Blog for "the-enabler" of the letsnet.org network

---

"Facts do not cease to exist because they are ignored."-- Aldous Huxley

As the prostitute said, "It's not the work, it's the stairs." As told to me by Elaine Stritch, star of stage, screen, & TV, right after she won her 1st Emmy. Ago 79.

---

DomainKeys is a rapidly-emerging Internet standard from Yahoo!. It allows Yahoo! Mail to detect whether emails come from their claimed domain. However, be sure to verify this confirmation by ensuring it's from an expected domain (for example, emails from Yahoo! should be from "yahoo.com" or "yahoo-inc.com", not a variant like "yaho00oo.com").

If you are a postmaster(for a website or page) interested in implementing DomainKeys to protect your domain, you can find more technical details at http://antispam.yahoo.com/domainkeys and implementation information at http://domainkeys.sourceforge.net.

If this is not what you needed to know, check out our Online Help Desk. Visit it any time by logging into your Yahoo! account and clicking on the "Help" link located in the upper right-hand corner.



MY ADVICE endeavors at keen.com. The number is 1-800-275-5336 (800-ask-keen) + ext. 0329063 for tech stuff, 0329117 for running a small business, and 0329144 on investing. Want to CHAT, I use Yahoo's IM as the_web_ster. View me in the Friends & Family part of webcamnow.com, just click on "view cams", then in the Java window click on WebcamNow Communities drop down arrow & select Friends & Family. Under the live webcams look for & click on me "the_webster".

---

"Facts do not cease to exist because they are ignored."-- Aldous Huxley

As the prostitute said, "It's not the work, it's the stairs." As told to me by Elaine Stritch, star of stage, screen, & TV, right after she won her 1st Emmy. Ago 79.

---

New versions of the Firefox and Mozilla browsers have been released that address three security problems, including one that was made public last week.

The first fix addresses the bug that was publicized recently, in which an attacker can execute code by using a javascript: URL as the IconURL property. Mozilla is partly vulnerable to this bug.

The other two fixes (involving Wrapped" javascript: urls and "non-DOM property overrides") also address bypasses of security checks involving javascript: URLs.

Security updates are getting to be a common occurrence with Firefox and Mozilla. This update is the fourth addressing 32 security holes in 2005.

As with all the other recent security fixes, the new versions are not patches but complete new versions that must be completely downloaded and installed through normal program installation means. Firefox 1.0.4 for Windows is a 4.7MB download.

Firefox for Windows users can obtain the update using the Tools-Options dialog. Click the Advanced button on the left and locate the Software Update section.


MY ADVICE endeavors at keen.com. The number is 1-800-275-5336 (800-ask-keen) + ext. 0329063 for tech stuff, 0329117 for running a small business, and 0329144 on investing. Want to CHAT, I use Yahoo's IM as the_web_ster. View me in the Friends & Family part of webcamnow.com, just click on "view cams", then in the Java window click on WebcamNow Communities drop down arrow & select Friends & Family. Under the live webcams look for & click on me "the_webster".

---

"Facts do not cease to exist because they are ignored."-- Aldous Huxley

As the prostitute said, "It's not the work, it's the stairs." As told to me by Elaine Stritch, star of stage, screen, & TV, right after she won her 1st Emmy. Ago 79.

---

IF you set up a poor Windows XP machine with no firewall or anti-virus software. Connecting it to the internet would be like throwing it into a lion pen with raw meat strapped to its hard drive. How long would it be before we were hit by something nasty on the net? Hours, minutes? As it turned out - eight seconds! ......It certainly was not for our PC, which crashed completely in less than 30 minutes.

see the rest of the story

And if your on DSL and not behind a router today your asking for more of the same, that from me, Lets. Would you believe...

MY ADVICE endeavors at keen.com. The number is 1-800-275-5336 (800-ask-keen) + ext. 0329063 for tech stuff, 0329117 for running a small business, and 0329144 on investing. Want to CHAT, I use Yahoo's IM as the_web_ster. View me in the Friends & Family part of webcamnow.com, just click on "view cams", then in the Java window click on WebcamNow Communities drop down arrow & select Friends & Family. Under the live webcams look for & click on me "the_webster".

---

"Facts do not cease to exist because they are ignored."-- Aldous Huxley

As the prostitute said, "It's not the work, it's the stairs." As told to me by Elaine Stritch, star of stage, screen, & TV, right after she won her 1st Emmy. Ago 79.

---

The 14th is Mother-in-law Day



MY ADVICE endeavors at keen.com. The number is 1-800-275-5336 (800-ask-keen) + ext. 0329063 for tech stuff, 0329117 for running a small business, and 0329144 on investing. Want to CHAT, I use Yahoo's IM as the_web_ster. View me in the Friends & Family part of webcamnow.com, just click on "view cams", then in the Java window click on WebcamNow Communities drop down arrow & select Friends & Family. Under the live webcams look for & click on me "the_webster".

---

"Facts do not cease to exist because they are ignored."-- Aldous Huxley

As the prostitute said, "It's not the work, it's the stairs." As told to me by Elaine Stritch, star of stage, screen, & TV, right after she won her 1st Emmy. Ago 79.

---

For the fourth time in three months, major security flaws in the upstart Firefox Web browser have pushed volunteers at the Mozilla Foundation into damage-control mode.

The open-source group late Sunday rushed out a partial fix for a pair of "extremely critical" Firefox vulnerabilities after zero-day exploit code leaked onto the Internet and promised a comprehensive patch would be available soon.

Mozilla's public acknowledgement of the vulnerabilities includes a chilling warning that an attacker could combine the flaws to execute malicious code without user interaction.

The vulnerabilities have been confirmed in Firefox 1.0.3. The Mozilla Suite is only "partially vulnerable" to the bugs, according to the Foundation.

Firefox users are urged to disable JavaScript immediately as a temporary workaround. Additionally, Mozilla recommends that the browser's software installation feature be disabled. This can be done by unchecking the "Allow web sites to install software" box, which can be found by selecting Options on the Tools menu and then Web Features.

eWEEK.com Special Report: Browser Security

Mozilla also modified the update servers to block a possible attack but made it clear this only provides partial protection. The updates were made to "update.mozilla.org" and "addons.mozilla.org," the two sites white-listed by default in Firefox. Software installation requests will now be redirected to "do-not-add.mozilla.org" to stop the publicly available exploit code from targeting the two vulnerabilities.

According to security alerts aggregator Sequoia, this is the first Firefox bug to carry an "extremely critical" rating. In a public advisory, Sequoia said the problem was detected in the way "IFRAME" JavaScript URLs are protected from being executed in the context of another URL in the history list.

"This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an arbitrary site," Sequoia warned in its advisory.

Additionally, input passed to the "IconURL" parameter in the browser's "InstallTrigger.install()" feature is not properly verified before being used. "This can be exploited to execute arbitrary JavaScript code with escalated privileges via a specially crafted JavaScript URL," the company said.

By default, only the Mozilla Foundation update site is allowed to bring up this dialog, but the script injection vulnerability allows this to be exploited from any malicious site.


The flaws and accompanying attack scenario were first discovered by security researchers at the Greyhats Security Group, which published a detailed technical explanation of the exploits. The research firm was quietly working with the Mozilla Foundation to create and deploy a patch but was forced to go public after FrSIRT (French Security Incident Response Team) published the exploit code.

The latest security hiccups follow a rapid batch of patches from Mozilla for Firefox flaws. In late February, Mozilla shipped a major security makeover to provide a temporary workaround for a widely reported IDN (International Domain Name) bug, and to correct two serious flaws that could allow malicious attackers to spoof the source displayed in the "Download Dialog" box or to spoof the content of Web sites.

Two weeks later, Mozilla rolled out Firefox 1.0.3 to correct a serious vulnerability caused by the way GIF files are processed by the browser.

Then, on April 16, another Firefox refresh shipped to correct a JavaScript Engine flaw that put users at risk of information disclosure attacks.

Firefox for Windows users can obtain the update using the Tools-Options dialog. Click the Advanced button on the left and locate the Software Update section. And keep looking updates shouldn't take any longer than it takes to write.


MY ADVICE endeavors at keen.com. The number is 1-800-275-5336 (800-ask-keen) + ext. 0329063 for tech stuff, 0329117 for running a small business, and 0329144 on investing. Want to CHAT, I use Yahoo's IM as the_web_ster. View me in the Friends & Family part of webcamnow.com, just click on "view cams", then in the Java window click on WebcamNow Communities drop down arrow & select Friends & Family. Under the live webcams look for & click on me "the_webster".

---

"Facts do not cease to exist because they are ignored."-- Aldous Huxley

As the prostitute said, "It's not the work, it's the stairs." As told to me by Elaine Stritch, star of stage, screen, & TV, right after she won her 1st Emmy. Ago 79.

---

WORM_MYTOB.ED

Trend Micro has released a warning regarding emails
that may possibly
contain a new virus in the attached files. The
virus name is
WORM_MYTOB.ED . Even though our Anti-Virus system
should detect and
delete these emails or strip the attachments, if
you do receive one of
these emails please do not open any attachments
that may be attached and
immediately delete the email.

The details of the email are as follows:

Subject: (any of the following)
- Error
- hello
- Here is your documents.
- Mail Delivery System
- Mail Transaction Failed
- Re: Thank you for delivery
- Server Report
- something for you
- Status
- *IMPORTANT* Please Validate Your Email Account
- *IMPORTANT* Your Account Has Been Locked
- Email Account Suspension
- Notice: **Last Warning**
- Notice:***Your email account will be suspended***
- Security measures
- Your email account access is restricted
- Your Email Account is Suspended For Security
Reasons

Message body: (any of the following)
- Account Information Are Attached!
- Once you have completed the form in the attached
file , your account
records will not be interrupted and will continue
as normal.
- please look at attached document.
- Please see the attachement.
- To safeguard your email account from possible
termination, please see
the attached file.
- To unblock your email account acces, please see
the attachement.
- We have suspended some of your email services, to
resolve the problem
you should read the attached document.

Attachment: (any of the following file names)
- email-doc
- email-info
- email-text
- information
- your_details
- document_full
- IMPORTANT
- info-text
- {random}
any of the following extensions)
- .exe
- .pif
- .scr
- .zip

It gathers target email addresses from the
Temporary Internet folder,
Windows address book (WAB), as well as from files
with certain extension
names. It may also generate email addresses by
using a list of names and
any of the domain names of the previously gathered
addresses.
This worm has backdoor capabilities, which allow a
remote user to
perform malicious commands on the affected machine.
The said routine
provides remote users virtual control over affected
systems, thus
compromising system security.
Moreover, it prevents users from accessing several
antivirus and
security Web sites by redirecting the connection to
the local machine.

For more details go here




MY ADVICE endeavors at keen.com. The number is 1-800-275-5336 (800-ask-keen) + ext. 0329063 for tech stuff, 0329117 for running a small business, and 0329144 on investing. Want to CHAT, I use Yahoo's IM as the_web_ster. View me in the Friends & Family part of webcamnow.com, just click on "view cams", then in the Java window click on WebcamNow Communities drop down arrow & select Friends & Family. Under the live webcams look for & click on me "the_webster".