Root kits are not something the average Windows user has had to spend much time worrying about in the past. According to Eweek, that’s about to change as common spyware programs use root kit like techniques to hide from detection and make removal more difficult. Put simply, they use Kernel level functions to hide themselves on users systems. Since the Kernel is the heart of a system, if it is compromised anything can be hidden on your system and you may never know anything is amiss. With the increasing sophistication of Viruses and Spyware, it is logical to expect them to adopt more complex methods of avoiding detection. Get yourself a free copy of Adaware if you don’t have any Spyware detection and you use Windows. Or you could just get yourself a Mac or Linux PC as both have proven themselves more or less immune to Viruses and Spyware so far.

While I was upgrading our Statistical hit counter, I was required to download the latest versions of Netscape 8.0.2 and Opera 8.0.1 in order to ensure I could correctly detect their browser strings in the counter. I already have IE6 SP2 and Firefox 1.0.4 installed so this looked like a good time to do a “first impressions” review of the four browsers. I’ll start with the browsers I am most familiar with and work my way down from there.

Firefox 1.0.4
Firefox’s default theme is fairly intuitive and clean but extremely bland. Most things are roughly where you would expect them to be and Mozilla have made an effort to make IE users feel at home with the menu system. Firefox boots reasonably quickly but it doesn’t seem to be much better or worse then any of the others in that regard and I don’t consider 3 seconds faster or slower to load as a valid reason to choose one browser over another. Firefox loves rendering pages written to W3C standards. It also handles most sites written with older invalid or Microsoft only code, but there are some exceptions that will probably require Internet Explorer if you can’t avoid the sites in question.

A new user would get no impression about the benefits of tabbed browsing in Firefox because the default install seems to go out of it’s way to hide this incredibly useful feature. The first thing I always do upon a new Firefox installation is to right click on a blank section of the menu bar and select Customize and drag the “New tab” button onto the tool bar. I’m writing this review in Firefox with 23 tabs running so there is no doubt in my mind that tabbed browsing is a huge boon to my productivity.

On the subject of tabs, having one closing button for a whole row of tabs is not good UI design and more then once I’ve accidentally closed the whole page of tabs because I clicked the X in the top corner while thinking about something else. Netscape and Opera get the points for best tabbing UI on this issue because they both have a close button on every tab, (Firefox can have that too but you must install an Extension for it) and also because tabbing isn’t hidden away in the file menu in those browsers by default. Having said that, these probably aren’t serious issues , just a minor annoyances really. Mozilla would also benefit by replacing the default theme for something like Noia extreme for home users and give them the choice of bland corporate or eye candy home themes. Noia is the best eye candy home user theme I’ve seen thus far and most of my corporate clients like it as well. Since some corporations don’t like eye candy, it’s probably a good idea to have a bland theme choice available upon install.

(more…)

I just discovered another handy Google feature, automatic reverse look-ups of phone numbers. If you type 555-555-5555 or (555)555-5555 (replace 5’s with real numbers in a telephone number to try this — I have to explain that in case the University of Kansas Financial Aid Department is reading this — see prior story today) into the google search box and hit search, it will return the owner of that number together with an offer to draw a map to the address associated with it using Google Maps, Yahoo Maps or Mapquest. It will then continue on to show pages containing that phone number as you might expect.

Yet another nice feature at Google.

Reports are beginning to circulate as of late last week and continuing this week that Google will start an on-line payment program to compete with Paypal. That is good news, if it is true, for consumers. We personally like Paypal and find it to be fair and easy to deal with, even though others will tell stories of difficulties (usually from earlier in time). However, any time there is competition that is a good thing.

We recently wrote about a Paypal initiative to allow payments by buyers without leaving the merchant’s site. So Paypal continues to think agressively about how to improve and expand services. Competition usually keeps both tools sharper in my experience, unless the product is of a type that having business split increases operating costs (example something like utilities with expensive distributions systems). The nature of this could lead to a price drop for the service and cause each of them to think of ways to improve and expand the service offered.

So once again I say, go Google!

The University of Kansas attempted to notify 119 students that their failure to pass even a single class may make them inelligible for continued financial aid. Unfortunately the person in charge of the project gave each student on the list the names of all other failing students. As a result, Kansas will have to undergo an investigation of the privacy breach it created or itself risk loosing federal government aid.

The list reportedly included one woman who asserts she failed exactly one class, after receiving 200 hours of passing grades and a masters degree, according to USA Today. Her excuse is a good one, her daughter contracted pneumonia so she had to divert her attention.

This however raises several issues regarding email. We need to be very careful with addressing, the reply all button, getting a similiar name from our address book, etc.

I one single slip by a third party processor, one in each seven US Mastercard Accounts was exposed to possible identity theft as detailed at Security Focus. Fortunately the amount actually compromised will be much less. What makes this different than many other similiar glitches is that it exposed information for multiple branded cards issues on different financial institutions and organizations. Issues like this will continue to grow.

The day is coming where greater checks, perhaps pin numbers confirmed via independant routing for example will have to become common-place on purchases. Likewise with the advent of automated fingerprinting identification, I think prints or other equivalents must soon be required for the issuing of credit. Merely having my personal information and card numbers cannot be sufficient to allow access to my accounts or the granting of new credit.

A Microsoft event called “Blue Hat” was held between Microsoft, their software engineers and the hacker community for the purpose of testing the security of their Windows Operating System. Apparently only minutes after allowing hackers onto the network, a Windows laptop was caused to join a malicious wireless network to the apparent dismay and anger of the Microsoft engineers. This is the story detailed by ZDnet’s Ina Fried.

It should be noted that the “hackers” that would respond to a request from Microsoft would be classed as “white hat” hackers, meaning they don’t use their power to the detriment of others and are usually called security researches. Black hat hackers, the bad sort, would not want to draw attention to themselves by revealing themselves to a company that would be quiet happy to sue them for past transgressions.

Microsoft managers are said to be happy at the shock and anger of their engineers, mostly because they have been trying to engender that response themselves with limited success. They didn’t say however, whether they were happy that their security measures failed in so short a period of time. It is also interesting to note that Microsoft hasn’t publicised their “Blue Hat” meeting. One wonders if they would have sang it from the rooftops had the result had gone the way they probably expected.