Greetings from SurfSafely.com! If you enjoy reading this newsletter as much as I do writing it, pass it on to all your friends and family but please respect their privacy. Place the addresses of those you send to in the BCC: field rather than To: or CC:. And as always, this newsletter is opt-in only. If you feel you've received it in error, reliable removal instructions are at the bottom. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ In this issue: 1. High risk virus alert! W32/Badtrans@MM Please forward this to everyone you know! 2. Great strides at SurfSafely.com 3. Shopping for the Holidays ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 1. VIRUS ALERT, VERY HIGH RISK ============================== Well, here we go again. Right on the heels of W32/Nimda@MM, a new email virus called W32/Badtrans@MM is spreading like wild fire. In the last two days I personally have received no less than a dozen email with attachments infected by this virus. A tell tale sign that the virus sent itself to you from someone else using Microsoft Outlook for their email is a leading "_" at the beginning of the sender's email address (ie "_friends.name@somedomain.com"). Fortunately for me, and for my friends, it is for this very reason that I do not and WILL NOT EVER use Microsoft Outlook for my email client. If you would like to notify the individuals whose computers are infected from whom you received this "gift", when thanking them simply drop the leading "_" from the reply to address. And while you have their attention, perhaps suggest they use something else for email communication. Quoted directly from the McAfee web site: "If the attachment is opened, the worm displays a message box entitled, "Install error" which reads, "File data corrupt: probably due to a bad data transmission or bad disk access." A copy is saved into the WINDOWS directory as INETD.EXE and an entry is entered into the WIN.INI file to run INETD.EXE at startup. KERN32.EXE (a backdoor Trojan), and HKSDLL.DLL (a valid keylogger DLL) are written to the WINDOWS SYSTEM directory, and a registry entry is created to load the Trojan upon system startup. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ RunOnce\kernel32=kern32.exe Once running, the Trojan attempts to mail the victim's IP Address to the author. (Why authorities can't use this information to locate and bring the culprit to justice defies all logic.) Once this information is obtained, the author can connect to the infected system via the Internet and steal personal information such as usernames, and passwords. In addition, the Trojan also contains a keylogger program which is capable of capturing other vital information such as credit card and bank account numbers and passwords." End quote. The danger to Outlook users, and their friends, is attachments are STILL by default opened automatically in the preview pane. What on earth were they thinking? Users of other email clients are also at risk if they attempt to open the attachments before scanning them with a virus checker. The difference is they must do so deliberately. Microsoft just assumes that you must want to, so they do it for you without asking. This is what I call the "Microsoft mentality". When I want to do something, I want to decide WHEN I would like to do it. Here's a quote taken directly from Microsoft's website regarding this very security hole at http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/bulletin/MS01-020.asp "Would IE always execute the attachment? No. IE would only execute the attachment if File Downloads were enabled in the Security Zone that the e-mail was opened in. However, File Downloads are enabled in all zones by default." Duh! I apologize if it sounds like I'm venting but this is a very familiar theme. By relying too heavily on Microsoft products, users place themselves, their personal information, and their friends at risk. Microsoft has consistently displayed a lack of concern for personal security in the name of "convenience", but convenience at what cost? The price is too high. I do not criticize Microsoft for sport of it like so many others do. I criticize Microsoft for their carelessness and the serious harm it causes. I would like nothing more than to come out in support of Microsoft products, but until they show more common sense in their application design, I can not and will not. Period. I am not supported financially by any internet software vendor so I have nothing to gain by recommending one over another. If you care about your data and your friends, and you use Outlook for email, PLEASE look into something else. Eudora is my email client of choice and free versions are still available. Netscape Messenger is another fine email client. I use products from all three companies - Internet Explorer for browsing because that's what the greatest majority of users have and I need to see what they see, Eudora 3.06 for email (No, I have NOT upgraded because there is no NEED to upgrade) and Netscape Messenger for NewsGroups. The reason I mix and match is because each of these applications does their job best for the tasks I need them for. And best of all, they're all free. Free is good. Bottom line is, please do not be careless. Computer viruses are serious business. McAfee ViruScan users, please get the latest .dat file 4172 at http://download.mcafee.com/updates/updates.asp Norton AntiVirus users get the latest 31128c update at http://www.symantec.com/avcenter/defs.download.html ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 2. Great strides at SurfSafely.com ================================== If you haven't been to SurfSafely.com lately, you haven't been to SurfSafely.com at all. Our directory has just been completely redeployed on an entirely new database engine that is light years ahead of its predecessor. Here are just a few of the amazing benefits of the new software: 1.Much faster turn around time from date of submission to date of inclusion. Updates should now occur on a WEEKLY basis! There's nothing more frustrating than submitting to a directory only to wait forever to see your listing appear. NO MORE! This goes for new affiliates as well. 2.Search within search. Before all we had was search within category. The problem was many links in our directory are not categorized so that feature was of only limited use. Now, with this feature, results can be refined to the Nth degree! 3.[+, AND] Required search terms. "+" is not new but the "AND" operator is. 4.[-, NOT] Excluded search terms. Like item 3, "-" is not new, but "NOT" is. We're not taking any steps backward. 5.[or] Specify non-exclusive search terms. For those extreme power searchers like myself who appreciate Boolean operators, this one's for you! 6.[url:] Search by url (Like AltaVista and Google) We had URLs in the results with the previous engine but url's appeared in regular searches. This tended to clutter the results with unrelated information. Now, if you want to find url's, you ask for url's. 7.[*] Wildcard matches. This is one of my favorites! If a search for a term does not return enough results, this allows you to search for parts of a term. For instance, searching for inter* would find intern, internet, interrogation, etc. Get into the habit of using * when you search at SurfSafely.com. You'll like the results. 8.Private Label branding. We are now licensing fully private labeled versions of our service to ISP's, portals and PDA manufacturers who wish to express their support of voluntary content labeling but still keep their users theirs. 9.Built in multilingual support! Because we are a GLOBAL resource, it has always been the objective of SurfSafely.com to one day offer our service in more than one language. Now, with the new software, that dream can now become reality! We're looking at mirroring in French, German, Spanish and hopefully someday in Japanese! This is a very exciting time for us. We hope you will continue your support of our directory by making SurfSafely.com your first stop each time you log onto the web and labeling any sites you may have online. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 3. Shopping for the holidays ============================== It's that time of year again. Giving, getting and going broke in the process. But, times have changed. Some are for the better and some for the worse. As a result of the recent terrorist attacks on the United States, democracy and freedom itself, to some degree the terrorists got what they wanted. They slowed our economy and prosperity. What their blinders prevented them from seeing, however, is that they also shot themselves in the foot, not just economically speaking by slowing the global economy but politically as well. They have made themselves the enemy of the entire free world and now are paying the ultimate price. They have also grossly underestimated the resiliency of the US economy and its ability to rebound from tragedy; To turn lemons into lemonade. Despite this fact, we are still rebounding and during this time many have reassessed what's important and what is not. For most of us, at the top of the important list is family. Everything else is secondary, including material possessions. I'm not necessarily certain this is such a bad thing. Just like the stock markets, there comes times when reassessment and revaluation is necessary. If that means the economy slows just a bit, maybe that's not such a bad thing after all. Think about the treadmill that places us all on and the stress it creates. In some respects, I believe they did us a favor. I just wish they had pursued the peaceful means their true faith dictates over the militant actions of their oppressive dictators. What ever the cause, we now watch our expenditures a little more. To help us with this, the Internet and shopping online becomes a powerful ally. I have always been an advocate of shopping online. It saves on gas, wear and tear on our vehicles and many times cheaper to buy from than the brick and mortar retail counterparts. I love shopping online and wholeheartedly recommend it to others. But, like anything else in this new age of online commerce, you have to be careful. Here's a few tips from my bag of tricks that will help to keep your online shopping experiences pleasant: 1) Whenever possible, shop reputable merchants - names you already recognize and trust. 2) Regardless of who you buy from online, make sure they have a written statement on their web site regarding the security of your transactions there. Even some well known merchants still do not have one and I will not buy from them online. In the very unlikely event that anything should go wrong, this MAY entitle you to legal remedies. 3) Use the most secure browser version you can to transact online with. Many commerce sites make this a prerequisite. Microsoft and Netscape both offer browser versions with what is called 128 bit data encryption. Many come standard with only 40 bit encryption. While this is good, it's not the best. To find out what version you have, in your browser just click Help | About. If you don't have the most secure version, both can be downloaded for free to most parts of the world. 4) Never share more information with an online merchant than is absolutely necessary. And never, EVER, give out your social security number. Also make sure that you do not disagree with their privacy statements and how they will use the information collected from you. READ IT! Get to know the merchants before you buy from them. It's no different than in the real world of brick and mortar retail stores. Some are reputable and some are fly-by-night operators looking for the quick dollar. Use good judgement. They're easy to spot. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ That's news for now. Wishing you and your families a most joyous holiday season. Until next time... Be informed, Be involved, Be well. Sincerely, Mark Brasche Founder and CEO, SurfSafely.com ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~