About Trackers

General information about Trackers and Tracking Cookies:

The Guardian has some interesting reading about trackers and tracking cookies.

Yes, the Guardian article is from 2012 and these technologies have evolved and become more sinister and secretive.

HowToGeek.com is a very reliable web site with all sorts of good how-to advice. Their article from 2016 The Many Ways Websites Track You Online is worth your time.

But if you want a shortcut without the background knowledge then go and install in your Firefox web browser the extension named DuckDuckGo Privacy Essentials.

Here are four more articles from well reputed sources about this extension:

TechCrunch

engadget

PC Magazine

Quora

Stay safe!

The UGLY underbelly of the End User License Agreement

All of us - well, almost all of us have been conditioned to accept the so called "End User License Agreement" (EULA) for next to everything. Sometimes we agree unknowingly just by turning a new gadget ON; my classical example for that is Windows 10 with it's 12,000 words long EULA.

EVERY app on our phones,
EVERY program ever installed on our computers,
EVERY so called "smart" or "connected" TV in our living rooms,
EVERY supposedly "intelligent" device that recognizes "Google Hello" or is "Alexa enabled",
EVERY of the many useful things that require an Internet connection and an app on a smart phone
and many more things too numerous to list here can be used to spy on us.

Hard to believe? Please listen to this 12 minutes long TED talk, maybe it will change your view.

Stay safe!

WOT and the darned Purists at Mozilla

WOT vanished from many of my customers Firefox web browsers. I got some questions about that so here is my diatribe.

Mozilla, the maker of the Firefox web browser, is a European organization and over there they have a MUCH more narrow view of privacy issues. That is a double-edged sword.

WOT has a few month ago modified their end user license agreement to conform more closely to what the add-on all can do. No surprise to me that they collect some information on the things you search for and where you then click on. Google does that for years and nobody gives a hoot.

WOT finally made it public and Google and Mozilla went ballistic pulling the WOT extension (add-on) from their web sites. I am pretty livid but they don't listen to you or me.

WOT in the meantime has changed the wording of their end user license agreement and you again can get and run WOT in Goggle Chrome.

The Europeans don't seem to see the value of WOT for the normal non-geek end user and remain stubbornly on their negative stance towards WOT. 

And Mozilla even tricks people into disabling or removing WOT - despite the fact that there is no even remotely similar functionality available anywhere else.

It is a shame but I have to tell my customers that they have to use Google Chrome for their web searches if they want the advantages of WOT, naturally with WOT and a good Ad-Blocker installed. These get installed from within the web browser, they are extensions.


Currently IMHO only Adblock Plus from adblockplus.org and uBlock Origin qualify as "good" ad-blockers.


Supposedly WOT and Mozilla are working on a resolution but that already takes many months.

If you have an affected computer and on the desktop is a folder named "Old Firefox Data" I may be able to resurrect WOT; but that definitely would be a trial and error thing that I can not guarantee. But at least I can do it remotely. 

Stay safe.

Yahoo Users, it's Time to Run for the Hills

For years I have told my clients to stay away from Yahoo as far as possible. Those with Yahoo email accounts I have told to to switch their email provider.

Yes, it is a BIG hassle to do that but now it seems to be imperative to do it - finally.

Yahoo has been majorly hacked!

In 2014 already and they have kept it a secret until recently!

Reported numbers of compromised accounts vary from 500 thousand to one billion affected users but that is irrelevant; relevant is that practically all sensitive information got copied off by miscreants. User names, passwords, date-of-birth, SSNs, security questions and the answers, phone numbers, "real names", address information and the list goes on...

In California the first class action lawsuit against Yahoo has been filed and many more are expected to follow all over the nation.

What to do?

First change your Yahoo password, make the new one at least 12 characters long. Read this article from 2011(!) and this one from 2013(!) on my blog for more information.

More info on Passwords is in these articles:
Passwords that are NOT a password
Passwords the Latest

You have a Yahoo email account or use other Yahoo services (like Yahoo Financials!) and you still are "on the fence"? I can't help you, actually nobody can help you but yourself.

As usual I welcome comments and suggestions right here in the blog. Thank you in advance.

Stay safe.

"Force Feeding" Windows 10

"Force Feeding" are the only words adequate to describe what Microsoft is doing right now! My email inbox is overflowing with complaints and cries for help. Microsoft seems to be really desperate, it must not be going as well as they had hoped.

After the upgrade to Windows 10 (not update) you have 4 weeks to revert to your previous system. This process has so far worked without a hitch for those of my customers who reverted.

1. Click the Start button
2. Click on Settings (on a few systems it is PC Settings)
3. Click on Update & security
4. In the left side bar click on Recovery
5. Find the entry Go back to Windows x (x is 7 or 8 depending on what your previous system was) and click on it

Depending on the speed of your computer it will work for anything between 30 and 90 minutes. After you have reverted to your previous version of Windows Microsoft will again begin to permanently nag you to upgrade to Win 10. This nagging can be reliably turned off!

Microsoft has since about November 2015 been busy to put some of the telemetry of Windows 10 into Windows 7 and Windows 8 systems; this happens in addition to forcing upgrades to Windows 10. That means that Win 7 and 8 systems now contain some of what I call Windows 10 spying on me/us and IMHO that should to be turned off!!

My recommendation is to turn all this junk off and luckily since about February 2016 I know of a dependable piece of free software that allows everybody to do just that on their systems whether it is a Windows 7, 8 or 10 computer!. See this article for more details.


If after the upgrade any icons or programs are missing or if you rather have me install SD Anti Beacon I can do all that via remote support. For remote support please call one of the coming Monday through Thursday evenings between 6PM and 8PM. If I am already at home I want to connect remotely to your computer. If I can not answer on your first attempt please assume that I am already helping somebody else and keep trying every 10 or 15 minutes.

If I have set up or worked on your computer during the last three years you should be set for remote support; if you have an icon labeled either "Teamviewer ..."  or "EJH Remote Support" then all is prepared. If you do not find either of these icons please call anyway, I can walk you on the phone thru the steps to get the remote support program going. Alternatively you can prepare for remote support as described here.

Please have your computer up and running; if your computer is a notebook (or laptop) computer then please have the power supply connected and plugged into a working power outlet.

Stay safe!

Windows 10 and Microsoft's Attitude to Security and Prvacy

On Slate I found this very revealing article about Windows 10 and it's implications for privacy and security. I highly recommend you read it BEFORE you jump on the Windows 10 band wagon.

No, I take back my "... highly recommend you read ...". If you are seriously thinking about Windows 10 and/or want to be fully informed before you take the plunge (or not) THE ARTICLE IS A MUST READ!

As I said in an earlier article by now we can do something about all that, reliably and free of charge. Well, maybe not totally free if you want me to set it up and demonstrate it's correct usage to you.

Stay safe!

Spybot Anti Beacon - A Must Have?

If privacy of your data and files is to you as important as it is for me than the answer to the title question on Windows 7 and above is YES, clear and loud.

Let me explain: SpyBot Anti Beacon is a relatively new utility that can reliably turn off most of Windows 10's unwelcome behavior. Many others besides myself think of as being spied at. Whether Micro$oft calls this telemetry or whatever, I feel spied at.

If you want to know why I call Windows 10 a masterpiece of data collection and judge it's telemetry as for me unwanted spying please read this article originally written in October 2012 after Windows 8 was available. And I repeated the IMHO main reason in the context of Windows 10 quite recently.

If you want to try SB Anti Beacon (SBAB) please keep in mind this is professionally made but it is a FREE program; free as in free beer, that is you do not have to pay for it. This has consequences; not everything is as automatic as you might have come to expect from good programs. The main program window has four tabs for four different functions or info screens. I recommend to read the Frequently Asked Questions in tab #4 but will shortly describe what I do in tabs #1 and #2 (usage instructions).

In tab #1 I want ALL the entries to be green, that is all the spying turned off. So I just click the Immunize button at the bottom of the page.

In tab #2 I want as well all entries to be turned off but the page is differently organized. For every entry I have to click on the Apply button immediately above the entry. And especially on laptops and other (mainly smaller) wide screens I have to realize that in tab #2 the program windows has a scroll bar! I need to use it to uncover the last entry or entries on that tab's page.

Here are some visual examples from the only Windows 10 system I currently have available which happens to be a laptop:

Tab #1 BEFORE and AFTER "Immunize"

Tab #2 BEFORE and AFTER "Apply"

Please see that the scroll bar in the pictures of tab #2 is in a different positions.

Just an hour ago I made an interesting observation: After installing updates from Windows Update I checked the Win 7 system I write this on and there was one new telemetry entry in each of the tabs. That shows that Micro$oft at least for now will keep bringing telemetry from Windows 10 back to Windows 7 and 8!

That is why I say to you:  If you are willing to use SpyBot's Anti Beacon and to take on this additional check after EVERY update from Micro$oft (whether the updates were automatically applied or you checked and installed them manually) then you can rest fairly assured that Micro$oft will not collect data from your computer and about your computing habits.

As usual, stay safe.

Credit cards ARE a risk factor...

.., especially if last year you used them at Target or Home Depot.

Home Depot so far shelled out $19.5 million and they are still counting.

More details are here.

Personally I always cringe when I see someone paying everyday smaller mounts with a credit card, be it at Starbucks, McDonald or anywhere else.

Disclaimer: I am hardly ever at McDonald and if at all I pay with cash!

Stay safe!

Skype Users Be Warned

If you use Skype PLEASE read through this article about two conversations triggered by Skype friend requests. I will let that speak for itself.

For the less geeky of my readers, a spam bot is program or robot programmed to "have a conversation".

You are warned.

Stay safe.

Is Microsoft Pushing Windows 10?

Let me, at least by name, introduce Susan Bradley to you. The lady is a very experienced and knowledgeable system administrator in the world of Microsoft networks and she is a Microsoft MVP. She is very active on widely read internet forums and generally well respected.

Ms. Bradley started a petition on Change.org asking Microsoft's CEO Satya Nadella to reconsider the Windows 10 policy of forcing updates of the Windows operating system on user's machines.

Today Ms. Bradley posted  an update to her petition that you can find here.

I have little doubt that Microsoft could and will attempt something like that. I would consider this to be an intrusion into my personal and private sphere.
MS seems to think they own my computer! Have they gone nuts?

It is time that we begin to talk publicly about alternatives to MS Windows!

And before you ask, yes, there are alternatives. I do not want to discuss these here because this blog is named "Computer Trouble..." and that means trouble with MS Windows computers and I will keep it that way.

Why Not Windows 10?

I have been asked one too many times why I oppose Windows 10. Here is some more fodder for thought.

Besides all eventual arguments for or against technical merit here are only three facts that everybody can check out in Microsoft's Terms of Use for Windows 10. Every single install of Windows 10 must agree to Microsoft's Terms And Conditions for use of Windows 10. This is (supposedly) a 12,000 word document. Everybody I know, me included, just clicks on Agree - and Microsoft knows that.


We usually allow Windows 10 to install with Express Settings (the default that most people choose!); in the Terms of Use we can find that we agree among others goodies to:

1. Windows 10 is logging all keystrokes
    
2. Windows 10 is always listening to the microphone
    
3. Microsoft will turn over all your data and info about you to authorities

Re. point #1: 

Programs that log our keystrokes on the functional level of the operating system (or even below that) have always been called Key Loggers and always have by all security systems been flagged as viruses and removed.

Just think of every keystroke being logged and stored at MS (Microsoft); what about your username(s) and password(s)? What about account details like credit card or bank or investment account numbers?

Re. point #2:

Many desktop computers and virtually all laptop computers have a microphone. Windows 10 will record and store on MS's servers every spoken word that reaches the microphone while the computer is running. Big Brother is always listening!

Windows 10 will (at least try to) make an automatic backup copy of every file you create on your computer and store that copy on MS's servers. What about confidentiality requirements? No lawyer, doctor, real estate agent, CPA or PI can ever use Windows 10; actually everybody who by law is required to respect and guarantee any degree of confidentiality should never use Windows 10. 

Re. point #3:

That sounds kind of "normal" and okay - on the surface at least.

BUT: MS does not say that they require a court order or warrant for that.
Any "authority" can request and will receive all your files and all information about you that MS has gathered.

With no court order at all!

Then there is yet another side to the whole thing that, for me at least, is even more scary; although I have to warn you, it will take 30 minutes away from your busy day to listen to this "video" - which actually is a recorded audio interview.

As usual I welcome comments and suggestions right here in the blog. Thank you in advance.

For whatever reason the darned TOC (Table Of Contents) feature that I got from Google does not work any longer, sorry. And I just don't have the time to hunt down another solution; if you know one please tell me in a comment. Thank you.

NO to Windows 10

Please click this link if you are looking for general information on Windows 10.


My verdict on Windows 10:   

Do not install Windows 10.

If the word privacy and the concept of privacy mean anything to you then you should stay away form the biggest data slurp this world has ever seen. That IMHO is what Windows 10 is going to be.

Here is an example of what others think about Windows 10; this a literal quote from a reply to an article about Windows 10 privacy settings (bolding added by me):

Microsoft has built into Windows 10, the most comprehensive personal surveillance system ever built into an OS. . .
I cannot, for the life of me, envision any reputable business or government entity running this illegal and unconstitutional monstrosity - and still claim that they are able to protect client/citizen's privacy. Doctor's, lawyers, banks or anyplace where client/patient privacy is important should probably avoid Windows Malware 10 at all cost.

And as far as technical "improvements" are concerned here is a snippet from one of the support forums I follow. A user of this forum put it very nicely and IMHO he nailed it precisely:

Personally, I haven't seen a compelling reason to upgrade to Windows 10. ... I haven't found a good reason to upgrade from Windows 8.1...

PRO: Start Menu.
CON: I already have Classic Shell, which is more like the Start Menu to which I am accustomed, and much more configurable.

PRO: Edge Browser.
CON: I'd rather use Firefox.

PRO: Cortana.
CON: This is a security risk just waiting to happen; that being said, this may be a pro... Then again, maybe not. I'm on the fence...

PRO: Multiple Desktops.
CON: Already available to XP and above from Microsoft Sysinternals Desktops 2.0.

PRO: Windowed Universal (Metro/Windows Store) Apps.
CON: I haven't found any Universal Apps that are any better than the desktop programs I already have installed.

PRO: Comes with Solitaire:
CON: You can get solitaire in Windows 8.1 also, from the Windows Store.

PRO: New Mail and Calendar Apps.
CON: Not even as capable as Microsoft's Windows Live Mail 2012 with Microsoft Accounts, and relatively useless with some other accounts. Where are my local folders? Why is the Spam from the junk folder archived forever, it's Spam!?!

PRO: New Photos App.
CON: Better photo editors are out there.

PRO: DirectX 12.
CON: I can't think of a con to this one, except I don't really play games on this computer. That's what consoles are for. (And I don't really care about the XBox App...)

PRO: Unified Settings.
CON: Thanks for moving around the Control Panel again...

PRO: New Task Switcher.
CON: Alt-Tab

PRO: Schedule Restarts.
CON: Forced Windows Updates. Because Microsoft never fudges updates...

PRO: Hello.
CON: Like I have an infrared 3D camera...

etc.

So far for the quote. I had a similar compilation in an earlier article; in case you are interested it is here.

As I said above, my verdict is clear; if you have a well working Windows 7 or Windows 8.1 system there is no compelling technical reason to upgrade to Windows 10; you only would give up what vestiges of privacy there are left in the brave new world of Windows 10 home computing.

As usual I welcome comments and suggestions right here in the blog. Thank you in advance.

Click here for a categorized Table Of Contents.
    

Windows 10 - Better Instructions to Make it "SAFE"

After writing the previous long, long article about how to make Windows 10 running without the glaring privacy issues I discovered on a forum a link to a MUCH better organized article with visual examples for everything from installation to changing the relevant settings.

You find it here: https://fix10.isleaked.com/

I thank the author(s) of this web page; GREAT work!


As usual I welcome comments and suggestions right here in the blog. Thank you in advance.

Click here for a categorized Table Of Contents.
   

Windows 10 Settings - What I Recommend

Please click this link if you are looking for general information on Windows 10.

If you absolutely do not mind to be followed by "Big Brother" then please do not read the remainder of this article, you are excused and may leave.

By now I have decided to recommend to my customers NOT to upgrade to Windows 10. There are way too many IMHO serious privacy issues that go along with a so called Microsoft account.

In the following I will give some tips on how to remedy at least some or much of that messy situation. For every instance of something I deem in need of correcting or changing I will preface the paragraph with "Gripe:".

Because virtually all of my customers work on the desktop and use a mouse and a keyboard all the following step by step instructions are for desktop mode only.

Immediately after upgrading to Windows 10 your computer will work quite differently than it did before the upgrade.


Gripe:
If you gave the system on first start your email address Microsoft has created on their servers the storage for an immense wealth of information about you that Win10 and it's programs will collect from and about you; and that besides the fact that every email address will have it's unique "advertisement ID" assigned. Guess what that will be used for!

If you want to change your inadvertently created Microsoft Account back into a normal, local account then:

1. Right click on the Start button
2. Open Control Panel
3. Click Settings
4. Click  ====================to be finished 

Gripe:
Synchronizing personal settings between various computers could under certain circumstances be a convenience. But some of us don’t want the same settings on all of our various Win10 computers. Just imagine using Win10 on your “old” keyboard/mouse computer and on a tablet; ARGGHH!

Plus: My settings are my personal preference and are none of Microsoft's business! Obviously I am way too old for that brave new world where everything is made public! If you are like me here is how to turn synching off:

1. Right click on the Start button
2. Open Control Panel
3. Click Settings
4. Click Accounts
5. Click Sync your settings 
6. Turn OFF Sync settings to disable synchronizing

  
Gripe:
Microsoft Edge, the new web browser, will be the default for all things Internet. You should set that back to Firefox following these steps:

1. Right click on the Start button
2. Open Control Panel
3. Click Default Programs
4. Click on "Set your default programs"
5. You should see a list of installed programs
6. Find and highlight the entry for Firefox
7. Click on  "Set this program as default" (my cursor points to it)
8. Click OK to close the window

 

Gripe:
System Protection is the Win10 name for the feature that creates Restore Points. This is turned off after the upgrade on many systems! It is by no means a good backup system but still better than nothing. Here is how to turn it on again:

1. Right click on the Start button
2. Open Control Panel
3. Click System
4. In the left sidebar click System protection
5. Highlight your system disk C:
6. Click Configure (see screen shot)

 

     7. Click on "Turn on system protection" (see screen shot below)
     8. Click OK and OK to close all windows

Gripe:
 Especially important to users of laptops computers are Wi-Fi-credentials

A new Win10 feature — WiFi Sense (online FAQ) — has generated more than its share of controversy. Just read what well renowned security researcher Brian Krebs has has to say about it in a recent column.

Simply said WiFi Sense allows all your Facebook friends, Outlook and Skype contacts to automatically sign in to your WiFi router when they are in range; likewise you can use their WiFi network as soon as you are in range of their router. In short, it “blabs” access to your WiFi network to numbers of people who you might not know well enough. And that feature is turned ON by default! Here is how to turn it off:

1. Right click on the Start button
2. Open Control Panel
3. Click Settings
4. Click Network & Internet
5. Click Wi-Fi.
6. Scroll past your wireless networks and click Manage Wi-Fi settings. 
7. Turn off  Connect to suggested open hotspots and
8. Turn off Connect to networks shared by my contacts.

Gripe: 
Simply said, I hate Cortana, the so-called “digital assistant” in Win10.
 
My wife and my best friend may know a lot about me that you don't know and likely even don't want to know. The NSA, Apple and now Microsoft want to know more about every Apple or Win10 user then we want to know about ourselves.

The End User License Agreement (EULA) for Win10 clearly states that Cortana has the ability to collect and use various types of personal information, including your location, calendar data, and programs (called "apps") you use. Cortana collects information about your choice of music, alarm settings, what you view and purchase online, your Bing search history, your use of other Microsoft services, and can even use the camera and microphone of the computer. In short, it is ALWAYS listens when the computer is on. Remember, practically all laptop computers have a microphone and a camera.

This sort of always on data collection worries me deeply; 1984 anyone?

Here is a decent PC World article explaining how to disable Cortana. And don't forget additionally and separately to disable Cortana in the new Edge browser, even if you don't use it!

Remember, Big Brother is always listening, always watching.


Gripe:
Since Microsoft announced that the upgrade to Windows 10 will be free, I have been waiting for the catch. And, surprise, it's very first installment comes with the ubiquitous game of Solitaire.This popular app is included with the new OS, but it includes advertising. To remove the ads, you have to pay a monthly subscription, as reported in a Business Insider story.

Currently I do not know of a hack to get around this.

Just do not go into the trap of recurring payments. There are many free alternatives on the internet. 




Gripe:
Along with forced updates, Win10 also includes — again, on by default — the option to share patches with other computers on your local network or the Internet; this is called peer-to-peer updating. You might want to disable update sharing.

There are serious concerns that attackers might find a way to inject malicious code into the process; many internet connections are metered and with the almost 3GB download size of Win10 you can easily run over your limit and that costs dearly.
 You want to disable peer-to-peer updating obtain patches only directly from Microsoft? Here is how:

1. Right click on the Start button
2. Open Control Panel
3. Click Settings
4. Click Update & Security
5. Click windows Update (it is no longer in the Control Panel!)
6. Select Advanced Options
7. Click Choose how updates are delivered
8.  Turn Update Sharing OFF

So much for today. This article is meant to be continued as more details become available.

As usual I welcome comments and suggestions right here in the blog. Thank you in advance.

Click here for a categorized Table Of Contents.
 
 

Windows 10 Broadcasts Wi-Fi Passwords

Please click this link if you are looking for information on Windows 10.

I "stole" the following VERBATIM from a blog post at The Register. 

If you upgrade to Windows 10 and if you have a wireless home network you better turn Wi-Fi Sense in Windows 10 OFF! 

 Wi-Fi Sense is a feature from the world of Microsoft Mobile (cell phones) that sneakily appears in Windows 10.

Here now the article from The Register:

--------------------------    

theregister.co.uk

UH OH: Windows 10 will share your Wi-Fi key with your friends' friends

30 Jun 2015 at 20:59,

Updated A Windows 10 feature, Wi-Fi Sense, smells like a security risk: it can share access to Wi-Fi networks with the user's contacts.

Wi-Fi Sense has been on Windows Phone since 8.1

Those contacts include their Outlook.com (nee Hotmail) contacts, Skype contacts and, with an opt-in, their Facebook friends. There is method in the Microsoft madness – it saves having to shout across the office or house “what’s the Wi-Fi password?” – but ease of use has to be teamed with security. If you wander close to a wireless network, and your friend knows the password, and you both have Wi-Fi Sense, you can log into that network.

Wi-Fi Sense doesn’t reveal the plaintext password to your family, friends, acquaintances, and the chap at the takeaway who's an Outlook.com contact, but it does allow them, if they are also running Wi-Fi Sense, to log in to your Wi-Fi. The password must be stored centrally by Microsoft, and is copied to a device for it to work; Microsoft just tries to stop you looking at it. How successful that will be isn't yet known.
"For networks you choose to share access to, the password is sent over an encrypted connection and stored in an encrypted file on a Microsoft server, and then sent over a secure connection to your contacts' phone if they use Wi-Fi Sense and they're in range of the Wi-Fi network you shared," the Wi-Fi Sense FAQ states.
Microsoft also adds that Wi-Fi Sense will only provide internet access, and block connections to other things on the wireless LAN: "When you share network access, your contacts get internet access only. For example, if you share your home Wi-Fi network, your contacts won't have access to other computers, devices, or files stored on your home network."
That sounds wise – but we're not convinced how it will be practically enforced: if a computer is connected to a protected Wi-Fi network, it must know the key. And if the computer knows the key, a determined user or hacker will be able to find it within the system and use it to log into the network with full access.
In theory, someone who wanted access to your company network could befriend an employee or two, and drive into the office car park to be in range, and then gain access to the wireless network. Some basic protections, specifically ones that safeguard against people sharing their passwords, should prevent this.
The feature has been on Windows Phones since version 8.1. If you type the password into your Lumia, you won’t then need to type it into your laptop, because you are a friend of yourself. Given the meagre installed base of Windows Phones it's not been much of a threat – until now.
With every laptop running Windows 10 in the business radiating access, the security risk is significant. A second issue is that by giving Wi-Fi Sense access to your Facebook contacts, you are giving Microsoft a list of your Facebook friends, as well as your wireless passwords.
In an attempt to address the security hole it has created, Microsoft offers a kludge of a workaround: you must add _optout to the SSID (the name of your network) to prevent it from working with Wi-Fi Sense.
(So if you want to opt out of Google Maps and Wi-Fi Sense at the same time, you must change your SSID of, say, myhouse to myhouse_optout_nomap. Technology is great.)
Microsoft enables Windows 10's Wi-Fi Sense by default, and access to password-protected networks are shared with contacts unless the user remembers to uncheck a box when they first connect. Choosing to switch it off may make it a lot less useful, but would make for a more secure IT environment.
Yes, wireless passwords can be written down and trivially passed along to others: we know network security shouldn't end at the Wi-Fi login prompt. But there's nothing like an OS automating the practice of blabbing passphrases to your mates, eh?

Updated to add

A Microsoft PR rep has been in touch about the headline, pointing out that when you share access to your network via Wi-Fi Sense, your contacts cannot share that access to other people. We know this.
The headline still stands because: imagine you and I are friends, and you visit my house. I tell you the Wi-Fi password, or you read it off the fridge. You type it into your Windows 10 device, and access to my network is shared via Wi-Fi Sense with your Windows 10 friends. Your friends now have access to my network, or in other words, my friend's friends now have access to the network.
And that's not good.
--------------------------

So far for the article from The Register.

By now I have installed several versions of Windows 10 Preview and the install process has changed over time - which is to be expected in a preview for testing of a product that is in active development. The last install(s) have asked questions about sharing Wi-Fi keys and I have declined. By the way, I am planning an extensive article about the install process of Windows 10.

I have declined to share Wi-Fi keys because I read the questions before I ACCEPT the default settings. These preselected default settings more often that not help Microsoft rather than the individual user; that at least is my experience with Microsoft software and products since I know them - and that is only since about the early 1980s.

As usual I welcome comments and suggestions right here in the blog. Thank you in advance.

Click here for a categorized Table Of Contents.

Now THAT is interesting!

Okay, maybe more for me than for you but anyway, I will offer to you what I just found.

It turns out that Microsoft has a really good article on their sprawling web site. It is titled

Ten Immutable Laws Of Security

Make some time, the article is long! Grab a coffee or tea or what ever lubrication you fancy for a good, lengthy read.

Oh yes, before I forget it, the bold text above is the link to said article.

As usual I welcome suggestions and comments right here in the blog.

Click here for a categorized Table Of Contents.

Computer(s) And "Friends"

And again it was a customer's email that brings forth another post on this blog; thank you G. G. With his kind permission here is his email:

I recently have run into a situation about which I don’t know what to do.

For the last few years I have occasionally let a friend, who does not have a computer, use mine.  This would be a few times per year.  Basically he wanted to go on Craig’s List, so he used my second address, with his own password for a Craig’s List account. I didn’t really question what he was doing, because I know one can sell and buy on Craig’s List.

What I found out is that he was posting sexually explicit ads on Craig’s List.

While the screen shows all the ads have been deleted, I cannot figure out a way to get them off of my computer.  An email to Craig’s List was of no help, it just told how to delete the ads, but not how to permanently remove them from my computer.

I’m finding this to be a difficult situation, not only because of the mechanics of getting rid of something I don’t want on my computer, but because of the personal factors involved with someone who was a friend, and trying to weigh in if that relationship can be continued.  Any help that you can give will be appreciated.  

And here is my reply:

Dear Mr. G,

I have heard of similar situations like yours and you have my sympathy.

To your question about cleaning up your computer: I can most likely help. I can try to do that via remote support or in a house call, that is your choice. Although since sexually explicit material is involved I would strongly prefer a house call. Working locally on the computer will allow me to disconnect the computer from the Internet which will allow deeper analysis and cleaning and protect the computer and your Internet connection from eavesdropping.

Additionally and because you asked me I will voice some general ideas:

• NEVER let a "friend" or relative (children, teenager, nephew/niece, grandchildren!) use your computer in/with your regular user account.
  
  If you are a "normal" home user you most likely always work in an administrator account; that can incur added risks.  If you follow this link to the explanation of administrator account please ignore the outdated line "Applies to Windows Vista". These basic concepts apply to all modern operating systems.
   
• For other people on your computer always create "standard" user accounts.
   
• NEVER trust that anybody will behave responsibly and that they will follow basic rules of safe computing.
   
• NEVER let anybody (and not for ANY reason) use an identifier that is tied to your person (email account). It may happen that you will have to answer to the FBI if the person for example uploaded child pornography.
   
• Only allow any third parties (whether visitor or family!) to use your internet connection (wireless network, cell phones, tablets a.s.o) when you can be certain that your internet connection is secured beyond browser and operating system based measures.
  One option of several is described here.

Above advice may seem harsh but consider your situation. Naturally I can not "advise" you on how to handle the situation with your "friend".

My very personal and for you irrelevant opinion is that this person has proven beyond doubt that he is not a friend, maybe not even an acquaintance worth my time. But I am certain you will find your way of dealing with this aspect of the situation.

Additionally and independent of all the preceding I want to ask your kind permission to re-work your question and my answer into an article on my blog. What has happened to you is so "typical" that it lends itself to wider attention. Naturally your text would be quoted completely anonymously.

So much for the customer's letter and my response.

All the above was meant to be the whole post on this issue and then the heavens made me meet with a friend who had given his computer to someone when last fall they were on a hunting excursion.

In this case there are no sexually explicit materials involved but the computer was majorly infected with PuPs, this nasty new kind of malicious programs that I talked about here and here. And here are a few more examples of how we get tricked to allow this stuff to be installed.

I want to add here that you should never activate the Guest account that you find in many versions of Windows. Crooks and hackers know about this account and will be happy to exploit it if they find a computer with activated Guest account.

Update 2/19/2015
I forgot to mention that all good will and the best intentions by us and by others are null and void if my
10 Commandment of Safe Computing are ignored!

As usual I welcome suggestions and comments right here in the blog.

Click here for a categorized Table Of Contents.

How To Spot Socially Engineered Emails

For quite some time I wanted to give information about how to spot spam emails. That is quite a sizable field and I wavered too long. This time to my  and I believe to your advantage the wait pays off.

I discovered that KnowBe4.com already had done an excellent job and published the result as a one page fact sheet much better and more concise than I could ever have done it. The paper is called Social Engineering Red Flags. This link should show the information in your browser or in your reader application for PDF files.

I recommend to print it as a handy reference guide.

And here is a real life example; just this morning (10-20-2014) I received an email that looks on first glance like it came from Facebook, optically quite convincing. It is such a "classical" example that I took a screen shot to show it to you:

For me it goes without saying that I do NOT just click on a link in ANY email, no matter who the sender is supposed to be, no matter how "familiar" it looks.

The first clue is the sender address. Bad, simple forgery, not even an attempt to disguise the forgery; maybe that is even the miscreant's real email address. This is one of the times where I regret not to be a security researcher because I would love to mess a bit with this guy.

Then I did what for me by now has become second nature: I rested my mouse on the link (see the cursor). The translation of where the link would have taken my computer to in the status line (bottom left corner of the picture) confirmed my suspicion: The link goes to a web site in Russia. Did you see "http://pemoht-tb.ru/rand..."? ".ru" is the country code for Russia!

If you handle your email with programs or techniques that do not show you all the information from this example then you live dangerously. Imagine a teenager; they would blindly click on the link and voilà, the computer is infected and maybe you even loose all your files!

Oh well, more work for me... (tongue in cheek!_).


As usual I welcome suggestions and comments right here in the blog.

Click here for a categorized Table Of Contents.

Details on CryptoWall

This article assumes that you are familiar with my previous article CryptoLocker - Revisited.

Detailed information was released about CryptoWall, one of the CryptoLocker variants.

Between mid-March and late August CryptoWall infected almost 625,000 systems; on these systems it encrypted more than 5.25 billion files.

The US seems to have the most CryptoWall infections: 253,521 (or about 40 percent), followed by Vietnam with 66,590 infections, the U.K. with 40,258, Canada with 32,579 and India with 22,582.

The US likely got targeted more often because CryptoWall's got distributed through spam emails sent from the Cutwail botnet which targets English language computer users.

Researchers collected data directly from CryptoWall's  payment server such as the exact number of paying victims and the amount of payments. Of nearly 625,000 infections and over about six months 1,683 victims (0.27%) paid the ransom for a total of $1,101,900.

CryptoWall seems to have  a home-made problem by accepting payment of ransom by Bitcoin only. Many average computer users will have problems paying with Bitcoin and reseachers assume that this is part of the reason that only 0.27% of CryptoWall's victims paid compared to 1.3% of CryptoLocker victims; CryptoLocker allowed payment by MoneyPak as well.

As sad as it is, these numbers clearly show that cyber crime pays.


As usual I welcome suggestions and comments right here in the blog.

Click here for a categorized Table Of Contents.

CryptoLocker - Revisited

In December 2012 I wrote for the first time about the back then new relatively virus CryptoLocker.
In October 2013 I wrote again about new variants of this virus. Now I have new information that warrants to visit CryptoLocker again.

This family of viruses is by now one of the most destructive threats I have seen. Much of the news regarding CryptoLocker is rather negative but there is at least a bit of positive news as well.

CryptoLocker has evolved

Very shortly after the original CryptoLocker had appeared the first variant was discovered; on first glance it appeared to be similar to the original version. It almost was a look-alike, the method of infection was the same, the encryption seemed the same and the message on the infected computer's screen was very much like the original's. There were only two obvious differences: The original CryptoLocker demanded $100 for information to decrypt the user's files and it offered two payment methods (MoneyPak or Bitcoin); the “look alike” demanded $300 and accepted Bitcoin only.

Time consuming and detailed analysis uncovered significant internal differences. Specialists found that the second version most likely was written by a different programmer or even programming team. It was written in a different programming language and many other internal differences were discovered as well.

In the meantime we know of at least six other virus programs that work similar to CryptoLocker. They are called “encrypting ransom ware” (in the following ERW), they are actively distributed, modified and improved. Most likely they were created and are being run by different groups of malware creators and distributors. Some names I have run across:

• CryptoLocker (the original)
• CryptoLocker 2 (the first imitator referenced above, my naming))
• Critroni
• CryptoDefense
• CryptorBit
• CryptoWall (see this new article for details)
• CTB Locker
• PrisonLocker or PowerLocker
• TorLocker

The newer versions of ERW viruses have become increasingly sophisticated, hard to detect and difficult to remove.

How these infections spread

Many infections happen when the user attempts to opens an e-mail attachment that then in turn launches the ERW. By now almost any file type can be abused in this way; you just can't trust so called “safe” file types any longer.

Over time I have received many emails about supposedly failed deliveries of goods. Some of these emails were made professionally and looked at first glance almost authentic. It made no difference whether the email seemed to be from DHL, FedEx, UPS or the US Postal Service; there always seemed to be some legitimate sounding reason to open the attachment.

In all cases attention to detail and applied common sense protected my computer better than any security program could have done; I simply avoided that one fatal click to open an attachment.

Another increasingly often encountered way for ERWs to spread are “drive-by downloads”. They come from compromised websites and compromised web servers. These sophisticated attacks take advantage of known vulnerabilities in almost ubiquitous software like Windows, Adobe Flash, Adobe Reader, Java and so on. Since these vulnerabilities are known there is only very little excuse to get caught by a drive-by download. To get the computer infected by a drive-by download is very unlikely if the user keeps all software up to date.

Protection?

On the positive side we have to my knowledge three options, some free and some with premium versions for a charge. These programs do not interfere in or conflict with common anti virus or security software. I warn against running any two of these programs concurrently due to the likelihood of conflicts with each other.

1. CryptoPrevent
2. MalwareBytes Anti-Exploit
3. HitmanPro Alert with CryptoGuard

If you are interested to learn more please follow the links.

To make it perfectly clear: I am convinced that the best protection is our own attention to detail, caution and applied common sense. No software in the world can replace our watchfulness!

ERWs on non-Windows computers

To make a bad situation even worse there are reports of ERWs on other, non-Windows platforms like tablets and smart phones with the Android operating system. There was talk about a popular NAS system (Network Attached Storage) being targeted as well. Only Apple systems seem to be not affected, so far at least; as we all know that can change any moment.

A bit of good news

Fairly recently, I believe it was in early August 2014, two software companies announced that they have jointly developed a method to decrypt at least some of the files that were encrypted by the original CryptoLocker. The companies and their web sites are The companies offer their program free of charge to people who still have files encrypted by the original version of CryptoLocker who wants to attempt to recover them.

The companies are FireEye (www.fireeye.com) and Fox-IT (www.fox-it.com). These companies apparently did not crack the encryption, they gained access to some of the command and control servers where some private keys were stored that the original CryptoLocker virus had used.

Much detailed sleuthing, dis-assembling, re-engineering and analysis of the original virus enabled them to write a program called DecryptCryptoLocker that can decrypt affected files when the were encrypted using any of the recovered private keys. At https://www.decryptcryptolocker.com/ you can read how this works. There is a decent chance that this program will recover encrypted files but there is no guarantee.Some so far encountered obstacles that may prevent decryption are:

• It works only on files encrypted by the original version of CryptoLocker infections; it may or may not work on files encrypted by later versions of ERW.
   
• Nobody knows if the servers accessed by FireEye and Fox-IT contained all private keys CryptoLocker had used.
   
• The original CryptoLocker was effectively eliminated late in May, 2014; any later infections will most likely have used different sets of private keys.

Despite these obvious limitations of the procedure FireEye and Fox-IT deserve a lot of credit and big kudos. Anybody who still has files encrypted by the original CryptoLocker should try the procedure and see if it works for them.

My personal conclusion

It is primarily user behavior that protects the computer by always keeping Windows and all other regularly used programs up to date. If all this is accompanied by attention to detail and applied common sense then the computer will most likely remain “healthy” and safe.

In the worst case scenario, that is after your computer got hit by CrypyoLocker or a look-alike having a recent clean backup will be the best medicine against sleepless nights.

As usual I welcome suggestions and comments right here in the blog.

Click here for a categorized Table Of Contents.