Aloha. Here's my opinion or answer to some computer questions I get asked regularly: (BEWARE! Humor lurking)
1. If I own a Mac will it prevent me from being exposed to vulnerabilities on the Internet?
Answer: Yes! And, they never crash, don't use electricity, run at the speed of light, make chocolate ice cream and are FREE! If you believe every ad that you watch on the tube, then you are a victim of your own gullibility. They do have a lower exposure, but they are not invulnerable, except in Steve Jobs mind.
2. What is this 'Cloud Computing' I hear everyone talking about?
Answer: Oh! The Clouds are Beautiful today! They are magical and mysterious pillows of light and energy that are in every diagram of networks and the Internets you have ever seen. However, the real answer is less cool. Ever use GMail? HotMail? Yahoo Mail? Yeah, that is 'Cloud Computing'. Whoop-Dee-Dee. If all your info is stored on the Internets (The Cloud) and if you don't have a computer and an Internet connection, you don't have access to your data. Cure all? Answer to all things Internet? Doubt it.
3. Seriously though, how can I get infected even though I have up-to-date anti-virus software?
Answer: Because your IT guy sucks. Nah! Joke! ;) No, the problem is, there are different avenues to exploit vulnerabilities within your system, the bad guys are working 24/7/365 to trick you into falling into their traps and your bad habit of opening every email and clicking on every link sent to you increases your exposure exponentially. Seriously though, website infections are the most effective form of distributing FakeAV attacks, malware, trojans and viruses, which make million$$ of $$ for the bad guys. Using Firefox or Chrome instead of Internet Explorer lower your exposure to these infections. Using Uncommon sense lowers your exposure further.
4. Should I upgrade to Windows 7?
Answer: Yes! Send me your money now! Ha ha. Face it, in an office where security is enforced through policies, etc., the compelling reasons aren't as cost effective as we would hope. You can't 'upgrade' XP to Windows 7, you have to export settings, install Windows 7, then reinstall all your applications, then import those settings. YOUCH! Expen$ive and time consuming. However, the features of Windows 7 are numerous and desirable in the workplace and at home. So, if buying a new computer, embrace Windows 7, lower your users privileges accordingly and utilize the UAC to your advantage! ;)
5. What is UAC? Answer: Under Achiever's Club? Upper Atmospheric Clouds? No. User Access Control. It's how Windows 7 forces a user to elevate their rights to run programs, etc., to avoid unnecessary exposure to programs trying to take control of your computer. Kind of a pain sometimes, but worth it.
6. Which computer model should I buy?
Answer: The one that fits your budget and does every thing you need it to. Of course, I have some fav brands and models, but you know they change every single day. Always go for the biggest bang for the buck and for laptops, insist on a 3 year warranty, because any laptop that has a 1 year warranty only, (unless a disposable unit like a netbook), will cost you more than the price of replacement for almost any repair, once that year is up.
7. Why is my home computer SO much faster than THIS one!
Answer: Because it's at home where you wish you were. But SRSLY folk, our work systems are burdened with many applications, services and settings that are not on a home system and never will be. Just authenticating to a domain controller (server) requires several layers of security and communication between the systems that slows things down. So, try and be patient.
8. Why do you sound so grumpy when I call you on the phone?
Answer: I have an aversion to technology in the form of handsets. FML! I am afraid it's my mom calling me again to make sure I am wearing clean underwear in case I get into an accident. I am a man, therefore cannot multi-task. Phone call + walking = BRAIN FREEZE! I prefer emails for audit trail purposes, because the older I get, the more I forget. Real Answer: I am just a grumpy old white guy! :)
Hope this helps, hope it made you LOL! If you have any questions you would like me to answer, let me know.
Thursday, May 13, 2010
Tuesday, March 16, 2010
Target Attacks using PDF files
Aloha! This is info from F-Secure, a prominent security site. PDF files will be the most popular vector in 2010 for infecting unsuspecting users. If you read this and you are paying attention, you may save yourself some time and money by avoiding these attacks.
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
What do the Targeted Attack emails look like? Over the years, we have multiple times posted examples of what kind of booby-trapped document files have been used in targeted (espionage) attacks.
For example:
* Targeted examples
* New set of bait files
* H1N1 Themed Targeted Attack
* Intelligence Sector Hit by a Targeted Attack
* Targeted Malware Attacks Against Pro-Tibet Groups
* On-going Targeted Attacks Against US Military Contractors
However, we've rarely shown how these documents were delivered to the targeted, i.e. what the emails looked like.
Some good examples below — some of them are quite convincing. Would you have opened the PDF's?
You would, wouldn't you? PDF's are going to be the number one vector for entry into your computer via targeted attacks.
Please don't become a victim!
Here is the original link, with further info. Don't click it if you don't trust it!
http://www.f-secure.com/weblog/archives/00001908.html
Aloha, Brian
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
What do the Targeted Attack emails look like? Over the years, we have multiple times posted examples of what kind of booby-trapped document files have been used in targeted (espionage) attacks.
For example:
* Targeted examples
* New set of bait files
* H1N1 Themed Targeted Attack
* Intelligence Sector Hit by a Targeted Attack
* Targeted Malware Attacks Against Pro-Tibet Groups
* On-going Targeted Attacks Against US Military Contractors
However, we've rarely shown how these documents were delivered to the targeted, i.e. what the emails looked like.
Some good examples below — some of them are quite convincing. Would you have opened the PDF's?
You would, wouldn't you? PDF's are going to be the number one vector for entry into your computer via targeted attacks.
Please don't become a victim!
Here is the original link, with further info. Don't click it if you don't trust it!
http://www.f-secure.com/weblog/archives/00001908.html
Aloha, Brian
Saturday, February 20, 2010
I give up! (Or, 'I have a licensed and updated anti-virus program yet my computer still got infected!')
Aloha ~
I don't blame anyone who doesn't read or want to read these dismal and depressing posts about the constant onslaught of identity stealing, password robbing, network throttling security threats. I don't want to read the security bulletins either.
The problem is, I can't avoid these daily stories and I can't really give up, because I am your frontline of defense against a multi-million dollar conspiracy of black-hat hackers that are out to steal your money, one way or another.
You think just because you don't do your banking online that you are 'safe'? Please, get over your false bravado. Everyone buys stuff online and everyone has links to others across networks that are important for business or personal reasons and all of these are threatened by the same inherent weaknesses in your system.
Yes, we are a 'Wintel' shop, (MS Windows, Intel Chips), because these systems run the vast majority of the software needed for you and your business to be productive. Since they comprise about 90% of all computers in use, they are indeed the most likely to be attacked and compromised.
This is why we enforce updates that you hate because they make you restart your computer, or wait while I reboot the server. This is why we enforce anti-virus programs which you hate because they are expensive, intrusive and bloated and yet that can only do SO much to protect you. This is why I write these emails, to try to educate you to the threats and how to avoid them.
The bad guys are out there, writing viruses, perfecting exploits, infecting legitimate websites and raking in the dough 24/7/365. Our AV programs and computers are updated once per week on average. We put our hands on your system only when we have to and that leaves you vulnerable and at the mercy of your own judgment, which if past experience is any indication, isn't that great.
Let's face it, emails, links, websites, even PDF files are now infected with various forms of ever more devious and malicious code meant to embed themselves and exploit weaknesses in your due diligence and Microsoft's gaping security holes.
What can a small 3 man company like MB Technologies do to protect you from yourself and from them? Force you to do those updates!
Keep your AV software licensed and up to date!
Keep knocking out these emails with some brevity and pointed observations to force you to pay attention to everything you do and every communication over the computer you initiate or respond to.
What happens next is that we lock down access to the internets and force the users to go through more security procedures to protect you from yourself and the rest of the users and no one wants that.
Questions? Concerns? Let me know. I can take it! :)
Brian
Simple Reminder: Be the conscious creator of your experience.
I don't blame anyone who doesn't read or want to read these dismal and depressing posts about the constant onslaught of identity stealing, password robbing, network throttling security threats. I don't want to read the security bulletins either.
The problem is, I can't avoid these daily stories and I can't really give up, because I am your frontline of defense against a multi-million dollar conspiracy of black-hat hackers that are out to steal your money, one way or another.
You think just because you don't do your banking online that you are 'safe'? Please, get over your false bravado. Everyone buys stuff online and everyone has links to others across networks that are important for business or personal reasons and all of these are threatened by the same inherent weaknesses in your system.
Yes, we are a 'Wintel' shop, (MS Windows, Intel Chips), because these systems run the vast majority of the software needed for you and your business to be productive. Since they comprise about 90% of all computers in use, they are indeed the most likely to be attacked and compromised.
This is why we enforce updates that you hate because they make you restart your computer, or wait while I reboot the server. This is why we enforce anti-virus programs which you hate because they are expensive, intrusive and bloated and yet that can only do SO much to protect you. This is why I write these emails, to try to educate you to the threats and how to avoid them.
The bad guys are out there, writing viruses, perfecting exploits, infecting legitimate websites and raking in the dough 24/7/365. Our AV programs and computers are updated once per week on average. We put our hands on your system only when we have to and that leaves you vulnerable and at the mercy of your own judgment, which if past experience is any indication, isn't that great.
Let's face it, emails, links, websites, even PDF files are now infected with various forms of ever more devious and malicious code meant to embed themselves and exploit weaknesses in your due diligence and Microsoft's gaping security holes.
What can a small 3 man company like MB Technologies do to protect you from yourself and from them? Force you to do those updates!
Keep your AV software licensed and up to date!
Keep knocking out these emails with some brevity and pointed observations to force you to pay attention to everything you do and every communication over the computer you initiate or respond to.
What happens next is that we lock down access to the internets and force the users to go through more security procedures to protect you from yourself and the rest of the users and no one wants that.
Questions? Concerns? Let me know. I can take it! :)
Brian
Simple Reminder: Be the conscious creator of your experience.
Subscribe to:
Comments (Atom)
