[NOTES:
1) all of this information comes from Microsoft and is aimed at
Windows OS users but the information lays out good computing
practices which really should be followed regardless of which
operating system you use.
2) Step (4) below is "Subscribe to industry standard antivirus
software and antispyware software, and keep them current." At the
UofM, IST has licenced anti-virus software for all faculty and staff
who use the Microsoft Windows OS. The anti-virus software that has
been licenced is called Trend OfficeScan. This software, which is
provided and updated free to all faculty and staff for office and
home machines using Microsoft Windows 2000 or XP, can be found at:
http://www.umanitoba.ca/computing/ist/security/index.html
Once on this page, just click on the appropriate link for "On-campus
location" or "Home install or laptop". Due to the nature of laptop
use, they are treated as "Home" machines for anti-virus update purposes.
In addition to installing Trend OfficeScan onto your Windows OS
partition, you should also, as laid out in step (3) below, make sure
your newly installed Windows OS is kept up to date with patches
released by Microsoft, usually on "Patch Tuesday", the second Tuesday
of the month. (For more "Patch Tuesday" info see http://
en.wikipedia.org/wiki/Patch_Tuesday). I'm assuming you're already
doing that for OS X using the built-in "Software Update" feature. ::-=
------------------------------------
...from:
http://www.microsoft.com/athome/security/viruses/
zombies_and_botnets.mspx
Zombies and botnets: help keep your computer under your control
Published: March 28, 2006
Online criminals can use a virus to take control of large numbers of
computers at a time, and turn them into "zombies" that can work
together as a powerful "botnet" to perform malicious tasks.
Botnets, which can include as many as 100,000 individual "zombie"
computers, can distribute spam e-mail, spread viruses, and attack
other computers and servers, and commit other kinds of crime and fraud.
Botnets are highly valued by online criminals, and have become a
serious problem on the Internet. Two major [Windows OS] viruses
(netsky and bagel) were created to compete for control of a large
botnet, and botnet-controlled zombie computers have even been found
in places such as the United States Department of Defense.
How to tell if your computer has been infected
The virus that is used to make your computer into a zombie might
cause your computer to slow down, display mysterious messages, or
work in an unexpected manner.
These viruses usually do not disable your computer, because zombie
computers must be plugged in and connected to the Internet in order
for the botnet to work.
[Read detailed information about how to tell if a virus has infected
your computer at:
http://www.microsoft.com/athome/security/viruses/
intro_viruses_signs.mspx]
What to do if your computer is infected
If your computer shows symptoms of virus infection, first make sure
that the software on your computer is up to date. Then, run current
antivirus and antispyware software to scan your computer and remove
unwanted software.
Read detailed information about how to help remove a virus.
5 ways to help keep your computer from becoming a zombie
1. Never open attachments in e-mail, instant messages, or mobile
messages unless you know exactly what the attachment is, even if it's
from someone that you know. Attachments can contain e-mail viruses.
2. Use an Internet firewall.
Note: Windows XP with Service Pack 2 (SP2) has a firewall
already built-in and active.
3. Stay up to date. Visit Microsoft Update and turn on Automatic
Updates.
Note: If you've installed Microsoft Office 2003 or Microsoft
Office XP, Automatic Updates will also update your Office programs.
If you have an earlier version of Office, use Office Update.
4. Subscribe to industry standard antivirus software and antispyware
software, and keep them current.
5. Use licensed software products. Botnets are often comprised mostly
of computers that run illegally copied versions of operating system
and productivity software. Unlicensed software can be more
susceptible to viruses, and can even come with viruses already
installed without your knowledge.
(...from:
http://www.apple.com/macosx/bootcamp/
More and more people are buying and loving Macs. To make this choice
simply irresistible, Apple will include technology in the next major
release of Mac OS X, Leopard, that lets you install and run the
Windows XP operating system on your Mac. Called Boot Camp (for now),
you can download a public beta today.)
...from:
http://www.macworld.com/2006/04/firstlooks/bootcampfl/index.php?
lsrc=mwweek-0410
Signing up for Boot Camp
Apple software simplifies XP installation
By Rob Griffiths
One word kept coming to mind Wednesday, as I sat down to install
Apple’s Boot Camp public beta on my Mac mini Core Duo—simple. Using
the software to install Windows XP on my machine? A very simple
process. Choosing which OS to boot? Also simple. Installing the
necessary drivers? At the risk of repeating myself, simple, simple,
and did I mention simple?
[...]
From start to finish, while working on the daily hints [column]
updates at the same time, the whole process took me maybe 40 minutes.
I spent most of that time in the XP installer; the preparation steps
took only about 10 minutes. Most important, you don’t need access to
a PC in any way to do this; that alone makes installing Windows XP on
a Mac much more doable for many people.
[...]
Native video support
The difference in XP’s speed with native video drivers is very
noticeable. You can quickly drag windows—their contents display and
scroll very quickly, and the overall interface just feels more
responsive. But nobody cares about the user interface. What everyone
really cares about is gaming, of course! With DirectX and OpenGL
support, the whole world of PC gaming is suddenly available for Intel-
based Mac users.
I installed a few games from my PC collection to see how they’d fare
on my 512MB Core Duo—I had to return the 2GB RAM upgrade I had
previously installed for replacement, so I was testing a worst case
scenario for the Core Duo. This is especially true for games that
require a ton of texture memory, as that would have to come from
system memory, dragging down the whole system. Here’s a summary of
what I found:
- Tiger Woods PGA Tour 2006: This game was basically perfect running
at 1280x1024 resolution. The frame rate was more than fast enough to
keep up with the animated water, moving trees, and in-flight ball
tracking.
- Far Cry: This first person shooter was Game of the Year back in
2004, due to its amazing visuals, set amidst lush jungles and islands
surrounded by animated, semi-transparent water. It puts quite a load
on a machine and was just barely playable at 1,024-by-768 on the
mini. I suspect that performance will improve greatly when I get the
mini back up to 2GB, as Far Cry’s visuals require a lot of video card
RAM.
- Combat Flight Simulator 3: In addition to seeing how well this game
played, I wanted to make sure Windows XP worked with my Saitek
flightstick. Sure enough, I plugged it in, and the Game Controllers
Control Panel saw the stick and let me calibrate and test it.
Everything worked fine. The frame rate in the game was fine, but I
had an odd problem with the graphics sort of “jumping” around. It was
sort of like a minor visual earthquake was constantly occurring,
displacing things just enough to be annoying. And making it very hard
to shoot an enemy plane down. Given enough debugging time, I think I
could resolve this issue.
- Motocross Madness 2: This highly unrealistic game was one of my
faves on the PC. It's older, sure, but it’s still a hoot to play. And
on my Core Duo mini at 1,280-by-1,024, it works amazingly well. I
connected my gamepad, which also worked as expected, and was very
impressed with how smoothly Motocross Madness ran. Frame rates were
very high, and the audio was perfect.
Overall, I was impressed with how well the mini handled games on the
built-in graphics chip. I intend to do more testing, especially once
I have the system RAM back up to 2GB. But machines like the MacBook
Pro and iMac, which have better graphics cards and faster CPUs,
should make even better gaming platforms.
[...]
Installing XP on an Intel Mac is no harder than installing it on a
new PC yourself—you might even say that it’s simpler.
Other related articles:
http://www.macworld.com/news/2006/04/05/bootcamp/index.php?
lsrc=mwweek-0410
1) what is a "rootkit"? ...from http://en.wikipedia.org/wiki/Rootkit
A rootkit is a set of software tools frequently used by a third party
(usually an intruder) after gaining access to a computer system.
These tools are intended to conceal running processes, files or
system data, which helps an intruder maintain access to a system
without the user's knowledge. Rootkits are known to exist for a
variety of operating systems such as Linux, Solaris and versions of
Microsoft Windows. A computer with a rootkit on it is called a rooted
computer.
The word "rootkit" came to public awareness in the 2005 Sony CD copy
protection controversy, in which Sony BMG music CDs placed a rootkit
on Microsoft Windows PCs.
2) why should I know about rootkits? while the incidents of exploits
by viruses, trojan horses, malware, and rootkits is low in the OS X
world, with the advent of Apple's BootCamp (http://www.apple.com/
macosx/bootcamp/) in addition to such "virtualization" software as
Parallels (http://www.parallels.com), more Macintosh users will also
be running Windows operating systems - the target of most exploits
these days. Without the proper due diligence (keeping updates
current, great caution with email attachments, etc.) any operating
system can be exploited.
[NOTE: simply put, "virtualization" in the computer world refers to
"the ability to run more than one operating system at a time". For
example, you could be simultaneously running OS X and it's available
applications, Windows XP and it's available applications, as well as
LINUX and it's available applications. For more information on
"virtuallization" please see http://en.wikipedia.org/wiki/
Virtualization.]
-------------------
Now, having given some background, forward to the DARPA related
article....
...from:
http://www.baselinemag.com/article2/0,1540,1952802,00.asp
Symantec's LiveState product combines with CoPilot and Gamma to
restore the system to its original state.
Government-Funded Startup Blasts Rootkits
By Ryan Naraine
A startup funded by the U.S. government's Defense Advanced Research
Projects Agency is ready to emerge from stealth mode with hardware-
and software-based technologies to fight the rapid spread of
malicious rootkits.
Komoku, of College Park, Md., plans to ship a beta of Gamma, a new
rootkit detection tool that builds on a prototype used by several
sensitive U.S. government departments to find operating system
abnormalities that may be linked to malicious rootkit activity.
A rootkit modifies the flow of the kernel to hide the presence of an
attack or compromise on a machine. It gives a hacker remote user
access to a compromised system while avoiding detection from anti-
virus scanners.
The company's prototype, called CoPilot, is a high-assurance PCI card
capable of monitoring the host's memory and file system at the
hardware level. It is specifically geared towards high-security
servers and computers.
Gamma, meanwhile, is a separate, software-only clone of CoPilot that
will target businesses interested in a low-assurance tool for
protecting laptops and personal computers.
Komoku launched quietly in 2004 with about $2.5 million in funding
and rootkit detection contracts from DARPA, the Department of
Homeland Security and the U.S. Navy.
The company has its roots at the University of Maryland, where
computer scientist William Arbaugh worked on what he calls a "unique
approach" to finding rootkits.
Microsoft says it is becoming impossible to recover from
sophisticated forms of malware. Click here to read more.
"Security technologies depend on the correctness of the system
they're actually checking," said Arbaugh, who now serves as president
of the five-employee outfit.
"If something changes the system at the operating system level, it
can't be reliably detected via the OS itself or through applications
running on the system," he said in an interview with eWEEK.
"We have this notion of what the operating system is supposed to look
like and we look for deviations [from] that. We aren't initially
looking for the rootkit; we look at the side effects of the infection."
Komoku has partnered with security vendor Symantec to handle
disinfection and restoration after rootkits and other sophisticated
forms of malware are detected.
Jamie Butler, a renowned rootkit researcher who works as Komoku's
chief technical officer, said Gamma will have limited clean-up
capabilities because it is software-based and susceptible to direct
attack, much like any application running on the operating system.
"Clean-up is a very difficult goal while maintaining a running
system. When you find a rootkit, you essentially have several
choices. The easiest choice is to halt the system. But, that means
that you'll lose any evidence that might be in memory. It also means
that the services provided by that system are made unavailable,"
Butler explained.
Another choice might be to eliminate the effects of the rootkit, but
this could be very difficult because of the complicated nature of an
operating system.
A third choice would be to allow the rootkit to remain active while
you attempt to discern its motives, Butler added, noting that both
Gamma and CoPilot will allow all three of these choices.
The plan is to have both the hardware and software versions collect
forensic data when a compromise is detected. Butler said products are
able to capture hidden malware in memory and send it back to a
central management station where the products are running in
enterprise mode.
--------------------------
...for more information on rootkits and efforts being undertaking for
their detection, please see:
http://www.phrack.org/phrack/63/
p63-0x08_Raising_The_Bar_For_Windows_Rootkit_Detection.txt
Today Apple announced a pubic-beta of a software package "Boot Camp"
which can facilitate the booting of MS-Windows XP on Apple's Intel
based computers.
See this link for details:
http://www.apple.com/macosx/bootcamp
Its a good thing they didn't release this software on their 30th
Anniversary (April 1st), nobody would have believed them.
Regards,
Doug
-------------
Doug Hamilton, BA, MA, APP
Senior Computer Consultant
Computers-on-Campus; Univ. of Manitoba
204-474-6196 (Ph.)
204-474-7556 (Fax)
http://www.umanitoba.ca/bookstore/
What is S.M.A.R.T.?
===============
...from:
http://pcmag.com/article2/0,1895,1879485,00.asp
By Bruno Sonnino
10.31.05
S.M.A.R.T. (Self-Monitoring Analysis and Reporting Technology) is a
technology, developed by major hard disk manufacturers, included in
most modern hard disks. This technology monitors and logs many events
while the disk is running. Analyzing the data allows us to know the
drive's reliability and predict its [possible] failure.
[...]
When we talk about failures, we must differentiate between two types:
predictable and non-predictable. Predictable failures are those that
don't happen suddenly, they can be caused by failure in the disk
mechanics or damaged disk surface. The problem gets worse, until the
disk crashes. Non-predictable are those failures caused by sudden
events, like a sudden power surge or an electronic failure.
S.M.A.R.T. can only help to detect predictable failures.
How does this help me?
=================
There are two ways of checking your ATA drive's S.M.A.R.T. status
(Note: S.M.A.R.T. is not currently available on fireware, USB, or
SCSI connections. For more information, see the SMARTReporter
documentation listed below.): use Apple's Disk Utility or use a
freeware utility called SMARTReporter.
If you launch Apple's Disk Utility it will automatically check the
S.M.A.R.T. information and report on it.
SMARTReporter is a freeware utility that will launch on log in and
periodically (every 60 minues by default) check your ATA drive's
S.M.A.R.T. information. SMARTReporter puts in icon into the menu bar:
green drive, OK; grey drive, S.M.A.R.T. info is non-deterministic of
drive status; red drive, S.M.A.R.T. status shows drive may fail
shortly - back up information and report problem to drive
manufacturer. SMARTReporter can also be configured to send an email
message to an address you specify indicating a problem may be about
to occur.
Regardless of which utility you use, if the S.M.A.R.T. information
indicates a possible failure, the drive's manufacturer should replace
any on warranty drives.
Apple's Disk Utility can be found on any OS X installation in the
Macintosh HD:Applications:Utility folder. The latest version of
SMARTReporter along with documentation and a FAQ list can be
downloaded from:
http://homepage.mac.com/julianmayer/
...from:
http://www.apple.com/sound/http://www.apple.com/pr/library/2006/mar/29ipod.html
Apple Provides Volume Limit Setting for iPod
Sound travels in waves, produced when an object — such as a stereo
speaker — pushes on the air around it, causing small changes in air
pressure. To describe sound waves, acoustic experts refer to concepts
such as frequency and amplitude.
[...]
Sound and Your Ears
You can hear because your ears convert the vibrations of a sound wave
in the air into signals that your brain interprets as sound. When the
vibrations of a sound wave enter your ear, your eardrum and a set of
tiny bones in your ear (the well-known hammer, anvil, and stirrup)
amplify those vibrations. In your inner ear, these amplified
vibrations move tiny hair cells that then convert the vibrations into
nerve impulses sent to your brain. Your brain then interprets these
nerve impulses as sound.
If you expose your ears to excessive sound pressure, you can harm
those small hair cells in your ears. And if harmed, those hair cells
can lose the ability to transmit sound to your brain. As a result,
you could experience noise-induced hearing loss. Symptoms can include
distorted or muffled sound or difficulty understanding speech.
While you can experience noise-induced hearing loss as a result of a
one-time exposure to an extremely loud sound — like a gunshot — noise-
induced hearing loss can also occur as a result of repeated exposure
to loud sounds over time.
CUPERTINO, California—March 29, 2006—Apple® today announced a
software update for the iPod® nano and fifth generation iPod,
allowing customers to easily set their own personal maximum volume
limit. The software update also gives parents the ability to set a
maximum volume limit on their child’s iPod and lock it with a
combination code.
“As the leading provider of digital music players, Apple continuously
brings iPod customers innovative and easy to use solutions,” said
Greg Joswiak, Apple’s vice president of Worldwide iPod Product
Marketing. “With the increased attention in this area, we want to
offer customers an easy to use option to set their own personal
volume limit.”
The new software update 1.1.1 is available immediately as a free
download for the iPod nano and the fifth generation iPod from
www.apple.com/ipod/download. The new Volume Limit feature works with
any headphone or accessory plugged into the iPod headphone jack as
well as the iPod Radio Remote. For further information on safe
listening with iPod, please visit www.apple.com/sound.
[...]
Press Contacts:
Tom Neumayr
Apple
(408) 974-1972
tneumayr(a)apple.com
Natalie Kerris
Apple
(408) 974-6877
nat(a)apple.com