Trojan Horse - One Mans “Worse Case Scenario” Prediction
———————
This is a fictional article about a Trojan Horse Virus, or you could say it is one mans prediction of a “worse case scenario”. Because of the field I’m in, I maintain a personal list of my top 10 “worse case scenarios”. Every time I perform a security assessment I run into something new or identify a situation that is ripe for a potential vulnerability. I think we could all agree that no respectable or ethical company would intentionally deliver a malicious piece of code as part of a helpful update solution. However, the reality is that human beings are behind technology and human beings are unpredictable and fallible.

Many major operating system vendors have automatic update services. Many hardware vendors and other software packages have followed this trend, incorporating automated update services into their products. In some cases, the services for automatic updates run as the local “system” account. This account has the ability to access and modify most of the operating system and application environment. When automatic updates were relative new, many people would perform the updates manually, however, as time has progressed, many now trust these services and allow the updates to proceed in a truly automated fashion.

The Final Step Before The Hammer Falls
———————
So let’s expand upon our “worse case scenario”. A new service pack is just about ready for release. The last step prior to public release is quality control / validation. The team of people performing this task includes a significantly disgruntled employee (Or may he/she is going through a horrible life crisis and has not much to lose). When people are in pain or distress it is not uncommon for them to project this same feeling onto others in any way they can. So, instead of performing their job in the normal fashion, they decide to incorporate a malicious payload into the forthcoming update.

The First Step For The Trojan Horse: Evasion
———————
This payload has some unique characteristic, three to be precise. First, it is constructed in such as way to not appear as something malicious. The anti-virus and anti-spyware programs currently on the market won’t be able to detect it through anomalous detection techniques.

The Second Step For The Trojan Horse: Information Collection
———————
Secondly, it has been instructed to wait 12 hours to activate to start searching your computer an network for important files that may contain financial, healthcare, and other confidential information such as user accounts and passwords. It then sends this information to anonymous systems on the Internet. Because this “Trojan horse” has been incorporated into an automated update by someone with reasonable skills, it is instructed to only perform the collection of data for 12 hours. Given the number of global systems that allow automated updates, 12 hours should be more than enough. The person behind this realizes that someone will quickly identify that something malicious is going on and start to roll-out a defense solution to halt the process.

The Final Step: Incapacitate
———————
Finally, the Trojan Horse will cease it’s data collection and deliver it’s final blow. Because of the level of system privilege it is running at, it modifies the communication protocols and services on the system to prevent any type of external communication to its local peers and external (Internet) hosts. It does this in such as way that the only immediate method to recover from this is a system roll-back, system repair, or restore from near-line media, such as tape or disk. And as far as system recovery is concerned, I can tell you that many people even in corporate entities do not perform the most basic steps to be prepared for a quick system disaster recovery. In some cases, some of the most important recovery services have been disabled because of lack of system resources or disk space (which is amazing given how inexpensive this is anymore).

What Could Be The Impact Of This “Trusted” Trojan Horse
———————
Just about every time you install a new application or piece of software you increase the time it takes to boot your PC and in some cases decrease its performance. On thing that drives me crazy is printing software. For the life of me I cannot understand how or why printer support software could total 400MB in size, but they sometimes do. Not only that, they tend to load all kinds of unnecessary real-time running applets. HP printers are notorious for this. Be very aware of what it is you are loading and only load those components that you need. Even some off-the-shelf software packages load adware and other not so helpful applets. Also, when you uninstall software, not all the software gets uninstalled in many cases. One thing I suggest is to purchase a registry cleaner. This can dramatically decrease boot times and in many cases increase the overall performance of your PC.

People are already concerned about identity theft, or at least they should be. I recently spoke with a business associate that told me that even with everything he does to keep his identity secure he has been the victim of identity theft not once, but twice. If your user id’s, online accounts, passwords, financials, or other confidential information winds up on the Internet for any anonymous person to see, you can bet it will be used in a way to cause you problems. Even if only 10% of the global systems fell victim to this Trojan Horse, the cut off of communications could cost businesses billions of dollars and potentially impact their reputation as “secure” institutions.

Conclusion
———————
If we don’t think that this “worse case scenario” can happen, then we’re kidding ourselves. Recently, one of the market leaders in the perimeter defense business had to recall a service pack because it contained a significant “bug” that could result in a security breach; a service pack that can be delivered through and intelligent update service. Obviously there has to be a certain level of trust between us, the consumer, and the vendors of hardware / software we rely on. I’m not entirely sure what “fail-proof” solution can be put in place to prevent something like this from happening. Although I’m sure there are quite a few checks and balances in place already. The bottom line is, if you or I can image a scenario like this, there is always a chance of it happening. In my case, I usually wait for several days to apply new service packs and hot-fixes. Hopefully someone else will find the problem, correct it, and then I’ll apply it.

You may reprint or publish this article free of charge as long as the bylines are included.

Original URL (The Web version of the article)
———————
http://www.defendingthenet.com/newsletters/TrojanHorseDeliveredInAutomaticUpdate.htm

About The Author
———————
Darren Miller is an Information Security Consultant with over seventeen years experience. He has written many technology & security articles, some of which have been published in nationally circulated magazines & periodicals. If you would like to contact Darren you can e-mail him at Darren.Miller@defendingthenet.com. If you would like to know more about computer security please visit us at http://www.defendingthenet.com.

Wake up! If you haven’t been “taken for a ride” by one or more, less than honest, business web sites yet, while you are trying to make your own web site, you’re lucky! You better learn how to recognize them. For those of us who have already had such an experience, the only hope is that we are smarter than before, and might be alerted sooner by the telltale signs we previously experienced.

The tragedy is that some Internet entrepreneurs building a business web site seem to be scammed over and over again. They trust too much in the integrity of another Internet business web site promotion offering to help them.

Trustworthy web sites don’t have the characteristics you are about to learn. It’s easier to avoid dangerous web sites than to try and get your money back!

Memorize these obvious features of trouble coming down the road!

1. Cold calls and spam e-mails: Either of these should be a loud warning to you. If you answer either, you are setting yourself up for wolverine (an animal that never gives up and will take on a foe that is 5 times his size) attack.

2. Scant credentials: No “about us” page – Can’t find detailed information about the site. If you ask them for more information and you receive only promotional materials—run!

3. Availability Lacking: You have great difficulty getting someone to the phone/e-mail. No call backs, or they come many days later, and put on hold and dropped off the line frequently should worry you.

4. Lousy HTML editor programs: Find that the program malfunctions repeatedly. Expecting you to work with an old and outdated business web site set of tools speaks to the quality of service you will continue to get.

5. Mentoring sucks: Mentor forgets appointments, can’t remember prior work done with you. Mentoring that requires you to adjust to them, especially when you are paying them, is never acceptable. If they are only there to answer your questions and not to teach you, it ranks at the top of the list of reasons to “get out of town.”

6. Dumb tech help: Find you know more then they do concerning web site glitches. When the tech repeatedly has to ask the other person for answers to your questions, while you are on hold, sends a loud message to your wallet.

7. Demonstrated incompetence: Answers to your questions repeatedly miss the point. If the only responses you get back is for you to do your own looking for the solutions, or when they ask a question about your question (that really burns me), head for the hills!

8. Personnel problems: Never contacted by the same person twice. Fast turnover of their personnel should tell you something is not right in their business. You can easily come up with all the reasons for that.

9. Executive hiding: Can’t ever reach the top person in the business. If you do have a good reason to contact the “top gun”in their business, and you are quickly shuffled to the assistant, then to another assistant, or your e-mail to the CEO is never answered, start packing your bags.

10. Work hours unusual: During the day usually get a “voice mail”– and rarely get a response to your message. If you have paid to use their business tools, and you find out that you can never get to them after 5 PM, or on the weekend, you are being shortchanged.

These are the most blatant reasons to get on your horse and ride away—quickly too! If you don’t have a horse, have your wife drive you. She has no doubt been waiting for this exact moment to finally dig you out of that money hole you are in.

I suspicion that the ladies who are in that money hole, already have the escape plan in mind.

Summary:

Someday, hopefully it will be legal to publish a list of those Internet web site businesses that cheat you out of your hard earned money. Then every Internet entrepreneur starting a business web site will know who they are. As of now we can only fall back on our careful attention to how we are treated right from the start.

Don’t be too trusting of those business web sites that try to push their web site promotion down your throat. The courage it takes to make your own web site and start your own ebusiness is to be respected.

“The life span of a thought is determined by the extent of attention we put to it.”

(Rev. Fred Price)

The author, Curtis Graham, M.D., is CEO of L & C Internet Enterprises, Inc. For over 38 years in medical practice he has written articles, medical information products for his patients, a book on infertility, and marketing information for his practice. He has been published in Modern Physician, an elite magazine for physician executives, and is credited as an “Expert Author” by Ezine Publishers.

Retirement from medicine now permits expansion of his passion to continue helping people by writing pertinent, practical, and detailed articles about many topics. Check out the website that he and his wife share with a passion: Helping entrepreneurs make their Internet Businesses a success => http://www.EBusinessHelpFirm.com

Please feel free to copy, send, distribute, or make this article available to others that might be interested. In doing so you agree to leave the author’s bio and article intact.

Copyright 2005, Curtis Graham, MD, L & C Internet Enterprises, Inc. All Rights Reserved.

A deadly new virus under the name of W32/Nyxem-D which spreads via email attached file is set to strike on the 3rd day of every month half an hour after the infected computer boots up. The damage caused by this virus could be extensive. If unsuspecting user opens the infected attached file it gets into the system and start delivering itself to all the available email addresses residing in the infected computer.

Once activated it overwrites all DOC, XLS, MDB, MDE, PPT, PPS, ZIP, RAR, PDF, PSD and DMP files by replacing their contents with the data string: DATA Error [47 0F 94 93 F4 K5]. This can create a big mess, as all integrated to the computer drives will suffer. This means your flash cards, network drives, external drives or any drive which gets identified by an alphabet.

This virus is also known as "CME-24," "BlackWorm," "Mywife.E" and “Kama Sutra” and seems even capable of disabling out-of-date antivirus software. Over 300 thousand computers are believed to be infected by this worm mainly in India, Peru, Turkey and Italy, where people are less prone to safeguard their computers with up-to-date antivirus programs. What should you do to protect your computer from this and other malware?

1. Upgrade your antivirus software. If you don’t have an antivirus software installed and you don’t feel like buying them. These two are excellent antivirus programs you can get for free.

AntiVir Personal Edition Classic 6.32 (http://www.free-av.com/) Alwil Software Avast Home Edition 4.6 (http://www.avast.com/i_kat_207.php?lang=ENG)

2. Scan your computer for possible malware regularly. A great free tool that scans your computer remotely for viruses and eliminates them you can find at http://housecall.trendmicro.com/housecall/start_corp.asp

3. Get a firewall and install it. A great free firewall that you can download and install is Zonealarm. You can download it from http://www.zonelabs.com/store/content/home.jsp

4. Regularly get patches for your version of Windows and update.

5. Use email filters similar to Eprompter. It gives you the ability to delete unwanted spam or suspicious looking mail, which might contain viruses. Get it free from http://www.eprompter.com.

If you take these precautions, your chances of getting infected will be reduced drastically.

Nowshade Kabir is CEO of Rusbiz.com, a global B2B portal for small and midsize companies. Our distinctive web stores along with many outstanding features like e-marketplace, e-catalog, supply chain management solutions, and trade leads section will allow you to build robust Internet presence and manage key business processes online. Rusbiz also develops Corporate B2B portals.

With the exception of those who are competing in reality TV shows, who wants to be watched? Who wants to be seen in their most vulnerable and private moments? Who wants to be deprived of his privacy and his freedom to keep things for himself? Most importantly, who wants to jeopardize his security by unwittingly exposing the things he should be keeping a secret to someone who’s watching from afar?

Before you start thinking that we’re referring to a psychopathic voyeur who is observing you from the building adjacent to your house, let us clarify that we’re going to discuss about spyware. Yes. Spyware: a program which has been the bane to Internet users for the past three years.

Spyware is one of those things that were invented for a good purpose, but was eventually exploited in time. Spyware was originally meant as a tool that would allow you to monitor the usage of your PC terminal while you’re away from the keyboard so that you can prevent illegal access to the same. Eventually, it found other borderline uses, like catching a cheating spouse or significant other, prying on your daughter’s liaisons, and watching over your children’s Internet activities from a remote computer.

From pure to gray to black, spyware has now become a backdoor to high technology security protocols. It does this without hacking any system, rather, by deluding a user into unwittingly installing the spyware program on his PC. From there, the program would work invisibly, sending key logs, or log files of the characters you have punched on your keyboard, to someone else on a remote terminal. This is why spyware is also called as a key logger program.

Eventually, spyware evolved into more damaging forms. Today, you would have invisible scripts redirecting you to certain websites which you have not chosen to view, or pop-ups that keep sprouting left and right even if you’re viewing a pop-up free website. This has led the Anti-Spyware Coalition, a group of industry giants who are adversely affected by this digital malady as well, to define spyware as something that “impairs users control over material changes that affect their user experience, privacy or system security; use of their system resources, including what programs are installed on their computers; or collection, use and distribution of their personal or otherwise sensitive information.”

The security risks posed by spyware programs cannot be ignored. Imagine engaging in an online transaction wherein you send your credit card details in a secured network, only to stand losing such details once you log off as your key logs would be sent to someone else. Also, personal details can also be stolen, resulting into a greater risk for your actual safety.

But it is the violation of your rights that is the biggest issue. With spyware, your freedom of choice and to feel secure about your personal effects is deprived of you. This has no room in a civilized society.

Indeed, spyware is a modern day disease that should be curbed. It now comes in a variety of forms aside from the aforementioned key loggers:

• ADWARE – is an invisible program that sends specific banners for you to see. It may sound innocent, but this program actually compels your PC to send personal details to the mother source so that the latter may know which ads to display. Get a free trial spyware remover here: http://eauthorresources.com/naw.htm

• HIJACKERS – these are programs that take control of your browsers, opening up pages which you do not choose to view.

• MALWARE – these are programs which are not spyware per se, but operate under the same principle. They are persistent scripts that don’t seem to stop until your data are destroyed. Examples of these programs are Trojans and worm viruses.

There are a lot of free tools in the World Wide Web that would allow you to rid your computer of these malicious programs. Sometimes, however, the process of cleaning up results in the loss of valuable files. The maxim “an ounce of prevention is worth more than a pound of cure” seems to be the best policy against spyware. Always update your anti-virus system, so that spyware may not be allowed to incubate in your hard drive.

Mark Sandquist is the Editor of eAuthorResources NewsLetter. http://eAuthorResources.com provides FREE Help and FREE Marketing Software for eBook Authors, Software Developers and their Affiliates and Resellers.

Most companies hire highly paid computer security professionals who spend hours and hours a day configuring access policies and patching computers. Then they turn around and hire a minimum wage security guards to protect their millions of dollars worth of computer equipment. This isn’t even counting intellectual property and their database of customers and names. If a hacker has been hired to hack you which path do you think he will take to steal company secrets? Will he spend months trying to hack the companies’ network which has been locked down by the highly paid computer security consultant? Or will he spend a day trying to hack the poorly motivated security guard that is paid minimum wage? Hacking a human (Social Engineering) is the greatest threat to your company. If you don’t have someone who can combine computer security with physical security you have no informational security.

Informational security combines every aspect of access control and building management. Informational security ranges from how people access the building , how the janitors dispose of garbage, computer security, staff background checks, staff hiring, video surveillance ect.. A common lapse in physical security is that smokers usually leave one door unlocked during the day so they can take a smoke break. That completely cancels out your hundred thousand dollar key card system. All a information thief would have to do is watch your building for the day and find the smoker hang out.

Every major type of informational theft crime has used some type of social engineering attack. Untrained and poorly paid employees are the easiest targets because they are usually are unmotivated and easily influenced. The key is not paying people more; the key is to train them to know what to look for. A well trained staff member will enjoy their job and take ownership of their responsibilities. They will not want to let the company down if they are trained and feel needed.

Your employee hiring process should include a background check and credit check. If the candidates have ever declared bankruptcy do not hire them. If they are really strapped for cash they can be easily bribed or seduced into selling your companies secrets. The federal government does not give Secret security clearances to people who have declared bankruptcy. Why would you let someone like that near your company’s vital data?

Your company’s weakest link is your employee’s cars and homes. It’s easier for a hacker to follow someone home from work and then steal their laptop out of the car. Also, employees usually leave their access cards in their automobiles. Create company policies for storing company laptops, PDA’s and access cards in secure locations…not in cars.

Check your company websites!! Don’t have every employees name, position, phone number, email address and bios listed on the website. All this information just gives a information thief more tools to work with.

Train your in house security about your computer network. If you train them the very basics about technology and servers they will be more aware about what people should be doing. Train them to look for portal hard drives, key chain drives and writeable media like DVDs and cdroms. All of these items can be used to take vital company secretes off company grounds.

Finally here is the easiest way to protect your company’s network……log off your computer when you’re done using it. This sounds like a common sense but nobody logs of their computer when there done. The worst culprits are executives, who always want access to everything. If a hacker gets inside your company, it takes less than a minute to install a root kit. Once his root kit is installed your doomed.

Join the most popular wireless networking newsletter on the internet. Get the inside scoop on wireless technology for the home and workplace http://www.wirelessninja.com

The Worm_Grew.A Virus Got Allot Of Attention
———————
The 3rd has come and gone. What has been the real effect or impact of the “WORM_GREW.A (Also know as Nyxem, BlackMal, MyWife, and so on)” virus? For weeks there has been tons of warnings, in the news, print, e-zines, you name the forum and it has been a discussion topic. Current information indicates that the WORM_GREW.A virus has not caused mass destruction as promised or suspected. I’m sure some of those 600,000 or so suspected infected computers were impacted, but who really knows at this point.

Viruses Can Impact You In Various Ways
———————
There is one thing I do know however; Even if the BlackMal virus has not done as much physical damage as predicted, it has done a good deal of indirect damage. Think about how much time corporate technical people have spent preparing for the possibilities, making sure their enterprise anti-virus solution is functioning properly, the time devoted to discussing and planning for disaster recovery in the event a direct impact is realized. What about all the home and small business people stressed about the doom looming over their computers head in the form of a “possible” destructive and wide spread infection.

How Do You Know If Your Business Is Protected Against Viruses
———————
A business associate of mine recently worked on a project in which he performed a complete infrastructure upgrade for a document / information heavy business. During the upgrade, he found that the anti-virus solution they were using was not functioning properly, had not updated its virus signatures for eight months, and on top of this, their very expensive tape backup solution had not been working for about as long. The customer kept changing the tapes, but they were blank. Just imagine what would have happened if they had not had this upgrade done, and an effective anti-virus and tape backup solution put back in place. If they had contracted this virus it could have not only shut them down for a period of time, it very well may have cost them huge financial losses or worse.

Virus Threat, Hype, or Somewhere in Between
———————
Do I think this particular virus scare is a product of a real threat, fueled by hype, or a dud? Quite frankly I think it has been a little of all three. The threat was / is definitely real, the hype was all over the media and other information outlets, and as far as being a dud, if you analyze it using the equation threat+hype= impact, maybe.

I think what really has set this virus apart from recent malware / threats, is its destructive capabilities. Many malware developers have moved away from creating destructive worms and viruses in favor of creating cash generating malware. There’s no money in it for them if they just blow up your system.

Conclusion
———————
It’s quite interesting, the parallel between how we deal with threats and risks in our personal lives, and that of the technology world. Many of us only prepare for a negative or damaging event shortly before the event takes place. That is if we have been warned with time to prepare. The bottom line is we can never let our guard down. Consistency, persistence, awareness, and preparedness need to be in the forefront of our minds.

You may reprint or publish this article free of charge as long as the bylines are included.

Original URL (The Web version of the article)
———————
http://www.defendingthenet.com/newsletters/Worm_Grew.A-Threat-Hype-Or-Dud.htm

About The Author
———————
Darren Miller is an Information Security Consultant with over seventeen years experience. He has written many technology & security articles, some of which have been published in nationally circulated magazines & periodicals. If you would like to contact Darren you can e-mail him at Darren.Miller@defendingthenet.com. If you would like to know more about computer security please visit us at http://www.defendingthenet.com

What we need is the Dewey Decimal System to go digital …

Specifically, someone needs to coax their keepers into putting some logical order into how computer viruses are sorted.

Recently, warnings abounded about the Kama Sutra virus quickly proliferating cyberspace, joining the Grew.A and Nyxem.E as serious threats to computer file security. However, only those who took a closer look at these strains were able to discover that they all had something in common.

They were virtually the same virus.

There is uniformity in the library world when it comes to catalogging the millions of books contained therein, thanks to Dewey. The weather service administrators do their bit for personnification by breathing a bit of nefarious charm into the tropical storms they track by assigning them names in alphabetical order each year. They key to both of these facts is that someone devised a universal means of identifying something that assists the general public in dealing with it.

The time is rapidly approaching when someone needs to step forward and put some order into the villainous world of computer infections.

New viruses arise so suddenly and spread so quickly that those whose job it is to seek and destroy them have little time to muse over what to name them. With Dama Sutra, for instance, its file-destroying program seemed to be spread by junk e-mail enticements to visit porn sites. The news media ran with that theme and gave it a headline-grabbing handle; Kama Sutra, of course, is the legendary lovemaking guide compiled to classify the creativity of ancient Hindu hedonism.

Geeks, however, have their own perspective when they put a spin on things. Just as banks need to have stately names, spyware apparently needs to carry Matrix-like titles to make them appear darker, more foreboding and a worthy challenge. After all, who amongst them would want to quash the Kama Sutra? Wouldn’t that confirm the geek image as a cyber-eunuch?

Thus, titles like Grew.A and Nyxem.E are coined to look so much more imposing and in need of professional assistance to eradicate.

F-Secure is a Finnish virus fighter and widely acclaimed to be one of the best of its kind on the market. Their stature is such that when they identify an intrusive program, others notice and accept the name they give it. In this case, F-Secure saw the program shared code and techniques with cetain file-destroying predecessors, so they went with ‘Nyxem.E,’ derived from the acronym for the New York Mercentile Exchange, whose web site was targeted by the initial culprit.

Other vendors took note that this program destroyed files instead of overloading websites with fake traffic. Using a logic known only to one of the backroom gnomes in their employ, this meant that ‘Grew.A’ was the most appropriate description. I can only think that asking for a clarification for that decision would cause most of us as much of a headache as trying to remove the program after it has hit our computers.

Anyway, in these trying times of terrorism alerts, if nobody else is willing to tackle the task of virus classification, those rock-lifters and cobweb-sweepers at the USA Department of Homeland Security are prepared to step into the fray. They have devised a system of virus naming through the Common Malware Enumeration, or CME. Outbreaks are assigned a random number, which in this case turned out to be ‘24.’

We’ll see if such a system captures teh public’s imagination.

This is an important point, because if a unified virus identification system is to be effective, it has to immediately raise a general awareness so that the virus’ spread can be better contained.

If nothing else, ‘Kama Sutra’ generated enough clicks to quickly spread the word that a cyber-invader was on the prowl. Once named as such, a program that had been circulating for weeks, but was set to destroy files only on the third day of each month, finally came to the public’s attention. That gave vendors time to update their products and warn customers.

Incidentally, this strain is known to corrupt documents using the most common file types, including ‘.doc,’ ‘.pdf’ and ‘.zip.’ It affects most versions of Microsoft’s Windows operating system, which caused them to issue the most widely-heeded warning of the problem.

Given the recent animosity-filled anti-trust suit brought by the American government against the software giant, it does seem like their efforts to raise the awareness of this virus has necessitated that they become the proverbial strange bedfellows.

It’s only appropriate that something named Kama Sutra would bring them together. It’s inevitable that they would find themselves in this position. The task now is for them — and everyone else — to agree upon what to call it.

Copyright 2006 – The Longer Life Group

J Square Humboldt is the featured columnist at the Longer Life website, which is dedicated to providing information, strategies, analysis and commentary designed to improve the quality of living. His page can be found at http://longerlifegroup.com/cyberiter.html and his observations are published three times per week.

The Federal Trade Commission in a recent report to congress to justify their budget request for FY 2007 stated that they had taken the lead in protecting consumers from identity theft. When in fact all they have done is fine the ever-living crap out of the corporations who were victims of fraud and data theft. Here is how the FTC re-writes history and embellishes their achievements in protecting consumers from data theft;

Protecting Consumers In the High-Tech Environment.

“The FTC has taken the lead to protect consumers from technology-driven threats to the security of their personal data and information, personal computers, and email inboxes.

Data Security. Concerns about data security and identity theft have spiked with recent press reports on data breaches. The FTC is investigating a number of these breaches; it also has an ongoing and active law enforcement program to encourage appropriate security. November 2004, the FTC charged two mortgage companies in the first cases enforcing the Gramm-Leach-Bliley Safeguards Rule, alleging that they did not have reasonable protections for customers ‘ sensitive personal and financial information. In June 2005, a large wholesale club agreed to settle charges that its failure to take appropriate security measures to protect the sensitive information of thousands of its customers was an unfair practice that violated federal law.”

Great so the FTC filed several cases against name brand companies and splashed headlines in newspapers across America of their enforcement actions, not against the people who stole the data but against the very companies who the information was stolen from. In fact the FTC has done nothing, not one damn thing in my opinion to curb data theft, except used public relations ploys to embellish their agency into more taxpayers dollars in FY 2007. In my opinion the FTC is a complete fraud and is so full of yesterdays food coming out the poop shoot that someone ought to drown them in their own minutia. Consider that in 2006.

"Lance Winslow" - Online Think Tank forum board. If you have innovative thoughts and unique perspectives, come think with Lance; http://www.WorldThinkTank.net/wttbbs/

In the FY 2007 Budget Request for the United States Justice Departments Federal Trade Commission; the FTC put forth several examples of their achievements to protect the consumer. In the report to congress and the over view that followed the Federal Trade Commission stated that it had been working to protect consumers from Identity Theft.

Identity Theft.

“According to a 2003 FTC staff survey on identity theft, over a five-year period, more than 27 million consumers were victims of identity theft; identity theft has become the number one consumer complaint received in the FTC’s database. During FY 2005, the FTC continued to operate the ID Theft Data Clearinghouse and collected more than 255,000 identity theft complaints in its consumer information system, bringing the total to more than 940,000.”

I would like to enlighten the consumer to the fact that by the FTC’s own admission here that they have had an increase in identity theft since they started working on it. They have failed to curb it in any way, shape or form? Thus why should we increase that agencies failure and piss poor performance? But the FTC goes onto state that:

“The FTC’s identity theft team conducts outreach and training with criminal law enforcement authorities to assist them in the prosecution of identity thieves and since 2000, has distributed nearly 4.5 million paper copies of its two main identity theft education publications, including its new and improved identity theft booklet, and recorded more than 2.7 million visits to the Web versions of these publications.”

Now then we are trying to cut paper and the FTC indicates here that they are freely and purposefully and knowingly distributing paper copies. Additionally their “FTC Identity Theft Team” is outrageously incompetent in my professional and reality based observational opinion. Therefore after reviewing all this data it is our findings that the FTC not be given one more damn dime of taxpayer’s money and the agency should be closed at the end of this fiscal year. Consider this in 2006.

"Lance Winslow" - Online Think Tank forum board. If you have innovative thoughts and unique perspectives, come think with Lance; http://www.WorldThinkTank.net/wttbbs/

Spyware is just about the most aggravating thing around. And its cousin Adware is not so pretty either. Did you know that the Federal Trade Commission has been working on this problem and actually filed a couple of lawsuits on Spyware programmers? Its true and although spyware is still out there you will be happy to know that the FTC has issued a report telling everyone all about it and warning us; as if we didn’t know? Dah? In fact the FTC used this report to harness more money from for their FY 2007 Budget from Congress stating;

Spyware.

“During FY 2005, the FTC issued a report on spyware, and brought several important law enforcement actions to stop marketers who loaded unwanted and risky software onto consumers’ personal computers without their knowledge, consent, or instructions about how to remove the unwanted software. FTC staff also developed new tools to detect, locate, and investigate spyware purveyors, and launched other nonpublic law enforcement investigations.”

Should the FTC be granted more money to go after spyware, as there are other new evolved and more malicious considerations to worry about on the average computer now? Should the Federal Trade Commission receive additional monies to further increase their spyware endeavors? Or has the American People had enough of the government and their spying? Consider this in 2006.

"Lance Winslow" - Online Think Tank forum board. If you have innovative thoughts and unique perspectives, come think with Lance; http://www.WorldThinkTank.net/wttbbs/