Arun Marballi

By ARUN MARBALLI

Computer obsolescence! At the rate technology changes, increasingly sophisticated software leveraging the performance capabilities of the latest hardware are forcing obsolescence on our computers and driving us to replace them more or less once every three years. When we do succumb to the pressures and obtain a new computer, what do we do with our older computer and attached equipment – printers, monitors, keyboards and mouses (or should I say mice)? Whatever you do, do not just put your old and unused computer out at the curbside with the trash – the county waste management will not pick it up – someone less desirable might. The answer is computer and associated equipment recycling. Depending on the age and condition of the equipment, the computer (including equipment) could be donated for a tax-deduction or taken to the County Electronics and Hazardous Materials Recycling Center. In either case, it behooves us to make sure that our personal data stored on the computers hard drive should be erased. If the computer is so old that donating it makes no sense, take the hard drive out of the computer, physically destroy it (perhaps by drilling holes through it) and then take it to the recycling center.

Sometimes, for one or more reasons, we may choose to or need to replace our computer’s hard drive. Whenever this course of action becomes necessary, the above caveat for ensuring the erasure of personal data from the old hard drive still obtains. Failure to do so may result in your finding yourself in the same predicament as the Ohio couple that had their hard drive replaced at a Best Buy in Cincinnati and failed to retrieve their old hard drive after replacement; only to get a call from a man in Chicago – a complete stranger – informing them that he had traced them based on the data he had found on a hard drive he purchased at a flea market!

Continuing on the theme of data protection, a new breed of malicious software has surfaced recently in the UK and it is just a question of time before it makes its presence felt here in the U.S. It is called ransomware and as the name suggests, it is unleashed by unscrupulous net denizens on unsuspecting computer users for demanding ransom by taking hostage their – you guessed it – personal data stored on the computer. The mechanics of how this data hijacking is done involves a virus being downloaded from the web and this virus then moves all data files (word processing documents, spreadsheets, text files, etc.) into a password-protected folder and informing the user that they need to either buy something or send money somewhere in order to receive a 30-character password to restore their data files. The virus causing this havoc has been identified as the Archiveus Trojan and the password for unlocking the data that it has locked up has been determined to be a string of the following 38 characters “mf2lro8sw03ufvnsq034jfowr18f3cszc20vmw.”

Further to data hijacking, consider the even more insidious trend of browser hijacking. This appears to be one of the more recent trends and involves compromising the web browser on an unsuspecting user’s computer with what is called a “safety browser.” Once installed, this software directs the user to a site that loads spyware onto the PC. This web attack is currently targeted at the users of Yahoo! Messenger via a self-propagating instant messenger worm dubbed yhoo32-explr. Unfortunately, once installed, “Safety Browser” cannot be easily uninstalled and compromised PCs will need a “good hosing down,” say security experts.

And once again, this month we have our usual consignment of software updates. Perhaps the most important ones being the dozen security-fixes that Microsoft released on June 13, 2006. These releases address issues discovered in the Windows software as well as certain Office components and the Outlook Exchange Server software. Additionally, these updates will permanently alter the way Internet Explorer handles certain Web software components called ActiveX controls. If you have not already done so, please update your Windows PC as soon as possible. The importance of this cannot be stressed more because less than 24 hours after Microsoft announced these updates, there were already numerous proof-of-concept exploits (prototype viruses that exploit the software vulnerability being addressed) posted on the Internet. In early June, Microsoft had released an update to a security problem that was discovered in Word.

Arun Marballi has worked in the Information Technology arena for more than 20 years with extensive experience in software development, process design and network/workstation management. For comments, questions, tips or suggestions, e-mail [email protected].

Home

Anything that appears in Khaas Baat cannot be reproduced, whether wholly or in part, without permission. Opinions expressed by Khaas Baat contributors are their own and do not reflect the publisher's opinion.