Adware turns lethal – rogue adware applications rigged with spyware components shifting focus to data harvesting

Adware turns lethal – rogue adware applications rigged with spyware components / shifting focus to data harvesting ….. 
THIS goes back to day one and a lot of veteran Users from the Windows XP days will tell you all about it. Adware was one of the first type of spyware category threats before spyware itself began to explode early on in this past decade of computing, 2000-2010. Users at the beginning were about just using antivirus and many have not even heard about firewalls yet and neither was antispyware around at all – except for the beginning products just starting to hit like Spybot Search And Destroy (Spybot S&D) which today has never past a poor rating, other internationally famous Lavasoft Ad Aware and Webroot Spysweeper, others like CounterSpy (Now Vipre).
Adware was, and still was, considered the least of all spyware category threats that was/is intrusive and annoying to browsing plus with all the continual intermittent pop ups via infection and would leak user browser information, histories, etc. for targeted ads. Spam (UCE Unsolicited Commercial Email) might be the second wave of attack.  Some pop up ads were leading to malicious websites to infect with spyware and possibly viruses and/or worms. This happened down the line and occurred infamously at like MySpace and others – Google and Yahoo – infected ads, which if you will could be like embedded adware but normally quite safe.. BUT spyware components in adware infection has not been anything but something very unique and a bluemoon if ever concocted.
HERE we are…..
REFERENCE ARTICLE:
Malicious adware shifting focus to data harvesting — BitDefender study
GMA News
BitDefender noted rogue adware applications rigged with spyware components collect various data about users, their systems and online habits under the protective umbrella of a EULA (end user license agreement) or privacy policies agreed upon by users…..
TIME TO REVISIT THE ALMOST FORGOTTEN ADWARE INFECTIONS AND PERHAPS ADD A LAYER OF PROTECTION AGAINST THEM…. 
TRY…..
Ad Muncher – The effective ad blocker
For Internet Explorer, Firefox and Chrome
NOTE THAT THESE INFECTIONS AND SPYWARE CAN BE BUNDLED IN SOFTWARE DOWNLOADS AND YOU CAN DISCOVER IF YOU ARE INADVERTENTLY GIVEN PERMISSION TO THIS WHEN CLICKING “OKAY” TO THE INSTALL. …. HELPER HERE…. DISCOVER THIS IN THE END USER LICENSE AGREEMENT (EULA)…..
ADD…..

EULAlyzer 1.1 [wrkx w/ Netbooks] http://www.javacoolsoftware.com/eulalyzer.html EULAlyzer can analyze license agreements in seconds, and provide a detailed listing of potentially interesting words and phrases. Discover if the software you’re about to install displays pop-up ads, transmits personally identifiable information, uses unique identifiers to track you, or much much more.  

SUGGESTED….
Download Ad Muncher [50% DISCOUNT] 4.93 Build 33707 Free …
49227 downloads
Jul 13, 2012 · Download Ad Muncher [50% DISCOUNT] – Powerful advert and popup blocking system for all browsers
SOFTPEDIA REVIEW….
Ad Eater for Your Comp?
Features:
Blocks adverts in all browsers.
Blocks unwanted popups in all browsers.
Blocks adverts in programs like ICQ, Morpheus, Kazaa, Grokster, Opera, PalTalk, iMesh, Bearshare, LimeWire, etc.
Speeds up page loading, thanks to the missing adverts and popups.
Blocks many annoying site behaviors.
Filters quickly and reliably, thanks to six years of constant development and feedback from users.
Includes extensive options for those who like to tinker, allowing you to remove anything that annoys you.
What do you think about the Internet ads? How do you like them? Abounding, scarce, somewhere in between? How about none at all and without compromising the aspect of the webpage? Impossible? No, it is not impossible; you just haven’t found the proper software to dismiss them.
Ad Muncher is a software specially designed to take big gulps of popups and all sort of advertising that prevent your browser from opening a webpage faster. Its “father” is Murray Hurps and he put a price on his “son’s” head: $24.95.
The interface is actually the configuration window. When I first ran the program and opened the configurations I felt overwhelmed by the abundance of settings. The first tab is the Logs menu that displays what else if not the logs from the web pages you have visited. The user can see the logs for the Link target URLs, Image source URLs, Popup opening and blocked popup URLs, script texts, table texts, etc.
Based on the log entry, you can create a new filter (when Add filter button is visible). The “Go to” option, when visible, will guide the user to where the respective filter or option can be modified. The If enabled, the Freeze checkbox will stop the software from updating the logs.
The software will not remove whatever it thinks by itself, and its filters can be configured by the user in My filters tab. The available filter categories are displayed if you enter a keyword, URL or text and then click in the filter category menu: remove links to URL, remove images/etc with URL, block retrieval for URL, remove all popups from URL, remove images with “alt” text, remove scripts with text, remove tables with text, remove divs/spans with text, remove forms with text, allow popups with URL, minimal filtering on URL, no filtering on URL, don’t match against keyword, add javascript to all pages, add CSS to all pages.
If you are not familiar with all the above mentioned information, the Help menu of the software will come extremely handy in configuring all those filters.
The Default Filters tab includes a fantastic number of 3026 filters that are maintained and retrieved from Ad Muncher developers. These filters will help you against the unwanted attack of the most common ads on the web. From this tab, the user can send reports to Ad Muncherdevelopers to inform them about sites with adverts or a damaged site.
In the Tools tab, the user will deal with three submenus: Replace Text (to replace the content downloaded by the web browser or other software), IP Scramble (applies a higher level of privacy while you are browsing the Internet) and Load/Save/Reset Configuration (My filters, Replace text filters and All other configuration options).
The IP Scramble option is worth detailing a little. When enabled, this option will prevent the web administrators from seeing your real Internet address and they will not be able to see your browsing habits as your requests will be sent through a number of different proxies. When enabling the IP Scrambler you should take into consideration that your browsing speed will decrease significantly (the page request will take more steps before the page is loaded).
The Options tab is the richest of them all. There are nine submenus that allow the user to “play” with the settings for filtering, popups, updates, interface, browser extensions, caching, filter targets, routing and in the Advanced submenu.
In the Filtering section, the user can set the site behavior, ads treatment, browser behavior, and adult content. There would be a lot to say about each option in here, but suffice to say that you can set the Muncher to remove the music and sounds, prevent sites bookmarking or reloading themselves, and prevent “web bugs” from tracking page visits, etc. (all these under Site Behavior); leave small, text-only adverts alone, blocking the retrieval of 468 by 60 pixels images (Advert Treatment).
In Popups, most of the options are “un-commentable” as their names say it all: prevent popups from appearing (when site is loaded/closed), prevent automatic “javascript alert” text popups.
The Browser Extensions can be added to the most common/popular web browsers and allow you to report or remove the ads by right-clicking them and to exclude certain pages from filtering. The Filter Target list will allow you to select the softwares and connection types affected by Ad Muncher. Also, if you have problems filtering a certain software, look in here first.
I haven’t gone through all the submenus and options of the software because most of them are easy to understand and easy to configure.
The Good
The software is extremely small and extremely efficient. It even “licks” the webpages clean so you will not run into blank spaces and there will be no trace of adverts.
The Bad
No comments here except for the price. It could have been a little lower.
The Truth
The software really does a great job and if you are a beginner and do not know how to use it, do not be disappointed as the Help menu will explain every aspect of the software.
Small, easy to use and runs on low memory usage and ferociously devours only the ads you are feeding. The software works extremely fine and it is indeed an ad muncher. I just hope it won’t get too fat (on the price that is).
Here are some snapshots of the application in action:
Review image Review image Review image Review image Review image
Review image Review image Review image Review image Review image
Ad Blocker: Ad Muncher
For the 50 most popular sites in the world, of the 28 that displayed advertising, Ad Muncher improved the load time by an average of 48% and reduced the download …
Emsisoft Antimalware is one of the top five products of the world
Ad Muncher – CNET Download.com
Ad Muncher is a powerful advert and popup blocking system for all browsers and advert-displaying programs like Pando, SopCast, …
Advertisements
Posted in BlueCollarPC WordPress Blog. Tags: , , , , , , , , , , , , , , , , , , , , , . Comments Off on Adware turns lethal – rogue adware applications rigged with spyware components shifting focus to data harvesting

How Do I Know The Disk Has Been Fully Wiped (Privacy/Security Disk Wiper Software)

How Do I Know The Disk Has Been Fully Wiped (Privacy/Security Disk Wiper Software)

Good orientation here …… we are talking….
 
Data remanence
From Wikipedia, the free encyclopedia
http://en.wikipedia.org/wiki/Data_remanence
 
This all depends on what and why you want to do this. If simply passing the PC on to a family member or friend and want all your data wiped off – you can use any disk wiper. It is assumed they are not going to go snooping in  some manner with a file recovery software in other words. Simply erase the disk is the procedure without security being a concern.
 
If you are going to donate the PC or recycle it – then you should absolutely only use a military grade disk wiper (eraser). This guarantees your data is NOT recoverable. I don’t know your sources to the contrary, but that is apparently indisputable. No data period – using military grade wiping software. That’s why it is called military grade. The best available to the public is a military grade software disk wiper. [ 35-pass Gutmann uber-paranoid erasure ]
 
The paranoia stops here……
(Has this been circumvented ? Not to knowledge)….
 
“UltraSentry was designed to delete file and folder data to United States Department of Defense standards, which is why we call it a military-grade cleaning application. What does this mean? Well, many electronic files and data are highly-sensitive or private, and when deleted, the data itself still remains on the disk, making it recoverable or accessible by anyone. UltraSentry eliminates that risk by overwriting the file data repeatedly, completely  destroying all traces of the sensitive file data, making it completely unrecoverable. The standards to which the data is overwritten are compliant with Department of Defense standards, and are the same standards the U.S. military  and government use when deleting top-secret or proprietary electronic information.”  <http://www.ultraedit.com/products/ultrasentry.html>
 
Mac PCs have this type utility built in I have read.

If you are seeking other, than I think it goes into the area of manually doing things. This is an interesting subject and I am kicking it around on some sites for information.
Of course the oldest security joke about how to never get an infection is to not plug in the computer. Along the same lines, paranoia has to enter the picture somewhere here – such as any type disk wiper can be thought to be performing a “hex dump” of the erased material to be recoverable either for the OS owner (Windows) or the Law or the actual software writer to capture any data involved as of interest for whatever reason. Paranoia can lead to manually performing the task and perhaps with a hex editor. Simply using ” 00 ” overwrite seems less than thorough enough as I have seen it recommended to use three different passes with two different sets the 00 first and last.
 
 
IF YOU ARE TALKING DISPOSAL….. PHYSICALLY DESTROY THE COMPUTER DISK…. HEALTH RISK ! …..
 
Learn how to effectively delete all of the data on your hard drive – and permanently
IN FULL
http://www.digitaltrends.com/how-to/how-to-completely-erase-your-hard-drive/ 
 
“….. Get Physical
Another brutally effective way to destroy data on your hard drive is to properly destroy the internal parts of the drive itself. There are several ways to do this, each of which requires physical methods of destruction that can be  dangerous and may expose particles or chemicals hazardous to your health. If you are not able to maintain a safe environment, do not attempt these methods. Find a qualified company to assist.
 
Your data is stored on the spinning platters inside the drive. It is these platters that need targeting. Popular and effective methods for destroying the platters are: 1) industrial shredding, whereby the entire hard drive is fed into a powerful automobile-sized shredder that makes mincemeat of the drive; 2) drilling through the platters a few times with a titanium drill bit (easily found at Home Depot).
 
Of course, if the CIA, FSB and Mossad are all after your data, you may want to
a) selectively nuke folders and files,
b) write zeros at least seven times,
c) physically disable the drive and
d) get a safer, calmer life.
 
Summary
 
Protect your Social Security number and credit card e-bills from getting into the hands of 8-Ball Ernie down at the rehab center. Do not ruin the innocence of those kids at the community center by accidentally exposing them to the  contents of your intentionally mislabeled though ineffectively deleted “Personal Budgets” folder. Make your donation of an old computer truly a win-win, good-karma situation for everyone involved. Free tools exist to perform even  the most thorough cleaning of a hard drive. Use them. ….”
 
MORE
http://en.wikipedia.org/wiki/Anti-computer_forensics
http://en.wikipedia.org/wiki/Data_remanence

Home/Small Business areas of Security in Online Communications

Home/Small Business areas of Security in Online Communications

Security of communications in a Home/Small Business endeavor or existentially. (I had to add this to my blog ! )

SOURCE — I am member Gerald309 – http://www.theeldergeek.com/forum/index.php?showtopic=43544  )

Of course this is the core in the security and IT industry with all the products available, and of course all the many departments in those products and general security in all communications on the world wide web. I could only scratch the surface and perhaps point you to some beginning areas that can expand into the “learning curve” knowledge – and since you are alert enough to consider security itself, you are well on your way to that simply by reading a post as this. Securing communications products and appliances are involved in secure communications. This is a very vast area of world wide web security itself and can be easily perceived in the many zero days and continual security alerts as vulnerabilities discovered and their solutions – generally patches, updates.

The two sides are all the communications from the client side (home/business network of computers) and all the communications to and from the server side (hosted on the world wide web). If I guessed right – you are concerned with the basics of secure communications against “leaks” which can occur on both sides of the equation in many areas. Some of the basics are like digital secure email for example.

Digital IDs for Secure Email

http://www.verisign.com/authentication/digital-id/index.html

Compare Digital IDs – Authentication, Secure Email & Secure Office

http://www.globalsign.com/authentication-secure-email/digital-id/compare-digital-id.html

Above are just two items of a vast array of security points of a vast industry with a vast amount of products. The learning curve can occur with introduction of communications and the security aspects which can involve all the threats exploiting them continually.

Just one aspect of this is generally called “sanitization” and as a search term…

Sanitization

http://en.wikipedia.org/wiki/Sanitization_%28classified_information%29

Same ballpark…. (even a corruption source and malicious use of hiding)

Data cleansing

Not to be confused with Sanitization (classified information).

http://en.wikipedia.org/wiki/Data_cleansing

In threats, there is the spyware area of “data mining” (which becomes much more aggressive for nefarious uses – cyber thefts)…

data miner (spyware)

http://www.webopedia.com/TERM/D/data_miner.html

I can not locate it handily, but I wrote a first “paper” about deceitful data scraping ….

Data scraping

http://en.wikipedia.org/wiki/Data_scraping

And so even these very, very few items are not even a surface scratch of all involved and are a part apparently addressed by the product mentioned <http://www.anonymizer.com/ > . There are a zillion as such now and it takes first understanding the scope of dangers – and then what addresses that as a confident determination in a security solution. Much of all things are simply “cured” by keeping all machines fully patched and all softwares and add ons. That basically gets rid of 90 percent of the ills and of course this is all assumed as installing the cutting edge quality products of antivirus, antispyware, and software and hardware firewalls and employing with severe prejudice – Safe Practices. As mentioned, adding any remote type connectivity to the home/business computer network introduces and multiplies dangers such as here – what has become a deplorable wireless security connection anywhere now with virtually all wireless signal encryption hacked.

One more point of all this is the actual webhosting and their server side security and reputations which need be observed obviously. One item here is the infamous…

Cross-site scripting

http://en.wikipedia.org/wiki/Cross-site_scripting

There are so many, many instances now of website break in worldwide in all – .com, .org, .gov, etc. . The obvious beginning is securing the home/business side of network computers (non-corporation) to at least determine any leaks and infections are not coming from the client side as example, uploading infectious files or photos, etc. Then, with this “forensics” if you will, it can be determined any malware and data ills and break ins are indeed occurring on the server side – webhost and servers. This is out of the hands on the client though they may work with you in any instances (not rare anymore). One example of this was that I suffered what is called “defacement” of my personal security theme website a couple years ago. This is that too familiar scenario whereby a cyber criminal hacks into the webhost and/or servers and places the defacement with the message “…if you want your site back, contact me with money at so and so…” – a typical extortion plot generally aimed at business. Unfortunately, the client has to wait until the webhost remedies the infection. This is where much research should be employed into the security aspects of the webhosting security reputation as well as all applications used on the website. C-Panel hosting really gives the client hands on in many areas.

The only bottom line is that I have not heard yet that WPA Enterprise is compromised For business, there is enough free information available but generally no one will get involved in actual security solution without price – IT Security. I do advise to look around a bit ‘yellow pages’ in your exact local regional area for these services for Home/Small Corporate business. In the least if hired, you will have among the best bondable security solution available. And again, there are a zillion products for a zillion things much as the medical industry churning out specialism in treatment – one for this one for that and so on. This can be completely counter productive and even damaging (much like the ills of using two antiviruses on a desktop ignorantly) and whereas IT Security will indeed deal with the entire over all picture.

I mentioned Trend Micro as well known and of course is one of the handful of these top quality products on the cutting edge of defense and not as hype but fact proven by independent lab testings. I am testing out their new netbook edition, but going back a year or two they did actually have four or five different security level settings for their laptop/notebook edition included firewall which included defending against direct attack while on Wi Fi wireless internet. I assume they still had that. This product virtually assures your machine (s) are defended and not infected. One side of the equation confidently secure. A basic beginning and they have almost all these communications protections incorporated aside from others the client can install like document type stuffs and secure email and so on.

Simply, trying to point you to data areas that you seemed interested in securing. Massive isn’t it ! The more you become involved in security you will see there is indeed a split in the area across the board and IT. Many just advise quickly for a sale not caring – profit driven, taking advantage of consumer ignorance. Many adjust security for convenience – whatever is least interaction for the client for their irresponsible praise which many times involves data theft resulting in massive ID Thefts of their customers which they will be both responsible for in a court of law – usually the business owner blaming IT.

Just mentioning things that do not even scratch the surface, I think you can appreciate this is not a one liner response subject. Quite the opposite. Costs are always a target, but to even make money on the Net – security should never be a target of the axe obviously to even be solvent in today’s marketplace online.

Not being professionals and experts and programmers in the industry, the consumer business person can easily rely on responsible user input (what’s hot – what’s not, what worked – what didn’t) from experience the best teacher to add as additional, but not sole source, for “Informed Decisions” in security solutions.

Forgive the answer if I entirely misjudged that you are a simple home laptop/desktop user looking for wireless security as opposed to a business owner. No, then, that product is not for this – it is a business enterprise solution type product.

EDIT… just looking I did see they actually indeed have a Home User Version. My apologies in advance. The WPA is encryption of what is in the air – the communications undecipherable. This is what has been hacked and there is no solution for that except a new upgraded WPA as they did with former WEP. What is in the air over the wireless internet (Wi Fi) is everything your are seeing and doing. Breaking into this, hacking WEP and WPA, the cyber criminal is basically seeing an entire text version of all to easily see sites visited, emails and documents and files opened an so on. It does not matter at all what is on client or server side. This is not what is being hacked.

More, see….

End-to-end principle

http://en.wikipedia.org/wiki/End-to-end_principle

Wireless Intercept & “Wiphishing”

http://technology.pitt.edu/security/risks/wiphishing.html

Webmaster, http://BlueCollarPC.US/

%d bloggers like this: