Category Archives: Security

Security in a broad sense: personal, internet, digital, etc.

Privacy and Windows 10 — Unsupported Statement of Microsoft

Only a lazy guy have not commented on Windows 10 privacy “issues” yet. Here’s what Terry Myerson has to say on it in his Microsoft blog to defend his company point: “With Windows 10, information we collect is encrypted in transit to our servers, and then stored in secure facilities.”

Well, look at this video:

As you can see it is possible to decrypt the information sent. If it is easy for a regular user, it must be easy for hackers in general.

Here’s some instruction with walk-through video from winsupersite on Windows 10 privacy settings.

How to block ads in Windows with just Notepad

Ads are annoying on the web. Besides they lower your internet bandwidth and can be particularly offensive for minors. If you share your PC with your kids, I’m sure you will see how helpful my advice is. There are different ways to screen advertising with use of free and paid DNS providers, firewalls, and special software. I propose to use light and effective method of modifying hosts file. It is a manual hack, but if you browse approximately the same list of websites every day, it will not be very tedious to implement. I’ll explain in plain and simple language. This method is not risky and very easy to revert, if for whatever reason something goes wrong. I tried it in Windows 7, 8, and 10 Technical Preview. It does not matter whether you use 32 or 64 bit version, it will work anyway.

1. Get the HOSTS file

First look for the following path in the Windows Explorer:

C:\windows\system32\drivers\etc

hosts_location

To be on a safe side, make a backup of this file, save a copy of it in a different folder. This file has no extension ‘naturally’, so don’t worry. So, you can copy it to your Document folder, for instance, and make another copy with extension .bak. Then leave the file hosts.bak intact. And double click the file hosts in this new location. We will edit this file here, and once you are done, you will copy the edited new file back to the target place (C:\windows\system32\drivers\etc) to replace the original file. It is because we cannot edit this file directly in its original place.

When you double click the file, you have to choose which program to use to edit it. Pick NOTEPAD. Then you will see something similar:

hosts_new

Everything except the last line (127.0.0.1 localhost) is simply a commented description. You need to extend the list to assign the web addresses you want to block to this IP address 127.0.0.1. For example:

127.0.0.1 cdn1.clkads.com
127.0.0.1 www.clkads.com

What it does, it tells to the system, if that exact address is requested (e.g. cdn1.clkads.com) then instead of getting the real IP address from the root server (DNS), it will immediately short cut it to the 127.0.0.1, which is zero content. It applies to every web browser you can use — Internet Explorer, Chrome, Opera, Firefox, you name it.

Mind the syntax though: don’t put http:// or https:// — not needed.

2. How to block the ads.

So, how to hit particular ads you see every time you visit certain websites?

Continue reading

New Avast 7 in Windows 8 CP

Avast 7 FreeHere’s my review of new Avast 7 in Windows 8 Consumer Preview. New Windows system contains upgraded Windows Defender version 6.2, which has now full antivirus functionality and runs by default. Microsoft basically put there what they used to call Security Essentials (but the name is too long as per modern guidelines, I guess). So I wanted to test and see if third-party antivirus in Windows CP would be welcome. That means that Defender would need to be shut down automatically. I liked the previous versions of Avast and always recommended that security software, besides, it did perform very efficiently.

Continue reading

No end-to-end encryption in Opera Mini

At some point I realized that I cannot access www.careerbuilder.com website. For the first time it happened to me back in Switzerland when I worked few years ago. Since then I moved from there and from time to time I tried that website again. I like Money section on msn.com and careers.msn.com was always just a click away. But I had no luck. First I thought it was screened by a corporate firewall, but an attempt to connect at home did not improve the situation. Careerbuilder.com is not something I really need to use, but it has been a bothering feeling that there’s a major website where you are not allowed to access, and you do not know why.

As in a good detective story there was another plot developing independently from the Careerbuilder.com story. I have an iPod Touch and I installed Opera Mini browser there as I enjoy Opera browser in general (mouse gestures are very handy). After a while I noticed that with Opera Mini I can access some sites that I could not normally access from the country where I’m staying now (Russia). To my surprise it turned out that Opera Mini uses a transparent proxy, which is built-in and cannot be disabled, as according to my ip I was somewhere in Iceland (please see the screenshot below):

opera-mini-1

Puzzled I typed in careerbuilder.com and here you go, as if it has been always there for me:

opera-mini-2

Then I pinged careerbuilder.com in a usual way, and here’s the result:

careerbuilder.com-unreachable

Reply from 38.104.182.222: Destination net unreachable. As I could not decipher that message myself, I posted a question on Neowin.net forum.

And mighty BudMan replied in his typical elaborated manner, with a short summary in this quote: “Clearly ICMP is being blocked […]. Yeah it sucks with parts of the internet do not follow the RFCs and block icmp that should not be blocked..” Continue reading

Norton 360 v.5 — Yellow Flickering in the Black Hole of Customizing

norton-360-v5If you like to use power stuff , try Norton 360 from Symantec promotion page here. It has been updated to version 5 recently (version 2011). Norton 360 v5 is a huge security and computer maintenance suite that includes several modules: PC Security (antivirus and firewall), Identity Protection, Backup, and PC Tuneup. In this version, similar to Norton Internet Security 2011, Norton 360 features the latest generation of the Norton reputation-based detection and prevention technology. Here’s the direct download link to the 90-days trial: http://buy-download.norton.com/akdlm/dm/estore/downloads/OEM/N360/5.0/N360_5.0.0.125_MS_LOEM_MRF1441_5671.exe?LNG=EN&None&fileExt=.exe

Continue reading

Windows Firewall Rules. What we know from books.

Windows FirewallWindows Firewall is a built-in security tool you would never regret to have, even if you do not know what it is and what for. It is designed to protect your computer from hackers attacks from outside, that is not always solely Internet — local network (LAN) could be also an area where you want to be alerted. Firewall can also protect, if some malware is already planted and trying to communicate out of your machine. The latter is very unlikely though, that is once your machine is infected, the virus would most probably find a way to break silently through the firewall. I once already explained how to configure  Windows Vista firewall to filter outbound traffic [article link “Tweak Windows Firewall”]. Since then I expect Windows 7 firewall to be even more convenient and maybe more functional, let’s check.

Let’s see what we can learn from popular books. Let’s start with Windows 7. The missing manual. By David Pogue, Published by O’Reilly Media, 2010. At first it gives a nice definition of the firewall: “The firewall acts as a gatekeeper between you and the Internet. It examines all Internet traffic and lets through only communications that it knows are safe; all other traffic is turned away at the door.” But then on page 363 it describes the outbound versus inbound topic, where to my big surprise I see the following: “Windows Vista didn’t have an outbound-blocking firewall at all.” That’s wrong, Vista had almost the same firewall that Windows 7 has. Good suggestion for the errata, I think. But anyway, the author is right about the firewall: outbound-blocking feature is turned off by default. Why? “The theory is that if your PC is locked down tight enough with antivirus software, antispyware software, and an inbound firewall, you won’t get any infection that could send outbound signals in the first place.” That’s a fair explanation, but a bit too general for a book like that. Otherwise, there is a good guide in the book of how to tweak Windows firewall. One good point I would like to quote: “there’s no harm in having both a hardware and software firewall in place. In fact, having the Windows Firewall turned on protects you from viruses you catch from other people on your own network (even though you’re both “behind” the router’s firewall).” The book gives an interesting link to Microsoft TechNet library article Windows Firewall with Advanced Security Getting Started Guide, where you can learn a lot of interesting stuff. For example, I was wondering why my Avast Internet Security 5.0.677 did not disable the Windows Firewall once it has it’s own. As it turned out, that is a new feature in the Windows Firewall that it coexist with third party firewalls:

Continue reading

A very subjective review of Avast! Internet Security 5.0.677

avast-securedI like applications from Avast. I know it is not wise to be hooked on security software, because when you get used to something, you isolate yourself from all the other similar stuff, and one security tool is never enough. But still, to me Avast makes incredibly pleasing software. The main thing I like about it (And I mean anything starting from free Avast antivirus) is that it’s completely seamless and not intrusive at all (especially when you shut down the sound messages). I hate when an antivirus behaves like an unexpected guest, setting his rules instead of following your rules.

So I installed Avast Internet Security version 5.0.677. And it is great from a user interface perspective. Yet there are some very important features to mention. As I reviewed in one of my recent posts, Avast free antivirus v.5 performed with flying colors in the drive-by test. That basically tells you a lot about the company, because it takes time and effort to watch those web threats spreading around. In the Internet Security package have some extra stuff to appreciate: a sand box tool which allows to run any program in the virtual environment (similar to instant virtual machine):

Continue reading

Plan Z. Destroy all your data with DBAN.

Sometimes you need to quickly destroy all your data, for whatever reason. In this case Darik’s Boot And Nuke bootable CD can help. What you need to do is download the file image dban-2.2.6_i586.iso (last version 2.2.6) and burn it without unzipping. Then to deploy it, simply reboot and follow the prompts. Important to mention, that in your PC BIOS booting order must be set to start from DVD(CD)-ROM. Beware though, as this program is designed to look for any hard drives, not only the system one, and to wipe out everything without any possibility to restore. Therefore, be extremely careful with that CD. DBAN is a good way to recycle your old computer, making sure that no identity theft is possible if you sell your PC, for instance. It is also a good way to totally sanitize your hard drive before new Windows (or whatever OS) installation, especially if you suspect it was compromised with virus or rootkit infection. Creator of this tool claims that “DBAN prevents or thoroughly hinders all known techniques of hard disk forensic analysis.” It is free to use. Just be aware that good cleaning of large volume of data takes time.

boot-and-nuke

McAfee Internet Security. In the kingdom of boredom and ignorance.

mcafee-2011-front-guiI have installed McAfee Internet Security with 6-month complimentary subscription for Facebook users, but I’m confused to tell whether it is version 2010 or 2011, because it is not shown anywhere. Maybe it is just a smart marketing move, but I would call it a sneaky move, as the packaging design on their official website shows no difference. About window tells me the following: Security Center version is 10.5 and VirusScan 14.5.

First I’d like to say something good about McAfee IS. Installation went very easy and fast [screenshot] — no reboot required, no annoying registration forms, no nothing. Installation options were presented well [screenshot]. The program, once it is running, feels very light on system resources. It would be ridiculous to say that a McAfee application cannot get its job done, as well as Symantec these guys probably spent a fortune in Reasearch and Development and most tests and reviews say they are good. But there were some really surprising things to me.

Couldn’t-care-less Protection

mcafee-scan-finishedI take care of my files, and if there’s something I need to know — I need to know that in details. OK, Mcafee IS found few viruses during the scan of some downloaded samples and presented the report:

Ok, I want to see the details of the viruses and Trojans found in my files, so I click the links to see an explanation. A new window opens in the internet browser where I can see exactly that McAfee has empty database entries under the names W32/Autorun.worm!ji and Generic.gh. With risk assessment Low it probably means that they have no clue of what they found and how to prove it is a virus. Or maybe the engineers at McAfee just don’t care. Because for the suspect Artemis!83A917492B0D [screenshot] they even have no trace in the database, “page not found”, 404, you know. What did they find then? Not much, I’m afraid it just what is called “false positives” — files with inner structure elements which resemble elements of malware. And I don’t mind pointing to some dangerous areas, as no one can be 100% percent sure, but tell me something reasonable, suitable for a human. Literally: “We are not sure, but this file looks suspicious, click here if you want to know why… We suggest we delete it, or quarantine (isolate), so you could decide later what to do…” Here’s what I call human approach.

Continue reading

Reenforce Your PC Heuristics Shield. Install McAfee Internet Security 2011 free for 6 months.

mcafee-2011Are you a Facebook user? Here is a link to a free 6-month subscription of McAfee Internet Security 2011, complimentary for all Facebook users: http://us.mcafee.com/root/landingpages/affLandPage.asp?affid=773&lpname=272multi&cid=70235 If you are not, you can register and receive that nice software as well. Why McAfee? Well I found it interesting to see in the last issue of Russian computer hacking magazine (http://www.xakep.ru/articles/magazine/xa.asp) a heuristics test of Kaspersky Internet Security 2011, Eset NOD32, Avira AntiVir, and McAfee (all latest builds).

Continue reading