Home description text

Thanks for visit. Download Share and Comment for more instant updates.

Thursday, 5 February 2015





SPAM & PHISHING


Cybercriminals have become quite savvy in their attempts to lure people in and get you to click on a link or open an attachment.



The email they send can look just like it comes from a financial institution, e-commerce site, government agency or any other service or business.

It often urges you to act quickly, because your account has been compromised, your order cannot be fulfilled or another matter.


If you are unsure whether an email request is legitimate, try to verify it with these steps: 



  • Contact the company directly. 
  • Contact the company using information provided on an account statement or back of a credit card. 
  • Search for the company online – but not with information provided in the email. 

Spam


Spam is the electronic equivalent of junk mail. The term refers to unsolicited, bulk – and often unwanted – email.


Here are ways to reduce spam: 

Enable filters on your email programs: Most ISPs (Internet Service Providers) and email providers offer spam filters. However, depending on the level you set, you may wind up blocking emails you want. It’s a good idea to occasionally check your junk folder to ensure the filters are working properly. 

Report spam: Most email clients offer ways to mark an email as spam or report instances of spam. Reporting spam will also help to prevent the messages from being directly delivered to your inbox.

Own your online presence: Consider hiding your email address from online profiles and social networking sites or only allowing certain people to view your personal information.

Phishing


Phishing attacks use email or malicious websites (clicking on a link) to collect personal and financial information or infect your machine with malware and viruses.

Spear Phishing


Spear phishing is highly specialized attacks against a specific target or small group of targets to collect information or gain access to systems.


For example, a cybercriminal may launch a spear phishing attack against a business to gain credentials to access a list of customers. From that attack, they may launch a phishing attack against the customers of the business. Since they have gained access to the network, the email they send may look even more authentic and because the recipient is already customer of the business, the email may more easily make it through filters and the recipient maybe more likely to open the email.


The cybercriminal can use even more devious social engineering efforts such as indicating there is an important technical update or new lower pricing to lure people.

Spam & Phishing on Social Networks


Spam, phishing and other scams aren’t limited to just email. They’re also prevalent on social networking sites. The same rules apply on social networks: When in doubt, throw it out. This rule applies to links in online ads, status updates, tweets and other posts.


Here are ways to report spam and phishing on social networks: 

Don’t reveal personal or financial information in an email, and do not respond to email solicitations for this information. This includes following links sent in email. 

Before sending sensitive information over the Internet, check the security of the website.
Pay attention to the website's URL. Malicious websites may look identical to a legitimate site, but the URL may use a variation in spelling or a different domain (e.g., .com versus .net). 

If you are unsure whether an email request is legitimate, try to verify it by contacting the company directly. Contact the company using information provided on an account statement, not information provided in an email. Information about known phishing attacks is available online from groups such as the Anti-Phishing Working Group. Report phishing to the Anti-Phishing Working Group (APWG)
Keep a clean machine. Having the latest operating system, software, web browsers, anti-virus protection and apps are the best defenses against viruses, malware, and other online threats.


What to Do if You Think You are a Victim? 

Report it to the appropriate people within the organization, including network administrators. They can be alert for any suspicious or unusual activity. 

If you believe your financial accounts may be compromised, contact your financial institution immediately and close the account(s). 

Watch for any unauthorized charges to your account. 

Consider reporting the attack to your local police department, and file a report with the Federal Trade Commission or the FBI's Internet Crime Complaint Center.


Additional Resources: 

Anti-Phishing Working Group
United States Computer Emergency Readiness Team (US-CERT)
On Guard Online




Protect Yourself with these STOP. THINK. CONNECT. Tips:

When in doubt, throw it out:
Links in email, tweets, posts, and online advertising are often the way cybercriminals compromise your computer. If it looks suspicious, even if you know the source, it’s best to delete or, if appropriate, mark it as junk email. 

Think before you act:
Be wary of communications that implores you to act immediately, offers something that sounds too good to be true, or asks for personal information

Secure your accounts:
Ask for protection beyond passwords. Many account providers now offer additional ways for you verify who you are before you conduct business on that site. 

Make passwords long and strong:

Combine capital and lowercase letters with numbers and symbols to create a more secure password. 

Unique account, unique password:

Separate passwords for every account helps to thwart cybercriminals




FACEBOOK PRIVACY SETTINGS: OWN YOUR ONLINE PRESENCE
By: Binyamin Mughal




A lot has been written in the last couple of days about the Consumer Reports study on Facebook (Facebook is an NCSA Board Member company) users use of privacy settings. According to the report 13 million of Facebook’s 150 million U.S. users don’t use or aren’t aware of Facebook’s privacy settings and some people also engage in other risky behavior, such as posting about their current location, which could provide information to others, say a burglar, that might want to do them harm. And 28 percent shared all, or almost all, of their wall posts with an audience wider than just their friends.




As part of NCSA’s STOP. THINK. CONNECT. campaign (co-led by the APWG), we have simple advice for those using social networks and sharing information on the web.




Own your online presence: When available, set the privacy and security settings on websites to your comfort level for information sharing. It’s ok to limit who you share information with.

Responsible use of the Internet involves personal responsibility. Computer users hold much of the power over what they share. The power is not just what they share about themselves but also vigilance about sharing information about family and friends. The 28% of you out there who are sharing far and wide might want to give that some thought.




In the digital age, we cannot expect any web service, software or hardware to be able to protect us without our active engagement. When we drive our cars, the only default setting is that you need are a key and most likely for your car to be in park before you can start the engine. Adjusting the seat and mirrors, fastening the seat belt and having proper tire pressure are all in the driver’s hands to be double-checked before pulling into traffic.




At NCSA, we also conduct surveys about the kinds of risky behaviors or other security vulnerabilities. So we take a slightly different look at Consumer Reports numbers. We actually read them in reverse and see that more 90% of users use or are aware of Facebook’s privacy settings. This is actually a much higher of adoption of security practices then we see in other areas, such as the 77% of small businesses that don’t have formal Internet security policies for their employees.




We should of course try and close all security and safety gaps. So we encourage all Facebook users, especially the 10% who haven’t, to regularly double check security and privacy settings to be sure they are comfortable with the level they are sharing and to STOP. THINK. CONNECT. before they share any information about themselves and others.




Binyamin Mughal






TOP 10 WAYS TO PROTECT YOUR PERSONAL INFORMATION ONLINE




By: Binyamin Mughal



There are many resources on the Internet, lots of ways to connect with friends and social contacts, and every day there seems to be something new online to explore. Unfortunately, the criminals have also discovered the value of the online world. They directly target those who do not take a few very simple steps to protect their privacy. Here are 10 ways to safeguard your information from the most common threats and vulnerabilities that put you, your family and your office at risk:



Your Computer


1. Keep up-to-date your operating system, any programs you have installed and, most importantly, your antivirus software. Turn on the auto‐update feature, and let your computer update itself automatically. Be sure to reboot if it asks you to.


2. Uninstall any software you do not use. Outdated programs often have security problems, and if you are not going to use an application anymore, why not free up the space on your hard drive while at the same time making your computer more secure?


3. Make sure your screen‐saver requires a password to reactivate. Too often (particularly in shared environments with roommates or officemates) a creative friend might send embarrassing emails from your computer or accidentally download malicious software.


4. If you have a laptop, be sure the built‐in disk encryption feature is running. This will protect your laptop if it is lost or stolen. Also, invest in a cable lock so that your laptop is physically secured while you are on a break or temporarily away from the computer. Laptops can be stolen in just a few seconds.



Your Websites


5. Be careful with what you post on social networking sites about yourself, your friends, family and colleagues and your job. Remember: Once on the Internet, always on the Internet, especially photographs.


6. Use website passwords that are complex but easy for you to remember. If possible, use a “passphrase” rather than a “password.” Data thieves know what the commonly used passwords are, so stay away from easy ones like “123456” or “Password1.” In addition, use different user IDs and passwords for different websites. That way if the bad guys compromise a password for one website, your other accounts will not be not compromised as well.


7. Pay close attention to where you are online. Many phishing sites appear to be legitimate, but if you look closely at the address bar you will see that you are not really at your bank or site that you thought you were going to. Think twice before entering any personal information at a new website. Does this company really need to know the things it is asking for?




Your Information


8. Be careful with peer‐to‐peer or file‐sharing programs. They should never be used on office computers, and if you have them at home, pay close attention to which parts of your hard drive are sharing with others. Under no circumstances should you put work information on your personal computer, especially if you use P2P software at home to share files with your friends.


9. When you “reply to all” in emails, check each of the email addresses to make sure you know where your email is going. Also, BE VERY CAREFUL if you reply to a posting from a listserver or online group. Your reply may go to the entire group rather than just the person you thought you were responding to.


10. Know whom to call or contact if you think you have become a victim of online crime. Events happen fast online, and you often do not have much time to call for help before it is too late. In addition, keep a backup copy of all personal information (passwords, credit card numbers, bank account information, emergency phone numbers, etc.) on a physical piece of paper that is locked in a fireproof container.



About the Author


Mr. Binyamin Mughal is a student of Mass Communication Studies and a core Journalist of the emerging IT age. He is expert in weblogs as well as online journalism.

Wednesday, 14 January 2015




Monday, 12 January 2015




Dr. Ahsan Akhtar Naz
MSc (Mor) 2014-16

Download below!


Saturday, 8 November 2014



How to Create a Custom Hotkey for Your Favorite Application or Folder

Hotkeys are keyboard shortcuts that save time and effort. A number of them are built into Windows as well as into various applications and they are the subject of many of the tips in this section. Windows also has a feature that makes it possible to assign your own custom hotkeys to an application, folder, or file so that it can be opened with a minimum of effort.
There are two ways for designating a hotkey in Windows. One uses a combination of two of the so-called modifier keys Ctrl, Alt, and Shift together with one other key. The other method uses a single key, one of function keys F1 to F12 or a key from the numeric pad. This second method uses keys that often have other functions and must be assigned with care to avoid conflicts.
The usual way to set up a hotkey is with the default combination “Ctrl + Alt + (key)” where (key) is another of the standard keyboard keys. Certain keys such as Esc, Ins, Del, Enter, Tab, Spacebar, PrtScn, Shift, or Backspace keys are not allowed as the third key but punctuation keys, arrow keys, Home, Page Down and others are allowed as well as the usual letters and numbers.
The Ctrl + Alt combination is automatically applied by Windows in the method given here but other combinations using two of the three modifier keys Ctrl, Alt, and Shift are also possible.
There is a small catch. Windows does not apply hotkeys to a file or folder directly but only works with a shortcut file for the desired target. For applications that are listed in All Programs, a shortcut file already exists. For other files or folders, a shortcut file for the object in question will have to be created if one does not already exist. The shortcut file must be placed in either the All Programs list or on the Desktop or a folder on the Desktop.
How to assign a hotkey to an application
  1. Open the Start menu
  2. Find the application in the All Programs menu
  3. Right-click the desired program file and choose “Properties”
  4. In the Properties dialog, find the text box labeled “Shortcut key”
  5. Click in the text box and enter a key that you wish to use in your hotkey. Windows will automatically place “Ctrl + Alt +” in front. If you choose a function key or a numeric keypad key, only that key will be used and “Ctrl + Alt +” will not be added.
  6. Click "OK"
How to assign a hotkey to a folder or file not in the All Programs menu
  1. Create a shortcut file by right-click dragging the desired target file or folder to the Desktop (or to a folder on the Desktop) and choose “Create shortcuts here” from the right-click menu. (You can also use “Send to” but that will be covered in an upcoming tip.) You must create the shortcut exactly where you intend to keep it. If you create the shortcut one place and then move it, the hotkey won't work, 
  2. Right-click the new shortcut file and choose “Properties”
  3. Carry out steps 4-6 given above.
Scope of tip
I have used this tip on Windows XP, Vista, and 7. A comment below indicates that it also works in Windows 2000.



How Windows 64-bit Supports 32-bit Applications

Introduction
This article provides an overview of the Windows on Windows 64 (WOW64) sub-system and associated techniques that support 32-bit applications under Windows 64-bit.
 
Discussion

Windows 32-bit on Windows 64 (WOW64)

WOW64 emulates 32-bit Windows

Under Windows 64-bit, 32-bit applications run on top of an emulation of a 32-bit operating system that is called Windows 32-bit on Windows 64-bit, or WOW64 for short.  WOW64 intercepts all operating system calls made by a 32-bit application.
For each operating system call made, WOW64 generates native 64-bit system calls, converting 32-bit data structures into 64-bit aligned structures. The appropriate native 64-bit system call is passed to the operating system kernel, and any output data from the 64-bit system call is converted into a format appropriate for the calling application before being passed back.
Like 32-bit applications, WOW64 runs in user mode so any errors that occur in translating an operating system call will only occur at that level. The 64-bit operating system kernel cannot be affected.
Since WOW64 runs in user mode, all 32-bit application code must also run in user mode. This explains why 32-bit kernel mode device drivers and applications that rely on them, will not work under Windows 64-bit.
The WOW64 emulator consists of the following DLLs, the only 64-bit DLLS that can be loaded into a 32-bit process:
Wow64.dll – the core emulation infrastructure and the links to the Ntoskrnl.exe entry-point functions.
Wow64Win.dll – the links to the Win32k.sys entry-point functions.
Wow64Cpu.dll – switches the processor from 32-bit to 64-bit mode.
Ntdll.dll – 64-bit version.
Wow64.dll loads the 32-bit version (x86) of Ntdll.dll and all necessary 32-bit DLLs which are mostly unmodified 32-bit binaries..However, some of these DLLs have been modified to behave differently on WOW64 than they do on 32-bit Windows. This is usually because they share memory with 64-bit system components.

WOW64 manages file and registry settings

In addition to handling operating system calls, the WOW64 interface needs to ensure that files and registry settings for 32-bit applications are kept apart from those for 64-bit applications. To achieve this two mechanisms are used, File and Registry Redirection and Key Reflection. Redirection maintains logical views of the data as if it were in 32-bit Windows and maps it to the correct physical location. Reflection ensures that 32-bit and 64-bit settings will be consistent where that is required.

File Redirection

File redirection ensures that there are separate folders for program and operating system files for 32- and 64-bit applications.
32-bit applications files are installed into
C:\Program Files(x86)

32-bit system files are installed into
C:\WINDOWS\SysWOW64

For 64-bit applications, files are installed to:
C:\Program Files
C:\WINDOWS\SYSTEM32

The WOW64 file redirector ensures that requests from 32-bit applications to open files in C:\Program Files or C:\WINDOWS\SYSTEM32 are redirected to the appropriate 32-bit directories.
There is one issue with file redirection that users and developers should be aware of.
Many 64 bit applications still use 32 bit installation routines. To ensure that an application is installed correctly, i.e. to C:\Program Files, the installation routine should make an operating system call to temporarily suspend the WOW64 file redirector. After installation another operating system call needs to be made to re-enable the redirector. If this approach is not followed then the application will be installed to C:\Program Files (x86). A classic example of this is the 64 bit development version of Firefox 3.5, codenamed Shiretoko, which is installed to C:\Program Files(x86)\Shiretoko. Firefox still functions correctly, the only thing you can't do is change the icon for the application.

Registry Redirection

Registry keys specific to 32-bit applications are redirected from:
HKEY_LOCAL_MACHINE\Software

to:
HKEY_LOCAL_MACHINE\Software\WOW6432Node

You may also occasionally see Registry entries elsewhere although this is unusual
HKEY_CURRENT_USER\Software\WOW6432Node

This approach allows both the 32-bit and 64-bit versions of an application to be installed side-by-side without overwriting each other’s settings.

Registry reflection

Some redirected keys and/or values are also reflected. This means that if a 32-bit application makes a change to the redirected section of the registry, that change is also made to the 64 bit part of the registry, and vice-versa. Key reflection uses a policy of last writer wins. For example, if I install three applications with the same file extension then the last one to be installed will be associated with that extension.
  1. Install a 32-bit application that associates itself with the file extension XYZ.
  2. Install the 64-bit version of this application that associates itself with the file extension XYZ.
  3. Install another 32-bit application that associates itself with the file extension XYZ.
Double-clicking on a file with the extension XYZ in Explorer would load the application installed in step 3, as it was the last one to associate itself with this extension.
All of this is done transparently for 32-bit applications by WOW64, which, in intercepting calls to the operating system, detects references to file paths and registry keys and maps them accordingly.

WOW64 has several limitations

Some but not all 64-bit features are available to 32-bit applications
WOW64 provides 32-bit applications with access to some features of 64-bit systems. For example, applications can have more memory up to 4GB with the correct setting.. Other features are more limited due to overheads and restrictions. For example, 64-bit Windows will support logical 64 processors but 32-bit applications are restricted to the usual 32 logical processors.
Code Injection cannot mix between 32-bit and 64-bit
Under 64-bit Windows it is not possible to inject 32-bit code into a 64-bit process, nor is it possible to inject 64-bit code into a 32-bit process. Applications that rely on code injection to add functionality to existing applications will usually not work.
This explains why most 32-bit shell extensions do not work under Windows 64-bit. The majority of shell extensions rely on code injection to add themselves to Windows Explorer.

WOW64 does not support 16-bit installers

WOW64 provides support for Microsoft's 16-bit installer - by substituting a compatible 32-bit installer - but does not extend this support to third-party products.

Further options for running 32-bit applications with Windows 64-bit

Windows Virtual PC

Windows Virtual PC is free software that provides an environment that will support legacy hardware and software that will not work under Windows 7. Guest operating systems (OS) can run in a virtual machine which means they are not aware that they are running under another operating system.
The system requirements and features vary significantly between versions of Virtual PC and versions of Windows so check before you try Virtual PC. The latest version is, perhaps, the most limited with no support for operating systems before the current supported version of Windows XP which is Service Pack 3.

Windows XP Mode (XPM)

Windows XP Mode  is a specific implementation of Windows Virtual PC that comes with a pre-installed, licensed copy of Windows XP Professional with Service Pack 3. It is only available with the Enterprise, Ultimate and Professional editions of Windows 7 64-bit so you are expected to upgrade to these versions if you want it.
Many who have used XPM advise that it should be used as a last resort. It will provide legacy support if you have no other options but, compared to other virtualization products, performance is disappointing and the default configuration raises a number of security issues.

Dual boot Windows

You can install more than one version of Windows on the same computer by dual booting.For the purposes of this article, you would install a 32-bit version and a 64-bit version alongside each other. Each operating system is installed into its own disk partition and a boot manager is installed on the default partition to ensure that you can choose which operating system you want to use at startup.
Although you cannot use both operating systems at the same time it is a useful option because the entire computer is dedicated to the running operating system. Compared with virtual machines, there are no issues of compatibility and much less complexity in both installation and operation. You can also retain the ability to run 16-bit applications under the 32-bit version of Windows.
Summary
Most 32 bit applications will run quite happily under Windows 64. The main exceptions are:
  1. 32-bit device drivers.
  2. Applications that cannot function without the 32-bit device drivers that they use. Prime examples are antivirus, antimalware and firewall applications.
  3. Application extensions that rely on code injection into, for example, Explorer.
Some applications may work with reduced functionality. These include uninstallers, registry cleaners and tweaking programs, amongst others, since they only have access to that part of the Registry made visible to them by WOW64.
If you cannot run your 32-bit applications then consider virtualization or dual-booting with the old and new operating systems both installed.

Which runs faster 32-bit or 64-bit applications?

This question is asked a lot and there is no general rule because it depends on the application and which CPU features they use.
If we compared 32-bit and 64-bit applications in their native environments then 32-bit application usually use less memory than the equivalent 64-bit application because 64-bit versions use 64-bit values so they take up twice the space. The extra size affects the application startup and shutdown times and other activities that involve accessing the disk drives. Usually this means that the 32-bit application will run faster but 64-bit applications can access new and faster features in the 64-bit CPUs potentially giving improvements of up to 25% in processing speed.
Once both 32-bit and 64-bit versions of a program are running on 64-bit Windows you have to ignore any performance on a 32-bit CPU. The 32-bit application now requires WOW64 to run so that should be included in any performance comparison. This means you need to include all the duplicated resources used to map the 32-bit application to the 64-bit environment it runs under. Duplicated resources are used for memory mapping and redirection of files locations and registry entries. The result is that the 32-bit application uses more memory and runs slower than on an equivalent 32-bit CPU but it may still be faster than the 64-bit application.
 
Related Links
 
Editor
This software category is maintained by volunteer editor Remah.
 "I have used TechSupportAlert and the older Support Alert Newsletter for almost a decade so I have saved hundreds of hours of work and many more dollars by following Gizmo's Freeware recommendations. Thanks for the opportunity to give something back." 
If you have had a similar experience then you should consider becoming a reviewer too.
Tags
Windows on Windows 64, WOW64, 32 Applications under 64 bit Windows, 64 bit Windows Vista, 64 bit Windows 7, Windows Virtual PC, virtualization, dual boot, Securable