Browser Tabs…Friend or Foe?

I’ve written about many of the threats that we face on the internet in many of my past posts. Quite frankly, it just seems to never end. Thankfully, due to the blog-o-sphere, many of us are now aware of what to look for. Phishing, spear phishing, man in the middle, etc. are all terms that, in the very recent past, may not have been familiar to many of us. Because of this fact, many are now aware of the attacks, what to look for, and how to prevent them. As a result, the hackers are forced to come up with new and more devious methods of stealing your personal information. Well they have done it again.

In the past phishing scams have required you to click on links in a malicious email from someone pretenting to be you bank and asking for your personal information in order to fix a “problem with your account”. When you click on the link, it directs you to fake site that will look very much like your bank’s web page, and once you fill in the ‘User Name’ and ‘Password’, you have given away your personal banking log in credentials. But as I said earlier, users are becoming more and more aware of these phishing scams and the use of them is becoming less and less effective.

Tab Napping, or Tab Hijacking is fast becoming the new scourge of our browsing woes according to Aza Raskin, a security expert on Mozilla’s Firefox Web Browser Team. Extra special care is going to be needed when using our browsers, especially if you are prone to using numerous tabs at one time.

This is how it works…..

A hacker can actually detect when a tab, in your browser, has been left idle for a long period of time. By replacing that tab with a fake website that looks just like a real site, such as your banking site, they will ask you to reauthorize your credentials by entering your User Name and Password. Knowing that your bank will often do this when your account has been idle for a period of time, you don’t think anything of it and re-enter your credentials. At that point, they now have your personal banking log on information. They can then actually redirect you to your actual banking site, as you never were really logged out to begin with. Plus, the damage has already been done. By doing this, you will never even realize that you have just had your banking information stolen.

How Can I Protect Myself From Tab Napping?

Even though this is a serious problem, being aware of the signs, can make this a relatively simple thing to avoid.

First off, as always, before entering your personal credentials to any website, look at the actual Uniform Resource Locator (URL) for the page that you are on, and make sure that you are, in fact, where you think you are.

Secondly, while glancing at that URL, make sure that you are on a secure page, one that begins with https:// and not just http://. Never enter any personal information on a page that begins with only http://.

Thirdly, whenever doing any banking, instead of opening a new tab (Ctrl-t) in your browser, open a new window, (Ctrl-n) for your banking log on. This way only one tab will be open in that window, confusion will be less likely, and tab inactivity will be avoided.

Next, avoid leaving tabs open that are asking for your log in credentials. Always close log in pages to your bank, ecommerce sites, or any other site that is looking for any personal identifying information. You can always re-open these pages should you need them again.

I think that making sure you are where you think you are is the most important thing in avoiding these phishing scams. Before entering any personal information on any site, look at that URL and make sure that it is actually from the company or institution in which your are logging into. If unsure of how to do this, check out my two part post on Uniform Resource Locators by clicking HERE and HERE.

Don’t Forget!!!

It has been a few days now since Patch Tuesday.  The second Tuesday of every month when Microsoft releases the updates for Windows and the MSRT (Malicious Software Removal Tool).  So if you have not got your Windows Updates by now it means that you do not have “Automatic Updates” turned on and you need to update your computer manually.  To do this you can type http://www.update.microsoft.com in the URL bar and run the updates manually.  Remember, you need to do this from Internet Explorer as other browsers like Firefox, Safari, and Opera will not load the page from Microsoft. If “Automatic Update” is not turned on, you should do that now to ensure that you do not miss any updates or not get an “out of sequence” update should one arise.  To turn auto update on, just go to your Control Panel, and select “Automatic Updates” and turn it on.  It is that simple.

Now since we are on the subject of updating our computers, there were a couple of critical browser updates also.  For Firefox users, Mozilla released a critical update that patches a zero day exploit.  It is very important that you update the browser.  To do so, open up Firefox, click on “Help”, and select “Check for Updates”.  Firefox will do the rest. You should update to version 3.5.1 and you will need to restart the browser after it has updated.  Don’t worry, if you have multiple tabs open, Firefox will restore them after the restart.  If you do not update to 3.5.1, then repeat these steps until you do get the most current version.

For Google Chrome users, you also have a new update that, like Firefox, also patches a zero day exploit that has been labeled as critical.  To get the update, you need to click on the settings selection.  This is a little icon on the right side of the browser page that looks like a wrench.  Select that icon and then click on the “About Google Chrome” option and Chrome will do the rest.  It will automatically search for any available updates.  You should be at version 2.0.172.37, so if that is not the update that you get, keep repeating the update until Chrome updates to that version.

One more thing……Why not take today and run your backups!!!  Click HERE for more information on backing up your data!!!

Happy Computing!!!

Microsoft vs. Google (vs. Apple)

This is certainly shaping up to be an epic battle of major proportion and of having grave (or great) consequences for the end user, namely you and me.  On one side, you have Google, the advertising and search titan of the internet.  The other side, you have Microsoft, the software giant who has given us the operating systems in which the majority of all people, on this great planet, are utilizing for their computer and web interactions.  For the most part, the two of them have been pretty content to leave the other alone.  But in these changing times, like a lot of things, this distant relationship between the two is changing.  For better or worse, it appears that the two technology “Gods” are now butting heads.

Let’s start with Microsoft.  Their web browser, Internet Explorer, has been winning the lion’s share of the browsing market for, what seems like, forever.  Between all the different iterations of their browser, they have been eating up almost 70% of all browser use.  It is true that their current version (IE8) is not gaining, in fact it is losing to other browsers, like Firefox, and Safari.  Well, in steps Google.  Seeing a vulnerability, Google launches a new browser…..Google Chrome.  This browser is innovative, and quite frankly, kicks Internet Explorers “nether areas”.  Chrome has revolutionized the way tabbed browsing is supposed to work.  It’s tabs are created in a way so that if one crashes, it will not bring down the entire browser, but only the tab that has crashed.  Along with that, Google Chrome’s JavaScript rendering engine is second to none, making it the fastest browser on the web.  It also incorporated a cool feature in which the “Search Bar” and the “URL Bar” are combined into one field.  Meaning Chrome will distinguish whether you are typing a general search or a specific URL all within the same field. So who has won the battle between Google and Microsoft in the terms of browsers…….I give this one to Google.  Don’t count MS out though, as they know there is a problem……look for “Gazelle” in 2010.

Windows has dominated the Operating System market for as long as I can remember.  Now, in it’s early stages, it was a really difficult thing to make work.  Windows 95 was problematic at best.  Win98 was better, but not great.  Windows 2000 was, by far, their best OS of the time.  Then came Windows ME, this was kind of a push to get XP released and Microsoft seems to have just thrown something out there, so as to get a new release.  It was a disaster, probably the worst release they ever made.  Then came XP, even with all it’s shortcomings, it was not a bad OS.  Notice I said “was” as, although a lot of people are still using it, is really now obsolete.  So, five years later came the new shining star….Vista!!!  Well we all know what happened there.  No driver support, installation problems, and crashing.  Two years later, Microsoft finally got all of the bugs worked out, but at what cost.  Vista had gotten such a bad rep, that no one wants to use it.  People were sticking with XP.  Now Vista turned out to be a “Not So Bad” operating system once everything was said and done.  My only issue with it is the amount of resources that it needs, the thing is a hog.  Up and coming is Windows 7, and I have been running this on my Mac, and it really seems pretty clean.  Granted I have not really checked driver support for this release, but the reviews have been pretty good.  In fact, I have heard reviews, that have stated, that this is “The Best” version that Microsoft has ever released.  OK, so how does Google fit into all of this.  Well, Google entered the OS market with it’s release of their Android OS.  This is a very light OS that is meant to run on small devices like Smart Phones and Netbooks.  Currently, the reviews have been good but it seems like the hardware is holding it back.  Battery power, on the G1, is terrible and is only available through T-Mobile which also may also be holding it back.  But, even more important than that, is Google’s announcement of their new browser based OS which has no release date as of now.  This new system is named Chrome OS, based on that it will boot directly to the browser.  All though I have not seen this, it appears that Google is aiming this OS as a web based operation and not activities that are run natively on the computer. This means to me, that Google is aiming this new OS towards the “Cloud”.  If you are not familiar with “Cloud Computing”, check out my post HERE.  So, who wins the Operating System segment…….Microsoft still has a huge advantage!!!

Now we just talked about “Cloud” computing, and this may be the future.  In fact Microsoft has seen this.  Google has had “Google Docs” available, for free, for quite a while now.  What is Google Docs?   Google Docs is a word processor, spreadsheet, presentation, and form creator software suite that is, on the “Cloud”, for free.  And based on personal use, is actually very good.  You can open any Microsoft Word, Excel, or Powerpoint file and edit, save, and share these documents.  You can also create new documents, from scratch, and save them to your computer, which can be opened and updated at a later date.   It is a free office suite.  Now Microsoft seems to have been avoiding this but the popularity of Google Documents is growing.  So how will Microsoft respond…..they already have!!!  Microsoft has announced that they will have a version of Office 2010, including Word, Excel, and Powerpoint, which will be available on the cloud.  Will it be free remains to be seen, but if they are going to do this, it better be.  So, as far as the “Cloud” goes, who is winning…….Google has a wide margin, however watch to see what Microsoft does in the near future as this gap may narrow.

So how does Apple fit into this mix.  Well, they really do not fit into this mix at all.  True, they have launched iWorks, which is an Office Suite that is available on the “Cloud”, but it is not free and is buggy.  Apple relies on innovation.  Their Macintosh computers are the envy of almost every PC user, well at least those that know the difference.  The iPod player revolutionized the way that we listen to media, whether it be music, movies, podcasts, etc.  The iPhone has changed the way that we get this media…..not only is it a phone, but it is also a small hand-held computer.  Their design has been copied and manipulated by companies like RIM (Blackberry), Palm (Pre), and just about every other cell phone manufacturer.  Yes, I know it is true that Apple did not create the first “Smart Device” as Palm did that with the Pilot, but Apple made it work and advanced it’s technology to the pinnacle that it is at today.

So who will win this battle.  Certainly not Apple, although if they come out with the Tablet Computer, that all the “seers” are saying is going to be the next new thing from Apple, may be another new innovation that will change the way we do computing.  But that aside, I have always said that Google has the resources to give Microsoft a run for it’s money.  Up until now, it seems that Google is content to sit and do what they do best…..advertising.  However, with the new innovations that Google is implementing and their commitment to “Cloud” computing, they seem to be forcing Microsoft into the game.  At this place in time, Microsoft is still on the top of hill….overall, but here is my advice to you Microsoft, do not let your gloves down, Google is invading your territory and is coming. No only that, Google brings a different look that Microsoft does not have!!!!!

What do you think????