Search Polybore

Saturday, March 14, 2009

BlogCatalog response to their hosting Ad Malware sadly lacking in useful information.

Click here to see the next post on this story. 

Click here to see previous post on this story.

This is how they announced with a sticky post that the malware incident was “over”.

http://www.blogcatalog.com/discuss/entry/malware-issue-solved

It is an inadequate explanation and it fails to give proper advice. Polybore pointed this out (at the very end of the discussion) and magically the sticky post lost its stickiness. 

It is all very well to say the situation has been resolved but where is the really useful information? e.g.


1. When was the malware distributing ad first hosted by BC?
2. Advice to BC members that if they visited BC between the time the ad was first put on BC and when it was removed they MUST scan their computer for Virus and Spyware.
3. General advice that users must keep their Flash plugin up to date to avoid these flash based attacks.
4. If anyone needs thanking it is Google for spotting that a BC ad was associated with malware but how long did it take for Google to spot the problem?
5. Some of these flash based malware attacks do NOT require the user to click on the ad. http://searchsecurity.techtarget.com/news/article/0,289142,sid14_gci1341749,00.html

Was this one of them?

The situation may be resolved as far as BC is concerned but is not necessarily over for members who may have had the security of their computer compromised.

Polybore is going to email BC admin asking them to answer/ action the points detailed above. If BC were to take the action Polybore suggests it would do them credit and polybore would be satisfied.

Click here to see the next post on this story. 

Click here to see previous post on this story.

Warning! Google Chrome incognito mode NOT incognito at all when streaming .WMV .avi and .wma media files. Privacy security failure.

incognito


Polybore Update: Easy way to view Chrome Incognito History. http://www.polybore.co.uk/2012/04/easy-and-free-way-to-view-chrome.html


In brief:
To run Google Chrome in incognito mode click on the spanner/ wrench at the top right and select- new incognito window.
However it is worth bearing in mind that there is a big privacy hole in Chrome’s Incognito mode and it effects Firefox as well.
Give it a try, launch Chrome in “Incognito mode” and stream this tiny and inoffensive Polybore .wmv file. Now check your Internet Explorer browsing history.
Try it with Firefox. Same behaviour again. Even if you never use IE it will keep a history of .avi and wmv files streamed with Chrome or Firefox. If you regularly delete your Firefox history or use Chrome “Incognito”, you are going to have to open up IE and clear it out as well.
This makes a complete nonsense of Google’s description of “Incognito”. http://www.google.com/support/chrome/bin/answer.py?answer=95464&cbid=1klgcnze2ws2b&src=cb&lev=topic
The full story:
Polybore was going to to a humorous post about Chrome Incognito mode and having to write a Privacy Policy for a website.
After messing around with Chrome in incognito mode, streaming .wmv video files off the Polybore server, it was time to get to work on the Privacy Policy with MS Word 2003.
At the insert  hyperlink menu Polybore was surprised to find that Word had, in the recent browsing history, links to the files that had been streamed with Chrome in the so called Incognito mode. Very strange thought Polybore, Word2003 is aware of what Chrome has been streaming “Incognito”?
On further investigation, sure enough, there in Internet Explorer 8’s browsing history were the links to the files streamed in “Incognito Mode” by Chrome.
The only reference Polybore could find to this behaviour after a Google search was this http://www.google.com/support/forum/p/Chrome/thread?tid=32adfc97fa78b7d8&hl=en
Having read that, we can say this happens with Google Chrome and Firefox with IE7 and IE8.
Google and Firefox need to flag this behaviour up to users or stop it entirely. Indeed Chrome’s Incognito mode just does not do what Google says it does and that is seriously misleading. Get it sorted Google.
In the mean time if you are using Chrome or Firefox to stream .avi or .wmv, and privacy is important to you, make sure you delete Internet Explorers history as well.
Aditional:
Further to continued testing can report that this also happens with streamed .wma music as well. So essentially if Chrome or Firefox uses Windows Media Player to stream media then Internet Explorer history will reflect this, Incognito or not.

Thursday, March 12, 2009

Blogcatalog gets hit by malware Trojan distribution adverts.

malware warning

Update: BC finally reveal what happened here.

It seems that some of the ads that BlogCatalog has been carrying are for websites which infect vulnerable computers with malware/ trojans.

Here is the Google report on why they are issuing the warning.

google analytics page

To see a larger clearer image of the report click here.

It seems that malware distributing flash banners associated with the IP address  82.98.193.102 have been known about since at least October 2008 http://msmvps.com/blogs/spywaresucks/archive/2008/10/31/1652595.aspx

Norton Safe Web reports 18 virus threats at that IP.  https://safeweb.norton.com/report/show?name=82.98.193.102

Ok you we can say that BlogCatalog has been carrying the ads in good faith and how were they to know that these adverts were disreputable.

Well you can just about get away with generous line of thought until you scrutinise some of the ads BC has been carrying a bit more closely. 7 days ago Polybore started a discussion complaining about the low quality of the ads on BC.

http://www.blogcatalog.com/discuss/entry/are-the-bc-banner-ads-annoying-you

During the disscusion Polybore scrutinised one advert that was particularly bugging because it was advertising link selling which Google really frowns upon. In a sense buy a link from us and watch your Google Page Rank fall like a stone which looks like a scam. They imply they can get you a link on the PR 10 US.gov website. Yeah right and Polybore can get you a nice condominium on the moon.

Here is the ad in question.bc ad trim

The ad rotates to display how much it costs to buy a link, starting from $1.48. Now the fact the site advertised is selling links is suspicious in the first place, however it gets worse. Polybore visited the site (fortunately without getting a Trojan) that is selling links to find it has a Google PR of 0, yes zero. Who is going to buy a link from a site with a PR of zero.

Polybore has to say that BC has brought this problem on themselves. It was obvious that these ads were of a very low quality and some were for products verging on scam. BC could have avoided this problem and, unless BC gets their ads sorted, it is likely to happen again. It can take a while for these warnings to be taken down by Google etc. and it is just not worth the risk.

Come on BC get the ads sorted.

How to stop phpmyadmin login page from being accessed from internet via apache2 virtual server. Linux OS server.

Polybore wanted to access phpmyadmin only from the local server, NOT from the internet. None of the solutions found via Google worked out so Polybore came up with this solution.

Edit your virtual server configuration text file in /etc/apache2/sites-available.

Modify the following to suit your set up and add within <virtualserver ip:80></virtualserver>:

<Directory /usr/share/phpmyadmin>
       # Restrict phpmyadmin access to just my worksation
        Order Deny,Allow
        Deny from all
        Allow from your.PC’s.lanip.here
</Directory>

Restart apache and you will only be able to access phpmyadmin from the local PC NOT the internet.

If myphpadmin still can be accessed via the internet check that you used a local ip not localhost or 127.0.0.1

Check your hosts file to see ips listed for your server.

Tuesday, March 10, 2009

How to create an animated gif for your web space/ blog.

 

In a previous post Polybore mentioned Aniboom as an online service for producing animated GIFs. http://polybore.blogspot.com/2008/07/using-aniboomcom-to-make-your-own.html

Worth considering as an alternative is gifninja  http://www.gifninja.com/

Gifninja is an online tool like aniboom. The main difference/ advantage is that you can upload your own images or, as Polybore has done, your own video file. 5 image limit for .jpeg or for video .wmv or .asf 4 of video seconds max.

Polybore tried it out by uploading a section of an ident video for Polybore’s sister blog watchblogvideos.com

The resulting gif has turned out pretty good you can compare it against the video before it was converted by clicking here. http://www.watchblogvideos.com/2008/10/new-watchblogvideos-ident-v20.html

If you need a gif then gifninja is well worth checking out.