NOTE: I will be adding additionals tips and noteworthy items here from time to time. Also expect to see changes in format and where this information may get placed. As I add more information, I will be looking for better ways to make it available. Thank you for visiting my site.
The Java Threat
By now most of you have read that the Department of Homeland Defense recommends uninstalling or disabling Java due to a huge security risk where hackers can gain access to your computer. Here are some pointers?
What is Java?
Java is a programming language (originally developed by Sun and now owned by Oracle) still used by some web sites that can allow you to interact with certain web sites. It may be animations, pictures, ads, online games, internet chat, etc. Java is not to be confused with Java Script which is another programming language, which can also be used to attack your computer, but is much less a security risk than Java.
While Java used to be prevalent everywhere, most sites no longer use it. I have read that Java is likely responsible for 50% of all computer infections. You merely have to go to a web site that uses Java where an attacker has infected the site and your computer becomes infected. This often happens regardless of what anti-virus program you are using.
What can I do?
The problem with fully uninstalling Java is that a few programs and a few sites including banking sites (shame on those banks) still use it. However, my recommendation would be to first uninstall all versions of Java by going to add/remove programs under the Control Panel. In Vista you may have to look under “Programs and Features.” Does everything still work fine after the uninstall? If it does, you are almost in the clear. Just to make sure, go to your browser and make sure the Java plug-in is no longer present. If it still is, you will need to disable it. The instructions below tell you how to do this.
On the other hand, if you have a program on your computer that currently needs Java such as GoToMyPC, you can go to www.Java.com and download the latest version. Then go the Control Panel and click on the Java icon. If you are in Category view, you may have to switch to Classic View in XP or Vista and to “small” or “large” icons view in Windows 7/8 (top right of the Control Panel) in order to see it. Once the Java Control Panel has opened, go to the Security Tab and uncheck “enable Java content in the browser.” This will disable it in all browsers at once.
Finally, should you discover that you do need Java for a particular website(s), then recheck the box under the Security tab in the Java Control panel and again use the instructions below to make sure Java is disabled in all your web browsers but one. Use that browser only for going to the website that requires it and do the rest of your internet surfing on one of the other browsers.
More recently I have read that if Java is needed on a computer, disabling the Internet Explorer Java add-on/plug-in may actually still not be enough. Apparently there are 800 possible entry points in which Java can be exploited in Internet Explorer. Since the process is quite convoluted to make sure Internet Explorer is made Java safe, I would make this recommendation. If you discover that you must have Java for a particular web site, make sure you install Google Chrome or Mozilla Firefox and use one of them as your primary browser and only use Internet Explorer (with the Java add-on enabled) to access that critical web site. Do not use Internet Explorer with Java enabled for general web surfing. I repeat DO NOT use it for general web surfing -- only for the website that actually requires Java. And remember, if by some chance a hacker has infected that very site, your computer may get infected. How large is this threat? The truthful answer is I don’t know. But since DHS thinks it’s a big problem and I have read that it could take Oracle two years to fix all the security holes in Java, it may be best to operate on the safe side.
Again, the good news is that most everyone will be able to uninstall Java without any issues, but if you do have issues, you now know what to do.
How to individually disable the Java Plug-in in these browsers:
Internet Explorer (Remember this remedy may not be sufficient for Internet Explorer. Please see my recommendation above.)
- Click on the Tools dropdown menu, then Manage Add-ons.
- Find the Java Plug-in under Toolbars and Extensions (it's listed under Oracle America), highlight it and click Disable.
- Click on the Chrome menu, and then select Settings
- At the bottom of Settings window, click Show advanced settings
- Scroll down to the Privacy section and click on Content Settings
- In the Content Settings panel, scroll to the Plug-ins section and click Disable individual plug-ins.
- Find the Java plugin and click Disable
- Click on the Firefox tab and then select Add-ons
- Select Plugins, find "Java (TM) Platform plugin" and click Disable (a of 1/11/13, Firefox has automatically disabled the Java plugin, but you should check to verify this has been done for your browser).
- Choose Safari Preferences
- Choose the Security option and uncheck Enable Java
- Enter "about:config" in the address bar without the quotes.
- Click the Java heading to expand that section; un-check the checkbox.
- Then click the Save button.
Yahoo Security Breach Update:
Update: Yahoo Security Breach now includes to a lesser extent GMail, AOL, Comcast, MSN, SBC Global, Verizon, BellSouth and Live.com users. If you are a Gmail user and were impacted by this, Google changed your password for you and contacted you. For more detailed information: http://bits.blogs.nytimes.com/2012/07/12/yahoo-breach-extends-beyond-yahoo-to-gmail-hotmail-aol-users/ ; http://www.bizjournals.com/boston/news/2012/07/12/yahoo-breach-gmail-hotmail-aol.html
Yahoo Security Breach: 450,000 User Passwords Compromised
For the last year or so I have had more than several cases where clients with Yahoo email accounts have had their passwords compromized and then spam emails went out to those in their address books. Recipients thought they were receiving emails from their friends or business associates. What a surprise!
Basically I had clients run a scan on their computers to make sure there was not a worm-based infection. Then the next step was to change their passwords. If that failed to resolve the problem, closing the email account and opening a new one was the only solution.
Now we have this new security breach. For those of you who use Yahoo for your email, I would recommend immediately changing your password. Please, use a complex password, write it down and store it where only you can easily find it.
To read more on this security breach click on these links: http://www.zdnet.com/450000-user-passwords-leaked-in-yahoo-breach-7000000772/
Remember: Your own common sense is your best self-defense.
Microsoft Is Going to Kill Windows Gadgets Along with the Sidebar
This notice only applies to users of Windows Vista and Windows Home 7.
Well it had to happen eventually. Hackers have learned how to exploit weaknesses in Windows Gadgets in the Sidebar. As a result Microsoft will shortly be killing off the Windows Gadget platform along with the Sidebar after discovering there are seriious security vulnerabilities. For more information follow this link: http://www.zdnet.com/security-flaws-signal-early-death-of-windows-gadgets-7000000724/ .
The above article is somewhat technical but what it means is that if you have been accustom to using the Windows Sidebar on your Desktop Display (typically on the right) with a clock showing, pictures streaming, Newsfeed, Weather/Temperature, etc. Then Microsoft wants you to know that these have become sources of attack for a would-be hacker.
Microsoft's explanation may be found here: http://technet.microsoft.com/en-us/security/advisory/2719662
If you would like to minimize your risk of infection and you are willing to disable the siderbar, you have but to go to this link: http://support.microsoft.com/kb/2719662 . Scroll down the page and click on the Fixit icon under "Disable". You will then need to restart your computer. After reboot your Sidebar should be gone and you will see a popup window that says something like "Desktop Gadgets are controlled by System Administrator." Simply close this window and you should be done.
Windows 8 - Time For a Moment of Lucidity
Windows 8 is the new operating system that will be released from Microsoft this fall to replace Windows 7 on all new computers. There will be a lot of fanfare coming from Microsoft and buzz about the new Microsoft "Surface" tablets. The fanfare is mostly from Microsoft and not technical pundits.
With every new release of a Microsoft Operating System, I invariably get asked, "Do I need to upgrade or buy a new PC?" My response to that (unless the PC’s age or problems warrant replacement) has always been, “Does your current computer do everything you need it to do?” If it does, then there is no pressing reason to upgrade. This advice is particularly true for the new Windows 8 Operating System.
With all the marketing you will undoubtedIy see, I hope to offer a moment of clarity. I have used every variation of the Microsoft operating systems for PCs since DOS. Only now do I find myself doing a little bit of head scratching. Most of everything you’ve ever learned about how to navigate in the Windows environment is no longer applicable in Windows 8. Why has Microsoft done this when it knows (or should know) that most people don’t like change and particularly drastic change. The answer is somewhat involved, but I’ll try to be as succinct as possible. There is method to what appears on the "Surface" (pun intended) to be madness.
In my opinion, Microsoft desperately wants to compete in the smart phone and tablet market. The truth be told – long before Apple came out with the ipad, Microsoft had introduced a tablet notebook. It was ahead of its time but not well-received by the masses and essentially dropped. With Apple’s and Google Android’s great success in the smart phone/tablet market Microsoft now wants a piece of that pie. But how do they play catch up?
The strategy appears to be to create a new Windows Operating System that uses essentially the same user interface across platforms (i.e. desktop, laptop, tablet and phone). If users learn Windows 8 on desktops and laptops, they will be able to use the same on other devices and therefore be more likely to purchase a Windows 8 based phone or tablet. After all, why would you want to spend all your time and energy learning several different operating systems for each of these devices when one will do? Strategically this sounds like a great idea and might actually work.
Tablets and smart phones use touch. Desktop PCs and laptops typically use keyboards and mice. Windows 8 uses an interface called “Metro” and is designed for touch screens. The desktop background is comprised of individual "Tiles". You click each Tile respectively for Mail, Internet Explorer, Music, Pictures, etc. According to all reports it works great on tablets/phones. However, it is cumbersome or at least inelegant when using it with a keyboard and mouse. Even if you should get a new computer that has a built-in touch screen, touch is still not practical when you are trying to do creative work like writing email, homework, spreadsheets, and other documents. Please note that touching a screen on a smart phone or tablet is easy, quick and the distance short. Constantly reaching across a computer keyboard to perform such functions is not. The keyboard and mouse are faster for navigating on PC/laptop devices and that's where the Metro interface is not as pleasant.
Consider also that "consumption" (playing videos, music, and reading emails) is not the same as "creation". Therefore, tablets are primarily designed for "consumption" (entertainment) and not "creation" (getting work done). Creation is where PCs/laptops shine and this is where Metro appears to fall short. You can still do the work. It just takes a few more steps and feels clunkier. It's hard to believe that Microsoft will be able to resolve this by this fall, if ever. They are trying to marry two different interfaces, "touch" vs "keyboard and mouse". The former works better on tablets/phones and the latter works better for traditional work computers. If Microsoft can't overcome this conundrum, I believe most businesses will elect to stay with Windows 7 and hope for better in a Windows 9.
For desktops and laptops what Microsoft has essentially done is bolted on the Metro Interface on top of the Windows 7 OS. The good folks from Redmond (Microsoft) have currently stated that they will not be providing a way for you to disable the Metro interface and though there is a Tile for the traditional Desktop that you are familiar with, Microsoft has removed the Start Button where you’ve always gone to access your Programs. There have been numerous complaints about this and it’s possible that Microsoft could give us the Start Button back in the final release, but it does not appear to be their intention. After all, they want you to learn the Metro interface; so that you will then know how to use their tablets and phones.
The new operating system will have even greater system stability, greater security, touch input, better overlap for applications to share data, and integrated cloud sharing. Now I often get asked what is the Cloud. The Cloud is nothing more than your data being securely stored on another company’s server (computer). This occurs whether you are using Dropbox, Sugarsync, Amazon’s Cloud, Google Cloud etc. However, with the new Windows 8, Microsoft will bring this to a whole new level with you easily being able to access your data across multiple devices. If a hard drive dies on your laptop, but its data is also shared over the cloud, your data won’t be lost. There is a limitation though. Cloud storage is only free to a point and then it costs $$$ to store large amounts of data.
Should You Upgrade:
If you are a computer geek who must have the latest of everything and you love learning new things, and you don't mind being an early adopter by all means, yes.
If you are like most users, who don’t like a lot of change and just want to get things done, I’d recommend a wait and see approach.
The bottom line is to do your homework. Don't just buy the new operating system sight unseen and then think you'll just jump right in and start using it.
My comments here have only touched the tip of the iceberg relative to Windows 8. I did not even go into details that there is going to be both Windows 8 Pro and Window 8 RT (for tablet and phone devices using ARM processors). There are differences in these operating systems. The primary one being that Windows 8 Pro can use legacy applications like Office 2003 that worked on XP where they will not work on the RT version.
As you can see there is homework to be done. Do a Google Search on "Windows 8 tutorials". Do a search on YouTube and search for "Windows 8" there as well. Learn all that you can and make an informed decision.
If you want to stay with the tried and true; you don't like a lot of change; and you think you may shortly be in the market for a new computer, I would consider buying one now while you definitely can still get Windows 7. If you’ve been using XP, there will be some new things to learn, but nothing like you will experience with Windows 8. Don’t forget that Microsoft will cease to support the XP operating system with any updates after April 8, 2014. While there is a possibility that Microsoft might allow manufacturers to still offer Windows 7 after the release of Windows 8, I have not been able to find any guarantee of this. Microsoft generally follows the money; so if a significant portion of the public isn't buying Windows 8, they may still allow Windows 7 to be sold for a while, but why gamble.
With technology things invariably change. Indeed, they have to change and Windows 8 may likely be the next step in that evolution. Time will tell. Whether you jump on board or not entirely depends on you.
Disclaimer: The information and recommendations I have made are based on current information available to me and will evolve as Microsoft itself releases new information.
Danger, Will Robinson, Danger!! It's RANSOMWARE!!!
This was the warning from Robot on Lost In Space and in the case of this new infection it is quite appropriate for everyone. What should you be afraid of? Ransomware. This is perhaps the cruelist of all infections. Allow me to share a very recent story:
I am called in to assist a client who can no longer access her data. When she trys to click on a document, the following message pops up in a separate window: "Your files was blocked because of copyright violation, you can't access your files. Please visit sopacrystal.com for more information and follow step by step instructions." It then has a four line key code below it. The poor grammar using "was" is the first tip off that this is not from someone fluent in English.
For those who may recall SOPA stands for Stop Online Piracy Act. This is one of the bills that had been considered by Congress earlier this year. The hacker pretends to be a U.S. government agency out to make you pay for copyright infringement. The hacker's server, however, is not based in the U. S. but in Russia. When you go to the site, you have the option to click on one of two legal payment services, where you can pay the ransom of $130. Then you are told to wait patiently for the decrypting tool to be sent to you. The problem is that it will never come.
I requested GFI Laboratories, the makers of Vipre Security, to remote into this computer to see if they could get anything useful in order to create a defense. I don't believe they we're able to find everything they needed as the hacker's delivery system is removed right after encypting the documents. Since the decrypting key is held, in this case, by sopacrystal.com, there is no way to decrypt the files except through them. They're not, however, going to provide that to you regardless of how many times you pay them because they are not going to provide additional tracks that may help lead back to them.
My client's PC (minus some needed maintenance) is perfectly usable. The documents, however, though present will never be accessible.
The sad fact is that the client could have avoided this infection had Java been updated and the old versions removed. An older insecure version of Java was the attack vector used by the hacker. The Java update icon was even present in the System Tray, but it had not been clicked on to perform the update. Additionally, had a current form of back-up been made, this would not be such a tale of woe.
Again, this type of attack is what we call, "Ransomware." Let's do a quick recap:
- What does Ransomware do? Well it encrypts all of your documents (or the Master Boot Record of the hard drive) with 256 bit encryption and then demands that you pay a ransom to get your files decrypted so that you can access them again.
- What happens after you pay the ransom? Nothing. That's right, nothing. They never send you any tools to decrypt the data that they so ruthlessly take from you.
- Is there any other way to get your data back? No. Short of having a government super computer and waiting months or years to break the encryption, your data is just plain irretrievable.
- Now what can you do?
- Perform all the Windows Security Updates as they come to you. With the XP operating system, this is a little yellow shield that appears in the lower right hand System Tray. With Vista and Windows 7 it will appear as a kind of aqua green icon with a gold Saturn-like ring.
- Keep Adobe Reader, Flash Player, and Oracle Java updated. Java usually appears as an "orange icon with a tea cup" in the System Tray. And MAKE SURE there are no older versions installed by checking Add/Remove Programs.
- If you have iTunes, you will most likely also have installed Safari and Quicktime. All of these must be kept up-to-date as they are sources for infection since security weaknesses are found in the older versions and can be exploited.
- Please, please, PLEASE !!! have some method of backing up the data that is important to you either by manually copying your data to a USB Flash Drive or better yet using a "Clickfree" external back-up hard drive which will automatically back-up all your data files. You may certainly use other brands, but Clickfree drives make this the easiest in my opinion. Better yet, if you have Windows 7, you can make backup images of your entire hard drive for restoration when needed.
MAJOR FACEBOOK VIRUS!
I thought this was a very interesting article and worthy of note. It's somewhat technical, but read it to get the overall thrust and then comeback here and finish my thoughts.
The TechRepublic article makes use of the word, "Bot." It's meaning is discussed under my PC Services > Malware link on this site. What most customers don't realize is that bots very often escape Anti-virus shields and scans all the time. Now I personally shop and bank online. I know how to protect my computer. But for the average client the potential for identity theft and subsequent recovery costs should be a real concern, not to mention the cost of cleaning the PC? Since all of us use the internet, we need to take certain precautions. The internet is now a mine field and the idea that using an Apple MAC or Linux machine makes you entirely immune is nonsense. In fact, I predict that Apple products will become under ever increasing threats due to the popularity of the iPhones and iPads. Android phones are also no exception.
While there are many tips that can be offered, I am only going to concentrate here on a rather extreme recommentation. I am often asked by clients how they can be 100 percent safe doing online banking.Outside of the normal counsel about unique passwords for every site, I give them this extreme recommendation.
1. Nothing is ever 100% safe.
2. Pick out a single clean PC dedicated only for online banking and/or bill paying.
3. NEVER use this PC for any internet browsing or for checking email.
4. If you use a USB drive, it can only be used on this PC alone. Do not bring those used on other PCs to this computer.
5. Don't share this PC on your network.
6. Due to router hijacking (particularly Linksys, Belkin, and Netgear) make sure your router admin password is strong and not using the manufacturer's default. Some routers have been hijacked and reroute your internet surfing through the hacker's servers.
Yes, this is extreme, but I actually have a few clients, who are doing this. Their other PC's may get infected, but at least this PC should be safe. The operative words of course are "should be."
Identity Theft is now big business and victims are growing. You only have to be a victim once to wish you'd protected yourself.
Now back to the primary article. Facebook is extremely popular. That's why hackers go after it. It's a great return for their investment. I won't tell you not to use Facebook, but let's get real. You know that it's a major risk for infection. Playing Facebook games, clicking on the advertisements on the right, opening emails from Facebook friends you don't know or clicking on suspicious links or attachments from emails of friends you do know puts you at risk. Simply put. It's like playing Russian Roulette. So how can you be relatively safe using Facebook? Simply avoid doing the things I just mentioned in this paragraph. Also, tighten your privacy settings within Facebook.
One last observation that should be obvious from the TechRepublic article, businesses should not allow employees to access Facebook on business computers. If you are a business owner and you allow your employees to cavalierly browse the internet, and particularly Facebook, you risk compromising all kinds of data and some may involve your customers'.
I wish the internet was safe, but it's not. As long as there is greed and corruption, men will find ways to exploit others. Your best defense is taking responsiblility and learn the safety rules of the computer highway. Learn the rules, practice common sense and if you're a business owner, enforce the security policies you put in place.