Kids used to hang out in vacant lots, then in malls and now, online.
BeNetSafe helps you to be a better parent by lovingly and effectively “chaperoning” your children online, just as you always have, offline.
BeNetSafe will monitor your child’s information on the Internet and provide you with detailed reports and feedback alerting you to potentially dangerous and risky behavior.
I just recieved some more info about the MY SPACE dangers. I found out exactly how thieves are locating houses by using MY SPACE combined with a second awful site.When you sign up for “Your Space” you enter the following information:
Name, Age, City & State, Zodiac Sign, height, build, children’s info, hobbies, marital status and occupation. You may think that this information is innocent but it is not AT ALL.
There is another web site called “zabba.com” this site is a free search engine used to locate addresses & phone numbers (Even Unlisted #’s!) of anybody worldwide! All the person needs is your name. If they can enter your city as well it will help narrow down the amount of people they have to search through. However, since YOU listed your birthdate or age or your zodiac sign on MY SPACE, finding out which “Bob Jones” you are will be a breeze.
Once they have determined your address they cross reference this with your occupation listed on MY SPACE. If you are a “Hot Single, Night Shift Bartender at Lucky’s” they all ready know when you are not going to be home.
Parents are even using MY SPACE as a way to show friends their pictures of their lovely children - BAD IDEA. Any thieves or predators can now stalk your family from the privacy of their own home.
If “Your Space” says you “have two sons - ages 4 and 8 who are honor roll students at Parker Elementary”, this tells thieves that when you are not home, nor are they.
You can even reverse the rolls - parents, your children can say, “My mom works at the dentist office and my dad works at ford”.
Here’s a little more IMPORTANT, IMPORTANT about Zabba.com
whether it is cross referenced with MY SPACE or not, you can use it to find out some ones name, address, phone number, PARENTS NAMES, MOTHERS MAIDEN NAME, GRANDPARENTS ans every place your family has lived. This is very scary. I didn’t believe it. I entered my name and EVERYTHING listed appeared. Even how many criminal violations I have had (traffic tix).
I want to see if there is a way to get removed from the list. I was told that if you sign up for things on the internet you MUST read the fine print before you submit your info. I was told that sites can sell your presoanl information to third parites, zabba.com could easily be buying this info.
If you are interested in seeing EXACTLY what I have been talking about, I went to MY SPACE and found a perfect example of a profile. Here’s the link (Please copy and paste the entire link into your browser.):
http://profile.myspace.com/index.cfm?fuseaction=user.viewprofile&friendid=47386876
******This is 29 year old woman. She innocently posted many pics of her children, husband to be and her self. She EVEN writes: “I spend my weekends watching my kids play soccer, basketball or baseball. I like to talk on the phone to anyone who will listen. I love to lay in bed all day on a Sunday and watch MTV with Mike.”
If anybody has more information about zabba.com or MY SPACE plase send it to me.
HERE’S THE LINK, try it for yourself:
http://www.melissadata.com/cgi-bin/peoplefinder.asp
Over a million MySpace users have been exposed to spyware that exploits a Windows vulnerability through a banner ad on the site, the BBC reported on Friday.
Those using Internet Explorer that has not been patched against the Windows Meta File (WMF) vulnerability could be exposed to spyware and adware.
The vulnerability in the way WMF images are handled by Windows was discovered in November 2005. In a WMF attack, exploit code is hidden within a seemingly normal image that can be spread via e-mails or instant messages, or via Web sites.
Reports suggest the advert has been running for approximately a week.
Security firm iDefense detected computer servers being used to log how many times adware was installed from the advert, according to the Washington Post.
Over one million installations of the adware were logged before the servers were shut down.
“This is a criminal act,” said Hemanshu Nigam, MySpace chief security officer, according to reports. “This ad is being delivered by ad networks who distribute these ads to over a thousand sites across the Internet in addition to ours.”
“We are working to have these ad networks remove this ad so that they do not appear on our site,” Nigam said.
As many as one million computers may have been infected with adware through an advertisement running on MySpace and other websites. The DeckOutYourDeck.com advertisement subversively installed 5 adware programs, and reportedly relayed Internet activities to a website in Turkey.
MySpace has since started to remove the ads, which effected PCs running Firefox versions earlier than 1.5 and Windows users without a recent security patch for image files. There is no word about a removal tool as yet.
Just last week MySpace was hit by a Flash worm. The sad truth is where there is a volume of people, there will be malicious folks looking for ways to exploit their computers.
A blog entry on the ChaseandSam.com website noted the MySpace issue, where an embedded Flash file caused problems for MySpace users.
Signed in users on MySpace who visit a profile that already has the malicious code infecting it will in turn have their profiles infected. Everyone who arrives at an infected page will be redirected to another blog containing a rant about the 9/11 attacks.
The ChaseandSam site listed a safe link to the Flash file exploiting the MySpace code. Since MySpace allows its users to embed code to display content, it was a trivial matter for the attacker to place the code on a profile and wait for people to stumble across it.
While the embedding feature makes it easy for MySpace users to share audio and video content, it appears the site could be more rigorous in assessing embedded code placed on profiles.
Kinematic, a user on the Digg news site, posted an assessment of the code used by the attacker. A Flash file performing the redirect would be encountered first.
Then the landing page would fire up another Flash file, retrievecookie.swf. The ActionScript in that file would then pull up a blog post from elsewhere on MySpace, and evaluate that code.
In doing so, the attack would grab the visitor’s MySpace token and hash code. Kinematic commented that the hash code is supposed to be a security measure. Like the token, the hash code is also in the URL, a helpful condition for the attacker’s code.
After that, the visitor’s profile gets modified, and the next person to visit the profile while logged in to MySpace likewise gets infected. Fortunately, the code can be removed from the profile. The post on the ChaseandSam website shows how to find the offending code in the profile to get rid of it.
Be careful, MySpacers. That video you want to watch on your friend’s profile may contain spyware.
One such video, called “Friends play a hilarious practical joke,” has been spreading across MySpace.
With just a few clicks agreeing to download the “Zango Search Assistant,” you will begin to see alot of of pop-up ads forcing your computer to slow down and become cluttered with spyware.
The adware, produced by Bellevue, Wash.-based Zango, presents you with a pop-up window of fine print explaining the end user license agreement (EULA). Once you click, though, the pop-ups begin.
Your clicks will download a “Zango Search Assistant,” which, according to tiny text in the pop-up, “will show you a limited number of ads that pop up on your screen in a separate browser.”
Zango makes money by partnering with webmasters who post videos on their sites.
After a security researcher said Monday that MySpace users were spreading adware through the social networking service to ring up ad fees from Zango, the Bellevue, Wash. marketing company admitted one of its own developers had set up the MySpace profiles.
Zango, however, said the developer was acting without approval and in ignorance of the company’s “hands-off” policy regarding MySpace.
Chris Boyd, the director of malware research for security vendor FaceTime, said he found a pair of MySpace profiles tagged “Zango,” the new name for the controversial adware maker 180solutions. And each profile pushed adware. One of the profiles used video to entice MySpace visitors to download Zango Assistant and Search Toolbar, which users had to accept if they wanted to view the clips.
“Just who is pimping these things?” Boyd asked, then pointed out Myspace Graphics Help, a site that included copy-and-paste code to add Zango-distributed videos; the code, says the Myspace Graphics site, can be added to MySpace profiles or comments. Anyone who clicks on a MySpace-placed video created by such code, of course, must download Zango’s adware to watch the clip.
The profiles were a mistake, countered a Zango spokesman Monday. According to Zango’s Steve Stratz, the two spotted by Boyd were created by a company developer based in its Montreal office. (In April 2005, Zango, formerly 180solutions, acquired Montreal-based CDT, at that time one of its largest adware-distributing partners.)
“Those two test accounts were actually created by one of our developers who was exploring possible opportunities, but he didn’t realize it was Zango business practice not to target MySpace,” said Stratz. “He should not have been doing this, and we want to tell MySpace that we didn’t mean to target them.” The developer, said Stratz, would soon be deleting the profiles.
Boyd took Zango to task nonetheless.
“This is a relatively new viral approach,” said Boyd. “We’ve seen spam and porn bots on MySpace before, but not adware from a quote-legitimate-unquote adware company,” he said.
Boyd’s contention was that unscrupulous Zango partners are getting MySpace users — many of whom are teenagers — to do their dirty work by spreading the necessary ad-tracking and ad-displaying software.
“Pasting the code for the [video] into the MySpace profile and having it autoplay when you visit the page is enough to have the [Zango] license prompt appear,” said Boyd. “Easy as pie.”
But although a Zango EULA (end-users license agreement) pops up on coded MySpace profiles, it’s too easy for users to assume the dialog’s from MySpace, not an adware vendor, argued Boyd. He found more than two dozen sites similar to Myspace Graphics and “I didn’t see one actually mention the fact that in return for these [video clips], you’d be pimping Zango.”
Zango, however, countered that its license agreement “could not be any clearer” and that it would be obvious to anyone that the download was not originating with MySpace.
Zango, which until early June was called 180solutions, has spent months cleaning up its distribution network — in the past it blamed “rogue” distributors for installing its software without users’ permission — and to be a better Internet citizen.
Then Zango’s vice president of business development, York Baur, said that “we’ve fixed [those] problems to the extent they can be fixed. This [business] model works, and we’re very proud of the model we’ve built.”
Stan Monlux, senior director of business development, weighed in Monday on the MySpace issue by denying that the network’s accounts were allowed to register as partners — and thus receive payments — and arguing that it wasn’t up to Zango to police the sharing of its content.
It appears that MySpace finally tightened up security and no longer allows bulletin posts from outside of the MySpace domain. A great move if you ask us, this will keep alot of unwanted SPAM bulletiins created from unknowing MySpace users.