AVG AntiVirus is a free and popular antivirus application that people have been using on their desktop computers for years to protect their desktop operating system, such as Windows XP or Windows 7. Did you know that AVG also has an Anti-Theft Service for Android devices? Here’s how it works.
So what about security and does this Anti-Theft service really work? In my tests, I found that the application works for the most part and can be useful to lock a stolen device remotely (and potentially wipe out the device, which I didn’t try). The features work, except that the first time I used the Locate feature, it didn’t even come close to the actual location of the device. While my smart phone was in my had, it showed that my device was located in a different zip code about 10 miles away from me. After a while it did show the exact location, so decide for yourself if this is good, bad, or ugly.
Another weak point that I discovered is that the application itself doesn’t use Secure Socket Layer (SSL) to encrypt the pages on the Web site. This surprised me. A company that makes AntiVirus software should be securing pages where customers are entering passwords and working on Anti-Theft software. In other words, you are using AVG’s unsecure page to secure your Android device. Really? This makes no sense.
Not only the Web site is unsecure, the password that you provide to lock the device can only be 4-6 characters. In other words, the password you provide is going to be very weak. While this may be good enough to keep an average “Joe” out, it won’t be good enough to keep a serious hacker out.
Hopefully, over time AVG will improve this application. It’s a good start but in my opinion the application appears to be more for fun and games than to offer a serious anti-theft service……mainly due to the quality of service and the fact that AVG doesn’t offer encryption to use a security software on their Web site. As I mentioned already, it does seem to get the job done for the most part so I am not ruling it out as a totally useless application. I believe it needs work to offer better reliability for locating the device and also needs some security improvements. After all it is a security application.
By now you may have heard of all the warnings and bad things that can happen if you have Java installed on your computer, like having your credit card or other personal data stolen, identity theft, and spyware installed on your computer after you are redirected to certain sites. Even Department of Homeland Security (DHS) issued a warning in January to disable Java. This is rather unusual because DHS doesn’t usually go around telling people what they should remove from their computers.
- Java is an OOP programming language while Java Script is an OOP scripting language.
- They require different plug-ins.
chrome://plugins, click Disable and then restart the browser. In Firefox go to Add-ons, locate Java platform, disable it and restart the browser. In Internet Explorer it is not easy to disable Java. In fact, even if you go to Java Web site and check if you have Java installed in Internet Explorer, don’t believe it as gospel truth. You can read this InfoWorld article for more information: Disabling Java in Internet Explorer: No easy task. Frankly, besides Internet Explorer, other browsers can also lie and tell you that Java is not installed, when it is.
The security warning issued by DHS was related to all versions of Java 7 through Update 10. Java 7 Update 11 sets the default Java security settings to “High” so that users will be prompted before running unsigned or self-signed Java applets. The latest version is of today is Java 7 Update 13. With all the issues with Java I believe it is best to disable Java altogether on all the browsers. Period!
NOTE: Even after Oracle claimed that they have fixed the problem that prompted DHS to issue a security warning, DHS still insisted that we should disable Java.
Disabling Java in Internet Explorer
NOTE: On 64-bit Windows computers you can also get to the Java Control Panel by using this command at Start, Run: c:\Program Files (x86)\Java\jre7\bin\javacpl.exe. On 32-bit Windows computers, use the following command: c:\Program Files\Java\jre7\bin\javacpl.exe.
Windows XP: Go to Control Panel and double-click to open the Java Control Panel.
Disabling Java on Macs
Possible Consequences of Disabling Java
The potential drawback of disabling Java can be that some Web sites won’t display menus properly, or you may not be able to see the stock prices, weather updates or some ads. Frankly, most of us don’t care about this stuff. Even if you do, in my opinion disabling Java far outweighs the benefits of seeing ads or weather updates on different sites.
TIP: If you must use Java because you feel your life is completely miserable without Java and you had some great luck skiing in the avalanche season and skating on thin ice then enable Java in the latest version of Chrome or Firefox, rather than Internet Explorer, because they give you more control on when to run Java on specific pages.
Have I experienced any negative consequences by disabling Java in all three of my browsers (Firefox, Internet Explorer, and Chrome)?
There are some major differences between Microsoft Threat Management Gateway (TMG) and Microsoft Unified Access Gateway (UAG). The two products are completely distinct and do not share any code. However, if you install UAG, it will automatically install TMG and if you remove UAG it will automatically uninstall TMG. So they are definitely linked in certain ways. TMG can be installed on Standard, Enterprise or Datacenter editions of Windows Server 2008 SP2 or R2. UAG can be installed on Windows Server 2008 R2 (Standard or Enterprise).
TMG is a software firewall. Unfortunately, it will go away in future as Microsoft doesn’t seem to have any plans for its renewal. However, it will be supported until April 14, 2015 and won’t completely disappear from the scene until April 14, 2020. UAG is also going to be a dead duck. I would love to see Microsoft sell these Forefront products to another company that can turn them into a more useful solution, rather than making them disappear altogether.
The following are some highlights to give you some insight on both these products. This is not a comprehensive list by any means. It’s just something to help you figure out which product might be the right choice for you.
TMG (Threat Management Gateway)
UAG (Unified Access Gateway)
|Replacement for ISA (Internet Security and Acceleration) Server 2006 that serves as a firewall||Replacement for IAG (Intelligent Application Gateway) that serves as a remote access solution for applications|
|Primarily meant to be a firewall solution for internal network||Does not offer a firewall solution but installs TMG, which is used as a firewall for UAG local host (not for internal network) and allows you to only publish SMTP server|
|Supports inbound and outbound access (firewall or forward proxy)||Does not support outbound access|
|Supports forward-proxy||Does not support forward-proxy|
|Supports reverse-proxy||Supports reverse-proxy but because of some limitations TMG is considered a better reverse-proxy solution for certain situations|
|Can be used to publish internal resources to the outside world||Better for publishing internal resources than TMG because it can publish multiple applications on a single IP address using the UAG portal, which is essentially one URL that gives users access to all published applications on internal network|
|Can be used for VPN connections||Can be used for VPN connections|
|Supports PPTP and L2TP VPNs||Does not support PPTP and L2TP VPNs|
|Much simpler to configure than UAG (keep in mind they serve different purposes), especially if upgrading from ISA Server 2006 because it may take just a few minutes to configure by simply exporting ISA Server 2006 configuration and importing it in TMG||Complicated to configure than TMG (keep in mind they serve different purposes) because it can possibly take months to configure UAG properly|
|Does not include an advanced end-point mechanism similar to Network Access Protection (NAP)||Includes an advanced end-point mechanism which is similar to Network Access Protection (NAP) where you can control access to your network by setting rules, such as restricting connections only to clients that have a certain operating system and anti-virus software installed|
|Licensing is per processor||Licensing is per Client Access License (CAL)|
For more information check out this article on TechNet.
Facebook is facing yet another class action lawsuit for tracking people even when they have completely logged out of their Facebook account. This new lawsuit alleges that Facebook violated the federal wiretap laws.
Facebook is notorious for not only privacy violations but also security-related issues. The term “Facebook privacy” is considered an oxymoron and Facebook security has been a joke for many years. Did you know that Facebook’s CEO Mark Zuckerberg’s fan page was hacked in January 2011? Because social networking is currently a fad, people will continue to use Web sites, such as Facebook, Twitter, and MySpace and unfortunately suffer the consequences if they believe anything they post can be kept confidential. It can’t. Using a social networking site and expecting to be safe and secure is like taking a shower and expecting to stay dry. It’s not going to happen. The only sure way to keep your privacy is to not post confidential information on any social networking site. Period!
According to a study 40% of all Facebook profiles are fake. In fact, Facebook removes 20,000 profiles every day. Researchers at VeriSign’s iDefense group discovered that a hacker stole 1.5 million Facebook accounts and was selling usernames and passwords in an underground hacker forum for $25-$45. Imagine how many of those 1.5 million posted their full name, business (or personal) address, phone number, hours of operation, and of course pictures on Facebook. Obviously, identity theft is a serious concern for Facebook users.
Facebook is expected to reach 1 billion user profiles in August of 2012. That sounds pretty impressive. Never mind the fact that 400,000 million of those user profiles are likely to be fake. Chances are Faceboo0k will continue to face class action lawsuits and people will continue to use Facebook, even though according to a survey 60% of Facebook members threaten to quit in 2010 over privacy concerns.
It’s always a challenge to find the right anti-malware tool that you can proudly recommend. Besides anti-virus software, over the years I have used tons of anti-spyware tools. There were times when I used 4 different tools because no single tool was good enough to protect my PC from every spyware. At one point Windows Defender proved to be a very reliable tool but it only protected my PC from viruses, not spyware.
Microsoft then came out with Microsoft Security Essentials (MSE), which is a free tool. It includes protection from viruses, spyware, and other malicious software. You can download MSE at no cost here.
Mandatory Joining of SpyNet Removed (Great! Right? Not really)
When Microsoft Security Essentials (MSE) came out, a lot of experts were really impressed by the product. MSE protects your PC from antivirus as well as anti-spyware. However, the thing I didn’t like about MSE was that Microsoft decided to make it mandatory for people to send their personal information to them if they chose to install MSE. Microsoft legal department must have taken the day off when Microsoft released MSE, or else they would have something to say. Believe it or not, Microsoft forced everyone to join SpyNet and gave us only the following two choices.
Choice #1: You must agree to have information automatically collected and sent to Microsoft, including your personal information.
Choice #2: You must agree to have information automatically collected and sent to Microsoft, including your personal information.
That’s right. Those were the only two choices. You could either send “some” information to Microsoft or you could send “a lot” of information to Microsoft. The two choices included:
Basic Membership: You agree to send some information to Microsoft.
Advanced Membership: You agree to send a lot of information to Microsoft.
In either case Microsoft warned us that we might be risking our privacy because our personal information might be unintentionally sent to Microsoft, as I pointed out in this article. I also said at that time that “I believe if enough people complain then Microsoft will add the third option of opting out of Microsoft SpyNet.”
During that time I refused to recommend MSE to my clients and removed MSE from my PCs. Then finally someone at Microsoft realized that “force feeding” of personal information to Microsoft may not be a good idea. Or perhaps enough people complained that Microsoft decided to change their policy.
Below you will find the old and the new screenshots showing the option for joining SpyNet.
The Penalty for Not Joining SpyNet
If you think you are forgiven by Microsoft for not joining SpyNet, think again. Now if you decide to opt out Microsoft will penalize you by not alerting you if unclassified software is detected running on your computer. While giving us the option to opt-out is great but penalizing us for not joining SpyNet is not. I will say the same thing I said back in 2010 that if enough people complain then Microsoft might change its mind and remove the penalty imposed on the consumers. But for now, if you like the software, you have to agree to suffer the consequences. I guess there is no such thing as a free lunch.
A Good Overall Anti-Malware Solution
When Microsoft removed the forced joining of SpyNet, I started to recommend MSE to everyone and have installed it on all my clients. I know, I agree to the penalty because I didn’t join the SpyNet but I love this product. I prefer MSE over the competitors, such as AVG, Avira, and Avast. The MSE reviews have always been great. Check out Fred Langa’s recent review of MSE. He did a great job of running various tests on antivirus software packages and came up with the conclusion that MSE was once again one of the best overall anti-malware tool out there (see screenshot below). Okay, I won’t speak for him but that’s my own conclusion. I encourage you to read his complete Windows Secrets article here and decide what you think.
MSE is supported on Windows 7, Windows Vista (SP1 or SP2), and Windows XP (SP3).
Free Antivirus Tool Recommendation
Currently I prefer the following free antivirus tools. Keep in mind that MSE is more than an antivirus, it protects you from viruses, spyware and other malware, while ClamWin is strictly an antivirus solution.
Copyright © 2013 Zubair Alexander. All rights reserved.
25 queries. 0.460 seconds