Mischel Internet Security - Blog

Firefox 3 Beta is an amazing program - I run it as my default browser and it works great. One thing you may be missing from the beta is the mouse gestures add-in, which is not compatible with Firefox 3 off the shelf. This little hack lets you install the mouse gestures add-on in Firefox 3 so that you can enjoy the beta with the full mouse gestures support available in Firefox 2.

1. Download https://addons.mozilla.org/en-US/firefox/downloads/file/60/all-in-one_gestures0.18.0-fx.xpi and save it in a convenient folder on your hard drive.
2. Rename the downloaded file so that it has a .zip extension
3. Open the file in your favorite zip file manager (e.g. WinZip or WinRar)
4. Extract the file install.rdf from the archive and open it in a text editor
5. Change the line <em:maxVersion>2.0.0.*</em:maxVersion> to <em:maxVersion>4.0.0.*</em:maxVersion> and save the file.
6. Drag and drop your modified install.rdf file into the archive window that you have open to insert the updated file into the zip archive
7. Rename the zip file back to all-in-one_gestures0.18.0-fx.xpi
8. Drag and drop the file all-in-one_gestures0.18.0-fx.xpi onto a Firefox 3 browser window and complete the instalation

An interesting Wired story:

Visitors to RateMyCop.com on Tuesday were redirected to a GoDaddy page reading, “Oops!!!”, which urged the site owner to contact GoDaddy to find out why the company pulled the plug.

RateMyCop founder Gino Sesto says he was given no notice of the suspension. When he called GoDaddy, the company told him that he’d been shut down for “suspicious activity.”

RateMyCop is a new web site that allows users to rate U.S. police officers — someone watching the watchers you might say.

Moral of the story: Don’t buy hosting or domain names from GoDaddy lest you want to risk having your site offline without notice.

Online attackers have found a way to inject IFRAME redirects into the search results of major sites, including tech news site ZDNet Asia and bittorrent tracker TorrentReactor, researchers discovered on Tuesday.

By abusing the way that the sites cache search queries to optimize their rankings in other search engines — most notably, Google — fraudsters have been able to inject iframe redirects into the cached results. The redirects send unwary users to servers affiliated with the Russian Business Network that attempts to install a fake antivirus product, known as XP Antivirus, according to Dancho Danchev, an independent security researcher based in the Netherlands.

SecurityFocus has the full story.

One of the posts at our forum that gets the most referral hits is the post Add the Security tab in Windows XP Home Edition. This post was written by our outstanding moderator siliconman01 and describes in detail how you can get the security tab added to the Properties dialog for files and folders even if you use XP Home. Highly recommended and I’d like to take this opportunity to thank Tom for his outstanding work with the FAQs and the forum!

How to add the Security tab in Windows XP Home Edition.

We recently released Internet Password Manager and are currently running a time-limited promotion where you can get it for only $14.95 (that’s 40% of the standard price of $24.95). Hurry up and buy your copy now - it includes free minor version upgrade (i.e. you’ll get all version 1.x upgrades free of charge).

Download Internet Password Manager

More information on Internet Password Manager

Buy Now

New Zealand security researcher Adam Boileau has released a program that allows an attacker to log into a password-protected Windows machine via the computer’s Firewire port.

Interviewed in ITRadio’s Risky Business podcast, Boileau said the tool, released to the public today, could “unlock locked Windows machines or login without a password … merely by plugging in your Firewire cable and running a command”.

Boileau, a consultant with Immunity Inc., said he did not release the tool publicly in 2006 because “Microsoft was a little cagey about exactly whether Firewire memory access was a real security issue or not and we didn’t want to cause any real trouble”.

But now that a couple of years have passed and the issue has not resolved, Boileau decided to release the tool on his website.

The Age has the full story.

Internet Password Manager 1.0 has been released.

Internet Password Manager securely stores all your web site passwords using government-grade 256-bit Advanced Encryption Standard.

The program has been designed to be simple - there are no complicated options and adding a new password entry is a task that you accomplish with only two mouse clicks.

The free version stores up to 15 password entries and the full version stores an unlimited number of entries. As an introductory offer you can buy the full version for only $14.95 for a limited time (http://www.misec.net/order/)

Download:

http://www.misec.net/products/InternetPasswordManagerSetup.exe

More information:

http://www.misec.net/ipm/

ThreatExpert looking good today !

In comes a new virus undetected by everything on VirusTotal. Just had a quick look and immediately thought it looks like a VIRUT .. this is the only detection

Note the automated analysis thinks certain system files are deleted, this is another sign that they were infected by the virus or hidden by the rootkit, or both.

Please note: While TrojanHunter doesn’t deal with viruses in most cases, detection for the sample will be added very shortly since it was scanning 100% clean and analysis will take some time. The computer systems analysing the malware took over 3 minutes, an eternity when talking trillions of operations a second.

An interesting new spam, slight twist on the usual social engineering:

Mrs. Clause Is Out Tonight!

Dude,

I know you hate these kind of emails but this one is different. Hey what
can 1 min from your day hurt. You wont regret it for sure.
<malicious URL removed>

Obviously, users should avoid such emails and immediately delete them. If you can’t spot this sort of email as being a spammed virus, give us an email with any questions!

We’ve started working on our new Trojan Information Library, and there are already a few sample entries online. Read about how to remove some of the most common trojans manually, and get additional technical insight into how the trojans work. We’re also adding aliases so you can cross-reference the trojan names with those from other virus and malware scanners.