Happy Thanksgiving!

Happy Thanksgiving from all of us here at the West Chester Technology Blog to your, our many dedicated readers.

 

Today try to stay off of the smartphones and enjoy your family, friends, football and food!

How To back out of IE11

During the past week or 2 Microsoft has added Internet Explorer 11 to it's list of "critical updates" which can be a real problem for many of us. Many of the internet sites we visit such as banks and other important service providers simply are not ready for Microsoft's newest browser, and Microsoft should know this. Unfortunately IE 11 (Internet Explorer) was unwisely (if you ask me) added to the most resent critical update list. This means anyone who has critical updates setup to automatically download & install is "rewarded" with the newest internet browser.

Not So fast Microsoft!

Now don't get me wrong IE 11 has some great new features such as the new Developer Tools, better standards support and better HTML 5 video among other security improvements.

If you find, that after this update occurs IE crashes and does not behave normally or that some of the sites you regularly visit start misbehaving you should downgrade IE 11 to IE 10 or IE 9.

To do this open the "Control Panel" and "Programs and Features". Then click "View Installed Updates" on the left panel. Be patient as this can take a few moments to load all the updates. Under "Microsoft Windows" select "Internet Explorer 11" and uninstall it.

Once you have completed this you will be asked to reboot the PC. Do this and log back into Windows. Internet Explorer will revert back to either IE9 or IE10, depending on which one you were using at the time of the upgrade.

At some point down the road, hopefully soon, IE 11 will work fine with just about everything we use, but for now, many of us will experience problems with the new browser and downgrading it is really the only solution.

Live Remote Support Now Available

Mann Tech Services now offers live remote tech support services. Many technical problems can be evaluated and even corrected through remote services which is always faster and more convenient. You can now request this type of service by submitting an online work order form which is always available on the left column of this fine blog.

Live Remote Tech Support can even include training sessions with applications like Word, Excel, Outlook, PowerPoint and Windows operating systems.

CryptoLocker Invades a PD

I have written about the CryptoLocker virus and other security problems countless times in this blog and here is yet another recent real life example of what can go wrong with computer security, even when police departments are involved.

A U.S. police department was so determined to get back important files that had been encrypted by the rampaging CryptoLocker Trojan it decided to pay the ransom being demanded by the criminals.

It sounds like a far-fetched and probably serious breach of law enforcement protocol, but according to a local news report, this is exactly what the police department in Swansea, Mass., decided to do when "several images and word documents," were found to have been encrypted by the malware.

The department had followed the instructions given by CryptoLocker and on Nov. 10 bought two bitcoins worth $750 which resulted in the criminals sending the decrypt key, police said.

The "Trojan" is so complicated and successful that you have to buy these bitcoins, which we had never heard of," said Swansea Police Lt. Gregory Ryan in an admission to the press many will find quite staggering.

Ryan didn't say why the files were so important that a police department saw fit to pay a digital ransom to criminals, but insisted "It was an education for [those who] had to deal with it," and that at least the infection had not caused damage to the system the department used for booking official reports and logging photographs.

"We were never compromised," Ryan said, a statement that many would deem inaccurate.

Only last weekend, the UK National Crime Agency put out an alert that the criminals behind CryptoLocker were now targeting UK SMEs on a large scale. Their recommendation is that affected businesses do not pay the ransom, not least because there is no guarantee that they will even receive an unlock key.

There is growing concern about the scale and success of the CryptoLocker campaign which, it is worth pointing out, is far from the first malware to use the technique of locking or encrypting victim's files. A key element of CryptoLocker's recent success is that it has started demanding untraceable bitcoins for payment rather than more conventional money channels that were easier to block or trace.

Another weakness is that there is often no central place for affected individuals to report infections, nor seek advice. Consequently, some victims pay up. The citizens of Swansea, Mass., now know that this helplessness includes their local police department.

"With the FBI stating that this type of activity should not be encouraged by paying the ransom, it is surprising to see that the local police department paying to regain access to the files," commented Gavin Millard, EMEA technical director of security firm Tripwire.

"What is more concerning though, is the apparent lack of security and backup procedures on systems that could be storing critical and highly confidential documents."

I have written this countless times on this little tech blog. Never ever open attachments that you did not specifically ask for. When in doubt, contact the sender by phone to verify that the attachment is legitimate. Otherwise you may be in the same sinking boat as the police department in this article.

Do You Know a Virus from a Worm?

Here is a question I am asked all the time. Have you ever wondered what the difference is between a Virus and a Worm? Perhaps you - yourself have stepped into my office and asked this very question.

Well very simply a virus is a program that replicates, which means it spreads from file to file on your system and from PC to PC. In addition, it may be programmed to erase or damage data.

Worms are generally considered to be a subset of viruses, but with certain key differences. A worm is a computer program that replicates, but does not infect other files. Instead, it installs itself once on a computer and then looks for a way to spread to other computers.

In the case of a virus, the longer it goes undetected, the more infected files there will be on the computer. Worms, however, create a single instance of their code. Moreover, unlike a virus, a worm code is stand-alone.

To sum this up, a worm is a separate file while a virus is a set of code which adds itself to existing files.

Skydrive Introduces Itself to Apple

Microsoft's cloud storage solution, "Skydrive" has been my favorite for a couple of years know. Their free service includes 7GB of space which is 5GB more then Dropbox. I had also used a Windows phone for about a year and one of the best features was the direct photo to Skydive upload feature. When I switched over to the Android Galaxy Note 3 this was probably the feature I missed most.

Microsoft is obviously working to expand it's presence in the mobile platform world with their Windows Phone and Surface tablets. On the software side of things Skydive is one of their biggest successes. Until now the camera to Skydive feature was only available to Windows Phone users.

Last week Microsoft announced a major update to its Skydrive app for iOS, which brings with it more advanced photo storage features, and enhanced Facebook sharing options. This isn’t the first Skydrive app for Apple’s mobile operating system, as Microsoft has had a presence inside the App Store for a couple of years, steadily updating the Skydrive app in the meantime.

Now, with the recent release of iOS 7, Microsoft thought the time was right to give it a complete makeover, bringing it visually into line with the new, minimalist look of iOS. One of the most significant feature alterations is the ability to automatically share pictures taken with your iPhone or iPad onto your Skydrive. Much like Android’s auto-upload to Google+, you can choose whether this is done over 3G/4G or Wi-Fi, plus you’re given the option to lower the resolution of the picture to help make the most of the available space.

Pictures shared through Skydrive are then visible on your Windows computer or tablet, along with images captured from any other device connected to the account. Viewing the pictures through the app, it’s possible to share them directly to Facebook, and Microsoft has added a few new options to make this easier. Single or multiple images can be shared, either to an existing or new album, and can be marked for public or private viewing in the app itself.

Finally, the Skydrive app now integrates with Office Mobile and OneNote for iOS, meaning there’s no more messing around with the Quicklook viewer if you need to examine or edit documents saved in Skydrive. The new look Skydrive app will be ready to download for free from the iTunes App Store today.

I expect that these features will be bright to Android shortly as well.

Curisosity vs. Attachments

Another quick security tip...
If an email or email attachment seems suspicious, do not open it, even if your anti-virus software indicates that the message is clean. Cyber Criminals are constantly releasing new viruses, and the anti-virus software might not have the signature yet. When in doubt contact the person who supposedly sent the message to make sure it's legitimate before you open the attachment.

This is especially important in the case of forwards. Even messages sent by a legitimate sender might contain a virus. If something about the email or the attachment makes you uncomfortable, there may be a good reason.

Don't let your curiosity put your computer at risk.

The Future of Wearable Technology

It has been about 2 months now that I have been using the Galaxy Gear Smart Watch. For the most part my experience has been a good one and I enjoy using the watch. With the holidays approaching and everyone looking for great tech gifts I wanted to recap very clearly my impressions of this and then write a little bit about my thoughts on the future of wearable technology in general.

So here we go.

The Galaxy Gear

The pros of this device are that it is great way to keep up to date with email and text messages without needing to grab your phone constantly. You can of course customize the watch display in various modes to include the date, current weather conditions, steps walked and more.

There is also a camera on the wrist band which can take pictures and short video clips which are automatically sent to your phone as well. The quality of the images are low at about 2mp which is to be excepted.

Because it is connected to your phone through Bluetooth it also acts as an extension to your phone. Incoming calls can be viewed to see who is calling without reaching for your phone and you can even accept or reject the incoming the call from the watch, You can even carry on a conversation with the watch.

The cons include the watch band which I have found is bigger then is should be which is probably the result of the camera which is in the band. Also the battery needs to be charged about every 2 days and there is a dock/cradle which you must use. I mentioned the ability to talk (on the phone) through the watch, however this is very difficult if not impossible in crowded places or if you want to have a private conversation. The last negative point I will mention here is that the Galaxy Gear currently only works with the Samsung Galaxy S II and III and Note 2 and 3.

In conclusion if you have one of the supported phones and you like some of the benefits I mentioned here you might enjoy checking this out. There is some real good uses here and it is always a conversation piece when people see it.



Every time I sit at the pub people ask, "hey is that - that smart watch on TV" and just about everyone I have met is curious about what it does. This leads to my prediction which follows.

The Future of Wearable Technology

First is there a future here? The answer is yes and although we are in the very early stages of finding what works (the smart watch) and what does not (google glass). The "google glass" kind of freaked people out. Who wants to have a conversation with someone who's attention is obviously somewhere else and who could be taking pictures of you and even recording the conversation. However wearable technology is actually a natural fit for watches and I believe that this is the area where we will see a successful evolution and acceptance by consumers.

The smart watch will be the first successful and profitable wearable technology and this will probably occur during the next two years. You will see this when the watches get a little smaller and can act independently from smartphones.

Microsoft's eBay Store

I give Microsoft this. Microsoft has tried many innovative things over the past few years. This week Microsoft who already of course has their own retail website, not to mention over 75 Microsoft Store brick-and-mortar locations in the U.S. and Canada. Microsoft obviously has plans to expand their retail presence, and their latest effort in doing is the announcement of their very own store on eBay.

 

According to the Microsoft blog,” By working with eBay, a top global shopping destination with more than 124 million active users globally, even more customers can now purchase their favorite Microsoft first-party products including Surface and Xbox, as well as accessories. Our customers can expect the same safe online shopping experience, return policy and free shipping from the Microsoft Store on eBay that they’ve come to expect on microsoftstore.com.”

Right now, the eBay page for Microsoft does seem to arrive with a limited supply of products in comparison to the main Microsoft Store site. It is still selling the previous generation Surface and Surface Pro tablets at a discount, instead of having the most recent Surface products on sale. While everyone is looking forward to the Xbox One this weekend, the eBay page is still pushing the aged Xbox 360 console. I hope Microsoft updates their new eBay store soon because this is a great idea but the catalog needs to be updated if it to find success.

Introducing the LP Browser

Check out another Blog Site that I am partnered with at www.lpbrowser.blogspot.com.

If you love music and have or collect vinyl records be sure to check it out.

Here are some random examples of the custom made, handcrafted LP Browsers which are made out of the wood selected by the customer such as Douglas Fur, Poplar, Maple and Oak and stained in any style requested.

These presented here are proudly owned, displayed and used by this very blogger!

There will always be a link to the LP Browser Blog on the left panel of this fine blog.

Looking Back on Challanger

What is the most complex accomplishment of our government in the past 50 years? To me this is a "no brainer". The ability to put human beings in space and return them safely home, as President Kennedy first proposed in the mid 1960's is easily the correct answer. We, the United States of America through NASA have now done this hundreds of times.  All of this has not come without great risk... and tragedy.

NASA has made errors in design and judgment. There have been three occasions which led to death and disaster are February 21, 1967, when three astronauts will killed on the Launchpad while conducting a live test of Apollo 1. The second failure was on January 28, 1986 when the space shuttle Challenger exploded during launch killing all 7 astronauts on board. The most recent NASA disaster was when the Columbia exploded on re-entry killing all 7 astronauts on board on February 1, 2003.

On a mathematical scale alone the percentage of our success reaching into space is impressive. However percentages when considering human lives is an entirely different consideration. Each of these three disasters were caused by human error and each time started with problems in system design followed by arrogance by those making decisions even when the design flaws were brought to their attention.

So much of what we do on a daily basis and how we make decisions can be learned by reflecting on these 3 NASA disasters. NASA's space program is in a slow down period at this time because the space shuttle program has been retired after 20+ years of missions and although the new Orion program promises a return to the moon and then Mars it will take longer then it otherwise should, primarily because of our slumping economy and the non-committal of society in general.

This weekend I watched the new Discovery Channel movie, "The Challenger Disaster" which was excellent. Although there is some "dramatic license" with the telling of this true story it is well worth your time if you want to learn more about that space shuttle disaster. This is the Discovery Channel’s first dramatic feature film, The Challenger Disaster, staring Bruce Greenwood, William Hurt and Brian Denney.

The film is based around Richard Feynman’s investigation into the 1986 Space Shuttle Challenger disaster that killed all seven astronauts during liftoff.

Based on Dr. Feynman’s book What Do you Care What Other People Think, the film will follow Feynman’s efforts to discover the cause of the shuttle's explosion and expose the truth behind the disaster.

The Challenger Disaster premièred on Saturday November 16th The Science Channel and airs throughout the month. I recommend everyone check it out.

I have not read the book "Truth, Lies and O-Rings: Inside the Challenger Disaster" by Allan J. McDonald but it sits on my Kindle in the on-deck circle. This book has received excellent reviews and is now considered the best account of what went wrong with the Challenger. If you are interested in learning more check it out.

 

TA13-317A: Microsoft Updates for Multiple Vulnerabilities

 

Original release date: November 13, 2013 | Last revised: November 16, 2013

Systems Affected

• Windows Operating System and Components
• Microsoft Office
• Internet Explorer

Overview

Select Microsoft software products contain multiple vulnerabilities. Microsoft has released updates to address these vulnerabilities.

Description

The Microsoft Security Bulletin Summary for November 2013 describes multiple vulnerabilities in Microsoft software. Microsoft has released updates to address these vulnerabilities. The November Security Bulletin includes a patch for the new “watering hole” campaign which utilizes a US-based website that specializes in domestic and international security policy.

Impact

These vulnerabilities could allow remote code execution, elevation of privilege, information disclosure or denial of service.

Solution

Apply Updates

Microsoft has provided updates for these vulnerabilities in the Microsoft Security Bulletin Summary for November 2013, which describes any known issues related to the updates. Administrators are encouraged to note these issues and test for any potentially adverse effects. In addition, administrators should consider using an automated update distribution system such as Windows Server Update Services (WSUS). Home users are encouraged to enable automatic updates.

References

• Microsoft Security Bulletin Summary for November 2013
• Microsoft Windows Server Update Services
• Turn Automatic Updating On or Off

Revision History

• November 13, 2013: Initial Release

TA13-309A: CryptoLocker Ransomware Infections

This is the 3rd Cyrpto-Locker Alert issued by the US Government.
Please take it seriously bloggers.

Original release date: November 05, 2013 | Last revised: November 15, 2013

Systems Affected

Microsoft Windows systems running Windows 8, Windows 7, Vista, and XP operating systems

Overview

US-CERT is aware of a malware campaign that surfaced in 2013 and is associated with an increasing number of ransomware infections. CryptoLocker is a new variant of ransomware that restricts access to infected computers and demands the victim provide a payment to the attackers in order to decrypt and recover their files. As of this time, the primary means of infection appears to be phishing emails containing malicious attachments.

Description

CryptoLocker appears to have been spreading through fake emails designed to mimic the look of legitimate businesses and through phony FedEx and UPS tracking notices.  In addition, there have been reports that some victims saw the malware appear following after a previous infection from one of several botnets frequently leveraged in the cyber-criminal underground.

Impact

The malware has the ability to find and encrypt files located within shared network drives, USB drives, external hard drives, network file shares and even some cloud storage drives.  If one computer on a network becomes infected, mapped network drives could also become infected. CryptoLocker then connects to the attackers’ command and control (C2) server to deposit the asymmetric private encryption key out of the victim’s reach.

Victim files are encrypted using asymmetric encryption. Asymmetric encryption uses two different keys for encrypting and decrypting messages. Asymmetric encryption is a more secure form of encryption as only one party is aware of the private key, while both sides know the public key.

While victims are told they have three days to pay the attacker through a third-party payment method (MoneyPak, Bitcoin), some victims have claimed online that they paid the attackers and did not receive the promised decryption key.  US-CERT and DHS encourage users and administrators experiencing a ransomware infection to report the incident to the FBI at the Internet Crime Complaint Center (IC3).

Solution

Prevention

US-CERT recommends users and administrators take the following preventative measures to protect their computer networks from a CryptoLocker infection:

• Do not follow unsolicited web links in email messages or submit any information to webpages in links
• Use caution when opening email attachments. Refer to the Security Tip Using Caution with Email Attachments for more information on safely handling email attachments
• Maintain up-to-date anti-virus software
• Perform regular offline backups of all systems to limit the impact of data and/or system loss
• Apply changes to your Intrusion Detection/Prevention Systems and Firewalls to detect any known malicious activity
• Secure open-share drives by only allowing writable access to necessary user groups or authenticated users
• Keep your operating system and software up-to-date with the latest patches
• Refer to the Recognizing and Avoiding Email Scams (pdf) document for more information on avoiding email scams
• Refer to the Security Tip Avoiding Social Engineering and Phishing Attacks for more information on social engineering attacks

Mitigation

US-CERT suggests the following possible mitigation steps that users and administrators can implement, if you believe your computer has been infected with CryptoLocker malware:

• Immediately disconnect the infected system from the wireless or wired network. This may prevent the malware from further encrypting any more files on the network
• Users who are infected should change all passwords AFTER removing the malware from their system
• Users who are infected with the malware should consult with a reputable security expert to assist in removing the malware, or users can retrieve encrypted files by the following methods:
• Restore from backup,
• Restore from a shadow copy or
• Perform a system restore.

References

• CryptoLocker Virus: New Malware Holds Computers For Ransom, Demands $300 Within 100 Hours And Threatens To Encrypt Hard Drive
• CryptoLocker Wants Your Money!
• CryptoLocker ransomware – see how it works, learn about prevention, cleanup and recovery
• Microsoft Support – Description of the Software Restriction Policies in Windows XP
• Microsoft Software Restriction Policies Technical Reference – How Software Restriction Policies Work
• CryptoLocker Ransomware Information Guide and FAQ

Revision History

• November 5, 2013: Initial Release
• November 13, 2013: Update to Systems Affected (inclusion of Windows 8)
• November 15, 2013: Updates to Impact and Prevention sections.

Ian's Vulcan Pale Ale

Another non-technology blog, but hey I own this space so I guess it's ok.

Ok it's been just over a month since my brother was stolen from me and our family. This afternoon as I stacked the garage fridge for Sunday football I stumbled upon this one lone "Vulcan Pale Ale" that had been brewed especially for me by Ian a couple of years ago. Of the 24 he brewed I had been saving several bottles just because I loved the special labeling he made for me. Now I have less then 6 left and I know I want to sit outside on new years eve, as midnight approaches and sit quietly alone while I open one, look at the moon and stars and think of my little brother who is now part of the universe and who someday, I am not sure when, I will be with again.

Miss You Ian. Sundays and every other day are simply not the same down here....

WC Tech Blog Available on Flipboard

The West Chester Technology Blog is now on Flipboard. If you are not familure with Flipboard it is a great news gatrhering application (reader) which is available on Apple, Android and Windows devices. With Flipboard you can easily create customized news magazines for countless topics. So let's say you are interested in Astronomy. With Flipboard you can read all the latest articles posted on the internet in a magazine style layout.

There are also "out of the box", or previously created Flipboard "magazines" available like "CNN", "ESPN" and now I am proud to announce, The "West Chester Technology Blog".

You can check out the West Chester Technology Blog on Flipboard here.

You can download Flipboard on any of your mobile devices. There are 2 reasons to give it a try if you don't already use it. One is that it is "free" and the second is that this fine blog is available through it as well.

Time Traveling with Windows

In November of 1983 Bill Gates officially announced Windows 1.0. The operating system would not launch until two years later, but that marked the beginning of Windows. This was the start of modern desktop computing and one that is only now beginning to see major shifts in what we expect from our computers. Getting back to Windows in the 30 years since that day we have seen the operating system undergo many different changes, in both design and functionality. Here is a timeline of Windows through the years. Do you remember all of these variations?

Windows 1.0

Windows 1.0 was released on November 20, 1985. It was Microsoft’s first attempt at a multi-tasking graphical user interface-based OS on the PC platform. The shell of Windows 1.0 was MS-DOS. Some popular apps in 1.0 included Calculator, Calendar, Cardfile, Clipboard viewer, Clock, Control Panel, Notepad, Paint, Reversi, Terminal and Write.

Windows 2.0

Windows 2.0 was released in December of 1987. With several improvements to the UI, including the ability to overlap windows, it became more popular than Windows 1.0. The overlapping feature led to Apple filing a suit against Microsoft for copyright infringement.

Windows 3.0

Windows 3.0 was released in 1990. it featured a more refined UI and improved design thanks to virtual memory and device drivers. Windows 3.0 was the first big success from Microsoft. It sold 2 million copies in the first six months. This was also the first version of Windows to include Solitaire.

Windows 95

Windows 95 was released on August 24, 1995. This was the first version of Windows to have the now famous “Start Menu.” The taskbar and Windows Explorer were also introduced in Windows 95. Thanks to its redesigned interface and new Start Menu Windows 95 became a huge success.

Windows 98

On June 25, 1998 Microsoft released Windows 98. Visually it looks very similar to 95, but with some important under the hood improvements. USB devices and multi-monitor configurations were supported for the first time.

Windows ME

On September 14, 2000 Microsoft released Windows ME (Millennium Edition). This was the last version of Windows to be based off of MS-DOS. it added UI enhancements and faster boot times along with better multimedia support. ME is most known for being one of Microsoft’s worst releases due to a number of compatibility and stability problems.

Windows XP

Windows XP was released on October 25, 2001. It came with a brand new UI and many improvements thanks to no longer being DOS-based. This was the first version of Windows to be offered in multiple versions: Home and Professional. Windows XP may be Microsoft’s biggest success. There are many people who still use XP to this day, however it is being officially retired in April 2014 which means there will be no more updates, patches or support provided by Microsoft.

Windows Vista

Microsoft followed the success of Windows XP on January 30, 2007 with Windows Vista. it contained new features from a redesigned UI and particular attention to security features. Like Windows XP, it was available in multiple versions. Vista is infamous for being hated by consumers even after Microsoft made considerable improvements through updates.

Windows 7

After the disaster of Windows Vista it was time for Microsoft to go back to the drawing board. They ditched the frilly names and released Windows 7 on July 22, 2009. Windows 7 was more focused and minimal compared to the bloated Vista. Some of the big new features include an updated taskbar and better windows organization. Windows 7 was a big success.

Windows 8

On October 28, 2012 Microsoft released their most significant change to Windows. In Windows 8 Microsoft removed the famous Start Button and Start Menu in favor of a touch-friendly “Metro” interface. User reaction to Windows 8 was mixed at best, but slowly it has become adopted. With Windows 8 Microsoft is once again ahead of the times. Windows 8 works wonderfully on touch screens and tablets but struggles on non-touch computers.

I hope you enjoyed this time travel through the history of the most successful operation system ever created.

Disabled Services Trouble

Here is one last security tip in my security series of articles and I finish up on a sure sign of a malicious compromise.

If you notice that your antimalware software & antivirus software is disabled and you did not do it, you're probably exploited -- especially if you try to start Task Manager or Registry Editor and they still will not start and disappear, or start in a reduced state. This is very common for malware to do.

What to do: You should really perform a complete restore because there is no telling what has happened. But if you want to try something less drastic first, research the many methods on how to restore the lost functionality (any Internet search engine will return lots of results), then restart your computer in Safe Mode and start the hard work. I say "hard work" because usually it is not easy or quick. Often, I have to try a handful of different methods to find one that works. Precede restoring your software by getting rid of the malware program, using the methods listed above.

It is also likely it will be necessary to backup your data and re-format your computer.

First Service Call

This afternoon Mann Tech Services made their first service call. It was a great feeling to respond to someone's house and be able to help with their computer needs. Remember that Mann Tech Services is available for all of your technology needs including computer services, audio/video services and even help with your tablet and smartphone issues.

Service can always be requested on the right menu of this fine blog by submitting a work order.

For Example

• Thinking of buying a new computer, laptop or tablet and not sure which way to turn?
• Do you need help purchasing and installing a new home theater?
• Is your computer running so slow you are about to lose your mind?

We can help with these as well as many other technical issues including installation and setup services.

Any questions contact wmann@outlook.com.

The Windows Update Blues

OK so in the previous post I talked a little bit about Windows Update and how important it is that you have this setup properly in order to keep your PC up to date. In these times of trojans, worms, malware and viruses it is more important then ever before to keep your PC updated. However life is not perfect and neither are Microsoft's Windows Updates as I found out for myself this morning when I entered my office to see the following screen displayed.

Darn, I hadn't even turned my coffee pot on yet when I saw this!

Because I was aware that last night was "Patch Tuesday" for Microsoft I was certain that the update had gone horribly wrong and crashed my PC. Remember that I reported in the previous article the second Tuesday of each month is "Patch Tuesday" for Microsoft which means that these updates are usually automatically downloaded and installed if your PC is setup for this.

This does not usually happen, and it is no reason to not have these updates automatically downloaded on your PC, however once in a great the update will fail and depending on what was being updated at the time, damage can be caused to Windows. This was the case with my very own PC this morning.

What should you do if this happens to you?

First and most important do not panic.

• The first thing is simply trying to reboot the PC.
• The second thing to try is unplugging the PC for a moment or two, plug it back in and power it up.
• If these do not help try hitting F8 on boot to see if you can at least get the to configuration menu.
• Try the menu option, "Last Known Good Configuration".

Ok - now if this does not help your work is going to get a little more difficult. You need to check the hard drive for errors caused by the windows update errors. The best way to do this is to actually remove the hard drive from the computer and use a SATA/PATA/IDE Drive to USB adapter. By removing the drive and connecting it directly to another PC you can first make sure that your personal data is there and then you can check the disc for errors and repair any problems.

These adapter's can be found for under 20 dollars so it is good to always have one handy, just in case.

Once you have your hard drive plugged into another PC with the drive to USB adapter try the following:

• Open My Computer on your desktop.
• Right click on the drive letter that represents your malfunctioning hard drive. It will usually have a drive letter after your CDROM, something like E or F and so on.
• Select "properties".
• Select the "Tools" tab.
• Make sure the first check box "Automatically fix the system files" and select "Start".

This task may take 30 minutes or more to run depending on the size of your hard drive and the number of errors (if any) it needs to repair. Once completed try re-installing the hard drive into your PC and re-booting.

There is a very good chance this will repair the drive if it was indeed damaged by the failed Windows update. This is exactly how I was able to recover my PC from this very problem this morning and it only took me an hour or so.

If this does not work, well.... that's another story.

Getting to Know Windows Update



I have written here countless times how important it is to keep your computer up to date, both for security and performance issues. Microsoft is well aware of this and works to keep our computers up to date with "patches". Every second Tuesday of the month, Microsoft releases "patches" or "updates" for all of their operating systems. With Windows Update running on your PC these updates can, and should be scheduled to automatically download and install.

The one exception to this practice are servers which should have the "patches" and "updates" downloaded automatically however the installation of these changes should be manually completed by an IT professional on staff. However other then this situation it is almost always the best practice to have Windows Update running on your PC and scheduled to automatically download and install these updates.

You can check to make sure your PC is setup for this by:

1. Opening the Control Panel
2. Opening Windows Update
3. Open Change Settings
4. Make Sure "Install updates automatically (recommended) is selected.
5. Pick a time to install the new updates. I usually check 3am because in this manner I can be assured that while I am cozy and sleeping my computer is being updated by Microsoft.

By doing this you can be assured that your computer is up to date with Microsoft.

However, once in a great while this update can go horribly wrong as it did for me today, but that is a story for another day, or more likely my next post.

Microsoft's Malicious Tool Removal Tool

Did you know that Microsoft has a great "Malicious Software Removal Tool"? If you think your computer is effected with a bug check this site out as soon as you have run your antivirus software.

The Microsoft Windows Malicious Software Removal Tool helps remove malicious software from your computers that are running Windows 8, Windows Server 2012, Windows 7, Windows Vista, Windows Server 2003, Windows Server 2008, or Windows XP.

Microsoft releases a new version of the Microsoft Malicious Software Removal Tool every month. After you download the tool, the tool runs one time to check your computer for infection by specific prevalent malicious software (including Blaster, Sasser, and Mydoom) and helps remove any infection it finds.

This article contains information about how the tool differs from an antivirus product, how you can download and run the tool, and what happens when the tool finds malicious software on your computer. The advanced user section includes information for the IT administrator and additional information about how to manage and run the Malicious Software Removal Tool.  

You can download the Microsoft Windows Malicious Software Removal Tool here.

Avoid Playful Mice



If your mouse pointer moves itself while making selections that work, you've definitely been hacked. Mouse pointers often move randomly, usually due to hardware problems. But if the movements involve making the correct choices to run particular programs, malicious humans are somewhere involved.

Not as common as some of the other attacks and computer comprises I have previously written about however many hackers will break into a computer, wait for it to be idle for a long time (like after midnight), then try to steal your money. Hackers will break into bank accounts and transfer money, trade your stocks, and do all sorts of rogue actions, all designed to lighten your cash load.

What to do: If your computer "comes alive" one night, take a minute before turning it off to determine what the intruders are interested in. Don't let them rob you, but it will be useful to see what things they are looking at and trying to compromise. If you have a cellphone handy, take a few pictures to document their tasks. When it makes sense, power off the computer. Disconnect it from the network (or disable the wireless router) and call tech support.

Using another known good computer, immediately change all your other logon names and passwords. Check your bank account transaction histories, stock accounts, and so on. Consider paying for a credit-monitoring service. If you've been a victim of this attack, you have to take it seriously.

A complete restore of the computer is the only option you should choose for recovery. But if you've lost any money, make sure to let the forensics team/law enforcement make a copy first. If you've suffered a loss, call law enforcement and file a case. You will need this information to best recover your real money losses, if any.

The Mystery of Unwanted Programs

Unwanted and unexpected software installs are a big sign that your computer system has likely been hacked.

In the early days of malware, most programs were computer viruses, which work by modifying other legitimate programs. They did this to better hide themselves. For whatever reason, most malware programs these days are Trojans and worms, and they typically install themselves just like legitimate programs. This may be because their creators are trying to walk a very thin line when the courts catch up to them. They can attempt to say something like, "But we are a legitimate software company."

Very often the unwanted software is legally installed by other programs, so you must take the time to read your license agreements. Frequently, I see license agreements that plainly state that they will be installing one or more other programs. Most of the time you can opt out of these other installed programs; other times you can not. The programs that do not allow you to opt out of other software should not be installed.

What to do: There are many free programs that show you all your installed programs and let you selectively disable them. The hard part is determining what is and what is not legitimate. When in doubt, disable the unrecognized program, reboot the PC, and re-enable the program only if some needed functionality is no longer working.

Dealing with Fake Emails

Have you ever received suspicious emails from a friend? It's fairly common for our email friends to receive malicious emails from us. A decade ago, when email attachment viruses were all the rage, it was very common for malware programs to survey your email address book and send malicious emails to everyone in it.

These days it's more common for malicious emails to be sent to some of your friends, but not everyone in your email address book. If it's just a few friends and not everyone in your email list, then more than likely your computer has not been compromised (at least with an email address-hunting malware program). These days malware programs and hackers often pull email addresses and contact lists from social media sites, but doing so means obtaining a very incomplete list of your contacts' email addresses. Although not always the case, the bogus emails they send to your friends often don not have your email address as the sender. It may have your name, but not your correct email address. If this is the case, then usually your computer is safe.

What to do: If one or more friends reports receiving bogus emails claiming to be from you, do your due diligence and run a complete antivirus scan on your computer, followed by looking for unwanted installed programs and toolbars. Often it's nothing to worry about, but it can't hurt to do a little health check when this happens.

The Dangers of Useless Passwords

Despite the endless warnings, despite all the advice, despite the plethora of useful articles on the seriousness of passwords, it seems computer users everywhere just can’t help creating really useless passwords. Analysis of user passwords gathered from a recent Adobe attack reveal a Top 20 list full of easy-to-remember but equally easy-to-guess passwords, with “123456” topping the list.


The Adobe hack affected 38 million accounts, yes that's 38 million. The security breach actually hit more than 150 million accounts, though most are no longer used.

Adobe has changed the passwords on affected accounts and contacted users to let them know how to reset their account with a personally chosen password. It also instructed users to change their passwords on any other website where they may have used the same user ID and password as their Adobe account.

Now some of the stolen data has started to show up across the web, with Internet security researcher Jeremi Gosney uncovering a mass of passwords, despite the US software giant saying they were protected by encryption. However, an Adobe spokesperson said last week that up to now there have been no reports of suspicious activity on user accounts affected by the security breach.

Now that you know “123456” topped the list of 1.9 million passwords, perhaps you can guess what came in at number 2…..“123456789”. Number 3 will be enough to make any Web security advisor consider giving up the day job in despair: “password”.

Here are the rest of the top 20 most popular passwords gathered from the Adobe hack: adobe123 / 12345678 / qwerty / 1234567 / 111111 / photoshop / 123123 / 1234567890 / 000000 / abc123 / 1234 / adobe1 / macromedia / azerty / iloveyou / aaaaaa / 654321.

The thing is, if someone uses a number like “123456” for their password on one site, it’s a safe bet they use the same number on all the websites for which they have accounts, unless, of course, you keep all your passwords in a big red notebook with “MY PASSWORDS” written on the front. And those who have “adobe123″ as their password no doubt also use “facebook123”, “twitter123”….so you get the idea. Useless passwords only place your security in real jeopardy.

If you are curious and would like to check out the top 100 used passwords on Adobe click here.

Today you should use a password manager like LastPass to manage your accounts. There are many other programs and services that you can use to manage your passwords as well. Otherwise if you  use useless passwords (say that 10 times fast) you are really taking a security risk with your personal information.

The Pain of the Survivors

Brother.... my telescope awaits.

OK here we go with another non-tech blog post but for my own sanity I need to post this. However events like this demonstrate where technology truly stands in our lives. Technology is so very important today to how we live and carry out our daily lives. In fact, technology is what drives me in many ways.

However technology no matter how efficient and fun can not save any of us from what fate has in store for us. I learned this myself, for the first true time on October 4, 2013 when a drunk driver murdered my little brother.

Anyway the context behind this little post is just to say how much I miss Ian. We were 14 years apart in age and as a teenager I pretty much ignored him because I was so very busy. I am ashamed of myself for this. However when Ian turned into an adult he became so very important to me. Ian was always far right in his politics and later even trending towards right of the "tea party" while I was always an un-apologic Star Trek liberal. You must understand that our family is Republican in their thinking except for me and the family Kathy and I started way back in 1985. Ian had his own political opinions, and that was cool, and never bothered me at all. So this was OK and it never ever effected how much we loved each other. Other more important things like, music, sports and science were a cosmic connection for me an my brother which far our weighed silly politics.

Among the recent adventures together we recently went to see Roger Waters in concert and  toured the Yuengling Brewing Company (with dad) together. These in addition to our trips to the Rock 'n Roll and Football Hall of Fame are in the past with no future trips possible. Sadness surrounds what we could have done but also comforts me for what we have done together.

I have been dealing with sadness and pain in such a unknown manner these past couple of weeks that I am confused and a little scared. My body feels different. I don't sleep the same right now and even as I go through each day I feel different and a little more alone.

You are now part of the stars brother.

On the Sunday before Ian was murdered we stood on my deck, sharing a couple pints of our favorite beer, Victory Hop Devil and talked about Gage's experiences at cub scouts. Then we talked about my telescope and how Ian wanted to bring Gage to my house to look through it at the stars and moon. We settled on the next full moon when Ian would bring Gage over to learn about the telescope and astronomy with both of us. This conversation haunts and comforts me.

Then on that terrible day at the cemetery I stood outside of Ian's Jeep talking to Brianna and the children with the back open. There in the back where the rotors my brother had changed for me that previous Sunday. I had also give Ian a case of Hop Devil that day for his work. Another moment that will never pass for me. In fact I am haunted by these moments.

A couple of feelings I have grown accustomed to these past couple of weeks is grief and pain. They seem to never leave me. Now, if you know me you are aware that I have loved Star Trek my entire life and this terrible event has proven how grateful I am to have Trek in my life. Star Trek has always been, almost a family member to me since my earliest memories. For example as I have been struggling with this pain I keep thinking about Star Trek V: The Final Frontier. If you do not know of it - don't laugh.

It is in Star Trek V that Spock's estranged brother Sybok returns. Unlike the majority of Vulcans Sybok did not shun emotions and in fact turned to them. Sybok also believed he knew where GOD was so he used his Vulcan powers to reach into peoples minds to "release their pain" and in so doing do his band of supporters grew. Sybok's group of supporters grew and grew but he needed a starship to go where he thought GOD was. So of course in Hollywood style in decided on Spock's starship the USS Enterprise. Long story short.. Sybok finds a way to take over the Enterprise and most of it's crew, then he focus's on Kirk, Spock and McCoy. It is this scene that gives me a little comfort today. After "removing McCoy's and Spock's pain" Sybok turns to Kirk. The following scene plays out just after Sybok "removed" McCoy's pain. However as you can see, Kirk is having none of it.

 

 

As is usually the Case, Kirk is correct. We need our pain. I need my pain. For in it, my little brother will forever live in me. I accept it and take pride in it. Healing will take a very long time, but acceptance is the first step and from there we move on slowly and with humbleness. It is here that I find myself today.

Dealing With Redirected Internet Searches

Many hackers make their living by redirecting your browser somewhere other than you want to go. The hacker gets paid by getting your clicks to appear on someone else's website, often those who don't know that the clicks to their site are from malicious redirection.

You can often spot this type of malware by typing a few related, very common words (for example, "spaceship" or "baseball") into Internet search engines and checking to see whether the same websites appear in the results -- almost always with no actual relevance to your terms. Unfortunately, many of today's redirected Internet searches are well hidden from the user through use of additional proxies, so the bogus results are never returned to alert the user. In general, if you have bogus toolbar programs, you're also being redirected. Technical users who really want to confirm can sniff their own browser or network traffic. The traffic sent and returned will always be distinctly different on a compromised computer vs. an uncompromised computer.

What to do: Remove any browser toolbars you do not absolutely need. Usually removing the bogus toolbars and programs is enough to get rid of malicious redirection.

Unwanted Browser Toolbar Blues

Another quick security tip.

Here is yet another common sign of computer exploitation: Your browser has multiple new toolbars with names that seem to indicate the toolbar is supposed to help you. Unless you recognize the toolbar as coming from a very well-known vendor, it's time to get rid of the troubling toolbars.

What to do: Most browsers allow you to review installed and active toolbars. Remove any you didn't absolutely want to install. When in doubt, remove it. If the bogus toolbar isn't listed there or you can't easily remove it, see if your browser has an option to reset the browser back to its default settings.

I have actually worked on computes with this many toolbars installed!

You can usually avoid malicious toolbars by making sure that all your software is fully patched and by avoiding free software that installs these tool bars.

Another problem with too many internet toolbars is that is that the more you have, the slower your browsing experience will be. Personally I use NO toolbars.

Hint: Read the licensing agreement. Toolbar installs are often pointed out in the licensing agreements that most people don't read.

Fake Antivirus Got You Down?

It seems that almost weekly someone contacts me with the sad story that there computer is inundated with "security pop-up messages".

Here is a sample fake antivirus program.

Fake antivirus warning messages are among the surest signs that your system has been compromised. What most people don't realize is that by the time they see the fake antivirus warning, the damage has already been done. Clicking No or Cancel to stop the fake virus scan is too little, too late. The malicious software has already made use of unpatched software, often the Java Runtime Environment or an Adobe product, to completely exploit your system.

Why does the malicious program bother with the "antivirus warning"? This is because the fake scan, which always finds tons of "viruses," is a lure to buy their product. Clicking on the provided link sends you to a professional-looking website, complete with glowing letters of recommendation. There, they ask you for your credit card number and billing information. You'd be surprised how many people get tricked into providing personal financial information. The cyber criminals gain complete control of your system and get your credit card or banking information. For cyber criminals this is the Holy Grail of hacking.

What to do: As soon as you notice the fake antivirus warning message, power down your computer. If you need to save anything and can do it, do so. But the sooner you power off your computer, the better. Boot up the computer system in Safe Mode, No Networking, and try to uninstall the newly installed software (sometimes it can be uninstalled like a regular program). Either way, follow up by trying to restore your system to a state previous to the exploitation. If successful, test the computer in regular mode and make sure that the fake antivirus warnings are gone. Then follow up with a complete antivirus scan. Sometimes, the scanner will find other sneak remnants left behind.