Saturday, December 20, 2008

Infected web pages increase

During 2008, the rate at which the number of web pages infected with malicious software (malware) increased rose from one every 14 seconds to one ever 4.5 seconds. [See "Forecast: Security Threats for 2009"]

So what can you do?

  • Don't "assume" a web site is safe to visit.
  • Don't "assume" a link in an email is safe to click on.
  • Don't "assume" an email from a friend was really sent by them.
  • Use anti-phishing software, antivirus software, and anti-spam software.
  • Keep all your computer programs updated. If there is a security patch available for any of your programs, install the patch.
  • Use a program like Secunia's free Personal Software Inspector to check for program updates.
  • Use a program like Driver Detective to check for updates to program driver files.

Firefox less secure?

Firefox has often been touted as fundamentally "more secure" than Internet Explorer. If you have been led to believe that, you need to look at some cold, hard facts:
  • From March to September 2005 (yes, even as early as 2005), FireFox had 40 vulnerabilities to IE's 10. [ZDNet article]
  • From April through September 2005, the number of published Firefox exploits was 11 compared to IE's 6.
  • The most recent FireFox-related security problem is that some Russian criminals are using it to add malicious software as a "Plug-In". The malware detects when you connect to any of over 100 banks and then steals your account name and password, sending them to the criminals. [read the SC Magazine article]
  • In terms of vulnerability numbers reported in March 2008, Opera had the most, followed by Safari, FireFox, then Internet Explorer.

The biggest problem with malware is not the browser, it's the person using the browser. People are either too trusting of links and unknown sites or just think they will never get attacked.

Friday, December 12, 2008

Computing to help others

A recent New York Times story highlighted a couple of Computer Science students at Georgia Tech who show us all some of the exciting possibilities of helping others through computing.

The project students started out small -- based on some blood suppy spreadsheets at the CDC in Atlanta. As they delved into the real issue and talked with real users in Africa, the project has blossomed into a web-enabled application using Ajax.

In January, 14 African nations will start using this program. It must be impressive -- the United Nations Worldwide Health Organization (WHO) is discussing making this a program for reporting on blood supplies worldwide.