Wednesday, October 30, 2013

Windows 8: What the Rest of the World Thinks


Recently on a Microsoft run web site and Windows 8 blog I ran across a reply to an article written by a Dutch IT consultant.

It summarizes what I have glanced from many, many similar comments I have read. I have modified some language and grammar quirks and fixed some misspelled words to convey the meaning correctly and in correct English.
Yes  it's true; Microsoft wants us to massively migrate to Microsoft based cloud based services. But in my country that will not happen as Microsoft wants it, especially   because these "virtual cloud services" are to 85% physically located within the USA.  
That is for most foreign people simply unacceptable. It's not only for reasons like privacy, piracy, taxes, company secrets - there is also a difference in mind-sets.
What if our sensitive data sits there in a physical data center somewhere in the US of A, and 'shit' really starts happening, like for instance war, wide spread diseases, natural disaster, terrorism attack, you name it -  anything could happen anywhere.
Foreigners don't trust CIA/FBI/NSA that much, we learned from the past months.
My customers are saying..., even refusing, to migrate their financial and sensitive business data to somewhere in the 'Microsoft' or even  the 'Amazon cloud'; abroad, unknown where it really is, in a far away foreign country, and nobody knows, or even checks what is happening to their data. It may be leaked to the NSA, via a built-in back door when Micro$oft sold this opportunity to the NSA/US-Government.
 No, sorry, not with us!  We aren't like that!
We even don't come close to this kind of behavior.
Yes, people in other countries don't trust their sensitive data into American hands; they approach privacy questions with a totally different mind set.

Maybe Microsoft's management better begin to acknowledge that not everybody will follow to where they, Microsoft and others, want to lead us?

What may be good for Microsoft may not be that good for the other 310+ million Americans. And what may be "good for Microsoft's America" may not be that good for the other 95% of the world population. 

In my opinion this is NOT a technical problem, it is an ethical problem. There are just too many of us who check their ethics and morals at the entrance of the office building before they begin their daily jobs.

No, it's not government agencies or organizations or companies that "do the wrong thing"; all these entities are run by people that collectively make questionable decisions.

As usual I welcome suggestions and comments right here in the blog.

Click here for a categorized Table Of Contents.



Monday, October 28, 2013

How Malware Gets Installed


You hear from me that your computer got infected with malware, especially PuPs, and you ask:
"How did that stuff get on my computer? I did not download or install it".
Sorry, but in most cases you did give permission to install that garbage alongside some legitimate install or update. You did not do it consciously, you got duped or tricked into allowing the installation. See this article for just one all too common example.

These tricks can have many different shapes and forms. They all are designed to trick or fool us into allowing the garbage to get installed alongside a legitimate program or update. User beware!

One of the more and more common forms is a legitimate install or update that asks something along the lines of

  • Default (or Express) install (recommended)
  • Custom install (for experienced users)
No matter whether you consider yourself to be experienced or not, if you click Default (which always is pre-selected!) or just click on the Next button you likely get PuPs installed. By now even software from well known names does that! Just as an example: Oracle's Java and Adobe Reader are bundled with PuPs; most downloads from well known download portals are by now loaded with PuPs. Why is that happening?

Simple answer: Money! The authors of PuPs pay for their stuff being bundled with legitimate software. There is a lot of money to be made from advertising!

Distributing viruses is illegal, distributing "search helpers"  or tool bars is not!

My advice: When you have to choose between Default and Custom installs always(!) click Custom; it is the only way to check for PuPs because so far at least they are being offered with some sort of a choice to decline or skip them.

If you are in doubt take a screen shot of the window(s) that sparked your suspicion, postpone the install and ask me in an email about it; don't forget to attach the screen shot please.

As usual I welcome suggestions and comments right here in the blog.

Click here for a categorized Table Of Contents.

Wednesday, October 23, 2013

Beware the Tricks When Updating to Windows 8.1


Oct. 26, 2013 Important Update: Please pay attention to the text after #6 and #7 below.

Just to have it done I decided today to update a customer's system from Windows 8 to 8.1. A few things caught my attention:

Depending in the speed of your internet connection and on the speed with which Microsoft delivers the download brace yourself for anything between 15 minutes and one to three hours - just for the download.

The installation speed will depend mainly an how fast your computer is and how fast or slow your disk drive is; it will take anything from 20 minutes to an hour or even more.

Microsoft came up with new tricks to get you to set up a Microsoft Account. BEWARE! I simply left the fields for name, email address and so on empty and clicked Next. Totally not intuitive but I got the old local account back. See below after #6.

The last of the preparation screens brought the surprise with the following six questions, all with ON (that is Yes, do it) preselected, quoted literally but emphasis added by yours truly:
  1. Use Bing to get search suggestions ad web results in Windows Search, and let Microsoft use my search history, location, and some account info to personalize my experiences
     
  2. In Internet Explorer, use page prediction to pre-load pages, which sends my browsing history to Microsoft
     
  3. Let apps use my name and account picture
     
  4. Let apps use my advertising ID for experiences across apps
     
  5. Let Windows and apps request my location from the Windows Location Platform
     
  6. Get better protection from malware by sending info and files to Microsoft Active Protection Service when Windows Defender is turned on.
Do I need to talk about the obvious privacy issues with points 1 through 5? I hope not...Needless to say, I set all switches for questions 1 through 5 to OFF.

Point #6 makes sense, we all need better malware protection. But at this point in an upgrade I would appreciate to have at least some sort of "What is that?" available to learn what info is reported to Microsoft. But no luck here, there is nothing of this kind.

By now I have updated two machines from Windows 8 to 8.1.

The first machine I updated was an OEM installation; this means that Windows 8 was installed and licensed by the manufacturer and delivered with the computer. The system was set up to work with a local account.

The second machine I updated was my own laptop that I always have with me on customer visits; it runs a retail copy of Windows 8, that is a copy I bought myself from Microsoft in the early days of Windows 8. This machine was set up to work with a local account as well.
 
To my surprise the second machine showed during the initial setup of Windows 8.1 two more windows. At that stage of operation I did not yet have a screen shot program available so I need to try to describe these windows verbally.

The first of these additional windows asked without any explanation for my email address, name and other IMHO personal information. I did not supply any information but "took the plunge" and just clicked Next.

The second screen then gave in small, easy to overlook lettering the option to "Continue with your local account". That was what I did and the machine works beautifully.

The text after #6 IMHO shows two things:
  • Microsoft becomes ever more ruthless and blatant in trying to lure us into using a so called Microsoft Account. IMHO this is arm twisting!
     
  • There is a functional difference between updating an OEM version and and a retail version of Windows 8. This is in opposition of what Microsoft people say in their company blogs.
If you have a metered internet connection with a cap on the volume of data per month then numbers 1, 2, 4, 5 and 6 increase the risk of going over the data limit; and that gets expensaive really fast.

As usual I welcome suggestions and comments right here in the blog.

Click here for a categorized Table Of Contents.
  

Warning: Old Fiend With New Muscle


In the title I say "old fiend" and it is an old adversary in new clothes and with significantly more muscle. 

Instead of repeating the background story please first head over to my September 2012 article and come back here after you have read it.

So what's new?  Besides the new name, Crypto Locker, a couple of major improvements have been made to that nasty piece of maliciuos software:
  • The encryption is now "NSA grade", meaning there is no way out! Your data files most likely will remain lost!
     
  • The ransom has been raised in some variants of this malware  to close to $1000.
     
  • Now even files on other than the system drive C: will be encrypted. That renders restore partitions useless.
  • Is your backup disk permanently connected to the computer? Then the files on this drive get encrypted as well and all your backups are totally useless!
     
  • Now even files on network connected other computers can get encrypted.
     
  • Many victims that actually did pay the ransom got a decryption key that did not work! Their files remained inaccessible and were totally lost.
     
  • To pay ransom in some instances credit card information was given to the obviously wrong people; credit cards got maxed out in minutes! That is much more trouble than the loss of years of pictures, emails and other files!
     
  • Many attempts to save files turned out to be more expensive than a brand new computer would have been, Even with a new computer your files remain lost!
So far, and that may change soon, CryptoLocker 
  • arrives on victims computers in an email from an arbitrary sender they often don't know.
     
  • arrives on victims computers as an email attachment; this requires the victim to explicitly execute the attachment, that is double click on it and eventually even ignore the warning from Windows about running a downloaded program.
     
  • arrives on victims computers after the victim clicked on a link in an email without first checking the link and it's real target.
You say you don't do either of these arguably fairly dumb and dangerous things? Good for you! Are you 100% certain that everybody who eventually uses your computer is as careful, as attentive and as cautious? Think about your sweet teenage granddaughter, your kid's friends, visitors and so on.


You ask why your anti virus program did not catch the bad program? Simply because this form of CryptoLocker is new. It requires time and quite some effort to design detection methods and find secure ways to neutralize these modern and very sophisticated threats.

As of this writing we all are unprotected and need to use due diligence. Always wear your common sense hat!

The only currently known "protection" against damage by CryptoLocker is to have a recent image backup of your system drive and/or to have a set of restore DVDs that were created when the system was still functioning correctly.

If you need to use either of the aforementioned a System Repair disk is required. Did you already create one?

If you need help to set up a sensible backup routine and/or to create the disks mentioned above please contact me. You find a useable email address in the left sidebar at the end of the text titled "Welcome".

As usual I welcome suggestions and comments right here in the blog.

Click here for a categorized Table Of Contents.
 


Thursday, October 17, 2013

How To Buy A New Computer


Microsoft will drop the very last vestiges of support for Windows XP on April 8th, 2014. These computers have to be replaced by then!

I found an interesting article written by Microsoft's Director for Trustworthy Computing. You could read that rather tedious article or just settle for this quote:
As for the security mitigations that Windows XP Service Pack 3 has, they were state of the art when they were developed many years ago. But we can see from data published in the Microsoft Security Intelligence Report that the security mitigations built into Windows XP are no longer sufficient to blunt many of the modern day attacks we currently see. The data we have on malware infection rates for Windows operating systems indicates that the infection rate for Windows XP is significantly higher than those for modern day operating systems like Windows 7 and Windows 8.
To me that says loud and clear: Abandon Windows XP as fast as you possibly can!

Although Windows Vista was released seven years after XP I find many Vista machines from the early days of Vista that are mis-configured, mostly with way too little RAM (main memory) and technical limitations that would not allow to expand RAM beyond 2GB. I strongly recommend to upgrade these machines as well.

What new computer should I buy?

One of the first questions I often get asked is “Mac or PC?”. My reply is always the same: A MAC is almost always three to four times as expensive as a technically comparable PC. Plus you buy yourself into a very well maintained “gated community”. Any additional software for example will be more expensive and in the MAC world you find a much, much more limited selection of good free programs.

Those of my customers that switch to a MAC usually have compelling individual requirements and reasons. They accept the steep learning curve and the higher cost.

And opposite to common perception MACs do know viruses and are just as susceptible to browser based attacks and hijacks as PCs are.

There may be a difference in quality of the components; for my customers that is rarely an issue. I hardly ever recommend a rock bottom priced computer and decent average quality is available at very reasonable prices.

Where to buy the new computer?

I hesitate to write it down but many, many of my customers admit freely that they are not enough tech-savvy to go to a computer store; I recommend to simply avoid the risk of being sold much more than is really needed.

I offer to assist in selecting a suitable computer at a reasonable price. Buy it on-line at one of the larger, dependable and trustworthy dealers. Sometimes we find deals that seem to good t be true.

All-In-One, Desktop or Laptop? 

The one big difference that I always point my customers to is the text size on the screen. The nature of the beast dictates that things on a laptop screen are smaller than on a decent monitor. For people “up there” in age and/or with eye issues (like your's truly) this should be the major factor in that decision.

If on the other side you travel a lot or if you live for several month “down south” then a laptop may be the better solution because of the easier transportation.

All computers are built with mass production techniques. It is always a remote possibility to get a “lemon”, that one piece out of thousands that causes trouble.

All-In-One

This kind of computer has really “come of age” lately. A few weeks ago I bought a new computer for my wife, an All-In-One with a gorgeous 23 inch screen, 1TB disk drive, a fast 3Ghz dual core processor, built-in wireless and webcam. Needless to mention that she loves it.

The biggest advantage from the housewife's viewpoint is that there is only one cable going into the back of the machine!

Desktop with monitor, keyboard and mouse

If you already have a nice flat screen monitor and prefer a desktop computer, by all means just get another one. Very reasonably equipped standard computers cost between $300 and $500.

Beware of some sales rep talking you into a system with a touch screen. Do you know how heavy the hand gets when you stretch your arm out for only two minutes?

Touch screens are okay on tablets and phones; I don't see their usefulness in a classic computer environment; as usual, your views may differ.

Touch screen monitors are (so far at least) clearly more expensive than conventional flat screen monitors. It is a new technology that has had no time to mature yet.

As far as brands go: My reservations towards Dell and HP are well known; I just can not recommend to buy from companies that have deliberately lied to their customers (Dell) or still install at best questionable software.(HP, Sony and Samsung for example).

During the last two or three years I have recommended many Gateway desktop computers. Gateway (the brand!) is owned by Acer.

Laptop

Screen size is always measured in the diagonal! I recommend at least a 15.6” screen; laptops with 17” screens are clearly heavier than their 15.6” cousins.

The only brand I recommend is Lenovo. Their laptop computers are designed in the tradition of IBM laptops from long gone times. They are mostly just a tad better than the competition.

How much Memory?

Memory, main memory or RAM denotes the computer's internal work space. The more main memory the computer has the more programs can work at the same time.

For normal household usage 4GB of main memory (RAM) in a Windows 7 or 8 machine has proven to be enough, no matter was the sales rep at the store told you.

If you use any CAD/CAM software or Adobe Photoshop or if you edit videos then you want 6 or 8GB of RAM or even more. Most heavy duty users know that and buy accordingly.

What processor?

My typical home use customer will not experience lots of differences between an AMD and an Intel processor (CPU). If you actually really do create your own family movies you want an Intel i7 or i5 as fast as your budget allows. For everybody else the speed of the processor is more important than who made it.

Dual core processors are the standard now. Here a warning: When the store clerk sings the praises of an AMD quad core CPU he/she dupes you. AMD quad core means that you get two CPUs and two graphics processors in one chip. Marketing at it's best...

Laptops have thermal limitations; there just is not enough space in a laptop to create sufficient air flow to cool a fast CPU. Laptops in a reasonable price range tend to top off at 2.5 Ghz.

Desktop and all-in-one computers usually do not have the stringent air flow limitations of laptops Thar is why I recommend the faster CPU within reasonable limits and budget constraints.

In my experience a desktop with an Intel i3 3.4 Ghz CPU is faster than the same computer with a more expensive i5 with only 2.3 Ghz.

I see cheap desktop computers with 1.4 Ghz CPUs being offered. In every day usage you may only occasionally experience some sluggishness. But when Microsoft gives us a big update Tuesday the 1.4 Ghz computer may easily need 45 minutes to finish the updates versus five to eight minutes for the 3.4 Ghz machine. 

What about hard drive size?

The hard drive, the internal disk drive with moving platters supplies the storage space where the operating system, all programs and all data files are stored.

Modern computers offer typically from 320GB to 1 TB of storage space which definitely is enough for household usage. Only if you or your teenager download full length movies you can fill up these large drives.

Windows 8 or Windows 7?

You can try to find a Windows 7 computer but it will be $100 to $150 more expensive than the technically same machine with Windows 8.

If you buy Windows 8 you will likely want me to adjust a few settings to run the computer in desktop mode, just as you have been used to since 1995. I would love to help you “taming” Windows 8.

Do you have your software ready?

If you are replacing an older Windows XP system you may have an old version of Microsoft Office that originally came with computer. These licenses are tied to the machine they came on, they “die” with the computer.

Even if you still have the installation disks for MS Office XP or MS Office 2003 I strongly recommend NOT to install them on new systems. They are by now as hard to keep secure as Windows XP has become hard to keep safe..

One of the main reasons for new software versions is security against attacks by viruses and so on.

Remember: It is NOT possible to safely transfer programs directly from an old to a new computer, even if there is software claiming to do just that. Programs have to be installed on the new machine and that is only possible if you have your install disks and eventually required license or product keys at hand.

If you only want to create or edit Microsoft Word or Excel files I recommend Libre Office, a very good product developed out of the original Open Office.

If you use any other "old" software you have to check with it's manufacturer that it is suited to run on a computer with Windows 7 or Windows 8 Desktop Mode.

Where to Buy?

Naturally you can go to any store that sells computers. Just keep in mind that their prices need to pay for the brick and mortar buildings and the sales people there.

Most brick and mortar stores do not service a computer you buy from them, they usually send it to the manufacturer for repairs; then they charge you what the manufacturer billed them plus a margin for their efforts.

All too often the sales “representatives” are nothing more than high school or college students that “know about computers”.

TIPS!
  • If you have wireless in your house, get a computer with wireless already installed in both laptop (standard) and your desktop where it is not yet standard, but worth getting!
  • Buy an extended warranty only if you buy a a business computer; your business needs to be running and usually can't afford longer computer down time. Some of these extra warranties come with guaranteed same day or next day assistance.
  • For obvious reasons I recommend NOT to buy from a rental center!
  • Stay within your budget; temptations are plentiful!
Set it up

Certainly you can set up a new computer yourself.

With Windows 8 Microsoft has elevated “arm twisting” to a whole new level, IMHO at least! You definitely should NOT ever use a so called Microsoft account! Read this for more background information.

If you feel more comfortable to have the computer set up by a professional correctly and with added safety features then please read this article about my Set Up job, I would be glad to help.

As usual I welcome suggestions and comments right here in the blog.

Click here for a categorized Table Of Contents.





Thursday, October 3, 2013

2013 10 07 WTKM Talking Points (Oct 7th 2013)

As you may know on the first Monday of every month I am "guest of honor" for computer questions in a live call-in talk show on our local radio station WTKM on FM 104.9 out of Hartford, Wisconsin.

I have decided to publish my Talking Points for the show here on my blog so that interested listeners can easily follow links to other websites with much more detailed information than can be explained on air.

Windows 8.1 rolls out Oct 17.

New Windows 8 computer?
I use and set up "local account"
ONLY!
Don't use Microsoft account! (privacy vs. convenience)
More info: What Exactly is a Microsoft Account
Either way MS tracks all searches, local & internet. (NO to Bing)
Turn off Smart Search
Use Classic Shell (free) or Start8 ($5)
Install VLC media player (MS removed Media Player!)
Recent Windows Update problems:Mostly caused by pre existing registry corruption. Quote:
On Windows 7 . . .  Registry cleaners might be at fault.
Those utilities were helpful with Windows XP, but they might
easily cause more problems than they fix in Windows 7 (or Win8).
Micro$oft had to re-issue updates from Sept. 9th.

Instead of registry cleaners run sfc /scannow as administrator. See MS Support article 929833 for instructions on SFC and other advanced troubleshooting tips.

Can't boot your game disk (CD or DVD) on your brand new Windows 8 computer?
Thank Micro$oft's and
UEFI's Secure Boot. For details on the difference between
BIOS and UEFI see this article:
The pitfalls of Windows 8′s Secure Boot   

Windows 8 lures the user into MS accounts and into MS cloud services.

The rest of the world and Windows 8:
Yes  it's true; Microsoft wants us to massively migrate to Microsoft based cloud services. But in my country that will not happen as Microsoft wants it, especially   because these "virtual cloud services" are to 85% physically located within the USA.  
That is for most foreign people simply unacceptable. It's not only for reasons like privacy, piracy, taxes, company secrets - there is also a difference in mind-sets.
What if our sensitive data sits there in a physical data center somewhere in the US of A, and bad things really start happening, like for instance war, wide spread diseases, natural disaster, terrorism attack, you name it -  anything could happen anywhere.
Foreigners don't trust CIA/FBI/NSA that much, we learned from the past months.
My customers are saying..., even refusing, to migrate their financial and sensitive business data to somewhere in the 'Microsoft' or even  the 'Amazon cloud'; abroad, unknown where it really is, in a far away foreign country, and nobody knows, or even checks what is happening to their data. It may be leaked to the NSA, via a built-in back door when Micro$oft sold this opportunity to the NSA/US-Government.
 No, sorry, not with us!  We aren't like that!
We even don't come close to this kind of behavior.
Java needs to be kept up to date! As of Sept.15th 2013 it is version 7.0.40 
Adobe Flash and Adobe Reader need to be kept up to date! Even businesses fail to do this!
Still running Windows XP?
Time to buy a new computer!
(with very few exceptions only!)
New, massiveky exploited flaw in Internet Explorer! Don't use IE!
Adobe's computer systems have been hit by numerous "sophisticated attacks"; information of 2.9 million customers compromised, the source code of Adobe products accessed.
End of "WTKM Talking Points for October 7th 2013".

As usual I welcome suggestions and comments right here in the blog.  
Click here for a categorized Table Of Contents.