Digital Life

Did Network Solutions Have a Massive eMail Breach?

Not sure, but this past few days gave me some strange indications that something was up on more than my client’s accounts. It all began with his hard drive (the actual hard drive assembly) having a complete failure. All data lost for regular recovery methods, this is one where the drive has been sent to a specialist that can possibly bring a dead drive back to life. Lesson all too well learned: Have backups.
Net impact of the failure of the drive: Time to upgrade to a new computer that supports RAID 1 (mirroring), so there is a completely redundant drive in place at all times. Next, reload Windows 7 and all the programs. Run updates (over 200 of them) and, from a drive replaced from last summer, get as much data as possible to use as a jumping off point. Done!
Now: Set up Outlook 2010 and configure for the emails. After digging out the server settings, they are there and the “Test Account Settings” are working. Check the Inbox. Nothing. Look in the Sent box. Nothing. Rinse, wash, repeat. Nothing, nothing, nothing. Of course, I checked, double checked and triple checked. Mail was coming in to Outlook, but the odd thing was a regularly sent email would appear to process through and show in the Sent box after moving via the Outbox, but no one was receiving anything. Set one of the accounts up on a separate computer. Same results. Disabled all the security systems in case I had a firewall issue in the new installation that may be blocking ports needed that I had set before. Still nothing. Swirling all around this were other things to get the business back to full capability. The end of the first day, I hadn’t figured it out, but I still believed it was on our end.

Day 2 came and in between the rest of the work to get moving forward, I had time to pick up the phone and contact Network Solutions provider for eMail support, Webs.com. The tech and I checked the settings and verified the account testing built into OutLook was working. He “reset the server.” Told me to wait about 15 minutes, then try again. I did….same results.

Day 3: Convinced it wasn’t me causing the problem, we contacted the support line. This time I went to the web based mail and was able to send and receive mail without problems. After some discussion of the settings, the testing, the POP3 accounts (about 20 minutes), the tech said the email accounts was suspended. Of course I wanted to know why, but, since I wasn’t the account owner, they said they couldn’t discuss it with me. Unfortunately, the owner was out at meetings, unable to get on the phone. I hung up and called later. One of the interesting things greeting me as I began the wait on hold was an announcement that if you’re using the web mail, your server might periodically go down and to try logging back in. Interesting. So not only am I having issues, sounds like someone else is. In this session, the tech told me that the passwords for the email accounts weren’t strong enough (from a security standpoint) and they had to be changed. Good reason to do so anyhow, so I did, following the direction to use at least one capital, one number, and one special character and have a length between 8 and 14. I did so, told the tech it was done and he said he’d lift the suspension, but had to call me and verify the account administrator was who he had been talking with (I had been added to the account by now). I told him I wasn’t at the office (since I had gone home) and asked if he had the number (assuming caller ID got recorded) and told him I wasn’t at the office. He acknowledged, hung up and my phone never rang.
About 20 minutes later, I checked the mail email account for incoming and there was one, saying no one answered the phone for validation. The number listed in the email was the office line. First I went to log back into the management account and a warning came up on the screen saying account management wasn’t available and to try again in about an hour. Seems to me more significant technology issues.
I called and the greeting message was that they were doing an emergency server replacement. This was the global message on the support line, before it even took you to the push this number prompts, so now I sense something is amiss. Add to this that the time from the earlier call to this one was about 4 hours. I gave up, it being about midnight by now.
Got up early, picked up the phone and called the support line, after logging into manage the account. This time there was no warning about the management function being down, so in I went. I will admit I was, let me say, terse with the tech who answered. I rapid fired the problem that began, the steps that had been taken and the dis-connect from the evening before, and added that it was now the fourth day of my client not being able to use the mail accounts, that were paid for and receiving. The answer was the password had to be strong when the scanners checked it, otherwise it couldn’t be unsuspended. I responded that the passwords had been changed last night, then summarized the correct implementation of their guidelines, and clearly stated they had suspended the accounts with no notice to the client, and now had kept him offline for 4 days. At that point she said she would lift the suspension, and it should be cleared in about 10 minutes. She added a warning that if the scanners saw it didn’t meet the specs, it would suspend them (note: automatically) again.
Analysis from my intelligence gathering training:
Network Solutions, for some reason, most likely as another barricade to email accounts on their servers being hacked into, has instituted an automated process to ensure email account passwords meet a minimum security standard. I agree. What bothers me is the client had no notice from them when the automated system injected itself into the process.
Network Solutions was making emergency replacements of servers, telling me either a major physical disaster happened (fire?), or they had been compromised so badly, they had to take them offline.
The observed issue of the notice that if you’re using webmail, you might be logged off, combined with the emergency server replacement tells me the issue happened in the email department.
I did a search as soon as I got off the phone this morning and checking the unsuspension. No indication of a breach at Network Solutions, but…sounds like something happened if a company that size, something happened for sure.

Windows 8: The hackers are already in it…

This news is a few days old, but is telling: Windows 8 already has it’s own phishing and fake anti-virus malware attacks…

Hackers Already Blasting Windows 8 With Phishing, Fake AV Scams as reported in CRN.

In both cases, for those who keep asking me “why do these hacker do this?”, it’s about getting you to give them your credit card info…then they can go shopping on line for you and begin to try to steal your identity…simple, they have a business model of “crime does pay, if the gullible just hand me their bank information!”

Safe computing, you need it!

Time to rethink the dpi for your main web and mobile site images

Just bumped across a review on the new iPads and two sentences caught my eye. The reviewer mentioned surfing to Zillow, the site that lists houses for sale. He commented on how the pictures looked all pixelated.

That’s important, and it’s also a sesimic change in the digital world of our websites and images on the mobile devices viewed by our clients. In “the good old days,” the way to keep your web pages loading fast, and not bust through your storage and bandwidth limits of your hosting provider, the best bet was to “downsize” the images to be 100dpi (dots per inch) down to no less than 72dpi.

In a world where the masses of display devices could not get above 75dpi, it was a great way to help yourself in the ways mentioned above. If you had been loading those 5 mega pixel pictures from your digital camera, and then wondered why your web pages took so very, very long to display, and you figured it out, you know what I’m talking about.

So….what’s the point? The new Retina displays for the iPad3 and iPhone 5 devices leapt forward to now display 286dpi. Your 100dpi pictures, all slim and trim electronically images UP TO NOW now look all pixelated.

Time to consider just how smooth and life like you need your site images need to be for the growing market of Apple product users.

If you don’t consider this an issue, and think you can just leave those users behind, you need to understand much of what is before you in the non-Apple/Mac world came to be as a result of everyone trying to copycat the innovations coming out of Apple. USB came from Apple Desktop Bus (ADB), which also gave us back all sorts of things attached outside the computer (like Macs were n the early days), after the PC people were trying to put everything inside the box. Windows…bless Bill Gates and his merry band of workers, was a twinkle in Bill’s eye because Steve and Steve (and realistically, Mike) put out a ground breaking new interface to the computer, and once seen, Microsoft then began to work on it.

Displays, the actual hardware, now will begin to see an evolution very soon, as the consumer market will begin to want it, but without the price tag, and the electronic manufacturers will position their products to meet the demand, and therefore, your site better be up to speed in the near future.

If those old images aren’t on file, in their original, high quality format, consider replacing them, or reworking the sites to remove them from their digital surrounding.

Next: No more low resolution setting on your cameras. Get the high quality version (at the minimum to allow you to extract a nice 300dpi version), and store them for the future.

Update 11/10/12: Google and Samsung are now using 300dpi (or “ppi” pixels per inch) displays on their new tablets. One more “call to action” to get into all your website graphics and consider “upgrading” the dpi of not only your photos, but any artwork/logo you scaled down for fast loading web pages! End of update, now returning to your original text.

The quick thinkers, who rely on high quality impression for their business would be well advised to make a review of their sites a top priority in the near term.

Words to the wise…prepare for the shifts in technology, or at least, in this case, start paddling now to catch the wave.

Your Digital World is a complex place, really.

The weekend was interupted by a call from a client who’s computer wasn’t booting. A little bit of over the phone troubleshooting indicated the hard drive was, possibly toast, or maybe just some settings at the basic computer system level had gotten altered. I hoped for the former, but prepared for the latter.

Luckily, the client’s laptop is the same as mine, and can use my restore DVDs. That was the first major hurdle. If the drive was, in fact, non-functional, even the factory restore partition was out of the question. DVDs to the rescue!

Next, I grabbed a utility program that does some heavy lifting for data recovery, so ling as the drive has any ability to be detected by the computer.

A 500GB laptop drive was in the spare parts drawer, matching the size of the potentially dead one.

The “tool box” backpack always has the USB external drive adapter, so it was a matter of grabbing my two working backpacks and heading to the client’s office.

Upon arrival, it quickly became apparent that the hard drive had had a failure that didn’t let it move the read heads into aposition. Because I’ve listened to literally 10s of thousands of drives being tested, I knew wishing it worked and trying over and over to boot, hoping it might come up one more time was a waste of any one’s time.

I pulled the bad rive, put in the spare 500GB and began a factory restore. That went fine, seeing as how I had taken the time to burn a set of restore DVDs. Pretty much every computer comes like that these days, and rarely do I find users who have heeded the nag screen to do it, as they finish the set up on their new system. If you don’t then you’re reasonably certain, if you need your system back today, to have to spend a bit over $100 for a copy of Windows 7 Home Premium. More if you have Professional installed.

After getting through the standard Windows new installation set up, we where now faced with re-installing programs. This is another tough point: Many people can’t remember where their CDs/DVDs are. Also, it’s more common to pay for and download programs right away. If you don’t copy them off your hard disk before such an event, many places limit the time you can return and download the copy at no charge, usually I’ve seen 30 days, unless you pay a fee to have access for a year or more. You need to look around and make sure, especially for the programs you need for your business (QuickBooks, Office, Outlook, etc) and ensure you have the originals and the key codes for them in a safe (and rememberable) place.

The client had the installed programs, so we went right to work restoring those.

Next was data recovery. Having both an online backup system (Digital Life Boat and a 500GB Seagate external drive provided a way to recover most of the data. It was time consuming, just to grab the OutLook mail files, and the basic financial records, but that got the client back to work.

Today I called and we bagan diggin into the files in the cloud and on the backup external drive, which brings me to the title of the post: It really is a detailed thought process you have to go through to make sure you really back up your data. While they had ensured the .pst files for OutLook were on the list, they had a large, large folder of records, dating back far enough to when the computers in use for this client were running Windows 3.1. The file holding a massive amount of word documents, many of which are searched regualry, had been kept at the top level of the heard drive, and never mover into the user document folder area, which began to be a part of digital life with Windows 95. Here’s the bad news: Consumer based backup programs are generally useful for the very basic computer user, and you will see your pictures, videos, music and documents, and usually the items on your desktop all assumed to be what to backup. Things like the OutLook .pst files, profiles for FireFox browsers, and, as in this case, a folder of data sitting outside of the Documents and Settings or User folders not looked at. You must ensure you figure out how the backup system you use will see and backup those files that are important at any level to you. That hadn’t happened.

ensuring your mission critical documents, programs and operating system information is safeguarded against catastrophe is something that is well worth spending some money with an experienced consultant who has had to deal with real world information safety, not just a tech that knows how to install a basic backup program and tell you it’s running. The difference is one will look over your equipment and tell you to back it up, the other will ask what information you use, which programs are crucial to your business and where is the information stored, and also backed up. The answers you give will allow them to provide a coherent and effective answer to help you protect the business you’ve built.

The good news, while not all that good, is many of the most recent files needed are still in the email files as attachments, so the current projects can continue reasonably smoothly.

The bad news is, there isn’t an archive to go dig in to pull old data forward, which, in the client’s industry is a valuable thing.

We can take the almost dead drive to a data recovery service, and I know, without asking for a quote, it will be very expensive. As I told the client, you need to make a business decision as to the approximate value the many Word files are to you, so that can help make the determination to go forward with exactly, laborious data recovery, or if it’s more cost effective to just begin rebuilding from what has been recovered and go from there.

Very much like the cost of insurance: Can you afford a few hours of consulting time more than you can a drive recovery for several thousands?

Concerned you’re not covered? Call your technical business consultant and ask for an assessment to ensure you are, or to make sure you get that way.

Do you have a strong password? Do you use it a lot?

Here’s the reality of our digital lives: We have lots of online accounts and they need passwords. Many people use ones that are easy for them to remember, and tend to use sometimes only one.

How does that affect you? Well, think about this: Once “they” get the one, then you’re life can be laid wide open to those interested in digging further. Since it’s not uncommon for sign ins to be your email address….someone (or a programmed crawling robot) could just travel the known email universe and common places like FaceBook and give it a whirl with your email and a common, made once, used always password of yours.

That’s bad enough, if you are in this category, but even if not, there is now an article that brings to light the technology that allows gamers to get really life like graphics, and for scientists to explore climatology, cancer, and signal from space, is also being exploited by hackers.

I invite you to take this introduction, and read as much of the ARS Technica “Why passwords have never been weaker—and crackers have never been stronger” and read it until you are sufficiently convinced you need to take action to protect yourself by putting some effort into your password selections.

Yes, this will take some mental energy, and changes to your daily digital operations, but….I’m sure you wouldn’t want to wake up to a screen full of mail, indicating your email has been exploited and your bank accounts have been emptied, etc, etc, etc.

Please help protect yourself!

Windows 8, Microsoft Surface and a Big Touch Screen Monitor – I’m Living Bill Gate’s Dream!


Click the picture for a bigger version!

Well, maybe it’s Steve Ballmer’s dream now, but that’s in the details.

Microsoft announced the Surface two days ago. Yesterday, on my current build, I put the Windows 8 Consumer Preview operating system on an i5-2300 with 16GBs of RAM, attached to a Dell SX2201T touch screen (multi-point) monitor, which also has a microphone and a webcam built in to interface to the main tower with a USB cord.
So, what have I done? I basically built myself a non-portable, and maybe not as water/shock proof desktop Microsoft Surface.

I have my “tiles” (get used to talking about them instead of “apps,” and an ability to tap and run the different programs. I’ll admit, having had the Windows 8 on a netbook for about 6 months, my fingers can’t get to those discrete sensors in the extreme lower left and right of the screen to activate the Start Screen and the access to the Settings.

But….I don’t mind that much, as I can get the experience of having a desktop like many will be using in the fixed desk settings of business and large corporations, without the expense of a Microsoft Surface, which isn’t on the store shelves until about the time Windows 8 comes out, in the second half of the year….Hey! We’re almost there!

I will be installing the full set of applications I have been running on a Windows 7 Ultimate Q9650 *GB computer for the last two years, and see just how things compare.

More later on adventures in the almost future!

Social Media: The Internet is Forever……And Employers are using it more and more

The checking for the boundaries of youth have seen “better days.”

In an age where popularity and one-upsmanship carries significant amounts of social capital by “performing in/on social media, the trend is for not the only the Government to monitor you, with your own permission, if they choose, but, the ones you can’t claim 1st Amendment rights cases against so easily: Employers.

In this article from England from the regarding trends in the market, the move afoot is for employers, not just to check you out for hiring (already problematic enough when you have posted those partying hardy pictures and videos), but to keep tabs on what you’re saying…and it could not even be about them:

Many employers already monitor their workers’ Facebook, Twitter and other social media pages – but the practice is set to increase, a new report has revealed.

A new report by data analysts Gartner has claimed that by the year 2015, 60 per cent of employers will monitor social media pages of their employees.

The ‘Big Brother’ monitoring will be driven by security worries about employees leaking information or talking negatively about their workplace.
[…]

Well some us “seasoned” people have escaped the tomfoolery of youth without such consequences, be sure to pass some wisdom along to those you mentor or are the parents of, and hopefully, they will take such information under advisement and not press the “Update Status” button as fast, or as frequently as they may have planned to…

“Flame” – a new virus, but it’s not after your credit card information

Quite often I’m asked why do people write viruses and malware. The bottom line: because it makes them money.

Today, there’s another reason. The recent news indicates a virus by the name of “Flame” is running amok in the Middle East, specifically Iran. From the New York Times – “Researchers Find Clues in Malware:’

Security experts have only begun examining the thousands of lines of code that make up Flame, an extensive, data-mining computer virus that has been designed to steal information from computers across the Middle East, but already digital clues point to its creators and capabilities.
[…]

There you have it. Governments are now in the business of writing PC based malware for the specific purpose to conduct espionage. Which government? We can all speculate, but most likely one’s threatened by the prospect of a nuclear arsenal being built by an unfriendly neighboring nation.

There have been two other reported viruses used to work inside the computers of other nations, but one, Stuxnet, wasn’t designed to go after computer users, but the systems used to run machinery, in that case centrifuges. Duqu, the other known one, was like Flame, to collect information and email it out, but not nearly as sophisticated as Flame.

And this quote is a keeper for the NYT article linked above:

“This is the third such virus we’ve seen in the past three years,” Vikram Thakur, a Symantec researcher, said in an interview Tuesday. “It’s larger than all of them. The question we should be asking now is: How many more such campaigns are going on that we don’t know about?”

Going Mobile – Leaving the Desktop Era Behind

The main workhorse for many still seems to be the desktop in my observations. My question for most people is “Why?”

The landscape of the computer world has massively shifted in the last few years, but even a few years before that, there have been perfectly suitable replacements for your hard working, well loved, big screened desktops.

In other words, why invest in a desktop and a laptop anymore? It’s still a majority case I’m seeing. The real need to take your computing out the door exists, as does the need to have something that doesn’t hurt your eyes to look at for hours on end when you have a big project to work on.

In addition to the long standing discussion I had had with many people, helping them get over having a laptop and a desktop is the entire tablet market that has opened up within the last two years. This is a wrinkle in the discussion, but not really.

Tempted to know what you can do to save money and increase your productivity, and still be mobile?

I knew you were: The laptops of today, at the low end of the price point scale are more powerful than most all the desktops I see in service. So, why not ditch the desktop? I know: “the Screen is too small!” comment is coming next….but it doesn’t have to be.

I found, way back in 1993, I could do just fine with a laptop on my desk at work, equipped with a separate monitor, keyboard, mouse, network card and a modem. In fact I had my shop purchase 17 sets like this, to be handed to the project managers and the senior staff that traveled frequently and needed to keep up with work. We didn’t buy the docking stations (a concept that never really caught on) as it took only about 30 seconds to plug the stuff in when we came back into the office.

You can do the exact same thing now: Get a large LED display (light, and easy on the environment and your power bill, as well as your eyes), and a keyboard and mouse like you had with your desktop (make sure they are USB, as the old devices you may consider using might be the “PS/2” style, and no one installs those in notebooks these days).

Now you have the equipment (and you may be reusing your existing LCD/LED monitor), you’ll find a video out port on the laptop, which you may have used for a projector at a presentation, most likely a VGA port, sometimes a DVI or even HDMI.

With your external monitor plugged in…you may not see a picture, even when you turn it on. This is something the people who do lots of presentations know is the video output port on the laptops have three settings:

  • Laptop screen on only
  • Laptop and external screen
  • External screen only

Which setting is active is controlled (in Windows based systems) via the control panel/a right click on the open desktop, or a function key selection on the keyboard. Note: It’s like a three position switch and it rotates with each key press, and it takes about 2-3 seconds to register and synchronize the hardware.

Anyhow, once you’re by there, you have a choice: One screen or two?

If you don’t want desk clutter, set the laptop off to the side, and configure the system for the two screen to “clone” each other. With a few other settings, you can actually close the laptop lid and it’s just like that old desktop, but smaller, less noisy and less power hungry!

If you have room, welcome to the age of two screens! That alone makes you wonder how you lived on one display surface! I like to use my two screens like this: My main work on my 22″ full HD (1920×1080) display, and then I have Outlook up on the 17″ 1280×1024 screen to the right. If a new email pops in, or the calendar needs to get my attention, the movement over there gets my view quickly. This avoids the different working windows being stacked on top of each other, and you miss something.

Here’s a real benefit of having the laptop replace your desktop: When you unplug it from the office configuration to go mobile, where are all your files? right there with you! Your Word documents for contracts, PowerPoint slides, email, pictures, etc, etc,etc….you won’t have to say anymore: “oh, that’s on my desktop at home/the office!’ in the middle of an important meeting.

Here’s an added benefit: Is it better, when the hurricane is headed our way, that you only have to grab the laptop, stuff it in it’s bag and head out the door?” I’d say so…and if you can’t get back into the affected area for a few days (or weeks), at least you’re functional. With a desktop, that’s not going to happen, with the additional impact of maybe losing all those programs you had installed, in addition to losing data files.

Seriously, with minor exception among my clients, friends and family, the least capable new laptop you can buy is every bit as powerful as you need to work.

In this day and age of tablets, you will still need the desktop like function/desktop replacement. Tablets are cool, can let you get mail, and get to websites, but they don’t have many brains, let alone smarts, and while they can hook to a projector, it’s more cables/apps, etc…For basic functions, my tablet is a netbook, but I still need to haul out the serious laptop for work, but that’s me, with graphics, spreadsheets and larger projects.

Another consideration is that older systems are getting harder to maintain afford ably, and once they start going due to age related problems, it’s a fingers plugging the holes in the dike, hoping you won’t get flooded, but knowing you will.

If you’d like some assistance in making a purchase of the items to effectively allow you to be mobile and comfortably office based, with this flexibility, too, I can help.

I can also help to make sure you bring your data with you to the existing laptop, or to the new one, so you keep doing business with minimal interuption.