Thursday, May 29, 2014

Think about security for your computers at home when you play on the road

This may not be a big deal, but I noticed a phishing attempt that can be troubling to travelers this weekend while on the road myself.  On Sunday, after being away a few days, I got an email (twice) claiming that my AOL account had been signed on from a different location.  Now maybe that was true, if I used a different IP address in a motel.  Or conceivably it could mean that a home laptop had been stolen and then logged on to. Fortunately, I could see I had gotten the eamil before, while at home, so that was pretty good evidencr that it was spam.
Nevertheless, a stolen laptop or tablet could jeopardize one's accounts with various vendors and providers.  It's a good idea to have two-step verification for sign on to important accounts and require password access to get on to all machines. Of course, simple pins (like for cell phones) and pw's can be broken by someone determined on ruin,
ABC News today reported on rapid advances in home security, which involve planting inconspicuous cameras around a home that will send cell phone video to a homeowner, even before a security company is notified of any intrusion.  
Home field advantage means something.  

Tuesday, May 20, 2014

FBI sting intercepts "creepware" or distribution of the "Blackshades" RAT

An FBI sting and series of raids has resulted in the arrest of over 90 people for disseminating the “Blackshades” RAT (remote access Trojan), which we associate with “creepware”, including the ability to watch people working on laptops through the camera.  
Dark Matter has the story here.  The malware is on a shelf for criminals to buy (a process Webroot has been documenting lately).  For $40, a criminal and Russia can unleash a “computer plague” of privacy invasion, according to a US Attorney.
Channel 4 in Jacksonville, FL produced a video on steps that home users should take, which sound rather extensive, like password changes every 30 days, and making separate hard drive backups, link here.  This report reports a connection to extortion and ransomware.
I do use Cloud backups (carbonite) which theorectically could be compromised.  But I also make multiple partial backups on thumb drives and store them in various physically separate places, including a safe deposit box.  There may be a security advantage in also using optical backup media, which would not be affected by electromagnetic pulse.    

Thursday, May 15, 2014

A note about Microsoft automatic updates (for security)

Here's something interesting I noticed yesterday when doing automated Windows updates on all three Windows laptops I have. Two of them had downloaded, one had installed.  I brought up a smaller travel notebook, and again Windows told me it had updates, about 65 meg worth.  But the download stayed at 0 transferred, until I restarted and completed the configuration of the updates installed on the second (the Window 8) machine.  Once the restart on the other machine and reconnection was complete, then the actual download in the third machine started.
Microsoft means it when it wants you to restart and complete the update process immediately.
The most recent update seems to have compromised the "File Explorer" in Windows 8 (I'm not sure about 8.1), causing drive letters not to appear.  You can get them back by right clicking and entering a different source under properties, as explained in this link.  I'm having trouble getting the Control Panel to display properly  I'm having trouble seeing the Control Panel, too, which I think has a similar fix.  And the thumbnails database which lets you preview your images no longer works.  I can still see all the images through Google, as when I bring up a drive in YouYube or Blogger.  

Saturday, May 03, 2014

Microsoft fixes security bug in Internet Explorer, at least for Windows 8

Microsoft has updated my Windows 8 computer with the required fix to the security memory caching vulnerability in Internet Explorer with KB2964358), as explained here. I'm waiting for the fix on my W7 machines, probably will see it happen today. 
Ironically, I see that the Control Center displayed this link in IE to me. 
It has also done a separate fix for IE Flash player, KB 2961887. For some reason, Windows player these days asks me to update with a new app and then doesn’t tell me what the app is. I have to load it to YouTube to view it, even if it is very trivial. 

By the way, “IE” also stands for “Information Expert”, a database reporter (from DB2, etc) in mainframe systems from Dun and Bradstreet popular in the 1990s.  

Update: later Saturday

Both Windows 7 machines updated IE automatically this afternoon; one of them even restarted itself before I had noticed it.