Cool Site – Teleflip

March 8, 2008 – 6:15 PM

Teleflip started when the founder became increasingly frustrated at his inability to send text messages to friends’ cell phones from his PC. It was of course possible, but you had to know the cell phone provider, the correct domain name and the correct syntax for the email address. There had to be an easier way….Teleflip was born. Teleflip was founded in 2003 in Los Angeles, California.

The next time you need someone to email you directions, a recipe, sales information, or maybe just a few sweet nothings… tell them to TELEFLIP it, at:

(yourcellphonenumber)@teleflip.com.

It’s easy. It’s free. It’s for your phone. Try it now.
click here

Or visit the site here:
http://www.teleflip.com/

The Ten Net Commandments

March 8, 2008 – 6:10 PM

1. Thou shalt not buy merchandise found in pop-up ads or spam.
2. Thou shalt not post thy email address, phone number, address or social security number to the internet, nor shalt thou post anyone else’s.
3. Thou shalt not forget to update thy Windows every second Tuesday.
4. Thou shalt not connect to the internet without installing an antivirus, nor shalt thou begin a scan without checking for updates.
5. Thou shalt not connect to the internet without installing a firewall.
6. Thou shalt not covet thy neighbor’s credit card number, nor his bank routing number, nor his social security number.
7. Thou shalt not enter thy credit card number without seeing the tiny padlock icon on thy status bar.
8. Thou shalt not reply to the email from the Nigerian banker.
9. Thou shalt not forward chain letters to thy friends and family.
10. Thou shalt not use “password” as thy password, nor thy birthday, nor thy children’s names.

http://www.spywareinfo.net/dec10,2005#tenlaws

More Ways To Surf Safely

March 8, 2008 – 6:09 PM

In the last newsletter, I suggested creating a limited user account on your computer and using that to surf the internet. As a limited user, it becomes very difficult for malware to attack the browser and install itself. As it turns out, there is an even simpler way to do this.

Several people wrote to mention a program written by a Microsoft programmer called DropMyRights. This program allows you to use your computer as an administrator while opening programs with limited rights. It is a much easier way to surf the web than what I described last time.

You install the program, then move the .exe file to another folder, “c:/lowrights” for example. Then you right-click on your desktop and create a new shortcut. To create a shortcut that loads Internet Explorer with limited rights, this is what you would put as the location: c:/lowrights/dropmyrights.exe “c:/program files/internet explorer/iexplore.exe”. (Change to back slashes instead)

When you launch Internet Explorer with that shortcut, the DropMyRights program will give it the same permissions as a limited user. You cannot install or run ActiveX and most of the methods used to install malware will fail. I tested this out on a couple of very nasty web sites and absolutely nothing happened.

You still see the prompts asking permission to install ActiveX controls. However, nothing happens even if you say yes. You can test this out at SpywareInfo. We have a page that will load an ActiveX spyware scanner designed by X-Block and it is perfectly safe. The page is at http://www.spywareinfo.com/xscan.php . If you ever have a legitimate need to install an ActiveX control, you can simply launch Internet Explorer with the normal shortcut.

This also works with any other program on the computer. Just create a shortcut to the program, with dropmyrights.exe in front of the program’s location and it will launch that program with limited rights. That means you can do this with your email or instant messenger programs.

A few people mentioned a similar program, also written by Microsoft programmers. This one does the exact opposite of DropMyRights. MakeMeAdmin lets you log in as a limited user, but launch certain programs with administrator rights. It is similar to the Windows “Run As” function. The difference is that this program gives administrator-level rights to your limited account just before launching a program.

Of the two programs, it probably is safer to use MakeMeAdmin while logged in as a limited user. That way you cannot accidently launch Internet Explorer or your email program with full rights. Both of these programs give you a very elegant way to avoid much of the risk associated with the internet. If you (or a family member) are constantly fighting a spyware infection, this may be the solution to the problem.

http://www.spywareinfo.net/nov23,2005#safesurfing

GRC’s Ultra High Security Password Generator

March 8, 2008 – 6:08 PM

Generating long, high-quality random passwords is not simple. So here is some totally random raw material, generated just for YOU, to start with. Every time this page is displayed, our server generates a unique set of custom, high quality, cryptographic-strength password strings which are safe for you to use.

https://www.grc.com/pass

Click your web browser’s “refresh” button a few times and watch the password strings change each time. Every one is completely random (maximum entropy) without any pattern and the cryptographically-strong pseudo random number generator we use guarantees that no similar strings will ever be produced again.

Also, because this page will only allow itself to be displayed over a snoop-proof and proxy-proof high-security SSL connection, and it is marked as having expired back in 1999, this custom generated (just now for you) page will not be cached or visible to anyone else.

Therefore, these password strings are just for you. You may safely take these strings as they are, or use chunks from several to build your own if you prefer, or do whatever you want with them. Each set displayed are totally, uniquely yours. 

Microsoft Picks Partners to Fight Phishing

March 8, 2008 – 6:07 PM

Microsoft has signed up three companies to add phishing monitoring and detection technology to its antiphishing filter in the MSN Search Toolbar and the upcoming release of Internet Explorer 7, and its SmartScreen e-mail filter, the company says.

The software vendor has also released the final version of its phishing filter add-on technology for the MSN Search Toolbar. The technology is available as a free download.

Partners in Security

Microsoft is teaming with Cyota, MarkMonitor, and Internet Identity to beef up customer protections in its antiphishing filters, said Samantha McManus, business strategy manager for the technology, care and safety group at Microsoft.

“These companies are providing us with data on reported phishing attacks so we can use that data to protect our customers through our filters,” she said.

Phishing is online fraud that uses fake Web sites, which look like those of legitimate businesses, to trick online users into disclosing personal and financial information that can be used for criminal activity.

Microsoft offers antiphishing technology in IE 7, which will be available in full release for Windows Vista and Windows XP Service Pack 2 (SP2). Windows Vista is in beta now and is scheduled to ship in the last quarter of 2006. Windows XP SP2 is available now, but the IE 7 technology for the OS is still in beta.

Microsoft’s SmartScreen e-mail filter protects Microsoft Hotmail and the Windows Live Mail beta as well as Microsoft Outlook and Exchange e-mail software. SmartScreen also provides antiphishing protection.

Cyota, based in New York, offers online authentication and antiphishing services to provide real-time information about phishing attacks. MarkMonitor monitors and detects online fraud for financial institutions and other corporations, and will deliver information about confirmed phishing attacks against its customers directly to Microsoft, according to the San Francisco company. Internet Identity, based in Tacoma, Washington, automatically detects and takes reports for phishing Web sites for a wide range of clients, such as banks and credit unions. The company will forward this information to Microsoft’s antiphishing filter whenever those reports find a URL that leads to a phishing site.

Antiphishing Tactics

The services provided by the three companies will work slightly differently with the IE 7 antiphishing filter and the SmartScreen e-mail filter, McManus said. For the IE 7 filter, the services will report to the technology’s reputation service, which uses the information to scan a Web page to see if it has been reported by online users as a known phishing site, she said.

For SmartScreen, the filter can learn when phishing attacks are happening and include that information in the filtering process for messages that are sent through Hotmail and Windows Live Mail, as well as clients using Outlook or Exchange, McManus said.

Microsoft previously worked only with WholeSecurity, which was recently acquired by Symantec, to provide information about phishing activity and known phishing sites to its filters, McManus said. The company plans to partner with more companies to provide information in the future.

“This isn’t the final list of people who will provide the service,” she said. “This is a step along the way.”

http://www.pcworld.com/news/article/0,aid,123606,tk,dn111805X,00.asp