Spalding Computer Services

So Hotmail and Google email accounts, among others, have been compromised by a series of phishing attacks, and login details including passwords published on the internet.

Here’s a quote from a “security consultant”

“This should be a wake-up call to Google and Microsoft to educate their users”
Carole Theriault, Security consultant

I’m sorry but it’s quite clear from this incident that the users in question are blithering idiots and further education isn’t going to change that any time soon.

It’s not only Google and Microsoft either, what about the banks, the social networks, any number of other secure websites. All are being targeted on a daily basis by cyber criminals after users login details. And despite persistent warnings in all the media, both traditional and digital, stupid people still fall for it.

A wake up call to Google and Microsoft?
No. It’s the somnambulistic users who need a damn good shaking.

And if you are one of them, wake up, change your passwords, and please do not fall for this blindingly obvious scam again. None of these services will ever ask you for your login name and password by email.

If you get an email that looks genuine and contains a link to a website that looks genuine and asks for your password and user name, leave. And then go to the website through the usual url or your bookmarks, not the link in the email, to be sure you are actually on the genuine site. And then see if they still want your details for any other reason than to log in to your account.

It appears that o2 and BT have finally caved in and allowed Apple to add the 0870 application to the iTunes App Store.

iPhone users can now benefit from the cost savings on calls from mobiles previously enjoyed by Android users.

The 0870 app turns 08* numbers, such as 0870, 0845 and 0800, which cost 35 pence a minute to call, into 01* or 02* numbers which come out of your allowance or are very cheap to call on PAYG.

The free app is available to download now and is apparently supported by small and unobtrusive adverts in the footer.

The developer Simon Maddox was initially told by Apple that o2 and BT would not be happy to see this service on the iPhone. Understandable given the networks high charges for dialling 08* numbers. But why it was OK on Android is unclear apart from the different mobile network involved.

However his perseverance and Apple’s cooperation paid off when o2 finally gave the go ahead and Apple approved the app for inclusion in the iTunes App store.

“We have detected a virus on your computer. Click here to download Anti Virus software now”

If you’ve ever seen that pop up on a website then you have seen a “Malvert”

Clicking on that link will probably take you to an infected website or a link to download some infected software that will cause you some serious headaches.

Malverts are fake ads placed on websites, and security experts are concerned at the rise in numbers of these being placed on well known high traffic sites.

Earlier this month the New York Times website displayed such an advert claiming to have found a virus on the visitors machine. The advertiser was thought to be legitimate and did indeed place legitimate ads on the site for a week before changing to the malware ad over a weekend.

Hackers are increasingly using ad networks to distribute attacks to users visiting well known websites. They infect third party ad networks without knowing precisely which sites the ads will show on. But they don’t really care as all they want is the maximum number of eyeballs, so any high traffic sites that customarily take feeds from these networks work for them.

The return on investment due to the exposure gained is the same as a legitimate advertiser.

While these attacks are simply embarrassing for the websites concerned, they pose a serious threat for the visitors who get caught out. Many of whom are not running up-to-date anti virus software.

Eric Davis, in charge of Google’s anti-malvertising team, believes Internet Service Providers are best placed to detect infected machines.

“The internet service providers are in the best position to detect infected machines,” said Mr Davis, talking at the Virus Bulletin conference in Geneva yesterday. “They already have monitoring systems that could be used to identify signs of malware and botnet activity.”

Microsoft has taken a more direct approach by filing a series of lawsuits against suspected malvertisers.

“Google Turns the Web into a Giant Wiki – The Blogs at HowStuffWorks”:

Probably the most rational and least hysterical analysis of this so far.

Basically this new feature of the Google Toolbar, a plugin for Internet Explorer and Firefox browsers in case you’re not familiar, allows anyone to write and read annotations on any web pages.

The question here, as a web site owner, is do you really want any old Tom Dick and rival website owner leaving possibly disparaging remarks on your web pages?
The comments and remarks will be archived by Google and so far there is no indication that you as the website owner will have any control over what comments remain visible.

Google do say they will adopt some form of editorial control based on “Algorithms” to determine which comments are the most relevant. This is not good enough. The website owner is the only person who should have that control.

If you don’t have the Google Toolbar installed and activated you can’t contribute comments or see any comments which have been left. They won’t just pop up on their own.

My opinion of the Google Toolbar has always been, don’t install it, you don’t need it. But I realise millions of people have it installed and some of them may see a good game here.

This should be an opt in only option for website owners. A simple piece of code similar to the Google analytics code that would tell Google Toolbar “no wikithanks” must be possible.

How about it Google?

I’m always telling clients, friends and anyone with a computer who will listen that they should have a backup strategy. As we commit more and more of our lives to digital files on our computers, the prospect of losing the lot due to mechanical or software failure, or simply poking the wrong key on the keyboard, is all too obvious. And yet most people still don’t have a backup strategy.

Backup software applications are included in the latest versions of Windows and in Mac OSX. And external USB or Firewire hard drives are cheap, so there is no excuse.
Don’t lose all those precious photos and documents if your computer crashes or gets
left on a train. Backup, and backup regularly.

What prompted this post is a backup of a different kind.

I’ve discovered this morning that the landline phone at our London address isn’t working. There is no dial tone and to anyone calling the number it appears to be ringing. But it isn’t.

Virgin media supply us with the phone, and super fast cable broadband, in London, but they can’t get an engineer out until Thursday despite my stressing the business use.
Fallback or ‘the backup strategy’ for outgoing calls is the mobile phone, but I could very soon use up my inclusive minutes and start paying exorbitant call charges.

The second layer of backup for outgoing phone calls is Skype. I’ve used that for Skype to Skype audio and video chats, within the UK and internationally, and that works well. I’ve even taken international calls made to our Skypein numbers in the UK and overseas. But I’ve never used it to make national calls, there didn’t seem to be any point

Well now I have to, and it works.

Using the built in mic and speakers on a MacBookPro, SkypeOut is an efficient effective backup strategy if your landline phone falls over. Call quality was excellent, there was no echo on the line and the person I called didn’t keep saying “pardon?”

Our only problem now is incoming calls to our London number won’t get answered until sometime Thursday. Memo to self, initiate a divert facility on the line as a backup.

Everyone uses Facebook. It’s almost the worlds favourite meeting place. But some users have a problem being specific about where they live.

As Facebook spreads it’s wings across the globe there are some areas of conflict it has to contend with.

One of those concerns the disputed territories of the Middle East, particularly the Golan Heights.

Until recently if you lived in Katzrin (Qasrin), your only option in your profile was to say you lived in Syria.

Not any more.
Thanks to a 2600 person strong Facebook group called “Facebook, Golan Heights residents live in Israel not Syria” things have changed. You now live in Israel.

Already, Arab news agencies Al Quds al Arabi and Al Bawaba are reporting that Syria may demand a boycott of the social networking site.

Facebook already uses this approach with The West Bank and will probably continue it with other disputed regions like Kashmir.

(The company skirts the “One China” issue — whether Taiwan is an independent nation or part of China — because the region is just called “Taiwan”).

Cory Doctorow at BoingBoing has an interesting slant on who does or does not own the database that was financed by the British public.

“Wikileaks is hosting a copy of the “1,841,177 post codes together with precise geographic coordinates and other information” for the UK.
One odd thing about Britain is that databases produced at public expense — maps of the country, lists of postal codes, transcripts of Parliamentary debate and so on — do not belong to the public. In order to use this data, you have to pay gigantic licensing fees to the government, who accordingly threaten to sue people who use them without permission.”

http://www.boingboing.net/2009/09/17/britains-postal-code.html

A link to the Wikileaks page is here but it’s unavailable as I write.

The Skype story continues to roll on. Sold to eBay by it’s founders in 2005 for around $2.5 billion, 65 per cent of it has now been off loaded to a group of private investors for around $2.75 billion.
Not a bad return you might think, as eBay couldn’t really find anything to do with the popular VOIP service that in anyway enhanced it’s online auction service.

But here comes the sting.

There’s a little bit of core peer to peer technology in Skype that still belongs, lock stock and barrel, to Joltid, the company owned by the two Skype founders Niklas Zennstrom and Janus Friis.

And they are now suing eBay and Skype’s new owners for a staggering $75 million a day in damages. Joltid revoked Skype’s licence to the technology earlier this year.

Options? Not many really, without Joltid’s technology Skype would have to be re built almost from the ground up, which makes for interesting times for the new owners, and a bit of fun for us tech watchers.

Good grief. On the hottest day since records began this month, I’ve been sweating over a hot keyboard upgrading a bunch of clients WordPress installations to the latest version. On the way I found one that had been infected with nearly 5000 spammey comments, of which Akismet had managed to snare around 2000. Considering the number of sites involved that’s not too bad.

Fortunately all the comments were held pending moderation and approval.
A quick zap of the relevant database table consigned the garbage to burn in virtual hell while the client sailed serenely on with his business, unaware that his blog was potentially punting a veritable cornucopia of snake oils and porn movies.

All part of the service.

If you’re running a WordPress install earlier than 2.8.4, upgrade now before the spammers move in. Earlier versions have security issues that have been patched in 2.8.4.