Picking up spyware or a virus/worm/trojan used to require some conscious action on the part of the user:  opening an email attachment, installing supposedly ‘necessary’ system software (video codecs were a common ploy), or downloading media and/or applications of questionable origin.

These days, Bad Things can occur much more transparently: the most rapidly growing method of spreading malware today is via compromised websites – so now, rather than having to (one way or another) make the explicit decision to ‘invite the bytes’ onto your machine, merely visiting a malicious (or unknowingly compromised) site can launch an exploit.  And since this new type of ‘drive-by’ attack is often implemented through 3rd-party browser plug-ins (such as Flash and Acrobat Reader) or via good old fashioned Javascript, it’s not just a Windows or Internet Explorer issue anymore (for the first time, Apple recently issued a KnowledgeBase article advising users to start installing antivirus protection (although after the resulting flurry of unwanted publicity, the warning was removed from the Apple site 24 hours later).

Although the increase in web malware activity is dramatic, it’s been going on for some time now: a recent study found that during 2007 alone, the number of such attacks increased more than 500 percent.  And while this is bad enough news for the home user, it’s even more troublesome for the enterprise, as HTTP (port 80) is the often the only traffic left largely unrestricted on corporate firewalls.

One simple precaution?  Update, update, update.  To address Javascript engine vulnerabilities, update your browser religiously, regardless of which particular browser or operating system you’re using.   As for Acrobat Reader, resist the temptation to ignore those frequent messages about available updates: you might wonder just how much better a PDF can possibly be displayed, but these days, chances are good that the update has something to do with security – and the same goes for Flash.

You can check for any available updates for Acrobat Reader from the Help menu of the application itself, and to check your version of Flash, go here - the Adobe site will inspect your installation and let you know.

I’m no web designer.  But I’m pretty picky about efficient design - and moreover, I just couldn’t accept our little blog here looking like dozens of others that used the same out-of-the-box Wordpress template.

Well, that was a slippery slope -  I chose a template as a starting point, and I ended up (spending way too much time) effectively rewriting most of it.

The Wordpress platform is very well-thought out (so much so, it’s also sometimes used for content management on non-blog sites).  the PHP scripting effectively shields one from having to deal directly with the back-end mySQL database, and there are a wealth of useful and well-written 3rd party plug-ins available -  but to get things looking like I wanted them to, I was going to be in for a bit of a learning curve, there was no way around it - not only with the PHP, but also with the CSS (the ancillary document that defines the layout and style of the web pages themselves).

While I think the PHP’s pretty transparent to anyone who’s had any experience at all with programming and/or scripting languages, making changes to the CSS was a particularly painful hit-or-miss process I had frankly little patience for – until, that is, I came across Firebug, a Firefox add-on for web developers.  The Firebug icon sits down in your Firefox tray and when needed, will (among other things) allow you to locate the relevant CSS code for any element on the web page, to make changes to the CSS, and to see the resulting change in real time.  Using Firebug is simple and intuitive, and I would recommend it to anyone with a need or interest in modifying website design and/or javascript – it’s an excellent tool (at least for identifying CSS elements and auditioning changes, which is all I used it for), and fun to use.