Bill Pytlovany

by

WinPatrol Changing of the guard

WinPatrol – Scotty

WinPatrol has been very important over the years. I have several (six I think at least) lifetime memberships of WinPatrol software and I install it on all my Windows installs personally and for my friends, family and clients. It has been a staple in my security arsenal for many years now, and BillP has been a great friend to all of us.

BillP, thank you so much for continuing to look for someone who would fit the bill, as it were, and you certainly found a great choice!

I am very excited about the promise that Bret Lowry made to WinPatrol customers:

My commitment to WinPatrol customers is as follows:

One, your lifetime PLUS licenses are just that, lifetime licenses. That was the easiest topic in our negotiation and is written into the contract.

Two, WinPatrol will not have toolbars or other “add-ins” added to it or its installer. Installers that do that drive me crazy because I’m the guy people call to “fix” their computer after the installer completes its hijacking. I am not going to do that to my customers.

Three, I will be responsible for answering support questions, even more incentive to play nicely and stand-by item two above. And

Four, I use WinPatrol myself and therefore am committed to the continued improvement of WinPatrol. I am honored to have earned Bill’s trust and confidence in his allowing me to purchase WinPatrol. Bill has run WinPatrol with integrity since its inception, as a founder of Ruiware (along with my wife), I promise we will carry on that tradition.”

BillP, after reading your blog posting and Corrine’s Security Garden posting, I was totally thrilled to read about Bret Lowry, Ruiware, LLC being your choice.

Totally awesome! I knew you wouldn’t let us down! Thank you Bill for all the years you have given to us! We totally understand your need to step aside and wish your family all the best and your family is ever in my thoughts and prayers.

Corrine, thank you for letting us know of the change right away!

This must be a bittersweet day for BillP; to let go of his baby, to turn it over to someone else, but sweet knowing he turned it over to a great guy who will care for his customers the way he did.

Hi Bret Lowry! I am excited to meet you in Bits from Bill and from Security Garden Blog. Thank you for putting our minds at ease about the commitment you have given us. Hope you will still do the sales periodically like BillP always did and keep the price economical and the free edition which is so important.

On WinPatrol.com:

I’m very happy to announce WinPatrol’s future will be in the hands of Ruiware founder and former lead at Sunbelt Software, Bret Lowry. If you read today’s post and download our new version later today you’ll understand why I’m confident Scotty is in good hands.
Click here to find out why

And this wonderful note from Bret too:

WinPatrol.com - WinPatrol from Ruiware.

WinPatrol.com – WinPatrol from Ruiware. “When I discovered WinPatrol I knew it was a winner and a program I’d install for my entire family. WinPatrol customers matter. You still won’t find obnoxious toolbars when you download WinPatrol. Instead, we help you get rid of them. Thanks, Bret Lowry — Click on image to go to WinPatrol.com

In closing, I would like to echo Corrine’s thoughts from her Security Garden blog entry:

On a personal note, I have long respected Bill Pytlovany and, because of his honesty and high ethical standards, held him in high esteem.  I know I won’t be losing contact with him but still wish to take this opportunity to publicly thank Bill for providing an excellent product.

I could not have said it any better!

by

WinPatrol PLUS For Everyone Just $2

Tech gift guide: Gift copy of WinPatrol Plus gives lifetime of PC protection – USAToday

There are a couple of reasons you might want to shell out $29.95 for gift copies of WinPatrol Plus and give them to all the PC users on your shopping list.

WinPatrol may be one of the best kept secrets in computer protection. What’s more, it is the creation of an iconic tech personality, Bill Pytlovany, one-man researcher/developer/distributor at BillP Studios.

Pytlovany has a loyal following of tech geeks who swear by the basic version of WinPatrol, which he created in 1997, graciously keeps updated and continues to make available for free — for the greater good.

I found the above article while reading BillP’s blog posting: WinPatrol PLUS For Everyone Just $2:

About once a year I go crazy and try to introduce WinPatrol PLUS to the folks who have never heard of WinPatrol or have never experienced this small powerful app. For over 15 years WinPatrol has been recommended by friends and family but I never invested in any kind of expensive PR campaign.

I heard about WinPatrol many years ago, at least 10-15 years ago … it could have been when it first came out. But I am not really sure. I could have found WinPatrol from Corrine at one of the Anti-Spyware forums I frequented, or FreedomList where she is an admin, or at Scot’s Newsletter Forum where she is also a fellow admin. Or it could have been through Fred Langa‘s LangaList which I subscribed to for many years before Fred merged LangaLIst with WindowsSecrets Newsletter with Brian Livingston who himself retired in 2010, or from an article in WindowsMag (one of my all time favorite magazines. I was very sad that CMP retired Windows Mag on June 25, 1999 but we did have an online version at WinMag.com for a couple more years). WinMag had some great writers and they all knew BillP. WInMag and PCMag were my initial magazines for Windows in the early days. It is where I read great articles from: Scot Finnie, Fred Langa, Mike ElganKaren Kenworthy (1),  and many other great writers (I used to know all their names off the top of my head, now these four I remember the most).  But, I digress…

This is a great time to consider buying WinPatrol PLUS for only $2! Can’t beat it! And BillP’s WinPatrol is a best in class software! Check out the Free version at WinPatrol.com, and upgrade if you like it. Can’t go wrong for $2.

For those who (EEEK!) might still be using Microsoft’s old and long unsupported OSes;  Windows 98 or Win2K, WinPatrol Downloads has something for you as well.

BillP’s  Message to Windows XP users – Very important as the April 2014 retirement of Windows XP approaches.

WinPatrol runs on Windows XP, Vista, Windows 7 and Windows 8 including x64 versions.

USA Today says…

“…best kept secret in computer protection.”

by

New Metaspoit 0-Day IE7, IE8, IE9, WinXP, Vista, Windows 7

New Metasploit 0-day exploit for IE 7, 8 & 9 on Windows XP, Vista, and 7 – SecurityStreet/Rapid7

We have some Metasploit freshness for you today: A new zero-day exploit for Internet Explorer 7, 8, and 9 on Windows XP, Vista and 7. Computers can get compromised simply by visiting a malicious website, which gives the attacker the same privileges as the current user. Since Microsoft has not released a patch for this vulnerability yet, Internet users are strongly advised to switch to other browsers, such as Chrome or Firefox, until a security update becomes available. The exploit had already been used by malicious attackers in the wild before it was published in Metasploit. The associated vulnerability puts about 41% of Internet users in North America and 32% world-wide at risk (source: StatCounter). We have added the zero-day exploit module to Metasploit to give the security community a way to test if their systems are vulnerable and to develop counter-measures.

Here’s the back story: Some of you may remember that a couple of weeks ago, the Metasploit exploit team released a blog regarding a new Java exploit (CVE-2012-4681), with a blog entry titled “Let’s Start the Week with a New Java 0day in Metasploit“. You’d think the 0-day attack from the same malicious group might cool down a little after that incident… well, you’d be wrong. …

BOLD and COLOR emphasis mine.

I am sure that they only tested IE7, IE8 and IE9 initially on this because those are the only IE browsers in use right now for Windows XP, Vista and Windows 7 and based on the w3Counter, the largest number of IE users at this time.

He also said that if he were to test IE10, he was certain it would fail the test as well.

One can only imagine how miserably IE6, as the highest level of IE that works on Win2K, would do. You would think that most people have moved onto newer versions of Windows, but some have not sadly despite the fact that Win2K hasn’t had an update since I think July 2010 and despite articles like this one from Ed Bott January 16, 2010. Don’t think it’s a big issue? Well according to the IE6Countdown website, IE6 still has an impressive 6% of Internet users worldwide as of August 2012.

Sure the USA’s piece of pie for IE6 is only 0.04% but I know a few of those folks and they are diehard users who refuse to leave a dead OS and browser due to economic issues, or sight issues, or both. Now, to their credit, some of these Win2K users do have a NAT hardware router, a software firewall, and they use Firefox and not IE6, but still, Win2K has not had any updates since July 2010! Not a wise move.

Personally,  I have NO addons allowed to work in IE8 in Windows XP by default on the Installations of Windows XP SP3 that I have still running, or IE9 on Windows 7.

I lock down my other browsers with no scripting type extensions like NoScript on Firefox, Chrome, etc. regardless of the operating system I am using (Windows, Mac, Linux), as well as Adblock Plus.

Another great little program for Windows that can help you keep a handle on what is happening on your Windows computer is BillP Studio’s WinPatrol Plus and FREE WinPatrol. I use it on my WinXP SP3 as an added protection since I have a laptop that can only run WinXP (SP3 of course), I use very intermittently for special use tasks such as setting up routers, or downloading music using Amazon Downloader, or sites that use OverDrive Media Console, etc. which won’t run on Linux on my laptop. This is when I am on the road using Library or Starbucks, or other public wifi hotspots due to our bandwidth limitations here at home on Verizon Wireless.

And I have found it to be wise to use a different browser (locked down of course as much as you can tolerate), rather than the ‘ubiquitous’ browser (IE in Windows, Safari on the Mac, or whatever the default browser is in a given GUI in Linux) in any given operating system.

One can not leave this to chance these days, IMHO.

 

EDIT: Added articles – one more about the exploit and the link to information on Microsoft’s workaround:

Update: Hackers exploit new IE zero-day vulnerability – Computerworld

Customers can use the Enhanced Mitigation Experience Toolkit (EMET) 3.0 to harden IE enough to ward off the current attacks, said Wee, of the company’s Trustworthy Computing Group, in an email late on Monday.EMET 3.0 can be downloaded from Microsoft’s websites.

Microsoft issues workaround for IE 0-day exploited in current attacks – net-security.org

Microsoft has reacted fast by issuing a security advisory yesterday, in which it confirms the existence of the flaw in Internet explorer 9 and all previous versions (IE10 is not affected), and offers instructions on steps the users can take to mitigate – but not yet remove – the threat:

  • Deploy the Enhanced Mitigation Experience Toolkit (EMET) and configure it for Internet Explorer
  • Set Internet and Local intranet security zone settings to “High” to block ActiveX Controls and Active Scripting in these zones
  • Configure Internet Explorer to prompt before running Active Scripting or to disable Active Scripting in the Internet and Local intranet security zone.

These steps could bring additional problems to the users, such as being bombarded by a slew of security warnings, so until Microsoft releases a definitive patch for the hole, maybe it would be easier for IE users to take Rapid7’s advice and switch to another browser for the time being.

Again BOLD emphasis mine.

by

New, sneakier Flashback malware infects Macs

New, sneakier Flashback malware infects Macs – Computerworld

A new, sneakier variant of the Flashback malware was uncovered yesterday by the French security firm Intego.

Flashback.S, which Intego described Monday, uses the same Java vulnerability as an earlier version that has infected an estimated 820,000 Macs since its appearance and still plagues over 600,000 machines.

But unlike Flashback.K, the variant that first surfaced last month and has caused consternation among Mac users, Flashback.S never asks the victim to enter an administrative password for installation, but instead relies only on the silent exploit of the Java bug to sneak onto the system.

“The differences are very subtle,” Peter James, a spokesman for Intego, said in an interview Tuesday. “There’s no password request [by Flashback.S].”

Much more in the two page article.

Apple will likely need to update their seek and destroy tool very quickly to help users stay free of this new variant.

If you think you are beginning to need an antivirus/antimalware solution, there are quite a few out there. Below are just a few:


Sophos Anti-Virus for Mac Home Edition – Sophos has a worthy product out there and it is nice that they make their money on corporate/business computers and offer the home version for free.

ClamXav The Free Anti-Virus Solution for Mac OS X It uses the popular open source ClamAV engine as it’s back end and has the ability to detect both Windows and Mac threats.

There are other options as well for the Pay to Play crowd.

ESET Cybersecurity for Mac

And others from Intego Virus Barrier for Mac free and Pro versions available in the Mac App Store. Intego as noted above found this newest FlashBack in the wild). Other Mac antivirus firms Symantec/Norton, and many more.

Many of these come with a heavy CPU usage hit that is very annoying considering the small number of actual threats out there for the Mac. Of course some users may feel that the ones that provide real time protection are the way to go, some may feel it is worth it if their Macs are speedy enough and they have enough RAM.

For those who don’t think they need a Mac antivirus just yet, if you don’t use Java or none of your programs use Java, you could go to the ~/Applications/Utilities/Java Preferences.app and disable Java until you actually need it and then re-enable it as needed. It’s a very easy thing to do really.

Or you could set up AppleScript to monitor areas where malware might inject itself so it will alert you.

Monitor OS X LaunchAgents folders to help prevent malware attacks – CNET

Some additional locations to add can be found at MrAnderson.info here.

Also installing Piriform CCleaner for Mac is a great idea and can be run as needed very quickly every day even.

Certainly less of a system resource hit and one could still have a non-resident antivirus and scan at your convenience and respond if the Applescript tells you something is going on that you didn’t instigate by installing a program, etc.

The Applescript monitoring locations that you can set up is built with Mac OS X which is light on resources and free. The Applescript monitoring does a similar thing as WinPatrol does in Windows – but of course in a very small area comparatively. WinPatrol does so much more but the key similarity is the monitoring for changes to areas that malware can hit a Windows PC.

What we need for people who are not very savvy about these things is a MacPatrol app like WinPatrol.

Call Starkist

by

How to Defeat Lizamoon in One Easy Step

[tweetmeme source=”franscomputerservices” only_single=false]Lizamoon is a social engineering trick. Don’t fall for it.

PCWorld’s David Murphy, has the best solution for users surfing the Internet with this Lizamoon crap out and about on websites and posted it in an article entitled, “How to Defeat Lizamoon in One Easy Step“:

The simple solution: Don’t install unknown files! The more complex solution: Know what antivirus programs already exist on your system, and know what they look like when they scan for and find files. If something says you have malware on your system, and this something looks nothing like applications you already have on your system, be suspicious!

Much more in the article. Must read.

Yep, we are the biggest defense against many malware infections from websites, including this one. Just say no. 😉

And of course immediately run your temporary Internet files (TIF) cleaner, such as CCleaner, etc. as soon as you close your browser to remove anything that might have copied itself to your temporary Internet files. And run your security software to make sure nothing has gotten a foothold on your system right away.

If something like this happens, do yourself a favor and make a preemptive scan with your antimalware program, such as a great one called Malwarebytes Antimalware. Just because your antivirus didn’t pick up on it, doesn’t mean you don’t have a problem. No single program can pickup on everything.

Another great program option to help prevent this sort of thing would likely be WinPatrol, which can alert you to changes in your HOSTS file, items that are injecting themselves into your system through placing them in the auto run on boot, or other system changes that may be injected that you may not know are happening otherwise.

An ounce of prevention is worth a pound of cure.

by

Scot’s Newsletter Forums Celebrating their 8th Year!

[tweetmeme source=”franscomputerservices” only_single=false]Hard to believe that it has been 8 years since Scot Finnie — who is now the Editor in Chief of Computerworld — started a little experimental forum, Scot’s Newsletter Forums! Eight years later, it is still going strong.

I remember when the forums first started. Many of us were there from the beginning, or very nearly so. We were subscribers of Scot’s Newsletter when Scot announced to his subscribers.

I had been reading Scot Finnie’s articles since the old, now defunct WinMag days, and was saddened when they no longer published it. I lost track of Scot Finnie and a host of other writers for a time. I was very excited to hear about Scot Finnie and others who used to write for WinMag going on to have their own online/email newsletters and websites and finding them all over the place on the Internet.

The Scot’s Newsletter Forums has turned out to be a great place to gather, and help each other with various computer related issues, problems.

It’s a place where we SNF (Scot’s Newsletter Forums) “Highlanders” share our joys of success, and get help and understanding for our computer woes, and we have gained a level of friendship and community that is quite special, even among forums. I know that the SNF community literally reached out after the devastation of Hurricane Isabel, and physically and monetarily, as well as just emotional encouragement, helped us fix our roof — And I do mean physically. Some of the members who lived ‘near by’ actually traveled to our house with tools, materials and a willing spirit to help us put our roof back together. For those that wanted to help, but couldn’t come, they helped with providing funds to buy materials. It was a great blessing to us! And showed that even an Internet based community can be as real as any other community of neighbors, friends and family.

And all this while we work together with our various operating system situations whether it be Windows (ATW), Mac (ATM), and Linux (BATL) and other areas.

To help us celebrate the 8th year of Scot’s Newsletter Forums, ESET and WinPatrol have teamed up to help make the celebration all the more special by offering licenses to their great products in two different contests!

We really appreciate their generosity!!

Check out Corrine’s Security Garden posting about SNF 8th Anniversary as well; with even more information.

Happy 8th Anniversary Scot’s Newsletter Forums! It has been a wonderful thing to be a part of such a great ‘experiment’. 🙂

by

Race Conditions aka TOCTOU and now KHOBE

[tweetmeme source=”franscomputerservices” only_single=false]There is a ‘supposedly new’ threat on the horizon for Windows XP users, and more so on multi-core systems called KHOBE (Kernel HOok Bypassing Engine).

Although this is a threat, it is not a new threat — in fact, this type of thing has been a threat to computing since 1998 when it was written about in PDF format: RaceConditions.pdf, and in 1996 in this PDF: racecond.pdf and many times since then in articles online about TOCTOU (noted below in this posting).

It definitely sounds pretty bad when it is reported that this ‘new’ KHOBE can bypass EVERY Windows security product in an article by the respected Adrian Kingsley-Hughes at ZDNet Blogs and as reported and tested by MATOUSEC here. And it certainly isn’t a non-issue…

However, let’s look at this objectively. First this is not the first, last or only situation that has or will arise. Race Conditions as noted above have been created by TOCTOU (Time of check to time of use) situations since the dawn of computing and yes, they are not easy to test for in all situations/hardware prior to release of software/Operating Systems, but these types of conditions have been a potential threat for a very long time in all kinds of software.

A time-of-check-to-time-of-use bug (TOCTTOU − pronounced “TOCK too”) is a software bug caused by changes in a system between the checking of a condition (such as a security credential) and the use of the results of that check. It is a kind of race condition.

Before Windows was capable of true multi-tasking/multi-threading, it was possible to create these conditions on UNIX machines as noted in this 2001 article at InformationWorld.

So, why the fuss now? Windows 7 is basically claimed to be immune — by its omission in the ‘affected Windows Operating Systems’ list. Apparently only Windows XP (ONLY about 60% of Windows users –eeek! — per Adrian Kingsley-Hughes article above), or earlier Windows OSes are affected and in this particular case, and then only by security software that use the KHOBE (Kernel HOok Bypassing Engine).

Graham Cluely at his Sophos Blog notes,

Because KHOBE is not really a way that hackers can avoid detection and get their malware installed on your computer. What Matousec describes is a way of “doing something extra” if the bad guys’ malicious code manages to get past your anti-virus software in the first place.

In other words, KHOBE is only an issue if anti-virus products such as Sophos (and many others) miss the malware. And that’s one of the reasons, of course, why we – and to their credit other vendors – offer a layered approach using a variety of protection technologies.

In addition, Paul Ducklin’s Sophos blog notes,

The security panic of the week is the widely-reported story of a “vulnerability” called KHOBE. One news headline goes so far as to announce that this “new attack bypasses virtually all AV protection”.

I disagree.

The sample “attack”, which claims to be an 8.0 earthquake for desktop security software, describes a way in which the tamper protection implemented by some anti-malware products might potentially be bypassed. Assuming you can get your malicious code past the anti-malware product in the first place, of course.

Much more in his blog entry. All of these links are must read if you wish to understand as much as is possible what the real threat is.

So, given all this, is the game over on security software because this is now disclosed to be possible (READ: it was always possible) — at least till they figure out how to prevent Race Conditions in security software?

Hardly. But due to the release of the information, this situation may make life interesting security-wise for Windows XP users (earlier Windows OSes like Win2K, Win98, WinME, WinNT shouldn’t even be on the net at this point for many reasons, the least of which is this situation).

So, if you are a Windows user what can you do in the meantime?

  • Keep your systems up to date
  • Make sure you have a hardware NAT or SPI Firewall/Router on your local network, and a software firewall in place and working properly and updated (if it’s a third party firewall – Windows Firewall is updated with your Windows Updates)
  • Keep your browsers up to date
  • Keep your browser plugins (Adobe products, Apple products, Java, etc.) and extensions (like Firefox’s AdBlock Plus, etc.) up to date
  • Keep all Internet facing programs (Adobe, Microsoft, etc.) up to date
  • Run your CCleaner (or other Temporary Files/Temporary Internet Files cleaner program) frequently (I actually run mine several times a day) – Fully close any browsers before running your ‘cleaner’ and then re-open it as needed after you run the ‘cleaner’
  • Make sure your antivirus software is updating as it should and doing its scheduled scans
  • Update and Run any cleaner software and secondary anti-malware programs (like Malwarebytes Anti-malware) at least once a week or more often and immediately if something seems odd on your computer
  • Don’t open suspicious emails, even from known senders
  • Be careful where you go on the Internet. Even some legitimate sites have been hacked
  • Be careful about links and friends on Facebook (if you haven’t deactivated your account yet), Twitter, LinkedIn, and other Web 2.0/dynamic Social Networking sites.

In short, do what you should always be doing to keep yourself safe. Because this isn’t over. It was always a possibility whether we were aware or not, and it will likely be a possibility for a long time to come.

You might also consider installing a preventative program like BillP’s WinPatrol on your system to make you aware of potential changes to your system. *See EDIT below for a note from BillP about WinPatrol and kernel hooks.

And as I noted earlier, the focus of this issue, at this time, is apparently Windows XP, but any operating system is vulnerable to this type of attack and always has been — and that is not likely going to change any time soon.

EDIT: Added the following comment from BillP who developed WinPatrol:

* Thanks! I’m honored by the mention.
It’s a great topic and mentioning WinPatrol is appropriate since I don’t use any kernel hooking to detect changes. Thumbs Up!

Bill

by

Unpatch Java Exploit Spotted in-the-wild

[tweetmeme source=”franscomputerservices” only_single=false]Unpatch Java Exploit Spotted in-the-wild (Krebs on Security):

Last week, a Google security researcher detailed a little-known feature built into Java that can be used to launch third-party applications. Today, security experts unearthed evidence that a popular song lyrics Web site was compromised and seeded with code that leverages this Java feature to install malicious software.

As I mentioned last time, it is sad that Java is needed to help keep your systems safer through Secunia’s OSI (Online Software Inspector) by helping you keep your Internet facing programs up to date.

For now, if you are not sure if you have Java on your system, you can look in Add/Remove Programs (Windows XP) or Programs, Uninstall Programs (Vista and Windows 7) to see if it is installed. The best option at this point is to probably uninstall Java entirely on Windows computers until Oracle realizes the dangers this problem poses to Windows users.

Of course if you would prefer, you could use the link to SANS Internet Storm Center (New bug/exploit for javaws) to review your options.

Another option would be to use Firefox with the NoScript Extension and only allow scripting on trusted sites. NOTE: Even though java is not javascript, most plugins use some sort of scripting to wrap their plugins in to work in a browser so using NoScript would go a long way to protecting users and still be able to use Secunia’s OSI noted earlier in this article.

However, note that there is still the possibility that the malware cocktail could still potentially gain access through Internet Explorer even if you are not using Internet Explorer. To prevent this, Windows users might consider installing BillP Studios’ WinPatrol so they are alerted to any changes to their system before it happens and be given an opportunity to prevent it – You can try it out for free, but it is one of the best $19.99 you ever spent ($10 off right now, normal price $29.99). BillP Studios used to have a free version which can still be found on sites like FileHippo.com (note, however that it is not the new version which is apparently only offered in Trial/Buy).

According to the article, popular lyrics site: songlyrics dot com (I did not create a link to it and I would NOT recommend going there if you have Java installed!) the “Crimepack” exploit kit is being used to foist a cocktail of malware on Windows users’ computers.

I mentioned this Java vulnerability in my last posting. If you want more information, please see my earlier post and Brian Kreb’s Krebs on Security article above.

Tavis Ormand tried to get through to Oracle about the danger, but they chose to rate it as not that important. They indicated that it could wait till the normal patch cycle. However, apparently, they didn’t fix it then either because when all the Oracle quarterly cycle patches came out this week it wasn’t in their list of fixed vulnerabilities — which means they apparently intend to wait till the NEXT cycle!

Roger Thompson, chief research officer at AVG says:

the site appears to use the very same code mentioned in Ormandy’s proof-of-concept to silently redirect songlyrics.com visitors to a site that loads the “Crimepack” exploit kit, a relatively new kit designed to throw a heap of software exploits at visiting browsers…

It is hard to say whether visiting sites like the lyrics site would hurt other OSes like Mac OS X (especially Tiger which hasn’t had a Java update in ages!), or Linux because Brian Krebs’ article was geared to Windows users.

by

Apple, Microsoft, Adobe, Firefox, more

[tweetmeme source=”franscomputerservices” only_single=false]Finally getting back to this blog! Sheesh, time sure gets away from ya!

iPad

The iPad looks great! But…

Why couldn’t Apple have done a Mac OS X tablet! Mac OS X which really does just work but is still much more open than iPhone OS. I absolutely love my Mac, and I love my iPod Touch, but I wouldn’t want my iPod Touch’s iPhone OS on my Mac!

Apple’s new iPad coming soon and already introduced by Steve Jobs in the Keynote; but it is basically a tablet in the form of a larger iPod Touch. Including no Flash player still (but can you blame Apple for not including Flash – yes and no LOL!)? Also, apparently, including still only allowing single apps to run at a time?

Also playing games with eBooks and their customers and retailers, and basically saying that their fiddling will only mean that all eBooks will be the same price (albeit Apple’s higher pricing worked out by playing games with the publishers) — kinda a reversal of what they did with the music labels, by the way.

EDIT (added this paragraph): Speaking of single apps only at a time like the iPhone OS … I remember the Windows 7 Starter on netbooks which restricted users to 3 concurrent apps at a time and people were very upset about it. (Thanks to @Blair_42 for reminding me about it. We talked about this on the JimmyLee and Bambi Show Saturday night on CNIRadio, or JimmyLee and I talked about it before the show…will have to go back and listen to the show to be sure LOL!)

… all instead of a Mac OS X tablet that would be able to do so much more, and be more open than the TOTALLY closed environment of the iPhone OS.

Don’t get me wrong, I love my iPod Touch, but it is not the venue I would want for a tablet computer.

Microsoft

Security Garden reports;

Microsoft released thirteen security bulletins addressing twenty-six vulnerabilities. Windows is affected by eleven of the bulletins and older versions of Office by the remaining two bulletins. Of the bulletins, the following are rated as Critical: MS10-006, MS10-007, MS10-008, MS10-013, and MS10-015.

Much more in the Security Garden article.

But this is after next to nothing in January, mind you.

And Researchers warn of likely attacks against Windows, PowerPoint;

Hackers will jump on several of the bugs Microsoft patched today

And of course, there’s also The Windows 7 honeymoon is over as well.

Joy…Windows XP is long in the tooth, Vista is a total dud, and now the only contender for Windows is Windows 7. I personally love Windows 7, but it does have some oddities that are quite annoying.

Flash

Back to the part about no Flash on the iPad, as I say, who can blame Apple’s decision on Flash when you have things like Adobe screw-up leave Flash flaw unpatched for 16 months?

Firefox

Those that know me, know that I highly suggest that folks use Firefox due to the lack if Active-X and it’s related vulnerabilities, as well as the extension system which has been very helpful; NoScript, Adblock Plus, MyWOT, and so many more wonderful extensions.

But there is the recent concern about Firefox Add-ons Infected;

Perhaps you read the Mozilla blog at http://blog.mozilla.com/addons/2010/02/04/please-read-security-issue-on-amo/ where it was revealed that two add-ons for Firefox were infected with Trojans. In this case the distribution was very small, so not many users were infected, but this type of attack is likely to grow.

And then there is the outright annoyance of HTML 5 and NO H.264 support in Firefox 3.6

Just when HTML 5 is finally breaking ground…We have Firefox 3.6, which supports HTML 5, but which is also a step backward in compatibility with video sites?! Huh?!

What good is HTML 5 support in Firefox if they take away H.264 support?! I understand ADDING Ogg Theora support, but removing H.264 support?

I applaud YouTube, Vimeo, Blip.TV, etc. (hopefully Hulu too), for going to a more open standard like HTML 5 (instead of Flash) for their delivery method of their video content, but they are staying with the same H.264 codec for the videos themselves.

So, why would Firefox, at this particular juncture, remove the ability to play H.264 from Firefox so all their Firefox 3.6 users (even on a computer with the proper codecs installed) get greeted with this:

Firefox 3.6 and YouTube HTML 5 breakage

Or is Flash the ONLY way to get H.264 compatibility?! Which would really stink big time.

I predict, sadly that many will move from Firefox to other browsers as their main browser due to this major annoyance to browsers such as Google Chrome, or Safari who also support HTML 5 but also support H.264.

I am very disappointed about this. And the only way to get around this is what to stay with Firefox? Stay with Firefox 3.5.7? Brilliant move Mozilla. And this from a Firefox user who has been thrilled with Firefox all the way since before it was Firefox in the Beta days. *Sigh*

Me? I don’t know. For general surfing, Firefox with the security addons that I use and other addons that make life easier, I may stay with Firefox. But now I will have to look elsewhere for video rendering of H.264 on all the video sites?!

More…

Oh, and apparently there may be some malware that is currently corrupting DNS or redirecting results for any of the built-in or toolbar search engines in both Firefox and Internet Explorer.

I am not sure which combination appears to do it, but one client got hit by malware (and removed it with Malwarebytes Antimalware), and found that even after the malware was gone — and BTW the host file was clean — they would get misdirected to bogus sites if they used the built-in search engine for Google or use the Yahoo Toolbar in both Firefox or Internet Explorer. However, correct results would happen when going directly to the search engine website like google.com, ixquick.com or yahoo.com. Very interesting.

Buying a new computer? Here’s some great information from Bits from Bill Pytlovany (creator of WinPatrol — great program by the way!) and the article has nothing to do with buying or using WinPatrol. 😉

Here’s the lead in to his article over Bits from Bill blog:

Bits from Bill Pytlovany: Brand New Computer? Read Me First!

Did you think I was going to start out by telling you all to install WinPatrol as soon as you opened up your new computer? Guess again. I always try to write my articles from a different point of view and today may not be what you expect.

For the 2nd time I’ve had to return the Dell All-in-One Multi-Touch computer system that I’ve been dreaming about for months. The first unit had to go back because Dell shipped the wrong configuration. The 2nd system had to go back due to internal hardware failure. I should have known something was wrong when I could hear loose parts when I took the computer out of the box.

My point today is take a little time to insure your brand new computer is everything it should be or you may be sorry. Before you install your favorite software on your brand new system I have a few recommendations.

Great article.

The Bits from Bill blog also has some great posts. One in particular is Who Gets Your Personal Information on Facebook?

Well that’s enough for today, I think…

EDIT: Added inline edit about concurrent apps