Major Windows Security Risk
NOTE: This article contains no genealogy information. However, it contains information that every Windows user should know.
A new Trojan horse appeared last week. Technically, a Trojan horse is not the same as a virus but the result is the same: something bad could happen to anyone whose computer becomes infected. Every Windows user should read about the JS.Scob.Trojan problem. You can search Google at http://www.google.com/search?num=100&hl=en&lr=&ie=UTF-8&newwindow=1&q=JS.Scob.Trojan&btnG=Search to find hundreds of articles about JS.Scob.Trojan.. If you use Windows, you need to read several of those articles!
In short, the JS.Scob.Trojan program is a major security risk. It installs spyware programs in your Windows PC and can capture any keystrokes you enter, including your passwords, bank account numbers and your credit card numbers.
JS.Scob.Trojan is running rampant and the anti-virus companies have not yet found a cure for it. (I suspect that will change any minute now.) Even worse, JS.Scob.Trojan explores a weakness in Microsoft's IIS Web server and is appearing in Web servers all around the world. Even Web sites that you use every day and trust can become infected with this virus. Once you visit an infected Web site, your Windows computer will be infected.
NOTE: The Web site you are looking at right now on www.eogn.com operates on Linux, not Windows. Therefore the eogn.com Web site will never be infected by JS.Scob.Trojan nor will any other Web server that runs on Linux, UNIX or Apple. The only Web servers that are vulnerable are those running Microsoft Windows. You will only become infected if you use Microsoft's Internet Explorer web browser on a Windows computer and you visit an infected Web site that uses Microsoft's IIS Web server.eogn.com will never run on a Microsoft Web server!
Luckily, there is an easy fix for this: If you use Microsoft Windows, don't use Microsoft's Internet Explorer. Period. Use Opera or Netscape or Mozilla instead.
Even better, don't use Windows. Use a Macintosh or Linux or some other operating system.
I have written in a recent Plus Edition article about Opera, a new Web browser for Windows and other operating systems that is much better than Internet Explorer, runs faster and does a better job of displaying Web pages. If you use Opera, you will not become infected by this recent Trojan horse. If you use Mozilla or Netscape, you also will not be infected. If you are using a Macintosh or Linux system you will not be infected. The high risk occurs only if you using Microsoft Internet Explorer on a Microsoft Windows system.
I am about to delete Microsoft Internet Explorer from my systems. Time and again the Microsoft products have proven to have security holes that are not shared with other Web browsers. I cannot afford the risk.
In fact, I am running a Linux system on my desk alongside my Windows system. The more I use Linux, the better I like it. I am thinking of scrapping my Windows system soon and using only Linux. It is faster, much more secure and almost impervious to viruses and Trojan horse problems.
Some people will argue that Microsoft has all these security problems simply because the company's products are so popular. They will claim that the miscreants who create viruses and Trojan horse programs attack Windows only because of its popularity. They will claim that Linux or Macintosh would have the same problems if those operating systems were more popular.
You know what? I don't care!
As a computer user, I know that using a Microsoft solution exposes me to personal risk. My credit card numbers, my bank account information and more are at risk, regardless of the reasons. I also know that using a Macintosh or a Linux system reduces that risk about 99.9%. Even if I stay with Windows, switching from Internet Explorer to Opera or Netscape or Mozilla reduces the risk perhaps 95%.
I will probably switch operating systems. However, if you are not prepared to do that, I strongly urge you to stop using Internet Explorer. Instead, use Netscape or Mozilla or Opera.
Think about it…
Do you have comments, questions or corrections to this article>? Post them below in the Post a Comment section.
The second biggest decision for those who decide to switch platforms (to Linux or Mac) is the need change genealogy programs. Many genealogy programs are cross platform (PC & Mac), but many (including PAF) are not.
I recently changed to a PHP web based product. Now It doesn't matter what platform I use or even what computer I use as long as I have a modern browser. Other relatives can also collaborate, all they need is a modern browser.
Those considering just switching browsers should look at FireFox.
http://www.mozilla.org/products/firefox/
BTW I'm a Mac user.
Posted by: Hugh Roper | July 02, 2004 at 10:55 AM
Even the Department of Homeland Security is now advising computer users to stop using Internet Explroer. Details are available at: http://story.news.yahoo.com/news?tmpl=story&cid=74&e=3&u=/cmp/20040702/tc_cmp/22103407
Note that the article says, "The Department of Homeland Security's U.S. Computer Emergency Readiness Team touched off a storm this week when it recommended for security reasons using browsers other than Microsoft's Internet Explorer."
A related story is available at http://www.wired.com/news/infostructure/0,1377,64065,00.html
Posted by: Dick Eastman | July 02, 2004 at 01:02 PM
Microsoft has now posted a workaround to this security bug on its Web site. This is not a true fix; it simply provides a method to avoid the problem. The company says that it is still "investigating the problem."
Details may be found at http://news.com.com/Microsoft+posts+work-around+for+IE+flaw/2100-1002_3-5256297.html?part=rss&tag=5256297&subj=news.1002.5
Posted by: Dick Eastman | July 03, 2004 at 07:36 AM
If I wish to continue using IE, what is my risk from the JS.Scob.Trojan if my Zone Alarm firewall is set to the 'stealth' mode?
Posted by: Barbara O'Nan | July 05, 2004 at 11:30 PM
---> If I wish to continue using IE, what is my risk from the JS.Scob.Trojan if my Zone Alarm firewall is set to the 'stealth' mode?
High risk.
Posted by: Dick Eastman | July 05, 2004 at 11:33 PM
I normally use Netscape on my iMac to access census date on Ancestry.com. For 1930 images, this does not permit the "advanced viewer" offered by Ancestry. Since I have Virtual PC on my Mac with Windows XP Pro and IE, I decided to try accessing the 1930 images that way. I first found the latest Windows security update on July 3 and installed it. I then downloaded and installed the advanced viewer. From that point, IE froze on any census image! It continued until I uninstalled the viewer and eliminated the Windows update. When I put the update back into the machine, IE again froze with any census image. Ancestry web info says ActiveX controls must be on for their viewer to work. The latest Windows security update turns ActiveX off. It appears that either Ancestry.com is going to have to fix their viewer or MS needs a better fix. I will go back to my Mac, Netscape, and the old, less capable viewer for census images.
Posted by: BillH | July 06, 2004 at 12:32 AM
What PHP web based genealogy programs/products are available as alternatives to PAF, Legacy, Rootsmagic, Family Tree etc?
Posted by: David | July 06, 2004 at 03:16 AM
The Next Generation is a PHP-based genealogy program that has numerous advantages. You can read my recent review at:
http://eogn.typepad.com/eastmans_online_genealogy/2004/06/the_next_genera.html
Also note all the comments by enthusiastic users that were posted at the end of that article.
Posted by: Dick Eastman | July 06, 2004 at 05:43 AM
Dick, switching from IE to another browser is no doubt good advice from a security standpoint, but that can introduce unwanted complications with certain computer operations. In my case, for example, my financial institution does not recognize a logon with Opera, and since this is a very important access for me, I cannot use Opera. So before switching I would advise users to experiment with other browsers. Larry
Posted by: Lawrence Roberts | July 06, 2004 at 06:51 AM
I must retract my last statement concerning access to my financial institution using Opera. I installed the latest version of Opera and this access worked this time. Go figure. Larry
Posted by: Lawrence Roberts | July 06, 2004 at 03:07 PM
Before switching away from IE, it appears that the MrSid viewer used for viewing and printing census data on Ancestry as well as maps and other photographic data on many other web sites will not work on other browsers. Does anyone know of alternative browsers supporting this viewer?
Posted by: Ron Young | July 06, 2004 at 11:10 PM
MrSID will work with Opera. It will not work when you first install Opera but you can make one quick change to Opera's configuration and it will then work.
Information on how to do that was posted on this blog last week. I suspect I can find it again.
Posted by: Dick Eastman | July 07, 2004 at 07:11 AM
How does the casual user of a home computer protect themselves from this "high risk?" I don't understand the technical aspects of the computer, and I don't want to. The recommended reading is way too complicated for many of us. I love driving my car, but am really not interested in how it works. Same with my computer. I just want it to get me where I'm going!
Posted by: Janet | July 07, 2004 at 09:22 AM
Internet Explorer CAN be replaced. There is an article that describes the process at http://channelzone.ziffdavis.com/article2/0,1759,1620146,00.asp.
However, for most Windows users it would seem sufficient to simply stop using Internet Explorer and start using Netscape, Mozilla, FireFox or Opera in its place. It is possible to have two or more Web browsers on your system at the same time (I have five on my home desktop system). Then select the one that you wish to use.
Both Opera and FireFox have gained a lot of fans in recent weeks. FireFox is completely free. Opera is available in two versions: the free version displays ads while paying $39 for the commercial version gets rid of the ads. The two versions are otherwise identical.
You can download Opera at http://www.opera.com.
You can download FireFox at http://www.mozilla.org/products/firefox/.
Both are big downloads with FireFox being the smaller of the two at 4.7 megabytes.
Macintosh and Linux users are unaffected by all this, the problem exists only on Microsoft Windows.
Posted by: Dick Eastman | July 07, 2004 at 02:35 PM
Still ANOTHER major security hole has been discovered in Internet Explorer within the past three or four days. Details are available at http://news.com.com/Another+Internet+Explorer+flaw+found/2100-7349_3-5259374.html?part=rss&tag=5259374&subj=news.7349.5
Posted by: Dick Eastman | July 08, 2004 at 06:44 AM
Now even the prestigious PC Magazine has joined the chorus clamoring for a switch from Internet Explorer to a safer Web browser.
Details are at http://www.pcmag.com/print_article/0,1761,a=131197,00.asp
Posted by: Dick Eastman | July 12, 2004 at 03:22 PM
Dick. thanks for the recommendation to dump Internet Explorer! I haven't had any security problems with it because I keep up to date with Microsoft's security updates and I use Norton Antivirus and the ZoneAlarm firewall. However, I've had stability problems (the error message "Explorer has caused an invalid page fault in Kernel32.dll", blue screen of death, etc) ever since installing IE version 6. Last week, I installed Mozilla and so far the stability problems have not reappeared. Thanks again and keep up the good work!
Posted by: Bob Vint | July 15, 2004 at 02:38 PM