Tag Archives: sunbelt software

Anti-Virus Products

No Gravatar

GadgetHub, click here

Vipre AV Software

No Gravatar

I’ve tried various anti virus applications on my Windows machines.  Both Norton and McAffee are too top heavy in my view, and slow down many machines way too much. Try running a few apps such as Ms Office, Quick Books, or Photoshop at the same time, and you’re watching paint dry.

Some of the free offerings are quite good, and one I used until recently was the Free offering from AVG.

Now, some time back I used to use CounterSpy, and when I got an email mentioning VIPRE from this same company – Sunbelt – and that it was on a beta trial, I thought I’d give it a go.


The initial scan found stuff that AVG hadn’t. This isn’t always a good thing, as at some point or another every AV app flags false positives.

I’ve been very pleased with both the security that this product offers, and the performance too. There really is no obvious slowdown, as one gets with the established bloatware apps.

Another great idea too, and one that many commercial software houses could do well to adopt is to offer a license for ALL the machines in your home. It’s $49.95, and covers every Windows machine you have. Many people have more than one machine in their home these days. I’ve currently got four machines at home running XP (and Linux boxes too, that don’t really need AV software installed).

I unhesitantly recommend it. Oh it works on Vista too. Oh, and I don’t work for Sunbelt, and they didn’t ask me to endorse their product. I just believe in telling it like it is (or at least how I’ve found it is).

Google poisoning

No Gravatar

You might want to take an extra half-second the next time you click on search engine results to make sure you know where you’re going. Computer criminals have refined a sinister technique for tricking Web surfers into clicking on infected Web pages, turning search engines like Google into unwitting partners.

It’s known as “Google poisoning,” because Google is the biggest target, but it can impact any search engine. Criminals construct booby-trapped Web pages, then dupe search engines into giving them high rankings.

Last week, security research firm Sunbelt Software found that a simple search for something like “funny dog picture” on Google directed searchers to Web sites hosted on Chinese domains. Those who clicked on the links were pushed to install a malicious program named “Spy-shredder.”

Last week alone, criminals posted 40,000 to 50,000 of these malicious pages in a single, coordinated attack, said Alex Eckelberry, CEO of Sunbelt.

“What has surprised security researchers was the scale of this,” Eckelberry said. “This was a very big attack, a very fast bolt from the blue.”

Those who fell for the trick suffered “a bad infection,” he added. “There was a lot of nasty software out there.”

Google removed the links from its database immediately when notified, Eckelberry said. But the criminals were back the next day with more virus-laden Web sites on different domain names.

A Google spokeswoman who declined to be identified said the company is aware of the problem and working to keep its results clean.

“Google works hard to preserve the quality of our index,” the company said in a statement. “We actively identify sites that serve malware or abuse our quality guidelines in other ways.”

Not new, just more sophisticated
Publishing booby-trapped Web sites or “gaming” Google’s search algorithms aren’t new practices. Called “SEO” by practitioners, search engine optimization runs the spectrum from legitimate linking to affiliated Web sites to the creation of hundreds of fake sites designed to artificially inflate Google rankings, which essentially judge how many links a Web page attracts.

But criminals are now combining SEO tactics and booby-trapped Web pages, and doing it systematically. By posting tens of thousands of Web sites simultaneously, criminals can take over all the top spots on a search results page, casting a wide net that’s more likely to catch Web users.

Eckelberry described these criminals as “SEO Gods,” saying they can “take any site and get it on the first page of Google results.”

‘Comment spam’ also a problem
In addition to cross-linking all these fake Web sites, criminals are also engaging in “comment spam” to enhance their search engine rankings, said Zulfikar Ramzon, a researcher with antivirus firm Symantec Corp. Popular blogs — including the Red Tape Chronicles — are regularly bombarded with computer-generated, meaningless comments that include a link to another site. By getting a link on a popular Web site, the spammer’s Google ranking improves. We try to keep comment spam off MSNBC.com, but it often slips onto blogs all around the Web.

No one knows how successful the tactic is, though Eckelberry points out the criminals wouldn’t keep doing it if it didn’t work. Still, even an attack of 40,000-50,000 fake Web sites still represents an infinitesimal portion of the sites in Google’s index, making the odds of any individual consumer encountering a poisoned Google link still quite small.

“I don’t want people to get scared of Google,” he said. “Google is impressive with how quickly they remove bad sites.”

It’s wise to look both ways even when crossing a quiet street, and it’s wise to take an extra glance before clicking on a search engine link. Google makes this easy by listing the URL under each search result. In the most recent attack, potential victims might have noticed the .cn suffix on the end of each domain name, a signal that the Web site might be in China and might include unexpected content.

That’s not a foolproof strategy, however. Computer crooks sometimes deploy a technique called “Google cloaking,” which tricks the search engine into displaying the wrong URL on search results pages, Eckelberry said.

Old advice also works well here: Keep up with security patches. This latest set of attacks relied on vulnerabilities that allow a Web site to install software onto a visiting computer without a user’s knowledge. Fully patched systems merely received a pop-up window inviting users to download video software — a much easier attack to avoid. Again, this is not a foolproof protection, but keeping your security current severely decreases your odds of being infected by Google poisoning.

Finally, Eckelberry recommends that Windows users set up separate user accounts for their children. That will limit the damage that a child can do by searching the Web with your computer.

Technorati Tags: