Monthly Archives: June 2009

To Update or Not to Update, That is the Question

Normally I wouldn’t even write about this subject because it almost seems like a redundancy to mention it, but recently came across some misconceptions that urged me to help set the record straight.

Software updates, what are they? what are they for? should they be installed? Generally speaking, the main computer software updates are its operating system updates. Since I don’t work with Macs, this means Windows updates. These updates can have 3 goals: improved stability, improved security, improved performance.

Specifically on security, the cycle goes like this: some not-so-well-intentioned fellow(s) looks for and finds a vulnerability in a current Windows operating system. That means a security hole which if successfully exploited, allows the bad guy to gain access to your computer data and maybe even gain control over it. Not good. Microsoft gets wind of the vulnerability, develops a “patch” to fix it, tests it, releases it through Windows update, it gets applied broadly, no more security hole. The cycle repeats over and over in an endless race over the zero-day exploit. The term derives from the age of the exploit. When Microsoft becomes aware of a security hole, there is a race to close it before more attackers discover it or the vulnerability becomes public. A “zero day” attack occurs on or before the first or “zeroth” day of vendor awareness, meaning Microsoft has not had any opportunity to disseminate a security fix to users of the software.

Stability and performance follow a less hectic path, but they are nonetheless also upgrades.

Other non-operating system software vendors also provide updates for their software with the same goals.

Now, some people seem to be against installing updates, partially due to bad past experiences, i.e. after installing an update, something went wrong and the computer had a new problem. Does it happen? yes. Have some updates been more damaging than beneficial? yes. Does that mean one should just not update? NO. In the overall grand scheme of things, updates will always be more beneficial than harmful.

Keep your computer up-to-date with the latest updates from Microsoft and any other applicable software vendors. It is an essential step to keeping your computer secure and healthy.

Contact me if you need help on the subject.

Who Profits from Malware Attacks?

Every now and then I’ve heard the conspiracy theory that Antivirus vendors are the ones behind the creation of malware, for they are the obvious ones to profit from its existence.  That theory misses the mark – by far.

Not necessarily known to everybody believing or supporting that theory, is a whole sub-culture connected to the creation of viruses, worms, and other types of malware. Cyber-crime, cyber-gangs, cyber-mafia! terms coined in recent years to describe said sub-culture. What are they? who are they? where are they? what do they do?

Very simply put, cyber-crime refers to crimes perpetrated through the use of a computer. There is people who dedicate themselves to discover exploits that allow unauthorized access to a computer or its data for criminal purposes, there is people who sell kits that allow cyber-criminals to create malware for the same purpose. There is people who sell the information so unlawfully obtained, or the ability to target a computer network or a website and render it useless (cyber-mafia). And the grouping of said people  in an organized crime fashion is a cyber-gang.

Where are they? based on general consensus from security companies such as Trend Micro, Panda Security, Symantec and others, there is a big portion of it in Eastern Europe and China. Based on an analysis of the geographical source of most of the attempts to write spam type comments in my blog or hijack attempts towards it, I’m going to have to agree with that assessment.

The purpose of this article is not to alarm anybody, but more to raise awareness on the nature of the bad hats behind your potential computer infection. This is a trend in the rise, and one that is not likely to fade away any time soon.

My advice? have a good antivirus solution installed, develop good internet surfing and emailing habits, and always stay alert at signs and symptoms of an infected computer. And of course if everything else fails, ask an expert for help.

Keeping Your Computer Cool in the Summer

It is a known fact that dust is one of your computer’s worst enemies. Less known than that is the fact that dust will help bring in another archenemy: overheat.

An accumulation of dust in your computer’s internals and vents will create an isolating coat that will hinder the computer cooling down by the normal airflow provided by its fan(s). A blocked vent will of course only compound the felony. Now that summer is coming once again, it behooves all of us to make sure the computer stays cool. And eliminating its dust plays a key role in it.

There are 3 main ways this can be accomplished. The first one is by using canned air or an air compressor. The second one is a soft brush and a vacuum. The third one and least frequent, total tear down and clean of individual components. Probably a combination of  the first and second one yields the best results.

Only tips on what to avoid while doing this are:

1) Make sure you don’t carry static so that accidentally touching an internal component fries part of your computer. Before touching any internal computer part, touch your computer case to discharge any static. If you’re a purist, there is an anti-static wrist strap you can use.

2) Make sure when blowing air, whether canned or from a compressor, that there is no humidity being blown into the computer as well.

Whether you do this yourself or you have somebody do it for you, it’s extremely beneficial to the optimum operating condition of your computer.

Regarding Backups

Backup is the activity of creating copies of computer data files, mainly for data loss and disaster recovery purposes. Being as it is that computers run on data,  preserving its integrity – operating system files, data files, your word documents, emails, pictures, videos, etc. – rapidly becomes high priority. The amount of hours lost trying to rebuild a crashed computer can be pretty high, and losing forever valuable documents or files is even higher.

Backups is no small subject and there are different types of it depending on its approach to create copies of files. It goes from creating a full copy of the original computer’s hard disk (cloning) to selecting documents and files to back up within certain folders, and then updating the backups at set periods by adding copies of any newly changed or created files (incremental) to continuous data protection where there is a service running constantly that will log any changes in the system and will enable to roll back to an earlier version of any given file.

Two more aspects should be taken into account when considering backups. One is automated scheduling, which increases the reliability of the activity, and other other one is data validation, to make sure of the integrity of the data backup.

There are multiple software solutions  that deal with creating backups, at programmed intervals and with data validation. Some versions of Windows even have their own embedded solutions.

How often should you back up your data? the answer to that question is the same as the answer to “how much time worth of data can I afford to loose? bi-weekly? weekly? daily? hourly?

I personally have an external hard disk that is a clone of my computer’s hard disk, and in which I run incremental backups daily. The software I use for that is Acronis True Image Home 2009. In the event of a hard disk crash, I can swap hard disks and be up and running in minutes like nothing happened. Well, maybe not like nothing happened, like I only lost a few hours worth of data.

Contact me if you need help setting a backup system for your computer(s), or if you need revisiting your existing one.

Good Surfing and Emailing Habits

Consist of:

  • Never disclose personal information in response to an email request or an online pop-up message. Banks and other companies never request sensitive, personal information such as account details and Social Security numbers over the Internet. They are also unlikely to request you call a phone number provided in an email to verify information. Instead refer to phone numbers on your financial statements or on the back of your credit card and only share credit card details with reputable online retailers and auction sites. These organizations typically provide secure internal message centers or transaction histories to check for important correspondence and transactions. Avoid using public or shared computers when accessing financial accounts or conducting online transactions and exercise caution when using a PC in a wireless hotspot.
  • Avoid solicitations for donations. Limit online charitable donations to organizations you know and trust. Common donation scams  include foreign lotteries, the Nigerian email scam, cure-all products, debt relief, and anything promising an unbelievable return on investment.
  • Patch Windows and keep all applications up to date. Cybercriminals target vulnerabilities in the most popular applications and operating systems. For this reason, apply security updates not only on operating systems but to all often-used programs. Also, apply security updates to third party software, which can act as an attack vector for malware even when your operating system is fully patched. Enable automatic updates whenever possible.
  • Click only on links and email attachments from known and trusted sources. If an email seems suspicious, consider that a friend’s email account may have been compromised or spoofed. With cybercriminals targeting many popular social networking sites, you cannot always ensure that your friends are truly sending an email. Run a virus scan on a suspicious attachment and check the URL with a web reputation service. Or consider calling the sender by phone if you are unsure.
  • Avoid clicking on any link displayed as a numeric IP number, rather than a domain name.
  • Disable browser scripting and avoid downloadable widgets wherever possible. Many web-based attacks use various scripting languages to run infectious programs in a browser or use downloadable widgets to execute infections locally.
  • Download software from trusted web sites only. Free games and file-sharing software may come bundled with malware. Be cautious when downloading applications on social networking sites. The applications may be harmless but may be easily compromised.
  • Monitor where external devices are used and update all security software to combat potential threats. Digital picture frames, iPods and other MP3 players, PDAs, USB sticks, flash drives, digital cameras”all these devices can harbor malware that can cripple a home network.
  • Lock your mobile phone to prevent data theft or the installation of spyware or other unscrupulous applications. Also, delete text messages from unknown senders and download ring tones and games only from legal, official web sites. If an application appears to be infected, delete it immediately. Change Bluetooth settings to non-discoverable or hide to avoid attempts to pair or connect with a mobile phone or device propagating a virus. Also, when using Bluetooth, be careful when accepting files to avoid possible infections or viruses. If a mobile phone becomes infected, turn off all Bluetooth functions so malware on the phone cannot locate new targets and reflash your device to return it to factory settings.

Adding Memory To Your Computer – Why it Speeds it Up

RAM, or Random Access Memory, is what the computer uses to store information needed for the applications (programs) being run at the moment, such as Outlook, your web browser, etc. and all system applications needed for the computer to run. Enough applications opened at the same time will use up the RAM and make the computer start using virtual memory.

Virtual memory is a different type of memory the computer uses when it starts to run low on RAM. The more virtual memory the computer uses, the slower it will become. Why? Virtual memory consists of a file stored in your computer’s hard disk, called paging file. In there the computer will store information when the RAM is running out. The problem with it is that the access time to the computer hard disk data is way higher than the access time to the RAM. So every time the computer needs to use memory and uses virtual memory to store/retrieve data, it becomes slower because it takes that much more time to retrieve and store information.

So remember – generally more memory means more speed. Don’t forget it.

Contact me if you need help assessing whether or not you need more memory, how much more, what type, etc.

Signs and Symptoms of an Infected Computer

With nowadays’ new trend of stealthiness in computer attacks, it behooves the common user to be aware of the subtle indications that tell his/her computer might be infected. That is the purpose of this article.

These are all signs of a possible infection:

1. Your computer slows down without any apparent reason.

2. When you try to go to a particular website in your web browser, it re-directs you to a different one.

3. Random pop-up windows while surfing the internet.

4. Your installed antivirus solution is not working properly or cannot update.

5. Your web browser’s homepage has changed “by itself”.

6. The default search engine in your web browser has changed “by itself”.

7. Web pages are unexpectedly added to your Favorites folder.

8. Your web browser cannot access any websites, yet the computer is connected to the Internet.

9. The computer cannot access certain websites (especially if they’re computer security companies’ websites or the Windows Update website).

10. Your computer screen displays a skull and two bones flashing with a red background and a window that says “You’re infected!” (joke)

There are some others, but the above covers the main ones.

What to do? of course, if you can, run a scan with your current installed antivirus solution. Sometimes doing a System Restore to an earlier point to the perceived date of the infection might do the trick.

Beyond that, look for specialized help. You can always contact me for help in asserting whether or not your computer is infected, and in removing any existing infections.