Opera Web Browser Update Includes Security Fix

The Opera web browser has just been updated to version 9.62. The update includes two security fixes: the first fixes an issue where History Search could be used to execute arbitrary code, and the second ensures that the Links panel no longer allows cross-site scripting. The latest version of the program is available for download here.

Posted by Peter on October 31st, 2008 in Other Software, Security | Permalink

New Mac Virus Discovered! On Film! :-)

The guys at BeamEcho, a Toronto Mac dealer and repair shop, have whipped up a short film of a new Mac virus that they have discovered. (Hint: it’s a Halloween special.) We thought we’d bring it to you here so you can see what may be in store for you if you’re not protected.



Posted by Peter on October 27th, 2008 in Security | Permalink

If Your Keyboard had Loose Lips…

As you certainly know, your keyboard is an electronic device. It converts your physical movements (keypresses) into electrical signals to send data to your computer. As I type this sentence, the keyboard is changing my movements into codes that my Mac interprets as letters.

Naturally, this raises the question: do the electronic impulses that your keyboard generates travel through the air as well? Researchers at the Swiss Federal Institute of Technology (EPFL) in Lausanne, Switzerland decided to test this. They say that, “Wired keyboards emit electromagnetic waves, because they contain eletronic components. These eletromagnetic radiation could reveal sensitive information such as keystrokes.” And they have proven that this is the case. In their tests, they say that “We found 4 different ways … to fully or partially recover keystrokes from wired keyboards at a distance up to 20 meters, even through walls. We tested 11 different wired keyboard models bought between 2001 and 2008 (PS/2, USB and laptop). They are all vulnerable to at least one of our 4 attacks.” You can see videos of their experiments.

You may think that this is the stuff of James Bond, but imagine that you are in a hotel room, and in the next room someone has a keyboard sniffer. As you type your user names and passwords, the “spy” in the next room can intercept them. Does this sound like something out of an espionage novel? Actually, we can imagine something like this being used in hardball industrial espionage, among other things.

Here’s a tip, though, if you’re worried. When you need to type a user name and password, type a few letters of the former, then switch to the next field and type a few characters of your password. Go back and forth, and even add some incorrect characters and backspaces to delete them. Sure, this is overkill of 99% of us, but for that 1% for whom security is an absolute, it may be necessary.

Of course there’s another, much more secure solution: biometrics. Using, say, a thumbprint for logging onto computers and websites. That’s not common yet, but it may be the way to go in the future.

Posted by Peter on October 23rd, 2008 in Security | Permalink

Using NetBarrier to Find AirPort Networks

In addition to protecting your Mac from hackers, vandals and all kinds of network attacks, NetBarrier X5 has a set of tools for monitoring your network and checking network status. One of these tools is especially useful if you use AirPort to connect your Macs to a network.

NetBarrier’s Network section shows you a great deal of information about your network interfaces (AirPort, Ethernet, Bluetooth, etc.), and also shows you a list of all available AirPort networks, together with their signal strength and what channel they use. This last bit of information - the channel - can be especially useful when setting up a network at your home or office. If you are surrounded with WiFi networks, you want yours to be on a channel that is relatively unencumbered. You can check which channels are used by neighboring networks, and find out which is the best channel to use for your network.

You can also find which networks are open, when on the road, to know which you can connect to. Since you can see the signal strength in NetBarrier, you can see right away which network is best to try connecting to first. (Naturally, signal strength is not the only criterion for good network access; a lot also depends on how many other people are using that network.)

NetBarrier X5 has other useful network monitoring tools; check them out if you want to keep tabs on what’s happening on your network.

Posted by Peter on October 21st, 2008 in Intego Software | Permalink

Beware Bogus Security Software

There’s a new trend out there designed to scam computer users: web sites that sell bogus software. Not only does the software not do what it claims to do, but the companies that sell this “software” get a hold of your credit card and can do even more damage to your bank account.

Intego has spotted one such company, claiming to sell Macintosh antivirus software. MacGuard claims the following:

Macguard’s high-tech system scanner will search your hard drive for malicious objects such as Adware, Spyware and Trojans, cleaning your files, eliminating the threats, and securing your privacy in just a matter of minutes. Its Real Time smart protection will also ensure new threats will not even reach your desktop.

But what’s interesting is that Winiguard claims exactly the same thing. Not only is that claim the same, but every word on the two websites is identical.

One way you can spot a fake is that when you click what is supposedly the product’s download link, nothing downloads. So you can see that there’s no software behind the web site. (On the Winiguard site, something does indeed download.) If you are gullible enough to purchase this software from a company you have never heard of, who has no references, and whose web site is vague and imprecise, it is likely that you will find additional charges on your credit card. ArsTechnica reports that more than 30 million people have been scammed by such software.

We all know that security is a serious risk when using a computer, and especially the Internet, but one should not blindly trust a web site just because it claims that its software will do something. Look for trustworthy, reliable software, such as Intego VirusBarrier, which, over the years, has proven itself. Trust the gatekeepers - the computer magazines and websites that test such software; Macworld said that “VirusBarrier X5 is the gold standard.”

As the saying goes, let the buyer beware. That goes for anything you purchase online, but even more for so-called security software that does nothing more than take your money and run.

Read the full Intego security memo here.

Posted by Peter on October 17th, 2008 in Other Software, Security | Permalink

Adobe Updates Flash Player; Fixes Clickjacking Risk

Adobe has released a new version of Flash Player, its media player software. This version includes a fix for the clickjacking issue that has been making the rounds recently. Earlier this month, we reported on Adobe’s security advisory about this risk. Adobe’s security bulletin outlines the fix that was added to Flash Player: “This update includes further changes to enhance Flash Player’s interpretation of cross-domain policy files. These changes could help prevent privilege escalation attacks against web servers hosting Flash content and cross-domain policy files.”

We strongly recommend that all Flash users - which means just about everyone who uses the Internet - upgrade now.

Posted by Peter on October 16th, 2008 in Other Software, Security | Permalink
   Older Articles >

Copyright © 2007-2008 Intego