Tag: security

Your Presentation is Unsafe

It’s official: Presentations built with Microsoft PowerPoint are unsafe because of built-in supports for Microsoft’s own Object Linking and Embedding (OLE) protocol. Actually any Office document is potentially unsafe since they can all access the same protocol.

Any Office document that suddenly displays a User Account Control (UAC) prompt is infected and is trying to tunnel into your Windows installation. Diabolical!

The full technical stuff can be read here. But there’s a quick fix:

Download and install the OLE packager Shim Workaround to fix the PowerPoint issue, but remember this is not full patch; that’s in development for later release.

Try and  avoid PowerPoint. Most presentation can be made in person without numerous slides that only put viewers to sleep 🙂

Vaccinate against POODLE attacks

POODLE is the latest Internet threat that targets our need to prefer secure (aka https) connections over unsecured (aka http) ones. POODLE (Padding Oracle On Downgraded Legacy Encryption) specifically targets a weakness in the SSL (Secure Sockets Layer) 3.0 protocol by exploiting a hard-coded flaw within SSL 3.0 to gain access to your data through browser cookies! (more…)

Use Spyware Blaster to Protect Portable Firefox

I’m sure (by now) you are aware of the Portable Firefox application that bundles a complete Mozilla Firefox 3.x version as a ready-to-use browser setup. All you have to do is download the relevant file (available in Firefox 3.0.1x and Firefox 3.6 Beta builds) from PortableApps.com to your systems. Click to run the installer. And save the files to a location on either your hard disk drive. Or on a portable (USB pen) drive. Whatever floats your boat better.

Spyware Blaster (for those who haven’t been paying attention) is a powerful anti-spyware protection application. The free for personal user version should work for 99% of all users. Unlike other security tools, Spyware Blaster protects you before the fact. Blocking cookies, dialers, ActiveX controls and known spyware web sites from your browsers. The existing 4.2 build protects Windows, Internet Explorer and Firefox. As the Opera web browser doesn’t use DOM it’s quite secured against most malware.

The problem with Spyware Blaster is it can’t detect Portable Firefox since the latter isn’t installed; mere extracted. So we need to implement a workaround.

[Update: June 10, 2012: I’ve revised this post to include how to patch your Portable Firefox settings to enable SpywareBlaster monitoring. Read on 🙂

How to:

1. Create the following folder:
Windows XP/Vista – Documents and Settings(Your user)Application DataMozillaFirefox (if you are using )
Windows 7/8 – Users(Your user)AppDataRoamingMozillaFirefox

2. Create new text file with the following:

[General]
StartWithLastProfile=1

[Profile0]
Name=Default
IsRelative=0
Path=C:TamedFirefoxPortableDataprofile
Default=1

(Path is mine, you modify according to where your portable is)

Save text file as profiles.ini in the folder you created – D:Documents and Settings(Your user)Application DataMozillaFirefox

Now start SWB again

Fix courtesy: http://www.wilderssecurity.com/showpost.php?p=1200223&postcount=2