free adobe palace script font download

Adobe Photoshop CS5 cheap free safe download of adobe acrobat reader download crack for adobe authorware 7 cheapest download stand alone adobe flash adobe elements download

adobe cs2 download free crack key generator

Adobe InCopy CS5 for Mac cheapest adobe flashplayer free download adobe version cue update download windows cheapest adobe illustrator 10 free download adobe photoshop 70 download

download adobe photoshop cs2

Adobe Creative Suite 4 cheap adobe photoshop cs3 iso file download free adobe acrabat reader download buy cheap adobe acrobat raeder v7 download free download adobe acrobat professional 6

adobe photoshop font download

Adobe cs5 Design Premium cheap adobe flash reader download free ware download adobe photo shop buy cheap download adobe imageready free adobe dream weaver 8 download

free download adobe photoshop cs2

discount Adobe Flash adobe 8 reader download adobe version 7 download buy cheap manually download of adobe flash player 9 how to download adobe premiere pro free

adobe illustrator download free

cheap PDF to-EXE Converter adobe photoshop font download download adobe indesign cs3 buy cheap adobe reader download full download adobe acrobat megaupload

adobe illustrator cs3 crack download

Autodesk Simulation 2012 buy cheap adobe 5 free download adobe purchase products maintenance download contacting typeface cheapest adobe reader free download for windows vista download adobe premiere pro

adobe acrobat 6 full download

AutoCAD Electrical 2012 discount adobe reader vista download free download adobe photoshop cs3 extended me trial buy cheap download adobe professional download adobe svg viewer

download adobe gamma

cheapest Autodesk AutoCAD download adobe download manager free acrobat adobe download cheapest download adobe reader fur windows 2000 free download adobe flash player

crack adobe photoshop cs3 download

buy cheap AutoCAD 2010 adobe pagemaker download full free free adobe image ready download discount adobe illustrator cs2 trialware download adobe flash player 8 free download

free download adobe premiere pro cs3

AutoCAD 2012 buy cheap adobe image ready download download adobe photoshop elements discount download free adobe standard sf86 sf 86 sf 86 download adobe pdf

adobe download photo shared shop

cheapest AutoCAD for MAC adobe premmiere free download download adobe shockwave player discount free adobe acrabat reader download adobe flash player and download

iran download adobe photoshop

cheap adobe acrobat x free download of adobe reader 8 download and edit adobe files buy cheap adobe fash player download adobe after effects full download

adobe flash lite download

adobe acrobat x suite discount buy adobe photoshop download free download adobe acrobat reader professional 6 cracked discount adobe flash player 9 active x download free adobe ilrator download

adobe premiere tryout download

buy cheap adobe creative suite 4 download adobe photoshop 50 download adobe photoshop full cheap adobe photoshop download discount software download adobe 5

download adobe gamma download

discount adobe creative suite 5 how to download adobe on psp free ware download adobe photo shop cheapest adobe flash player version 9 free download free download adobe lightroom

cnet download adobe

adobe cs5 cheap adobe player download center free download adobe ilustrator discount best adobe acrobat download adobe indesign 2 for windows download

adobe acrobat download for mac

Adobe cs5 Design Premium cheapest adobe audition full download adobe photoshop element download buy cheap adobe acrobat reader 5 0 free download adobe download 8

adobe player 8 download

cheapest Adobe CS5 for mac adobe gamma download adobe acrobe free download cheap free download adobe pagemaker can we download adobe flash player file

download adobe flash player stand alone

buy cheap Adobe cs5 Production Premium adobe internet explorer download security adobe cs3 patch download discount adobe premier download crack free download adobe flash

download and install adobe flash onto my computer

cheap Adobe Dreamweaver CS5 download adobe photoshop 70 adobe pdf reader free download discount where can i download adobe flash player 9 download adobe creative suite 2 premium

how to download adobe flash files

Adobe eLearning Suite discount adobe premmiere free download free download adobe photoshop cs2 cheap pc wont let adobe plug in download download adobe illustrator cs

adobe flashplayer 9 download

Adobe eLearning Suite 2 buy cheap direct download links adobe download adobe illustrator cs cheap adobe illustrator 8 download adobe shockwave player download

download adobe media encoder

Adobe Flash Catalyst CS5 cheapest download adobe premiere effects adobe photoshop elements download discount adobe lightroom update download mac osx adobe reader kostenloser download

adobe after effects cs2 download

Adobe Illustrator CS5 cheapest adobe player download center adobe download free premiere discount adobe illustrator 8 download adobe flash direct download

free download for adobe streamline 4

cheapest Adobe Indesign CS5 free download adobe after effects for mac download adobe reader cd cheapest adobe acrobat reader free download download adobe ultra

adobe creative suite 3 download

cheap Adobe Photoshop CS5 adobe audition download free adobe acrobat reader 6 download cheapest adobe acrobat writer download adobe 10 download

macintosh download adobe acrobat reader

Adobe Photoshop Lightroom 3 discount adobe audition 3 free download adobe macromedia flash player 7 download discount free adobe photoshop full download adobe photoshop elements 5 free download

Archive Page 4

Local Shared Objects: the cookies you never knew that existed

Published by
madelman
May 8, 2007 in Beginner and Privacy. Comments

Flash settings

Many users, specially those who are worried about privacy, already know cookies: how they work, where are they saved and, most imprtantly, how to delete them. Most browsers include an utility to manage them, blocking or deleting the ones we don’t want.

But even if you are actively deleting cookies, you might still be leaving something behind. Local Shared Objects are the implementation of cookies done by Adobe Flash. So, if you have this software installed (and most people do) these Flash cookies are resting on your hard disk, maybe forever.

Each site using Flash can store, by default, up to 100 KB of data in your computer, even without you knowing it. No permission is asked unless the application tries to store more data than permitted.
Continue reading ‘Local Shared Objects: the cookies you never knew that existed’

MySpace phishing site reveals password patterns

Published by
John Biasi
May 7, 2007 in Beginner, Passwords, Phishing and Security. Comments

MySpace logo

As a follow-up to my previous post about creating good passwords, I thought it would be helpful to mention an article that shows some of the bad habits in password creation.  In Note to MySpace Users: Get Better Passwords, Brian Krebs discusses a phishing website that targeted MySpace users.  The site was used to obtain the usernames (which in MySpace’s case are email addresses) and passwords of close to 60,000 people.

On top of that, the list of usernames and passwords was stored as a text file on the phishing website, which security researchers were able to grab and analyze.  Here is the list of the most common passwords used:

password1 (106)
abc123 (73)
swimmer1(43)
iloveyou1 (41)
monkey1 (40)
****you (37)
123456 (33)
myspace1 (32)
****you1 (32)
i(32)
password (27)
babygirl1 (25)
iloveyou2 (24)
football1 (24)
danny12031986 (23)
blink182 (23)
princess1 (22)
freesh**4me (22)
16188s (22)
123abc (22)

This is revealing for a number of reasons.  First of all, the most common passwords used on MySpace are far from unique, and far from complex.  Most of these passwords would be easily guessed or cracked.  Since this post is a few months old, these people obviously haven’t been following my advice, as they wouldn’t have seen it yet.

 Secondly, it shows how easily people can be fooled by phishing websites that look authentic.  As this was from a few months ago, hopefully the introduction of in-browser anti-phishing tools in Internet Explorer  7 and Firefox 2.0 should help reduce the likelihood of this happening again.

And lastly, it provides a good justification for using different passwords on different sites.  If someone is able to get your MySpace password, no big deal, right?  It’s not exactly a critical site (to most of us, anyway).  But many people use the same password on many sites, including online banking sites.  So obtaining your MySpace password could be the key to all the sites that you share that password between.

Hopefully this scares you enough into making sure those passwords are strong, unique between sites, and that you pay attention to potential phishing scams.  Soon, I’ll give you some ways to help manage your passwords.

What makes a good password?

Published by
John Biasi
May 6, 2007 in Beginner, Passwords and Security. Comment

Black Keyboard

How do you create a good password?  It’s a common question, and there are a number of different approaches to this problem.  Understand that using strong passwords is critical, whether you are creating a password for your home computer, your online banking site, or any other type of web site or forum.

So what constitutes a strong password?  The standard definition of a strong password is “choose a password at least 8 characters in length, containing letters, numbers, and special characters.”  In case you’re wondering, special characters are usually the ones above the number keys on your keyboard, plus characters such as spaces, commas, periods, and the various other symbols on your keyboard. 

This definition is perfectly fine, but gives you little guidance on how to structure a password.  It can often lead to difficult-to-remember passwords, such as I$hg7p3V*!.  It can also lead to passwords that seem secure, but in fact are very easy for password crackers to break, such as P@ssword1.

There are two approaches to password creation that I consider to be good options.  The first one is to think of a phrase, such as “My dog Spot likes to eat dog food.”  You can take the first letter of each word and turn that into a memorable password such as “Md$ltedf05.”  As long as you remember the phrase, you will remember the password, and anyone else looking at it will find it incomprehensible.

Another approach that I feel is even better, if a bit typing-intensive, is to forget about passwords entirely and consider passphrases.  This approach creates even stronger passwords, but you will probably end up typing 15 or 20 characters in a password.  Take the example above.  Instead of taking the first letter from each word, just use the whole phrase as your password.  So your password would be “My dog Spot likes to eat dog food.”  This password contains all the elements of a strong password except for numbers, but it also is considerably longer than your standard password.  I would challenge any password cracking program to break that password.  The only limitation to this method is that certain applications and web sites have a maximum password length, so you may have to choose shorter phrases, or go back to the previous method for these sites.

Does anyone else have any password best practices that they want to share?  I’m open to any other methods that can create strong passwords that anyone can use.  Weak passwords are a serious risk and should be addressed in any way that you feel comfortable.

We are searching for bloggers

Published by
madelman
March 5, 2007 in Various. Comment

Searching

It’s been a long time since the last post. Lots of things have happened since then and the site has been stalled for the lack of time for updating it.

There are still lots of things to be told about computer security and I would really like this blog to keep on. But as I can’t do it myself I want to search for some people who can.

So if you are interested in computer security and can write in English (no need to be an expert in any of both) apply for this position right now. This is a paid position, so you can even win some money while writing about something you like.

To apply or ask any question, please use the form contact in the about page.

How to protect your mobile devices

Published by
madelman
June 8, 2006 in Beginner and Security. Comments

Using mobile devices to store private data can be a big security risk in case you lose them and they are not conveniently protected. If you use these kind of devices you should follow some rules.

Password protection. You should use passwords or a PIN to access your device. This might be a very basic protection, but can stop casual attackers from accessing your data.

Cipher your data. Many mobile device include this capability built-in, but if yours don’t you should find some software which you can trust.

Use a firewall. If you need access to Internet you should use the same levels of protection as at home, so use a firewall to avoid attacks.

Use device lockdown functions. Many mobile devices include some way to wipe its contents remotely if someone steals it. Be sure to have copies of this information before wiping it.

If you don’t follow some simple rules your information might fall in the wrong hands.

 

Return to blog

Published by
madelman
June 8, 2006 in Becoming paranoid. Comments

After more than two weeks of not writing in this blog because of lots of parallel projects and the real life, we are back.

Expect more posts about computer security in little time.

Microsoft Word vulnerability

Published by
madelman
May 22, 2006 in Medium, Spam and Windows. Comments

Some years ago, macro viruses inside documents became the new trend. Almost any new virus used this, hiding inside Office documents and executing when the unsuspecting user opened the file.

Most users got conscious and disabled the use of macros, so the virus couldn’t get executed and many mail providers blocked e-mails with attached Office documents.

This is not the case anymore, as macro viruses are very rare now, but a recent Word vulnerability has made DOC files dangerous again. This time the problem is not with macros inside the document, but a vulnerability that allows to execute malicious code when the document is open.

There is no patch yet for this vulnerability, as Microsoft won’t release it until June, so you should be extremely careful with documents you receive, specially if they are unexpected.

For now, this doesn’t seem too widespread, as only one attack has been detected against a company, and it was a very targeted one, directed specially to them, but it wouldn’t be strange to find it in the wild in some days.

F-Secure Online Scanner

Published by
madelman
May 17, 2006 in Beginner, Security and Virus. Comment

F-SecureIf we have to check one computer for viruses and we don’t have any antivirus at hand, F-Secure Online Scanner may be a good option, as it allows you to scan your files without installing any software in your computer.

You only have to browse to its page and download an ActiveX control which will scan the computer searching for viruses. You will need to use with Internet Explorer, as this is the only supported browser.

Another service I like to use is VirusTotal, which offers free online analysis of files with 23 different virus scanners, although in this case you can only scan individual files one at a time, but it is very useful in case you are suspicious of a file and want to test it throughfully. As no antivirus is 100% reliable, checking the file with so many different scanners may guarantee better results.

Anyway, it’s always a good solution to have a resident scanner which avoids viruses even being written to your disk, even less getting executed.

Chain letters

Published by
madelman
May 15, 2006 in Beginner, Email and Security. Comments

With some regularity, everyone receives in our inbox some e-mails sent by someone they know where they try to warn you against some kind of really dangerous virus or asking for collaboration in a project to help a poor kid,…

These e-mails are known as hoaxes and, although they are send with a good intention, they are almost always false, a kind of urban legend spread through Internet.

You can spot this kind of e-mails because they say you will have a big loss if you don’t forward them, they are not signed, they promise some presents from a company or offer some difficult to believe information.

Some examples of these kind of messages:

  • The Make A Wish Foundation, has agreed to donate 7 cents evertime this message is sent on.
  • If you forward it to 20 friends, you will receive the brand new Ericsson R320 WAP-phone.
  • DO NOT RELY ON YOUR ANTI-VIRUS SOFTWARE. McAFEE NOR NORTON CAN DETECT IT BECAUSE IT DOES NOT BECOME A VIRUS UNTIL JUNE 1ST. IT WILL BE TO LATE THEN. WHATEVER YOU DO, DO NOT OPEN THE FILE!!!

These e-mails have all been extracted from Break the chain, a site dedicated to recopilating them, so you can know if an e-mail you receive is a hoax or not.

You should never forward this letters to your friends, because they are very annoying, clutter up your inbox and many times, they can be used to get e-mail addresses to spam them. If your friends send them to you, you should tell them not to do it and why is it bad, redirecting them to Break the chain if necessary.

Sharing a computer securely

Published by
madelman
May 9, 2006 in Medium, Security and Windows. Comments

If you are in charge of a computer used by some different people, you will have found yourself formatting and reinstalling it from time to time to clean it from everything the users have installed, voluntarily or involuntarily.

In computers located at Internet cafes, public libraries or school the risk of being infected by spyware or viruses is very high, as they are used by people who, sometimes, are not very knowledgeable about security. So copying files from them or accessing important sites from there can be very dangerous.

Microsoft has released Shared Computer Toolkit for Windows XP which makes it easier to manage this computers in a secure way. The main features of this toolkit are Windows Disk Protection, User restrictions and Profile Manager.

Windows Disk Protection clears the changes made to the hard disk when the computer is rebooted so, if it gets infected with a virus it will be deleted next time you turn the computer on. You can also define some zones which must not be cleared, for example where the users save their documents.

User restrictions allows the creation of user profiles in an easy way, so you can give different sets of permissions to the different users or groups of users who must use the computer. For example, you can disallow the use of unauthorized software or set timers which limit the time a user can be logged on.

With Profile manager you can create permanent spaces which will not be cleared by Windows Disk Protection, where the users can save data.

This is a good solution unless you have a large number of computers, because the control is not centralized. In that case it will be better to use Active Directory and Group Policy. It will also allow you to test software in your own computer without fear of destroying important data.

To use Shared Computer Toolkit you will need a legal copy of Windows XP, as you must pass the Windows Genuine Advantage validation. You will also need 5 MB of space in your hard disk and a NTFS file system.

For more information and download you can go to Microsoft Shared Computer Toolkit for Windows XP.

« Previous Entries
Next Entries »
Text Link Ads

About

Becoming paranoid is a weblog about computer security, privacy and staying safe online, specially dedicated to novices
If you want to know something more about us, visit our contact page.

If you enjoyed Becoming paranoid, you can have a look at the rest of our blogs:


Latest

RSS

Sponsored links


Search

Search in the Becoming paranoid Archive


Subscribe

Enter your email address:

Delivered by FeedBurner


Tag cloud

Archives

Categories