Why is Internet Explorer security such a challenge?

Link Posted on

This is the best brief primer on IE vulnerabilities and browser/internet exploits that I’ve seen in awhile.

It also contains some great advice for the IT pro and the typical user as well. Don’t forget to click the links within the article if you don’t understand something. F’rinstance: I didn’t know what a ‘Zero-Day Exploit‘ was.

I’m Testing These Methods… #tgdn #tcot

Link Posted on

I’m Testing These Methods… #tgdn #tcot

…for my homies in the conservative/classic liberal/libertarian sphere.  There’s a lot of ways to track us…let’s not make it easy for them.

Remember, however, that there is a fine line between being ‘surveilled’ and browser functionality.  I’m testing most of these addons and settings to make sure you can get around the web without a lot of websites spitting venom at you.

When I’ve used them for awhile, I’ll report back.  If you feel adventurous, go for it yourself…use the recommended addons…however remember that it will alter your browsing experience.  Please leave comments here on my blog at this post and let me know if you tried these methods for a decent period of time (at least a week)  B$

He’s Dead, Jim

Posted on

I tried TWICE to resurrect my old NVidia GTS 250 display card.  The only thing wrong was that the GPU was overheating.  So TWICE, I removed the card, took off the GPU cooling fan, cleaned off the old thermal paste and reapplied new thermal paste and cranked it back down on the GPU. And before you ask: YES…the fan was working!  lol

Sigh.  He’s Dead, Jim.

Still, the GPU would climb to 60C+ and then start flaking out.  This graphics card carried me through so many World of Warcraft adventures…I feel genuinely sad at the loss of this stalwart companion.  Eh…you get attached; what can I say?

While I was at it, I found a used CPU (yeah…USED!) from Amazon that maxed out what my old MOBO could handle and was $100 less than a new one!  I also added another 4G of memory & a solid state hard drive.  With the exception of the new/old CPU and memory, I tried to buy an SSD boot drive, graphics card & CPU heat sink that would translate over when I create my so-called “GODBOX” workstation planned for later this year.

Specific Info for your perusal:

  • Motherboard: ASUS P5P43TD (base model) …its about 4 years old now I think.  T’was ‘Bleeding Edge’ back then.
  • Old CPU: Intel Core Duo E5200, 2.5 “Snail -a- Hertz”.  Again: a good friend but past his/her prime. (Not sure of CPU’s gender but I believe it to be male since it was not temperamental at all during it’s tenure.) <grin>
  • New CPU: Intel Core 2 Quad Q9650 at 3.0GHz …not overclocking…I have too much work to do right now…no time to EFF around.  Still about 4-times faster than the E5200!
  • Memory: USED Crucial 4GB Kit (2GBx2) DDR3 1333 MT/s (PC3-10600) CL9 Unbuffered UDIMM 240-Pin bringing total RAM to 8GB. Cheapest I could find on Amazon.
  • New Solid State Drive: Crucial M500 240GB  …I put the Micron version of this drive in my wife’s i7 monster and they are at a discount now so go get ’em…they are fast and reliable!
  • Graphics Card: I intend on getting two highest-end cards and SLI-ing the sh** out of them in my future box.  In the meantime, I went for an MSI N650-2GD5/OC for just over a C-note.  Enough for me to create videos for my blog, run WoW, etc. but not so expensive as to invite the wrath of she-who-must-not-be-named.
  • CPU Cooling: After the GPU cooling fiasco, there was NO EFF-ING WAY I was going to rely on a boxed CPU cooler on a processor that burns at 95W (I have three new Intel coolers just taking up space in the garage).  I originally purchased a Cooler Master GeminII M4 via Amazon but one of the mounting brackets it came with had the wrong size (too large) holes drilled into it so I couldn’t attach it.  RMA-Baby…this is why I do business with …they have returns down to a flippin’ science.  Desperate for a NOW NOW NOW replacement, I went to Fry’s Electronics in Roseville, CA and purchased a Cooler Master Hyper N520.  Uh…talk about overkill, lol.  the Q9650 CPU puts out 95W…the Hyper N520 can handle up to 300W. lolol.  Sexy overkill.
    • You might also question why I purchased a Cooler Master brand product after getting BONED by them on the first cooler. Answer: Of all the coolers available at Fry’s, this one met all of what I wanted and could fit into my old Antec case.  I crossed my fingers and got lucky this time.  But I want it on the record that Cooler Master is on my “watchlist” for the time being.  If you’re Hyper N520 had not been such a beautiful beast, you would have been dead to me for your lack of Quality Control with the GeminII M4.  You are on NOTICE, Cooler Master.

Lessons Learned:

  • No matter how much you love them, people & things you love die. (All Things Must Pass).
  • All things being equal, don’t be so quick to blame, or SPEND AN EXCESSIVE AMOUNT OF YOUR PRECIOUS TIME BLAMING… {wait for it} …the NVidia Display Drivers.
  • CoolerMaster CPU Coolers – in this case the CoolerMaster GeminII M4 – sometimes come with the wrong parts that render it useless.
  • Cooler Master CPU Coolers – ALL OF THEM – come with instructions that assume you install them about twice-a-week and already know how to do it right the first time.
  • I purchased an MSI replacement Graphics card on the basis of downloading their MSI Afterburner utility during the troubleshooting of my old board.
    • They put so much effort into that utility that I concluded they deserved a chance at my business.
  • Two free utilities that stood out during this upgrade:
    • MSI Afterburner
    • SpeedFan
    • They’re good enough to sell…in the case of Afterburner, it lead me to purchase an MSI graphics board.
  • Downloading free or even TRIAL utilities has become a battle of not installing what is popularly called “foistware“.  The junk that gets installed unless you very carefully navigate through the dialogs during download and then again during installation. Prominent among this crap is AVG Virus Protection/toolbar.  If I see any of their marketing people on the street I’ll kick their asses.
    • For the most part, I found the most hassle free download of utilities from  Still got some foistware from filehippo…just not as much as the others.  Of course, you can always trust for open source stuff without hassle…just that damn IBM advert while waiting for your download to begin.

Well…there is my experience out in the open for you to benefit upon & criticize.  There are a LOT of links in this post because there’s a lot of reference material if you want to actually understand this stuff.  I hope you all now go out and do stuff that has nothing whatsoever to do with computers. <smile>


‘Tis The Season To Be Phishin’, Fa-La-La-La-La La-La-La-La!

Posted on Updated on

Here’s my semi-annual warning to my fellow IT clowns and others that actually give a sh**:

In a higher-education setting, phishers tend to bring on their waves of false emails during the beginning and end of Summer.

  • They do this to get the ‘noobs’ that are first enrolling (end of Summer) and perhaps this is their first REALLY REAL email address ever from a targeted institution (uh…like ALL of them are targeted, actually).
  • The beginning of summer brings on new staff, faculty and a good amount of visiting faculty that are not expecting the Petri dish that defines the typical university environment.

We have just been subjected to some very, VERY targeted phishing emails and I’d just like to warn you that the ‘Beginning of Summer’ season for phishing HAS arrived. These bastards are getting very sophisticated. One email even has a link to a website that is named after our authentication system!

There’s ways of preventing the ‘ANAL-ity’ that is the result of successful phishing:

  • Good, updated virus protection with a malware and web-interception capability. We use Sophos (the NOT FREE version) …Microsoft Security Essentials, MSE (free software) has rudimentary protection for those systems running Win 7 and below. Windows Defender (comes with Win8) is used for the newest versions of Windows.
  • But REMEMBER that what you REALLY need is protection from yourself: If you click on the link and your anti-web-clicking-oh-my-God software doesn’t protect you or isn’t installed, you may be directed to a site that will ask you for login and password information. Or, the link itself may try and introduce a bad, nasty and persistent piece of code into your computer.

This piece of knowledge can save your ass: IT professionals are demigods in your network. They don’t need or want your passwords. They will refuse to take your password and if you force it on them they should ORDER you to change your password or block your access to their network if you don’t change it.

*If you click a link and it asks for ANYTHING about your logins, passwords or personal info you should immediately move away from your computer keyboard with your hands up, don a condom (male computer users only), wash your hands up to your elbows and then go straight to your IT personnel and tell them.  Uh…you don’t have to PROVE you put on the condom, though. <smile>


*That is a joke.  What you really must do is forward the email (without clicking any of the links) to your IT Helpdesk ASAP.

Stopping Fake Anti-Virus: Keeping scareware off your network

Posted on Updated on

Fake AV, or Fake Anti-Virus, is one of the most frequently-encountered and persistent threats on the web today. This malware uses social engineering to lure users to malicious sites and scares them into paying for fake threat removal tools. How can you stop this threat from infecting your network and users? Join this live Webcast featuring Richard Wang, Director of Threat Research at Sophos to learn why fake anti-virus is so popular with cybercriminals and how you can keep fake AV out of your network.

via Stopping Fake Anti-Virus: Keeping scareware off your network.