Destroy all Malware

Windows WMF Metafile Vulnerability HotFix

Sat, 31 Dec 2005 20:43:51 GMT

Ilfak Guilfanov has issued a 3rd party patch for the WMF vulnerability. I don't know Ilfak or who he is, so I'm going to avoid installing his patch until I hear more. But, I thought I'd make the links available to those who are more trusting than I. V-P Suuronen repackaged the patch as a distributable MSI. Use at your own risk.

http://www.hexblog.com/2005/12/wmf_vuln.html

Spy Agency Removes Illegal Tracking Files

Fri, 30 Dec 2005 00:56:47 GMT

AP: The National Security Agency's Internet site has been placing files on visitors' computers that can track their Web surfing activity despite strict federal rules banning most files of that type. The files, known as cookies, disappeared after a privacy activist complained and The Associated Press made inquiries this week.

Randy: There are legitimate concerns regarding governments and Internet privacy. Cookies are not one of them. Why would we allow Doubleclick and Google to track us on the Internet, but not the government? Simple stupid. Sounds like privacy advocates are pushing too far. MHO.

WMF vulnerability

Thu, 29 Dec 2005 23:47:07 GMT

Matt Cutts: The Sunbelt BLOG mentions a new exploit of the Windows WMF graphics rendering engine that applies to Windows versions from 98 to XP. This is a pretty nasty exploit, esp. if you surf around scuzzy neighborhoods of the net (I sometimes have to for my job, for example). One thing you can do is to disable the DLL that is exploited. You’ll lose some thumbnail previews and such, but if you want to be safe until a patch is available, click Start->Run and then type “regsvr32 /u shimgvw.dll” to disable the vulnerable DLL.

http://www.mattcutts.com/blog/wmf-vulnerability/

Malicious software targets Google AdSense ads

Wed, 28 Dec 2005 19:52:54 GMT

JenSense: A new trojan horse discovered by an Indian publisher replaces Google AdSense ads with their own ads, advertising sites including dating, sex, viagra and weight loss.

http://www.jensense.com/archives/2005/12/malicious_softw.html

cross-posted

Businessman wins e-mail spam case

Wed, 28 Dec 2005 19:11:30 GMT

BBC: A businessman has won what is believed to be the first victory of its kind by claiming damages from a company which sent him e-mail spam. The Stirlingshire-based firm has agreed to pay £270 compensation to Mr Roberts, who runs an internet business.

http://news.bbc.co.uk/1/hi/world/europe/jersey/4562726.stm

Randy: Why wasn't this turned into a class action suit that would have bankrupted the spammer?

And the #1 Spam for '05 is.....

Wed, 28 Dec 2005 18:41:52 GMT

Mark Evans: For the curious, here's a list of AOL's four leading spam subject lines:

Donald Trump Wants You - Please Respond (popular recognition)
Double Standards New Product - Penis Patch (sexually oriented spam)
Body Wrap: Lose 6-20 inches in one hour (body improvement products)
Get an Apple iPod Nano, PS3 or Xbox 360 for Free (technology offers)

http://evans.blogware.com/blog/_archives/2005/12/28/1530243.html

New exploit blows by fully patched Windows XP systems

Wed, 28 Dec 2005 17:17:49 GMT

Alex Eckelberry: Any application that automatically displays a WMF image will cause the user’s machines to get infected. This includes older versions of Firefox, current versions of Opera, Outlook and all current version of Internet Explorer on all versions of Windows.

http://www.securityfocus.com/bid/16074/info

Randy: I recommend avoiding use of IE and Opera and older versions of Firefox and Outlook until this vulnerability is patched.

Visa deals with possible data breach

Mon, 26 Dec 2005 22:48:56 GMT

News.com: Visa USA acknowledged Saturday that a U.S. merchant "may have experienced a data security breach" that compromised credit card account information.

http://news.com.com/2100-1029_3-6007759.html

Randy: Would it be christmas without credit card news?

One in Five Blogs Is Spam

Fri, 23 Dec 2005 18:01:20 GMT

Brian Morrissey: While 80,000 blogs may be created every day, about one in five is spam, according to new research.

Randy: One in five seems rather low. I suspect it's a lot higher.

Best Malware Blog

Fri, 23 Dec 2005 06:13:00 GMT

My favorite category in the KBCafe blog awards is Best Malware Blog. These are blogs that raise issues related to SPAM, spyware, viruses, phishing and other issues related to malicious software and malicious practices on the Internet. Please take the time to review our four nominees and pick your favorite. If you haven't voted yet, then you can vote on the main voting form. Thanks!

KBCafe Blog Awards

15. Best Malware Blog

Fight Splog - http://www.fightsplog.com/news/

F-Secure - http://www.f-secure.com/weblog/

worm blog - http://www.wormblog.com/

Viruslist.com - http://www.viruslist.com/en/weblog

http://www.kbcafe.com/iBLOGthere4iM/?guid=20051220093051

Spam Subject o’ the Day

Wed, 21 Dec 2005 21:10:45 GMT

The Newest Industry: Still have microsoft? Have big and hard!

http://newestindustry.wordpress.com/2005/12/21/spam-subject-o-the-day/

US FTC says CAN-SPAM works

Wed, 21 Dec 2005 15:50:46 GMT

Ken Fisher: In a 116-page report to Congress entitled "Effectiveness and Enforcement of the CAN-SPAM Act," two essential points are made: CAN-SPAM is stopping (some) spam, and more work needs to be done.

http://arstechnica.com/news.ars/post/20051220-5810.html

Randy: I assume the FTC doesn't actually have email. I'm sure it's stopping some SPAM, but overall email SPAM has increased and my SPAM filter and I are dealing with 1000 email SPAMs per day. CAN-SPAM failed!

Comment SPAM is Out-of-Control

Mon, 19 Dec 2005 21:56:36 GMT

RSS Applied: Bloggers are spending an hour or more per work day clearing out their comment spam and it simply has to be stopped.

http://blog.rssapplied.com/public/item/111012

Randy: If you are spending an hour per work day moderating SPAM, then you need to change your comment filter or disable comments. I get thousands of comment SPAM per week and only spend 10 minutes moderating them per week. My strategy is simple. I setup a black-list of phrases that simply cannot be posted to my blog and have a background bot that searches out those phrases and deletes them. When I recieve a new comment, I either let it pass or flag it for later addition to the black-list. No CAPTCHAs. Anonymous comments allowed. CommentApi enabled (may disable soon). Trackback enabled (may disable soon).

1000 Email SPAMs per Day

Sat, 17 Dec 2005 16:43:01 GMT

Yesterday, I noticed for the first time that I had over 30,000 email SPAMs in the last 30 days. Gmail's SPAM filter caught about 70% of them.

75% of new pings are spings

Fri, 16 Dec 2005 22:38:25 GMT

Pranam Kolari: In the blogosphere, pings are notifications sent by updated blogs to PingServers. A major issue recently has been unjustified pings, also known as Spings, sent by Splogs. [cut] Based on the interestingness of this preliminary statistics, scope for further analysis and interest in the resulting dataset we decided to continuosly monitor the pingosphere. So, we now do it “live” on updated blogs published by weblogs.com (delayed by an hour), and have made it publicly available at http://memeta.umbc.edu.

http://ebiquity.umbc.edu/blogger/?p=429

Matt Cutts on Blogsplogs

Tue, 13 Dec 2005 17:20:16 GMT

Nick Wilson interviewed Matt Cutts and drilled him on Blogspot splogs.

http://performancing.com/node/397

Nick Wilson: Recently, Google's Blogger service has been under increasing pressure to deal with it's "splogs" problem. This has prompted some small engines to stop indexing Blogspot domains, and there's been rumour that Google have stopped indexing them. Is this true, and what more can be done to curb the problem?

Matt Cutts: Google definitely hasn't stopped indexing Blogspot domains. ...

Click here to read the rest of his answer.

Gmail SPAM Filter Broken

Sun, 11 Dec 2005 23:03:40 GMT

The Gmail SPAM filter seems to be broken. I've received hundreds (maybe over a thousand) of the exact same emails all weekend, marked them as SPAM too many times and they continue bypass the Gmail SPAM filter. I've resorted to many rules to clear my inbox.

Linkage is NOT SPAM

Sat, 10 Dec 2005 20:23:11 GMT

Today, I was harassed by a forum troll for putting an affiliate link in some of my posts. He even complained that 12% of my posts contained links back to my own site. Wow, that's a lot. Not! He even called me a SPAMmer. Now, don't get me wrong. This is not an isolated incident. At least once a week, I read a comment where someone is calling a poster a SPAMmer when he legitimately links to this or that.

We really have a problem with link SPAM. I deny several thousand link SPAMs per day on the KBCafe blog network. Putting legitimate links in your forum posts or blog comments is not the same thing that is littering the comment sections of most blogs. Why would you not put your affiliate link when reference something you can legitimately make money from? Why would you not link to other content including your own when posting in the comments of a blog or forum?

Let's not be overzealous communists when it comes to link SPAM. There is legitimate linking and there is link SPAM and there is grey area. Now, I'm not saying I always delete link SPAM and never delete legitimate SPAM from my blogs, but I do attempt to be fair.

I'm certain I'll get some flames over this post, but that's my opinion. Let's not kill linking because of link SPAM. Otherwise, the SPAMmers win, because their links are getting thru and legitimate links are not.

The absense of links in this post is intentional. Please re-blog, re-post and add your own opinion.

Losing the War on Splogging?

Sat, 10 Dec 2005 00:15:29 GMT

According to Technorati, a full eight percent of all new blogs are spam, an estimated 5600 splogs a day. Google, whose Blogger service comprises over 80% of all splogs, has effectively stopped deleting splogs reported to them.

http://www.plagiarismtoday.com/?p=132

Randy: An awesome article on the splogging problem that infests the blogosphere. More excerpts follow.

The fear is that splogs will become to blogs what spam has become to email.

When Icerocket owner Mark Cuban placed a temporary moratorium on accepting new blogspot posts, he had a good idea. Google, by not adequately policing its own service, is passing the burden of stopping splogs to the rest of the Internet.

Perhaps it’s time that we removed some of the automation from the blogging world. Perhaps pings, trackbacks and comments should come with some form of authorization.

Randy: I have to disagree on the conclusion. Tricking a program is very simple. What needs to be done is rewrite blogging software to trick automated programs into doing the wrong thing while maintaining an ease of use for individuals. This is not difficult.

Froogle Spam

Mon, 05 Dec 2005 18:01:43 GMT

Brian Smith: Froogle has a problem, and I assume Google Base will have the same problem. Because there are no setup fees and no per click fees, the results on Froogle are often made up of spammy results which make for a horrible user experience. [cut] I just performed a search for ‘iPod Nano‘ which is one of the most popular products this holiday season…and the results made me laugh…then cry. [cut] The major problem, though, is that the results are made up of spam and eBay affiliate listings.

http://www.comparisonengines.com/?p=246

BlogSpot Now with less SPAM

Sat, 03 Dec 2005 01:07:26 GMT

Jason Goldman: Because of the improvements we've made over the past several weeks, the amount of spam hosted on Blog*Spot has been significantly reduced. However, some of this improvement may not have been observed by third-party search services who rely on our Recently Updated list. This week, we've pushed out improvements to this changes file such that we are filtering out suspected spammers. By relying on the updates in our Recently Updated list, other services that index our blogs can now take advantage of the spam classification on which we've been relying.

http://buzz.blogger.com/2005/12/recently-updated-with-less-spam.html

Randy: For all the ping sinks, it might be a good idea to ignore all BlogSpot pings and rely on the changes XML file to index your database. The only problem is that not everyone indexes the entire blogosphere, so when I get a blog comment that's just comment referrer SPAM from BlogSpot, what do I do? I would be better if Google made their BlogSpot SPAM database public.

Gmail anti-Virus

Fri, 02 Dec 2005 14:46:01 GMT

Google: Each time you send and receive attachments, Gmail automatically scans them for viruses.

http://mail.google.com/support/bin/answer.py?answer=25760

Randy: Gmail now has anti-virus protection on attachments. Yeehaa!