We're on the tail end of the summer vacation season, which according to the FBI is one of the peak periods of home burglaries. Chances are good you're about to head out of town, leaving your dwelling to fend for itself against intruders.

Got a house sitter or an alarm system? Good for you. If not, there are a handful of ways to turn a computer into a tool that will alert you if someone's there who shouldn't be.

For the sake of this guide we're keeping things simple and limiting our list to free apps that work on PCs, Macs, or both. A few simply use your browser. Later on we also have a section on specialty hardware that can take you beyond what most Webcams are capable of.

Software can offer a definite piece of mind over browser-based solutions. Most of these apps can run quietly in the background, and can save footage to your hard drive for archiving. High-end Webcams often come with their own security software, so in the spirit of this guide, we're going with generic software that should work with any model:

Yawcam (PC) Yawcam is free and PC-only. It's a complex program but not too complex to set-up. The app lets you set whether you want to capture all of the motion within the frame or just a part of it. I used it to track motion in a specific part of my workplace: CNET colleague Rafe Needleman's office door. Any time he came in or out of his office it took a photo. At home this is more useful if you point it toward something like a door or entry way, which can keep it from picking up one of your pets moving around.

The app does an exceptional job at letting you pick various ways you want to be notified. You can have it upload screen shots to an FTP site or as an e-mail. It can also play any sound on your computer, or start another program (such as a lock-down or keyboard locking application).

I set mine up with Gmail, which was a snap. You just have to have plug in the outgoing settings on Google's help page and it will send a high-quality screen shot of whatever motion it's captured just a few seconds after it happens. Using this with your phone's e-mail address will give you a live alert and a saved copy of all the shots in Gmail's sent folder.

HomeCamera (PC) This software runs a streaming video client that can be accessed from any computer with a browser. You can view either live video or snapshots that can be taken at intervals or on-demand. HomeCamera's secret sauce is… Read more

LAS VEGAS--Two researchers from Israeli security firm Radware have figured out a way to trick computers into downloading malware or take over a computer by hijacking the communications during the update process for Skype and other applications.

About 100 applications, many among the most popular on CNET's Download.com, can be targeted, said Itzik Kotler, team leader of Radware's security operations center, before his presentation here at the Defcon conference.

Kotler and colleague Tomer Bitton are releasing a tool called Ippon (which means "game over" in Judo) that enables the attack and offers a 3D view … Read more

At about 8 a.m. PDT Friday, Firefox crossed the billion-download threshold--a notably large number for Mozilla's open-source Web browser but one that doesn't tell the whole story.

Firefox fans love their statistical milestones, and Mozilla enjoys fanning the flames by providing plenty of opportunities for self-congratulation. In 2008 was the Firefox Download Day, with more than 8 million downloads in 24 hours. Next came the Firefox 3.5 debut and its download tracker.

And now we have the billion-download figure on the Spread Firefox site. That includes updates people have fetched deliberately, not automatic updates, Mozilla said. … Read more

Alex Kochis, Microsoft's director of Genuine Windows, posted a blog late Thursday addressing the "leak of a special product key" of Windows 7 RTM (release to manufacturers). This confirmed the rumor on Tuesday that an ISO file of Windows 7 RTM sent to Lenovo that contains a master key--a number used to verify the authenticity of the software--was leaked to the Internet.

According to the blog, "The key is for use with Windows 7 Ultimate RTM product that is meant to be preinstalled by the OEM (original equipment manufacturer) on new PCs to be shipped later … Read more

LAS VEGAS--In one of a handful of SMS-related presentations here at the Black Hat security show, researchers demonstrated on Thursday how they can force certain types of smartphones to visit a malicious URL or install an app without user approval.

The vulnerability only affects phones that have been misconfigured by the original equipment manufacturer so that they accept any message sent through WAP Push (Wireless Application Protocol), a service that runs on top of SMS, said researcher John Hering.

WAP Push messages should only be accepted when sent by a trusted party such as the mobile operator, said Hering, chief … Read more

LAS VEGAS--Researchers at the Black Hat security conference on Thursday showed how an attacker could spoof a type of SMS message that appears to be sent from the carrier or some other trusted source.

This attack on MMS (multimedia messaging service) messages, a type of SMS message, could allow an attacker to trick the recipient into visiting a malicious Web site or ultimately do something else to harm the phone or steal data.

The attacks work potentially on any type of phone that is MMS-enabled and operating on Global System for Mobile communications (GSM) networks, said Zane Lackey, a senior … Read more

LAS VEGAS--Two researchers have separately uncovered flaws in the way domain names are verified on the Internet that could allow attackers to impersonate a site and steal information from unsuspecting Web surfers.

Dan Kaminsky, who discovered a serious flaw in the Domain Name System (DNS) last year, and Moxie Marlinspike gave presentations at the Black Hat security conference on Wednesday about how someone could acquire certificates for domains they don't own and thus trick people into visiting those illegitimate sites or inadvertently sharing information.

Marlinspike, an independent researcher, said a flaw in the way browsers and mail clients implement … Read more

LAS VEGAS--Researchers have discovered a way to take complete control over an iPhone merely by sending special SMS messages and demonstrated it on my iPhone at the Black Hat security conference on Wednesday.

Although an attacker could exploit the hole to make calls, steal data, send text messages, and do basically anything that I can do with my iPhone, the researchers were kind and merely rendered it temporarily inoperable.

Here's what happened: While I was talking on the phone to Charlie Miller, his partner, Collin Mulliner, sent me a text message from his phone. One minute I'm talking … Read more

LAS VEGAS--You can take the man out of Google, but you can't take Google out of the man.

While working as chief information officer and vice president of engineering at Google from 2004 to 2008, Douglas Merrill oversaw the search giant's internal IT systems. He left to be chief operating officer of new music at EMI, marrying his professional ambitions with his love of music.

At EMI, employees used Exchange Calendar, which uses a "painful remote-access methodology," he said in a keynote speech on Tuesday at the Black Hat security conference.

"I paid my admin … Read more