You need to watch for hackers, open ports,….and the people within:

http://www.breitbart.com/article.php?id=D961I79O0&show_article=1.

 

~Jeremy 

Avira Premium License:

Hi, for all those interested to get a free six months avira premium license until comodo cavs is 100% operational,here is a link
"https://license.avira.com/de/promotion-a8ydzq3fgnsu051rwq81"   .
here is one for a 1 month license to get trained to the format of the website in English
"https://license.avira.com/en/promotion-t0q1aatr05zwftftgnqr"
hope this is appreciated.keep the hard work comodo , i long for the day when i will be able to use cavs as my primary scanning tool(a few months to wait thx to the great job of the team and forum)
cheers,Matthieu

 

~Jeremy 

How secure is IE?

(Sorry this isn’t really a blog post, I think of this site more as a “Twitter” than a blog/news articles.)

~Jeremy  

How to fool a keylogger?  I found this site that tells you how:

Quote from SAFe network SECurity:

Keylogger is a device that capture keystrokes pressed by user and logs it for further use.
Parents can check which keys they children pressed to make sure they didn’t access the forbidden web pages.
Malicious people can try to read recorded security passwords and use them to get the unauthorized access to your data.

So, what to do if you have to log into your account, but you suspect the keylogger sniffing every key you press ?
Use mouse.
If you have graphic interface to input the password, you can use mouse support in various ways, that you are probably familiar from your text editor.

1) while typing move the position of input cursor with the mouse, that will alter the order of inputted keys
2) type a fake text, then select it with the mouse and overwrite with proper password
3) open some prewritten text in another window and with the mouse select, copy/paste the letters without using the keyboard.

Here is the example:

Our secret word is ’shark’, and it is a part of email we need to enter.

1) input the letters ‘arregyurty5×39‘, where ‘ar‘ is the part of the password and the rest is some random strokes text

2) select the dummy text with the mouse

3) input letter ‘k’ that overwrites dummy, now you have ‘ark’

4) move the cursor with mouse to front

5) type ’sh’

Now in the input box you should have ’shark’ , but
keylogger recorded string ‘arregyurty5×39ksh’ and even when all your password letters were recorded it is very hard to guess the pass from it.

You have fooled the keylogger !

In similar way you can input the rest of your secret data to the boxes from the example, and safely log in.

This method will work against most of known keyloggers, but what if the brand new keylogger records also mouse movement?
Always be more careful that is obvious.

 

~Jeremy  

Here are some corporate logos after crisis.

See Slideshow

~Jeremy 

“darcjrt”, a member of Comodo Forums, is running a detection rate test of AVs here.  He is a supporter of Comodo and a malware researcher there, but he isn’t getting paid by Comodo so there shouldn’t be too much bias.

~Jeremy 

Liveside explains it:

Internet Explorer 8 has moved from beta to Release Candidate and is publically available for download today. Internet Explorer 8 RC1 is available in 25 languages for Windows Vista, XP, and Server only! Windows 7 users will get an updated IE8 with the next update of Windows 7.

So what’s new? What are the changes between Beta 2 and this Release Candidate? In brief:

• Platform Complete. The technical community should expect the final IE8 release to behave as the Release Candidate does. The IE8 product is effectively complete and done.
• Reliability, Performance, and Compatibility improvements. We’ve studied the telemetry feedback about the browser's underlying quality and addressed many issues.
• Security. We’ve worked closely with people in the security community to enable consumer-ready clickjacking protection. Sites can now protect themselves and their users from clickjacking attacks “out of the box,” without impacting compatibility or requiring browser add-ons.  We also made some changes to InPrivate based on feedback from customers and partners.
• User Experience. Some changes here based on feedback. An example is that fitting more items on the Favorites bar has been made easier based on data about how people actually use it.

Before you upgrade/install, please read this Upgrade Guide by Jane Maliouta. Feedback is welcomed here! 

Download IE 8 RC1

~Jeremy 

I was just looking at a security program called GeSWall (GentleSecurityWall).

Quote from a friend, Kyle, on Comodo Forums:

It has extremely low resources, the GUI uses roughly 5mb of ram and 0 cpu time. The service uses 7mb of ram and 0 CPU time. ( I've been running my pc for over 2 hours and it's still 0 CPU time! )
GeSWall can have 0 alerts, or 100 alerts if you wish. There is no benefit of having alerts. It only shows you what's happening. You can optionally select whether or not to AUTO-TERMINATE malicious actions, or ask the user.. or not at all. (Even if you don't terminate the process it can't do any damage.)

Erreale submitted 101 samples,  GeSWall of course passes on every sample. (I've never found anything that gets past GeSWall).
Some people might be confused though.. for example, Your AV scanner might pick up malware within the system32 folder.. But, this malware (If it has a G icon on it) is isolated from the rest of the system, Ie. Can't do any damage. Geswall does not have signatures or heuristics, so it cannot detect malware. It only applies restrictions of what isolated applications can do.
For example, an Isolated application can create files freely, (those files are also isolated!) so this means you should have 0 compatibility issues (usually) however, cannot modify trusted applications. So, if you download a viruses it's is not allowed to modify windows system or any other file for that matter.. Can't do any damage.
Hope this helps..I'll stop rambling now 
EDIT: woops! forgot to add, GeSWall doesn't allow any isolated application to write it self into the startup.

The GeSWall site also helps explain this:

GeSWall focuses on attack objectives such as taking control of a PC, stealing data, breaking system integrity and prevents damage regardless particular attack techniques. It protects you from intrusions and malicious software by isolating Internet exposed applications. Isolation applies an access restriction policy that effectively prevents all kinds of attacks, known and unknown.

Once installed, GeSWall dynamically isolates web browsers, e-mail, chat, P2P, IRC clients and other applications that may serve as entry points for malicious software or intrusions. Viruses, trojans, spyware and exploits cannot pass through an isolated application and so cannot cause any damage.

An access restriction policy prevents leaks of confidential documents and unauthorized modification of files, registry, etc., coming through an isolated application. At the same time, these restrictions are unintrusive and do not disable important application functionality.

The technology used allows any application to be automatically isolated without configuration by a user. To make it even smoother and transparent, GeSWall applies specific access rules for most popular internet applications. Those specific rules come in an open Application Database. GentleSecurity staff regularly adds new applications to the database so you can get smooth support for more applications from the automatic update service.

With the GeSWall Console, advanced users may choose an appropriate security mode and create rules for applications which are not currently in the application database.

To tell the truth, I haven’t actually used this.  But I’m planning to.  :)

And, in case you’re wondering, this has a free version and a pro version.

 

 

~Jeremy 

Quote from 3xist, a mod at Comodo Forums:

Hi Guys.
I would like to point out that FinallyFast.com is simply a Scam. They Claim to Boost your internet by 375% (IMPOSSIBLE).  Here are some videos about them:
http://au.youtube.com/watch?v=9uI11k0y-Wk&feature=related
http://au.youtube.com/watch?v=sMmCujH8HvE&feature=related
Comodo AV Detects them, and so does Malwarebytes and a few others. Also when you do uninstall their software, CIS will Alert you of a Buffer Overflow Attack. I attached some Screen shots of the detections, And when then they install stuff on your desktop without your permission.
Please spread the word and encourage people NOT to buy their products.
Cheers,
Josh

Lots of rogue apps are out there in the net.  To see if a program is a known rogue, you can check programs with this list, or search the program’s name with Google or Live Search.

~Jeremy  

Thumbtack is a online service by MS, still in a type of “beta”. 

use thumbtack to
collect a list of your favorite restaurants and share them with your friends
plan a trip- collect information about places to stay and things to do
research your next purchase- store, analyze and sift through your options in thumbtack
take notes and share them with your team

Sign in

view sample collections
faq
blog

So it basically is your collection of bookmarks.  What makes this service different is its:

• Bookmarklet: You don’t have to install anything for this “bookmarklet” to work.  For Firefox, you just bookmark a link in Firefox that Thumbtack gives you, and whenever you want to add something to your Thumbtack just click that bookmark.  You are not redirected to any other site.  You can also select text and pictures, and those will be included (note: yes, I see a typo in this screenshot):

• You can view and organize this later at the Thumbtack site.  Move the entries around, etc.

I like using Thumbtack if I’m researching something big.  :)

~Jeremy  

Comodo Site Inspector Launched for the Comodo forums.  This is like an “alpha”, as it is quite incomplete.  This is not a online service that checks if the entered site hosts malware, but if it “attacks” the browser/computer with malware.

~Jeremy

A post about keeping a worm(s) of your PC: http://windowssecrets.com/comp/090122#story1

~Jeremy

You may have heard about the new Microsoft OS, Windows 7 beta.  I have been testing it out some in a VM (Virtual Machine), and mostly I like what I see.  With a fresh install, it took up about 9GB.  Now this is kinda much, and one of the cons I have about Windows 7.  But Windows 7 is a major effort to be quicker and snappier. 

The task bar can be confusing, as the open programs are by default combined with the icons of closed programs.

Also, Microsoft made an effort to have programs designed for earlier OS’s and Vista run well (since Windows 7 is basically a fixed up version of Vista, it is no surprised that programs designed for Vista usually work).

You can talk about Windows 7 in my comments, or in this forum topic.

~Jeremy 

COMODO Internet Security 3.8.61948.459 BETA Released!

We have just released a second BETA for CIS which addresses some bugs existing in the previous BETA.
Whats New in this release?
====================
This release addresses many bugs that are NOT reported before. However the following reported bugs are also fixed:
Fixed! System reboot takes too much time when CIS is installed
Fixed! AV Heuristics produces false reports for certain files
Fixed! Diagnostics utility produces wrong reports
Fixed! Password protection does not work properly
Known issues
====================
* Threatcast protocol has been modified. This might cause the previous BETA to stop functioning
====================
32bit:
URL: http://download.comodo.com/cis/download/setups/CIS_Setup_3.8.61948.459_XP_Vista_x32_BETA.exe
MD5: c4e89ffafb896de22b754fb2f965368d
SHA1: 9fa19a777ca0ebbac686784a732187f2d7b59886
Size: 33.3 MB (34,963,208 bytes)
====================
64bit:
URL: http://download.comodo.com/cis/download/setups/CIS_Setup_3.8.61948.459_XP_Vista_x64_BETA.exe
MD5: 7e7b22cd744566720e3875747abcbc45
SHA1: d0e66b887f7e54d2188f7f83159d32e92c0d6b26
Size: 50.4 MB (52,908,296 bytes)
For Bug Reports please use http://forums.comodo.com/beta_corner_cis/comodo_internet_security_3861948459_beta_bug_reports-t33532.0.html

~Jeremy

Comodo EasyVPN 1.0.61560.46 Beta is released!

Comodo EasyVPN 1.0.61560.46 Beta is now available for download via the following links:

32bit:
http://download.comodo.com/cevpn/download/setups/CEVPN_Setup_1.0.61560.46_XP_Vista_x32_B1.msi
Size: 4.3MB (4 462 080 bytes)
MD5: 573f63dc772a421ed54a53a354a5f3f5
SHA1: 13c7e55de48f75e81b303d7260056db0c354f134

64bit:
http://download.comodo.com/cevpn/download/setups/CEVPN_Setup_1.0.61560.46_XP_Vista_x64_B1.msi
Size: 5.6MB (5 833 216 bytes)
MD5: 52c8dbb9048c40c1934d4244ca3e5139
SHA1: 5c543524516fa6bc98dd67eb281676df03292695

All previous Beta users should upgrade to this new version as the previous version is no longer supported.

Bug Reports here.

~Jeremy

www.Windowssecrets.com says that they will give you a paid subscription if you donate, no matter how small the donation.  So if you have money, go ahead.  But I found a site that lets you see past newsletters: http://www.newsletterarchive.org/from/Windows+Secrets (And if you do enough snooping around, you may be able to get the present newsletters too )

~Jeremy

Here is a simple, easy to understand comparison between 32bit and 64bit. http://www.microsoft.com/windows/windows-vista/compare-editions/64-bit.aspx

~Jeremy

Yeah, I know.  I've strayed a bit from the "technology" topic this blog is about, I can't help it with such an important thing that happened.
I'd like you too see this blog post: http://ps201blog.typepad.com/democracy_under_pressure/2009/01/ps-202-week-3-your-thoughts-on-the-inauguration.html

~Jeremy 

With the recent inauguration, I just wanted you to see this: 10 Weirdest Inauguration Day Blunders.

~Jeremy