A view from the technical underground
RSS icon Home icon
  • When you have to buy at the bazaars of the internet

    Posted on August 18th, 2009 admin No comments

    Sometimes you miss the release of your favorite music artists best limited release, or you’re looking for a special lens filter for your camera that isn’t made anymore or that one computer part in short supply…

    And you go to site that might be being hosted by a tent at a bazaar in Marrakesh…even sites that look polished might be running out of a thief’s garage!

    You say, well I could use my Mastercard or American Express, they will take care of fraud, right?

    Well maybe, if it’s been under 60 days and you’ve never done business with this merchant before and the moon is in the right phase and you’ve thrown the runes in the right way.

    That’s not even including them giving your number to a 3nd party that might use it anytime in the future…all of the sudden that credit card number is a little scary huh?

    But you say “I want my toy!”, how do I get it? Well here’s a combination that will allow you to send money safely but still be protected and not give out personal credit card numbers.

    First, set up a PayPal account, ya the same guys that allow EBay to survive.

    Second, get verified, they will confirm you have a real bank account, which means your bank has verified you.

    Third, Either get a securitykey from PayPal/Ebay also called a “Football”, goes on your keychain and gives you further syncing security if you log into PayPal or Ebay at your local coffeeshop, even if someone is packet sniffing you, that number is only good of 30secs. They cost $5 (best five bucks you’ll ever spend), and if charged to your PayPal account.
    Or even better you could head over to Verisign, ya the same guys that put certificate locks on all the big banks, and financial institutions servers so that lock lights up in your browser to say you’re encrypted and safe. They have better securitykeys called VIPs, the credit card one is about $45 bucks and fits in your wallet. If you have a Symbian(Nokia), iPhone or some Motorola cell phones you can install an app that will do the same syncing with PayPal. Remember to register it with PalPal then Ebay in the /securitykey area.

    Forth, Now that you have PayPal secured, let’s secure your transactions, there’s a PayPal plugin for Firefox and IE install it.

    Now comes the cool part, even if the site doesn’t take PayPal, the plugin will generate a Virtual Mastercard number for just that transaction, the merchant can’t charge it again and even if they give the number away, it’s worthless!

    If the Merchant doesn’t send you your items, you can go through PayPal’s very good Resolution Center to get your money back and best of all you don’t have to look over your credit card shoulder for the rest of you life.

    And now you are safe from the more disreputable merchants of the internet!

  • Cyberwise, a dangerous week.

    Posted on August 9th, 2009 admin No comments

    Ya, I know…I’ve been bad about posting…

    Before saying anything else, if you have an iPhone, connect to iTunes ASAP and get the new patch! It is VERY critical! I mean having your phone taken over kinda critical.

    On top of that Adobe is having a lot of issue, both with Acrobat and Flash. If you haven’t yet, head over to adobe and get the new version of Flash!

    Been doing a lot of charity work this week:

    A friend who had to move in with the rest of his family, due to the economy, is now having to use his family’s computer. The poor thing was so infected it would shut down every 3 mins. They never activated the McAfee (not that I recommend the performance sucking product, but you need some AV program and MS updates.) anti virus that came with the HP computer 4 years ago! It was still running XP SP1, no updates, ever!! They apparently couldn’t handle my suggestion of a full erase are rebuild because of no backups (not exactly a surprise). I did manage to get the viruses off (Not seeing any rootkits but who can be sure?). First I booted from a rescue kit CD, scanned with 4 different virus packages, then reset the master boot record. Then I booted from an Ultimate Boot CD and did an Avira scan. Installed Avira free edition, a copy of Windows Defender and 18 hrs later his system was back up.

    Next, another friend had his computer screwed up by the local ISP and Microsoft. All he wanted was to get off MSN and use his local ISP’s email address. Why MS/ISP throught they needed to un-install MSN I have no idea (He might need to look at old email, right?). Well they screwed up the uninstall, then said “oh your windows is screwed up, you better get a technician to fix this”. The guy is a retired engineer on a fixed income. What a bunch of Jerks.

    By the time he called me explorer (not IE) was complete broken and would error if you tried to open “my computer”, or ever tried to open “Control Panel”.

    I downloaded MS uninstaller, tried to remove what was left of MSN, still broken.
    I then grabbed the Advanced Unistaller Pro 9, 30 day trial and at least got the MSN systems off of there.
    I tried installing IE8 (I have him on Firefox anyway, so no issue except when updating windows.). No joy.
    Re-installed SP3, still nothing.
    I finally had to do a rollback 2 weeks, then re-install the latest program and that got it going again. I also re-installed MSN so he could get to his old email.
    Put his new email on Outlook and he is up and running again.
    Why MS couldn’t have done this I have no idea.

    Anyway needless to say I made nothing off these efforts this week except a warm feeling, not a bad payment. 😉

    In the world in general; there were at least two “Denial of Service” attacks from a bunch of botnets which are usually unpatched computers. One was on twitter (maybe the Iranian government betting back for the broadcast of the election?), the other was on a business ISP.

    One of the reasons I do a lot of charity work is becuase even people who can’t pay need to have security computers that aren’t part of a botnet army. One more up to date secured computer is one not causing DoS attacks.

    Also there is no was to look for a job without a computer.

    ISPs are getting better at detecting and disconnecting infected subscribers from thier networks.

    …and no apple users, you can’t be smug! Did you read the opener on this post, iPhones are hacked, OS X has a current JAVA hack, get those patches up do date!

    A great way to keep up do date is install Securia PSI, it scans your system an advises you when updates are available.

    Maybe these hacks have something to do with Darkhat and Defcon, two hacker conventions in the last couple weeks but it could have just been timing.

    Who knows? Just keep your patches up to date!