Night of the Living Computer*
It’s like we woke up inside a horror movie– we are being attacked by zombies.
Yes. It’s true. Real life is imitating art (if you’re willing to call Night of the Living Dead “art”). We really are under attack by zombies– only our zombies aren’t trying to eat our flesh, they are trying to sell us bootleg Ph@rmacuticals and cheap V1@gra, fake Rolex watches, and steal our identities. [note in the photo how the zombie is reaching for the wallet?]
In real life, our zombies can’t claw at us directly and they don’t have teeth. Our zombies are computers. Our computers. And they attack via e-mail and the Internet. Like the zombies in Night, they spread the zombie disease by infection. Differently, our zombies aren’t mindless; they’re controlled by villains (aka “cyber-criminals”).
Yes. Your computer may be a zombie, and odds are you wouldn’t know.
If it isn’t a zombie (yet), it is constantly under the attack of infection via the Internet. An unprotected computer, connected to the Internet, will be infected within 8 minutes (12 seconds in a recent test).
90 to 95% of all Internet traffic traveling the wires is zombie-generated junk e-mail that’s either a fraud attempt or (and?) loaded with malware– the “attack”.
How did this happen? Well, part of it is the Tech Industry’s fault (see, How the Tech Industry is Failing You), either unintentionally, or through lack of foresight, or through willful negligence and the rush to market. Security either wasn’t considered, or it was too expensive.
Nobody predicted the nerdy hackers evolving into the organized, well-financed, Mafia-style criminal gangs of today.
And they put too-powerful, fully-capable machines into the hands of the unwashed masses– us.
The rest of it is our fault.
* We let our antivirus expire and, every day, close the warning.
* We think we’ve just won the British Lottery.
* We still run Windows 98 because we’re “comfortable with it”.
* We cannot resist ‘free’ pornography.
* We cannot be bothered with those REALLY ANNOYING little windows that pop open at the worst times and tell us that a “newer version is available.”
* When someone tries to tell us about our machines, they start using big words in a funny language and we ‘tune out’.
* We believe that everything computer-related should be free, so we download cracked (aka “pirated”) software, bootleg music and video, and we don’t care who or where it comes from.
I could go on and on and on (and on, believe me!).
Yes.. we are our own worst enemies. But, you don’t have to be a part of the problem. And you don’t have to learn a big word-filled foreign language (aka “Geek speak”) to avoid the zombie attack.
Today’s free link: I have put together a list of proactive steps every computer user should know.. a checklist. In it you will find links to free, safe, and effective methods for protecting your computer, and keeping it safe. Please look over, Top 10 Things You Should Do To Your Computer. And then do us all a favor, pass the list on to your friends who have computers.
* Orig post: 08/18/08
Today’s free download: RUBotted by Trend Micro (see below)
Today’s free link: RUBotted is a free program that can help detect if your machine has been zombie-ified, and Bill Mullins has written a good description/review of it, here (he also posts the download link, so you can visit there and don’t need to return here..) Catch the Bad Bots with Free RUBotted from Trend Micro
Copyright 2007-9 © Tech Paul. All rights reserved. post to jaanix
| Share this post : |  |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
Do You Need AV on a Mac?
I get asked that from time to time. But usually, I’m not asked, I’m told. “I don’t need all that *crud*. I’m on a Mac.”
Usually, but not always, there’s a certain tone the speaker adopts when uttering that Standard Line (read, “dogma”) that conveys a smug superiority.. but, hey, everyone’s entitled to a little.. uh, delusion or two in my book. Keeps life interesting.
Basis in fact: There are some reasons for this don’t-need-an-antivirus belief system. One is, Apple itself has promoted the idea. Another is, there were hardly any (and at some points in history, no, zero, zip, nada) viruses / trojans / worms / etc. written to exploit the Mac OS. And even now, they’re considered “rare”.
Cyber-criminals (aka “hackers”) knew that less than 5% of computers were Macs, and essentially none of the “pots of gold” (database servers) were running the Mac OS.. so why write a attack program? (Apple products have been proven quite “hackable” – iTunes, QuickTime, Safari actually rank quite high on the list. See, Firefox More Secure? Tops ‘Most Vulnerable’ List) Answer– There’s basically nothing to attack with it.
Then and now: But, that was before Vista; and, the “I’m a Mac” series of television commercials. Now, instead of approximately 1-in-20 PC’s being Macs, it’s more like 1-in-10. Now, the idea of a all-Mac botnet has some merit (and a true Mac fan will tell you, all the Windows PC’s have already been taken!). An all-Mac botnet wouldn’t be all that big.. but the new numbers mean it’d be big enough for some uses…
So, sure enough, some enterprising criminal wrote a backdoor worm and glued it to a copy of iWork ’09 and posted it to several of the torrent sites, knowing that Mac-using folks who don’t like paying for things would download and install it.
Voilà, we got us an all-Mac botnet.
[note: this has happened before, to Mac+LimeWire² users; see, Firms discover Trojan horse targeted at Mac OS X]
Someone has named this worm “iServices.A”, which is much more rational and.. nicer (ahem) than what I might have named it. This worm allows the hacker to do pretty much what he wants with the infected machine, which so far appears to be sending boatloads of spam to specific URL’s, in what is called a “denial of service” attack (the flood of messages overloads the server, and causes it to ‘crash’/shutdown)(see, Our Modern Nightmare – Zombie Attack)
Me? I have consistently advised installing an AV, no matter what platform/OS you’re running, just as I consistently advise making backup copies of your files, (yes, I have been accused of being a bit of a “belt-and-suspenders” man) for one very simple reason — what is the cost if you do, versus what is the (potential) cost if you don’t?
Plus.. it’s simple math: the more popular Macs get, the more they’ll be targeted.
Feel free to disagree, but you won’t get me to change my mind. My Tiger machine has antivirus onboard.. though I don’t know why I bothered, I never turn the thing on.
Today’s free link(s):
* Brian Krebs has an absolutely great article detailing this worm, and I leave it to him to make what may be the most important point on the subject–
“Leaving aside (hopefully) the question of whether Mac users need anti-virus, I’ve tried to impress upon readers the importance of avoiding risky behaviors online that could jeopardize the security of their systems. The reality is that installing programs downloaded from P2P networks is about the most insecure practice a computer user can engage in,¹ regardless of the operating system in use.
This is why I think it’s important to call out this Trojan. Yes, it infects Macs, and that’s something we don’t see very often. But it’s also a teachable moment to remind readers that no security software is going to protect the user who is intent on installing software that may be tainted with malware, as long as that user is willing to ignore any advice (or alerts) to the contrary.
I highly recommend you read the whole article, Pirated iWork Software Infects Macs With Trojan Horse. Once you do, I think you’ll understand why he’s on my Blogroll.
* Blogroll member Bill Mullins posted an article that takes a look at the P2P “phenomenon” that I also highly recommend, Peer to Peer File Sharing – Evaluate the Risks – Consider the Trade-Offs
* And this article is a very good answer to the question, Is Mac still the safer bet?
¹ emphasis, mine.
² A very popular BitTorrent-style peer-to-peer program.
* One last thought.. anyone care to guess what percentage of people’s machines that I look at in my “real job” have LimeWire installed?
Copyright 2007-9 © Tech Paul. All rights reserved. post to jaanix
| Share this post : | |
|
|
|
|
|
|
|
|
|
|
Our Modern Nightmare – Zombie Attack
It’s like we woke up inside a horror movie– we are under attack by zombies.
Yes. It’s true. Real life is imitating art (if you’re willing to call Night of the Living Dead “art”). We really are under attack by zombies– only our zombies aren’t trying to eat our flesh, they are trying to sell us bootleg Ph@rmacuticals and cheap V1@gra, fake Rolex watches, and steal our identities. [note in the photo how the zombie is reaching for the wallet?]
In real life, our zombies can’t claw at us directly and they don’t have teeth. Our zombies are computers. Our computers. And they attack via e-mail and the Internet. Like the zombies in Night, they spread the zombie disease by infection. Differently, our zombies aren’t mindless; they’re controlled by villains (aka “cyber-criminals”).
Yes. Your computer may be a zombie, and odds are you wouldn’t know.
If it isn’t a zombie (yet), it is constantly under the attack of infection via the Internet. An unprotected computer, connected to the Internet, will be infected within 8 minutes (12 seconds in a recent test).
90 to 95% of all Internet traffic traveling the wires is zombie-generated junk e-mail that’s either a fraud attempt or (and?) loaded with malware– the “attack”.
How did this happen? Well, part of it is the Tech Industry’s fault (see, How the Tech Industry is Failing You), either unintentionally, or through lack of foresight, or through willful negligence and the rush to market. Security either wasn’t considered, or it was too expensive.
Nobody predicted the nerdy hackers evolving into the organized, well-financed, Mafia-style criminal gangs of today.
And they put too-powerful, fully-capable machines into the hands of the unwashed masses– us.
The rest of it is our fault.
* We let our antivirus expire and, every day, close the warning.
* We think we’ve just won the British Lottery.
* We still run Windows 98 because we’re “comfortable with it”.
* We cannot resist ‘free’ pornography.
* We cannot be bothered with those REALLY ANNOYING little windows that pop open at the worst times and tell us that a “newer version is available.”
* When someone tries to tell us about our machines, they start using big words in a funny language and we ‘tune out’.
* We believe that everything computer-related should be free, so we download cracked (aka “pirated”) software, bootleg music and video, and we don’t care who or where it comes from.
I could go on and on and on (and on, believe me!).
Yes.. we are our own worst enemies. But, you don’t have to be a part of the problem. And you don’t have to learn a big word-filled foreign language (aka “Geek speak”) to avoid the zombie attack.
Today’s free link: I have put together a list of proactive steps every computer user should know.. a checklist. In it you will find links to free, safe, and effective methods for protecting your computer, and keeping it safe. Please look over, Top 10 Things You Should Do To Your Computer. And then do us all a favor, pass the list on to your friends who have computers.
Copyright 2007-8 © Tech Paul. All rights reserved. post to jaanix
| Share this post : | |
|
|
|
|
|
|
|
|
|
|
Modern Nightmare
It’s like we woke up inside a horror movie– we are under attack by zombies.
Yes. It’s true. Real life is imitating art (if you’re willing to call Night of the Living Dead “art”). We really are under attack by zombies– only our zombies aren’t trying to eat our flesh, they are trying to sell us bootleg f@rmacuticals and cheap Vl@gra, fake Rolex watches, and steal our identities. [note in the photo how the zombie is reaching for the wallet?]
In real life, our zombies can’t claw at us directly and they don’t have teeth. Our zombies are computers. Our computers. And they attack via e-mail and the Internet. Like the zombies in Night, they spread the zombie disease by infection. Differently, our zombies aren’t mindless; they’re controlled by villains (aka “cyber-criminals”).
Yes. Your computer may be a zombie.
If it isn’t a zombie (yet), it is constantly under the attack of infection via the Internet. An unprotected computer, connected to the Internet, will be infected within 8 minutes.
90 to 95% of all Internet traffic traveling the wires (using “bandwidth”) is zombie-generated junk e-mail that’s either a fraud attempt or (and?) loaded with malware– the “attack”.
How did this happen? Well, part of it is the Tech Industry’s fault (see, How the Tech Industry is Failing You), either unintentionally, or through lack of foresight, or through willful negligence and the rush to market. Security either wasn’t considered, or it was too expensive.
Nobody predicted the nerdy hackers evolving into organized, well-financed, criminal gangs of today.
And they put too-powerful, fully capable machines into the hands of the unwashed masses– us. The rest of it is our fault.
* We let our antivirus expire and everyday close the warning.
* We think we’ve just won the British Lottery.
* We still run Windows 98 because we’re “comfortable with it”.
* We cannot resist ‘free’ pornography.
* We cannot be bothered with those REALLY ANNOYING little windows that pop open at the worst times and tell us that a “newer version is available.”
* When someone tries to tell us about our machines, they start using big words in a funny language and we ‘tune out’.
* We believe that everything computer-related should be free, so we download cracked (aka “pirated”) software, bootleg music and video, and we don’t care who or where it comes from.
I could go on and on and on.
Yes.. we are our own worst enemies. But, you don’t have to be a part of the problem. And you don’t have to learn a big word-filled foreign language (aka “Geek speak”) to avoid the zombie attack.
Today’s free link: I have put together a list of proactive steps every computer user should know.. a checklist. In it you will find links to free, safe, and effective methods for protecting your computer, and keeping it safe. Please look over, Top 10 Things You Should Do To Your Computer. And then do us all a favor, pass the list on to your friends who have computers.
Copyright 2007-8 © Tech Paul. All rights reserved.
post to jaanix
| Share this post : |  |
|
|
|
|
|
 |
|
|
|
 |
Some basic security pointers–#1
Is your computer a zombie? You can never be too secure, and neither can your PC. These few steps will go a long way in keeping your private information away from prying eyes, and prevent your machine from being used as a “zombie” by tech-savvy evil doers. (Most owners of zombie PCs are totally unaware that their computers are being used in this way.)
Tip of the day: The two basic steps I will discuss today–password protecting your User Accounts (and requiring logging in), and renaming your Administrator Account–should be prefaced with a quick description of what is, exactly, a strong password.
Strong passwords should be “complex”. That means that they should contain both upper and lower-case letters, special characters (!@#$%^&*(){}[]) and numbers, and be at least eight characters long, and–most definately–not be a word (or name) found in the dictionary. Your passwords (notice the plural. It is not wise to use the same password for everything.) will be easier to remember if you make them into a ‘passphrase’. A equestrian might use a passphrase of 1Lu^h0rsez, for example.
Now that you have a good password, it’s time to require authentication to use your machine. Start by clicking on Start>Control Panel>User Accounts (or Start>Settings>Control Panel>User Accounts. Depending on your version and preference setting). Then click on “Change an account,” and then click on “Create a password for your account.” Enter your password, twice, and if you’ld like, a password “hint” that will remind you (but not clue in the whole world) of your new password. Click “Create password.”
Now, since knowing your User Name is half the battle, click on “Change the way users log on or off.” Deselect (by unchecking the check in the checkbox) “Use the Welcome screen.”
Unbeknownst to most folks, Windows has a hidden Administrator account (this becomes vitally important when troubleshooting failing systems, or when User accounts get “locked out”) named “Administrator”. Hackers are well aware of this, and it is their favorite method of gaining access (and control over) your machine; since they know the User name, all they have to do is guess the password–which by default, and unless you set one, there isn’t one! Remedy this in XP Professional by going to Control Panel>Administrative Tools (you must use Classic View) and clicking on Local Security Policy. Then in the left column click on the plus sign next to Local Policies, and then click the Security Options folder (If you receive a warning about Group Policy, just ignore it) and a series of policies will appear in the right pane. The 4th or 5th one from the top should be “Accounts: Rename administrator account”. Double click on it and a dialogue box will open. Enter a new name, and click Apply, and OK.
In XP Home, the method is to click Start>Run. In the Run dialogue type in “Control userpasswords2” [no quotes] and click OK. From the User Accounts dialogue box, select the Administrator Account and click Properties. Enter the new name in the User Name text box, and click OK.
(For other versions of Windows the methodology is similar, but I recommend Searching Microsoft’s website for the specific steps.)
The last step is to congratulate yourself, because you have just made your computer much, much harder for a determined cracker to penetrate, and practically eliminated access to the casual browser.
Today’s free link: Steve Gibson’s ShieldsUp! This free scan, offered by a true giant in the computer field, analyzes your computer for vulnerabilities coming from the Internet, and tells you how your private data may be visible to outsiders. This link will appeal to the more tech-savvy, and be an eye openning experience for those of you who have not learned about firewalls yet.
Copyright © 2007 Tech Paul. All rights reserved.
| Share this post : |  |
|
|
|
|
|
|
|
|
|
• About Tech Paul
I am a Retired computer & network technician. I used to think the machines were pretty cool. Now I don’t.
They’re anything but.
I regularly posted how-to’s and tricks & tips and general computing advice here starting in 2007. (Use the Search tool to find answers. But be aware, many are rather dated.) Sometimes I answered (your) specific questions in an article if I believed the answer was generally helpful to “everyone”. All the writing you see was my own, typos and all. There always is/was an implied “IMHO” in what you see here.
Note: You are responsible for using this blog and its content. I am in no way liable for any losses caused by user error, viruses and/or other malware, hardware or software failure, or any other conceivable reason.
-
Say "thank you!" Buy Tech Paul a cup of coffee (and keep T4E ad free).
-
-
McAfee® Cybersafety Resource Portal, an online help center designed to assist victims of computer crime and provide information on how to avoid becoming a victim.
-
Subscribe to Tech--for Everyone by EmailRecent Comments
-
-
-
-
Also:
-
-
Tech - for Everyone 