Security – Page 11 – ReadMyDamnBlog 2023

Better security while browsing

Now this is a blast, we all know Internet browsing these days has a certain level of danger in it? Many sites have (knowingly or by using a advertisment rotation system) had malware scripts on their pages, and thus after visiting a few web-sites you may be infected by god only know what.

One of the reasons is that users most often have Administrative rights attached to their account, this is often needed in order to do anything, however it would be nice if you could tighten certain programs so they had demoted rights. Well you may recall me mentioning Sandbox IE? This will do sort of that, however there is an even simpler and cheaper way to obtain basic security.

DropMyRights.exe is a small exe file you can use to launch other applications with (eg. Internet Explorer or Firefox), the neat thing is that DropMyRights make sure the launched program do NOT have admin rights but only basic userrights (you can even with parameters tighten this further although I do not reccomend this).

So its as simple as this;

Download DropMyRights.exe (alternate download site)
Place it in %windir%SYSTEM32
Create a shortcut on the desktop that launches DropMyRights.exe with “%programfiles%Internet Exploreriexplore.exe” as parameter.

Now when you launch this shortcut the Inetnet Explorer launched will NOT have Admin rights and is thus somewhat protected against malware. Note; this is no where near the sandboxie protection, but it will still add A LOT to the security – its especially useful for Kids and Grandparents (but even we regular users can benefit greatly from this).

The Easy way to get started;
Download the MSI Installer I created that installs DropMyRights.exe to your “%windir%system32” and creates a desktop shortcut.

Pros;
Added security with no overhead, easy to use and implement

Cons;
Requires the DropMyRights.exe file to be on your pc, Some websites require ActiveX components to be installed in order to work (eg. YouTube requires flash) however just install these once using the regular unprotected IE then the ActiveX component is installed and the site will likely run fine in protected mode.

PS.
Works not only for IE but for all applications including Firefox, your mail software, Instant Messenger etc etc.

Tests using Windows Vista was inconclusive (Under Vista I managed to install Google Toolbar even with the browser running under DropMyRights, a notepad started was however unable to save a txt document to c:windows – hence inconclusive) Windows XP however seem to work without glitches (from what I can tell). If you have other experiences do tell..

2009-01-08/by Mike

Curse of Silence and Nokia Symbian S60 phones.

Security

It would appear that some Nokia phones (Symbian S60) are susceptical to a DOS (Denial of service) sms message that will turn the phone into a very basic phone (read unable to support any kind of messaging, SMS/MMS). The damage is not permanent, but will require a factory reset.

Name of the vaunerability is; Curse of Silence

Good thing my cell is a Sony Ericsson C902 😉

2009-01-05/by Mike

SandboxIE a virtual sandbox for all your applications

Deployment, Security, Utility, Virtual, Web

sandboxie You must have heard of virtual machines and virtual software (Softgrid and ThinApp former Thinstall) these solutions are really cool and offer a lot in security and ease, however they are not really good for adhoc projects.

Say you need to test a new application but are not sure you want to keep it, well you can fire up a virtual machine and install the software here, however fireing up a virtual machine takes time, memory and ressources so in other words its not ‘easy’ and convient. Well a little known program takes care of this, SandboxIE, with this baby you can download your application and just right click on it and say run sandboxed.

So how does it work, well its quite ingenious actually. The software will create a “sandbox” for the application (could be anything – a single exe file – Microsoft office or an installation software) anything this software does is written in the sandbox and NOT in your filesystem (both filesystem and registry are sandboxed), however the software can READ anything on your filesystem/registry – the software thus does not know its sandboxed it will preform just as it would in real world. You can even browse the sandbox and see what files are installed and where (or what changes would be made by the software).

SandboxIE has buildin support for internet browsing security, hence you will by default have a shortcut for launching your Internet browser in a sandboxed environment, this is really cool as if will offer you a VERY high level of security when browsing – any evil stuff you stumble across during your browsing can be undone (activex components installed, Google-Yahoo-Live toolbar, trojans installed).

frontpageanimation

What are the applications of this software?

Security for one, you can now safely run an application (suspected spyware etc) and the changes it makes are NOT permanent, you can simply empty the sandbox afterwards.
Installation tests, say you are installing new software but need to figure out which settings etc are right, well now you can install the same software as many times as you like.
Launch your internet browser in a sandbox, none of the trojans and evil scripts on the net can harm your windows installation – any evil stuff installed (including Google Toolbar etc) can be undone by clearing your sandbox.

A word of caution though, even though the software can NOT write to your filesystem it can still read everything on it (registry and files), thus if we are talking spyware or the likes it can still read your confidential information, also spyware/trojans installed while you browse may compromise your privacy even though they cant do permanent damage to your system.

SandboxIE is very easy to get started with, but offers very complex configuration. If you are interested in or use Virtual Machines of software virtualization you should really check this our, but also if you are concerned with security while you browse the net.

You get a free 30 day trial and then the price is 22€ (well worth its price).
Download and get all the details here; http://www.sandboxie.com/

Get a great podcast intro to SandboxIE here

2009-01-04/1 Comment/by Mike

Antivirus 2009 – removal

Antivirus, Security, Utility, Web

So a friend of mine got infected by this Antivirus 2009 (that is irony for you, infected by an Antivirus), anyway I will be visiting him shortly to try and disinfect that darn thing.

From what I can figure out I will get the best results by using the tools from;
http://www.malwarebytes.org/

Should be safe to use acording to;
http://www.siteadvisor.com/sites/malwarebytes.org

I will update this post with the results of my efford, should you however have better tips let me know..

UPDATE JAN 7th
Malwarebytes malware scanner worked like a charm, big thumbs up.

2009-01-04/by Mike

Temporary email accounts

Security, Web

You may remember my last post on “avoid getting spam”, well it would seem there is a bunch of these services out there.

I found a list on; http://www.prospector.cz/Free-email-accounts/Temporary-email-accounts/

I have not checked these, so use at your own discretion.

10 Minute Mail: temporary e-mail address where any e-mails sent to that address will show up automatically on the web page. You can read them, click on links, and even reply to them. The e-mail address will expire after 10 minutes.
AnonymBox: 12 hours temporary email account provider.
DodgeIt: temporary email account with seven days lifespan.
E4ward: disposable email address forwarder. They will forwar all emails to your real address. The email forwarding you can throw away anytime.
GishPuppy: disposable email addresses that automatically forward messages to your normal (private) email. Cancel them whenever you want.
Guerrilla Mail: provides you with disposable e-mail addresses which expire after 15 minutes. You can read and reply to e-mails that are sent to the temporary e-mail address within the given time frame.
HaltoSpam: temporary email frowarding service. After seven days is your alias destroyed.
Jetable: temporary email address. As soon as it is created, all the emails sent to this address are forwarded to your actual email address. It will be deactivated after the lifespan you selected (hourd/day/week/month) comes to its end.
KasMail: disposable email for a set period of time, ranging from a few days to a few years. All the messages sent to the disposable address are automatically forwarded to your regular email address. When you decide that you don’t want to use the disposable address anymore, for example if you are receiving too much spam, just make it expire.
Mail expire: temp forwarding email address that allows you to create a free email alias for yourself. For a period you choose, from 12 hours to 3 months, anything sent to this email alias will be passed on to you at your actual email address.
MailEater: free disposable email accounts. No sign up is necessary.
Mailinator: personal disposable email account that is created when mail arrives for it. No signup needed. Your temporary email account will be automatically deleted for you after a few hours.
MailNull: free temporary email service to help you take control over your email. Mail sent to this disposable email will be forwarded to your current email account. You can disable it with a click of the mouse.
Mintemail: free 4 hour email address with option of email fowarding.
MyTrashMail: free disposable ( temporary ) email service.
No Bulk: offering anonymous email accounts (no password required).
NoSpamFor.Us: temporary email forwarding service. After seven days is your alias destroyed.
PookMail: instead of giving your real email address to every website on Earth, just make up an imaginary name for @pookmail.com. After 24 hours is your temporary email account cleaned from the system.
Shortmail: short-term disposable email account service. All email are deleted after a 72 hours period.
Skeef Mail: allows you to register at other websites without giving away your own e-mail address. Instead, create a temporary e-mail account that’ll last 60 minutes. Enough time to receive e-mails that contain activation or download links, and to reply to e-mails that ask for confirmation.
Slopsbox: receive only email account where everything is deleted after 24 hours.
Sneakemail: disposable email service.
Soodonims: a free, unlimitted disposable email address site. No click address create . Control by time and qty received. Simple termination of spam mail. Easy to use, it will indicate the websites that are careless with your email address.
Spam.la: throw away email accounts. Simply choose a name and then you can filter out the messages to this address online to see it. No need to sign up.
Spam.Su: receive spam to any mailbox at spam.su (such as example@spam.su) without registration, passwords or logins. Access it by the corresponding URL (such as http://example.spam.su).
SpamBob: provides free disposable email addresses for use whenever you don’t want to provide your real email address.
Spambox: with this service you can create a temporary e-mail address that will forward all incoming mail to your usual e-mail address. You can choose the expiry time of the temporary email from 30 minutes up to one year.
Spamfree24: free and fast throw away email addresses. Your incoming mails will be temporarily stored for 2 hours.
Spamh0le.com: An anonymous temporary email forwarding service. It allows you to sign up for a short term mail forwarding account. You choose a name and how long you want the account to stay active.
Spaml: automatic disposable email solution where you don’t have to click. When you visit this site the auto-generated email address is automatically saved to your clipboard.
Spmagourmet: Self-destructing disposable email addresses.
TempEmail; place where you get a free, temporary, disposable, anonymous email address, keeping your own email address spam and virus free.
Temporaryinbox: free disposable email address, which doesn’t require registration and can be used to avoid spam. Use this email address in forums, lotteries, erotic sites or wherever. The spamers will never find out your private email address.
WillHackForFood: temporary email account with longevity from 8 hours to 7 days.
WillSelfDestruct: this site enables you to create a one-time secure web page for a recipient. You can create a secure anonymous email message to a friend or colleague by entering their e-mail address and the message, i.e. sending a password or other sensitive information that you don’t want other people to see. The recipient will receive an e-mail with a link to a one-time secure web page which they will be able to view once and only once. Once the url has been accessed the message is deleted. You may enter your email address or just simply your name if you wish. If you do not enter an email address or name your identity will be anonymous to the message recipient. No messages or e-mail addresses are stored after the message has been viewed. We also do not log your IP address or any information about you, your message, or the recipient. Once sent, all data disappears forever.

2009-01-04/by Mike

Avoid getting spammed – when using download forms

Security, Web

spam
We all know the hassle, you wish to download some neat utility but the download link require you to hand over your email address (download link send via email). Now as a person that has previously released quite a few utilities I can understand why this is, its nice to see who is using your software and neat to have a database you can mail to in case of updates etc, however as not everyone respects your privacy I don’t like to provide my email to just anyone..

So is there a solution you ask, and yes indeed 🙂 its right here;

http://slopsbox.com/

So how does it work, well fairly simple actually, here is a step by step guide;

1. open http://slopsbox.com/
2. click “List (and add) domains
3. Now scroll through the domain names and find one you like.
4. now to create your temporary mail address all you need is your imagination, add whatever you like in front of the domainname you chose before (eg. mr.cool@aliraheem.com) – you can choose what ever you like simply add @domainname to the handle/name you choose.
5. Now goto the site where you want to download, enter “your new email address”.
6. Goto http://slopsbox.com once again, enter the email (the one you invented yourself) and the code displayed, and sure enough there is your email download link 🙂

Ok, the world is not perfect, so do allow 10-20 min for the mail to arrive, if no mail arrive in 20 min try again with a different domainname.

Remember the mail address you ‘invent’ is accessible by everyone, hence make sure not to provide personal details when you subscribe to what ever it is you use the mail address for, once you get your login (to the download site etc) be sure to log on and change the password – anyone who guess ‘your email’ can read your mail so anything provided in the mail must be considered compromised.

But the good news is that you dont have to worry about getting spammed 🙂

Happy emailing..

2009-01-02/by Mike

AVG Antivirus joins the not so popular club.

Antivirus

AVG Antivirus has joined the not so popular club of antivirus vendors, that has released faulty definitions for their virus scanner. In this case it caused AVG to wrongly detect a virus in a vital Windows OS file, which in worst case (if you followed AVG’s advice) could lead to a crashed Windows installation.

From the AVG forum here is a possible solution that do not require re-installation;

PC crash after AVG update 9 Nov 2008

Posted by: pa3bar (IP Logged)

Date: November 9, 2008 04:45PM

Many PC’s crashed after todays’s update of AVG. The update destines user32.dll as a virus: PSW. banker4.APSA.
Valid for Win XP SP2 and SP3 with AVG7.5 and AVG 8.
This is not a virus, but an essential part of your windows programme.

prevention:
before you start up your PC, unplug the internet cable. Boot your PC and disable in your firewall the access to internet for the AVG update manager. Reconnect the internet cable. In this way your PC stays safe from the maliceous AVG update.

solution:
if you happen to believe the AVG programme (like I did) when it shows you the virus alert, and have choosen “heal”or quarantine””your PC will no longer restart. It shows a blue screen at start up and tells you it cannot find winsvr, error c0000135. System recovery has no effect. Don’t panic (like I did) but:

-restart your PC in safe mode (press F8 during windows start up)
-open the AVG control centre by clicking the logo or via start-programs-AVG
-go to the virus vault, select user32.dll and click restore.
-empty the virus vault
-close AVG
-now unistall the whole AVG program: start-programs-AVG-uninstall
-reboot the PC and it is fine.

2008-11-12/by Mike

The omnibus experience – Hilarious

Antivirus, Hot - Must see, Security, Web

If you are at all interested in IT-Security then YOU NEED to get a load of this, Paul Craig’s omnibus experience (a podcast from Kiwicon) brought to you by Patrick Gray http://www.it-radio.com.au/, its awesome and extremely funny.

Paul Craig is a security consultant whom in his Omnibus experience explain how he created 1) A kiosk attack tool 2) Hacked a botnet (and got a lot of interesting and funny information) 3) Wrote his own WMI trojan (yes he actually utilized WMI for this one – scary – PLUS it will verbally insult you, you really MUST hear the podcast its so funny).

Makes you think, hmm WMI very usefull but maybe a bit overlooked in regard to security.

Links;
http://itradio.com.au/security/?p=98
http://ha.cked.net/projects.html
http://www.mls.id.au/

2008-10-15/by Mike

Want a free Virus?

Security

Now that’s a stupid question (excellent quote from Star Trek DS9, for those who get it ;- ), but anywho – NO it’s actually not that stupid a question.. Let’s say you want to discect one of these evil doers or want to test your antivirus, well you need a specimen and my sources tell me that; http://malwaredatabase.net/blog/ or http://www.malwaredatabase.net/index.php is a place to start your search. Truth be told though, I did actually not find anything to download there, but their site was SO agonizing slow that I did not want to waste that much time looking.

Be careful though, we are talking live and kicking malware, so if you don’t know what you are doing better stay clear.

2008-10-14/by Mike

Extract images from IE Cache

Security, Utility, Web

Have you ever tried browsing around accidentally discovering beautiful images/backgrounds or the likes, but not thinking to save them.

Well recently I did, and damn if I could remember the site later (and MY history in IE, well lets just say its huge so that was no help). I came to think, hey someone MUST have written a utility to inspect your “Temporary Internet files” (IE Cache), you probably know you cant just ‘browse’ down there yourself and get anything meaningful, well anyway, sure enough after a bit of poking around I found a very decent tool (decent because a preview function in this util would have been to die for, but hey this is quite ok).

Get it here (its freeware, yes nice I know);
http://www.nirsoft.net/utils/ie_cache_viewer.html

He has even developed a few other utilities for this area so poke around a bit on his site. His site is even mentioned earlier in my blog as he also makes some VERY COOL security utilities, and hey it makes sense some of these “Temporary Internet Files” utilities could be used for crude security inspection.

2008-10-10/by Mike