Oh no! My email address got blasted out by my new friend, a business associate, or maybe Mom. What to say?

The premise here is that email blasts occur regularly and usually it involves a sales deal, an event of some kind, or around a cause.  Chain letters are another notorious source for guilt-tripping the recipient to forward it out to all your friends or else be a real lousy individual; and these actually still work year in year out.

The blast can be done safely if people still feel compelled to send such multi-recipient messages out to people who are otherwise complete strangers of each other.  How?   Use the BCC field of course.  Well that of course assumes you knew about BCC.  If you didn’t this post isn’t for you though; rather, it is about you.

My dilemma as a responsible technology professional is to advocate for safe usage of the internet, for people to maintain privacy, and for their identity to remain secure from SPAM’rs or worse.  Often I am doing this with people I’m often barely acquainted.  The internet and email is not as intimate as a face to face heart to heart chat.  It’s a touchy thing to only have email to have these ‘talks’.  So what has been done is that after a blast offense occurs I’ll send an email back to the originator with a scripted reply message.

This blog is written because, I want to know what other people say. Do you say anything at all?  How does my message stack up against what you are saying?  Please comment away as I’d like to make it effective and brief.  …so here goes:

Thank you for considering my interest and sharing this information with me.

I’ve got a small request that I hope you’ll honor.  As a technology service provider and small business owner, information security and privacy are key issues that I must guard for my own sake and for my clients.  Please understand that by including my name and email address in the ‘To’  or ‘CC’ field populated with many others that some of them may again forward the email much like you have.  If they do then my email address and identity get circulated.  This then exposes my email identity as well as any others in the To and CC fields to future SPAM and other undesirable unintended consequences.

The good news is this is an unnecessary risk; so I have an easy fix and request.  In the future when and if you send an email to me along with an audience of others (a blast message) please add me to the ‘BCC’ (blind carbon copy) field and not to not to the “To” or “Cc” fields; in practice it would be a good neighborly thing to do this for everyone who’s a recipient.  This on the net is called good “netiquette” and an overall appreciated best practice by anyone who’s ever received SPAM or who has had their identity stolen (I have).  As for what address to put in the “To” field just insert your own email or any secondary email address.  It is important though that the address be valid or else this is a criteria which SPAM filters will trigger and the email may not reach some of your BCC recipients.

Q&A from the Windows 7 Springboard Roundtable

A roundtable discussion was broadcast live on 2/12/2009 regarding the development and new features of Windows 7.  Here is the Q&A from that roundtable discussion

https://ms.istreamplanet.com/springboard

Is your next beta milestone going to be `feature complete?
The next milestone for Windows 7 will be the RC build. For more information, check out the Engineering Windows 7 blog post here: http://blogs.msdn.com/e7/archive/2009/01/30/our-next-engineering-milestone.aspx

is windows 7 a desktop only platform, or are there desktop and server flavors?
The next version of the Windows client is Windows 7. The next version of the Server is Windows Server 2008 R2.

Will there be an update to IE8 before RC?
No, the next update to Windows 7 will be the RC build, there won`t be any component updates in the interim.

How many versions of Windows will read “BitLocker To Go” encrypted media?
All versions of Windows 7 will be able to read “BitLocker To Go” encrypted removable storage devices.

Will our Beta`s be turned off on August 2? 31?
On 8/1/2009 the Windows Beta will no longer be functional.

Where can we find step-by-step guide for applocker,direct access, branch cache and the rest of new features?
For DirectAccess EarlyAdopter`s Guide: http://www.microsoft.com/downloads/details.aspx?FamilyID=2fdc531d-9138-454f-a820-78211755b52aanddisplaylang=en For BranchCache Early Adopter`s Guide: http://www.microsoft.com/downloads/details.aspx?FamilyID=a9a1ed8a-71ab-468e-a7e0-470fd46e46b3andDisplayLang=en Applocker step-by-step guide is still in the works…

Is there an estimated date at this point for Windows 7 to be RTM?
The goal for Windows 7 RTM is to be 3 years after Windows Vista RTM date.

what is branch cache?
BranchCache is a new feature in Windows 7 and Windows Server 2008 R2 that will increase user productivity in branch offices and reduce the WAN link utilization. For more information please visit: http://www.microsoft.com/downloads/details.aspx?FamilyID=a9a1ed8a-71ab-468e-a7e0-470fd46e46b3andDisplayLang=en

What versions of Windows 7 will be available?
There will be a number of diferent versions of Windows 7 available.See the following blog for more information: http://windowsteamblog.com/blogs/windows7/archive/2009/02/04/a-closer-look-at-the-windows-7-skus.aspx

will branch cache features in Windows 7 be back ported to earlier versions of the os?
There are no plans to back port BranchCache into earlier versions of OS.

Will there be a recording of the video and the q and a available?
Yes the video recording and the QandA will be available within a week.

The DirectAccess Early Adoptor`s Guide link does not work.
You could get to the Early adopter`s guide from DirectAccess Technet Page also. Please visit: http://technet.microsoft.com/en-us/network/dd420463.aspx

Will there be 32-bit and 64-bit versions of Windows 7?
Yes.

What is the expected RTM date for Win 7?
The goal for Windows 7 RTM is 3 years after Windows Vista RTM date.

Is it correct that there will not be a Beta 2 this time arround?
That is correct, the next public release will be the RC build of Windows 7.

will applocker only work with win7
Yes, it will work with Windows 7 Enterprise and Ultimate editions.

Can you upgrade Windows 7 Beta 1 to Windows 7 RC or it has to be clean install?
Upgrades from Beta, to RC, to RTM will be supported.

RWW Exclusions SBS 2003 – Leaving Desktops With Local Access Only

If you have a desktop you do not want accessed through the RWW portal there is a simple way to do this.  You add the computer name to the “ExcludeList”.

This applies to SBS 2003 not SBS 2008 (see Andy’s comment).

It is a subkey in the Windows Registry found here:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SmallBusinessServer\RemoteUserPortal

Under this you will see a String Value ‘ExcludeList’

You should add desktops with no spaces and separating multiple names with a comma:

OpenDNS – Why? Can something free be good?

OpenDNS – I use it and like it and yield it like a Zen master:  OpenDNS

Regardless if any blocking is used, the tool still provides an auditing/oversight function. OpenDNS is a high availability DNS service; it has a very proven track record of dependable service. If there were a cost it would be sellable; however, it’s ‘free as in beer’ so that is an even easier sell. If for nothing else it could be used as an introductory mechanism to helping your client discover the value of such web oversight of his office staff. Some would rather not bother; some will require access to this information on a as-needed basis, some are overreaching power mongers. It’s not a one size fits all thing.

As for if you trust them in their expressed intention of being a good neighbor in the ‘net’ as to their reason for providing this FREE service, that’s for you to sort out. As a skeptic looking for my clients best interests, I’ve not been given any telltale signs of any bait-n-switchery or other less than forthright underpinnings. It seems legit.

One downside I’ve discovered with OpenDNS is with optionally your logo integrated; when done your logo is displayed on an informational html page whenever something doesn’t resolve or is blocked. Although at first I thought this good in that I’d have a track back mechanism for people who were false-positive blocked that would enable finer adjustments, white listing, …etc. However, instead it put me in the position of a web ‘door-man aka bouncer’ of sorts. I really don’t advocate putting yourself in that front and center thug/gate-keeper position unless you have a service agreement in place as well as some pre-existing expectations, instructions, and explanations as to the who?, what?, and why? of web filtering in writing and distributed to all under your wise and almighty judicious power.

Antivirus 2008 or was it 2009 or was it…? a Malware Removal Tool Discussion

Last month’s Microsoft Malicious Software Tool cleans this threat (Win32/FakeSecSen – Microsoft naming):

http://blogs.technet.com/mmpc/archive/2008/11/12/win32-fakesecsen-a-nasty-piece-of-work.aspx

…and Microsoft has had a great amount of success as reported by the tool:

---

From Sandi @ Spyware Sucks this business perspective breakdown in $

Fraudware detected on 994,061 computers

As reported by Microsoft:
http://blogs.technet.com/mmpc/archive/2008/11/19/msrt-review-on-win32-fakesecsen-rogues.aspx

The figures relate to what Microsoft has labeled “Win32/FakeSecSen”.  That figure does not (I think) encompass all of the fraudware (fake security software) products that are out there.

Just imagine, if you will, if just 1% of the owners of those detected machines were fooled into buying the fraudware software at $40 a pop – that’s $397,624.40 in illicit income garnered by the crooks.  When we take into account the fact that billing services such as the (now defunct?) Bucksbill were regularly accused of double-charging victim’s credit cards, then we’re looking at an illicit income of $795,248.80.

Scary, isn’t it.  Is it any wonder the crooks behind malvertizing are so persistent?

Published Friday, November 21, 2008 9:53 AM by sandi

---

Here’s a word on the tool from Microsoft’s Steve Riley including some information I found uniquely valuable:

Steve Riley [MSFT]

Newsgroups: microsoft.public.security.virus

From: “Steve Riley [MSFT]” <steve.ri…@microsoft.com>

Date: Mon, 1 Dec 2008 14:15:34 -0800

Local: Mon, Dec 1 2008 5:15 pm

Subject: Re: Alerting – Malicious software removal tool (MSRT)

When the MSRT runs, if it finds what it looks for, it removes it and reports that removal to Microsoft. If it finds nothing, it exits. Neither I nor the
tool nor the SIR make any claims that the MSRT completely cleans a machine. As others have pointed out, it is one element of an effective arsenal of
tools to help improve security.

Here’s something interesting, which might even surprise you: this month (November 2008) the single most prevalent piece of malware the tool detects
is Win32/FakeSecScan (rogues that mimic the Security Center). As of 13 November, we’ve tracked 811,000 removals. This includes some FakeSecScan
threats that were no longer active when detected — meaning that they were incompletely cleaned manually or by other AV products, and the MSRT
successfully cleaned out the remaining bits.

I have a proposal for you — actually, for everyone reading this thread. The MSRT creates a log file in %WINDIR%Debug. KB 890830 describes its output.
If you ever encounter an instance of where the tool fails to properly clean a machine, the Microsoft Malware Protection Center is ready to help. Go to
http://www.microsoft.com/security/portal, click on “Submit a Sample,” and please send us your MRT.LOG file and a sample of the malware, if you can.
We’d love to work with everyone to make sure the tool is as effective as possible.

–
Steve Riley
steve.ri…@microsoft.com
http://blogs.technet.com/steriley
Protect Your Windows Network: http://www.amazon.com/dp/0321336437

---

You may not be aware, but you can run that Microsoft tool manually.  ‘Run-> MRT’  It of course runs in the background quietly after you download it’s latest version via MU or WSUS each Patch Tuesday.  To learn more on running this manually and an in depth guide on the tool look here:  http://www.vista4beginners.com/Windows-Malicious-Software-Removal-Tool

Another tool I heard recommended that I’d never heard of before (much like it was with the ever successful against this threat – Malwarebytes) is SuperAntiSpyware:

Here’s some very interesting background on the bad guys behind this threat from security super-friend (think Hall-of-Justice) Jesper:

http://msinfluentials.com/blogs/jesper/archive/2008/11/07/xp-antivirus-in-the-news.aspx

If you want to be knowledgeable and prepared for this ever adapting malware threat, read the above and follow the references on how this elaborate shakedown scam got hacked.  It is very impressive to see how they have been so successful at their nefarious deeds due to capitalism in the black market.  Basically they have implemented a franchise business model of sorts founded on social engineering piggy-back attacks.