PC – SOS

An Internet Security Blog

Archive for October, 2010

MalwareBytes Seal – Am I missing something?

Posted by Bob Zenith on October 28, 2010

First of all, let me state that I consider MalwareBytes Anti-Malware to be one of the best (if not the best) anti-malware products available, and I frequently use and recommend the free version. However, yesterday I noticed something odd:

I was browsing through the MalwareBytes online store, just to see the price of the Pro version, and I noticed that the page had 3 security seals on it. One from Comodo, one from McAfee, and one generic SSL-Secured seal.

The seal from Comodo is legitimate and clickable.

The generic “SSL-Secured” seal is not clickable (I didn’t expect it to be), but it is true; MalwareBytes’s online store is SSL secured, so there’s no problem there.

However, the McAfee Seal is NOT clickable. Odd, I thought, since a McAfee seal needs to be clickable in order to be legitimate. At first, I thought one of my security add-ons was causing issues (NoScript, RequestPolicy, etc.). So, I disabled all my add-ons and restarted Firefox, returning to the page. Alas, the seal was not clickable.

At this point, I still was giving MalwareBytes the benefit of the doubt, and I believed something was causing issues with my Firefox and the seal. So, I tried the test in Internet Explorer; same result – the seal was not clickable.

Furthermore, I went to MalwareByte’s SiteAdvisor page. If the seal is legitimate, then the scorecard will have a McAfee Secure logo on it, such as siteadvisor.com’s scorecard. Nope – MalwareBytes.org’s scorecard does not have a McAfee Secure logo on it. Neither does store.malwarebytes.org’s scorecard.

Looking at the “seal” at store.malwarebytes.org more closely, I discovered that it doesn’t share similar characteristics with legitimate McAfee seals. Normally, when you attempt to right-click a McAfee seal, you receive a warning message:

Copying Prohibited by Law – McAfee Secure is a Trademark of McAfee, Inc.

Try it yourself – right-click the McAfee seal in the top right hand corner of the site. It’ll pop-up a window. You can also try it here, except the seal is at the bottom of the page.

This does not happen with MalwareBytes’s seal…. the seal allows you to right click it, and potentially, copy the image.

…So, what gives?

\Update: MalwareBytes has removed the seal from their site until a clear policy about the seal from McAfee can be put in place.

Posted in Uncategorized | 7 Comments »

sURL

Posted by Bob Zenith on October 27, 2010

Steven over at hosts-file.net and it-mate.co.uk has created his own URL Shortening / Redirection service (ok, it’s been there awhile, I just haven’t gotten time to check it out until yesterday).

A unique service, sURL allows you to enter a link and create a short URL, long URL, huge URL, and an “ARE YOU NUTS???” URL.

For example, “https://personalcomputersos.wordpress.com” has a short URL of http://surl.co.uk/?9917. When you click on the link, you are directed to an sURL page offering details of the target URL, to make sure you really want to go there (ie: is not malicious). After determining the target link is probably safe, you can click the link and enter the site.

This will be my new URL Shortening / Redirection service of choice on Twitter, and I encourage others to use it also.

 

Posted in Uncategorized | Tagged: , , , , , , , | Leave a Comment »

Accepted into GeekU!

Posted by Bob Zenith on October 13, 2010

Alright, here’s some exciting news (well, maybe not for you, but for me it is): I’ve been accepted into the GeekU Malware Removal Training School! 🙂
If you haven’t already, I recommend getting yourself GeekU certified in removing malware by graduating from their Malware Removal School

-Off Topic-

Opera 10.63 was released yesterday; check it out!

Posted in Uncategorized | Tagged: , | 3 Comments »

Now on Twitter

Posted by Bob Zenith on October 10, 2010

Well folks, PC-SOS is now on Twitter.

So far, my feelings with Twitter have been mixed, at best.

1. As part of the registration, I was asked to choose my email provider (Gmail, Yahoo, AOL, or Linkedin) in order to “securely connect” to my address book. Uh, I’m not sure about everyone else, but I sure don’t want Twitter going through my address book to see if anyone in there has a twitter account.

2. About 2 minutes after I registered, I noticed that I already had 2 followers. I think, ‘huh?’ – no one even knows I have this account! Then, I check the users:

ehJocely8l996
Arabella Gorman
hello and welcome! just looking for cute guys haha

AdellRowe255
AdellRowe
hello and welcome! just looking for cute guys haha

Oh. Now I understand; I already have spammers following me, and I’ve only had an account for a few minutes. Luckily, Twitter offers the option to block accounts from following you, so I blocked them both and reported them as spam. IMO, you should have to approve ‘followers’ before they are allowed to follow you, in order to combat spam.

3. I also hate that bar on all Twitter pages that says “Psst… the new version of Twitter is here. Try it now!” – that bar stays on the top of the window, even if you scroll down – there’s no “x” or “close”; very annoying. Twitter veterans, anyway to get rid of that?

4. 120 Character limit – I see there’s a 120 character limit for tweets. Argh, I suppose I’ll have to use URL shorteners *shudder*. I detest URL shorteners in all forms – they mask the URL, therefore you have no idea what site you’re going to. Pf course, you can extract the real URL with services such as URL Void, but that takes time. Therefore, I will be shortening my links not with bit.ly, TinyURL, or any other common service. I will be using http://saf.li/ – it scans all shortened URLs with BitDefender antivirus (not top-notch, but will have to do…)

Well, I’m still playing around with Twitter, but expect my first Tweet soon!

Posted in Site Updates | 1 Comment »

October: CyberSecurity Awareness Month

Posted by Bob Zenith on October 5, 2010

According to StaySafeOnline.org, October is CyberSecurity Awareness Month. The first question that pops into my head is that why is it just for a month? CyberSecurity should be practiced every minute that you’re on the internet.

Here are some tips that you should already know about being safe and secure online:
* Use anti-virus software and keep it up-to-date: My recommendation, Avira (free), Symantec or NOD32 (paid)

* Use anti-malware software: My recommendation, MalwareBytes (offers both free and paid versions)

* Use a firewall: …Most anti-virus software comes with a firewall

* Use less common browsers: My recommendation, Firefox or Opera

* Use strong passwords: Learn how to make strong passwords. Don’t forget to change them regularly.

* Back-up your work: Regularly back-up important documents either on a portable storage system (USB drive), or a unused hard-drive.

* Encrypt your files: You can encrypt your files by using WinRAR

* Run your email client and your browser via a sandboxed environment: My recommendation, Sandboxie (free)

* Use security and privacy browser add-ons (for Firefox): My recommendations

* Never enter any PII (Personally Identifiable Information) online without seeing ‘HTTPS’

* Manage your hosts file: hpHosts

* Learn about threats and how to protect yourself! My recommendations: hpHosts IssViews, TeMerc Internet CounterMeasures, WOT: Web of Trust

Safe surfing, everyone!

Posted in CyberSecurity | Tagged: | Leave a Comment »