404 Tech Support

A working group has formed to move towards establishing official language and terminology for describing malware to assist communicating and fighting malware. The working group is trying to establish the Malware Attribute Enumeration and Characterization (MAEC) language. There are a number of benefits to establishing a common malware terminology: eliminating innacuracy in describing malware, reduced duplication of efforts, improved awareness of malware, and decreased response time.

The Introduction to MAEC white paper was released yesterday and offers a promising start. From the abstract:

I got a lot of positive feedback on my article Is Your Firefox Genuine? Phishing at its Phinest! where I identified a site that had repackaged Mozilla Firefox and wrapped it up in a bunch of malware. The site was getting a decent amount of traffic, I suspect, because it was advertising itself well and was often the top sponsored result for Firefox-related searches on Bing. I tried multiple times to get a hold of Microsoft’s advertisement group to request that they drop the advertisement, but they were unreachable “for reasons beyond [their] control.” Little did I know, there was an easier way to prevent people from installing this malware all along…

The Book Seer is a very straight-forward web app that would be useful to anybody looking for recommendations as to what they should read next. When you visit the site, you see a gentleman in the background with a speech bubble over his head. The speech bubble has two blanks where you put the title and author of the last book you read as if the guy is saying it. Both title and author are required but once you’ve filled out the fields simply hit the arrow to get your recommendations.

I’m in no way a die-hard Twittard, but I do use it to promote new articles and spout off random comments (140 characters or less) every once in a while. That being said, I did find the free application Seesmic Look to be very helpful in understanding and organizing all the information in Twitter to be a bit more functional and informative. I have a guest article over at Freewaregenius that highlights this application and its highs and lows. Check out the full article at Freewaregenius: Seesmic Look – A Polished, Functional Twitter Client.

Deploying software through group policy is a great way to ensure all computers are up-to-date and running the same version but unfortunately, not everything runs as smoothly as we would like. I ran into a problem last Friday trying to deploy the updated Java RE 6 Update 18 where the antivirus would tie up the installer until the install process timed out. This only happened on 5 machines out of hundreds, but through it I think I found some best practices to do when you have a hung deployment trying to install on a computer.

After years of working with computers: taking out and replacing components, opening them up, upgrading them, and generally being comfortable inside them, I built my first PC years ago. I’m mostly self-taught on building computers, but I’ve got a number of from-scratch computers under my belt now and thinking about it, once you have the parts it’s pretty straight forward. This list is procedural memories from my mind, so feel free to add to this list any corrections or best practices that you have.

Google Reader, a popular RSS Feed Reader, has gotten a bit better with the addition of a new feature that will allow you to create “feeds” even on a page that doesn’t have an RSS feed. This feature works alongside the Google crawlers, it compares the cached version of the page to the version it’s looking at currently as it crawls the site and then generates a feed based on any changes it finds and creates an entry in your Google Reader.

CompTIA announced earlier this month that its certification programs would undergo a huge overhaul in order to maintain their accreditation from the International Organization for Standardization in a press release titled ‘CompTIA Announces Plan to Help IT Professionals Keep Skills Up-To-Date’. Instead of CompTIA’s certifications being good for life as they traditionally have, they are now set to expire in 3 years. As someone holding CompTIA’s A+ and Network+ certifications and studying for the Security+ certification test, this was very relevant to me.