IT Security Ask the Experts: October, 2009

Read how our experts fielded various IT security questions last month.

Michael Goodwin on November 5, 2009

This Website was designed to be a clearing house for technical IT security queries. However, readers continue to submit a broad range of fascinating questions exploring the interface between technology, morality, security, ethics and sexuality - let alone employment opportunities within the IT security field and requests for secret hacking tools. (Sorry, we do not give those out.)

Here are the pinnacle six queries for October, 2009:

MSN problem is spelled "P-H-I-S-H": Susan got a notice from MSN informing her that her email have been continuously accessed from a further location, and they might cancel her account if she didn't change her password within 48 hours. She followed the link and made the change, but now she desires to discover who hacked her account. Two experts raise immediate alarms. David Harley and Robert Schifreen both ask Susan if she's sure she was actually speaking to MSN when she changed her password. "I'm asking because that 'Do it in x hours or we'll cancel your account!' stuff is what phishers use to panic you into accessing a link where you give your login credentials away," noted Harley. Another wake-up call: the awkward English of "continuously accessed from a distinct location." What does that mean anyway? When an email is stuffed with gobbledygook, be careful! Inspect the thread here and be at liberty to feature your personal phishing experiences.

Hundreds of porn videos: In an all-too-familiar scenario, Annie was saving a picture when - to her dismay - several X-rated videos popped up. Eventually she discovered hundreds of porn videos at the computer. Annie's husband swears that a pandemic should have downloaded those nasty files without his knowledge. Annie points out that they run Norton 360, and adds that she would believe her husband more readily if not for the truth that there ought to be 300 or more files. Is there an epidemic, she asks, which may download that many files onto your computer and conceal them? Expert David Harley noted a truism in computer law circles called the “Trojan Defense,” which basically says, “I didn't do it. It should have been a virulent disease.” While law enforcement (and computer security) individuals are often cynical about this defense, the unhappy fact is that there's malware that downloads bad material. However, Expert MichaelG mentioned that almost all porn sites are hell-bent on getting you to pay for his or her videos, and he wonders what the inducement will be for somebody writing an outbreak to download that stuff onto your disk free of charge. It is a virus most porno fans would really like to catch! He suggested that Annie and her husband sit for a significant discussion about expectations and bounds on personal freedom of their relationship. This can be a wide-open thread, that you may join here.

New IT security officer wonders where to begin: Sub has just landed his first IT Security job working for a medium-size company. He has a masters in computer engineering - specifically security - but no idea where to begin and what resources to invite for. He needs some guidelines on where to start from an expert's standpoint. Naturally, the IT Security experts are able to help. Sam Hammond suggested that Sub remember that his company has confidence in him, and it's probably searching for him to be resourceful. He should start asking questions: (1) Is there a proper IT security policy? Is it written down? Are people subscribing to it? (2) Does the corporate feel vulnerable? How and why? And (3) what are the company's three top IT security priorities? That you can join the conversation here.

Name this company: Cyril is starting a brand new company selling access control systems and biometric fingerprint devices. Can anyone suggest an excellent company name? To this point, readers have submitted just one nomination: Touch-Tech. In case you think you are able to do better, surf on to this address.

User is accessing admin's documents: Walton is an administrator with about 50 users in his group. To his astonishment, Keisha, one in every of his users with out administrative privileges, seems ready to access his documents from her computer under a MeAdmin profile. Keisha's computer is running Windows XP SP3, fully patched, and will only boot from the harddisk. How is that this possible? Expert Robert Schifreen suggested that Walton check the access permissions at the files that Keisha got to. He may discover that they're set to “read” access for the Everyone group, that's the default at times. Read all about it, and add your individual brilliant insights, here.

Boyfriend is googling hookers and prostitutes: Jackie was using her boyfriend's smartphone when she discovered that he had apparently googled “hookers and prostitutes.” Jackie and her man had an enormous fight, and Jackie swears that even supposing he insists to the day he dies that it wasn't him, she won't believe him. She adds that she knows he didn't actually hire a hooker, but she hates the concept that he could have been considering it. One expert mentioned that (1) If the boyfriend lets Jackie use his smartphone he could have let others do an analogous, and somebody might easily have googled “hookers and prostitutes.” (2) Whoever did it could possibly simply were curious to peer what turned up. And (3), while gazing sex sites may trouble Jackie, it is not quite as bad as killing a cat or running a multi-billion-dollar ponzi scheme. If Jackie absolutely doesn't want her partner porn or trolling for hookers, that's quite within her “rights” to demand of him. Whether he's going to agree, and live as much as the agreement, is another question. Add your thoughts here.

***

SEARCH FIRST!

Are you aware that just about every question people ask in this site was asked before?

That's right, IT Security gets countless duplicate queries asking a way to remove Defender Pro, or the way to stop someone from hacking into your Facebook account, or why all those spam messages appear to come out of your own email address, or how to define out in case your husband is calling at porn. Sometimes, if the sort of duplicate queries raises a brand new point, or is unusually funny, awful or cute, we post it. Mostly we do not, since it's no fun for our readers (let alone our experts) to read the similar questions over and over again. Therefore, before you post a brand new query in this site, please do a search to make certain it hasn't been asked (and answered) before. This may get you the data you want faster, and save us the hassle of answering (or not answering) an analogous questions over and over.

NO NEW QUERIES ABOUT DEFENDER PRO

And an extra thing. Please be advised that we neither manufacture, sell, nor support Defender Pro. It is not our app, honest. We're an IT security site. Now that we've got that straight, please be advised that we're now not posting new queries or complaints about Defender Pro. However, that hasn't stopped a full of life (and short-tempered) conversation in regards to the Dreaded Anti-Virus Application that's been occurring for years in various discussion threads attached to old queries about Defender Pro in this site. If you're having problems installing, uninstalling, or operating Defender Pro - or when you simply enjoy reading messages wherein contributors vie for the nastiest things to claim about this product - we recommend you search this site to read previously posted answers. You're, after all, welcome to post new replies to those old queries in case you like. Good luck!