Category Archives: Glossary

Don’t know what all that computer gibberish used in this blog means? read and find out.

Malvertising – What is it, How Does it Affect You

A word made from combining Malicious and Advertising, it basically means using online ads to spread malicious programs (malware) that can infect your computer.

You’ve probably seen the little ads on the sides of many websites you visit, be it Yahoo, Msn, youtube, facebook, and so forth. Those ads are the ones that potentially can be compromised, and made to deliver malware to your computer, even if you don’t click on the ads themselves. It is enough that they are part of the website page you are visiting and that the computer is vulnerable to the particular exploit being used to infect your computer. More about that below.

As a user, what you should know is that ultimately what malvertising like many other type of malware activity uses as the means to infect your computer is normally vulnerabilities in your programs, whether your web browser (Firefox, Chrome, Edge, etc) or one of its plug-ins, such as Flash, and so forth.

Malvertising has been in existence for a while, but the interesting aspect of it is that it has been in the rise as a method of delivering malware through websites and the internet.

What To Do

Because of the above you should:

  1. Make sure your software is kept up to date (since updates exist partially to patch earlier vulnerability holes that have been found in the specific program),
  2. Make sure you uninstall software you don’t use, and of course
  3. Have a well rounded security model in place, such as the one I’ve outlined in the past, which you can find here.

If you need help accomplishing the above, feel free to ask questions.

Fake Support Scams Continue

I’ve covered before the subject of social engineering. It’s important as it relates to you and the subject of computer security, and it’s still very prevalent as a main intrusion method used by the bad guys. They basically fool and make the user help them infect their own computer or allow access to it. That’s all social engineering is.

One of the latest most notorious methods are fake support pages that actually play a recorded message that can be heard through the computer speakers. Nothing to worry about – as long as you don’t follow any of the suggested instructions. Additionally, sometimes these pages that open in your browser are hard to close – they don’t respond to the normal methods to do so. So what do you do?

If you’re somewhat familiar with Task Manager in Windows computers, you can use it to end the application (in this case the web browser: Internet Explorer or Firefox or Chrome or Edge, etc.), although this method might make cause all tabs in the opened web browser to close as well. Nonetheless you might have to resort to that.

A more extreme method of handling this webpages that resist arrest is simply to shut down or restart your computer.

A malware check, just in case, might be in order after that.

What Is The Registry and If I’m Not Getting Married, Do I Need One? :)

Registry: In Windows computers, an organized collection of data, or database, where programs’ configurations and options are stored. Since first introduced with Windows 3.1 in the early 1990s, it has considerably grown in complexity and amount of data it stores.

The question in the title is obviously a joke, but now that we’ve disambiguated the term,  a more pertinent question is, does the normal user need to do anything about it, preventive or corrective maintenance wise? A big number of users may have heard or read about “Registry Cleaners”, which are programs with the stated purpose of keeping the registry in good operating shape.

The short answer to the above question is: it is arguable. A conservative version of the answer would be that at best, the top “Registry Cleaners” have a limited impact in the computer performance, and more often than not, they’re considered “snake oil”, in that the promoted benefits of such cleaners might be inaccurately high in modern Windows based computers.

To complicate matters, a number of fake programs claim to be registry cleaners while being actually malicious,  and utilize a combination of scare tactics and social engineering to confuse the uninitiated into allowing it to run or paying for the “premium” version to correct all the “errors” found in a scam, err, scan.

Make no mistake: The registry is a KEY element in a Windows based computer, and severe corruption of it can cause the computer to not work at all, and it’s one of the items backed up by mechanisms like System Restore, protected by some high end security suites to avoid changes that can affect the computer adversely, and, in some cases, careful and guided cleanup operations can be beneficial for the optimum running of the system. But it is doubtful that the average Registry Cleaner will have a significant positive impact in the registry and therefore the computer.

Computer Basics – Another Computer Term You Should Be Familiar with

In the past I’ve written a series of articles on computer basics. Anybody who wants to improve their grasp of the basics on the subject should study them in the following sequence:

First
Second
Third
Fourth
Fifth

To those we will now add this one.

If you’ve ever wondered what happens between you turning on your computer and the computer being fully booted up to the point where you can open programs and files etc., today is your lucky day. The computer term we’re covering today addresses that. When you turn on the computer, four things are in play:

First, there is a Power-on Self Test (where the computer checks itself and its basic components). That’s abbreviated POST. For example, if the computer is set to alert you if a keyboard is not connected to it, and you unplug the keyboard and turn the computer on, you’ll see an error that reads something like “no keyboard present or keyboard error”. The POST is what gave you that message.

Second, the computer must find a device to boot from. Whether is your hard drive, a CD, or something else, the computer checks in a pre-determined sequence all the possible sources it can boot from. And then it turns over control to that device, which then loads the operating system. Classically, that’s when you see the Windows logo on your screen for the first time. If, however, the computer goes through all devices that can potentially provide an operating system to boot from and it doesn’t find it in any of them, you’re likely to see an error message like “No device to boot from” or maybe “Boot file missing” or something to that effect.

Third, the computer must have information on what different components are connected to it and how to control them.

And fourth, the computer must have a program where it can store basic information about what devices there are, the date and time, and some other settings related to the computer (such as what’s mentioned above about in what sequence should the computer look for a booting device).

All the above elements are handled by the Basic Input/Output System. You might have run across the computer term BIOS. That’s the abbreviation for it.

So, BIOS is a chip (a set of electric circuits) in your computer that performs all the above mentioned functions. It can remember basic information stored in it, even if you power the computer off and unplug it, because it draws power from a small battery that allows it to do so. And some of the most basic information it can store regardless of whether it is powered or not.

I have covered today’s basic computer concept while trying to avoid mentioning terms that are not defined in this article. However I do recommend going over the above mentioned first 5 articles that cover the computer basics from scratch to have a better understanding of today’s term.

Hope this helps.

I Downloaded a Program – Why is it not Running?

Every now and then I hear this question. It stems from not understanding the difference between two different actions: “download” and “install”. Well, we’ll get rid of that confusion today.

Download: Making a copy of a file that is on another computer (often in the Internet) onto your computer.

Install: Opening a file that contain the necessary steps to make a new program work on your computer.

I think the confusion stems mainly from the fact that, nowadays, often the file that contains the necessary steps to make a new program work, is a file that is downloaded from the Internet (surprisingly, that file is often called an “installer”). So as far as sequence, these 2 actions are typically right next to each other, but they are not interchangeable. So the sequence would be:

1. Download the installer (“Save it” to a location in your computer).

2. Open it to install the new program.

That should answer the question posed in the title of this article. “Downloading a program” doesn’t install it, that’s why it’s not running. Hopefully this will dissipate any confusions on this. If not, feel free to ask any questions about it.

Software

Computer software is, simply put, a program. And what is a program? A sequence of commands for the computer to execute (carry out), normally contained in a file. That’s all it is. So whether it’s a word processing program, a video player, or an operating system, it all falls under the category of software.

Social Engineering

It is a known fact that malware creators often appeal to users, trying to lure them into action to aid infection of the target computer. In computer security this is called social engineering. The user is presented with a scenario that looks legit and then he/she is asked to click on something or install something in order to continue/avoid damage/correct what’s wrong, etc. All fake/rogue antivirus use this technique, trying to make the user install the rogue software or pay for the full version, lest an apocalypse of infections will go unhandled in the user’s computer.

Malware

Malware is a coined word from malicious software. It includes any program that can adversely affect your computer. Traditionally the word virus was used to describe such, but as time went by and the types of malicious software grew, a new, all-encompassing word was needed to include other types of malware that were not necessarily viruses.