« Posts under Technology News

Windows 7 Beta crashing when installing software

January 19, 2009 / posted in Windows 7 / No Comments

A fair number of people have reported that Windows 7 Beta has been crashing when trying to install software using a MSI (Microsoft Installer) based installer. This seems to be happening alot when using Windows Update function.

The culprit has been discovered & it is Microsoft’s Customer Experience Improvement Program (CEIP). There is a fix available and it is discribed below. However the only issue with this fix is that it will disable the CEIP which Beta testers use to report bugs to MS. If you do use this fix I suggest you keep a eye out for mMS update that fixes it.

The fix involves changing your registry on your Windows 7 machine. As I write this I am going through the steps.

  • This all needs to run under Administrator rights so log into the Admin account
  • Open up the start menu and type run into the search, and click “Run”
  • Type regedit into the command, this will run registry editor
  • Go to HKEY_LOCAL_MACHINE/SOFTWARE/MICROSOFT/SQMClient/Windows/DisabledSessions
  • You then need to delete all values in here EXCEPT the default one
  • Go to the “Run” command again
  • Type gpedit.msc into the command, this will run the Group Policy editor
  • Go into Computer Configuration/Administrative Templates/System/Internet Communication Management/Internet Communication settings
  • Double click “Turn off Windows Customer Experience Improvement Program
  • In the new window click “Enabled”, and “Apply”, and “OK”

This will disable the data that you send to MS, but if it is stopping you from installing software its advisable to do it. I would follow these steps. Then insall what you need to & then re-enable the CEIP. Hopefully MS will produce a fix for this, but in the time being this is the only way round it.

This is a more in depth step through that was provided by chris123nt.

New Phishing attack hitting the web…

January 18, 2009 / posted in Browsers, Security, Technology News / No Comments

There is a new phishing attack that is hitting hitting the web and its a pretty clever one!!

Most phishing attacks up until now have been in the form of a e-mail sent to a potential victim saying, for example, that your bank needs you to verify some information. It provides you with a link to a dummy page that looks exactly like your bank log in but when you enter your details it sends them off to someone who will put them to good use…for them….

Most people having become aware of these & know to just delete them, most end up in your Spam / Junk folder anyway. So this new attack has taken phishing to a cunning new level, again praying on peoples bad web habits.

This is how the attack works:

  • You log on to your banks website & do whatever your need to
  • When you’re done you visit another website without logging out
  • However this website has been compromised with malware
  • This malware causes a pop up box to appear asking you to log in
  • You haven’t logged out so you think its your bank website
  • You enter your log in details, and then its bye bye money!!

What makes this attack really effective is the way that it determines when to trigger the pop up. There is a flaw in the JavaScript engine of all of the major web browsers (this is probably already being / been fixed so update your browser now) that means when you visit sites that use a particular JavaScript function it leaves a digital footprint behind for that site when your logged in.

The malware on a compromised site can then ask the browser what sites the user is currently logged into. If it is logged into a site that it is interested in then it can inject a pop up message that looks like it is from the original site and the user is none the wiser as they enter their details.

So there are several things that you can do to avoid this sort of problem. The most important is to log out of sites that hold sensitive information about you (e.g. Banking websites) as soon as you are finished with them. Also be very wary of pop up messages. No banking website will do this, it will simply time out and you will have to log in again through their main page.

Something else to bear in mind is that as of May 2008 68% of malware invested sites were legitimate. There is a common misconception that you can only pick up malware from visiting Warez, Porn, or through Peer 2 Peer software. This is not the case! Yes these are places you want to avoid, but legit sites are also vulnerable so keep your firewall & anti-virus up to date.

Thanks to ZDNet for this information…

UK E-Mail details to be stored

January 10, 2009 / posted in Technology News / No Comments

From 15th March 2009 all details of all emails sent or received in the UK will be stored….

This is being facilitated by the ISPs (Internet Service Providers) in the UK, who from 15th March will be legally bound to store this information. The ISPs are going to be considering well paid for setting up & providing this server. What is being stored is unclear at the moment but apparently the content of the email is not being kept. So looks like it will be the sender, the receiver, time, and other details being kept for 1 year before its discarded (apparently). But in case they are going to be storing email content I would suggest Pretty Good Privacy encryption (HOW TO coming soon) but you can just Google it as well.

The information being kept will then be available for over 600 public bodies when they make a valid request for it. What exactly is a valid request for information on your private emails? Will these be sold for advertising? Who knows!!

This whole scheme is because the UK has been told to do so by a European Commission directive. Brussels says violate your citizens privacy, so we have our privacy violated.

There have been quite a few a complaints against this new initiative including the Human Rights group “Liberty” & the Earl of Northesk who has a seat in the House of Lords on the Science & Technology Committee.

“Under Article 8 of the European Convention on Human Rights, privacy is a fundamental right… it is important to protect the principle of privacy because once you’ve lost it, it’s very difficult to recover.”

More details & the source of my information can be found on the BBC News site in the Technology section. The views expressed in this article are my own.

Microsoft release IE8 auto-update blocking tool

January 8, 2009 / posted in Browsers, Technology News / No Comments

With Microsoft looking to release IE8 over their automatic updates in the not too distant future they have released a blocking tool that will stop it being downloaded automatically and allows you to keep using IE7 for as long as you want.

The toolkit can be found on Microsofts website here.