Stories by Erik Larkin

Customize hard drive searches with Agent Ransack

Agent Ransack (free) allows for creating customized searches that go well beyond basic Windows searches. Its most powerful features are aimed at programmers and other techies. It's available in a 32-bit and a 64-bit version.

New threat: Undetectable Facebook scams

I recently received two Facebook e-mail notifications that set my security spider-sense tingling. Nothing was obviously wrong with the e-mail messages, which said that my friend had tagged a photo of me and then commented on it. But something about a reference to an app named "Who stalks into your profile" just didn't feel right.

Browser fingerprints: A big privacy threat

Forget cookies -- even the ultrasneaky, Flash-based "super cookies." A new type of tracking may identify you far more accurately than any cookie -- and you may never know it was there.

The low-down on low-level rootkits

Rootkits, a type of stealth technology used by malware malefactors, attempt to hide in the dark corners of an infected PC and evade detection. A new post out today from the Microsoft Malware Protection Center shines the spotlight on the evil tools.

Watch Facebook friends without a browser in Fishbowl

The experimental Fishbowl for Facebook application connects you with all your Facebook data without a browser. Its layout differs somewhat from what you'd get on the Web page, but it's otherwise pretty similar.

Good Guys Bring Down the Mega-D Botnet

For two years as a researcher with security company FireEye, Atif Mushtaq worked to keep Mega-D bot malware from infecting clients' networks. In the process, he learned how its controllers operated it.

Google's Dashboard approach to privacy

If you use Gmail, Google Calendar, Google Docs, or any of the ever-growing array of Google services, you may have cringed at the trove of personal data the company has gathered. To allay concerns, Google launched Dashboard, a single page housing privacy controls and settings for most of its services.

Bugs and fixes: zero-day patch for Internet Explorer 6 or 7

A dangerous vulnerability in Internet Explorer 6 and 7 became publicly known before a fix was available, raising the specter of a high-risk zero-day attack. The bug involves the way IE handles Cascading Style Sheets (CSS) objects, and could let an attacker run any command on a targeted Windows XP, Vista, Server 2003, or Server 2008 PC. Bad guys have already posted sample attack code online. IE 8 is not affected. For more information, see Microsoft Security Advisory 977981.Meanwhile, a bug in the way Windows handles Embedded OpenType could allow a baddie to take over vulnerable Windows XP, 2000, or Server 2003 computers via malicious Websites or poisoned Office documents. The bug can't harm Vista or Server 2008, and doesn't affect Windows 7. Read Microsoft Security Bulletin MS09-065 for details.

Market Place

[]