FIXIT MENU:
home about us contact us

WHAT'S AVAILABLE:
free scripts advanced scripts online tools great books web related tutorials contributed tutorials news archive geek toys!

SUPPORT:
help forum live chat help



Archive

Get Firefox! The most secure, and featured browser on the Internet.
RSS feed   enewsbar Live Subscribe    Add to MyYahoo

HTMLfixIT Archive for March, 2005




Thursday, March 24th, 2005 by Franki

A new release of Firefox is available now. Firefox 1.0.2 contains several security fixes over the 1.0 version, most recently a potential GIF parsing flaw that hasn’t been exploited yet, but potentially could be. Being Open Source means that the code is viewed by many developers and errors tend to be found before they are exploited. Mozilla also runs a $500 bug bounty where they offer money to people that find flaws in the code. These tactics are to ensure that any flaws in the code are found and fixed before anyone has a chance to exploit them. In some ways, Mozilla and OSS code is in a unique position here. By asking people to find flaws, rather then punishing people that look for them (as has happened in a couple of cases with commercial software lately, the latest being Sybase) you get the opportunity to find and fix bugs as quickly as is possible. By punishing security firms for finding flaws, you ensure that the only people looking for flaws in your software will be those that wish to exploit them (called Black hats). And they don’t tell the company that owns the software of the flaws, the owner generally finds out by examining exploit code after it is released. Hardly a good model for security. This quote by David Litchfield of NGSS best explains the point I’m making.

“Let’s face it, the details are there to anyone with a disassembler, anyway. This kind of legal threat achieves nothing other than to make legit researchers fearful about being sued if they find and publish security issues—even if they do so in a responsible manner,” Litchfield wrote. “In such a climate, security research will be driven underground—which is where the ‘good guys’ really don’t want to be.”

No Comments »

Wednesday, March 23rd, 2005 by Franki

First things first, yet another Microsoft commissioned and funded report has reached the amazing conclusion that Windows is more secure then Linux. I ask you folks, to cast your mind back over the years and see if you can remember any Microsoft funded reports that ever found that the Microsoft product being compared was found wanting compared to the competitor in one of these MS funded reports? That alone should give you some idea how much creditability I give this new report. Reports by business and government who are using or trialling OSS products like Linux are generally much more useful for comparison as the parties making those reports generally have no vested interest in either side.

Microsoft is having more troubles with the EC of late as well, their quest to have the powers of the trustee of their EC compliance limited has been thrown out as unacceptable. There is now also speculation that Microsoft have crippled some aspects of what they wanted to call “Windows reduced media edition” by changing or removing registry entries so that (for example) video embedded in Office documents would not play correctly or at all.

A patent (USP 6101499) that Microsoft was granted is also being questioned because Microsoft failed to mention that the technology they patented was already being worked on by the Internet Engineering Task Force and is very close to IPV6 which is the technology destined to replace the 20 year old IPV4 system that is behind the Internet now. This should give you the impression that when Microsoft tout their desire for interoperability, what they mean is that they want to own the protocols and will be interoperable with anyone that gives them enough money. That’s the impression I’ve gotten from all this anyway. Imagine if the guys that Invented the Web, TCP/IP and other such technologies had the same aspirations as Microsoft, if they had, it’s doubtful that Microsoft would be anywhere near as big as they are now.

No Comments »

Wednesday, March 23rd, 2005 by Don

Mike Davidson posts today about this project called Our Media that boasts it will forever host your digital works for free without bandwidth or other costs. Sounds great? Is it truly sustainable? For something that says it is soon to leave beta status and will shortly hope to become a 501(c)(3) charitable organization – a designation that means United States donors may deduct the donation from income subject to tax – those are pretty big promises. Someone has to pay the bandwidth bill and pay for the software to find and store the media. And indeed, how long before the thing is bogged down with junk (you know the creative content that may not deserve to see the light of day? – just kidding art is all good – even spam and advertising content …), or at least different versions of the same thing? The concept is good, but the promises sound Utopian to me.

Until this is funded by a major endowment it is just big talk. If it works off of an advertising model, then it isn’t really free, because your work may be carried under an advertisement for something that you dislike immensely. So while it is without monetary cost, you are supporting something you don’t care for – arguably a cost. That doesn’t mean it shouldn’t be attempted, but rather that it is likely to fail as those currently giving of time and talent are likely to shift focus, lose interest, and some will even die. The commenters over there (that I didn’t read until I was almost done with this post) seem equally rosy as I am. Maybe if enough of us tell them how silly they are, that will be just the ticket to get them motivated to get over the hump.

It will be interesting to see how usable the indexing is. To archive without reasonable retrieval is of no real value.

No Comments »

Tuesday, March 22nd, 2005 by Franki

ScanIT, a web consultancy company, is showing statistics reflecting that Internet Explorer was unsafe for 98% of 2004, verses 15% for Mozilla based browsers like Firefox. This puts to rest arguments that Internet Explorer is a security problem only because it is more popular at the moment. The Inq article is well worth reading as it explains some of the reasons why, and the implications of, the IE security problem.

Run the browser security checker yourself at http://bcheck.scanit.be/bcheck/ to find out if your protected, I just ran the test myself using Firefox and it found zero known vunerabilities. Good to know.

No Comments »

Tuesday, March 22nd, 2005 by Franki

Even though people are getting more aware of the Spyware issue, it still amazes me how many computers end up in front of me with stability and speed problems caused by an abundance of spyware on them. To that end here is a list of the top ten spyware programs to watch out for.

For those of you that want your system to run as fast and stable as a Windows machine can (It’s not much, but you have to start somewhere right?), head over to tips.littlehosting.com and grab yourself some free protection.

No Comments »

Tuesday, March 22nd, 2005 by Franki

US senators have introduced a new “Spy Block” bill designed to target deceptive spyware tactics. Thus far such laws have been only partially successful but we can hope right?

Word has it that the latest target of scammers is Internet phones, which are used via techniques like senderID spoofing to collect credit card numbers from unsuspecting customers, (by pretending to be banks for example). The low cost of Internet VOIP (Voice Over Internet Protocol) makes this sort of thing almost as cheap as SPAM. I guess we can call this “Phoice” scams? (Phishing over voice).

In related news, Phishing attacks in general are on the rise, Symantec says that one in every two hundred emails was a phishing scam and 60% of mail was SPAM between the months of July and December last year. From our own server statistics, I’d say that about matches what we’ve found here also. Phishing is the process where users are lured to a fake website (usually a copy of a banks website) in the hopes of stealing their username/password for the real site.

To help protect yourself from online threats using all free software, see tips.littlehosting.com

No Comments »

Monday, March 21st, 2005 by Franki

Microsoft was found guilty of anti-competitive behaviour by the US DOJ a few years ago, and got what many see as a slap on the wrist as punishment for their crimes. Their punishment didn’t really do much good, but it didn’t actually do any damage either. Now flip to 2005 where Microsoft have again been found guilty of anti-competitive behaviour, this time by the European Commission. Microsoft have appealed the decision, but in the mean time they are being forced to comply with the punishments which include a half a billion Euro fine, offering a version of Windows without their Media player (and not being allowed to call it “reduced media edition”) and most importantly, to offer information on their protocols to third parties who wish to create software that is interoperable with Windows on the client and server.
That last one is where this little story kicks in. Microsoft appear to have viewed this ruling as a way of excluding their biggest competitor (Open Source) from being being compatible with their products, and to create another huge revenue stream by selling licenses requiring royalties on each product sold that used the information covered by the license. Does anyone there remember that this was supposed to be a punishment for their anti-competitive behaviour?

Microsoft have made it clear (to me at least) that they want to choose their own opposition, and they’ve also made it pretty clear that they want Sun to be their main competitor by making several press releases touting Sun/MS interoperability programs. They want Sun as their “competitor” I suspect, because Sun is a traditional software company that they have proven in the past they can win against. Linux and other Open Source has already proven itself immune to Microsoft’s normal “competitive practices”, it can’t be bought or crushed because it isn’t owned by any single corporate entity, criticizing it seems to hurt Microsoft more then OSS, lawsuits don’t appear to be working (SCO), security is not an effective selling point for your software when your own house is not even made of glass, but rather of sand, and cost comparisons don’t seem to look so good unless Microsoft pays for the research. So what can they do? Why they can make sure that OSS software can’t have access to any of the interoperability data and help along their chosen competitor who is apparently not smart enough to realise that they are but a pawn and that this will only last till MS doesn’t need them any more.

Don’t take my word for it, read this ZDnet article covering the same issue in a more humorous and factual manner then I have here. It should be noted that the EC are not happy with the progress of Microsoft’s compliance, and may end up fining them 5 million a day till they reach compliance with the court appointed sanctions.

No Comments »







This site is totally free to use, you have absolutely no moral or legal obligations to help us continue.
There are however, some costs involved in running the site.

<random humor>
Plus sometimes Franki prefers EMU bitter to VB.
</random humor>

So if this site helped you find your way, perhaps you could consider contributing to our costs. Whatever amount you feel this site was worth to you would be just wonderful.
Use PayPal if you do decide to share and help us with the costs and in appreciation for our time and attention, or alternatively buy a book from our Bookstore..


  Time  in  Don's  part  of the world is:   November 17, 2017, 8:16 am
  Time in Franki's part of the world is:   November 17, 2017, 9:16 pm
  Don't worry neither one sleeps very long!



privacy policy :: support us :: home :: live chat help
contact us :: forum ::tutorials :: bookstore :: Site Map



      Valid XHTML 1.0!             powered by Apache Server
Pic 3 Pic 3

SEARCH:
USEFUL LINKS:

CIGHTML Firefox Thunderbird ClamWin WordPress SpyBot S&D TheGIMP Apache for Windows Registry Cleaners More cool stuff:

//-->

HTMLfixIT Site Stats.

Browser Statistics
Internet Explorer 85.88%
IE 717.63%
IE 62.3%
IE 50.00%
IE other8.6%
Moz Firefox 3.x3.03%
Moz Firefox 2.x0.18%
Moz Firefox 0.x/1.x26.65%
Netscape 8.x0.00%
NS 6+/Mozilla2.73%
Moz Seamonkey0.00%
K-meleon0.00%
Epiphany0.00%
Netscape 4.x0.00%
Opera 9.x0.00%
Opera 8.x0.00%
Opera 7.x0.42%
Opera 6.x0.00%
Opera other0.42%
Safari Mac/Intel5.21%
Safari Mac/PPC0.06%
Safari Windows25.2%
Google Chrome1.51%
Konqueror0.18%
Galeon0.00%
WebTV0.00%


Resolution Statistics
640 x 4800.25%
800 x 60026.14%
1024 x 76836.55%
1152 x 8640.25%
1280 x 80011.68%
1280 x 8540.00%
1280 x 102417.01%
1400 x 10500.00%
1600 x 12001.02%
1920 x 12007.11%
2560 x 10240.00%


OS Statistics
Windows 741.55%
Windows Vista2.4%
Windows 20033.91%
Windows XP20.86%
Windows 20000.36%
Windows NT40.05%
Windows 98/ME0.05%
Windows 950.00%
Linux/UNIX/BSD8.76%
Mac OSX8.03%
Mac Classic0.00%
Misc14.03%



New Windows Virus Alerts
also by sophos.

17 Apr 2011 Troj/Mdrop-DKE
17 Apr 2011 Troj/Sasfis-O
17 Apr 2011 Troj/Keygen-FU
17 Apr 2011 Troj/Zbot-AOY
17 Apr 2011 Troj/Zbot-AOW
17 Apr 2011 W32/Womble-E
17 Apr 2011 Troj/VB-FGD
17 Apr 2011 Troj/FakeAV-DFF
17 Apr 2011 Troj/SWFLdr-W
17 Apr 2011 W32/RorpiaMem-A

For details and removal instructions, click the virus in question.