Abstract: A computer-implemented method for filtering electronic messages. The method may include identifying a first time period during which a user accesses electronic messages less than during a second time period. The method may also include associating a first filtering level with the first time period and associating a second filtering level with a second time period. The method may further include, during the first time period, setting a spam filter to the first filtering level. The first filtering level may cause the spam filter to perform stronger filtering than the second filtering level. The method may include, during the second time period, setting the spam filter to the second filtering level. Corresponding systems and computer-readable media are also disclosed.

Abstract: Computer-implemented methods and systems for detecting and automatically installing missing software components are disclosed. In one example, an exemplary method for performing such a task may comprise: 1) detecting a failed attempt by a process to load a shared object, 2) identifying the shared object requested in the failed attempt, 3) automatically obtaining the shared object from a network-accessible storage device, 4) installing the shared object on the computing device, and then 5) successfully loading the shared object.

Abstract: Method and apparatus for parental control of electronic messaging contacts of a child is described. One aspect of the invention relates to communication of an electronic message from sender to recipient over a text-based communication channel established between sender and receiver clients on a network. A host on the network is configured to generate a unique identifier for the sender and maintain a log for the recipient. A first proxy module is configured to receive the electronic message from the sender client, embed the unique identifier associated with the sender therein, and forward the electronic message towards the receiver client over the text-based communication channel. A second proxy module is configured to receive the electronic message from the text-based communication channel, remove the unique identifier from the electronic message, send the unique identifier to the host for storage in the log, and forward the electronic message to receiver client.

Abstract: User account control (such as the UAC component of Windows Vista) is extended to enable users to allow their decisions on how to respond to managed events to be applied to equivalent events for groups, without any further prompting. When a managed event first occurs, the user is presented with an extended dialog prompting for input not only on whether to allow the event for just the user, but also on whether to allow the event for any groups the user manages. Managed groups can comprise all of the user's computers, or multiple user accounts the user manages. The user's response to the prompt and information concerning the managed event are stored. Matching events within a group context are recognized, and appropriate stored responses are automatically applied, without any additional user prompting.

Abstract: A computer-implemented method for using geo-location information in sensitive Internet transactions is disclosed. In one example, such a method may include: 1) receiving, from a client device, a request to conduct an Internet transaction, 2) requiring geo-location information from the client device in order to conduct the Internet transaction, 3) receiving the geo-location information from the client device, 4) verifying the validity of the geo-location information, and then 5) conducting the Internet transaction. Various other methods, systems, and computer-readable media are also disclosed.

Abstract: A Bayesian spam filter determines an amount of content in incoming email messages that it knows from training. If the filter is familiar with a threshold amount of the content, then the filter proceeds to classify the email message as being spam or legitimate. On the other hand, if not enough of the words in the email are known to the filter from training, then the filter cannot accurately determine whether or not the message is spam. In this case, the filter classifies the message as being of type unknown. Different threshold metrics can be used, such as the percentage of known words, and the percentage of maximum correction value used during processing. This greatly improves the processing of emails in languages on which the filter was not trained.

Abstract: Outbound network traffic originating from a client is filtered, to check for files targeted for upload to remote sites. When a file targeted for upload to a remote site is detected, a remote storage location at which the client's backup data is stored is checked for a copy of the detected file. If a copy of the file is located at the remote backup site, that copy is substituted for the client copy in the network transmission to the target remote site. By uploading online copies of files when available, the client upload experience is much faster, and local bandwidth is preserved for other tasks.

Abstract: A Bayesian spam filter calculates multiple handicap values, each of which is mapped to a selectable error tolerance level. Users operate a user interface component such a slider to select a desired error tolerance level. The Bayesian spam filter utilizes the corresponding handicap value for its filtering operations. Thus, the users of the anti-spam program can adjust their error tolerance levels up and down as desired.

Abstract: A parental control system is used to verify the identity of parents, based on children's instant messaging aliases. A plurality of verified parental accounts is maintained, each of which includes the identity of the parents and their children, including the children's instant messaging aliases. When a first child wishes to electronically communicate with a second child, s/he makes a request which includes the second child's alias. The parental accounts are searched for the second child's alias. If the alias is not found, instant messaging between the children is not allowed. If an account containing the alias is found, an identity verification request is transmitted, disclosing the identity of the first child's parents, and requesting reciprocal identity verification. Only if the second child's parents disclose their identity is the instant messaging between the children permitted.

Abstract: A publisher uses a toolbox to graphically define web forms, by selecting and configuring components such as buttons, text boxes, menus, etc. Underlying code for the web forms (such as Extensible Markup Language, or XML) is automatically generated. The publisher defines transforms (such as Extensible Stylesheet Markup Language Transforms, or XSLTs) that process the exchange of data between the front end and the backend web service. The transforms and the code underlying the web forms is automatically combined into a frontend to the web service. The web based frontend is published on a user site, such that users can access the backend web service through the frontend.

Abstract: HTTP requests initiated from a web browser of a client computer system are proxied prior to release to a router, such as a home router. HTTP requests identifying a referrer URL corresponding to routable, public IP address and a target URL corresponding to a non-routable, private IP address are determined to be indicative of a drive-by pharming attack, and are blocked from sending to the router. HTTP requests not identifying a referrer URL corresponding to a routable, public IP address and a target URL corresponding to a non-routable, private IP address, the HTTP request are not determined to be indicative of a drive-by pharming attack, and are released for sending to the router. In some embodiments, an HTTP response received in response to a released HTTP request is proxied prior to release to the web browser. An HTTP response having content of type text/html or script is modified as indicated to prevent malicious activity and released to the web browser.

Abstract: A parental control system is used to verify the identity of parents, based on children's instant messaging aliases. A plurality of verified parental accounts is maintained, each of which includes the identity of the parents and their children, including the children's instant messaging aliases. When a first child wishes to electronically communicate with a second child, s/he makes a request which includes the second child's alias and additional information identifying the target party. Only if an account containing the alias is found and the additional information can be verified, an identity verification request is transmitted, disclosing the identity of the first child's parents, and requesting reciprocal identity verification. Only if the second child's parents disclose their identity is the instant messaging between the children permitted.

Abstract: A parent defines friend rules for on-line association with their child. Upon a request of an on-line stranger to be a new friend of the child, stranger information about the on-line stranger is retrieved and compared to the friend rules to determine whether the stranger is allowed, blocked or restricted from being a friend with the child. Accordingly, the parent only has to use a minimal amount of time in establishing the friend rules to protect the parent's child from on-line strangers.

Abstract: Nonsense words are removed from incoming emails and visually similar (look-alike) characters are replaced with the actual, corresponding characters, so that the emails can be more accurately analyzed to see if they are spam. More specifically, an incoming email stream is filtered, and the emails are normalized to enable more accurate spam detection. In some embodiments, the normalization comprises the removal of nonsense words and/or the replacement of look-alike characters according to a set of rules. In other embodiments, more and/or different normalization techniques are utilized. In some embodiments, the language in which an email is written is identified in order to aid in the normalization. Once incoming emails are normalized, they are then analyzed to detect spam or other forms of undesirable email, such as phishing emails.

Abstract: Hardware independent performance metrics for application tasks are assembled and submitted to a central repository from multiple installations in the field. These metrics are requested by and provided to specific computing devices, and used to calculate expected performance times for given application tasks on specific hardware configurations. Computing devices can automatically identify performance problems by comparing actual performance times of application tasks to calculated expected performance times. Events that take longer than expected to execute indicate a computing device performance issue.

Abstract: Applications are instrumented to gather usability information. The gathered usability information is analyzed. This analysis can identify, for example, unused or infrequently used features, very frequently used features or features that users have trouble utilizing. Based on the analysis, determinations are made as to modifications to make to the applications. The modifications can be executed by the same instrumentation used to gather the usability data.

Abstract: A computer-implemented method for determining file classifications. The method may include determining identification information of a first file stored on a first computing system. The method may also include querying a second computing system for classification information by sending the identification information of the first file to the second computing system. The first computing system may receive, in response to the query, identification information of a second file. The first computing system may also receive the classification information. The classification information may indicate that the first file and second file are trusted. The first computing system may use the identification information of the second file to determine that the second file is stored on the first computing system. The first computing system may also apply the classification information to the first and second files by excluding the first and second files from a security scan.

Abstract: Methods, apparati, and computer-readable media thwart a phishing attack on a recipient of an electronic message by intercepting the electronic message; extracting a sender domain name from the electronic message; identifying remote links associated with the electronic message; comparing the identified remote links against a pre-established set of acceptable domains, using the extracted sender domain name as an index; and when at least one extracted remote link is not found in the pre-established set of acceptable domains, preventing the message from being delivered to the recipient.

Abstract: Successful logins are distinguished from unsuccessful logins, and only when a login is successful are the user's login credentials stored and associated with the appropriate login page. Attempts by a user to login to a login page with a set of login credentials are identified. It is determined whether an attempt to login to a given login page with a set of login credentials is successful. If the attempt by the user to login to the login page with the set of login credentials is successful, the set of login credentials can be stored and associated with the login page. If the attempt fails, the credentials are not saved.

Abstract: Methods, apparati, and computer-readable media for regulating a user's access to a Web page. A method embodiment of the present invention comprises the steps of hashing (31) a URL associated with a Web page requested by the user; comparing (32) the hashed URL with a list (24) of pre-stored URL hashes; and granting (34) or denying (37) access to the requested Web page based upon results of the comparing step (32).