Digipiles
Wednesday, March 13, 2013
How to speed up Google Chrome (and reduce its memory usage)
Have you ever noticed how much memory Google Chrome uses? I'd really love to see Chrome do better in memory consumption, because not all machines has spare memory to only be hogged by a browser alone. You will notice in Windows' Task Manager that even if one tab is open in Chrome it uses several processes to run it. The explanation is Chrome uses multiple processes for security and stability. They say that one tab that freezes will not likely freeze the others. But I have on occasions experienced the whole Chrome browser freezing which freezes also all the tabs that are open. IE, I think, also uses this feature and Safari too. Let me know if that's not entirely true YET. Here is the breakdown of resource use involved in running Chrome:
number of tasks = 1 (browser master) + one for each tab + one for each extension + one for each plugin
So if you have many extensions and plugins you will notice Chrome getting bogged down. Do you all know that Chrome is currently the only browser that has a built-in Task Manager? To access Chrome's Task Manager, just click the Wrench icon at the rightmost part of the URL bar (where you type the website's address). Sometimes the Wrench icon changes into what looks like 3 horizontal lines. Just click that and then look for Tools>Task manager. Look there and see which tab, extension, or plugin is using so much resources. Take note how much resources you are using when you go to Facebook and play a flash game. hehehe
Some suggestions to speed up your Chrome:
1. Do NOT run the extensions when not needed, i.e. , disable most of the extensions.
2. The ADOBE FLASH PLAYER uses a lot of memory, so try searching for "FlashBlock" and install the extension. It's FREE! It doesn't eat a whole lot of memory. Just look in Chrome's Task Manager and see how much memory Flashblock consumes. I wonders how it works with so little memory use. The FlashBlock extension replaces the flash objects with a clickable image. When we click on the image, the Flash Object is loaded. If you have an internet data plan providing you with a limited amount of GBs FlashBlock would do you good.
3. Use Chrome's Task Manager to terminate maybe a tab or extension or plugin or an app as each one of them is a separate process to save on memory. You can reload them later on when needed. To terminate a process in Chrome's TM just click the "End process" button at the bottom-right corner of the Chrome's TM (Task Manager).
4. Clear your Cache/Cookies. Cache is used for loading webpages faster but it's not much use as it consumes some memory in fetching data from the cache (or local storage). To clear your cookies in some versions of Google Chrome:
# Click on the Wrench (or 3 horizontal bars) icon at the farthest right end of the URL bar.
# Select "Options"
# Click on "Under The Hood"
# Click on "Content Settings"
# Click on "All cookies and site data"
# click on "Remove All"
Remember, after doing this, you'll have to log-in again on the sites where you have the "Save Password" (or "Remember Me") option ticked.
In other versions of Chrome, you need to do this instead:
#Click Tools then choose "Clear browsing data...". From the new interface that will pop up choose the items you want to clear. The default choices are good enough but you can add to the list by checking the other checkboxes shown.
The suggestions above are NOT a permanent cure - but they will help Chrome control its lust for memory.
This suggestion is a little more of a permanent cure than the suggestions above:
In Google Chrome, click the Wrench (or the 3 horizontal bars) icon, then Settings.
Click the "Show advanced settings..." link at the bottom of the Settings page.
UNCHECK the "Predict network actions to improve page load performance" option.
Then close the Settings page.
Wednesday, October 31, 2012
Viber: Free Calls, Messaging and Sharing on Your Cellphone
Make free calls and send free messages to any device that has Viber, on any network! Viber is a proprietary cross-platform instant messaging voice-over-Internet Protocol application for smartphones. In addition to text messaging, users can send each other images, video and audio media messages. The client software is available for Android, BlackBerry OS, iOS, Series 40, Symbian, Bada and Windows Phone.Viber works on both 3G and WiFi networks. All you need is a 3G or WiFi connection and you can connect with other Viber users anywhere! You can call your friends and family in the U.S. or anywhere else too.
For Android Phones:
http://www.viber.com/#android
http://www.viber.com/products/android/
https://play.google.com/store/apps/details?id=com.viber.voip
For Windows Phones:
http://www.viber.com/#windowsphone
http://www.viber.com/products/windowsphone/
http://www.windowsphone.com/en-us/store/app/viber-messenger/f4631757-d1f6-4727-bd65-e6bc6c8e35da
For Nokia Phones:
For Blackberry Phones:
http://www.viber.com/#blackberry
http://www.viber.com/#blackberry
For iOS Phones:
For Bada Phones:
http://www.viber.com/#bada
http://www.viber.com/#bada
How to get started with Viber video:
Viber looks and feels just like your regular phone, so you won’t have to waste any time figuring it out. The sound quality though is much better than a regular call. Viber uses your phone number as your "identity" and lets you make free Viber phone calls to any of your friends that have Viber - using THEIR phone number. Once you've downloaded Viber, you will receive an Access Code via SMS or via callback to activate Viber. The Access Code ensures that you are the real owner of the cellphone number you have registered and prevents others from obtaining your Access Code and placing calls with your caller ID. Viber uses your device's address book to automatically tag who has Viber in your contact list and it's always synced. If you don't have 3G you can still use Viber via WiFi.
Viber works on iPhone, iPad, iPod Touch and Android devices, with some exceptions. They've tested Viber for Android on various devices. The complete list can be found here:
http://helpme.viber.com/index.php?/Knowledgebase/Article/View/45/10/is-your-android-compatible-with-viber-system-requirements
Here is a list of currently not supported devices or systems by Viber.
iPhone 2g - Probably because of Edge only internet connection.
Android OS less than 2.0
Android Tablets - They are not supported but a friend of mine has a Samsung Galaxy Tab with WI-FI only and Viber works just fine on this device. I’m sure that in the near future we will have a list of tablet devices on which Viber works OK.
Motorola Flipout - Although it comes with Android 2.1, it is not officially supported, and judging by users’ reports, it seems that it doesn’t work.
HTC Wildfire, HTC Hero - For some time, Viber was unavailable for download from Market for those two devices. Now they are available, but still known as problematic.
Note on Jailbroken iPhone, iPad or iPod Touch - They are supported, but the Jailbreak interferes with Push Notifications mechanism and this causes problems in terms of Viber’s functionality.
Note on Android devices which can not download Viber from Market - If you cannot download Viber from Android Market (e.g. HTC Hero), you can try to download and install it directly from viber.com. You can find more info and a guide here: http://helpme.viber.com/index.php/Knowledgebase/Article/View/100/16/cant-download-from-android-market
The following is from http://helpme.viber.com/index.php?/Knowledgebase/Article/View/18/6/iphone-what-is-viber-and-is-viber-really-free:
Viber to Viber calls or messages are absolutely free when selecting the Viber badge in your Viber contact list or the button which says 'Free Call' or 'Free Message' within the contact info of your Viber contact list. Viber does not charge your carrier nor Viber users. Calls or messages placed from Viber to "non Viber users" will go through your local cell phone provider like a regular cell call. Once you and your friends download Viber you can talk freely, locally and internationally, and these calls will not show up on your phone bill.
All you need is an Internet connection: 3G or WiFi wherever available (3G may incur operator data charges or internet access fees. Check with your 3G provider to see your 3G plan). The bandwidth rate during a Viber call is approximately 240 KB per minute / 14 MB per hour.
If the party you are calling doesn't have an active internet connection or has their Viber application turned off when you call, the call will time out, and once the person reconnects to the internet, or once the person opens the Viber application, they will receive your missed call notification or the text message you've sent. Viber will not automatically divert to your regular GSM (cell phone provider) service.
If you try to place a Viber call to a user who doesn’t yet have Viber, you will receive a warning message that the call is going to be placed as a regular paid call, or you can choose to invite the contact. This way, you can choose if you still want to place a paid call through your device's phone application or not. Always use your Viber contact list to see who has Viber...
There is also a Viber for PC:
http://www.viberforpc.com/
Download it here:
http://www.viberforpc.com/viber-for-pc-give-viber-free-calls/
Go here on more instructions on how to download it:
http://www.freecallshub.com/2012/09/video-tutorial-download-viber-phone-app-windows-pc/
Viber doesn't contain any annoying ads.
Friday, October 19, 2012
Socware: Facebook Malware Alert
Be very careful when you are on Facebook. Danger lurks there. Let the article below serves as a warning to you:
How To Fight "Socware" - Malware On Facebook And Other Social Networks
DAVE COPELAND
OCTOBER 16TH, 2012
From: http://www.readwriteweb.com/archives/how-to-fight-socware-malware-on-facebook-and-other-social-networks.php
Engineering professors and graduate students at University of California-Riverside have coined a new term to describe malware distributed on social networks, but they didn't stop there: They also developed an app to fight it.
"Socware" – pronounced "sock-where" - describes all criminal and parasitic behavior on Facebook and other online social networks (SOCial-WARE, get it?). But the term may be secondary news compared to the researchers released, which they claim stopped 97% of all socware while blocking legitimate messages only 0.005% of the time.
A white paper outlines the study, which included 12,000 people who had installed the MyPageKeeper app and their collective 2.4 million friends. All-in-all, the study analyzed more than 40 million messages sent on Facebook.
The researchers, who described socware as an escalating arms race between scam artists and Internet security firms, said traditional blacklists, which have been used to block malware in email, have become ineffective as more communication has moved onto platforms like Facebook. They also found an increase in malware programs that hijacked accounts for the paid liking services I wrote about last month.
"Facebook is becoming the new epicenter of the Web, and we showed that hackers are adapting to this change by designing new types of malware suited to this platform, which we call socware," they wrote.
A Sucker Born Every Minute
Seasoned and even ordinary Internet users are often left wondering "Who the hell would fall for that?" For example, MyPageKeeper researchers analyzed the data in their study and found:
- Only 54% of socware messages included URLs that had been shortened using a link shortener. The researchers had expected the number to be higher, as shortened links can hide suspicious-looking URLs - but apparaently suspicious URLs don't bother some users.
- Of the un-shortened URLs, the scammers often used what the researchers called "obviously fake domain names," including http://iphonefree5.com and http://nfljerseyfree.com.
Anyone who clicks on a suspect link is vulnerable, but Facebook seems to be the chosen stomping ground for socware criminals. About one in five of the socware links were hosted on Facebook itself, and thousands of socware messages were sent through the network everyday.
- Certain words should be warning signs for users: "OMG," for example, was 332 times more likely to appear in a socware status update, while the word "bank" was 56 more times likely to appear in socware messages.
Facebook declined comment, saying it does not comment on third-party reports and papers.
"Malware on Facebook seems to be hosted and enabled by Facebook itself," Michalis Faloutsos, a professor of computer science and engineering, said in a statement "It's a classic parasitic kind of behavior. It is fascinating and sad at the same time."
OMG! You can take this to the bank anytime!...Oh wait this is NOT a prank even though I used the words "OMG" and "bank". :). It isn't unusual to spot at least one Facebook post in your feed that goes "OMG OMG see this video.. WOW!" Does this fake excitement statement trick fool anyone anymore? A little common sense with a hint of awareness is enough to tell you that the content is malware-ridden. When I see a statement like that my first reaction is to delete the post or the email. I guess I've been a moderator and owner of forums and Yahoo groups too long. I take statements like that with a healthy dose of skepticism.
MyPageKeeper is a free application that detects spam and malware on users’ Facebook walls. It is highly accurate, cheap (FREE!!) and fast. In the future, the researchers are considering allowing MyPageKeeper to remove malicious posts automatically.
Saturday, October 13, 2012
Changing your Windows password
Click Start and in the Start Search (bottom entry box) type cmd.
On top of the menu, rightclick cmd.exe and choose "Run as administrator."
Then write this command:
net user
The command will display a list of usernames which can access the computer.
Then type this command using the username whose password you want to change or bypass:
net user username *
Make sure you put a space between the star and username.
You will be prompted to enter a new password. If you leave it blank the command will erase your current password.
Then hit Enter twice to remove or change your password.
On top of the menu, rightclick cmd.exe and choose "Run as administrator."
Then write this command:
net user
The command will display a list of usernames which can access the computer.
Then type this command using the username whose password you want to change or bypass:
net user username *
Make sure you put a space between the star and username.
You will be prompted to enter a new password. If you leave it blank the command will erase your current password.
Then hit Enter twice to remove or change your password.
Thursday, September 13, 2012
Accessing System Setup (BIOS) and Backdoor Passwords - Part 2
You can try some methods suggested here:
Click on the link below and try the method mentioned under section “By Using MS DOS Command”:
http://www.askvg.com/how-to-reset-remove-bypass-a-bios-or-cmos-password/
BIOS/CMOS Password Recovery Tool ($24.95)
http://www.biospasswordrecovery.com/
CmosPwd tool (freeware)
http://www.majorgeeks.com/CmosPwd_d239.html
CmosPwd is a CMOS BIOS password recovery tool.
Use Hiren’s Boot CD
http://www.hirensbootcd.org/download/
You need to burn it on CD or you can create a bootable USB flash drive of this tool.
This video shows how to use it Hiren's Boot CD:
How to remove a Bios Password using the Hiren’s BootCD 15.1
http://www.youtube.com/watch?feature=player_embedded&v=uY0wZMqNzmw
Accessing System Setup (BIOS) and Backdoor Passwords - PART 1
The BIOS/CMOS password can be reset most of the time by just taking out the battery from the motherboard for a few hours, sometimes only 15 mins. This can be a bit tricky on a laptop, so be careful.
If you bought a used computer chances you do not know the password to your system setup or to your BIOS. Many BIOS makers include a backdoor password that can let you get in. This list has some of the most common backdoor passwords to the BIOS and is intended for legitimate use only:
NOTE: Do not try to guess the password on a passworded Hard Drive. 3 wrong guesses will often result in the information on the hard drive being lost forever.
BACKDOOR PASSWORDS
Award BIOS
ALFAROME
ALLy
aLLy
aLLY
ALLY
aPAf
_award
AWARD_SW
AWARD?SW
AWARD SW
AWARD PW
AWKWARD
awkward
BIOSTAR
CONCAT
CONDO
Condo
d8on
djonet
HLT
J64
J256
J262
j332
j322
KDD
Lkwpeter
LKWPETER
PINT
pint
SER
SKY_FOX
SYXZ
syxz
shift + syxz
TTPTHA
ZAAADA
ZBAAACA
ZJAAADC
01322222
589589
589721
595595
598598
AMI BIOS
AMI
AAAMMMIII
BIOS
PASSWORD
HEWITT RAND
AMI?SW
AMI_SW
LKWPETER
A.M.I.
CONDO
PHOENIX BIOS
phoenix
PHOENIX
CMOS
BIOS
MISC. COMMON PASSWORDS
ALFAROME
BIOSTAR
biostar
biosstar
CMOS
cmos
LKWPETER
lkwpeter
setup
SETUP
Syxz
Wodj
OTHER BIOS PASSWORDS BY MANUFACTURER
TOSHIBA BIOS
Most Toshiba laptops and some desktop systems will bypass the BIOS password if the left shift key is held down during boot
IBM APTIVA BIOS
Press both mouse buttons repeatedly during the boot
Here are some more:
VOBIS & IBM
merlin
Dell
Dell
Biostar
Biostar
Compaq
Compaq
Enox
xo11nE
Epox
central
Freetech
Posterie
IWill
iwill
Jetway
spooml
Packard Bell
bell9
QDI
QDI
Siemens
SKY_FOX
TMC
BIGO
Toshiba
Toshiba
There are other backdoor passwords listed here and they also suggest some software solution:
http://www.technibble.com/how-to-bypass-or-remove-a-bios-password/
NOTE
Most laptops cannot have its BIOS password bypassed with any of the above backdoor passwords. The laptop passwords are stored in a separate chip, and clearing CMOS or removing the battery will not work to get rid of them.
A good article to read about this topic can be read here:
Removing a Bios - CMOS Password
http://www.dewassoc.com/support/bios/bios_password.htm
The CMOS jumper referred to in the two articles I mentioned above is almost always near the battery of the motherboard. Use the jumper by moving it over for about five seconds. Then move it back (release it). By doing that most BIOS will be reset. This is much faster than waiting for all the power to drain. Some newer boards even have a button instead of a jumper.
SOURCES:
Overclock.net
Technibble.com
Wednesday, August 29, 2012
How to Unplug Java from the Browser
Java is a huge backdoor to anybody's system.
In Chrome you can also make it "click to play", meaning when a website wants to use Java (you can also do it for Flash) it just displays a grey box where it says "Click to run plugin". So if you are on a trustworthy site that requires Java you can just click and use it. To enable "click to play" go to chrome://plugins/ and uncheck "Always allowed" but don't disable Java.
If you are really security-conscious, you can set your web browser to only run plugins on your click.
In Firefox: Open a new tab, type this into address bar:
Double click the line to set the value to TRUE.
NOTE: If you want to automatically enable plugins for a certain domain (such as http://youtube.com ), follow this.
In Chrome: Open a new tab, type this into address bar:
chrome://chrome/settings/content
Scroll down to the bottom and click on "Show advanced settings".
Go to Privacy -> Content Settings button.
Scroll down to Plug-ins and select "Click to play" radio button and press OK.
In Opera: Press CTRL + F12
Go to Advanced -> Content.
Tick the box that says "Enable plug-ins only on demand" and press OK.
You could use NoScript extension for Firefox or similar addons and block Java on every site except the sites that you trust. OR...you can install the QuickJava extension to quickly enable Java when you want to go to a trusted site that uses Java or play RuneScape and disable it when you are done. A caveat on using NoScript -- it also blocks Javascript.
Chrome has a builtin sandbox. However Chrome's sandbox does not stop this Java exploit.
Java applications have the ability to examine and change properties about itself. If you load a page that uses a java app, it is installed on your system. You think it has limited access and no ability to alter or create important files. A baddy app can change its permissions so that it can write, create and delete files. And that means all files on all the drives you can connect to.
Javascript isn't Java. One is a browser scripting language while the other is a programming language which can be used within the browser when enabled with a plugin. You need Javascript for many websites to function properly. Java is used less frequently now and so it is safe to block it. The main idea behind Java was to create a language that would be "portable". In other words, a program written in Java can be distributed to people running different operating systems including Mac OS, Windows, Linux and others. It does this because another piece of software, known as the Java Virtual Machine, or JVM for short, sits between your operating system and the application. JRE stands for Java Runtime Environment and includes the JVM. The vulnerability in question seems to concern the Java applets. An applet is a Java program that runs in your browser to make web pages interactive. You need the Java plugin enabled in your browser for it to work. There have been many security complaints about them over the years. I hope I'm not wrong on this. But if I am do correct me for everyone's benefit.
How to Unplug Java from the Browser
From: http://krebsonsecurity.com/how-to-unplug-java-from-the-browser/
Below are instructions for unplugging Java from whatever Web browser you may use to surf the Web. These instructions were originally posted as a how-to in response to this piece: Attackers Pounce on Zero-Day Java Exploit.
For Windows users:
Mozilla Firefox: From the main menu select Add-ons, and then disable any plugins with the word "Java" in them. Restart the browser.
Google Chrome: Click the wrench icon in the upper right corner of the browser window, then select Settings. In the search results box to the right in the next screen, type "Java". A box labeled "Content settings" should be highlighted. Click that, and then scroll down to the Plug-ins section. Click the "Disable individual plug-ins" link, find Java in the list, and click the disable link next to it.
Internet Explorer: Apparently, getting Java unplugged from Internet Explorer is not straightforward. The U.S. Computer Emergency Response Team (USCERT) lists the following steps, which may or may not completely remove Java from IE:
In the Windows Control panel, open the Java item. Select the "Java" tab and click the "View" button. Uncheck "enabled" for any JRE version listed. Note that this method may not work on Vista or newer systems. As an alternative, you may use one of the following techniques:
Click the start key and type "regedit" in the search box. Double-click the regedit program file when it appears.
- Change the HKEY_LOCAL_MACHINE\SOFTWARE\JavaSoft\Java Plug-in\\UseJava2IExplorer registry value to 0, where is any version of Java on your system. 10.6.2, for example.
If you are running a 32-bit version of Java on a 64-bit platform, you should set the HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\JavaSoft\Java Plug-in\ \UseJava2IExplorer registry value to 0.
- Run javacpl.exe as administrator, click the "Advanced" tab, select "Microsoft Internet Explorer" in the "Default Java for browsers" section, and press the space bar to uncheck it. This will properly set the above registry value, despite the option being greyed out.
For Mac users:
Safari: Click Preferences, and then the Security tab (uncheck "Enable Java").
Google Chrome: Open Preferences, and then type "Java" in the search box. Scroll down to the Plug-ins section, and click the link that says "Disable individual plug-ins." If you have Java installed, you should see a "disable" link underneath its listing.
Firefox: Click Tools, Add-ons, and disable the Java plugin(s).
Mozilla has taken the bold step of telling all Firefox users to disable Java while Oracle casually develops its fix, with the Firefox maker working on adapting its code so that all users running the exploitable version of Java will have the plugin automatically disabled for them.
At the top of the Firefox window, click on the Firefox button (Tools menu in Windows XP), and then click Add-ons. The Add-ons Manager tab will open.
By default, Firefox allows Java applets to launch automatically. However, you may decide that you do not want Java applets to run. To disable Java applets in Firefox:
In the Add-ons Manager tab, select the Plugins panel.
Click on the Java (TM) Platform plugin to select it.
Click on the Disable button (if the button says Enable, Java is already disabled).
Java applets will no longer be permitted to launch in Firefox.
You can go to http://www.isjavaexploitable.com/ to see if Java is enabled in your browser. And to test what version of Java you are using, you can go here:
http://javatester.org/version.html
You can go to http://www.isjavaexploitable.com/ to see if Java is enabled in your browser. And to test what version of Java you are using, you can go here:
http://javatester.org/version.html
There is one other way to insulate your computer from this Java exploit not mentioned in the article above. You can use HIPS programs like DeepFreeze (not a freeware) and Sandboxie (a freeware).
If you are really security-conscious, you can set your web browser to only run plugins on your click.
In Firefox: Open a new tab, type this into address bar:
about:config?filter=plugins.click_to_play
Click "I'll be careful, I promise!"...Double click the line to set the value to TRUE.
NOTE: If you want to automatically enable plugins for a certain domain (such as http://youtube.com ), follow this.
chrome://chrome/settings/content
Scroll down to the bottom and click on "Show advanced settings".
Go to Privacy -> Content Settings button.
Scroll down to Plug-ins and select "Click to play" radio button and press OK.
In Opera: Press CTRL + F12
Go to Advanced -> Content.
Tick the box that says "Enable plug-ins only on demand" and press OK.
You could use NoScript extension for Firefox or similar addons and block Java on every site except the sites that you trust. OR...you can install the QuickJava extension to quickly enable Java when you want to go to a trusted site that uses Java or play RuneScape and disable it when you are done. A caveat on using NoScript -- it also blocks Javascript.
This solution was also suggested in Krebs on Security:
If you primarily use Java because some Web site, or program you have on your system — such as OpenOffice or Freemind — requires it, you can still dramatically reduce the risk from Java attacks just by disabling the plugin in your Web browser. In this case, I would suggest a two-browser approach. If you normally browse the Web with Firefox, for example, consider disabling the Java plugin in Firefox, and then using an alternative browser (Chrome, IE9, Safari, etc.) with Java enabled to browse only the site that requires it.
Java is very widely used on the server side by tech companies like Google, Linkedin, Twitter as well as for web-facing business applications. Google does not use Java exclusively, in fact, every one of their services uses different tools to tackle the purpose. When you're a huge company, you have that luxury. Twitter is actually transitioning to Java.
Java applications have the ability to examine and change properties about itself. If you load a page that uses a java app, it is installed on your system. You think it has limited access and no ability to alter or create important files. A baddy app can change its permissions so that it can write, create and delete files. And that means all files on all the drives you can connect to.
Javascript isn't Java. One is a browser scripting language while the other is a programming language which can be used within the browser when enabled with a plugin. You need Javascript for many websites to function properly. Java is used less frequently now and so it is safe to block it. The main idea behind Java was to create a language that would be "portable". In other words, a program written in Java can be distributed to people running different operating systems including Mac OS, Windows, Linux and others. It does this because another piece of software, known as the Java Virtual Machine, or JVM for short, sits between your operating system and the application. JRE stands for Java Runtime Environment and includes the JVM. The vulnerability in question seems to concern the Java applets. An applet is a Java program that runs in your browser to make web pages interactive. You need the Java plugin enabled in your browser for it to work. There have been many security complaints about them over the years. I hope I'm not wrong on this. But if I am do correct me for everyone's benefit.
Subscribe to:
Posts (Atom)