Mac OS update detects, deletes MacDefender ‘scareware’

With all the trouble Mac users are having with the current version of the fake MacDefender, it would be wise for all Mac users to update their software to help prevent access to this threat. Please read the following article for the entire story:

It is nice to know Snow Leopard will alert you and prompt you to trash the problem. I hope it does not look like the fake warnings we are now seeing on PCs. If it does, this too will become a way to trick users in the future.


iCloud, Ping and MobileMe – will they be bundled together?

Apple is apparently getting ready to release iCloud – a music sharing service. Many rumours abound about bundling it with MobileMe, reviving Ping or how it will work. Apparently here are the current thoughts, presented in this interesting article:,2817,2386231,00.asp


Microsoft Tablet – Is it in the works?

There has been much speculation about Microsoft’s future and ability to innovate and compete with today’s technology giants Apple and Google. If the article linked below is true, the entry of an ARM based Microsoft tablet will be an interesting development, especially since it will not be a Windows 7 based tablet and may contain the Windows 8 platform. That yet to be announced platform has seen its own series of leaks and forward thinking design. Lets hope innovation has returned to Microsoft.

Follow this link to read more:

Small Businesses – Hackers Next Target

Small businesses take note: Verizon recently just released its 2011 data breach report, and the findings have real implications for companies with fewer than 100 employees. The number of stolen records dropped dramatically to 4 million in 2010, down from 144 million in 2009. But the tally of confirmed breaches rose sharply to 761 from 141 the previous year.

How can we explain these numbers? Hackers are changing their tactics and chasing opportunities. They’ve noticed that many larger corporations are doing a better job of protecting their information. So black hats are honing in on lower-tier business targets—organizations with less savvy, maturity and investment in countermeasures.

Once they identify vulnerability, they exploit it. The information that hackers are targeting appears to be changing, too. Information simply used to impersonate—rip off—consumers and financial institutions isn’t enough for some criminals. There seems to be a rise in the targeting of information that may provide other types of benefits or advantages for business, government or military intelligence.

The good news: The vast majority of breaches are avoidable. They can be stopped when companies conduct the right assessments, identify vulnerabilities and take corrective action. Many of the remedies are relatively inexpensive and easy to implement. It’s all about the fundamentals of data management and information security. Now is the time to run some security checks, replace older firewalls and ensure your systems are up to date and scanned regularly.

File Backup Terminology, Part 1 of 2

Over the years various backup technologies have been developed in an attempt to minimize the amount of space required to store backup files, and to reduce the bandwidth required to transfer those files to remote locations.  When faced with the different backup methods that many programs offer, it is easy to become confused, since the terminology used is often not very clear, and it is hard to know the benefits or drawbacks of any one technology. This is not, by far, an exhaustive glossary of backup terms.

Full Backups

This is just what it sounds like.  This is a complete backup of all the data that a user selects when configuring a backup job. The copied files are usually placed into a single file archive and compressed to help save space. Every time another full backup is made, all the files in the source are once again copied an archive. The problem is that often there are only a few new or changed files, and continuously making full backups will end up copying a lot of extra files that don’t really need to be backed up again. This ends up using a lot of extra storage and wastes time. You can of course delete older backups to free up space, but the time is still lost. The extra wear on hard disks or the amount of bandwidth that is used to make frequent full backups must be considered too.

It is a much better idea to make a full backup once in a while, and then figure out a way to only copy the new or changed files on a more frequent basis.

Benefits and Disadvantages of Full Backups

  • Faster restore of all files — When a full restore is necessary full backups are quick because you are only dealing with one archive file.
  • Full backups are large and time-consuming to make — They are not well suited for regular backups such as those performed hourly or daily.

Differential Backups

After creating a full backup archive this backup method helps to reduce the size of subsequent backups by doing a “differential” comparison of the original files and the last full backup. All new and modified files are copied to an archive alongside the full backup.

The important thing to understand is that differential backups are cumulative. Each differential backup backs up everything that is different since the last full backup even if those files are already included in a previous differential. Since Differentials back up only new or changed files, they are a faster backup method than creating a full backup each time. Differential backups are well suited for daily or less frequent backup strategies.

Benefits and Disadvantages of Differential Backups

  • Faster to restore that some other methods — To do a full restore of all backup files, you only need the full backup and the last diff backup.
  • Differential Backups are more demanding on storage than some of the other backup methods, because of data redundancy.
    Each subsequent differential grows significantly until it becomes necessary to create a new full backup.  Then the process starts over.

Incremental Backups

This backup method works similarly to differential backups, but with one important difference that deals with the high level of data redundancy in differentials. Each incremental contains only the files that were created or modified since the last full backup or last incremental.  Incrementals, while not containing as much redundant data as differentials, are still cumulative since successive backups will still contain any files that were already backed but have been modified in some way. Incremental backups are a good solution for more frequent backups such as those performed on an hourly basis.

Benefits and Disadvantages of Incremental Backups

  • Incremental backups can be completed more quickly that differential backups because there is less redundant data being copied.
  • Incremental backups are smaller than differential backups.
  • The number of successive incrementals that can be made between full backups, while still remaining manageable, is much greater than with differentials.
  • Incremental backups may take considerably longer to do complete restores than differential backups because all the individual archives must be merged together one by one with the full backup.

It should be noted that a restore from an incremental backup may fail if one of the sequential backups were to be lost or damaged. Although in all the backups up to the damaged one should be recoverable.

Mirror Backups

Most backup programs will list mirror backups as an alternative to full, differential, or incremental backups, etc.  Some programs use an alternate term for mirrors, such as “simple copy.”   Mirror backups are basically the simplest type of backup.  There are no real backup technologies being employed when making a mirror style backup, only copy technology.  If you copy and paste a folder from one drive to another you have created a mirror backup of that folder.  The mirrored files generally exist in the same state they did in the source, not compressed into archives like with a full backup.  (Although some programs support compressing each file individually and adding encryption)

When to Use Mirrored Backups

Mirror style backups without compressions are good to use when you are backing up a lot of files with compression already applied them.  For example, music files in mp3 or wma format, images in jpg or png format, videos in dvix, mov, or flv format, and most program install or setup files are already compressed.  If you include these files in a normal backup that applies compression you will often notice it will be very slow, and you will gain very little extra compression by doing so. It is best to set up separate backup jobs for compressed files and non compressed files. If your backup program supports include and exclude filters they can be used to either automatically select or deselect the compressed files respectively.

Benefits and Disadvantages of Mirror Backups

  • Mirror backups are much faster when working with compressed files.
  • Because mirrored files are not placed in single archive files there is less concern about corruption.
  • Since mirror backups generally don’t use compression they can require large amounts of storage space, unless other techniques such as hard linking are also employed.

Next time, additional backup types – Delta or Block-Level Backups, Binary Patch Backups (FastBit), Synthetic Full Backups and Hard Linked Backups

OpenCandy – No So Sweet!

OpenCandy (OC) is a relatively new advertising product that more and more software developers are bundling with their programs. It can now be found in the installers of dozens of popular programs including IZArc, mirC, PrimoPDF, Trillian Astra and more.

OpenCandy employs some controversial techniques in its operation and this has created some heated discussions in internet forums and blogs. Some say it is adware or spyware while others say it is just another legitimate form of advertising. Whatever, you need to be aware of this product and its potential pitfalls.

How OpenCandy Works

OC makes software recommendations to users during the program installation process. That is, while you are installing one product you get an invitation to install others. Users can accept or reject these download recommendations from OC; it is their call.

If you agree to this you get offered other products to install before installing IZArc.  The products offered depend on what you already have installed on your PC – OpenCandy scans your PC to find that out.

  • The recommendations made by OC are partly based on the products you already have installed on your PC. OpenCandy determines this by secretly scanning your PC without ever asking your permission.
  • While you can elect not to download any of the programs suggested by OC you cannot opt out from installing OC itself; it is fully embedded in the installation process. The situation is made worse by the fact that some software vendors don’t even mention in their End User Licensing Agreement (EULA) that OC is included as part of the installation process for their product.
  • If you accept any of the software recommendations made by OC then not only will that software be downloaded and installed but OC will also permanently install itself on your PC as well.
  • Regardless of whether you accept or reject OC’s software recommendations OC will transmit information about your PC back to the OpenCandy Corporation.
  • Some anti-malware programs including Microsoft Security Essentials flag some products containing OpenCandy as adware.

The makers of OpenCandy have published some credible counter-arguments. They claim:

  • Many installers from reputable companies scan your PC during the installation process to check for old versions, the existence of essential components and more.
  • They also claim that OC installs nothing permanently on your computer should you choose not to accept any OC download recommendations.
  • They state that any data about your PC sent back to OC is the kind of general information collected when you visit a website and contains no personally identifiable information.
  • They also put forward an argument that OC is not adware as it does not conform with the Wikipedia definition of adware as programs that display ads during program operation or usage. Using definitions to deflect the argument is ridiculous. OpenCandy is without doubt adware. Yes, it displays ads during product installation rather than product operation but the effect is the same. To claim otherwise is fatuous.

But there is nothing particularly wrong with adware. Many reputable products like the free version of Avira AntVir and AVG Antivirus are adware. The product ads are the price that many users are prepared to accept in order to get the product for free.

Is OC spyware? There is little evidence to suggest this rather it seems to be just another form of adware. However  it does worry us that the distribution model OC uses could potentially be used to turn the product into spyware.

In fact that’s the aspect of OpenCandy we find most disturbing. With the product now installed on a huge number of computers the current or future owners of the product could be be tempted at some time in the future to more aggressively utilize the huge installed base. Can the OpenCandy Corporation or its successor be trusted not to exploit this opportunity? Will a hacker break into their system and create a huge botnet? Who knows; nobody can know but the possibility itself is disquieting.

Making Internet Explorer 9 Better – Improve your Brower Security

The Internet Explorer (IE) series of browsers has always made use of a proprietary Microsoft technology called “ActiveX”. ActiveX is involved in things like displaying PDF files and Flash based videos. Although ActiveX is not supported by any other browser, Microsoft has continued its use in Internet Explorer 9.

Unfortunately, security holes in ActiveX have been a recurring problem and over the years they have been a major route for malware infections.  Although it has been possible to disable ActiveX in IE in previous versions, it is a rather complex procedure based on Internet zones and lacks selectivity. For IE9, Microsoft has added a new feature called “ActiveX filtering” that provides much finer grained configuration. With this feature, you can go on the Internet with ActiveX disabled. You can then enable it for any sites that require it and that you consider safe. It is now much easier to select specific sites.

ActiveX Filtering is off by default, meaning that ActiveX controls will natively work within Internet Explorer 9 just as they did in previous versions of the browser. To enable ActiveX Filtering, click Tools, Safety, and then ActiveX Filtering. No window will pop-up, but by making this selection you have enabled the feature. To see that this is so, open Tools, Safety again and verify that the ActiveX Filtering choice is now checked.

Of course, disabling ActiveX will cause some sites to stop working properly, notably Flash-driven sites like YouTube. When this happens, you will see a small blue circle with a line through it in the IE 9 One Box (address bar), and if you mouse over this control, it will report that “Some content is filtered on this site” in a tooltip.

Contrary to the message, if you click the Turn off ActiveX Filtering button, IE 9 will not turn off ActiveX Filtering. It will instead turn off ActiveX Filtering for that site only. This is an important distinction, obviously, and it gives you a site-by-site way to re-enable ActiveX controls.

At this point, IE 9 will display a normal notification (at the bottom of the browser window) asking you if you’d like to enable the control. Choose Allow to do so.

Enabling ActiveX controls on a site-by-site basis is probably the safe choice. You know, for example, that YouTube and MSN are most likely “safe” in that they’re not actively trying to hijack your system. But some people may prefer to enable ActiveX Filtering but then want to re-enable certain controls (like Flash) across all sites. There are a couple of ways to do this, but the simplest may be to open the Manage Add-ons interface (Tools, Manage Add-ons), and then navigate to Toolbars and Extensions and then the ActiveX control in question. Then, right-click the control and choose “More Information.”

In this window, there is a button called Allow on all sites. If you click this, ActiveX Filtering will remain enabled, but that control will work on every single site you visit.

This interface will also provide a way to see which sites you’ve OK’d for particular controls, when ActiveX Filtering is enabled. And if you’ve enabled the control on a site inadvertently, or would otherwise like to disable it on a site by site basis, you can do so from here.

While I understand the value of ActiveX, even given the ongoing evolution of the web, I still feel that disabling ActiveX controls across the board and then re-enabling them on a site by site basis is advisable. Yes, it’s a bit ponderous, but it’s also more secure. For this reason, I applaud Microsoft for adding ActiveX Filtering to IE 9, and recommend that all readers enable this feature as soon as possible.