Tech – for Everyone

Tech Tips and Tricks & Advice – written in plain English.

Some not so friendly advice*

This story opens gently enough. It begins with a friendly and helpful Comment posted on a friendly and helpful blog.

Someone had written to share “the results of their work”, which he said “solved his security problems.” He was talking about viruses and spyware, and other malware, and he said his method “covers 99.8%! of all known threats.”
He posted his advice/Comment on an article about How To prevent the dangers posed by spyware (and also warns about “rogue” anti-spyware programs). He signed himself “Spycrasher”.

So far, this all sounds pretty good, doesn’t it? 99.8% effective certainly sounds good.

As you have probably deduced, Dear Reader, the “friendly and helpful blog” in question was this one. Tech–for Everyone, like most blogs, provides readers the opportunity to respond, ask a question, or just “put in their two cents”, simply by clicking on “Comments” at the bottom of the article. And also like most blogs, I have the ability to “moderate” which comments get posted and which don’t– for instance, Comments containing offensive language will not be published.
Spycrasher’s 99.8%- effective security solution will NOT be seen here.

But.. maybe you’re a little curious as to what it was. And.. maybe, why I deleted it. (Take another peek at today’s title..) “Spycrasher’s” comment said to use three particular anti-spyware programs– in tandem– and he provided download links. (This, alone, triggers red flags.) He mentioned two tools I was not familiar with, and one rather well-known program.

* Hyperlinks are always suspicious (and blocked as a matter of policy), and the first thing I checked was, did the links point to legitimate websites..? Or would clicking on them take you to a poisoned webpage (which could infect your machine) or a pharming site.
No problem there. The links he provided did indeed point to real websites.

* The next thing was to check out the unknown programs themselves. No self-respecting and legitimate tech writer will advocate something they have not used, and tested, themselves. Period.
In my initial research of the first program (XoftSpy-SE), I found a wide range of reviews and comments.. from “this is rogue” to “this is the best thing since sliced bread”, and I learned that the program was “for pay”.
I don’t promote “for pay” software here (but do provide a daily free download), nor, even potentially rogue app’s; and so I stopped right there. I would not allow Spycrasher’s Comment.

* Being the gentleman that I am, I decided to write Spycrasher and thank him for his submission, and explain why I had moderated it. But before I did, I wanted to get a feel for where he was coming from.. so I ran a Whois on his IP…
ARIN

Now, I gotta tell you.. it is very rare for ARIN to come back with a “no match found”. Very, very strange.

So I traced him.
tracert
New York >London >Amsterdam >Berlin >Warsaw…
And then he disappears into a virtual private network somewhere in the Ukraine.
Odd.

* So I used a search engine to find instances of the word “Spycrasher”… and he came up a lot. Spycrasher likes to post in various forums. Quite a few of them, actually. Like, practically all of them.
And he posts a lot of Comments there.
* Guess what? They are all identical to the the one he posted (I should say “pasted”) on mine.. right down to the ‘wink’ smiley ;-).

Very.. odd.

Tip of the day: Be very leery of hyperlinks, folks.. and please understand: not every innocent looking thing you see on the Internet is in fact “friendly and helpful”. There are people whose full-time job it is to try to trick you, and seduce you into doing something you normally wouldn’t.
I am very sad to say.

[note to bloggers/forum moderators/webmasters: you may want to search your published pages for instances of “Spycrasher”, and delete this guy.]

Today’s free link: I am going to repost a program here today, because I have it on every single one of my (Windows) machines, and I think you should too. ThreatFire (originally named “CyberHawk”) is a free, behavior-based anti-malware application. I use it as a supplement to my antivirus and other anti-spyware tools. Heuristic tools like ThreatFire are your only defense against “zero day” exploits.

Copyright 2007-8 © Tech Paul. All rights reserved*.jaanix post to jaanix

Share this post :

July 2, 2008 Posted by | advice, computers, tech | , , , , , , , , , , , | 2 Comments

Every good story needs a villain

This story opens gently enough. It begins with a friendly and helpful Comment posted on a friendly and helpful blog.

Someone had written to share “the results of their work”, which he said “solved his security problems.” He was talking about viruses and spyware, and other malware, and he said his method “covers 99.8%! of all known threats.”
He posted his advice/Comment on an article about How To prevent the dangers posed by spyware (and also warns about “rogue” anti-spyware programs). He signed himself “Spycrasher”.

So far, this all sounds pretty good, doesn’t it? 99.8% effective certainly sounds good.

As you have probably deduced, Dear Reader, the “friendly and helpful blog” in question was this one. Tech–for Everyone, like most blogs, provides readers the opportunity to respond, ask a question, or just “put in their two cents”, simply by clicking on “Comments” at the bottom of the article. And also like most blogs, I have the ability to “moderate” which comments get posted and which don’t– for instance, Comments containing offensive language will not be published.
Spycrasher’s 99.8%- effective security solution will NOT be seen here.

But.. maybe you’re a little curious as to what it was. And.. maybe, why I deleted it. (Take another peek at today’s title..) “Spycrasher’s” comment said to use three particular anti-spyware programs– in tandem– and he provided download links. (This, alone, triggers red flags.) He mentioned two tools I was not familiar with, and one rather well-known program.

* Hyperlinks are always suspicious (and blocked as a matter of policy), and the first thing I checked was, did the links point to legitimate websites..? Or would clicking on them take you to a poisoned webpage (which could infect your machine) or a pharming site.
No problem there. The links he provided did indeed point to real websites.

* The next thing was to check out the unknown programs themselves. No self-respecting and legitimate tech writer will advocate something they have not used, and tested, themselves. Period.
In my initial research of the first program (XoftSpy-SE), I found a wide range of reviews and comments.. from “this is rogue” to “this is the best thing since sliced bread”, and I learned that the program was “for pay”.
I don’t promote “for pay” software here (but do provide a daily free download), nor, even potentially rogue app’s; and so I stopped right there. I would not allow Spycrasher’s Comment.

* Being the gentleman that I am, I decided to write Spycrasher and thank him for his submission, and explain why I had moderated it. But before I did, I wanted to get a feel for where he was coming from.. so I ran a Whois on his IP…
ARIN

Now, I gotta tell you.. it is very rare for ARIN to come back with a “no match found”. Very, very strange.

So I traced him.
tracert
New York >London >Amsterdam >Berlin >Warsaw…
And then he disappears into a virtual private network somewhere in the Ukraine.
Odd.

* So I used a search engine to find instances of the word “Spycrasher”… and he came up a lot. Spycrasher likes to post in various forums. Quite a few of them, actually. Like, practically all of them.
And he posts a lot of Comments there.
* Guess what? They are all identical to the the one he posted (I should say “pasted”) on mine.. right down to the ‘wink’ smiley ;-).

Very.. odd.

Tip of the day: Be very leery of hyperlinks, folks.. and please understand: not every innocent looking thing you see on the Internet is in fact “friendly and helpful”. There are people whose full-time job it is to try to trick you, and seduce you into doing something you normally wouldn’t.
I am very sad to say.

[note to bloggers/forum moderators/webmasters: you may want to search your published pages for instances of “Spycrasher”, and delete this guy.]

Today’s free link: I am going to repost a program here today, because I have it on every single one of my (Windows) machines, and I think you should too. ThreatFire (originally named “CyberHawk”) is a free, behavior-based anti-malware application. I use it as a supplement to my antivirus and other anti-spyware tools. Heuristic tools like ThreatFire are your only defense against “zero day” exploits.

Copyright 2007-8 © Tech Paul. All rights reserved*.jaanix post to jaanix

Share this post :

 

April 20, 2008 Posted by | advice, anti-spyware, blogging, computers, Internet scam, PC, Phishing, phraud, security, spam and junk mail, tech, Uncategorized, Windows | , , , , , , , , , , , , | 2 Comments

Your computer is spamming me*

“Spam” did not always mean “unsolicited (junk) e-mail”. Spam is, in reality, a processed and canned meat.. for, like.. when you go camping in the woods.. or something.
cannaspam.jpgI cannot recall ever having eaten SPAM — though I’m fairly certain I have — and so I cannot say whether this item is a tasty treat, or whether it deserved its (in my recall, anyway) reputation as being.. not so good. I think it’s supposed to be similar to ham.

I do recall watching a lot of the British comedy group Monty Python’s Flying Circus on television. One of their more well-known and popular skits was about SPAM.. and vikings.
The song seemed to catch on.

One of the character’s lines is “I don’t like spam!”
And, we don’t like unsolicited (junk) e-mail!
Hence the birth of an expression/joke that’s turned into an actual dictionary definition of common, accepted, everyday usage.

(from Merriam-Webster’s Online Dictionary)
Main Entry: 1spam Listen to the pronunciation of 1spam
Pronunciation: \ˈspam\
Function: noun
Etymology: from a skit on the British television series Monty Python’s Flying Circus in which chanting of the word Spam overrides the other dialogue
Date: 1994
: unsolicited usually commercial e-mail sent to a large number of addresses

Yes. I don’t like spam!
Not terrribly surprisingly, the spammers are at it again, using their botnets (our infected computers) to send e-mails offering discount drugs.. out of Russia. At the end of January, I wrote about the “Spam blocked” counter on the side column of this site (which shows you how many such solicitations are being posted as Comments) and, the psychology of these spammers… There’s been an extraordinary barrage of spam comments here at Tech–for Everyone these last several days (automated spambots in action).
Will spam ever go away? Not until not one human being EVER clicks the link. (Please stop clicking links in e-mails!)
Humph.

Until spamming doesn’t work and the spammers move on to some other technique to try to rip you off, you can learn how to manage the amount of junk e-mail you receive by reading (or reviewing) these two articles.
https://techpaul.wordpress.com/2007/08/25/managing-your-email-eliminating-the-junk/
https://techpaul.wordpress.com/2007/08/27/managing-junk-mail-in-outlookthunderbird/

To read my article on botnets — and how your computer might be a bot (and what to do about it), click here.

The sun is out, and I got things to do.. so, until next time, “spam spam spam, spam spam spam spam..”

*Original post date: March 15th

Copyright 2007-8 © Tech Paul. All rights reserved.jaanix post to jaanix 

Share this post :

April 19, 2008 Posted by | advice, anti-spyware, antivirus, computers, e-mail, how to, PC, security, tech | , , , , , , , , , , , , | 2 Comments