Public Service

Do you have a strong password? Do you use it a lot?

Here’s the reality of our digital lives: We have lots of online accounts and they need passwords. Many people use ones that are easy for them to remember, and tend to use sometimes only one.

How does that affect you? Well, think about this: Once “they” get the one, then you’re life can be laid wide open to those interested in digging further. Since it’s not uncommon for sign ins to be your email address….someone (or a programmed crawling robot) could just travel the known email universe and common places like FaceBook and give it a whirl with your email and a common, made once, used always password of yours.

That’s bad enough, if you are in this category, but even if not, there is now an article that brings to light the technology that allows gamers to get really life like graphics, and for scientists to explore climatology, cancer, and signal from space, is also being exploited by hackers.

I invite you to take this introduction, and read as much of the ARS Technica “Why passwords have never been weaker—and crackers have never been stronger” and read it until you are sufficiently convinced you need to take action to protect yourself by putting some effort into your password selections.

Yes, this will take some mental energy, and changes to your daily digital operations, but….I’m sure you wouldn’t want to wake up to a screen full of mail, indicating your email has been exploited and your bank accounts have been emptied, etc, etc, etc.

Please help protect yourself!

Become an Anti-SPAM Warrior!

This morning, I opened my personal email account to find a SPAM email. Very obviously one, sitting right there. So, rather than just delete it, I took a moment to look at it and it revealed some clues as to how it got to me, and by way of that analysis, I can tell you how to begin your own anti-SPAM campaign!

Not only was the email addressed to me, but to a number of local business people I know, but do not correspond with via that email address, if I do at all. Most are people I have met networking and have their cards, so I know who they are. Point 1: I could see all their email addresses.

It didn’t take much scanning to figure out point 2: I can guess with about 99% certainty who has been sending out emails with this list of addresses. I get them from him, too, and in this email account.

Point 3: Because of his method of blasting his email contact list “in the clear” using the “to:” and “cc:” fields, he now makes all his contacts vulnerable to be collected and used, increasing the quantity of SPAM traffic on the net, not to mention annoying (at the least) and infecting (at the worst) all those computers of your friends and family and business contacts.

Putting all those puzzle pieces together, he’s how you can save your friends, family and business contacts from more of such a fate:

1) If you feel inclined to send something out, put their addresses in the “Bcc:” field. Then any recipient will only see their names, and no one else, and therefore, if this email finds it’s way into someone’s email account where they farm email addresses to send out SPAM to, you’ve put up a simple firewall on that activity.

2) When you get that forwarded 20 bizillion times joke, or offer for Bill Gates to donate $1 to your favorite charity, do this: Right after you click on the “Forward” function of your email, hilight and delete all the other lists of emails that are visible in the body of the message. Besides saving someone from being SPAMed as a result of you inadvertently helping SPAMers collect their address, think how much better a reading experience those who receive it will have when they don’t have to scroll down 37 screens to read the relevant material?

Summary: Put email address for blast work in the “Bcc:” field and remove any visible lists of email addresses in items sent to you, if you forward them along!

Soldier’s Angels VALOur-IT Fund Drive 2010

Technology moves ahead in unpredictable ways, sometimes.

History lesson below, for the interested. For those who are ready and need to donate and move on: Click here.

If you’re looking to help an old Sailor out, then “push” the button for Navy. Know this: It all goes into the same pot, but, the need to poke at our fellow military members doesn’t go away easily, so…resist the urge to help any service team other than Navy…..

Now to some background:

Barely 5 years ago, a “MilBlogger,” and Army Captain Chuck Ziegenfuss, ended up on the wrong end of an IED when on patrol in Iraq and subsequently in Walter Reed Medical Center. Having been a fairly active poster, when a Soldier’s Angels representative asked if he needed anything, he asked for a laptop so he could blog from the hospital, since he’d be there a while. They bought one off of eBay.

He had injuries to both arms, leaving him with one in a cast, and the other in a halo. Typing, as you may surmise, was pretty tough. He posted indicating he sure could use some help…maybe so he could talk to his computer.

Some people helped him out getting Dragon Naturally Speaking. As a result, Chuck’s Blog came back to life.

As a result of that, the idea that this mashup of existing tech would be able to help others. The conception of the idea came from one of Chuck’s reader’s, Beth (FuzzyBear Lioness in the comments section), who thought if it worked for Chuck, who else might it help?

So, the first use of the Project’s Name happened 8/18/2005.

Now we are but 5 years and a few months later, over $600K collected, about 50 bloggers on the teams, and begging for air time on the big websites (and getting some!), with close to 6000 laptops delivered. They are new. They are good ones, and they are provided at the Major military medical facilities, and, they can be requested, if someone has slipped by the system unnoticed.

I believe it was last year, they added the purchasing and providing of Nintendo Wiis, which has helped with physcial therapy for the injured warriors. GPS units are now also provided to those who are getting out and about, to compensate for the short term memory loss issues as a result of TBI and severe PTSD injuries.

The “gateway” to the many pages of information and the project blog is here.

One particularly descriptive post titled “Laptops Save Lives?!” has the words of the real “end users” of the charity of the donors of this work. It may be from 2007, but the truth is right there. This is a great project, which really “gives back” to those who entered the services and gave much of themselves.

Besides just the close to the problem connection, from a problem solving standpoint, I see this as a job training program for the majority of these wounded troops, as they will be medically retired/discharged. If they have used a computer to get and stay in contact with their families, friends and “Battle Buddies,” they sure will be able to draft up a business letter, surf the net to do research and learn to crunch numbers with Excel for the employer who wants a person who looks forward into life and works to achieve their potential.

I could go on for many pages, having personally met Chuck and Beth, and Patti, the Founder of Soldier’s Angels via these campaigns over the 5 years. The stories are real, the ideas amazing, and the unselfish acts to take an idea from one person to many is a lesson in building relationships.

Once more: Donate here to Team Navy!

learn more

LimeWire is Dead…

Thankfully. I know a lot of people liked it, as they could avoid, not only paying retail for music and movies, but not pay anything at all….until some of them had to call me, because their computers were so zapped by malware/spyware/scareware/ransomware from embedded “payloads.”

In one case it wasn’t pretty at all, with me spending three evening trying to save their family photos.

The “bad guys” figured out how to insert viruses and Trojans in the “free” files, on that peer-to-peer sharing network. Not all of them, but it certainly was a crap shoot when you tried to pick a torrent to pull down for your entertainment.

Anyhow, the full report from TechCrunch is here.

They show up at the most vulnerable spots…

The “bad guys” on the Internet have long had a habit of finding the biggest security holes with the greatest potential impact. That’s one reason why the Apple computer line has remained effectively virus free (I caught at least one in the early Mac days (Scores), so don’t tell me there never has been any Mac viruses).

Over the years, operating systems have been “hardened”, so the bad guys have become creative and looked towards other avenues, to the point that Mike Cox in an article “Social media attacks dominate first half of 2010 malware trends” on eChannelLive tells us what is now going as as the biggest impact by the bad guys:

“Cyber criminals are putting increasing emphasis on using social media platforms like Facebook and Twitter as effective ‘spread mechanisms’ for malicious software,” said Arvid Gomez, Norman vice president, OEM and Technology. “In the past, they put nearly all of their efforts into compromising PC operating systems. As social media use becomes part of the fabric of our daily life, Internet users need to make certain they are taking the necessary steps to protect their privacy and security.”

He then goes on the discuss the koobface malware that has come through FaceBook since 2007. I encountered this at a client’s site about 4 months ago.

Another method to not only frustrate you, but also get some money, or your credit card number for use in, in the least case fraud, and the worst case, identity theft, are the “scareware” or “rasomware” programs that take over your system and basically demand that you buy their removal tools, which…are pretty much garbage anyhow. Mike has this comment:

Norman security experts also note that fake antivirus programs continued to plague many home PC and business users. Rogue antimalware programs have been around for a long time. In recent years however, they have become increasingly widespread, and represent a major problem. These programs can be difficult to eradicate, as they often consist of many different malicious elements.

I spent a better part of Wednesday ripping one of these attacks out of a laptop of a client’s office machine. I’ll say this: About 6 months ago, I could find these and get around them and eliminate them in about an hour. That was thanks to having seen several in a short time frame. They all had different file names, and loaded themselves from different places on the drive, but they all used the same methods. The one I ran into Wednesday had grown far smarter. I found it pretty quickly, but it had done many things to mask itself, and had placed some more hooks in the registry than I was used to deleting. Additional, I found a browser web director trojan in there, too. It may have arrived as a package deal, but it took 6 hours to find it, delete the offending things, much of the time was spent running scans, which found more things with each delete/reboot/scan cycle. It’s gone now and they are back to work, without having to just wipe the drive and begin all over, but it was a long day, when some elements have become smart enough to even force a load, regardless of some settings you applied to keep them from coming in a boot up.

I know many people don’t want to learn about the specifics of keeping your computers free of malware and other bad things, but your choice, as I see it, is to commit to some training by your local computer support person/people/staff/support company, or you can call us up and pay by the hour to undo what was maybe a 5 second decision on what to do about the question: “XXX is requesting to run. Do you want to block or allow it?” from your firewall protection. Because of the bad guys, you must get some education in how to keep from your system from becoming unavailable for a few hours (at best) to days (worst case).

Good rule of thumb: You can unblock accidentally prohibited functions. You will lose time and money if you let something in out of “I don’t have time to deal with this, I just want to get back to work!” frustration.

Read Mike’s article and practice intelligent computing!

New Site: Scam Detectives

Looking for excellent information about scams on the internet?  I just found one, which was on the way to read how the Nigerian Scammers work.  Not only was that an eye opener, but then I looked at the site n general and found some great articles, such as:  Securing your data whilst traveling and “Facebook Password Reset Confirmation! Customer Support.”

Want to stay on top of things and keep your identify to yourself?  Might be worth bookmarking/favoriting Scam Detectives.

Reblog this post [with Zemanta]

And Where are Your Digits Going After You Die?

It’s not the same as “the good old days” any longer…and “we” still don’t like to talk about it.

However, if you manage your financial and physical assets via electronic means, do you have a plan to make sure there aren’t problems for those left behind?  Good question, isn’t it?

Do you have a business that has customers?  Have you ordered product/services for them, that you have to be around to make sure gets where it needs to go?

Are you a financial consultant type of business, where you retain customer’s data and regualrly provide information to them?

Or, and one of a myriad of other circumstances that would be negatively impacted if the way to get in contact with your customers was suddenly completely unavailable?

Think about how you may ensure that a trusted person can keep the operations running so long as necessary to close out the work/records.

Someone is considering this already.

But this doesn’t only apply to your business life.  After you’re gone, who can get at your online email and data sharing/photo services?  How about MySpace and Facebook and Twitter accounts?

Not a fun topic, but not only planning the disposition of your real assets and bank accounts, you need to make sure that your digital life is managed for a successful close out as well.

Reblog this post [with Zemanta]