Gone Phishing?

Sadly the old hacker stereo type of a 13 year old in his basement no longer applies, especially with the latest series of ‘Patriot Hackers’ traced back to China.  Gone are the poorly written spoofs to get you to give personal information and the like, we now have university graduates government funded to steal email accounts and infect computers.

U.S. officials briefed on the incident said the Obama administration isn’t going to raise the matter directly with the Chinese government until the facts become more clear. “Law enforcement needs to dig into this over the very short term so we have all the facts and procedures set out—then diplomacy,” a .S. official said.

Read more: http://online.wsj.com/article/SB10001424052702304563104576361863723857124.html#ixzz1OBHGdUkQ

What this means to the average computer user (this means you) is that you can trust less and less of what you see on the internet and especially email.  If it has an attachment you best be suspect, type in URLs yourself (don’t trust links) and when in doubt.. use the phone and call someone to verify.

Posted in Internet, Virus / Hacker | Leave a comment

McAfee got you down?

Minding your own business and all of the sudden you are told your system is insecure and needs a scan.  Problem is this isn’t a program you installed it’s ‘McAfee Security Scan’ which is just this side of malware.  You got it thanks to Adobe bundling it into their products and if you have FireFox you got it as an update without even being asked (thus the malware opinion).  Here’s the spin:

McAfee has made a free diagnostic tool, McAfee Security Scan, available as an optional download to customers when installing Adobe® Reader® and Adobe Flash® Player software from Adobe.com. The McAfee tool enables consumers to easily check for anti-virus software and firewall protection on their computers. When the scan is complete, users see a report detailing the presence and status of security protection, and are presented with special offers for McAfee security software, including McAfee Anti-Virus, McAfee Internet Security, McAfee Total Protection, and McAfee Family Protection – Adobe

So you get free advertising but little else (the software will ALWAYS say you need McAfee products).   Since Microsoft Security Essentials is free, works with Microsoft operating systems and updates regularly there is little point in buying an inferior product.  Install Malwarebytes as a recovery system (also free) and 98% of the bad things out there are blocked or recoverable.  So how do you rid yourself of McAfee?

  1. Uninstall McAfee using the Add/Remove Programs
  2. Consider changing from Adobe to another PDF reader
  3. Uninstall the PDF plug-in from FireFox or it’ll infect again

You will probably get McAfee with Flash, AIR and perhaps a few other Adobe products if you don’t UNCHECK the option.  Reminds me of Rogers Communications and thier idea of negative billing.. we’ll give you more stuff and charge you more unless you tell us not to.

Posted in Internet, Software, Virus / Hacker | Leave a comment

SBS 2011

Having put in two of these beasties I’ve got a fairly good idea how they work and where the problems are.  So far, there are very few reasons NOT to upgrade from your 2003 or even your 2008 Small Business Server.

Basic setup take about 8 hours with updates, reboots and just the usual typing required to get the system working for the installation in question.  Having to reconfigure Exchange 2011 to allow larger emails is the only ‘must do’ and the loss of the ‘global’ POP3 connector is annoying.

Once everything is in you’ll have a lengthy process as you migrate (or at least prepare to) from your previous server.  You could migrate directly but honestly we all know that’s a road few travel happily.  Better to backup and restore, it’s longer and annoying but never ends in heartbreak, frustration and possible data lose.  Keeping your subnet the same as the old network IPs help in the even you have a few forgotten static devices (like phone systems, plotters or some storage device).

With each workstation you’ll want to run the migration wizard (locally save the files) and backup Outlook to a PST file.  Since you’re keeping the same subnet joining is a simple as http://connect from your IE install.  Copying data will take longer than anything else but it’s unavoidable.

For the time and dollars it’s a good upgrade, beats the heck out of SBS2008.

For those BlackBerry users out there the Express server will work in SBS2011 but it takes time and research.  Just pretend you doing an SBS2008 install and then do an Exchange 2011 install as well and wait until the process reaches 450MB.. then it auto-magically works.

Posted in Server, Software | Tagged , | Leave a comment

Android Malware

Google removed a bunch of malicious apps, most disguised as legitimate apps, from the Android Market after they were found to contain malware. The malware, dubbed DroidDream, uses two exploits to steal information such as phone ID and model, and to plant a back door on the phone that could be used to drop further malware on the device and take it over.

There is a scanning software for known malware signatures but this system isn’t good at detecting brand new malware or existing malware that has been modified enough to slip past the antivirus programs.  Depending on the handset used, Android versions may be patched by now, but others are not. The vulnerabilities exploited by the malicious apps have been patched in Android 2.3, also known as Gingerbread, but older versions could still be vulnerable.

Read more at CNet.com

Posted in Virus / Hacker | Tagged , | Leave a comment

Apple gets BlackHole RAT

RAT employs client-server program that communicates to its victim’s machine through its trojan server. The server application is installed on the victim while the client application is on the managing side.

BlackHole is more a bare-bones, proof-of-concept beta program right now — but the software is pretty easy to use, and if a criminal could find a way to get a Mac user to install it, or write attack code that would silently install it on the Mac, it would give him remote control of the hacked machine.

Mac OS X has been gaining market share on Windows lately, and that’s starting to make it a more interesting platform for criminals.  While Mac malware is still very rare, he has seen another Trojan, called HellRTS, circulating on file-sharing sites for pirated Mac software.

Posted in Virus / Hacker | Tagged , | Leave a comment

IPv6 it’s coming.. slowly.

IPv6 isn’t a very elegant name but it’s coming and what it looks like is this: 2001:0db8:85a3:0000:0000:8a2e:0370:7334

Ok that was just an example and probably didn’t scare you but if you remember the old IP addresses.. you know 192.168.16.100 and the like, well that monstrosity above will be replacing your old IP, eventually.

So what does that mean to you?  Well the last free blocks of top level IPv4 were assigned in February 2011.  Many are still unused all over the world but we are now officially out of ‘new’ blocks to give away.  NAT (network address translation) gave us years of breathing room using ‘internal’ IP addresses (from your server, firewall or router) but with phones, computers and even refrigerators wanting an IP we are running/ran out.

The upgrades have been underway for years in the infrastructure but most ISPs have been dragging their heels.  For most businesses it means a few updates on your software, a new router or server and maybe some bad days trying to figure out why a webpage won’t load.  That is once the ISPs are finally forced to move over to IPv6 (or at least make it a working option).  If you want to read more try these:

Don’t worry the internet won’t crash, end or put up toll booths (we hope).  IPv6 will help control spammers and hackers better and take the load off the hardware in many cases.  Your business might even be able to get its own “official” subnet to identify your gear/phones/computers from everyone elses.

It won’t be easy or painless but when the time comes the change will probably be worth all the effort, just thought you should know.

Posted in Internet, Software, Technology | Tagged , , | Leave a comment

Upgrading on the Cheap

As you may remember the system requirement from XP to Vista meant you had to buy a new machine and be prepared for it to actually perform worse than your older XP computer.  Luckily Windows 7 gained some performance back but with the 64bit version you can upgrade easily and efficiently for less than $400 (not including software).

Windows 7 likes more memory and 4GB will fit in most older machines also with the 64bit version the old memory limit disappears.  Thanks to dropping prices, $100 will buy you 4GB of memory and if your motherboard can handle it 8GB is less than $200. For example: NCIX 4GB DDR2 Memory

The next big performance jump is an SSD (Solid State Drive).  For about $250 you have a very fast 120GB drive (use as the OS Drive) and can use your old drive as the data drive (makes migration really easy).  SSD read much faster than the older mechanical drives but write speeds are about the same, this makes booting and loading programs very quick.  Here’s a few examples of SSD: NCIX Solid State Drives

Lastly you need the new operating system, Windows 7 Professional 64bit.  If you are buying a drive I suggest you get the OEM version and save a good deal of money ($160 vs. $325 but you need a storage device purchase to qualify).  The ‘Home’ version lacks the domain abilities, no point in getting 32bit and Ultimate is over priced.  Some examples: NCIX Microsoft Operating Systems

The actual upgrade process is about 2 hours and you’ll have a dual-booting system (BIOS selectable) and be mildly stunned how much faster it is.  Consider getting MS Office 2010 Home & Business if you’re still using a 2003 version of Office, it’s worth the upgrade and you get 2 license for about $300.

Posted in Hardware, Software, Update | Tagged , , , | Leave a comment

Windows 7 Service Pack 1 (SP1) Released

Microsoft released the first official service pack for Windows 7 today. This is an important update that includes previously released security, performance, and stability updates for Windows 7. SP1 also includes new improvements to features and services in Windows 7, such as improved reliability when connecting to HDMI audio devices, printing using the XPS Viewer, and restoring previous folders in Windows Explorer after restarting.

What will this update bring?  No idea at this time as the realease information from Microsoft is at best sketchy.  I’ll post an update later when the votes are in and the re-formats have begun (let’s hope not).

Posted in Software, Update | Tagged , , | Leave a comment

iStuff & Android face off (Mobile 7 far behind)

Android or iPhone/iPad/iTouch/iPod, either way the fight is on between Apple and Google.  The latest front in the ‘Cloud’ wars is the application and subscription market.    Apple put in their opening position only to get taken off at the knees by Google (see below):

Justice Department and Federal Trade Commission are interested in whether Apple may be violating antitrust laws by routing customers through Apple’s App Store and taking a 30 percent cut of each subscription, sources told the newspaper. Regulators’ interest in the subscription terms is reportedly preliminary and might not lead to a formal investigation.

Then, the day after Apple officially shared details of its subscription plan, Google announced the launch of One Pass, its online charging service for newspapers and magazines. Google’s rival service offers two big differences from Apple’s: content providers will get to keep 90 percent of revenue from One Pass sales, and publishers will retain control of consumer data

Read more: http://news.cnet.com/8301-1001_3-20033202-92.html#ixzz1ETcQl0Gx

So the phone market is a little intense but we have yet to see where Microsoft will appear in all this with the new Mobile 7 phones.  I have a Mobile 7 and at this time and 2 weeks later I’m still stunned to see you cannot transfer files to/from your computer to the phone via the USB cable.  One would have thought the Sync Center of Windows 7 would have been the perfect vehicle for this, but Microsoft now uses Zune (just a really, really bad iTune clone) instead.

The 1st update/servicepack for Mobile 7 is due in March.. let’s hope it includes a file transfer system.  I’ll do a detailed Mobile 7 review once the service pack is out, until the I’ll just bite my tongue.

Posted in Internet, Software, Technology | Tagged , , , | Leave a comment

Chinese hackers were seeking economic data

All those updates from the last 2 months get a slightly greater ‘public’ light today with some new information being released.

The Chinese government hackers who unsuccessfully attempted to break into the Canadian finance department’s computers were not after military secrets but economic secrets, says a prominent security expert.

CTV News learned Wednesday that Chinese government hackers had attempted to break into federal government network systems. Sources told CTV that Canadian Security Intelligence Service has advised government officials not to name China as the country where the attacks were launched.

Read the full article at CTV News though the video clip has the information you really want to hear.

Keep your machines as current as possible and your anti-virus upto date, beyond that call if something ‘odd’ is happening.

Posted in Internet, Virus / Hacker | Tagged | Leave a comment