Pensacola Computer Help Technoblog

I was ‘lucky’? enough to get an iPad the other day for reviewing. As a number of people I do work for have gotten one, or are thinking about getting one, I was certainly interested to put it through it’s paces. Apple has a lot riding on the iPad, and from a marketing standpoint, they have done an amazing job at building the hype, and keeping it going, unfortunately the actual implementation isn’t quite as polished as Apple’s advertising machine. Don’t get me wrong, there certainly are some things to like about the iPad, so I will cover those first.

What I liked:

What I don’t like:

The verdict:
While the iPad does have some nice features, and it certainly will spur the innovation in the market, in my opinion, it is definitely not worth the hefty price tag. It is really just a cool toy (although I do love to have cool toys!). It is definitely not ready for the enterprise or any kind of serious business useage, and while I have heard talk of businesses rushing out to adopt it into their business plans, I think they will find they are spending more time trying to use it that they were using their ‘clunky’ workstations or laptops. For an oversized iPod, it does have nice video display, but my recommendation is that unless you like wasting money, or have money to waste, wait a while to see what comes out in the next 6 months or so as there are certainly some very cool devices being developed that won’t have the shortcomings of the iPad.

According to a new report released by the Mcafee Security Labs, social networking sites like Facebook can expect more attention from cybercriminal in 2010. The director of security research at Mcafee, David Marcus, expects “an explosion of Facebook and other services targeted by cybercriminals.”  Marcus expects an increase in rogue Facebook applications in addition to malware like Koobface that spreads among Facebook users’ friends lists.

Marcus explains “When you click yes to ‘do you want to allow this application to access your Facebook account,’ you’re giving that application access to all the data in your Facebook account.” With so many people using Facebook now, this is a prime way for scammers and spammers to not only harvest user data, but to have a direct line into people’s computers to install rogue applications.

Because Facebook allows these ‘third-party’ applications to be installed within the Facebook framework, this leaves a huge vulnerability hole open for malicious exploits. In today’s world, all it takes is one rogue application making through to your computer for the floodgates to open – and a word to the wise – even if you don’t run a PC and think your ’secure’ Mac computer will protect you, think again – Macs are just as vulnerable to infections, and perhaps even more so considering the lack of good security software installed on most Apple systems. In addition, rogue applications that work on the browser level to infect and steal your Facebook account data don’t care what OS or security software you are using – they grab the data right out of your account on the web level.

So what should you do? Well the best thing to do is to not use Facebook, however for some, that just isn’t an option. For those who just can’t live without it, you should take sensible precautions: only install apps from within Facebook by clicking browse more applications in the Facebook application installer (this will allow only ‘approved’ applications to be installed – not a total guarantee, but definitely safer). Also, never ever lend your credentials to friends or family members, and never click on links directly – instead copy and paste them into your address bar so you can ensure where you are going first (if you don’t know the website, don’t go there!).

To read the full report by Mcafee, go here: http://www.mcafee.com/us/local_content/white_papers/7985rpt_labs_threat_predict_1209_v2.pdf

For the audio interview podcast of David Marcus for CNET: http://radiolarry.com/cnetaudio/mcafeereport2010.mp3

Win Antivirus 2009, it’s not an antivirus program, rather it is a particularly nasty piece of malware that will infect your machine, tell you that your machine is infected (all the stuff it says you are infected with is bogus), and will try to get you to purchase something that will ‘clean’ your system, when in fact it will just infect it further. What is particularly nasty about this program is that it often bundles even more garbage on your system and the resultant infection can be almost impossible to remove. Besides hitting you with constant popups telling you that your system is infected, it will slow your internet browsing to a crawl, redirect your web searches, and it, or one of the other bits of crap it installs, can disable your antivirus, block you from downloading products that can actually detect and remove some parts of it, disable your system restore points, replace critical system files, install other nasties like keyloggers which can steal your passwords, infect your email program and send off copies of other malware to your contacts, and generally just make your system unusable.

While I have read of many different methods to remove this infection, due to the nature of it, the only guaranteed way to ensure a clean system after a nasty infection like this is to wipe the drive and reinstall Windows. This is often the cheapest (in terms of time) and pretty much the only sure fire way to make sure your system is clean.

So how do these infections spread? There are a few ways that such nasty malware is spread across the internet, some of the more popular ways are through email attachments (never open attachements unless you know specifically that someone was sending you something, as even if the email comes from a friend, they themselves may be infected, and it is the virus that sent the email and not them), another way is through false ‘updates’, like if you go to a website that says something like “in order to view this content you need to update your flash player, or quicktime, or you need some kind of codec” – when you get something like this, NEVER install from that site. If you actually do need an update to flash, go to adobe.com, for quicktime, go to apple.com, for other codecs, go to the manufacturer. Once you have the latest update, or if you already do, and you still get those kind of popups, then you can be pretty much assured that it is a scam. These kind of things can also come from some spoofed Ecard sites, ie: you get an email from a known friend or associate that has a link to view an ecard they sent you, and when you go to the site, it says something like “click here to install the ecard viewer” – this is most commonly another way to install garbage on your computer.

Most importantly, make sure you are running current antivirus and antispyware programs. If you are unsure of something, don’t click on it. If you do get infected, as soon as you experience symptoms, try to do a system restore to a point before you got infected (sometimes you can’t as the system restore points are removed by the virus). In cases where you can’t get rid of it, take it to a professional, or if you are comfortable doing it yourself, back up all your important files, and reinstall Windows (a fresh install of Windows can be a good thing in terms of bringing back the speed to your system). Just make sure to update Windows with all the patches and service packs before venturing back out onto the internet!

Recently I have had a lot of people come to me with Virus and Spyware infected computers, and many people have asked me why has this happened to them, and if it is even safe anymore to go on the internet. My answer is of course not easy – it is yes, and no. Yes the internet can be safe if you take reasonable precautions. Never open email attachments (even from people you know) unless you specifically know that someone was sending you something. Many viruses will infect a computer, harvest email addresses from address books on it, and unknowingly to the computer owner, send copies of itself to all that persons contacts. Always run a current Antivirus and Anti-spyware product (usually a combination of anti-spyware products is best, though never run more than one Antivirus).  Make sure that Windows is up to date with the latest security patches (these generally are released on Tuesday’s, although Microsoft will sometimes release them on other days if it is a serious threat that they address. Never, ever, click on links in an email as they are often what are called misleading links – although the link may say something like https://yourbank.com, the actual link may be something like https://yourbank.com.imahackerinchina.cn (you can tell the actual link by right clicking on it, choosing copy link, then pasting it in a text document). These malicious links can be anything from a spoofing site (designed to get your passwords), to a site with malicious code that will try to hijack your web browser, or download a virus or spyware.

You should also run some kind of firewall on your computer to keep hackers out – the best solution is to use a hardware router with a built in firewall along with some kind of software firewall. The router solution is often the best first line of defense as a hacker will generally only see the router and not any of your computers behind it. Also, beware of file sharing sites such as limewire, and torrents. Many of the files shared on these networks, in addition to being illegal copies, are full of viruses and spyware.

Most infections on computers get there because at some point, the computer user clicked a button allowing something to be installed. All the security in the world cannot do much if a user allows something to be installed in the first place. While most good Antivirus and Antispyware products will catch malicious programs when they are downloaded and installed, when a new Virus or Spyware program is first released on the internet, it often takes a while before the Antivirus/Antispyware software will have updated definitions to find it. If you happen to allow it to be installed, by the time the security software on your computer finds it, it may well be to late as many of these malicious programs can pretty much wipe out a Windows installation (and for you Mac users out there – Macs are no more secure than Windows in any way, as a matter of fact they are more vulnerable in many ways – it’s just that there aren’t many viruses that are written to attack them - yet).

In the end, your best defense is common sense and using good security practices. The other important thing, and this is probably the MOST IMPORTANT: always, always keep current backups of your important files. If by chance your computer does get a bad infection, often a Windows Reinstall is the best, cheapeast, and easiest way to safely remove it, however if you don’t have backups, this can cause additional problems as well as costs.