Computer Support Network

While American households account for most of the new electronics market, they only contribute about 26% to the electronics recycling market. That means an awful lot of electronics still end up in our landfills.  Not only is this wasteful but it also presents serious security concerns for many electronics users who have not adequately cleared their devices of personal information.  The threat is made even more apparent when you take a look at the reseller marketplace.

The security firm AccessData, recently compiled a report on many popular mobile devices such as Apple devices and cellular phones.  The firm discovered that while the devices had had their hard drives seemingly cleared of data, “they were still able to extract Social Security numbers, financial information, GPS locations, passwords, communications and other information that could be used for ID theft and other criminal activity.”

To prevent a similar security breach from happening to you choose an appropriate outlet to recycle or dispose of your electronics.   The Consumer Electronics Association has put together a list of websites to help you choose which route to go. Consumer electronics have different life spans (a smartphone’s is 18 months, while a TV is more than 10 years) and first you should look to extend the life through resale or reuse. See if there’s a worthy home for your small or large electronic devices at a local school, retirement home or community center.   Whichever you choose, make sure that you properly dispose of all personal information first.  If you take proper care of your devices and the data contained within then you and someone else can enjoy your gifts for years to come.

From all of us at IT Computer Support of New York, we wish you a happy and safe holiday season and a prosperous New Year.

- Richard Keene
IT Computer Support of New York
Design and Optimization Department

Social media and social network website can be a great tool to promote your services or exchange contact information but there is a dark side to their services.  The growth in popularity of social media websites such as Facebook and MySpace has opened up new areas of revenue for marketers but has also opened the doors for malware distribution.   IT administrators now have to face the very real threat that social media website can put their businesses at risk.

The real danger of social media websites is their ease of use.  Anyone regardless of computer skills or computer type can access them from anywhere.  For this same reason malware distributers choose the websites to spread malicious content to people who are oblivious to the danger.  From within online applications such as Facebook there is the potential to download and install small programs that can destroy data or steal your personal information.

Within the last couple months attacks have escalated from Facebook to include email based attacks.  Hackers have now made use of the internal email system of the application to send seemingly legitimate emails to users.  If the email is opened private user information can be stolen and used to further distribute the malicious content.

While the attacks are a serious threat to private users the danger is even greater for people who browse from work.  Workers who browse Social Media websites could potentially give hackers a backdoor into otherwise secured business systems.  For this reason offices should take care to monitor access and employee usage of social content sharing services.

So far damage caused for Social media websites has been minor but as more hackers migrate to the platform it is not only likely but a certainty that greater threats will arise.  When used carefully social media website can be a great asset for any business but in order to be successful you must ensure you stay protected.  As always the rewards of new technology go to those who know how to best take advantage of what it has to offer.

- Richard Keene
IT Computer Support of New York
Design and Optimization Department

For the last couple months Microsoft has put forth a campaign to remind users that support for Windows XP SP2 will soon end. The official support end date for Windows XP Service Pack 2 will take place in the end of July 2010, roughly seven months from now. While this might seem like plenty of time it’s important to be prepared in the shift of support policy.

Microsoft reported on their official Blog that in addition to the closed support of XP, Windows 2000 Server and Client support will come to an end on July 13th 2010. Microsoft is hoping that most consumers will switch over to its new Windows 7 platform but at this time there are update alternatives. Even though support for Service Pack 2 will end, Microsoft will continue to address issues in SP3 until 2014. What this means is that one way or another, systems will now need to be patched and updated to receive official support. Additional information on potential upgrade and migration information is available on Microsoft’s Springboard Series Blog.

As of last October, it is estimated that Windows XP still operated 80% of the commercial PCs on the market which makes this a bold push from Microsoft. While Windows 7 has been highly received by many there is still much hesitation to upgrade after the debacle that was Windows Vista. The final verdict on Windows 7 is still out but as the final support days come to a close over the next year many will feel little alternative.

Whether you intend to upgrade to a new operating system or hold onto XP as long as possible now is the time to plan for the change. At the bare minimum, all of your systems should be upgraded to the newest service pack. The end of XP Support could be a headache but if you prepare for the change it doesn’t have to be.

- Richard Keene
IT Computer Support of New York
Design and Optimization Department

The Conficker computer worm planned for release on April 1st passed uneventfully. While many news sources predicted a huge disaster, which didn’t happen, the worm will still have repercussions for those infected. The fact that there was no major system crash or data loss means that many people will have their guard down. This false sense of security could potentially lead to further complications or even disaster down the road.

Altogether it has been reported that the Conficker Worm has propagated onto 1.1 million computers worldwide. So far the infection has been mostly benign in nature but it is expected that the greater purpose of the worm is data farming. What this means is that when a system operator types in credit card numbers, bank information or any other personal identifier the worm will log the information and send it back to the author. The worm remains a silent threat because if it doesn’t cause computer malfunction it means that it can remain in operation and continue to work.

While there are now numerous patches for the exploit many people still have not bothered to apply them. The worm in its current state poses a serious problem to personal information but there is still the possibility of further mutation. So long as a system remains un-patched the worm’s author has the ability to upload further changes. These changes could make it harder for current deletion techniques to work or even deliver a more volatile payload.

What makes the possibility of a mutated worm strain more dangerous is the amount of publicity the infection has already received. The worm’s author knows he is working with a limited timeframe before a complete fix is achieved. This fact alone might force him to release a more dangerous attack in the near future. Those computers already protected are unlikely to be affected but that still leaves over a million compromised PCs.

One of the easiest ways to tell if you have been infected is if you experience delayed internet connectivity or through a failure of the windows update service. If you experience either of these you should check for possible infection immediately or contact your IT staff. The Conficker worm may not have created a large scale disaster but the danger is still very real.

- Richard Keene
IT Computer Support of New York
Design and Optimization Department

The first version of the Conficker computer worm was released in late 2008 but experts expect that the infection will spread on April 1st. It is believed that the worm has already infected over 5 million machines. The infected computers act as a carrier for the worm, remaining dormant but capable of reactivation if the original author switches them on. According to the director of CA, a New York threat assessment company, Conflicker carriers will be reactivated on April 1st.

The Conflicker Worm causes many internal computer problems but does not attack data directly. Instead the Worm cancels the auto update functionality of windows and virus scanners and acts as a backdoor access point. Virus and Worm writers have largely moved away from purely destructive code. It is now much more common that Worms are used as backdoors into a system as a data miner or to infect a computer with advertisements. What makes the Conflicker Worm especially dangerous is that is has been created to evolve overtime and the author continues to make improvements to ensure that it survives against deletion.

The easiest way that you can check for possible infection is to check your Windows Auto Updater. If you run a Windows XP system open “My Computer”, click on “Control Panel” and then navigate to “Security Center”. Make sure that you have received Windows updates for the month of March. If you haven’t either contact you IT department and/or make sure that a virus scan is run on your computer as soon as possible.

Without knowing how the Worm will evolve it cannot be known exactly what will happen on April 1st. The best thing you can do is ensure that the Worm is not already on your system and patch your servers to prevent further infection.

- Richard Keene
IT Computer Support of New York
Design and Optimization Department

Yesterday Microsoft released the final build of Internet Explorer 8 for public download. Since part of my job is to ensure that our websites are compatible against all I decided to be the company guinea. Let’s see how IE8 stacks up against the other top browsers today.

After installing the new browser IE8 complied in true Microsoft fashion and crashed immediately. An auspicious start but I reopened the program and started the setup process. The first thing you will notice is that IE8 offers a number of new services.

Suggested Sites: This feature monitors your browsing history to recommend websites you might like. I would prefer to find websites on my own so I turned this off.

Accelerators: The Accelerators feature lets keywords in website connect to other services such as automated maps, translation tools, or even blog services.

SmartScreen Filter: SmartScreen Filter does just what you might expect. It blocks certain websites and online phishing scams to protect your system. This should be left on.

Compatibility Views: This one has had me interested for awhile. This feature is intended to make websites for older browsers look better in the new platform.

Once finished setting up I browsed to our website and was happy to see everything in its place. Moving onto the contact us page I decided to see if the Accelerators work as intended and selected our address. The result? Pretty impressive.

A new feature that many people will appreciate is Tab Groups. All modern web browsers use tabs but this feature makes searches more intuitive. If you open Google, or any Search Engine, you probably open more than one result. Internet Explorer places all these results into a single color coded tab. You can flip through them normally but when you finish you can close the entire tab at once.

The address bar sees an improvement directly from Firefox. The new address bar remembers previous results to assist you when you wish to return to a site. IE8 offers additional usability improvements and allows you to remove old addresses that you no longer want.

Finally let’s look at performance. Speed has always been an issue for Microsoft Browsers and IE8 doesn’t seem to break the mold. In test with popular individual websites and websites that contain multiple news articles IE8 came in dead last in load speed against all other browsers. In most cases this was a difference on only a few seconds but after the claims by Microsoft of a major improvement this is a definite letdown. During the early testing phases some high profile websites such as facebook.com, bbc.co.uk, and cnn.com were having difficulties with the new browser. In the final build these websites are displaying fine but some other high profile sites such as the NY Times and Dell Support have been less successful. Microsoft promises to improve performance as time goes on but until then you may experience some oddities with your favorite websites.

Overall and despite a few compatibility hitches IE8 is still a step in the right direction from ie7. For security reasons I would suggest waiting a couple weeks for any patches but if you still use Internet Explorer as your primary browser than I would say it’s a worthwhile upgrade. Just don’t expect it to surpass Firefox in performance.

- Richard Keene
IT Computer Support of New York
Design and Optimization Department

Video sharing sites like Youtube and Google Video have become second nature and trusted by all web 2.0 users. The last two weeks has broken this trust, however, as Google Video have been targeted by blackhat SEO campaign operators. The site has been put to use to spread malware using Google’s own search engine rank algorithms against themselves. Because this method of infiltration is a new development in malware distribution it is very import to understand what it is and how it happened.

The current exploit has targeted over 400,000 search queries. The hijacked videos direct site visitors to adult oriented websites which deliver malware through hidden downloads. The reason why the number of targets phrases is so high is because instead of targeting obvious keywords the scammers have piggybacked their content on legitimate videos. This is where the problem becomes severe; as with all content on video sharing websites the more visitors the higher the placement. The result is a self reinforcing problem; the more viewers, the more malware distributed, the higher the placement in Google.

Because it may not be possible to tell a legitimate video from malware infected clip it is important to understand how the malware gets onto your computer. When the video is clicked the user is redirected to a secondary domain. This website closely resembles Youtube in design so it is important to pay attention to the URL. From here the user is given a popup message that states, “Your Flash Version is too old. Your browser cannot play this file. Click “OK” to download and install update for Flash Video Player”. If the user accepts the malware (AutoTDSS.BNA!worm) is downloaded and must be removed manually.

At the time of writing this Google is aware of the problem and looks to create a solution but the exact timeframe is not known. The thing to keep in mind is that because content on video sharing websites is supplied by normal users there is no guarantee that content will be secure. Google and Youtube have always provided good moderation to their websites but it’s inevitable that things slip through the cracks. The best defense is to be aware of abnormal behavior when you visit such websites. If you do run into suspicious activity contact the site administrator as soon as possible.

- Richard Keene
IT Computer Support of New York
Design and Optimization Department

In the last two weeks there have been outbreaks of two Mac Trojans. That might seem fairly common place in the Windows world but Mac has a long history of being relatively immune to virus threats. This actually brings up an interesting issue as well. Apple has been trying to position themselves as a direct competitor to Microsoft for years and the tools they have marketed themselves on are ease of use and security. Now that they finally built a strong niche it looks like their increased user base could damage one of their largest selling points.

This is of course speculative giving the nature of the Trojans distribution. The two most recent attacks have been spread primarily through file sharing networks such as Limewire and Torrents. Neither of which should be used without extreme care given vulnerability as well as legality issues. Despite this, if one group of distributers found it worthwhile to propagate malware it is very likely that they will again in the future. As with all escalation the attacks will become more sophisticated and attempt to target a larger user base.

Does this mean the end of the worry free days of Mac users? Possibly; but it’s unlikely to happen at the scale that plagues PC users. Apple has positioned itself for the casual audience. Design firms aside, Macs are very rarely used as a corporate platform. Ultimately, this brings into question the return on investment for virus and malware distributers. Most Trojans target big business for the amount of information that can be attained and for the amount of damage that can be done. Neither of which has much value from targeting home users and their iTunes libraries.

Regardless, there has been threats and whether they continue or not there is no better time to learn from your PC counterparts. Back up your data and keep a watchful eye.

- Richard Keene
IT Computer Support of New York
Design and Optimization Department

Earlier this week Microsoft released a number of critical patches for vulnerabilities contained in Microsoft applications. Microsoft releases Tuesday updates regularly but with 28 vulnerabilities, 23 of which are listed as critical, this is the largest Patch Tuesday release in five years. The number of vulnerabilities, while alarming, should be taken as a warning more than a threat and proves the importance of keeping up to date on system patching.

The largest of the Microsoft Security Bulletin updates in this batch is MS08-072. MS08-072 resolves eight privately reported vulnerabilities in Microsoft Office Word and Microsoft Office Outlook. Reported by Microsoft, the vulnerability “could allow remote code execution if a user opens a specially crafted Word or Rich Text Format (RTF) file. An attacker who successfully exploited these vulnerabilities could take complete control of an affected system. An attacker could then install programs; view, change, or delete data”. Microsoft states that the applications most at risk are Microsoft Office 2000 (SP3) and 2007 Microsoft Office (SP1).

Among the vulnerabilities MS08-073 also proves to be vital to general business operation. MS08-073 addresses four flaws in Internet Explorer that places a user in danger simply by browsing a hijacked webpage. The vulnerabilities could allow remote code execution if a user views a specially crafted Web page using Internet Explorer. This vulnerability specifically targets IE7 but IE6 is also at risk.

Because of the large number critical updates is it crucial that your business address the issues and applies the patches as soon as possible. For a complete Patch Tuesday Security Bulletin summary, view the official listing here.

- Richard Keene
IT Computer Support of New York
Design and Optimization Department

Using major holidays as a means to infect consumer computers is nothing new but in recent years the practice has become more elaborate and invasive. With greater access to content creating applications such as Flash and Photoshop the malware created by cybercriminals often rivals legitimate content in visual quality. The first batch of this year’s holiday malware has already been unleashed, and with it, nine possible exploits for your systems.

This latest batch of malware targets major vulnerabilities in IE6, Firefox Embed, Adobe Reader 8.1.2, Microsoft Excel, and some versions of Adobe Flash Player. Ironically most of the vulnerabilities listed above have already been patched by their respective manufacturers. Despite this, early reports of infection rates indicate that the majority of computers users still are not updating their systems. The worst of the vulnerabilities is contained within Internet Explorer 6. With IE7 having been released two years ago and IE8 set for release next year there is really no reason to be using such an outdated web browser.

Beyond updating or patching your computer software the best defense is common sense. Most Cybercriminals use endearing or provocative material to encourage browser interactions. The best way to avoid complications is to not click on content contained on website of unknown ownership. The majority of malware applications are spread through email without the senders ever knowing there is a problem. Avoid becoming part of chain emails, don’t open attachments, and avoid following links in emails from people you do not know. Employers should especially discourage these practices from an office setting as viruses are often equipped to spread over Local Area Networks. A single system compromise could damage a whole office network. In short, make sure all of your computer assets are patched and browse intelligently this holiday season to ensure that you have a better New Year than the Cybercriminals.

- Richard Keene
IT Computer Support of New York
Design and Optimization Department