a chance to receive second-by- second data about which programs the company's 4.5 million subscribers are watching and, more importantly, which commercials people are skipping. This raises a pair of troubling questions: Is TiVo, which revolutionized TV viewing with its digital video recording technology, now watching what people watch? And is it selling that sensitive info to advertisers and others? ... TiVo's potential to monitor (and embarrass) millions of people was made clear in 2004 after Janet Jackson's right breast made a surprise appearance during the Super...

The next time you're at an airport looking for a wireless hot spot, and you see one called "Free Wi-Fi" or a similar name, beware -- you may end up being victimized by the latest hot-spot scam hitting airports across the country. You could end up being the target of a "man in the middle" attack, in which a hacker is able to steal the information you send over the Internet, including usernames and passwords. And you could also have your files and identity stolen, end up with a spyware-infested PC and have your PC turned into a spam-spewing zombie....

Users who put their faith in Vista's new security features and Microsoft's Windows Defender antispyware product may find themselves under attack from spyware all the same, according to the results of a study by Webroot, a leading antispyware vendor and Microsoft competitor. On Thursday, the company released the results of what it claimed was a two-week study of Windows Defender that showed the product missed 84 percent of a sample set of 25 spyware and malicious code samples. The programs that slipped by were a mix of spyware, Trojan horse programs, and keyloggers. While many were not Vista compatible and...

I received a few e-mails over the weekend from readers who took issue with advice I recently gave to a Web chat participant who asked what he should do to help an elderly friend who was having PC trouble. The questioner said the woman knew nothing about computers and that her Windows machine was besieged with pop-up advertisements. I probably get two or three variations on this question in the course of each Web chat, and I usually ignore them in favor of more targeted questions because of the difficulty in diagnosing what precisely may be ailing the questioner's computer....

My computer used to be really zippy. 1 1/4 gig Ram, fast processor, etc. But then I installed symantic and that slowed it somewhat. Then all the Windows updates. Now it's actually pretty slow, sometimes. Anyone else have this problem?

Computer games are high on wish lists for teens this holiday season. However, some of those games could be hazardous to your computer and your privacy. The company that makes the game “Battlefield 2142” is Electronic Arts, a trailblazer in computerized entertainment. But EA is also blazing a different trail, using this particular game to reach into users’ computers. “It basically said they’re going to be using advertising and data on your computer,” said computer gamer Ryan Arp. Arp learned about the company’s use of spyware in the game after he opened the package, losing his right to return it....

Someone(s) whose motives I don't trust has had access to my computer. This isn't the sort of person(s) who would steal financial data like credit card numbers, etc, but I'm concerned more about snooping around for internet activity, etc. Two questions: First, aside from the IE history file, is there any way this smart-@$$ could be snooping around my past internet activity? Second, the person(s) is literate enough to be a threat for spyware. Should I be concerned that I have some sort of spyware planted on my computer? If so, how can I find it, find out what the...

Microsoft's browser gets upgraded IE 7 will be the browser that ships with Windows Vista Microsoft has made Internet Explorer 7 (IE 7) available to the general public.The new version is the first upgrade to the web browsing program for more than five years. New features include tabbed browsing, the ability to search the net directly and an anti-fraud system to thwart phishing attacks. The new program is available as a free download on 19 October, but many will get it as an automatic update to Windows XP in November. Phish fighter The new version of the browser has...

Commentary: It's everywhere you don't want it to be ********************************************AN EXCERPT *******************************BERKELEY, Calif. (MarketWatch) -- Apparently you cannot lecture people enough about spyware. Nobody knows what it is and most computers are infected. That means you. Luckily the recent H-P fiasco, where it admitted to spying on the media and its own board members brought some light to the matter. H-P had apparently utilized tracking software and incorporated it into some emails to see if they were forwarded. For some reason the company didn't think this was wrong. I'd be leery of any mail coming from H-P if this is...

Until a couple of days ago, like many others, I was looking forward to the long awaited release of Windows Vista. Then the news broke about Microsoft's intention to crack down on software piracy by putting what amounts to spyware on users' computers. Now I'm thinking twice about whether I really need or want this new operating system. Microsoft's so-called Software Protection Program (SPP) has been presented to intending users as a fait accompli just a month ahead of Vista's scheduled release. It will mean that those who use Vista and other Microsoft products will have to put up with...

Home PCs could be under attack from hackers over 50 times a night, suggests a BBC News Website experiment. The BBC News Website team set up a ‘honeypot’ PC – a computer that looks like a normal PC online but records everything that's done to it – in order to find out the dangers facing web users. Every single time the 'honeypot' was put online it was attacked. In one of the busiest nights of malicious online activity, the computer was attacked 53 times: 1 hijack attempt. PC suffered buffer overflow attempt to subvert web server built into Microsoft Windows....

Microsoft on Tuesday broke with its regular security update schedule for only the second time this year to issue a patch for a critical Internet Explorer vulnerability that's been exploited for more than a week. MS06-055 provides a fix for the flaw in IE 5.01 and IE 6.0, Microsoft said in the accompany bulletin, and should be applied immediately. The Redmond, Wash. developer pegged the bug as "Critical," its most dire warning, for editions of IE running on Windows 2000, Windows XP, and Windows Server 2003 machines. Windows Server 2003 SP1 is at slightly less risk. "An attacker who successfully...

Hewlett-Packard CEO Mark Hurd announces he has accepted the resignation of former chairwoman Patricia Dunn from the board of directors as a result of the H-P leak investigation and spying scandal. MORE...

Excerpt - Don't blame Hewlett-Packard Chairman Patricia Dunn, her new lawyer said Wednesday, for the convulsions the company's board have suffered in the wake of its troubled investigation of boardroom leaks. "She's neither a lawyer nor is she an investigator," said James Brosnahan, the Morrison & Foerster litigator whom Dunn hired this week. "And she's not the kind of person, frankly, who would advise people to do something illegal." Dunn has come under scrutiny for her role in directing the troubled probe -- The Wall Street Journal reported Wednesday that she closely supervised it -- and she's the latest figure...

Exploits against the unpatched vulnerability in Microsoft's Internet Explorer are increasing and attackers are gathering momentum, researchers said Thursday. They warned that the problem would become worse if cyber criminals attack via e-mail next. "It might come to nothing, but it feels like a storm's coming," said Roger Thompson, the chief technology officer at Exploit Prevention Labs. "The potential is there. Call it a storm watch, not a storm warning." At least two different exploits have appeared this week, said Thompson, one linked to the Russian-made hacker exploit kit called WebAttacker, the other posted early Thursday on the xSec gray-hat...

Although Microsoft has acknowledged that in-the-wild exploits are taking advantage of an unpatched flaw in Internet Explorer, the developer has not committed to cranking out a fix before next month's regularly-scheduled update on Oct. 10. Users who want to protect themselves now, however, do have options. Disable the vulnerable .dll: In the security advisory posted yesterday, Microsoft suggested that users can disable the vulnerable "Vgx.dll" from the command line. -- Click Start, choose Run, and then type -- regsvr32 -u "%ProgramFiles%\Common Files\Microsoft Shared\VGX\vgx.dll -- Click OK, then click OK again in the confirmation dialog that appears. To undo the command,...

Browser flaw seen on porn sites Microsoft has issued warnings about a serious flaw in Internet Explorer that allows attackers to hijack a PC via the popular browser. Security firm Sunbelt Software said the vulnerability was being actively exploited on some porn websites. So far there is no fix to close the bug in the browsing program but Microsoft has issued advice about how to avoid falling victim. It said it would patch the bug in its next security update due on 10 October. Researcher Adam Thomas uncovered the exploit which revolves around the way that the Internet Explorer browser...

Excerpt - Hewlett-Packard Co. may be the world's largest technology company, but the superlative that better suits it these days is Provider of the World's Strangest Corporate Drama. For two weeks, almost every day has brought revelations of questionable tactics that HP investigators used this year and last to root out who had been describing boardroom deliberations to the media. Corporate intelligence is an old and frequently practiced art, but HP's efforts feel more Watergate than Wall Street. Not only did investigators impersonate board members, employees and journalists to obtain their phone records, but according to multiple reports, they also...

Excerpt - Hewlett-Packard Co. chief executive Mark V. Hurd approved an elaborate "sting" operation on a reporter in February in an attempt to plug leaks to the media, according to an e-mail message sent by HP Chairman Patricia C. Dunn. The document, one of more than two dozen e-mails obtained by The Washington Post, for the first time links Hurd to an internal investigation of media leaks that has led to criminal probes and will be the subject of a congressional hearing next week. ~ snip ~

An unpatched vulnerability in all editions of Microsoft's Internet Explorer browser is being exploited, security researchers said Tuesday, with the attack dumping a broad range of adware, spyware, and Trojans onto PCs whose users simply surf to an infected or malicious site. First reported by Sunbelt Software -- although rival Internet Security Systems claimed it was the first to discover the bug -- the vulnerability is in how IE renders VML (Vector Mark-up Language), an extension of XML that defines on-the-Web images in vector graphics format. The previously unknown -- and thus unpatched -- bug inside IE is already being...

I have McAfee security suite. It ran somewhat fine until the latest "upgrade". Now new windows take way to long to to open, and even the boot up process to where I can actually use the computer takes a lot longer. I tried uninstalling everything except the virus scan, and it still runs like a turtle. From what I read, Mcafee is RAM resident and the newest release must be a huge RAM hog. It gave me the excuse to order the extra 512M of memory - Rambus RDRAM 800 MHz BTW - very expensive but I don't think that...

Pardon the Vanity, but I thought it might be good to post for not only myself but for others that did the same thing. Last night, when the link was posted on this forum, I went to see what Ahmadinejad's blog looks like. Only after I clicked on the thing and let it load did I happen to think -- wait a minute, I just clicked on a terrorist's website. What's to keep him from being a cyber terrorist. Then, today, I see this from Little Green Footballs http://littlegreenfootballs.com/weblog/?entry=22093_Ahmadinejads_Blog_is_Dangerous&only Last night, after I clicked, I deleted all cookies, offline content,...

I have a two-year-old eMachine T3092 running Windows XP Home Edition. Over the past six months it has become progressively slower until it now takes 30-60 seconds to open a new screen or start an application. I use Norton Antivirus, Spy Sweeper, and BlackIce Firewall. I suspect the problem is simply too much extraneous crap in it. Is there a product that can clean-up Windows and my files to get it up to speed again? Thanks.

Experts at SophosLabs™, Sophos's global network of virus, spyware and spam analysis centers, have reminded internet users to be on their guard following the discovery of a spyware Trojan horse that displays pictures of a potential Russian love match while secretly stealing information. When first run on a user's computer, the Troj/Keylog-HD Trojan horse displays a slideshow of 3 photographs of a young woman called "Victoria Stasova". Accompanying the photographs is a love heart and an AOL email address. However, while the pictures are being displayed, the malware steals keypresses and information from the infected user's PC which could allow...

Spyware disguises itself as Firefox extension The antivirus specialists at McAfee have warned of a Trojan that disguises itself as a Firefox extension. It is currently being openly disseminated through spam emails that purport to come from Wal-Mart. If the recipient opens the mail attachment while running a Windows operating system, the Trojan then installs itself as a Firefox extension, presenting itself as a legitimate existing extension called numberedlinks. It then begins intercepting passwords and credit card numbers entered into the browser, which it then sends to an external server. McAfee has dubbed the Trojan "FormSpy," although the company...

An identity-stealing keylogger that disguises itself as a Firefox extension and installs silently in the background was discovered Tuesday by security vendor McAfee. According to the Santa Clara, Calif.-based company, the "FormSpy" Trojan horse monitors mouse movements and key presses to steal online banking or credit card usernames and passwords, other login information, and URLs typed into Firefox, the popular open-source browser. Another component of the Trojan sniffs out passwords from ICQ and FTP sessions, and IMAP and POP3 traffic, said McAfee. All collected information is sent to an IP address hard-coded into the Trojan. The scam starts with spam...

Poisoned PowerPoint attacks users The booby-trapped file has been spammed out in e-mail Microsoft is warning Windows users about a virus that takes over PCs via the popular PowerPoint program. Attached to the virus is a poisoned presentation that, if opened, installs keylogging software on a computer. Users are being told to take care because it could be weeks before Microsoft produces a patch that protects against the security loophole. So far relatively few people are thought to have been caught out by the booby-trapped presentation. Nasty bug The bug that the malicious hackers behind the virus have exploited...

An online banner advertisement that ran on MySpace.com and other sites over the past week used a Windows security flaw to infect more than a million users with spyware when people merely browsed the sites with unpatched versions of Windows, according to data collected by iDefense, a Verisign company.

The networking technology underpinning Windows Vista may be less stable on release that that behind Windows XP, according to an analysis by security firm Symantec. Microsoft has re-written its networking stack for Windows Vista in order to allow for "easier maintenance, improved performance, and improved stability". But an analysis by security researchers at Symantec found a variety of security flaws with early builds of the OS. In a white paper based on this research, Windows Vista Network Attack Surface Analysis: A Broad Overview (PDF), the researchers conclude that Vista may be less stable, at least for the immediate future, than...

Rockets bursting in air, fireworks everywhere! Thank you for helping mark the 200,000th entry into the VirusScan malware (malevolent software) detection database. But truly, this is not a moment to celebrate. For, larger and larger numbers of malware is a plague, not a cause to celebrate. Instead, we mark this moment simply as a milestone in our continual trip to fend off the bad stuff from everyone’s machines. It is alarming that we reach this milestone so soon after September 2004 when the count reached 100,000. Eighteen years to reach 100,000. Less than two years to double. Looking ahead, our...

Microsoft is facing a class action suit over a tool that gathers data on a user's computer in an effort to detect bootlegged copies of its Windows operating system. The suit, filed in U.S. District Court in Seattle on Monday, concerns Microsoft's Windows Genuine Advantage, an antipiracy tool the company introduced in July 2005. The WGA program collects hardware and software data, delivering it to Microsoft servers. The stored information is then used to warn of possible piracy violations. The lawsuit alleges the program violates consumer protection laws in California and Washington state, and laws against spyware, invasive programs that...

Excerpt - A security researcher with expertise in rootkits has created a working prototype of new technology that is capable of creating malware that remains "100 percent undetectable," even on Windows Vista x64 systems. Joanna Rutkowska, a stealth malware researcher at Singapore-based IT security firm COSEINC, says the new Blue Pill concept uses AMD's SVM/Pacifica virtualization technology to create an ultra-thin hypervisor that takes complete control of the underlying operating system. Rutkowska plans to discuss the idea and demonstrate a working prototype for Windows Vista x64 at the end at the SyScan Conference in Singapore on July 21 and at...

I have been a big user of Norton Utilities & Anti-Virus in the past. Nowadays I don't use NAV anymore as I use AVG Free Edition. I also don't use Norton Internet Protection as I use ZoneAlarm. I want to finally drop NU but I don't know of a suitable replacement. I am dropping all Norton products because they want to take over the entire system. I also get these crazy messages that keep telling me that AVG isn't compatible with their programming and that I need to run Norton Clean-Up and turn on my Automatic Updates so it downloads...

Microsoft today gave the world a rare -- albeit conservative -- glimpse of its view on just how bad the virus and bot problem has gotten for Windows users worldwide. The data comes from 15 months' worth of experience scanning computers with its "malicious-software removal tool," a free component that Microsoft offers Windows XP, Windows 2000 and Windows Server 2003 users when they download security updates from Microsoft. The tool has been run approximately 2.7 billion times by at least 270 million unique computers, leading to the removal of 16 million instances of malicious software from 5.7 million unique Windows-based...

Millions of Windows users may unwittingly be test subjects for an unfinished Microsoft antipiracy tool.The software maker has been delivering a prerelease version of Windows Genuine Advantage Notifications software to PCs as a "high priority" item in the built-in update feature in Windows. The tool, also known as WGA Notifications, is used to validate the authenticity of Windows software installed on a PC. The move is a first for the software maker. Microsoft normally asks people to join test programs before it initiates the download of any such trial software. "I don't think that we have done it before," David...

 SEATTLE - Microsoft Corp. acknowledged Wednesday that it needs to better inform users that its tool for determining whether a computer is running a pirated copy of Windows also quietly checks in daily with the software maker. The company said the undisclosed daily check is a safety measure designed to allow the tool, called Windows Genuine Advantage, to quickly shut down in case of a malfunction. For example, if the company suddenly started seeing a rash of reports that Windows copies were pirated, it might want to shut down the program to make sure it wasn't delivering false results. "It's...

Microsoft takes on net nasties MICROSOFT executives love telling stories against each other. Here's one that platforms vice-president Jim Allchin told at a recent Windows Vista reviewers conference about chief executive Steve Ballmer. It seems Steve was at a friend's wedding reception when the bride's father complained that his PC had slowed to a crawl and would Steve mind taking a look. Allchin says Ballmer, the world's 13th wealthiest man with a fortune of about $18 billion, spent almost two days trying to rid the PC of worms, viruses, spyware, malware and severe fragmentation without success. He lumped the thing...

Excerpt - Security software makers, the 800-pound gorilla has landed. Microsoft Corp. was to announce Wednesday that it is releasing software that aims to better protect people who use its Windows operating system from Internet attacks. The move pits the world's largest software maker head-to-head with longtime business partners Symantec Corp., McAfee Inc. and others. Windows Live OneCare, which will protect up to three computers for $49.95 per year, marks the latest step in Microsoft's effort over the years to make its operating system less vulnerable to crippling Internet attacks. Windows, which runs on the vast majority of personal computers,...

Don't try this at home--not if you want to have a working computer. Search for "Free Screensavers," we're told, and 64% of the sites you'll find are the kinds that can gum up your machine with spyware or a computer virus. A team of researchers, let by Ben Edelman and Hannah Rosenbaum of a British firm called Site Advisor, tried entering 1,394 popular search terms into the web's most popular search engines--Google, Yahoo!, MSN, AOL and Ask.com. They came up with a chart you may find both amusing and sobering. Even if you search for something as harmless as "I...

Researchers have identified an "insidious" threat affecting Yahoo Messenger. A self-propagating worm, named yhoo32.explr, installs a piece of software called 'Safety Browser' and then hijacks the Internet Explorer homepage, leading users to a site that puts spyware on their PCs. Because Safety Browser uses the IE icon to identify itself, users can easily mistake it for the legitimate Internet Explorer. This is the first recorded incidence of malware installing its own web browser on a PC without the user's permission, according to security firm FaceTime. The self-propagating worm spreads the infection to all contacts in Yahoo! Messenger by sending a...

My wife woke me up yesterday morning and told me she had to restart the computer. An ad had popped up that said, "A major virus could be on your computer, download from us and we'll fix it..." Being familiar with pop-ups, I didn't think much of it, until four hours later when I went to use my computer. There were 47 Internet Explorer windows open and something was trying to open more. My system was almost at a standstill. Even a simple click of the mouse took two minutes to process. I disabled and deleted the P2P application, but...

SAN FRANCISCO, California (AP) -- Benjamin Daines was browsing the Web when he clicked on a series of links that promised pictures of an unreleased update to his computer's operating system. Instead, a window opened on the screen and strange commands ran as if the machine was under the control of someone -- or something -- else. Daines was the victim of a computer virus.

A new kind of malware circulating on the Internet freezes a computer and then asks for a ransom paid through the Western Union Holdings money transfer service. A sample of the Trojan horse virus was sent to Sophos, a security vendor, said Graham Cluley, senior technology consultant. The malware, which Sophos named Troj/Ransom-A, is one of only a few viruses so far that have asked for a ransom in exchange for releasing control of a computer, Cluley said. The new Trojan falls into a class of viruses described as "ransomware." The schemes had been seen in Russia, but the first...

Security researchers and legal experts have voiced concern this week over the prosecution of an information-technology professional for computer intrusion after he allegedly breached a university's online application system while researching a flaw without the school's permission. Last Thursday, the U.S. Attorney's Office in the Central District of California leveled a single charge of computer intrusion against San Diego-based information-technology professional Eric McCarty, alleging that he used a Web exploit to illegally access an online application system for prospective students of the University of Southern California last June. The security issue--which could have allowed an attacker to manipulate a database...

Whew. Man, I may have to stop using Windows Update. It installs spyware!