Wednesday, February 22, 2006

Internet Explorer 7 Public Beta: Pros and Cons

Microsoft has finally presented its new version of Internet Explorer, IE 7. Bill Gates noted: “What we've decided to do is a new version of Internet Explorer, this is IE 7, and it adds a new level of security.”
IE 7 is only available for Windows XP with Service Pack 2 (SP2), Windows XP Professional x64 Edition, and Windows Server 2003 with Service Pack 1 (SP1) users. IE 7 was originally scheduled only for inclusion in Windows Vista (codenamed Longhorn). So the Windows Vista version will enclose some of its features.

In order to install the newest Internet Explorer, users need to download file of 11MB in size from Microsoft website . The installation is done in the invisible mode, which minimizes user’s interference.

Below you can find some features that the new browser offers:

New Interface
Internet Explorer 7 has a completely new interface. It is better compound and has additional abilities of adding web sites to Bookmarks, search in the Network, one-click history deletion, "Shrink to Fit" and other printing improvements. The new design includes an improved Address Bar, new menu elements, decreased in size, more convenient icons and diminished tool bar.

Tabbed Browsing
Microsoft included tabbed browsing in IE 7. New tabs can be opened or closed with one middle mouse button click. Tabs of IE 7 are slightly different from those of Firefox. One of the distinguishing features is the ability to show the list of open pages vertically. This can be very useful as Microsoft decided not to use multi-rowed tabs. Tabs dragging is not included into IE 7. But this function is not used very often and can hardly be a weak point.

Below you will find the description of how tabs work. When opening Internet Explorer 7, on the top of the browser window, below the tool bar, two tabs are displayed: your current page and a smaller, blank tab. The blank tab is shown below, surrounded by the red oval.

After you click on the blank tab and then select – or input – a destination you'll have two named tabs, as shown below.

Easy Search
Another feature that was included into IE 7 is ‘Easy Search’. The search bar window is always in plain view; moreover, users can choose the search engine which will process their inquiries and post search results in a separate tab.

The new Internet Explorer enables its users to read RSS-feeds. When you enter a page the browser finds them and signals about it with an Red sign or with a sound.
In theory things are as follows: when clicking on this sign you go to the page that contains latest notes and a link to subscribe RSS-feeds. The subscription implies the moving of the feed to ‘Bookmarks’, where it can be read with other feeds. The practice shows somewhat different picture.
First, not all of RSS-feeds can be read. Perhaps the reason is that a feed must exactly correspond to the commonly accepted standards. Major up-to-date programs for reading RSS can avoid most known feed defects or fix them in the auto mode.
Second, we failed to find the mode which would enable all feeds to be seen in one window, sorted out chronologically. However, notes in a separate feed can be sorted out by time, author or name.
Third, we also failed to create something similar to Firefox’es “Live Bookmarks” that would include folders keeping the list of latest notes.

Focusing on Security
IE 7.0 consists, mostly, of security-oriented features, one of which is anti-phishing technology. As Gates noted, “Some of the advances [in IE 7] include things focused on phishing, where people use URLs that appear to come from another location, things related to malware. So, [that] will be another important advance [in IE 7].”

IP traffic encryption capability, included in IE 7, helps prevent electronic eavesdroppers from modifying data before it reaches your machine or redirecting you silently to malicious servers. "It makes sure that the traffic is encrypted, so there is no eavesdropping or modification that can take place, but it also makes absolutely sure through the use of certificates that the machine that you're connected to is the machine that you want to be able to connect to," Gates noted.

Changes for Web Developers
Good news for Web developers: IE 7 includes support for transparent PNG files, CSS consistency, CSS 2 fixed positioning, international domain name (IDN) support, and more. However, it does not conform fully to the CSS 2 specification.

Not Included
IE 7 does not include any ad blocking technology and a new Outlook Express (OE) version (e.g. OE 7).

Internet Explorer 7 differs greatly from its predecessor, in a better way. However, its disadvantage is that it contains minimum of vital functions. Well, a lot has been done, and it would be really good if the final version of Internet Explorer 7 would be able to satisfy all users’ needs.

© Arovax, LLC

Do you think it is worth switching to Internet Explorer 7 as your Default browser?

Express your opinion about new IE7 in the article's comments section

Why Trojan Horses Are Dangerous

The Internet of today is not only a useful informational environment, but a potential source of different dangers that threat both users’ PCs and servers. According to the statistics, the most serious threats are so-called ‘Trojan Horses’. The origin of this term is known to everybody from school. It embodies a “present” with a hidden threat for its recipient. These “presents” can be of great danger for Internet users. So, in this article we would like to describe the work of Trojan Horses.
As it was already mentioned above, Trojan Horses are one of the most dangerous threats for PC and its owner. These malicious programs can be completely different. Major worms can also be related to Trojan Horses. Describing and classifying them is very difficult. However, there is one parameter by which all Trojan Horses can be classified to different groups. This parameter is a target of the virus, or in other words, the harm that they cause on the victim-PC. There are six groups of malicious programs that exert influence upon the victim.

Remote Administration
Nowadays, there are a lot of programs that make it possible to provide remote administration of both separate PCs and computer systems. These programs are very convenient utilities that make things easier for local network administrators. The operation principle of such programs is easy: a special agent is installed on a remote PC; after that the administrator can launch the main module onto his computer, connect to another computer and get an opportunity to completely control it.
Now imagine that a PC user does not know about the agent installed into his system. And this agent connects not to another local network computer, but to thousands miles remote PC on which a hacker works. In this case the criminal can do anything he wants: steal passwords, copy personal documents, install any software, even reboot or turn off the PC. That is why Trojan Horses (in fact, these are agents utility for remote administration) of this group are most dangerous. They offer the criminal splendid opportunities to control a victim-PC.

Data Stealing
Another very dangerous group of Trojan Horses includes those viruses that are focused on stealing users’ data. They are of serious threat for home PC owners. Prima facie this may seem strange. What secret data can an ordinary user have? Hackers should be interested in huge companies which have their commercial secrets and are afraid that their data will be sold to competitors. However, there is one problem here. Trojan Horses cannot themselves find files with secret data. Moreover, it is rather difficult to send big data volumes over the Internet. At the same time it is very easy to steal data (for example passwords for access to OS or Internet) from home PCs which are usually less protected.
This variant is the most popular. With the help of Trojan Horses which steal passwords for access to the Global Network a criminal connected up to the same provider as the victim, can easily make other people cover his Internet costs by using their authorization data. Besides, there are malicious programs with a complicated algorithm. They can try to steal passwords saved in browser from different web-services, FTP-servers, etc.

Nowadays spies are used more and more often. The principle of their work is as follows: A special agent is installed on user’s PC. Working without being noticed by the user, it collects certain data and sends it over the Internet to a hacker. Such software is called spyware. Modern spyware can do a lot of things: keep log of the pressed keyboard keys, make screenshots of the whole screen and visited web-pages from time to time. All this enables criminals to collect very detailed data about their victims, including passwords necessary for access to the Internet and different services.
However, it should be noticed that the majority of this kind of Trojan Horses record only the order of typed keys. First, this information is the most critical. This is the way to learn user’s passwords and using the resources on behalf of the victim. Second, the list of pressed keys is relatively small in size. So, it can be easily sent to hackers’ PC.

Homepage Hijackings
Today there are a lot of partnership programs in the Internet. Their function is as follows: A person attracts visitors to the sponsored site, getting some fee for every visitor. In fact, partnership programs is a common thing, but only unless both sides stick to the rules. However, many web resources with the “adult” content look through their fingers at partners’ actions. As a result we have the following:
Aiming to have the highest profit, some people use Trojan Horses. They infect Internet users’ computers with such malicious programs that constantly hijack the browser home page and change it to partner’s site’s address. Vsiting it will immediately open some other pop-ups with the sponsor’s web-projects. Besides, such Trojan Horses themselves are able to initiate opening of the defined adress during certain activity of the user (connecting to the Internet, opening new browser window, etc.)

Attack Implementing
The most popular type of remote attacks are denial of service (DDoS-attacks). Their main point is in the following: criminals send great amount of special network packets. As a result, the computer cannot cope with this flood and becomes inaccessible for ordinary users. However, it is impossible to create such a huge amount of threads to completely load a server. And it is dangerous for hackers as well.
That is why criminals often use the following scheme: First of all they infect as much ordinary Internet users’ PCs as possible with a special Trojan Horse. This malicious program lives in the PC without identifying itself or making any activity. However, when it receives a special command from the control center the Trojan is activated and starts sending network packets to the pointed victim. There can be hundreds and thousands of such computers, so it is not a surprise that the server “falls down”. In fact, such Trojans Horses are not harmful for a user, except that when he works his channel is overloaded.

Downloading and Installation of Other Software
Lately, spyware requirements have changed. All viruses were very small before, but modern Trojan Horses can be huge in size. This is because of their multi-functionality (for example spy-programs and remote administration utilities) and technologies they use. It is not always possible to place such big data volumes on user’s PC. That is why hackers use the following method: First a PC is infected with a small utility which connects to a certain server, downloads malicious spyware from there, installs and launches it. In this case multi-purpose downloaders are most dangerous as they enable a criminal to install different Trojan Horses on user’s PC. It depends on what is kept on the server at this moment.

So, we can be certain of the fact that modern Trojan Horses are really very dangerous for any computer connected to the Internet. It is also necessary to consider that modern programs can relate to two, three and more groups. Such Trojans can for example spy on the user, secretly download and install different software on his PC and take part in attacks.
It is not difficult to protect your PC from such threats. It is enough to have a regularly updated antivirus program, correctly set firewall and regular updates of OS and software.

How to Keep Anonymity in the Internet

Speaking about network security it would be good to destroy the steadiest myth of Internet anonymity. The statement ‘I do not do something harmful, so I do not need anonymity. Let hackers worry about that…’ is in fact wrong. Just imagine that all pedestrians in the street know your home address, follow you and try to penetrate into your house. Nobody would like that. So, why so few Internet users pay attention to such important problem as anonymity? Today, more and more web resources offer users different information (it depends on their living place). For example, major informational business projects of USA do not show most important data to users that come from other countries. Isn’t that unfair? Yes, it is. In this article you will learn how to fix this unfairness.

Let’s start with the theory of networks and the Internet in particular. To be more specific, with describing the principal of addressing forwarded data packets. When you type any address in the browser line, first of all the inquiry is sent to DNS server which transforms the symbols line into a set of 32 ‘zeros’ and ‘ones’ – IP-address – which is used for routing. If a criminal knows this address he can learn a lot about the person who uses it. For example, his real location. It is done with the help of service ‘whois’ which can easily define user’s provider by his IP-address. Here the question rises: “How can users be protected?”

One of possible ways of protection is “hiding” with the help of proxy-server which is a kind of intermediary between a user’s PC and Network servers. We have already found out that the main “betrayer” is IP-address to get rid of which is impossible as it is needed for data routing. Proxy-server sends inquires to web-servers as if on behalf of itself. And proxy-server itself receives all the replied data. So, it may seem that using a proxy-server guarantees anonymity. But it is not that simple. It turns out that vast majority of proxy-servers send IP-address of the end user in their inquiries in a special field (x-forwarded-for). However, there are anonymity services but it is difficult to find them. By the way, you can check any proxy-server for anonymity on the website

Another option of keeping anonymity in the Internet is using anonymizers. Anonymizers are just anonym proxy-servers that have their own web interface. Working with them is very easy. All you need is to visit the site and type address of the server you need in a special field. The inquired web page downloads and you can be sure of your anonymity. However, there are some weak points here. First, the speed of pages download can be much lower, and second, today it is practically impossible to find an anoymizer for free. Of course when these services just appeared nobody could even think of taking money for that. All that owners could afford was placing a couple of advertising banners. Nowadays users have to pay for the ‘luxury’ to stay invisible. Lately, more and more people are for considering anonymizers illegal. This is nonsense. The authority will also have to forbid selling wigs because some criminals would buy them to change their appearance.

So, now you know how to hide your IP-address. However, there are other, more active ways to track users. The most popular technology of tracking users is cookies. Cookie is a symbol line up to 4KB in size which is recorded in a special file on user’s PC by the web-server. This technology was developed to make using the Network easier. For example, an online-shop wants to “remember” a user and offer him some new goods, depending on the user’s preferences. In order to save data confidentiality a restriction was taken: only that server can read the information from cookies which had recoded it. Unfortunately, this is very easy to avoid. Banners and clicks counters can be seen on every page (most of these elements are loaded from their own servers). So we see that data can be recorded to and read from cookies by the clicks counter script. As a result, the system can follow all your web-route and learn all your preferences.

One more way of keeping anonymity in the Internet, and the most reliable one, is socks-protocols. The operation principle of this technology is alike with proxy-server’s work. Socks-server receives data from user’s PC, sends it to the web-servers and then forwards back reply data. However, they have some differences. First, user’s PC and socks-server “communicate” not in accordance with common rules, but by means of special protocols (socks4, socks5, etc.). As a result this makes sending user’s IP address impossible. Besides, socks-server itself transforms data from the user to inquiries for common protocols. It means that no server can “guess” that it sends data to an intermediary, not to the final user. Socks technology is very easy to use. All a user needs is to download a special utility SocksCap, install and launch it, choose the software for which he needs to get anonym connection (for example, Internet Explorer), type socks-server’s address and port. When launching browser from SocksCap he has nothing to worry about.

These are probably the most reliable means of making sure that you are invisible and anonymous in the Global network nowadays. Of course, the situation constantly changes and new technologies appear every day, so if you really want to stay completely anonymous during your Internet surfing – try to follow the latest news, especially Arovax News, as Arovax Company is hardly working on creating of Anonymizer software, that will solve all your problems and worries about anonymous use of Internet resources.

Tuesday, February 14, 2006

Arovax Antispyware and Arovax Shield roadmaps are updated!

We would like to inform you that Arovax Antispyware and Arovax Shield roadmaps are updated.

Full information about Arovax AntiSpyware Roadmap you can find here>>>

You can find full information about Arovax Shield Roadmap here>>>

Detection and Removal of Spyware

Rapid growth of modern informational Internet-technologies begets the development of the hardware-software and network infrastructure. However, it also causes a number of negative aspects that influence the improvement process of the IT-industry.
A wide range of negative, so to say ‘begotten by the Internet’, factors can be pointed out in the computer industry. They include: hackers, viruses, Trojans, SPAM, etc. Lately, another step in the development of the software – Spyware – appeared in the publicity. This article describes what Spyware is and how it can be fought.

What is Spyware?
Spyware represents ordinary embedded software modules that track and gather different information about your activity during your work on PC, redirect you on various companies’ sites during your surfing the Internet, open advertising banners of every sort and kind and do a lot of other unapproved spy activity.

Where can Spyware be “picked up”?
It is not that hard to “pick up” a Spyware. The most assured way of becoming infected is visiting warez sites or adult web-resources for those ‘over 18’. Be sure that your PC is infected if you had visited the sites mentioned above using not up-to-date Internet Explorer and without any antivirus and firewall installed. Why we are so sure about it? The thing is that authors of Spyware-programs do their best to place the infection on as much computers in the network as possible, so any new breach in the browser is a splendid opportunity for them.
Also, it often happens that Spyware-modules are bundled with different software. A perfect example of that are P2P-clients and a great number of suspicious programs from unknown developers.

How can Spyware be detected?
As a rule, the task to detect Spyware is many-sided and has a couple solutions:
1. Installation of Firewall (for example Outpost Firewall Pro, Norton Personal Firewall, Kerio Personal Firewall, etc.) that will immediately inform you about suspicious network activity of any program.
2. Installation of IDS (Intrusion Detection System) software that provide you with real protection in real time by immediately recognizing and stopping attempted, unwanted or malicious behavior by other programs. A perfect example of such software is Arovax Shield.
3. Installation of such specialized software for Spyware removing as Arovax Antispyware, SpyBot-Search & Destroy, Ad-Aware, MS AntiSpyware, etc.
4. Using special antivirus programs. In most cases, they can be found on the web-sites of major modern antivirus software.

How to remove found Spyware?
It is best to use proper software to ‘treat’ found Spyware programs. Such software cleans the registry correctly and removes all found spy modules and libraries. Consider the fact that some antivirus can only detect Spyware and in most cases are not able to ‘treat’ your PC from them.
You can also try to remove Spyware manually. However, this variant is suitable for experienced users only. In this case you will need not only to remove Spyware executing modules (you might need to load OS in safe mode) but to edit the system registry in order to get rid of harmful programs links as well.

How to protect your PC from further infections?
The receipt is simple: install all updates for your OS, install proper antispyware software, antivirus and Firewall, keep them always up-to-date and do not install suspicious programs from the Internet.

Thursday, February 02, 2006

French Arovax fans created a full tutorial for Arovax Shield

A website with a full tutorial for Arovax Shield was created by French ‘Arovax-lovers’ in order to help French beginners cope with computer security problems. The official site of Arovax Shield is mostly in English, which makes it difficult to understand for the majority of foreign users.

We are very grateful to our French friends for creating . Such users inspire us on further development and improving Arovax products and translating our websites and the programs into other languages.

You are allways welcomed with your suggestions on the Arovax Community Forum