Internet Security News

DOD Prohibits Removable Storage Devices To Stop Worm

"Lockdown" must be the Department of Defense's middle name. As a worm seems to be making its way through the military's computers, the DOD has responded by banning flash drives, CDs, and just about everything else that can store data and be moved from one machine to another.

DOD Prohibits Removable Storage Devices To Stop Worm

Noah Schactman reports, "The problem, according to a second Army e-mail, was prompted by a 'virus called Agent.btz.' That's a variation of the 'SillyFDC' worm, which spreads by copying itself to thumb drives and the like. When that drive or disk is plugged into a second computer, the worm replicates itself again - this time on the PC."

The DOD's response should effectively stop the worm's spread, then, and give experts a chance to track down and clean up affected machines. It might even help with other military security issues, since it'll be harder for important information to get lost or stolen when it's not being shuttled around as much.

But since the length of the new ban hasn't been determined (or at least announced), everyone from suits in the Pentagon to soldiers in the field may be faced with data-movement nuisances for quite some time.

This situation hasn't, at least, led to any real problems so far.

Microsoft Announces Free PC Security Product

If you heard a deafening swallowing sound sometime in the past day or so, we can explain its origin. The corporate makers of security software must have collectively gulped when Microsoft announced its plans to offer a free consumer security product.

Microsoft Announces Free PC Security Product

"Morro," as the product's called at the moment (probably named after Morro Castle), is supposed to take care of a lot of stuff. Viruses, spyware, rootkits, and Trojans are all on its kill list. It should require little in the way of bandwidth and computing resources, too, giving Microsoft an "in" with the growing netbook audience.

Amy Barzdukas, Microsoft's senior director of product management for the Online Services and Windows Division, explained in a statement how Microsoft got the idea for Morro, saying, "Customers around the world have told us that they need comprehensive, ongoing protection from new and existing threats, and we take that concern seriously."

She then continued, "This new, no-cost offering will give us the ability to protect an even greater number of consumers, especially in markets where the growth of new PC purchases is outpaced only by the growth of malware."

So when does the rush of consumers getting Morro and software makers going out of business begin? Not for a while. Windows Live OneCare is scheduled to remain on sale through June 30th, 2009, and it's during the phasing out of this product that Morro is supposed to become available for download.

What's more, Morro may not achieve omnipresence even then. Since Microsoft has only advertised it as a security solution for Windows XP, Windows Vista, and Windows 7, a few people are sure to be left out in the cold. Internet Explorer's also mentioned, which might mean Firefox users will be ignored.

Then there are the intentional gaps and potential for problems to consider. In regards to that first subject: encryption, firewalls, password protection, parental controls, and backup programs haven't been addressed.

Still, Morro's introduction looks to be a revolutionary moment in the PC security solution industry. Like that first collective gulp, listen for the sound of Tylenol bottles being opened as the end of June draws closer.

Google Unveils Calculators To Promote Security Products

The economy's nasty condition is making people rethink all sorts of things: whether trucks and SUVs are cooler than clown cars, whether steak is that much better than ramen, and so on. Google wants to help when it comes time to decide whether to embrace its security offerings.

Google Unveils Calculators To Promote Security Products

To see how much security measures of some sort can help a business, Google's introduced a simple Return on Investment Calculator. Users can see an estimate of how much time/money's wasted on spam by entering stats relating to employees, workdays, salaries, and spam messages. Expect big numbers if you start typing away.

But as for the matter of choosing Google's products instead of something else, there's an entirely separate tool. The Total Cost of Ownership Calculator compares the expense of on-premise solutions to Google Message Security over the course of three years.

Here, you can probably expect to see some stark differences, too. On the Official Google Enterprise Blog, Amanda Kleha mentions a situation in which a law firm found that, "[w]ith the hourly rate of their lawyers . . . choosing Google Message Security paid for itself in 1 day."

The tools make for an interesting combination. IT people who are worried about layoffs may regret their existence, but lots of companies are liable to appreciate Google's effort to both get their business and save them some money.

McColo Takedown = Street Justice?

When McColo was stopped in its tracks last week, most of the online world cheered. The rhyme and reason behind the development mattered little in light of seeing less spam. Only now, there's at least some question of whether or not things went through the right channels.

McColo Takedown = Street Justice?

No official ruling against McColo was involved, after all. Law enforcement officials weren't even in figurative sight, since a tip from The Washington Post was what spurred McColo's service providers to take action. McColo didn't get a chance to respond, and it might have just been oblivious to all the spammy activity.

There's also a concern over what could be considered collateral damage. If not all of McColo's customers were involved in "bad" stuff, some of them must rightly view the situation they've been placed in as being rather unfair.

Individuals participating in a Slashdot discussion tended to agree that what happened to McColo is not a case of vigilantism, however, since McColo's service providers were just informed of TOS violations.

And even if what happened last week can be called vigilantism, we should all remember that movie audiences tended to side with the Charles Bronson-type characters in "Death Wish" and similar movies.

Are You Ready For� Black Monday?

Security experts from PC Tools have pinpointed November 24 as potentially the peak of malicious activity for 2008. They reached their conclusion on the specific date after analyzing well over 500,000 machines from around the world.

Guardian.co.uk states that "the number of people shopping online this Christmas is expected to grow again this year, with internet sales in the UK alone predicted to hit �13.16bn - an increase of 15% over 2007."

It should be noted that November 28 will be the busiest shopping day of the year, a day so popular in fact that it even has its own name, "Black Friday".

So logically thinking� the increase of malicious attacks, spam, spyware, and everything else evil should be expected to climb just mere days before people start entering in their private data for online purchases.

Spam and all the other wrongdoing of others shouldn't sway anyone from shopping online, as this stuff is going on everyday. Just remember to use your common sense� if something sounds fishy, it probably is.

Safari Update May Add Equal Measures Security, Instability

It seems that the newest version of Safari is operating under the motto "better safe or sorry." The Safari 3.2 update is supposed to have fixed several vulnerabilities, but at the same time, users are reporting frequent crashes.

Safari Update May Add Equal Measures Security, Instability

Let's start with the positive stuff. A full 11 issues have been addressed, so we won't dwell on them all, but Kelly Fiveash writes, "Safari 3.2 comes with an update to Webkit - which is the framework that underpins Apple's browser - that restricts the types of URLs that can be launched through the plug-in interface."

Also, "The firm has also stitched together a hole in Safari's JavaScript handling of array indices to prevent random code execution and it's also fixed a bug with its form field. The browser previously had a flaw in its autocomplete feature, which meant that disabling it didn't guarantee data wouldn't be stored."

As for the negative side effects, things appear to be limited to those annoying crashes.

Downloading Safari 3.2 is probably worth users' while, then (and fans of other browsers won't get to tease them too much). Just don't download it while you've got some time-sensitive task in your lap, and perhaps make sure that you can get back to the previous version, regardless.

Microsoft Fixes Flaw After Seven Years

If you've ever forgotten an appointment, anniversary, or birthday, you know that being late by even a little bit can be terribly awkward. It almost seems worth it to get an arm or leg set in plaster just so you have a proper excuse. Now Microsoft's trotted out its version of a cast story to explain a seven-year patch delay.

Microsoft Fixes Flaw After Seven Years

Microsoft security bulletin MS08-068 addresses a flaw in the Microsoft Server Message Blog protocol, and in a post on the Microsoft Security Response Center, Christopher Budd acknowledged, "We've received some questions from customers about MS08-068 and its relationship to an issue that was first discussed in 2001, called the SMBRelay attack. Specifically, we've gotten some questions about why, in 2008, we're releasing an update that addresses an issue first discussed in 2001."

Budd, a security communications program manager, then stated, "[W]e could not make changes to address this issue without negatively impacting network-based applications. And to be clear, the impact would have been to render many (or nearly all) customers' network-based applications then inoperable."

So, according to Budd (and/or Microsoft, since it's hard to believe someone would volunteer to be the messenger), Microsoft kept tinkering with things, and finally figured out a way to address the issue without bringing everything else to a halt. And, the Security Response Center post implies, perhaps people shouldn't complain too much, since implementing SMB signing remains a better idea than applying MS08-068.

Take or leave the explanation as you see fit.

Skype Scrambles After Breach And Censorship Revelations

American companies operating in China have what might be considered a tradition of getting in trouble over privacy and censorship, and Skype, the Internet communications company, is the latest to encounter hot water. Its president has done his best to explain the situation.

Skype Scrambles After Breach And Censorship Revelations

As Josh Silverman wrote, "In China, TOM is the majority local partner in our joint venture that brings Skype functionality to Chinese citizens." Skype - and anyone who bothered to listen to an old announcement - has known for some time that TOM obeyed Chinese laws requiring them to block messages containing certain terms.

The problems began when it turned out that TOM stored the messages; there's a real concern about what government authorities might have seen them. And what's more, a security breach may have exposed the messages to all other sorts of people.

Silverman wrote, "We were very concerned to learn about both issues and after we urgently addressed this situation with TOM, they fixed the security breach. In addition, we are currently addressing the wider issue of the uploading and storage of certain messages with TOM."

Still, Skype's reputation has taken a big hit due to these developments, and we may see the security and censorship issues have a similar effect on the eBay property's growth.

Defense Companies Hit By Malicious Code

Some security stories relate to fairly harmless issues, but this one might go well beyond "whoops." It seems that LIGNex1 and Hyundai Heavy Industries, two Korean companies that construct things for the military, have had malicious code planted within their computer systems.

Defense Companies Hit By Malicious Code

So you know the (potential) scale of the problem: LIGNex1 deals with missiles, radar, and communications systems. Hyundai Heavy Industries is the world's largest shipbuilder. And it was the National Security Research Institute that found the malicious code. This sounds like the start of some near-apocalypse novel by Tom Clancy, right?

As for who planted the code, how they did it, and what files were affected, details are scarce right now. Chalk it up to government secrecy or (and this is a slightly scarier possibility) true ignorance at the same level.

Anyway, as reported by SC Magazine UK, a National Security Research Institute representative said, "The research institute suspects the culprits are Chinese or North Korean hackers but doesn't know specifically what information they stole. In the worst case, the blueprints of missiles and Aegis ship could have been stolen."

There are a few silver linings and good signs in all of this, however. One came as the spokesperson acknowledged, "It's shocking that our major defense industries are open to attacks from hackers and that our missiles are vulnerable to theft by cyber terrorists. A general review of our cyber security system is needed."

And in all honesty, having the blueprints to something doesn't necessarily mean that a person or country can build it. There are matters of resources and skill to consider, even as spy satellites presumably keep an eye on large factories and shipbuilding facilities.

Finally, at least the blueprints secrets were (maybe) stolen from companies connected to a close ally like South Korea, instead of a government less willing to cooperate with the U.S.

So, assuming we aren't all soon destroyed in either an economic or military sense, things at Korean defense companies may be better in the long term. And hopefully defense corporations located elsewhere in the world will also learn from this development.

After Airport Stop, Kevin Mitnick Shares Travel Tips

The next time you have to take off your shoes and belt at an airport, keep in mind that things could be much worse. You might get detained and questioned for four hours, for example, which is something hacker-turned-security-consultant Kevin Mitnick recently experienced on a return trip from Colombia.

After Airport Stop, Kevin Mitnick Shares Travel Tips

People and companies needn't worry too much that Mitnick's fallen back to the proverbial dark side; accusations weren't really made, and charges were never brought. As told by Elinor Mills, his detainment instead seems like a cautionary tale about wrongful accusations and the defensive measures traveling computer owners should take.

Mills writes, "Agents from the Immigrations Customs Enforcement arrived to question him. They asked why he was in Atlanta and he told them; he was there to moderate a panel at a security conference sponsored by the American Society for Industrial Security. Asked for proof, he fired up a laptop to show them the itinerary in his e-mail. But when he clicked 'yes' to have Firefox clear his private data--an automatic response to a default setting--the agents snatched the laptop away from him, thinking he was deleting evidence."

So be careful about every click and keystroke, for one thing. Otherwise, "To protect his privacy and that of his clients, Mitnick encrypts all the confidential data on his laptops, transmits it over the Internet for storage on servers in the U.S., and wipes it from the computer before returning from any international trips, just in case officials decide to search or seize his equipment. He also encrypts his hard drive. And now, he says he is going to keep a 'clone' of his MacBook at home so he will have an exact duplicate of it if it is ever seized."

Depending on what sort of stuff you keep on your computers - and whether or not laws about laptop searches are changed - these steps may be worth imitating. The average business traveler isn't as likely to get stopped as Kevin Mitnick, of course, but the story seemed worth relating.

Chinese Official Says Green Dam Still Looms

It looks like Chinese computer buyers - and perhaps the security sector and people all over the world - aren't safe from Green Dam, after all. Although it looked like the Chinese government was going to give up on the censorship software, officials have now said they're just delaying, not canceling, its release.

Chinese Official Says Green Dam Still Looms

The Green Dam Youth Escort software is, as the name implies, supposed to protect children (from accessing porn). Which could be all right, although universal implementation would still be controversial. (The Chinese government wants Green Dam installed on just about every computer in the country).

Only Green Dam is likely to block certain political and news sites, and make it easier for the Chinese government to monitor dissident activity, too. So human rights groups have gotten involved.

Of course, at this point, the software's existence would still be just one nation's problem. But here's the scary part: the Green Dam software appears to be extremely vulnerable to attack, and if someone or something exploited it, Bruce Schneier pointed out to Tom Espiner, "Suddenly you have an army of a couple of billion computers. This should worry all of us."

Indeed, such a botnet would pose a threat to everything from companies to banks to governments. Some random hacker could bring the world to its knees.

And according to an anonymous Chinese official, it's inevitable that the Green Dam initiative will take effect. He told China Daily, "The government will definitely carry on the directive on Green Dam. It's just a matter of time."

But perhaps, given the massive number of people who are presumably working on Green Dam, most of the holes will get plugged and other issues will be addressed in real time. Or maybe - although the ethics of this would be rather gray - international parties will be able to contribute solutions and help prevent a major incident.

Google Weighs In On Q2 Spam Trends

Google's trying to keep its users safe from spam, but the fight isn't an easy one. Amanda Kleha of the company's message security and archiving team supplied some stats regarding spam today, and the situation definitely looks hairy enough to keep filters on their figurative toes.

Google Weighs In On Q2 Spam Trends

The good guys are winning occasional victories; the McColo takedown in November had a huge impact, and the dismantling of 3FN in early June helped a lot. There's also an interesting trend in that the spammers who step forward to fill the holes are trying old tricks with which security professionals are already familiar.

Still, in regards to the 3FN development, Kleha writes, "Since June 4, spammers have already made up a significant amount of ground, climbing 14% from the initial drop."

And the end result on an overall scale is that "Q2'09 average spam levels are 53% higher than in Q1'09 and 6% higher than in Q2'08."

It's reports like these that make the security professionals who protect us more appreciated, anyway.

On that note, Kleha did take the opportunity to promote her team, writing, "For more information on how Google email security services, powered by Postini, can help your organization provide better spam protection and take a load off your network by halting spam in the cloud, visit www.google.com/postini."

Report: Financial And Social Media Scams Taking Off

MarkMonitor's latest Brandjacking Index has been released, and if you hadn't already guessed, scammers are trying to take full advantage of the financial crisis with related subjects lines and the like. A less predictable discovery was that they're attacking through social networks on a regular basis, too.

Report: Financial And Social Media Scams Taking Off

Here's the story. Things started in January with MarkMonitor picking four bank brands to monitor for scams connected to terms like "mortgage" and "unemployed." Then it examined 134 million public domain records and billions of sites and emails.

When all was said and done, MarkMonitor concluded in a formal statement, "More than 7,300 cybersquatted domains were identified targeting the four financial brands in the study. . . . Phishing attacks against the four financial brands numbered 10,000, representing a 36 percent increase in Q1 2009 from the previous quarter."

Plus, with respect to sites like Facebook and MySpace - sites where you let down your guard because you're supposed to be among friends - the statement noted, "Social media is one of the fastest-growing target category for phishers, with attacks increasing 241% against social media companies between Q1 2008 and Q1 2009."

Hopefully that finding will be helpful inasmuch as it'll make people be more cautious even when they're in allegedly safe online environments. The first string of discoveries may protect people who are already down on their luck, too.

MessageLabs Gives Botnet Rundown

According to a new report from MessageLabs, you can probably blame botnets for about eight out of every ten pieces of spam you receive. And if you'd like to get more specific, MessageLabs went on to identify and describe some of the most powerful botnets around.

MessageLabs Gives Botnet Rundown

Cutwail, for better or worse, came out on top. A MessageLabs representative stated in an email to SecurityProNews that this "largest and most powerful botnet is responsible for 45% of all spam."

Still, the good guys scored some points here, because Cutwail "experienced several hours of downtime on the morning of June 5, 2009, following the shutdown of California-based ISP Pricewert by the FTC and is now at 1/3 of its original capacity."

Next up is Mega-D, and its description reads, "[I]t has been on a steady decline and is now responsible for only 9.3% of spam. However, it's still one of the hardest working botnets in terms of spam per bot per minute."

Then follow Xarvester, Donbot, Grum, and Rustock, all of which also seem to have suffered setbacks at different points, but remain definite threats.

So there's the current rogues' gallery of botnets. We won't blame you if you'd prefer to go into a sort of Abbot Arnold Amaury mode ("Kill them. For the Lord knows those who are his.") rather than learn more details, but the MessageLabs report is available if you're interested.

Spammers Exploit Michael Jackson�s Death

IT security firm Sophos is warning users to be on the lookout for spam messages using the untimely death of music legend Michael Jackson to harvest computer users' email addresses for future spam campaigns.

Spammers Exploit Michael Jackson's Death

About 8 hours after Jackson's death yesterday, Sophos detected the first wave of spam messages taking advantage of the breaking news in the subject line and body of the email.

In these messages, the spammer claims that they have vital information about the death of Michael Jackson to share. The body of the email does not contain any call to action links and the from email address is bogus. However the spammer can easily obtain the recipients email addresses via a free live email address if computer users reply to the spam message.

"The untimely death of the King of Pop, Michael Jackson, has sent shockwaves through the entire world - but unfortunately, this type of huge news story is also the perfect vehicle for spammers to snare vulnerable computer users," said Graham Cluley, senior technology consultant at Sophos. "These spammers are relying on curious users to reply to their bogus claims - but if you receive one of these messages you just need to delete it."

We've also discovered cybcercriminals taking advantage of the sad death of 70s TV icon Farrah Fawcett to spread fake anti-virus software, so users should certainly remain vigilant."

"The fact is that cybercriminals have no respect for taste and decency. The only thing they are interested in is making some money for themselves, and turning other computer users' lives into a misery."

Hackers Targeting Social Network Users

Users of online social networks may be more vulnerable to financial loss, identity theft and malware infection than they realize, according to a new survey from security software firm Webroot.

Hackers Targeting Social Network Users

The survey found two-thirds of respondents don't restrict any details of their profiles from being visible through a search engine like Google and over half are not sure who can see their profile.

About one third include at least three pieces of personally identifiable information and more than one third use the same password for multiple sites. In addition, one quarter accept "friend requests" from strangers.

"The growth of social networks presents hackers with a huge target. The amount of time spent on communities like Facebook last year grew at three times the rate of overall Internet growth," said Mike Kronenberg, chief technology officer of Webroot's Consumer business.

"Three in ten people we polled experienced a security attack through a social network in the past year, including identity theft, malware infection, spam, unauthorized password changes and 'friend in distress' money-stealing scams. The first step to staying protected is being aware of what the threats are and knowing how to help prevent them."

Cybercriminals use various types of trickery and malware to take advantage of risky behaviors. One common tactic is phishing, which hackers use to entice victims into downloading an infected file, visiting a risky site outside the social network, or wiring money to a "friend in distress."

Webroot says in recent months it has seen an increase in these types of attacks on social networks, including "Trojan-MyBlot," which targeted users of MyYearbook.com and others targeting Facebook users.

"Hackers lure users into taking actions they shouldn't by making it appear as if a friend within their social network has sent them a message - only the message is from a hacker who's hijacked the friend's account," continued Kronenberg.

"We've seen instances where a salacious yet poorly worded message like, 'This video of u is evrywhere' includes a link that, when clicked, prompts the user to download a seemingly legitimate file which, once on your PC, can do a number of things -- spam your friends, monitor your online activity or record your personal information."

U.S. To Create New Cyber Command

The U.S. Department of Defense will create a Cyber Command to protect the military's network of computers and operate safely in cyberspace.

U.S. To Create New Cyber Command

The new Cyber Command is likely to be located at Fort Meade, Maryland, outside Washington, D.C. It will be focused on protecting military systems but not other U.S. government or private networks, Pentagon spokesman Bryan Whitman said.

The Cyber Command will initially go live in October and be fully operational in October 2010, Whitman said.

Whitman did not disclose if the command would be able to carry out offensive operations as well.

"This command is going to focus on the protection and operation of DoD's networks," he said. "This command is going to do what is necessary to be able to do that."

The United States has said many attempts to hack into its networks can be traced back to China but it has not directly accused Chinese authorities of being responsible.

The U.S. Department of Defense operates about 15,000 networks and runs some 7 million computers and other information technology devices, Whitman said.

"Our defense networks are constantly probed. There are millions of scans every day," he said.

"The power to disrupt and destroy, once the sole province of nations, now also rests with small groups and individuals, from terrorist groups to organized crime to industrial spies to hacker activists, to teenage hackers," he said.

Detroit Spammer Pleads Guilty To Stock Fraud

Alan Ralsky, a notorious spammer, pleaded guilty Monday in federal court in Detroit for his role in a stock fraud case involving spam messages that promoted Chinese "penny" stocks.

Detroit Spammer Pleads Guilty To Stock Fraud

Ralsky and four other people pleaded guilty, joining three others who pleaded guilty earlier, the U.S. Department of Justice announced.

According to court records, from January 2004 through September 2005, Ralsky and others engaged in a related set of conspiracies designed to use spam emails to manipulate thinly traded stocks and profit by trading in those stocks once their share prices increased after recipients of the spam emails traded in the stocks being promoted.

"Alan Ralsky was at one time the world's most notorious illegal spammer," said U.S. Attorney Terrence Berg. "Today Ralsky, his son-in-law Scott Bradley, and three of their co-conspirators stand convicted for their roles in running an international spamming operation that sent billions of illegal e-mail advertisements to pump up Chinese 'penny' stocks and then reap profits by causing trades in these same stocks while others bought at the inflated prices.

"Using the Internet to manipulate the stock market through spam e-mail campaigns is a serious crime, and this case serves notice that federal law enforcement has the both the capability and the will to successfully investigate, prosecute and punish such cybercrimes."

Ralsky, 64, of West Bloomfield, Mich., pleaded guilty to commit wire fraud, mail fraud and to violate the CAN-SPAM Act. Under the terms of his plea agreement, Ralsky acknowledges he is facing up to 87 months in prison and a $1 million fine under federal sentencing guidelines.

Google Goes After Malware In Ads

Google has introduced a new search site called Anti-Malvertising.com in an effort to help its ad network partners flag potential providers of malicious advertisements.

Google Goes After Malware In Ads

The company launched an initial custom search engine at the beginning of the year, aimed at allowing ad networks to do background checks on potential advertisers to reduce the risk of malware.

"It checks a variety of independent, third party sites that track possible attempts to distribute malware through advertising," it says on the site.

"Its search results should not be considered the last word on a prospective customer, but one potential source of helpful information. If a party you're researching comes up in a search result here, we recommend you take a closer look at the party in question before rendering judgment."

The Anti-Malvertising.com site recommends for publishers to always perform in-depth quality assurance on creatives and that they avoid ad networks without strong anti-malware security measures in place.

In early 2008, Google found that about 2 percent of malicious websites were distributing malware via advertising, based on an analysis of nearly 2,000 advertising networks. In a first quarter 2007 Web Trends Security Report released by Finjan found that about 80 percent of malicious code came from online ads.

"The world of online advertising, like the offline world, is a dynamic environment that contains a diverse mix of people with different goals-both good and bad," the site reads.

"This website focuses on malvertising (the threat of malware being distributed through advertising) and how you can help prevent it."

Morro Set For Tuesday Release

Microsoft's free security software is almost here (in beta form, anyway). Microsoft intends to make Morro available as a download next week on Tuesday the 23rd, and you'll want to act fairly quickly in order to get a copy.

Morro Set For Tuesday Release

On Tuesday, the first 75,000 individuals to visit www.microsoft.com/security_essentials are supposed to receive access to Morro, or, as it's also known, Microsoft Security Essentials. Microsoft's not making any promises beyond that point.

Of course, the company might expand the offering, depending on demand and so long as its servers don't get swamped. Just don't say we didn't warn you.

Anyway, Microsoft Security Essentials is supposed to remove malware, spyware, and viruses, and provide real-time protection against malware and viruses, too. And although part of the reason it's being put out in a limited batch is so that further tests can take place, reports say that the software's in decent shape.

Ed Bott, for example, recently tested it and wrote, "I'm sufficiently impressed by MSE in operation to give it a more in-depth workout on multiple systems here."

So if you're looking for an alternative to other free forms of protection, consider staying especially near your computer on the 23rd.