Dog talks, but can he make a call?

OLYMPUS DIGITAL CAMERA

Elise & our dear, departed Patch

A guy is driving around the back woods and he sees a sign in front of a broken down shanty-style house: ‘Talking Dog For Sale.’ He rings the bell and the owner appears and tells him the dog is in the backyard.

The guy goes into the backyard and sees a nice looking Labrador retriever sitting there.
“You talk?” he asks.
“Yep,” the Lab replies.
After the guy recovers from the shock of hearing a dog talk, he says, “So, what’s your story?”
The Lab looks up and says, “Well, I discovered that I could talk when I was pretty young. I wanted to help the government, so… I told the CIA.
In no time at all they had me jetting from country to country, sitting in rooms with spies and world leaders, because no one figured a dog would be eavesdropping.”
“I was one of their most valuable spies for eight years running…
But the jetting around really tired me out, and I knew I wasn’t getting any younger so I decided to settle down. I signed up for a job at the airport to do some undercover security, wandering near suspicious characters and listening in. I uncovered some incredible dealings and was awarded a batch of medals. Then I got married, had a mess of puppies, and now I’m just retired.”

The guy is amazed. He goes back in and asks the owner what he wants for the dog.

‘Ten dollars,” the owner replies.

‘Ten dollars? This dog is amazing! Why on earth are you selling him so cheap?” asks the guy.

“Because he’s a Bullshitter. He’s never been out of the yard.”

My uncle sent this joke to me by e-mail, but after I stopped laughing, I realized we do this with our technology all the time. Cell phones, desktop and laptop computers, televisions, DVD & Blue-Ray players, and even Video Game consoles like PS3, X-Box & Wii, are all amazing devices even after being eclipsed by the newest gadget on the market, or annoying us with their flaws.

Just like the dog in the joke, most of those devices can be reliably scoured of personal information and resold on EBAY or Crais’sList, or they can be donated to the pleasure of others.

Cell phones and tablets on the other hand, are notoriously difficult to re-purpose. If the device is not broken, then doing a factory restore on your phone, may give you a new leash, er, lease on an aging device’s life, adding a year or more to it’s usefulness. The alternative, while economically painful, is better compared to that mean-spirited dog who has bitten a couple of the neighbors.

To back-track for a moment, the “timid” smartphone user who never attempts to test that device’s limit, will likely not have put any personal information into it. This is danger with smart-phones and tablets; NO HARD DRIVES. They use flash memory that CANNOT reliably be erased. the devices are built and programmed to extend the life of the flash memory as long as possible, and deleted files aren’t really deleted.

Even the average smart-phone user will have SIGNIFICANT personal data stored in the memory of their device. This applies even more to the business professional and small business owner who will (not might) have customer/client/patient data on their devices. This information comes in through contacts, apps like DropBox or OneDrive, e-mails and attachments opened on the device, and the like.

Wiping tools are not always effective, but there are some good tips here, if you want to give away or sell your phone.

Here are eight simple tips to erase your information from your cellphone or smartphone. – CTIA.ORG

  1. Back up the information on the device to a PC or service provider (e.g., cloud).
  2. Notify the wireless service provider (and if appropriate, your office’s IT team) that the device is no longer in use.
  3. Overwrite and delete all passwords, PINs and OTPs (one-time passwords). Don’t forget Wi-Fi passwords and personal account information on apps or websites, such as banking.
  4. Overwrite and delete security settings parameters, such as unlock pattern, facial recognition, remote access passwords or keys (and if appropriate, your office IT team will remove your work VPN login).
  5. Delete all personal information and applications (e.g., pictures, texts, social networking profiles, etc.).
  6. Delete peripheral device settings such as Bluetooth (e.g., in your car, earphones, etc.).
  7. Remove any installed Subscriber Identity Module (SIM) and delete or erase all files stored on the SD memory card (if applicable).
  8. Use data eraser apps AND reset the wireless device to default factory settings. BEFORE resetting your device, use a data eraser app. Here’s a list of app erasers (may also be called “wipe”) for Android, BlackBerry, iOS (Apple), Symbian and Windows.

Delayed Problems?

SCENARIO: A computer, powered down for six to eight weeks, is plugged in and turned on, but immediately shows evidence of massive viral infection or impending hardware failure. The system is mostly unresponsive and the mouse is constantly shifting between the “Arrow” and the “Busy” cursor. What could possibly be going on here?

SOLUTION: I have witnessed this twice in the last 24 hours, and in both situations, the answer was just to WAIT. One computer was Windows 7 and the other was Windows Vista. In each case the computer had missed some important appointments and would not be deterred from a decided course of action. The real delay was caused by mandatory updates. Watching the activity in Task Manager was like watching footprints appear magically in the dust of an unused hallway.

It was a litany of offenders, starting with the Operating System that had to check and download all of the new updates. As each of the automatically starting programs loaded into memory they immediately went out through the Internet connection to check in with “Mother.” The second out the gate was the Anti-Virus software, quickly followed by the Web Browser. Successively the Printer Monitor, the Music Storage and the Flash Player all demanded their turn in checking-in and downloading UPDATES.

After 35 minutes, control of the computer was returned to me, ready for use, but now I was busy. Busy being mad at software developers who have decided that I cannot be allowed to choose when, and how I protect my computer and its resources. I was furious that I could not even perform a menial task while all of this crucial UPDATING took place. I was mad that my computer was not my own!

Some will say that it is important for tech companies to keep their products current and bug-free. And some will say that cyber-security is so important that it cannot be left up to the users. I can honestly say that while I appreciate the updates issued by software authors, I find the methods distinctly Draconian!

Too Many Topics

Wow, I know I have been remiss in posting a new blog in the last few months, but a whirl-wind of activity has kept me well occupied. Now I am awash in Topics to write about, and I don’t know where to start.

Here are some of the more recent tech-centric headlines: HeartBleed, FBI says NO Internet Explorer, XP now Retired, Target Hacked, New Microsoft CEO, Facebook ‘Friend Tracker’. Now I have already talked about a couple of these topics over the last year, and I would love to talk about the rest of them right now, but that is not what this blog is about. At least, not today.

You may have noticed that all of the above-mentioned headlines are also links that will take you to that story. [THE LINKING OF DATA IS THE REAL POWER OF WEB PAGES!] But you may not have notices that all the links come from only 3 different web sites.

All of us have to get our information from somewhere; The Bible, Network News, Holy Writings, Newspapers, Radio, Television, this Blog, the Onion, College Humor, and so on… As a Professional, I regard myself as a seeker of VERIFIABLE data, so that I can pass it along to my customers as a value added service and so I can best serve them in using technology. It is because of this that I MUST have reputable sources to draw upon. So when I need trusted information, here are some of my go-to sources, in no particular order:

[PSST, don’t tell anyone else, they might not call me for help anymore]

Krebs on Security – “Brian Krebs worked as a reporter for The Washington Post from 1995 to 2009, authoring more than 1,300 blog posts for the Security Fix blog, as well as hundreds of stories for washingtonpost.com and The Washington Post newspaper, including eight front-page stories in the dead-tree edition and a Post Magazine cover piece on botnet operators. He was recently profiled in The New York Times, Business Week and by Poynter.org.” – (stolen from the Author’s own website)

INFOPACKETS – “Established in 2001, Infopackets features the latest in headline news based on MS Windows, Internet, and technology trends. Subscription to our website is free.”

REDMOND MAGAZINE – “We provide news, in-depth analysis, and hands-on information for IT directors, managers, developers, administrators and partners in the Microsoft community. Visit us on the Web for original, high quality content: CertCities.com, MCPmag.com, MSDNmagazine.com, RCPmag.com, RedDevNews.com, Redmondmag.com, RedmondReport.com, TechNetMagazine.com and VisualStudioMagazine.com.”

INFRAGARD – OK, while I admit that privacy is VERY high on my list of priorities, the FBI is a great source of community support for electronic threats to our Internet safety. “InfraGard is a partnership between the FBI and the private sector. It is an association of persons who represent businesses, academic institutions, state and local law enforcement agencies, and other participants dedicated to sharing information and intelligence to prevent hostile acts against the U.S.” – Arizona Infragard Website

And My Favorite – Windows Secrets – “The Windows Secrets Newsletter began with the merger in July 2004 of two high-tech e-mail newsletters: Brian’s Buzz on Windows, edited by Brian Livingston beginning February 2003, and Woody’s Windows Watch, founded by Woody Leonhard in 1998. The two publications merged on July 22, 2004, and began using the domain name WindowsSecrets.com. Brian’s 50,000 subscribers joined Woody’s 100,000-strong list to form a combined, unduplicated subscriber base of about 140,000.”

Crypto-What?!?!

C-R-Y-P-T-O-L-O-C-K-E-R

It is not a virus, trojan, worm or root-kit. It is actually a security program meant for good but bent to the will of some evil, greedy parasites. They have taken a useful encryption program and surrounded it with a bright red screen that holds your documents and photos hostage until you pay them hundreds of dollars!

Viri and Trojans are bad enough when they cause damage or disable you computer access, and then the FBI/Moneypak Trojan came along and threatened us with extortion; but now, CryptoLocker actually encrypts your files and demands money to return them to their previous state. It is TERRORISM!

This nifty little package comes via a .ZIP file attached to an email, usually from UPS, FEDEX or DHL shipping service.

I have now had to deal with this low-down, flea-bag piece of malware, and so I HIGHLY recommend another layer of defense.

  • Hardware Router/Firewall
  • Software Firewall
  • Security Software with anti-virus, anti-malware, intrusion detection and email scanning
  • System Cleaner for temp files and Registry scans [CCleaner]
  • Java Script/Ad Blocker for Web Browser [NoScript/Ghostery]
  • And now WEB DOWNLOAD EXE/ZIP BLOCKER

Folks, this one is bad news; if you have XP and don’t have a backup of your data files, it will ruin your day/week/month. In a situation like this, the only way to restore your files is to pay the ransom. If you have windows 7 or 8 then there is a small chance your PC has a backup of your files. The BEST way to fix this one is to avoid it altogether.

The first step is to scan and block bad emails BEFORE they get into your computer. Use SPAM-filtering on your email, especially if you don’t have Gmail. Webmail can be harder to protect if your email provider does not scan your email for malware.

The second is to block executable programs and ZIP files from running in your TemporaryInternetFiles folder [or Web cache files.] There is a manual process; I’ve done it and it is tedious and technical. There are also 2 web sites that have bundled all the commands into a neat little tool to protect your computer. For Networks and Servers, use this one. For workstations and home PC’s, use CryptoPrevent.

The third is to make sure you have your important data backed up online. DropBox, Google Drive, Mozy and Carbonite will all work, but for real data security CrazyDogBackup is the way to go.

Lastly, if this stuff makes you nervous, then just let me know, ‘cuz I am here to help.

Hacked Password….Aaauuuggghhhh!

Thank you to us.123rf.com for this great image!

Just got a call from a friend who got attacked by SPAM and had bank and PayPal accounts hacked. The question I got was this, “Do I have to change my email address?”

My answer was, “No, Get a better password!”

I also suggested that AOL might not be the best place to park her email. (They have a bad reputation for harboring SPAMmers, although they try to keep them away.)

I thought it was a good time to review password policy. Good News to some of you is this: Changing your password is NOT as important as having a good password. For some of you the question is, “What makes a good password?” Well, I am here to help!

CERN Computer Security says;

A good password is:

  • private: it is used and known by one person only;
  • secret: it does not appear in clear text in any file or program or on a piece of paper pinned to the monitor;
  • easily remembered: so there is no need to write it down;
  • at least 8 characters long;
  • a mixture of at least 3 of the following: upper case letters, lower case letters, digits and symbols;
  • not listed in a dictionary of any major language;
  • not guessable by any program in a reasonable time, for instance less than one week.

 

And here are some DON”Ts from CMU/SCS Computing Facilities:

What not to do when choosing a password

  • Do not choose a password based upon personal data like your name, your username, or other information that one could easily discover about you from such sources as searching the internet.
  • Do not choose a password that is a word (English or otherwise), proper name, name of a TV show, keyboard sequence, or anything else that one would expect a clever person to put in a “dictionary” of passwords.
  • Do not choose a password that is a simple transformation of a word, such as putting a punctuation mark at the beginning or end of a word, converting the letter “l” to the digit “1”, writing a word backwards, etc. For example, “password,123″ is not a good password, since adding “,123″ is a common, simple transformation of a word.
  • Do not choose passwords less than 8 characters long or that are made up solely of numbers or letters. Use letters of different cases, mixtures of digits and letters, and/or non-alphanumeric characters.

Borrowed from www.madhusudhan.info

My last piece of advice for my friend was this: Find two or three passwords that are easy for YOU to remember (following the guidelines above) and use a different one for each of your bank accounts, Paypal and such. This way, one compromised password will not let them into every account.

Got Questions? I am here to help! Use the Contact page to shoot me an email.