Wednesday, July 22, 2015

2015-07-23 WBKV Talking Points


Windows 10
  • You will get updates like it or not
    License agreement: 'receive these types of automatic updates without any additional notice'.
  • Will be sold on USB drives (no need for DVD drive!)
    Seen on Amazon.com's pre-order page; US release date likely August 30th
  • Price for Windows 10 Home $119.99, for Windows 10 Pro $199.99
Adobe Flash player
A seemingly endless saga of bugs and updates.
Per July 20
th you should be at version 18.0.0.209; everything below that is potentially dangerous!
Mozilla on July 20th temporarily blocked Flash Player in Firefox!

This month's Patch Tuesday fixed 59 vulnerabilities

Microsoft stops AV support for XP
Microsoft Security Essentials nolonger updated on Window XP
Yes, there are still about
180 million people using it!

WPA-TKIP can be cracked in an hour!
Check your WiFi setup.
I know many (older?) DSL routers that have ONLY WPA-TKIP; they need to be replaced!

Google Chrome to add RED SCREEN warning
Only for ads with malicious content, known malicious web pages and web sites.

CVS's photo web site hacked and off-line
Other possibly affected firms are Walmart, Costco, Tesco, Asda & Marks and Spencer; they all used Canada-based PNI Digital Media.
I recently tried the CostCo web service and was appalled by it's bad user interface; I ran away real quick.

Hopefully listener calls with questions.

Tuesday, July 14, 2015

Backup - Windows 7 and 8


Please click this link if you are looking for information on Windows 10.

Here are links to articles that should answer most of the questions I get asked about back up.

Windows 7
Build a complete Windows 7 safety net

Windows 8  Understanding Terms
Understanding Windows 8's File History
TechNet: Windows 8 File History explained

Windows 8 Prepare like Microsoft wants it

Microsoft: Set up a drive for File History

Mastering Windows 8's backup/restore system

If you are adverse to Microsoft's built-in tools there are proven free third party backup programs available:
Free Backup programs - Not from Microsoft 
Sadly this otherwise excellent article does not mention Macrium Reflect, an  often recommended free third party backup program.

And here is an interesting discussion about the question where to store the back up:
Internal or External Hard Drive for Backup

And since two customers recently asked about here some words about 
How to back up and restore the registry in Windows

As usual I welcome comments and suggestions right here in the blog. Thank you in advance.

Click here for a categorized Table Of Contents.

Friday, July 10, 2015

Windows 10 Broadcasts Wi-Fi Passwords


Please click this link if you are looking for information on Windows 10.

I "stole" the following VERBATIM from a blog post at The Register. 
If you upgrade to Windows 10 and if you have a wireless home network you better turn Wi-Fi Sense in Windows 10 OFF! 
 Wi-Fi Sense is a feature from the world of Microsoft Mobile (cell phones) that sneakily appears in Windows 10.

Here now the article from The Register:

--------------------------    

theregister.co.uk

UH OH: Windows 10 will share your Wi-Fi key with your friends' friends

30 Jun 2015 at 20:59,
Updated A Windows 10 feature, Wi-Fi Sense, smells like a security risk: it can share access to Wi-Fi networks with the user's contacts.
Wi-Fi Sense has been on Windows Phone since 8.1
Those contacts include their Outlook.com (nee Hotmail) contacts, Skype contacts and, with an opt-in, their Facebook friends. There is method in the Microsoft madness – it saves having to shout across the office or house “what’s the Wi-Fi password?” – but ease of use has to be teamed with security. If you wander close to a wireless network, and your friend knows the password, and you both have Wi-Fi Sense, you can log into that network.
Wi-Fi Sense doesn’t reveal the plaintext password to your family, friends, acquaintances, and the chap at the takeaway who's an Outlook.com contact, but it does allow them, if they are also running Wi-Fi Sense, to log in to your Wi-Fi. The password must be stored centrally by Microsoft, and is copied to a device for it to work; Microsoft just tries to stop you looking at it. How successful that will be isn't yet known.
"For networks you choose to share access to, the password is sent over an encrypted connection and stored in an encrypted file on a Microsoft server, and then sent over a secure connection to your contacts' phone if they use Wi-Fi Sense and they're in range of the Wi-Fi network you shared," the Wi-Fi Sense FAQ states.
Microsoft also adds that Wi-Fi Sense will only provide internet access, and block connections to other things on the wireless LAN: "When you share network access, your contacts get internet access only. For example, if you share your home Wi-Fi network, your contacts won't have access to other computers, devices, or files stored on your home network."
That sounds wise – but we're not convinced how it will be practically enforced: if a computer is connected to a protected Wi-Fi network, it must know the key. And if the computer knows the key, a determined user or hacker will be able to find it within the system and use it to log into the network with full access.
In theory, someone who wanted access to your company network could befriend an employee or two, and drive into the office car park to be in range, and then gain access to the wireless network. Some basic protections, specifically ones that safeguard against people sharing their passwords, should prevent this.
The feature has been on Windows Phones since version 8.1. If you type the password into your Lumia, you won’t then need to type it into your laptop, because you are a friend of yourself. Given the meagre installed base of Windows Phones it's not been much of a threat – until now.
With every laptop running Windows 10 in the business radiating access, the security risk is significant. A second issue is that by giving Wi-Fi Sense access to your Facebook contacts, you are giving Microsoft a list of your Facebook friends, as well as your wireless passwords.
In an attempt to address the security hole it has created, Microsoft offers a kludge of a workaround: you must add _optout to the SSID (the name of your network) to prevent it from working with Wi-Fi Sense.
(So if you want to opt out of Google Maps and Wi-Fi Sense at the same time, you must change your SSID of, say, myhouse to myhouse_optout_nomap. Technology is great.)
Microsoft enables Windows 10's Wi-Fi Sense by default, and access to password-protected networks are shared with contacts unless the user remembers to uncheck a box when they first connect. Choosing to switch it off may make it a lot less useful, but would make for a more secure IT environment.
Yes, wireless passwords can be written down and trivially passed along to others: we know network security shouldn't end at the Wi-Fi login prompt. But there's nothing like an OS automating the practice of blabbing passphrases to your mates, eh?

Updated to add

A Microsoft PR rep has been in touch about the headline, pointing out that when you share access to your network via Wi-Fi Sense, your contacts cannot share that access to other people. We know this.
The headline still stands because: imagine you and I are friends, and you visit my house. I tell you the Wi-Fi password, or you read it off the fridge. You type it into your Windows 10 device, and access to my network is shared via Wi-Fi Sense with your Windows 10 friends. Your friends now have access to my network, or in other words, my friend's friends now have access to the network.
And that's not good.
--------------------------

So far for the article from The Register.

By now I have installed several versions of Windows 10 Preview and the install process has changed over time - which is to be expected in a preview for testing of a product that is in active development. The last install(s) have asked questions about sharing Wi-Fi keys and I have declined. By the way, I am planning an extensive article about the install process of Windows 10.

I have declined to share Wi-Fi keys because I read the questions before I ACCEPT the default settings. These preselected default settings more often that not help Microsoft rather than the individual user; that at least is my experience with Microsoft software and products since I know them - and that is only since about the early 1980s.

As usual I welcome comments and suggestions right here in the blog. Thank you in advance.

Click here for a categorized Table Of Contents.

Thursday, July 9, 2015

2015-07-09 WBKV Talking Points (July 9th 2015)

Windows 10
  • What
    It is an in-place upgrade.
    If you want to preserve your Windows 7/8 system DO NOT UPGRADE!
  • When
    Anytime on or after July 29th.

  • Why
    If you want to get rid of Windows 8 annoyances and quirks.
    But you will have to learn a new interface - AGAIN! (boo Microsoft).

  • Why not
    It does not bring anything I consider worth wile the risks of that change.
    There is no realistic simple way to avoid establishing a Microsoft account! Thus every Windows 10 user will become the “target” of the associated “advertisement ID”.
    The install process now even openly mentions the "advertisement ID"!

If your current Windows system is running stable and doing what you want to do I see no compelling reason to upgrade.

Hopefully listener calls with questions. 


As usual I welcome comments and suggestions right here in the blog. Thank you in advance.

Click here for a categorized Table Of Contents.


Thursday, July 2, 2015

Repair Scams And New Variants - Again


Please click this link if you are looking for information on Windows 10.

I hardly can count how often I have spoken in my radio shows about repair scams and other tricks crooks use to scare unsuspecting computer users into handing over their credit card info; that is what all these and similar scams come down to.

Here is only a small selection of articles from this blog that deal with various aspects of this situation - with NO claim of completeness at all:
The newest twist in this never ending saga happens as follows: You are on a web site you have been on many, many times, let's say for information on your favorite hobby. Naturally after having used that web site for years you assume it is "clean" and the information from there is valid.

But suddenly you get a pop up window or some other kind of message informing you that "your computer has been reported" to some "Windows Security" team or it "is infected with 567 viruses" or similar.
This sort of pop up is by definition a scam!
  • Do not click anywhere in this window.
  • If applicable DO NOT call the toll free phone number givin in the message.
  • Do NOT "x out" of this window, that is do not click on the "red X" in the top right corner of the window to close it.
The only safe way out of such windows and/or messages is to close them with Alt+F4, that is holding down the Alternate key and while holding this key down pressing function key F4.

Beside getting out of this window safely I would avoid ever again going to this web site. There is almost always some alternative.

Why did I above say "... is by definition a scam"?
  1. There is no "Windows Security" team or company or anything even vaguely similar.
  2. You Windows operating system does NOT report any info to anybody; only malicious software does that!
  3. Neither Microsoft nor any of their partner companies care about your computer's and your well being! 
You don't even have to take alone my word for it; here are links to two very official web pages about that exact same issue: 
  1. Tech Support Scams from the Federal Trade Commission  and
  2. Avoid tech support phone scams from Microsoft's Safety & Security Center

Stay safe and always(!) heed the first of my 10 Commandments Of Safe Computing.

As usual I welcome comments and suggestions right here in the blog. Thank you in advance.

Click here for a categorized Table Of Contents.



Thursday, June 25, 2015

2015-06-25 WBKV Talking Points (June 25th 2015)


Please click this link if you are looking for information on Windows 10.

Emergency patch for Adobe Flash Player; details here (June 24 2015)

Windows 10 not necessary for Windows 7 users, IMHO at least:
  • If you are still running Windows XP I can't help you.
     
  • If you are running Windows Vista you better think about a new computer (mostly).
     
  • If you have a stable Windows 7 system that does dependably what you want to do then don't upgrade to Windows 10.

  • If you are still on Windows 8 you are long overdue to upgrade to 8.1.
     
  • If you have Windows 8.1 then upgrading to Windows 10 will eliminate most of Windows 8's annoying quirks and shortcomings.

Beware of scam phone calls for "computer support". Your computer does NOT "report" about viruses, to nobody.
   -  This is an oldie (Feb. 2013) but still very actively exploited.

Curious about Windows 10? Microsoft has a free book "Introducing Windows 10 for IT Professionals here (scroll down just a few lines to see the title!).

Wednesday, June 24, 2015

Important Update for Adobe Flashplayer


Please click this link if you are looking for information on Windows 10.

Adobe released an emergency patch for it's ubiquitous Flash Player.

You should now be at least on version 18.0.0.194.

You can check the version in Control Panel, Flash Player; click on the Update tab.

Caution: Adobe gets paid to coax you to download and install McAfee Security Scan.
If you run your computer like I recommend (and may have set up) then you do not need/want this blind passenger!
Adobe's update web page looks like this:


Watch for the always pre-selected check box (big red arrow); please DE-select the check mark before you click on "Install now".

As usual I welcome suggestions and comments right here in the blog.

Click here for a categorized Table Of Contents.

Wednesday, June 10, 2015

Tuesday, June 9, 2015

Windows 10 - What We Know


This article was originally posted early in June 2015. Because of it's relevance and IMHO importance I have kept it and will keep it up-to-date by adding dated Updates to it. For the time being I will put a reference to at the top of all future articles in this blog.

Most home users of Windows 7 and Windows 8.1 have been graced via Windows Update with a new icon "Get Windows 10" in the system tray;  I wrote about it on June 4th.

I do not claim to be complete but please let me tell you what the major changes (improvements?) in Windows 10 will be:
  1. "Universal apps" (formerly Metro or Full Screen apps) can now be resized, positioned a.s.o., that is run as a "normal" window. 
  2. The Start Menu is back plus live tiles.
  3. Again we will have a unified Settings panel aka Control Panel.  
  4. On hybrid and/or convertible and tablet computers Windows 10 will move easily between keyboard, mouse and touch usage. 
  5. The Cortana digital assistant enables voice control. 
  6. XBOX and XBOX Live integration (implementation?)  
  7. Spartan web browser instead of IE.
  8. Win 10 will run on cell phones.  
  9. Snap Assist 
  10. Holo Lens (to be seen)
My comments with identical numbering:
  1. For Windows 8.1 users maybe an advantage; but frankly, I know nobody who even uses Windows 8 in Full Screen mode.  
  2. BIG plus for Windows 8 users - but not for my customers who all have a Start Menu.
  3. BIG plus for Win 8 users; a no-brainer otherwise. 
  4. I would have taken for granted this "Continuum Mode" and think of it as a self evident requirement on such computers. 
  5. Careful, it is said to crate permanent web activity. 
  6. Most teenagers I know don't want their parents to even only touch their game consoles. A non-issue for my customers.
  7. A new web browser  from Microsoft is long overdue. For the longest time we have very good alternatives to IE; I recommend my customers stay with Firefox. New is not always good ... 
  8. What a marketing stunt...
  9.  A feature that supposedly suggests "other" documents ... Ha?
  10. Usefulness remains  to be seen. New is not always better ...
As you easily can see there is nothing really compelling to upgrade, for me at least.

There will be bugs of the first days, that is unavoidable in such a huge, complex piece of software. No corporate testing can ever simulate what really happens in hundreds of millions of home computers.
And, the free upgrade offer is good at least through July 28 2016.
 
My tip to my customers:
Wait and see.  If you have a stable and well working Windows 7 or 8.1 system Windows 10 has only marginal improvements over Win 7 and it irons out quirks and annoyances of Win 8.
 Let others fight through the problems of the first hour.

Furthermore we still live with Microsoft's word that these "free" upgrades will be "valid", that is legally usable only until January 2020 or 2023 respectively; details in this article.We still do not know what Microsoft's plans are beyond that.

Update 6/16/2015:
Not every computer is worth upgrading. Your computer should have at least 4GB of main memory (RAM) and 120GB (or more) of free disk space on the C: drive.
If you have a computer with less than 4GB of RAM and/or it runs a 32-bit version of Windows 7 and/or it is over 5 years old you might want to consider a new machine.
Update 6/20/2015:
Windows Media Center will disappear. In it's place we will get a new program to play DVDs. Lucky me, I never had the time or inclination to use my PC as a media machine.
And the Sidebar Gadgets are (finally!) gone; they were unsafe anyway.
Then there will be changes to the way updates are delivered. Details are still missing but it may be that MS will in the future deliver updates as soon as they are available.

IMHO for the non-technical home user long overdue!

I do believe that "reserving" an update to Windows 10 is a pointless exercise. It will lead to an upgrade to Win 10 in the course of running Windows Update - which my customers usually do weekly.

It would be better to start an upgrade of this magnitude only AFTER you have a full image backup of your system and then do the upgrade on your own schedule.
 

Previous sentence is of UTMOST IMPORTANCE!

Update 6/25/2015:
And here my advice for my customers on Windows 10:
  • If you are still running Windows XP I can't help you.
     
  • If you are running Windows Vista you better think about a new computer (mostly).
     
  • If you have a stable Windows 7 SP1 system that does dependably what you want to do then don't upgrade to Windows 10.

  • If you are still on Windows 8 you are long overdue to upgrade to 8.1.
     
  • If you have Windows 8.1 then upgrading to Windows 10 will eliminate most of Windows 8's annoying quirks and shortcomings.
 But in any case and wherever your system is coming from (7 SP1 or 8.1) your system needs to have ALL updates installed that are available from Windows Update. 

And although I repeat myself you need to have a known good system image backup - and the proven ability to successfully restore it to your system!

These things need to be verified BEFORE you even begin to seriously think about any upgrade of the operating system.  


Update 7/10/15:

Watch out! Microsoft has included Wi-Fi Sense in Windows 10. Here is a lengthy and detailed article about it.

You have to be fully aware that the upgrade to Windows 10 will completely wipe out your current Windows 7 or 8.1 system.

Please attempt to upgrade ONLY if you have a proven good full system image backup. This backup needs to be created now, that is before you attempt the upgrade.

We do not know yet if Win 10 will contain any means to roll back if the upgrade fails. And I believe it is really tempting fate to blindly trust an automated tools in these situations. Past experience has clearly shown that a clean install is always better than an in-place upgrade. 

And to top it off: 
 If you have a computer that connects to a wireless network, either at home or any place else, then you must read this article!

Update 7/22/15:

If my article is too "technical" for you then read this text from Vic Laurie; Vic has very special experiences and a great talent  to express himself very understandably.


As usual I welcome suggestions and comments right here in the blog.

Click here for a categorized Table Of Contents.


Thursday, June 4, 2015

Windows 10 - Not Quite Yet!


Recently customers ask me questions about their computer system "wanting" to update to Windows 10. My current take:
Do not allow Windows 10 to be installed - yet.
Officially Windows 10 will be released July 29th 2015. Any offers before that date seem to be "fishy", to say the least.

Here we have a good example that Microsoft is sneaky. This icon and it's associated program(s) came as a recommended upate with Windows Update. This is not a functional improvement of your existing Windows system, it is blunt marketing.

Yes, I consider this to be fishy even if it comes from the legitimate icon that Microsoft puts an our machines via Windows Update. Not every computer should be upgraded to Windows 10 and especially not before the final release is out.

This is not really an offer to upgrade now, it is an attempt to sign you up for a "first in line" upgrade.

But even after the final release patience is recommended; there always have been "bugs of the first hour"; don't get "burned" if you are an average, non-technical home user.

In the near future I will publish another article on updating to Windows 10.

As usual I welcome suggestions and comments right here in the blog.

Click here for a categorized Table Of Contents.




Saturday, May 16, 2015

Windows 10 - Less Fog But Still A Questions

We have news about Windows 10. Microsoft just announced their plans for the release of Windows 10.

All users now running computers with Windows 7 or Windows 8.1 (NO mention of Windows 8!) can via Windows Update download and install Windows 10 for free! Users still running Windows 8: You better update to 8.1 NOW!

Users now running Windows 7 or 8.1 Home Premium will upgrade to Windows 10 Home.
Users now running Windows 7 or 8.1 Professional will upgrade to Windows 10 Pro.

This blog is for my customers; all of them are home or small business users and that is why I will not talk about the "corporate" versions; only companies with "Volume License" contracts can get them anyway.

Quote from the original Microsoft blog post (emphasis from me):
"... once a qualified Windows device is upgraded to Windows 10, we will continue to keep it up to date for the supported lifetime of the device, keeping it more secure, and introducing new features and functionality over time – for no additional charge."
That IMHO clears the "confusion" about pricing.
If you upgrade a Windows 7 system to Windows 10 you can use it until January 2020 when Microsoft will terminate support for Win 7.

If you upgrade a Windows 8.1 system to Windows 10 you can use it until January 2023 when Microsoft will terminate support for Win 8.1.

And what happens to an upgraded system after January 2020/2023? No mention and maybe Microsoft does not yet know themselves.

This IMHO is a true change in Microsoft's attitude and I welcome it. 

I will keep reporting once the first experiences with upgrades to Win 10 become know.

A recommendation for my customers: Don't rush it, wait a bit.

If your Win7 or 8.1 system is running great and smoothly there is IMHO no compelling reason to upgrade to Windows 10. For my "typical" home users Win 10 just does not contain technical advances that justify the potential risks of such major change to a computer system.

As usual I welcome suggestions and comments right here in the blog.

Click here for a categorized Table Of Contents.

Wednesday, May 13, 2015

2015-05-14 WBKV Talking Points (May 14th 2015)


All Win 7 & 8 users can upgrade to Win10 for free – for one year (only?).
Then licensing will kick in? Home user be careful! I assume MS goes to a subscription model, that is yearly licensing. Win7 is paid for and good until Jan, 2020, Win8 until Jan 2023.
2016 is free but you would have to
pay again for 2017, 18,19 (20, 21, 22).

New ways to infect computers:
“… emails ostensibly sent from legitimate companies with which we might or might not have had previous business. ... often includes a link requesting to update your account. The legitimate company has no idea it’s name is being abused. Anyone who is familiar with the company might click the link and immediately have their machine attacked.”
Even small company's names are now being used.

Most malware is directed at Windows, not Mac and a phenomenal rise in malware for Android phones; Android is an open system. When installing Android apps, you give permission for the app to use various system features. Nobody who installs Android (or Windows) software reads the EULAs and permission notices; we simply accept them with a click.”
Some outrageous statements and demands have been discovered in some EULAs by people who actually read them. A list of some of the funnier ones is here:
makeuseof.com.

Malicious advertising on the rise. My customers are safe if they use the computer as I recommend, that is Firefox browser with Adblock Plus extension enabled.

Windows Server 2003 will go out of support after July 14th. You have to update! Running an outdated server is hazardous to everyone connected to it!

If someone calls you and claims to be in any way affiliated with Microsoft IT IS A SCAM!

Download portals (cnet.com, download.com et al) are huge malware slingers.
Have your DNS settings been tampered with? Test here (but know what is correct…)


Upgrade to Windows 10?

Any time between June and September Microsoft will release Windows 10 ("this summer" is all we know).

Microsoft has officially said that users of Windows 7 and of Windows 8 and 8.1 will for one year be able to upgrade for free to Windows 10. There is a little bit of a disclaimer though: The footnote says "for the lifetime of the device".

Upgrade "for free"? That sounds (almost) too good to be true. Around Microsoft I have learned to be very cautious. Trying to find more information about this I found two very different interpretations:
  1. As long as it happens within one year after Win 10's official release you can upgrade to Win 10 for free "for the lifetime of the device".

    What if your well maintained Win 7 computer still runs great in January 2020 and you want to keep it running? Will you then have to pay for Windows 10? If yes how much? Upgrade or new license fee?
     
  2. As long as it happens within one year after Win 10's official release you can upgrade to Win 10 for free. After the first "free" year Microsoft will switch to a subscription model and you need to pay a monthly or yearly license fee to be allowed to use Windows 10.

    This would amount to a huge money grab. With your current system you have paid for the license to use the operating system; with Windows 7 until Jan. 2020, with Windows 8 until Jan. 2023. Microsoft wants to give you one year for free and then they will start to charge?

    Let's say you upgrade from Win 7 to Win 10; 2016 would be free but you would have to pay an additional license fee for three years (2017, 2018and 2019). For upgrades from Win 8 it would be six more years!
For my customers "the device" certainly is their computer. There is no better definition so I assume that "lifetime" is the time for which Microsoft supports the operating system of the computer. Win 7 support ends in January 2020, Win 8 support ends in January 2023.

The details of what really will happen are unknown. Currently my advice is
Do not upgrade right away, wait until the fog has cleared and we have answers to the questions above.
In another article in the near future I will outline the main "improvements" that will come with Windows 10.

Update 5-15-2015: My concerns about an eventual money grab were unfounded. Something up to now unimaginable has happened, you can read about it here.

As usual I welcome suggestions and comments right here in the blog.

Click here for a categorized Table Of Contents.
 

Sunday, May 3, 2015

2015-05-04 WTKM Talking Points (May 4th 2015)

All Win 7 & 8 users can upgrade to Win10 for free – for one year (only?).
Then licensing will kick in? Home user be careful! I assume MS goes to a subscription model, that is yearly licensing. Win7 is paid for and good until Jan, 2020, Win8 until Jan 2023.
2016 is free but you would have to
pay again for 2017, 18,19 (20, 21, 22).

Macro malware is making a comeback with one nineties nasty infecting half a million computers, Microsoft says. It's 2015 and half a million people still click on stuff we knew was bad in the '90s. Users should stick to MS's decade-old advice and avoid executing macros

Have an LG cell phone? Running LG's Monitor software? If Yes to both your PC is at risk! LG Monitor disables UAC (User Account Control)..

Dell System Detect: All versions older than 6.0.14 are easily hacked! DSD does not get automatically updated, even if Dell's updater is running!

Motorola's DOCSIS 3.0 SBG 6580 cable broadband modem is very easy to hack! Could open your computer to the Internet. Arris, a spin-off brand, has same problem.

Verizon's Risk Assessment Team says that 2 out of 3 times a computer gets hacked the reason was a weak password. Runner-ups are clicking on links in emails and opening attachments.

If someone calls you and claims to be in any way affiliated with Microsoft IT IS A SCAM! 

Download portals (cnet.com, download.com et al) are huge malware slingers.
 
Have your DNS settings been tampered with? Test here (but know what is correct…).

Hackers move away from Java and to Adobe Flash. Check version and update! Per 5-03-15 version 18.0.0.95 is most current. Beware: Many false downloads!





Wednesday, April 29, 2015

2015-04-30 WBKV Talking Points (April 30th 2015)


All Win 7 & 8 users can upgrade to Win10 for free – for one year (only?).
Then licensing will kick in? Home user be careful! I assume MS goes to a subscription model, that is yearly licensing. Win7 is paid for and good until Jan, 2020, Win8 until Jan 2023.
2016 is free but you would have to
pay again for 2017, 18,19 (20, 21, 22).

Have an LG cell phone? Running LG's Monitor software? If Yes to both your PC is at risk! LG Monitor disables UAC (User Account Control)..

Dell System Detect: All versions older than 6.0.14 are easily hacked! DSD does not get automatically updated, even if Dell's updater is running!

Motorola's DOCSIS 3.0 SBG 6580 cable broadband modem very easy to hack! Could open your computer to the Internet. Arris, a spin-off brand, has same problem.

Verizon's Risk Assessment Team: 2 out of 3 times computer gets hacked reason was weak password. Runner-ups are clicking on links in emails and opening attachments.

If someone calls you and claims to be in any way affiliated with Microsoft IT IS A SCAM!

Download portals (cnet.com, download.com et al) are huge malware slingers.

Have your DNS settings been tampered with? Test here (but know what is correct…)

Adobe's cash-less bug bounty program: Can it ever work?

Symantec splitting security (Norton) from storage business. The beginning of the end (like HP)? It will take time; giants die slowly

Hackers move away from Java and to Adobe Flash. Check version and update if necessary! Per 4-29-15 version 18.0.0.95 is current. Beware: Many false downloads!


As usual I welcome suggestions and comments right here in the blog.

Click here for a categorized Table Of Contents.

 


Tuesday, April 28, 2015

Bye bye Viruses, Hello Carelessness




It's almost like in the Everly Brothers song "Bye Bye Love" from 1957. They sang
Bye bye happiness, hello loneliness...
I am enticed to, no, don't be afraid, not sing but say
Bye bye viruses, hello carelessness...
In August 2014 I wrote in this blog the 2014 Update On Malicious Programs. Everything in this article is still valid today – which in the fast changing world of computers is astonishing all by itself. Self replicating viruses that "find and infect" our computers by their own accord have gone almost extinct.
What has massively changed though are the tricks and methods used by miscreants to foist their malicious junk software on our computers. It is so bad that I feel compelled to say
Do NOT click on any link in any email,
do NOT open any email attachment
and NEVER click in any advertisement.
Does that sound extreme to you? Good, because it is extreme. We are in an extreme situation and it's getting worse so extreme measures seem appropriate.
In the meantime you have learned to immediately delete emails with an unfamiliar sender address. But what about the email from that buddy of yours who always sends all the jokes? My advice is to IGNORE it! Just hit the Delete button. If that email really was from him and if he were a nice guy he would have told you in the email why and what he sends there. If he does not have the decency to do that you better err on the side of caution and delete that email; you may “miss” a joke but what is that compared to $100 or $200 cost for a good clean-up job?
Another way how modern malware (called PuPs) is distributed are dirty tricks pulled on us when we apply required updates. Even big, well known companies participate in these schemes; names that come to mind as examples are Oracle, Norton, McAfee and Adobe. Some visual examples are here.
And don't get me going on advertisements. Listen up:
If you see advertisements on your computer screen then you computer most likely already is compromised. Get it cleaned up!
And then the sneaky methods that well known download web sites like Download.com, Cnet.com and other use. You want to download that nice free little program and what they give you is a specially crafted downloader program that in turn is supposed to download the program you actually want. But what you get are one or several PuPs and then the program you really wanted.
The only method to help here is to watch for the tricks, traps and deceptions. 
In July 2013 I published my 10 Commandments Of Safe Computing. To heed the first of these has become more important than ever before; it reads:
Thou shalt read and think(!) before you click.
Be vigilant, pay attention to details and always remember: If it sounds too good to be true it usually is not true; especially in this day and age on the Internet.

As usual I welcome suggestions and comments right here in the blog.

Click here for a categorized Table Of Contents.



Thursday, April 9, 2015

2015-04-09 WBKV Talking Points (April 9th 2015)



Free Panda Ant Virus bricks computers! My advice: stay with MS Security Essentials or Defender.

Danger from USB drives: A newly demonstrated device has the potential to fry the USB port and possibly other components on motherboards, even the CPU!

A test for the Superfish bug is here, removal instructions are here.
Firefox vers. 36.0.1 has protection against SF, vers. 37 (current as of last week!) further improves certificate checking!

All Win 7 & 8 users can upgrade to Win10 for free – for one year (only?).
Then licensing will kick in? Home user be careful! I assume MS goes to a subscription model, that is yearly licensing. Win7 is paid for and good until Jan, 2020, Win8 until Jan 2023.
2016 is free but you would have to
pay again for 2017, 18,19 (20, 21, 22).

Seagate reluctant to fix serious bug in some of their NAS drives.

More bugs in Adobe Flash Player! Per April 4 6:00AM officially released version is 17.0.0.134!

Many fake Flash Player updates! Users are tricked to download and install a fake plugin that then installs a key logger to collect log in info & passwords. User beware!

If anyone calls you and claims to be in any way affiliated with Microsoft IT IS A SCAM!


Download portals (cnet.com, download.com. softonic.com et al) are huge malware slingers.

Have your DNS settings been tampered with? Test here (but know what is correct…)

Adobe's cash-less bug bounty program: Can it ever work?

Symantec splitting security (Norton) from storage business. The beginning of the end (like HP)?

As usual I welcome suggestions and comments right here in the blog.

Click here for a categorized Table Of Contents.





Monday, April 6, 2015

2015-04-06 WTKM Talking Points (April 6th 2015)


Free Panda Ant Virus bricks computers! My advice: stay with MS Security Essentials or Defender.

Danger from USB drives: A newly demonstrated device has the potential to fry the USB port and possibly other components on motherboards, even the CPU!

A test for the Superfish bug is here, removal instructions are here.
Firefox vers. 36.0.1 has protection against SF, vers. 37 (current as of last week!) further improves certificate checking!

All Win 7 & 8 users can upgrade to Win10 for free – for one year (only?).
Then licensing will kick in? Home user be careful! I assume MS goes to a subscription model, that is yearly licensing. Win7 is paid for and good until Jan, 2020, Win8 until Jan 2023.
2016 is free but you would have to
pay again for 2017, 18,19 (20, 21, 22).

Seagate reluctant to fix serious bug in some of their NAS drives.

More bugs in Adobe Flash Player! Per April 6 officially released version is 17.0.0.134!
Many fake Flash Player updates! Users are tricked to download and install a fake plugin that then installs a key logger to collect log in info & passwords. User beware! 

If anyone calls you and claims to be in any way affiliated with Microsoft IT IS A SCAM!

Download portals (cnet.com, download.com. softonic.com et al) are huge malware slingers.

Have your DNS settings been tampered with? Test here (but know what is correct…)

Adobe's cash-less bug bounty program: Can it ever work?

Symantec splitting security (Norton) from storage business. The beginning of the end (like HP)?

As usual I welcome suggestions and comments right here in the blog.

Click here for a categorized Table Of Contents.

Thursday, April 2, 2015

Now THAT is interesting!


Okay, maybe more for me than for you but anyway, I will offer to you what I just found.

It turns out that Microsoft has a really good article on their sprawling web site. It is titled

Ten Immutable Laws Of Security

Make some time, the article is long! Grab a coffee or tea or what ever lubrication you fancy for a good, lengthy read.

Oh yes, before I forget it, the bold text above is the link to said article.

As usual I welcome suggestions and comments right here in the blog.

Click here for a categorized Table Of Contents.


Thursday, March 26, 2015

2015-03-26 WBKV Talking Points (March 26 2015)

Free Panda Ant Virus bricks computers! My advice: stay with MS Security Essentials or Defender.
Danger from USB drives: A newly demonstrated device has the potential to fry the USB port and possibly other components on motherboards, even the CPU!

A test for the Superfish bug is here, removal instructions are here.
Firefox vers. 36.0.1 has protection against SF, vers. 37 will further improve certificate checking!

All Win 7 & 8 users can upgrade to Win10 for free – for one year (only?).
Then licensing will kick in? Home user be careful! Microsoft does not give anything away for free; that is the first concrete step to get us all to accept a licensing model, that means yearly payments.

Seagate reluctant to fix serious bug in some of their NAS drives.

More bugs in Adobe Flash Player! Currently (as of March 16) officially released version is 17.0.0.134!
Many fake updates! Users are tricked to download and install a fake plugin that then installs a key logger to collect log in info & passwords. User beware! 

If anyone calls you and claims to be in any way affiliated with Microsoft IT IS A SCAM!

Download portals (cnet.com, download.com. softonic.com et al) are huge malware slingers.

Have your DNS settings been tampered with? Test here (but know what is correct…)

Adobe's cash-less bug bounty program: Can it ever work?

Symantec splitting security (Norton) from storage business. The beginning of the end (like HP)?



Wednesday, March 25, 2015

Microsoft is at it AGAIN!


Finally some big Microsoft customers have gotten Microsoft to stop trying to squeeze their Bing search and Bing software on Windows computers. And what happens a few month later?
Microsoft is at it again!
 
Recently I see more and more (especially Windows 7) computers with Skype installed - and the user of the computer swears they did not install it, they don't use it and most say they have no idea what it is or does.

The last point is answered by Wikipedia like this:
Skype /ˈskp/ is a telecommunications application software that specializes in providing video chat and voice calls from computers, tablets and mobile devices via the Internet to other devices or telephones/smartphones.
By now Skype can send text messages and do some data sharing as well.

It is useful if you often want to video chat (camera required) or voice chat (microphone required) for free over the Internet. It sure is a nice thing for families with relatives abroad, just think of families with relatives in the armed forces. 

Microsoft installs Skype by default so that it always runs. I have seen quite a few computers that got severely slowed down when Skype was running.

If you do not want Skype on your computer:

Microsoft has begun to offer it as an Optional Update. If you see "Skype for Windows" when checking for Windows Updates please right click on the Skype entry and then left click on Hide Entry. It should look like this (the hourglass symbol is my cursor):


IMHO it is a shame that Microsoft thinks they need these kind of tricks to get their software on unsuspecting home user's computers.

As usual I welcome suggestions and comments right here in the blog.

Click here for a categorized Table Of Contents.




Thursday, March 12, 2015

2015-03-12 WBKV Talking Points (March 12 2015)

Superfish bug on some Lenovo laptops is a real risk:
A test for Superfish is here, removal instructions are here.
Firefox vers. 36.0.1 has protection against SF, vers. 37 will further improve certificate checking!

Confirmed sensation: Microsoft will allow all Win 7 & 8 users to upgrade to Win10 for free – for one year (only?). But then the licensing will kick in? A rented operating system? Home user be careful! Microsoft does not give anything away for free; that is the first concrete step to get us all to accept a licensing model, that means yearly payments. This way Microsoft will in the medium and long term make oodles of money more than by selling the software.

More dangerous bugs in Adobe Flash Player! Currently (as of March 12 2015) officially released version is 16.0.0.305! The catch: Many fake updates around! Mostly the user is tricked to download and install a fake plugin that then installs a key logger to collect log in info & passwords. User beware! 

Scam phone calls: Microsoft does not even know that we exist. MS's own advice:
  • If anyone calls you and claims to be in any way affiliated with Microsoft IT IS A SCAM!
  • Do not purchase any software or services.
  • Ask if there is a fee or subscription associated with the “service.” If there is, hang up.
  • Never give control of your computer to a third party unless you can confirm that it is a legitimate person you personally know and trust and/or are already a customer of.
  • Never provide your credit card or financial information to someone claiming to be from Microsoft tech support.
  • Take the caller’s information down and immediately report it to your local authorities.
Download portals (cnet.com, download.com. softonic.com et al) are huge malware slingers.

Have your DNS settings been tampered with? Test here (but know what is correct…)

Adobe's cash-less bug bounty program: Can it ever work?

Symantec splitting security (Norton) from storage business. The beginning of the end (like HP)?

FREAK bug (low quality encryption): Check your web browser here.
News March 12 2015: Fixed with this month's batch of updates for Windows

As usual I welcome suggestions and comments right here in the blog.

Click here for a categorized Table Of Contents.


 

Sunday, March 1, 2015

2015-03-02 WTKM Talking Points (March 2nd 2015)


Superfish (on some Lenovo laptops) is a real risk!
A test for Superfish is here, removal instructions are here.

Confirmed sensation: Microsoft will allow all Win 7 & 8 users to upgrade to Win10 for free – for one year (only?). But then the licensing will kick in? A rented operating system? Home user be careful! Microsoft does not give anything away for free; that is the first concrete step to get us all to accept a licensing model, that means yearly payments. This way Microsoft will in the medium and long term make oodles of money more than by selling the software.

More dangerous bugs in Adobe Flash Player! Current officially released version is 16.0.0.305! The catch: Many fake updates around! Mostly the user is tricked to download and install a fake plugin that then installs a keylogger to collect log in info & passwords. User beware! 

Renewed warning: CryptoWall (new CrypotoLocker variant) spreads through advertising networks.
When you see advertisements your computer is not sufficiently protected or it is already infected with malware!

Finally: Microsoft takes on scam tech support phone call organizations (PDF).
If MS succeeds I expect the crooks to move off-shore and do the same from India.
Microsoft Digital Crimes Unit attorney Courtney Gregoire has an article and a video about these scams on her blog. Here is Ms. Gregoire's advice:
  • If anyone calls you and claims to be in any way affiliated with Microsoft IT IS A SCAM!
  • Do not purchase any software or services.
  • Ask if there is a fee or subscription associated with the “service.” If there is, hang up.
  • Never give control of your computer to a third party unless you can confirm that it is a legitimate person you personally know and trust and/or are already a customer of.
  • Never provide your credit card or financial information to someone claiming to be from Microsoft tech support.
  • Take the caller’s information down and immediately report it to your local authorities.
The supposed hack attack on French news media (after Charlie Hebdo shooting) was no attack at all. It was a simple server cockup.

In Canada it is now illegal to install computer programs without consent. Why not in the US?

375 of the 500 largest companies do not protect their web sites from typosquatters. That causes real danger when you mistype a web address in your browser. Be careful!
As usual I welcome suggestions and comments right here in the blog.

Click here for a categorized Table of Contents.