Windows Genuine Advantage (WGA)

Microsoft is listening to you! On June 27,2006 they announced that there had been changes made to the tool, Windows Genuine Advantage. After a number of complaints about the tool itself and the frequency it phones home, they have now removed the notifications code which phoned home every time you logged on to the Internet.  They have the press release on their website http://www.microsoft.com/presspass/features/2006/jun06/06-27WGA.mspx  which explains why the tool is necessary and the changes that have been made.


You can also read all about the tool, its purpose and the entire anti-piracy program at http://www.microsoft.com/genuine


 


 

In the News Again – A Drive-by Download Dialer

Despite efforts since 2002 to shut down this site originating in the UK, it still is actively installing a dialer when you visit the webpages at Coulomb.  Using an Active X control that automatically downlowds to your computer  when you visit their web pages,  it places a dialer component on your computer which forces it to Dial-Up to a high priced connection and deliver Porn to your computer.


Information about this dialer has been documented in the past, by Computer Associates http://www3.ca.com/securityadvisor/pest/pest.aspx?id=453072512 and by Symantec http://www.symantec.com/avcenter/venc/data/dialer.pornpaq.html


The latest attempt to get this site that delivers Active Malware shut down, has been blogged by Security Expert Jose Nazario http://asert.arbornetworks.com/2006/06/long-lived-malware-distribution-sites/.


The fact that this site still exists, after being discovered back in 2002 , and still plants their malware on people’s computers, is atrocious. What the public needs to do to help in the fight against this scourge, is  to ACT!  The way you can help, is to block the IP addresses that this company/person uses.  You can find this information at http://www.dnsstuff.com/tools/whois.ch?ip=217.73.66.0. On this WHOIS page you will find that the IP Address range is 217.73.64.0 to 217.73.66.20. Don’t hesitate, block it now  so that any chance of this dialer being downloaded to your computer is removed!


Read the links I have given above and you will find that this site is BAD NEWS.  We fight against spyware, malware and adware on a daily basis, but the public needs to get involved in any way they can.  There are many sites like this one on the Internet that spread their nasties with Drive-By downloads and other methods of placing junk on your computer.. 


What is a Drive-By download?  It is a download that occurs, in most cases without your knowledge, when you visit a specific webpage.  It is an insidious attempt to hijack your computer by the people who make this junk.  Sometimes you may visit a bad webpage wilingly, when you either click a search engine link or click a link in an email, thinking it is legitimate.  Other methods they use are: compromising a legitimate Webpage and placing a link to the bad pge on it , or hijacking a legitimate webpage and building in hidden code to redirect you there, without your knowledge.  When you visit the bad webpage an automatic download of the malware, takes place.  This is why it is called ‘Drive-By’ download, because all an individual  has to do is visit the page, to have the download occur.  Once the file or program has downloaded, it is on your hard drive to wreak havoc. It can be filled with viruses, trojans, dialers, adware, spyware, malware or any amount of bad junk that  you don’t want on your hard drive.


To prevent this happening to YOU, block any sites that have been found, by using the IP address of the WebSite, so that your computer browser is unable to visit the site.  By blocking sites like the one mentioned above, you are joining those who are involved daily, in the fight    If each individual with a computer blocks bad sites from accessing or downloading to their computer, then we can, and will  WIN THE FIGHT! 


Have a Great Day and STAY MALWARE FREE!


 

A Year Of Accidents

This is the first time I have been able to blog in awhile. Another set back has put me on bedrest since the second week of May when I broke my leg, again.  Since the accident I have been suffering withdrawal pains from lack of computer time, because unfortunately my doctors have had me tied to a bed, in traction. My bedroom now looks like a hospital room with all sorts of equipment that I can’t wait to get rid of.  I am now allowed out of traction for 1 hour a day which gives me some time to read email etc. but not nearly enough to keep up with new security vulnerabilities and help in the forums.  Unfortunately, I have never had a laptop, but I know I would be even more frustrated if I had a computer available, because I would have difficulty using it, while tied to my bed.


In retrospect, this past year seems to have had one thing after another interrupt my quest to help people with their security problems and educate as many people as I can about computer security.  I can’t wait for the day to come (the forecast is for the end of June at the earliest) that I can return to spending quality time on the computer.  I really miss advocating for the general public and the home user, and helping them clean up their computers.  I hope to be back soon!!