On Monday, Consumer Reports, America’s trusted source of product reviews, said it would not recommend the iPhone 4 because of a hardware flaw with its antenna that sometimes resulted in dropped calls. The independent consumer magazine also cast doubt on Apple’s recent explanation that a software bug had caused the widely reported problem. Apple did not return requests for comment.

Consumer Reports did not slap the iPhone 4 with a “don’t buy” warning, which it sometimes issues for shoddy or unsafe products. But it said that because of the design flaw, it would not recommend it as it did the previous version of the iPhone, the 3GS.

The next question is, Will any of Apple’s customers even care?

The various versions of the iPhone have been panned a number of times for myriad problems, real or perceived: slow network, cracked screens, dropped calls and no support for a popular Web video format. But iPhone sales have surpassed even the most optimistic forecasts and helped make Apple the most valuable company in the technology industry.

And despite early reports of problems with the iPhone 4 antenna, Apple sold 1.7 million units in just three days, making it the best-selling new technology gadget in Apple’s history.

“It’s iconic, it’s cool, it’s the ‘it’ device and people want it,” said A. M. Sacconaghi Jr., an analyst with Sanford C. Bernstein & Company.

Still Mr. Sacconaghi and other analysts said Apple could eventually suffer from the bad publicity it had received over the antenna problems and for its seemingly contradictory responses.

Apple has promoted the iPhone 4’s innovative design, including its antenna, which is built into a steel band that encases the phone.

After users reported problems with signal strength and dropped calls when they touched the lower-left portion of the phone, however, Apple suggested that consumers hold the phone differently or use one of many bumpers to insulate the antenna. It also said that all phones suffered from similar problems when they were cradled a certain way.

These comments were widely laughed at in gadget blogs.

A week later, Apple said it had found that because of a longstanding software bug, the iPhone 4, and its predecessors, often overstated signal strength. The company promised a fix soon.

In a blog post on Monday, Consumer Reports challenged those explanations.

Michael Gikas, a senior editor for electronics, said engineers performed a series of tests on three iPhone 4 handsets in a lab. They found that when a person touched the lower left portion of the antenna, signal strength “can significantly degrade enough to cause you to lose your connection altogether if you’re in an area with a weak signal,” Mr. Gikas wrote.

Consumer Reports also said that it had tested other smartphones that ran on AT&T’s network, including the Palm Pre and the iPhone 3GS, and that none had the same problem.

Mr. Gikas also wrote, “Our findings call into question the recent claim by Apple that the iPhone 4’s signal-strength issues were largely an optical illusion caused by faulty software.”

The review from Consumer Reports, which has eight million paying subscribers, comes 10 days after the magazine played down the problems with the iPhone 4 antenna. But in an interview, Mr. Gikas said the earlier report had been based on first impressions, not thorough testing.

Mr. Gikas said the problem with signal strength could be fixed by insulating the antenna with a bumper or even a piece of duct tape. And he said that the phone, as many happy users have reported, is better than earlier iPhones on multiple levels.

“The iPhone 3GS was always recommended. The iPhone 4 isn’t, even though it scores higher on a number of areas,” he said. “We think either Apple should supply free cases for the phone or come up with another solution. That’s why we are not recommending the iPhone 4.”

In comments posted on sites across the Web, dozens of iPhone 4 users dismissed the findings as unimportant.

But other consumers said the problems with the iPhone 4 and Apple’s response gave them pause.

“I’ll buy it the day Apple fixes it,” said Bruce Namerow, the owner of a Web consulting company based in Washington. “I don’t see how they can sell a phone that you can’t hold any which way you want. That to me is unbelievable.”

It seems that even the most innocuous machines in the workplace can serve as a security threat to companies. According to this report from CBS News, many office copiers save the images they copy on a dedicated hard disk installed inside them. This means that everything from mundane memos to your most sensitive information such as financial statements and contracts are stored – and could potentially extracted.

So the next time you dispose of a copy machine, if you’re not sure what’s stored on it and how to get it off – give us a call to help out.

To see the news report, watch this video.

Users beware of ransomware: malicious software that extorts money from users in exchange for freeing the user’s computer or data. One particularly nasty version was recently discovered by researchers at CA which came bundled with a software download called uFast Download Manager. The malware blocks Internet access for users until they pay the publisher a fee via SMS. Users who download the software are immediately infected, seeing a message posted in Russian demanding a ransom under the guise of activating the uFast Download Manager application. To keep your computer environment safe, always be wary of downloading suspicious free software on the Internet. If you need help or are unsure, please contact us first so we can help!

Spanish authorities report that they have arrested the masterminds behind a string of online criminal activities using the botnet dubbed Mariposa. Mariposa is the original name of a commercially distributed Do-it-Yourself malware kit, sold online for 800/1000 EUR for “wannabe” hackers.  Along with the arrest, authorities seized sensitive data belonging to about 800,000 users in 190 countries, gathered from an estimated 12M+ infected host computers on the Internet.

What’s particularly interesting is that the cybercriminals arrested were not themselves the author of the malware, nor were they any more techincally adept than many ordinary users. They simply had access to malware widely available on the Internet, and were able to conduct a crime of such a wide scale and reach.

This illustrates that it’s become easier for many cybercriminals to conduct their nefarious deeds online, and highlights the need for more vigilance on the part of law-abiding netizens in keeping their network secure from hackers and malware.

Is your network safe? Contact us to find out.

Related articles:

• How FBI, police busted massive botnet (go.theregister.com)
• Botnet takedowns ‘don’t hurt crooks enough’ (go.theregister.com)
• Vodafone distributes Mariposa Bot, Conficker and Lineage in HTC Magic (techie-buzz.com)

Microsoft recently released a number of security bulletins and patches addressing vulnerabilities in Windows and Office that are of high risk to users. It’s widely believed that many will be exploited by hackers within the next 30 days. One of them could potentially allow hackers or malware authors to easily compromise systems by tricking users to download malicious AVI-formatted files. Others require nothing more than just visiting a website. Another specifically targets Powerpoint Viewer 2003, and opening a malicious .ppt file could affect your system.

This latest round of patches and vulnerability updates is really nothing new – although the sheer number made public in one day is notable. This highlights the need for a comprehensive security policy, because vulnerabilities do exist in even the most mundane or old versions of software. Customers under our Managed Services plan can rest easy since we monitor and update their computers as soon as these patches and advisories are released. Find out more about what we do to make your systems safe and secure. Contact us today.

Related links:

• Patch Tuesday: Microsoft plugs critical Windows worm holes (zdnet)
• Researchers warn of likely attacks against Windows, PowerPoint (computerworld)
• Microsoft delivers huge Windows security update (computerworld)

A malicious piece of software making the rounds of news websites this week is believed to be behind the compromise of over 75,000 systems in over 2,500 international organizations – many of which are government agencies and large Fortune 500 companies.

Called the Knebner botnet after the name in the email used to register the initial domain used in the campaign to propagate the malware, the software infects computers and captures user login access to online financial services such as Paypal and online banks, social networking websites such as Facebook, and email. Infected computers can be centrally controlled from a master computer, which presumably harvests the data captured for nefarious means.

The Knebner botnet itself is not new. It’s based on the ZeuS botnet, and has gained prominence lately because it’s slipped under the radar of so many organizations. However, there are ways to prevent compromises from botnets – one of which is to have a proactive security system and policy in place. Our Managed Security customers have this assurance in place since we continuously protect their system from botnets and other malware. If you’re not sure that you’re protected, talk to us today.

Related articles:

• Kneber botnet described as ‘massive’ and ‘worldwide’ (inquisitr.com)
• Kneber attack resurrects notorious Zeus Trojan, say experts (guardian.co.uk)
• Malicious Software Infects Corporate Computers (nytimes.com)

In a report by security firm Websense, an alarming rise in the growth of malicious websites was identified in 2009 as compared to 2008 – almost 225 percent. The study also found an increased focus among hackers and spammers on targeting social media sites such as blogs and wikis. Social media or so-called Web 2.0 sites allow user-generated content, which can be a source of vulnerability. Researchers identified that up to 95 percent of user-generated comments to blogs, chat rooms, and message boards are spam or malicious – linking to data stealing sites or to downloads of malicious software. Email also continues to be a target for malicious activity with tens of thousands of Hotmail, Gmail and Yahoo! email accounts hacked and passwords stolen and posted online in 2009, which resulted in a marked increase in the number of spam emails.

For our clients on our Managed Service plans, we work hard to ensure your systems are protected from harmful or malicious activity coming from the Internet. If you’re not under our Managed Service plans perhaps now is a good time to talk – let’s make sure your systems are safe in 2010.

Related articles

• Top search results riddled with malware (v3.co.uk)
• Email phishing attack spreading say experts (telegraph.co.uk)
• Fraudsters Go Phishing For Victims’ Friends (news.sky.com)

Mozilla, the organization behind the popular Firefox browser disclosed that two add-ons available for download on its website were vectors for Trojans that could compromise users’ computers. Add-ons allow users to extend and enhance the capabilities of Firefox beyond the default install. Normally they are scanned for malware before being uploaded onto Mozilla’s website, but apparently two of them managed to slip through Mozilla’s automated scans. The infected add-ons are Version 4.0 of Sothink Web Video Downloader and all versions of Master Filer.

Mozilla has since updated their scanning process, but as part of our ongoing security watch we are vigilant in continuously protecting our customers under our Managed Services program from malware – you can rest easy.

When managing your systems on your own, it’s highly advisable to be vigilant with security and always use antivirus software – even when downloading and using software from legitimate sources. If you have downloaded these Firefox add-ons, uninstalling them does not remove the trojans that they carry, and you’ll need to use antivirus software to remove any malware on their system. Need more information or help? Call us and we will be glad to assist you.

Related links:

• Mozilla Firefox hit by malware add-ons (zdnet)
• Trojan Horse Mozilla Firefox Addons (the firefox extension guru’s blog)
• Mozilla admits Firefox add-ons contained Trojan code (sophos)

Security firm Imperva recently released a warning to users of popular social networking website RockYou indicating that their accounts and passwords may have been compromised. According to the firm, a hacker may have accessed an alarming 32 million accounts. But what is more interesting in the wake of this news is an analysis made of the accounts and passwords stolen. From the data provided to researchers, it seems that a great number of users still use insecure passwords, such as those with six or less characters (30% of users); those confined to alpha-numeric characters (60%); or passwords including names, slang words, dictionary words, or trivial passwords such as consecutive digits, adjacent keyboard keys (50%). The most popular password? 123456. Are you using an insecure password? Let us guide you through best practices for information security. Contact us today.

Related links:

• And the most popular password is… (zdnet)
• RockYou hack reveals easy-to-crack passwords‎ (register)
• RockYou hack exposes names, passwords of 30M accounts (computerworld)

Early January, Google released a report detailing attacks on its infrastructure which it claimed to have originated from China. In the wake of its announcement, another report came out detailing what is purported to be an “organized espionage operation” originating from China. Known as “Operation Aurora”, the attack attempted to siphon information from 33 companies in the US, including Google. The attackers are believed to have exploited a vulnerability in Internet Explorer (IE). The vulnerability affect IE 6 Service Pack 1 on Microsoft Windows 2000 Service Pack 4, and IE 6, IE 7, and IE 8 on Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2. In the wake of the attacks Microsoft released a patch to address the vulnerability. If you are unsure if this patch has been applied to your systems, contact us for help.

Related links:

• More Security Flaws Found in Internet Explorer (Mashable)