How fast is your internet?

Both of these connections came from the speed test at http://www.speakeasy.net/speedtest/.

 . This work by Bill Barnes is licensed under a Creative Commons BY-NC-SA 3.0 US License. Permissions beyond the scope of this license may be available at http://zaitech.com/satellite/contacts.htm.
(c) 2011 Bill Barnes - Disclaimer - Home Page - Blogs Home

Are you sure you want to buy Windows 8 as soon as it comes out?

I've been using a dedicated retail computer as a file server since I discovered network file sharing some 20 years ago. For over half that time I've done the same for my clients (businesses with less than 10 - usually 1-3 - users).

The primary server need for a small business is file sharing. Everyone sees all the same files (depending on access restrictions) in the same drive letter and folder. There's no concern for versioning when documents are emailed around the office. Most critically for the sysadmin, backup is centralized.

No, you don't get local Exchange, some server-installed apps, or automatic workstation imaging. You do get reliable and versatile data storage and hugely simplified administration. And migrating your data to a new server is a matter of copying one folder, configuring users, and repointing shares.

If you think I’m just an old curmudgeon advocating this for everyone, here’s someone else who agrees. Here’s a good article on establishing a small network file server.
http://windowssecrets.com/top-story/a-cheap-effective-home-server-using-windows-8/

Convinced? Now the pull-back. If you think the Win8 features fit you to a “T”, you may want to wait until next summer. This post raises with good warning the point that we should never rush critical services to a new environment.
http://windowssecrets.com/forums/showthread.php/149213-A-cheap-effective-home-server-%E2%80%94-using-Windows-8?p=870808&viewfull=1#post870808

No phishing

Did that email really come from my bank, or is it just a good imitation? Phishing is a message that purports to come from one source, but actually comes from a bad guy; usually trying to steal your valuable personal information.

Last month we discussed ways to recognize whether an email was probably legitimate. Here is an example of a good email I received from one of my financial institutions.

First of all, notice that I have disabled automatically showing pictures in email I receive (green circle). The critical content of the message is completely contained in text. Pictures can hide links or silently allow the sender to track that you actually opened the email and might be susceptible to more like this. Sloppy phishers may also use pictures wholesale to copy the look of the legitimate mailer rather than recreating the text from scratch.

Secondly, there are only two places (red circles) where they give you the specifics to contact them: one is a phone number and the other an email address. Neither of these contact points asks directly for your personal information.

As a reminder of good practices, the central part of the message advises you to type their website into your browser - no links to hide a bad connection - and log on to your account.

A few other financial institutions use similar good practices to send you critical information. Others - credit cards are notoriously bad - wrap their status updates around a myriad of pictures and links. Some of these links may not even go back to the sender, but to advertisers or other third parties. That type of email may be acceptable for a newsletter, but don't ever log in to your account from a link in a congested email.

Read more
Windows Secrets article on "Whether Windows is safe for banking"

And then, there's a bad email from a financial company:

 

 . This work by Bill Barnes is licensed under a Creative Commons BY-NC-SA 3.0 US License. Permissions beyond the scope of this license may be available at http://zaitech.com/satellite/contacts.htm.
(c) 2012 Bill Barnes - Disclaimer - Home Page - Blogs Home

The internet will die tomorrow!

Panic!
The internet will die tomorrow! (Monday July 9, 2012)

Maybe. But not likely for you. For 0.02%(1) (that’s 1 in 5,000) users in the world. Only 27%(2) of the total are in the US and since the US has a high percentage of users; your chances are even lower.

What happened?

A few years ago some bad guys infected some users and changed their DNS settings. The DNS system tells your internet connections where to go when you type an address such as “google.com” in your browser. Rather than using the master DNS servers, an infected computer gets its directions from the bad guys’ servers. When you typed “google.com” (or any normal address), they would actually send you to Google. However, when Google sent your browser back to pick up an ad, they would insert the destination to their own ads so they made money.

Pretty soon the global police forces found the bad guys and took over their system. But they realized if they shut it down cold no one who was infected would get to Google when they typed “google.com.” So … our FBI has, for several years, paid a private company to run the bad guys’ servers and to serve up correct information.

Why will the internet die?

Now the FBI has stopped paying this bill and 250,000 computers won’t be able to find Google, or any other named domain, until they fix their settings.

Am I infected?

Probably not. See the first paragraph above.

A site that will give you a quick “yes” or “no” is at www.dns-ok.us, but with some caveats. The FBI also has a 6-page .pdf(3) explaining how to check your own DNS settings. It’s tedious, but detailed enough that anyone reading this can follow. It also points out that your computer can have an apparent safe setting while your router is infected.

References

(1) – Article on Time Techland.
The best non-tech explanation I saw.
http://techland.time.com/2012/07/06/dnschanger-no-the-internet-isnt-shutting-down-on-monday/

(2) – Infection count by country, as of 6/11/12

http://www.dcwg.org/top-dns-changer-infections-by-country/  
Spreadsheet of percent by country
http://bit.ly/PC3-DNSchanger

(3) – The FBI post
http://www.fbi.gov/news/stories/2011/november/malware_110911/DNS-changer-malware.pdf

 . This work by Bill Barnes is licensed under a Creative Commons BY-NC-SA 3.0 US License. Permissions beyond the scope of this license may be available at http://zaitech.com/satellite/contacts.htm.
(c) 2011 Bill Barnes - Disclaimer - Home Page - Blogs Home

Should I open this email?

Should I open this email?

A client asks:
I received an email from someone I don’t recognize. The email had an attachment (document) he wanted me to evaluate. Do I dare open the attachment?  Is there any way I can do so and guarantee it is not a virus? 

Basically, no. You can’t guarantee it’s benign.

In this sort of circumstance, either as sender or recipient, I try to validate the legitimacy of the contact. In the text of the email I identify myself and the attachment by filename and size. Sometimes I will make non-email contact to alert the recipient or verify the sender. Unless you or the data on your system are particularly high value, it’s unlikely a random attack would take the effort to pass these tests.

If you can’t make this “out of band” contact and still want to open the message or its attachment, there are some unilateral assessments you should make first. Start with the anti-spam / anti-phishing / anti-virus triggers you apply to every subject line, message, and attachment.
In the preview, before you open the email:
•    Are you expecting this?
•    Do the From and To addresses look reasonable. For example, do names look random or made up, are there multiple similar addressees at the same domain, or is your exact address missing from the list? If it makes reference to an account, especially a financial account, and is not directly and exclusively addressed to you; it’s probably a phishing attack.
•    Is the subject line meaningful and relevant?
•    If it refers to an “issue with your account;” does it identify the account or describe the problem?
•    Does the content apply to you? (Immediately trash a notice from BigBank if you don’t do business with them.)
•    Do the grammar, writing style, and content ring true to the request? If it comes from someone you know, do the style and content match what they usually send?
•    Are there excessive links and do they connect to what you expect? Hover your mouse over the link and look at the entire URL. Work back from the first “/” after “http://.” A link of “http://BigBank.com.BadGuys.ru/...” will actually take you to BadGuys’ site. While you’re looking at the links, pay attention to the top level domain (TLD). That is the letters left of the “/” until you hit a period – classically “.com” or “.org.” The “.ru” in the example above refers to Russia; along with China, a common starting point for malware. This is a minor indicator as bad guys can buy a .com and good things can come from unexpected countries such as bit.ly (a useful URL-shrinking service), where the “.ly” stands for Libya. (http://en.wikipedia.org/wiki/List_of_Internet_top-level_domains#Country_code_top-level_domains)
•    Are the attachment’s name and file type what they appear to be? It’s an old trick to name the attachment “CuteKitty.jpg” and then pad the name out with many spaces before giving the actual functional name of “…virus.exe” which falls off the edge of the page.
•    Is it delivered primarily as pictures? Your previewer should be set not to download pictures automatically, but only on your request. Downloading the pictures can deliver malware and return significant tracking information about you. If you can’t comprehend the gist of the message from the text it doesn’t deserve further analysis.
•    Look at the source of the message. In Microsoft Office (retail) Outlook, right-click on the message and choose View Source. This is very geeky and includes a lot of garbage; but, with experience, you may be able to spot something suspicious. Backtracking the internet headers is even more obscure, but can reveal that the sender is not who he appears to be.
•    Did it pass your up-to-date virus and spam checker? Antivirus programs often remove the malware attachments and deliver a message that contains very little text. There’s usually a good reason for it to be labeled spam.
•    Right-click the attachment and save it to a temporary folder on your computer or sacrificial thumb drive. Run an on-demand virus check on it.
•    Be sure all your viewing software is up-to-date. There is often a “check for updates” option under the Help or Tools menu or you can go to the publisher’s website. Especially visit adobe.com, java.com, and microsoft.com at least monthly to check for updates for Adobe Reader, Flash Player (hopefully, you’ve never installed Shockwave Player), Java, and Windows.
•    Open the attachment in less common programs. For example, use foxit (www.foxitsoftware.com) for .PDFs rather than Adobe Reader or send office documents to Google Documents (docs.google.com).
•    Open the attachment on a Linux or Apple computer as malware is often (but not necessarily) Windows-specific. You can get a CD to boot your PC directly into Linux. Everything runs in memory and when you reboot there’s no record (and hopefully, no residual evil) from what you just did.
•    If this were a legitimate email and you trashed it without opening would it really cause any problems?

Surf - and email - safe!

Read more:
An example of a "good" email from your bank. 


 . This work by Bill Barnes is licensed under a Creative Commons BY-NC-SA 3.0 US License. Permissions beyond the scope of this license may be available at http://zaitech.com/satellite/contacts.htm.
(c) 2011 Bill Barnes - Disclaimer - Home Page - Blogs Home

Tech Talk - Shared Folders

An enterprise user wants to transfer multiple files to a colleague at another site within the company. Previously I created a folder on our shared drive and told him anything he put there, she could get with a link I gave her. Fast forward a couple months and he asks what that link is, again.

You can map a drive letter on your computer and have it point to a folder on your computer or another computer on your network. That is convenient if you want to easily access a folder deep in your file system or on another computer. But the drive letter is an artificial designation. Your S: drive could be someone else's T: drive. How do you tell them exactly where to find a file?

Here's a step-by-step explanation of where a mapped drive is:

• A mapped drive is a shortcut to a folder on some computer on a network (it could even be your computer).
• Because everyone may map their letters to different locations you need to tell them the absolute location (this is called the UNC – for Universal Naming Convention – location).
• The UNC includes the server name and the share name of the shared folder. The share name may be different from its true name when viewed from the computer it resides on.
• If you look at My Computer, it tells you what folder is mapped to the drive letter; for example: shared on server (S:) (exact format may vary by version of Windows.)
• The first thing before the server name is two backslashes (\\). Each folder is separated by a single backslash. Starting with “\\” tells many programs (such as Outlook) to make this a clickable link.
• Therefore, S:\IT\Temp becomes \\server\shared\IT\Temp. This is called the complete path to the file.
• Note that if there are any spaces or unusual characters anywhere in the path, the entire path must be enclosed in quotes. This is why I am so anal about my naming conventions because even the people who know this often forget it.
  It’s even harder making links to a file accessed through a browser. Don’t even try. If you’re linking to an http: resource rather than a network file, sometimes the browser address bar will replace special characters with their code such as %20 or %2d.
• This only works if you are both on the same or linked networks. You can’t send a link to someone outside the company or your home and have them find a file on your computer or server.

 . This work by Bill Barnes is licensed under a Creative Commons BY-NC-SA 3.0 US License. Permissions beyond the scope of this license may be available at http://zaitech.com/satellite/contacts.htm.
(c) 2011 Bill Barnes - Disclaimer - Home Page - Blogs Home

Google … evil?

According to a recent story, federal investigators are revisiting the question of whether Google Street View did anything wrong when they captured individuals’ WiFi data in the process of taking pictures the view along every inch of the worlds’ roads and streets.

To refresh, Google drives around in funny looking cars with posts sticking out of the roof. On these posts are cameras looking in every direction taking pictures of what you’d see if you were driving down this street. When you’re looking at Google Maps, click on the little guy above the scale slider. These cars also collected data on all the WiFi routers they could detect from the street. Their mobile GPS service can triangulate off these radio signals to give you a more accurate location, just like your cell phone company can find you from which towers are picking you up. In the process of fingerprinting WiFi signals, they also “inadvertently” recorded the data that was being broadcast.

If they scanned through the petabytes of data they might have collected, would they find anything interesting about you? Probably not. Did they steal your banking password? Definitely not. Was this illegal? In my opinion, not under US law. Is Google evil? That’s a point of opinion.

Technical discussion

How does it work?

A WiFi router can be identified by its name and radio channel. You have to verify this information when you go to a friend’s house so you use his internet and not a neighbor’s. By accurately knowing the car’s location, and monitoring the signal’s strength as it moves, Google can get a good feel for where your router is located. Since in most neighborhoods you can detect signals from several to many routers it’s easy to determine where you are; even if it’s not strong enough to get online.

What did they record?

Allegedly, in the process of collecting identifying details, they also recorded everything that was in the air as they went by. The cars are driving down the public street, not doing anything to intentionally invade anyone’s privacy. What they got was snippets of electronic conversations, just as if you were to cruise through a cocktail party in Tokyo.

Would they find anything interesting about you?

Firstly, you’re only picking up a couple sentences from any one in particular so you may hear them asking for another drink or even just stuttering a couple words – nothing malicious there. Plus, most people are speaking a foreign language – just like most WiFi connections are encrypted with their security password.

Did they steal your banking password?

Even more secure than your protected WiFi signal, not only financial sites; but every reputable site uses SSL (https) at least for password protected signs. Services like gMail, Twitter, or Facebook also are or can be accessed through secure SSL.

Was this illegal?

For the life of the wireless industry the rule has been that any signal accessible on the public airwaves is fair game. As long as they don’t try to invade your computer or decrypt or make fraudulent use of what they hear, listening in and recording it is not illegal. Think of the decades of big satellite dishes along rural highways just grabbing the networks’ unscrambled feeds or the celebrities whose cordless (not cell) calls got exposed.

Is Google evil?

Maybe, but not for this misdemeanor. I am much more concerned that my ISP might throttle my internet just because I’m a heavy user. Or that Hollywood is trying to get a fishing license to track down and prosecute anyone for a single, possibly illicit, song or video. Or that the NSA is analyzing a yottabyte (1,000 times the entre global internet traffic for a year) in a $2 billion bunker in Utah.

Let’s give Google a pass this time. And take it as a reminder to be sure your WiFi connection is protected with WPA and a good password.



 . This work by Bill Barnes is licensed under a Creative Commons BY-NC-SA 3.0 US License. Permissions beyond the scope of this license may be available at http://zaitech.com/satellite/contacts.htm.
(c) 2011 Bill Barnes - Disclaimer - Home Page - Blogs Home

Block that cookie - more than you want to know

Please come back soon for more details.




 . This work by Bill Barnes is licensed under a Creative Commons BY-NC-SA 3.0 US License. Permissions beyond the scope of this license may be available at http://zaitech.com/satellite/contacts.htm.
(c) 2011 Bill Barnes - Disclaimer - Home Page - Blogs Home

Block that cookie

Note: The tips that follow reference one or all of Firefox, Google Chrome (Chrome), or Microsoft Internet Explorer (IE). Other browsers probably have similar features; but when I say “all,” I’m referring to all of these three. Examples come from recent versions of the browsers: Firefox 11, Chrome 18, and IE 8.

The good news is that you should be able to ameliorate a lot of the techniques to track you that web sites use. Much internet tracking is based on good old-fashioned web (html)  cookies. It’s easy to block cookies. Unfortunately, being followed by cookies is also vital to much of the productivity of the internet. They allow sites to remember who you are as you move from page-to-page; for example, from Add to cart to Continue shopping and back. They come in 2 basic flavors: first party and third party. (To find out about first and third parties, read our next post.) First party cookies are good to OK; but you might think twice about third party.

The easiest and most powerful way to protect yourself from tracking is by using a private browsing session. (instructions: next post). In this case, nothing, about your session stays on your computer when you close the browser. You can’t come back to a search or be automatically logged in at any site. You should always use private browsing on a computer you don’t control.

If that is too aggressive, your browser can control what it does with cookies. With greater or lesser ease (instructions: next post), you can usually tell the browser to block all cookies or only third party cookies. You can also accept cookies but tell your browser to throw them away at the end of the session. This gives you the advantages of using cookies; but websites won’t know about you the next time you go there. FireFox also allows you to choose your action for every cookie you’re given. This gets tedious fast, but is revealing as to how pervasive cookies are.

Another option is to choose a browser that you never sign to a site or fill out a form. Use another browser for your shopping, Gmail, or social networks. Financial transactions ideally should be transacted only in a private session. Although you trust your financial institution; you may be logged in, either temporarily or permanently, to another site which might benignly or maliciously have a small chance of tracking you there.

Unrelated to cookies; if you follow a link to a site, it knows where you came from and, if a search engine, what the search terms were. So if you got here by searching “Block that cookie” on Bing; Blogspot (a Google service) knows that. Although this form of tracking is relatively benign and primarily used by a site to fine tune its own advertising, you can avoid it by not clicking the link, but type it into another browser.

On the other hand, there are ways that your computer may be tracked that don’t rely on html cookies or a specific browser.



 . This work by Bill Barnes is licensed under a Creative Commons BY-NC-SA 3.0 US License. Permissions beyond the scope of this license may be available at http://zaitech.com/satellite/contacts.htm.
(c) 2011 Bill Barnes - Disclaimer - Home Page - Blogs Home

Are You Following Me?

Did you read Google’s new privacy policy as of March 1? Nope, neither did I.

The primary piece of news is that Google is now consolidating tracking information from all of their services. This means you have the same login, profile, and preferences for Gmail, Google Apps, YouTube, and more. That’s not scary – since before Google was a college project; AOL and Microsoft, among many other services, have had a single login so your mail and instant messenger shared contact lists.

What is scary is that Google can consolidate your information across sites that you don’t log in to explicitly or sites you don’t realize are part of the Google family. For example, if you read a blog about the Parthenon on Blogspot and search for information on passports; the next time you check your mail you may see ads for Mediterranean cruises.

This is because one web service can track you across multiple websites. Since ads on many websites may come from the same ad server, you can be tracked even if the address you enter is a completely unrelated to any other place you’ve been.

Many web services pay close attention to where you came from, what you do, and where you go to build a profile of you. The more they know about you, the more valuable you are to advertisers and the more they can charge. (They’re not necessarily identifying you as a person by name and credit card number, but you as a 45-55-year-old male in a large southern city with 2 kids in college and an income over $80,000.)

However, if you’ve been logged in to a site that tracks you – such as Google – then they can tie your information to a real person with a name, address, credit card number, and possibly other details you’ve given them or their partners. They may not use all that information, but it makes your ads – and search results – more focused. (It may also make your search results less diverse. If you have previously selected the Washington Post, you may never again see a result from Fox News.)

I’m not picking on Google exclusively. Google just happens to be the biggest target today. I am less concerned being tracked by Google than I might be by a lot of other services.


The good news is that you should be able to ameliorate a lot of the techniques to track you that web sites use. Keep reading here:

But if you really want to be scared about tracking, your smartphone itself and many of the apps you’ve installed may be able to track you – not on the web, but in real life. And at the moment, there may be no way to control that tracking while still taking advantage of the reasons you got a smartphone.


 . This work by Bill Barnes is licensed under a Creative Commons BY-NC-SA 3.0 US License. Permissions beyond the scope of this license may be available at http://zaitech.com/satellite/contacts.htm.
(c) 2011 Bill Barnes - Disclaimer - Home Page - Blogs Home

Malware scanner

Worms and trojans and viruses – Oh my! But beware the insidious rootkit, my child, because it is . If you get a rootkit, it burrows deep into your system and disappears. Only a program specially designed to look for it will find it.

Microsoft has recently introduced the Microsoft Standalone System Sweeper (MSSS) that will, among other things, find and kill those pesky rootkits. Get the program at http://windows.microsoft.com/en-US/windows/what-is-windows-defender-offline.

MSSS is used a little differently than other one-time scans you’re familiar with such as MalwareBytes. It creates it’s own bootable CD or USB drive and you run it outside of Windows. It does this so it can find rootkits which, by definition, are hidden when Windows is running. If you actually bought your antivirus program on CD, it probably can do this; except MSSS is a little different (at least since I last had an AV CD). It doesn’t offer, but requires, that you update your definitions before running a scan.

Go to the download page and choose whether you want 32-bit or 64-bit. This button runs a downloader that gives you the option to create a bootable CD, bootable USB thumb drive, or download an ISO (Fig. 1). I’ll tell you what to do with an ISO next month; but until then, save yourself a lot of trouble and choose one of the other options.

Fig. 1. The MSSS downloader menu (this image may have changed).

I decided to try MSSS out on my file server. When it runs a full scan – the default your first time – it alerts you the scan could take hours. Sure enough, after 4:52:42, it reported the number of “resources scanned” was 3,520,572!

Admittedly, my single C: drive runs about 350 GB (there’s a lot of client files I really should throw away). The program looked inside compressed files, naturally. It also looked inside downloaded .ISO CD images. To my surprise, it looked inside some Outlook .PST files to find a virus in the attachment of a piece of spam.


This work by Bill Barnes is licensed under a Creative Commons Attribution-Noncommercial-Share Alike 3.0 United States License.
Permissions beyond the scope of this license may be available at http://zaitech.com/satellite/contacts.htm.

Book Review

Review - Zero Day

Sex. Murder. Corrupt, bumbling bureaucrats. The Russian Mafia. The fate of the Western world. Hunky nerds and beautiful geeks.

Zero Day by Mark Russinovich has them all. It also has worms and viruses and rootkits – but you don’t have to know any more about them than that if your computer has them, it’s going to be a pain. This book is a can’t-put-it-down thriller until you start thinking about it. Then it will give you nightmares.

Zero Day starts with a company that is having computer problems. They call in a specialist who discovers that their servers have been infected with a particularly pernicious piece of malware. While he’s trying to get the company back in business a call from a colleague at the Department of Homeland Security lets them realize they both are vexed by someone known as “Super Phreak.” Could this be the harbinger of cyberwar? And one with an auspicious starting date.

Mark Russinovich is a Microsoft Technical Fellow. That is a position for a person who is so accomplished that he has no assignment beyond thinking up new ideas. Computer professionals will recognize him as the creator of the Sysinternals utilities. With names like LDMDump and PsGetSid, these programs allow you to learn things about your computer that you didn’t know existed; including that you have an infection down where your antivirus can’t get it.

Here, in Russinovich’s first novel, he uses his knowledge of what is and what could be to weave a story of what we hope never happens. Without referencing any specific real-life situations (see “Stuxnet”[1]), this is a story one could imagine was pieced together from page 4 of the daily newspaper. An airliner has a rough ride over the Atlantic. A ship runs aground in Japan. A hospital has a medication mixup. A worker dies in an industrial accident. Are these unconnected stories? Only our heroes have the insight to know that they are linked by Super Phreak’s zero day rootkit (you only need to know that’s a computer nasty no one has ever seen before). Since a political appointee is too inept, corrupt, or both to sound the alarm; our heroes have to chase, against the clock, across two continents on their own to save the world.

The first edition I had was marred by some editing errors. (The first chapter opens “Saturday, August 11” and on the next page in bold it refers to “Friday, August 11.” [This was corrected in the online excerpt.] In a faux pas as bad as calling your spouse with your lover’s name; another place refers to the heroine with a villain’s name.)

That said, the story maintains its credulity: travel takes real time, coincidences are fortuitous but not magical, heroes are strong and clever but not supermen. Worst of all, the technology is very real and is installed in any business or is available to any teenage hacker anywhere in the world where the internet is available. The story implies a single set of malware could damage a multitude of systems which, in fact, would have to be programmed individually. However, any of the attacks mentioned could happen any time in the near future – or be happening now.

If you like international political thrillers or if you like technology; you’ll like Zero Day. A pair of PhDs become unexpected agents sufficiently focused on what needs to be done to brush off an assassin’s bullets and to convince an uninvolved Russian to assist them in the course of a taxi ride. Russinovich has set himself up to have created the next Jack Ryan. Let’s hope we can look forward to more cybercrises to befall us. [Zero Day the book has no familial or topical relation to the 2003 or 2007 movies with a similar title.]
------- 

REFERENCES:

The book's homepage
http://www.zerodaythebook.com/
Mark Russinovich
http://en.wikipedia.org/wiki/Mark_Russinovich
Stuxnet
http://www.nytimes.com/2011/01/16/world/middleeast/16stuxnet.html
http://en.wikipedia.org/wiki/Stuxnet
Thanks to my source: Steve Gibson
http://twitter.com/sggrc
http://www.grc.com/securitynow.htm
. This work by Bill Barnes is licensed under a Creative Commons BY-NC-SA 3.0 US License. Permissions beyond the scope of this license may be available at http://zaitech.com/satellite/contacts.htm.
(c) 2011 Bill Barnes - Disclaimer - Home Page - Blogs Home

Malware Alert !

Ransomware. It’s not a new form of malware (ie: viruses, trojans, worms, phishing, spyware, even spam), but neither has it faded into the background over time. Many of my clients needed my assistance after encountering it sometime during 2010. It first came to my attention 3-4 years ago in the form of “AntiVirus 2008.”

The vector is that, after visiting an infected website, a notice pops up on your screen that there is “a problem with your computer.” The “problem” it refers to may be a virus infection, update due, or disc defrag needed. The popup could vary from a poor imitation of a Windows information box to a dead ringer for the Windows Update shield and dialog or a Microsoft Security Essentials notice. Typically it uses spyware tricks to reload even after you’ve left the website or rebooted the computer. Usual Windows close window buttons in or on the window are often ineffective and you can only get it off your screen by right-clicking its icon on the taskbar. The window advises “click here” to resolve the problem – but beware! – clicking anywhere in the window could run the program. Then you’re in trouble!

You asked the website to install a program. It doesn’t need a rootkit or worm to run the malware. You asked it to install. Check out a full discussion of the process at http://windowssecrets.com/top-story/lizamoon-infection-a-blow-by-blow-account/.

Once the ransomware is installed, it locks up your computer only allowing you to go to their website to undo the damage. Of course, the “repair program” costs $20-$150. If you don’t shell out, it may have already encrypted your hard drive or it may corrupt your data before you can stop it.

Luckily, most of my clients contacted me and did not actually install the program. While they couldn’t get rid of the popup, I could log on as an unaffected administrator and squash it with a System Restore and multiple malware scans from different sources such as antivirus vendors, Malwarebytes, and Microsoft Malicious Software Removal Tool. Between alert refusal to install the program, antivirus scans, storing data on a server – not an active client computer – and backups; only one home user lost significant data. Everyone lost significant time and incurred the expense of my services.

. This work by Bill Barnes is licensed under a Creative Commons BY-NC-SA 3.0 US License. Permissions beyond the scope of this license may be available at http://zaitech.com/satellite/contacts.htm.
(c) 2011 Bill Barnes - Disclaimer - Home Page - Blogs Home

Telephones over the internet

I get requests for suggestions on technical topics. A client was wanting to dump her home phoneline from the old-time provider. Here are some ideas of what she can do. The premise is that she has reliable and cost-effective cell service.

As you know, there are dozens of options to connect broadband internet and phones. If you want to ditch the phone company, here are some services I use and recommend.

Google Voice (http://voice.google.com/).
They give you a number and you can direct that number to ring one or more of your registered phones. You can apply rules including time-of-day filtering such as family goes to Sis, business to Mom, friends can be screened before picking up, unknown callers go to voicemail, etc. Receive voicemail as an email attachment or transcribed to txt. Documentation is Google-sparse.
Basic service free but lots of penny and nickel features available. No computer needed.

Skype (http://skype.com/)
Primarily a computer-to-computer service but you can buy connections in and/or out of the classical phone system. They sell tons of accessories including handsets so you’re not tethered to the computer. With decent broadband, excellent quality service – radio stations use them. Some are stant-alone and, presumably, give you a Skype connection anywhere you can get open WiFi.
Basic service free but lots of penny and nickel features available.

Vonage (http://vonage.com/)
This is the service I’ve used for 7 years, but am currently a little down on. I can’t document whether my service issues are related to Vonage or my ISP. They try to be a full function phone company replacement that you plug directly into your current house phone wiring and use all your classical equipment. They have some call management features similar to Google.
Our “$17.99” plan bills out about $25. No computer needed.

Here are some other services that I know about, but have never used.

Your ISP
All the internet providers (include the phone companies) are trying to sell you phone services. They offer the reliability you’re used to from a single source for prices you’re used to paying.

Magic Jack (http://magicjack.com/)
This is sort of a hybrid of Skype and Vonage. Plug an adapter into your computer and plug your house wiring into the adapter. Last I looked at it, they seemed a little sleazy in terms of pushing ads at you, etc.
Always-on computer required.

Packet 8 (http://www.8x8.com/)
I’ve never looked at them, but a (cheap) associate dumped his Skype dial-in/out for them. At first glance, they seem to sell full-featured phone systems to home or small businesses.

Being based in 21st century technology rather than 19th, all these services provide for free the upgrades the phone company has been making their profits off of for 30 years. Things like voicemail, voicemail notification, caller ID, conference calling, free long distance, ultra-cheap international calls, and more. Except for Vonage, most of them don’t add all the extra charges at the bottom of your classic phone bill.

Most of the services can transfer your current phone number. I always recommend letting them assign you a number until you’ve tried them for a couple months. Then you can transfer the number you’ve had for 25 years.

The downside is that, except for your ISP, they’re all separate services that you have to buy, install, and configure yourself. As far as I know, only Vonage and your ISP support 911. Support and reliability may be iffy and they are dependent on getting power out of the wall.



. This work by Bill Barnes is licensed under a Creative Commons BY-NC-SA 3.0 US License. Permissions beyond the scope of this license may be available at http://zaitech.com/satellite/contacts.htm.
(c) 2010 Bill Barnes - Disclaimer - Home Page - Blogs Home

This blog has moved

This blog is now located at __FTP_MIGRATION_NEW_URL__.
You will be automatically redirected in 30 seconds, or you may click here.

For feed subscribers, please update your feed subscriptions to
__FTP_MIGRATION_FEED_URL__.

eBooks

Forever (that is, 16 months) I have scraped articles off the web and downloaded them as text to my smartphone to read while I waited for carryout - or anywhere else I had minutes to kill. These are handy and comfortable to read on the 2.3" screen except the system doesn't hold my place and I have to scroll down to continue every time I get interrupted.

I recently took a trip and was anticipating 30 hours in transit and 6 plane changes. Naturally, I wanted to travel very light and not lug the stack of magazines that is my usual diversion. On my trip, since I carried a different phone (because of coverage), I downloaded a couple books to my old PDA so I could have entire novels on a 3.5" screen at 10 oz (including charger). This worked perfectly as I read one book on the way out and finished the other on the way home. I had the books I wanted, not whatever was in the airport newstand, and still have them when I got home. Incidentally, in the same pocket; I carried my contacts list, schedule, ticket and event confirmations, MP3 player, backup memory for my photos, notepad, and calculator.

Digital journalism was a natural fit for the personal computer as soon as the web was a widespread distribution medium. Music became virtual in a big hurry, followed by movies and television. Books without paper will be the next traditional medium to fall.

Actually, Project Gutenberg started to digitize books in 1971 with a goal of distributing and preserving out-of-copyright books. In 2004, Google announced it would partner with prominent libraries to digitize entire collections. Other, less prominent, projects are also working to turn literature into bits.

The market problem has never been content. Whether Gutenberg's 30,000 titles or Google's 7,000,000; the real question is who wants to drag their computer into bed with them and read off a screen. Whether the morning newspaper, or War and Peace, a computer does not have the familiarity and versatility of dead trees. Often there are also issues with the presentation be they intrusive advertising; fixed size and length of text that may not be comfortable on your screen; or scanned images that aren't text, and may not be sharp either.

For content that is expected to be read offline, resourceful people have always been able to move it to a PDA such as a Palm or Windows handheld. More recently with the introduction of E Ink ; Sony, Amazon, and now, a host of other companies offer a reader that is, not an exact replica, but competitive in feel to a paperback book. And Apple, this week, promise to up the market with their iPad which features a full-color touch screen instead of the gray-on-gray of the current generation of E Ink. (Disclaimer: I have not actually seen or held dedicated readers. My comments are hearsay.) At least as significantly, most of the device vendors include a store to buy the books. Not only can a non-geek now get a device to read books and periodicals but they can also load it up with content as easily as they load their MP3 player with music.

When Amazon introduced the Kindle in 2007, it included a revolutionary flat-rate price of $9.95 for best sellers. Naturally publishers were not happy with this 50%-60% or more discount off the usual cover price for books on paper. But consider that mass-market books rarely sell for list. Also, there is no marginal cost for each additional copy of the book sold. If a $25 book wholesales for $10 and costs $6 to produce and distribute; plus another, maybe, $2.50 for the author; the publisher will get $1.50-$4.00 clear profit per copy. They can make the same profit by sending the electronic manuscript furnished by the author or editor to Amazon or any other distributor for $5-$7 for each copy sold. Even if the sales are totally cannibalistic, the publisher has nothing to lose. (Here, Apple threatens to break the model by allowing the publishers to set their own price - which is the opposite of what the iTunes store did in 2000.)

Although each device is linked to its own bookstore, they are also multipurpose. They can display content in other, generic, formats and play MP3s. Some may have software to read a book out loud. Some may have a wireless connection for content and web browsing while others have to be linked to a computer to upload books. And using a PDA, smartphone, or netbook as a reader may offer other computer features such as a calendar, contact list, or writing and calculating tools.

Most book formats, especially paid ones, can be resized and automatically reflow according to your visual needs. For example, what might be a 325 page paperback was 411 "pages" on my PC and 1934 "pages" on my PDA. You also may want to consider features that enhance the readability. These might include placemarkers, search capability, ability to add notes, and the ability to move books to another device or share them with friends. Even the quality of how the table of contents or index links into the book can affect your experience.

If you want to dip your toe into ebooks, a web search will turn up a plethora of sources for books in a variety of formats that you can read on a laptop or smartphone you already own. Then you can decide whether you want to buy a dedicated device or go back to paper. If you read 2 books a month, you might be able to recover the cost of a Kindle within a year; plus you won't have to build another bookshelf or run to the consignment store.

One site I've gone to experience ebooks is SciFi-AZ.com where the author self-publishes his books in a variety of formats. Try it out for yourself!

. This work by Bill Barnes is licensed under a Creative Commons BY-NC-SA 3.0 US License. Permissions beyond the scope of this license may be available at http://zaitech.com/satellite/contacts.htm.
(c) 2010 Bill Barnes - Disclaimer - Home Page - Blogs Home

Lost

Problems come in bunches – or maybe they’re always there in the pantheon of problems and I recognize a “bunch” when it’s time to write this letter. This week I’ve gotten a number of calls where a user has “lost” some information on or in their computer. (Most modern operating systems and many recent program versions automatically install "send to PDF" [or some such term] as a printer available to all other programs. If you're offline, use this to "print" to a file which you can open and print when next you have paper and ink available.)

One user printed a valuable coupon off a website while he was offline. He knew from experience that he would get ink on paper when he reconnected to the printer later. Unfortunately, he printed to a non-existent printer installed on his computer. We can see the job sitting in the queue, but have to figure out how to redirect a document from one printer to another.

Another user depended on a browser to store all her critical websites and passwords. This included a stored-value site where she had a $40-$50 credit available. When a computer glitch corrupted the browser, she had no other record of her logon and the vendor could not (would not) recover her account. (see also https://fromthehelpdesk.blogspot.com/2017/08/the-deal-about-passwords.html)

A user in a 2-person office called to say she had lost the shortcut to a shared folder off her desktop. I set this up several months ago and could not, off the top of my head, tell her exactly where that folder is. My best suggestion was for her to try and figure out the path from the shortcut still on the boss’ computer. Failing that, it would require a service call – tomorrow.

Another manager called (when I wasn’t at their office, natch) to say someone, sometime, had deleted a record from a database. Could I please recover that record from the backup – oh, and he needs it today. The company has a good backup system, but it’s managed by the corporate helpdesk. Restore requests will be processed in 3-5 days. Because at one time they were doing extensive, sloppy, maintenance on this database; I also create a daily backup on my local desktop. Except I can’t easily locate the record they need remotely.

The moral is Think before you do something permanent. If you don’t get immediate feedback from printing a document, be sure you save it so you can reprint later. If you’re going to delete something, go ahead and send it to the Recycle Bin. Storage is, generally, cheap and there’s no harm in waiting a couple months before actually deleting it. You can go to the Recycle Bin (or your mail client’s trash) and wholesale permanently delete older items some day while you’re waiting on hold. And if you're changing a database (or a complex document that functions as a database), template, or configuration; save a copy before you make extensive changes.

. This work by Bill Barnes is licensed under a Creative Commons BY-NC-SA 3.0 US License. Permissions beyond the scope of this license may be available at http://zaitech.com/satellite/contacts.htm.
(c) 2009 Bill Barnes - Disclaimer - Home Page - Blogs Home

I hate getting a new computer

Mea culpa.

My computer died. About a third of my important data was on that computer, without a recent backup.

Yes, that does happen; even to professionals who should know better.

I spent five days trying to ressurect it before I gave up and decided to start over from scratch. I promoted my test bed to be my primary computer and set this one aside to be rebuilt and used in situations where I’ll never trust it again.

Now I have to go about making “a” computer “my” computer again. Two weeks later, I’m finding significant programs I forgot to reinstall and nothing works exactly like I’m comfortable with. Oh, I did have a backup that was about 6 weeks old. Most of what I will weep over losing was a month-and-a-half worth of emails.

What's missing when you get a new computer?

PROGRAMS

The computer comes with Windows which includes Internet Explorer and Windows Mail for your primary online needs. It probably also included a 30- or 90-day subscription to a security suite. Maybe you bought it with an office program and even a personal finance program. What else could I want for my computer?

The first thing I do is uninstall the bloated security suite and install a cleaner updated antivirus only utility. Then I connect to the internet and run Windows Update.

Now I need a few utilities to work with the computer the way I want. These include Firefox, a compression program such as the free 7zip, a media player such as iTunes, a .pdf reader, and some administrative utilities appropriate to my business. Then come drivers for accessories such as my webcam, scanner, smartphone, and printer. Now I remake my network connections to file storage and printers.

Whew! I haven't even started on the application programs. In addition to an office suite and money manager, I use a graphics suite and a number of tools for web authoring. I'm sure I'll find more programs I need as I use the computer. Fortunately I'm mostly organized and can usually put my hands on the original CDs or downloads and activation keys of my programs.

Now, I've got a functioning computer, but it's not my computer. I keep most of my data on a network drive, so usually I won't have to restore that 100 GB. But some programs such as Outlook Express insist on keeping their data on the local drive, typically in some obscure location you wouldn't think about backing up. Even though I have my Outlook 2007 old mail and contacts data on a network drive, all of its connection settings are integral to the local computer so I have to look up user names, passwords and account settings for a half-dozen email accounts. And don't ask me how much I've personalized Word and Excel. Generally, the more complex the program, the more likely that it saves it's settings and preferences irretrievably in Windows.

Microsoft does offer a couple utilities that purport to help you save and transfer your settings between computers. The Files and Settings Transfer wizard (FAST) collects some important and some trivial Windows settings from your logon password to your desktop color. It also will copy your cookies and favorites from Internet Explorer and the contents of your My Documents folder. The last can take a long time and a lot of disc space if you keep music and pictures, as well as documents, in that folder. I recommend that you point it to a USB hard drive with lots of space. It will not get any data such as I mentioned above that is not in My Documents.

For Microsoft Office, you can also use the Microsoft Office Save My Settings Wizard which is usually in the Microsoft Office Tools folder. It will, with one operation, collect a lot of the more obscure personalizations in Word, Excel, Outlook, and other Office programs.

Both of these wizards apply only to the current user. That means your spouse and kids will have to run it individually. You'll also have to manually move data in Shared Documents. And, of course, they only pick up the customizations in Microsoft programs.

Now that I'm up and running, I can start worrying about hardware productivity features. My new computer did not come with an upgraded video, so I will have to move that from my old computer (if it's compatible) to use dual monitors. Also the keyboard has a slightly different layout that causes me problems. Unfortunately, my old keyboard uses a different connection and I will have to deal with that.

My situation was made more difficult because the old computer completely failed. If you are merely upgrading, you can always go back to the old machine to look at settings or get that template for your letterhead. I was saved, however, by the fact that most of my data is not actually on my computer. Even with a six-week-old backup, there was very little critical data that I lost.

. This work by Bill Barnes is licensed under a Creative Commons BY-NC-SA 3.0 US License. Permissions beyond the scope of this license may be available at http://zaitech.com/satellite/contacts.htm.
(c) 2008 Bill Barnes - Disclaimer - Home Page - Blogs Home

Spring cleaning

Now (even if you're reading this in November) is always a good time to do your computer housekeeping.

The two biggest enemies of electronics are bad power and heat. I covered the concerns of power surges in Storm Season. Where does heat come from and what can you do about it?

Everything you put into the computer generates heat. Every chip, spinning drive, and the power supply all add heat to the environment. And our quest for more and faster just means more heat. A faster CPU, fancier graphics adapter, bigger hard drive, more powerful sound card, even more memory each add their own increment to the heat load.

You can assume that every watt of power you put into the computer eventually ends up as heat after it is finished pushing the bits around. That means if you have a 200 watt power supply, it's the equivalent of sticking a large (incandescent) light bulb inside a metal box. In my childhood, that is how a toy stove could actually bake cookies.

Sometimes that metal box also exacerbates the issue. Open a full-size tower and you'll probably see at least 3 or 4 fans blowing on the various components. But most consumers and many businesses would rather have a compact size and quiet computer. Both of those criteria mean fewer fans and less space for air to circulate around the components. In a laptop, those issues are even compounded, although the components are somewhat more efficient with their use of electricity.

Speaking of quiet, most computers have thermostatic fans. When things inside start getting hot, the fan runs faster. If, all of a sudden, your computer starts making more noise and then quiets again; it was probably your fan putting on a burst of speed. If it always runs at high speed there may be something causing your computer to overheat. By the way, your CPU and hard drive also have thermometers in them and will shut themselves down before they dangerously overheat. There are numerous monitors of your internal temperatures available from any search engine. One that looked promising is available at http://www.almico.com/. (I have not tried it and don't vouch for it's legitimacy - always get your downloads from reputable sources and check them for malware)

Oh, that's right. The title up there is "Spring cleaning." The first thing to do to keep your computer cool is to get rid of the dust inside. Open the case and blow it out. Don't use a standard vacuum cleaner as they generate static electricity. You can buy high-quality "canned air." If you have access to a compressor, you can use that, too, at a moderate pressure. (I manage 150 devices in an industrial plant and blow them out with the building air. I have never had problems related to water or oil that may contaminate this unfiltered air.)

Be sure you have disconnected all the cables (especially the power) before you open the case. Then blow it out and the dust will go flying. I blow in both directions through all the vents and fans and even into the disc drive openings. Lift the shroud over the CPU and blow out all the heat sinks that look like vertical grids of metal.

When you reconnect the computer, check around that it has good airflow in and out of the vents. Keeping it in a closed cabinet will kill it quickly. Some serious power hobbyists have floor fans blowing at their computers to circulate even more air. Making the computer work harder also makes it use more power, so you might consider this tactic if you are into high-end gaming or video rendering that make heavy demands on the graphics system.

And don't feel guilty at all the dust you found. Even in very clean houses I find the computers full of dust. Just be sure there are no snakes or mice wrapped around the chips. (Just kidding, but you can find some scary stories on YouTube.)

Did I get that update?

Patch Tuesday.

Every month Microsoft distributes critical security updates for Windows computers. If you have Windows Update configured to automatically install these updates, it will do so. Unless something goes wrong. Your computer may have been offline. Something may have interrupted the process. You may already have a virus that prevents updates.

Here's how to check that a specific update is installed:

• Go to Control Panel > Add or Remove Programs.
• Check the box Show Updates.
• Scroll down to find the update you want to verify.

What do all those crazy KB numbers mean?

Everything Microsoft does is affiliated with a Knowledge Base article. When the techie community writes about a bug in Windows, they say "this is related to the flaw in KB123456." If an article says "you're toast without update KB123456," you need to check your updates. You can find out more by browsing to support.microsoft.com and searching on the KB number. Maybe you'll find it only applies to some esoteric program you never use anyway, so you don't have to worry.



(c) 2008 Bill Barnes
Disclaimer - Home Page - Blogs Home