Michael Horowitz

Michael Horowitz wrote his first computer program in 1973 and has been a computer nerd ever since. He spent 20 years working in an IBM mainframe environment as both an application developer and a DB2 DBA. He then spent a few years working in the Research and Development group of a large Wall Street firm. He has also done technical writing and teaching. He is an independent consultant who has long been focused on Defensive Computing. His personal site is michaelhorowitz.com. This is a weblog of Michael Horowitz. The opinions expressed here are those of Michael Horowitz and may not represent those of Computerworld.


The NetUSB router flaw Part 2 - Detection and Mitigation

Without a comprehensive list of routers vulnerable to the NetUSB flaw, the burden falls on us to test our routers. This requires scanning for port 20005 on the LAN side, for sure, and possibly the WAN side too. Here I describe...

What most people don't know about the NetUSB router flaw - Part 1

What most people don't know about the NetUSB router flaw - Part 1

The recent NetUSB flaw in routers was written up by almost every tech news organization, yet, much of the story was untold and some of what was written was flat out wrong. Here, and in my next blog, I hope to correct the record,...

Some perspective on Flash Player bugs

Adobe's Flash Player has had 143 bug fixes in the last year. After 18 years of development, no software should be this flawed. Here are four Defensive Computing approaches to being as safe as possible when running Flash.

Insecure routers hacked yet again

Insecure routers hacked yet again

A new report from Incapsula describes thousands of hacked routers being used in DDoS attacks. The routers could not have been more vulnerable: they were enabled for remote administration with default passwords. The focus of the report...

Security issues at the HP online store

The word that best describes my recent shopping experience at the HP online store is amateurish. Its security issues offer a lesson in things to be aware of at any secure website.

SSL/TLS/HTTPS: Keeping the public uninformed

SSL/TLS/HTTPS: Keeping the public uninformed

Perhaps the most important thing to understand about the SSL/TLS/HTTPS system that secures websites is that you are not supposed to understand it.

Web browsers are also to blame for Lenovo's Superfish fiasco

Web browsers are also to blame for Lenovo's Superfish fiasco

That no web browser prominently displays the name of the Certificate Authority vouching for a supposedly secure website makes man-in-the-middle attacks, such as the one by Superfish, possible. Techies can find this information, but it...

Bloatware free Windows computers

The Lenovo Superfish fiasco illustrates how dangerous the pre-installed software on a Windows machine can be. Here I discuss options for starting off with a clean copy of Windows, both versions 7 and 8. Also, some tips for keeping it...

Using a router to block a modem

Using a router to block a modem

If your Internet connection consists of a separate router and modem, then a private IP address, 192.168.100.1, may provide access to the modem. This can be a double edged sword. Motorola SURFboard modems, in particular, can be reset...

Talk to your modem

Talk to your modem

Those of us with separate routers and modems may lose sight of the fact that the modems are computers. They offer technical information about an Internet connection that can provide a baseline to compare against when things go wrong....

Down the rabbit hole with NOD32 antivirus

For years ESET's NOD32 antivirus program was running happily on the Windows computers of a number of people I know. This will change in the future and here's why.

Load More