11/07/14

Permalink 07:58:00 pm by Eugene Gardner, Categories: Security

To avoid having your internet access restricted by protective mail servers and service providers, and also avoid the thieves and cyber scoundrels that are ever present but all the more difficult to handle when travelling, follow these suggestions.

Enable two factor authentication and test it on all web facing applications on all devices at least a week before you set out.  See my earlier post on this. 

Don't do anything on public Wi-Fi that you wouldn't want posted on a roadside billboard.  Sometimes that's not an option though so install a virtual private network that will create an encrypted tunnel to your home provider.  My favourite is http://www.cyberghostvpn.com but others such as https://www.privateinternetaccess.com are sound.

Assume your device (phone, tablet, laptop...) will be stolen.  Encrypt the entire disk with BitLocker or  https://diskcryptor.net  if running Windows or FileVault for OS X or LUKS for Linux distros.  Android and IOS have similar apps.

Remember to pack a Kensington lock to physically tie down your device and install Prey or Find My Mac to enable you to alarm, lock, destroy, photo the thief, or use GPS tracking.

General good practices such as logging out of each service before closing the window and using unique strong passwords should be part of SOPs but are especially necessary when on the move.  

Similarly, shelter your screen and keyboard from overlookers both in person and via CCTV.  And it should go without saying that a paid for updated firewall and virus protection suite are essential.

Finally, social networks are fun but if you post a picture from overseas you may as well broadcast to local villians that you are not at home.  Be circumspect with the information you publish.

10/07/14

Permalink 04:01:00 pm by Eugene Gardner, Categories: General, Articles

I'm sometimes asked why a client's messages are rejected or bounced by one or two recipients.

We all have an address on the internet ? that is how an email message knows where to go.? The problem is that when a suspected spammer or other person with nefarious intent has been traced back to his address, that address gets blacklisted on several lists to prevent more spam being sent. ? A selection of these blacklists are checked my most email providers to ensure they are not responsible?for propagating rubbish.

?Because there are more potentially internet connectable devices in the world than available addresses stale connections are dropped and when a new connection is requested a new address gets allocated.? You have been unfortunate to have picked up the address that the bad person used.

?There are ways of having it removed from the various blacklists but the time and effort involved is far more than the alternative method of resolution.? Visit ?http://www.whatsmyip.org/? and make a note of the IP address on the top line.? Now power off your computer and any other internet connected devices including the router.?? Count to 10 then power up the router.? After a minute power up your computer and any other devices you want.? Now visit ?http://www.whatsmyip.org/? and see if your IP address has changed.? If so, send you email again and expect it to arrive.? If the address is the same, go through the above process again but wait much longer before powering up the router - overnight perhaps.

The above works for the 95% of people who have dynamic IP addresses allocated by their ISP. ?If you have a static IP address (usually?bought if you are a business hosting a server) then the above won't work; in that case you need to either get a new IP address issued by contacting your provider, or go through the process of proving to all the blacklist owners that you are not a bad person.

05/07/14

Permalink 07:57:00 pm by Eugene Gardner, Categories: Security, General, Articles

Contrary to all the advice that I and others have given to keep passwords secret, there is one occasion where it can help to have a trusted friend with knowledge.  I recently received an email purporting to come from a client as follows:

 I'm writing this with tears in my eyes, I and my family presently on a short trip to Rome, Italy. Unfortunately, I was robbed in the hotel I booked, all my valuables which includes cash, mobile phones were stolen during the attack but luckily I still have my passport with me.

 I've been to the Embassy and the Police here but they are not taking the matter seriously. Please, I really need your financial assistance now because things are really getting tough on me here. Our flight leaves in few hours from now but we're having problems settling the hotel bills and the hotel manager won't let us leave until we settle the bills. Please, let me know if you can help us out?

Well I've received scores of identical messages in the past so I was in no doubt that the client's email password had been aquired by a bad person.  I played along for a time by offering to help - until such time as I was instructed to make a (non-traceable) payment of £870 to a Western Union (spurious) address. 

I wanted to protect my client from further misuse of their account but I could not reach him by phone.  Clearly there was no point sending an email as they were being forwarded elsewhere.  In this case, had I known the password I could have changed it and saved my client a little distress.

Unfortunately the password was not only 'protecting' the stolen Yahoo account, but it was identical to several others including the website from wence it was hacked.  All of these had to be painstakingly changed.  You may be assured that this client now heeds the age old advice to maintain a password manager and use long, complext and unique passwords.  In fact I think he has enabled two factor authentication too. Unfortunately many of his messages and contact list were deleted and not backed up.

07/06/14

Permalink 07:45:00 pm by Eugene Gardner, Categories: Security, Articles

The golden rule is to assume that your Facebook (and other) accounts will be broken into one day.  Your next potential employer or your ex-spouse's lawyer will be pouring over it.  Don't ever publish anything you would object to being posted on a bill board outside your house.

If you look hard enough, Facebook does offer plenty of controls to guard against your details being harvested by the bad folks.  Security settings and their defaults do get changed though, so it's a good idea to revisit this periodically.  To save some time looking for the key components, here are some suggestions.  

  1. Setup login notifications.  This will alert you when the account is accesed from an unknown device.  Down arrow > Settings > Security > Login notifications.

  2. Use two factor authentication.  Each time you access FB from a previously unused browser or computer your phone will be sent a verification code.  Down arrow > Settings > Security > Login Approvals.

  3.  Limit timeline post access to your friends.  a) future posts:  Click the padlock icon top right > Who can see my stuff > Friends.   b) previous posts.  Down arrow > Settings > Privacy > Who can see my stuff > limit past posts.

  4.  Lock down who can contact you.   Click the padlock icon top right > Who can contact me > Strict Filtering.

  5. Prevent successfull searches based on your email address.   Settings > Security > Privacy > Who can look me up > Friends.

Please add a comment if you think this post can be improved.

24/05/14

Permalink 07:52:00 pm by Eugene Gardner, Categories: Security, General

The currently most frequent ailment I encounter is computer speed restriction.  This is most often caused by the owner downloading – perhaps inadvertently – programs that are bundled with something else.  The problem often starts with a new off-the-shelf computer; they are almost all stuffed with unwanted commercial software trials that purport to add value to your purchase.  By coincidence they also boost the seller’s profits through partnership deals.

Another common route of entry is for the parasitic software to come bundled with the desirable.  Acrobat Reader is a good example: search Google for a download location and several sites are presented, all of which come with a payload of partner products. Even Adobe’s own download contains McAfee Security Scan unless you opt out; so it is essential to read through any windows that appear to ensure you are not acceding to install potentially dangerous and unwanted software such as search toolbars or worse, malware ridden scams.   

If you do get caught there are some automated tools that can help rid you of many problems.  Try the following in order and stop as soon as the problem is resolved as these get more aggressive further down the list.  I recommend taking a full image backup first in case things go from bad to worse.

  1. Adwcleaner removes adware, browser hijackers & toolbars. Free from
    https://toolslib.net/downloads/viewdownload/1-adwcleaner/
  2. DeCrapifier uninstalls known rubbish.  http://pcdecrapifier.com/ 
  3. Junkware Removal Tool deals with the common Ask, Babylon, Conduit, & MyWebSearch infections.  Disconnect form Internet & pause regular virus scanners before running this. Be prepared to reinstall Chrome after.  Free from
    http://www.bleepingcomputer.com/download/junkware-removal-tool/
  4. RogueKiller  will stop suspect processes, services, DLL registrations, repair HOSTS and master boot records.  Best to make a system restore point before running this one.  Free from
    http://www.adlice.com/softwares/roguekiller/

All the above run in under 10 minutes as they target specific problems.  For complete scans of the disk taking up to an hour to remove malware consider the free
http://www.malwarebytes.org/mbam.php  and
http://www.superantispyware.com/index.html

Irrespective of what’s discussed above it is essential to install a paid for Internet security suite.  And more than that, make sure all programs including Windows itself are kept at the latest versions.  This can be eased by running a free version checker such as
http://www.filehippo.com/updatechecker

15/05/14

Permalink 03:44:00 pm by Eugene Gardner, Categories: Security, Anti-Virus

Each year in the Autumn I review the comparative group tests of the major labs to glean the consensus of the ‘best’ security product.  That is the one I buy many licenses of at wholesale prices and recommend to anyone who’ll listen.

The labs I generally look at are

No one lab will give the definitive best product as they

  • test different products - there are scores of anti-virus products available so each lab can only test a sub-set
  • use different test environments - some test with viruses captured ‘in the wild’ while others roll their own bespoke test suites; some test on multiple platforms others just one version of Windows
  • report results differently - some score 1-5 stars, others use 3 or more groups of words, others just award a pass/fail; so comparing one set of results with another is not straight forward
  • record different capabilities - examples of capabilities that are measured are detection, prevention, cleanup, usability, cost, false positives, extra features, and performance
  • test different catagories of malware - all will test trojans and worms but not all test keyloggers, screengrabbers, zero-day exploits…

So I look at all and form my own opinion based on the consensus.  Although all the labs are independent, some are commissioned to conduct tests by one of the anti-virus companies and those companies usually get a good score.  This is not because of anything underhand but shows that the issues found have been corrected.  As long as the reader is aware of this it is not a problem as the other products are tested on a level playing field.

I read through many reports and assess the value of the most recent evaluations.  I then form an almost subjective opinion based on objective criteria.   

10/05/14

Permalink 09:51:00 pm by Eugene Gardner, Categories: General, Articles

When a phone or broadband fault takes longer than expected to resolve it is tempting to think a move to BT for phone or Internet Service provision would speed future problem resolution.  The assumption being that being members of the same Group, BT Openreach would give priority to BT Retail.  However, were this to happen an unfair commercial advantage would be enjoyed and so there are statutory rules in place to ensure this does not happen.

The Openreach policy that explicitly addresses the area of concern is at
http://www.openreach.co.uk/orpg/home/aboutus/equivalence/yourquestions/yourquestions.do#2

2 Does BT Retail get priority return to service in the event of cable breakdowns or service interruptions?
No. Openreach must recover any cable breakdown or service interruption on a reasonable endeavours basis. This means that whatever can be restored first, must be, regardless of which CP [communications provider] is involved. We don't prioritise other BT lines of business in any recovery. To do so would be a breach of the Undertakings.”

“5 Does Openreach give any priority on Appointment Books?
No. Our appointment books are open for all CPs to book provision activities.

The statutory rules are enshrined in Undertakings that BT gave to Ofcom as stipulated in the Enterprise Act of 2002.  The legal document that records this is viewable at
http://stakeholders.ofcom.org.uk/telecoms/policy/bt-undertakings/

These Undertakings establish an independent Equality of Access Office to oversee all aspects of the relationship between different arms of the BT Group.  They are also responsible for investigating complaints of non-compliance with the Undertakings. 

Complaints of malpractice (guidelines here) may be made by communications providers on receipt of a complaint by end users (you and me).  So if you have a grievance the first people to complain to are your phone or Internet service provider.  If you remain unsatisfied then you can request a ‘deadlock letter’ which enables you to progress your problem to resolution.  This is explained on the Ofcom website at
http://consumers.ofcom.org.uk/tell-us/telecoms/service-problems/

Because of these formal procedures it is hard to believe that BT would - even informally - be foolish enough to open themselves to litigation by the regulator and exposure in the press just to favour another arm of their Group.

It should also be noted that whichever ISP is chosen to andminister the line, the hardware will almost invariably be the same and the engineers who address problems would also be the same.  The difference between ISPs is just price and customer service - the technical aspects are unrelated to choise of provider.

:: Next >>

Click here to return to the 1ComputerCare home page.

This is designed to supersede the newsletters that I just don't have time to produce to the standard I would want any more. Please register so that you may read and leave comments and subscribe to have posts automatically e-mailed to you.

Comments and suggestions are always welcome.

Search

July 2014
Mon Tue Wed Thu Fri Sat Sun
 << <   > >>
  1 2 3 4 5 6
7 8 9 10 11 12 13
14 15 16 17 18 19 20
21 22 23 24 25 26 27
28 29 30 31      

Contents

XML Feeds

blog soft