Internet Explorer 6 Security- the Local or “My Computer” Zone

Description of the “My Computer” or local Internet security zone

The “My Computer” zone is the local computer zone, which governs the security settings for opening HTML pages stored on your own system. These locally stored pages are deemed to be safe, which is normally a reasonable assumption. Also local pages may need access to the resources such as files that are located on your system and are therefore given a high degree of trust.

Unfortunately, there are a large number of cross-zone vulnerabilities, which writers of malware such as viruses, worms, etc. may use to their advantage. To help plug these security holes, one of the security changes made in the Windows XP Service Pack 2 update locks down the  “My Computer” zone to control the running of scripts and ActiveX components. This increased security comes at a cost, however, since certain applications are thereby broken.

Configuring the “My Computer” Internet security zone

Users of older Windows operating systems will not receive the security updates for Internet Explorer that the Windows XP SP2 contains. In these cases it may be desirable to be able to configure the settings for the “My Computer” zone. (The following procedures do not apply to IE 6 in Windows XP SP2 or to IE 7.)

Configuring Internet Explorer zones is done through the “Tools- Internet Options ” menu. (A tutorial is available on another page.) The zone for “My Computer” is normally hidden but it can be made visible by editing the Registry so that this zone appears on the Security tab in the Internet Options dialog box, as shown below.

zone5

The Registry settings that have to be changed to make this zone visible are given in an article in the Microsoft Knowledge Base . The key that has to be edited for a particular user account is

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0

The key to be edited if all user accounts are to have this zone visible is

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0

Within the key is a DWORD value “Flags”. Setting the data value of the Flags value to 47 (in hexadecimal) causes the “My Computer”security zone to be displayed. Setting the data value of the Flags value to 21 (in hexadecimal) causes the “My Computer” security zone to be hidden.

Editing the Registry can be a parlous project so be sure to back up the Registry first. For those who understand how to use REG files, copy the text below, paste into Notepad, and save as “showmycomputer.reg” or name of your choice. Only those who can return their computer to a previous state should try this.

Makes “My Computer” security zone visible
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0]

“Flags”=dword:00000047

To reverse the process and hide the zone “My Computer”, use the following script

Hides “My Computer” security zone
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0]

“Flags”=dword:00000021

For details about strengthening the security of the Local Machine or My Computer zone consult this Microsoft article.

Internet Explorer 6 Security- the Local or “My Computer” Zone

Description of the “My Computer” or local Internet security zone

The “My Computer” zone is the local computer zone, which governs the security settings for opening HTML pages stored on your own system. These locally stored pages are deemed to be safe, which is normally a reasonable assumption. Also local pages may need access to the resources such as files that are located on your system and are therefore given a high degree of trust.

Unfortunately, there are a large number of cross-zone vulnerabilities, which writers of malware such as viruses, worms, etc. may use to their advantage. To help plug these security holes, one of the security changes made in the Windows XP Service Pack 2 update locks down the  “My Computer” zone to control the running of scripts and ActiveX components. This increased security comes at a cost, however, since certain applications are thereby broken.

Configuring the “My Computer” Internet security zone

Users of older Windows operating systems will not receive the security updates for Internet Explorer that the Windows XP SP2 contains. In these cases it may be desirable to be able to configure the settings for the “My Computer” zone. (The following procedures do not apply to IE 6 in Windows XP SP2 or to IE 7.)

Configuring Internet Explorer zones is done through the “Tools- Internet Options ” menu. (A tutorial is available on another page.) The zone for “My Computer” is normally hidden but it can be made visible by editing the Registry so that this zone appears on the Security tab in the Internet Options dialog box, as shown below.

zone5

The Registry settings that have to be changed to make this zone visible are given in an article in the Microsoft Knowledge Base . The key that has to be edited for a particular user account is

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0

The key to be edited if all user accounts are to have this zone visible is

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0

Within the key is a DWORD value “Flags”. Setting the data value of the Flags value to 47 (in hexadecimal) causes the “My Computer”security zone to be displayed. Setting the data value of the Flags value to 21 (in hexadecimal) causes the “My Computer” security zone to be hidden.

Editing the Registry can be a parlous project so be sure to back up the Registry first. For those who understand how to use REG files, copy the text below, paste into Notepad, and save as “showmycomputer.reg” or name of your choice. Only those who can return their computer to a previous state should try this.

Makes “My Computer” security zone visible
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0]

“Flags”=dword:00000047

To reverse the process and hide the zone “My Computer”, use the following script

Hides “My Computer” security zone
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0]

“Flags”=dword:00000021

For details about strengthening the security of the Local Machine or My Computer zone consult this Microsoft article.

Internet Spam

The origin of using the name of the Hormel Company canned meat product for junk email is attributed to various sources, including Monty Python. Whatever the origin of the name, spam is a truly major email nuisance. The ease with which large electronic mailing lists can be set up and the essentially cost-free (to the mailer) process of email means that almost anyone can send out huge quantities of advertising or other messages. Around half of all email is estimated to be spam.

How They Find Us

In theory the best defense against spam is stay off the mailing lists. So how do we get there in the first place? Unfortunately, it is almost impossible to keep your email address hidden from determined marketers. Once on a list for any reason, your address may be sold and resold many times until it is on dozens of lists. CDs with millions of email addresses are readily available for a few dollars. Any action that you take that might expose your email address on the Internet can end you up on spammer’s lists. Participation in chat rooms, newsgroup discussions, investment forums are all ways to get on lists. In a practice called “harvesting,” spammers use software called “spiders” to regularly comb the Internet for addresses. Also, many ISPs offer the option of being listed in a directory and these are fair game for advertisers.

Shopping on the Internet, signing up for newsletters, entering contests, registering to download software, or other activity requiring that you provide your email address can also get your name on lists. Although reputable merchants, newsletter writers, shareware sites, etc. will respect your privacy, some sites may feel free to sell your name to others. Always look for a statement of the policy on privacy before signing up for something.

Another method used by spammers is the “dictionary” attack. By combining all common words and names (with variations like joe1, joe2, joe3, etc.) with all the common providers such as AOL, Hotmail, MSN, Earthlink, computer programs can generate millions of possible email addresses. Many of these will be legitimate and the spammer doesn’t care about the ones that bounce. The cost of mailing to a lot of incorrect addresses is too small to be any deterrent. Thus some people advise using uncommon combinations of symbols for your email address.

Everyone should have several disposable junk email address that they use where public exposure is likely. One of the free services like Hotmail or My Yahoo serves admirably for this purpose. If an address starts to attract spam, it can just be discarded.

You can also “munge” your address in places like Newsgroups. To “Munge” is to add easily recognized extra characters to your address along with the accompanying phrase “remove xyz to obtain address”. Thus myname@myISP.com becomes myname@mynospamISP.com. The only trouble is that address harvesting software can be programmed to strip out obvious strings like nospam although many times they don’t bother.

Blocking Spam

One method of dealing with spam is to block or filter mail from known spammers or that contain particular subjects or key words. This can be done either on your email program or with special software. The common email programs like Outlook Express allow for setting up rules that apply to categories like senders, subjects, and textual content. Check your particular email client for the details. For example, in Outlook Express go to the menu under Tools-Message Rules. The problem is that spammers keep changing or faking their ostensible names and addresses as well as using phony subjects. Personally, I have found that rules and filtering within my email program may keep out some spam but that it is only a partial answer to the problem. You can also install some extra software. There are a slew of utilities devoted to stopping spam. The best types of programs use a statistical technique known as Bayesian filtering. These programs set up filtering rules based on actual experience and “learn” how to improve filters from the email that you receive. See the sidebar for references on this technique and on various software programs.

Businesses and those who are big users of email will need some heavy-duty methods of filtering spam but average PC users who receive only a few emails each day can use a program like MailWasher Pro. Also, ISPs are getting better at filtering and may also provide some way for individual users to create filtering rules.

There are also services that will filter your mail. By collecting large databases of known spammers and using their client’s emails to keep up with the latest tricks and twists of the spammers, these services can be better at stopping spam than software located on your own computer. These services naturally slow down the processing of your mail since it has to go through their server. Several are listed in the sidebar.

Note that no matter whether you filter mail with software on your own computer or use an external service, some spam will get through and some legitimate mail will get blocked.

Although there are many ways to try to block spam from arriving in your mailbox by using software or filtering services, my experience is that spam has reached the point where one of the best defenses is to have more than one email address. You can reserve one address for friends and relatives and have a second throwaway address that is changed fairly regularly. This second address would be the one that is used whenever it might be subject to public exposure. Many ISPs allow for an account to have multiple mailboxes and one can be set aside for junk. If the volume builds up, the box can be discarded and replaced by a new one. Another route is to use one of the free Internet email services like Yahoo or Hotmail. Yet another approach is to use one of the services that provide email addresses with a limited lifetime. For example, SpamGourmet will give you addresses good for a certain number of uses only.

The last and perhaps best defense is common sense and the “delete” key. Don’t open obvious spam messages and be very careful about responding to “Remove me from this list” type of addresses. That may very well just get you on more lists. Also note that formatted spam may contain Web Bugs that tell the spammer if you have opened that mail.

“Phishing”- an Internet scam

“Phishing” is a form of identity theft that used to be done over the telephone. Now, however, the crooks have gone high-tech and are using the Internet for their con games. Most commonly this consists of sending out emails purporting to be from a legitimate source such as a financial institution. Under some false pretense, such as the claim that your account needs verifying, an email will ask that you go to a Web site by clicking on a link in the email. When you go to the Web site, you are asked to “update” or “confirm” personal information such as account numbers and passwords. The Web sites may look just like a legitimate page but they are bogus sites designed to steal from your accounts. The link in the email may read like it leads to an authentic site but actually takes you to a fake page.

The first large-scale example of “phishing” was several years ago when many AOL users were tricked into divulging their passwords. Their accounts were then used for the scammer’s purposes. Since then, many other institutions have been attacked. For example, in 2003 many people received emails supposedly from eBay claiming that the user’s account was about to be suspended unless they clicked on the provided link and updated their credit card information. The scammers use mass-mailing methods and many of the recipients did not even have an eBay account. However, all it takes is 1 or 2 per cent responses for the con to result in a nice haul.

Recently, banks have been a favorite target of “phishing”. An example of a scam email that I recently received is shown below.

phishexample

Note the psychological tricks known as social engineering in the email. The very problem that we are concerned with- identity theft- is brazenly used as a way to induce you to allow identity theft. It plays on your fears. Moreover, the email looks like a real Citicorp email. Also, note that although the link in the email contains the name “Citibank”, it has nothing to do with Citibank. In fact, the link that appears in the text of the message is likely to have little relation to the actual link contained in the underlying HTML code. To see the real link in an email message, right-click on the text and choose “Properties” from the context menu. To see an example of a faked link, try this one that seems to be from a familiar company (but isn’t): http://www.microsoft.com.

Another trick that is used is to take you to a page that uses JavaScript to generate a pop-up form and then redirect you to the actual bank site. What then appears on your screen is a fake form on top of a legitimate page.

Here is another example of “phishing”:
phishexample2

ISPs, banks, etc. do not ask for passwords and the like to be entered by email. Be suspicious of any email message that asks for personal information. Don’t ever follow a link in an email that asks you to update or verify sensitive information. If you want to contact a company, go to their Web site by using a link from your records or telephone them.

If you would like to test how good you are at recognizing “phishing” messages go to this quiz site where examples of actual “phishing” are mixed with legitimate mail.

The sidebar lists a number of references on “phishing”, including what to do if you think you have been scammed. You should also report scam efforts to your bank or other account.

“Phishing”- an Internet scam

“Phishing” is a form of identity theft that used to be done over the telephone. Now, however, the crooks have gone high-tech and are using the Internet for their con games. Most commonly this consists of sending out emails purporting to be from a legitimate source such as a financial institution. Under some false pretense, such as the claim that your account needs verifying, an email will ask that you go to a Web site by clicking on a link in the email. When you go to the Web site, you are asked to “update” or “confirm” personal information such as account numbers and passwords. The Web sites may look just like a legitimate page but they are bogus sites designed to steal from your accounts. The link in the email may read like it leads to an authentic site but actually takes you to a fake page.

The first large-scale example of “phishing” was several years ago when many AOL users were tricked into divulging their passwords. Their accounts were then used for the scammer’s purposes. Since then, many other institutions have been attacked. For example, in 2003 many people received emails supposedly from eBay claiming that the user’s account was about to be suspended unless they clicked on the provided link and updated their credit card information. The scammers use mass-mailing methods and many of the recipients did not even have an eBay account. However, all it takes is 1 or 2 per cent responses for the con to result in a nice haul.

Recently, banks have been a favorite target of “phishing”. An example of a scam email that I recently received is shown below.

phishexample

Note the psychological tricks known as social engineering in the email. The very problem that we are concerned with- identity theft- is brazenly used as a way to induce you to allow identity theft. It plays on your fears. Moreover, the email looks like a real Citicorp email. Also, note that although the link in the email contains the name “Citibank”, it has nothing to do with Citibank. In fact, the link that appears in the text of the message is likely to have little relation to the actual link contained in the underlying HTML code. To see the real link in an email message, right-click on the text and choose “Properties” from the context menu. To see an example of a faked link, try this one that seems to be from a familiar company (but isn’t): http://www.microsoft.com.

Another trick that is used is to take you to a page that uses JavaScript to generate a pop-up form and then redirect you to the actual bank site. What then appears on your screen is a fake form on top of a legitimate page.

Here is another example of “phishing”:
phishexample2

ISPs, banks, etc. do not ask for passwords and the like to be entered by email. Be suspicious of any email message that asks for personal information. Don’t ever follow a link in an email that asks you to update or verify sensitive information. If you want to contact a company, go to their Web site by using a link from your records or telephone them.

If you would like to test how good you are at recognizing “phishing” messages go to this quiz site where examples of actual “phishing” are mixed with legitimate mail.

The sidebar lists a number of references on “phishing”, including what to do if you think you have been scammed. You should also report scam efforts to your bank or other account.

How to Read Email with Greater Safety

For the most part, the greatest danger in email in the past has been from opening executable attachments containing viruses, worms, Trojans, etc. and I have discussed this subject previously. Using common sense about clicking on attachments, keeping anti-virus programs and the operating system patches up-to-date, and some system configuration should prevent infectious attachments from harming your system. With increasing frequency, however, the email body itself has become a source of infection. By means of HTML code or scripts hidden in the text, malware may get downloaded simply from the act of opening an email for viewing. It is also possible for spammers to track you this way (Web bugs, see sidebar). In this article, I will discuss some ways to avoid getting malware from the main email body.

Turn off the Preview Pane

For convenience, many email programs provide automatic views of email called the “Preview Pane.” Unfortunately, this means that any malicious code in the email body may get executed also. Or a signal may be sent to a spammer showing that you are reading the message. Steps can be taken to help allow safe use of the Preview pane but some may prefer to be sure and will want to turn off this feature. That way only mail that you deliberately choose to open will be displayed. Different email programs will have somewhat different procedures for disabling the Preview pane but I will give the method for the commonly used Windows email client Outlook Express (OE).

Go to the “View” menu, click “Layout” and uncheck “Show Preview Pane”. The procedure is illustrated in a tutorial with pictures showing how to configure OE for safety. Configuring the Preview pane is demonstrated on slides 7 and 8 of this tutorial. Also see slide 4 to see how to turn off automatic downloads in the Preview Pane.

Another way of turning the Preview Pane on and off in OE uses a sequence of keyboard shortcuts. First hold down “Alt” and “v”. This will open the “View” menu. Then in succession, press “l” “p” and “Enter.” Note that this is “l” for “Layout” and “p” for “Preview Pane”.

I do not use the more complicated application Outlook that is part of Microsoft Office but the Outlook feature “AutoPreview” (but not “Preview Pane) is said to be safe to use.

Configure system

The latest versions of OE and Outlook have several security measures in place by default but it doesn’t hurt to check. Make sure that OE is in the so-called “Restricted sites zone”. Go to the “Tools” menu and open “Options”. Click the “security” tab. Make sure the radio button is selected next to “Restricted site zone.” This procedure is detailed in the tutorial previously mentioned.

Read text only

In order to avoid any hidden HTML or scripts, email can be checked out by first reading it in text only. OE has a setting to provide for this. Go to Tools-Options-Read and place a check by “Read all messages in plain text”. This will disable all graphics and formatting so it may look a little funny but no viruses or spammer’s trackers will be able to run. If a message seems legitimate, the graphics can be turned back on. This procedure is illustrated in slide 4 of the tutorial.

Another way to read an email in text in OE is to right-click on the entry in the message list and then select “Properties”. Click the “Details” tab and then click the button “Message Source”. (See the fgure below.) This method allows for selectively reading messages in text without changing the configuration.

oeprop1

Reading on the server

Rather than bringing email to your computer and reading it locally with your own email client, you can also read the mail in text while it is still on the email server. If your mail account is of the usual POP3 variety, the free program MailWasher is a handy way to check out mail before downloading it. IMAP accounts or those with AOL or Hotmail can use the commercial cousin MailWasher Pro ($37).

Taporinx “Virus” Removal (Android/iOS)

If you find yourself being bothered by different pop-ups and banners that get displayed onto your device’s screen or you get frequent redirects from the newly set search engine and/or homepage in your Chrome, Firefox or Safari browser, then you’ve probably had Taporinx “Virus” installed onto your smartphone or tablet. This is a potentially unwanted application of the Browser Hijacker type and though it is not some sort of malicious virus such as Ransomware or a Trojan horse, we do believe that uninstalling and fully removing Browser Hijackers from one’s device is the best course of action. You can find instructions on how to do that within our removal guide below, but before you go there, read the rest of this article to learn more essential information regarding Taporinx “Virus” and Browser Hijackers in general.

Are Hijackers threatening?

As was said earlier, software the likes of Taporinx is normally not harmful or threatening on its own. Nevertheless, it could still potentially make your device more vulnerable to actual security threats the likes of Trojans, Spyware, Ransomware, etc. For example, some of the pop-ups that get generated by the intrusive software can potentially serve as links to websites that could be illegal and dangerous. That is why we advise our readers to do everything they can so as to avoid interacting with anything coming from the Hijacker. Note that the annoying banners generated by it are unlikely to go away unless the application that causes them is fully removed from your device.

Distribution of Hijackers

Most users that have gotten Taporinx on their smartphone or tablet have done so by having had installed a certain application that contained the Hijacker. There are a lot of applications out there that seem fine and reliable but once they get installed, the user realizes that they’ve gotten more than they’ve bargained for.

A good piece of advice in order to prevent this from happening to you in the future would be to avoid downloading applications that are not from the Google Play Store or the AppStore. However, oftentimes this is not enough to prevent Hijackers from getting inside your system, which is why an additional precaution that you should always take would be to research applications that you want to install if you are not certain about how safe they are. Bear in mind that sometimes the rating system and the reviews in the Store are manipulated through use of fake profiles, so do not always fully trust what you see there.

Taporinx “Virus” Removal

iOS Removal Guide

STEP 1

If you have any popup ads that are open at this time, you will need to close them all.

  • Before closing the ad, check to see whether or not the pop-up has a box called “Don’t show more alerts from this webpage”. If it does, be sure to tick it.
  • After you close the ad, a “Block Alerts” button may appear on your screen. If this happens, be sure to tap the button in order for you to no longer receive alerts from that page.

In the event that the above instructions did not succeed in closing the pop-up:

  • If this is happenning on your Mac desktop computer, you will need to close your Safari browser by force. To do that, use the following key combination: Command-Option-Esc. A list of apps will appear, where you will need to locate and select Safari. Force close it. After this, restart the browser and press and hold the Shift key on your keyboard, once the browser opens. This will stop any ads from appearing.
  • If you are using an iPod Touch, an iPhone or iPad, double-press the home button. The screen will then show you all the most recently used applications. Swipe until you have located Safari and then swipe it up so as to close it forcibly. After this, head over to Settings -> Safari -> Clear History, as well as Website Data. This will prevent ads from opening automatically when you open your browser. But note that the above will also delete your browsing history and cookies, so be sure to export them if they are important to you.

STEP 2

In the Safari menu, select Preferences. Then:

  1. Click on the Security icon, after which click on the “Block pop-up windows” option. This will prevent a large variety of different pop-ups from appearing.
  1. Once this is done, check the homepage and search engine settings in your browser. Adware often tends to change those. We can’t offer any more specific guides as to how to do that, due to the fact that they may vary from browser to browser.
    • Click on the General icon and notice the Homepage field. Make sure that it is either empty or contains the URL of the Homepage of your choice.
    • Do the same for the Search icon. It should, again, display either the default search engine or the one you had appointed yourself. Please note that in certain versions of Safari you will be able to find these settings in the General panel.

STEP 3

Open your Safari browser and click the Extensions button. Most of the time Adware programs rely on integrating extensions with your browser, so as to generate the pop-ups that appear on your screen. Scan the extensions and take note of those you don’t recall installing. Be sure to then remove them all, as they were most probably placed there by the Adware. 

Android Removal Guide

STEP 1

Regardless of the type of browser you are currently using, be it the default “Internet” App or another one, such as Google Chrome, head over to:
Settings/More/Application Manager/All

Find the Browser or the App you’re using and tap on it.

STEP 2

Here you will basically be doing the same thing if you’re using the “Internet” App, or a different browser of your choice, such as Chrome or others. However, below are instructions for both cases:

For user of the “Internet” App:

Tap the Force Stop button.

Move down and tap the Clear Data and Clear Cache Buttons.

For Google Chrome Users:

Tap on  Force Stop.

Then tap on the buttons labelled as Clear Data and Clear Cache.

STEP 3

Restart your browser. You might want to consider rebooting your Android device, as well.

Were we able to help? Please help us, too, and spread the word!