For more Leo and friends all week long, listen to the TWiT Netcast Network

Saturday, August 20, 2005

Show #171

 toc | toc 

Today’s news items

The Zotob worm plagues CNN, ABC, and the New York Times. One third of businesses say it’s Microsoft’s fault.

A listener writes: Leo, re the “worm” : our societal mindset seems skewed these days: when a robber breaks into and steals from a bank, we blame the bank for not having enough security. When someone kills another, we blame the gun manufacturer (funny we don’t blame the knife manufacturer, or the poison manufacturer, or…). When our computers get hacked, we blame the software manufacturer. But - shouldn’t we blame (and pursue and punish) the attackers, the thieves and the murderers - and the hackers? It’s very difficult, if not impossible, to anticipate all the devious and perverted approaches “bad” guys are going to use. (And No, I don’t work for or have any particular love for Microsoft :-)).

No one is blaming Microsoft - But using your example of a Bank: If one bank has several holes in wall and safe and another bank has no holes or very little. Which bank will you put your money in?

Another listner responds:
I don’t believe that your analogy is correct. A more reasonable analogy would be if I bought an automobile from a manufacturer. The manufacturer, or another entity identifies a defect in the automobile. The manufacturer identifies a fix then announces a recall. If I ignore the recall then I am at fault. If the manufacturer either (a) fails to identify the defect, (b) fails to correct the defect, or © fails to correct the defect in a timely manner after the defect has been identified then the manufacturer is a fault. This is what we expect as part of product liability from everything EXCEPT for most commercially available software products. If we applied the same rules to software that we apply to everything else then (a) computers and software would become more expensive, and (b) software manufacturers would become much more rigorous in their software testing before they release their products on an unsuspecting public. Is Microsoft responsible for releasing buggy software (YES). Is the computer user responsible for not patching said buggy software after Microsoft has released a fix (YES). The consumer needs to be aware of what they are buying and the reputation of the company that they are buying their software from. As far as changing buying habits are concerned that is really not an option when a single manufacturer controls most of the market share and does not publish/ adhere to standards that promote interoperablity.

Lil Buddy Would like to set Leo Straight -
Leo, you and other Apple Kool Aid Drinkers in the media like to continuously perpetuate this FANTASY of Mac OS X being “perfectly safe”. NOTHING could be farther from the Truth! Not withstanding that Apple itself is dangerous to it own users with their continual barage of Buggy OS X updates and lethal “Security Releases”
Mac OS X has safety issues in MANY ways.

Acill writes:
Its safe, no sooner then that link you posted about 64 it apps being broke by an update they fixed it. All they did was forget to check the enable 64 bit app support. You dont see OS X virus or spyware attacks on our machines, the myth of to few users is bogus too, people would still do it if it was a simple task.

First, it is VULNERABLE, as a White Paper that Symantec released earlier this year indicated. The US Government has a list of over 859 records of Vulnerabilities that are as recent as this week. (http://nvd.nist.gov/nvd.cfm?startrow=1). Mac OS X is vulnerable also to “Keylogging” Viruses and Trojans that hackers can capture your account and password info; MANY have and DO exist currently.

I also did a review of that showed about 11 different spyware programs that are enabled under Mac OS X. Most were keyboard loggers, etc.

Second, You may have the attitude that Mac’ers shouldn’t be concerned with the “Windoze users”, but you and others that operate Macs without AntiVirus applications are the bain of the Windows world (98% market share) because Macs CAN and DO distribute Windows Virii, Trojans and Worms designed to be carried by Macs and transmitted to Windows PCs. Who cares? Maybe it’s your best frineds, sisters, aunts, fathers, moms, teachers or your companies network computers!! Think that’s funny to Windows PC users?

Perhaps you should read this - Macs More Vulnerable, Spyware A Danger March 29, 2005

It’s fine to be a shill for Apple, but it’s better to be informed of the REALITY about the Vulnerabilities of Mac OS X and how dangerous OS X is to the PC World. The “OS X is Safe” Fantasy stops here. And you thought you only had to worry about your next Buggy Apple Update.

listener response: I went to the links you refer to, read the article and still come to the conclusion that OS X is still a safer system. sorry my Microsoft friend.

John: I agree with listener. There are no live viruses to date for OSX. There are no
spyware that have been able to get inside OSX. I can browse the web for years without protection and not get spyware or even one virus. A Microsoft machine gets infected in less then 20 minutes if not protected. There are just too many examples on the Windows side that prove it is not safe. There are no examples that prove OSX has any security issues that have been actually compromised to date. It’s been 4 plus years and still not one proven infection. The reason is that whomever creates a virus will need to get admin rights password before you can even try to get into OSX.

Tony adds:
First off, I like Kool Aid.
Leo has never said that OSX is perfectly secure. I use Windows most of the time, and I also run OSX a lot. I support a large install base of windows, and I can simply say OSX is much harder to create problems for users. I would also say that like Leo, I simply use the right tool for the right job. Sometimes I use my Mac, the rest of the time, I use my Windows’ box. Is there nothing better to do in Redmond Mr. Gates?…..lol.

11a-Noon

Glen in Glendale - getting virus alert

Get a second opinion from these online antivirus scanners:

• F-Secure
• Trend Micro’s Housecall
• Panda’s ActiveScan

Housecall Online Virus Scanner that Supports Firefox

Housecall for Firefox

-Andy-

Jim2 says it doesn’t appear that the above Housecall link for FireFox works from Canada.

Jeff in Santa Ana adds - Maybe something in this Housecall list is accessible.

Gary in Yorba Linda - online poker works, but not browser

Sounds like either port 80 is being blocked (the web port) or you’ve lost DNS. In either case the poker game might work because it connects directly over a different port. Try the ping command to test this:

1. Click Start→Run and enter “cmd” and hit return
2. Now type ping yahoo.com and hit return
3. If you get a response back you have a port 80 problem
4. Otherwise type ping 66.94.234.13 (that’s Yahoo.com) - if you get a response back you have a DNS problem

Listener_RV adds:

Chat room member ChrisS1563 also adds:

Mick the Wick in Senecaville, OH - cable download caps

He has Cablevision and they have been slowing down his connection for downloading too much. Check your license agreement with them. They have to tell you they’re going to do that.

Legally that’s the most desirable situation however they get away with it by advertising and contracting cable web service with an “up to” bandwidth speed. It is common for cable companies to tell subscribers who experience lagging speeds that the cause is normally because of intense useage in their neighborhood. With intense interrogation beyond the cable companies limited expertise I’ve found that Cebridge Cable (previously Cablevision) has arranged to have technicians limit bandwidth to 28kb for 2.5 hours if bandwidth download exceeds 30mb in any 10 minute period. That’s only 50kps. And again they say “We only advertise maximum speeds; we don’t guarantee high minimums”. They configure individual modems when they are logged on. Reconfiguring the modem will circumvent capping but I’m not all too sure that “hack” is totally legal!

Noon-1p

Dan in Seattle - Learning Linux

He’s a compsci major who needs to learn Linux. Here are some of my favorite Linux guides for newbies:

Linux for Non-Geeks
How Linux Works
Moving to Linux: Kiss the Blue Screen of Death Goodbye!

and for reference I like O’Reilly’s books including Linux in a Nutshell.

Jeff in Santa Ana adds -
The classic tome on Linux is “Running Linux” by Matt Welsh, now in its 4th edition (O’Reilly).

Dan says -
Thanks for all the help. I appreciate it.

Jerry in Riverside - How BitTorrent works and To Mac or not to Mac

Listener_WED Wikipedia has a nice write up and demo of how BT works.

Depends on whether you have a late model Mac. If not, go ahead and buy. If so, wait. The new Intel Macs promise to be much faster.

Sasha in Buena Park - is borrowing wi-fi illegal?

Technically yes, but it’s highly unlikely you’ll get prosecuted unless you’re doing something else illegal with it. However, it’s unethical to borrow someone’s Internet access without telling them. I suggest you figure out who it is, go over and introduce yourself, explain the security risk they’re running and offer to configure their wireless for security (turn on WPA) in return for the right to use it from time to time.

1–2p

Security Tip: Turn off third-party referrer cookies.

It’s a big problem in Internet Explorer, but all browsers default to leaving these on. There is no good reason to have this on - it’s only to benefit advertising sites in following you around the net.

1. In IE 6: Select Tools→Internet Options. Click the Privacy Tab and press the Advanced button. Check “Override automatic cookie handling” and block third party cookies.
2. In Firefox 1.0.4: Select Tools→Options. In the Privacy section, click the plus button next to Cookies and check both the “Allow sites to set cookies” and “for the originating web site only” check boxes.
3. In Safari for Tiger: you’re already protected - In Tiger Safari turns third-party cookies off by default. Older versions of Safari: open Preferences under the Safari menu, click the Security button, then select Accept Cookies only from sites you nagivate to.
4. In Opera 8: Select Tools→Preferences, click the Advanced tab, click Cookies, under Third Party cookies select “Refuse all cookies”
5. One more: In the Mozilla Seamonkey suite: Edit; Preferences; Privacy & Security; Cookies; Allow cookies for the originating web site only.

Michael adds When making the Cookies change in Opera 8.2, I can no longer access Hotmail, Yahoo Mail or Netscape Mail. Exite and Opera Mail are not affected. Maybe this is just a Canadian problem (??) since I access US email services. All Mail accounts are accessible from IE, Mozilla and Firefox with the modified Cookies settings.

herr_theoretiker also says: Unfortunately, disabling third-party cookies can break some types of functionality on the Web. For instance, the tracker/counter on my blog (I use StatCounter) can set a third-party cookie on my browser so that my visits to my own page will not be recorded. Setting Firefox to set cookies “for the originating website only” will not allow this cross-site cookie to work, and when I test pages on my blog every reload shows up in my site logs.

How I get around this (which is a solution I like much better than refusing third-party cookies, anyway) is by using the CookieCuller Firefox extension. Rather than just blocking all third-party cookies, this extension allows me to whitelist certain cookies, and remove all unallowed cookies every time I start the browser. This way it will save cookies for gmail, Bloglines, Blogger, and other most-used sites, while throwing away all cookies that are set by sites I visit infrequently (including intrusive advertiser cookies).

For more tips like these, subscribe to Steve Gibson’s new Security Now! podcast. Listen online at his web site or subscribe on iTunes or paste http://feeds.feedburner.com/securitynow into iPodderX or your favorite podcast client.

David in Washington DC - how do I authorize software if I’m at sea?

David is a ocean researcher. He was using Adobe Photoshop and Premiere and got an authentication request. How can he use this software if he can’t get online or make a phone call at sea? What if it stops working? This is precisely my problem with copy protection: the only people it stops are honest users. Crooks crack the software out of the box. They don’t have these problems. I guess the only answer is to become a crook: crack the software before you go to sea to remove the authorization requirement. Details on how to do so are easily found on the net.

djRob adds Here is a link to crack search engine, but you must be cautious because most cracks contain spyware or viruses, and those crack websites are dangerous, so turn off everything in Internet Explorer (BTW IE is a good browser for dangerous websites, because you can force IE to only accept pure html - no java script, ActiveX etc.) - in IE 6 select Tools→Internet Options, click the Security tab, set Security level… to High, click Custom Level and turn off everything.

Paul in West LA - network KVM

He has a computer in the closet and he wants to control it from his desk. You need a network KVM - a keyboard, video, mouse switcher that works over ethernet. Belkin, iogear, and Tripplite all make these.

Chat room member Ronbo suggests:
Try any of the open source (and free) VNC apps out there (download_dot_com or sourceforge_dot_net are good places to find them). Set your “closet PC” as a server and you can connect to it using the client/viewer app from any computer on your LAN (Mac/Win/Linux). Can be password protected, etc.

Tom in Culver City - can a worm infect my home network if it’s on one of the systems?

You bet. That’s what happened with the Zotob virus at CNN. An executive who got infected at home brought in his laptop with the worm and it spread throughout CNN, even though they had effective firewalls separating their internal network from the outside world. It’s easy enough to protect yourself, however. Just turn on the Windows firewall and that kind of worm is completely blocked.

Jerry - How do I join a wi-fi network if SSID broadcasting is turned off?

If you know the SSID you can enter it manually. In the Windows wi-fi client click “Change Advanced Settings” click the Wireless Networks tab, then press the Add… button to add a network by name (you’ll only have to do this once).

But I don’t recommend using SSID hiding to protect your network. Even if this is turned on, your ID is broadcast in EVERY packet you send out, so a hacker can still easily find you. Better to turn on WPA protection. This will encrypt all your traffic and prevent a hacker who doesn’t have your password from connecting. Don’t believe me? Read this white paper in PDF format from ICSA Labs.

To quote its author, security researcher Robert Moskowitz:

 Contrary to a common belief that the SSID is a WLAN security feature and
its exposure a security risk, the SSID is nothing more than a
wireless-space group label.  It cannot be successfully hidden.  Attempts
to hide it will not only fail, but will negatively impact WLAN
performance, and may result in additional exposure of the SSID to
passive scanning.  The performance impact of this misguided effort will
be felt in multiple WLAN scenarios, including simple operations like
joining a WLAN, and in significantly longer roaming times.

Trying to hide the SSID does not strengthen security in WLANs.  The
scarce resources of today’s WLAN administrator are better spent tuning
WLAN performance and operations with full SSID usage, and enhancing WLAN
security by deploying modern security technology, such as link-layer
encryption, and IEEE 802.1X authentication. 

There is some debate over this, however, as this thread on the Broadband Reports forum demonstrates.

Chat Logs and Show Audio