A few items for your Friday
Here are a few items for your consideration:
First up, yesterday I alerted iPhone users to the fact that Apple is urging all owners to ‘upgrade’ to the latest version of iOS. Here’s more on why that’s a really good idea:
[ NOTE: “zero-day” is Geekspeak for “an attack for which we currently have no defense”.]
* Three zero-days found in iOS, Apple suggests users update their iPhone
“Pegasus is highly advanced in its use of zero-days, obfuscation, encryption and kernel-level exploitation and the malware has been active for some time..” Read more..
And a couple more..
“Whether you’ve got a brand-new Galaxy Note 7 or an older Android phone or tablet you just want to spruce up, these are the apps that matter.” Read more..
* The Best Laptops for College
“Need a light, affordable laptop you can carry all over campus? These 10 affordable picks make the grade.” Read more..
And last but certainly NOT least…
* WhatsApp to Share Your Data with Facebook — You have 30 Days to Stop It
“Nothing comes for Free, as “Free” is just a relative term used by companies to develop a strong user base and then use it for their own benefits. The same has been done by the secure messaging app WhatsApp, which has now made it crystal clear that the popular messaging service will begin sharing … ” Read more..
[ NOTE: that “sharing” includes your phone number.. but sheeze, you don’t think FB doesn’t already know your phone number?? ]
* * *
Today’s quote: “Your time is limited, so don’t waste it living someone else’s life. Don’t be trapped by dogma – which is living with the results of other people’s thinking. Don’t let the noise of others’ opinions drown out your own inner voice. And most important, have the courage to follow your heart and intuition.” ~ Steve Jobs
Copyright 2007-2015 © “Tech Paul” (Paul Eckstrom). All Rights Reserved.
>> Folks, don’t miss an article! To get Tech – for Everyone articles delivered to your e-mail Inbox, click here, or to subscribe in your RSS reader, click here. <<
All we really have, in the end, are our stories.
Make yours great ones. Ones to be proud of.
Security Warning: Disable Java Now
Security Warning: Disable Java Now
“Researchers report a new zero-day vulnerability in Java that’s serious enough we should all just disable Java for now–here’s how.” Read more..
Many now think that the “military grade” level that malware (aka “virus”) has now reached, has rendered our defenses useless. I am not sure that’s exactly true.. but maybe it will be by next week. Here is a very good read by one of the best writers on the subject: Is the death knell sounding for traditional antivirus?
“Antivirus developers need to run malcode in their labs in order to create malware-identifying signatures. What happens if they can’t?” Read more..
But I guess all the news is not dire.. friend and fellow blogger Rick Robinette has one today that I know you’re going to want to see: A Huge List of FREE Computer Security Products and Services
“One of my favorite tech sites is Gizmo’s – The Best Freeware… Today, during a visit I came across a huge list of FREE computer security products and services that is maintained on their site. The list is not a list of specific recommendations, but is a “comprehensive documentation of the security products available”… I […] Read more..
But I have to be honest here folks; every week I learn more that has me seriously evaluating “going off the grid”. I have been ‘joking’ for years – if you knew what I knew about the Internet, you wouldn’t use it” – and each day that ‘joke’ gets unfunnier.
Go ahead. Read, and see why.
Important: Don’t let the UN steal the Internet
“If the UN seizes control of the Internet, they’ll take the Internet from the voices of freedom and give it to nations who’d prefer to either kill it or refashion it into another tool of state control.” Read more..
Today’s quote: “A word to the wise ain’t necessary – it’s the stupid ones that need the advice.” ~ Bill Cosby
Copyright 2007-2012 © “Tech Paul” (Paul Eckstrom). All Rights Reserved.
>> Folks, don’t miss an article! To get Tech – for Everyone articles delivered to your e-mail Inbox, click here, or to subscribe in your RSS reader, click here. <<
All we really have, in the end, are our stories.
Make yours great ones. Ones to be proud of.
Security Alert: Don’t Open PDF Files
New Year, New Attacks Against Adobe
Adobe Zero-Day Flaw Under Attack – Crooks are once again sending e-mails with attachments exploiting the “zero-day” hole in Adobe Reader and Acrobat to install malware on targeted machines. The attacks start with a malicious PDF file that contains the PoisonIvy Trojan, which allows an attacker to gain remote control over an infected PC.
Adobe says it will release an update on January 12th.
To read the full story, please click here.
Today’s free downloads: If you are a bit tired of Adobe, and all of it’s vulnerabilities (tops the charts year after year, after all), I’m afraid there’s not much you can do about Flash Player (for watching YouTube videos, for example) except to remove it and do without videos (and.. animated ads). But you don’t need Reader to open PDF files. I suggest uninstalling Reader and installing some other “reader”.. such as the lightweight (and portable) Sumatra PDF, or the popular Foxit Reader, or PDF-XCHANGE Viewer (also an editor).
Copyright 2007-9 © Tech Paul. All rights reserved.
post to jaanix
| Share this post : |  |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
Quick Time Zero-Day Monday
Ah, there’s nothing like the Monday morning after a long holiday weekend, and this one is bright, brisk and clear. Makes this fella want to stay in bed.
But like you, I’m up-and-at-’em. Re-invigorated, and ready to face the week.
You may have noticed that today’s title is a little strange-looking. But when I break it down, it should make more sense. Those of you who are regular readers of this series already know that I am an advocate of secure computing and that I am always providing tips, advice, and downloads to help you keep away the digital Evil Doers (aka “cyber criminals”). Today’s article follows in that proud tradition.
Regular readers also know that during holidays, I often re-post past articles– which I did, twice, this week. However, I did post one original article which (if you’ll forgive me a little vanity) may be one of the most important of all of the articles I have posted so far. (It is certainly my current soapbox ‘hot topic’.) Please, if you missed it, click here and read it. It is relevant to all computer users and discusses your first line of defense against hackers– software patches.
Now, to explain today’s title: The first two words are Quick Time, which is a media viewer (and format) from Apple which comes packaged with the iTunes software. 
Quick Time sort of competes with Macromedia’s Flash format, and is used as a way of presenting animations and short ‘films’ on the Internet. You may have been asked to install Quick Time as a browser “plug in”, to view certain material, by a website.
The second two words are “zero day“. Zero-day is a security term used to describe the period [I mentioned in the prior article] between when an exploit has been discovered– and the hackers are using it to attack, and take control of machines — and when a patch has been found and is available to the public. During this period, there is no (ready) defense against the hacker’s attack code.
There is currently an attack underway targeting a vulnerability in Quick Time, and there is as of yet no patch. In other words, a “zero-day attack” is travelling the Internet and people with Quick Time installed have no defense against having their machines turned into spam-launching zombies, or having malware installed.. or whatever else the cyber criminals want to use their machines for.
This “buffer-overflow” attack affects any machine with Quick Time installed, whether it be Apple OS X, or Windows Vista/XP.
Tip of the day: Don’t be vulnerable to this nasty zero-day attack. Since there is no patch (or, “update”) yet, for the time being, you must be particularly vigilant about clicking on links to websites you receive in emails, avoid visiting websites you haven’t been to before (practice “safe browsing”), and make sure your antivirus is up-to-date.
I don’t use Quick Time (nor do I use iTunes), preferring to miss out on that content (if a website uses it) than to have another media player on my machines. And I suggest that you may want to uninstall it if you have it.. particularly if you rarely use it.. as you can always re-install it once Apple releases a patch (at this time, there is no announced “expected release date”). I also recommend uninstalling the browser add-in version (to read how to remove/manage browser plug-ins, click here).
More advanced users should go into their router’s and/or firewall’s settings and block outbound TCP port 554.
As a fella used to say, let’s be careful out there.
[updated: Apple has released a fixed (updated) version of QuickTime that closes this critical flaw. Windows users can either answer “yes” to the autoupdate alert, or click here, and download the updated version, while Mac users will need to find the appropriate OS version download.]
Today’s free link: I have mentioned that I am a gamer and that I like flight simulators. YS Flight Simulation System 2000 is a free simulator that works even on Linux, and is highly adaptable with “mods” and additional planes (comes with 50) and not-too-stringent graphics needs.
Copyright 2007 © Tech Paul. All rights reserved.
| Share this post : |  |
 |
|
|
|
|
 |
|
|
|
 |
• About Tech Paul
I am a Retired computer & network technician. I used to think the machines were pretty cool. Now I don’t.
They’re anything but.
I regularly posted how-to’s and tricks & tips and general computing advice here starting in 2007. (Use the Search tool to find answers. But be aware, many are rather dated.) Sometimes I answered (your) specific questions in an article if I believed the answer was generally helpful to “everyone”. All the writing you see was my own, typos and all. There always is/was an implied “IMHO” in what you see here.
Note: You are responsible for using this blog and its content. I am in no way liable for any losses caused by user error, viruses and/or other malware, hardware or software failure, or any other conceivable reason.
-
Say "thank you!" Buy Tech Paul a cup of coffee (and keep T4E ad free).
-
-
McAfee® Cybersafety Resource Portal, an online help center designed to assist victims of computer crime and provide information on how to avoid becoming a victim.
-
Subscribe to Tech--for Everyone by EmailRecent Comments
-
-
-
-
Also:
-
-
Tech - for Everyone 