The UGLY underbelly of the End User License Agreement

All of us - well, almost all of us have been conditioned to accept the so called "End User License Agreement" (EULA) for next to everything. Sometimes we agree unknowingly just by turning a new gadget ON; my classical example for that is Windows 10 with it's 12,000 words long EULA.

EVERY app on our phones,
EVERY program ever installed on our computers,
EVERY so called "smart" or "connected" TV in our living rooms,
EVERY supposedly "intelligent" device that recognizes "Google Hello" or is "Alexa enabled",
EVERY of the many useful things that require an Internet connection and an app on a smart phone
and many more things too numerous to list here can be used to spy on us.

Hard to believe? Please listen to this 12 minutes long TED talk, maybe it will change your view.

Stay safe!

Windows 10 and Microsoft's Attitude to Security and Prvacy

On Slate I found this very revealing article about Windows 10 and it's implications for privacy and security. I highly recommend you read it BEFORE you jump on the Windows 10 band wagon.

No, I take back my "... highly recommend you read ...". If you are seriously thinking about Windows 10 and/or want to be fully informed before you take the plunge (or not) THE ARTICLE IS A MUST READ!

As I said in an earlier article by now we can do something about all that, reliably and free of charge. Well, maybe not totally free if you want me to set it up and demonstrate it's correct usage to you.

Stay safe!

Early End to Windows 7/8?

According to this Neowin article Microsoft is telling manufacturers to stop producing computers with Windows 7 and/or Windows 8 much earlier than usually.

Another heavy handed Microsoft tactic. Draw your own conclusions.

Is Microsoft Pushing Windows 10?

Let me, at least by name, introduce Susan Bradley to you. The lady is a very experienced and knowledgeable system administrator in the world of Microsoft networks and she is a Microsoft MVP. She is very active on widely read internet forums and generally well respected.

Ms. Bradley started a petition on Change.org asking Microsoft's CEO Satya Nadella to reconsider the Windows 10 policy of forcing updates of the Windows operating system on user's machines.

Today Ms. Bradley posted  an update to her petition that you can find here.

I have little doubt that Microsoft could and will attempt something like that. I would consider this to be an intrusion into my personal and private sphere.
MS seems to think they own my computer! Have they gone nuts?

It is time that we begin to talk publicly about alternatives to MS Windows!

And before you ask, yes, there are alternatives. I do not want to discuss these here because this blog is named "Computer Trouble..." and that means trouble with MS Windows computers and I will keep it that way.

10 Reasons Against Win 10 - 10 Reasons For Win 10 (plus comments)

Besides my massive reservations towards Windows 10, voiced here and here, I want to give my readers the pro and con disregarding that personal opinion.
 

The following are excerpts from an Infoworld paper published under the title “Everything you need to know about Windows 10”.

Iinfoworld has these 10 reservations against Windows 10:

1. Substantial privacy concerns regarding Windows 10. The trade-offs between privacy and what the system “needs to know” can not be simply decided as a black and white decision.
   The same is true for Windows 10's automatically attached Advertising ID.
    
2. OneDrive works different from Windows 7 and Windows 8. VERY confusing!
    
3. Media Center and DVD player missing.
    
4. No useful “universal apps”. The Windows Store is a wasteland.
    
5. Mail program and Edge browser are test versions at best. Maturing is badly needed.
    
6. Tablet Mode partially useless (MS Office is better on an iPad than on a Win 10 tablet).
    
7. The installer may determine that they (MS) are ot quite ready for your machine yet.
   Beg your pardon? Microsoft themselves seem to know that the upgrade isn't as easy peasy
   as they want us to believe!
    
8. Forced updates have already caused quite a few problems.
    
9. “If it ain't broke don't fix it”. If you are using Windows 7 properly updated and have switched away from Internet Explorer than there is hardly a reason to risk the upgrade.
    
10. WAY TOO MANY open questions!

And Infoworld has 10 reasons for an upgrade; I have taken the liberty to comment in the second line:

1. Windows 10 is the way into the future (of Windows!)
   … the way into the Brave New World of Big Brother Microsoft.
    
2. The new Start Menu is a big plus for keyboard and mouse users of Windows 8/8.1
   if they had never heard of Classic Shell (and here) which creates a menu identical to Win 7.
    
3. DirectX 12 is a BIG plus for hard core gamers
   hard core gamers know what they want and where to get it.
    
4. Some security improvements already in Win 10 and some announced
   the old game of a sparrow in the hand and a dove on the tree.
    
5. Notification Center similar to smart phones.
   those who ignore notifications now have a central place where they can do their ignoring.
    
6. Actually usable on touch screen units like tablets
   partially usable that is; MS Office still is better on the iPad!
    
7. Multiple desktops built-in
   power users always knew how to get that, even free as in no money.
    
8. Cortana may some day actually help you
   but when? And what does it in the meantime? Listening, recording and building a case?
    
9. Edge browser is getting better
   meaning now it is not (yet) good enough for prime time.
    
10. Navigation is easier for mouse users
    than in Win 8/8.1; only for those who could not help themselves so far.

I can only repeat what I have said many times before:

Get ALL the information, combine that with  your individual situation and then make an educated decision.

As usual I welcome comments and suggestions right here in the blog. Thank you in advance.  

 For whatever reason the darned TOC (Table Of Contents) feature that I got from Google does not work any longer, sorry. And I just don't have the time to hunt down another solution; if you know one please tell me in a comment. Thank you.
 

 

Yahoo! - Helps to Distribute Malware

I have said it to countless customers and I say it again, publicly and absolutely clear:

If you see advertisements while browsing the internet
then your computer is not set up safely!

I have said it to countless customers and I say it again, publicly and absolutely clear:

Stay away from Yahoo!

And I mean Yahoo! everything; email, finance, sports, EVERYTHING that comes from Yahoo! 

Here is a literal quote from NetworkWorld.com (bolding and links added by yours truly):

Malwarebytes Labs recently uncovered a large malvertising attack on the Yahoo! advertising network that started on July 28. Malwarebytes estimates that up to 6.9 billion readers could have been affected, making it one of the largest malvertising attacks Malwarebytes Labs has seen recently.

Malvertising is defined as crafted advertisements that intentionally infect the computers of anyone who visits the site. A tiny piece of code hidden deep in the ad will reroute your computer to criminal servers without your knowledge, which then determines how exposed your computer is and decides which piece of malware to send you.

In the case of the Yahoo ad, victims are infected with ransomware via the Angler Exploit Kit, but it’s possible that anything from banking Trojans to additional advertising fraud is also being used in this attack.

Malwarebytes said that the infection included Yahoo's main site, as well as subgroups like News, Finance, Sports, Celebrity, and Games. The ads route users to a site on Microsoft Azure, which eventually leads to the Angler Exploit Kit.

But, according to a friend at Malwarebytes, when you are running Adblock Plus or any other ad blocker, then the ad never plays, so no payload is delivered to your PC. So the malware doesn't ever get to touch your PC. Even if you don't click on the ad, the fact is it loads and becomes saved in your browser cache, so it does get onto your PC without the blocker.

My customers do not need to worry about malvertising, they all have Adblock Plus installed. All others please listen up:

If you use ANYthing from Yahoo! and/or
if you see advertisements when web surfing
then your computer is UNSAFE!

Do yourself a favor, get your computer cleaned up and secured.

As usual I welcome comments and suggestions right here in the blog. Thank you in advance.

For whatever reason the darned TOC (table of contents) feature that I got from Google does not work any longer, sorry.

Lenovo? NEVER AGAIN!

For years I have recommended not to buy Dell computers because way back when Dell had been caught with dishonest business practices. After years of staunch resistance I have relented for reasons of price/performance. Recently I had to recommend some Dell laptops from the Microsoft Store.

Well, something nasty has happened - again.

I stumbled over an article detailing the most recent failures by Lenovo. Bummer!

Their laptops for quite some time had been on the forefront of machines I recommended.

No more recommending Lenovo computers, at least for the foreseeable future.

Will these companies never learn that they will get caught, hopefully always?

As usual I welcome comments and suggestions right here in the blog. Thank you in advance.

Click here for a categorized Table Of Contents.

NO to Windows 10

Please click this link if you are looking for general information on Windows 10.


My verdict on Windows 10:   

Do not install Windows 10.

If the word privacy and the concept of privacy mean anything to you then you should stay away form the biggest data slurp this world has ever seen. That IMHO is what Windows 10 is going to be.

Here is an example of what others think about Windows 10; this a literal quote from a reply to an article about Windows 10 privacy settings (bolding added by me):

Microsoft has built into Windows 10, the most comprehensive personal surveillance system ever built into an OS. . .
I cannot, for the life of me, envision any reputable business or government entity running this illegal and unconstitutional monstrosity - and still claim that they are able to protect client/citizen's privacy. Doctor's, lawyers, banks or anyplace where client/patient privacy is important should probably avoid Windows Malware 10 at all cost.

And as far as technical "improvements" are concerned here is a snippet from one of the support forums I follow. A user of this forum put it very nicely and IMHO he nailed it precisely:

Personally, I haven't seen a compelling reason to upgrade to Windows 10. ... I haven't found a good reason to upgrade from Windows 8.1...

PRO: Start Menu.
CON: I already have Classic Shell, which is more like the Start Menu to which I am accustomed, and much more configurable.

PRO: Edge Browser.
CON: I'd rather use Firefox.

PRO: Cortana.
CON: This is a security risk just waiting to happen; that being said, this may be a pro... Then again, maybe not. I'm on the fence...

PRO: Multiple Desktops.
CON: Already available to XP and above from Microsoft Sysinternals Desktops 2.0.

PRO: Windowed Universal (Metro/Windows Store) Apps.
CON: I haven't found any Universal Apps that are any better than the desktop programs I already have installed.

PRO: Comes with Solitaire:
CON: You can get solitaire in Windows 8.1 also, from the Windows Store.

PRO: New Mail and Calendar Apps.
CON: Not even as capable as Microsoft's Windows Live Mail 2012 with Microsoft Accounts, and relatively useless with some other accounts. Where are my local folders? Why is the Spam from the junk folder archived forever, it's Spam!?!

PRO: New Photos App.
CON: Better photo editors are out there.

PRO: DirectX 12.
CON: I can't think of a con to this one, except I don't really play games on this computer. That's what consoles are for. (And I don't really care about the XBox App...)

PRO: Unified Settings.
CON: Thanks for moving around the Control Panel again...

PRO: New Task Switcher.
CON: Alt-Tab

PRO: Schedule Restarts.
CON: Forced Windows Updates. Because Microsoft never fudges updates...

PRO: Hello.
CON: Like I have an infrared 3D camera...

etc.

So far for the quote. I had a similar compilation in an earlier article; in case you are interested it is here.

As I said above, my verdict is clear; if you have a well working Windows 7 or Windows 8.1 system there is no compelling technical reason to upgrade to Windows 10; you only would give up what vestiges of privacy there are left in the brave new world of Windows 10 home computing.

As usual I welcome comments and suggestions right here in the blog. Thank you in advance.

Click here for a categorized Table Of Contents.
    

Windows 10 - Better Instructions to Make it "SAFE"

After writing the previous long, long article about how to make Windows 10 running without the glaring privacy issues I discovered on a forum a link to a MUCH better organized article with visual examples for everything from installation to changing the relevant settings.

You find it here: https://fix10.isleaked.com/

I thank the author(s) of this web page; GREAT work!


As usual I welcome comments and suggestions right here in the blog. Thank you in advance.

Click here for a categorized Table Of Contents.
   

Windows 10 Settings - What I Recommend

Please click this link if you are looking for general information on Windows 10.

If you absolutely do not mind to be followed by "Big Brother" then please do not read the remainder of this article, you are excused and may leave.

By now I have decided to recommend to my customers NOT to upgrade to Windows 10. There are way too many IMHO serious privacy issues that go along with a so called Microsoft account.

In the following I will give some tips on how to remedy at least some or much of that messy situation. For every instance of something I deem in need of correcting or changing I will preface the paragraph with "Gripe:".

Because virtually all of my customers work on the desktop and use a mouse and a keyboard all the following step by step instructions are for desktop mode only.

Immediately after upgrading to Windows 10 your computer will work quite differently than it did before the upgrade.


Gripe:
If you gave the system on first start your email address Microsoft has created on their servers the storage for an immense wealth of information about you that Win10 and it's programs will collect from and about you; and that besides the fact that every email address will have it's unique "advertisement ID" assigned. Guess what that will be used for!

If you want to change your inadvertently created Microsoft Account back into a normal, local account then:

1. Right click on the Start button
2. Open Control Panel
3. Click Settings
4. Click  ====================to be finished 

Gripe:
Synchronizing personal settings between various computers could under certain circumstances be a convenience. But some of us don’t want the same settings on all of our various Win10 computers. Just imagine using Win10 on your “old” keyboard/mouse computer and on a tablet; ARGGHH!

Plus: My settings are my personal preference and are none of Microsoft's business! Obviously I am way too old for that brave new world where everything is made public! If you are like me here is how to turn synching off:

1. Right click on the Start button
2. Open Control Panel
3. Click Settings
4. Click Accounts
5. Click Sync your settings 
6. Turn OFF Sync settings to disable synchronizing

  
Gripe:
Microsoft Edge, the new web browser, will be the default for all things Internet. You should set that back to Firefox following these steps:

1. Right click on the Start button
2. Open Control Panel
3. Click Default Programs
4. Click on "Set your default programs"
5. You should see a list of installed programs
6. Find and highlight the entry for Firefox
7. Click on  "Set this program as default" (my cursor points to it)
8. Click OK to close the window

 

Gripe:
System Protection is the Win10 name for the feature that creates Restore Points. This is turned off after the upgrade on many systems! It is by no means a good backup system but still better than nothing. Here is how to turn it on again:

1. Right click on the Start button
2. Open Control Panel
3. Click System
4. In the left sidebar click System protection
5. Highlight your system disk C:
6. Click Configure (see screen shot)

 

     7. Click on "Turn on system protection" (see screen shot below)
     8. Click OK and OK to close all windows

Gripe:
 Especially important to users of laptops computers are Wi-Fi-credentials

A new Win10 feature — WiFi Sense (online FAQ) — has generated more than its share of controversy. Just read what well renowned security researcher Brian Krebs has has to say about it in a recent column.

Simply said WiFi Sense allows all your Facebook friends, Outlook and Skype contacts to automatically sign in to your WiFi router when they are in range; likewise you can use their WiFi network as soon as you are in range of their router. In short, it “blabs” access to your WiFi network to numbers of people who you might not know well enough. And that feature is turned ON by default! Here is how to turn it off:

1. Right click on the Start button
2. Open Control Panel
3. Click Settings
4. Click Network & Internet
5. Click Wi-Fi.
6. Scroll past your wireless networks and click Manage Wi-Fi settings. 
7. Turn off  Connect to suggested open hotspots and
8. Turn off Connect to networks shared by my contacts.

Gripe: 
Simply said, I hate Cortana, the so-called “digital assistant” in Win10.
 
My wife and my best friend may know a lot about me that you don't know and likely even don't want to know. The NSA, Apple and now Microsoft want to know more about every Apple or Win10 user then we want to know about ourselves.

The End User License Agreement (EULA) for Win10 clearly states that Cortana has the ability to collect and use various types of personal information, including your location, calendar data, and programs (called "apps") you use. Cortana collects information about your choice of music, alarm settings, what you view and purchase online, your Bing search history, your use of other Microsoft services, and can even use the camera and microphone of the computer. In short, it is ALWAYS listens when the computer is on. Remember, practically all laptop computers have a microphone and a camera.

This sort of always on data collection worries me deeply; 1984 anyone?

Here is a decent PC World article explaining how to disable Cortana. And don't forget additionally and separately to disable Cortana in the new Edge browser, even if you don't use it!

Remember, Big Brother is always listening, always watching.


Gripe:
Since Microsoft announced that the upgrade to Windows 10 will be free, I have been waiting for the catch. And, surprise, it's very first installment comes with the ubiquitous game of Solitaire.This popular app is included with the new OS, but it includes advertising. To remove the ads, you have to pay a monthly subscription, as reported in a Business Insider story.

Currently I do not know of a hack to get around this.

Just do not go into the trap of recurring payments. There are many free alternatives on the internet. 




Gripe:
Along with forced updates, Win10 also includes — again, on by default — the option to share patches with other computers on your local network or the Internet; this is called peer-to-peer updating. You might want to disable update sharing.

There are serious concerns that attackers might find a way to inject malicious code into the process; many internet connections are metered and with the almost 3GB download size of Win10 you can easily run over your limit and that costs dearly.
 You want to disable peer-to-peer updating obtain patches only directly from Microsoft? Here is how:

1. Right click on the Start button
2. Open Control Panel
3. Click Settings
4. Click Update & Security
5. Click windows Update (it is no longer in the Control Panel!)
6. Select Advanced Options
7. Click Choose how updates are delivered
8.  Turn Update Sharing OFF

So much for today. This article is meant to be continued as more details become available.

As usual I welcome comments and suggestions right here in the blog. Thank you in advance.

Click here for a categorized Table Of Contents.
 
 

Repair Scams And New Variants - Again

Please click this link if you are looking for information on Windows 10.

I hardly can count how often I have spoken in my radio shows about repair scams and other tricks crooks use to scare unsuspecting computer users into handing over their credit card info; that is what all these and similar scams come down to.

Here is only a small selection of articles from this blog that deal with various aspects of this situation - with NO claim of completeness at all:

• June 2012 "Email Scams Getting More Elaborate"
• February 2013 "Phone Scams - Way Too Many!"
• May 2013 "Email From The IRS? No Way!"
• September 2013 "Cybercrime"
• October 2013 "How Malware Gets Installed"
• February 2014 ''New Twist - Old Scam"
• October 2014 "How To Spot Socially Engineered Emails"
• April 2015 "Bye bye Viruses, Hello Carelessness"

The newest twist in this never ending saga happens as follows: You are on a web site you have been on many, many times, let's say for information on your favorite hobby. Naturally after having used that web site for years you assume it is "clean" and the information from there is valid.

But suddenly you get a pop up window or some other kind of message informing you that "your computer has been reported" to some "Windows Security" team or it "is infected with 567 viruses" or similar.

This sort of pop up is by definition a scam!

• Do not click anywhere in this window.
• If applicable DO NOT call the toll free phone number givin in the message.
• Do NOT "x out" of this window, that is do not click on the "red X" in the top right corner of the window to close it.

The only safe way out of such windows and/or messages is to close them with Alt+F4, that is holding down the Alternate key and while holding this key down pressing function key F4.

Beside getting out of this window safely I would avoid ever again going to this web site. There is almost always some alternative.

Why did I above say "... is by definition a scam"?

1. There is no "Windows Security" team or company or anything even vaguely similar.
2. You Windows operating system does NOT report any info to anybody; only malicious software does that!
3. Neither Microsoft nor any of their partner companies care about your computer's and your well being! 

You don't even have to take alone my word for it; here are links to two very official web pages about that exact same issue: 

1. Tech Support Scams from the Federal Trade Commission  and

2. Avoid tech support phone scams from Microsoft's Safety & Security Center

Stay safe and always(!) heed the first of my 10 Commandments Of Safe Computing.

As usual I welcome comments and suggestions right here in the blog. Thank you in advance.

Click here for a categorized Table Of Contents.

Windows 10 - What We Know

Update 7/30.2015:       Please keep reading anyway for the nitty gritty!
The first reports about upgrades to Windows 10 are in! Generally it seems to have gone surprisingly well with only a few minor glitches. Good job, Microsoft.


This article was originally posted early in June 2015. Because of it's relevance and IMHO importance I have kept it and will keep it up-to-date by adding dated Updates to it. For the time being I will put a reference to this article at the top of all future posts in this blog.

Most home users of Windows 7 and Windows 8.1 have been graced via Windows Update with a new icon "Get Windows 10" in the system tray;  I wrote about it on June 4th.

I do not claim to be complete but please let me tell you what the major changes (improvements?) in Windows 10 supposedly will be:

1. "Universal apps" (formerly Metro or Full Screen apps) can now be resized, positioned a.s.o., that is run as a "normal" window. 
2. The Start Menu is back plus live tiles.
3. Again we will have a unified Settings panel aka Control Panel.  
4. On hybrid and/or convertible and tablet computers Windows 10 will move easily between keyboard, mouse and touch usage. 
5. The Cortana digital assistant enables voice control. 
6. XBOX and XBOX Live integration (implementation?)  
7. Spartan web browser instead of IE.
8. Win 10 will run on cell phones.  
9. Snap Assist 
10. Holo Lens (to be seen)

My comments with identical numbering:

1. For Windows 8.1 users maybe an advantage; but frankly, I know nobody who even uses Windows 8 in Full Screen mode.  
2. BIG plus for Windows 8 users - but not for my customers who all have a Start Menu.
3. BIG plus for Win 8 users; a no-brainer otherwise. 
4. I would have taken for granted this "Continuum Mode" and think of it as a self evident requirement on such computers. 
5. Careful, it is said to crate permanent web activity and to give results of "shallow" content and gossipy information on a rather low intellectual level. 
6. Most teenagers I know don't want their parents to even only touch their game consoles. A non-issue for my customers.
7. A new web browser  from Microsoft is long overdue. For the longest time we have very good alternatives to IE; I recommend my customers stay with Firefox. New is not always good ... 
8. What a marketing stunt...
9.  A feature that supposedly suggests "other" documents ... Ha?
10. Usefulness remains to be seen. New is not always better ...
    

As you easily can see there is nothing really compelling to upgrade, for me at least.

There will be bugs of the first days, that is unavoidable in such a huge, complex piece of software. No corporate testing can ever simulate what really happens in hundreds of millions of home computers.
And, the free upgrade offer is good at least through July 28 2016.
 
My tip to my customers:

Wait and see.  If you have a stable and well working Windows 7 or 8.1 system Windows 10 has only marginal improvements over Win 7 but it irons out quirks and annoyances of Win 8.

 Let others fight through the problems of the first hour.

Furthermore we still live with Microsoft's word that these "free" upgrades will be "valid", that is legally usable only until January 2020 or 2023 respectively; details in this article.We still do not know what Microsoft's plans are beyond that.

Update 6/16/2015:

Not every computer is worth upgrading. Your computer should have at least 4GB of main memory (RAM) and 120GB (or more) of free disk space on the C: drive.

If you have a computer with less than 4GB of RAM and/or it runs a 32-bit version of Windows 7 and/or it is over 5 years old you might want to consider a new machine.

Update 6/20/2015:

Windows Media Center will disappear. In it's place we will get a new program to play DVDs. Lucky me, I never had the time or inclination to use my PC as a media machine.

And the Sidebar Gadgets are (finally!) gone; they were unsafe anyway.

Then there will be changes to the way updates are delivered. Details are still missing but it may be that MS will in the future deliver updates as soon as they are available.

IMHO for the non-technical home user long overdue!

I do believe that "reserving" an update to Windows 10 is a pointless exercise. It will lead to an upgrade to Win 10 in the course of running Windows Update - which my customers usually do weekly.

I advise to start an upgrade of this magnitude only AFTER you have a full image backup of your system and then to do the upgrade on your own schedule.
 
Previous sentence is of UTMOST IMPORTANCE!

Update 6/25/2015:
And here my advice for my customers concerning Windows 10:

• I can't help you if you are still running Windows XP.
   
• If you are running Windows Vista you better think about a new computer (mostly).
   
• If you have a stable Windows 7 SP1 system that does dependably what you want to do then don't upgrade to Windows 10.
  
  
• If you are still on Windows 8 you are long overdue to upgrade to 8.1.
   
• If you have Windows 8.1 then upgrading to Windows 10 will eliminate most of Windows 8's annoying quirks and shortcomings.

 But in any case and wherever your system is coming from (7 SP1 or 8.1) your system needs to have ALL updates installed that are available from Windows Update before you think about the upgrade to Windows 10. 

And although I repeat myself you need to have a known good system image backup - and the proven ability to successfully restore it to your system!

These things need to be verified BEFORE you even begin to seriously think about any upgrade of the operating system.  


Update 7/10/15:

Watch out! Microsoft has included Wi-Fi Sense in Windows 10. Here is a lengthy and detailed article about it.

You have to be fully aware that the upgrade to Windows 10 will completely wipe out your current Windows 7 or 8.1 operating system; compatible programs you have installed and you date files will be retained.

Please attempt to upgrade ONLY if you have a proven good full system image backup. This backup needs to be created now, that is before you attempt the upgrade.

We do not know yet if Win 10 will contain any means to roll back if the upgrade fails. And I believe it is really tempting fate to blindly trust an automated tools in these situations. Past experience has clearly shown that a clean install is always better than an in-place upgrade when we deal with the operating system.

And to top it off: 
 If you have a computer that connects to a wireless network, either at home or any place else, then you must read this article!

Update 7/22/15:

If my article is too "technical" for you then read this text from Vic Laurie; Vic has very special experiences and a great talent  to express himself very understandably.


As usual I welcome suggestions and comments right here in the blog.

Click here for a categorized Table Of Contents.

Upgrade to Windows 10?

Any time between June and September Microsoft will release Windows 10 ("this summer" is all we know).

Microsoft has officially said that users of Windows 7 and of Windows 8 and 8.1 will for one year be able to upgrade for free to Windows 10. There is a little bit of a disclaimer though: The footnote says "for the lifetime of the device".

Upgrade "for free"? That sounds (almost) too good to be true. Around Microsoft I have learned to be very cautious. Trying to find more information about this I found two very different interpretations:

1. As long as it happens within one year after Win 10's official release you can upgrade to Win 10 for free "for the lifetime of the device".
   
   What if your well maintained Win 7 computer still runs great in January 2020 and you want to keep it running? Will you then have to pay for Windows 10? If yes how much? Upgrade or new license fee?
    
2. As long as it happens within one year after Win 10's official release you can upgrade to Win 10 for free. After the first "free" year Microsoft will switch to a subscription model and you need to pay a monthly or yearly license fee to be allowed to use Windows 10.
   
   This would amount to a huge money grab. With your current system you have paid for the license to use the operating system; with Windows 7 until Jan. 2020, with Windows 8 until Jan. 2023. Microsoft wants to give you one year for free and then they will start to charge?
   
   Let's say you upgrade from Win 7 to Win 10; 2016 would be free but you would have to pay an additional license fee for three years (2017, 2018and 2019). For upgrades from Win 8 it would be six more years!

For my customers "the device" certainly is their computer. There is no better definition so I assume that "lifetime" is the time for which Microsoft supports the operating system of the computer. Win 7 support ends in January 2020, Win 8 support ends in January 2023.

The details of what really will happen are unknown. Currently my advice is

Do not upgrade right away, wait until the fog has cleared and we have answers to the questions above.

In another article in the near future I will outline the main "improvements" that will come with Windows 10.

Update 5-15-2015: My concerns about an eventual money grab were unfounded. Something up to now unimaginable has happened, you can read about it here.

As usual I welcome suggestions and comments right here in the blog.

Click here for a categorized Table Of Contents.
 

2015-03-12 WBKV Talking Points (March 12 2015)

Superfish bug on some Lenovo laptops is a real risk:
A test for Superfish is here, removal instructions are here.
Firefox vers. 36.0.1 has protection against SF, vers. 37 will further improve certificate checking!

Confirmed sensation: Microsoft will allow all Win 7 & 8 users to upgrade to Win10 for free – for one year (only?). But then the licensing will kick in? A rented operating system? Home user be careful! Microsoft does not give anything away for free; that is the first concrete step to get us all to accept a licensing model, that means yearly payments. This way Microsoft will in the medium and long term make oodles of money more than by selling the software.

More dangerous bugs in Adobe Flash Player! Currently (as of March 12 2015) officially released version is 16.0.0.305! The catch: Many fake updates around! Mostly the user is tricked to download and install a fake plugin that then installs a key logger to collect log in info & passwords. User beware! 

Scam phone calls: Microsoft does not even know that we exist. MS's own advice:

• If anyone calls you and claims to be in any way affiliated with Microsoft IT IS A SCAM!
• Do not purchase any software or services.
• Ask if there is a fee or subscription associated with the “service.” If there is, hang up.
• Never give control of your computer to a third party unless you can confirm that it is a legitimate person you personally know and trust and/or are already a customer of.
• Never provide your credit card or financial information to someone claiming to be from Microsoft tech support.
• Take the caller’s information down and immediately report it to your local authorities.

Download portals (cnet.com, download.com. softonic.com et al) are huge malware slingers.

Have your DNS settings been tampered with? Test here (but know what is correct…)

Adobe's cash-less bug bounty program: Can it ever work?

Symantec splitting security (Norton) from storage business. The beginning of the end (like HP)?

FREAK bug (low quality encryption): Check your web browser here.
News March 12 2015: Fixed with this month's batch of updates for Windows

As usual I welcome suggestions and comments right here in the blog.

Click here for a categorized Table Of Contents.

 

Computer(s) And "Friends"

And again it was a customer's email that brings forth another post on this blog; thank you G. G. With his kind permission here is his email:

I recently have run into a situation about which I don’t know what to do.

For the last few years I have occasionally let a friend, who does not have a computer, use mine.  This would be a few times per year.  Basically he wanted to go on Craig’s List, so he used my second address, with his own password for a Craig’s List account. I didn’t really question what he was doing, because I know one can sell and buy on Craig’s List.

What I found out is that he was posting sexually explicit ads on Craig’s List.

While the screen shows all the ads have been deleted, I cannot figure out a way to get them off of my computer.  An email to Craig’s List was of no help, it just told how to delete the ads, but not how to permanently remove them from my computer.

I’m finding this to be a difficult situation, not only because of the mechanics of getting rid of something I don’t want on my computer, but because of the personal factors involved with someone who was a friend, and trying to weigh in if that relationship can be continued.  Any help that you can give will be appreciated.  

And here is my reply:

Dear Mr. G,

I have heard of similar situations like yours and you have my sympathy.

To your question about cleaning up your computer: I can most likely help. I can try to do that via remote support or in a house call, that is your choice. Although since sexually explicit material is involved I would strongly prefer a house call. Working locally on the computer will allow me to disconnect the computer from the Internet which will allow deeper analysis and cleaning and protect the computer and your Internet connection from eavesdropping.

Additionally and because you asked me I will voice some general ideas:

• NEVER let a "friend" or relative (children, teenager, nephew/niece, grandchildren!) use your computer in/with your regular user account.
  
  If you are a "normal" home user you most likely always work in an administrator account; that can incur added risks.  If you follow this link to the explanation of administrator account please ignore the outdated line "Applies to Windows Vista". These basic concepts apply to all modern operating systems.
   
• For other people on your computer always create "standard" user accounts.
   
• NEVER trust that anybody will behave responsibly and that they will follow basic rules of safe computing.
   
• NEVER let anybody (and not for ANY reason) use an identifier that is tied to your person (email account). It may happen that you will have to answer to the FBI if the person for example uploaded child pornography.
   
• Only allow any third parties (whether visitor or family!) to use your internet connection (wireless network, cell phones, tablets a.s.o) when you can be certain that your internet connection is secured beyond browser and operating system based measures.
  One option of several is described here.

Above advice may seem harsh but consider your situation. Naturally I can not "advise" you on how to handle the situation with your "friend".

My very personal and for you irrelevant opinion is that this person has proven beyond doubt that he is not a friend, maybe not even an acquaintance worth my time. But I am certain you will find your way of dealing with this aspect of the situation.

Additionally and independent of all the preceding I want to ask your kind permission to re-work your question and my answer into an article on my blog. What has happened to you is so "typical" that it lends itself to wider attention. Naturally your text would be quoted completely anonymously.

So much for the customer's letter and my response.

All the above was meant to be the whole post on this issue and then the heavens made me meet with a friend who had given his computer to someone when last fall they were on a hunting excursion.

In this case there are no sexually explicit materials involved but the computer was majorly infected with PuPs, this nasty new kind of malicious programs that I talked about here and here. And here are a few more examples of how we get tricked to allow this stuff to be installed.

I want to add here that you should never activate the Guest account that you find in many versions of Windows. Crooks and hackers know about this account and will be happy to exploit it if they find a computer with activated Guest account.

Update 2/19/2015
I forgot to mention that all good will and the best intentions by us and by others are null and void if my
10 Commandment of Safe Computing are ignored!

As usual I welcome suggestions and comments right here in the blog.

Click here for a categorized Table Of Contents.

2015-02-02 WTKM Talking Points (February 2nd 2015)

Confirmed sensation: Microsoft will allow all Win 7 & 8 users to upgrade to Win10 for free – for one year (only?). But then the licensing will kick in? A rented operating system? Home user be careful! Microsoft does not give anything away for free; that is the first concrete step to get us all to accept a licensing model, that means yearly payments. This way Microsoft will in the medium and long run make oodles of money more than by selling the software.

New dangerous bug in Adobe Flash Player is exploited via Facebook! Current version is 16.0.0.296!The catch: Many fake updates around! Mostly the user is tricked to download/install a fake plugin that then installs a keylogger to collect log in info & passwords. User beware!

Renewed warning: CryptoWall (new CrypotoLocker variant) spread through advertising networks.

When you see advertisements your computer is already infected!It is more important than ever to have a backup routine in place AND TO DO IT!

Finally: Microsoft takes on scam tech support phone call organizations (PDF).
If MS succeeds I expect the crooks to move off-shore and do the same from India.
Microsoft Digital Crimes Unit attorney Courtney Gregoire has an article and a video about these scams on this blog.

If anyone calls you and claims to be in any way affiliated with Microsoft IT IS A SCAM!
Here is Microsoft's own advice for such a case:

• Do not purchase any software or services.
   
• Ask if there is a fee or subscription associated with the “service.” If there is, hang up.
   
• Never give control of your computer to a third party unless you can confirm that it is a legitimate person you personally know and trust and/or are already a customer or when you personally  initiated a support call with Microsoft.
   
• Never provide your credit card or financial information to someone claiming to be from Microsoft tech support.
   
• Take the caller’s information down and immediately report it to your local authorities.

EBKAC errors are the most common ones and no program protects against that!

The supposed hack attack on French news media after the Charlie Hebdo shooting was no attack at all. It was a simple server cockup.

In Canada it is now illegal to install computer programs without consent. Why not in the US?

375 of the 500 largest companies do not protect their web sites from typosquatters. That causes real danger when you mistype a web address in your browser. Be careful!

As usual I welcome suggestions right here in the blog.

Click here for a categorized Table Of Contents.

How To Spot Socially Engineered Emails

For quite some time I wanted to give information about how to spot spam emails. That is quite a sizable field and I wavered too long. This time to my  and I believe to your advantage the wait pays off.

I discovered that KnowBe4.com already had done an excellent job and published the result as a one page fact sheet much better and more concise than I could ever have done it. The paper is called Social Engineering Red Flags. This link should show the information in your browser or in your reader application for PDF files.

I recommend to print it as a handy reference guide.

And here is a real life example; just this morning (10-20-2014) I received an email that looks on first glance like it came from Facebook, optically quite convincing. It is such a "classical" example that I took a screen shot to show it to you:

For me it goes without saying that I do NOT just click on a link in ANY email, no matter who the sender is supposed to be, no matter how "familiar" it looks.

The first clue is the sender address. Bad, simple forgery, not even an attempt to disguise the forgery; maybe that is even the miscreant's real email address. This is one of the times where I regret not to be a security researcher because I would love to mess a bit with this guy.

Then I did what for me by now has become second nature: I rested my mouse on the link (see the cursor). The translation of where the link would have taken my computer to in the status line (bottom left corner of the picture) confirmed my suspicion: The link goes to a web site in Russia. Did you see "http://pemoht-tb.ru/rand..."? ".ru" is the country code for Russia!

If you handle your email with programs or techniques that do not show you all the information from this example then you live dangerously. Imagine a teenager; they would blindly click on the link and voilà, the computer is infected and maybe you even loose all your files!

Oh well, more work for me... (tongue in cheek!_).


As usual I welcome suggestions and comments right here in the blog.

Click here for a categorized Table Of Contents.

Windows 10

Wow, Microsoft, I am impressed!

I have done my first baby steps on the Windows 10 Technical Preview that was released today.

All I can say is:

         Windows 10 is Windows 8 done right!

I can hardly wait for next year's final release; we do not have an  official release date yet; it will be some time next year.

This is the system I will upgrade my everyday "work" computer to.

EVERYTHING of "old" software I tried so far works flawlessly, even system utilities, Libre Office and Google Earth. And the system is only a "preview" that still has some rough edges..

Running the risk to repeat myself, I am impressed.

Do you still have Windows Vista running on a a well equipped machine or one that could easily be upgraded to at least 4GB of RAM? Windows 10 is the system to upgrade to!

Be warned, do NOT attempt an in-place upgrade, always do a full install! This advice has nothing to do with Windows 10, it comes from experiences with six generations of upgrading Windows to newer versions.

As usual I welcome suggestions and comments right here in the blog. Please no hidden adverts for commercial software and please only language that your little kids could hear.

Click here for a categorized Table Of Contents.

Wipe or Repair

Over time some computers tend to slow down compared to how they worked when they were new; that even can lead to the computer “freezing p” and become totally unresponsive. There are many potential reasons for these effects. Here are a few examples:

• During regular use temporary files do not get deleted when no longer needed.
• Too many “background” programs accumulate and run unnecessarily.
• Unscrupulous companies, programs and web sites literally trick the user into installing unnecessary and often outright pernicious programs, so called PuPs.

When this this gets too bad some people just buy a new computer but in most cases this is not necessary. Other people ask a computer repair shop or technician for help. And here is where it gets tricky for the end user who usually is not a computer geek.

Provided that the hardware of the computer in question is still working correctly these “repairs” can be done in two fundamentally different ways:

1. The computer can be wiped or reset to factory-new state as it was originally delivered.
2. Offending files and programs can be removed and eventual damage repaired.

Among computer repair technicians the question “repair or wipe” is one of the most controversially discussed topics of all. More often than not these discussions in online forums are based mostly on beliefs and habit than on facts.

My personal take at this question is this: It very rarely is in my client's best interest (or mine!) to wipe and reload the operating system. I know this in stark contrast to what businesses like Best Buy and others say and do but I write this for my average clients, home users that want their computer “to just work”.

A successful repair is, among others, defined by:

• All viruses, malware, PuPs and so on have been completely removed.
• The cleanup is actually accomplished in about 2 hours.
• After the cleanup the computer runs reliably at normal speed.
• For a reasonable period of time the computer remains free from malicious software - provided the user cooperates and avoids mistakes that are all too common.

Especially larger support organizations routinely apply the wipe-and-reload method. They usually claim one or more of the following reasons as their justification:

• It’s the only way to be sure all infections are removed.
• It’s the fastest way to resolve the problem.
• This process also gets rid of other clutter.

IMHO much more to the point, this one-size-fits-all approach doesn’t require much skill, training or experience on part of the technician who is doing the work; thus the bigger organization saves money on training and wages for better qualified employees.

Most certainly the wipe-and-reload solution is not in the customer’s best interest; here are some of the reasons:

• The rarely understands that their computer will look and feel very different after a reload.
• The customer will have to manually reload drivers, reset the fonts he got used to and now “wants”, select colors, margins, standard folders and file associations; he/she may have to install printer(s) and apat other system settings that have been building up over time since the computer was new.
• Some programs or data files will get destroyed or lost; if they are infrequently used that may show up only weeks or months after the “repair”.
• The user will be without the computer for as long as the reload takes which could be several days.
• Very sophisticated viruses may return after a reload unless very specific measures prevent such reinfection, for example after MBR and/or BIOS infection.

Here are some of the reasons why this approach is not in the technician's best interest, especially if I am the technician doing the cleanup:

• If I “wipe and reload” then the client doesn’t need me, he/she can do it themselves or,
  worse yet, use the techie kid next-door to do it for the cost of a pizza.
• Some programs, drivers, settings and user data will get lost.
• The computer will not “look and feel the same” as it did before the repair.
• The work involved will require much more time than I can honestly charge.

The only way to resolve issues caused by viruses or malware is to find and remove all such nasty programs, their activation methods and associated files and to repair eventual damage to the operating system.

A good cleanup must include improved preventive measures to avoid future success of another malware attack.

I am fully aware that this sometimes is next to impossible; modern malware almost always relies on social engineering tricks to get on a computer. In the end it depends on the user to always follow my Ten Commandments Of Safe Computing, now more than ever before.

Again opposed to common methods I prefer the on-site visit for a clean up job. Only on-site I can convey to the customer some training, show him/her the time proven tools and methodology I recommend to follow and get a feeling for how well they understand my appeals to use common sense.

There are situations when wipe-and-reload is appropriate, for example and IMHO if all these conditions are met:

• You have a recent full-image backup of that computer.
• There are only one or two user(s) set up on the infected computer .
• There is no (or very little) locally-installed software on the infected computer.

These conditions are hardly ever met in a home environment. Only if these conditions are met I will consider a reload. In eleven years of “fixing” home computers I have had to reload the operating system only on two occasions.

I see no acceptable alternative to intelligently and methodically removing all malware infections and repairing any damage they may have caused. 

And I am well aware of the fact that on rare occasions malware may have done so much damage to the operating system that there may be no other way but to wipe and rebuild; but, as I said, luckily these cases are becoming more and more rare.

As usual I welcome suggestions and comments right here in the blog.

Click here for a categorized Table Of Contents.

Cloud Storage - again

May 5th 2013 I documented my opinion about cloud storage based on a real life example with Google's service.

Today I ran across a similar example based on Microsoft's service named "LiveDrive". Here is the original text:

LiveDrive has started closing people's accounts without warning.  Not everyone's account, of course.  Just a few.  And when those people contact the company to ask why, they're told that they were breaching the terms of their "unlimited storage" package by, er, storing too much stuff.

If this happens to you, and you make a fuss, LiveDrive will restore your access in order that you can retrieve any important data.  However, in the experience of a couple of friends of mine, this access has its bandwidth throttled to such a degree that it is virtually impossible to download anything.  So your files are pretty much lost.

So again, as a reminder, cloud storage services may be convenient but:

Your data is not safe!

You can lose access any time without warning! 

Always keep the original file locally stored and locally backed up! But does that not blow the loudly touted advantages of cloud-backup clearout of the water?


Sometimes I am outright fascinated by how easily people can be made to believe in third parties they have absolutely no control over.

IMHO at least the cloud is no place to entrust my most important documents and irreplaceable memories (aka pictures) with.

As usual I welcome comments and suggestions right here in the blog. Thank you in advance.

Click here for a categorized Table Of Contents.