What Is the Security Intelligence Report?

With a collection of data from Internet services and over 600 million computers worldwide, the Security Intelligence Report (SIR) exposes the threat landscape of exploits, vulnerabilities, and malware. Awareness of threats is a preventive step to help you protect your organization, software, and people.

Worldwide Threat Assessment is an analysis of the global impact while Regional Threat
Assessment provides detailed telemetry by location. Protection methods appear in Managing Risk. SIR volume 11 provides data from January to June 2011 and features the ZeroDay article.

Link: 

http://www.microsoft.com/security/sir/default.aspx

Connect To VPN Before Logging In To Windows

In this post, we’ll look at two scenarios that involve establishing a VPN connection before logging in to Windows. In the first case, we need to authenticate to a domain to login. In the second case, the connection needs to be established automatically without a user.

NOTE: This article pertains to the built-in VPN client in Windows. There is however some discussion of Cisco clients in the comments below.

Scenario 1: Authenticating to A Domain At Login

Windows XP

At the Log On to Windows dialogue box, fill in the User name and Password fields.  Select your domain from the Log on to drop down. Then check the Log on using dial-up connection checkbox. (Click Options >> to reveal the Log on to drop down and dial-up checkbox if they are hidden.) Click OK.

The Network Connections dialog box will appear. Select your VPN connection from the drop down. Click Connect. The standard VPN Connect box will appear. Connect as normal. Once the VPN connection is established, the original Log On to Windows user name and password will be applied and you’ll be logged in.

Note: In the process above, you may receive a dialogue box asking for area code and other dialing options. Just humor Windows and fill it out. It won’t matter.

IMPORTANT: The “Anyone who uses this computer” radio button must have been checked when the VPN connection was created. Otherwise the VPN will not be present in the  Network Connectionsdrop down. If this is the case, just log on as a local administrator and recreate the connection.

Windows 7

At the login screen, click the Switch User button. A Network logon button will appear in the lower right corner next to the power button. Click this button and you will be presented with buttons for available network connections. Click on the button for your VPN. Enter your Username and Password, and click the arrow button (or press Enter).

IMPORTANT: The “Allow other people to use this connection” checkbox must have been checked when the VPN connection was created. Otherwise the VPN will not be present among the available network connections. If this is the case, just log on as a local administrator and recreate the connection.

Scenario 2: VPN Connection Without User Interaction

Credit where credit is due: The process in this scenario 2 section is drawn from this blog entry, which I stumbled upon early in my research of this topic.

Windows XP

What we’re going to do is install a system service that is started at boot and calls a batch file. The batch file will invoke a command that will start the VPN.

You will need three files available from Windows Server 2003 Resource Kit Tools. At the time of this writing, the download is available from Microsoft here. Run the executable to unpack and install the tools. Note the directory where the installer puts the tools.

1. Put the commandrasdial connection-name username password into a batch file and name itautoexnt.bat.

• Connection-name is the name you gave the VPN connection when you created it.
• The “Anyone who uses this computer” radio button must have been checked when the VPN connection was created.
• Documentation on the rasdial command can be found here.

2. In the directory created by the Resource Kit Tools installer, locate autoexnt.exe, instexnt.exe, andservmess.dll. Move those files and autoexnt.bat to %SystemRoot%\System32\.

3. From a command prompt, run instexnt.exe install to install the service.

• Documentation on the AutoExNT service can be found here.

You’re done. Next time the machine boots, it will automatically establish the given VPN connection.

Windows 7 (64-bit)

Follow the process outlined above, but in step 2, transfer the files to %SystemRoot%\SysWOW64\.

• The files must be transferred to this directory because they are 32-bit. 32-bit executables go in the SysWOW64 directory, and 64-bit executables go in the System32 directory. A discussion of why it works like that can be found here.

Windows 7 (32-bit) and Vista (32 & 64-bit)

I have not tested this on Windows 7 32-bit or on any version of Vista, though I imagine it would work just the same.

Drag and Drop Not Working in Windows 7

Applies To: Windows | Windows 7 | Performance and Maintenance

Scenario:-

I have a new problem that has cropped up just in the last week or two. I can no longer drag and drop my files and folders in Windows Explorer. I have Windows 7 on a HP Notebook. It came installed on the computer last December when I bought it (09). I've never had an issue with it since then, and I'm not sure how to find the settings to enable drag and drop or re-enable it. I know I've done it before on this machine, many times- and just noticed it first in  Thunderbird, (my email desktop application) then in explorer. I did recently install the SP1 (spelling??) a few weeks ago, and have installed a few other odds and ends programs, but I'm pretty sure drag and drop was working okay until a few days ago. 

Any help would be appreciated. As a genealogy writer, that's a must have feature. 

Most Helpful Reply in this webpage: http://answers.microsoft.com/en-us/windows/forum/windows_7-performance/drag-and-drop-not-working-in-windows-7/f6dcfa11-8c51-e011-8dfc-68b599b31bf5

In Windows Explorer, click a file with the left mouse button and keep the button held down. Then press the Escape key. Drag and drop is miraculously re-enabled.


I got this from http://it.thelibrarie.com/weblog/2010/06/drag-and-drop-stops-working/

Windows Tips and Tricks: Master the Taskbar and Start menu

The taskbar and Start menu are so much more than simple program launchers. Help them help you work more efficiently in Windows 7.

In Windows 7, the Start menu and the taskbar have become both easier to use and more sophisticated. However, they also offer a slew of additional capabilities and customization options that aren’t obvious when you first look at them. I’ll first walk through the plethora of options for each, and then dive into how to use them more effectively.

The Start Menu

The Start menu, at its most basic.The Start menu is so named because that’s where you go to start applications, restart or shut down Windows, and perform other basic application management chores. When you start up a new system, or perform a clean install of Windows, this is the Start menu you see.

Lots of people happily use the Start menu in this state, which is very XP-like. Unlike XP, though, the applications are sorted alphabetically. This tends to give recent XP converts heartburn, but you can change this behavior when you customize the Start menu. My personal preference is alphabetical sort, which you could do in XP by context clicking on the All Programs section and sorting.

I’ve customized my Start menu to work more effectively for me.At right is my Start menu, as I use it.

The first thing you’ll notice is the size--more programs are visible on the basic Start menu, without having to go to the dreaded "All Programs" section. Also notice that Downloads, Games, and Computer are pop-out menus. I use those particular folders frequently, so I find that using them as pop-outs on the Start menu is preferable to launching the actual Window, then clicking something else.

Now let's customize the Start menu. If you context-click (right-click) on the Start menu button, one of the two options is Properties. Click on that option, and the following window appears. (The other option merely opens Windows Explorer.)

Customization begins here for both Start menu and the Taskbar.You'll see a pair of settings here that you should enable: (1) Store and display recently opened programs in the Start menu, and (2) Store and display recently opened items in the Start menu and taskbar. These are put under "Privacy" because you may not want them enabled for a shared system, but for most users, turning these options on (if they're not already on by default) is a no-brainer.

Now click the Customize button.

You’ll see a fixed-size window (you can’t make it bigger), with a lot of different options. Here’s a summary of the changes I made to my own Start menu. I’m only going to list those changes, not what I kept at default settings.

• Number of recent programs / recent items to display (under "Start menu size"). The default is 10; I set it to 20, since I have a large display. If you’re running on a relatively low-resolution monitor (like a laptop), you may want to keep the number at 10.
• Computer. I enabled "Display as a menu." The various drives and top folders appear on a fly-out menu. Saves a click.
• Downloads. The default is "Don’t display," but I like it as a link, which lets me get to the Downloads folder with one click.
• Games. I display this in the Start menu as a fly-out menu. That’s a much quicker way to launch games that are in the Windows games folder.
• Network. I don’t often access this folder, but when I do, I want to get to it quickly, so enabling it as a link is fine.
• Recent Items. I turned this on, but it's one of those items you may want leave disabled on a shared system. On the other hand, it’s very handy to have quick access to recent files, without needing to find the Jump List for the individual application that may be associated with the files.
• Run command. This avoids having to type "Run" in the search box.
• System administrative tools. By default, this display option is turned off. I like having access to system management tools. It has some useful stuff that’s hard to find, so enabling this tools display is often helpful when you need to troubleshoot a problem.

Note that I leave "Sort All Programs menu by name" enabled (that’s the default.) If you uncheck it, the Start menu will sort programs by most recently installed. (If you change it after you’ve installed a bunch of apps, it will remain sorted alphabetically for a time, until you install more apps.) What you won’t get is the old Windows XP behavior, where you could manually reorder the icons in the Start menu. Some users may not like this.

The policy editor lets you change many Windows settings, including the Start menu and Taskbar.If you’re so inclined, you can change many more settings by running the Windows 7 Group Policy Editor, but be cautious when using the policy editor.

Start Menu Shortcuts and Tips

Now that you’ve customized the Start menu to your preferences, it’s time to look at some additional shortcuts and tips on using the Start menu.

If you have a lot of programs installed, consider using the keyboard instead of hunting for them in the All Programs window. All you have to do is hold down the Windows logo key and the R key at the same time. This brings up the run box. If you type the name of the program, it will run. However, this assumes you know the exact name of the application. For example, if you want to run Word, you have to type "winword.exe". What, you didn’t know the actual Word program name is winword.exe?

This is what I see when I type the letters “wor” in the Start menu search bar.If you know part of the name, but not the whole name, use the Start menu search function. Press the Windows logo key and just start typing "wor". If you wait just a moment for the search function to do its job, you’ll see quite a list.

Here, your version of Word appears as the top choice. But a variety of other apps, shortcuts, and document names have popped up as well, so you can click on whichever of those you want. On the other hand, when I hit the Enter key after typing "wor" (minus the quote marks, of course), then the top item in the list is opened--in this case, Microsoft Word. Simple and efficient.

Note that you will have to type more characters than you think you need on occasion. If you type "ex," then hit enter you’ll likely run Internet Explorer. If your intent was to run Excel, you’ll need to type "exc" at a minimum.

Now it’s time to move on to the Windows taskbar.

Customizing the Windows Taskbar

The Windows Taskbar has evolved from being a simple indicator of open applications to a much more active user interface entity in its own right. The key features of the taskbar, as you probably have discovered, are Jump Lists and Aero Peek. However, before examining taskbar features, it’s worth spending some time customizing the taskbar. Like the Start menu, the taskbar can be configured to behave more to your liking.

My taskbar on a light day.First, let’s take a look at my taskbar (click on the mini-image for a full-size view). This is actually relatively uncluttered for me--I often have many more windows and apps open.

Taskbar Property Sheet is where you begin your journey in customizing the taskbar.Right-click on any empty space in the taskbar and click Properties. The taskbar and Start menu properties sheet will pop up, with the taskbar tab active.

This is the default setting--taskbar locked, at the bottom of the window and Aero Peek enabled. I strongly suggest you leave Aero Peek turned on--it’s one of the most useful features of the Windows 7 taskbar. When it comes to the way you view icons, applications and files in the taskbar, though, it's mostly up to your personal preference.

The default is to have just unlabeled icons. If you run more than one instance, or have multiple documents open in a particular app, you’ll see a layered icon. You will never see more than three layers, though. So you won’t know if you’ve got more than three docs open or three instances of a particular app running. You also won’t know the names of the documents without hovering over the icons.

If this bugs you, you can change the taskbar buttons to Combine when taskbar is full in the Taskbar button pulldown. Windows will combine certain sets of objects when the taskbar fills up. Note that what's visible in the taskbar may vary, depending on what types of documents or folders you open, and the number of each type.

If you choose never combine, what’s visible in the taskbar becomes smaller and smaller, until they’re very small icons.

Other options on the primary properties page include "Lock the taskbar" (default is the bottom of the screen), "Auto-hide the taskbar" (useful on laptops or other screens relatively light on pixel real estate) and "Use small icons" (also useful on smaller screens.)

If you click on Customize, you’ll get a screen that allows you to alter the behavior of taskbar and notification icons. The notification area (the tiny up arrow on the right side of the taskbar) is where all the old tray apps that load on startup live now. You can, if you want, enable them all to be visible in the tray, so you can have that really cluttered, Windows XP look. I tend to have most of them set to notification only.

Taskbar tips and tricks

Pinning: Pinning a program to the taskbar is easy--just drag the icon to the taskbar. Note that you can’t pin a folder to the taskbar--but then, you never could. In the olden days, you could pin a folder to the Quick Launch bar, which wasn’t the same thing as the taskbar. If you really, really want to pin folders to the taskbar, you can find hacks out in the wild. One way is documented on Sevenforums. But I’ve found Jump Lists to be much more useful.

The magic of middle-click: The middle button on your mouse has two key functions when using the taskbar. Middle-clicking on a taskbar icon will launch a new instance of an application. This is very handy in apps like Excel, which will default to one instance with multiple pages when you open a second or subsequent Excel document. Of course, some apps, like Skype, won’t let you open a second instance, but I often use this for Excel, or to simply open a new instance of another app.

Middle-clicking has another function, too. If you hover over an icon, and multiple document pages are shown, middle-clicking on one of them will close that document. I often use this to close excess open file folders.

Keyboard magic: Keyboard shortcuts are a big productivity booster for some users. While I find myself not using them much these days, other people love them. Paul Thurrott’s Windows site has acomprehensive list of taskbar keyboard shortcuts.

Context-clicking magic: Remember the right mouse button! Right-clicking on the taskbar opens up a host of interesting options. You can activate a number of different toolbars, including some that are added by applications. The Zune toolbar, for example, puts a miniature control app on the taskbar when you’re running the Zune app. You can also start the Task Manager, making it easier to access than the old control-alt-delete three-fingered salute. You can close all the windows, which is the same as clicking the tiny box at the extreme right of the taskbar, but slightly easier for me to access. And you can alter window behavior (cascading, side-by-side, and so on). Finally, you can unlock the taskbar, which allows you to make it bigger, or move it somewhere else, if you prefer.

The Windows 7 Start menu and taskbar are powerful user interface tools that allow you to efficiently access applications and offer a host of nifty features and shortcuts. Spend a little time customizing and learning the ins and outs of both, and you'll become a more efficient and productive Windows user.

Samsung Windows 8 Tablets Surface on eBay

If you're dying to get your hands on a Windows 8 tablet, right now for $2,000 or more on eBay you can pick up several Samsung Series 7 700T tablets running Windows 8. The one-panel slate was handed out for free to all 5,000 developers who attended Microsoft's recent BUILD conference.

Now, at least four enterprising conference attendees are looking to profit off Microsoft's largesse. With all the excitement around Windows 8 right now, these tablets are likely to be popular items. In fact, one was sold while this article was being written.

Nevertheless, you still have time to check these tablets out if you're interested. At the time of this writing, only one of the four Windows 8 tablets included a "Buy It Now" option (for the ridiculous price of $3,500). The others were all being auctioned to the highest bidder, with minimum bids ranging from $2,000 to $2,300 depending on the seller.

The Samsung tablets were first discovered on eBay by WinRumors.

So what do you get for a minimum of $2,000? Well, for starters you'll get a piece of hardware that is similar to what is scheduled to hit store shelves October 2 -- albeit running Windows 7. On top of that, the base 700T running Windows 7 will retail for a suggested $1,100, nearly half what you'd pay on eBay.

So why not just wait a few weeks, buy the Windows 7 tablet and download and install the Windows 8 developer preview for free directly from Microsoft?

Well, it's not clear how much tweaking Samsung and Microsoft did to get Windows 8 running on Samsung's reference model, so perhaps it's worth it to overpay for this version of Samsung's Windows tablet.

But trying to find a bargain on this device is hardly the point. It's the first tablet you'll find that comes preloaded with Windows 8. And, as any technology geek knows, it's always fun to be the first on your block with a flashy new toy.

Image courtesy of eBay

The device

The Samsung Windows 8 tablets for sale on eBay feature an 11.6-inch display with 1366-by-768 resolution, 1.6 GHz Intel Core i5-2467M Sandy Bridge processor, 4GB RAM, 64GB hard drive, USB port, microSD, and HDMI port. The Windows 8 tablets on eBay also come with a Bluetooth keyboard, a dock that includes USB, HDMI and Ethernet ports, and a touch pen. Most sellers, but not all, are offering the free 12 month, 2GB-per-month AT&T data plan that came with the device.

What to expect

Assuming you're lucky enough to get your hands on Samsung's Windows 8 tablet, you'll have a lot to look forward to, but there are also some serious downsides, according to PCWorld's hands-on look at the Windows 8 700T.

You can expect image and text rendering to be better than the iPad and Android tablets such as the Galaxy Tab 10.1. You also get to use Microsoft's intuitive and responsive Metro-style interface, inspired by Windows Phone 7.

But the 700T is much heavier than other tablets, weighing in at about 2 pounds, compared to the 1.35-pound 3G iPad. You can also expect a lot of noise from the device's fan as it tries to cool down what is essentially a PC slapped into a one-panel slate form factor. And you need to keep the charger nearby as current battery life for the device is around 2.5 to 3 hours.

The good news, however, is that Microsoft plans to continually update Windows 8 during the developer preview phase, so battery life and other performance issues may change in the coming weeks.

Samsung's 700T running Windows 8 sounds like an interesting device to own, but is it worth the $2,000 right now? Probably not, but it's fun to check it out anyway.

If you want to give Windows 8 a try right now but can't stomach the Samsung tablet's price, you candownload the Windows 8 developer preview from Microsoft for free.

Facebook Revamps News Feed, Annoying Users

Facebook's F8 Developer Conference just days away but the social network has already debuted a new "smarter" News Feed.

For a couple of years now, Facebook has had a two-tabbed News Feed, one with "Top Stories," or updates Facebook thought you'd be interested in (based on your browsing history), while the other tab had the "Most Recent" updates. Facebook has apparently decided to get rid of this two-tabbed interface and integrate users' Top Stories and Most Recent Stories in one big, smart, News Feed.

Now when you log in to Facebook, you'll see a smart News Feed with all of your updates -- both the "important" and recent ones -- in one place. Facebook will still try to determine which stories will most interest you, and will highlight these "top stories" with a pale blue corner.

Facebook says that the top stories will depend on how long it's been since you've logged into Facebook. In other words, if you haven't visited the site in awhile, your top stories may not be extremely recent (rather, Facebook will try to give you an overview of the important stuff that happened when you were gone). But if you just logged in five minutes ago, your top stories will probably all have happened within the last five minutes.

According to Facebook's Updates to News Feed FAQ page, top stories are determined based on a number of factors. These factors include your relationship to the person posting the update, how many comments and likes the update receives, and what type of update it is. You can still hide updates if you think they're boring or spammy (even if they are from your best friend) by hovering over them and clicking the drop-down menu. This menu gives you the option of hiding the story, hiding all posts by that person, and reporting the story as (real) spam.

Facebook's new News Feed has only been live for a few hours, but people are already voicing their annoyance on PCWorld's Facebook page.

"I don't like this update because now it's a bit more confusing to find recent updates," says PCWorld reader Devon Tourond. "I do like the new update they added to the top of the page, now I can scroll through the page and the header follows me."

"FB should have a simple toggle function between 'recent stories' and 'top stories,' " says PCWorld reader Anthony Nozzi. "Better yet, they should enable a user to prioritize their news feeds by assigning a ranking score to each particular page that provides the news feeds. That way, a user can control which pages get the highest priority in providing news feeds."

Facebook's also added a real-time feed in the upper-right corner of the page. Some readers are concerned that this will adversely affect their privacy, but as far as I can see the updates in the box will not share more than can normally be found on a person's private profile page.

Skype iPhone, iPod Touch App Has Security Hole

Skype is working to fix a security hole in its iOS app for the iPhone and iPod Touch that allows a hacker to steal a person’s entire address book. The vulnerability, located in the app’s chat message window, can be exploited with JavaScript code. It was pointed out by security researcher Phil Purviance of AppSec.

"Skype uses a locally stored HTML file to display chat messages from other Skype users, but it fails to properly encode the incoming user’s ‘Full Name,’ allowing an attacker to craft malicious JavaScript code that runs when the victim views the message," Purviance wrote on his blog.

The heart of the problem, according to Purviance, is an improper definition within the Skype app that allows access to a user's local file system. He says the threat is partially mitigated by protections within iOS itself, but the address book remains vulnerable.

Skype appears to be in no hurry to fix the problem. In a tweet, Purviance said he notified Skype of the vulnerability on August 24, and was told that an update addressing the issue would be released in early September.

A statement from Skype confirms that the company is aware of the issue and will fix it "in our next planned release, which we hope to roll out imminently."

You can watch a demonstration of exactly how the exploit works in this video, created by Purviance:

Facial Recognition Technology: Facebook Photo Matching Is Just the Start

As facial recognition tech moves into law enforcement, military use, and targeted advertising, and onto the streets of your town, will your privacy be a casualty?

The Internet was in an uproar earlier this year following Facebook's launch of facial recognition software for its photo services, enabling users to identify their friends in photos automatically--and without their permission. Though critics described that move as creepy, the controversial technology may now be on the verge of widespread use.

For instance, this month a Massachusetts company called BI² Technologies will roll out a handheld facial recognition add-on for the iPhone to 40 law enforcement agencies. The device will allow police to conduct a quick check to see whether a suspect has a criminal record--either by scanning the suspect's iris or taking a photo of the individual's face.

Earlier this week, reports surfaced that the military and Georgia Tech Research Institute had started testing on autonomous aerial drones that could use facial recognition software to identify and attack human targets--in effect, the software performs the assessment that determines who gets killed.

And in yet another development, the Federal Trade Commission announced earlier this week that it will hold a free public workshop on December 8, 2011, to examine various issues related to personal privacy, consumer protection, and facial recognition technology.

[Read: "Facebook Photo Tagging: A Privacy Guide"]

Of course, the government and large private companies have had access to facial recognition software for years. The pressing question today is what happens to privacy when everyone has access to the technology? Already smaller businesses--and even private individuals--are developing sometimes amazing, sometimes very creepy uses for security-focused software.

Tom Cruise encounters facial-recognition-generated ads in a scene from the film Minority Report.In Las Vegas, advertisers have taken a page from Minority Report, the 2002 Tom Cruise movie. The Vegas advertisers use facial recognition to target ads to passers-by. For instance, if a woman in her mid-twenties walks past the advertising kiosk, its built-in software will identify her likely age and gender and then display ads for products deemed appealing to her specific demographic.

Meanwhile, in Chicago, a startup called SceneTap links facial recognition technology to cameras in bars and clubs so that users can figure out which bars have the most desirable (in their opinion) ratio of women to men--before they even arrive.

If you think the corporate implications are unsettling, wait until the general population gets deeply involved in using facial recognition technology. One recent instance: In the wake of the August London riots, a Google group of private citizens called London Riots Facial Recognition emerged with the aim of using publicly available records and facial recognition software to identify rioters for the police as a form of citizen activism (or vigilante justice, depending on how you feel about it). The group finally abandoned its efforts when its experimental facial recognition app yielded disappointing results.

Though the members of London Riots Facial Recognition undoubtedly believed that they were working for the greater good, what happens when people other than concerned citizens get their hands on the technology? It shouldn't take too long for us to find out.

Present-Day Reality Check

The use of facial recognition software by governments and online social networks continues to provide headline fodder. A Boston-area man had his driver's license revoked because when the U.S. Department of Homeland Security ran a facial recognition scan of a database containing the photos of Massachusetts drivers, it flagged the man's license as a possible phony. Afterward it emerged that the system had confused the man's face with someone else's.

Scene from the 2011 London riots.In England, law enforcement officials ran photos of August riot suspects through Scotland Yard's newly updated face-matching program, which is under consideration for use during the 2012 Summer Olympics in the UK. In Canada, an insurance company invited Vancouver police to use its facial recognition software to help identify rioting fans after the Vancouver Canucks hockey team lost the seventh game of the NHL championship series.

And of course Facebook endured a hailstorm of criticism in June when it announced its plans be roll out a facial recognition feature for its members to provide semiautomatic tagging of photos uploaded to the social network.

[Read: "Facebook Facial Recognition: Its Quiet Rise and Dangerous Future"]

One Facebook critic was Eric Schmidt, executive chairman of Google, who said earlier this year that the "surprising accuracy" of existing facial recognition software was "very concerning" to his company and that Google was "unlikely" to build a facial-recognition search system in the future.

Indeed, Google seems to have been so concerned by the technology that Schmidt declined to implement it even though his company already had the know-how to make it. “We built that technology and withheld it,” Schmidt said. “People could use it in a very bad way.”