Some notes on a technique for protecting your computer from Malware (HIPS)

It is difficult to find a title for this post.  This is an important topic for even a "novice" computer user to get their head around.  But it seems to be an onion in the sense that it takes layers of explanations to get to a common language description of what HIPS means to you; ie, why it is important to you.

HIPS stands for Host Intrusion Prevention System.  That doesn't mean a whole lot to me and I suspect it doesn't mean a whole lot to you.  But it is related to keeping your computer and home network secure; in fact, it is fundamental to maintaining your own security.

I use the term AntiMalware to stand for any computer program that detects and perhaps manages infections on your computer, your network, and the internet.  Programs that are called AntiVirus fall in this category, as well as programs that extend their protection to unwanted programs on your computer or in your browser that perhaps just throw up additional ads while you are surfing the internet, or pop up ads on your computer that are a nuisance.  Malwarebytes falls in this category.

AntiMalware detect malware through two major techniques.  One is by Signature.  They look at each  object's (program module and data file) construction, such as number of bytes, or certain bit/byte patterns within the object, to identify it as a threat.  This is the most common way to determine if an object is malicious.  But there is another way to detect malware:  look at what the program or data file is "doing."  It might change a registry entry in a special way, or it might try to gain access to services on your computer that normal programs shouldn't access.  That is what HIPS-based antimalware do.  That is how they work.

Some antimalware programs do both Signature-based detection and HIPS-based detection.  In fact, that is the main point of this blog entry:  when you are evaluating antimalware for use on your computers, you should be looking in their description for both Signature-based algorithms and HIPS-based algorithms.

An important note:  You don't need to have an antimalware program that does both.  But you need to have both types of protection.   So you might pick a good Signature-based antimalware program and a good HIPS-based program.  Also, you might want more sophisticated protection on a laptop or tablet that sees public wifi networks.  That environment is the most likely source of infection.  (Then you bring the laptop or flash drive home and infect the other computers on your network.)

This discussion was inspired by an article I read on the Malwarebytes blog.  (Click here)   I hope with this introduction you can get something out of that article.

Obamacare and your personal health and financial information

I don't intend to "get into politics" in this blog; however, I do cover security.  Obamacare does have some very major security problems.  There are parts of government regulations that cover health data security/privacy.  You've encountered these regulations when you are asked to fill out a HIPAA for for release of information.  I've been directly involved implementing security in both the private business sector and in the health sector and continue to keep up with those fields.

I agree with most other experts that the Obamacare implementation is a disaster in these areas:

1. Planning and project management
2. Product
3. Workflow associated with the product
4. Security with respect to all of the above.

From time to time I will comment on these issues when they directly impact our communities.  In this particular case, I want to point you to an article on security associated with the flow of personal health  information (PHI) from source- the interview front end of Obamacare- to destination- a doctor's office.  The debate in this case covers what the rules and regulations are for securing your information as it flows from the origin to  the destination.  The article is technical, but you should get from it that this is something the healthcare industry has worked on for a number of years and not settled.  You will see a list at the end of the article of things any organization that touches the data (even in transit) needs to internalize and execute. This is a big deal and supports the claim that Obamacare data are low hanging fruit for the malicious.

The article:   http://it-security.blognotions.com/2013/11/27/hipaa-audit-tips-%E2%80%93-conduit-business-associate-or-something-else/?_m=3l%2e000t%2e21%2egw0akw6ons%2e1eh 

Scorpion Saver... "Infection" is epidemic in our area

I'm encountering a lot of Scorpion Saver infections.  Scorpion Saver is technically not a virus, and it generally doesn't get caught by antivirus programs; however, it is certainly a nuisance, if not incapacitating.  You don't want it on your computer.  So, if you are experiencing a lot of unusual ads popping up, even with the popup setting on your browser set, you may have Scorpion Saver.

It may be my imagination, but this problem seems to be especially prevalent in computers whose users use AOL as their email provider.  You know I am not a fan of AOL; in fact, I am enthusiastic proponent of not using AOL.  This is one reason.

In my opinion,Scorpion Saver is real malware and you need to get rid of it.  A good writeup on how to do it is found here.  Please review that web page, which has a good description of what an infection looks like as well as how to remove it.  

Windows 8 to 8.1 Conversion: My List of Problems and Resolution

Introduction

I've converted some systems from Windows 8 to Windows 8.1 and hit some snags along the way.  In fact, I'm finding new ones all the time.  Rather than create a blog item every time I have a problem, I'm going to make this my on blog entry for all issues.  As I hit an issue, I'll document it here; both issue and resolution.  So return here every so often, or when you actually install Windows 8.1.

Issue:  Office 2010 Freezes

Description:  Office 2010 works for a while but, when I do some kind of action, it freezes.  In my case, I wanted to format a column.  I right clicked on the column number, clicked "format", and the application froze.  

Solution:  There are discussions of this on the internet, but they are conflicting.  My solution is to repair Office.  Go to the Control Panel.Default Programs.  Click on Programs and Features.  Select (left click) the Office version that is has the problem.  A link will appear at the top:  Repair.  Single left click that and let the repair take place.  Restart your computer.  The problem should have resolved itself.  Note:  Each edition of Office has different problems and ways to resolve the problems.  For your situation, google "Office {your version} problem Windows 8.1."

Issue:  MsiExec errors (Have to find in Event Viewer; might not "see" anything as a user except erratic behavior

Description:  Faulting application name: MsiExec.exe, version: 5.0.9600.16384, time stamp: 0x52158c02

Faulting module name: SHELL32.dll, version: 6.3.9600.16456, time stamp: 0x5278fede

Exception code: 0xc0000005

Solution:  See discussion here.  Windows 8.1 is buggy.

Issue:  General Instability

Description:  System is not behaving well.  Programs or printers hanging.  

Solution:  start a cmd window as administrator. (Type cmd on the Start screen.  Right click "Command Prompt" from the search results.  From the drop down, select "run as administrator."   Enter sf /scannow.

Issue:  This message:    The "IWD Bus Enumerator" is disabled.

Description:   This message occurs soon after installation of 8.1.  If you go to the Device Manager, right click on IWD Bus Enumerator and select the "update driver software" option, you get that the latest driver is already installed.  However, in the device manager there are two lines "IWD Bus Enumerator": the first line is normal (i.e., enabled), and the second line shows that error message (yellow triangle).

Solution:  

 I googled it and got:  https://forums.lenovo.com/t5/T400-T500-and-newer-T-series/quot-IWD-Bus-Enumerator-disabled-quot-error-message-in-LSC-after/td-p/1270269.  The tool mentioned in the article is here:  http://supportkb.intel.com/wireless/wireless-display/templates/selfservice/intelwidi/#portal/1026/article/16168.

Dangerous "New" Ransomware Makes Your Files Unrecoverable (Cryptolocker)

There is a new type of Malware that is very difficult to remove.  What it does is encrypt your personal files, which results in your files becoming unreadable.  The files selected include anything in "My Documents".  This Malware can also cloak programs used to run Microsoft.  Once it has done its thing, it asks for a ransom of $100 or more to fix the problem.

In general, I can't do a thing for you.   Your programs and files are lost if you do not pay the ransom.  For details on this nasty stuff, read this.  It will tell you that the way you get infected is to click on a file that is attached to an official looking message that looks like the following.  This message could "look like" a pdf file.  Please read about this in the above link so you know what the malware enticement looks like in order to avoid infection.

Cloud backup services will probably vary in their ability to rescue you when you have an infection that either changes or encrypts files.  Depending on the service and how the service is set up, the encrypted files will begin making their way to your cloud storage.  So your primary storage in the cloud will be corrupted.  The best advice I can give you is to notify your service as soon as you notice something suspicious, which might not be until the ransom message is displayed.  The cloud service support people will have to recover your files to a time before encryption started.  You'll need to figure out when that was; perhaps the support people can help.

Note:  If you use a free cloud service, such as Microsoft's or Google's,  it is going to be more difficult to recover the right backups.  Generally you are on your own to figure out how to get back earlier versions of files.

-----Original Message-----
From: John Doe [mailto:John@mydomain.com]
Sent: Tuesday, October 15, 2013 10:34 AM
To: Jane Doe
Subject: Annual Form - Authorization to Use Privately Owned Vehicle on State Business

All employees need to have on file this form STD 261 (attached). The original is retained by supervisor and copy goes to Accounting. Accounting need this form to approve mileage reimbursement.

The form can be used for multiple years, however it needs to re-signed annually by employee and supervisor.

Please confirm all employees that may travel using their private car on state business (including training) has a current STD 261 on file. Not having a current copy of this form on file in Accounting may delay a travel reimbursement claim.

Backing up Files and your system, Windows 8 and 8.1

After you have all your apps loaded and running on Windows 8 or 8.1, you can make an "image" of all that on an external drive, so you can recover the entire thing.

According to Microsoft, this is what an image is:

A system image is an exact copy of a drive. By default, a system image includes the drives required for Windows to run. It also includes Windows and your system settings, programs, and files. You can use a system image to restore the contents of your computer if your hard disk or computer ever stops working. When you restore your computer from a system image, it's a complete restoration—you can't choose individual items to restore, and all of your current programs, system settings, and files are replaced with the contents of the system image.

Although this type of backup includes your personal files, we recommend that you back up your files regularly using WindowsBackup so that you can restore individual files and folders as needed. When you set up Windows Backup, you can let Windows choose what to back up, which will include a system image, or you can select the items that you want to back up and whether you want to include a system image. For more information about setting up Windows Backup, see Back up your files.

If your computer contains several drives or partitions, you can create a system image that includes all of them by following the steps in Back up your programs, system settings, and files.

So you should also start a process running that backs up your personal files.  The best way to do that is to do an incremental backup, where you first get a complete backup, and then, whenever a file changes, that change is backed up.  You might set the backup so only so many revisions of a file are saved.  The oldest gets change gets deleted.

References:

• General reference on how to create a backup image, file incremental backup or full backup, etc.  Pretty much all you need to know.
• Specific reference on creating an image for Windows 8

More on Improving Communication Services

One of my readers sent me a link to this article.  It discusses why the US internet service is so expensive.  It does provide insight.  On the other hand, I don't believe government involvement, through regulation or otherwise, at least at the national level, will do any good.  My belief is it will make any situation worse because one size does not fit all and when the government gets involved, there are always unintended consequences that dwarf the benefits.

We, as informed consumers, should drive the solution, which is what I am starting to do.  I'm working to contact a person in AT&T who has the knowledge and role to seriously consider network configurations.  I would like to do the same with Verizon.  Anyone who knows of an individual that fits the need, please let me know.  Our neighborhood associations have been involved with this and should eventually become the primary contacts regarding any solution.  Because I do have the knowledge and incentive, my objective is to find the right person(s) in a AT&T and Verizon to act as an interface.  This blog is an open letter that will be an incentive for these companies to take us seriously.  I have many readers around the world (thank you all) and this issue will get visibility.

Communication Technologies That Are Financially Viable in Low Density Mountain Communities

Let's face it: with a few exceptions, the internet service we receive in our communities stinks.  This past week we have had intermittent service for both internet and phone service.  Our service is probably as bad as rural India.  We should expect more.  (Read about my personal experience here.)

From a technical/business point of view, we are too few residences to excite the communication companies that might serve us.  Instead, they provide really poor service at really steep prices.  The technical problem is that their concept of how communication should work is mired in the 1980s:  if we are lucky, a fiber optic backbone, otherwise a trunk DSL line.  Then copper service to the residences.  This copper service is going to be poor by construction- it won't ever provide reasonable speeds for internet, let alone other services such as TV and phone.

AT&T has this idea that they can provide UVERSE service to us, again at a steep price.  They have tried it in one community with limited success.  Development has stopped in other communities.  But, again, UVERSE is technologically limited in speed and bandwidth due to the copper wiring.

There is a better technology, one we should be pushing AT&T, or inviting Verizon, to implement.  It would  replace your entire house communication ecosystem- TV, wireless, DSL, and traditional phone.  The architecture I propose is to use the existing fiber optic cable backbones in our communities, but to communicate to the individual houses through a distributed system of what amounts to 4G transmitter antennas.  There won’t need to be many, because 4G (WiMax, LTE Extended) has transmission characteristics that are ideal for our environment:

• Up to 30 mile range
• Can “go through” leafy and electronic interference
• Can “go around corners,” partly eliminating “line of site” issues associated with current wireless and satellite technologies.
• Low cost implementation

Individual houses would have to be equipped with receiver antennas and routers; I understand these are relatively inexpensive when rolled out by a communication company as a package plan. There are two extant technologies implemented for wireless:  LTE and WiMax.  Either would work and whichever vendor our community selects would dictate the technology we would use.

References:

• LTE Encyclopedia
• 4G Analysis and Drive Studies
• 4G a Game Changer for Internet, Video, Voice
• Broadcast Antennas
• Receivers: LTE Antennas, Verizon $50 (2 yr contract) router with VOIP

Is Microsoft Security Essentials Going Away?

I subscribe to the Ask Leo tech blog, written by Leo Notenboom.  As some of you know, I'm a bit of an old timer who appreciates well constructed sentences and organized paragraphs. (Dangling modifers drive me crazy.)  For some reason, which has to go back to our school system, this is a rare skill.  At the risk of losing readers, I recommend following his blog.

In one of his most recent blogs, Time to Stop Using Microsoft Security Essentials ? Leo addresses what turns out to be false information; ie  Microsoft is not going to support MSE.  The article is informative in a number of ways, including how false tech information becomes urban legend, as well an appropriate security configuration for home use.  (MSE + Malwarebytes for Microsoft operating systems through Windows 7)

PS.  MSE technology is embedded in Windows 8.  For more information, read this article.  Some of the responses in that article remind you to NOT install MSE on Windows 8.  

Windows 8.1 is available- you can achieve a Windows 7 "feel"

The new features of Windows 8 are reviewed here.   Instructions for downloading and installing are here.  The main warning is to make sure you've got a good backup of the system and data before you start.  That is a big thing.  With Windows 8 you don't need a separate program to do the system and data backup.  Instructions are here.   This is a short blog entry, but because the instructions for moving to Windows 8.1 are well documented, I don't need to repeat them.  Good luck!  Call if you want me to do it for you.

Change to Google Policy Regarding Use of Your Personal Information

The following is cut from a desciption by Google of their new policy regarding personal information.  I've highlighted the important sentences.

How your Profile name and photo may appear (including in reviews and advertising)

We want to give you – and your friends and connections – the most useful information. Recommendations from people you know can really help. So your friends, family and others may see your Profile name and photo, and content like the reviews you share or the ads you +1’d. This only happens when you take an action (things like +1’ing, commenting or following) – and the only people who see it are the people you’ve chosen to share that content with. On Google, you’re in control of what you share. This update to our Terms of Service doesn’t change in any way who you’ve shared things with in the past or your ability to control who you want to share things with in the future.
Feedback from people you know can save you time and improve results for you and your friends across all Google services, including Search, Maps, Play and in advertising. For example, your friends might see that you rated an album 4 stars on the band’s Google Play page. And the +1 you gave your favorite local bakery could be included in an ad that the bakery runs through Google. We call these recommendations shared endorsements and you can learn more about them here.
When it comes to shared endorsements in ads, you can control the use of your Profile name and photo via the Shared Endorsements setting. If you turn the setting to “off,” your Profile name and photo will not show up on that ad for your favorite bakery or any other ads. This setting only applies to use in ads, and doesn’t change whether your Profile name or photo may be used in other places such as Google Play.
If you previously told Google that you did not want your +1’s to appear in ads, then of course we’ll continue to respect that choice as a part of this updated setting. For users under 18, their actions won’t appear in shared endorsements in ads and certain other contexts.
For greater control over your experience with ads on Google, you can also use Google’s Ads Settings tool to manage ads you see. Learn more.

Cost of Cyberattacks Has Increased 78% in Last Four Years

The following is from a news item on the web site http://searchsecurity.techtarget.com.  If you are interested in security, either for your home or business, this is a good site to bookmark or even apply for a email alerts.  I might also mention that, if you are an investor who takes a serious look at each investment opportunity, how a company manages security can be part of your investment decision process.  

The fourth-annual Cost of Cybercrime Study, produced by the Ponemon Institute and sponsored by Hewlett-Packard's enterprise security unit, showed the cost enterprises pay to clean up after a cyberattack has increased 26% from 2012, and has gone up a staggering 78% since the first report was released four years ago....

Instead of focusing on the total cost incurred by enterprises, the Ponemon report narrowed its scope to only include what enterprises spent while responding to cybercrime incidents, including detection, investigation, recovery and incident management.

Larry Ponemon, founder and chairman of the Ponemon Institute, noted that the report doesn't take into account, as an example, what costs a company would incur if its "crown jewel" of data was stolen -- either because a dollar value would be impossible to calculate, or because an organization typically overestimates the value of its own data. Even without these costs included, the report showed the cost range spanning all the way from the low of $1.3 million to the high of $58 million, a number Ponemon said even the largest organizations would notice....

Perhaps more important than having the right technologies, organizations that consistently experienced lower cybercrime costs did so by implementing the right people and processes. In particular, Ponemon pointed to enterprises that had a chief information security officer (CISO) or other equivalent in place, with the caveat that they were real senior-level executives. Such organizations, he noted, tended to have better security governance, mostly because hiring a CISO signals that the company takes information security seriously and is willing to make an investment in credentialed professionals.

"It's not that that person is the reason for the value that we find," Ponemon said. "But the organizations that have that person with the right role and the right title and authority tend to be smarter around the whole governance of security."

Changes to Google's search algorithms and what it means to the typical user

What should you  type into your search bar to improve the search results?  Or, to say it another way, what can you type in the search bar that will result in the most relevant results appearing at the top of the list of results?

A typical way to search is to use some key words, not any any particular order.  Until recently the search engine would process those results and generate a list where sites with the most hits and that have one of the words in their list of relevant topics would appear at the top of the list.  (Web designers have a field that is hidden from you but that search engines read.  That field contains a list of relevant terms.  There is an entire specialty career that focuses on "Search Engine Optimization," or SEO.  Furthermore, search engine companies often have a bidding process where advertisers will bid on certain words.  They will pay the bid price per click and the search engine company will move their web pages to the top of the list or put their results in a special box at the top of the list.)

The Google search algorithm has changed.  Google hasn't really advertised the change, but it is substantial.  The idea behind the change is to use "semantic search."  This means that it takes all the words you type and searches on all of them in their context.  So typing in single words is not the best way to get good search results.  Now you should type a question in the search bar and that question should contain your key words.  For example, type in "how to improve my search results?" or "how to improve your search results?"  The returned list will consider all of these words and also figure out a priority order.  Of course, they will also use the "paid word" business process, but, still, the results are pretty amazing.

For more information, type in "What is the Google Hummingbird search process?"

Here is another example that may interest you:  "Are Stink Bugs Being Used to Control Kudzu?"  You could also ask "Why are there so many stink bugs?"

Speed and Quality Tests for Your DSL (update)

AT&T now recommends using http://www.megapath.com/speedtestplus/ to test your DSL signal.  Choose Atlanta for your test site and click on the Home Service button.

The site provides an explanation of what the results mean.  If you are signed up for the maximum speed DSL service for our communities, you should have readings of:

• Download speed:  about 6 Mb/s
• Upload speed:  above 4 Mb/s
• Jitter:  ideally 0, but perhaps up to 2
• Ping:  around 40 ms.

I have called Technical Support and complained about the erratic performance:  sometimes the results will go down to 1 Mb/s and comparable deterioration in the other measures.  To date they've been unable to isolate the cause.  When they do diagnostics, they will ask you to plug your computer directly into the modem to run the test without the router in the network.  So you will have to call when you can do that test, or do it before you call to verify that the problem is not with your router.

Testing post of blog entry from android device

In the past, to publish to this blog, I've used Live Writer, one of the programs in the Microsoft Live series.  That lets me write the blog offline and then "push a button" to publish the blog post.  I found a better way to do if you are on your phone.  Use the Blogger app from Google Play.  I am running the a test by writing this entry on my Samsung S3.  

testing bold .  

Lets see how the picture works.  I am leaving Blogger running, clicking on the picture icon in Blogger, taking the picture, and then, saving it.  I come back into Blogger with the picture:

And then more text.  So the picture embedded itself. 

Based on this, It looks like the Android Blogger app works better than Live Writer.  If you are travelling, you can create the your blogs on your phone, take pictures, etc, then upload to your Blogger site when you wifi is available.  

Calls from Pierre???

Got a call from Pierre, saying something very close, but not exactly, that I had won $25K.  Went on line and found this:

Call from 312-262-0024 on 8/22, left message his name was Pierre and was calling with an awards notification for a prize of $25,000 from a contest I entered last year and for me to call 855-841-6089 and
yelled congratulations!!   I called back on 8/23 and Pierre was out but she could help me.  Said it was for a home improvement contest of $25,000 or cash prize.  She said she needed to verify my information and I ask her if she thought she was going to get my social she was mistaken.  She then said no, she needed more information for the next drawing.  I asked her so guess I didn't win?  She then said yes I did, my name was pulled out of first drawing.  Then told her that I was not interested and she sounded disappointed and confused that I would not want $25,000.  Told her good bye and hung up.

I also found several attempts to say, NO, NO... this was legit.  Hah!  No doubt put out by the same organization.

AT&T Gets an F (or worse) on DSL service (actual metrics)

I've about had it with AT&T!  I have been tracking key performance measures for DSL service.  These measures include:
Ping:  how fast it takes for a single packet of signal to go from my house to a particular server on the internet.  Values should be in the 40s of ms.
Download speed:  How fast can the internet link download information.  I pay for the highest speed:  a nominal 5+ Mbps.  They say up to 6, but when you talk to them to complain, they will say 5+.
Upload speed:  How fast can the internet link upload information.  This value is usually a lot lower than the download speed.  I pay for the highest speed, .5 Mbps.
Jitter:  How consistent is the speed, measured in ms.  It is a variation measure, the lower the better.  I would expect a Jitter of no more than 5 ms.  

I've run tests over the past 2 months and have got some good results, but mostly bad, real bad!   I often see:
Ping:  above 400 ms
Download speed:  < 1Mbps
Upload speed:  ~.1 Mbps
Jitter:  >50 ms.

The techs at AT&T want to point to my equipment, but I've run tests without my equipment in the way.  I've also run tests over a long period of time (over 2 mo now).  I shouldn't see so much variation.

To give you an idea of what I am seeing, here is a Powerpoint presentation:

To run your own tests, go to two sites:  http://www.speedtest.net, and http://www.pingtest.net.  The former is the one recommended by AT&T Support.  I'm cynical, I guess, but I think they don't want you to know about the latter site, which gives the more important tests about signal quality, rather than speed.

Prepare Your Information Technology Will!

I know I still have some work to do on the travel tips entry in this blog, but events in my family and in the community have led me to put this blog LeetLink Tips entry to top priority.

Please get your information technology world in order!

What would happen to all the information you have on the internet when you die:  web site subscriptions, sites where you have stored your credit card information, your personal information, or set up automatic payments?  All this information should be deleted; but will it?

On the other hand, information on web sites that need to be kept, such as documents or emails:  do you have directives on where these are and what needs to be saved?

Other than the internet, you need to consider information on your computer(s), tablet(s), and phone(s). Which of these do you have? What information needs to be deleted, what should be kept?  What are the passwords?

You need to set up your Information Technology Will!  This has to contain directives on all of the above.

I know this is a pain to do, but for your family's sake, please do it.  I don't think I need to dwell on the justifications; they are self-evident.

What do I do?

• First, I use an application that uses the latest secure technology to manage my IT Will.  It contains all this information and is accessible on the internet.  You can use paper and pencil, an excel document, or whatever... just get all the information and instructions down.
• Second, identify your IT Trustees.  Give them instructions on where your IT Will is and any other pertinent instructions. I have given the password to the above repository- one that is so complex there is no chance of it being broken- to my children, along with instructions on what to do if something should happen.   My spouse has this information too, but she will need the support of my IT savvy kids to execute the directives.  Always make sure that at least one of your IT Trustees has the skills to execute your will.  
• Third, change your existing internet habits.  You've heard this before:  complex passwords, use secure communication methods (https: instead of http:), and clean and sweep your computer, especially your browser, regularly.  (I know this needs further instruction... perhaps I need to set up a class on this.)
• For those who read this, please get the word out to others to visit this blog and to get "write" your IT Will. 

Blessings

 

Travel Best Practices for Using Mobile Phones, Tablets, Computers + Keeping Travel Blogs, Photos...

I have a lot in my head about how to travel and use electronics, so I thought I would put some of my thoughts down and back those with links to more information.  The travel issues are:

• Safety
• Expense
• Convenience
• Efficiency; ie, how to keep your blogs and photo commentary current without becoming obsessive and running your vacation.

Safety:  

Wifi Safety

What I am seeing is that a significant percentage of people get "hacked" when they go overseas.   The "visible result" are messages like this:

Hello,

I am sorry for reaching you rather too late due to the situation of things right now.My family and I had a trip visiting Manila Philippines,everything was going on fine until last night when we got attacked by some unknown gunmen. All our money,phones and credit cards was stolen away including some valuable items, It was a terrible experience but the good thing is that they didn't hurt anyone or made away with our passports.  
         
        We have reported the incident to the local authorities and the consulate but their response was too casual, we were ask to come back in 2 weeks time for investigations to be made proper,But the truth is we can't wait till then as we have just got our return flight booked and is leaving in few hours from now but presently having problems sorting out our  bills here and also getting a cab down to the airport, Right now we're financially strapped due to the unexpected robbery attack, Wondering if you can help us with a quick loan to sort out our bills and get back home. All we need is (3,000 $ )  I promise to refund you in full as soon as I return home hopefully tomorrow or next. write back now to let me know what you can do.

Thank You.

The basic best practice is to to use https: to communicate or, better yet, VPN.  

Another fundamental aspect of safety that applies whether traveling or not is to be able to both find your phone and to disable it when you can't find it.  

References

• Google "wifi safety overseas"  Pick articles
• How to Use Wifi Safely While Traveling

Expense:

There are two most important things to remember:

1. Keep your phone in airport mode and turn data off. The most common expense problem is that you leave your phone on and you are near a ship or hotel that charges a very large fee per minute.  The phone jumps on their service and you have a huge bill, not only for phone calls but for data usage.
2. If you are traveling overseas, your phone may not work.  This is because there are different communication standards; you phone doesn't support those standards.  

Cell Phone Communication Standards

Sim Cards

References

• SIM card primer

I will continue this as time permits, but I thought I would put this out as is because this is will be useful even when incomplete.   Add comments at any time.  Thanks, 

Lousy DSL Service in our neighborhood?

I've been to several houses that have been experiencing "bad" internet response.  I have also experienced that.  In fact, I did some research on the signal and I tried some techniques to make it better.

First, the data:

time	Action	Ping	Jitter	Pkt Loss	IP	up	down
12:18	reset router	31	0	0
12:25	restart ooma	404	144	0
12:26	select new server	390	149	0
12:28	pull plug on Ooma	415	94	0
12:32	ran again	337	94	0
	ooma disconnected for next tests
12:35	reset router	44	25	0	74.248.232.157
12:37	retest	376	65	0
12:38	retest new server	37	1	0	picked same one
12:41	retest	37	1	0
12:42	retest	36	1	0		0.43	6.5
12:44	retest	40	8	0
12:48	retest	37	1	0
	ooma reconnected
12:49	retest	461	65	0
12:50	retest	37	1	0
12:51	retest

 
What does this mean?

The column headings mean:

• time- the time when I ran the test
• Action- what I did before running the test
• Ping- tests the time it takes for a round drip of the signal from my computer to some server on the internet
• Jitter- tests how much noise is on the network- a noisy network means you can't have good audio or video performance (eg Skype or internet based phone- VOIP)
• Pkt loss- tests the number of packets (the fundamental group of bytes of your message transmitted over the internet)
• IP- Address of the computer I am using to receive the test signals
• up- the upload speed in Mbps
• down- the download speed in Mbps

A good signal has numbers similar to the times from 12:38 through 12:48.  A bad signal is like the times from 12:25 to 12:37.

You can see that the signal is unreliable.  I tried disconnection our VOIP machine (OOMA) because our bad phone connection alerted me to the problem.  The tests show that the OOMA machine was not contributing to the noise.

It seems that what worked was to unplug the modem, and router, turn all the equipment off, and then plug in router, then modem, then VOIP machine, then other equipment.  However, as you can see, that did not guarantee a good signal. You can also see that any changes to the network, such as plugging or unplugging equipment, results in a bad network signal for some period of time.

My advice to you is to test your line whenever things seem slow.  You do this by going to two web sites:  http://www.pingtest.net to test the ping, jitter, and package loss, and http://www.speedtest.net to test the upload and download speeds.

Let me know when you get bad results and, if I am on line, I'll run the tests myself to determine if there is an ATT systemic problem.

An Example of How Your Personal Information Can Be Compromised

The following article on Web Servers came from this web page.  Apache is one configuration of a host web server.  Let me say it another way.  For most of you, your computer is either Microsoft or Mac OS based.  Servers have different bases; eg, Apache (on a Unix operating system) or IIS (on a Microsoft operating system).  Apache and other Unix-based web servers account for some 80% of all web servers.   (See this article for some current information on which operating environments are used for web servers.)

I am copying a portion of the web page here so you can see how malicious attacks make there way into servers, undetected by the host company, and from there they impact you.  The words are techie, but I can make the point:  You are at the mercy of companies that host web sites- the individuals that support the servers MUST know security, must correctly and intelligently configure the servers, and they must keep the software up-to-date.  I'm betting a large number of people in many hosting companies don't meet best practice criteria.  Be especially careful of offshore hosting sites and the websites residing on those hosts.

So read this as an example of best practices for hosting companies.

The latest high-profile attack aimed at Apache was uncovered by researchers at security firms ESET and Sucuri. Attackers managed to work a backdoor into Apache that redirected Web traffic to malicious websites, where visitors would be infected by the Blackhole exploit kit. This attack underlined the need for organizations to enact Apache security best practices and highlighted the serious fallout that can be caused by insecure Apache Web servers.

In this tip, we'll provide the best practices needed to secure Apache servers against modern attacks.

Apache security basics

In many cases, Apache server compromises are the result of outdated modules, configurations or even Web code hosted by the Web server. To combat these problems, the most recent versions of both Apache HTTP and its add-ons should be used; keeping the HTTP server up to date is absolutely critical. However, the current trend among attackers is to focus on external component frameworks, modules and add-ons that open up Apache HTTP to attacks to which it would not otherwise succumb. Keeping track of these new components is half the battle; the other half is ensuring that these packages are updated with patches and new versions as they become available. As always, remember to double check the source of a download when updating; clever attacks often try to disguise malware as a benign software update.

Beyond ensuring that updates are applied, organizations should also configure Apache HTTP Server to minimize the attack surface. While this may sound simple, there are dozens of considerations that only the system administrator can make (usually in collaboration with the Web developer). For example, a current trend with distributed denial-of-service attacks is to consume system resources while using the least amount of traffic possible. The effect of such an attack can be minimized by configuring parameters such asRequestReadTimeout, TimeOut, KeepAliveTimeout and MaxRequestWorkers to values that cut down on resource consumption. (More information about this can be found on Apache's website.) Other considerations for system administrators should include the following:

• Run HTTPd using an account with restricted privileges. Doing this will minimize the impact to the overall system, should an attacker manage to compromise the daemon itself.
• Deny the use of .htaccess files by configuring the AllowOverride parameter to None. This will ensure that htaccess files cannot be used.
• Configure mods such as mod_python and mod_php to use safe mode. Use this where it makes sense, but it may not be necessary in newer versions.
• Lock down the file system so that only root can overwrite the Apache binary. Doing this will prevent the httpd binary from being replaced with a malicious version.

Monitoring for Apache attacks

High-risk Web servers also have the most to gain from enabling mod_security, though all systems can gain some benefit. This module opens the door to a variety of tools that can be utilized to both detect and prevent attacks. You can choose to integrate this into your existing enterprise security model through IPS, IDS, NIDS and SIEM systems. mod_securityhas the ability to act like a Web application firewall, which is invaluable when serving Web applications that may not have the best input filtering.Even after putting protections in place to defend Apache servers, organizations must still be wary of attacks slipping through the cracks and wreaking havoc.To ensure that attacks don't go unnoticed, organizations should monitor their logs closely for signs of compromise. Enable a level of logging that makes sense both for HTTPd at a system level and with the Web daemon internally. A bash or python script can be easily constructed that will search the logs for certain terms, or the built-in syslogd command can be used to alert admins to potential errors or attacks. Effective monitoring and alerting requires a firm understanding of the content being served. Some content, such as use of LDAP for authentication, may behave in ways that would cause a less dynamic Web server to generate alerts. If your server is trying to use LDAP while the Web application is designed to use local authentication, there may be cause for alarm. Disabling mod_phpmay allow organizations to exclude attacks of that type from alerts, thus making real alerts that much more meaningful. For Web servers facing a high risk of attack, consider enablingmod_log_forensic to get an even more in-depth view of client requests.

Remain aware

By enacting these basic measures, it is possible to confidently secure Apache HTTP server and serve content with minimal risk of compromise. One of the most important parts of operating a secure system is keeping abreast of the latest security risks and software releases. Doing this, along with practicing diligent monitoring, will go a long way toward keeping your Apache instances secure.

About the author:Brad Causey is an active member of the security and forensics community world­wide and tends to focus his time on Web application security as it applies to global and enterprise arenas. He is a member of the OWASP Global Projects Committee and the President of the International Information Systems Forensics Association chapter in Alabama. Brad is an avid author and writer with hundreds of publications and several books. Brad also holds dozens of industry recognized certificates such as CISSP, MCSE, C|EH, CIFI and CGSP.

ATT is increasing DSL Rates

See this article for background.  The meat of the email they sent:

Dear AT&T High Speed Internet Member,

At AT&T, we value your business and strive to provide you with the best possible Internet experience. 
We're writing to let you know about a change in price for your AT&T High Speed Internet service. In an effort to continue providing you with the high level of quality, service, and features you've come to expect from AT&T, starting with your August 2013 bill¹, the monthly rate for your AT&T High Speed Internet FastAccess DSL Xtreme Direct 6.0 plan which you are currently enrolled in will increase from $48.00 to $51.00 per month.² If you meet the bundle qualifications, you will receive a bundle discount of $5/mo on the wireless portion of your combined bill for AT&T High Speed Internet Direct and AT&T Wireless.³ 

Which Computer Is Right for Me?

Suppose your old desktop went belly up today.  You need a replacement.  Or do you?  Which computer should you get?

To a techie, this is a challenging question.  Why?  Because there are so many assumptions and requirements that go into a decision, and I want to make all of them explicit.  My personality wants to make a flow chart that pulls out all the assumptions, considers all the technical possibilities as well as the financial issues, and, when used, recommends just the right "computer"  (desktop, laptop, netbook, iPad, tablet, smart phone, camera, microwave oven, or whatever).  However, I do realize that by the time I finished the flowchart, it would be out of date.  By the time you had gone a couple of steps, you would be saying "what is this guy doing?  Good grief!"  Or words to that effect.

So, I'm going to take some shortcuts by stating some basic assumptions and then giving you a couple of choices that are reasonable, though perhaps not the absolute best, if all options were considered.

Assumptions on Usage:

• eMail
• Browsing the web
• Some business documents
• Photo storage, but not fancy photo editing
• Some video streaming, but not video editing
• (optional) music storage, some listening, but no intense audio and no editing
• Some book reading using a PC/Mac app
• Taxes and home business
• Skype or similar
• Simple games, like solitaire; no high intensity interactive games

Quality:  It used to be computers were manufactured for around a 10 year life span, though individual components might fail.  Some computer brands might strive for that today, but the majority seem to be designed to last through the warranty period.  Realistically, figure that a computer has a expected life span of 3 years.  Why the drop in quality?  My background is computer design and manufacture.  The short answer has two parts.  First, we are dealing with China as the primary manufacturer.  They will cut corners and use inferior materials whenever they can get away with it.   Both by specification and by culture, they will pass up the kinds of tests that weed out those computers that will fail early (called early life failures).  Second, the technology continues to change at a high rate and margins are shrinking.  So they figure customers should and will buy a computer every three years.

Recommendations:  First, type "home desktop reviews" in your search engine and visit a couple of sites.  Here is one.  Second, look for "home desktop quality repair" to find something recent on quality.  My own experience is that HP has the poorest quality.  Dell comes next.  Lenovo and Asus seem to have the best quality, but you have to be careful there to make sure the mother board has been properly tested.  (See quality discussion.  I'll have to write another article on how to tell at a later time.  For now just assume they are OK.)  All the rest are in the middle, changing positions depending on the article.  Oh, Macs... most articles will rate Macs highest in quality.  Of course they cost more for what you get.  On the other hand, my experience on Mac quality is mixed.

Features you will need:

• i5 Processor.  There are several speeds and several models.  Get the latest generation (4) if it is in your budget range.  Read some background here.
• 1TB hard drive should be enough
• 8 GB RAM  (if you can spring for 16GB, the more the better)
• ethernet port 10/100/1000... make sure the 1000 is there
• At least 2 USB 3.0 ports and some 2.0 ports.  You'll need the 3.0 ports for the newer flash drives and plug ins.  3.0 is much faster. 
• At least 1 HDMI port.  If you want to run 2 monitors at once, make sure there are 2 digital video outputs  (the white video outs or HDMI).  Here you have to make some decisions on your monitor.  Most of the older monitors only have an analog port.  (that 15 pin \   / shame).  Link to explanation of video output types. You'll need to move away from that.  
• Video should support HD (1080p)  (Explanations)
• Audio doesn't make that much difference given the assumptions.  
• A DVD reader/writer.  Blue ray if you think you will watch blue ray
• Microphone input
• Bluetooth can substitute for some USB ports, especially for laptops

Note that I did not include one of those devices where you can plug different kinds of flash cards into the computer.  That isn't necessary given the assumptions.  I assume you can plug any phone or camera into your computer using a USB cable.

Regarding operating system... For Apple you have one choice.  For a PC, you can have Windows 7, Windows 8, Google, or some Linux variant, such as Ubuntu.  Discussion of these is beyond the scope of this post.  Though Windows 8 reviews tend to be hysterically on the negative side, I haven't found a problem with it.  But you would need for me to show you how to use it in a way that feels familiar to you- kinda works like Windows XP.  If you just don't want to deal with it, you can usually get Windows 7, but that will be less and less true.

Some miscellaneous comments:

• All in ones, where the screen and computer are combined... They tend to be hard to service and can run hot. It is up to you but I wouldn't get one.
• The small desktops.  These run from about a foot tall to hockey puck size.  The latter doesn't have the features.  The former may have the features, but my experience is that they don't have adequate heat management and, therefore, tend to fail earlier.
• Laptops instead of desktops:  whatever you want- do the cost tradeoff.  Remember, you can use a separate keyboard, mouse, and monitor.  

Now, some suggestions on models.  I will keep to under $700 (I will add to these in the next couple of days):

• ASUS CM6730-US010S 
• I wasn't able to find a comparable in a Lenovo... it doesn't appear they are in the standard size tower business for the specs I gave above. 
• Lenovo IdeaPad G780 Brushed Metal Laptop Intel Core i5-3230M 2.6GHz (a laptop- look at Costco site)  The screen isn't super good, but you can always get another monitor

Ultrabooks- light and many hours on a battery charge

Ultrabooks are light laptops that can be both fast and have long battery life.  For many people, including me- this is a design point that is very attractive.  There are tons of articles on individual ultrabooks, aggregate ultrabook reviews, and tips on buying them.  I'm not going to recommend any particular brand or size, but I'll  list my desired design points:

1. less than 3 lbs
2. i5 processor (not i3)
3. Windows 8 or Linux (Ubuntu)
4. Full HD 1080p
5. At least 1 3.0 USB and a total of 3 USB
6. digital video output (usually HDMI).  I would use a second monitor for work at home
7. At least 6 continuous hrs battery life- this means the flash storage needs to be fairly large:  at least 64 Gig.
8. The flash drive or SSD drive, may be all you get.  Remember that flash drives have a limited lifetime (about 10K changes to an individual bit.).  The drives are designed to minimize changes per bit, but this is still a consideration.  My best design point would be a machine that allows SSD only operation in power saver mode but it has a regular hard drive that can run when in a higher power mode.  Otherwise, be sure you back up everything of interest or importance.  When the drive goes, replace it.
9. Screen size- this is driven by #1- weight.  Also, if you want to use this in a plane, then stick with the smaller screens
10. Keyboard:  I like a touch keyboard, which means chicket keys are harder to use.  Test the computer before you buy.

I haven't said which brand, but Apple certainly has good characteristics.  However, it is way more expensive than some others.  Most of you know that I have been down on Apple because the quality seems to be less than stellar.  Having been in computer manufacturing for most of my career, I know the Apple markup is large- my guess is 35-40%.  Apple is also harder to integrate into a home network.  eMail can be a problem, especially when you try to use ATT with the Apple Mail program.

Any questions.

Sometimes you can't play HD TV shows and movies. Why not?

Many people use video streaming to watch TV shows and movies.  Video streaming is where the show or movie contents is sent over the internet and displayed on your TV or computer monitor.  One key requirement for streaming is that your internet connection is fast enough that the information needed to display the screen images arrives at your TV faster than your TV displays the images.  Otherwise, your show will lurch- start and stop- as the TV waits for the streaming information to be delivered.  I imagine most of you have experienced this.

Popular sources of streamed video include YouTube, Netflix, and Amazon.

I wanted to make you aware of one particular problem with streaming.  It has to do with viewing HD shows.  Sometimes, even though you have a fast internet connection and a monitor or TV that can display HD, you still can't see HD.  The following is a not I got from Amazon regarding this issue:

"At this time, playback for HD movies is not supported on the devices like Wii / Wii U GamePad / PC / Mac / Google TV / iPad / iPhone / iPod touch. 

However I've forwarded your feedback to our development team. They will work on it in next improvements. Customer feedback like yours is very important in helping us continue to improve the experience of using our digital video service. 

You can watch HD Movies and TV shows on the following devices: 

-- Wii U TV monitor. (The Wii U GamePad supports standard definitions video.) 
-- TiVo Series 3, HD, Premiere & XL 
-- Roku 2HD, 2XD, 2XS, LT, XD, HD-Streaming, HD Player 
-- Xbox 360 
-- PlayStation 3 
-- Kindle Fire HD models 
-- Certain HDTVs and Blu-Ray players from LG, Samsung, Vizio, Panasonic, and Sony 

If you attempt playback on a device that does not support HD, we'll automatically provide a standard definition version of the video to watch on that device. While HD movies cannot currently be accessed on a Mac or PC, you do have the option to stream HD TV shows. You can also stream HD TV shows on Google TV. 

To learn more about Amazon Instant Video compatible devices, visit: 

http://www.amazon.com/gp/video/ontv/devices "

Surge Protectors

Lightning generates a lot of my business.  We are into that season again.  To avoid costly repairs, please make sure all your sensitive electronics and appliances are protected by functional, working surge protectors.    Common missed equipment include your telephone and your refrigerator.  In my experience, for our area the telephone wire is the "weak link."

Don't use those cheap bar plug units; use a real surge protector. ( Link to explanation of surge protectors.).  The refrigerator may be the hardest to protect due to size constraints.  (You may have to put the surge protector under the refrigerator and you will need a long enough cord to reach the outlet.)

You might look at whole house surge protectors.  The link above gives you info on this type.  I just got an add from Carolina Heating for a whole house surge protector: cost $339.  It reads like this is "installed."  At least this will give you a benchmark.

Microsoft going to a subscription business model for personal users?

A subscription business model is where you pay a periodic fee for software.  I imagine most of you have at least one software application where you do that; eg antivirus software.

At least for personal/private/not enterprise customers, Microsoft has a licensing model, where you pay for Office or Windows and you get it... until 3 or more years later, when a new version comes out and, if you want to upgrade, you buy that new version.

Microsoft does have an "Enterprise" business model that includes the subscription approach.  According to an article by Brad Chacos in the June 2013 edition of PC World, Microsoft is going to evolve to eliminating the license model for the subscription model.  Coupled with this, Redmond will eliminate the big version change process for a continual update process.  Office 365 and Windows 8 may be the last big version release.

I don't know if I like this.  For "casual users," many are still on Office 2003.  I bet the majority of residents in our community are still on Windows XP.  Many don't have any desire to learn the new releases.  Can you imagine having to pay an annual fee for those programs?

Brad Chacos is gushingly enthusiastic about this change:  "Microsoft's incremental future truly is the future- not the past.  And its about time it arrived."  What do you think?

References:
Microsoft Licensing Models
Microsoft Office 2013 is not transferable to another computer... NOT
A New World of Licensing

Fishing emails again!

There has been a rash of fishing emails, where it appears that emails are being "sent" by residents to their email lists.  The latest is from Manila or the Phillipines and asks for money to "rescure' the resident.

Has their email account been compromised?  Not likely.  Actual "profit-motive" companies exist around the world that use various techniques, from trolling the internet to installing worms on a individual computers, to wholesale invasion of government or corporate web sites, to create large databases of email addresses and relationships between email addresses.  These lists are sold at so much per thousand entries, to "perps" that are sending out the fishing emails.

For an example, see http://www.downloademail.net/9/email-list-part-6420/6627.html.  Browse there incognito (Google "browsing incognito" to find out how to do it.  The specifics vary from browser to browser.)  In general, google your email to see where it is visible to public search engines.  (These companies use their own methods.)

So there is nothing you can do to prevent this.  It is has already happened.

In the future, change your user name (att has this function, so the email goes to your real account but you send the email under another user name).  You can also change your email provider entirely.  After doing that, change the "from" in the email to show that you are sending the email from the old account.  Move all your contacts out of your old account.  That way, only your "front" account is compromised.

There are other techniques you can use, depending on your expertise and patience.  I'll summarize these techniques and provide links to detailed instructions in a future post.

Best Free AntiVirus/AntiMalware

I've been away from this blog for a while, teaching a course in Ubuntu.  (Blog).  This entry is about the latest reviews on free antivirus/antimalware programs.  PCWorld's Review.  AVG Free came in first.  When I've used this in the past, it seemed to take excessive resources.  Apparently this is not an issue.  Also, I've installed Microsoft Security Essentials on many computers and it seems to work well, except.... In addition, Microsoft stood behind the product with customer support, which made it stand out from the other free options.  The except is that, as noted in the review, it seems that at times infections, especially just released malware, did seem to slip through.  Those that did, it seems to me, were related to malware that redirects your browser by adding a subversive search engine or changing the home page.

So, if you would like to change to AVG Free, let me know and I will install it for you.

From XP to Ubuntu

Next Monday I start an OLLI class at Furman called "From XP to Ubuntu."  That and the short illness and death of my mother-in-law have prevented me from adding to this blog in recent weeks.  I've got a lot to say here.  The first thing I want to do is review the process and considerations in purchasing a laptop now.  (I discussed this a while back (here), but it's time for an in depth explanation and update.

You can follow my course material and discussion on a new blog: http://leetlinkubuntu.blogspot.com.