Christopher Null discusses several software programs, including Simple File Shredder (a free download) which will ensure that your deleted computer files are really deleted.

This is an old story but it’s worth telling again for those who don’t know it. Put simply: When you delete a file from your computer (and it needn’t be Windows, this is common to every type of PC), that file doesn’t “go away.” Rather, to save wear and tear on your hard drive and to simplify the operation, your computer just eliminates the record of where the file began. Think of your PC as containing a giant “shopping list” of all the files on its hard drive. Delete the canned peaches off that shopping list and the store doesn’t actually get rid of the peaches. It just “forgets” that they are there. The space allocated to the peaches remains there until the store needs the space for something else.

Keep reading for pragmatic solutions.

None other than Microsoft CEO Steve Ballmer made mention of how Google’s privacy policy differs from Microsoft’s, when he delivered a speech in the U.K. during the weekend, as Ed Moltzen reports:

The software giant’s chief made the remarks during a discussion about consumer software revenue models, and Ballmer used the dialogue as an entry point to take his shot at Google. The video is available to watch via the web site Mydeo.com. Ballmer made his remarks after an audience member asked him if an advertising model could support software business in the future. The CEO said a combination of models – - commercial and ad-paid – - would go forward.

“What’s a good example? Will online publications be largely ad-funded as things move from the physical world to the online world?” Ballmer said. “I think the answer is yes.

“Have we seen the migration of things even like email? . . . Our Windows Live Hotmail, in and of itself, doesn’t generate much ad revenue. So we’ve had to put, essentially, a whole portal around it because the traffic around it is very valuable but it’s not very easily monetized in the context of mail.

“Google’s had the same experience, even though they read your mail and we don’t,” Ballmer said, to chuckles and and a couple of gasps in the audience. “That’s just a factual statement, not even to be pejorative. The theory was if we read your mail, if somebody read your mail, they would know what to talk to you about. It’s not working out as brilliantly as the concept was laid out.”

As Ed Moltzen notes, Ballmer may be stretching the point:

Google, which operates the free Gmail service, publicly acknowledges that its “processes personal information” via cookies and on its servers, so it can provide “our products and services to users,” as well as to keep its service running well.

It adds:

Google processes personal information on our servers in the United States of America and in other countries. In some cases, we process personal information on a server outside your own country. We may process personal information to provide our own services. In some cases, we may process personal information on behalf of and according to the instructions of a third party, such as our advertising partners.

Google doesn’t say it “reads” email, however.

Privacy Maven recommends you read the privacy policy and decide for yourself if Google is “reading” or not.

Have you been receiving more spam email than usual lately? Spam emails with attachments? There’s a reason. As Wired.com notes:

The Storm worm first appeared at the beginning of the year, hiding in e-mail attachments with the subject line: “230 dead as storm batters Europe.” Those who opened the attachment became infected, their computers joining an ever-growing botnet.

Although it’s most commonly called a worm, Storm is really more: a worm, a Trojan horse and a bot all rolled into one. It’s also the most successful example we have of a new breed of worm, and I’ve seen estimates that between 1 million and 50 million computers have been infected worldwide.

Old style worms — Sasser, Slammer, Nimda — were written by hackers looking for fame. They spread as quickly as possible (Slammer infected 75,000 computers in 10 minutes) and garnered a lot of notice in the process. The onslaught made it easier for security experts to detect the attack, but required a quick response by antivirus companies, sysadmins and users hoping to contain it. Think of this type of worm as an infectious disease that shows immediate symptoms.

EnterpriseIT Planet discusses the enormous rise of spam attributed to the worm:

There is no escaping the suspicion that spammers have been charting a cagier course in recent months. Electronic messaging managed service provider MessageLabs has noticed too.

Previously pristine inboxes are finding that image files and PDFs containing pump-and-dump stock pitches and advertisements increasingly slip through. Excel and Rich Text Format (RTF) spam have also been detected in the wild.

The cause can be summed up by one word: botnets.

Although spam has decreased from its peak in July 2004 when it accounted for a staggering 94.5 percent of the email monitored by MessageLabs — it now hovers around 71 percent — the monetary spoils have prompted spammers to pursue more exotic methods of keeping those coffers full.

Responsible for spewing spam and dropping the DDoS hammer on Web sites, botnets can hardly be considered an up-and-coming threat. However, a relatively new breed of botnet, spawned by the Storm worm, is proving to be tenacious adversary.

The malware has been contributing to a slight uptick in spam lately, according to MessageLabs’ Chief Anti-Spam Technologist, Matt Sergeant.

“We’re currently seeing a slight rise. Nothing anywhere near as huge a rise as we saw last year. But it’s early days yet,” he states.

Purportedly under the control of the notorious Russian spammer Zliden, the Storm-based botnet is a very different beast. First, its sheer size is immense. According to MessageLabs, Storm is believed to have infected 50 million machines, though only 10 – 20 percent of its capacity is being used.

Organizations such as Spamhaus which work to combat such Internet threats have been under attack by the Storm:

“It’s been a pretty constant battle to stay online,” Vincent Hanna, an investigator for the non-profit Spamhaus Project, told InformationWeek. “It’s an arms race. They try something. We block it. They try something else. We block it. It goes on and on. Sometimes it’s fine and sometimes we spend hours a day on this.”

Spamhaus is one of the anti-spam organizations that have been targeted in recent months by the Storm worm authors. The malware writers have amassed a giant, international botnet of compromised computers. Estimates of its size range wildly — from one or two million up to 50 million bots. Regardless of its specific size, though, security researchers say it’s definitely large enough to wreak a lot of havoc with a company’s network, a government agency, an ISP, or possibly even an entire country, if they use that illegal grid to launch a denial-of-service (DoS) attack.

Adam Swidler, a senior manager with security company Postini, said in an earlier interview he has no doubt if the Storm worm bosses focused the full power of their botnet on a targeted DoS attack, it could do a lot of damage. “I think there’s no question they could damage any single company, whether through a DoS attack or a spam barrage,” he added. “I’d be less worried about a Yahoo(YHOO) or a Bank of America than the thousands of mid-sized banks that aren’t as well protected. But undoubtedly, this could do a great deal of damage.”

While the protracted DoS attack on Spamhaus hasn’t used the full force of the botnet’s might, the attack has been long enough and strong enough to be disruptive, even if it hasn’t knocked the organization offline.

As always, be cautious with email from unknown senders and never download any attachments, ever, from unknown senders. Here is a helpful FAQ regarding the Storm Worm Botnet. Here is an informative interview with Trend Micro CEO Eva Chen regarding botnets and how to avoid being victimized.

John Thompson, CEO of the security software company, Symantec Corp., is denouncing nondisclosed usage of Internet cookies:

During a visit to the EU in Brussels, John Thompson, chief executive of the security software company, said that cookies “are just as much an invasion of privacy as someone peering in my bedroom window”.”I don’t have an issue with people having cookies on their machine as long as I’ve been told one just got planted there,” Thompson said.

In fact any decent web browser will include an option to be alerted when a site attempts to set a cookie. But Thompson wants the onus moved from the web user to the website. “I think there is an opt-in option here that should be available to everyone.”

The technology known as Internet cookies has been commonplace, and perhaps not widely known or understood, whereby Internet sites deposit small files on a user’s computer which send back data to the sites which is used for a variety of functions, from improving website navigation to serving targeted advertising based upon the user’s surfing habits. Howstuffworks.com has a detailed primer on the subject of Internet cookies. Additionally, here is a video explaining Internet cookies and how they work:

Get the news directly from the IRS website on this latest phishing scam….”The e-mail purporting to be from IRS Criminal Investigation falsely states that the person is under a criminal probe for submitting a false tax return to the California Franchise Tax Board. The e-mail seeks to entice people to click on a link or open an attachment to learn more information about the complaint against them….”

Computerworld reports that an AOL phisher, Michael Dolan, has pleaded guilty to federal charges and will be sentenced to prison. According to the report…”from 2002 through 2006, Dolan and others used software to harvest AOL account names from the service’s chat rooms, then sent messages posing as electronic greeting cards that were actually transporting Trojan horses that infected recipient’s PCs.” Computerworld also notes that Dolan is only 23 years old and a repeat offender, first charged with similar crimes at age 20.

Want to know more about phishing and how to protect yourself? I highly recommend The Fight Against Phishing: 44 Ways to Protect Yourself, from Network Security Journal.

Reader’s Digest has a lengthy, sobering article about the pervasiveness of workplace monitoring of employees. Far beyond routine concerns about computer usage, employees must take into consideration that cell phone activity, MySpace pages and, yes, even blogging may have a negative impact on future and present careers. Very sobering reading indeed….

It’s becoming an increasingly common nightmare. Laptops stolen, and along with them, sensitive data. PC Stats offers a useful primer on preventing data loss from stolen laptops.

CNN reports on IBM’s new Data Masking Solution which is said to enable protection of consumer’s data. More detailed information is available on IBM’s website: “…the solution is designed to transform data so that no sensitive information is exposed while allowing internal and external developers to perform software product design, development, testing and quality assurance.”