April Fools!

April 1 is the day for pranks and practical jokes. There is, however, a plot afoot that may or may not be quite a bit more troublesome than your average April Fool!

The latest version of a worm out there called Conficker or Downadup, is sceduled to do something on 4/1/2009. What it's going to do is anyone's guess. It could be harmless, or not.

Conficker is a very complex and sophisticated worm. It's latest version (C) has stealth capabilities, and it disables Windows Update and the Windows Security Center as part of its behavior.

There are ways to beat this bad-boy. First, many antivirus manufacturers say they can still detect it, so make sure your A/V is up to date and do a scan of your entire system. Maybe try it in safe mode.

Also, the way Conficker knows what to do is by "calling home" to several algorithmically determined web servers. Since the web addresses are generated by the same algorithm, the professionals in the IT world have identified all of them from the A and B versions. These bad DNS names can then be blocked at the DNS level. (DNS is like the phone book of the Internet. It's where your computer looks up the numerical address for a human-friendly computer name.). OpenDNS.com is a DNS provider that will block Conficker's known destinations, so configuring your computer to use this free DNS service is a great step in defeating the worm.

Of course, it wouldn't be a bad idea to backup your personal files and documents, etc. Put them on removable media like a Flash drive or USB hard drive, and put it somewhere safe.

Start doing backups regularly if you don't already, and do it before the first.

Links:
PC Magazine article
CNN Story
Wikipedia Article

A Couple Vista Features

A couple of features stand out in my mind as great things in Windows Vista.

First is Windows Defender. While technically not a Vista-only feature since Microsoft has released versions for XP and Server 2003, it made it’s debut on Vista, and is included as a part of Vista. The versions for XP and Server 2003 are available as a free download.



Why Defender? Well, in the immortal words of Tony the Tiger, it’s great! Having this kind of security embedded into the OS is a good thing. The average user does not usually know when they are infecting themselves with some malicious software (malware). Sure, they’ve heard the term, but they probably aren’t savvy to the little tip-offs they encounter that should be warning signals. Instead, they end up clicking something that invites malware in to their PC. With Windows Defender, the OS will detect it and stop it, on the fly.

Windows Defender is peer-driven. That means that a large community of users is constantly contributing in some way to keep it up to date. The more eyes you have on a problem, the better equipped you are to solve it, so having users from every walk of life contributing their experiences to the project ensures comprehensive coverage.

For advanced users there is a “Software Explorer” in the Tools menu that allows you to view details about the software running on your system grouped by various categories. From the Software Explorer you can disable or enable programs, end processes and remove software.

Cnet called Defender "perhaps the best free antispyware application we looked at this year" when they reviewed it in December of 2007. It’s one of several great tools you should have in your anti-spyware/malware arsenal.

The other feature I really like about Vista is ReadyBoost. RAM is the component in a PC that most directly affects Windows performance. With ReadyBoost, the non-technical user can essentially dramatically expand the available RAM in their PC without taking covers off and messing with memory modules. All they need to do is pick up a cheap USB flash drive or an SD card and insert it into the computer. In the properties of the device there is a tab for ReadyBoost. Click the “Use this” option and you’re on your way to a perceptible improvement in system performance. You can never have too much RAM!

These two features are just a part of what makes Windows Vista a worthy operating system. The continuance of these feature into Windows 7 will make that OS even more truly impressive.

Debunking the Hype/Myth

Remember the PC vs. Mac commercial that had Mac say "Hi PC" and a third guy in a Secret Service suit said to PC "Mac issued a greeting; accept or reject?" It went on and on, every step of the dialogue filtered through the security thug.

It was a funny commercial, and it made a lot of sense if you were frustrated by that feature of windows.

But if you understand what's going on in Vista with that pop-up message, you might have more appreciation for it.

The Usser Account Control feature is what is responsible for those messages. When you start functions that could change your system, you are asked by the UAC if you are sure you want to do this.

A natural response is to get frustrated and huff "I clicked it! Of course I want to continue."

But everyone knows about "malware," right? It is the term to refer to malicious software written to take advantage of you and your system. And of course Spyware, which reports on your activities without your knowledge, and then there are viruses, trojan horses, etc.

Well these nefarious programs don't pop up a nice splash screen when they start with a title and a short description. You never see the "Welcome to the I LOVE YOU Trojan" screen. They just start up and run as quietly as possible, stealing your passwords, mailing screenshots of your bank account info back to the hacker who wrote it, taking part in Denial of Service attacks against other machines.

Enter the UAC. If one of these programs starts up and tries to do it's thing in Vista, the UAC will stop *everything* and ask you "Hey, this program is trying to run and change some of your system settings. Do you really want to allow that?"

Oh...that's what that's for. Doesn't seem like such a bad thing then, eh?

Yeah, it was marketing genius playing upon the ignorance of the common man. But once you understand, it looks a little different.

File Sharing

There are different kinds of file sharing. One is where computers on the same network agree to allow each other access to certain publicized resources via domain or workgroup membership and trust.

Another kind of file sharing is what's commonly known as Peer to Peer File Sharing. First made popular by Napster, there are many variations on the theme, including Limewire, Kazaa, and others.

In the news lately, sensitive documentation of the President's helicopter was found on a computer in Iran. Whooops! It happened because the computer that originally held the documents also ran peer-to-peer file sharing software.

It just goes to show you how dangerous this kind of thing is. If you are not extremely careful about how you set it up and run it, you are opening your computer up to anyone. This could have devastating effects on your personal and business life.

I hate this type of software. I never run it at home, and strive to eradicate all traces of it on any network that is my responsibility.

I also refuse to run "legitimate" versions like NBC's new HD program downloader NBC Direct. If you read the terms, you will see that it is a peer-to-peer program. You aren't downloading from NBC, you are downloading from other users who have the software. Then when you have your copy, others download from you. Without authentication, without access controls.

So be careful. You don't want your classified documents in the wrong hands.