IT Crate Tutorial, Tips, Technology NewsWebsite Design and Development Company

Developers who use Firefox found themselves without some Microsoft add-ons after Mozilla blocked them due to security concerns. Browser access to one of the tools, .Net Framework Assistant, has been restored. The companies are working together to come up with a way to safely reopen access to Windows Presentation Foundation.

technology used to program applications that can be accessed through a browser continued to be blocked for Firefox users Monday.

Mozilla had been blocking two Microsoft plug-ins after the discovery that Microsoft’s .Net 3.5 SP1 install silently adds a plug-in to Firefox allowing the surreptitious launch of a malicious XAML browser application that could take over infected machines.

One add-on, the Windows Presentation Foundation, aids programmers in developing applications using Microsoft technologies, including Silverlight, that can be accessed via a browser. It remains blocked, but Mozilla Vice President of Engineering Mike Shaver wrote in a blog posting on Sunday that the Firefox team is working to find an alternative.

Restoration Timing Uncertain

Mozilla initially blocked Microsoft’s .Net Framework Assistant as well, but reversed that policy after speaking with Microsoft engineers over the weekend and learning that it does not provide access to the same vulnerability.

The current blockade is redundant for users who have already applied Microsoft’s patch for the vulnerability, which rolled out Oct. 12 as part of what Microsoft described as its largest vulnerability patch of 2009.

Although Microsoft has patched against the vulnerability, it’s unclear when the Windows Presentation Foundation access will be restored.

Mozilla’s press office did not return an email message seeking comment by deadline for this article.

Microsoft’s Misbehavior

Most home users likely didn’t notice anything more than an odd security warning when they fired up their browsers, but some may have encountered malfunctioning Web apps. Also, some enterprise users and designers may have faced trouble accessing custom applications and design capabilities through Firefox with the technologies blocked, said Wolfgang Kandek, CTO of Qualys, a vulnerability management company.

This is the second time this year Microsoft has been called out for silently installing plug-ins into Firefox. The first time was when the company included the Framework Assistant add-on in a service pack for the .Net application framework without alerting users.

“That normally is not considered to be good behavior,” Kandek told TechNewsWorld.

Microsoft didn’t respond to requests for comment by deadline.

Cooperation Between Competitors

While it appears that Mozilla initially overreacted in blocking the .Net Framework assistant, which is necessary for many third-party applications to run, it restored access to the plug-in quickly.

Mozilla and Microsoft appear to be working well together to address the issue for the benefit of users, Kandek said.

“I thought it was a great example of cooperation between two companies that are competing a lot,” he said.

To use PhotoSketch, a user simply sketches a scene, using blobs to represent different components, with descriptive tags added to each blob. The software uses the tags to search for potentially suitable images on the Internet. It then tries to match the components within those images with those in the sketch and with a background before presenting the user with a selection of snaps that go together nicely. The video also includes a nice explanation of the technology. The resulting images are often very realistically Photoshopped.

Ever wondered how the content from itcrate.net reaches your computer. Obviously it has to go through some physical cables somewhere in the world so that every time you request some content your request will go from your home computer all the way there and all the way back.

Understandably a certain amount of delay can occur in such return journey, also due to the fact that the signal has to go through several routers on its way there and the way back. Those routers belongs to different providers and their response time can vary a lot. Also the signal will not take the same route all the time, some system will take care of routing your request to the first available route or better to the fastest available route after a real-time evaluation.

There is a simple way in Windows XP to check the path that your request, it is the tracert which can be called from the command prompt. You can open the command prompt from Start>>Run and type cmd and press Enter.

The following command

will give the following output (the request was sent from a computer in Hong Kong in this case)

The program tries to access the same router three times (that is why you see 3 columns of ms values) and reports the milliseconds elapsed at each attempt. If the connection times out you will see a * instead of a number.

This simple command could be useful to troubleshoot connection problems. You can immediately spot whether the problem is within your local network, your local internet service provider or on the overseas side.

As a comparison a ping command

will give the following output

We see the traveling time is 180ms which corresponds to any of the values returned by the tracert command. This makes me think that the those returned by the tracert command are actually parallel routes which the data will alternatively take to get to our desired destination.

Beware of Malware, Adware and Spyware they can cause serious damage to your computer! Below is information you need to know about protecting your computer from different forms of malware and spyware.

Malware is the generic category of any program that causes damage to your computer. Notorious types of Malware include:

• Viruses
• Worms
• Trojans
• Key loggers

Adware are programs that have advertisements built into the software. Whenever you run the software it will open advertisements from the Internet and display them on your screen.

Spyware are pieces of software that are installed on your computer without your knowledge. Spyware operates in the background collecting information about your browsing habits and then sends this information back to the creator’s servers. Notorious types of Spyware include:

• Browser Hijackers
• Dialers

Virus

A virus is a piece of software that piggybacks on real programs. A computer virus is passed from one computer to another typically via email attachments or downloads from web sites.

Viruses can:

• Delete or alter files
• Reformat your disk drive
• Installing software programs that allow hackers to remotely access your computer

Worms

A worm is a piece of software that uses computer networks and weaknesses to replicate itself. A copy of the worm scans the network for another machine that has the same security hole. It then copies itself to the new machine and then starts replicating from there.

Worms can:

• Delete or rename files
• Install Trojans to collect sensitive information

Trojan

A Trojan is a malicious program that is disguised as legitimate software. Trojans often come in the form of a cute animation or sexy picture sent as an email attachment. Once the program is opened the malicious software is installed on the computer, causing a multitude of problems. Trojans can also be installed by visiting web sites.

Trojans can:

• Erase or overwrite data on your computer
• Corrupt files
• Create a backdoor to your computer allowing people remote access
• Spread malware
• Spy on the user to report data like your browsing habits

Key Loggers

A key logger is a piece of software that keeps track of all key strokes entered on a computer and then transmits this information to a third party. The danger in having a key logger installed on your computer is this information can then be used to identify your credit card or banking details.

Key loggers are installed using typical malware techniques such as downloading email attachments and exploiting weaknesses in Microsoft programs such as Word, Outlook or Explorer.

Browser Hijackers

Browser Hijackers is software that tends to hijack your browsers web connections for the hackers own purposes. Typically hijackers change your homepage or your search engine results.

Dialers

Dialers is software installed on your computer and has the ability to make phone calls using your computers modem. These programs will connect to other computers, typically pay by the minute numbers. Often you will not realise your computer has a dialer until you receive a large telephone bill.

Although most malware is typically transmitted through email attachements hijackers and dialers are almost always installed by clicking on popup displays advertising new software. The most common types of these scams are:

• When the pop up says your computer has a security hole and it can be fixed by clicking on the pop up.
• Software that allows you to connect to browse the Internet faster.
• You have open ports on your computer and to click on the ad to download a utility to fix it.
• Ads that say they can make your computer run faster.

To avoid having hijackers and dialers being installed on your computer do not click on pop up ads.

Protecting your computer from Malware and Spyware

• Make sure you have installed antivirus software that is up dated regularly.
• Avoid downloading unknown attachments from emails and Internet web sites.
• Always scan the email or Internet attachment with antivirus software before downloading the attachment.
• Keep your computer up to date by downloading security patches when they become available.
• Remove trial software because it can create a back door to your computer allowing hackers to remotely access your computer.