Microsoft looks like they are getting ready to put McAfee and Symantec out of business, they already have security essentials out (and it is really good!), but now they are coming out with a complete package called InTune, not public yet but it will be one-stop protection up to a corporate level! Personally I am not a huge fan of either McAfee or Symantec; They are probably responsible of more infections than they have cured, I mean they pay Dell, Acer (insert PC manufacturer here) to put their nag-ware software on new machines, then at the end of a year they nag the user that they have to buy AV software that they think they already did with their now year old PC and then when they expire, they just stop protecting the system, not only from new viruses and even the old ones! That and they are charging people for AV software that bettered by free software readily available! Nah, it’s time for Microsoft to just ship antivirus with their OS.

Re-casing my E-71 Nokia, does everything I need, has the right apps (turn by turn GPS, Verisign passcoding and everything) and a battery life in weeks, I am not sure what all the hub-bub of iPhone 4s is all about. Picked up a cheap white keyboard and dark case off Ebay a while back to dress-up my constant companion.

Also my local ISP offered me 6months at 40d/20u DSL2 speeds for less than I was spending on my 20d/5u. My poor old Linksys WRT54GS 2.1 with dd-wrt firmware wasn’t able to keep up.

So I was looking at the new crop of Netgear N rounters, but they all have firmware issues and even with dd-wrt firmwares, they still have config issues…what to do!?!?

Well a peer in my dept put me on to loading up a Soekris box with a a Free or Open BSD OS, (choosing between Monowall or PFsense) secure, solid and very low power usage. Funny, when I was webmaster at Intel, I had a BSDI proxy/firewall that was the size of my front door, now the same power fit in the palm of my hand (board, the case is a bit better). Soekris as makes a sub-board called a 1401 that does VPN (A “Virtural Private Network” tunnel that goes through the internet), to keep script kiddies and pineapple routers from reading my private email in my local coffeehouse.

But instead I got to enjoy my first day fighting a virus at one of the local art galleries I support technically. I’ve seen this one on a few newbies and novice computer users systems. It’s the sysinternals anti-malware(Contrary to name, it itself is a virus/malware), first the user gets a pop-up that says their computer is infected, if they click on it in any way, even to close it triggers a package and loads up on the system with “Scareware” saying everything is infected and then extorts money out of the user (and probably steals the credit card number) to get rid of fake viruses it’s planting itself.

A few ways to avoid it, A good virus scanner and don’t use IE. AND DON’T click on pop-ups. Kill the browser session and reload!

Actually if you use Firefox and aren’t in an IE Tab session, you should be ok, if you are in an IE tab session, just close the tab.

How to get rid of it is tricky, depending on version, it sets up a fault proxy to block your browsers, it sets up a new home page in IE to direct your browser on opening to get you re-infected, it hides itself as svhost (a system file), it sets up registry links to reload itself if removed and puts itself in the registry so if you do remove it, Windows forgets what an EXE is.

It also sets up a group policy to block from the system being able to use Microsoft Update. Insidious is an understatement.

A few evenings and 4 hours yesterday with a mixture of hijackthis, Trinity and the Ultimate boot Disk 3.5, Avira, Avast and Malwarebytes and I think the system is fixed. But to honest, I never feel I can trust a system once infected, if given the choice I would recommend saving whatever data files you need and doing a complete re-install.

We’ll see. Of course the gallery can’t pay me. Art isn’t selling these days but hopefully it will all come out evenly in the wash and there is one less infected on the net…

Hopefully the rest of my weekend is quieter…

Also if something critical comes out and I am worried that some of the people who might not notice because they are watching their business.

I’ve have said again and again to friends, family and clients to never click on any attachment in email from any source that you don’t absolutely trust. I usually say don’t click on any attachments but sometimes that isn’t practical. Sometimes you have to get a link in an email from a techsupoport, or a plug-in or attachment to update your software.

So how do people know if an email attachment came from me?

I use a cert to prove that the email isn’t “spoofed”

You can look up the whole term spoof at Wikipedia but the short explanation is making an email look like to came from some other source than it really came from. It is used by hackers as a social engineering hack to get people to infect their own systems by clicking on an attachment that they think came from a trusted source.

By having an email cert, it further proves the email actually came from me, kind of like that lock on your browser when you are at your bank’s site that you can check and make sure you are at your bank’s real site.

With all the Microsoft Outlook Hacks, a cert is a must!

Comodo offers free email certs

InstantSSL(technically also comodo) also offers free email certs

Click on download, fill it out, you will get a cert sent to that email, import it, either through Trust Certer in Outllok 2007+, or mail setting in 2003 or lower.

That way you know who is sending or they know who really sent that attachment!

So many things to talk about…

Got a Zune, love it!

Set up a new VPN business class router with server that I will have to detail later.

Right now I am off to Las Vegas and the Consumer Entertainment Show and THE SHOW (High end audio).

You can follow me on Twitter and I will be posting photos on flicker.

I will post my traveller’s tales next week!

And HAPPY NEW YEAR all!

You see an amazing price on a large SD or CF cards, the seller has a good rating and you figure if you get the card and it’s the right size, you’re all set…well not exactly.

Problem is people giving those positive feedbacks are just checking if the cards is in good shape, pop the card into their memory readers, does it say the correct size, check and then giving a positive feedback.

Also a lot of the feedback will turnout to be for other products, dunno…portable hangers nothing in memory, camera accessories or the like. They also tend to be in Asia (Hong Kong seems to be point zero for this scam).

What very bad people are doing is modifying memory cards to report false sizes, making 2gb cards look like 32gb cards! They show memory size fine, they will format fine but…

When the card stores more than the true 2gb that they are rated for they dump all the contents, the people writing or picture taking first think it’s the camera or device, by the time they get the unit either checked out or replaced, and/or they’ve figured out it’s the card. The seller usually say to go through the memory company saying it would be faster than shipping back to Asia. By the time the card the card has gone to the manufacturer and they have confirmed that the card is a fake and told the purchaser, the time period to complain to Paypal or their credit card company has already passed and the jerk who sold the card has disappeared with the money!

Before laying down any money on ebay, go here and see if your seller is on the badguy list.
No matter what download this application and run it (both German and English version in installer) , if it runs REEAAALLLYYY slow or gives errors, there is something wrong with the flash card!

Before leaving feedback test and actually use the card, take a bunch of test shots and fill up the card, erase and do it again, make sure you can read the card ok.

If it looks like you were taken, then report to Paypal and/or your credit card company immediately!

Only then after your sure what you received, leave feedback for the seller! If you already left positive feedback, then update your feedback!

Lets get these guys off eBay!

There are a few utilities to reset your flashcard to their 2gb correct size(I guess at least you get something out of the purchase) but I am not sure how much I’d trust them after being modified…

Just be careful out there, money is tight. But sometimes it is better to spend more to save more in the end.

Microsoft Security Essentials

And it’s terrific! I guess who’d know how to protect their OS better than Microsoft!

For any of you snickering Apple owners out there saying with a condicending voice “we dont’ get viruses”, well GRC just reported that Apple OS is just as insecure as MS…it’s gotten too complicated and the user-base is too big a target for black-hats to ignore. Apple is also getting slow at patching know security holes.

Apple get ready for the storm!

The technology for Microsoft Security Essentials is based on their server security suite.

No false positives, very good detection rating compared to everything else out there!
There’s a version for XP (nice to know they still remember us!) and Vista/Windows7.

Antivirus programs that show balloons every time they so much as do an update really annoy me, I mean warn me if you can’t update or find an infected file but shut-up if everything is fine! The MS Security Essentials are nice and quiet!

If you’ve been looking for a good, reliable and quiet AV and Spybot protection, definitely this is the protection you’ve been waiting for!

And you go to site that might be being hosted by a tent at a bazaar in Marrakesh…even sites that look polished might be running out of a thief’s garage!

You say, well I could use my Mastercard or American Express, they will take care of fraud, right?

Well maybe, if it’s been under 60 days and you’ve never done business with this merchant before and the moon is in the right phase and you’ve thrown the runes in the right way.

That’s not even including them giving your number to a 3nd party that might use it anytime in the future…all of the sudden that credit card number is a little scary huh?

But you say “I want my toy!”, how do I get it? Well here’s a combination that will allow you to send money safely but still be protected and not give out personal credit card numbers.

First, set up a PayPal account, ya the same guys that allow EBay to survive.

Second, get verified, they will confirm you have a real bank account, which means your bank has verified you.

Third, Either get a securitykey from PayPal/Ebay also called a “Football”, goes on your keychain and gives you further syncing security if you log into PayPal or Ebay at your local coffeeshop, even if someone is packet sniffing you, that number is only good of 30secs. They cost $5 (best five bucks you’ll ever spend), and if charged to your PayPal account.
Or even better you could head over to Verisign, ya the same guys that put certificate locks on all the big banks, and financial institutions servers so that lock lights up in your browser to say you’re encrypted and safe. They have better securitykeys called VIPs, the credit card one is about $45 bucks and fits in your wallet. If you have a Symbian(Nokia), iPhone or some Motorola cell phones you can install an app that will do the same syncing with PayPal. Remember to register it with PalPal then Ebay in the /securitykey area.

Forth, Now that you have PayPal secured, let’s secure your transactions, there’s a PayPal plugin for Firefox and IE install it.

Now comes the cool part, even if the site doesn’t take PayPal, the plugin will generate a Virtual Mastercard number for just that transaction, the merchant can’t charge it again and even if they give the number away, it’s worthless!

If the Merchant doesn’t send you your items, you can go through PayPal’s very good Resolution Center to get your money back and best of all you don’t have to look over your credit card shoulder for the rest of you life.

And now you are safe from the more disreputable merchants of the internet!

Before saying anything else, if you have an iPhone, connect to iTunes ASAP and get the new patch! It is VERY critical! I mean having your phone taken over kinda critical.

On top of that Adobe is having a lot of issue, both with Acrobat and Flash. If you haven’t yet, head over to adobe and get the new version of Flash!

Been doing a lot of charity work this week:

A friend who had to move in with the rest of his family, due to the economy, is now having to use his family’s computer. The poor thing was so infected it would shut down every 3 mins. They never activated the McAfee (not that I recommend the performance sucking product, but you need some AV program and MS updates.) anti virus that came with the HP computer 4 years ago! It was still running XP SP1, no updates, ever!! They apparently couldn’t handle my suggestion of a full erase are rebuild because of no backups (not exactly a surprise). I did manage to get the viruses off (Not seeing any rootkits but who can be sure?). First I booted from a rescue kit CD, scanned with 4 different virus packages, then reset the master boot record. Then I booted from an Ultimate Boot CD and did an Avira scan. Installed Avira free edition, a copy of Windows Defender and 18 hrs later his system was back up.

Next, another friend had his computer screwed up by the local ISP and Microsoft. All he wanted was to get off MSN and use his local ISP’s email address. Why MS/ISP throught they needed to un-install MSN I have no idea (He might need to look at old email, right?). Well they screwed up the uninstall, then said “oh your windows is screwed up, you better get a technician to fix this”. The guy is a retired engineer on a fixed income. What a bunch of Jerks.

By the time he called me explorer (not IE) was complete broken and would error if you tried to open “my computer”, or ever tried to open “Control Panel”.

I downloaded MS uninstaller, tried to remove what was left of MSN, still broken.
I then grabbed the Advanced Unistaller Pro 9, 30 day trial and at least got the MSN systems off of there.
I tried installing IE8 (I have him on Firefox anyway, so no issue except when updating windows.). No joy.
Re-installed SP3, still nothing.
I finally had to do a rollback 2 weeks, then re-install the latest program and that got it going again. I also re-installed MSN so he could get to his old email.
Put his new email on Outlook and he is up and running again.
Why MS couldn’t have done this I have no idea.

Anyway needless to say I made nothing off these efforts this week except a warm feeling, not a bad payment.

In the world in general; there were at least two “Denial of Service” attacks from a bunch of botnets which are usually unpatched computers. One was on twitter (maybe the Iranian government betting back for the broadcast of the election?), the other was on a business ISP.

One of the reasons I do a lot of charity work is becuase even people who can’t pay need to have security computers that aren’t part of a botnet army. One more up to date secured computer is one not causing DoS attacks.

Also there is no was to look for a job without a computer.

ISPs are getting better at detecting and disconnecting infected subscribers from thier networks.

…and no apple users, you can’t be smug! Did you read the opener on this post, iPhones are hacked, OS X has a current JAVA hack, get those patches up do date!

A great way to keep up do date is install Securia PSI, it scans your system an advises you when updates are available.

Maybe these hacks have something to do with Darkhat and Defcon, two hacker conventions in the last couple weeks but it could have just been timing.

Who knows? Just keep your patches up to date!

Solution?

If a page offers it (and buy.com does) use PayPal. If a site doesn’t, use PayPal with it linked credit card feature. You can get a temp visa number linked to any read credit card that is only available for so much credit (you name to amount) and the temp account is only good for so long then de-activates.

Paypal also keeps your Credit Card info one step away from the site so the site has nothing valuable to be hacked.

For more security, check out getting a security key from Palpal (only $5, worth it), or get a SecureID VIP from Verisign. The credit card version is $40 and fits in a wallet, the software can go on a number of phones (iPhones, Nokia smartphones and a few Motorola). They all use a syncronizing server number that is good for about 30secs, so even if someone is packet sniffing or doing a “man in the middle” attack on a Paypal session, the number will expire before they can do anything with the information.

BTW all security keys (software and hardware) will also work on Ebay.

You should backup your data like you should brush your teeth if you want to keep ‘em!

Yes, one should run a virus scanner, and a spyware scanner (and yes I am talking to you smug apple users, a few viruses (and no virii isn’t a word!) have started appearing on your OS too!), but the one thing that no computer platform can escape is hard drive crashes!

It is not a question of if a drive will crash, it’s a WHEN!

I have had 3 friends lose their hard drives in the last couple of weeks. Oh yes, they were going to take my advice about backups when they got around to it…BUT IT’S TOO LATE NOW!

At minimum if all you do is email and surf, have a flashdrive backing up your email’s archive files and your browsers favourites folder, keep them and your computer original recovery disk and you should be all set.

If you have a more complex computing environment, then you need a real backup solution.

Remember: laptops; they are MORE prone to hard drive problems then the desktop that is stable and never moves.

Even solidstate drives have a limit on writes, and you can have a logic crash or an accidently erased files. Microsoft even has had patches that erased or changed critical files in the OS causing to be unable to boot!

Backup, backup, backup!

For real hard drive security I recommend:

1. Retrospect Backup by EMC, it makes fast great backups and creates a really nice recovery disk, you basically put it in your drive, walk away and it rebuilds everything. Cost: $125
2. Download a copy of Speedfan, not only will it monitor and control your computer’s cooling fans but it will give you SMART status of hard drives and give you warning if one is failing. Cost: Free.
3. If you haven’t taken my advice to backup, backup and backup, then grab a copy of Spinrite from GRC. It might MIGHT be able to resuscitate your hard drive. Cost: $85.00
4. That Drive Clone Pro (see below) is also a great backup system, you have a clone of your hard drive so just slip it in you system if your main drive dies (great on business trips!).
5. For the Apple users; Timemachine and SuperDuper(Also see previous post) are a fantastic backup combination!

I am so paranoid, I have all my systems backing up every nice with two bi-monthly external eSATA hard drives that rotate between the house and my safety deposit box at my bank.

Now go brush your teeth and BACKUP your hard drive! Your mouth and data will thank you!