What about people who use PCs in public places? Long Beach’s Boccia says a lot depends on what the PC will let you do which you might be able to determine only by trial and error. Boccia states, “Unfortunately, there is no visual cue to alert the user of what type of security the machine is using, unless the person is pretty tech-savvy and knows what to look for.”

Tips for using public PCs include:

- Check how the PC is set up. What operating system is it using? (XP is obviously better for the reasons given above.) It shouldn’t let you poke around in the system settings such as the control panel and user accounts. Ironically, the less you can do on the PC, the better it’s well-locked down.

You might even look behind the machine for any keylogger devices attached to the keyboard cable, where it plugs into the PC. For more on keyloggers, read the Bright Hub article, “Risky business, using kiosk computers.”

- Avoid tasks such as online banking and credit card purchases that might leave sensitive information behind. But if you must do so, uncheck any box offering to remember your information and change your passwords as soon as you are on a PC you know is secure. More »

Watcher version 1.1.0 is now available for download from Microsoft’s repository of open-source projects. The Redmond company is not the author of Watcher, but it is certainly recommending the tool via its online hotspot dedicated to the Security Development Lifecycle. Put together by Casaba Security, Watcher is designed to enhance Fiddler proxy, a tool developed by Eric Lawrence, IE program manager. In this context, the plug-in from Casaba Security complements Lawrence’s web debugging proxy, closely monitoring and analyzing HTTP traffic.

“Watcher is a plug-in for Eric Lawrence’s Fiddler proxy aimed at helping developers and testers find security issues in their web-apps fast and effortlessly. Because it works passively at runtime, you have to drive it by opening a browser and cruising through your web-app as an end user. For the developer, the tool can provide a quick sanity check, so you can find problems and hot-spots that warrant further attention. In the hands of a pen-tester it can assist in finding issues that lead to other attacks like XSS and CSRF,” revealed Chris Weber of Casaba Security. More »

In addition to the plain-vanilla Windows 7 Beta (7000.0.081212.1400) releases, Microsoft has also made available the checked builds for both the client and server flavors of the operating system. However, although meant for testing, the checked builds of Windows 7 client Beta and Windows Server 2008 R2 Beta (Windows 7 Server Beta) are designed with a specific target group in mind: device driver developers.

At the same time, the Redmond company is not serving the checked builds of Windows 7 client and server through its official Win 7 hotspot of via the Microsoft Download Center. The developer releases are only available through Microsoft Connect. The following Connect ID WIN7-3HQW-RF74 along with a Windows Live ID permits access to the downloads. Microsoft is offering 7000.0.081212-1400_server_unstaged_en-us-GB1SXCHK_EN_DVD.iso; 7000.0.081212-1400_client_unstaged_en-us-GB1CXCHK_EN_DVD.iso; 7000.0.081212-1400_server_unstaged_en-us-GB1SIAiCHK_EN_DVD.iso and 7000.0.081212-1400_client_unstaged_en-us-GB1CCHK_EN_DVD.iso. More »

Wireless hotspots are changing the way people work. These wireless local area networks (LANs) provide high speed Internet access in public locations as well as at home and require nothing more than a notebook PC with a wireless card. From coffeeshops to restaurants, airports to hotel lobbies, hotspots are ubiquitous. They are the de facto connection method for travelers and remote workers to access the Internet, their e-mail, and even their corporate networks.

Hotspots range from paid services, such as T-Mobile or Boingo, to free connections at your local coffee shop or library. But they all have one thing in common: These are all open networks that are vulnerable to security breaches. And that means it’s up to you to protect the data on your PC. Here are a few tips to make working in public locations more secure. More »

Microsoft is hard at work searching for ways to improve its Office System. This is why the company has introduced a quasi-independent effort dubbed Office Labs. Designed to be a sandbox set up to streamline the experimenting, building and testing of new ideas, Microsoft Office Labs will offer the first taste of new products and features while still in the most early stages of development, even as prototypes. An illustrative example in this regard is Search Commands for the Office 2007 System.

“Search Commands helps you find commands, options, wizards, and galleries in Microsoft Office 2007 Word, Excel and PowerPoint. Just type what you’re looking for in your own words and click the command you need. Search Commands also includes Guided Help, which acts as a tour guide for specific tasks,” reveals the product’s description. More »