Wednesday, September 28, 2016

Ransomware IS on the Loose, NO JOKING!


Today I met with a customer who recently I had pointed to my blog posts about ransomware. He sort of poo-pooed my words and pointed me to his safe habits.

With his permission I looked in his (very big) Inbox with about 1,000 emails. I looked only for mails with attachments and found quite a few.

I grabbed randomly one of the attachments, a ZIP file by the way, and saved that file to the computer.

Then I went to Virustotal.com, uploaded the file and had it tested. The results speak for them selves, here they are:


Clearly this file contains a downloader and a variant of the encrypting ransomware Locky. And who knows what the downloader would do to the machine if it ever gets to run.

Currently DO NOT directly open ANY attachment from an email, no matter how "good" you think you know the sender or what ever excuses your brain comes up with.

Always save the attachment to a place on your computer you can easily access like the desktop.

Then in your web browser go to virustotal.com, browse to the file - in this example on the desktop, upload the file and if virustotal.com comes up with anything then delete the file AND the email it came from!

Better safe than sorry!

And before you ask, some of my previous articles about ransomware are here, here, here, here and here.

As usual I welcome comments and suggestions right here in the blog. Thank you in advance.

Stay safe.

Tuesday, September 27, 2016

Norton Internet Security - Final Words?


Again I ran into a customer who almost insisted on keeping "his" Norton Internet Security package against my recommendation. I decided to write yet another diatribe against NIS and the reasons behind my stance.

This morning I got the current edition of a computer related newsletter that covers this very issue more concisely and better than I ever could. The text about NIS is buried in the article under the sub-heading "Why doesn’t Fred ever mention Norton/Symantec?". I want to save you the trouble of having to read (or skim) through the quite technical and lengthy discussion of file name length limitations that is the first part of the article; later in my article (what you are reading) I will quote the complete part about NIS as Fred Langa wrote it.

Who is Fred Langa? Here is the "About Fred Langa" copied directly from Windows Secrets:
Fred Langa is senior editor. His LangaList Newsletter merged with Windows Secrets on Nov. 16, 2006. Prior to that, Fred was editor of Byte Magazine (1987 to 1991) and editorial director of CMP Media (1991 to 1996), overseeing Windows Magazine and others.
In short and simple words: Fred Langa is a veteran in the field of PCs and IMHO one of the most trustworthy authors about PCs out there!

Now to above mentioned quote about Norton Internet Security products. The only alteration: I shortened the name of the original questioner for obvious privacy reasons to just the initials.

Why doesn’t Fred ever mention Norton/Symantec?

P F wonders about a long-standing omission in this column.


“Is there a reason we never hear about Symantec/Norton Internet Security from Fred Langa?”


Yes, there’s a reason, Paul. The omission is quite deliberate.


I absolutely loved Norton software way back when Peter Norton was running the company. But after Symantec bought him out in the 1990’s (keeping the “Norton” name, but little else) Symantec/Norton products gained a reputation as bloated and slow; and periodically they contained extremely serious flaws.

Symantec has addressed some of the bloat problems in recent years, but shockingly severe problems still crop up.
For example, as recently as this past summer, researchers found truly frightening, flagrant flaws in all Symantec/Norton antivirus software. Some security researchers said those flaws were “as bad as it gets.”
I agree with that assessment: Due to these flaws, even an unopened email or an unclicked link could compromise your PC at its deepest level!
For more specifics, see the U.S. Government warning, “Symantec and Norton security products contain critical vulnerabilities,” the Fortune Magazine article, “Google found disastrous Symantec and Norton vulnerabilities,” and the Ghacks.net article, “Google shames Symantec for security issues.” A web search will turn up lots of other coverage, too.
Those egregious vulnerabilities were patched, but they never should have happened in the first place — especially in a nominal “security” product.
And note: That’s just one recent problem. There have been numerous other problems extending back for years. For example, I just did a general web search on ‘norton security’ problems, and found over 13 million hits!
The above are objective facts you can check for yourself. But what follows is my personal opinion:
I think running Symantec products is worse than running no security software at all. With no security software, at least you know you’re not protected. But millions of Symantec/Norton customers think the software is keeping them safe, when there’s strong evidence that it might actually be creating new vulnerabilities and system problems that wouldn’t otherwise exist. To me, that’s unconscionable in security software.
I haven’t had any Symantec products on my PCs since the early 1990s, and I don’t see that changing any time soon. I’ve seen too many problems with Symantec/Norton’s software.
Your experience might be different, and you’re certainly free to use what you like.
But now you know why you don’t see any coverage of Symantec products from me.
Personally I fully and wholeheartedly agree with Fred Langa!

As usual I welcome comments and suggestions right here in the blog. Thank you in advance.

Stay safe.

Monday, September 26, 2016

Yahoo Users, it's Time to Run for the Hills

For years I have told my clients to stay away from Yahoo as far as possible. Those with Yahoo email accounts I have told to to switch their email provider.

Yes, it is a BIG hassle to do that but now it seems to be imperative to do it - finally.

Yahoo has been majorly hacked!

In 2014 already and they have kept it a secret until recently!

Reported numbers of compromised accounts vary from 500 thousand to one billion affected users but that is irrelevant; relevant is that practically all sensitive information got copied off by miscreants. User names, passwords, date-of-birth, SSNs, security questions and the answers, phone numbers, "real names", address information and the list goes on...

In California the first class action lawsuit against Yahoo has been filed and many more are expected to follow all over the nation.

What to do?

First change your Yahoo password, make the new one at least 12 characters long. Read this article from 2011(!) and this one from 2013(!) on my blog for more information.

More info on Passwords is in these articles:
Passwords that are NOT a password
Passwords the Latest

You have a Yahoo email account or use other Yahoo services (like Yahoo Financials!) and you still are "on the fence"? I can't help you, actually nobody can help you but yourself.

As usual I welcome comments and suggestions right here in the blog. Thank you in advance.

Stay safe.