The Eight Things You Need to Know about 'Conficker'

The Eight Things You Need to Know about 'Conficker'
03.30.09

From pcmag.com

by Larry Seltzer

On Wednesday, April 1, the latest variant of the Conficker (also known as Downadup and Kido) work will download new instructions. The sophistication of this worm and its botnet have many concerned, although the amount of legitimate concern is a matter of debate.

If you're concerned, then here are the eight most important things to know about Conficker, updated on Monday morning:

1. Researchers have discovered what they're calling a signature for Conficker, and developed a scanner based upon the technology.

2. The overwhelming majority of systems infected with Conficker were infected through a vulnerability in the Windows RPC facilities. This vulnerability was patched in October. If you installed that patch before Conficker came out (late December '08) then you were protected and still are. If you haven't installed the update then it's essential that you do so. Windows Vista is technically vulnerable in this way, but the exploit is almost impossible to execute on it. Conficker is basically an XP problem.

3. Conficker can also spread through network shares, including those that have weak passwords; the worm executes a "dictionary attack" in which a list of common passwords (think "password", "asdf", etc) are used to gain access to the share. So if you find new executables on such drives they may be infected. Treat them as you would a program that got e-mailed to you unsolicited, and we hope that means you'll avoid it and report it to a network admin if you have one. A good anti-malware program will detect it at this stage.

4. It follows from this advice that you are also better off by using complex and unobvious passwords, especially those that use both numerals and letters and especially if they include punctuation.

5. Conficker can also spread by putting itself on removable drives like USB drives. When it does so it sets the Autorun on those drives to run itself. So if you insert such a drive you could, at the least, get a standard Windows Autoplay menu offering Conficker among its options. Sometimes it will disguise itself as the Windows option for opening Windows Explorer for the inserted drive. Once again, a good anti-malware program will detect it at this stage.

6. Anti-malware software isn't perfect but it has a very high rate of success. Conficker is about as high-profile as malware gets; all the companies have it and understand it well, and so if you have anti-virus software and keep it up to date it's hard for you to get attacked.

7. Conficker can interfere with the ability of Windows and anti-malware programs to update themselves. Ensure that they are doing so by checking the last update date/time of your anti-malware software and by checking Windows Update manually. Leave no critical updates uninstalled.

8. Free Conficker/Downadup Cleaning Tools:
McAfee Stinger
ESet EConfickerRemover
Symantec W32.Downadup Removal Tool
F-Secure F-Downadup, FSMRT, more tools
BitDefender single PC and network removal tools
Kaspersky KKiller
Trend Micro

If you use one of these tools to remove Conficker immediately install the MS08-067 patch afterwards.

YouTube's Hulu Revamp

YouTube's Hulu Revamp

Mon Mar 30, 2009 8:31am
chris.thompson - The Big Money

Over the last year, the television and movie Web site Hulu has grown from a clever idea to YouTube's greatest rival, netting tens of millions of dollars in ad revenue in a matter of months. YouTube, meanwhile, has struggled to figure out how to attract advertisers spooked by the amateur video clips and format that buries more professional (and ad-supported) films beneath a cacophony of submissions. Now, YouTube has reportedly figured out how to respond: steal Hulu's best ideas.

According to the digital-advertising news site Clickz, YouTube will roll out a complete redesign next month, one that will highlight professional movies and TV shows with commercials and sponsors. Currently, the site is organized into mystifying categories such as "videos," "channels," and "community," which do almost nothing to help viewers find Star Trek episodes or other fare that actually makes YouTube money. Now, the site will separate the professional content from the amateur clips. "Movies," "music," and "shows" will bring you to ad-supported entertainment of various stripes, while "videos" will steer the user to the old user-generated content that got YouTube started but has yet to make serious bank. "It's totally a Hulu approach, but that's best practices right now," an ad executive who has seen the new format told Clickz. The rollout is reportedly scheduled for the middle of next month.

--From http://www.reuters.com/article/bigMoney/idUS301620852120090330

Skype Lands On iPhone And BlackBerry

The Channel Wire

March 30, 2009

Skype Lands On iPhone And BlackBerry

Skype, the Internet VoIP service, is coming to Apple's iPhone and Research In Motion's BlackBerry, according to a report Sunday.

While rumors of Skype adding mobile device support have been floating around for some time, the E-Bay owned company is now delivering the goods ahead of the CTIA Wireless show, which begins Wednesday in Las Vegas.

The first device to get support for the VoIP service will be Apple's iPhone, with availability starting Tuesday, according to a report in the New York Times. Interested users will be able to download the Skype application through the Apple App Store this week. The iPod touch will also function with the application.

Meanwhile, RIM's BlackBerry will be getting the same functionality about a month later in May.
On the iPhone, the Skype application will be somewhat limited. Users will not be able to place Skype calls via carriers such as AT&T, only on Wi-Fi networks. Callers therefore will not be charged for cell phone minutes when making Skype calls.

While rumors had been circulating about Skype's appearance on mobile devices, that speculation gained fuel last week when tech blogger Om Malik of GigaOm wrote that a tipster told him the iPhone app was coming soon.

"A few months ago, I asked Skype CEO Josh Silverman when was he going to launch the iPhone version of the P2P voice and IM service that has now been downloaded more than 405 million times," Malik wrote. "He smiled and said, 'Stay tuned.'"

It turns out that 'stay tuned' merely meant waiting through the weekend.

Skype users can also expect the capability to chat, take photos within the application, using an avatar and sorting contacts by name or online status.

---- Complete blog posting: http://www.crn.com/mobile/216401694

Small Hard drive, need to clear space on XP

Below are some good ways to clear out unnecessary files from your Window XP c:\ drive partition to gain needed hard drive space.

From a Microsoft discussion board posting from Jan 2009.

Summary points (read complete posting for detailed links and information):

• Use the Microsoft Disk Cleanup Tool
• Empty the Recycle Bin
• Disable Hiberation and and delete hiberfil.sys
• Change System Restore number of restore points
• Clear Temporary Internet Files
• Use ccleaner

Read all the options in this posting.

Enjoy the cleaning! Of course, be sure you have a backup and do the "special" cleaning tools not during critical time of use of that computer. Just in case!

CGT Featured Client: NDN - Livestream with Joe Rospars 3/10 Noon EST

Check out NDN's livestream with Joe Rospars, Obama's Campaign New Media Director: 3/10/09 Noon EST

From NDNBlog.org posting.

"A Conversation with Joe Rospars," Obama Campaign's New Media Director, Today at 12 pm
Submitted by Melissa Merz on Tue, 03/10/2009 - 8:54am.

Whether you're in DC or across the globe, please join NDN and the New Politics Institute (NPI) today, Tuesday, March 10, for a special event here at our offices near the White House for a conversation with Joe Rospars, the new media director of the Obama presidential campaign and founder of Blue State Digital, one of the nation's leading new media consulting firms.

We're expecting a full house today, and we've also heard from people just a few blocks from us and one friend in Uruguay who plan to watch the livestream of Joe and Simon talking about how the Obama campaign used new media and the Internet to change politics here, and around the world, forever.

The conversation with Joe will take place at the NDN offices at 729 15th St., NW, between H Street and New York Avenue. Lunch will be served. Seating is limited and will be first come first serve -- please click here to RSVP if you haven't already done so.

For those not able to attend the event here in our offices, be sure to watch it live on our new high-end Web casting system. Just go to ndnblog.org/livecast -- the stream will begin at 12:15 p.m. ET.

Computer Security - Current Security Alerts from CERT

Current Security Activity from US-Cert:
03-10-2009

(Be careful out there!)

· Economic Stimulus Email and Website Scams
· Microsoft Releases Advanced Notification for March Security Bulletin
· Mozilla Foundation Releases Firefox 3.0.7
· Malicious Code Targeting Social Networking Site Users
· Opera Software Releases Opera Browser 9.64
· Cisco Releases Security Advisory for ACE 4710 Appliance
· Adobe Releases Security Bulletin for Flash Player
· Microsoft Releases Security Advisory (968272)
· New Variant of Conficker/Downadup Worm Circulating
· Adobe Releases Security Bulletin for Critical Vulnerability

Windows wins, Mac loses February's market-share race

Windows wins, Mac loses February's market-share race
Fewer users give up Windows XP; more run Windows 7, according to online usage data

(Editorial comment - Is it the economy? - I'd think yes. It's less expensive to run Windows computers and Windows software is cheaper, too.)

Entire article from ComputerWorld.com

By Gregg Keizer

March 2, 2009 (Computerworld) Windows' market share rebounded last month as fewer users ditched Windows XP and more started running Windows 7, an Internet measurement company said today.

Meanwhile, Apple Inc.'s Mac OS X lost ground in February as its online share dropped by its largest amount in more than a year and a half.

Continued...