- Journal of Internet Insecurity -
The Electronic Frontier Foundation has published a guide to protecting your search history from prying search engine eyes and web host spies.
The guide, Six Tips to Protect Your Online Search Privacy, can be found at: http://www.eff.org/Privacy/search/searchtips.php
Highly Recommended!
As many folks are aware, Hewlett -Packard is in the middle of a spying scandal. Recently, executives have had to resign and face questioning before congress. Many may wonder just how HP managed to track emails. Actually it is not all that hard to do. Many email providers do it, or at least have the means of doing it, simply by adding linked graphics to HTML based email. Now, whether they take the trouble to do it is another question.
Anyone can make use of similar techniques by employing a commercial service to track emails. This is what HP reportedly did. They are reported to have used http://www.readnotify.com/. Another similar service is http://www.readverify.com/. Yet another is http://www.mailtracking.com/. Actually, we suspect that readnotify and mailtracking are one and the same due to similarity of web sites.
Basically, this services add an invisible, very small graphic to an email. And when the email is opened, the graphic is retrieved from a server that is designed to record the IP address and other information from anyone that opens the email. Spammers often use this technique. These graphics, also called web bugs, can be individually coded. And services like readverify and readnotify use a variety of other sophisticated techniques to track email.
Here is the kicker: These services can be use to track most any document that employs graphics, including PDF documents and Microsoft Word and Excel and Powerpoint documents. To quote from their web site:
MailTracking gives you full email tracking facilities by sending you a return receipt email or an SMS/ICQ instant message the moment that mail you have sent gets opened. Your return-receipt is a live tracking window which self-updates and includes the date and time that your message was first opened and read, how long the message was read for, the approximate physical location of the reader, how many times your email was re-opened and re-read, as well as when and where etc, what kind of e-mail software your reader is using, what kind of computer and operating system your reader uses, what languages your reader can accept or understand, what kinds of email attachments your reader can view (eg: Microsoft documents, or Adobe files, etc), whether or not your email was forwarded to someone else, and, If it was forwarded, where is was forwarded to, sometimes including who subsequently reads it. If your email gets published online, you can find this out too, as well as where (the URL) usually. If you sent any URLs in your email, you can find out which ones were clicked on by your recipient, and when.
No software or downloads are necessary for either the sender or the recipient to install. MailTracking already works with all popular email and webmail programs and services. You just add “.mailtracking.com” onto the end of the email address you are writing to before clicking send.
Defenses:
We continue to encounter users who have not updated Spybot Search and Destroy to the latest version, 1.4. Upgrading to the latest version will allow many thousands of additional Immunization items. We strongly advise readers to upgrade to 1.4 ASAP.
Check your version by opening Spybot and clicking on HELP > ABOUT
The download can be accessed by opening Spybot and clicking on HELP > HOME PAGE
Or, go directly to the update: http://www.spybot.info/
Immunization is one of the best features of Spybot. It works without and significant additional burden on your computer. Spybot does not have to be running for Immunization to work.
We also recommend another great anti-spyware program that offers similar immunization features, Spyware Blaster. It can be found at: http://www.javacoolsoftware.com/
So, your “friend” send you an email with a link and says, “check this out!”
Is it safe to clink on that link? Check it first.
Or, you find your self at a suspect web site, and your computer behaves strangely?
Check that link for exploits.
Any web address (link, URL) can be checked for exploits by using the Link Scanner at Exploit Prevention Labs.
Thousands of users worldwide have already had their login names and passwords and online banking credentials stolen by this exploit.
It arrives in the form of an email greeting card from a secret admirer.
Attempting to read the ”greeting card” redirects the user momentarily to a web site that attempts to install key logger software, hidden by a rootkit, then it displays the greeting card.
I you have installed the MS06-014 patch, released in May, you are not vulnerable to this exploit.
This is an example of why keeping up to date with Microsoft Updates is critical to safe computing.
A new exploit against Windows computer users has been found in the wild. It uses a kind of image known as ”vector graphics“, which may be placed in an email or on a web site.
Currently these is no patch to correct this exploit. Microsoft has one in the works and expects to publish it on or before October 19, 2006.
This exploit can allow the attacker can execute code of his choice on your computer. You can bet that code will not be to your benefit.
For more information:
Microsoft Security Advisory (925568) – Vulnerability in Vector Markup Language Could Allow Remote Code Execution
We received notice of this exploit from Marc Liron at UpdateXP.com. His article can be found at:
http://www.updatexp.com Until the patch is issued, Windows users can protect themselves against the flaw by deregistering the vgx.dll.
Microsoft recommends that users click Start, Run, paste the following line into the input box, and click OK:
regsvr32 -u “%ProgramFiles%\Common Files\Microsoft Shared\VGX\vgx.dll”
After Microsoft releases a patch for the problem, you can easily reregister the DLL by repeating the procedure without the -u switch:
regsvr32 “%ProgramFiles%\Common Files\Microsoft Shared\VGX\vgx.dll”
We recommend users deregister this .dll file ASAP.
UPDATE:
Microsoft has issued a patch for this vulnerability, with uncustomary speed I might add. All Windows users are advised to check Windows Updates and install the patch ASAP.
You are currently browsing the Internet-Insecurity.com weblog archives for September, 2006.
__________________________| M | T | W | T | F | S | S |
|---|---|---|---|---|---|---|
| « Aug | Oct » | |||||
| 1 | 2 | 3 | ||||
| 4 | 5 | 6 | 7 | 8 | 9 | 10 |
| 11 | 12 | 13 | 14 | 15 | 16 | 17 |
| 18 | 19 | 20 | 21 | 22 | 23 | 24 |
| 25 | 26 | 27 | 28 | 29 | 30 | |
Navigation >>
Home ...
Pages (999999) : 1 2 » ... Last »
Posts (RSS)
and Comments (RSS)
