Tech – for Everyone

Tech Tips and Tricks & Advice – written in plain English.

A Vast Criminal Enterprise Aimed At You

– Five Defensive Strategies

“Today’s Internet attacks are organized and designed to steal information and resources¹ from consumers and corporations. The web is now the primary route by which cybercriminals infect computers. Cybercriminals are planting malicious code on innocent websites. This code then simply lies in wait and silently infects visiting computers.

The scale of this global criminal operation has reached such proportions that Sophos discovers one new infected webpage every 4.5 seconds – 24 hours a day, 365 days a year. In addition, SophosLabs, our global network of threat analysis centers, is sent some 20,000 new samples of suspect code² every single day.

2008 at a glance

  • Biggest malware threats – SQL injection attacks against (legitimate) websites and the rise of scareware (aka “rogue” anti-malware programs)
  • New web infections – one new infected webpage discovered by Sophos every 4.5 seconds (24/7 x 365)
  • Malicious email attachments – five times more at the end of 2008 than at the beginning
  • Spam-related webpages – one new webpage discovered by Sophos every 15 seconds
  • New scareware websites – five identified every day
  • Top malware-hosting country – US with 37 percent
  • Top spam-relaying continent – Asia with 36.6 percent
  • Amount of business email that is spam – 97 percent

Injection attack? coming to get you By exploiting poorly secured legitimate websites, hackers have been able to implant malicious code onto them, which then attempts to infect every visitor. One of the reasons the web is so popular is that legitimate websites can attract large numbers of visitors, all of whom are a potential victim.
(This as also known as “poisoning”.)

Many well known organizations and brands have fallen victim to this kind of attack during 2008. Both large and small organizations have been targeted.
January 2008: Thousands of websites belonging to Fortune 500 companies, government agencies and schools/universities were infected with malicious code. more..

¹ read “money”
² read “malware”

Folks, this is taken from a whitepaper titled “Security Threat Report 2009” and produced by the IT Security firm Sophos. Some of the emphasis is mine. You can download the document here.
I want to take a moment to thank them for publishing this, and saluting their effort to combat malware and the criminals behind it. In fact, let me go a step further and salute all you whitehats out there. Thank you.

What you can do

1: please read Top 10 things you should do to your computer–updated. It is a checklist, and provides you with the How To’s for a (more) secure computer, as well as providing links to important (free) security downloads.
2: enable an anti-phishing filter, which can help alert you to poisoned websites before you go there. All modern browsers have a filter built in, and all you have to do is turn it on; or, you can add a toolbar/plug-in such as McAfee’s Site Advisor or the excellent WOT.
3: make sure ALL the programs on your computer are patched and up-to-date. The easiest and most effective way to do this (IMHO) is to download and install the PSI (Personal Software Inspector) from Secunia.
4: Never respond to e-mails asking for personal information. Legitimate businesses never contact you about “important issues” via e-mail. But criminals love to go phishing!
5: Be PARANOID on the Internet. (Use common sense) Think someone can’t trace back to you? Guess again; your browser reveals a wealth of information by default. Sound too good to be true? It is. There’s no such thing as a “free iPod”… and, no, you did not win the Irish Lottery. Is looking at sexually explicit material simply irresistible? Go to one of those video rental shops that has a back room instead of clicking links and images — a malware infection can cost you all your data and/or several hundred dollars in cleanup.. and/or many hours of your time..

Folks, the Internet is not Disneyland. Most knowledgeable people refer to it as the “wild, wild, West” (a reference to sheer lawlessness) but I like a different analogy better.. think of it as going into the Big City, and going down to the docks/warehouse district, alone, and at night.
You can do it, but you best be careful.

Copyright 2007-8 © Tech Paul. All rights reserved.jaanix post to jaanix

Share this post :

December 12, 2008 Posted by | advice, anti-spyware, antivirus, computers, cyber crime, e-mail, hackers, how to, Internet, PC, Phishing, phraud, security, software, tech | , , , , , , , , , , , , , , , , , , | 3 Comments

General advice for purchasing a new digital camera*

I have been receiving e-mails here at Tech–for Everyone that have been regarding my recent article about the fella who went traveling, and for the first time left his 35mm gear at home. (He only carried a digital camera.)

These e-mails have been asking me which digital camera it was. The reason they wrote is, they want to buy the same one. I had very carefully avoided naming a specific make or model of digital camera, as (believe it or not) I am not in the business of promoting sales.

But I understand perfectly why people want some advice when it comes to buying a digital camera. There is a whole gaggle of them to choose from– an overwhelming variety.. and when you start shopping, it’s easy to become confused by the jargon.
A “mega” pixel is better than an ordinary, everyday “pixel”.. right? (You bet it is. It contains more vitamins and minerals.)

A long, long, time ago I wrote a three-part advice series on buying a new computer, and today I am going to reiterate a bit of advice from there– when buying a digital camera, you have to hold it in your hands. The “right” camera for you will just, well, “feel right”. If you keep accidentally pushing a button, or put your thumb right on the viewer screen.. that’s not good.

Tip of the day: General advice for purchasing a new digital camera.

* Optical zoom is better than digital zoom. Make sure that the “zoom” feature of your camera is handled by a moving lens. Digital zooming is okay in very small amounts, but the way it works will cause funny-looking “pixilation” when really put to work.
* You want image stabilization. Image stabilization is in my opinion simply a “must have”; fortunately, almost every manufacturer provides it. I won’t spend time, here, describing the different types. If you’re curious, click the link.
* The Megapixel. Folks, there is a lot of confusion regarding the camera jargon word “megapixel”. A higher megapixel number does not necessarily equate with “sharper image” or “clearer picture“.. in fact, they usually have nothing to do with each other.
Megapixels refers to the image (data) size and determines how big an enlargement you can make before you start to experience distortions (think of it as being a bit like film sizes). If the largest prints you ever make are 5 x 7, a three-to-four Megapixel camera is all you need. A 10 Megapixel camera is overkill for the vast majority of uses, and it will simply fill your memory card faster, with fewer shots. (But, you can make poster-size prints.)
* LCD “viewfinder”. I think it is important to have a manual viewfinder, as well as the LCD screen.. but that is personal opinion. In terms of LCD, the two factors to consider are placement and size. It should be big enough that you can see what it is showing when you hold the camera away from your body, and, it should be positioned on the camera in such a way as to not cause you to hold your hand in a funny/odd way so that you can see it.
Important: The LCD screen not only needs to be large enough to see, but it needs to be bright enough that you can see the preview when you’re outdoors in sunshine. If the image looks kind of dim in the store…
* And I’d like to repeat, your camera should just feel right in your hand.
* Don’t buy features you won’t use. If you are not a photography buff, and don’t want to memorize a 200-page owners manual, then you don’t want to buy a D-SLR; you want a “point-and-shoot”, (You won’t impress anybody with it anyway) and you don’t need 24 “settings” if you’re only going to use one. Right? Right.

Today’s free link: If you are like the fella I mentioned in the original articles, and like to read reviews and technical specs, or if you just want more information about digital photography (maybe it’s your hobby), check out http://www.pcphotomag.com/.

Copyright 2007-8 © Tech Paul. All rights reserved.jaanix post to jaanix

Share this post :

November 24, 2008 Posted by | advice, Digital camera, shopping for, tech | , , , , , , , , , , , , , , , , , | 3 Comments