13 Ways Your Restaurant May Be Using Technology to Woo You

Is your favorite restaurant wired for your convenience? Check out the following ways your local establishment is keeping in contact with you.

1. Now more than ever, restaurants need to be aware of their web footprint when it comes to reviews and ratings on sites likezagat, gayot, dine, tripadvisor, yelp, urbanspoon and others. Most have their own iPhone app, too. When reading a testimonial, remember that many restaurants plan accordingly to boost their reviews.

2. With the Open Table app, you can find the nearest restaurants and openings wherever you are. Upscale restaurants are intricately connected to Open Table through their online registration system. This enables them to scan free tables and time slots and automatically populate it with reservations.

3. We bet your favorite watering hole knows more about you than your doctor. Birthdays, anniversaries, graduations—they're keeping tabs and putting it all into the Open Table scheduling system.

4. Your restaurant wants you to tell your friends where you are with apps like Foursquare and Meetup. The apps allow users to “check in” at restaurants so friends can meet up with them. Think of it as real-time recommendations.

5. Imagine perusing a wine list on an iPad? Check out how this San Francisco restaurant is showing off its extensive collection on the iPad. Sound expensive? Some restaurants are constantly updating 100-page wine lists. The savings in paper per year would pay for a couple of iPads, one maitre d' said.

6. Most restaurants have their complete wine lists online. If you plan ahead, you can avoid having to quickly navigate a weighty wine list. You may even find a low-cost steal or rare vintage. Get reviews from Wine Spectator (members only), Wine Enthusiast, cellartracker or do a Google search for private wine bloggers to avoid making a pricey fumble.

7. If you haven’t reviewed the wine list ahead of time, try using an app that offers wine recommendations. Hello Vino suggests a wine for your meal. More waiters are using wine apps to help them offer the best recommendations.

8. Fast food chains may one day allow you to order on an iPad. Why not remove the middle man when ordering? This could work well at bars or pool halls, too, just as long as the iPad is bolted down and protected from hands covered in BBQ wing sauce.

9. Smart restaurant owners realize the importance of being on Facebook and Twitter. Next time you try a new place, see if you can find a Facebook page for it first. You’ll get a preview of daily specials and see just how popular it is. Plus, Facebook and Twitter can help foodies stay on top of "pop-up" restaurant spots and hot-ticket chef events

10. High end establishments may be posting pictures of the chef's most recent creations along with recipes. Sometimes, the quality of culinary photos may help determine the success of a restaurant. WD-50 is an example of one restaurant that gets the power of online presentation.

11. Chefs are beginning to share their best cooking tips on video. Check out your favorite restaurant’s site and you may find cooking videos like these from Blue Hill at Stone Barns, a top choice for sustainable, farm-fresh cuisine in New York.

12. WiFi is a given for most top tier restaurants. If that's not the case, check with the restaurant to see if you can hook up to their local wireless.

13. Planning a wedding or special event at your favorite restaurant? Some restaurants project past special events on flat screens and using electronic picture frames. Next time you visit, take a look. You'll get great ideas and see how good the staff is at executing special events. Why take chances?

How to fix your McAfee-crippled computer

McAfee pushed out a malformed security patch early on Wednesday that wound up crippling computers running Windows XP, but there is a fix available. Users should note that it's labor-intensive and must be applied manually to each computer. If you're running Windows Vista or Windows 7, your computer shouldn't be affected by the bad update.

As of 3 p.m. PDT, McAfee had yet to link on its front door to a fix for a false positive update with disastrous consequences that went out Wednesday morning.(Credit: Screenshot by Seth Rosenblatt/CNET)
If your computer is shutting down automatically, you must address that before you can fix anything else.
Step 1: Open a command prompt: Start menu, Run, then type cmd and hit Enter
Step 2: Type shutdown -a, which will prevent the shutdown from occurring
McAfee has revealed two fixes for the problem. Each one requires multiple steps, and can be confusing. If you're not comfortable with advanced computer fixes, you should get help with this.
For the first fix, go to the McAfee interface through the Start menu, and disable Access Protection and On-Access Scanner.
Step 1: Click Start, Programs, McAfee, and then VirusScan Console
Step 2: Right-click "Access Protection"
Step 3: Select "Disable"
If you have Internet access, download the EXTRA.ZIP file provided by McAfee and unzip the EXTRA.DAT within. (Note that Nai.com is a safe site maintained by McAfee, for those who were wondering.) Once EXTRA.DAT has been extracted:
Step 1: Click Start, Run, then type services.msc and click "OK"
Step 2: Right-click the McAfee McShield service and select "Stop"
Step 3: Copy EXTRA.DAT to "\Program Files\Common Files\McAfee\Engine"
Step 4: Then restart the McAfee McShield service by right-clicking on it and choosing "Start" from the context menu
Step 5: Re-enable access protection by going back to the VirusScan Console
Step 6: Right-click "Access Protection"
Step 7: Select "Enable"
Step 8: In the VirusScan Console, go to the Quarantine Manager Policy
Step 9: Click the Manager tab
Step 10: Right-click on each file in the Quarantine and choose "Restore"
There is, of course, one massive hang-up with this McAfee-recommended solution: More likely than not, you don't have Internet access on your McAfee-borked computer. In fact, it's highly unlikely that you have access to much of anything, since deleting SVCHOST.EXE prevents key Windows 32-bit sub-system processes from functioning at all. To get the EXTRA.DAT on your computer, you'll probably have to download it on an unaffected computer, then copy it to either a USB drive or a CD-ROM and use the command prompt to copy it over to your C: drive.
The second workaround requires that you apply the EXTRA.DAT fix as detailed above before beginning and that you have access to a second, unaffected Windows XP computer. On that computer, go to C:\WINDOWS\system32 and copy SVCHOST.EXE to a network location or a removable media device such as a USB stick. Then copy the SVCHOST.EXE from the unaffected computer to the affected computer, and restart the McAfee-afflicted computer. There are details on applying the EXTRA.DAT via ePolicy Orchestrator at McAfee's fix on Nai.com.
Severe problems caused by buggy or false positive security updates are rare, but not unheard of. Recent instances include an update from Avast that marked hundreds of legitimate files as threats in December 2009, Computer Associates flagging a Windows system file as a virus in July 2009, and AVG marking ZoneAlarm as malware in October 2008.

Anti-fraud tips and tools for tax season

This screenshot shows a tax season phishing e-mail that looks like it comes from the IRS but which leads to a site with data-stealing malware.(Credit: Proofpoint)
As April 15 approaches, U.S. citizens preparing to file their taxes are susceptible to online scams designed to steal their personal information and, ultimately, their money. Here is a roundup of tips for how people can protect themselves.
First off, the Internal Revenue Service does not initiate taxpayer communications through e-mail, and the agency does not request details on personal information via e-mail. The IRS has detailed information on how to report and identify phishing and e-mail scams and bogus IRS Web sites here. More information about specific tax fraud schemes is here.
Microsoft's Security Tips & Talk blog recommends that people filing taxes online should learn to recognize the official IRS Web site. In addition, people should make sure that the Web address of the site they are filing on is secure and begins with "https," the secure version of the Hypertext Transfer Protocol, and that there is a locked padlock icon at the bottom of the screen, the blog post says.
Tax-related phishing attacks have been going on for a few weeks, at least, according to Proofpoint. One particularly pernicious one arrives in e-mail in-boxes with a subject line of "Notice of Underreported Income" and asks recipients to review their tax information with a link to a site that is represented as an IRS site. Instead, according to this Proofpoint blog item, the link leads to a fake IRS page with an executable that installs the data-stealing Zeus Trojan.
Proofpoint's tips: Be suspicious of any e-mail requests for personal IDs, financial information, user names or passwords; don't fill out forms in an e-mail; don't click on links in e-mails that are unsolicited or suspicious; and type the legitimate URL for the organization in a new browser window or call the company directly.
SonicWall predicts that more than 100 million IRS-related phishing e-mails will be sent to tax payers in the days leading up to and after the April 15 tax-filing deadline. But not all tax-related e-mails will be scams, the company said.
"Myriad legitimate online filing services, online consultants who answer tax-related questions, and online tax calculators currently exist," SonicWall said in a statement.
"For example, if you file your taxes with an online tax preparation service, you are likely to get legitimate e-mail from them and the bank, which acts as the transfer agent for the transaction for the IRS," the company said. "Phishers use this opportunity to prey on taxpayers who are filing their tax refund--asking them for bank card information to deposit the refund and a Social Security number so they can verify a taxpayer's identity. Be wary of these types of inquiries."
SonicWall's tips include visiting the tax preparer's Web site or calling the company to check up on the status of the filing and being wary of offers that allow people to get loans on their income tax refund, many of which are scams.
Meanwhile, AVG Technologies has partnered with CyberTaxDay.com to offer AVG's free security software along with tax-filing tips for people preparing to file taxes electronically. The AVG software can be used to scan Web sites to make sure they are safe and to check for malware on the taxpayer's computer.

Koobface malware makes a comeback

It's baa-aaack. Koobface, that is.

The persistent malware that plagues Facebook users has reared its ugly head yet again.
A new round of e-mails aimed at launching the worm onto the PCs of unsuspecting users has been discovered by researchers for the security vendor ESET, according to the company's Wednesday blog.
Uncovered by ESET researchers in Latin America, this latest Koobface campaign is sending Facebook users messages with a link that claims to direct them to videos of sexual encounters. The link included in the e-mails tells the user to download a video codec to view the X-rated content. But instead of delivering the goods, the link calls up a download that launches the Koobface malware, thus infecting its intended victim.
And like most malware, by infecting one computer, the worm then triggers the malicious message to all of the contacts of that PC's owner.
The creators of Koobface have even added a twist to thwart security experts trying to combat the worm. The dangerous download occurs only the first time someone clicks on the link. Subsequent efforts bring up a "Page not found" error. This type of attack makes it more difficult for researchers to analyze different versions of the malicious code, according to ESET.
Since its first appearance in 2008, Koobface has continued to pop up from time to time with new variants, typically aimed at infecting Facebook users. The worm uses a similar strategy by sending messages to your Facebook contacts trying to get them to click on a link to a video or other file. But instead, it launches the executable that infects their computers.
To protect yourself from Koobface, ESET offers the usual advice. Don't trust this new message or any like it sent to you via social networks like Facebook. And of course, make sure your antivirus software is always up-to-date.

Federal IT pros say U.S. at high risk for cyberattack

Almost three-quarters of the government IT administrators polled in a new survey believe the U.S. is likely to face a cyberattack from a foreign country in the next year.
Key IT decision makers who work in national defense and security were questioned in a new Clarus Research Group survey commissioned by Lumension and released Tuesday. Among those polled for the "Federal Cyber Security Outlook for 2010 Survey," 74 percent expect a cyberattack from foreign shores in the next year.
(Credit: Lumension)
What types of threats and security risks do federal IT professionals fear the most? Among the respondents, 64 percent said they're worried about the growth and sophistication of cyberattacks, while 49 percent expressed concern over negligent or purposely malicious employees or insiders creating trouble.
These risks are also heightened by a lack of sufficient resources and coordination: 42 percent said they don't have the budget or staff to properly address security risks, 25 percent noted a lack of integration between security and overall IT operations, and 22 percent said there's no coordination between security and their IT operations.
The holes in IT security within the government have already left the door open for attacks. Over the past year, 59 percent of those polled said their agency or department was hit by viruses or malware, 53 percent said that internal notebooks, desktops, and other devices have been stolen, and 50 percent reported the loss of sensitive information due to a negligent employee.
The White House, under both President Bush and President Obama, has struggled to try to clean up the nation's weaknesses in cybersecurity. In 2008, the Department of Homeland Security established the National Cyber Security Initiative as an attempt to coordinate national security with the private sector and within the government itself. This past December, the White House appointed a new cybersecurity chief.
Despite these and other efforts by the government, more than half of the IT pros questioned by Clarus Research expect only minor changes as a result. Of those polled, 41 percent said they've spent less than 10 percent of their time in the past year working on the National Cyber Security Initiative.
Overall, only 6 percent of those surveyed rated the government's ability to stop or deal with cyberattacks on critical U.S. operations as "excellent," while 42 percent rated it as "only fair" or "poor." Most did express more confidence in their level of IT security today versus a year ago, but mainly due to improvements in technology, better collaboration between IT security and operations, and internal audit requirements.
(Credit: Lumension)
"Unfortunately, when it comes to our infrastructure, we are already under attack and are faced with the reality of a growing and advanced persistent threat from foreign entities that are targeting our critical U.S. infrastructure," Lumension CEO Pat Clawson said in a statement. "The traditional government responses we've seen so far, such as naming a security coordinator, announcing a cyber security initiative, and focusing on compliance initiatives will not alone successfully address this problem."
What does the future hold? Those polled expect that the next few years will see growing threats to U.S critical infrastructure from foreign countries and terrorist groups. In response, Clawson, who has a background in security, offered a few suggestions in a recent blog posting and laid out some specific steps:
We must do three things if we are to truly empower and implement a robust national cybersecurity plan. One--we need to have an empowered cyber security czar, with budget and policy authority, reporting directly to the president.
Next--given that 90 percent of our critical infrastructure is owned or managed by private entities, we need a collaborative government and private sector partnership to better understand the risks at hand and to better define IT security standards, practices, and contingency plans in the event of a major attack.
And finally--we need to shift from an absolute focus on being compliant with ad-hoc audits for verification, to one of being secure and continuously monitoring our IT environment to ensure that the proper controls are always in effect.
Almost three-quarters of the government IT administrators polled in a new survey believe the U.S. is likely to face a cyberattack from a foreign country in the next year.
Key IT decision makers who work in national defense and security were questioned in a new Clarus Research Group survey commissioned by Lumension and released Tuesday. Among those polled for the "Federal Cyber Security Outlook for 2010 Survey," 74 percent expect a cyberattack from foreign shores in the next year.
(Credit: Lumension)
What types of threats and security risks do federal IT professionals fear the most? Among the respondents, 64 percent said they're worried about the growth and sophistication of cyberattacks, while 49 percent expressed concern over negligent or purposely malicious employees or insiders creating trouble.
These risks are also heightened by a lack of sufficient resources and coordination: 42 percent said they don't have the budget or staff to properly address security risks, 25 percent noted a lack of integration between security and overall IT operations, and 22 percent said there's no coordination between security and their IT operations.
The holes in IT security within the government have already left the door open for attacks. Over the past year, 59 percent of those polled said their agency or department was hit by viruses or malware, 53 percent said that internal notebooks, desktops, and other devices have been stolen, and 50 percent reported the loss of sensitive information due to a negligent employee.
The White House, under both President Bush and President Obama, has struggled to try to clean up the nation's weaknesses in cybersecurity. In 2008, the Department of Homeland Security established the National Cyber Security Initiative as an attempt to coordinate national security with the private sector and within the government itself. This past December, the White House appointed a new cybersecurity chief.
Despite these and other efforts by the government, more than half of the IT pros questioned by Clarus Research expect only minor changes as a result. Of those polled, 41 percent said they've spent less than 10 percent of their time in the past year working on the National Cyber Security Initiative.
Overall, only 6 percent of those surveyed rated the government's ability to stop or deal with cyberattacks on critical U.S. operations as "excellent," while 42 percent rated it as "only fair" or "poor." Most did express more confidence in their level of IT security today versus a year ago, but mainly due to improvements in technology, better collaboration between IT security and operations, and internal audit requirements.
(Credit: Lumension)
"Unfortunately, when it comes to our infrastructure, we are already under attack and are faced with the reality of a growing and advanced persistent threat from foreign entities that are targeting our critical U.S. infrastructure," Lumension CEO Pat Clawson said in a statement. "The traditional government responses we've seen so far, such as naming a security coordinator, announcing a cyber security initiative, and focusing on compliance initiatives will not alone successfully address this problem."
What does the future hold? Those polled expect that the next few years will see growing threats to U.S critical infrastructure from foreign countries and terrorist groups. In response, Clawson, who has a background in security, offered a few suggestions in a recent blog posting and laid out some specific steps:
We must do three things if we are to truly empower and implement a robust national cybersecurity plan. One--we need to have an empowered cyber security czar, with budget and policy authority, reporting directly to the president.
Next--given that 90 percent of our critical infrastructure is owned or managed by private entities, we need a collaborative government and private sector partnership to better understand the risks at hand and to better define IT security standards, practices, and contingency plans in the event of a major attack.
And finally--we need to shift from an absolute focus on being compliant with ad-hoc audits for verification, to one of being secure and continuously monitoring our IT environment to ensure that the proper controls are always in effect.

Fake "fan pages" claiming to offer Whole Foods gift cards actually lead to a form that steals personal information, the grocery chain is warning consu

Upscale grocery conglomerate Whole Foods Market said Friday that it is continuing to clamp down on a series of Facebook-based scams that entice users with a purported $500 gift card from the Austin, Texas-based supermarket chain.
The scam has been spreading virally through Facebook via "fan pages" with names like "Whole Foods Market Free $500 Gift Card Limited - first 12,000 fans only" and "Whole Foods FREE $500 Gift Card! Only Available for 36 hours!" The fan page asks Facebook users to add it as a fan, thus pushing awareness of the page through those users' Facebook networks, and then asks them to fill out a credit assessment and other forms that request personal information. The scam then uses a form of malware to crash users' computers and the information they have entered is left vulnerable.
The scams first emerged on Thursday, Whole Foods spokeswoman Libba Letton said, and though they have been working with Facebook to pull them down, new scams "keep popping up" as they're removed. "Throughout yesterday and this morning, we've been alerting them each time we see new ones, and we take them down," Letton told CNET. She said that if Whole Foods runs contests and gift card giveaways, they will only be orchestrated from the company's own Web site.
Whole Foods has also been using its Twitter account to reply to people who have tweeted about the scam or expressed concerns with it, providing answers like, "It's a scam, unaffiliated and unauthorized by us! Please help us report these pages so Facebook can shut them down." A warning announcement on its Facebook fan page is planned as well.
It's not yet clear who is operating the scams or whether any user information has been compromised.
"Groups and pages that attempt to trick people into taking a certain action or spamming their friends with invites violate our policies, and we have a large team of professional investigators who quickly remove these when we detect them or they're reported to us by our users," a Facebook representative told CNET. "We're working on ways to automate the flagging of these scam groups and pages so we can take action on them even more quickly."
The company recommends that users follow the Facebook Security fan page and report suspected scams when they see them.

Security Job

Installing Video Surveillance @ a residential home today. Hurry up and get your house protected! Lowest prices in town GUARRANTEED

Microsoft defends IE8 following hacking contest

Though Internet Explorer 8 was only one of several products hacked in a recent contest, Microsoft is standing up for its browser.
Microsoft's official Windows Security blog on Friday discussed the specific features that were hacked to win the contest, explaining that IE's security techniques aren't designed to thwart every attack forever, but more to slow down the bad buys and make it harder for them to exploit vulnerabilities.
Last Wednesday's annual Pwn2Own hacking contest at the CanSecWest security show in Vancouver, B.C., pitted security experts and researchers against each other to see who was the top hacker. The contestants managed to hack not just IE8 on Windows 7 but also a non-jailbroken iPhone, Safari running on Snow Leopard, and Firefox on Windows 7.
Peter Vreugdenhil, an independent security researcher who won $10,000 for bypassing the security in IE8, said he exploited IE8 by sneaking past two of its key defenses--ASLR (Address Space Layout Randomization) and DEP (Data Execution Prevention).
The Microsoft blog posted for Pete LePage, a product manager from the Internet Explorer team, mentioned the security researchers and addressed ASLR and DEP. ASLR is designed to stop hackers from getting memory addresses they can use to compromise code. DEP tries to prevent malicious code from running in memory where executable files are not supposed to run.
In describing the way these security defenses work, the blog compared a computer to a fire-proof safe. Without these defenses in place, "a fire-proof safe may only protect its contents for an hour or two. A stronger fire-proof safe with several 'defense in depth' features still won't guarantee the valuables forever, but adds significant time and protection to how long the contents will last." The blog said that both ASLR and DEP continued to be "highly effective protection mechanisms."
In hacking IE8, Vreugdenhil explained that the computer running the browser was compromised by visiting a Web site that launched the malicious code. He was then able to steal user rights on the PC, giving him the capability to run applications, such as the Windows calculator. The security researcher who hacked into Firefox said he also bypassed ASLR and DEP to gain control of the computer.

Cisco warns of 'highly critical' SIP flaw

Cisco Systems has issued a range of security advisories giving details of 11 vulnerabilities in IOS, the operating system on which many of its products run.
One of the vulnerabilities, described as "highly critical," could lead to a hacker compromising the affected system or launching a denial-of-service attack against it. The advisories, issued Wednesday, are part of Cisco's twice-yearly schedule of security updates for IOS.
The highly critical vulnerability affects IOS version 12 devices running SIP, a protocol used by many businesses to set up and tear down voice and video calls. IOS version 12 is widely deployed.

Washingon's new U.S. Cyber Command is prepped and ready but is still waiting for Senate approval of its new commander before it can open for business.

The new command would unify and administer the U.S. Department of Defense's vast computer networks to better defend against cyberattacks. In June, Defense Secretary Robert Gates approved the creation of Cyber Command as a unified, sub-division of U.S. Strategic Command to operate the Defense Department's information resources of 15,000 computer networks across 4,000 military bases in 88 countries.
Cyber Command is seen within the Defense Department as a vital reorganization needed to integrate its vast network of computing resources, which are currently operated separately. Appearing last week before the House Armed Services Committee's subcommittee on strategic forces, Air Force Gen. Kevin Chilton, the commander of U.S. Strategic Command, stressed the need to move away from the current segregation of resources.
"This segregation detracts from natural synergies and ignores our experience in organizing to operate in the air, land, sea, and space domains," said. "The establishment of U.S. CyberCom will remedy this problem in the cyber domain."
Army Lt. Gen. Keith Alexander, currently the director of the National Security Agency at Fort Meade, Md., has been nominated to run U.S. CyberCom. If confirmed, Alexander would be charged with commanding both the NSA and CyberCom and be promoted to a full general.
Since CyberCom is an internal reorganization, the Defense Department does not need approval from Congress to establish it. The defense secretary has the authority to do this on his own. However, the Defense Department has taken the effort to brief the appropriate congressional committees on its plans for CyberCom, according to a representative from the House Armed Services Committee.
But the nomination of Alexander to be promoted to a 4-star general and assigned the role of commander does need Senate confirmation, a process that's ongoing.
Further, most concerns over the initial operating capability of CyberCom have been addressed, according to the spokesperson. But questions remain about its future role and makeup. How will someone balance the dual roles of CyberCom commander and NSA director? And though the House Armed Services Committee may feel Alexander is up to the task of juggling both jobs, will the Defense Department have a source of future 4-star generals qualified to take on this challenge?
The Senate Armed Services Committee has posed a variety of questions to the Defense Department concerning its plans for CyberCom, according to a statement from Lt. Col. Eric Butterbaugh, a spokesman for the Office of the Assistant Secretary of Defense for Public Affairs. In particular, the committee has asked about its pending relationship with the NSA and has requested answers to all its questions before it can consider Alexander's nomination.
In response, Defense Department officials have met with staff from the committee, said Butterbaugh, and remains committed to answering any future questions. On its end, the Defense Department is hoping for a quick confirmation.
"The DOD looks forward to establishing this critical command as soon as the Senate confirms Lt. Gen. Alexander as its first commander," said Butterbaugh. "Improving the protection of military information networks in the 21st century is an urgent priority for the DOD."

A number of BitDefender users, whose 64-bit Windows systems stopped working or were unable to be rebooted after security program updates, vented their frustration by flooding the antivirus vendor's forum pages over the weekend.
According to an IDG report, users on forum boards started signaling the problem on Saturday evening. The complainants said several Windows files, as well as the security vendor's own program files, were identified as "Trojan.FakeAlert.5" malware after they performed an update for their BitDefender antivirus programs.
In an e-mail update Monday to ZDNet Asia, Vitor Souza, BitDefender's global communications director, explained that "multiple" BitDefender and Windows files which comprise .exe, .dll and other binary files, were incorrectly detected as malware and "moved to quarantine."