That looks like the same one ZDNet mentioned a few days ago. Most social networking concerns and related stories are posted at SpywareHammer's Social Media Forum and on their Facebook Page.

Here is an updated article with screenshots:

Facebook Privacy: 10 Settings Every User Needs to Know

Nice to see ' safe computing'  guidelines in any forum.  Kudos to bugbatter for starting it up.

I might add a few suggestions, if I may ...

1.  Use your LUA (limited rights) rather than your full administrator rights logon when downloading music or movies (and make sure you have EUA enabled ... a must). 

2.  Sandbox your browser.  An easy to use sandbox application would be BufferZone (they have a free version too).  SBIE is the best application out there. If it looks a bit daunting when you first open  SBIE, go with the default config.. it works just fine that way.  GESwall is worth a look.  These apps 'harden' your system against malware attacks.  

3. If you do not want to sandbox your browser with standalone applications, try Chrome (rel. 9 ), comes pre-sandboxed, so no tweaking required.  

4. Emet is available from MS, however it is not supported by MS.  Great for isolating wordpad, printspool, PDF readers and plugins .... and browsers if you wish.  Do not use Emet on your browsers if you already have them sandboxed with a standalone SB application, as it may result in a  BSOD.  Do not use Emet on Chrome 9. 

5. Use common sense when surfing and downloading. Walk on the wild side and you are more likely to get mauled. 

Hi Vjay, Good to hear from you again, we have talked before. Was in Madras not too long ago ... wow wow wow!!! Loved it.

I havet Emet on IE8.  Not sure what I am going to do about IE9 (still waiting for WU to send it to me).  I hardly ever use IE unless the website explicity is tied to it.  Installed 50602.msi just recently to patch yet another major security breach. 

Re: your comment about EMET on Chrome 9.  I think you are taking a big chance here. Agree DEP friendly enf. bad idea.  Chrome blog advises against standalone SB apps applied to  Chrome 9. Users are getting BSOD 'Bad Pool Header' stop errors (memory/driver corruption).  

Hello,

Turning on Structured Exception Handler Overwrite Protection (SEHOP) in Microsoft Windows Vista and Windows 7 (and their 2008/2008 R2 Server counterparts) can mitigate a certain type of attack, however, some legitimate programs may make use of this vulnerability.  For more information, including instructions on how to toggle SEHOP, see Microsoft Knowledgebase Article # 956607, "How to enable Structured Exception Handling Overwrite Protection (SEHOP) in Windows operating system...."

Regards,

Aryeh Goretsky

---

I am a volunteer and neither a Lenovo nor a Microsoft employee.

L380 Yoga • P50 (20EN-*) • S230u (3347-4HU) • T23 (2648-LU7) • T42 (2378-R4U) • T43p (2678-H7U) • T61p (6459-CTO) • W510 (4318-CTO) • W530 (2441-4R3) • W530 (2441-4R3) • X100e (3508-CTO) • X120e (0596-CTO) • X220 (4286-CTO) • X250 (20CM-*) • Yoga 370

 Deutsche Community  Comunidad en Español  Русскоязычное Сообщество  Communidade Portugues

Hi Aryeh

I tried using the EMET tool on Google Chrome even though it is already sand boxed, not sure if I can enforce the same policies on all progams, will try it on some other apps today

This is how I configured the EMET 

7 Practices for Computer Security

1. Protect your personal information. It's valuable.

2. Know whom you're dealing with.

3. Use security software that updates automatically.

4. Keep your operating system and Web browser up-to-date, and learn about their security features.

5. Keep your passwords safe, secure, and strong.

6. Back up important files.

7. Learn what to do in an e-mergency.

Details here: http://www.onguardonline.gov/topics/computer-security.aspx

Recently I've been looking for a good AV software that doesn't load down my Windows system.  I've heard AVG is pretty fast, but I'm wondering if anyone has any experience with this software in terms of security performance.