AOL or other web sites do not display videos, Windows 10, Internet Explorer 11

If you use AOL and have saved a link to AOL on the desktop or elsewhere before installing Windows 10, or you purposely use Internet Explorer 11 and browse to a web site that should display a video
AND
the video doesn't display, then it is probably not a Flash Player problem.

I've seen this a couple of times and I thought I should document it here, maybe saving some of you AOL holdouts some grief.  The solution is to go into the Internet Explorer  options gear in the upper right and register the web site giving you problems in the Compatibility View.

Details are here:  https://support.microsoft.com/en-us/help/17472/windows-internet-explorer-11-fix-site-display-problems-compatibility-view  https://support.microsoft.com/en-us/help/17472/windows-internet-explorer-11-fix-site-display-problems-compatibility-view

Your Laptop Says Only About 60% charged, but it isn't charging. What is wrong?

Usually this is due to a setting you have that says "Maximize battery health".  The idea is to only keep your battery partly charged; apparently that maximizes battery lifespan; ie how long until you have to replace the battery.  So... you have to turn that feature off.

From an old Lenovo Forum:

"When you select "maximize battery lifespan," the software changes what the system sees as maximum battery capacity. In one of your screenshots, you can see that it says the remaining charge is higher than the full charge capacity. So right now, your battery is 100% charged (94 Whr). The next time you use the system on battery and then plug it in again, it will only charge up to 87 Whr. As long as you have maximum lifespan mode on, the identified full charge capacity will always be less than the battery's actual full charge capacity. Windows and Power Manager will recognize that as 100% charged, even though it's actually 92% charged. And as a result, the battery will get less wear because it's not sitting at full charge.

On my year-old W530, the actual full battery capacity is now 87 Whr, and maximum lifespan mode reduces that to 77 Whr (88% of actual charge capacity). 77 Whr will show up as 100% charged unless I switch the battery mode to maximum runtime, at which point the capacity switches back to reading as 87 Whr."

So the "Maximize battery lifespan" aka "Maximize battery health" is deceiving.  It doesn't mean make your battery charge last the longest.  

The problem is to figure out where that setting is located.  I looked on my desktop and I couldn't find it. Hah.  It's a desktop.  But that says something about where to find it.  It is probably in a special power manager utility that comes with your laptop.  I looked on my Lenovo and remembered that the Lenovo utilities were such a hassle that I had blown them away. So I downloaded a bunch a files to get to the point where I could download the Thinkvantage Power Management Driver, where I suspected the undesirable setting lived.  Once the driver was downloaded and installed, this is what I did:

1. Open Control Panel (https://www.lifewire.com/how-to-open-control-panel-2625782  https://www.lifewire.com/how-to-open-control-panel-2625782
2. Left click and open Power Options, one of the selections in the Control Panel.
    
   
   
   
   
3. You will see one of the radio buttons under "Choose or customize a power plan" is selected (button is black). Click on the "Change plan settings" link to the right of that button.
   
   
4. Click on the "Change advanced settings" at the bottom of the window.
   
5. The resulting window has two tabs. (By the way, before I installed the Lenovo Power Management driver, there was only one tab.) Select the "Lenovo Energy Management Tab".
   
   
   
   Another version of the Lenovo Power Manager does not show a separate tab on power options.  Instead, you have to search for the program in the Lenovo folder under the list of programs.  If you click on the icon that has the word "power" in it, then something should pop up that you can work with.  In my experience, what came up was this:
   
   
   In this case, the meter on the left was set to 59% and the label above the meter, which now shows "Charging," showed Conservation Mode.  I clicked on the round icon to the top right of the big meter and out popped a bunch of selections.  I clicked on Settings, as you can see, on the top right.  The resulting top entry, as shown in the picture, is "Conservation Mode."  This was set to "On".  So I slid the slider to the left, turning Conservation Mode "Off" and the battery began charging again.  
   
   
6. If there is a button on that tab's display called "Enable Lenovo Energy Management, click it. Either way, the following should be displayed. It is the Lenovo Energy Management interface.
   
   
The key frame in this window is the Battery frame, the red one. There are three symbols below the big battery symbol. From left to right:

1. Battery mode: This is the culprit setting. There are two radio buttons. One is maximum battery life and the other is optimized battery health. If the second option is selected, the computer will not charge the battery past some limit, as described at the beginning.   If you want a battery charge to last as long as possible, you want to select the first option, maximum battery life.  I know it is confusing.
2. The second symbol is important if you changed the selection in the first option from optimized battery health to maximum battery life. The text for that symbol says "Battery gage reset will perform... (blah blah)."  You want to click the start button at the bottom of this. Your computer will charge up to 100% and then completely discharge. This will reset the battery limits that might have been set when your computer was in the optimized battery health mode. Now you are done and can close out.
3. The third symbol is battery information and is not important here.
Other computer manufacturers may have a different driver associated with managing the battery, but the driver will work the same way. If you have this problem, the driver is probably installed and you have to find it. It is probably found the way I found the driver for Lenovo. Or, if go to the entire list of programs you have on your computer, it will probably be found under the folder that is the name of the manufacturer; for example the "Dell {something}" folder. Comment below if you have any questions.

Your computer adapter will not connect to the internet: It's a driver problem, not your router

A recent Windows update has left many computers in a state where the computer can no longer get an IP address from the router; so you can't get on the internet.  The short of it is that a Windows or driver update, not 100% sure which but suspect the Windows update, has busted your driver.  You can't just update the driver.  The quickest way to fix the problem is to go into Device Manager.  https://www.lifewire.com/how-to-open-device-manager-2626075 https://www.lifewire.com/how-to-open-device-manager-2626075 , find the Network Adapters entries, click to open all entries by clicking on the > in front of Network Adapters, and left clicking on the ethernet or wifi adapter that you are using.  Click on "Uninstall".  Restart your computer.  Should be fixed!   If not, let me know in the comments, along with the name of the adapter.

Charter Thoughts

About the Charter offering for our communities, here are my thoughts and some "findings:"

The connection from one of those light green columns to your house will be coax, similar to the wiring used for Dish or DirecTV.  So the installers will have to route the coax to some place in your house where they can connect the existing satellite inside coax to their run from the outside.  In my case, the satellite coax connection is outside right next to the phone and power boxes, near the ground, so this is not a problem.  It could get complicated if the satellite provider ran the coax from a roof-mounted antenna to someplace deep in your house, without an external ground level connection.

The price for the first year for TV/Phone/Internet is, for me, about 1/3 of what I am paying now. Your savings might be greater.

According to our representative, the modem model Charter provides is the Cisco DPC3216:  outputs are 2 phone jacks, one ethernet jack.  So you can plug your wireless phone base station directly into the modem.  This modem is included in the wifi bill; you don't pay for it like you do for a wifi router.

The router/wifi they provide is supposed to be the Netgear AC1750.  This is a $117 router and is very good.  I don't have an opinion on renting vs buying.  I have another router I will use.

My wife is concerned about the DVR.  She records a lot of live news-oriented shows.   She doesn't like commercials.  I understand that the current DirecTV DVR is technically far superior to the one that will be offered by Charter.   On the other hand, as mentioned in the meeting we had recently, you will have access and the technical capability to download and stream real time a number of programs that you currently record on the DVR.  The question will be:  how do I get around the commercials?  OR are there no commercials?  I hope someone can help me out on this by commenting below on whether or not it is easy to get around the commercials. (Update:  some streaming shows include commercials.  And it is interesting that the providers of the show have a way that prevents you from "fast-forwarding" over the commercials.  There is another solution that involves setting up your own DVR using an old computer.  And I bet there is a way to use your current computer to record the program as it streams and then play it back on your big screen.  But that is too technical for everyone.)

Looking through all the On-Demand offerings, I found that most of the shows I watch I can get "on-demand."  I do have a question about the various PBS offerings, since we watch a lot of the PBS series, both drama and documentary.  The issue will always be:  will we miss programs because the DVR can only record one program at a time and it only has a capacity of about 500 G?  (2G/program hour)  I don't think it is an issue, especially since PBS runs most programs multiple times during the week.  But you might be skeptical.

Finally, we have about a hundred shows stored on the DVR now.  Will we ever get to all of them?  Probably not.  But as soon as we switch over, all those recorded shows will be lost, unless I can find a way to transfer them to my PC.  My wife is not happy.  Oh well.

Security for Android Smartphones- Developing...

I am working on this blog entry for my spring Furman Olli course on home and small business security.  It is obviously incomplete, but I thought I should publish it now and due to the serious nature of the problem discussed in the following section.  I'll continue to work on the page.

What is Developing:  

The Android "Gooligan" hack.  ( https://thehackernews.com/2016/11/hack-google-account.html, and http://www.forbes.com/sites/thomasbrewster/2016/11/30/gooligan-android-malware-1m-google-account-breaches-check-point-finds/#6158e8d0470d, among others). This is malware that provides access to all Google apps, including GMail, GSuite, Google Drive, Google Photos, etc:  a critical problem.  The referenced thehackernews link provides an overview.  How do you get it?  The usual way malware is inserted today:  the user installs 3rd party software from a 3rd party (not trusted) store or the user clicks on a link in an email or on a hacked (or intentionally constructed) web page.  From the thehackernews article:

Check Point has published an online tool to check if your Android device has been infected with the Gooligan malware. Just open ‘Gooligan Checker’ and enter your Google email address to find out if you've been hacked.

If you found yourself infected, Adrian Ludwig, Google's director of Android security, has recommended you to run a clean installation of the operating system on your Android device.
This process is called 'Flashing,' which is quite a complicated process. So, the company recommends you to power off your device and approach a certified technician or your mobile service provider in order to re-flash your device.  

I've used the Gooligan Checker (https://gooligan.checkpoint.com/) and it is legit, although, from the methodology, it probably isn't definitive, since it uses your email address to check.

Security for android includes the following topics:

• Malware
• Phone loss
• Identity Loss (2 factor)
• Stealing information in real time (privacy protection)
• Pop Up Ads 

Tools for Malware

• Malwarebytes, Android version- the old standby for malware- free
• CCleaner, Android version- the old standby to clean your smartphone of unnecessary files, which picks up malware- free
• Lookout Security and Antivirus (Suite)- This was developed for smartphones.  I've used it since it was released and have no complaints- free and low cost versions
• Norton, mobile version- free
• Kaspersky mobile version- free
• Avast Mobile Security
• 360 Security- this is top rated, but its advertising methodology of pop up ads suggests it is borderline nefarious 

In general, go to the Google Play store and type in "Security."  You can also search for "best antimalware" or "best antivirus"

Tools for Phone Loss

• Android
• Lookout Security- this is a component of the Lookout Suite
• Lastpass password manager

Tools for Privacy Protection

Tools for Popup Ads With Security Warnings

Windows 8-10 default of "Fast Startup" can be a problem: An example and how to turn it off

I"ve learned something that needs to be "put on the record."  As I am encountering more ransomware and hard disk failure issues with Windows 8-10 computers, I find that my usual method of fixing these problems- to use Ubuntu Linux disk tools- is not working.  I get an error that says I can't mount the hard drive partition due to "hibernation" by Windows- the disk was not shut down correctly and I can't mount it.

I want to emphasis this as a problem for all those readers who are stretching their computer's life beyond 3 years by using the Windows 10 free upgrade.  Beyond 3 years, and if your computer was made after about 2008, hard drive failure is going to be increasingly likely.  If your hard drive fails, then recovery of data and programs without spending a lot of money is going to be the likely outcome due to this new Windows feature.  You don't have to know anything about Ubuntu... You just have to know you are at risk and should consider turning off this new feature or you should replace your hard drive, even if it seems to be working just fine.  

I found  a fix to the problem at https://askubuntu.com/questions/145902/unable-to-mount-windows-ntfs-filesystem-due-to-hibernation

{from that article:}
There is a new feature in Windows 8-10 called Fast Startup. If this feature is enabled (which it is by default), Windows 8-10 does not actually completely shutdown when you choose shutdown. Instead, it does a "hybrid shutdown". This is something like hibernating; it makes booting Windows 8-10 back up faster. So, you need to disable this feature to be able to shut it down properly, and be able to mount the Windows partitions. To do this, boot into your Windows 8-10 and:

Note: disabling Fast Startup will most likely make your Windows 8-10 take a longer time to boot. There are no "exact" numbers, but let's say that if it took you 10 seconds to boot into Windows 8-10, it will now take you 50 seconds after disabling this feature.

1. Open Control Panel in the small icons view and click on Power Options.
2. Click on Choose what the power buttons do.
3. Click on Change settings that are currently unavailable.
4. Uncheck Turn on fast startup (recommended).
_{Click on the numbers above to see screenshots.}

Click on Save changes. Now, shutdown Windows 8-10 and boot back into Ubuntu.

If you still aren't able to mount without getting errors, you may need to turn off hibernation completely. Open an elevated Command Prompt (right click on the shortcut, click on “Run as Administrator”), and input:

powercfg /h off

In one case, when I was on that panel, I noted that the power button in both "On battery" and "Plugged in" modes was set to "Sleep."  For safety purposes, I think both should be set to "Shut Down" and that is what I did.  If you want to "sleep", then you can set a timer or "close the lid."

Also, if you want to actually use hibernate, then check that "Hibernate" box so that the Hibernate option is included in the options when you click the power button on the "start" bar.  But note the comment at the end of the quote above that hibernate can result in problems if you have a disk crash.

When I used this method on a computer, Windows detected disk errors on start up and fixed a number of problems with the file system.  This made some of the problems the user was having disappear.  So, not only does it help when using Ubuntu to diagnose and fix disk errors, it also helps directly correct Windows errors.

AT&T now charging for data usage (Continued)

As a followup to this blog post:  https://leetlinktips.blogspot.com/2016/11/did-you-know-your-at-dsl-is-limited-to.html here is what I have found.

• If you have Uverse and DirectV, then you can combine bills into one, which will give you unlimited data.  For details, see https://www.att.com/esupport/article.html#!/u-verse-high-speed-internet/KM1010099
• Even though everything in the literature says so, if you have DSL, even if you can't get Uverse, there is no way to get unlimited service other than to pay for data over 150G.  For charges, see blog entry I referenced at the beginning of this entry.  
• A tool exists for estimating your data usage:  https://www.att.com/att/datacalculator/.  It is for cell service, but that doesn't really matter.
• For an informative article on AT&T services, see http://arstechnica.com/business/2016/05/atts-data-caps-impose-harshest-punishments-on-dsl-users/  .  (My note:  the objective for DSL is to get everyone off DSL by 2020, one way or the other.)
• An AT&T tech blog entry exists that discusses this:  https://forums.att.com/t5/AT-T-Internet-Account/When-will-AT-amp-T-increase-150GB-data-cap-for-DSL-users/m-p/3427555#M5361 

So, as you make your decision on whether or not to switch to Charter or some other option, be sure to look at the small print regarding data "overage" charges.  And pass this link around to your friends.

Windows 10 "Insider Beta" distributions, especially Build 14971: Warning

Microsoft has a program where users can download the next big change in Windows 10 before it is officially released.  Software in such a state is called "Beta."  Some people reading this may get an email or a popup offering a beta version.  A recent beta is "build 14971.  It has these features:  https://blogs.windows.com/windowsexperience/2016/11/17/announcing-windows-10-insider-preview-build-14971-for-pc/#JXsLhpEj7qs8tetO.97.  Sounds good. However, you should probably skip this one because there is a significant problem with it.  For details, read https://answers.microsoft.com/en-us/insider/forum/insider_wintp-insider_install/windows-10-insider-preview-14971-error-0x80246019/101ab002-20fd-44b1-88bb-c653a21eae7a.  The net of this article is that it crashes under conditions many users will have.

Beware of email with Subject Order Number or Purchase order number with an html or pdf attachment: Locky Ransomware Example

The emails look like this:

The attachment is either a pdf or an html file.  These should be trashed and reported to your eMail provider.  A description of what is probably in these files can be found at http://www.bleepingcomputer.com/news/security/the-locky-ransomware-encrypts-local-files-and-unmapped-network-shares/.  This can be very bad ransomware, locking your computer until you pay a large "fee;"  I'm talking $3000; even from friends or your bank.  Don't click on attachments.  Those days are gone.  GONE! 

Personally, wherever I have a financial institution or friend that sends an attachment, I let them know I won't open it.  If it is an institution, I call their security and give them an earful.  My experience is that they quickly change their procedures and the result you should ask for is that they ask you to go to their website and look at their messages.  No more PDFs sent to you.  If it is a friend, have them permit you to a service like Google Drive, Dropbox, or Microsoft Livedrive to look at the document.

Did you know your AT&T DSL is limited to 150GB/mo?

This is the email I got.  I can't find where the maximum is defined. Never heard.  Hmmm. Please report.  

Dear AT&T High Speed Internet Service Customer,

We want to remind you that your AT&T High Speed Internet service includes 150 gigabytes (GB) of data for each billing period.

       You have exceeded 150 GB this billing period.

We'll waive the charges for additional data this month and notify you as your usage approaches 150 GB in future months.

The next time you exceed 150 GB you'll be notified, but not billed. However if you go over your data plan in any subsequent billing period, we'll provide you with an additional 50 GB of data for $10. You'll be charged $10 for every incremental 50 GB of usage beyond your plan.

Here are some tips to help you manage your usage:

• Track your usage* by visiting att.com/internet-usage
  . Just log in using your primary AT&T email ID and password.
• Secure your wireless gateway/router. If you use Wi-Fi at home and you have not secured it with a password, someone nearby with a computer or Wi-Fi enabled device could access your home network and use your high-speed Internet service, which could increase your monthly usage.
• Manage household usage. If you have family members, children or friends who share your Internet connection, remember that their online activity will count toward your 150 GB data plan. AT&T Parental Controls is a free tool included with your service that enables you to customize access to websites, e-mail, instant messaging, chat, message boards, and more for each family member. You can even set time limits for access to the Internet.

For questions or additional tips on managing your Internet usage, please feel free to review our helpful FAQs and take advantage of our data calculator at att.com/internet-usage

. 

Thank you for choosing AT&T.

Sincerely,

Google's Department of Chromeland Security

This was an interesting article on browser security, what to expect in the future and what you should look for in a browser:  https://www.wired.com/2016/11/googles-chrome-hackers-flip-webs-security-model/?mbid=nl_11416_p3&CNDID=29643548

How Cybercriminals (ie China) breached the US Office of Personnel Management, and why it matters to you!

This is a long but very revealing article on how cyber criminals work.  I and everyone else who has worked for the government in the last several years were personally impacted.  Please read this as part of your education into how web sites are breached, why, and what you can do to avoid problems (eg, two factor authentication required for all your important sites).

https://www.wired.com/2016/10/inside-cyberattack-shocked-us-government/?mbid=nl_102416_p3&CNDID=29643548

Printing a single blog entry without printing all the junk on the page

I've been asked how to do this.  I recommend downloading the addon/extension to your browser called PrintFriendly (or PrintFriendly & PDF). (http://www.PrintFriendly.com) Once installed, you can click on the title of a blog entry you want to print and then click the PrintFriendly icon on your browser.  Printfriendly is useful for any web page where you have a lot of "junk" on the page and you only want to print a portion of it.

On my blog, you don't need to do that.  Click on the PrintFriendly icon (green) at the bottom of the post.

Bulletin: The US East Coast cyberattack that brought down large company servers- how you may have facilitated the attacker

There was a very large "unprecedented" Denial of Service attack on special computers on Friday that brought down entire company web sites, such as Amazon.  (Did you try using Amazon on Friday, 10/22 in the afternoon?) The details on what is known, as well as a refresher in jargon, can be found at:  https://www.wired.com/2016/10/internet-outage-ddos-dns-dyn/?mbid=nl_102116_p3&CNDID=29643548

How was this attack executed?  Hundreds of thousands of devices, including cameras, DVRs, Routers,... were infected by a class of malicious software called Mirai.  The infection may have been partly your fault!  Your camera, your DVR, your router may be infected. A command was sent to all infected devices and they started sending requests to the special computers, overwhelming them.  If you did not change your device's default user id and password, then your device was a target.  For example, if you have a camera or router, it has a user id and password that has to be entered in order to configure it.  If you left those two important security features at the default value provided by the manufacturer, then Mirai will detect that, log on to your device, and turn it into a "bot".  

How do you fix the problem?  First, you have to reboot the device.  Second, and immediately after rebooting, you have to change the default values to ones that are "yours" and of the same level of sophistication as demanded for logging on to your financial institution.  Also, if you have software in the cloud for remotely managing your device, you have to change the logon values in that program to match your new ones; if you have network-oriented programs, same thing.

This kind of problem, keeping default userids and passwords, is the same approach taken by the computer industry that started the whole virus/malware thing back in the 90's:  not taking security seriously and shortcutting quality coding practices.  Please be serious about the security of your devices.

An good readable article on the Mirai malware can be found here:   https://krebsonsecurity.com/2016/10/source-code-for-iot-botnet-mirai-released/

Email and Personal Identity Security: Why, How, And Your Responsibility

{editor note:  A priority for this blog is to provide information related to security.  There are over 300  entries in this blog, so to list each security entry would take a long time.  So, if you have a question about IT security, try searching for it in this blog first.  Use the search bar provided on this page to search.  If you can't find an answer, then google the question- just type the question as a sentence in the browser.  You will usually get an answer, though it might be in technical jargon; in that case, contact me to translate.}

In the wake of the disclosure that Yahoo has been "hacked" and that hundreds of millions of user's personal information has been made available on the web, everyone should reevaluate their own security practices associated with smart phones, computers, tablets, and even credit cards.  I will be presenting a bonus event at Olli Furman on Thursday, Oct 13 on this post's topic. Specifically I will review the latest on the why of hacking, the how of identity theft, and what you MUST be doing these days to protect yourself and your family. A Q and A will follow.  This post will provide the notes and references for that event.  Regarding the links in this discussion.

• One of the rules to avoid being "hacked" is to not follow links on blogs and in emails unless you "vet" the link.  For that reason, rather than using a word or phrase to name I link, I have the full link name in the text.  It is a little cumbersome, but it is instructive.
• Links have age.  Over time, a web page can be removed or moved.  I apologize in advance if some of the following links don't work at the time you click on them.  As a remedy, google ("search for") the topic.  But watch out for fakes in the results.   

The Why and How of Hacking

The State of Affairs

A recent article on a tech web site said this about the state of internet (and intranet) security:

"It's become so bad that it's already generated a mirthless cliché -- that there are only two types of companies: the ones that have been hacked and the ones that don't yet know they've been hacked."
So where did it all go wrong? Building secure systems is hard, especially when the security is being bolted on afterwards, as is often the case. And security is expensive and hard to justify as it doesn't come with a visible return on investment, making it easier to skimp on when times are hard.
On the other side are the attackers: lone hackers with enough time and interest to probe every potential weakness in a website, or the organised crime groups with the contacts to be able to turn a flaw in a company's security setup into a lucrative payday. Add to that the state-backed groups with the experience and the patience to lurk inside a network and then strike when the time is right for maximum impact.
The defenders have to get it right every time, whereas the attackers only need to find one weakness to bring the whole thing crashing down."
From http://www.zdnet.com/article/serious-security-three-changes-that-could-turn-the-tide-on-hackers/?ftag=TRE17cfd61&bhid=22449904719690284461257671316617

A recent "Black Hat 2016 Hacker Survey" of black hackers found that "The bottom line: 77% say no password is safe from hackers—or the government" {https://hosteddocs.ittoolbox.com/Black-Hat-Hacker-Survey-Report-2016.pdf}

What more is there to say?

Well, I do have something to say, and it will ruffle more than a few feathers. What a user, from a government, to a company, to a senior citizen does with respect to security literally depends on their "risk assessment" of their situation. All entities do risk assessment, even if they don't know it. If they ignore security, their risk assessment is: "not important to me, won't happen." There is an entire discipline that spans the domains of manufacturing, safety, security, defense, ... any human endeavor. This discipline is called Risk Management. I've spent my career, which spans manufacturing, IT, healthcare, and safety, in roles that require learning implementing this discipline. My PhD was in Artificial Intelligence, which is, essentially, implementing statistical, time-dependent risk management.  For IT in general, and the financial industry in particular, there is a society, SIRA, Society of Information Risk Analysts, (http://www.societyinforisk.org) that talk and research the math and policy of Risk Management.

Risk management is hard, very hard, to implement. This is because managers don't understand the math, but they think they do, and the financial models most managers use to justify implementing features of risk management are absolutely and ridiculously wrong. In other words, the models do not reflect the real cost of "things going wrong." So things are built or coded, or procedures implemented, and then, as mentioned above, security becomes incomprehensibly more expensive because it has to be bolted on afterward, plus the cost of the breach must be added to the total cost of the lost opportunity. (Of course, I go back again to the first rule of mismanagement, which is it is more profitable to the manager to implement a faulty system and then be a hero fixing it than it is to build a faultless system.)

Black Hackers

(Black) Hackers are the bad guys: they want your stuff.  Exactly what kind of stuff?  You might think:

• Your banking account number, user id and password
• Your email user id and password, so that they can use the information in that email to get at financial information or to, in some way, blackmail you or broadcast information you would rather not be known to your friends, family, or the world.

But, the vast majority of hackers are primarily interested in just getting your personal information.  That is easiest to get and can be sold to other "darker" hackers that then go after the above list of "valuables".
Try the following test to see what hackers are after and how much info about you has been exposed:  http://www.nytimes.com/interactive/2015/07/29/technology/personaltech/what-parts-of-your-information-have-been-exposed-to-hackers-quiz.html?em_pos=small&emc=edit_bg_20161006&nl=booming&nl_art=3&nlid=56525819&ref=headline&te=1
For a pretty good article on the financial and business details of the Black Hacker world, read http://www.businessinsider.com/we-found-out-how-much-money-hackers-actually-make-2015-7

White Hackers and the IT Security Industry

White Hackers is a humorous way to say "people who work in the security industry." The security industry itself is huge. Think of all the vendors who sell software to combat hackers, , etc. HUGE! And it is all thanks to the early coders of operating systems, especially Microsoft. These vendors simply ignored problems associated with failures of code to do what was expected.
In coding there is a general construct in programmng: a piece of code that does something, the functional code, has another piece of code, let's call it the ExceptionHandler, attached to the first piece that handles any errors. If the functional code encounters an error, such as the math operation failing, the code automatically (this is not directly coded by the programmer) "throws an exception." This exception is "caught" by the ExceptionHandler, if one has been coded, to handle the error.
The first versions of Windows, and all the way to Windows XP, generally did not have coded ExceptionHandlers other than at the highest level of code. (In computer programming the code is very hierarchical: code has embedded code has embedded code down to the hundredth level.) Microsoft coded its first operating systems in a language called "C". They converted to a better language for handling errors called C++ around the time of Windows XP, but they just did a straight conversion (technically, a recompilation), without adding all the error handling at every level of code. This "shortcut" left a giant security hole that you could drive a truck through." Opportunity knocked" and those holes were exploited, giving birth to viruses and trojans. That, in turn, gave birth to the security industry. (Every disaster for one is an opportunity for another.)
Point: Microsoft cut corners. As the Linux based operating systems, such as those used by Apple, have shown, it is possible to design for security from the start and avoid the problem all together.
I was a part of that development time and IBM was developing an operating system in parallel with Windows 95 called OS/2. OS/2 was developed in C++ and coded from the start to handle errors at the lowest level; that is, it used the ExceptionHandler to a much greater extent and to a much lower level than Windows. I've always wondered if the powers that be really wanted to make money in the security industry so they decided to go with the unprotected code. Naw, it is not true. What is true is the first rule of business (im)maturity: build in defects so you can be a hero when you correct them.
There is a professional organization that I look to for all things IT security: SANS (https://www.sans.org) Take a look at the page to see what is going on in the industry. There are a some pages that are really good resources. I've listed them in another post: https://leetlinktips.blogspot.com/2016/10/a-techie-resource-for-all-things-it.html.

In my past life I worked on industry committees to create "industry frameworks." These are reference designs that the industry should use for a particular function in that industry. For the security IT function, a government organization called NIST, the one I worked with while representing IBM, has developed a cybersecurity framework. The web page for this is: https://www.nist.gov/cyberframework. If you follow some of the links off this page you will see what is going on in the government re: IT security.

The web site I use most often in my daily security work is BleepingComputer: https://www.bleepingcomputer.com. This is a techie site but has a lot of cookbook information on how to recover from various security breeches.

The How of Being Secure: Your Responsibility

Passwords

• Have long passwords (16 characters minimum where allowed) with at least letters and numbers.  Length is more important than complexity.  (For Yahoo, only letters and numbers are allowed, no special characters, but I think the length limit is up to 26.)
• Do not use the same password for different sites.  The first thing the bad guys do is use a hijacked password across popular financial sites on the hope that it is used on one of those sites.  According to one recent article, their success rate is, by my standards, high:  .2 - 2%.  
• Change your passwords on a regular basis- all of them.
• Do not use the save password feature of a browser.  Those can be hacked fairly easy.  This means Google Chrome, any Microsoft product, and, yes, Mac through iCloud.  
• Write your passwords down and keep them up to date.  
• OR use a real password manager.  Some antivirus/antimalware suites, such as Norton, come with a password manager.  Depending on how the information is saved, these can be fine.  (The information has to be heavily encrypted and not saved on your computer.)  Of the stand alone password managers I have seen to date, Lastpass is the easiest and most complete application to use.  It is free for your computer and costs $12 / year for all your electronic devices.

Facial Recognition, Fingerprint recognition, etc.

You would think these would be the security "password" methods of choice. In my experience, they just haven't worked out. The technology itself has matured, but the software seems to be clumsy or error prone. I don't have anything else to say at this point. I might add something at a later time to this blog. Anybody like one of these methods and had a good experience?

On Line Browsing

These suggestions apply to all Chrome, Firefox, Internet Explorer, and Edge browsers.  Probably all the rest too, since they are web site-dependent, not browser dependent.

• Use only email systems that have two factor authentication.  It's a hassle, but a must.  Two factor authentication is where, if you change userid on the same computer or device OR you go to a different device, you will have to authenticate before you get access:  an email or text message is sent to your cell phone or called to your land line (or mailed).  You have to enter this to continue.
• Any financial site should have two factor authentication:  use it.
• For your email, create an email site that is a "dummy;" that is, you don't really use it.  However, all your email is sent as if it came from that site.  This dummy has absolutely no information in it:  
• No email
• No contacts
• No personal info
• Some email providers have a feature that is a "temporary account".  You can use this, but it is not a permanent solution.
• Build your real email site as secure.  Never use the email address to that site.  Don't let anybody know about it.
• Always use https: for every online query and for email.  There are settings in any browser that will force this.  (Another topic)  This makes your garbles your transmission.  This doesn't necessarily make the result at either end secure.  You can use an extension called "HTTPS Everywhere" to assure you force https.  If a site does not support the "s", then HTTPS Everywhere will warn you and show the https: red-lined out in the address bar.
• Use an add-on or extension to examine your search results for links to questionable web sites.  You can google for something like "browser add-ons extensions link security" to find these extensions.  You can go to the store of your kind of phone and do the same kind of search.  But it is a chicken and egg situation- there are a lot of bogus applications.  So, to start, two that I use are McAfee Site Advisor and WOT.  Several security suites come with an application that designates suspicious web sites.
• If you want to click on a link in a web page or document, make sure the link is valid.  Browsers have two "build-in" ways to examine a line before clicking on it.  If you "hover" your mouse over the link, the browser will show the actual url either in the lower left corner of your browser, right at the edge of the browser's frame, or floating under your mouse.  Why is this important?  Many gotcha phishing and ransom attacks start when a link is clicked that is labeled one thing and it goes to someplace else.  For example, this link looks like it goes to Google Search.   It doesn't.  Where does it go?
• Vet Tinyurls. There is a inherent problem with some links.  They look peculiar; eg.http://sec.r.os.  These are called shortlinks or tinyurls.  They are created by applications such as TinyURL to save typing long urls.  But they hid the real destination.  There are applications that will expand these shortlinks to their full identity, so you can make a judgement on safety before going to them. Go to your device's "store" and get a free high-rated extension that exands shortlinks. Or you can use any of a number of web sites that expand shortlinks plus provide other information as well. FYI, I use the extension "Unshorten.It!" http://www.unshorten.it/. When installed in Chrome, you can right click on any url and there will be a selection "Unshorten this link". Left click or select that and you will see a web page that will give a lot of information about that link's web site/web page.
• Copying urls. Most of these applications require that you copy the link over to a pop up window.  But doesn't that present a problem?  If you click on the link to "copy it", you will just end up going to the link. The trick is to right-click the link to bring up a context menu, then click the following to add to your clip board so you can paste it into the search field of the app's pop-up window:
• • IE:  "copy shortcut"
  • Firefox "copy link location"
• Chrome "copy link location"
• There is a great site to check the location of any server providing any url.  It is http://www.ip-address.org/tracer/ip-whois.php
• Use Blacklists and Whitelists: Blacklists are a list of sites that your browser will not/can not visit; whitelists are lists of sites that your browser can visit. Browsers and email applications have features or addons/extensions that maintain both kinds of lists. When I provide this feature, I like to use Firefox as my primary browser. (I use Chrome otherwise.) In my opinion, an addon called ProCon Latte is particularly easy to use. You can add your own opinion on your favorite blacklister/whitelister in the comments section at the end of this blog entry.
{My thanks to Justin Phelps of PC World, who wrote an article in 2012 that gave me suggestions on what to cover in this section.  Some of the remarks are loosely copied from that article.}

Device Level Protection Inside and Outside Your House

Your "device" is your computer, your tablet, your laptop, your phone, your smart watch, your car, your TV, and on and on: Anything that someone can control by "getting on" the device. This is called your "Internet of Things," or IoT. There are a few main things you should do to protect yourself when you are in a public place, or even some else's home.  As a matter of fact, if you allow someone to log on to your network, then you have an exposure similar to being in public.  See Setting Your Guest Account under Routers

Firewalls

A Firewall is a combination of hardware, low level "microcode", and high level software that sits between the user's devices and both the intranet and internet. It "filters" any traffic coming in to or leaving your device according to criteria you set or according to default criteria. Modems and routers have firewalls.  Your device may or may not have a firewall.

The following is more information taken from this source: Jeff Tyson "How Firewalls Work" 24 October 2000. HowStuffWorks.com. http://computer.howstuffworks.com/firewall.htm. I've included it "inline" in this blog entry because I get tired of looking up definitions for a lot of these terms below. I though it would be helpful to put it in one place.

Firewalls use one or more of three methods to control traffic flowing in and out of the network:

• Packet filtering - Packets (small chunks of data) are analyzed against a set of filters. Packets that make it through the filters are sent to the requesting system and all others are discarded.
• Proxy service - Information from the Internet is retrieved by the firewall and then sent to the requesting system and vice versa.
• Stateful inspection - A newer method that doesn't examine the contents of each packet but instead compares certain key parts of the packet to a database of trusted information. Information traveling from inside the firewall to the outside is monitored for specific defining characteristics, then incoming information is compared to these characteristics. If the comparison yields a reasonable match, the information is allowed through. Otherwise it is discarded.

Firewalls are customizable. This means that you can add or remove filters based on several conditions. Some of these are:

• IP addresses - Each machine on the Internet is assigned a unique address called an IP address. IP addresses are 32-bit numbers, normally expressed as four "octets" in a "dotted decimal number." A typical IP address looks like this: 216.27.61.137. For example, if a certain IP address outside the company is reading too many files from a server, the firewall can block all traffic to or from that IP address.
• Domain names - Because it is hard to remember the string of numbers that make up an IP address, and because IP addresses sometimes need to change, all servers on the Internet also have human-readable names, called domain names. For example, it is easier for most of us to remember www.howstuffworks.com than it is to remember 216.27.61.137. A company might block all access to certain domain names, or allow access only to specific domain names.
• Protocols - The protocol is the pre-defined way that someone who wants to use a service talks with that service. The "someone" could be a person, but more often it is a computer program like a Web browser. Protocols are often text, and simply describe how the client and server will have their conversation. The http in the Web's protocol. Some common protocols that you can set firewall filters for include:
• IP (Internet Protocol) - the main delivery system for information over the Internet. Usually TCP and IP go together, as in TCP/IP
• TCP (Transmission Control Protocol) - a language to open links to devices on the internet and to transfer information. It's main feature is a the IP protocol that breaks apart and rebuilds information that travels over the Internet. This is the most efficient way to transfer information
• HTTP (Hyper Text Transfer Protocol) - a language used to build Web pages and to communicate information from a browser to a web site.
• FTP (File Transfer Protocol) - a language used to download and upload files. Uses TCP/IP
• UDP (User Datagram Protocol) - used for information that requires no response, such as streaming audio and video
• ICMP (Internet Control Message Protocol) - used by a router to exchange the information with other routers
• SMTP (Simple Mail Transport Protocol) - used to send text-based information (e-mail)
• SNMP (Simple Network Management Protocol) - used to collect system information from a remote computer
• Telnet - used to perform commands on a remote computer (archaic)
• Ports - Any server machine makes its services available to the Internet using numbered ports, one for each service that is available on the server (see How Web Servers Work for details). For example, if a server machine is running a Web (HTTP) server and an FTP server, the Web server would typically be available on port 80, and the FTP server would be available on port 21. You might might block port 21 access on all machines but one inside your intranet.
• Specific words and phrases - This can be anything. The firewall will sniff (search through) each packet of information for an exact match of the text listed in the filter. For example, you could instruct the firewall to block any packet with the word "X-rated" in it. The key here is that it has to be an exact match. The "X-rated" filter would not catch "X rated" (no hyphen). But you can include as many words, phrases and variations of them as you need.

All operating system "distros" for computers/laptops/some tablets come with a built-in software firewall. You can turn it on or turn it off with a utility. In Windows it is called, appropriately, "Windows Firewall". Windows Firewall has not been very effective and, if you feel the need for a firewall and you are not using Windows 10, you need to install a third party firewall. You can install a free one, Comodo is the best, but it is real techie. http://www.pcmag.com/article2/0,2817,2475055,00.asp

With a hardware firewall, the firewall unit itself is normally in the router/gateway A good example is the Linksys Cable/DSL router. It has a built-in Ethernet card and hub. Computers in your home network connect to the router, which in turn is connected to either a cable or DSL modem. You configure the router via a Web-based interface that you reach through the browser on your computer. You can then set any filters or additional information. Hardware firewalls are incredibly secure. The casual consumer doesn't bother with advanced settings associated with these firewalls.
Why Firewall Security? There are many creative ways that unscrupulous people use to access or abuse unprotected computers:

• Remote login - When someone is able to connect to your computer and control it in some form. This can range from being able to view or access your files to actually running programs on your computer.
• Application backdoors - Some programs have special features that allow for remote access. Others contain bugs that provide a backdoor, or hidden access, that provides some level of control of the program.
• SMTP session hijacking - SMTP is the most common method of sending e-mail over the Internet. By gaining access to a list of e-mail addresses, a person can send unsolicited junk e-mail (spam) to thousands of users. This is done quite often by redirecting the e-mail through the SMTP server of an unsuspecting host, making the actual sender of the spam difficult to trace. Operating system bugs - Like applications, some operating systems have backdoors. Others provide remote access with insufficient security controls or have bugs that an experienced hacker can take advantage of.
• Denial of service - You have probably heard this phrase used in news reports on the attacks on major Web sites. This type of attack is nearly impossible to counter. What happens is that the hacker sends a request to the server to connect to it. When the server responds with an acknowledgement and tries to establish a session, it cannot find the system that made the request. By inundating a server with these unanswerable session requests, a hacker causes the server to slow to a crawl or eventually crash.
• E-mail bombs - An e-mail bomb is usually a personal attack. Someone sends you the same e-mail hundreds or thousands of times until your e-mail system cannot accept any more messages. Macros - To simplify complicated procedures, many applications allow you to create a script of commands that the application can run. This script is known as a macro. Hackers have taken advantage of this to create their own macros that, depending on the application, can destroy your data or crash your computer.
• Viruses - Probably the most well-known threat is computer viruses. A virus is a small program that can copy itself to other computers. This way it can spread quickly from one system to the next. Viruses range from harmless messages to erasing all of your data. Spam - Typically harmless but always annoying, spam is the electronic equivalent of junk mail. Spam can be dangerous though. Quite often it contains links to Web sites. Be careful of clicking on these because you may accidentally accept a cookie that provides a backdoor to your computer.
• Redirect bombs - Hackers can use ICMP to change (redirect) the path information takes by sending it to a different router. This is one of the ways that a denial of service attack is set up.
• Source routing - In most cases, the path a packet travels over the Internet (or any other network) is determined by the routers along that path. But the source providing the packet can arbitrarily specify the route that the packet should travel. Hackers sometimes take advantage of this to make information appear to come from a trusted source or even from inside the network! Most firewall products disable source routing by default. Some of the items in the list above are hard, if not impossible, to filter using a firewall. While some firewalls offer virus protection, it is worth the investment to install anti-virus software on each computer. And, even though it is annoying, some spam is going to get through your firewall as long as you accept e-mail.
  The level of security you establish will determine how many of these threats can be stopped by your firewall. The highest level of security would be to simply block everything. Obviously that defeats the purpose of having an Internet connection. But a common rule of thumb is to block everything, then begin to select what types of traffic you will allow. You can also restrict traffic that travels through the firewall so that only certain types of information, such as e-mail, can get through. This is a good rule for businesses that have an experienced network administrator that understands what the needs are and knows exactly what traffic to allow through. For most of us, it is probably better to work with the defaults provided by the firewall developer unless there is a specific reason to change it.
  One of the best things about a firewall from a security standpoint is that it stops anyone on the outside from logging onto a computer in your private network. While this is a big deal for businesses, most home networks will probably not be threatened in this manner. Still, putting a firewall in place provides some peace of mind.

Proxy Servers and DMZ: A function that is often combined with a firewall is a proxy server. The proxy server is used to access Web pages by other computers, not directly through your service provider computer. When another computer requests a Web page, it is retrieved by the proxy server and then sent to the requesting computer. The net effect of this action is that the remote computer hosting the Web page never comes into direct contact with anything on your home network, other than the proxy server. Proxy servers can also make your Internet access work more efficiently. If you access a page on a Web site, it is cached (stored) on the proxy server. This means that the next time you go back to that page, it normally doesn't have to load again from the Web site. Instead it loads instantaneously from the proxy server. There are times that you may want remote users to have access to items on your network. Some examples are:

• Web site
• Online business
• FTP download and upload area.

In cases like this, you may want to create a DMZ (Demilitarized Zone). Although this sounds pretty serious, it really is just an area that is outside the firewall. Think of DMZ as the front yard of your house. It belongs to you and you may put some things there, but you would put anything valuable inside the house where it can be properly secured. Setting up a DMZ is very easy. If you have multiple computers, you can choose to simply place one of the computers between the Internet connection and the firewall. Most of the software firewalls available will allow you to designate a directory on the gateway computer as a DMZ. Once you have a firewall in place, you should test it. A great way to do this is to go to https://www.grc.com and try their free Shields Up! security test. You will get immediate feedback on just how secure your system is!

Smartphones and Tablets: You would think smartphones and tablets should have firewalls too: not necessarily. There are three sources of malware for these devices:

1. Data from the cell tower
2. Data from a wifi
3. Apps downloaded from wherever.

If you take your data from the cell tower, then you are protected by a carrier based NAT, meaning a strong firewall.  If your data is on wifi, then you can be exposed in the same way that Apple computers are exposed (iDevice and Android devices have the same underlying operating system: Linux.)
On downloaded apps: You take your chances if you don't use the preferred store (Apple or Play). I have some applications installed on my Android to protect me:

• Malwarebytes (https://www.malwarebytes.com)
• Lookout (This is the best) (https://www.lookout.com)
• CCleaner (cleans out your browser caches and other temporary information, eliminating potential threats that are "ticking" in those locations (https://www.piriform.com)
• NoRoot Firewall, the only true firewall in this selection. https://play.google.com/store/apps/details?id=app.greyshirts.firewall&hl=en

I've given the addresses to the web sites in the above list, but you should go to your appropriate app store to download these apps.

Logging on to Public Wifi:  Logging on to Public Wifi is always a risk.  Note that when you do log on, the landing page has some verbage to the effect that you are accepting all risk.  In Windows systems, when you log on to the wifi, make sure that the connection is "Public".  Verify this by going to Control Panel.All Control Panel Items.Network and Sharing Center.  The diagram on the target page should have the wifi SSID next to an icon and also the word "Public" underneath.  If this isn't true, then there is something wrong.  See the following tutorial:  http://www.tenforums.com/tutorials/6815-network-location-set-private-public-windows-10-a.html

Login IDs for Devices

One very common problem I encounter is that someone has let there young or grown up kid use their device. That other person downloads something, a game, music, an app, that is maleware. The device is infected and the owner suffers the consequences. I get calls to fix the problem and, during the course of talking about things, I discover that someone has been on the computer that is not the owner. So, some dos and don'ts:

• Don't let anyone on your own user id: no one, not even your spouse.
• Create a new local user for guests (already set up in Windows) and make sure that the account has only "standard" rights, so they can't change the computer, get in to your stuff, etc.
• Create a separate administrative user. Use this account if you get malware. Usually malware installs in a user account, so switching accounts will give you a chance to run antimalware apps.
• Create other users and give them administrative authority if necessary; otherwise standard authority.
• Use a reasonably difficult password for your account. If kids or guests are around, log out of your account whenever you leave the computer.
• Consider disabling the USB ports on the guest account or other accounts that kids might use.

Flash Drives

I usually don't put security on flash drives. But that is because the information on them is not sensitive. If you put personal information on drives, you should think about encrypting the information and using a password to get into the drive. Most flash drives come with security software on them Read this article: http://www.zdnet.com/pictures/keep-sensitive-data-safe-with-these-5-secure-usb-drives/ . Also, if someone gives you a flash drive, don't trust it. You can run antivirus and antimalware on the drive before you use it. Usually your antimalware/antivirus can be accessed by right clicking on the flash drive and selecting a scan of that drive by your software.

Routers

Routers are the devices that distribute internet around your house. That includes supplying your ethernet and your wifi. Among the security settings you need to consider:

• The login id and password to the software "front end" of the router, where you set up the router. This login has defaults, such as userid = "admin" and password = "password". Anyone who knows anything about routers can quickly google the defaults for your router and get in. So you need to change these. Anyone who is able to log on to your intranet can access your router and create a back door just for them or mess up your router.
• The SSID and the password for wifi access should be set. You should use WPA2-PSK or WPA-PSK[TKIP}_WPA2-PSK[AES} as the security protocol. There is always an option to not broadcast your SSID. If you live in an environment where there are a lot of wifis, you should consider setting this to not broadcast. Then your wifi will be invisible.
• Newer routers have 3 different signals: a 2.4, a 5.0, and a guest. You should keep the 2.4 and 5.0 to yourself and use the guest for anyone who wants to get on your router. But you have to turn the guest account on and give it a password.
• Routers have many settings that manage your network security. These settings allow you to only allow certain computers or devices on your network, configure your firewall, and even allow access to your computer from a remote location. (This last one should be used only if absolutely necessary.) The casual user typically does not care about these settings; however, the black hacker does.
• If you have a Netgear router, there is a great app for managing your network called "Netgear Genie". Get it from the Netgear site.

There is so much more to me said about routers.  If you have questions, used the comment section below.

Setting GMail to import all your Yahoo (bellsouth, att, etc) email to GMail

1. Click on the gear on the right side of your mail Gmail screen.  (Must be in your Gmail screen! not some other screen.)
2. Click on "Accounts and Import"
3. In the area that says "Check mail from other accounts," click on "Add a POP3 mail account you own".  The first pop up screen asks for the "from email" address.  Click "Next Step"
4. In the resulting popup screen, which is the above picture, enter the email address of the Yahoo account, including the domain (eg, @bellsouth.net).
5. Enter the password
6. The server name is "inbound.att.net"
7. The Port is 995
8. Make sure the box that is labeled "Always use secure connection..." is checked.
9. The other check boxes are up to you. 
1. Leave a copy...:  if this box is checked, mail will remain on the source server.  That server's email account will fill up over time and become a problem  I recommend not checking this box.  When not checked, every email that is copied to gmail is deleted on the source account.
2. Label incoming messages...: if this box is checked, all the transferred messages will be put in a mail folder of the name you provide.  This might be useful if you have had a gmail account and have duplicate emails in both accounts.  In that case, you can review the first batch of transferred emails for non-duplicates and pull them out of this folder, then edit your settings to remove the checkbox and delete the folder.  But this is usually too complicated:  just leave the box unchecked.
3. Archive incoming messages... If this box is checked, then the transferred emails do not go into your Gmail inbox, they just go into your email account.  The way to get to them is to click the "All mail" "folder" on the left hand navigator of the Gmail page.  It is easiest to not check this.
10. Click "Add Account"

How the Tech Scammers Do Their Thing

If you haven't been hit by a tech scammer, there is a good chance you will.  That is when "something" takes over your whole computer and says something like your computer is ransomed, or has an infection and it will fail, or they will steal all the information on your computer.  The screen might say that it is from Windows, or it is from Apple, or from some other affiliated group.  The screen gives a number or two to call.

You try different ways to get out of the mess, but nothing works except hitting the power button.

What did you do to get that?  How do they do it:  take over your computer.  Well, it is a trick:  they haven't taken over your computer.  What they have done is put up a browser window in what is called kiosk mode, where access to all the usual taskbar icons and various shortcut key sequences are not accessible.

Ctl-Alt-Del for Windows and then shutting down the browser "task" or even sometimes just F11 will remove the threat.

For a Mac:

• type ⌘ + space
• start typing "activity monitor"
• as soon as activity monitor is highlighted in the spotlight list, hit the enter key.

For a good technical discussion of how this is done- how the scammers code the web page to make the ransom page happen, see:  http://www.bleepingcomputer.com/news/security/sneaky-tech-support-scammers-use-fake-addresses-alert-dialog-boxes-to-trick-google-chrome-users/

A Techie Resource for All Things IT Security and Identity Protection- For You Too

The place to go for IT security and identity protection info is https://www.sans.org, which is a techie training site.  Though it may be too much techie for you, it is comprehensive and just looking at some of the pages can provide you with the vocabulary and activities on this topic.  You can pick a topic of interest and "Google" that topic to find other internet resources, some of which will be "consumer friendly."

Here are some specific pages from that site that are especially helpful:

• Posters that, for me, provide a comprehensive organization of particular topics
• Reading Room:  top articles on this topic
• Best Practices on this topic

Again, these are techie articles, but useful to the consumer to see the depth and breadth of the problem and what is being done by the "white hat" community.

Timely Message for September 28, 2016 on Yahoo email problems

Again, please pass this message on to your neighbors:

Yahoo email problems continue.  I spent 3 hours yesterday to get one yahoo account password updated; and that was with yahoo help on the line.  I did one other yahoo email password update where the process went through the "send a temporary password to our cell phone via text message".    It is 24 hours later and still no text message.

Clearly, the servers that manage passwords are in "denial of service" mode:  too many requests and not enough resource to handle them.  The system just wasn't designed for this many password changes at one time.

This is a matter of gross, gross mismanagement on the part of yahoo.  Up to two years hiding the fact that the email was hacked.  For those of you that I have helped, I made you aware of the problem soon after the hack occurred because of the evidence- phishing attacks. Then announcing it without providing the bandwidth to change passwords.

Changing the yahoo password helped, but the information was out in "dark space" and being sold.

It is best that you make sure all your accounts:

• Have long passwords (16 characters minimum where allowed) with at least letters and numbers.  Length is more important than complexity.  (For Yahoo, only letters and numbers are allowed, no special characters, but I think the length limit is up to 26.)
• Do not use the same password for different sites.  The first thing the bad guys do is use a hijacked password across popular financial sites on the hope that it is used on one of those sites.  According to one recent article, their success rate is, by my standards, high:  .2 - 2%.  
• Change your passwords on a regular basis- all of them.
• Only use email systems that have two factor authentication.  It's a hassle, but a must.  Two factor authentication is where, if you change userid on the same computer or device OR you go to a different device, you will have to authenticate before you get access:  an email or text message is sent to your cell phone or called to your land line (or mailed).  You have to enter this to continue.
• Any financial site that has two factor authentication:  use it.
• Always use https: for every online query and for email.  There are settings in any browser that will force this.  (Another topic)  This makes your garbles your transmission.  This doesn't necessarily make the result at either end secure.  

One last thing:  keeping records of all this is, obviously, anywhere from terribly inconvenient to impossible.  But:

• Do not save your passwords using the save feature of a browser.  Those can be hacked fairly easy.  This means Google Chrome, any Microsoft product, and, yes, Mac through iCloud.  
• Write your passwords down and keep them up to date.  Set dates for changing passwords.
• OR use a real password manager.  Some antivirus/antimalware suites, such as Norton, come with a password manager.  Depending on how the information is saved, these can be fine.  (The information has to be heavily encrypted and not saved on your computer.)  Of the stand alone password managers I have seen to date, Lastpass is the easiest and most complete application to use.  It is free for your computer and costs $12 / year for all your electronic devices.  

I'm sure there are several more rules to be written, but I don't have time now.  I'm off to help my neighbors.

Timely Message for Sept 26 2016 4-8pm Eastern Daylight Time

Yahoo email is "down."  As a consequence of the recent hack announcement, Yahoo email, including att.net and att.com accounts, is down and has been down for a while.  I was told by att / yahoo support that it would either be completely down for 2-4 hours or 24 hours, depending on the situation.  yahoo support is itself "down" due to high call volume.  So, when you try to log on, att.net, att.com and yahoo.com will say you have the wrong logon and password.  If you click that you have forgot the password, it will not accept any of your personal answers:  that's not working either.

If you use a yahoo, att, bellsouth, etc email just to receive email, but you forward that to another account, such as gmail, you probably are OK because your forward link remains active- you aren't trying to log on each time.

Pass this on to your neighbors.

August Windows 10 Refresh Giving You Problems?

There was a major, almost-new-level-of-Windows update around August 16, 2016.  I have had two cases, including my own, where the install didn't work as usual.  I had to restart my computer twice before the install took.  Others have a number of system parameters reset to default, which sometimes makes their setups unusable (eg, laptop no longer stays alive forever, but reverts to sleep mode after the default amount of time, or laptop goes to sleep when the lid is closed).  Use the comment field below if you experience any problems.  Thanks

Is There Going to be a Monthly Charge for Windows in the Future?

The answer, as you might have guessed, is "yes and no" and "eventually."  For details, read http://www.forbes.com/sites/gordonkelly/2016/07/14/microsoft-confirms-windows-10-new-monthly-charge/#47f7d98fdfab.  For those who don't want to click on the link, copy and paste the address in your browser bar.  Be careful during the copy, because you might click close enough to the link part that it will go ahead and go to the link anyway.

Two "Must Have" Anti-Ransomware Tools

Ransomware is a program or web page that seems to take control of your computer, demanding money to release that control.  Or, as a variant, it holds your screen hostage and warns that you computer is infected or must have an immediate update, then gives a phone number to call to fix the problem.  I've talked about specific instances in other entries on this blog.

The Trend Micro company has two free programs you can use to defeat the ransomware.  They are:

• A program for ransomware that locks your computer:  https://esupport.trendmicro.com/en-us/home/pages/technical-support/1105975.aspx
• A program for ransomware that encrypts your files:  https://esupport.trendmicro.com/en-us/home/pages/technical-support/1114221.aspx