Disabling wouldn't work for gamers -- seems like you need it to play some online games. I've always had good luck with malwarebites it seems to do a good job of picking removing any infections when running a scan. I've never had any infections with box unchecked under Java. Joan On Sat, Feb 23, 2013 at 6:46 PM, <JYoung6180@aol.com> wrote: > Joan- > > The problem is that most of the time the way the Java applets infect a > computer does not trigger any alert in a current AV program. The infection > enters through a vulnerability in JAVA. JAVA is safe to use for local > programs that might require it ON YOUR COMPUTER but it really isn't safe to > have it enabled in ANY Web browser you use. It is very easy to disable in > Web browsers and you could quickly and easily enable it if you DO find it is > needed for a particular function...but frankly after everything I've read I > wouldn't trust it in a Web browser and since I've disabled JAVA I haven't > missed it one bit. > > I had one person tell me they have to keep it enabled because they do ALL > their online banking with a bank that uses JAVA for all functions. Yikes! No > wonder about 50% of Internet ID theft is through JAVA vulnerabilities if a > bank is still using JAVA. > > I wouldn't trust AV software for this ... heck, if Facebook and Apple, Inc. > can get hit through these vulnerabilities you know just being a techie and > keeping things current (or trusting a Mac OS) isn't good enough this time. > > Joan > > In a message dated 2/23/2013 4:22:05 P.M. Eastern Standard Time, > jasche45133@gmail.com writes: > > You can eliminate most java infection problems by in Windows by going > to Control Panel > Java > Settings and uncheck the box that says 'Keep > temporary files on my computer' whenever I've had Java infections it > has always been in the java temporary files. Java still works. Using > it this way I have never had an Antivirus/Malware programs pick up > infections. > > Joan Asche >

Gene Phillips wrote: > I just read a message on the MS county coordinators list from > someone who claims she got malware installed when she clicked on > the link for her list tools for her county. I told her to report it > to the helpdesk. As for me, I'm not going to any of my list tools > until I'm sure they are clean. Possibly, no site is wholly immune from hacking; but if that were the case, it's unlikely to be just one list affected, a number of list admins would also be affected. We'll have to see how many more have also been affected. None of my security programs has flagged a problem. I've been to the list tools page for all my main lists several times today for one reason or another. The person concerned could have picked up the malware from another site around the same time, maybe as a drive-by. -- Charani (UK) OPC for Walton, Ashcott, Shapwick, Greinton and Clutton, SOM http://wsom-opc.org.uk

Joan- The problem is that most of the time the way the Java applets infect a computer does not trigger any alert in a current AV program. The infection enters through a vulnerability in JAVA. JAVA is safe to use for local programs that might require it ON YOUR COMPUTER but it really isn't safe to have it enabled in ANY Web browser you use. It is very easy to disable in Web browsers and you could quickly and easily enable it if you DO find it is needed for a particular function...but frankly after everything I've read I wouldn't trust it in a Web browser and since I've disabled JAVA I haven't missed it one bit. I had one person tell me they have to keep it enabled because they do ALL their online banking with a bank that uses JAVA for all functions. Yikes! No wonder about 50% of Internet ID theft is through JAVA vulnerabilities if a bank is still using JAVA. I wouldn't trust AV software for this ... heck, if Facebook and Apple, Inc. can get hit through these vulnerabilities you know just being a techie and keeping things current (or trusting a Mac OS) isn't good enough this time. Joan In a message dated 2/23/2013 4:22:05 P.M. Eastern Standard Time, jasche45133@gmail.com writes: You can eliminate most java infection problems by in Windows by going to Control Panel > Java > Settings and uncheck the box that says 'Keep temporary files on my computer' whenever I've had Java infections it has always been in the java temporary files. Java still works. Using it this way I have never had an Antivirus/Malware programs pick up infections. Joan Asche

Just an F.Y.I. from a non-expert on this, so please don’t rake me over the coals. >From what I’ve been reading/hearing , the vulnerability lies in JAVA version 7. But if you run it at all, make sure you have all of the updates. Here’s one discusion site: http://krebsonsecurity.com/2013/01/what-you-need-to-know-about-the-java-exploit/ Marilyn

Hi everyone, I've seen two obvious spam emails on two different Rootsweb lists today, where the subject line was the name of the poster, as seen in the "From" part of the email. http://archiver.rootsweb.ancestry.com/th/read/NORTHUMBRIA/2013-02/1361544154 http://archiver.rootsweb.ancestry.com/th/read/Freepages-Help/2013-02/1361525415 If you follow the links above, please take care to NOT click on the link in the posts! I'm not the list owner of either list, just a subscriber receiving the mail. Both of these posts came from Yahoo accounts, one yahoo.com and the other yahoo.ca. Recently, yahoo.co.nz was hacked, resulting in many spam emails being sent out from email accounts there, including xtra.co.nz accounts which are hosted at yahoo.co.nz Xtra is New Zealand's largest ISP, and they out-source their email service to Yahoo. It was a huge headache. http://www.nzherald.co.nz/index.cfm?objectid=10867160 http://www.nzherald.co.nz/index.cfm?objectid=10866015 http://www.nzherald.co.nz/index.cfm?objectid=10865900 http://www.nzherald.co.nz/index.cfm?objectid=10865512 http://www.nzherald.co.nz/index.cfm?objectid=10864681 These are just a selection of stories about the NZ hack from the country's largest newspaper to give you an idea of what happened. I'm a little concerned that a similar thing might now be happening at the yahoo.com and yahoo.ca sites, and that's going to be an even bigger headache than "little" New Zealand may have had, so I wanted to alert you to the possibility now so you can take quick action should you see it happening on one of your lists. I'm not saying it *is* happening, only that it might. I don't want to start a panic, but I do want you to be aware of the possibility so you're not scratching your head over these odd posts if they start turning up on your lists, but you're aware and ready to take action if required. I think, if this does become a problem, the best course of action would be to put your list(s) on emergency moderation as a first move. It's likely that there are hosted addresses involved (like the xtra.co.nz ones being hosted at yahoo.co.nz) that won't be obvious immediately, and this will cover all possibilities. I do hope I'm wrong, but I have a bad feeling about this. Wendy New Zealand

You can eliminate most java infection problems by in Windows by going to Control Panel > Java > Settings and uncheck the box that says 'Keep temporary files on my computer' whenever I've had Java infections it has always been in the java temporary files. Java still works. Using it this way I have never had an Antivirus/Malware programs pick up infections. Joan Asche

I've been getting mail for months now addressed to one admin addy, a list addy, or some such often from a spoofed addy, but have just deleted it. That may be what started this string by someone else. David E. Cann decann@infionline.net -----Original Message----- From: listowners-bounces@rootsweb.com [mailto:listowners-bounces@rootsweb.com] On Behalf Of JYoung6180@aol.com Sent: Saturday, February 23, 2013 3:19 PM To: gnphllps@comcast.net; LISTOWNERS@rootsweb.com Subject: Re: [LO] Rootsweb hacked? I just had another thought on this. She COULD have clicked a link in an email purporting to BE for her list admin page but it may not have been...it may have been a forged email. Joan In a message dated 2/23/2013 1:49:04 P.M. Eastern Standard Time, gnphllps@comcast.net writes: I just read a message on the MS county coordinators list from someone who claims she got malware installed when she clicked on the link for her list tools for her county. I told her to report it to the helpdesk. As for me, I'm not going to any of my list tools until I'm sure they are clean. Gene

Wendy Howard wrote: > I've seen two obvious spam emails on two different Rootsweb lists today, > where the subject line was the name of the poster, as seen in the "From" > part of the email. 8>< > Both of these posts came from Yahoo accounts, one yahoo.com and the > other yahoo.ca. Steps should have been taken to remove those messages but it seems Gerhard has left and two other people are battling through the reports. It took them a week to get to a report I sent in. > Recently, yahoo.co.nz was hacked, resulting in many spam emails being > sent out from email accounts there, including xtra.co.nz accounts which > are hosted at yahoo.co.nz Xtra is New Zealand's largest ISP, and they > out-source their email service to Yahoo. It was a huge headache. 8>< > I'm not saying it *is* happening, only that it might. I don't want to > start a panic, but I do want you to be aware of the possibility so > you're not scratching your head over these odd posts if they start > turning up on your lists, but you're aware and ready to take action if > required. > I do hope I'm wrong, but I have a bad feeling about this. I don't think you are wrong. I've been receiving spam from hacked Yahoo addresses for several weeks now. It started with Yahoo AU, followed by Yahoo CA, one Yahoo UK then Xtra. I can't recollect if any Yahoo US has been affected. In every case it seems to have been UK lists that have been targetted, plus the FreeHelp list. I am on some overseas (to me) lists but I've not seen the same thing with them but I'm only on a handful. I've taken precautions. I recently had a list member who was with AOL have their account hacked. The "appeal for help in the wake of being mugged" spam was sent to the list but didn't get through.. Another list member posted to the list asking if the apparent sender was on the list, which she knew was so, and immediately had a reply *from the hackers* saying it was genuine!! I've *never* seen that happen before and it WAS from the hackers - I'm not saying how I knew either. I unsubbed the address before sending a mail to the list saying it wasn't genuine. I think most people knew that anyway. Many of us have met the list member in question and know they know asking for help via the list is NOT the thing to do. Contact was made by phone and the problem resolved. -- Charani (UK) OPC for Walton, Ashcott, Shapwick, Greinton and Clutton, SOM http://wsom-opc.org.uk

Also...if the person doesn't have JAVA disabled in ALL Web browsers they are asking for trouble from ANY potential source even if they have the latest patches updated. Joan PS: I think it is reckless without more documentation the blame RootsWeb or any other source for malware.

I just had another thought on this. She COULD have clicked a link in an email purporting to BE for her list admin page but it may not have been...it may have been a forged email. Joan In a message dated 2/23/2013 1:49:04 P.M. Eastern Standard Time, gnphllps@comcast.net writes: I just read a message on the MS county coordinators list from someone who claims she got malware installed when she clicked on the link for her list tools for her county. I told her to report it to the helpdesk. As for me, I'm not going to any of my list tools until I'm sure they are clean. Gene ------------------------------- To unsubscribe from the list, please send an email to LISTOWNERS-request@rootsweb.com with the word 'unsubscribe' without the quotes in the subject and the body of the message

Earlier today when I clicked on a link to go to a Web page could have been within RootsWeb but I don't recall...McAfee sent a popup about blocking a suspicious IP address but the page still loaded so I assume the suspicious IP address was an ad. That happens almost every day. The site may not have malware but you never know. :) Joan PS: Also...malware can come through from a source OTHER THAN the page you attempting to load. That could have been the case here...I have been on list tools today with no problem and those pages don't really carry ads so I doubt there is an issue. In a message dated 2/23/2013 2:05:00 P.M. Eastern Standard Time, charani.b@gmail.com writes: Gene Phillips wrote: > I just read a message on the MS county coordinators list from > someone who claims she got malware installed when she clicked on > the link for her list tools for her county. I told her to report it > to the helpdesk. As for me, I'm not going to any of my list tools > until I'm sure they are clean. Possibly, no site is wholly immune from hacking; but if that were the case, it's unlikely to be just one list affected, a number of list admins would also be affected. We'll have to see how many more have also been affected. None of my security programs has flagged a problem. I've been to the list tools page for all my main lists several times today for one reason or another. The person concerned could have picked up the malware from another site around the same time, maybe as a drive-by. -- Charani (UK) OPC for Walton, Ashcott, Shapwick, Greinton and Clutton, SOM http://wsom-opc.org.uk ------------------------------- To unsubscribe from the list, please send an email to LISTOWNERS-request@rootsweb.com with the word 'unsubscribe' without the quotes in the subject and the body of the message

Gene, You would do well verifying the facts before publishing something like this on this or any other list. This is exactly why virus/malware warnings are not discouraged on any list that I am aware of, and inappropriate on this or most other lists. Just a thought. David E. Cann decann@infionline.net -----Original Message----- From: listowners-bounces@rootsweb.com [mailto:listowners-bounces@rootsweb.com] On Behalf Of Gene Phillips Sent: Saturday, February 23, 2013 1:47 PM To: Listowners Subject: [LO] Rootsweb hacked? I just read a message on the MS county coordinators list from someone who claims she got malware installed when she clicked on the link for her list tools for her county. I told her to report it to the helpdesk. As for me, I'm not going to any of my list tools until I'm sure they are clean. Gene

Thanks for the heads up on this. Have you emailed the List Administrator of these two lists so he/she can warn subscribers not to click on the link and contact the listmaster to have them removed? Marilyn -------------------------------- In a message dated 2/22/2013 11:07:14 P.M. Eastern Standard Time, wendy.howard@gmail.com writes: Hi everyone, I've seen two obvious spam emails on two different Rootsweb lists today, where the subject line was the name of the poster, as seen in the "From" part of the email. http://archiver.rootsweb.ancestry.com/th/read/NORTHUMBRIA/2013-02/1361544154 http://archiver.rootsweb.ancestry.com/th/read/Freepages-Help/2013-02/1361525 415

Most good anti-virus software will detect anything like that when trying to install, so, it's usually a matter of keeping one's computer security systems up-to-date, too. There's usually some kind of warning, too, when one opens a page with malware, so it could be that she missed the warnings. Deloris Williams -------------------------------------------------- From: "Charani" <charani.b@gmail.com> Sent: Saturday, February 23, 2013 1:02 PM To: "Gene Phillips" <gnphllps@comcast.net> Cc: "Listowners" <LISTOWNERS@rootsweb.com> Subject: Re: [LO] Rootsweb hacked? > Gene Phillips wrote: >> I just read a message on the MS county coordinators list from >> someone who claims she got malware installed when she clicked on >> the link for her list tools for her county. I told her to report it >> to the helpdesk. As for me, I'm not going to any of my list tools >> until I'm sure they are clean. > > Possibly, no site is wholly immune from hacking; but if that were the > case, it's unlikely to be just one list affected, a number of list > admins would also be affected. We'll have to see how many more have > also been affected. None of my security programs has flagged a > problem. I've been to the list tools page for all my main lists > several times today for one reason or another. > > The person concerned could have picked up the malware from another > site around the same time, maybe as a drive-by. > > -- > Charani (UK) > OPC for Walton, Ashcott, Shapwick, > Greinton and Clutton, SOM > http://wsom-opc.org.uk > > > ------------------------------- > To unsubscribe from the list, please send an email to > LISTOWNERS-request@rootsweb.com with the word 'unsubscribe' without the > quotes in the subject and the body of the message

I just read a message on the MS county coordinators list from someone who claims she got malware installed when she clicked on the link for her list tools for her county. I told her to report it to the helpdesk. As for me, I'm not going to any of my list tools until I'm sure they are clean. Gene

List for Board Admins http://lists.rootsweb.ancestry.com/index/other/RootsWeb_Support/BOARDS-ADMINS.html There is also a board for board admin http://boards.ancestry.com/topics.rw.admin.badmin/mb.ashx They are not linked

The address is: boards-admins@rootsweb.com Deloris Williams -------------------------------------------------- From: "Nelda Percival" <nelda_percival@hotmail.com> Sent: Friday, February 22, 2013 7:55 PM To: <listowners@rootsweb.com> Subject: [LO] what is the message board help mailing list url.. > Hi, > I'm sure that does not make sense, but, I know there is a mailing list > where you can ask questions of other message board admins just like the LO > list.. > > Help?? > > Nelda > > > > Nelda L. Percival – Helping with something I believe in: > > http://www.AWAbosnia.org ; http://inmemoryofvucko.org > > Please visit our online shop in > aid of Bosnia's animals at http://awabosnia.org/shop > > > > > > ------------------------------- > To unsubscribe from the list, please send an email to > LISTOWNERS-request@rootsweb.com with the word 'unsubscribe' without the > quotes in the subject and the body of the message

Hi, I'm sure that does not make sense, but, I know there is a mailing list where you can ask questions of other message board admins just like the LO list.. Help?? Nelda Nelda L. Percival – Helping with something I believe in: http://www.AWAbosnia.org ; http://inmemoryofvucko.org Please visit our online shop in aid of Bosnia's animals at http://awabosnia.org/shop

Hi, I send thanks to those of you that commented and gave advice on the problem that I have been experiencing over recent days. I will in future remember your words and delete any suspect messages. Many thanks, -- Regards, Tony mailto:Tony@meighan.name

----- Original Message ----- From: "Ian Marr" <ian_marr@bigpond.net.au> To: "ZListowners LO" <Listowners@rootsweb.com> Sent: Thursday, February 21, 2013 12:44 PM Subject: Re: [LO] Un-Welcome messages! Hi Ian You say "in my mail" - but what address are you talking about. If it is your ???-admin address then there is no SPAM checking done by rootsweb. Their ant-spam is there to protect the actual mailing list addresses. Your admin address is no different to any other address - it can & will be targeted. >The simple answer to "how do we get rid of it?" is - delete it. Of course . There have been quite a few of these emails where mailing list subscribers computers have been hi jacked and send out SPAM to addresses in the computers address book . In the past few days I have been getting quite alot of similar junk email sent to the lists admin address and some to the lists subscribe address by some smarty pants. I did down load one How does making $70 EVERY 60 Seconds sound to you? the rest I deleted They cant even spell . Just time wasters Bye MargM Beautiful NSW Central Coast Australia