Google Chrome (Security Flaw)

As reported in ReadWriteWeb

Google Chrome has been reported to have a Serious Security Flaw. Unsuspecting users could be easily tricked into triggering a time bomb.

“The problem here is that, after a user double-clicks the download at the bottom of the screen, this application opened without any warning, which would allow a malicious hacker to easily execute any Java program on a user’s machine. ~ ReadWriteWeb

This application tricks the user to click “OK” with a bit of Social Engineering. Lets hope that Google patches this security flaw pronto. I would recommend keeping away from Google Chrome for a little while. Just because it is stamped Google. Does not mean it is safe. Give it some time. Let it be tested.
Just because your friends are doing it. Does that mean you have to. ~mom

The Zfone Project

I communicate with friends, family, and co-workers mostly through instant messenger and VoIP clients. I already know that many instant messaging services are extremely insecure in the ways they transmit your conversations over the internet. I decided to try and find some software to help keep things a little more private. After going down a few rabbit trails I had come across Zfone.

Zfone is a fairly new secure VoIP phone software that allows users to make encrypted phone calls over the internet. The principle designer of Zfone is Phil Zimmermann, the creator of PGP, the most widely used email encryption software in the world. Zfone uses a new protocol called ZRTP, this protocol has a better archiecture then any other protocol currently used to secure VoIP. ~ zfoneproject.com

Installation is relatively simple. Once installed, launch the Zfone client. Then launch any one of the IM/VoIP Clients supported by Zfone. It is really that simple.

Zfone needs two users running the software simultaneously. I have tested this software with 4four1ones using Apple’s iChat. We both agree it is the easiest way we know to encrypt your audio and video chat sessions, when using iChat.

Thanks Zfone!

Recovery of stolen laptop with “Back to my Mac”.

Yahoo news is reporting that Kait Duplaga helped police recover over $5000 worth of goods stolen from her apartment. The Apple store employee installed a piece of software called “Back to My Mac“. This application uses the Mac’s built in iSight Camera to help identify the perpitrator. A few days after the burglary, a friend of Kait had noticed her computer was online. Kait was called at work where she immediately logged into her computer remotely with the “software”. Read more

MP3 requires special codec, BAMMMM your infected!

It is being described as one of the largest outbreak to be seen in 3 years. ~McAfee

The fake file (trojan) has been mainly distributed on the eDonkey and Limewire file-sharing networks (P2P). Once the file is downloaded onto your computer. The second you try to play the disguised file. A trojan will launch a file named PLAY_MP3.exe. When you run the executable you will see a bogus EULA. Agreeing to the terms listed will unleash a world of annoyances. Your system will be plagued by pop ups and other possible nasty infections. Read more

Securing your iPhone’s wifi traffic! (encapsulate the packets)

Have you ever been siting at your local coffee shop. You decided to start playing with your iPhone. Ohhh an email has just arrived. You visit a few websites. Log into your wordpress blog to make a quick post about “How amazing those beans are at Peets!”

Many iPhone users are blind to the fact that Read more

Raise your awareness about computer security. (Knowledge is power!)

Just came across this boingboing post.

A server used by a botnet to store stolen data from infected PCs was found to contain more than 1.4 Gigabyte of business and personal data. It consisted of 5,388 unique log files. The data included:
* Compromised patient data
* Compromised bank customer data
* Business-related emails
* Captured Outlook accounts containing email communication

To illustrate the scope; the server contained among others 571 log files from the US, 621 from Germany (DE), 322 from France (FR), 308 from India (IN), 232 from Great Britain (GB), 150 from Spain (ES), 86 from Canada (CA), 58 from Italy (IT), 46 from the Netherlands (NL), and 1,037 from Turkey (TR).

(Glyn)

Stop and think about this for one second. 1.4 GB is an extremely large amount of data. Just by reading this post I have come to the conclusion that a few Hospitals, Clinics, and Medical Billing Agents may have had machines compromised. I can also take into account that many Financial Institutions had compromised computers as well!

My conclusion is based upon a post with limited information. But I can assure you that most of the data could have been taken from Personal Computer Systems. Many people work from home. With limited IT skills, your average user knows very little about protecting their computer.

Here are a few links that should help with protecting yourself online.

1. GeeksToGo - How did I get infected in the first place?

2. AntiPhishing Work Group - Community committed to wiping out Internet scams and fraud!

3. Get Safe Online - Protect your Apple Machine

4. Get Safe Online - Protect your Linux Machine.

5. LifeLock - Identity Theft Protection

Would you like to add something to the list? Please email ping@theleetgeeks.com.