Feeds

* Posts by Chris Salter

3 posts • joined 8 Jul 2008

Barclays online banking borked

Chris Salter

So that email was genuine!

I had assumed the "Welcome to the new-look Barclays Online Banking" was some obscure form of phishing and subject to closer examination had intended to pass it on to Barclay's fraud department. The recipient address was an address AFAIR last used when I participated in the first online banking trials i.e. not seen the light of day for years! Given the ongoing emphasis that banks do not send unsolicited emails to their customers I suggest that sending that email was a serious misjudgement from a security point of view.

On a different issue, apart from the current problem of course, I can normally access all the facilities on the Barclays site with either Opera or Firefox (latest production versions).

0
0

Symantec nabs PC Tools for added street cred

Chris Salter

PC Tools Auto Renewal

Ralphe Neill wrote:

"They keep credit-card details on-line and use them to renew a subscription even when you say you don't want to! They then ignore repeated e-mails."

I successfully cancelled a Spyware Doctor auto renewal in March 2007. It had originally been paid via Element 5 (Digital River) and AFAIR the email address originally used and order number were all that was needed to gain access to the Element 5 account. Having recently returned to Registry Mechanic (originally bought before auto renewal was implemented and allowed to lapse while trying an alternative product) I note that PC Tools now have a 'My Account' facility (see your Order Confirmation email) which offers the option of turning off automatic renewal.

In this particular instance I may well stick with Registry Mechanic as long as Symantec remain at 'arms length'. I'm not a great fan of PC Tools but I'm even lesser a fan of Symantec!

0
0

AVG chokes fake traffic spew

Chris Salter

Views of a user of the original standalone LinkScanner application.

I have been using Exploit Prevention Labs LinkScanner Pro since August 2006; it was recommended in an Agnitum (Outpost Firewall) newsletter. In November 2007, AVG acquired Exploit Prevention Labs and eventually incorporated LinkScanner functionality into their own products. LinkScanner Pro currently remains available as a standalone product. As I use ESET NOD32 for AV protection I have no knowledge of how LinkScanner functions have been incorporated into AVG products but it does not seem unreasonable to assume the core LinkScanner logic in the two products is pretty similar if not identical.

Disregarding the optional search engine integration for the moment, as I understand it the standalone Linkscanner Pro utilises Layered Service Provider (LSP) logic to scan the incoming data stream. A Layered Service Provider is a DLL that uses Winsock APIs to insert itself into the TCP/IP stack. Once in the stack, a Layered Service Provider can intercept and modify inbound and outbound Internet traffic. It effectively does this 'on the fly'; in other words it does not download a requested page twice but can intercept exploits before they are processed by the browser.

While I can see how the search engine integration facility would and has been the cause of some aggravation, my guess is that the purpose behind its introduction (initial versions of LinkScanner Pro did not have the facility) may have been twofold. Firstly, there is a slight gain in efficiency i.e. any compromised sites in a page of results are flagged before you follow any of the links. Secondly, if you have agreed to participate in automatic reporting of detected treats, compromised sites will be detected sooner in that you will be reporting sites that you might otherwise not have visited.

As long as there is no unacceptable resource impact, I am a great believer in [mixed metaphor warning!] both 'belts and braces' and not 'putting all your eggs in one basket' where security is concerned. I have no connection with Exploit Prevention Labs apart from being a customer of their software and as long as the standalone version remains available I shall continue to deploy it.

0
0