Friday, August 8, 2008

How to Prevent a Data Disaster

How to Prevent a Data Disaster

Rick Broida, PC World

A corrupted Outlook database trashes your e-mail archive and contact list. An accidentally deleted folder wipes out critical business documents. A sudden hard-drive failure destroys your MP3s and photo libraries. The list of potential catastrophes goes on and on, and few users are prepared to deal with them. That's because they lack a diversified backup plan.

From a certain point of view, data is a little like money. Financial advisors always recommend maintaining a diversified portfolio, the idea being that if one stock or mutual fund tanks, you won't go broke. The same concept applies to backups: By diversifying your approach--that is, archiving your data in multiple places using multiple methods--you're safe even if disaster strikes one location or collection of data.

Let's take a look at the ways you can expand your backup portfolio to protect against the inevitable data catastrophe. To ensure the safey of your important files, I recommend using at least a few of the following methods in unison.

Method 1: The Full-System Backup

Casper 4.0; click for full-size image.With external 300GB hard drives readily available for as little as $100, there's no reason not to keep one plugged into your PC. Pair it with a drive-cloning utility like Casper 4.0, which can perform scheduled, incremental backups with or without compression. A full-system backup to an attached drive is your best line of defense against data loss: In the event of total failure, it's a simple matter to restore every bit and byte to a replacement drive.

Method 2: The Remote, Data-Only Backup

While it's great to archive your entire hard drive, don't overlook the benefits of backing up just your critical data: documents, bookmarks, financial records, e-mail, address books, and so on. Why bother? Simple: Sometimes you just want to restore a handful of files or a select chunk of data. Plus, data-only backups take a lot less time than full system backups.

MozyHome; click for full-size image.For this step, look to an online backup service like iDrive or MozyHome. Both offer 2GB of free storage and the option to upgrade to unlimited storage for $5 a month. Mozy relies on client software to help you select both common file types to back up and important user data files for programs like Outlook and Quicken, while iDrive uses an Explorer-style interface for selecting specific files and folders to preserve. The real advantage to both services is that they work automatically and in the background, uploading new and changed files while you work (or at scheduled times). That kind of set-it-and-forget-it backup is well worth a few bucks every month.

If you'd rather save your pennies and don't mind taking a more hands-on approach, loads of services let you park files online free of charge. ADrive, for one, offers 50GB of absolutely free storage. However, no synchronization is involved: It's up to you to pick and choose which files to upload, and when. Thus, use these services for files that don't change all that often, like MP3 and photo libraries.

Method 3: The Spare-PC Backup

Microsoft's SyncToy; click for full-size image.These days it's not uncommon to own two or more PCs, and if you have family members under the same roof, they probably have their own machines as well. Why not create a "backup network" that leverages everyone's hard drives? All you need is SyncToy 2.0, one of Microsoft's free PowerToy utilities. With it, you can create "folder pairs" between PCs, copying files between them with a single click. This is a great way to sync, say, disparate photo libraries between your PC and your spouse's, and to create a backup of both in the process.

If your PCs aren't on the same network--one is at home and another is at work, for instance--try Microsoft's Windows Live FolderShare, which syncs files across the Internet (and does so automatically; SyncToy requires you to manually resync whenever you change or add files). FolderShare's advantage is that you can expand your backup network to include friends, syncing critical files to their machines and vice-versa. Like SyncToy, FolderShare costs nothing to use.

Method 4: The Document Backup

DocSyncer; click for full-size image.If you're a Google Docs user, you know that this Web-based office suite can import documents from Microsoft Word, Excel, and PowerPoint. But wouldn't it be great if you could actually synchronize those kinds of documents between your PC and the suite? You can with DocSyncer, a free tool that's currently in beta. Though intended to make your files accessible anywhere you go, it also creates a perfect backup of your Office documents within Google Docs (and, for that matter, a backup of your Google Docs documents on your PC). Currently the beta is limited to syncing files contained in your My Documents folder, so you may have to do a little shuffling if your files reside elsewhere.

Method 5: The Bookmark Backup

Foxmarks; click for full-size image.If you're like most users, you've accumulated years' worth of bookmarks in your browser--a collection you definitely don't want to lose. Fortunately, it's a snap to copy those bookmarks to the Web for easy retrieval if the need ever arises. Firefox users should install the free Foxmarks plug-in, while Internet Explorer users can accomplish the same thing with BookmarkSync. Incidentally, both tools can also keep your bookmarks in sync across multiple PCs, and both let you access them from any browser.

Method 6: The E-Mail Backup

MailStore Home; click for full-size image.Are you an e-mail packrat? If so, you'd probably be loathe to lose your archives. Start with one of two free backup utilities designed expressly for e-mail: Amic Email Backup, which copies everything--including your address book, account settings, and message rules--to a single compressed file; or Mailstore Home, which duplicates all your mail into a searchable archive and optionally backs it up to CDs or DVDs.

Amic supports nine e-mail clients, including Outlook, Outlook Express, and Eudora. Mailstore Home works with Windows Mail, Outlook, Outlook Express, Thunderbird, and Seamonkey.

Of course, unless you put those discs in a safe or upload the archive file to the Web, those kinds of backups are still vulnerable to fires and other local disasters. That's one reason to consider routing your e-mail through Gmail IMAP, which effectively creates a Web-based archive by syncing mail between Google's servers and your PC.

Start by signing up for a free Gmail account, then enabling IMAP and following the configuration instructions for your mail client. Then you can either configure your mail account to forward all messages to your Gmail account or set up Gmail's Mail Fetcher to retrieve messages from your ISP's POP3 server. From then on, all of your mail will go through Gmail, giving you more than 6GB of storage space for messages and attachments, and some excellent spam filtering in the bargain. Once you have everything set up, you'll forever have copies of your messages available in your Web-accessible Gmail account. That's not only an ideal e-mail backup, but just plain handy, too.

Method 7: The Already-In-Your-Pocket Backup

Finally, we come to the backups you already have--but don't know you do. For example, if you carry a smart phone or PDA that syncs with your PC, it's like having a mobile backup of your contacts, calendar, memos, and tasks. In the event of desktop data loss, just sync your device to restore everything to Outlook, Palm Desktop, or whatever contact manager you use. (Be sure to make a one-time adjustment to the sync settings so everything gets copied from the device to the PC, not the other way around.)

iPod Folder; click for full-size image.Likewise, if you own an iPod, a Zune, or other media player, you can use it to restore a lost or damaged music library. iPod users should check out iPod Folder, which copies music directly from the player to any folder on your Windows and Mac system. You can even store the program on your iPod so it's available on the spot. Zune owners need to tweak the Windows Registry to make the device appear as a removable hard drive, after which it's a simple matter to drag all your songs from device to desktop. You can do the same thing with any MP3 player that your PC recognizes as a hard drive.


உலகம் அழிந்து கொண்டு வருகிறது

உலகம் அழிந்து கொண்டு வருகிறது

நன்றி:- http://girirajnet.blogspot.com/2008/08/blog-post_08.html

ஒரு வாரமா எல்லோரும் குசேலன் படம் நல்லா இருக்கு குசேலன் குப்பை குசேலன் படம் நாசமாக போகனும்னு பேசிட்டு இருக்கோம் ..ஆனா அதை விட முக்கியமா நாம் செய்யும் சுற்று புற சீர்கேட்டால் நம் உலகமே அழிந்து கொண்டு வருகிறது, அதை பற்றி யாரும் கவலை பட்ட மாதிரி தெரியல.

உலகம் முழுவதும் சுற்றுப்புற சீர்கேட்டால் வெப்பத்தின் அளவு அதிகரித்து கொண்டு வருகிறது. இதனால் பருவ நிலை மாற்றங்கள் ஏற்பட்டு வெள்ளப்பெருக்கு பஞ்சம் பனி உருகுதல் கடல் நீரின் அளவு மிக வேகமாக அதிகரித்தல், பல புதிய நோய்கள், என்று அனைவரையும் பாதிப்புக்கு உள்ளாக்கி வருகிறது.

வெப்பமே பார்த்திராத நாடுகள் கூட தற்போது வெப்பத்தை பார்த்து பயந்து போய் உள்ளன. மின்சிறி என்ற ஒன்றை பயன்படுத்தி இருக்காத நாடுகள் எல்லாம் அதை பயன்படுத்த வேண்டிய நிலைமைக்கு தள்ளப்பட்டு விட்டன.

இந்நிலைக்கு காரணம் காடுகள் அழிப்பு, எந்த காலத்திலும் மக்காத பிளாஸ்டிக் பொருட்கள் பயன்பாடு, தொழிற்சாலைகள் வெளியிடும் சுத்திகரிக்காத கழிவுகள், குண்டு பல்புகள், இவை தவிர பல காரணங்கள், இவை நம் அன்றாட வாழ்க்கையோடு சம்பந்தப்பட்டவை.

நம்மால் முடிந்த அளவு இதற்க்கு துணை போகாமல் இருக்கலாம், முக்கியமாக பிளாஸ்டிக் பொருட்களின் பயன்பாட்டை குறைக்கலாம், குண்டு பல்பு அதிக வெப்பத்தை உண்டு பண்ணுகிறது அதை பயன்படுத்துவதை தவிர்க்கலாம், தங்களது வீடுகளில் முடிந்தவர்கள் மரம் வளர்க்கலாம், மின்சார பயன்பாடு இல்லாத போது அதை எரிய விட்டு கொண்டு இருப்பதை நிறுத்தலாம். இவை எல்லாம் நம்மால் முடிய கூடிய எளிதான உதவிகளே.

இன்று இரவு (8-8-08) 8 மணிக்கு இதை மக்களிடைய இதன் தாக்கத்தை உணர செய்ய ஒரு விழிப்புணர்வு ஏற்படுத்த எக்ஸ்னோரா அமைப்பு அனைவரையும் 8 நிமிடம் அனைத்து மின்சார விளக்குகளையும் அனைத்து இதற்க்கு உதவுமாறு கேட்டுக்கொண்டுள்ளது. (இதை பயன்படுத்தி எவனும் திருடிட்டு போகாம இருந்தா சரி)

நம் தமிழக அரசு பாதி நேரம் மின்சாரமே தருவதில்லை, இவர்கள் உலக மக்கள் மீது ரொம்ப அன்பு வைத்து ரொம்ப தீவிரமா கடை பிடிக்கறாங்க போல, சரி அதை விடுங்க. அது தான் அவர்களே பாதி நேரம் மின்சாரத்தை நிறுத்தி விடுகிறார்களே நாம் 8 நிமிடம் நிறுத்தி புதுசா என்ன செய்ய போகிறோம் என்று கேட்க வேண்டாம், இதனால் நாம் பெரிய உதவி செய்துவிட போவதில்லை, இது முக்கியமாக மக்களிடையே விழிப்புணர்வு ஏற்படுத்தவே இவ்வாறு செய்ய சொல்கிறார்கள், மற்றபடி வேறு எந்த விசயமும் இல்லை. எனென்றால் பாதி பேருக்கு வருஷா வருஷம் வெய்யில் அதிகமாகிட்டே வருகிறதே அப்படிங்கற அளவுல தான் தெரியும் ஆனால் அது எதனால் அதிகம் ஆகிறது என்று தெரியாது. அதனால் விதண்டா வாதம் பேசாமல் உலக சுற்றுப்புற சூழலில் பங்கெடுத்து கொள்ளுங்கள்.

நேற்று பல பதிவர்களின் பதிவுகளில் சென்று இது பற்றி பின்னூட்டம் போட்டு விழிப்புணர்வு ஏற்படுத்த முயற்சி செய்த கோவை விஜய்க்கு என் வாழ்த்துக்கள்.

How to Build a Blog With WordPress

Tired of toying with the puny tools that cookie-cutter blog services provide? Follow the steps in this easy guide to install a WordPress blog on your own domain and personalize your Web presence.

Zack Stern, PC World

If blogging is all about self-expression, why do so many blogs look so blah?

Limitations of free blog sites; click for enlarged image.Most beginner "blahgs," it seems, are generated using free services whose customization options are meager at best. But you can break the monotony and supercharge your Weblog by installing your own blogging software and customizing it as you like. You'll control how your site looks and functions--and when you're finished, you'll have a distinctive-looking blog that you can easily update to keep it fresh and functional.

Dozens of great blogging tools are available, and PC World has rated several of them. Among the most popular and versatile of these is WordPress. You can easily scale it to your needs, so it can handle a basic family blog or a professional blog or news site with equal aplomb. The latest version, WordPress 2.5, offers photo gallery support, powerful media management options, multiple file uploading, a new look, and more. And because it supports a host of plug-ins and widgets, you can quickly introduce additional features as needed.

I'll explain how to get started with the installation, how to customize your blog, and how to create posts. If you just want to dabble with a free, hosted WordPress site, visit WordPress.com; But if you want to take full control of WordPress's powerful content management and site design features, including your own personal domain name, you'll need the WordPress software (note that the free software is available at WordPress.org, not at WordPress.com) and a Web hosting account to install it on. Using the WordPress software, you'll be able to adjust a multitude of settings to craft your own unique, easy-to-manage site.

What You'll Need

To get started with your WordPress blog, you'll need four or five basic things.

  1. A Web hosting account with PHP version 4.3 and MySQL version 4.0 or later enabled.

  2. A MySQL database to store your blog's data in. You'll create this during the WordPress installation process.

  3. A text editor, such as Notepad (on Windows) or Text Edit (on the Mac). A simple text editor produces better results than a full-blown word processor such as Microsoft Word.

  4. An FTP client, such as FileZilla for Windows or CyberDuck for Mac, to simplify and accelerate the process of uploading the WordPress installation files to your hosting service.

  5. An image editor, though optional, can be very helpful if you want to create your own custom themes. One good, free option is The GIMP (that is, the GNU Image Manipulation Program), which includes many features that rival Adobe Photoshop provides, minus the price tag.

  6. Install WordPress

    Rename 'wp-config-sample.php'; click for enlarged image.WordPress requires PHP version 4.3 or higher, and MySQL version 4.0 or higher. These tools allow WordPress to execute scripts and manage databases that instantly propagate your Web page. Check with your Web host to confirm that it supports these pieces and that they are installed successfully; the vast majority of hosting companies offer these features as part of their standard services.

    At the heart of every WordPress blog is a MySQL database that contains all of its posts and settings. It's a good idea to set up this database on your host server before you start working with individual WordPress files. That way you can customize your configuration file before uploading it, which is a significant time saver.

    To create the database, log into your hosting service's control panel--cPanel, phpMyAdmin, Plesk, or whatever the interface may be. Somewhere in the main control panel, you should see a listing for MySQL databases. My host uses cPanel, so I clicked the MySQL Databases icon, typed in a name for my new database--'wordpress'--and clicked Create Database. I also typed in a new user--'blog'--and password, and then clicked Create User. You can choose whatever names you like for your database and user, but your process should be similar to mine.

    If you haven't already, you should download the free WordPress software to your computer and extract the files onto your desktop. All of them should be contained in a folder labeled 'wordpress'. Within the wordpress folder, locate the file named 'wp-config-sample.php' and rename it wp-config.php. Then open this file in a plain-text editor (such as Notepad on Windows or TextEdit on a Mac), and replace 'putyourdbnamehere', 'usernamehere', and 'yourpasswordhere' in the file with your database name, your user name, and your password, respectively. Leave the other formatting--such as spaces and single quotes--intact.

    Now upload the WordPress files--excluding the outer wordpress folder itself--to the root directory of your host account. You'll probably want to use one of the FTP programs mentioned earlier under "What You'll Need" to move everything swiftly, instead of pursuing the click-heavy method of doing everything within a browser-based control panel.

    The folder that you place all of your content in will determine where visitors go to see your blog. If you want the root page to contain the blog, put everything into a directory on your host. If you want to store the page at another URL, such as 'http://mywwebsite.com/blog', create a folder named 'blog' at that level, and put the WordPress files inside. The root directory for your hosted Web site will usually have a name like 'public_html' or 'http_docs'.

    Finish the installation with your Web browser. Visit the directory where you made the installation, plus the extension 'wp-admin/install.php'. For example, if you put everything in a folder named 'blog', visit 'http://mywebsite.com/blog/wp-admin/install.php'. If the WordPress files are in your root Web directory, go to 'http://mywebsite.com/wp-admin/install.php'. Enter basic details such as the blog name and your e-mail address, and click Install WordPress.

    That should complete the initial installation. Visit your blog URL in another window to see how the site looks to the outside world. If you notice a problem, consult the troubleshooting tips related to your specific situation at the WordPress Codex.

  7. Design Your Blog

    The WordPress themes editor; click for enlarged image.Your WordPress blog can be customized to an astonishing degree, giving your site unique functionality in addition to a distinctive look. I'll explain how to make simple design tweaks, how to import free themes that bring their own style, how to add plug-ins for custom functionality, and how to create your own custom theme.

    Log in to your dashboard by visiting 'http://your-domain-name.com/wp-admin'. (This location is the same as the directory where you uploaded the files.) Click the Settings tab in the top right to make a few initial alterations. Change the blog title, the tagline, and the time zone as needed. Click Save Changes.

    You can make simple adjustments to the blog header through the 'Design', 'Header Image', and 'Color' tabs. Click the buttons to adjust the font color, and change the background gradient by clicking Upper Color and Lower Color. (Use the same color if you want a solid layer.) Click Update Header to modify your blog immediately.

    For a larger-scale change, try replacing the default themes. New themes shuffle all of your post details into different layouts and looks, and many themes are free to download through WordPress and other sites. Visit the WordPress Theme Viewer to sample officially tested designs.

    I like to check a few of the design options in the left menu, such as '2 columns' and 'right sidebar' to narrow the results; then I browse through the choices. Another option is to type a word in the upper-right search box. Try searching for 'wind', 'rain', 'night', and other poetic descriptors to see the range of different designs. If you like one theme, be sure to check out others from the same designer; to do this, click the More themes by this author link.

    Once you find one or more themes that could work for your site, download them to your computer. Themes should come with installation instructions, but in general you just upload their folder into '/wp-content/themes'. Back in your 'Design, Themes' tab, click the new theme to apply it to your site instantly.

    Build Your Own Theme

    Building a theme from scratch can be daunting, so I recommend that you dive into the theme development page at the WordPress Codex before getting started. Or check out the 5-minute tutorial at BotHack for a brief introduction to how themes work.

    Before I learned how to build my own theme from scratch, I used the Wordpress Theme Generator to save time. Though it permitsa much smaller degree of customization, it easily manipulates many settings to produce a unique look quickly.

    To begin, visit the free site. The left column controls your settings, and the right side offers a live preview of how the page will look. Step through the options to make your own design. The 'Site name' section controls your masthead logo. Click the white box to change the font color, or enter the URL for your custom JPEG or GIF image. Any custom graphics will be referenced from their original location, not downloaded into a theme--so if you change or erase the original files, your blog will lose those graphics. I recommend that you upload them to your server and then enter that URL.

    I retained a two-column design but customized the background pattern and text colors. If appropriate, click the Preview button in the lower-left corner to refresh the right pane as you adjust settings. I ran into a few bugs--in particular, I had trouble changing an already-entered image URL--but with a little patience, I got everything set up. Click the Save button to generate the theme as a ZIP file. Then extract the ZIP file, and upload the full theme folder containing the PHP and other files to your server's '/wp-content/themes' directory. In the WordPress dashboard, select the Design, Themes tab, and click the new theme to make the change.

  8. Log In and Create a Post

    Your blog is built and (mostly) configured. In just a few more steps you'll be able to begin posting. The initial user is named 'admin', and this is the name that will appear as the author signoff on posts. Click the Users tab to add your own identity. Fill in the details, and choose the role of Administrator to give your new account full powers. If other people will be contributing to your blog, give them limited powers. An Editor can create posts and publish content from other writers but can't access all of the admin settings; an Author can write and publish posts; a Contributor can write but not publish posts; and a Subscriber can write comments but not posts.

    The Write Post interface; click for enlarged image.When you're ready to post, log out and then log back in using the new account. Click the Write button in the upper-left part of the screen, and begin blogging. Create a title and some text. I like to write the body of my post offline in a plain-text editor and then paste it here. That way, if my Internet connection or browser breaks, I won't lose any work. Either way, click the Save button on the right frequently as you progress.

    Use the word processor-style toolbar to introduce boldface type, create lists, and otherwise format text. If you need to work directly with the HTML--for example, if you want to copy and paste an embeddable video--click the HTML tab. This view shows the underlying commands and allows direct editing. If you write HTML commands in the Visual tab, they'll appear as regular text in the body of your post.

    Add Media

    The Gallery interface; click for enlarged image.WordPress lets you create image galleries in posts. Put the cursor where you want a single image or gallery. Click the rectangle picture icon. (When you hover your pointer over it, it says 'Add an Image'.) Click Choose files to upload to transfer your own pictures to your server. Select one or more of them, and wait until the progress bars finish adding them. WordPress will read tags and other data embedded in the images, and then it will resize them and format them for your site.

    In the Gallery tab, click Show to adjust these details, change the title, and add a description. Save those changes, and then click Insert gallery into post. WordPress then adds the '[gallery]' tag to the plain-text view; this content will become your image gallery when published.

    To add video files, click the Add Video icon. Doing so will upload your finished video to your own server. That's fine if you know how to compress everything via your editing software, but it's not ideal if you haven't preprocessed the file for Web use. So instead I recommend uploading video to another site, such as Vimeo or YouTube, that will automatically format the clip for Web viewing. From there, click the option to embed the video into another page, and copy the embed code. Back in your post, click the HTML view, and paste the code.

  9. Tag and Manage Content

    Your next task is to add tags. These simple words and phrases help readers find posts on the same topic, just as image tags do for photos. Use keywords that describe the post, specify what it's about, and even identify proper names of things inside. Separate the tags with commas, and click Add.

    Categories offer an organizational structure similar to tags, except that--depending on your layout--WordPress can instantly create navigational tabs for each category. This arrangement works great if your blog has a few repeating themes, such as "work," "soccer," "cooking," and "family." I recommend that you make as many tags as you can think of--even five or so for a single post--but try to limit your categories to a few main topics. Type a name, and click Add, or use the checkboxes below to designate the category.

    Click Save on the right, and click Preview this Post. If it looks good, click Publish. If you prefer to schedule the post to go live at a certain time, click Edit, and enter the future date and time when you want this to happen.

    Post Via E-Mail

    WordPress 2.5 can publish posts that you or others e-mail to a specific address; this ability is ideal for occasions when you want to send content from a phone away from a computer. But the default process has drawbacks: It doesn't work with SSL accounts, it requires POP3, and currently it doesn't work with photos. For these reasons I prefer the free plug-in, Postie. Besides overcoming the preceding limitations of WordPress 2.5's e-mail process, Postie can be instructed to publish only e-mail sent from a specific address, which enhances your security.

    Create a new, secret mail account exclusively to use with WordPress content, and upload the 'postie' folder to /wp-content/plugins. Create new folders in your main directory called wp-photos and wp-files where Postie can save its data. (Make sure that they're write-accessible on your server.)

    Postie; click for enlarged image.In WordPress, click Plugins near the upper-right. Activate Postie. Log out and then log back in as an administrator. Click Settings, Configure Postie. Enter any e-mail addresses that you want to permit to post entries to the blog. Leave the other settings at their default values, scroll down to the end, and enter your e-mail account settings. Click Update Options, and click Test Config. If you run into any problems, check to confirm that the e-mail account details are correct.

    Postie should be ready to go, but you'll need to create a scheduled Unix command that regularly checks the e-mail account for new messages. In your server configuration tool, open the Cron Jobs tool and create a new job. In it, paste the text */5 * * * * /usr/bin/lynx --source http://www.mywebsite.com/wp-content/plugins/postie/get_mail.php >/dev/null 2>&1 to cause WordPress to check for new mail every 5 minutes. Now you're ready to mail in your posts. Postie will use your e-mail subject line as the title of the post, and the body of your message will become the body of the post.

10 Quick Fixes for the Worst Security Nightmares

10 Quick Fixes for the Worst Security Nightmares

Most security attacks are targeted at a few weak points on your PC that aren't that hard to protect. Follow these simple tips, and you'll suddenly be a whole lot safer.

Erik Larkin, PC World

In the world of comic books, every bad guy is an evil genius. On the Web, hackers, spammers, and phishers may be evil, but they're not required to be geniuses. They can make a healthy living just by exploiting known security holes that many users haven't bothered to patch. Or by relying on the propensity of millions of people to do things they've been told over and over not to do.

The silver lining is that you don't have to be a genius to avoid these common attacks either. Implement a few simple fixes, and you'll avoid most of the bad stuff out there.

Fix 1: Patch Over the Software Bull's-Eye

Have you turned off automatic updates for Windows and other programs on the rationale that "if it ain't broke, don't fix it?" Then consider this: Your programs may be very, very broken, and you don't know it. The days of big splashy viruses that announce themselves to PC users are over. The modern cybercriminal prefers to invisibly take control of your PC, and unpatched software gives them the perfect opportunity to do so.

Today, a hijacked Web page--modern digital crooks' attack of choice--will launch a bevy of probes against your PC in search of just one unpatched vulnerability that a probe can exploit. If it finds one, better hope your antivirus program catches the ensuing attack. Otherwise you likely won't even notice anything amiss as it infects your system.

Windows Automatic Update; click for full-size image.Luckily, you can completely block the majority of Web-based exploits by keeping all your programs--not just the operating system or your browsers--up-to-date. Attack sites ferret out holes in seemingly innocuous applications such as QuickTime and WinZip as well as in Windows and Internet Explorer. So turn on automatic update features for any software that offers the service--it's your quickest and easiest option for getting patches.

Fix 2: Find the Other Holes

If every program used easy automatic updates--and we were all smart enough to use them--the thriving malware business would take a serious hit. Until then, a free and easy security app from Secunia can help save the day.

Secunia Personal Software Inspector; click for full-size image.The Secunia Personal Software Inspector, available as a free download, scans your installed software to let you know which out-of-date programs might be making your PC unsafe. But it doesn't stop there--for each old program it finds, it offers quick and easy action buttons such as one labeled Download Solution, which retrieves the latest software patch without you even having to open a browser.

The program also gives you links to the software vendor's site as well as Secunia's full report about the vulnerability on your system. You can choose to block future warnings about a particular program (but you should, of course, be careful before doing so).

Secunia PSI isn't perfect, and doesn't always make it easy to update unsafe program components. But for most apps it provides a quick--and very important--fix.

Fix 3: Let the Latest Browsers Fight for You

The most insidious hijacked Web pages are nearly impossible to spot. Tiny snippets of inserted code that don't display on the page can nevertheless launch devastating behind-the-scenes attacks.

Trying to avoid such pages on your own is asking for trouble, especially since crooks like to hack popular sites--attacks against sites for Sony games and the Miami Dolphins are just two well-known examples. But new site-blocking features in the just-released Firefox 3 and Opera 9.5 browsers provide some shielding.

Firefox 3 malware warning; click for full-size image.Both browsers expand on the previous version's antiphishing features to block known malware sites as well, whether they're hijacked pages on legitimate sites or sites that were specifically created by bad guys. Neither browser completely eliminates the risk of landing on such pages, but every additional layer of protection helps.

Microsoft plans to add a similar feature to Internet Explorer 8, but this version won't be ready for prime time for a good while. For more on the browsers' improved security, see "New Browsers Fight the Malware Scourge."

Fix 4: Sidestep Social Engineering

The most dangerous crooks use clever marketing to get you to do their dirty work for them and infect your own PC. Lots of social engineering attacks are laughably crude, with misspelled words and clumsy grammar, but that doesn't mean you should dismiss the danger. Every now and then, a well-crafted attack can slip past your defenses and lure you into opening a poisonous e-mail attachment or downloaded file. A targeted attack might even use your correct name and business title.

To fight back, turn to a simple but powerful tool: VirusTotal.com. You can easily upload any file (up to 10MB) to the site and have it scanned by a whopping 35 different antivirus engines, including ones from Kaspersky, McAfee, and Symantec. A report tells you what each engine thought about your file. While some (such as Prevx) are prone to false alerts, if you get multiple specific warnings that include the name of the particular threat, then you almost certainly want to delete the file.

A lack of warnings doesn't guarantee a file is safe, but it does give you pretty good odds. Use VirusTotal to check every e-mail attachment and download you're not 100 percent sure about, and you'll avoid insidious social engineering.

VirusTotal Uploader; click for full-size image.If using VirusTotal starts to become a habit (not a bad idea) and you want to make sending files for scanning to VirusTotal really easy, download the free VirusTotal Uploader. Once you've installed the utility, just right-click a file, and you'll see an option (under Send To) to upload it to the VirusTotal site.

Fix 5: Get the Jump on Fast-Moving Malware

Traditional, signature-based antivirus software is getting snowed under by a blizzard of malware. Attackers try to evade detection by churning out more variants than security labs can analyze. So besides signatures, any antivirus program worth its salt today uses proactive detection that doesn't require a full signature to spot sneaky malware.

One promising approach uses behavioral analysis to identify malicious software based solely on how it acts on your PC. But your antivirus software by itself may not be enough. ThreatFire, a popular free download from PC Tools, adds such a layer of behavior-based protection. In recent tests, it correctly identified 90 percent of malware based on its behavior alone.

PC World's ThreatFire review provides a thorough analysis of the program and a quick download link (as well as a warning about installing too many security programs on one PC). And for more on behavioral analysis and proactive virus detection, see "When a Signature Isn't Enough."

Note: If you use the AVG Free antivirus program, hold off on trying ThreatFire until PC Tools releases a new version. The current 3.5 version conflicts with AVG, but PC Tools says it's working on a fix.

Fix 6: Rescue Your Inbox From Spam

Spam filters are getting better, but some junk still makes it through even the best of them. Instead of resigning yourself to hitting delete for all those hot-stock and Viagra come-ons, try disposable e-mail addresses.

Such an address is something you create every time you encounter an online shopping site, forum, or other service that requires you to enter an e-mail address. If that address gets flooded with spam, you can terminate it. That's a better system than the alternative, creating a free Web mail account that you use only for purchases and Web signups. With a single separate account, you have to throw the baby out with the bathwater and cancel the whole account if it gets too much spam.

Yahoo Web mail users can opt for the $20-a-year Plus service, which includes the AddressGuard disposable e-mail service (among other benefits). With it, you can click a bookmark to create a new, disposable address for any given site in about 10 seconds.

Gmail users can simply append "+ whatever" to their regular e-mail address before handing it out, but if that address starts to receive spam you can't simply turn it off. You'll have to create a filter in Gmail to block all mail to that address.

For everyone else, we suggest a good, free service from Spamgourmet.com that's quick and easy to set up and use; it allows you to create disposable addresses on-the-fly that will forward e-mail messages to your regular address.

Fix 7: Develop an Antiphishing Habit

The dastardly practice of phishing for personal information is still alive and well, and many fake sites can be hard to distinguish from the real ones. But a few simple practices can ensure you'll never be snagged by a phishing hook.

The best approach, and the most straightforward, is never to click a link in any e-mail message to access your financial accounts. Instead, always type the URL or use a bookmark. That one habit will protect you from almost every phishing attack.

If you can't make that change, then at least use the latest version of Internet Explorer, Firefox, or Opera to browse the Web. All have built-in features to block known phishing sites (and, as described in Fix 3, Opera and Firefox now also block known malware sites). Avoid Safari, which lacks any built-in antiphishing protection.

Finally, keep an eye out for the common phishing tactic of using URLs like "http://adwords.google.com.d0l9i.cn/select/Login." If you glance at the URL (an actual recent example listed by Phishtank.com), you might think the site's domain was google.com. In fact, it's heading to d0l9i.cn, a site in China where operators are standing by to swipe your personal details.

Internet Explorer 8's Domain Highlighting; click for full-size image.Internet Explorer 8 will use an innovative feature called Domain Highlighting that will make spotting such trickery easy. But until it becomes available, watch URLs carefully.

Fix 8: Keep Your Own Site Safe

It's not a good time to run a Web site. The Web may look like a digital wonderland, but behind the scenes it's a war zone. And the guns are trained on your site.

Crooks use automated tools to search sites for the most common vulnerabilities. If they find one, they blow the hole wide open to plant harmful code that will attack your loyal visitors.

To help keep your site safe, start with some quick, free scans that ferret out the most obvious problems. First, fill out a form at Qualys.com to request a free scan of one IP address.

Scrawlr; click for full-size image.Next, download the also-free Scrawlr tool from HP. After a quick install, use Scrawlr to scan your site for SQL injection vulnerabilities (a type of hole targeted in a recent Sony site hack).

A clean bill of health from both scans won't guarantee that your site is safe. For instance, neither will find problems with custom JavaScript code, another common type of attack. And while requesting or running either scan is easy, fixing a reported hole might involve a fair bit of work. But that job will still take far less work than repairing your site and your reputation after your site has been hijacked.

Fix 9: Make Your Passwords Secure--And Easy to Remember

Online passwords are starting to seem about as safe as tissue paper protecting a bank vault. The supply of stolen logins is now so huge that crooks can hardly make any money selling them unless they add other ripped-off data, like addresses or Social Security numbers, according to security researchers. And thieves don't stop with stealing logins to financial accounts--the bad guys regularly pilfer access information for Web mail accounts as well. In one recent case, a scammer broke into Web mail accounts and sent messages to the victim's friends asking for money.

Experts say we should use strong, unique passwords for all our accounts. But they don't tell us how we're supposed to remember them, so most of us end up using the same, not-so-safe password at all our accounts.

Here's an easy fix that allows you to remember just one password, yet still have a strong, unique password for each site you use. The Password Hash (or PwdHash) add-on for Firefox and IE takes that simple password you type and runs it through an algorithm that uses the site's domain name as part of the calculation. The utility subs in the resulting strong password before you send it to the site. All you have to do (after installing Password Hash) is hit the F2 key in a password box before you type.

For a download link and more info on this useful tool, head to the PC World Downloads page.

Fix 10: Get Extra Cleaning Help for Stubborn Infections

Sometimes even the best antivirus program misses an infection. And once a virus or Trojan horse gets in, removing it can be incredibly tough. If you suspect some nasty got past your defenses, then it's time to bring in extra help.

Many antivirus makers offer free and easy online scans through your Web browser. The scan will take time, as the scanning service will need to download large Java or ActiveX components before it can get started, but they're easy to kick off. You can run them in addition to your already-installed antivirus application for a second (or third, or fourth) opinion. Here's the lowdown on your options.

Trend Micro HouseCall: Will detect and remove malware; works with both IE and Firefox.

BitDefender Online Scanner: Detects and removes malware; requires IE.

Kaspersky Online Scanner: Detects malware, but doesn't remove it; works with IE and Firefox.

F-Secure Online Virus Scanner: Detects and removes malware; requires IE.

ESET Online Scanner: Detects and removes malware; requires IE.


15 Great, Free Privacy Downloads

These free products can save you from malicious software and eavesdroppers. Don't leave your PC exposed and vulnerable.


One of the worst privacy invaders the world has ever seen is the Internet. When you surf, Web sites can find out where you've been and can gather other information about you. Trojan horses and spyware can snoop on you. Key loggers can capture your keystrokes as you type. Eavesdroppers can steal your passwords.

It doesn't have to be that way. The 15 downloads presented here can protect you. You'll find firewalls, password protectors, rootkit killers, trace cleaners, anonymity securers, and more. So check them out, and help yourself to a safer online experience. (Note that the 15 downloads we look at here don't include any antivirus and antispyware programs. We figured that we've covered those packages well enough elsewhere. So instead, we focus on tools you might not have heard about.)

Firewalls

A firewall is one of the most basic pieces of software you can get for protecting your privacy. Any decent firewall shields you from inbound snoopers, and the better ones also prevent sneaky software from sitting invisibly on your PC and making outbound connections to tell others about your activities.

Comodo Firewall Pro

If you have Windows XP or Windows Vista, you have a firewall on your PC courtesy of Microsoft, so you may figure that you're perfectly safe. Wrong--the firewalls built into both of those operating systems have problems. The Windows XP firewall, for example, lacks outbound protection. And the Windows Vista firewall is exceedingly difficult to customize.

A great bet for a truly flameproof firewall is the free Comodo Firewall. It offers great protection against both inbound and outbound threats, along with some very nice extras. Its Defense+ feature, for example, locks down particularly vulnerable files and folders so that nothing can alter them.

If you use this firewall, you will have to spend a bit of time training it. Whenever an application tries to access the Internet from your PC, you'll get a pop-up that asks you whether you want to allow the application to proceed. If you'd like to cut down on the training time and the number of interruptions, use the program's Clean PC mode. In this mode, Comodo scans your PC for applications and registers them as safe. Afterward, you won't see as many alerts.

Among Comodo's other nice extras is an install mode that shuts off the firewall for 15 minutes, so you can install a new application without getting inundated with alerts.

Download Comodo Firewall Pro | Price: Free

Vista Firewall Control

Windows Vista's firewall is better than the one built into Windows XP because it includes outbound protection as well as inbound protection. Outbound protection is vital, because Trojan horses and spyware often use silent outbound connections to do their damage. In addition, some surreptitious software uses invisible outbound connection from your PC to send out spam or malware without your knowling it.

The Windows Vista firewall has one big problem, though: The outbound firewall is almost impossible to configure. The free Vista Firewall Control utility gives you the control that Vista should have. With it, whenever a program attempts to make an outbound connection, an alert appears, identifying the application's path and file name, the publisher's name, and the application's name. Based on what you see, you can then choose to enable or disable the connection permanently or one time only.

Download Vista Firewall Control | Price: Free

Password Protection

Password theft is one of the greatest privacy dangers that an Internet user faces online. With the following downloads, you'll be able to keep your passwords private and yet still keep track of them.

KeePass Password Safe

Most people have dozens of passwords that they use for Web sites, Web-based mail, ATMs, and more. They have become a fact of automated life. But it doesn't matter how much antivirus software and antimalware you use; if your password is stolen, you're in trouble.

KeePass Password Safe offers a simple way to keep track of all your passwords while keeping them safe. It lets you store all of your passwords in a lightweight, simple-to-use database, and it encrypts the database so that only you have access to it. You can lock it with a master password or with a file key.

The program stores all of your passwords in groups, so you can quickly find the one you want. And the program lets you easily drag and drop your passwords, copy them to the clipboard, and paste them into a Web page or an application using a hot-key. You can also search for passwords, and print and export them in various formats, including CSV, HTML, TXT, and XML files. You can import them, too.

The application can generate hard-to-crack passwords for you, as well--a nice extra for people who want to make their passwords extra secure.

Download KeePass Password Safe | Price: Free

KeyScrambler Personal

One of the biggest dangers you face online is theft of your user name and passwords for logging into commercial Web sites (such as banking and financial sites) and Web-based e-mail accounts. A criminal who steals that information could empty your bank account and use your e-mail address to pose as you.

This add-in to Internet Explorer and Firefox promises a simple way to keep you safe. As you type your password, KeyScrambler Personal scrambles it so that the information sent out over the Internet doesn't match what you type. That way, a lurking crook won't be able to steal your private information.

A small icon sits at the bottom of your screen, telling you that KeyScramber Personal is going about its work. As you type, you'll also see the scrambled text that the program is sending.

Download KeyScrambler Personal | Price: Free

Cleaning Your Traces

As you surf, your web browser leaves traces of your travels on your PC. Web sites can look into some of those traces. And if other people use your PC, they can easily look at those traces as well. Luckily, there are tools that can get rid of the tracks you leave behind.

Another privacy problem relates to Microsoft Office documents containing private information (unbeknownst to the sender) that get sent out via e-mail. A download helps here, too, removing information that you don't want made public from the Office documents where it appears.

Free Internet Window Washer

Worried that Web sites may snoop on your Internet activities, or that someone else who uses your PC can see where you've been and what you've done? If so, you need an Internet washer--a tool that will delete your Internet Explorer browsing history, recently typed URLs, browsing history, and so on.

That's what Free Internet Window Washer does--for free. Click Wash Settings, then click Browsers, and then select what you want the program to clean. Back on the main screen, click Wash Now and the program will remove everything you've asked it to. If you prefer, click Test Now to see a preview of what the program will do.

Besides cleaning Internet Explorer, Free Internet Window Washer also cleans traces from instant messengers, including AIM, ICQ, MSN Messenger, Skype, and Yahoo Messenger. It also cleans traces from a wide array of other programs, including Microsoft Office and Adobe Acrobat.

Free Internet Window Washer | Price: Free

CCleaner

Here's another great tool--and a longtime favorite of ours--for cleaning up all traces of your Internet activities. CCleaner cleans Internet Explorer and Firefox, of course, but also Adobe Acrobat, Adobe Flash Player, Google Toolbar, and Windows Media Player. It even picks up after major applications such as Microsoft Office, and it includes a Registry cleaner and an uninstaller.

Download CCleaner | Price: Free

SendShield

A lesser-known privacy problem may be among the most dangerous: hidden information in Microsoft Office documents that becomes exposed after the documents are made public.

This problem has struck some of the best-know enterprises in the world. In 2006, for example, Google publicly posted a PowerPoint presentation that contained notes disclosing highly sensitive financial projections to the world. Even worse, in 2003, Alistair Campbell, top communications aide to then-Prime Minister Tony Blair of the UK, released a Word document whose hidden information revealed that the British government had used plagiarized documents to justify its involvement in the Iraq war.

Google and Blair found out the hard way that Office documents contain lots of private information that the sender might prefer that the world not see, such as hidden text, names of author documents, revision history, markup, hidden cells, and hidden spreadsheets. When such information hitchhikes along with the visible text of a document, people can find it without much effort.

What to do? Get SendShield, an excellent, well-designed freebie. Whenever you send a Microsoft Office document via Outlook, SendShield looks inside the document for private information--and shows you what it finds. You can then delete all of the information if you wish. The deletion affects only the copy of the document you send; the original file remains intact on your PC.

Download SendShied | Price: Free

Rootkit and Malware Killers

Even the best antivirus and antispyware tools can't keep you completely safe. Rootkits often escape detection, and once they lodge on your PC, they give an outsider the power to take control of your system and help themselves to whatever private information they want. These two rootkit and malware killers, though, tip the odds in your favor.

F-Secure Blacklight Rootkit Eliminator

One dangerous type of malware that might infect your system is a rootkit. It hides deep in your system, using tricky techniques to shield itself from many antispyware, antimalware, and antivirus programs. With a rootkit in place, a malicious person can take complete control of your PC without your knowledge. Rootkits spread online in various ways, such as by riding along on another download.

Some antivirus tools, such as Avast, claim to detect and kill rootkits. Many do not. But even if you use an antivirus tool that claims to detect them, you'd do well to download, install, and use F-Secure's Blacklight Rootkit Eliminator, too. This freebie is designed exclusively to detect and kill rootkits.

The program inspects your PC's folders, files, and hidden processes for signs that you've been infected with a rootkit. It then tells you whether your system is rootkit-free or may be infected, listing every sign of infection that it found. Double-click on each listed entry, and you'll see more information, such as a description of the item, the company that made it, and its file location. You can then use Blacklight Rootkit Eliminator to quash the threat, which the program accomplishes by renaming the file and giving it a .ren extension so that it can't do any further damage. Before taking that step, though, it's a good idea to search for the file name on Google and make sure that the file is a rootkit and not some legitimate file. If your PC continues to function well after you've renamed the file, you can eventually delete the renamed files.

If you aren't an experienced PC user, you might want to stay away from this program. Renaming and deleting files can wreak havoc on a PC; so if you don't feel comfortable renaming, restoring, and deleting files--and troubleshooting PCs--you may be courting danger with this utility.

Download F-Secure Blacklight Rootkit Eliminator | Price: Free

HijackThis

If spyware or a Trojan horse slips past your defenses despite your best efforts, your best bet is to download HijackThis. It can help detect problems that other malware detectors can't find, and then will advise you about what to do.

Unlike most other antimalware software, HijackThis doesn't automatically detect dangerous software. Instead, it looks deeply into your system's Registry and into other nooks and crannies that are likely to be infected, and then saves its results to a log file. You then post the log file to the HijackThis Web site for experts to examine; they take a look, let you know if your system is infected, and then tell you how to fix the problem. There are plenty of similar discussion areas where experts congregate on the Internet; to find them, run a Google search.

Download HijackThis | Price: Free

Browsing Privacy and Security

Looking for multipurpose tools for protecting your privacy and security? The following three can help you surf anonymously, avoid trouble at wireless hot spots, and receive alerts about certain sites that may host malware designed to invade your privacy.

Tor

A surprising amount of information about you can be gathered as you surf the Web--including the operating system you use, the sites you've visited recently, your geographic location, and possibly your company (based on your IP address).

To keep these pieces of information private, try Tor, a free program that protects your anonymity as you surf. Tor takes all of your Internet communications, including instant messaging and other Internet applications, and sends them around a large network of "onion" routers that are Tor servers, making it impossible for sites or people to invade your privacy.

The Tor download includes other software that you need for maintaining your privacy--notably Privoxy, a proxy program. The programs work well together; and because the software self-configures, they are simple to use. Tor runs in your system tray. To become anonymous, right-click the icon and choose Start. From that point on, you'll be anonymous. To stop surfing anonymously, right-click again and choose Stop. You can even change your Tor identity for maximum cloaking.

Download Tor | Price: Free

Hotspot Shield

Some of the most nefarious online dangers arise when you're away from your home or office: Wi-Fi hacking and snooping. In a hotspot at a public location, a bad guy can set up a sniffer to snoop on all the data sent by everyone nearby. The snoop can see all of the information you send and receive over the Internet, including your user names and passwords.

Hotspot Shield sets up a virtual private network (VPN) for you and encrypts all of your data so that it can't be read. It works in much the same way as the VPNs that companies use for their remote employees.

Hotspot Shield is quite simple to install, set up, and use, with one caveat: During the installation process, you must make sure not to let the Dealio toolbar be installed. It's adware that has nothing to do with how the program works, so choosing not to install it won't have any adverse effects. When you first launch the program, your default browser will launch and display an ad. But you can close that window and continue to surf safely.

Download Hotspot Shield | Price: Free

McAfee Site Advisor for Firefox

One of the best ways to protect your privacy is to avoid getting infected by malware. These days, most people get infected by downloading infected software or by visiting a Web site that installs malware without their knowledge. So you'd like to know whether a site you visit is likely to infect you directly or to harbor malware.

With so many thousands of Web sites, though, how can you know which ones are safe and which ones aren't? MacAfee SiteAdvisor does a great job of letting you know. Perform a search in Google or Yahoo, and in each of the search results you'll see an icon that rates the safety of the site. A red X warns you that it's a dangerous sites; a green check means that it's safe; and a yellow exclamation mark means that it's questionable.

Hover your mouse directly over the icon, and a pop-up will appear, informing you of what might be dangerous about the site. It details whether the site has dangerous downloads, whether the site sends spam to you if you register on it, and whether the site includes links to other sites that are known to be dangerous. To get even more information, click More Info on the pop-up, and you'll receive a detailed list of the dangerous downloads, as well as what malware or adware infects the site.

Best of all, Site Advisor works when you browse sites, too. The software displays a small icon at the bottom of the screen as you surf. The icon warns you when you hit a dangerous site.

Download McAfee Site Advisor for Firefox | Price: Free

Firefox Add-Ons

One great thing about Firefox is the large number of add-ons available to improve your browsing experience. The options include plenty of privacy-related add-ons. These three are among the best.

NoScript

The Web is built on interactivity, but those wonderful interactive features can be used to attack and damage your PC. JavaScript, plug-ins, Java, and other kinds of scripts and code on Web sites are hazardous. But here's the problem: If you turn them off completely, you lose some of the nicest things on the Web; and if you keep them, you expose yourself to danger.


For Firefox users there's a simple answer: a free extension called NoScript. NoScript lets you turn scripts, plug-ins, and other interactive elements on or off at will, leaving them turned on at some Web sites and turned off at others. It protects against dangerous cross-site scripting attacks, too.

The extension offers a remarkable amount of control, permitting you to customize which scripts and extensions to allow on a per-site basis. You can also block sites temporarily or permanently on each site.

Download NoScript | Price: Free

WOT

This Firefox add-in works in much the same way as the McAfee Site Advisor. WOT rates sites according to their privacy, security, and trustworthiness, from Excellent reputation to Very Poor reputation, and it displays an icon next to the Address Bar indicating how it rates a particular site. As you search, you'll be able to see the icon as well, so that you can decide before visiting a site whether you want to go there.

Download WOT | Price: Free

Secure Login

Little surprise that Secure Login provides a way to log you in to Web sites securely. It integrates with Firefox's password list--so when you visit a site, you can log in by clicking a button instead of having to type in your user name and password. Beyond that, Secure Login keeps your passwords safe in various ways. It stops any malicious JavaScript code from stealing your password, and it can block other password-stealing attacks, such as cross-site scripting (XSS) attacks.

Download Secure Login | Price: Free


Malicious Hackers Use Facebook Wall for Malware Attack

http://www.pcworld.com/article/149559/2008/08/.html?tk=rss_news

Facebook users are being targeted by malicious hackers through postings on the popular Wall section of the social-networking site, security company

Sophos said Thursday.

The Wall, a core feature of Facebook profile pages, is used by members to leave each other messages that in addition to text can also contain photos, videos, music and links to Web sites.

The malware attack comes in the form of a Wall message supposedly posted by a friend that urges members to click on a link to view a video on a Web site supposedly hosted by Google, said Graham Cluley, senior technology consultant for Sophos.

However, the link takes users to a Web page that isn't hosted by Google, where they are told they need a new version of Adobe's Flash player and are urged to download an executable file to watch the video.

The file is really a Trojan horse, Troj/Dloadr-BPL, that funnels other malicious code detected as Troj/Agent-HJX into users' machines. Once it has done that, it displays an image of a court jester sticking his tongue out.

While on the surface this might seem a practical joke from a friend, in reality it means the PC has been compromised and malicious hackers have gained control over it to use it for a variety of purposes, such as sending spam or distributing malware. "They now own your PC," Cluley said.

Malicious hackers have been employing this malware distribution technique for many years on e-mail messages, so many users know to avoid these traps. However, people may be less vigilant in more closed and controlled environments such as social-networking sites.

For example, in this case, the malicious Wall message is masked as coming from someone on the user's list of Facebook friends, increasing the likelihood that the link will be clicked on. "Be very suspicious of Wall postings asking you to click on a link to go watch a video," he said.

The friend whose name appears with the video has had his PC or Facebook account compromised in some way that lets malicious hackers perform actions without the friend's knowledge. It's possible that the affected friend previously fell for the "court jester" trap, and his PC and Facebook accounts are being used to propagate the scheme, he said.

The attack is the latest in a rising trend of malicious hackers using social-networking sites to distribute malware. These sites offer an attractive distribution channel because people feel safer and are more willing to follow links and perform actions if they think a friend is urging them to do so. In fact, it could be a malicious hacker posing as a friend,

If people click on a third-party Web site link and a message pops up asking them to download software into their machines, they should never go ahead with the software download. If they feel they should upgrade their Flash player, they should do so only from Adobe's Web site, Cluley said.

The news is also relevant for IT departments of companies where employees are allowed to use Facebook at work, Sophos said. Given the wide popularity of social networking for personal and business communications, IT managers should draft policies regarding the proper use of these sites by employees, Sophos said. IT managers should also consider whether they need additional security wares if they decide to allow these sites to be accessed from the office.

"The users inside your company may be more willing to click on a link in a Facebook Wall message than they would in a corporate e-mail," he said.

For example, many IT departments have installed products that scan e-mail traffic to intercept malware and spam, but with many Web sites now being used to host malware, it's a good idea to also install a security device that scans all office Web traffic and any software downloads that employees attempt to make.

So far, the Facebook Wall attack seems to target Windows PCs and laptops.

Facebook, which has about 80 million active users worldwide, didn't immediately reply to a request for comment.

The prompt to download an upgraded Flash player is apparently becoming popular with malicious hackers. This week, Adobe posted its own alert warning people not to fall for this trick. Apparently, the bogus Flash message is part of other malware attacks that use microblogging site Twitter and other social sites.

Last week, security company Kaspersky Lab warned of new worms targeting MySpace and Facebook users via automatically generated comments and messages to those on their lists of friends.

Garfield

உலக வெப்பமெற


கடைசி எச்சரிக்கை அண்ணாச்சிக்களுக்கு..

முதலில் தாத்தாக்கள் காலம் பசுமை கொஞ்சும் கிராமங்கள், காற்றோட்டமான ஓட்டு வீடுகள்,எளிமையான் அரிக்கேன் விளக்கு வெளிச்சம், வெளியிடங்களுக்கு செல்ல வில்வண்டி

மனித உழைப்பு சார்ந்த இயற்கை விவசாயம்
கலப்படமற்ற வீரிய விதைகள் விளைச்சலோ அபாரம்!
உணவில் தன்னிறைவு.செய்யும் தொழில் சார்ந்த ஜாதி பிரிவுகள் இருந்த போதும், சண்டையில்லா சமரச சந்தன நறுமணம் தவழ்ந்த காலம்.

அடுத்தது அமைதி தாத்தாகளின் மகன்கள் காலம்..

மெல்ல மெல்ல அறிவியல் கண்டுபிடிப்புகளின் தாக்கம்.
கல்வி கேள்விகளின் நாகரிகத்தில் நல்ல வளர்ச்சி.

பகுத்தறிவு பிரச்சாரங்கள் மலர்ந்த நேரம்.

விவசாயத்தில் செயற்கை உரங்கள், இரசாயன பூச்சி கொல்லி மருந்துகள், இயந்திரங்கள் ஆகியவற்றின் படையெடுப்பு.

உணவு உற்பத்தி வாய்க்கும்-கைக்குமான நிலை

மத-ஜாதி-இன சண்டைகள் தோன்றி மனித உயிர்கள் காவு கொடுக்கபடல் தொடக்கம்.

இயற்கை சூழல் கெடத்தொடங்குகிறது. புதுப்புது நோய்களின் ஆலவட்டம்.

ஆங்கில மருந்துகளின் புற்றீசல் வளர்ச்சி.

ஓட்டு வீடுகள் கான்கிரிட் விடுகளாக உறுமாற்றம்.
வெளிச்சம் போச்சு, காற்றும் போச்சு, ஆரோக்கியமும் போச்சு..


போக்குவரத்தில் கரும்புகைகக்கும் வாகன தானியங்கி ஊர்திகளின் ஊர்வலங்கள்.
மனித நேயம் மெல்ல மெல்ல சுயநலத்தால் ருசிக்க படத்துவக்கம்.

கூட்டு குடும்பங்களின் சிதைவின் தொடக்கம்
அமைதி மறைந்து இருக்குமான் அசாதாரண சுழ்நிலை.

மின்விசிறி, தொலைக்காட்சி, தொலைபேசி, இருசக்கிரவாகனம் போன்ற வசதிப்படைத்தோரை போன பிறவியில் பூண்ணியம் பண்ணிய ஆத்மாக்கள் என பாராட்டபட்ட காலம்.

அடுத்து தாத்தாவின் பேரன்கள் வாழும் ஐ.டி காலம்..


பரப்பரப்பு நிறைந்தது..பாதுக்காப்பு அற்றது..பகட்டா மட்டும் தெரியுது..கைநிறைய வருமானம்..கவலையற்ற களிப்பு வாழ்வு..
கடனை உடனை வாங்கி கண்ணில் காணும் பொருட்களையெல்லாம் வாங்கிக் குவிக்கும் மனோபாவம்..

நடுத்தரவயது மக்களின் நிரந்திரமாக குடியேறிவிட்ட நச்சு பாம்புகளாம் சக்கரை வியாதி,இரத்தக் கொதிப்பு..
தண்ணீர் பாட்டீலோடு அலையும் மக்கள் ஒரு பக்கம், மூக்கு கவசத்துடன் தடதடக்கும் பூகை கக்கும்
வாகன தேரோட்டிகள்..

எந்த குண்டு எங்கு வெடிக்குமோ எனும் பதைபதைப்பு..சொந்த இனத்தையே துண்டு-துண்டாய் பிய்த்து எறியும் பயங்கரவாத்தின் கொடூங்கரங்கள்..

அடுத்த வீட்டுக்காரைன் பெயர் தெரியாத அடுக்குமாடி குடியிருப்புகளில் வாழ்க்கையின் தொடக்கம்.
நடுத்திரவர்க்கத்தின் மாதவருமானம் பெருக்கத்தால் வீட்டிற்கு இரண்டுக்கும் மேற்பட்ட நான்கு சக்கர வாகனங்கள்.
காலை நடைபயிற்சிக்கு கூட கார்களில் வரும் பருத்த தேக சொந்தங்கள்.

எங்கும் கன்சூமரிசம் எதிலும் கன்சூமரசியம்.

குடிக்கும் தண்ணீர் சாயப் பட்டறைகளால் கெட்டுப்போச்சு
ஆலைகள் வெளியிடும் நச்சுப் புகை
ஒவ்வாமை நோய்களின் ஆட்சி

சுவாசிக்கும் காற்று மாசுபட்டுப் போச்சு.

பூமிப்பந்தில் மேல்பரப்பின் வெப்பம் ஆண்டுக்கு ஆண்டுக்கு அதிகரித்துக் கொண்டே போகிறது.
சூரியனிமிருந்து மனித இனத்தைக் காக்க இயற்கை கொடுத்த் ஓசோன் அடுக்கில் ஓட்டை

இதனால்

1.திடீர் வெள்ளப் பெருக்கு
2,.சுழற்றி அடிக்கும் சூறாவளிகள்
3புரட்டிப் போடும் புயலகள்
4.க்டும் வறட்சி
5.குறைவான மழை
6.வெப்ப நோய்களின் படையெடுப்பு
7.உணவுப்பற்றாக்குறை
8.நிலப் பகுதியை முழுங்கும் கடல்களின் சீற்றம்.
9.பனிப்பாறைகள் வேகமாய் உருகும் தன்மை.
10.மனித இனமே அழியும் அபாயம்.


அனைவருக்கும் ஒரு அன்பான வேண்டுகோள்

பயங்கரவாதத்தை விட மனித இனத்திற்கு அதிக அழிவைத்தர காத்திருக்கும் "குளோபல் வார்மிங்" பற்றிய


விழிப்புணர்வுக்காக இன்று ( 08-08-08) இரவு எட்டு மணிக்கு எட்டு நிமிடங்கள் மின்சார
விளக்குகளையும்,மின் சாதனங்களையும் உபயோகிப்பதை முற்றிலும் தவிர்ப்போம்.!








உலகின் வெப்பமயமாதலின் தீமைகளை எதிர்க்க அணி திரள்வோம்!
ஒன்றுபடுவோம்!
போராடுவோம்!
தியாகம் செய்வோம்!

மனிதம் காப்போம்!
மானுடம் காப்போம்!
-
கோவை விஜய் - திருமலை
http://pugaippezhai.blogspot.com/

How to Get files from the directory - One more method

 import os import openpyxl # Specify the target folder folder_path = "C:/Your/Target/Folder"  # Replace with the actual path # Cre...