Luketan

Interesting "shadow" software similar to Returnil, Powershadow. But in chinese only.

Essentially, you go into shadow mode and any changes after that is "virtual". when you reboot all changes are gone

Fairly well known hardening tool. Just updated

"Small tool which disables the default threats of a Windows XP installation. Besides disabling Windows and some of its components to communicate with Microsoft servers, xpy improves privacy settings and your system's security.

Features:
- Disable Windows communicating with Microsoft
- Disable questionable services
- Tweak Internet Explorer and Windows Media Player
- Remove Windows Messenger
- Improve privacy and security
- Improve performance"

Only for XP.

Vista users should use Vispa

VirtualBox is a open source virtual machine competitor to the well known vmware. It was recently acquired by Sun. This 1.6 is the first version released since then.

New version of SSM free 2.0.8.585 released

From the page: "COMODO Vulnerability Analyzer Version 1.0.0.9 (BETA) Released

Comodo Vulnerability Analyzer adds a critical layer of security to your PC by making sure that the software you have installed is up to date and does not contain any vulnerabilities.

* Scans your machine for software in which vulnerabilities have been discovered
* Checks that the software installed on your machine is the latest version and notifies you if there are updates available
* Notifies you when one of your applications has reached 'end of life' and is no longer supported by the vendor
* Provides a clear solution to each problem with links to patches, advisories and recommendations
* Updates every day with new advisories to deliver real time security against the latest threats



Following are setup details:

32-bit Setup
--------------
download.comodo.com/cva/download/setups/CVA_Setup_1.0.0.9_XP_Vista_32_BETA.... [download.comodo.com/cva/download/setups/CVA_Setup_1.0.0.9_XP_Vista_32_BETA....]
Size: 3.12 MB (3,276,560 bytes)
MD5: 7d40b6082d0f8d155f13eff11d01fa2b
SHA1: 92ca8d5173829640d0f914b10ac10b234c0b605b

64-bit Setup
--------------
download.comodo.com/cva/download/setups/CVA_Setup_1.0.0.9_XP_Vista_64_BETA.... [download.comodo.com/cva/download/setups/CVA_Setup_1.0.0.9_XP_Vista_64_BETA....]
Size: 6.32 MB (6,627,600 bytes)
MD5: f6b5ffac32be7c0cd24bc2bb44a4d4b4
SHA1: c0d9b5bfb2c0579f1567e30a47f57c7915a46264
"





Currently I think the more established Secunia Software Inspector is more polished and stable despite both it and Comodo's vulnerability analyzer being in beta.

Comodo's version of this, generates quite a few false positives (for instance it alerts on Java, based on the directory name alone). In some cases, the alerts are genuine. It differs from Secunia in that it will alert on vulnerabilities that have no patches out yet (usually for relatively minor problems).

From the page: "ThreatExpert Memory Scanner (TEMS) is an experimental lab product developed by the ThreatExpert team.

TEMS is a "post-mortem" diagnostics tool designed to detect a range of high-profile threats in different regions of a computer's memory.

This tool is designed to assist in answering a common question asked by many customers whose systems have been susceptible to threats: "Is my system still infected?"

A threat may potentially slip under the radar of conventional malware scanners by engaging in stealth techniques to stay undetected as long as possible. Often, in such a scenario, the original threat file is encrypted with polymorphic encryptors which rely on anti-debugging and anti-emulation techniques, presenting a challenging task for malware scanners in detecting it.

However, when such a threat is loaded in memory, it needs to decrypt its own malicious code, completely or partially, or it is unable to run. These stealth techniques are used by threat families including Citwail/Pandex/DieHard, Storm and Mailbot/Rustock.

NOTE: ThreatExpert Memory Scanner targets threats that are already active on a clientâ€s computer system. It does NOT provide you with any protection or defence, nor does it replace conventional antivirus or antispyware products.

In the current beta release, the Memory Scanner does not attempt to remove any detected threats."

A very interesting post about the pros and cons of online vs offline password managers.

One of the main advantages of online password managers not mentioned though is the ability to use one-time passwords when on untrusted computers.

I suspect though, in the future most services will provide both. For example I notice the leading online password managers like Passpack are already starting to provide offline versions.

Still it seems somewhat scary to put all your passwords online. Despite features like Host-proof hosting techniques such that even if attackers break into the system and/or control it, they cannot get the passwords because it is all encrypted. Neither are they able to "sniff" the master password, because the master password is never sent to the server.