InfoTech Tuesday, Kansas State University's information technology news source

InfoTech Tuesday is a weekly newsletter about information technology at K-State.

Get past issues
Subscribe to e-list
Search the archive
Send a news item

Executive editor:
     Rebecca Gould
Managing editor:
     Betsy Edwards

What's hot in IT
Antivirus
eIDs and passwords
E-mail
Projects
Security
TechBytes seminars
Training calendar

Handy IT resources
Help desk
IT homepage
Computer labs
Policies
Tech classrooms
IT Index

IT events
and deadlines

Nov. 19, 2004 (Fri)
TechBytes is finished for the semester.
web-arrow pointer TechBytes site

Dec. 1, 2004 (Wed)
Deadline for IT award nominations.
web-arrow pointer Nov. 2 article

Dec. 8, 2004 (Wed)
Auto-cleanout starts on e-mail trash folders. See the article in this issue.

K-State Online: Tip of the Week

Create virtual field trips for mediated classes:
Since students in an online class cannot physically take a field trip, design a course assignment asking students to visit websites related to course topics.

Ask students to search for a website individually or in groups, depending on the size of the class, and share their findings with the rest of the class.

An assignment like this compels students to acquire in-depth information on course topics, to apply their skills for searching and comprehending information, and to control their learning experience.

E-mail a suggestion or help areas for the K-State Online tip to help@online.ksu.edu. Questions? Contact the K-State Online Help Desk, 532-0198.
Nov. 16, 2004 

   In this issue

Marketscore spyware poses
dangerous security threat

Marketscore, formerly known as Netsetter, is a new spyware-type application that is a significant security threat to K-Staters. It is advertised as an application to "speed up your internet" -- but what you're not told is that Marketscore secretly intercepts and reroutes your web traffic through its servers, a technique known as "proxying".

Marketscore then collects, analyzes, and stores your information -- including your eID, passwords, credit card numbers, and even browser-based e-mail like WebMail and Hotmail -- in spite of the SSL-based encryption that secure websites normally provide.

For example, anyone with Marketscore on their computer who goes to their online banking site could have their log-in ID and PIN number stored on Marketscore's servers.

On campus, the majority of the computers with Marketscore on them got it because someone installed a peer-to-peer application that was bundled with Marketscore or Netsetter.

Last Friday, 114 computers on the K-State campus sent web traffic through the Marketscore proxy server, indicating they are infected with this insidious spyware program. Also, there were 9,200 visits to WebMail, 2,000 hits to K-State Online, and 800 hits to KATS from off-campus K-Staters through Marketscore -- in every case, potentially recording their eID and password.

To determine if your machine has this software installed, run the University of Minnesota's proxy-check tool.

If Marketscore is on your computer, contact your local support technician to remove it as soon as possible. Students in the residence halls should contact Residential Computing. The most current Symantec AntiVirus (9.0.1) will detect it but cannot remove it, so you need to run Spybot (www.spybot.info), a free spyware detection-and-removal tool that can remove it. More information on how to remove Marketscore is at www1.umn.edu/oit/security/marketscore.html.
—J. Ballard, Computing and Network Services

WebMail trash dump begins Dec. 8

About 25 percent of K-State e-mail messages (over 144 gigabytes) are in trash folders on the central e-mail server. This equals more than 750 million pieces of paper. K-Staters need to empty their trash folders.

Beginning Dec. 8, K-State will automatically delete trash that is 14 days old in WebMail trash folders. To learn more about this and other e-mail best practices, see the new E-Mail Best Practices.
—K-State IT Communications Committee

Phishing attacks continue; don't share your data

Some K-Staters have reported up to 30 phishing attacks per day. Don't get hooked! When in doubt, don't repond; just delete that e-mail. See the Nov. 9 article on phishing.
—the editors, InfoTech Tuesday

TechBytes finished for semester;
topics requested for spring

K-State's TechBytes series on information technology has finished for the semester. People who missed previous sessions can see them in video format from the TechBytes website. The videos can be viewed using Windows Media Player at 283-, 109-, and 43-kbps band rates. See the TechBytes website for details and other resources.

Is there an IT tool or resource you'd like to learn more about? Ideas and presenters for spring 2005 are being sought. Send suggestions to Cathy Rodriguez (cathyr@ksu.edu) or Gerry Snyder(gsnyder@ksu.edu).
—G. Snyder, Research and Extension, and
C. Rodriguez, Information Technology Assistance Center


On the spot:  IT questions from K-Staters

Why does my session expire when I try to enroll in KATS?

It's because a lot of people are using KATS to enroll right now. Enrollment began on Oct 25. Remain patient and wait a few minutes before trying to enroll.

—the editors, InfoTech Tuesday

Got a comment? TellTuesday@ksu.edu.


Web watch

Social engineering is "greatest security risk"

Some IT security experts are saying social engineering is "the single greatest security risk in the decade ahead" . See the Nov. 5 article at virusthreatcenter.com.

—the editors, InfoTech Tuesday

Find a good site? TellTuesday@ksu.edu.
Tuesday's Gem

House passes SPY Act to battle spyware

In October, the U.S. House of Representatives passed the Securely Protect Yourself Against Cyber Trespass (SPY) Act, which is now being considered by the U.S. Senate.

The legislation would make it illegal for companies and individual hackers to take over your computer by "modifying the URL of a Web browser's home page or disabling antivirus software without proper authorization."

Many companies do this through the use of spyware, which installs to your computer when you download certain programs or sign up for free e-mail notices from a site. The spyware allows them to monitor what sites you visit on the Web, may redirect where you go on the Web, and most often sends numerous pop-up ads for their company while you're online.

Relatedly, Sanford Wallace, also known as the "Spam King" for his bulk e-mailing business in the 1990s, was ordered by a federal court judge to end his spyware activities online through his two companies, Seismic Entertainment Productions Inc. and SmartBot.net Inc.

According to ZDnet.com, Wallace is formally charged with exploiting a vulnerability in Microsoft's Internet Explorer browser which allowed his businesses to reconfigure computers and install software code without users' knowledge. His court hearing was scheduled Nov. 9.

If you think your computer may have spyware installed, or if you wish to protect yourself from spyware, follow these tips from K-State's IT security page:

  1. Install a good spyware-prevention program. Spybot Search & Destroy ( www.spybot.info) is a powerful program that removes all currently known adware and spyware programs; it is free for personal and university use.
  2. Keep your anti-spyware tool updated. Spybot has an "inoculate" feature that can protect your computer against future infection by spyware and adware.
  3. Be cautious when downloading anything. Many "free" games and programs contain spyware.

For more information about spyware or the SPY Act, see these resources:

—A. Hagedorn, Information Technology Assistance Center