Sunday, January 18, 2015

jQuery Ripples IE 11 Fix - backgroundY undefined error fixed



I fixed jQuery Ripples libary (jquery.ripples.js) for IE11, specifically the backgroundY undefined error.

Learn more about jQuery with a  free course at Microsoft Virtual Academy : Introduction to jQuery






IE 11 Fixed code below:


Thursday, January 15, 2015

Malware (Conduit Search, Ask Toolbar) installed without consent is illegal in Canada - Go Canucks!

Installing computer programs on an individual's computer without consent is now illegal in Canada 

January 15, 2015 - Ottawa–Gatineau –Canadian Radio-television and Telecommunications Commission (CRTC)

It official, as of today, new requirements for installing computer programs have come into force. Businesses installing software or computer programs on another person’s computer must now have their consent.

Press release here - http://bit.ly/installillegalwithoutok

What does this mean to you?  - read on below


Not sure what "cause the installation of software" means? Let us clarify.


Here is a scenario from the Canada’s Anti-Spam Legislation (CASL) FAQ Sheet - http://bit.ly/CASLDetails

CASL applies to software or computer programs that are both installed and caused to be installed on any other person's computer system, without consent.

The following are examples of computer programs which are 'caused to be installed':

Examples

  1. Sometimes, malicious software (malware) is installed along with other software. For example, a free Tic Tac Toe app may include concealed malware that is not disclosed to the user. In this situation, the user would be installing the Tic Tac Toe app, so CASL would not apply. However, CASL would apply to the installation of the malware since the software developer would be causing it to be installed. >>>READ ILLEGAL!<<<<
  2. A consumer purchases a music CD and inserts it in their computer to listen to music or copy songs. However, the CD includes concealed software that is automatically executed when the CD is inserted into the computer. In that case, the distributor or developer would have caused the software to be installed.
Malware hidden in software is now illegal to install without your consent. (It's usually obtained as a check mark box later in the install process)

That means the annoying malware that such as; 


  1. Conduit Toolbar & Search (concealed in Bittorrent, utorrent, and in DivX Player bundled as  "UniBlue Driver") 
  2. Ask Toolbar & Search (bundled with Java)

that takes over you default home page that appear without your consent is illegal now in Canada!!! YEAH! Canada!

Ask Toolbar gets commonly install with JAVA, you must un-check this but sometimes this does not appear on a update or does not work when you do uncheck it, so beware.























Tip : Install Java using the Command prompt method and SET any SPONSOR not to appear
  1. Click Start. In the Start Search box, type command.
  2. A list of matches will appear. click Command Prompt in the Programs list.
  3. To start the installation, in the Command Prompt window, navigate to the Downloads directory
    • cd Downloads
      then type:
    • jre-7u55-windows-i586-iftw.exe SPONSORS=0

    Here SPONSORS=0 is the flag that will disable sponsor offerings in Java updates.





Wednesday, January 14, 2015

Canada Revenue Agency Tax Return - Phishing Email

Subject: [notifications]-ID-123456769


Tax time and spammer's are hitting early. If you receive this crafty email similar to below, then it beware it's probably a phishing email attempt that is recently going around. What to do?  Report them now,

Action > Report the Phishing URL to Google Plex now, click this link
  1. https://www.google.com/safebrowsing/report_phish/?hl=en&url=ofertaslaverdad.mx

How to tell this is a Phishing email ?

  1. Canada Tax Revenue agency does not use email to engage CDN citizens that their tax return is due.
  2. Reply to this email is sent to <no_reply@bell.ca>; this is Bell and not CRA. If it were CRA it would be something like <no_reply@cra-arc.gc.ca>.
  3. Email is From: Canada Revenue Agency but don't let that fool you the address is from <supportinternet7791498888@bell.ca> and cleverly crafted but not the CRA.
  4. Reading email in Outlook generated pop-up "Click to follow link"
  5. Hover over action url, For tax refund click here >> and you see it's to http://ofertaslaverdad.mx the phishing link

  6. The best way is to look at message source, see below.


How to examine Email source?


Email consists of a message header and body. 
Briefly, the message body is basically everything you see below the subject line. 
To view the source message header, which includes details such as To:, Cc:, Bcc:, Reply To: and Subject, do the following in your email system;


  1. Outlook.com->Actions->View Message Source 
  2. Gmail.com->More (down arrow to top right)->Show original
  3. Yahoo.com->More (at Bottom of Message)->View Full Header
  4. Outlook Program - see http://bit.ly/outlookviewheadersource  

For this phony email, we have the message source in a code source reader.

At line 9 you have Received: from 127.0.0.1 (HELO mail13.shop-pro.jp) (210.154.147.74). 210.154.147.74 is located in Japan but originally from Korea, not Canada.

Find out geo location of the IP address on map, click link below;
http://www.infosniper.net/index.php?ip_address=210.154.147.74

Report Phishing Email (not as Spam)
  1. Outlook.com->Junk (at Top)->Phishing Scam
  2. Gmail.com->More (downarrow to top right)->Report Phishing
  3. Yahoo.ca->Spam->Report a Phishing Scam


Also Report Phishing domain at Google Plex now!!! 

If you have recievied this email take further action now by click these links

  1. https://www.google.com/safebrowsing/report_phish/?hl=en&url=ofertaslaverdad.mx


Also Report phishing email at Microsoft and government agencies

  1. http://www.microsoft.com/security/online-privacy/phishing-faq.aspx

Learn how Office 365 prevents spam and malware free course 

Saturday, January 10, 2015

Encrypted Email made easy with Office 365

No excuse not to send encrypted email for business, Office 365 has made this easy.

Encryption in Office 365


Phishing Email - Apple Sent You an iTunes Gift

Subject: Apple Sent You an iTunes Gift  You can redeem this gift on your iPad, iPhone, iPod touch, or on your computer using iTunes. Once you redeem your gift and verify your Apple ID, you will be credited with $25 and can purchase the latest music, apps, and more

If you receive this crafty email similar to below, then it beware it's probably a phishing email attempt that is recently going around. What to do?  Report them now,

Action > Report the Phishing URL to Google now, click this link
  1. https://www.google.com/safebrowsing/report_phish/?hl=en&url=monolithi.com

How to tell this is a Phishing email ?

  1. Is email is from you to you, then it's phishing.
  2. Hover over all links in email, if it's not from the apple.com site then forget it.
    Reading email in Outlook generated pop-up "Click to follow link"

    In above example, the Redeem Now button, which links to spam site monolithi.com.

  3. The best way is to look at message source, see below.


How to examine Email Message Source ?

Now lets look at message source
  1. Outlook.com->Actions->View Message Source. 
  2. Gmail.com->More (down arrow to top right)->Show original.

For this phony email, well look at the top 25 lines of the message, known formally as the "message header".





Invalid return-path:

At
 line 23 you have Return-Path: hosting.windows@aruba.it
and is suspect because domain was registered in Italy (
.it) and nothing to do with Apple.

Aruba.it is being investigate for a Paypal phishing and has reported links to Italian Mafia.


These are valid return-paths for Apple 

  • Return-Path: do_not_reply@apple.com 
  • Return-Path: bounces@insideicloud.icloud.com 

Why look at "Return-Path"? When the e-mail is put in the recipient's mailbox, a new mail header is created with the name "Return-Path:" containing the address on the MAIL FROM command. So it's a quick hit to determine authenticity.


Report Phishing Email (not as Spam)

  1. Outlook.com->Junk (at Top)->Phishing Scam
  2. Gmail.com->More (downarrow to top right)->Report Phishing 

Report Phishing URLs monolithi.com at Google now 

If you have recievied this email take further action now by click these links

  1. https://www.google.com/safebrowsing/report_phish/?hl=en&url=monolithi.com

Report phishing at Microsoft and government agencies

  1. http://www.microsoft.com/security/online-privacy/phishing-faq.aspx