IE8 Beta 2 users still have to use Compatibility View a lot

Microsoft Plans Compatibility View Fix For Internet Explorer 8

One of the major changes in Internet Explorer 8 is that it adheres much more strictly to web standards than past IE releases. That's a welcome and sensible move, but it has resulted in many sites not rendering well, since they have been built to work with the slightly skewed design principles of earlier IE releases. The second beta of IE8 handled this with a 'Compatibility View' button, but Microsoft's internal research suggested that this wasn't quite enough, as a post on its IEBlog explains:

"We saw from the telemetry data that IE8 Beta 2 users still have to use Compatibility View a lot. Looking at our instrumentation, there were high-volume sites like facebook.com, myspace.com, bbc.co.uk, and cnn.com with pages that weren't working for end-users with IE's new standards compliant default. We could also see from our instrumentation that not all IE8 visitors to those sites were clicking the Compatibility View button. So, large groups of people were having a less than great experience because they weren't aware of the manual steps required to make certain sites work."

Microsoft's latest solution is to allow users to opt-in to an automatically updated list of popular sites that need compatibility view and have those sites rendered using the older IE7 approach without requiring manual intervention. That feature will be added to the next beta of IE8, due early in 2009 (there's a similar feature already in Opera). This seems like a pretty good interim solution to me; share your take in the comments.

Refer here for more details on Compatibility View Improvements to come in IE8.

Koobface virus affecting computer through Facebook's user profiles

Destructive Koobface virus turns up on Facebook

FACEBOOOK'S120 million users are being targeted by a virus dubbed "Koobface" that uses the social network's messaging system to infect PCs, then tries to gather sensitive information such as credit card numbers.

It is the latest attack by hackers increasingly looking to prey on users of social networking sites.

Koobface spreads by sending notes to friends of someone whose PC has been infected.

The messages, with subject headers like, "You look just awesome in this new movie," direct recipients to a website where they are asked to download what it claims is an update of Adobe's Flash player.

If they download the software, users end up with an infected computer, which then takes users to contaminated sites when they try to use search engines from Google, Yahoo, MSN and Live.com, according McAfee.

McAfee warned in a blog entry that its researchers had discovered that Koobface was making the rounds on Facebook.

Facebook requires senders of messages within the network to be members and hides user data from people who do not have accounts, said Chris Boyd, a researcher with FaceTime Security Labs.

Because of that, users tend to be far less suspicious of messages they receive in the network.

"People tend to let their guard down. They think you've got to log in with an account, so there is no way that worms and other viruses could infect them," Mr Boyd said.

Privately held Facebook has told members to delete contaminated e-mails and has posted directions at www.facebook.com/security on how to clean infected computers.

McAfee has not yet identified the perpetrators behind Koobface, who are improving the malicious software behind the virus in a bid to outsmart security at Facebook and MySpace.

"The people behind it are updating it, refining it, adding new functionalities," said Mr Schmugar said.

My advise to all of my readers, please be careful out there and make sure you don't click on any videos on Facebook. If you do then don't install any activex or update anything get prompt.

Enjoy Free Solaris 10 OS Training from SUN

Sun Open Learning Center offering free OS training

In this economic climate, it is as important as ever to keep your skills up-to-date. Now you can enhance your Solaris 10 OS skills with free training at the new Sun Open Learning Center.

The Sun Open Learning Center allows you to:

* Get free access to our most popular Solaris 10 OS training
* Engage in live conversations with Solaris instructors and experts in Second Life virtual world
* Obtain highly desired system administration skills for the Solaris 10 OS

Excellent initiative from SUN. I don't use Solaris much in my daily work life but all the administrators out there should take advantage of this cool offer.

Facebook Users - Don't click on any link unless you are sure!

Facebook attacked by vicious virus

FACEBOOK users are under attack again from a virus sweeping through the online social network.
The virus is technically a trojan worm that disguises itself as an email from facebookmail.com.

People are enticed to click on a misspelled video or picture link that directs to a malicious web site.

The title of the dodgy links vary from "Maan,yyou’re great!" to "your ass looks not bad in this video", "Some0ne thinks your special and has a *Hot_Crush* on you. Find out who it could be*" or a youtube link that says '"i can see yooooooooo".

The worm spreads its tentacles by emailing everyone on the victim’s friend list.

According to anti-virus software company Symantec, the trojan works by executing a worm called W32.Koobface.A that searches for cookies on the user’s machine.

If the worm finds the appropriate Facebook cookie, it modifies the users account settings and profile - adding links to malicious sites to trick others into installing the invader.

Facebook discussion boards talk about the trojan directing users to a page which looks like YouTube.

The phoney page asks the user to install a video player upgrade.

Installing the fake upgrade allows the worm to work its magic and access files on the victim’s machine while destroying their Facebook account.

The trojan comes just months after Facebook said it was working to protect its user from phishing scams.

Facebook has begun combating the virus by deactivating link when it can.

Facebook has not released an official comment regarding the attack.

My suggestion would be to all Facebook users to be careful and make sure you don't click any links or watch videos unless you are totally sure about it.

Finally New laws to target ID fraud nationwide in Australia

STEALING someone's identity will become a criminal offence across Australia

Draft laws aimed at combatting the fraud, which has been exacerbated by social websites such as Facebook, have been introduced to parliament.

Presently, it is only an offence to steal someone's identity in Queensland and South Australia.

Identity theft across the country will be punishable by up to five years jail.

The crime includes a range of offences including using another person's credit card details to stealing their personal information to open bank accounts and take out loans.

Ebay Scam - Old but still valid and works!

EBay users - Please be aware of false buyers.

Recently, my good friend Chris Ho, got hit by old eBay scam. He advertised a laptop and was wishing to sell it before Christmas so he can upgrade to a new one.

Unfortunately, the item was won by a international buyer from USA. He received the following email:

From: Raymond Feliciano
Date: Mon, Dec 1, 2008 at 6:27 AM
Subject: I WANT TO PAY NOW FOR #220XXXXXXXX, Sony Vaio Laptop PCG-R505AFT Great Working Order
To: Chris Ho

Dear Seller,
I will like to purchase these Item Sony Vaio Laptop PCG-R505AFT (220XXXXXXX) for a friend oversea as a Christmas gift.He works with British America Tobacco there in West Africa Due to my workload, i might not be able to be checking my mails often.So i will be offering AU $219.00 I want the item posted via Express Post International For Delivery to Him.hope the package will get to him in good condition.. What is the present condition of this item and does it comes in it's original box?.I will be paying you for the item via Bank Deposite, so get back to me with your full name and your bank details where payment will be deliverd to.
MANY THANKS.

Well, I guess this is quite similar to the scam i researched couple of weeks ago on Drive.com - Scammers now targetting Classified websites.

In such scams, buyers send fraudulent checks or send payment by stolen payment accounts. Payment is cleared and sellers usually post the items to different address such as Africa, Kenya, Nigeria etc.

After couple of days or weeks, sellers finds out that payment was made in a fraudulent manner and he has to return the money back to the bank or payment. In this way, sellers looses his item as well as the money.

We can do couple of things to avoid such things:

1) Don't sell anything to international buyers at first place.
2) If you do, make sure safe payment method is accepted such as Western Union, Bank Draft, Bank check from the same country buyer belongs to.
3) Get payment verified by bank before shipping the goods.
4) Use little bit of common sense.

I know these are not the best solutions but at least it will help you out little bit.

My thoughts on Biometrics / Face Recognition

What's your take on Face Recognition Technology?

Biometrics are biological authenticators, based on some physical characteristic of the human body. The list of biometric authentication technologies in still growing. Authentication with biometrics has advantages over passwords because a biometric cannot be lost, stolen, forgotten, lent, or forged and is always available, always at hand. Last and this year we saw heaps of laptops coming up with fingerprint reader as standard.

Now some of the Lenovo notebooks are coming with face recognition software, which is actually a reemergence of an old idea. Now that some systems include integrated cameras with much better quality (1.3MP), facial recognition has become much better. In practice this works very well and is extremely fast at recognition.

The included software lets you log onto your Windows account simply by sitting in front of your system. Your face is your password.

Depending on the software used, face recognition uses multiple techniques to identify a person’s face. Some of the more advanced programs use texture mapping in which a person’s skin texture is analyzed and matched. Most however, define nodal points on a person’s face and then use software to mathematically represent those points. Things measured include distance between the eyes, width of the nose, length of the jaw line, or shape of the cheekbones. Together these concatenate a numerical code which is stored in a database for later retrieval.



Biometrics can become a single of failure though. Consider a retail application in which a biometric recognition is linked to a payment scheme:

As one user puts it, "If my credit card fails to register, I can always pull out a second card, but if my fingerprint is not recognized, I have only that one finger." Forgetting a password is a user's fault; failing biometric authentication is not.

Although equipment is improving, there are still false readings. I think biometrics as unique parts of an individual, forgeries are possible. The most famous example was an artificial fingerprint produced by researchers in Japan.

My thoughts are, forgery in biometrics is difficult and uncommon, forgery will be an issue whenever the reward for a false positive is high enough.

Scammers now targeting Classified websites...

How scammers trick sellers and get money out of them...

I recently published a advertise on Australia's leading car selling website "Drive" to sell my car. I have sold couple of cars previously using this website and this company has really good selling rate.

I received few enquiries and most of them were "time wasters". After couple of weeks from the date i published my add i received an enquiry, which i found suspicious and thought of doing some research to see "how this scam works" and later on post it on my blog so other readers can protect them self. To start with, i received an enquiry which was like this:

Dear Shoaib Yousuf,

A Drive user has contacted you with a question about your car for sale on Drive.

Hello, My customer is much interested in your advert car. Pls kindly email me back if the car is still available stating it's present condition and your final price. Regards, Frank.L.Kennon Managing Director Leventis Motors Ltd

E-mail: agent_100brian@yahoo.com
Name Brian Anderson

I found this suspicious straight away and started digging about the company "Leventis Motors". I found no relevant information about the company and another point to note is, why managing directory sending an email using yahoo account?

Anyways, i responded to this add stating, yes - it is still available and i am interesting in selling my car for final price $29,000 AUD. (It was advertised for $29,990)

I received the following response:

from Brian Anderson
reply-to agent_100brian@yahoo.com
to Shoaib Yousuf
date Sat, Oct 18, 2008 at 11:27 PM
subject EXPECT MY MAIL.
mailed-by yahoo.com
signed-by yahoo.com

Reply

Hello,

Thanks for your response to my enquiry concerning your car.

Note that my client who resides here in London wants to conclude this transaction as soon as possible since he wants the vehicle as a present for his son who is resident in South Africa. So the car will be shipped to South Africa and my client bears responsibility for shipment.

Kindly exercise a little patience while i discuss your final price of $29,000 au and other necessary details with my client and also evaluate the on-line photos of the vehicle in question.I will get back to you later today or on Monday morning.

Brian Anderson.

Yeah right, car will be shipped to South Africa and "dad" will send me money from London. I don't need to think twice or guess where this is leading to, I find it quite interesting so i continued to play around with this bit more. So, i responded stating, "sounds like a plan and i would wait for your response as soon as possible". Guess what?, I received an email on Monday morning and it was:

from Brian Anderson
reply-to agent_100brian@yahoo.com
to Shoaib Yousuf
date Tue, Oct 21, 2008 at 12:04 AM
subject CONFIRM PAYMENT AND PICKUP ARRANGEMENT TODAY.
mailed-by yahoo.com
signed-by yahoo.com

Reply

Hello,

This is to inform you that my client has instructed me to proceed with the purchase of your car for his son. He said that I should inform you that the payment will get to you in an Australian bank cheque of ($36,900 AU) which is a refund payment of a cancelled order earlier made by him.

He informed me that he intends using the refund payment to pay for your vehicle.

He further explained that this bank cheque has to be made out in this amount($36,900 AU) to you because company policy only allows a refund payment on one bank cheque.So you are required to deduct cost of your car ($29,000 AU) when the payment gets to you and refund the balance of ($7,900 AU) to my client's agent via western union or moneygram international money transfer for the agent to be able to offset shipping /pickup charges ,contract fees for the pickup agent, taxes, commission and other handling bills.

After payment has reached you and balance is sent back to his agent,the agent will contact the pickup agent who will come for the pick up of the vehicle for shipping to my client's son.
My client is making some necessary arrangement with some shippers and will provide me with the pickup/test driver agent as soon as he decides the agent to contract for the pickup of the vehicle from it's present location.

NOTE: He also instructed that you are to deduct the transfer charges from the remaining balance($7,900 AU) which you will be sending down to his agent via western union or moneygram international wire transfer.

Confirm this whole arrangement and provide the details requested below for payment to be delivered to you.

PAYMENT INFORMATION:
1.YOUR LEGAL NAME IN FULL.........
2.POSTAL ADDRESS IN FULL..........................
3.PHONE NUMBER(S).................

Okay, if anybody use little bit of common sense they will understand that this is all bullshit and scam. Believe me, many people "Don't use their common sense" and still get victim of such scams.

Interesting part is not finished here, i went ahead and provided them with "fake details but real P O BOX details" and "prepaid sim" number.

Take another Guess? Surprise, i received a call from someone with Italian accent saying he has shipped me a cheque and when i will be able to send them money?

Anyways, now it was waiting period. I received a cheque after 3 weeks and i was right. It was shipped from Italy. You guys, won't believe the cheque was of "American Bank - JP Morgan".

I contacted my local bank and used my contacts to find out more details about the cheque. I didn't got much information so i contacted "J P morgan" local Representatives in Melbourne and found the cheque is real but fraudulently honoured. I informed them to take appropriate measures and make sure account holder in informed.

Now, let me tell you guys using my experience, what usually happens after this. Cheque get honoured, person get the money and as per agreement seller sent $7900 via Western Union. After few weeks or months, bank informs seller, "Sorry mate, that cheque was fraudulent" Please refund all the money back.

Bank gets their money back, scammer gets their money and account holder doesn't loose anything. In fact, seller looses $7,900 and still car is on the market or probably sellers sells the car to pay off the bank.

So - Please, i repeat PLEASE use your little common sense and be-aware of these scammers. They will try to scam you in all possible ways.

Patch your Flash player ASAP!

Adobe fixes 6 flaws in Flash

For the second time in two days, Adobe Systems Inc. has warned users of multiple vulnerabilities in one of its most-popular programs and issued a security update to plug the holes.

Wednesday's update was the fourth patch job on the ubiquitous Flash Player this year, and followed by one day an even larger collection of fixes for Adobe Reader, the Web's default PDF application.

The Flash Player update addressed six bugs in Version 9.0.124.0 that run the range from cross-site scripting and information disclosure vulnerabilities to flaws that could be used to inject malicious HTML code in Web sites and launch "DNS rebinding" attacks.

Goto adobe.com to update your flash player or follow the promts from auto-update.

Tor - How it works?

How to use Tor to audit networks

Tor is a software project that helps you defend against traffic analysis, a form of network surveillance that threatens personal freedom and privacy, confidential business activities and relationships, and state security. Tor protects you by bouncing your communications around a distributed network of relays run by volunteers all around the world: it prevents somebody watching your Internet connection from learning what sites you visit, and it prevents the sites you visit from learning your physical location.

It is a security tool that permits anonymous Web surfing. While it's a tool that can be used both by white hats and gray hats alike, all information security pros should be aware of how it works.

In this screencast, Peter Giannoulis of The Academy.ca details how Tor can be used by individuals to ensure their surfing habits aren't recorded by malicious hackers, and how IT professionals involved in auditing networks can mask their location so that a more thorough audit can be conducted.

Refer here to watch video by SearchSecurity.

Gmail - a new voice and video chat plug-in

Google takes on Skype

GOOGLE IS EXCITEDLY announcing its latest mission to gain a bigger user count for its Gmail service – a new voice and video chat plug-in.

So far Google has been slowly creeping alongside the likes of other email giants including Microsoft Live which has 283 million users and Yahoo mail which is just slightly behind with 274 million.

Gmail was seemingly stuck in third place with just 113 million users, which is why it has come up with this new video and voice chat service which will come free as part of the Gmail package. Although both of Google’s main competitors also offer a video and chat service, it is not integrated into the mail section like Gmail’s is – which makes it marginally different.

*****Not security related*****

Malicious Worm That Attacks Social Networks

Victims unknowingly spread the infection via wall posts to their friends' walls inviting them to view a YouTube video

PandaLabs has recently detected a new variant of the Boface family that affects the social networks Facebook and MySpace. In this case, the worm sends all the user's friends a message which contains a link to a supposed YouTube video.

In order to view the video, the user is required to download a Flash Player update. However, the downloaded file is not an update but a copy of the worm.

This shows that cyber-crooks are still interested in the social networks to distribute their creations. In fact, Facebook and MySpace with millions of registered users have become a profitable target for them.

Facebook has started taking measures to solve this problem. You can check it here.

4,000 Viruses in a month? Are we all using Anti-Virus?

Nearly 4,000 new viruses recorded in October

Up to 3,910 new types of computer viruses were recorded in Vietnam in October, including 3,905 of international origin and 5 of domestic origin.

According to the leading networks security agency in Vietnam, BKIS Network Security Centre, the bugs attacked more than 6.2 million computers in Vietnam during October. The most popular virus is X97M.XFSic, which infected over 73,000 computers.

BKIS said in October, 50 websites of Vietnamese companies and agencies were hacked. Of them, 24 sites were attacked by Vietnamese hackers and 26 by foreign hackers. BKIS also unveiled serious errors in websites of 11 businesses and government agencies.

According to BKIS, there is a new method of infection for virus to affect computers, which has swindle anti-virus software and resulted in the loss of standard files of the operating system. The users, thus, have to reset the whole system.

BKIS counted 92 new types of viruses which employed this way of infection and they attacked 41,600 computers in Vietnam.

All I can say, we need to make sure, we are using up to date anti-virus to protect ourselves from all these up coming threats plus make sure we are regularly backing up our data.

Kaminsky cache poisoning flaw

One in four public DNS servers insecure

One in four public-facing domain name system (DNS) servers on the internet are still vulnerable to the Kaminsky flaw, according to the fourth annual survey of DNS servers by network services vendor Infoblox.

The flaw allows hackers to sabotage DNS servers and send web users to sites set up to hack into their systems. Cricket Liu, architecture vice president at Infoblox, explained that the survey used the same tests as last year, but added a check on whether servers had patched against the Kaminsky flaw by performing source port randomisation.

"The number of name servers out there has increased slightly from 11.7 to 11.9 million, and firms are using more secure up-to-date versions of the Berkeley Internet Name Daemon package," he said.

Refer here to read full article.

Facebook and Privacy

Is Facebook Issue or People, who are using it?

I have blogged heaps of time about Facebook issues. I know, I have facebook account myself. I don’t want people to stop using Facebook or close their account in fact I would like them to be aware of all the possible security issues and treats available out there.

In the past, I have blogged about spammers are using facebook account to spam, spreading malware and social engineering. I advice my readers to make sure they really know the people they are adding and not to give out un-necessary information which can be used by someone to steal your identity or to harass you.

After 1 year on Facebook, I posted my picture couple of days ago. Several people and my friends asked me to upload a picture. I always refused to do so.

Let me tell you the reasons why I personally didn’t upload the picture.

1) My picture can be copied by anyone.

2)I have open profile because I am always looking to make contacts and friends. I tend to be bit reluctant to make sure what information I give to them.

Now I have uploaded my picture (just one), reason is;

1) My picture can be copied from my blogger profile anyway so there is no protection and I realize now that facebook friends can also see my picture from my profile if they are not visiting my blog.

2) I have uploaded only one picture though and that is also of “me alone” not with anyone else.

Okay, let me come to point. I have been investigating this particular "privacy issues with Facebook" for last couple of weeks. I will try to sum up my findings and concerns,

Consider this scenario:

I have a friend whose name is “Alisha” and she is added in my facebook friends list. She has a friend whose name is “Sarah”. I like her and I want to get her details but I notice her profile is restricted to her friends only. I sent a request to her but unfortunately she has not responded yet.

Suddenly, “Sarah” uploaded few photos of her friends and tagged “Alisha” in those photos. As soon, she tagged “Alisha” I was able to see all her photos in that particular album plus I was able to see her profile too. I found out more details and bingo I was able to harass her.

Now, consider another scenario:

I have my work friends, my family and my other friends in my facebook friend list. One of my friends uploaded a picture tagging me which is quite personal. As soon he tagged me, all my family members, my work colleagues and my other friends were able to see my personal picture plus all the pictures in that particular album.

Consider third scenario:

I have my neighbour added in my account as a friend. He uploaded few pictures in his profile of the party he had at his home. I commented on his photos and guess what my other friends see:

"Shoaib Yousuf commented on XYZ's picture"

Any of my friends can see my neighbours picture and infact his profile too. After commenting on his picture, i am really not giving any privacy to his personal party pictures.

So – what we learned from this?

Facebook is good social network tool but it doesn’t offer security or privacy what so ever. I suggest and advice all my readers to make sure if they upload pictures don’t tag them. If they still want to do, make sure you select the appropriate security permissions so all other people from your friend’s friend list cannot view it.

If you have any questions, suggestions or your past experience you would like to share let me know.