January 15, 2013

Samsung device users take note!

If you have a Samsung Galaxy S3 or a Samsung Note, there is apparently a security hole. It is not yet patched and Samsung isn't talking when asked what they will do about it. They do know about it. In the meantime, be very careful of any new apps downloaded. So far this one hasn't been exploited in the wild, but I expect there will be some coming out this week. It is an exploit that is specific to the device chipset which is why the Nexus 10 isn't vulnerable.

Here is the Gizmodo article.

Here is the NextWeb article.

At the end of the NextWeb article there is a link to a site where you can download a fix for this.  Whether or not you do so is up to you.  If you don't download a bunch of apps all the time it might be better to wait and see what Samsung does.  I say that since I know nothing about the person providing the temporary patch. 

Posted by: Teresa in WebTech at 11:16 AM | No Comments | Add Comment
Post contains 173 words, total size 1 kb.

January 09, 2013

Search me

Since I use Firefox as my browser, I have a search bar that can default to a number of different search engines.  Quite a while back I set it to duckduckgo.  I didn't think anything more about it. 

Then I was listening to the most recent Mike Tech Show podcast #440.  He had a segment about duckduckgo.  Apparently they are located in Phillie which is where Mike lives and they presented at a tech meeting he attended.  Thus I found new and shiny search information goodness.  

Here are some of the take-aways that are very nice and impressive.

1 - They don't track you.  Your searches are yours. They aren't watching what you're doing and where you're going like google does.  Granted google does it to send ads your way, but that's not important to me.  So I like this feature.

2 - They don't filter the results.  This means I may find something I would have to dig deeply to find on google, if I even bothered. 

and my favorite of all:

3 - The "bang" search (so called because in tech speak this: "!" is called a bang).  This is very very cool.  It allows you to search a particular site instead of the entire internet when you are looking for something. 

For example. 

Say I'm looking for a "desktop monitor stand".  If I search for this directly I will get half a bazillion different sites with monitor stands.  In some cases that might be what I want.  However, if I know I'm going to search Amazon for such a thing... it's duckduckgo to the rescue with a "one click search".  And since Amazon or Wikipedia among others are such heavily searched sites, they even have abbreviations to make the typing faster. 

Therefore in my duckduckgo search box I would type in

desktop monitor stand !a

This takes me to Amazon and shows me all the desktop monitor stands available.   

If I wanted to find out about the Mayan end of the world on Wikipedia, the search would be:

Mayan end of the world !w

I love this.

To find all the "bang" commands (of which there are many from shopping to research) go to their search bar and type in:

!bang

This will bring up their page showing what you can do to make your searching better and faster. 

Give it a shot as a search engine.  I sometimes go to google for things like game scores which it brings up on an initial search, but nearly everything else I search for is on duckduckgo.

You may want to watch their vid which is on their About page.

Happy searching.

***small update:  There's also an app for that!  If you are on idevices just go to itunes and search for it.  If you are on Android head to the app store and do the same - it's free. 

Posted by: Teresa in WebTech at 01:05 PM | Comments (6) | Add Comment
Post contains 483 words, total size 3 kb.

January 06, 2013

Secure Your Phone

You have a smart phone.  It's got stuff on it. Important stuff - like names/addresses/phone numbers of people you know. Photos.  Email accounts. Facebook and twitter accounts.  You know - the stuff that you need to run your life in a modern world. The stuff you don't want bad people to get hold of.  Your stuff.

You carry it with you everywhere.  But it's small and portable and easily lost or stolen.  Not so great.

I don't know about you, but I LOVE my smart phone.  Even when it's hard for me to read the screen I still love it.  This means I want to try and keep it safe... or as safe as I can.  Of course nothing is foolproof, and the older your phone, the less secure you can keep it.  Also, android phones are less secure than iphone 4s or 5 at this time.  (this will change - it always does).  However, locking them down works in just about the same way for both types of phones, so it's in your interest to do this and keep your data as safe as you can.

Before we start anything - back up your phone. Make sure you back it up regularly either to your computer or icloud or whatever. This way if something happens and your phone is gone or data erased, you have got your data and all it needs is a restore.  BACK IT UP religiously.

1.  Set your passcode lock.  Yes I know, it's a royal PITA - I barely leave the house, but I still use a passcode all the time because I won't remember to turn it on when I do go out. 

At least with later OS versions you can take photos without having to unlock it.  You can also make emergency calls or receive calls without unlocking it.  With iOS6 you get locked screen notifications on things too (I assume Android does about the same). 

Most people will use the 4 digit passcode or on the android they might use the "pattern lock". Neither of these is very secure, but might be secure enough if you have the data erase feature enabled.  With the iphone, when you turn off the "simple passcode" you can enter a longer all digit passcode and this will bring up only the numeric keypad to unlock it (just like the simple passcode).  Then you can enter more than 4 digits to unlock the phone which is marginally more secure but still not too difficult to unlock.

Any lock is better than none.  So do lock it. You'll get used to it.

2. Set it to erase data after "X" number of bad attempts.  On iphone X = 10 which is the number of tries before it erases your data.  If you have your phone data backed up, all you have to do is sync it and you'll get your data back, so turn on this feature.  On the iphone this also encrypts your data.  This means someone can't just connect to your phone and copy the data off.

Androids allow you to do this too although the encryption is not as good.  There are apps for the android that will give you better encryption. 

Here are five tips for securing your Android phone.  The article covers the names of various apps you can buy to make your phone more secure.  iphones  already have this built in. 

3.  Enable "find my iphone"!  This is free for iphone users and it works very well. There are 2 ways to do this - enable both! 

First on the phone itself in the settings:
Settings --> icloud  scroll down to "find my iphone" and turn it on. You will have to set up an icloud account, but this can be done directly on the phone.  Once you've enable this, log into your icloud account from your computer and check to be sure it's working.  You can do this from any computer.  Prepare to be amazed at how well it locates your phone.

There's also an app for that (free) for the iphone.  Also called Find My iPhone.

If you misplace your iPhone, iPad, iPod touch, or Mac, the Find My iPhone app will let you use another iOS device to find it and protect your data. Simply install this free app on another iOS device, open it, and sign in with your Apple ID. Find My iPhone will help you locate your missing device on a map, play a sound, display a message, remotely lock your device, or erase all the data on it.


There is more - go read the rest. If you have more than one idevice get the app.  It's worth it.

For android you can buy an app that will do the same thing. They discuss various options in the article I linked. 

4. Now that you have "Find my iphone" set up, lock it down.  If someone does get your phone and they get into it, they can easily turn off the "find my iphone" feature. Therefore go to:

Settings --> General --> Restrictions

You will have to create a passcode for this section too.  Then scroll to

Location Services  --> Click "don't allow changes"

That will gray out the "Find my iphone" on/off switch in the icloud section. If you want to turn off the restrictions, you have to use the passcode to get into that section. 

I have no idea if something similar is available for Android, you'll have to check around on the device if you have one and see. 

And that should do it.  Following these steps you might be able to keep your phone somewhat protected.  You may at the very least be able to keep the data protected.  Or you may even be able to find it again. 

Good luck.

Posted by: Teresa in WebTech at 12:38 AM | Comments (5) | Add Comment
Post contains 974 words, total size 6 kb.

January 05, 2013

End of Support

Most of you may have heard or possibly vaguely noticed in passing, Windows is retiring the Win XP operating system.  You may not have known they are also retiring Office 2003 since that gets far less notice.

Support Ends April 8, 2014

If you don't use these things, it's not an issue for you.  However, for those still using either Windows XP or Office 2003, this means all security patches will cease on that date.  If you are using older systems like Win ME or 98 or even 95 or earlier...  Or any office product older than 2003... it's very likely your system has been compromised. 

The problem is, once security updates stop, there are so many holes left wide open that can allow attackers to compromise a system just because it is connected to the internet. You don't have to "do" something to get yourself owned.  

Therefore, if you are using an older system, it is time to think about upgrading. You must also think about whether you want Windows 7 or 8.  

Windows 7 support will be around until 2020.  It's been out 3 years and is well regarded as being stable and a good running system.  It has been the most secure of all the Windows systems to date with hackers now going after peripheral software rather than the OS itself to attack the system.  It has the best set of drivers available for legacy hardware. 

Windows 8 has been built primarily with touch screens in mind.  Like Vista, this is a departure from the previous model of OS and it will therefore have problems.  For people new to buying computer stuff this will not be a huge problem.  For those who need older stuff to work, they may encounter issues while everything shakes out. For those who remember the horrid growing pains of Vista, this will be something you want to avoid. 

Remember, if you want to upgrade and you wait until early 2014 to do it, you may not be able to find Windows 7 if that is your preference.  Right now you have a choice. 

For Office software, just upgrade.  Either bite the bullet and buy new Windows Office software, or grab a free copy of Open Office or Libre Office.  They will both do the job although they are slightly different than Windows Office.  I have used Open Office and I must say it's okay, not great.  My husband has used Libre Office and finds he likes it better than Open Office.  YMMV, you can try either or both of them and if they don't work for you, then shell out the cash for a newer Windows Office.

Now is the time to think about this if you have hung onto your old computer stuff.  This is a time when upgrading your system is the better part of valor.  Those of us who don't like being spammed or having botnets out there thank you for not contributing to the general irritations of computing life.

Posted by: Teresa in WebTech at 01:53 PM | Comments (2) | Add Comment
Post contains 504 words, total size 3 kb.

January 03, 2013

Because I keep hearing about this - part 4

Part 1 is here.
Part 2 is here.
Part 3 is here.

Let me see if I can get this mostly finished off tonight.  I meant to do so yesterday, but work was a bit busy and I couldn't quite sit down to think about this stuff.

So you've got your AV software, Malwarebytes, and Web of Trust, not to mention Adblock Plus... what else is there?

Run your system as a user not as an administrator.  Windows does not make this easy to do (although Win7 is far better than earlier versions).  If you run as a user, there is quite a lot of malware that can't infect your computer because it doesn't have "permission" to do so.  Simple as that.

Update, update, update! Keep your system updates, up to date.  This will save you from those little nasties that have already been found and patched, but can still get to unpatched computers.  Set your updates to automatic if you can't or won't go get the updates when they are announced.

Update any Windows Office software whenever there is an update.  Makes it harder for your system to be hijacked by clicking a wrong link.

Use Adobe Reader 11 or greater.  If your Reader version is earlier than 10 you are probably already toast.  But check your version and if you have an older one, uninstall it then go get the newest version.  It is a pretty secure version and it automatically checks for updates so you don't have to.   Get it. 

Or use Foxit Reader which is much lighter weight and so much faster to open than Adobe Reader. 

Make sure your Adobe Flash is up to date.  You can check here.  As this is one of the biggest holes for malware to jump through and get on your system, make very sure you are always up to date!

Last of all if you have Java on your system, make sure it is up to date on patches too. 

Of course - do not click links in emails.  Do not ever let a website install some bit of software so you can "watch that video".   The standard stuff you should always do. 

All of this will help keep the crap off your system.  But nothing is foolproof.  Even if you are meticulous, you could get hit with some malware.  So have a backup of the stuff that is important!  Have recovery disks so you can reinstall your OS if it's really bad. 

Then all you can do is hope that you don't end up wasting a weekend trying to rebuild a system or something.  Short of staying off the internet altogether, that's about all you can do. 

As you can see, I'm still here.  But I prefer the world with internet access to being so "safe" I have no contact with anyone else.  We all have to decide what we are comfortable doing. 

Happy surfing.

Posted by: Teresa in WebTech at 09:00 PM | Comments (6) | Add Comment
Post contains 496 words, total size 3 kb.

January 01, 2013

Because I keep hearing about this - part 3

Part 1 is here.
Part 2 is here.

Before we get to browsers, let me follow up with a comment Pam had about Malwarebytes and Spybot.  Part of the problem with putting protective software in place is that it very often does not play nicely together.  Spybot was very good back in the day (the early 2000's), but even then it was notorious for not playing nice with other AV software.  Spybot and Adaware used to try and turn each other off.  It was no end of a headache. That's why I no longer use it and haven't since I moved off WinNT (maybe around 2004?).  It's finicky, I have no idea if it does anything at all (although I see a few vocals supporters out there - there are very few) but mostly it just doesn't behave nicely with other security options. 

Use it if you want, I won't tell you not to, but be aware you may be causing extra problems for yourself for little or no gain in security.  In this case "less is more".  The fewer security programs you have running, the better off you are.  Personally I have no problem with slowdown from running Malwarebytes, but YMMV. Much depends on your system. There are too many variables to say exactly what the differences might be.

******

Now lets move onto browsers.  No matter your flavor of browser the first thing you should do is go to Web of Trust and download their add-on for your particular browser.  This will give you a visual indication of whether or not a site is okay to visit.   (there is a colorblind option available in the addon settings! this is essential if you are red/green colorblind).  When you are searching for something or you see a link from a friend on facebook, you will have at least some idea of whether or not the site is okay.  The red warning dot next to a bad link may stop you from going to a bad site and ending up with malware.

The next thing you need to get is adblock plus.  (the link is for the version that works with Firefox, Google Chrome, Opera, K-melon, and Android).  Safari has its own version that is not bad but not quite as good as the FF version. Look for it in the Safari addon section. 

Unfortunately, there is no good option for Internet Explorer.  However, there is a kind of so-so workaround described in this article. If you must use IE or you prefer it, then check the article for the InPrivate Browsing section. It might help... some.

Why block ads?  Because far too often, even on trusted sites, ads are used to spread malware.  Most of the ads you see are provided by third party providers.  The site itself has little or no control over content, nor do they check the content to see if there is malware in the ads.  (it's even hard to get them to pay attention to any complaints about such things)

If you use an ad blocker and one of the ads has malware... it doesn't matter.  The malware never reaches your computer so your tools don't even need to kick in. Makes life so much easier.  That and the lack of flashes and blinks makes it all worthwhile.

The last thing you should do (except on Google Chrome where this is not an issue) go to the addon menu and make sure that the Java addon for your browser is disabled if it exists.  This way you won't pick up any Java related bugs floating around.  I won't tell you to get rid of Java. I've run across too many instances where Java is used in other programs.  So rather than remove Java completely, disabling it gives you the option to use it where needed.

Of all the browsers I would say IE has the most problems.  It's still the one hackers want to get and it doesn't have a good adblock which makes it a non-starter for me.  Microsoft has come a long way in securing IE. It's much better than it was, but the other options out there are better. 

I think that's enough for one post.  Tomorrow we'll move on to some of the regular software on your computer. 

Posted by: Teresa in WebTech at 09:46 PM | Comments (2) | Add Comment
Post contains 726 words, total size 5 kb.

<< Page 1 of 1 >>
55kb generated in CPU 0.03, elapsed 0.0424 seconds.
71 queries taking 0.0185 seconds, 247 records returned.
Powered by Minx 1.1.6c-pink.