Toledo PC Users’ Group
A Forum for Personal-Computer Users — September, 2006
September Program: Donna Bardis
Monday, August 28, 2006, at 7:30 PM, UAW-Local-14 Hall, Jackman & Northover (between Laskey & Alexis Rd), Toledo, Ohio.
In
This Issue ...
TPCUG Data
From the Prez
Minutes
Treasurer’s Report
Membership Expirations
TOLTBBS Information
TPCUG’s
Website:
http://www.toledopcug.org
Coming Meeting: Monday,
October 2, November 6, December 4.
The Toledo PC Users’ Group
P.O. Box 13085
Toledo, OH 43613
Officers
President: Floyd Miller
Vice-President: Rick Snyder
Treasurer: Steve Tryc
Secretary: Sándor Halász
Standing Committees
Computer Shows: Steve
Tryc
Librarian: Open
Membership: Roy Ballogg
Programs:
Lester Miller
Public Relations: Lavern & Eugene
Curtis
Complaint Dept.: Helen Waite
SIG Leaders
Internet SIG: Jim Bell ............ 419-877-1109
Statement of Intent: The Toledo PC Users’ Group is a not-for-profit corporation, formed to provide a forum for the exchange of ideas and information regarding the use and enjoyment of personal computers.
Affiliations: TPCUG is a member of APCUG (Association of Personal Computer User Groups), which provided the APCUG logo.
Meetings:
Meetings are generally held the first Monday of each month, at
UAW-Local-14-Hall, 5411 Jackman Rd., Toledo, OH. In the event of
emergency, members may be reached during meetings at a pay phone in
the hall, 419-473-9571.
Visitors are always welcome at monthly
meetings!
Executive-Board meetings are generally held
after the regular monthly meetings.
Membership: Dues are $25. per year. To obtain an application, call any officer or member.
Moving? Notify the Membership Chair to redirect your newsletters.
Copyright 2006: The Toledo PC Users’ Group, the publisher of this newsletter, is a not for profit organization. Although it asserts a copyright for the newsletter, permission is granted to reprint this publication in whole or in part for any noncommercial use, with credits acknowledged.
Newsletter Deadline is the 15th of each month. All members are encouraged to contribute articles and reviews for this newsletter. Submissions may be made by email to the editor.
Advertizing: Business cards (2”×3½”) will be run in three issues for $5. Commercial ads: $10 for ¼ page; $20 for ½ page; $30 for ¾ page; $40 for full page. Larger ads are run in two issues from a graphics format, JPEG or GIF or … Members may place free ads for the sale of computer-related personal items on a space-available basis. Contact editor for details.
Production Notes: This newsletter was compiled with Microsoft Word 6 for Windows, Open Office 1.1.5, Brief, and Notepad.
TPCUG Mailing List: If you are on the Internet, keep in touch with club doings by subscribing to the TPCUG mailing list: Send e-mail to “tpcug-request@toltbbs.com” with only “subscribe tpcug@toltbbs.com” in the body of the message. You will then receive communications sent to the list through e-mail.
THE PRESIDENT'S MESSAGE:
This copied commentary makes the hair on the back of your neck stand up and your eyes glaze over as you ponder the possibilities of it attacking your computer or your "accounts" at the various places where your information may reside.
This Bug Is Nasty, Brutish, And Sneaky
Hackers have raised the stakes with a new bug almost immune to detectionAs a data security specialist, Jeremy Pickett sees all kinds of digital tricks. So on Mar. 20, when he was tracing the origins of a computer bug that had been blocked the night before from entering a client's computer network, Pickett wasn't too surprised that it tried to connect with four sleazy Web sites, most of them, he believes, in Russia. Or that it then tried to load victims' PCs with as many as 30 new pieces of malware, ranging from spam programs to those that automatically dial in to expensive phone-sex services.
But the real shock came when Pickett decided to test another bug by infecting his own PC with it. Out slithered a program that promptly installed itself deep inside his computer. There it became virtually immune to detection from the basic antivirus software that scans for dangerous code. The bug—known as a Trojan, which in turn was hidden inside a rootkit—was designed to activate whenever a Web surfer typed in a user name or password for bank accounts or Web sites for dating, social networking, or e-mail. Pickett went to a bank site and entered fictitious log-in information. Right before his eyes, those data were sent streaming back to Russia, joining the IDs of thousands of real victims. His reaction: "absolute horror".
This nasty bit of code, appropriately named "the Hearse" by Pickett's employer, Sana Security Inc. in San Mateo, Calif., is threatening to raise the stakes in the spy-vs.-spy war over cybercrime. That's because the average computer security program sifts for known worms and viruses on PCs. But rootkits cloak data-stealing code so that it can hide in the deepest guts of Windows software without showing up in task lists as an active program. Criminals, having greatly expanded their knowledge of Windows' inner workings, are flocking to this new tool. Russian computer security company Kaspersky Lab estimates that on average 28 new rootkits emerged each month in 2005, up from six per month in 2004.
Only five of 24 antivirus outfits picked up the Hearse outbreak by Mar. 21, according to virus tracker VirusTotal.com. At first, antivirus giant Symantec Corp. (SYMC) was not among them, though it says it detected the bug the next day. In one of the first real-time cyber stakeouts, Sana monitored one of the Russian Web sites for four days in late March. Ironically, it was left open to public view thanks to a security lapse by its unknown operators. Pickett watched as some 90,000 pieces of personal data from clients of more than 6,500 companies flowed across his screen. "It's like [Pickett] put on night-vision goggles and watched", says John M. Frazzini, CEO of Secure Systems Corp. and former head of the Secret Service's Electronic Crimes Task Force in Washington. The show lasted until a Russian Web host, warned by Sana, took the site down on Mar. 24.
Equally alarming is the roster of victims, a cross-section of American business. Customer accounts for companies such as social networking site MySpace.com (NWS), auction site eBay Inc. (EBAY), credit-card and banking company Capital One Financial Corp. (COF), and Internet service provider AOL Inc. (TWX) were compromised, BusinessWeek learned. Names and passwords from over 2,000 MySpace accounts were stolen. Spokeswoman Dani Dudeck says the company "takes user privacy and site security very seriously and quickly responds to all potential threats".
Many companies, though menaced anew every day, still don't have systems in place to react quickly to warnings. When Pickett and co-workers contacted some of them, they received automated e-mail responses or had to call multiple people. One unnamed company reported Sana officials to its nuisance department. Some moved faster. EBay quickly blocked compromised accounts until new passwords could be set. Bank of America Corp. officials immediately contacted the Secret Service's Criminal Investigative Div.
And the Hearse? Analysts suspect the hackers simply moved to a new, undetected collection spot. Warns Sana CEO John Zicker: "How deep does the rabbit hole go? Did we get there? No".
One could surmise that the percentage game gives one the edge since one might think that I'm one in millions and so they will never find me or my computer. But just in case they might, a little bit of diligence may mean the difference that could pay big dividends in the end.
One of the purposes of Toledo PCUG is to share with one another the things we have found that has worked for us. The helpful programs, the little tweaks we have discovered, the problems we have over come, the hardware that has worked for us.
Soooo we'll see you at the next meeting, August 28th (change because of Labor-Day Monday), same place and time.
Till then "happy computing" and remember "Visitors are welcome—Members are expected."
Your Prez, Floyd L. Miller
Minutes
The meeting was called to order at 7:33 PM on 8-7-06 at the UAW Hall by Floyd Miller, President.Minutes of the July meeting were accepted as printed in the newsletter.
The treasurer reported a current balance of $1200.32. This amount, as published in the newsletter, was accepted subject to audit.
Because of the absence of the membership secretary there was no membership status report. 12 members were present.
When queried about the program agenda for the next meeting, Lester Miller noted that the meeting would be held on August 28, one week earlier than normal to avoid conflict with the labor day holiday. He is currently in discussions with Donna Bardis about her or Charles Bard giving a presentation at that meeting regarding investment research on the internet. This prompted a discussion by some members about the difficulties and potential losses associated with day trading. (submitted by Rick Snyder; secretary was late.) Jim Mack mentioned an article for layering internet —breaking it into service-classes, with distinct service-rates—, and also leetspeak. L. Miller asked F. Miller about his use of digital camera. (These were brought up looking forward toward coming meetings.)
Internet SIG meets on the third Monday. We go to Whitehouse to Jim Bell s place on Maumee Street, around the corner from Chickaroo's, as it used to be, and are off topic a bit, as always, about 7ish o'clock. We carpool from Reynolds Corners, Asbury Church, beside the Inverness country club about 6:30pm.
New bizness
Steve Tryc, treasuer, said that the liability-policy renewal has come, with many terrorismical changes; it is advized that one “review the policy carefully”, and he suggests that the board look it over. Gene Curtis moves, L. Miller seconds, that the premium nonetheless be paid, and the motion passes.
At 20:13 the meeting is adjourned.
Respectfully submitted by Sándor Halász, secretary
Treasurer’s Report
Balance Ending 7/15/06
Balance Ending 8/14/06
Steve Tryc, treasurer