Security on your PC including POODLE details

Hi all,

I never see anyone mention about security on these forums, so I was wondering what people tend to use for stopping viruses, adware, malicious scripts, zombies, etc. I have mentioned POODLE in the subject line of this post because I think people should be made aware of it, considering Google done random checks and found over 2 million infected machines. I wrote more about this at the bottom of the message.

Do you think this website is safe to use?

Did you know some large sites actually drop ‘payloads’ of data on your PC without your knowledge?

Did you know paedophiles use sites like this one to exchange child images?

Did you know paedophiles are using peoples computers to store child images on, and finding them is becoming more difficult.

Even some corporation websites carry pornographic images without the users or administrators knowing?

There are also redirection scripts that will let you come from a search engine, but if you try a second time, the site sends you elsewhere, this could be a porn site or even a ‘payload’.

There are literally loads of things that go on computers in the background without your knowledge, some legal and others illegal.

The latest one to hit not just browser users but servers as well is a nasty one, which even bypasses sites that display a padlock meaning secure, but it may be intercepted by a hacker. Websites that started to tell people how to secure their browsers have become heavy traffic as more and more people find the fixes. If you want to fix this security hole, go to Google and type in the following but without the quotes “POODLE browser failure”. You should find one of the fixes for the browser you are currently using. The POODLE browser failure can allow a hacker to use information in your computer to login to sites you use without using any password. It was discovered by the Google Security Team.

If you have any questions fire them at me…

Regards,

Les.

Thank you les. I rely on a purchased web security system and a virus checker. I am too ignorant of the ins and outs of security to do more than run these systems and pay the annual fees. I know there are risks of being taken for a ride. To be really safe I would have to junk my PC and iPad and iPhone. Then life would be difficult and restricted. Where would you say is the happy medium?

As well as a lot of useful info on the web there is a huge amount of misinformation and tricks to trap the unwary. Our duty is to protect our computers by having a good firewall and antivirus software, updated frequently. If you want to check for any vulnerability on your system then go to grc .com where you should use the ShieldsUp facility, and browse the whole site. Gibson is an acknowledged expert having worked in security and for the US government in the past.

Neither the firewall nor the antivirus need cost you a penny. I have been using ZoneAlarm ever since I discovered it (long before Checkpoint acquired it) and despite all the newer possibilities as it still works I keep it.  I have used a number of antivirus programs, including AVG which is popular, but presently am very happr with Avast.

The main point I can make is to keep it as simple as possible (some users have a plethora of software in use which can create conflicts on many systems) but to THINK about everything and never click on anything unknown. If in doubt at any time use Google to check the safety by entering any name/contact/hyperlink into the search box and read the results. Always hover the mouse over any link so that you can read the address in the bar below.

There are some threats that none of us can do anything about. For all those we have to rely upon the ISPs filtering and the security firms picking up the latest threats and patches follow. Always install updates for your OS and security software.

Our greatest danger is familiarity. That is doing things without thinking. Be aware. It is not difficult, just requires a bit of discipline.

My response is being held back for the moderators to check because I have included the web address of a security site. That site is an important one which I believe should be known about by everyone who thinks about security. Hopefully my post will be released soon.

This is an ongoing situation with these troublesome "hackers".  There isn't a patch to remove the SSLv3 thus far and it's all time consuming to do it with each application although my husband is good at this and has been working diligently on making our computers as safe as possible.  Our grandkids use our computers and that has given him concern so he does that aspect of our computer life.

Thank you, Les for bringing this topic up as it doesn't just involve one, two or even a dozen people, it involves way too many to even count!

Keep us updated as you find out more of these troublesome areas.  And not sure about this site, I doubt they are protected against the SSLv3, just my thought though.

Frustrated

That's the only problem with these forums, I have posted links in the past to external addresses. The content I was aiming at was something that was not mentioned on this site, and was and still is run by a top Neurologist Consultant in the UK. The site itself was 'Flash-based' so it ran totally different to this one.

Personally, I think it something regiular users should be allowed to do without moderation. I normally check on Google if the content is on this site using switches, that way you can see if it has been mentioned previously.

You're welcome frustnrated. Patch, actually Mozilla is releasing a new version of Firefox on November 25th - which makes no sense to me - the incident was found over 10 days ago!

Go figure....

Hi Jaguar,

I agree with you totally, I also check certain suspect files using virustotal. com - fast and easy reponse.

At one point, I used to go thru websites that Googled had 'red' flagged - that was a dangerous game. Not game literally, but a job that some sites ask to find malicious sql code injection to be removed.

I am one of those people that tamper with various OS's, but I use them under Oracle VM VirtualBox at the I got Windows 10 Technical Preview running on it. Not bad, but I am not over keen on it either. Running on a virtual environment gives me more control over what it can do.

Regards,

Les.

It's like Jaguar stated, you either go for the free options or commercial ones, as long as they stay free. I agree with him - there's a number of reasons why I do not opt for commercial versions.

I was doing some work for an ex CEO of one of the most used anti-virus systems around which was commercial, and would you believe he did not even use it himself, he said it was junk compared to many that do the exact same function. I never purchased anything to replace what I was using since, I just opt for free versions.

Regards,

Les.

I use Avast free AV on my pc and Comodo Free FW.  I use Avast on my tablet and phones

I subscribe to Sophos' Naked Security newsletters, very informative and also Cnet/ZDnet newsletters and TechRadar

Some of the paid for security systems are resource hoggers.

Yep, that's what I'm saying, thus far there isn't a patch for this.  It's like getting the flu and giving antibiotics for it, not gonna help, just like the patch that mozilla's is going to release.  Just sayin'

Frustrated

Hi Les, 

You raise this and hay presto I get a virus. Just coincidence! isn't that like it. First in months. Avira catches it. I can't fin the offending file so run Avira scan. Avira finds it - a trojan - and quarenteens it. No other viruses.

I was running Firefox with Yahoo mail and Patient co uk running. Yahoo are very careful. I cannot run my security alias lest Yahoo wails about unusual origins and getting me to change my passwords. Could someone be using Patient to get into my laptop? Otherwise no ideas. I am too ignorant of non user computer things to have any idea.

Sophos offer a free virus removal tool, it might be worth downloading this to check that you have completely removed your virus.  How did you get it in the first place?

I have never had a virus.  I can recommend Avast free security.  Comodo is a little more complex if you don't know what you are doing

Hi George,

Do you use Facebook or Google Gmail? Both have been compromised in the past month - Facebook has millions of users email addresses and passwords posted on russian forums, last time I checked there were around 5 million accounts that had been compromised on Facebook alone.

It's easy to pick-up viruses these days, from unsuspecting websites, the Google one I mentioned above used an "harvesting technique" and was collecting information using their ads, yes the ones on this site. The chances of picking up a virus from this website is low, it's classified as 'green', and safe.

But take a look, at last POODLE issue, that was undetected for a long time, and uses the server you connect to which is carrying the website. Then your browser needs updating, unless it has been patched.

If you use other forums other than this one check the script they are using "vBulletin", "phpBB", "Invision Power Board" all well known to carry security holes, and capable of dropping a trojan.drop script on your pc or even a redirect, both malicious and dangerous. These sites are normally scanned by Google and will flag them with a RED redirect page, but you could visit these sites before Google does, in which case, you could catch a virus and not even know.

One thing you have to remember is emails can carry viruses as well, so beware of those .exe files from unknown sources. One that is not to well know is the Animated GIF SHELL, this is what paedophiles use for carrying sick images, and also malicious code. What may look like an innocent animated image, is infact a image but inside is a deadly drop. A special application is required to even open these files, snd they can be password coded, making it even harder.

I used to remove malicious code from websites manually ( at least you would know then if it was all removed ), and people or 'script kiddies' as they are more commonly known as, are using more clever methods that can bypass your antivirus applicaftion, more so if you use a Linux machine and not Windows.

Regards,

Les.

Blame kids today with nothing else better to do!  Some viruses have been traced to high schoóls, universities, etc where they were initially developed.

Majority come from russia and china, most webhosting companies block these countries by default now, as a safety precaution.

LOL.. The Flu spreads like a virus - but can be stopped if caught in time. It's that initial period which is the problem.

Regards,

Les.

I cannot agree: too many people have scant regard for what they post. It is impossible to expect the mods to have the time to decide who could be regarded as reliable, and then one slip and the result can impact all of us. One reason I will  never get involved in any of the social media sites.

Jaguar ~

Would  you mind sending me that address via email?  The mods don't bother them if you send it privately.  I would like to view this site.  Thanking you in advance,

Frustrated

The way I see it is like this, okay this is not Facebook - but they could put safeguards place - moderators are okay, but they could be split in to two groups Primary and Secondary Mods - this would allow Primary mods to override posts/messages that are not within the guidelines.

I used to administrate my own forum ages ago, and had my own moderators. I never had problems. I have even been on some of the largest forums in world, with total access to the whole forum controls and design - but I was always in conversations with the Super Administrators and others, before things were finalized.

Regards,

Les.

Given the name and purpose of this site I really would not expect to get involved in discussions about technology and/or computing; there are plenty of sites devoted to all those issues and some of them have good experts in the security field.

I really don;t understand your point. A virus was detected and my anti virus program warned me. I ran my antivirus program and the virus was quarentined. the anti virus system also confirmed no other virus present.. Am I not back to normal?