By Dennis O’Reilly Many software vendors see security updates and bug fixes for their applications as a chance to install unrelated — and uninvited — programs onto your PC.
One vendor guilty of this offense — and not cited in Susan Bradley’s Aug. 13 Top Story on this subject — is Adobe, which preselects the option to install the Google Toolbar along with its Flash Player and Adobe Reader patches.
Pete Poorman points out that Adobe has been doing this for many years:
- “While not as egregious an offense as Sun’s promotion of Carbonite, Adobe certainly deserves to be in the Installers Hall of Shame.
Insider tips, how-tos, best security practices, and more
Subscribe to Windows Secrets — free!The Windows Secrets Newsletter brings you essential tricks for running Windows XP, Vista, 7, Internet Explorer, Firefox, Windows Update, and more — weekly, free.
Bonus: get this free download when you subscribe
Need help overcoming difficulties in learning Windows 7? This month, every Windows Secrets subscriber can download a one-chapter excerpt of Windows 7: The Missing Manual. In his book, David Pogue covers a variety of topics ranging from navigating the desktop, Window's apps and gadgets, and even backing up your files.We guarantee your privacy: We will never sell, rent, or give away your address to any outside party, ever. We will never send you any unrequested e-mail. Unsubscribe requests are honored within one business day. Privacy Policy
“First, the initial installation of Flash Player and Adobe Reader both default to installing the Google Toolbar. While not a for-pay commercial offering, Google Toolbar is completely unrelated to the core function of Flash Player and Adobe Reader — just as Carbonite is completely unrelated to Java. At a minimum, the default should be to not install this toolbar. Adobe doubles down on this offense by also defaulting to install the Google Toolbar when the Flash Player is updated.
“Second, Adobe all but forces the installation of the Adobe Download Manager (Adobe DLM) ActiveX control in order to install or update the Flash Player. At less than 2MB, the Flash Player doesn’t require a download manager to ensure successful downloads. This apparently unneeded complication raises questions about the true purpose of Adobe DLM.
“In addition, when I’m updating software to fix a security hole, I do not want to install another potentially unsafe piece of software from that vendor, especially software that’s of a class (ActiveX control) that is a frequent vector for malware.”
Gmail activity log defeats a hack attack
The Aug. 13 Known Issues column included a letter from a reader named James who described how to use the Gmail activity log to discover unauthorized use of an account. The log came in very handy for Dan Juroff:
- “In reference to Mr. O’Reilly’s piece on the Gmail activity log, I would like to report that the feature was recently very helpful to us in identifying the source of unauthorized accesses to one of our user’s accounts. (Our e-mail is hosted by Google.)
“When one of our users discovered one morning that all the mail in his Sent folder had been deleted from the Gmail server, he contacted me and I immediately went to his location to examine his account, which he left open until I arrived. Even though the log lists only the last five IP addresses from which access had been made, it so happened that two of those were from IPs other than our own.
“A ‘who-is’ on both addresses revealed their ownership, including one that was owned by the same ISP we use. Our provider was more than happy to identify the organization to which the IP was assigned, which happened to be that of another academic institution which, in turn, happened to be the current employer of one of our past employees. While with us, the former employee was working in a tech-support position and had — in a convoluted way — been given access to numerous e-mail passwords.
“In addition, I found that forwarding had been enabled in the victim’s account settings and that an e-mail account had been inserted there, to which copies of all incoming mail were being forwarded. Naturally, the victim had no knowledge of the forwarding account and didn’t even know how to set up the forwarding feature to begin with.
“The manner in which those passwords were obtained is another good lesson to us all. The passwords were actually provided to him by employees for the purpose of setting up accounts for use with a student information system. When setting up their accounts for the program, our friend would ask them to provide a password.
“As you know, most people will use the same password over and over again, so when providing him a password, they would commonly give him the same password they used for everything else, including their e-mail accounts. Armed with a list of passwords, all he had to do was experiment with them to see if he could access their e-mail accounts with them. I’m sure most of them were successful.
“It was pure, dumb luck that I got into the activity log before the owner accessed his mail a couple more times, as each new access bumps the oldest one off the list. It should be noted, however, that Google will provide a 30-day history but that a release must be completed by the account holder granting permission to do so.
“Hope you enjoyed this story of espionage and intrigue. Keep up the good work, guys!”
Most recent Java update may not be offered
Susan’s story referred to Sun’s Java SE Update 16, which was released just a few days after Java SE Update 15 and included the security updates and bug fixes of the previous patch. After the newsletter was published, it was learned that not all users would receive Update 16, so some people with Update 15 would be told by the Java updater that their current version was the latest available.
If your PC has Java SE Update 15, you may not need the more-recent release and may indeed consider your system up-to-date.
| Readers Pete and Dan will each receive a gift certificate for a book, CD, or DVD of their choice for sending items we printed. Send us your tips via the Windows Secrets contact page. |
The Known Issues column brings you readers’ comments on our recent articles. Dennis O’Reilly is technical editor of WindowsSecrets.com.
Related posts:
