Tech – for Everyone

Tech Tips and Tricks & Advice – written in plain English.

A Winter Saturday…

I know that several thousand of you are just itching to know my Playoff picks. I know this because several (read: “nobody”) have written and asked me. So, here you go:
Playoff Picks

For those of you who are curious, I also pick none of these 4 to make it to the Championship.

In the Tech Department (this is, after all, a tech Website), I have been sitting on a news item for some time now. I have been sitting on it because I simply haven’t decided on how I want to write it up.

Actually, I know how I want to write it up, as this has me so mad (and depressed) that I want to lash out. But I am not at all sure how to present it to you, Dear Reader.
Is your “average computer user” mind ready for the implications?

So.. Maybe I will come back to this.. Maybe I will wait for Reader’s Reactions (in the Comments).. In the meantime, I will just give you the ‘blurb’, and let you read the facts for yourselves. I hope you will think about the “state of the Internet” while you do so..

“Researchers at security firm Finjan have discovered details of a new type of banking Trojan horse that as well as stealing your bank login credentials, also steals money from your account while you are logged in and falsely displays the balance you expect to see.”

Please click here to read the whole article.

Have a pleasant weekend.

Copyright 2007-9 © Tech Paul. All rights reserved.jaanix post to jaanix

Share this post :

January 9, 2010 Posted by | computers, cyber crime, Internet, News | , , , , , , , , , , | 6 Comments

Lost the Setup CD? How To Connect a Router*

Reader asks how to connect to the Internet without the original CD

Q: “How can I connect to the Internet with my laptop via D-link router from desktop? We have no CD ROM for d link.”

A: You do not need the setup CD to make a router work (frankly, the following is my preferred method, as the CD’s usually install unnecessary “bonus features”.) Here is how you establish Internet connections (aka “configure a”) on a router.

1) Assign your PC an IP address in the same range as the router’s default address– for most routers, assign the IP 192.168.1.2, but since this is a D-Link router, use 192.168.0.2.
(Look to “Assign Address” here for Illustrated instructions.)

2) Connect the PC directly to the router with an Ethernet cable.

3) open a web browser (IE, Firefox, Safari) and enter the IP address number of the router into the address bar. (If you don’t know this, look to the router manufacturer’s Website for “default settings”). Typically, this is 192.168.1.1, or 192.168.0.254 — but D-Link uses 192.168.0.1.

4) Enter the default Name and Password (again, look to to the website’s support page/FAQ’s if you don’t know these). But typically these are “admin”+”admin”, or “admin”+”password”.
D-Link’s default is admin/admin.

Your are now in your router’s “web interface” Control Panel, and you can enter the PPPoE setting provided by your ISP. Typically all you need is an identifier.. which is an e-mail address + password.
If you can’t find or remember these, contact your ISP’s support. D-Link’s Wizard will help.

[note: Once your ISP has connected, and while you’re in the Control Panel, set your router’s security configuration, and set a new password (and write them down). Illustrated instructions can be found here, https://techpaul.wordpress.com/2008/01/01/how-to-secure-your-wireless-network/]

5) Return to Network Connections (from Step 1) and reset your PC to “Get address automatically–DHCP”. Reboot your PC if necessary.

Today’s free download: Return to Castle Wolfenstein: Enemy Territory. (Full Install.) Wolfenstein Enemy Territory is a stand-alone multiplayer game in which players wage war as Axis or Allies in team-based combat. In Wolfenstein Enemy Territory Axis and Allied teams do battle in traditional single scenarios, or wage war through a series of linked scenarios in a totally new campaign mode. During combat players gain experience and skill, and through battlefield promotions are awarded additional abilities that remain persistent across an entire campaign.

Today’s free link(s):
* Ginipic – Taking image searching to a whole new level…
* Inventive FaceBook Scammers Trick You Out of Money with Trojans

* Orig post: 10/13/2008. For some reason, this has been getting a lot of ‘hits’ this week…

Copyright 2007-9 © Tech Paul. All rights reserved. post to jaanix

Share this post :

February 24, 2009 Posted by | advice, how to, networking, routers, routers and WAPs | , , , , , , , , , , , , , , , , , , , , , | 3 Comments

New Rogue Uses Fake PC Magazine Review

Yesterday, the good folks at BleepingComputer posted removal instructions for a rogue antivirus (please see, Internet Plague – Rogue Antivirus) that is demonstrating a new behavior…

Quote: “Anti-virus-1 is a new rogue anti-spyware program from the same family as Antivirus 2010 and Antivirus 360. This program is promoted primarily through two methods. The first is through the use of advertisements that pretend to be online anti-malware scanners. These advertisements go through what appears to be a scan of your machine and then when finished, state that your computer is infected and that you should download Anti-virus-1 to protect yourself.

Remember, though, that this is just an advertisement and it has no way of knowing what is running on your computer. The second method that is used to promote this rogue is through the use of Trojans. When certain Trojans are installed on your computer they will display security alerts stating that your computer is infected or that you have some other security risk. When you click on these alerts, it will download and install Anti-virus-1 onto your computer…”

But that is not the new part, the new behavior adds entries to your HOSTS file so that if you go to any of a number of technology sites, including pcmag.com, you are instead brought to their site and are shown the malware author’s content. This content includes a doctored PCMag review of their fake anti-malware product.

For more on the story, click here.
And for removal instructions, click here.

A big tip of my geek hat to BleepingComputer.

Copyright 2007-9 © Tech Paul. All rights reserved. post to jaanix

Share this post :

February 19, 2009 Posted by | advice, anti-spyware, antivirus, computers, cyber crime, Internet scam, News, phraud, security, tech | , , , , , , , , , , , , , , , , , , , , , , , , | 6 Comments

Skype Users Beware

Folks, if you use the very popular VoIP program Skype – as I do – you need to be aware of some recent cybercriminal activities. These bogus ‘alerts’ try to trick you into installing malware on your machine (which will bypass your security).

1) The fake “Windows needs immediate attention” attack is active again. Please see, Skype — “Windows Requires Immediate Attention”.. Not!

2) There’s a new attempt – using a trojan and a pretend ‘add-on’ – to steal your account information. Please see, SpySkype.C Trojan Wants to Talk to You! by Internet Security blogger Bill Mullins.

Please alert your friends and family (who use Skype) to these “social engineering” scams too.

[addenda: Peter Parkes (Skype Blogger) wrote and asked me to remind my readers to, quote, “Please report users who send these messages to abuse@skype.net – that will help us to block them where appropriate.”]

Copyright 2007-9 © Tech Paul. All rights reserved. post to jaanix

Share this post :

January 31, 2009 Posted by | advice, computers, cyber crime, hackers, Internet scam, News, PC, Phishing, phraud, privacy, security, software, tech, VoIP | , , , , , , , , , , | 2 Comments

Do You Need AV on a Mac?

I get asked that from time to time. But usually, I’m not asked, I’m told. “I don’t need all that *crud*. I’m on a Mac.”
Usually, but not always, there’s a certain tone the speaker adopts when uttering that Standard Line (read, “dogma”) that conveys a smug superiority.. but, hey, everyone’s entitled to a little.. uh, delusion or two in my book. Keeps life interesting.

Basis in fact: There are some reasons for this don’t-need-an-antivirus belief system. One is, Apple itself has promoted the idea. Another is, there were hardly any (and at some points in history, no, zero, zip, nada) viruses / trojans / worms / etc. written to exploit the Mac OS. And even now, they’re considered “rare”.

Cyber-criminals (aka “hackers”) knew that less than 5% of computers were Macs, and essentially none of the “pots of gold” (database servers) were running the Mac OS.. so why write a attack program? (Apple products have been proven quite “hackable” – iTunes, QuickTime, Safari actually rank quite high on the list. See, Firefox More Secure? Tops ‘Most Vulnerable’ List) Answer– There’s basically nothing to attack with it.

Then and now: But, that was before Vista; and, the “I’m a Mac” series of television commercials. Now, instead of approximately 1-in-20 PC’s being Macs, it’s more like 1-in-10. Now, the idea of a all-Mac botnet has some merit (and a true Mac fan will tell you, all the Windows PC’s have already been taken!). An all-Mac botnet wouldn’t be all that big.. but the new numbers mean it’d be big enough for some uses…

So, sure enough, some enterprising criminal wrote a backdoor worm and glued it to a copy of iWork ’09 and posted it to several of the torrent sites, knowing that Mac-using folks who don’t like paying for things would download and install it.
Voilà, we got us an all-Mac botnet.
[note: this has happened before, to Mac+LimeWire² users; see, Firms discover Trojan horse targeted at Mac OS X]

Someone has named this worm “iServices.A”, which is much more rational and.. nicer (ahem) than what I might have named it. This worm allows the hacker to do pretty much what he wants with the infected machine, which so far appears to be sending boatloads of spam to specific URL’s, in what is called a “denial of service” attack (the flood of messages overloads the server, and causes it to ‘crash’/shutdown)(see, Our Modern Nightmare – Zombie Attack)

Me? I have consistently advised installing an AV, no matter what platform/OS you’re running, just as I consistently advise making backup copies of your files, (yes, I have been accused of being a bit of a “belt-and-suspenders” man) for one very simple reason — what is the cost if you do, versus what is the (potential) cost if you don’t?
Plus.. it’s simple math: the more popular Macs get, the more they’ll be targeted.

Feel free to disagree, but you won’t get me to change my mind. My Tiger machine has antivirus onboard.. though I don’t know why I bothered, I never turn the thing on.

Today’s free link(s):
* Brian Krebs has an absolutely great article detailing this worm, and I leave it to him to make what may be the most important point on the subject–
“Leaving aside (hopefully) the question of whether Mac users need anti-virus, I’ve tried to impress upon readers the importance of avoiding risky behaviors online that could jeopardize the security of their systems. The reality is that installing programs downloaded from P2P networks is about the most insecure practice a computer user can engage in,¹ regardless of the operating system in use.

This is why I think it’s important to call out this Trojan. Yes, it infects Macs, and that’s something we don’t see very often. But it’s also a teachable moment to remind readers that no security software is going to protect the user who is intent on installing software that may be tainted with malware, as long as that user is willing to ignore any advice (or alerts) to the contrary.

I highly recommend you read the whole article, Pirated iWork Software Infects Macs With Trojan Horse. Once you do, I think you’ll understand why he’s on my Blogroll.

* Blogroll member Bill Mullins posted an article that takes a look at the P2P “phenomenon” that I also highly recommend, Peer to Peer File Sharing – Evaluate the Risks – Consider the Trade-Offs

* And this article is a very good answer to the question, Is Mac still the safer bet?

¹ emphasis, mine.
² A very popular BitTorrent-style peer-to-peer program.

* One last thought.. anyone care to guess what percentage of people’s machines that I look at in my “real job” have LimeWire installed?

Copyright 2007-9 © Tech Paul. All rights reserved. post to jaanix

Share this post :

January 25, 2009 Posted by | advice, antivirus, Apple, computers, cyber crime, hackers, News, security, tech | , , , , , , , , , , , , , , , , , , , , , | 2 Comments

Hacker Theft Could be the Largest Credit Card Crime in History

Hackers breach Heartland Payment credit card system

Heartland Payment Systems hpy on Tuesday disclosed that intruders hacked into the computers it uses to process 100 million payment card transactions per month for 175,000 merchants. The number of victims is still unknown.

Heartland’s disclosure coincides with reports of heightened criminal activities involving stolen payment card numbers. Security firm CardCops has been tracking a 20% year-over-year increase in Internet chat room activity where hackers test batches of payment card numbers to make sure that they’re active.

To read the full news story, click here.

My two cents: This is why, folks, you don’t want to get all excited about “cloud computing”, or allow your governments to create large “databases”.. like a “national health registry”, or “crime database”.. and why I don’t use “online backup” to store my files.
Why trust someone else’s server? The Conficker outbreak shows you how well servers get patched..

I feel bad for the folks at HPS.. the cost to “clean this up” is going to be astounding.. For more on that see, Credit card hackers find new, rich targets.

Copyright 2007-9 © Tech Paul. All rights reserved. post to jaanix

Share this post :

January 22, 2009 Posted by | computers, cyber crime, News, tech | , , , , , , , , , , | Leave a comment

Getting Rid Of Malware, Step 1*

What do you do when your PC is displaying all the signs of having been infected, but your antivirus and anti-spyware scan reports come back clean?

This was the case for a fella who called me for advice recently. He had done things ‘right’ — and by that I mean he has a firewall, he keeps his antivirus definitions up to date, sick and he runs a couple of anti-spyware applications — but suspected his machine had been hacked anyway.

He couldn’t do things he was used to doing (like deleting a file) and his machine was “really slow.”
But according to his scanners, his machine is in perfect shape.

Tip of the day: If you should find yourself in a similar situation there are several steps you can take to help resolve your questions and (hopefully) fix your machine without taking the drastic step of wiping your hard drive, formatting, and reinstalling Windows.

The first step is to use a scanner that isn’t installed on your machine. Here’s two ways to do that: one, if your antivirus allows it (and most of them do these days), follow its instructions and make an antivirus recovery disk. This is a bootable disk that scans your system before Windows loads.

To use one, put it in your CD tray and restart your machine. A plain-text sentence will appear telling you to “press any key to boot from CD…” (if you don’t see this, click here.) When you see it, hit your spacebar or, well, any other key, and then follow the instructions. When it’s finished, remove the CD and restart your machine again.
[note: you may also use a properly prepared USB thumb drive. Click here to read my article on how to do that.]

A second method is to use an online scanner. I have a list, with links, of several good online scans on my Website, here. Quite a few of the online scanning tools will try to sell you their full application, but you’re under no obligation to buy. The big advantage to these two methods lies in the fact that they have not been compromised, or altered, and the files and scanners on your machine may be– the modification being done by the virus or hacker.

Another thing to do is scroll down to my “Today’s free link” and download HiJack This! Run it and dump the result into a .txt file (there’s instructions for this) and then register on one of the HiJack This! forums (there’s instructions for this too) and post your results there. Before too long, an expert anti-malwareologist [don’t bother looking: I just now made that word up] will have looked over the intricacies, and will post his analysis and instructions. These guys (and gals) are really, really good at what they do, and you can trust their answers.

Also run CheckDisk with the “r” “f” switches (this probably will require a reboot) to make sure the problem is not your hard drive.
Click on Start >Programs >Accessories >Command prompt. In the white-on-black window type “chkdsk /r /f” (no quotes, and be sure to include the spaces). You may be told that certain files are in use, and asked if you want to “schedule this at the next reboot Y/N?” Type in a “y” and restart your machine.

Hopefully these efforts will be rewarded with a rejuvenation of your machine, and you will be back in business again.  If not, you have my sympathy. You may have a rootkit and then your best solution is to re-format your hard drive and reinstall everything, or enlist the aid of a professional

Today’s free link: HijackThis™ is a free utility which quickly scans your Windows computer to find settings that may have been changed by spyware, malware or other unwanted programs. HijackThis does not clean infections, but creates a report, or log file, with the results of the scan. A large community of users participates in online forums, where experts help interpret the scan results to clean up infected computers.

Copyright © 2007-8 Tech Paul. All rights reserved.jaanix post to jaanix

Share this post :

October 7, 2008 Posted by | advice, anti-spyware, antivirus, computers, file system, how to, PC, permissions, rootkits, security, software, tech, Windows | , , , , , , , , , , , , | 7 Comments