Category Archives: Computer Security

Virus, malware in general and all evil programs, begone!

Regarding Hotspot Shield Software

Computer Security

I rarely make an article about one specific product, but this is going to have to be the exception. In an earlier article, which you can find here, I mentioned Hotspot Shield as one of the products one could use for heightened security when dealing with plain internet connections. Although I explicitly stated my mentioning of the product was not an endorsement, I want to update you on this product based on information newly available to me. Kudos to the Sunbelt Software guys (makers of VIPRE Antivirus/Antispyware, a product I do recommend and my current choice for antivirus software) for correctly labeling Hotspot Shield as adware.

For those wondering, adware (advertising-supported software)  is defined as any software program that automatically displays or plays advertisement in the computer where the software is installed, without user intervention or control.

Hotspot Shield falls under that category. Rather than repeat the whole rationale, here’s a link to the back and forth between Sunbelt Software and AnchorFree (the makers of Hotspot Shield):

Here’s the original post labeling Hotspot Shield as adware:

http://sunbeltblog.blogspot.com/2010/05/what-part-of-no-adware-dont-you.html

Here’s AnchorFree’s response, and Sunbelt’s retort to it:

http://sunbeltblog.blogspot.com/2010/05/anchorfree-responds-on-hotspot-shield.html

How to Recognize an E-mail Scam

Computer Security

“I Just got an email that says…”:

1) I was just awarded a million dollars by Google.

2) That my email account needs to be verified and for that I need to provide certain information.

3) That the IRS needs me to fill out a form with personal information and fax it back to a fax number in Canada.

4) That UPS could not deliver my package because it doesn’t have my address, and needs the following data by return e-mail so if you could please fill out the attached form…

On and on ( laughable as they are, the above are actual scam e-mails making their way around the world). So, what do scam e-mails have in common? How can they be recognized?

1. They ask you for sensitive data, such as a password, social security number, bank account or credit card details, and so forth. And usually they offer a reward if provided or threaten a penalty if not provided.

2. They often are written with bad grammar or have glaring typos in them (like an email from Hotmail calling it “hot mail”)

3. They come from an e-mail address that is not related to where it’s supposed to be coming from.

In some cases they throw a curve because they ask for sensitive data and provide a file attached to the email, which one is supposed to use to provide the data. However the purpose of the e-mail is not to get your data, but to get you to open the attachment that is not what it appears and will infect your computer if opened, like the UPS example above. Pretty slimy.

So if you ever get an e-mail with any of the above points (especially the first point), know that it’s a scam, and don’t fall for it.  Delete it, report it if you know how to and feel like it. But whatever you do, don’t provide the information requested. Don’t even reply.

Emails – Secure Method of Communication?

Computer Security, Technical Tips

To use a common comparison: Plain, unencrypted email is like a postcard with its message written with a pencil. It can be seen while in transit, and it can be modified as well. Since more people than not seem to be unaware of this fact, this is my contribution to changing that.

OK so now, what in the name of all that is holy can we do with that datum? well, you know now that if you are having correspondence by email, you shouldn’t write anything you don’t mind being seen by anyone other than the counterpart of your correspondence. Another thing you can do is implement email encryption, whereby the email is not in plain text anymore, but transformed into unintelligible characters so that it can’t be read or changed by unintended recipients while in transit, and then decrypted at the receiving end so the actual intended recipient can read the original message.

As far as encrypted email  goes, there are two main ways to go about it. One is web-based, meaning you have to set up an account on a website (just like you would do with a Yahoo or Hotmail account) and then use that account when you want to generate secure emails. Hushmail (http://www.hushmail.com) is a good example of that. Others exist as well. the second way is implementing encryption in your computer’s email client (Outlook, Outlook Express, Thunderbird, Eudora are some examples of email clients). By installing a program such as Comodo’s Secure Email (http://www.comodo.com/home/internet-security/secure-email.php), this can be achieved.

Whichever method you want to use, encryption is the standard solution to ensuring privacy when it comes to emails.

User Account Control – What is it? Should I Enable it or Disable it?

Computer Security, Glossary

Users who in recent times have migrated to Windows Vista, and even more recently, to Windows 7, have run into this. More configurable in 7 than in Vista (probably based on the feedback of annoyed users who felt UAC was often getting in the way of their interaction with the computer) it is nonetheless still present (enabled) by default. So what is UAC? and what is its purpose?

UAC is a security mechanism that prompts the user for a choice to allow or deny certain actions in a computer. What kind of actions? they are called “elevated”, meaning actions that require higher-than-usual privileges in the computer – actions usually performed by an “administrator” as opposed to a regular user. Examples: installing or uninstalling a program, or device. Creating or deleting a file or folder in certain core locations of the computer.  One of the expressed purposes of this is to make sure those elevated actions are being approved by the user and not performed without his/her OK. To that degree they can safeguard against malware since malware often include elevated actions to carry out and perpetuate an infection.

One less known purpose of UAC is to annoy. While some might think I’m joking, I’m not. It was apparently put there so that software developers would be more careful in their creation of  the routines in their software to avoid abuse of elevation requests. If abused, it would translate in too many of the actions of certain programs causing UAC to prompt the user for approval or denial of the action, thus annoying the user.

While Windows 7 kept UAC, at least there is one difference in how the user can control it. In Vista, it’s either enabled or disabled, while in Windows 7 there is a “sliding bar” that gives several different levels of protection between “totally on” and “totally off”. This is a change, and some will call it an improvement (because you can set it to NOT be prompting you for OK constantly), but unfortunately in Windows 7 the default level opens the door to unauthorized applications executing elevated tasks, thus defeating the purpose of UAC as far as security is concerned.

So my recommendation, in Vista: leave it turned on, or turn it on if it’s currently turned off. In Windows 7: raise it to the top level.

Sure, it might be somewhat bothersome, but it sure beats  having malicious programs running unchecked  in your computer.

If you need help changing the settings for UAC, contact me.

The New Malware Epidemic – Cause and Cure

Computer Security

Is it me, or are there more and more computers getting infected with malware these days? Being under the impression that this is the case, I set out to research a bit on that.

It seems like the DIY kits for creating malware have recently gone down in price and made more user friendly. It has gone down to the level where new and inexperienced cybercrimals can create malware even when their computer skill level is barely enough to download music or a movie from the internet. That’s a scary thought.

The creation and selling of these DIY kits has emerged as a business, and according to Marc Rossi, manager of research and development at Symantec “It’s possible that the people creating and selling these kits may be the same groups already profiting from cybercrime, and they could see this as yet another revenue stream.”

Indeed, newbie cybercrooks and veterans alike are using DIY kits to carry out phishing campaigns at an accelerated rate, security researchers say. They’ve been blasting out fake e-mail messages crafted to look like official notices from UPS, FedEx or the IRS; or account updates from Vonage, Facebook or Microsoft Outlook; or medical alerts about the H1N1 flu virus.

The faked messages invariably ask the recipient to click on a Web link; doing so infects the PC with a banking Trojan, a malicious program designed to steal financial account logons. Often, the PC also gets turned into a “bot”: The attacker silently takes control and uses it to send out more phishing e-mail.

What to do? Follow the advice in this article, and get all the protection layers in place in your computer(s), paying special attention to the good emailing and web surfing habits.

Let me know if you need help doing it or reviewing your security level.

The Newest Facebook Malware Threat

Computer Security

A new computer worm, Koobface.GQ has been detected as trying to spread through Facebook. What is a worm? it’s a type of malicious software that propagates by self-replication. In this case, the Koobface.GQ’s main aim is to spread itself via the social network Facebook and affect as many computers as possible. It displays a message on screen requiring users to enter some characters in order to avoid a computer restart. Only computers with Windows XP/2003 and earlier operating systems are potentially affected.

It publishes a link to a video in the affected user’s Facebook main site, which will be shared to all their contacts. If the link is followed, a website similar to YouTube’s (actually YuoTube) is displayed. If run, it will display a message asking for some characters to be entered in a field, to prevent the computer from shutting down within 3 minutes. After the 3 minutes have gone by, the computer will not be restarted, but if the characters are not typed, the message will not disappear and the computer will be blocked until users enter the characters.

What to do? make sure you have a good and up-to-date (important) virus scanner, and perform a full scan. If you need help with this or any other malware threat, feel free to contact me.

And make sure you keep good web surfing and emailing habits at all times.

But in any case, if infected, don’t neglect it. If you do, you might be opening a can of… well, them.

Protecting Your Data

Computer Security

Who are you willing to allow access to your password protected email address/online bank account/computer log-in, etc?

Recently I got an email from a contact of mine, telling me a story about how she had to go to another country to visit an ill cousin and now needs to help pay for some medical bills but don’t have enough money on her and can she borrow some from me?

It looked suspicious so I contacted the person and asked her if she had sent that email. Turns out of course she didn’t. So it came down to a hacked password in her email account. It was not possible to recover that email address as the hacker had changed the password, and reset the secret question and answer to be able to reset the password!

If you run into such situation where your email address has been hacked, here’s what I suggest you do, in this sequence:

1. First of all, if you have used the hacked password for anything else (which many people do), change those immediately, following the guidelines for powerful password creation below.

2. Try to change the password in your hacked email. Depending on the provider, there is usually a link for “forgotten password” in the login page. Use it and follow the instructions.

3. If you can’t change the password because the hacker already changed the secret question or alternate email address, see if  there is a validation page alternative like Hotmail has here.

4. Send an email to all your contacts letting them know about the hacking, so they are alert to any spoof emails coming from that address. If you were not able to recover your hacked email address account, send the email from a different one.

When you create a password, follow these guidelines:

a) DON’T use your name, date of birth, social security number, zip code, area code, or any combination of those in it.

b) DON’T use a word that can be found in a dictionary

c) DO use a combination of uppercase AND lowercase characters

d) DO include at least one number in it

e) DO include at least one special character in it (!@#$%^&*)

The reason for the above is there are programs that will automatically try to guess a password using a dictionary and other data that can easily be found in your computer. This is what is known as a “brute force attack“. Such an attack can be very effective, IF you violate the above guidelines.

Finally, it is recommended that you DO change your passwords periodically. I know people who literally have had the same password for everything for over a decade!

The above simple guidelines should keep your password-protected accounts/data much more secure. Don’t underestimate the power of a good password.

Internet Browsing and Your Privacy

Computer Security, Technical Tips, ,

This is not about a crazy nut conspiracy theory. It’s about how your internet surfing activities are kept track of. Many of you know about “cookies”, small files that your internet browser saves in your computer as it visits websites, and that they can be used to keep track of what websites you visit.

A less known fact is that websites include code in them that keeps track and report specifics of all visitors. Then there’s companies that specialize in collecting, analyzing and selling such information, which your browser normally gives away when visiting a site.  Things like date and time of your visit, your computer’s operating system, your IP (Internet Protocol) address (which can pinpoint your geographical location within a few miles radio), your internet service provider, what link took you to the particular website you’re visiting, which browser and what version of it you’re using, even your screen resolution!

The biggest company in this activity of web tracking is, by far (no surprise), Google with Google Analytics. Many other smaller companies also engage in this type of “surveillance”.

What can you do? For the Firefox browser users, there is a free add-on called Ghostery, which you can get here: http://www.ghostery.com/ . What does it do? it alerts you if there are trackers in the website you are visiting and gives you the option to block them. There is also a way to pull a big list of known trackers and with one click choose to block them all, so you don’t have to continuously click to block individual trackers as you visit websites.

I thought you should know about this and what can be done about it.

Public Wireless Networks, More About

Computer Security,

My most recent article on public wireless networks security has gotten quite some feedback from my readers, which is appreciated. It has also raised a number of questions. While I always love to answer correspondence on an individual basis, there were enough common ground in some of the questions to justify a follow-up article. So here we go.

The main point raised was what to do when one is on the road for prolonged periods of time and cannot just wait until the next time one is home and able to connect the portable computer to a secure wireless connection to do banking and other sensitive data transmission type activities. The earlier article tips were more about what not to do. But can one DO about it? Note: because the technical level of my articles is geared toward the non-initiated and the technical details are generally left out, I will only cover what can be done in a generic way.

For starters, you can make sure your general portable computer security level is robust:

  • Is sharing files and folders enabled in your laptop’s wireless connection? it shouldn’t.
  • Are any of the services that allow remote connections to your computer running? they should be disabled.
  • Is your wireless card set to roam aggressively so if it finds a stronger signal it connects to a new hotspot automatically? that opens the door to connections to rogue hotspots and should therefore be set to not changing automatically.
  • Is wireless network ad-hoc (computer to computer) mode disabled in your laptop? it should be to avoid accidentally connecting to someone else’s computer.
  • Is your firewall on, and if your operating system is Windows XP, do you have a more robust firewall in place? consider free alternatives like Comodo’s or ZoneAlarm’s firewalls.

That covers a few points. But even with all the above points taken care of, there is still the problem of connecting to a hotspot that has no encryption. What to do then when one is about to engage in sensitive emails handling, online transactions, banking? The solution with the most consent is, use a private virtual private network (VPN). What is a VPN? It’s a type of network technology that allows secure communication between 2 computers or groups of computers via a public channel, usually the internet. It has many uses and providing wireless security while on a public hotspot is just one of them.

Both free and paid versions of personal VPN programs exist that can be applied to this problem. An example of a free one is Hotspot Shield, that can be found here: http://hotspotshield.com/. An example of a paid one can be found in this link. There is no implicit recommendation of either of these examples, although the free one was recommended to me by one of my readers. Update: See http://remotehelpexpert.com/blog/?p=1615 for an update on the hotspotshield recommendation.

So if you are in the situation where you are on the road constantly and need to use public hotspots, you might want to consider a personal VPN solution as a deterrent to wireless sniffers and man-in-the-middle type of attacks.

Public Wireless Networks, How Secure Are They?

Computer Security,

In a nutshell: Not very. With portable computers being more and more popular, and wireless access in public places being found more and more often, this becomes a problem.

Let’s take a look. Public wireless networks (hotspots) like those found at airports, cafes, libraries, hotels, supermarkets, etc. lack encryption. What is encryption? basically the transforming of information using a special formula that is only decipherable by having a certain piece of information – a key. So your hotspot with no encryption looks like this:

laptop –> wireless receiver –> Internet

Nothing wrong with that, except the information is traveling from your laptop in the form of radio airwaves spreading in all directions in plain form and it’s therefore possible for a “sniffer” to intercept the data – an activity that has been given the name of “sidejacking”. And since there is no encryption, your data is open to view.

Let’s look at the same setup, but with encryption enabled:

laptop  –> (encryption) –> wireless receiver –> (decryption) –> Internet

Now the wireless aspect of the data transmission is protected by encryption, and is no longer available to sniffers who might want to access it. Of course strictly talking any encryption can be broken, but the difficulty to do it when using good encryption discourages most cyber-criminals as long as the target (you) doesn’t look too attractive, as I’ve explained in this earlier article.

So, what rules emerge from the above data? when using a public, non-encrypted hotspot to access the internet:

1) Do not enter passwords or supply other credentials in a website, unless the webpage itself is protected with encryption (in browsers like Internet Explorer or Mozilla Firefox you’ll see a lock in the lower right corner to symbolize encryption is being used in that web page, and typically the website address starts with “https://” instead of “http://” , signifying the page is secure). Even then and for reasons beyond the level and scope of this article this is not particularly recommended.

2) Avoid banking or doing online transactions, even in a secure webpage.

3) Basically, don’t do anything on your computer related to an internet connection you wouldn’t mind doing if you had a bunch of strangers right behind you looking at your screen and taking notes!

Wait until you get home (or to a secure wireless network)  to do any of that. And I surely hope you have encryption enabled at home if you connect wirelessly to the internet!

Hope this data helps.