PC SECURITY - Free Antivirus From Microsoft

Microsoft is offering a absolutely free (no subscription, no buy) Antivirus Tool.


Microsoft Security Essentials
(download link on this home page)

(click for larger view)

Microsoft Security Essentials is a free antivirus software created by Microsoft that provides protection against viruses, spyware, rootkits, and trojans for Windows XP, Vista, and 7.

MSE replaces Windows Live OneCare — a subscription antivirus service — and Windows Defender, which only protects users from adware and spyware. It is geared for home use.

Microsoft is specifically targeting computer users without credit cards, new hardware, and broadband Internet connections.

Note MSE is not intended as a full replacement for other commercial Antivirus products. But for those who cannot afford to buy, and pay subscriptions, to the higher-end tools.

Also, MSE Antivirus Definitions are updated through Microsoft Update, NOT Windows Update. So you will have to upgrade to Microsoft Update via offer on Windows Update dialog.

WINXP - "Microsoft is NOT the best at..." Example

Ran into this utility when a Tech Service site requested I use it to give them info to troubleshoot a problem I was having.

Just look at the enlarged view of the screenshot of just the Operator System. Now compare this to WinXP System Info in your System Tools folder. Enough said.



SIW - System Information for Windows

(click for larger view)

WINXP - Interesting Factoid

While Usenet cruising I ran into an interesting post.

The poster runs a WEB site for children to get help with math and has 4000+ hits/day.

He uses Google Analytics and came up with the following Market-Share figures:

OS	LAST_YEAR	THIS_YEAR	CHANGE
Windows	93.00%	86.37%	-7.5%
Mac	5.97%	10.43%	+74%
Linux	0.59%	1.82%	+208%

The only question I have is the figures for Linux, especially last years. HOW did Google Analytics measure market share for something that is free? Windows and Mac OS are sold, therefore easy to get market share figures.

PC SECURITY - The Danger of Phishing

One of the most dangerous Internet related security issues is Phishing:

In the field of computer security, phishing is the criminally fraudulent process of attempting to acquire sensitive information such as usernames, passwords and credit card details by masquerading as a trustworthy entity in an electronic communication. Communications purporting to be from popular social web sites, auction sites, online payment processors or IT administrators are commonly used to lure the unsuspecting public. Phishing is typically carried out by e-mail or instant messaging, and it often directs users to enter details at a fake website whose look and feel are almost identical to the legitimate one. Even when using server authentication, it may require tremendous skill to detect that the website is fake. Phishing is an example of social engineering techniques used to fool users, and exploits the poor usability of current web security technologies. Attempts to deal with the growing number of reported phishing incidents include legislation, user training, public awareness, and technical security measures.

Recent phishing attempts

Phishers are targeting the customers of banks and online payment services. E-mails, supposedly from the Internal Revenue Service, have been used to glean sensitive data from U.S. taxpayers. While the first such examples were sent indiscriminately in the expectation that some would be received by customers of a given bank or service, recent research has shown that phishers may in principle be able to determine which banks potential victims use, and target bogus e-mails accordingly. Targeted versions of phishing have been termed spear phishing. Several recent phishing attacks have been directed specifically at senior executives and other high profile targets within businesses, and the term whaling has been coined for these kinds of attacks.

Social networking sites are now a prime target of phishing, since the personal details in such sites can be used in identity theft; in late 2006 a computer worm took over pages on MySpace and altered links to direct surfers to websites designed to steal login details. Experiments show a success rate of over 70% for phishing attacks on social networks.

The RapidShare file sharing site has been targeted by phishing to obtain a premium account, which removes speed caps on downloads, auto-removal of uploads, waits on downloads, and cooldown times between downloads.

Attackers who broke into TD Ameritrade's database (containing all 6.3 million customers' social security numbers, account numbers and email addresses as well as their names, addresses, dates of birth, phone numbers and trading activity) also wanted the account usernames and passwords, so they launched a follow-up spear phishing attack.

Almost half of phishing thefts in 2006 were committed by groups operating through the Russian Business Network based in St. Petersburg.

1) As I've said before, the thing to remember is that legitimate financial intuitions will NOT ask for personal information, certifications, etc., via email with a direct link. They will tell you to logon to their site when necessary using your normal method (not email) using your Browser.

2) If you suspect something is "fishy" with a web-page reference to a site you use, again use your normal method to contact the site NOT the email link.

3) Verify a email link before using it. This can be done easily using something as simple as the ping command from the Command Prompt......


Ping a Domain
(click for larger view)
....and verify it is the same location as you would normally use via your Browser, the IP 209.85.171.100 in the above example for google.com.

Even better, use a WHOIS site, examples:

• ARIN: WHOIS Database Search (use this at work)


• WHOIS Database Search from DomainTools


• Who.is

Just copy/paste the full email link into a WHOIS and see who actually owns it.

Note that many WHOIS sites are intended for those who wish to register their own private Domain. Example, you have a small business "Toreno Real Estate" and wish to have your own WEB site "torenorealestate.com" you would us a WHOIS to verify that it is NOT being used, then register your site with a Domain Name Registrar for a fee of course. You then can use a WEB Page Host to put up your page, in fact such hosts also provide Domain Name Registration as part of their service.

HARDWARE - What a Difference a Case Makes

This post is about my latest hardware upgrade to my home Desktop PC, a new and improved case (aka enclosure), see image below.

My old case was 6yrs old and got very hot with the other high-performance hardware I have installed. See the graphs captured by HWMonitor Pro (shareware version) during game-play and you can see the improvement.

Antec 300 Enclosure
(click image to go to WEB page)

The Antec 300 comes with 2 120mm fans, one on top (seen in image) and the other in the top-rear. But you can add 3 optional 120mm fans. One on the side (seen in image) and 2 behind the front grill below the blank-out plates. I added the side fan and one front fan.

The design is a big improvement over my old case:

• Power Supply (PSU) is mounted in the bottom, my old case had the PSU mounted at the top just over the CPU and Memory Sticks; all that heat in one area and no top ventilation


• The provided stowage with reusable ties for all the cables you do not use


• You can see that the how large the front grill is, AND they have a removable/washable filter on the inside


• They use Knurl Screws where possible, you can open the case with no tools


• They provide plenty of extra screws, stand-offs, and Knurl Screws

And the improvement? Just see the following graphs (see closeups for the numbers):

1. CPU Fan Before/After



(click for images for larger view)


2. CPU Temp Before/After



(click for images for larger view)


3. SYSTEM Temp Before/After



(click for images for larger view)

Also, PCTech Video Review

(need I say, the Antec 300 is not their latest)