Apr
14

computer_virus I can’t believe the naivety of some folk! Only last week I had to help a colleague with her home computer that was “not working” The computer was full of viruses. She had no anti-virus software on her computer and she seemed convinced that because she was “not connected to the Internet” she wouldn’t get a virus on her computer.

She failed to consider that perhaps the flash disks that she brought from work and the pirated game CDs that her children were using on her PC were the source of her virus infections…

This is the second article about computer security and concentrates on anti-virus and anti-spyware programs:

  • Use an AntiVirus Software – It is very important that your computer has an antivirus software running on your machine. By having an antivirus program running, files and emails will be scanned as you use them, download them, or open them. If a virus is found in one of the items you are about to use, the antivirus program will stop you from being able to run that program and therefore infect yourself.

See this link for a listing of some online/stand-alone antivirus programs:

Virus, Spyware, and Malware Protection and Removal Resources

  • Update your AntiVirus Software – Every year you have to go to your doctor to get an anti-flu injection. You have to get one every year because the influenza virus mutates and adapts every year into a new strain. Computer viruses are the same! There is no point running an antivirus program if you do not make sure it has all the latest updates available to it. If you do not update the software, it will not know about any new viruses, trojans, worms, etc that have been released into the wild since you installed the program. Then if a new infection appears in your computer, the antivirus program will not know that it is bad, and not alert you when you run it and become infected. Therefore it is imperative that you update your Antivirus software at least once a week (Even more if you wish) so that you are protected from all the latest threats. If you are lucky then you will have an anti-virus product that will update itself automatically via the internet, but never blindly trust this. A large number of the more virulent viruses and trojans can deactivate your anti-virus software’s updating functions.
  • Install an Anti-Spyware Program – Just as you installed and use an antivirus program, it is essential these days to use a Spyware protection and removal program. These programs can be used to scan your computer for spyware, dialers, browser hijackers, and other programs that are malicious in nature. The 4 program that I recommend are SuperAnti-Spyware, Spybot – Search and Destroy, and Lavasoft’s Ad-Aware, and Windows Defender.A tutorial on using some of these programs can be found below:

Using Spybot – Search & Destroy to remove Spyware , Malware, and Hijackers

Using Ad-aware to remove Spyware, Malware, & Hijackers from Your Computer

 

  • Commercial Spyware Removal/Protection Programs – If you feel more comfortable installing a commercial Spyware removal program then I recommend WebRoot’s Spysweeper or Lavasoft’s Ad-Aware Professional. Both are fair products and a worthy addition to the arsenal of software protecting your computer.

 Spysweeper Product Information

 

  • Occasionally Run Online Virus Scans – Unfortunately not all antivirus programs are created equal. Each program may find infections that other antivirus programs do not and vice-versa. It is therefore recommended that you occasionally run some free online antivirus scanners to make sure that you are not infected with items that your particular antivirus program does not know how to find. Three online scanners that we recommend are:

Every once in a while, maybe once every 2 weeks, run one or both of these scanners to see if they find anything that may have been missed by your locally installed antivirus software. Believe me, you will not regret it!

Next week, in the 3rd part of this blog article I will look at updating Windows, firewalls and some other useful tools to keep your computer safe and secure on the Internet…

David Wiles

Apr
07

popup21 I was busy fixing a computer for a colleague and while I was waiting for the anti-virus scanner to complete its task I got to thinking about computer security in a workplace such as the University of Stellenbosch:

The Internet is just not a safe place to connect your computer to – even if you are using a University computer. There are worms constantly scanning for vulnerable computers to infect, trojans disguised as helpful programs but actually install malicious ones, spyware that reports your activities back to their makers, and hijackers that take control of your web browser and browsing experience.

For those people who have been the victim of one of these mentioned infections – myself included – removing them and getting your computer back in your control can be a frightening and frustrating experience. The purpose of this article is to teach you how to setup your computer in such a way that you minimize as much as possible the risks of contracting one of these infections. Regardless of your computer experience you should have no trouble following along.

I picked up a lot of information from Bleepingcomputer.com, a very useful and informative site.

This is the first of a number of articles that will help you keep your computer safe and secure on the Internet.

Step 1: Educate yourself and be smart about where you visit and what you click on – Understanding how you can get infected and what to avoid when using the Internet will be the most important step in keeping your computer clean and secure. The majority of people who have infections on their machines were infected due to lack of knowledge and clicking on things that they should not. I will provide a list of actions under this step that you should not do:

  1. Do not open attachments from users that you do not know. This is one of the most effective ways for viruses to infect you. If you do not know the user, then simply do not open the email and delete it.
  2. Never open an attachment that is a .exe, .pif, .com, or .bat unless you specifically know the file is clean. The majority of these are always bad!
  3. If you visit a site and a popup appears saying that your computer is unsafe, ignore it! These are gimmicks that are used to make you click on the ad which then can potentially install unwanted malware. For an example of how these types of foistware can be installed on your computer, you should read this article: Foistware, And how to avoid it.
    An excellent list that contains a list of antispyware apps that should be avoided and a list of ones that are recommended can be found here: Rogue/Suspect Anti-Spyware Products & Web Sites
  4. When a you go to a site and a popup occurs, many times they will make them look like a normal Windows message box in order to trick you into clicking on them. Instead just close them by clicking on the X.
  5. Do not visit porn sites! I know some of you may not be happy about this, but the reality is that the majority of spyware and browser
    hijackers are put on your computer through porn sites.
  6. Do not visit warez sites! Not only is pirated software illegal, but it is a breeding ground for malware.
  7. Do not visit crack sites! Many of the cracks include malware in them!
  8. If you use P2P software, make sure you are careful about what you open. Malware is all over the P2P networks.
  9. Read the license agreement for any software that you install. Many free downloads are offered with spyware and other programs that you DO NOT want on your computer. Reading the agreement may help you to spot them.

Next week I will cover some more aspects of computer security that you might find useful. Be sure to let other know about this article!

David Wiles

Apr
06
Filed Under (Reviews & Opinions, Tips) by David Wiles on 06-04-2009

ScrIM_Logo Most people know they shouldn’t post their e-mail addresses in plain text on the Web anymore. Bots and spammers regularly scan sites for e-mail addresses and add them to their subscription lists. Trying to hide your address with a trick like "myname AT sun DOT ac DOT za" is helpful, but some bots can see straight through that. Scr.im hides your e-mail address behind a link and a captcha to make sure that spammers don’t get a hold of it, or at least have to prove they’re human before they can see it.
You want to give your e-mail address to a friend on a forum, but neither of you wants to go first publicly. Perhaps you want to trade addresses with someone on Twitter, but you’re afraid you’ll botch the direct message and it’ll be public. With Scr.im, you can get a URL to give out instead of your e-mail address, and the person who sees it can click on the address, confirm their humanity, and they’ll see your address.
ScrIM_EnterAddress

 

 

 

 

 

 

 

 

 

Most services already have workarounds in place to help you keep things like personal information private between you and the person for whom it’s intended. For example, Twitter has direct messages, forums usually have private messages, and there’s always IM. However, there are some times when it’s just easier and faster to reply with your contact information, and Scr.im allows you to share confidently.
To use the service, you do have to give Scr.im your e-mail address. Type it into the front page, and the service will either generate a Scr.im URL for you, or your can type in your desired suffix if you want something a bit more personal. Once the URL is activated, you can post it freely, and anyone who wants to use it will have to verify they’re a human before your address is displayed.
ScrIM_HumanityCheck

 

 

 

 

 

 

 

Scr.im isn’t the only service that protects your e-mail address behind a captcha; Tinymail has been doing something similar for years. However, Scr.im gives you the option of personalizing your address, something Tinymail doesn’t offer. If you post your Scr.im URL publicly, you still run the risk of people you didn’t intend to have your e-mail address getting it, but it’s much safer from an anti-spam perspective than simply typing your e-mail address on the Web.

Apr
06

Thursday April 2, 2009

Now that mobile devices have become a primary communication tool for over 60 percent of all humanity, the effects of widespread cell phone use in the developing world are beginning to receive more attention.

eLearning Africa (eLa), the continent’s largest annual assembly of eLearning and education professionals from Africa and beyond, has announced that on May 27th, 2009, they will conduct their fourth pan-African networking event in Dakar, Senegal. The event focuses on discussing and training participants on how to use a variety of technologies for development and education within different African countries.

Last year, over 1500 attendees from 83 countries gathered to discuss e-learning and distance education in the developing world. Recently, eLa announced that it its call for papers for 2009 has resulted in over 430 submissions from around the globe.
“The recent election of US President Barack Obama has elicited an unprecedented frenzy of hope across Africa,” said Kenyan journalist Reuben Kyama in a statement. “With an African-American president in office, the majority of the continent’s 750 million people anticipate a new dawn in the realm of socio-economic and political affairs.”

Conference organizers have set up a scholarship program to ensure participation of Africans with financial constraints. The organization said that conference participation will help the African practitioners lay the groundwork towards achieving their goal of education for all.

“In Africa, we have a lot of challenges particularly with connectivity,” said Chijioke A. Eke, a past conference participant from Sidmach Technologies Nig. Ltd in Nigeria. “Students in rural areas have a lot more challenges. Those that are there are not in touch with what is happening out in cities and they have less access. How can we take e-learning down to where the challenge is? Mobile,” he said, holding up a handset. (See the full video here.)

Conference attendees at past events have included representatives from Google and Cisco, plus hundreds of smaller independent technology and educational firms. Today, eLa is working on collecting donations to sponsor men and women from remote regions who would not otherwise be able to attend. For more information on the eLearning Africa Scholarship Program or to make a donation, visit www.elearning-africa.com.

Posted By:  Jamie Lendino

Apr
01
Filed Under (Editorial) by David Wiles on 01-04-2009

For those who are doomsayers insisting that the world will come to an end on April 1, 2009 with the outbreak of the Conficker worm – take a deep breathe (or a Prozac) and revise your prophecies.

Yes, the Conficker worm is a definite problem, but not some apocalyptic harbinger of doom!

Simply put, Conficker is a large, P2P-based botnet, allegedly with millions of infected machines and on Wednesday, on April 1, it is set to activate its new “variant C”.

A bot is a Trojan malware program that has complete control of an infected computer. It can be used to attack and spy other computers and servers. It can be destructive – damaging files, connecting to addresses on the Internet, and forwarding your email –in fact whatever makes the most sense financially for the creators and controllers of the botnet.

From what I have read Conficker’s has been designed with P2P architecture. This makes it more difficult to trace and destroy than most other botnets, because it cannot be localised to a single server but the computing power of is distributed amongst the nodes of the Peer-2-Peer network. The only real change that occurs on April 1st, is that Conficker.C starts using a new algorithm that will make tracing it even harder – end of story!

Joe Stewart of SecureWorks, is quoted as saying "The Conficker threat will be exactly the same as it is today, on April 1st."

Perhaps naming a date in regards to threat makes people feel more comfortable. Whether or not we’re warned about that date, we’re likely to ignore it if April 1st comes and goes quietly. Like the damp squib of the predicted Y2K meltdown, we’ll feel robbed and try to find who “cried wolf” so we can hang thumb our noses at the hapless prophet of doom!

It’s is likely Conficker.C will regurgitate spam or even be responsible for attacks the Internet infrastructure. What we do know for sure is that the worm itself won’t be much different tomorrow.

Like it or not, it is the criminal that have power over us! The Internet is ruled by those with the biggest “guns” and not by who makes money by owning yet another DNS top-level domain.

We can continue window-dressing, attending and organising security conferences and waving the “civil-rights and privacy” flag and bitching about ICANN policy. But while we enjoy the “warm and fuzzies” of these sorts of actions the Russian and Chinese crime syndicates make more money, have more raw power, and are willing to use it even if it hurts their business.

As for Conficker, Antivirus vendors have added detection, and new network scanners are available, but the hype, however, has turned the threat into a media circus. The security and antivirus industries are raking in the profits of their "we protect against Conficker" products.

As an added bonus I include a link to an insightful report on CBS’s 60-minutes all about the threat of Conficker. Well worth the watch. (You need InetKey open to view the video)

The Prozac is kicking in now…

David Wiles