I know several of us are using the Firefox browser, and wanted to post this heads-up.

I'm sure many of you are familiar with a type of crapware known as "phishing," in which a malicious bastard sends an official-looking e-mail, supposedly from a legitimate organization. The letter says that your personal information needs to be updated or confirmed, and you're instructed to click an embedded link that is said to take you to the proper Website, where you can enter the information. As you probably already know, the Website is a fake, and any information you enter will be used for identity theft.

Firefox, and indeed many other "alternative" browsers are very vulnerable to this type of attack. Ironically, Internet Explorer is not, because Microsoft has yet to update it to conform to international standards. Ironic, huh?

About the only way to protect yourself at this point in time is to never respond to an e-mail purporting to be from a legitimate organization, and asking you to enter personal information. It's a virtual certainty that no 100% legitimate business would send such a letter, and if you think it has, then all you have to do is open your browser and manually enter the true address of the company. You'll probably see a notice on the first page that the company does not, never, ever, send requests by e-mail for personal information.

This link will take you to an up-to-date article that explains the background of the scam.

http://news.zdnet.com/2100-1009_22-5566 ... zdnn.alert

You've been warned.

Shortie

Shortie (imported) wrote: Wed Feb 09, 2005 9:46 am I know several of us are using the Firefox browser, and wanted to post this heads-up.

I'm sure many of you are familiar with a type of crapware known as "phishing," in which a malicious bastard sends an official-looking e-mail, supposedly from a legitimate organization.

clip......

Shortie

But Shortie Firefox doesn't have a email client but Mozzalla & Netscrape does. Also IE doesn't have a built in email client either.

_g

_g (imported) wrote: Wed Feb 09, 2005 1:50 pm But Shortie Firefox doesn't have a email client but Mozzalla & Netscrape does. Also IE doesn't have a built in email client either.

_g

I don't know exactly what you mean by "email client," but there are e-mail programs for both Firefox and Internet Explorer. The former is Thunderbird, and the latter is Outlook Express. Although Thunderbird is not embedded in Firefox to the degree OE is in IE, it is still the SMTP program of choice for most of us users.

Whether the e-mail program comes with the browser or is installed as an add-on, is not the problem. The issue is that when you click on an embedded link in a letter, it opens your default browser. It then becomes the browser's responsibility to open the linked Website.

Until the open-source community repairs the vulnerability referred to in my first post, my advice to never click embedded links in e-mail still stands.

I won't get into the debate between IE and Firefox but my thought is:

Keep your antivirus up-to-date.

Do regular spyware scans.

Don't download stupid stuff like a teenager.

Access your financial institutions by typing in the correct URL.

Remember no real financial institution will ask you for credit card details, social security details, drivers license details online. Ever.................

I think I did at least 30 radio spots last year on the phishing scam alone. Hate those people

tal

It really doesn't matter what browser or email client you are using, if you click on a link that comes in an email. If it made it through your spam trap, and you click on it, you're going to go to the said link.

One other thing as well, even with Spybot innoculation, Microsoft's new spyware program and antivirus, the boys here have still managed to wreck yet another computer by not paying attention to what they're doing. One reason I keep MINE locked up with a log in password and users that cannot download and install software. The joy of 2000 or XP Pro...

Paolo wrote: Fri Feb 11, 2005 6:10 am It really doesn't matter what browser or email client you are using, if you click on a link that comes in an email. If it made it through your spam trap, and you click on it, you're going to go to the said link.

You hit it right on the head.

Paolo wrote: Fri Feb 11, 2005 6:10 am One other thing as well, even with Spybot innoculation, Microsoft's new spyware program and antivirus, the boys here have still managed to wreck yet another computer by not paying attention to what they're doing. One reason I keep MINE locked up with a log in password and users that cannot download and install software. The joy of 2000 or XP Pro...

The only way to fly. Making sure the teenages DO NOT have admin. rights. One of my daughters had to nuke a drive and reinstall the OS and programs and restore DATA to fix the dam thing due to teenages downloading and installing unknown software off the web(that is after using spyboot, MS anti-spyware and Norton Anti-Virus trying to disinfect the computer for a day). It's an ALL day job to backup your data and nuke the drive and reinstall the OS and other software, with my computer at home it takes two or three evenings.

_g

_g (imported) wrote: Fri Feb 11, 2005 9:06 am It's an ALL day job to backup your data and nuke the drive and reinstall the OS and other software, with my computer at home it takes two or three evenings.

_g

More reason to make regular drive images, as I've been recommending for ages and ages. Every computer that is sold by my company has everything needed for the buyer to make images, and when the machine is delivered, a set of CD-ROMs with a clean image accompanies it.

CD-RW drives that are capable of recording drive images can be bought off the shelf for under $50 now, and at the big box stores there are sometimes rebates to reduce the cost to around $10! Either Norton Ghost or Terabyte Unlimited's imaging software will set you back about $30. CD-Rs are going for about a nickel each in an advertisement in today's newspaper here. A typical drive image will consume 8-14 disks.

For an investment of less than $100 you could make a drive image that can be restored in about half an hour. Compares pretty favorably to a time investment of many hours, doesn't it?

clip...

Shortie (imported) wrote: Fri Feb 11, 2005 9:20 am For an investment of less than $100 you could make a drive image that can be restored in about half an hour. Compares pretty favorably to a time investment of many hours, doesn't it?

Now shortie, How long do you think a drive image would be valid? I'm useally upgrade the programs I use and the windows updates, and I have about 70 gig of data.

I have made it easy. I have two partitions: OS and programs, then data. The reason it takes me that long is the time it takes to wipe the OS drive, and reinstall the OS then going to windows update. Just overwriting the drive with a image will not get all the affending virii. I done that before and ended up have to do a low level format, with the manufactors maintaince program before the virus was gone (kids computer).

Be sides each time my choices of programs being loaded changes. And it only comes to that once a year maybe and has not come up since to went to WIN2000 and XP pro and locked out the kids.

_g

_g (imported) wrote: Sat Feb 12, 2005 9:02 am Now shortie, How long do you think a drive image would be valid? I'm useally upgrade the programs I use and the windows updates, and I have about 70 gig of data.

I have made it easy. I have two partitions: OS and programs, then data. The reason it takes me that long is the time it takes to wipe the OS drive, and reinstall the OS then going to windows update. Just overwriting the drive with a image will not get all the affending virii. I done that before and ended up have to do a low level format, with the manufactors maintaince program before the virus was gone (kids computer).

Be sides each time my choices of programs being loaded changes. And it only comes to that once a year maybe and has not come up since to went to WIN2000 and XP pro and locked out the kids.

_g

Sorry it's taken so long for me to respond to this post. The combination of Sharon and I taking advantage of some late season snowfall on the ski slopes, plus increasing demand for technical support in my business, has limited my free time.

Your post has several levels that invite a response. The first is related to how long an image would remain "valid." I can only say that any drive image is valid for as long as the media upon which it is stored remains in good condition. If you're careful to store the media away from magnetic fields (such as audio equipment), then CDs will last several years. If your question relates to how long the image would be a close mirror of the hard drive, then that is a function to how often you perform the backups.

This computer is used for general surfing of the Web, plus sending and receiving e-mail. Since there's nothing on it that is particularly essential, I do the drive backups on a monthly basis. My business computer, which is not connected to the Internet for security reasons, is backed up at least weekly, and more frequently if I've added lots of customer information. My third computer, which is used mainly for gaming, is backed up maybe twice a year. It's simple enough to re-install games if necessary, so I really don't worry much about it.

As for your comment about having 70 GB of data on your hard drive, I have to admit to astonishment. I do technical support for a local library, and even those machines do not have nearly that much in the data files. Since data is the truly irreplaceable part of the information on a computer, you are in dire need of some sort of backup solution. The operating system can be re-installed, and programs can be re-installed. Data cannot. Once it's lost, you're out of luck.

That amount of data limits your choice of backup media. It would require so many CD-Rs as to make that a poor choice. Better options would be a separate hard drive disk (preferably external) or a tape backup. The first choice is much the less expensive. You can buy external drives (USB 2.0) of adequate size for $100-$150. The best imaging program to use with one of them is probably Acronis TrueImage 8.0. It's available now (by download) for $33.50 from NewEgg Computers. I used that program yesterday to image this machine, and it took less than seven minutes to do 7.68 GB. Your 70 GB should, by extrapolation, take about an hour.

Your reference to an infection still being present after installing a drive image leads me to think you're referring to a boot-sector virus. That particular type of nasty was once the main type of infection, but has been replaced as of late. However, it's still roaming the Internet, and can bring down an unprotected computer. Any competent antivirus program, if configured to run full time in the background, will detect and prevent BSVs. I use AVG Pro on this machine, and can truthfully say that I've never had even the slightest type of infection. I'm sure other AV programs would do the same, but can't say.

I know this is repeating other posts I've made in the past, but here goes anyway. Folks, you're going to lose everything on your computer sooner or later. The cause may be a virus infection, an operator error, or a HDD failure. It's going to happen. The only thing that will allow you to get back up and running in a short amount of time is a drive image, preferably one that is not outdated. The choice is yours.

Mozilla has incorporated a fix for this issue, at long last. Unfortunately, the patch is not available, at this time, as a separate download. To get it, you have to download the complete program, then re-install it. You can find the download here:

www.mozilla.org

Click the green link that reads, "Free Download -4.7 MB"