Your Daily Computer Security Tips

OK, this has nothing to do with computer security. But I just could not resist telling you about this wonderful new Web site put up by Dan Florio. It is great to see the spirit of enterprise and innovation is alive and well in the human species.

Dan has solved a long-standing and critical problem for us, namely, exactly when during a movie should you go pee and not miss anything really important? Tough question, right?

Well, fear not. Just go to http://www.runpee.com and the Web site will tell you how many minutes into the movie you can best make the dash to the restroom. Most current and popular movies are listed.

It gets even better. If you run for it at the suggested time, runpee.com provides a summary of the scene you will miss. It gets still better. A mobile version is on the way, so you can decide at the last minute which movie you will see and when to make a run for it!

Finally, the site has been swamped with traffic lately, so if you cannot access the site, try again later.

Here are some notes from the leading edge of the Internet this week:

1. That nasty Conflicker/Downadup worm is still going strong, infecting some 50,000 additional computers every single day. What is wrong with you people? All you have to do to protect yourself against this evil bug is apply all Microsoft Windows patches!

With millions of computers infected, Conflicker now is the world’s largest botnet. It is hitting big companies especially hard. Even some of Microsoft’s computers are rumored to be infected.

2. A new attack has surfaced recently, that sticks malicious links in Google’s search results. It is still small, but spreading rapidly. It uses known flaws in the Adobe software to install malicious code on your PC. The exploit has been called Gumblar, and has infected several thousand sites so far.

Adobe is working on a patch for its software. Meanwhile, check that you at least have the latest version of Adobe Reader, version 9.1.1. Keep your Windows and security software up to date, and you should be OK.

3. Guard your personal information well. There are so many ways it can be compromised, and new ones surface every single day. For example, say you live in New Jersey and you just lost your job. Well, not to be outdone, the state of New Jersey has “misdirected” or sent your social security number to, uhh, well, somewhere or someone, but it is not exactly sure who or where.

Or how about that closed Kia car dealership in Boulder, Colorado? They filled a few dumpsters with folders of former customers. Hope yours was not among them…

4. Speaking of your personal information, watch this video about a complicated email scam that relieved an Oregon family of $400,000. http://www.stopHcommerce.com

5. An external hard drive has gone missing from the U.S. National Archives. It is thought to contain 1 terabyte (TB) of data from the Clinton Administration, some of it sensitive and personal. Also on the disk are security procedures of the Secret Service at the White House. Naturally, everyone concerned is surprised and shocked.

6. A security researcher in San Francisco is angered that Apple has not patched a serious security flaw in Mac OS X. So he posted the attack code online. It could be used to seize control of a Mac.

The bug is in the Java software that comes with the Mac. Sun Microsystems, publisher of Java, fixed the problem last December. But Apple still has not included the fix in its updates. Exploit code for this flaw is available online. Apple is aware of this issue, and claims to be working on a fix.

Have a nice weekend.

Security company McAfee reports that worldwide spam levels have dropped 20% for the first three months of this year, compared with the first quarter of 2008. This is mostly attributed to the shutdown of that McColo ISP in California last year, which was generating a tidal wave of spam.

The global email volume is thought to be about 100 billion massages a day. Of this total, 86% is now spam, down a bit from 90% last year. This is the lowest level of spam in some three years.

McAfee thinks spam levels will inevitably rise again, sooner or later. The United States leads the world with 35% of spam production, followed by China and Russia. But other countries are rising fast, including Web sites in the Netherlands, England and Korea.

You knew this would happen, right? The spammers have jumped on the swine flu epidemic to send out scary, threatening or even enticing emails. Some subject lines inform you that Madonna has the swine flu (she doesn’t), or that you need to buy these fake pills right away to protect yourself (don’t do it).

There has also been a huge increase in the number of domains registered with the word “swine” in the URL. That means we can expect to see more and more malicious Web sites hawking their junk, or infecting visitors’ computers.

Another old ploy you may see pop up again claims to offer you an important video on the swine flu pandemic. But first, you must download and install an “update” to Adobe Flash Player. This will simply install malware on your machine.

Expect to see pitches for the antiviral drug Oseltamivir, better known as Tamiflu. Never respond to these emails, and never click on the links within. Many exist just to grab your credit card number.

In fact, you should not even open or read them. Just hit your trusty delete button!

Strange as this may sound, the latest version of the Conflicker worm, called Conflicker.E, may simply stop working and vanish on May 5, according to some security researchers.

The Conflicker Working Group is a collection of 300 experts trying to track down the source of the worm, and stop it. So far, they have not had much success. But they think that Conflicker.E has not worked very well, and that may be one reason why it is being shut down.

This still leaves us with Conflicker.C. That is the version that tries to scare you into buying fake antivirus software, to clean your computer. You are urgently told to spend about $50 to get the program.

The C version will also block your access to 114 legitimate antivirus sites. It has infected millions of computers. The program you are urged to buy may be called SpywareProtect, from the Ukraine Bastion Trade Group. There is surely more to come from Conflicker and the people behind this malware, so be on guard.

Meanwhile, here is a quick, simple test to see if you are infected with Conflicker: http://www.confickerworkinggroup.org/wiki/