Review of Opera's new browser Ver.9.10.

And finally the long awaited browser ver. 9.1 from Opera is out. Yes the wait is finally over. Opera has always been a leader when it comes to bringing in new features and the latest version of the Opera browser is full of that and the English version is only 4.9 MB in size.

Taking into account the rampant phishing attacks that has been going on in the net world one of the features that the latest versions of Firefox and Internet Explorer has included is the anti-phishing feature. Firefox 2 even with it's anti-phishing feature was recently reported to have been open to a security flaw through an exploit in it's password manager. The flaw which is known as the reverse cross site request (RCSR)is caused due to the Password Manager not properly checking the URL before automatically filling in saved user credentials into forms. This may be exploited to steal user credentials via malicious forms in the same domain.

What mainly sets Opera 9.1 from IE 7 and FF 2 is it's real time fraud protection. Real time fraud protection is a very cool feature simply because it gives you real time protection from a constantly updated list on Opera’s database to check the legitimacy of the site you want to visit. Unlike Firefox's default method of checking a pre-downloaded list of websites Opera does the checking in real-time so you’ll be protected against new fraud sites that pop-up each day.

The pic above gives you an idea about how it looks in the Opera 9.1 browser.

If the site is determined to be a fraud, Opera will instead display a warning and block you from visiting the site. You’ll still have the option to bypass the warning all for all those who worried about their privacy getting compromised while Opera directs you to the real time checking, Opera will send only a limited amount of information to Opera’s server in plain text, so that you can inspect yourself the information Opera sees about your browsing details.

It's easy to turn on and off the fraud protection from the information dialog you get when clicking the icon.

According to the OPera desktop team's blog "We don't store information on our servers that let us track individual users. IP addresses are discarded and we don't use cookies or other session information. No information goes directly to third parties, all communication goes through our own servers. Our servers get the trust information from a database supplied by GeoTrust, who have a long experience with anti-fraud solutions." Also apart from GeoTrust the new browser has real-time protection provided by PhishTank. PhishTank is a collaborative clearing house for data and information about phishing on the Internet.
PhishTank, operated by OpenDNS and community members, enables anyone to submit, verify, track and openly share phishing data.

The open access of PhishTank, and the use of PhishTank data in Opera, is intended to encourage the sharing of information and increase the chance of eliminating phishing all together.

The other worry would be whether speed is compromised when all these things are done in real time to check against the list. But since everything is done asynchronously and the content load is really minimal it would not affect the speed.

The anti-fraud feature is an opt-in feature for now. Opera is about giving users the choice now since they believe that it would take a bit of time for users to get used to this feature. Also to transmit the data to the site check server Opera uses https when they send information about an https server, to ensure that the trust information is at least as reliable as the original content. Opera still prefers to use http most of the time, since they are not very comfortable with sending home information that Opera users can't easily inspect.

From the desktop team here is a list of problems that has been addressed and fixed in the new version:
* Improved stability
* Prevented page reload when navigating to "#"
* Fixed problem where pages showed the incorrect favicon
* Fixed problem where multimedia keyboard shortcuts would not work when Opera was focused
* Attempted to fix problems experienced on some pages when using a slow Internet connection by increasing opera:config#Network|HTTPLoadingDelayedTimeout to 60 seconds
* Fixed bug where document.body.currentStyle.height reported the wrong value
* Fixed bug where currentStyle.width was not correct if width is set by a script
* Fixed bug where 'Open all' from Widgets menu was broken
* Fixed bug where BCC header was visible to recipients in resent messages
* Fixed bug where cookies could not be removed using XMLHttpRequest
* Fixed bug where one could not log in to Gmail with "Accept only cookies for the site I visit" enabled
* Changed Mozilla ID string spoof to mimic Firefox
* Fixed bug where browser.js wasn't cached correctly
* Fixed issue where stored passwords were lost after enabling/disabling the master password
* Made IE ID string spoof as Windows on Linux/UNIX and Mac
* XMLHttpRequest didn't handle redirects
* Enabled use of the Authorization header in XMLHttpRequest
* "Save target as" and "Save to disk" now play well together
* "Save directly to" now works
* Improved error message when a dictionary isn't installed for the spelling checker
* Fixed accidental deletion of a feed when unsubscribing.
* Windows media plugin now works even if java is disabled

Also apart from the real time fraud protection and the stuffs listed above the new version has the following features:
* A whole set of web developer tools integrated including:
* Live CSS (Cascading Style Sheets) inspector
* DOM inspector
* view source
* view live source (generated code)
* cool colour picker/inspector: lets you hover over any colour on the screen and get the code for it.
* windows resizer to common sizes for devices, mobile phones and pcs
* Tabbed browsing and pop-up blocking
* Opera integrated search
* Integrated search
* Password manager
* Opera skins
* Customization
* Integrated voice features
* Full support for Gmail
* Atom newsfeeds
* First Web browser to natively support Scalable Vector Graphics (SVG)

So with all these cool features Opera 9.1 is going to be in the same league as the Firefox 2 and Internet Explorer 7. May be the delay in the release has also been a blessing in disguise to them since it allowed them time to look at and analyse the new features in the other two browsers and be one up. Now, this is what we call healthy competition, not cut-throat.

Download Opera 9.1 (4.9 MB)

Related Reading:-
Opera 9.0 security vulnerabilities.
Firefox 3 Alpha 1 released.
Security flaw in Firefox 2 allows phishing attacks.

A lie detector for Skype users.

The Kishkish lie detector is a software that uses the Voice Stress Analysis to analyse the stress level in a person's voice. This tool monitors in real-time the stress level in the person's voice.

Before the software starts it's analysis it first calibrates the general stress levels of the speaker.

If you are clever enough you can modify your questions accordingly like what happens in a real lie detecting test as you watch the four indicators that shows you the stress level.

The four indicators are the needle that moves up and down and registers the stress level of the speaker, the meter which measures the stress level from 0-100, the light indicator that changes from green to red when stress levels go up and finally the messages that are displayed as "high" or "normal" according to the stress level.

Also, if you want to analyze the stress level off-line you can use the Kishkish SAM VSA.

On the Kishkish lie detector website you can make a test call to analyse the performance of the software. For this they have set up a recording of Bill Clinton's famous denial of having sex with Monic Lewinsky and as soon as Clinton says "I did not have sexual relations with that woman, Miss Lewinsky" the indicators registers a high stress level.

The software also lets the user at the other end know that his voice is being monitored by a lie detector. This is done to avoid any legal issues that might arise out of conducting such a test without the user's knowledge.

One of the problems with any lie detectors has been it's inability to clearly distinguish between the nervousness in a person's voice from the stress level. Since the Kiskkish lie detector is a new software we have to wait and see how it performs in that area.

But all said and done this tool will at least give some idea about the other person especially when you realise the amount of strangers you stumble upon on the gentle yet wild world of the Internet.

Minimum system requirements:
. Skype™ 3 Version
. Microsoft Internet Explorer 5.0 or higher
. Windows XP or Windows 2000 (SP3)

Websense's security threat predictions for 2007.

Websense, one of the reputed Internet security providers have released their version of security threats for the year 2007.

It was only recently that Mcafee released their own predictions for the year 2007 about security threats.

Mcafee's predictions and Websense's predictions are not much different. They both regard that the underground market for exploits will be on an increase in 2007, Social networks will be under increased attacks and vulnerable to exploits, Botnets will be on the rise etc:- But Mcafee's predictions for 2007 has covered more grounds like Rootkits on 32 bit platforms will increase, Parasitic malware will make a come back etc:- You can read about the Mcafee's predictions under the "Related reading" link below.

Okay, let us have a look at the Websense's predictions:

The Criminal Underground Economy:

As I had written in my article "Underground market for security exploits is growing" it is very true that there is a huge underground market were malicious and organized criminals are queuing up to buy the exploits.

Websense predicts that the market for zero-day attack code will be more competitive. This will result in an increase in the number of zero-day attacks and better attacks on both the client and server-side.

Web 2.0 Security Issues Escalate:

With the huge user base that the popular websites especially the social networking sites and social news networking sites carry more and more attackers are concentrating on exploiting them since the target base is widening. Sites like Myspace has been in the news with it's security flaws and for the phishing attacks almost every month.

Even video files are being used to target the users. Who can forget the QuickTime worm that recently compromised a lot of user data in Myspace. And plenty of phishing sites that is reported to be in Myspace. Also, one should remember that the QuickTime flaw that lead to the QuickTime worm attack is not yet patched by Apple and any other social networking sites that allows embedding of this is prone to this sort of an attack.

Allowing users the total freedom to upload user-created content will only increase the security risks.

Anti-Phishing tool bar exploits:

According to Websense "In 2006, several high profile companies released anti-phishing toolbars embedded within the browser. However, Websense predicts that some anti-phishing toolbars will become targets of exploit code designed to disable or avoid their prevention mechanisms."

Well this is already true with the recent security flaw that was found in Firefox 2 which is known as the Reverse cross site request. This allows a malicious person to exploit the flaw in the Password manager in Firefox 2 by putting a fake site and getting the password Manager to automatically fill in the password without even verifying the login server.

Enhanced Concealment of Data:

As I had written in one of my earlier articles, Rootkits + trojans could be a deadly combination. And according to the Websense prediction this will be more on the rise in 2007. Even Mcafee has said the same thing.Attackers will be using encryption with malicious code to bypass preventive measures.

BOT Evolution:

BOT nets is already having an underground market since a group of Zombie computers can be used for DDOS attacks and spam attacks and this is also going to be a major threat in 2007. Distributed command-and-control and the use of other protocols other than Internet Relay Chat (IRC) or HTTP will be used to control BOT networks. Increased use of encryption and custom packing of BOT’s will also occur.

So, once you read the predictions of both Mcafee and Websense you will get an idea as to what to watch out for in the year 2007 and thus will be aware of the precautions to be taken. Even with the increased protection and detection level today's softwares offer, the attackers too are getting more sophisticated trying to stay one step ahead. So as an user we should also stay educated and learn how to stay protected.

Related Reading:-
Mcafee's prediction about the top 10 security threats for the year 2007.

Flaw in Symantec's Antivirus being exploited.

News is out that a flaw in the Symantec ANtivirus software for corporates is being exploited by attackers since thursday. The flaw is seven months old and was first detected by Eeye and Symantec had already issued a patch for this. But many of the users have not patched the system.

Also, it seems that many of the users are using counterfeit version of the Symantec software without knowing about it. This can be supported with the fact that it was only recently that Symantec filed a lawsuit against a piracy ring that has been selling counterfeit versions of Symantec's software since the past three years.

The worm is dubbed Big Yellow and the machines infected with this worm allows the attacker to connect with other computers for malicious attacks.

No significant outbreaks have been reported so far. Symantec has so far received three reports of systems infected with this worm.

It was not long back when another Antivirus maker Panda was reported to be having some major security flaws. And now it is seems to be Symantec's turn to be in the news for the wrong reasons. But having said that it is not entirely Symantec's fault as they had issued a patch way back in the month of May.

Instant buzz and spywares.

On one of the mails my friend recieved yesterday from a person who is supposed to be one of the "Adsense gurus", whom she had subscribed to out of curiosity, a program called Instant Buzz was suggested as a great tool to drive traffic to your website. Now coming from a source like that any unsuspecting user would have just gone to the Instant buzz site and installed the suggested tool bar which is absolutely free.

Going to the site you will see some catchy words and that would entice an unsuspecting user into downloading it and installing it on your PC.

The kind of offers it was making along with the "free" tag made me wonder how this guys are making money out of it and that too with the claimed full support team that they have.

I have written about spywares/adwares only recently and it did not take much time for me to realise this program could be yet another one that fits into that category. And to confirm my suspicion all I had to do was to Google the words "instant buzz" + spyware (this is just one of the ways one must confirm before installing any program that looks supicious, especially the ones that installs tool bars) and there was a plethora of related results with people talking about how it has affected them badly after installing it.

The pestpatrol report confirmed that this program Silently connects to an unintended location to transmit User Data. And it connects to a server every time that a new browser opens even if it's closed in the previous window.

In the scam.com forum about Instant buzz users were even talking about how hard it was to unistall the program.

The bottom line is never ever install programs that are all decked up with all these promises that are hard to digest. Always be cautious and do your own little research no matter who suggests it.

Scam.com is an ideal place for everyone to check out all the scams and stuff. You can find different categories there like Charity Scams, Corporate Scams, Internet scams etc:-

Also one must definitely check out the Spywarewarrior.com site that has a detailed list about all the rogue/suspect Anti-Spyware Products & Web Sites and other Anti-spyware resources.

Also check out the article I wrote about Spywares and Anti-spywares.

Social networks vulnerable to QuickTime security flaws.

I guess everyone knows about the recent QuickTime worm that affected a lot of myspace users. And Apple has not yet released a fix for it but instead just gave a fix for Myspace users and also for Internet Explorer users. This means anyone using any other browser and any other other social networking site using QuickTime is still vulnerable to these kind of attacks.

According to the F-secure blog QuickTime fails to warn the users before loading and executing javascript from external resources – two things that all similar applications are expected to do. For example, Flash allows embedded scripts, but it warns the user when a flash application tries to access an external resource.

The HREF track flaw which was the one that was used to attack the myspace users, it seems is not the only flaw with QuickTime. QuickTime is vulnerable to another similar flaw and it still remains unfixed.

According to the gnucitizen blog the basic problem is that because of its flexibility QuickTime seems to allow execution of malicious content in a form of JavaScript from media files such as mp3, mp4, m4a and everything else that is supported. In the article Backdooring MP3Files the writer talks about the QuickTime vulnerability which is different from the recent HREF track vulnerability.

Apple claims these flaws to be a feature of QuickTime while F-secure begs to differ on that and calls it a vulnerability and recommends that websites should block Apple QuickTime content completely until a patch is available from Apple for both vulnerabilities.