AVG FREE Edition - get it now if you need an antivirus tool!

AVG is the best freeware solution for protecting your machine from viruses. They regularly release updates which is especially important when a particularly nasty bug like the current MyDoom is running around. When you complete the simple registration form, you will receive a license key in your e-mail to activate your copy of AVG. There's no excuse not to be protected.

New - AVG Free Edition is now available for all single home users worldwide! More detailed information can be found in the AVG Free Edition License Agreement.

Get your free copy of the AVG Anti-Virus - AVG Free Edition - and you will be able to use it without any limitations for the life of the product. You can also download free updates to get the latest program virus databases.

Download, install and use AVG Free Edition and get:

- AVG Resident Protection
- AVG e-mail Scanner
- AVG On-Demand Scanner
- Basic Scheduled Tests
- Free Virus Database Updates
- Automatic Update feature
- Easy-To-Use Interface
- Automatic Healing of infected files
- AVG Virus Vault for safe handling of infected files

The AVG Free Edition is fully featured anti-virus software with the following restrictions:

- Basic user Interface only
- Disabled Advanced Scheduling of Tests
- Disabled Creating of Your Own Tests
- NO TECHNICAL SUPPORT

John Dvorak weighs in on The Big One

January 30, 2004
By John C. Dvorak


Californians like to talk about the Big One: the disaster-of-the-century earthquake that will wreck the state. It's coming soon, they say. Well, so is the big attack that will shut down the Internet completely and destroy all computers�the online equivalent of the Big One. So far, all we've had are slight tremors.
The viruses and denial-of-service attacks we've seen so far are nuisances. They clog up e-mail systems or send inane messages. The most efficient attacks spread rapidly and then are eradicated by patches and updates to antivirus programs. But we haven't yet seen an attack that delivers a serious payload both to the machines propagating the problem and to the Internet infrastructure.
To accomplish this would require using all available means to penetrate every machine and spread virally while destroying data and erasing hard drives everywhere at once. A disaster like this might finally make the community take some action. We already know that users will always do dumb things to trigger problems. But the computing environment itself encourages this, in many ways. Here are my concerns...

Read this story. Dvorak is often argumentative for no good reason but this is one of his better articles in recent memory.

MyDoom virus declared worst ever | CNET News.com

By David Becker
Staff Writer, CNET News.com

Story last modified January 28, 2004, 5:25 PM PST

It's only two days old and still growing, but at least one security firm is ready to crown the MyDoom virus as the worst ever.

Finnish security software and services company F-Secure made the coronation late Wednesday, declaring the MyDoom the fastest-spreading worm ever and "the worst e-mail worm incident in virus history" in a letter research director Mikko Hypponen wrote.

MyDoom crawled onto the Internet on Monday, quickly clogging e-mail servers, as it propagated itself with millions of messages laden with malicious software code. An offshoot of the pest surfaced Wednesday but did not appear to be spreading nearly as quickly as the original.

F-Secure estimated that the worm was accounting for 20 percent to 30 percent of worldwide e-mail traffic Wednesday, putting it well ahead of previous nasties, such as the SoBig.F worm.

F-Secure credited the worm's fast spread to several factors, including aggressive harvesting of e-mail addresses and the fact that it was released in the middle of the North American workday, giving it several hours to spread unchecked among corporate networks.

Symantec has a free removal tool if your anti-virus software has not yet been updated to detect and remove MyDoom. It's a bit technical but if you take your time and follow the instructions, you'll be able to clean your PC with no real trouble. If you use Windows XP or Me, pay attention to the instructions about disabling the System Restore feature in your operating system while you are running the removal tool.

Microsoft Security - It's the user's fault

Lawrence Walsh, executive editor of Information Security magazine says the security problems with Microsoft products is partially our (the users) fault.

It's not that Microsoft isn't trying to improve the security of Windows and its other products; it has an impressive -- albeit, not always obvious -- laundry list of security achievements.

Nevertheless, Microsoft is still losing the battle for security in the here and now, and for good reason: The end-user community's expectations are simply too high. Microsoft says Trustworthy Computing will produce gradual security improvements over the next 10 years. But users want those improvements today.

Microsoft is quick to say it's always cared about the security of its operating systems and applications. Prior to 1998, Windows was no more or less secure than other platforms, since it was designed as a client-only application. Flaws and vulnerabilities only became glaringly evident when Windows was exposed to network environments and the Internet.

The user community bemoaned the problems but never revolted. During the dot-com and Internet heydays, they asked Redmond for flashy features and new applications -- security was barely a secondary consideration. These demands weren't exclusive to Microsoft products. Most applications and IT project followed the same paradigm -- develop, deploy, then secure when necessary. Security was seen as an inhibitor and not an enabler.

Microsoft is like any commercial enterprise: It responds to market forces and customer demands. You want a user-friendly operating system? Bam! You get GUI-rich Windows. You want Internet access? Bam! You get Internet Explorer. You want easy interoperability? Bam! You get probably the best integrated suite of home and business applications on the market.

The problem is users didn't understand what they were asking for. Microsoft simply responded to their desires and only their desires. They didn't ask for strong security, quality code and patchless systems, so they didn't get them. What they got was fast-to-market applications that provided more functionality than users could ever hope to utilize.

You can take charge. Make your PC Invisible. Read this blog and visit www.invisiblepc.com to learn how.

Help! I've been Web-jacked! - Computerworld

On Dec. 22, an Internet investigator got a tip that child pornography was being housed on an adult Web site. When he visited the site to verify the information, he didn't find any illegal images. But what he did find was a Trojan horse that disabled the ActiveX security controls on his browser and took control of it.

'I heard my hard drive churning and clicked on my task manager and saw three executable programs were installing themselves,' says Chris Brandon of Brandon Internet Services. 'I knew I was in trouble when I couldn't get my task manager to cancel the programs.'

By the time he checked his registry, the Trojan had installed dozens of programs that replaced the default Web page with its own, and loaded its own IP addresses in his favorite places, short cuts and safe zones. When he tried to erase the programs and reboot the machine, the virus reinstalled.

The tools are out there to protect you against this invasion. Get Ad-Aware and Spybot Search & Destroy from Tucows, download.com, VersionTracker.com or your favorite download site. They're free. They work. You'll be safer. And, if one of these nasty programs does get in, you'll know it and be able to deal with it.

InfoWorld: Hackers capitalizing on Mydoom's success: January 28, 2004: By : Security

InfoWorld: Hackers capitalizing on Mydoom's success

Hackers capitalizing on Mydoom's success
The worm opens a back door which hacker's could exploit to reap further damage

A back door to computer systems opened by the Mydoom e-mail worm is turning into a bonanza for thousands of hackers, who are scanning the Internet furiously for systems infected by Mydoom, antivirus experts said Wednesday.

The opening in the defenses of infected computers could allow malicious hackers to secretly install a Trojan horse program, keylogging software or simply peruse files on infected systems, and may make cleanup after Mydoom difficult, according to interviews with the experts.

Mydoom, which first appeared on Monday, is still spreading on the Internet and is believed to have infected between 100,000 and 300,000 systems worldwide, according to Craig Schmugar, virus research manager at the McAfee antivirus division of Network Associates, Inc. (NAI).

"Mydoom is still going strong, we're not seeing any signs of it slowing down," he said Wednesday.

One large corporate customer reported receiving 160,000 Mydoom-infected e-mails an hour Wednesday, he said.

McAfee researchers and those at other antivirus companies have also spotted another Mydoom trend: thousands of computers scanning for a range of TCP (Transmission Control Protocol) ports opened by the worm.

Those open ports, which range between number 3127 and 3198, are open doors for malicious hackers, said Oliver Friedrichs, senior manager of Symantec Security Response at Symantec Corp.

Attackers just have to connect to the open port and upload spyware or other malicious programs, he said.

"This could mean there are a bunch of attackers out there looking for machines to compromise," NAI's Schmugar said.

Symantec counted 2,100 unique systems scanning for the Mydoom back door Wednesday, Friedrichs said.

NAI puts the number at 2,500 systems and says that as many as 7,500 infected systems may have been targeted since late Tuesday, when researchers first noticed the behavior, Schmugar said.

What does this mean to you? If your PC is not properly defended and is infected by this virus, anyone with mischief on their mind and a few simple tools can gain access to your machine, install whatever software they want, read your files, or take control of your machine and use it for nefarious purposes.

The message is clear. You must lock your machine down. Install current anti-virus signatures from your vendor. Install a firewall program (or use the one built into your OS). Get and regularly use spyware detection and removal tools.

I'm building the Invisible PC web site to provide you with more information on how to easily and inexpensively build your defenses. Watch this blog for the launch date.

Kaspersky Unearths MyDoom Variant

Kaspersky Unearths MyDoom Variant: Russian anti-virus specialist Kaspersky Labs has identified a variant of MyDoom, the worm that has been spreading through the Internet at a furious pace since Monday.
The variant, which Kaspersky has labelled MyDoom.b, has a slightly larger payload compared with MyDoom.a and targets Microsoft Corp. for a denial-of-service attack to be launched starting on Feb. 1, instead of The SCO Group Inc. The worm features minor modifications to the text of the e-mail that carries it, but is otherwise identical to the original.

It is understood that MyDoom.b may have been distributed using the network of PCs infected with MyDoom.a, something that a spokesman for Kaspersky claimed means the Internet "may be facing a much more serious outbreak than the one caused by Mydoom.a."

The appearance of a variant of MyDoom is an unwelcome twist in the saga of one of the most rapidly spreading worms in Internet history. By Monday, MyDoom was infecting one in 12 e-mails sent, according to MessageLabs Inc, a New York-based e-mail security company. The worm has also been blamed for slow performance from Web servers over the past few days, as corporate firewalls and filters struggle to cope with increased traffic.

National Cyber Advisory System Alerts

You can subscribe to e-mail alerts published by US-CERT (Computer Emergency Readiness Team) that are designed specifically for non-technical home and corporate users.

US-CERT, a partnership between the Department of Homeland Security's National Cyber Security Division (NCSD) and the private sector, has been established to protect our Nation's Internet infrastructure. It will do this through global coordination of defense against and response to cyber incidents and attacks across the United States.
US-CERT's objectives are to

• aggregate available cyber security information


• provide it to individuals and organizations in a timely and understandable manner.

National Cyber Advisory System Products: Non-technical Documents
Cyber Security Alerts
Cyber Security Alerts provide timely information about current security issues, vulnerabilities, and exploits. They are released in conjunction with Technical Cyber Security Alerts when there is an issue that affects the general public. Cyber Security Alerts outline the steps and actions that non-technical home and corporate computer users can take to protect themselves from attack.
Join the mailing list

Cyber Security Tips
Cyber Security Tips describe common security issues and offer advice for non-technical home and corporate computer users. Although each one is restricted to a single topic, complex issues may span multiple tips. Each tip builds upon the knowledge, both terminology and content, of those published prior to it.
Join the mailing list "

SCO Offers Reward For MyDoom Virus Creator

The SCO Group Inc., the target of a nasty worm that slowed Internet traffic and clogged e-mail systems, offered a $250,000 reward for the arrest and conviction of the author.

Wired News: Worm Slowing, but Still Dangerous

Wired News: Worm Slowing, but Still Dangerous: Now proclaimed the most virulent e-mail virus ever, MyDoom has slowed its pace since beginning its race across the Internet on Monday.

But experts warn the worm most likely will cause trouble for a long time to come.

Infected computers now have a backdoor in their systems that allows malicious hackers to remotely access and control infected machines, which could then be used to spew spam or launch denial-of-service attacks, such as the one MyDoom is coded to launch at the SCO Group's website Sunday.

Repeating yesterday's advice: Don't open attachments to e-mail messages until you have your anti-virus software up to date. Even then, be cautious. If you don't know the recipient, delete it. If you do, check with them to see if they sent you something. If they say no, delete the message, even though the From: line says they sent it. They might have the virus.

Be careful.

InfoWorld: E-mail carrying the Mydoom virus now accounts for one in every 12 messages

InfoWorld: New e-mail worm breaks infection records

A new computer virus that spreads using e-mail messages is breaking records for new infections set by the last major e-mail worm, Sobig.F, according to leading antivirus software companies and e-mail security firms.

Infected e-mail messages carrying the Mydoom virus, also known as "Shimgapi" and "Novarg," have been intercepted from over 142 countries and now account for one in every 12 e-mail messages, according to Mark Sunner, chief technology officer at e-mail security company MessageLabs Ltd.

Since first detecting the new virus at 1:00 PM GMT on Monday, MessageLabs intercepted almost 1 million infected e-mail messages carrying the virus, Sunner said.

The worm arrives as a file attachment in an e-mail with a variety of senders and subjects, such as "Hello," and "test." The message body is often technical sounding, imitating the look and feel of an automatically generated message from an e-mail server, Sunner said.

Do not open any e-mail attachments until your anti-virus software has been updated to detect and remove this virus!

Be Web Aware - a great resource for parents with Kids on the Net

Be Web Aware is a terrific site for parents with kids on the Net. It's linked from the Microsoft Canada web site and is also available in French, if you prefer.

Excellent advice and many kid-friendly links.

Microsoft TechNet advisory on MyDoom

Microsoft TechNet offers the following advisory about the MyDoom virus/worm combination ripping up the Net: "W32/Mydoom@MM spreads via e-mail. The Microsoft Product Support Services Security Team is issuing this alert to advise customers to be on the alert for this virus as it spreads in the wild. Customers are advised to review the information and take the appropriate action for their environments."

Read the full alert if you're interested in the details but update your virus signatures first!

Don't open attachments (a ZIP file in this case) unless you know for certain who sent it and that they have a legitimate reason for sending you a ZIP file.

Be smart and be safe.

MyDoom E-Mail Worm Spreading Quickly

Today is not a good day for e-mail. Our ISP reports we are receiving e-mail messages at an alarming rate (3K per hour and rising). Seems there is a lot of malware flying about today. eWeek reports the MyDoom E-Mail Worm is spreading quickly, along with a new variants of Mimail (.Q) and Dumaru (.Y).

Keep your anti-virus up-to-date folks and use common sense when receiving e-mail attachments from unknown (or even known) addresses, please!

Bagle-Type Threats on the Rise

eWeek reports today that the recent Bagle virus is a sign of things to come. Virus attacks combined with Trojan programs that record your keystrokes can expose all of your private information. Keep your anti-virus software up to date and scan daily.

7 security tips everyone should follow

Seven Simple Computer Security Tips
for Small Business and Home Computer Users

consult www.nipc.gov for more information.

1. Use strong passwords. Choose passwords that are difficult or impossible to guess. Give different passwords to all accounts.


2. Make regular backups of critical data. Backups must be made at least once each day. Larger organizations should perform a full backup weekly and incremental backups every day. At least once a month the backup media should be verified.


3. Use virus protection software. That means three things: having it on your computer in the first place, checking daily for new virus signature updates, and then actually scanning all the files on your computer periodically.


4. Use a firewall as a gatekeeper between your computer and the Internet. Firewalls are usually software products. They are essential for those who keep their computers online through the popular DSL and cable modem connections but they are also valuable for those who still dial in.


5. Do not keep computers online when not in use. Either shut them off or physically disconnect them from Internet connection.


6. Do not open e-mail attachments from strangers, regardless of how enticing the Subject Line or attachment may be. Be suspicious of any unexpected e-mail attachment from someone you do know because it may have been sent without that person’s knowledge from an infected machine.


7. Regularly download security patches from your software vendors.

Excellent advice. I would add one more:

Use the programs I'll be recommending here like Ad-Aware to regularly scan your PC and remove nasty spyware and viruses.

Welcome to the Invisible PC blog

Greetings.

I created the Invisible PC blog to keep you up to date on the best ideas, practices, and free tools to help make your PC invisible to the bad guys and immune to the viruses, worms, and other vermin crawling over the Net. I've been supporting computer users for more than 20 years and I know that most people just want their PC to work reliably. They don't care how it works... they just want it to work!

More recently, people just like you have been bombarded with warnings about credit card fraud, identity theft, viruses, worms, Trojan Horse programs, hackers, crackers, script kiddies...

You get the idea.

It's gotten so bad that a number of folks I know swear they're about ready to pull the plug on the Internet. They feel it's the only way they can be safe. Of course, that's not the answer.

The Invisible PC project includes this blog (or web log as you prefer), the Invisible PC web site (under construction but coming real soon now), a newsletter delivered right to your e-mail inbox, and a book that I'm currently developing that will provide step-by-step instructions for making your computer an Invisible PC. I want to make it easy for you to stay up-to-date on what you need to know to be secure on the Net in whatever way suits you best.

Bookmark this blog in your browser and come back often!