Technology

Stay Safe in 2010: Uncheck This Box in Adobe Acrobat and Adobe Reader

0
846 days
by in Technology, Technology for Everyone

Keeping your computer free from viruses, malware, and trojans could be as simple as one check box.

Disabling JavaScript in Adobe Acrobat and Adobe Reader

Uncheck "Enable Acrobat JavaScript"

If you’re a trusting soul and just want to take my word for it, open up Adobe Reader (and/or Adobe Acrobat), go to Edit -> Preferences -> Javascript, and uncheck “Enable Acrobat JavaScript”.

Why?

Experts are saying (and I believe them) that Adobe products such as Acrobat, Adobe Reader, and Flash will be the biggest targets for hackers in 2010.  With Microsoft doing a much better job at security, hackers are turning their attention to poking at the holes in Adobe’s software.  For the hackers, it just makes good sense to reach for this low-hanging fruit.

Over the course of 2009, many warnings were issued concerning vulnerabilities in Adobe’s core PDF creation and viewing products.  The common thread in many of these warnings is that the vulnerabilities exploit the JavaScript functionality in PDF documents.

When I state that JavaScript is the key security hole in “many of these warnings”, I really mean “every single one that I can remember”.  Users who have disabled JavaScript are not at risk.

Adobe’s security chief defends JavaScript in Acrobat.  I have no qualms with JavaScript being available in PDF files, but the simple fact of the matter is that the overwhelming majority of users don’t need it, don’t use it, and wouldn’t even notice if it were turned off.  Instead of choosing to make their product secure by default, Adobe has made their product the number one target for hackers.

UPDATERogue PDFs account for 80% of all exploits [in Q4 of 2009], says researcher

Misleading Domain Offers

0
887 days
by in Really Geeky Stuff, Technology

As the owner of a few Internet domain names, I have become accustomed to getting domain-related scam mailThese scam mailings are crafted to look like invoices, but are in fact merely a ploy to get you to sign up for their “search engine optimization” service.  Like most of my junk mail, this stuff gets ripped up and tossed in the recycle bin.

Earlier this year, I received a new but similarly misleading set of emails.  The emails were related to a couple of my domain names (we’ll call them example.org and example.net).  The messages seemed to be crafted to imply that the sender was the owner of the example.com domain and that the domain was for sale.  Here’s an example:

Domain Sale Notice:

example.com is coming available for sale in a few days.

Since you own the domain example.net, we thought you’d be interested in example.com.

If you do have interest in acquiring example.com, please fill up priority notice form availble

here: <LINK REMOVED>

and we will contact you as soon as the domain is available for purchase.

We look forward to hearing back from you.

Kind regards,

John Timmers
InTrust Domains
4845 A Pearl East Circle
Boulder, CO 80301

No more please: http://<DomainRemoved>/store/unsub/<etc…>

[NOTE:  Above text edited for privacy and readability only.]

My initial reaction was one of excitement.  “It would be nice,” I thought, “to have the whole matched set of domain names.”  A few days later, though, I received the following email:

Our company specializes in acquiring expired domain names to help individuals and businesses protect their brand online.

The domain name EXAMPLE.COM expired recently and we were able to secure it.

We noticed that you own EXAMPLE.ORG and felt that you may be interested in acquiring the .COM version of your existing domain name.

It is available for a one-time fee of only $49.00 USD.

To purchase or learn more, please visit http://<DomainRemoved>/buy.php?domain=example.com


Trader Domains, LLC
sales@<DomainRemoved>

I was not pleased about the prospect of spending $50 on a domain.  But wait a minute…  how can two different parties be offering me the same domain name?

A few days later, I received yet another email from Trader Domains.  It was identical to the first except that the price was lowered from $50 to $30.

It turns out that neither company owned the “example.com” domain.  I was able to register it directly from a reputable domain registrar.  That being the case, we can come to the following conclusions

  • InTrust Domain’s statement that the domain would be available for purchase “in a few days” was false.
  • Trader Domain’s implication that they had “secured” (or procured) the domain name was false.

The claims made by these companies are crafted to mislead consumers.  Buyer beware.

Technician’s Pet Peeve

3
1066 days
by in Really Geeky Stuff, Technology

Here’s the deal.  I don’t care if the product I’m supporting is ancient.  I don’t care if only a few dozen or so people in the world use it.  When I get a specific error message, I expect to find the answer!  Google, you have spoiled me.

Let me attempt to make my vision a reality.  Here’s another obscure problem that Google should know about… a blast from the past with a circa 1997 database application.

PROBLEM
When attempting to print from Paradox 8 in Windows XP, the following error message is received:

PERFECTPRINT ASSERTION
File z:\service\pfps\Include\pfps.h
Line 2220
Expression pIprinter
(Retry will break into an active Debugger)

SOLUTION
Run “C:\Corel\Suite8\Programs\PFREG.exe”.
Choose “Register”.

This will register necessary components and should allow Paradox to print.

« Previous
Next »
Go to Top