Dave's Tech Blog
A Third Eye on Technology

Heads up Norton users!  A headline hit the news last night about the confirmed leak of source code for the popular Norton Antivirus software by Symantec.  You can read the articles for yourself here and here.

For those who aren’t tech savvy, the word “source code” refers to the so-to-speak “recipe” for the development/creation of a program.  It is literally the instructions that are more or less written by computer programmers.  This kind of information is proprietary and is often a trade secret, much like the coveted ingredients list for Coca Cola or my moms apple pie.  If one were able to obtain such information, say a competator or the creators of compuer viruses, one might use this information to one-up the software or, more importantly, exploit design flaws to circumvent the software.  In short this means it is quite likely there will be a new breed of viruses on the horizon that will be capable of outsmarting Norton, rendering it useless and crippled.

Symantec has been trying to downplay the severity of this breach by stressing the age of the code, stating that the origin is a version of their software that dates back to 2006, or so we’ve been told thus far.  This is an attempt to defuse the concern by implying that their latest software is far different at its core and that there won’t be very much that is useful to virus writers because they still don’t have their hands on the latest blueprints.  But the reality of the situation is far less peachy than they would like to paint it.  In the world of computer programming software and even entire operating systems will retain a fair chunk of old code from previous versions simply because, well, it’s already been written and if it “works” then there’s little need to rewrite it from scratch.  I’m not saying source code is never rewritten, revised or updated from time to time, but when it comes to large programs such as Norton Antivirus that’s made up of tens of thousands of lines of code it could easily be argued that there is likely a good percentage of old code that has been retained for years without ever being modified.  It would be like having a castle or fortress that is under continuous construction and maintenance.  You can’t afford to tear the whole thing down every year and rebuild it from scratch, so instead what you do is build around and upon the existing structure and make repairs to the parts that need repairing the most.  This means that likely most of the fundamental structure is retained and knowledge of the construction of such a structure could be used by an enemy to find a previously unnoticed vulnerability.

In the interest of full disclosure I will have to admit that Norton hasn’t been on my list of recommended software since the late 90s when it was practically the only anti-virus software available.  It’s early bird status was followed by years of successful marketing and advertising, which lead to its continuous wide spread recognition of the software/brand name, giving the impression to novice computer users that Norton really is the best thing out there.  ”How could it not be good when its so popular?” they might ask themselves.

I am here to tell you that the number one problem I fix for people in this line of work is virus removal and far too often I see systems that are running Norton that have become utterly trashed by multiple viruses while Norton gives inaccurate scan results, claiming the system is clean and virus free.  This is particularly irksome to me because when you consider the wide spread saturation of their software along with the monetary cost to the users for the renewal every year you would have to expect the company to use their position and resources to everyones benefit.  Despite its wide spread usage and price tag it fails to survey new viruses and develop new definitions for capturing and stopping them in an effective manner and so many users never seem to get their moneys worth.  I am willing to give the benefit of the doubt and accept the fact that there is no such thing as a “perfect” antivirus software, but you should expect to be given better treatment and results if you’re paying upwards of $70 a year for protection, especially when there are free alternatives out there that have been statistically shown to do a comparatively better job.  And to think these kinds of problems existed before some of their source code leaked.  Now that some source code has leaked and the potential for new viruses to be developed to exploit Norton itself are likely right around the corner I feel obligated to suggest that people avoid using it all together.  No amount of marketing or PR can change the consensus of most IT professionals who can see past all the BS and to me this incident is more than just one more nail in the coffin.

So what do I recommend instead of Norton?  I mentioned that there is “no such thing as a perfect antivirus” but there are alternatives that hold a higher reputation than Norton that cost a fraction of what Norton costs or even nothing at all.  In past blog entries I’ve mentioned Microsoft Security Essentials, Malwarebytes and Combofix and still recommend them, so here’s a little information about them.

Microsoft Security Essentials is a free antivirus solution that Microsoft itself actually produces and it’s quite popular in the IT community right now for a couple of reasons.  I already mentioned that its free but it is also effective and not as resource intensive as other software.  There’s also a new stand-alone bootable version of it that’s going through public beta testing right now which is handy to have for particularly difficult viruses.  You can read more about it here.  Be aware that there has, in the past, been a rogue malware impostor simply called “Security Essentials 2010/2011/2012″ which people have confused with the real deal, falling victim to a trap.  You can download the real deal from here.

Along side MSE I also recommend users purchase the full copy of Malwarebytes for the one time payment of $25.  Some of the handy features it has is an active connection monitor which will automatically block your computer from attempting to connect to known malicious web servers.  It also features an active process monitor like a traditional antivirus and will help prevent a good number of rogue malware type software from infecting your system.  There is a free version of this available but its active monitoring features are disabled. I’ve been using it in the field for over 2 years now and it has worked incredibly well for helping clean systems that had already become infected.  You can read more about it here and download/purchase it from here.

Finally a tool I use quite often to help clean systems that have already become infected is a program called Combofix, which is free.  This isn’t so much a traditional antivirus that runs in the background as it is a stand-alone utility for scanning a system after it has become infected.  It is regularly updated so it’s best to not bother downloading and using it until you actually have to.  You can read more about it here and download it from here.

In conclusion I strongly advise my clients to not use Norton Antivirus because it’s one of the most over-hyped, over-priced products out there right now and with the news of parts of its source code being leaked it only stands to become an even less effective product that will do less to protect you than other cheaper alternatives out there.

Speaking of alternatives, there is always the option of picking an alternative operating system such as Linux.

Linux is a free open-source OS that comes in many flavors.  We are already seeing Android being adopted by smartphone and tablet users like crazy and it is just one example of a Linux based OS that is taking the world by storm.  But for desktop and laptop users there remains a need for a full fledged desktop OS and there are many out there to choose from.  My personal favorite is Ubuntu Linux which you can check out at ubuntu.com.  It’s not for everyone but I can easily say that it is a very ideal choice for the average user.  Keep an eye out for future posts; I intend to record a new introductory video for Ubuntu 12.04 when it is released this coming April.

I came across an article in Network World magazine that goes over five common Internet scams and thought this needed to be shared with everybody.  Please click here to read the article.

I don’t normally pass along virus alerts because they are often outdated and obsolete, but this one is strait from my IBM inbox.  You may have heard about a virus that is set to strike on April 1st in the news recently.  It is called Conficker.C and you can read more about how it works by visiting these addresses:

http://en.wikipedia.org/wiki/Conficker
http://mtc.sri.com/Conficker/addendumC/

As stated in the links above, the virus takes advantage of a buffer-overflow vulnerability of certain server services on Windows based machines.  Microsoft issued an update (MS08-067) for Windows 2000 SP4, XP SP2 & SP3, and Vista to patch this hole back in October of last year. So if you have installed all available Windows updates you should be fine and not need to worry.  It is highly recommended you install all available updates if you have not done so lately.  To force your PC to check for available updates, click Start>All Programs>Windows Update and follow the on-screen instructions.

If your computer is directly connected to the Internet it is advised that you have a quality software firewall installed and blocking unexpected inbound traffic.  A comparison of free firewall software can be found here:  http://www.techsupportalert.com/best-free-firewall.htm

In addition you should also have a quality anti-virus software solution in place.  Any of the following will suffice:

• CA Anti-Virus
• Symantec Anti-Virus
• F-Secure Anti-Virus
• Panda Anti-Virus
• Kaspersky Anti-Virus
• McAfee Anti-Virus
• BitDefender Anti-Virus

I personally recommend  AVG Free Edition

In summery:

• Be sure to apply all available updates for Microsoft Windows
• Ensure you have some form of firewall blocking unwanted network traffic
• Install a quality anti-virus solution

Now lets all have a happy April Fools day!

You’re walking through the entertainment department at your local shopping center and pick up a DVD that you’d like to see.  You scan the bar code on the back of the DVD with your cell phones camera.  By the time you get home, the movie you looked at while shopping has already been downloaded to your PC.  Check this video out to see how it works:

It goes without saying that downloading a movie illegally via bittorrent is probably going to piss the MPAA off.  But if they’re smart about this, they could actually take the concept of scan-to-download idea and turn it into a big money maker.  There’s probably plenty of people who would purchase a digital download of a movie if it were offered to them at a reasonable price.  Just take a look at iTunes or Amazon offering DRM-free MP3 merchandise.  You might even take a look at what Valve Software did with Steam recently:  They cut the price of Left 4 Dead by 50% and noticed a 3000% increase in sales.  Ultimately it just goes to show that there is an ever increasing number of people who want to purchase digital merchandise and they’re willing to pay for it as long as it’s not overpriced.  I could even see movies being offered up for free with commercials inserted in a hulu.com style.

Anyway, cool app for a cell phone to say the least.  Thought for pirates, it would be kind of like saying, “Hey.  As if my IP address weren’t enough information, here’s my phone number too.”

This is what you get when you combine a portable video projector, a camera and a cell phone that has access to the Internet and the ability to process visual information for you.  Simply amazing!  Click on the video below to see a demonstration.

As cool as this technology is, I have to say that I think it’s already up against some stiff competition from smart phones like the Google Phone and the iPhone.  For instance, the video shows a demo of evaluating different kinds of paper towels for the user so they can pick out the one that is the most environmentally friendly.  A somewhat similar application that already exists on the Google Phone (and others before it in Japan) is a program that allows you to use the built-in camera to scan the products UPC barcode, which would then give you an instant price check for that product at local stores and even through online merchants.

It would take little effort to expand the capabilities of the above smart phone application to allow for sorting of the search results to be prioritized for other criteria besides price.

The key feature that the projector/camera technology does have that you can’t easily do with a cell phone is the ability to project visual data onto any surface and interact with it in 3D space via hand gestures.  While there are a lot of unique uses for this, a drawback of this is that you are required to have a usable surface in front of you in the first place, and I think (for now) the LCD screen of a smart phone has the upper hand in that department.  For instance, you could be walking down a street at high noon and look at a building (like some sort of historical landmark) but not have a usable surface to project meta-data on to (although I suppose something could be read to you through an ear piece).  On a cell phone, the screen is much more visible in nearly any lighting and given further software development, all kinds of information could be overlayed onto a camera captured video stream as seen below:

The end goal in both of these technologies is pretty strait forward:  Overlay relevant information on top of the real world.  And between these two technologies, I have to say that I think smart phones still have the upper hand… for now. Even though smart phones don’t have the freedom of using hand gestures to operate your phone, it could be argued that multi-touch screens are comparable (for things like zooming on maps, photos, etc.).

What I think the real knockout advantage of a cell phone (besides the fact that an LCD screen works as a better display surface than most real life objects) is the fact that information is presented to you in a more private, personal fashion.  If you were to have personal information projected out, anybody nearby could eavesdrop on whatever is being shown to you.  For example, you wouldn’t want your online bank statement to be projected on to a wall when you’re surrounded by strangers at an airport.  It’s more personal to have such things confined to a smalls screen that you have more control over.  Then again, the idea is to use a cell phone as the core processor of the system, so in the event you have to look something personal up that you don’t want projected, you would just take your phone out of your pocket and do whatever it is that you need to do.

A bold prediction is made at the very end of the first video:  That we will one day have the ability to augment digital information on reality through some kind of brain implant.  While such a wild technology is still a long ways away, it will likely occur within a couple decades time and the development of this is only the first of several steps towards a technology we once thought to be impossible.

Cisco, the most famous manufacturer of enterprise and consumer networking devices, has been known to use source code from open-source projects like Linux and other related software to run on their hardware.  Using free software for commercial gain is not against the law.  What is against the law is ignoring the GPL (GNU Public License) which states that you must publish any changes or modifications you make to the source code if you’re going to continue using it for commercial purposes.  In other words, you can’t take code that is more or less owned by the public, modify it, and then lock those modifications away from public sight and say that the code is now your own unique, proprietary creation.  Cisco has been accused of doing this since 2004, but now the Free Software Foundation has had enough.  The FSF has never sought any sort of royalties or money from Cisco for using open-source software (it would be impossible to do that).  What they want is for them to abide by the GPL and keep their source code public.

You can read a little more about Cisco’s incompetent and/or deliberately obstructive behavior here.

As much as it would probably sooth the stiffness in my neck and shoulders from doing busy work inventorying computer equipment today, I’m going to try to not turn this into a sarcastic sounding slam against Microsoft… although they damn well deserve it.

I’ll just keep this very short.  Internet Explorer has once again dropped the ball in the realm of Internet security and it’s something that’s been present for over 48 hours already.  You can read about the problem via BBC’s website by clicking here.

The article states in bold letters at the top, “Security experts recommend switching to a rival browser until the problem is fixed.”  Need a rival web browser?  Download Firefox at www.firefox.com.  It’s free, faster and much more secure than Internet Explorer ever will be.  Seriously.  Why is it more secure, you ask?  Because it’s open-source, just like Linux.  But again… don’t wanna turn this into a “Microsoft sucks” bashing post.

Also, on the side, I should mention that I’ve see a LOT of Windows systems get hit with viruses in the last 3 weeks, a good chunk of which have come in from emails on Facebook.  Which isn’t to say that Facebook is bad.  It just doesn’t have much of an effective spam filter or virus scanner built into it.  You would think that after a few people have recieved the same spam from their friend whose computer was compromised, they’d start filtering messages with the same links, the same stupid subject line, and all the rest that comes along with basic social engineering-based viruses.  It’s what Yahoo and Google do.  So to you Facebook/Myspace users out there (and everyone else who doesn’t uses these services), be VERY cautious about clicking on links to websites you’ve never visited to before in email sent to you by a friend.  They may not have actually sent you something.  In fact, it’s possible their account password was phished, changed, and their account used as a lauch pad for spreading the same infection to other people (like you).  So be careful.

Wikipedia, hailed as the shining zenith of collective human knowledge (and critizised as a “knock off” educational institution by those who fear their job will one day be replaced by it) has decided to switch over to Ubuntu for it’s server infrastructure.  You can read a lot more about it in this article.  The switch will help expose Ubuntu Server’s capabilities to the world, supporting demand as high as 50,000 clicks a second at peek traffic.  This system wide migration (the servers previously ran on Red Hat Linux and Fedora Linux) to Ubuntu will help make the task of administration of the complex website more simple.