Posts

Showing posts from December, 2005

Stats

Finally, an easy-to-use and friendly stats engine for my blog... Thanks to http://www.sitemeter.com/. See my stats here.

Gift Idea!

Image
I really need this shower notepad! No kiddin'.

;-)

Hoax?

What is a hoax? The sound you make when you sneeze? Nah... It is a false rumor. You probaly receive e-mails saying, for example, that a little boy in a foreign country will earn 5 c ents every time you forward this e-mail... Or that a new virus has been announced by Microsoft? Those are not true, but forwarded by people who just don't know how to check.

There is nothing good with these e-mail messages and their only consequences are losses of time for a lot of people. Please don't forward these e-mails before checking if the information they contain is real and true.

But how to do that? I'll give you the means today.
You need to know if a message is real or a hoax? Go see HoaxBuster (french) this other site. Anti-virus vendors also have such sections on their website (Mcafee and Symantec)You want to be aware of virus trends? Every anti-virus vendor has a database of viruses (Mcafee, Symantec, Kaspersky). Microsoft is not (as of today) an anti-virus vendor.
Ok, now y…

Basic tips for free security

Computer security is important for everyone. People often underestimate the cost of computer labour and think that when they buy a computer, there will be no other costs other than the purchase cost. Wrong!


But you can easily reduce the risk of needing computer specialists' services with a few tips (there is no cost associated with those).

Short version: get AVG anti-virus, free edition, and MS Anti-Spyware.

Long version:
Get a free anti-virus. I recommend AVG, Free Edition. Not really because it is the best... I haven't tested them all. However, it is the one I've been using at home for a long while and I'm pretty satisfied with it. It is also easier for me to help anyone who's using the same software as I use. Note: AVG Free Edition can not be used in a business context. It is only allowed for personal use at home. Please respect licences. WinClam is an open-source virus-scanner
Get a free anti-malware program. If you have a legal copy of Windows installe…

Phishing

You don't know what phishing is? Well, it is basically a fraud attempt using e-mail messages. It is usually a malicious person who impersonates a big corporation, usually banks, or online services like eBay or Paypal, and ask you to go to some site and enter your credentials (username/password/card #) for whatever reason.

What people usually don't know is that it is easy to make a link that leads somewhere else than what it says. For example, it is easy for me to make a link to one website, and make it look like another. For example: www.patatebleue.com links to google.

So here are the rules...
Banks never communicate with their clients by e-mail.Watch out for typos. Phising are usually full of mistakes.
You should never be prompted by e-mail to "refresh" your password.Businesses don't deactivate their client's account just for the fun of it. Think about it: Customers are of value for a business, why close accounts? Also, most business gather information a…

Firefox 1.5 is here, with cool extensions!

Good news, the new Firefox is out!

I tried it out and it has been reviewed many times already. I suggest you upgrade, unless you really need one extension that is not 1.5-ready yet. It has a few improvements over 1.0.x, such as:
Automatic updatesFaster browsingDrag-n-drop re-ordering of tabsBetter pop-up blockingYou can report sites that are not Firefox-friendly directly in FirefoxMany othersI also found many cool extensions thanks to this article. Go there and get cool extensions!

What about security? Well, Firefox 1.5 just got its first security alert. Critical? Nah... far from that. However, that doesn't mean Firefox is 100% secure. But the automatic update feature, it is getting close. It is a lot better than Internet Explorer, since Internet Explorer has roots in the Windows operating system, and Firefox doesn't. This means that a vulnerability in Internet Explorer can typically be more critical than a similar one in Firefox.

But, I really believe that using Fir…

msncheck.41m dot com

Hi,

I reported suspicious activities on this website recently msncheck dot 41m dot com to the SANS institute. They were offering to let people know who blocked them on MSN. But that required that you enter your MSN credentials (e-mail address/password). Do you remember you should never give your password to anyone?


I must admit they looked fair and honest since they were recommending you to change your password before and after, so that they don't know your real password. But the thing is: do you have an idea of how much e-mail addresses they can harvest this way? That is an easy way to build a list of addresses to send spam or phishing...

Now the site is down, but I don't know if my report has anything to do with it... I'll ask.

Greylisting

Hi,

Just begun playing around with GreyListing. It is another anti-spam technique. Simply said, what it does is:
It is based on tuplets (sender, recipient, originating IP). The first time a server receives a message of one specific tuplet, it says to the originating server : I don't accept your message now, please come back a bit later.Real e-mail servers usually respect this and retry a few (typically 15) minutes later. When the server retries, the delays don't apply and the message is accepted. Then, the tuplet is added to a database (held in memory, dumped once in a while on disk), so that this tuplet is not subject to greylisting (delays) for a given period
Spambots, zombie infected computers don't retry, so a lot of spam is denied just there, no more processing is needed.The benefits are two-fold
There is less spam in the users' mailboxesThere is less load on mail servers. Effectively, most servers use anti-spam software that uses a lot of resources (network/…