2015-04-30 WBKV Talking Points (April 30th 2015)

All Win 7 & 8 users can upgrade to Win10 for free – for one year (only?).

Then licensing will kick in? Home user be careful! I assume MS goes to a subscription model, that is yearly licensing. Win7 is paid for and good until Jan, 2020, Win8 until Jan 2023.
2016 is free but you would have to pay again for 2017, 18,19 (20, 21, 22).

Have an LG cell phone? Running LG's Monitor software? If Yes to both your PC is at risk! LG Monitor disables UAC (User Account Control)..

Dell System Detect: All versions older than 6.0.14 are easily hacked! DSD does not get automatically updated, even if Dell's updater is running!

Motorola's DOCSIS 3.0 SBG 6580 cable broadband modem very easy to hack! Could open your computer to the Internet. Arris, a spin-off brand, has same problem.

Verizon's Risk Assessment Team: 2 out of 3 times computer gets hacked reason was weak password. Runner-ups are clicking on links in emails and opening attachments.

If someone calls you and claims to be in any way affiliated with Microsoft IT IS A SCAM!

Download portals (cnet.com, download.com et al) are huge malware slingers.

Have your DNS settings been tampered with? Test here (but know what is correct…)

Adobe's cash-less bug bounty program: Can it ever work?

Symantec splitting security (Norton) from storage business. The beginning of the end (like HP)? It will take time; giants die slowly

Hackers move away from Java and to Adobe Flash. Check version and update if necessary! Per 4-29-15 version 18.0.0.95 is current. Beware: Many false downloads!

As usual I welcome suggestions and comments right here in the blog.

Click here for a categorized Table Of Contents.
 

2015-04-09 WBKV Talking Points (April 9th 2015)

Free Panda Ant Virus bricks computers! My advice: stay with MS Security Essentials or Defender.

Danger from USB drives: A newly demonstrated device has the potential to fry the USB port and possibly other components on motherboards, even the CPU!

A test for the Superfish bug is here, removal instructions are here.

Firefox vers. 36.0.1 has protection against SF, vers. 37 (current as of last week!) further improves certificate checking!

All Win 7 & 8 users can upgrade to Win10 for free – for one year (only?).

Then licensing will kick in? Home user be careful! I assume MS goes to a subscription model, that is yearly licensing. Win7 is paid for and good until Jan, 2020, Win8 until Jan 2023.
2016 is free but you would have to pay again for 2017, 18,19 (20, 21, 22).

Seagate reluctant to fix serious bug in some of their NAS drives.

More bugs in Adobe Flash Player! Per April 4 6:00AM officially released version is 17.0.0.134!

Many fake Flash Player updates! Users are tricked to download and install a fake plugin that then installs a key logger to collect log in info & passwords. User beware!

If anyone calls you and claims to be in any way affiliated with Microsoft IT IS A SCAM!

Download portals (cnet.com, download.com. softonic.com et al) are huge malware slingers.

Have your DNS settings been tampered with? Test here (but know what is correct…)

Adobe's cash-less bug bounty program: Can it ever work?

Symantec splitting security (Norton) from storage business. The beginning of the end (like HP)?

As usual I welcome suggestions and comments right here in the blog.

Click here for a categorized Table Of Contents.

2015-03-26 WBKV Talking Points (March 26 2015)

Free Panda Ant Virus bricks computers! My advice: stay with MS Security Essentials or Defender.

Danger from USB drives: A newly demonstrated device has the potential to fry the USB port and possibly other components on motherboards, even the CPU!

A test for the Superfish bug is here, removal instructions are here.

Firefox vers. 36.0.1 has protection against SF, vers. 37 will further improve certificate checking!

All Win 7 & 8 users can upgrade to Win10 for free – for one year (only?).

Then licensing will kick in? Home user be careful! Microsoft does not give anything away for free; that is the first concrete step to get us all to accept a licensing model, that means yearly payments.

Seagate reluctant to fix serious bug in some of their NAS drives.

More bugs in Adobe Flash Player! Currently (as of March 16) officially released version is 17.0.0.134!

Many fake updates! Users are tricked to download and install a fake plugin that then installs a key logger to collect log in info & passwords. User beware! 

If anyone calls you and claims to be in any way affiliated with Microsoft IT IS A SCAM!

Download portals (cnet.com, download.com. softonic.com et al) are huge malware slingers.

Have your DNS settings been tampered with? Test here (but know what is correct…)

Adobe's cash-less bug bounty program: Can it ever work?

Symantec splitting security (Norton) from storage business. The beginning of the end (like HP)?

2015-03-12 WBKV Talking Points (March 12 2015)

Superfish bug on some Lenovo laptops is a real risk:
A test for Superfish is here, removal instructions are here.
Firefox vers. 36.0.1 has protection against SF, vers. 37 will further improve certificate checking!

Confirmed sensation: Microsoft will allow all Win 7 & 8 users to upgrade to Win10 for free – for one year (only?). But then the licensing will kick in? A rented operating system? Home user be careful! Microsoft does not give anything away for free; that is the first concrete step to get us all to accept a licensing model, that means yearly payments. This way Microsoft will in the medium and long term make oodles of money more than by selling the software.

More dangerous bugs in Adobe Flash Player! Currently (as of March 12 2015) officially released version is 16.0.0.305! The catch: Many fake updates around! Mostly the user is tricked to download and install a fake plugin that then installs a key logger to collect log in info & passwords. User beware! 

Scam phone calls: Microsoft does not even know that we exist. MS's own advice:

• If anyone calls you and claims to be in any way affiliated with Microsoft IT IS A SCAM!
• Do not purchase any software or services.
• Ask if there is a fee or subscription associated with the “service.” If there is, hang up.
• Never give control of your computer to a third party unless you can confirm that it is a legitimate person you personally know and trust and/or are already a customer of.
• Never provide your credit card or financial information to someone claiming to be from Microsoft tech support.
• Take the caller’s information down and immediately report it to your local authorities.

Download portals (cnet.com, download.com. softonic.com et al) are huge malware slingers.

Have your DNS settings been tampered with? Test here (but know what is correct…)

Adobe's cash-less bug bounty program: Can it ever work?

Symantec splitting security (Norton) from storage business. The beginning of the end (like HP)?

FREAK bug (low quality encryption): Check your web browser here.
News March 12 2015: Fixed with this month's batch of updates for Windows

As usual I welcome suggestions and comments right here in the blog.

Click here for a categorized Table Of Contents.

 

Learning About Computers

During my last radio show (Jan 6, 2014 on WTKM 104.9 FM) a caller expressed his dismay about the demise of a good TV show with very helpful information and practical tips.

When I checked on the morning of Jan 7th I found a very interesting email from a listener with lots of information on the subject of computer info on TV. With that email author's kind permission (Thank you Jeremy R.) here is the full text plus an additional note he sent later. I have done only very minor editing but have added links to the web sites and shows mentioned and to persons as available.

I heard your radio show today.

I am enjoying the conversations you and Dave have been having when you are waiting for callers.

I decided to email you with some info about the TechTV show one of the callers talked about.

I missed TechTV when it went away, but now there are much better shows available online. I wanted to point your attention to some that are relevant. All of these are free and available on demand through their websites, or through set-top boxes like Roku, etc...

'The Screen Savers' (1998-2005)    (This is the one the caller talked about)

• A program on the old TechTV channel that no longer exists.
  
• The hosts Patrick Norton and Leo Laporte

• Revision3.comhttp://revision3.com/
  
• Patrick Norton from 'The Screen Savers' is now on Revision3.com
• Revision3 makes a variety of shows for varying degrees of computer skill.
• Some examples of their 20+ shows are:
• Tekzilla - News and brief How-To's much like TechTV stuff.  (host Patrick Norton)
• HD Nation - Focusing mainly on Home Entertainment computers and gadgets.  (host Patrick Norton) 
  
• GeekBeat.tv - brief technology news updates.
• The Ben Heck Show - in depth, hands on project building.
• Revision3 also makes a few shows purely for entertainment.

• TWiT.tv
  
• Leo Laporte from 'The Screen Savers' created his own network called TWiT.   ("This Week in Tech")
• Leo Laporte hosts most of the shows.
  
• Read about the transition from TechTV to TWiT here: twit.tv/the-twit-story.
• TWiT has 20+ audio and video broadcasts actively being produced.
• Various show topics include: Android Tablets, iPads, How-To, Home Theater, Free Software, Ham Radio, Security

• Category5.tv  (not related to the viewer's question)
  
• Based in Canada
• A relaxed show about current tech, including some hands on activities, and answering viewer questions.
• Airs LIVE every Tuesday night at 6:00pm Central Time.
• Viewers can ask questions by Phone, eMail, or Instant Message Chat
• Viewer questions range from quite technical to very basic.
• The host helps people with Windows and linux questions.
• Category5.tv is currently my personal favorite.
• Some episodes include:
• #327 - Fake Support Call Scammers
  Video recording of a 'Microsoft phone scam' in progress. 
  See what the scammers have people do on their computers.
  
  
• #321 - Making Windows 8 Look and Feel more like Windows 7
  
  
• #317 - Virus Advisory: CryptoLocker
  Interview with Adam Kujawa from Malwarebytes.org about Cryptolocker virus.
  
  
• #274 - Brother's Business Smart Printers
  Interview with Brother printer manufacturer.
  
  

Microsoft Phone Scam
I want to point your attention to the Category5.tv episode #327 - Fake Support Call Scams where they have video footage of what the phone scammers have people do on their computers.  The show notes page for that episode has a link to the last 30 minutes the guy spent on the phone with the scammers.  Now if someone says to me, "They called me up and asked me to do 'x-y-z'" I have a better idea of what they went through.

The scammers were clever, but not clever enough to notice that the machine they were hacking was a freshly installed Virtual Machine specifically set up for this purpose.

This was the first email and here is the additional note he sent with his permission to publish his information here:

One note about the shows being available on the Roku and similar devices...

Revision3 and TWiT have their own channel/app for various devices, while I believe Category5.tv has to be added as an ordinary RSS feed.

When TechTV went off the air, I missed not having that stuff to watch.  Now, there is more "Tech TV" than I have time to watch.  I am still getting caught up on episodes of Category5 that I have missed.

The video of the scam phone call includes little popup notes on the screen that briefly explain what the scammer is really doing, while he is saying something else.

Well, that was this. I publish this information without any warranty to be fit for any purpose.

But again I want to thank Jeremy R. very much for theeffort he put into assembling his email.

As usual I welcome comments and suggestions right here in the blog. Thank you in advance.

Click here for a categorized Table Of Contents.

2013 12 02 WTKM Talking Points (Dec 2nd 2013)

An epidemic of a new kind of malware; see:
       PuPs - No Virus But just as Nasty  and
       How Malware Gets Installed 

       These malwares increasingly embed Bitcoin mining into toolbars, toolbar helpers and
       search agents.

New zero-day hole in IE (all versions).

Many more scam phone calls claiming computer infections.

       Microsoft (and MS affiliates) do not know about us!
Do not let them work on your computer!
Do not give them any credit card information!
I have seen one case where these crooks used a known company name (iWon) to install PuPs (see above); they probably get money for every installation that they do.
The guys who did this one were not even good at it!

Fake Skype voicemail alert: Email comes packed with a variant of notorious ZeuS banking Trojan.
Messages typically come with subject line “You received a new message from Skype voicemail service”; it contains a copyright notice and a disingenuous warning that "Skype staff will NEVER ask you for your password via email".
The purpose of this email is to get you to download and open the attached 'voicemail' file; this then installs the Zeus trojan. 

Crypto Locker virus: Maintain regular backups of data, keep backups separate from computer.

CL encryption is essentially uncrackable (except by the NSA?).
CL infects all current versions of Windows, XP through 8.
If you are somewhat technically adept and/or have someone on your computer you can't fully trust and you want protection from CL then considerCryptoPrevent.
Protecting your computer from CL is easy with best practices (aka common sense).

Windows 8.1 rolled out Oct 17. NOT via Automatic Update, rather you have to go to the MS store!
 This forces you to use a Microsoft account!

Updating from 8 to 8.1
      BIG download (> 311MB). More details here (Oct. 2013)
      Too big for comfort on standard DSL connections.

New Windows 8 computer?

Don't use a Microsoft account! (privacy vs. convenience)
More info: What Exactly is a Microsoft Account
Either way MS tracks all searches, local & internet. (NO to Bing)
Turn off Smart Search
Use Classic Shell (free) or Start8 ($5) to start into desktop.
Install VLC media player (MS removed Media Player!)

Win XP? Your risk of virus infection is SIX times higher that with Win 8 - NOW.

Unpatched XP SP3 vulnerability with older versions of Adobe Reader than 11.0.04. XP users with the latest versions of Adobe Reader (11.0.4 and up) are immune. UPGRADE Adobe Reader.

Facebook is reportedly testing to track cursor movement (silently track a user's actions); tracks how individual visitors respond to ads for better targeting advertising!

Adobe's servers hacked. 38 million user names and passwords plus source code stolen.

Please listen to WTKM on 104.9FM, Monday, Dec. 2nd from 10:00AM to 11:00AM.

2013 11 04 WTKM Talking Points (Nov 4th 2013)

An epidemic of a new kind of malware; see:
       PuPs - No Virus But just as Nasty  and
       How Malware Gets Installed

Many more scam phone calls claiming computer infections.

Microsoft (and MS affiliates) do not know about us!
Do not let them work on your computer!
Do not give them any credit card information!
Six customers in three weeks; two "fell" for the scam!

Windows 8.1 rolled out Oct 17. So far NOT via Automatic Update!

New Windows 8 computer? 
Don't use Microsoft account! (privacy vs. convenience)
More info: What Exactly is a Microsoft Account
Either way MS tracks all searches, local & internet. (NO to Bing)
Turn off Smart Search
Use Classic Shell (free) or Start8 ($5) to start into desktop.
Install VLC media player (MS removed Media Player!)

Updating from 8 to 8.1:
BIG download (> 311MB) More details here (Oct. 2013)
Too big for standard DSL connections

Win XP? Your risk of virus infection is SIX times higher that of Win 8 - NOW. 

Facebook is reportedly testing to track cursor movement (silently track a user's actions); tracks how individual visitors respond to ads for better targeting advertising!
 

India: Named ransomware capital of Asia Pacific; online crime costs the country (estimate)
$4bn in 2012, according to Symantec.
Average cost per victim $207; below worldwide average of $298.
See my blog about Crypto Locker.

Adobe's servers hacked. 38 million usernames and passwords plus source code stolen.

Please listen to WTKM on 104.9FM, Monday, Nov. 4th from 10:00AM to 11:00AM.

2013 10 07 WTKM Talking Points (Oct 7th 2013)

As you may know on the first Monday of every month I am "guest of honor" for computer questions in a live call-in talk show on our local radio station WTKM on FM 104.9 out of Hartford, Wisconsin.

I have decided to publish my Talking Points for the show here on my blog so that interested listeners can easily follow links to other websites with much more detailed information than can be explained on air.

Windows 8.1 rolls out Oct 17.

New Windows 8 computer?
I use and set up "local account" ONLY!
Don't use Microsoft account! (privacy vs. convenience)
More info: What Exactly is a Microsoft Account
Either way MS tracks all searches, local & internet. (NO to Bing)
Turn off Smart Search
Use Classic Shell (free) or Start8 ($5)
Install VLC media player (MS removed Media Player!)

Recent Windows Update problems:Mostly caused by pre existing registry corruption. Quote:

On Windows 7 . . .  Registry cleaners might be at fault.
Those utilities were helpful with Windows XP, but they might
easily cause more problems than they fix in Windows 7 (or Win8).

Micro$oft had to re-issue updates from Sept. 9^th.

Instead of registry cleaners run sfc /scannow as administrator. See MS Support article 929833 for instructions on SFC and other advanced troubleshooting tips.

Can't boot your game disk (CD or DVD) on your brand new Windows 8 computer?
Thank Micro$oft's and UEFI's Secure Boot. For details on the difference between
BIOS and UEFI see this article: The pitfalls of Windows 8′s Secure Boot   

Windows 8 lures the user into MS accounts and into MS cloud services.

The rest of the world and Windows 8:

Yes  it's true; Microsoft wants us to massively migrate to Microsoft based cloud services. But in my country that will not happen as Microsoft wants it, especially   because these "virtual cloud services" are to 85% physically located within the USA.  

That is for most foreign people simply unacceptable. It's not only for reasons like privacy, piracy, taxes, company secrets - there is also a difference in mind-sets.

What if our sensitive data sits there in a physical data center somewhere in the US of A, and bad things really start happening, like for instance war, wide spread diseases, natural disaster, terrorism attack, you name it -  anything could happen anywhere.

Foreigners don't trust CIA/FBI/NSA that much, we learned from the past months.

My customers are saying..., even refusing, to migrate their financial and sensitive business data to somewhere in the 'Microsoft' or even  the 'Amazon cloud'; abroad, unknown where it really is, in a far away foreign country, and nobody knows, or even checks what is happening to their data. It may be leaked to the NSA, via a built-in back door when Micro$oft sold this opportunity to the NSA/US-Government.

 No, sorry, not with us!  We aren't like that!

We even don't come close to this kind of behavior.

Java needs to be kept up to date! As of Sept.15^th 2013 it is version 7.0.40 

Adobe Flash and Adobe Reader need to be kept up to date! Even businesses fail to do this!

Still running Windows XP?
Time to buy a new computer! (with very few exceptions only!)

New, massiveky exploited flaw in Internet Explorer! Don't use IE!

Adobe's computer systems have been hit by numerous "sophisticated attacks"; information of 2.9 million customers compromised, the source code of Adobe products accessed.

End of "WTKM Talking Points for October 7th 2013".

As usual I welcome suggestions and comments right here in the blog.  
Click here for a categorized Table Of Contents.