Wednesday, February 25, 2009

Useful Links

In reviewing my mail today I came across a list of useful links for Microsoft products and decided to share a few with Web Bytes Blog readers. One that caught my attention right away was the link to step-by-step guides on how to perform common Windows tasks and this guide is downloadable.

Windows XP How-to Center

50 Ways to Customize Windows Vista

Free Downloadable Step-by-Step Guides for Common Windows Tasks

Windows Laptop Scout

Hope these links are of help to you and if you have any that would be of help to the Web Bytes readership, please let us know. I have been a little busy recently and hope to have more time to do detail research on some of the 101 Fantastic Freebies. In the meantime if any of you have used or researched any of the products on the list, again, please feel free to share with us.

As always, submit your questions and comments and let’s have fun learning together.

In His Service,

Read more!

Monday, February 16, 2009


Below are two links for 101 Fantastic Freebies written by Preston Gralla and Erik Larkin of PC World. These links were published in a blog on a business networking site I am a member of and I thought they would be a good fit for our Web Bytes Blog (Thank you Marilyn). The articles list the Web’s best free stuff for download and online productivity, security and entertainment. Some of the products were already written about here on Web Bytes and others will be researched, used and written about during the year. If you decide you would like to use any of the software and it was not one of the products tested by the PC World authors, please search the Web for a review of the product or ask for us to research and write about it. Have fun checking out these products.

As always, submit your questions and comments and let’s have fun learning together.

Read more!

Wednesday, February 11, 2009

In-session Phishing

One of the first articles posted to Web Bytes Blog pertained to Internet Security and the fraudulent act of phishing. In this article phising attacks were perpetrated through emails. Today, again we revisit this topic but a far more sophisticated, stepped up feature of phishing, known as in-session phishing. As the name implies, the attack happens while the user is in an active session of banking or some similar tasks dealing with sensitive and confidential information. Because of this, the attack is more likely to succeed as the victim is already logged in to the secure site when a pop up window appears asking for them to login since the session has expired or some other form of engagement that could be typical of the site.

Today I read in PC World that there is a bug in the JavaScript engine used in many of the popular browsers was discovered by Amit Klein the CTO (Chief Technology Officer) of Trusteer (McMillan, 2009). Because of this article I decided to write this post and found other information to corroborate the PC World article. Another article on the same topic from Trusteer went a little further and mentioned the names of the browsers which are Internet Explorer, Firefox, Chrome, and Safari. This vulnerability in JavaScript allows a Web site to check whether users are logged in to another Web site via a footprint left by this code. Accordingly, quite a bit of online banking institutions, social networks, retailers and the like. According to the Trusteer research paper lists two conditions have to exist for this in-session attack to occur:

• The secure site have to be compromise and infected providing the mechanism to launch the attack
• The Malware must be able to identify which Web site the user is currently logged on to

In light of this, users need to be more diligent while taking care of sensitive and secure information and log out of secured sites when finished…do not leave the browser open while you navigate to other sites.

For complete information on how the scheme unfolds and to protect you, visit Trusteer’s Web site at the link below and read the research paper “In session Phishing Attacks”, the PC World article for March 2009 on page 12 and via the link below.

As always, submit your questions and comments and let’s have fun learning together.

Hruska, J (2009, January 13). New in-session phishing attack could fool experienced users. Retrieved February 11, 2009, from ARS Technica Web site:

McMillan, R (2009, March). Browser bugs could allow phishing without e-mail. PC World, 40.

(2008, December 29). In-session phishing attacks. Retrieved February 11, 2009, from In-session-phishing-advisory-2.pdf Web site:

Read more!

Tuesday, February 3, 2009 3.0.1

I just got an update from announcing the availability of 3.0.1 release which fixes some minor issues that were reported for 3.0. I will write more later if there is any thing major. See link to complete article. 

Read more!