In this case the URL is so much longer and has a folder called “paypal.com” in it. Luckily Firefox is smart to sense that this is a fake or the so called phishing website and warned me just in time before I tried to sign in. If I was foolish or careless to enter my real Paypal username and password, those people who operate the phishing sites will have access to my account and all the money from my checking account and credit cards. Think about it also make me sweat!

Haha, no there is no free porn videos to download here, but I was surprised to see a lot of entries with the above catchy headline on Project Petaling Street (PPS) since a couple of days ago… and this went on until today! Clearly, this is a job done by some spammers on Malaysia’s most popular and most visited blog portal. Come on, PPS is undeniably one of Malaysia’s most visited website, why there is no moderator removing such spam entries and block them from happening again?

Glance through the latest entries and you will see the same spam entry was submitted every couple of hours. Looking at the time they were submitted, I guess it’s done through a cron job, i.e. automated submission. Now, I am a little impressed by this job. If this went on and nobody moderate this, I guess I want to do something similar too… haha… submit my blog entries to PPS every other hour to get more visitors!

PPS moderators, where are you?

Now, we all know about the licensing agreement that we have to agree to whenever we want to install a program right? It’s some long winded statements that tell us what we can’t do with the software and how we can be persecuted if we do this and that to the software. I don’t know precisely what it contains because I just never did have the time to bother to read them. I see a tick box and I ticked it, and then I press ‘Next’. Easy.

Well, looks like the malware and virus authors are lining up side by side with those legitimate software authors and companies with their licensing terms. They are now protecting their rights to their virus codes as well. Who would have thought? What an honest thing to do!

According to the news at wtopnews.com, there are professional virus authors out there that are selling a suite of software on the Internet with a highly unusual attachment; a detailed licensing agreement that promises penalties for redistributing the malicious codes without permission.

Okay, let’s take a step back now. If I were someone who wants to release a virus into the World Wide Web, what are the chances that I’d follow the agreement that came along with it? Will I or Won’t I?

The malware that came with the licensed agreement is a virus that infects computers to gain remote access to the computers. These computers will then be turned into ‘zombie’ computers and will be known as the bot nets. And apparently the authors put the following licensing terms (in Russian) in the software:

The Client:
1. Does not have the right to distribute the product in any business or commercial purposes not connected with this sale.
2. May not disassemble / study the binary code of the bot builder.
3. Has no right to use the control panel as a means to control other bot nets or use it for any other purposes.
4. Does not have the right to deliberately send any portion of the product to anti-virus companies and other such institutions.
5. Commits to give the seller a fee for any update to the product that is not connected with errors in the work, as well as for adding additional functionality.

And apparently, if the user violates any of the terms as above, the virus author will then report them (the user, not the author) to the antivirus company with the information on how to dismantle the user’s bot network and how to prevent it from getting bigger.

Needless to say, none of the antivirus companies have ever received any reports similar to the threat. It’s easy to threaten the users, but I don’t really see how the virus authors would make real of their promises. More salt on the authors’ wound, apparently the software is freely traded online. No justice for the virus coders?

With the torch relay event just graced us last Monday, the Beijing Olympic Games 2008 is seems to be what people are talking nowadays. It is a hot topic in the kopitiam, on the television news, in the newspapers and of course, the ever reliable Internet. But the games is hardly what’s on everyone’s mind. It is the Pro-Tibet / Pro-China protests that are all over the news, sharing the limelight with the biggest sports event this year.

If you have yet to hear about these protests, or the Beijing 2008, I have to ask you this, which cave have you been hiding in? In a nutshell, Pro-Tibet groups have used this year’s Olympic Games opportunity to create awareness and to give pressure to the Chinese Government to free Tibet from its choking hold.

This article will not describe more about these protests but instead will concentrate on the latest news on Internet Security. Since hackers and Internet criminals always rely on the Internet trends of the moment to execute their illegal scheme, they have now chosen the China / Tibet controversy to target their victims and wreck havoc on the Internet.

Catching up with the news of the moment, the hackers knew that the Internet users will most definitely be interested to read news regarding the China / Tibet updates. With this in mind, they proceed to spam users’ inbox Internet-wide with emails containing false news about the protests but with a virus attached to it.

This virus or malware is called the ‘Fribet’. Emails with subject headings like, ‘Free Tibet’, ‘Proof of Tibetan Abuse’, and other similar varieties are being sent out to Internet users around the world, with a piece of a flash movie called the ‘RaceForTibet’ and of course , hidden from view, the ‘Fribet’ Trojan attached to it.

When the users’ click to download and play the short clip, the ‘Fribet’ will be downloaded onto the users’ computers and then it will install a keystroke logger onto the infected computers and transfer the stolen data to a server in China.

TechNewsWorld revealed that the ‘RaceForTibet’ is actually a short animation clip that showed a Chinese gymnast and some free Tibet images, and was initially sent out to Internet users’ on pro-Tibet groups’ mailing lists. And then the emails were unknowingly forwarded to more Internet users that might just include you and me. So if you have seen this clip, do run a virus-scan on your computer as soon as possible.

Fribet is also able to embed itself in hacked websites, and then download itself onto the website’s visitors’ computers. This Trojan has already attacked a few of the pro-Tibet websites, so users have been warned to not only expect this Trojan in their inbox but should also to be extra cautious when clicking on links to download executable files.

The F-Secure website also reported that emails with malicious attachments other than the ‘Fribet’ were also sent out to target members of the pro-Tibet groups. The Trojan from these emails will open a back door on the infected computer, and thus allowing the attacker to remotely access the data on the computer.

Examples of the attached files:

taken from here

Do keep a look out on these file names, so you won’t be unlucky enough to have your computer infected with a virus. It is very hard to avoid these viruses but we can definitely do our best to try. Update your virus definitions regularly, do not open emails from unknown senders and remember to scan any files that you have downloaded from the Internet.

We cannot control the fate of Tibet but we can definitely help our friends and families by not accidentally spreading any viruses to the people on our contact lists. It is always better to be safe than sorry.

They did have a go with an attack on P2P users a couple of years back, but the Japanese government told them that their plans could backfire and they could be violating the piracy law if they (the ISPs) went spying on the Internet usage of their users. With that, the plan was abandoned.

Just in case you are wondering (or for the new Internet users out there) but peer-to-peer files sharing software is a software that allows users to share files among themselves. Users that are sharing the same network will be able to download files if their peers have them and needless to say, this has created “headaches” for a lot of parties as they cannot control their product or materials from being passed around the globe, losing out on royalty and license payments.

Users are already able to find any kind of files from the Internet, even more so from the peer-to-peer file sharing network. File types from music to movies, from books to published research papers; these are all readily available to be shared on the network. For FREE!

This is also because there are, for example, users who would take the time to digitize a book into an e-book and circulate it without getting any fees at all. Not to mention users who would take time to upload music and movies for other’s enjoyment. Even though it is very convenient (not to mention free!), it is by any other name, piracy and it looks like the Japanese ISPs are trying to put a stop to it.

You might want to try to by-pass the piracy violation, but the Japanese ISPs have an idea on how to trace you down! They (along with the software companies of course) decided to implement or use some sort of detecting software to keep track on the original copyrighted material. And if any person is detected to be making illegal copies from the original ones, the ISPs will then send them an email to warn them. If the emails are repeatedly ignored, the ISPs will then take action and disconnect the users from their line.

An excerpt from the TechNewsWorld website: Japanese ISPs Agree to Shut Down Illegal File-Sharers

Under the new agreement, copyright holders will use “special detection software” to identify people who repeatedly make copies illegally, and then notify the appropriate ISPs, the Daily Yomiuri reported. The ISPs will first send warning e-mails to the users in question; if the illegal copying doesn’t stop after that, the providers will either temporarily disconnect their Internet access or cancel their contracts altogether, it said.

Bummer, what’s life without the Internet?! But then again, that sounds like a bit too easy, doesn’t it? There’s no mention about any legal repercussions against the perpetrator, does that mean that even if the person was detected to be making illegal copies, they would just have their lines disconnected, and that’s the end to that story. I would certainly like to hear what would the Americans thought about that (given that they can sue on absolutely anything!).

And most importantly, will Malaysian ISPs (Streamyx, Maxis broadband, Celcom, IZZInet, U Mobile especially) do the same? Well, there’s that thing with the capped bandwidth with Streamyx. That is already a very cruel punishment to many of us. But looking at how pirated stuffs are still on sale at large, I somehow doubt that the Malaysian ISPs will make any drastic change for now. The Streamyx people already have too much complains, they might need to pay us to go online next.

On one hand, it’s good someone is actually doing something to crack down on piracy. On the other hand, it’s not as easy as it sounds. They’ll need collaboration from ALL parties; the music industry, the software makers, oh hey, what about e-books? I bet you they can’t put any electronic tracking devices on books. Or can they? Perhaps I am wrong… thus I need to hear your ideas on this.

Well, this solution might work for a month or two, and then someone will come up with a brilliant idea to write a crack code to either replace the detecting software or to remove it once and for all. Oh Come one, I think we’ve all learn by now, there’re no “uncrackeable” software, only software waiting to be cracked!

Piracy is somewhat unethical (it depends on who you ask actually), not to mention illegal but all things considered, I think everyone can agree that it is awfully hard to resist the temptation of having something for free! So, enjoy it while you can, because you’ll never now when someone bright would come along and take it all away.

Enter Tor, a free networking software which allows you to use the Internet anonymously. It connects your machine to a host of random machines globally so that your web traffic is bounced off those machines, making the process of tracking the origin of the web request more convoluted. In short, the tool provides a reasonable degree of anonymity to web browsing.

An excerpt from Wired:

Wayne Richardson over at the Fsckin w/ Linux blog has put together a dead simple tutorial for setting up Tor and Privoxy to enable anonymous web browsing on Ubuntu Linux. He even includes installing the Torbutton add-on for Firefox and all together the set up takes about 30 seconds.

This anonymous web browsing is a good addition to the set of anonymous mailing services online. If you are using a fixed IP, then perhaps using this tool could also help in preventing malware attacks tied to IP addresses.

Also, the TorButton that you can download for free and install as a Firefox add-on is good for seamlessly enabling and disabling anonymous browsing. Give this great add-on a try!

One point to keep in mind though is that Tor provides only anonymity to your browsing and does not protect your online sessions per se. This means that you are as vulnerable as ever if you click on a link that leads to installation of malware on your PC. The utility only obscures the site level statistics regarding the origin of the web request.

Reports said the content deemed offensive to Islam which resulted in the ban, included Danish cartoons depicting the Prophet Muhammad, and a trailer for a forthcoming film by Dutch lawmaker Geert Wilders, which portrays Islam in a negative light.

A blogger from Lahore, Pakistan, Shafiq Rehman however thinks the ban is more “political” than “cultural”:

Pakistan Telecommunication Authority issued a notice today to all ISPs in Pakistan to block few URLs which were related to election rigging. Since Pakistani service providers didn’t have proper infrastructure to block individual URLs, they blocked the whole domain.

YouTube would remain blocked until further notices from the Pakistan Telecommunication Authority (PTA). Meanwhile, I think what Internet users can do to help this situation is to write to YouTube to remove the objectionable content and videos because this removal would hopefully enable the authorities to restore access to the video sharing website.

On a side note, did you notice that YouTube was down earlier this afternoon? According to News.com, a simple mistake by an engineer at Pakistan Telecom might have caused this while they were trying to block access to YouTube.com. Sounds pretty scary and fragile, isn’t it?

Other countries that have temporarily blocked access to YouTube include Turkey and Thailand. We certainly hope Malaysia do not follow what these countries have done…, or you will find there will be more and more websites in the blocked list…

Spy Sweeper is an anti-spyware software specializing in detecting and safely removing spyware and adware from your PC. Spy Sweeper protects you from spyware’s negative consequences, which include a slower Internet connection, pop-up ad problems, reduced computer performance, or in the worst case, the loss of private information and identity theft.

You have doubt on Spy Sweeper? PC Magazine has this to say for Spy Sweeper 5.5, “It’s more effective at removing spyware than at preventing new installations, but the bottom line is it’ll stop most spies. Multiple layers of protection prevent installation of most malware. Did a good job of cleaning up malware-infested systems.”

I guess there is nothing much to worry about as it’s FREE software anyway. Why not give it a try? Don’t over rely and trust Lavasoft Ad-Aware. Follow the following easy steps to obtain Spy Sweeper for free. The software is compatible with both Windows XP and Vista.

1. Sign up with Webroot to receive your unique registration number. Really simple here, only need your name and email address.
2. Download Spy Sweeper.
3. Install the software using the registration information you received in step one.

Source: Slick Deals.

What is ridiculous is Tmnet did this without any prior notice. I receive no notification from them other than lots of junk mails although I have been using Tmnet dial-up and Streamyx for so many years… My friend however did receive an email notification from them today. Yes, he received it today only when the block is in effect! If my friend didn’t forward the email he received from Tmnet, I would for sure have called up my web hosting company and started an argument. Lucky I didn’t do that and lucky my friend forwarded the notice from Tmnet to me!

Following is an excerpt from the email:

… many anti-spam organizations have blacklisted a large number of IP addresses from TM’s network. Due to this many customers have been unable to send emails from their mail server to companies who might be using database from the abovementioned anti-spam organizations.

These spamming activities by a small group have affected a large number of our customers, regardless of the nature of their Internet usage.

Therefore, TM is taking immediate action to address this issue. Effective 3 December 2007, TM will block OUTBOUND Simple Mail Transfer Protocol (SMTP) traffic or port 25 for all out going e-mails from dynamic IP addresses. Only Outbound SMTP traffic from smtp.streamyx.com and smtp.tm.net.my will be allowed. …

With this implementation, we will not be able to send out emails if our dynamic IP address falls within the affected IP address range. We are thus forced to use Tmnet’s open relay server, at least until our web hosting provider configures an alternative SMTP port.

To use the open relay server, in Outlook, open up the Email account settings window. Change “Outgoing mail server (SMTP)” to smtp-proxy.tm.net.my.

Click on “More Settings”. Navigate to Outgoing Server. Uncheck “My outgoing server (SMTP) requires authentication”. Click OK, then Next, and then Finish.

Now, I am totally frustrated why would Tmnet take such a drastic measure in combating spam. Instead of blocking port 25 which is a standard SMTP port around the whole world, they should be more proactive in finding out who are the spammers and block their Streamyx account. I am not an expert in this area but I am sure there are ways to scan where are the spamming traffic coming from and trace to their usernames… and then make the spammers pay rather than make all Streamyx users suffer!

What do you have to say about this move by Tmnet? Is it a good move to combat spamming/spammers?

Now, if only there are more reliable broadband alternatives out there. What about Maxis broadband, iZZi, and perhaps Celcom?

Click here for a bigger version.

The website looks exactly Paypal, new logo and everything is the same. If you didn’t pay attention to the URL, you won’t suspect anything at all. Firefox’s security feature saves my USD100!

Let’s try this URL in Internet Explorer and see what happens…

Okay, not bad. IE also displays a very clear warning message.

Internet Explorer has determined that this is a reported phishing website. Phishing websites impersonate other sites and attempt to trick you into revealing personal or financial information.
We recommend that you close this webpage and do not continue to this website.

Let’s learn from my mistake. Be extra careful when you go to websites such as Paypal, Maybank2u.com, or any other online financial websites. Make sure you check the URL in the browser, if any doubt do not proceed. Also, never click on any URL/links in emails you receive… 98% of them are fake links which lead to phishing websites. Be careful, Kitkat of Malaysia’s famous tech blog also nearly got conned! Hahaha…

My USD100 is safe.