Category Archives: Newsletter Reprints

Caution: Your Computer is in a Bad Neighborhood

Newsletter Reprints, ,

A reprint from the PC410 Security Newsletter:

Fake tech support popup

Here’s what that bad neighborhood looks like. there’s a scary message on your screen. it is designed to make you panic. There’s a hardware error message starting with a blue screen of death, but the blue screen message isn’t full-screen. It’s a fake. There is a urgent message to call a toll free number to have a Microsoft certified technician fix the problem immediately.

Microsoft does not, ever, place phone numbers in error messages. Most big technology companies don’t want phone calls, and their phone numbers are only on their support and stock holder pages. There may be an exception for sales and training events, but not much else. Every other phone call is an expense, and they will do everything that they can do to prevent you from calling them.

Next , Microsoft does not give away technical Consulting Services, or free computer repairs. They provide lots of reference materials on their websites, and free training for partners in various categories. For example, I am a Microsoft partner in their OEM and Refurbisher and Technical Sales programs, and have been through training in those areas. But even I can’t just call Microsoft and ask for a free diagnostic of a system, most of which consists of other companies’ hardware. If you actually reach them, don’ t expect more than a link to: http://support.microsoft.com/en-us

Beyond this point, there is malware. (And dragons)

But enough about Microsoft. Amazon is involved here. If the web address is visible on the popup, there’s a good chance that it includes aws.com, or Amazon web services, which is basically a web host with massive and scalable computing power, online and for rent. To anyone, anywhere, with computer approval based on the validity of your payment. In other words, gun for hire. Yes, they have terms of service that prohibit use for anything illegal or tasteless, but they are applied retroactively, and there is no approval process for new pages going up. You pay your money and you put up your page, and if someone complains, then a human being will look at it and if it doesn’t comply with their terms of service, it will go down until the authors create a new account and start again.

Now I’m going to pick on Google and Bing and all the other search engines. Not every page you find on a search engine result is a safe page. There are poisonous results all over the place. The worst web results are for this search: “tech support phone number (company name).”

Nearly all searches for tech phone numbers lead to scam companies that will want to log into your computer, show you the event logs, and claim that the lengthy list of routine messages means that you need $249 to $399 of repairs and an annual service contract. Never search for tech support phone numbers: Go to the company web site, and follow the menu links for support, or call me for help–I have additional resources for many tech companies.

But how do these bad phone numbers end up at the top of a Google page? Google can be fooled, temporarily, by a black hat SEO campaign (basically, evil search engine optimization). When a search engine sees a thousand links to a site means it is popular, and it isn’t recognized as good or bad; that happens later after Gooogle has found and indexed what appears to be a keyword-heavy page, with ‘tech support phone” used repeatedly, which will never be the case of a real technology company web site. Later, Google will see that the links were identical and planted in web sites by malware, and will remove the search result, but it’s a numbers game, and it all starts again.

The bad guys do more things. They buy up expired domains that previously had moderate traffic, and they put their fraudulent sites up. The search engines mostly fail to remove the old site descriptions and search results because they’re not always checking to see if the web page is suddenly on a new server somewhere else than where it started. They catch up eventually. The bad guys are also buying up bulk misspellings of popular web sites, so typing in any popular site with an extra letter is probably going to land you on random and dangerous garbage.

Now do I blame Microsoft/Bing, Google, and Amazon? Well, it’s an arms race, largely based in parts of the world where there are no internet laws. They could say, “We want you to trust us, but first be sure that what you are visiting is really us. Here’s is how to tell the difference.” They don’t.

Years ago, Google’s official policy was to index all of the web without any commentary or analysis, ranked as best they could to guess the intent of the searcher. Now, of course, they block criminal activity in a few categories, but they’ll still show blatantly illegal content, scams, fake news, and so on.

In all fairness, the search engines want a way to decide if a site is illegal, without any risk of being sued for de-listing sites that retain lawyers. Yes, the larger illegal sites have legal counsel. So if there is any chance that a site that looks like a service company is legit, and can only be proven as a scam by doing business with them, that site remains in search results.

And you need to stay far, far away. Stay suspicious. When it’s too good to be true, it’s a scam. And when it looks like a company with no history of phone support is giving it away for free on random web pages but not on their own pages, it’s not them.

Jerry Stern
Chief Technology Officer, PC410.com

Creators Update

Newsletter Reprints

A reprint from the PC410 Security Newsletter:

Creators Update arrival popup, Windows 10

The big “Creators Update” for Windows 10 is no longer optional. It’s showing up now, asking for an update to privacy settings, as shown above, and then offering to install it now, or install it later. Both answers mean “yes.” As usual, there is no “I don’t wanna!” option, but there is an option to remove the update later if you don’t like it, or it breaks the internet, or it’s just not working on your hardware.

Yes, it can break the internet, although not often. So far, I’ve seen it once, but that was on a 12-year-old notebook, and it was amazing that any version of Windows 10 ran at all on such old hardware. The option to remove Creators Update worked well there, and set that notebook back to last Summer’s Anniversary Update level of Windows 10, where it will stay until security patches end, which will generally be 1 year after the following feature update. So that’s 12 months from Spring of this year, probably May 2018.

According to Microsoft, “Each Windows 10 feature update will be serviced with quality updates for 18 months from the date of the feature update release.” That’s 6 months to the next feature update, and 1 year more, and then patches end. If your office is subject to legal restrictions for security, those old versions of Windows will have to be retired at that point in order to remain in compliance. As those end-of-service dates are confirmed by Microsoft, I will update them on the “Windows End of Support Calendar” at my PC410.com site:
http://www.pc410.com/calendar/

The other issue widely reported, but also rare, is that Bluetooth doesn’t work; that will mostly apply to wireless mice on notebooks that use the built-in bluetooth radio instead of a tiny USB adapter. Most application software seems to be OK with Creators Update. I’ve now seen a few minor networking issues, but the fixes have all been minor setting changes.

What to Expect While Installing Creators Update

Before Creators Update arrives on your Windows 10 computer, the message above will pop up. When you choose ‘Review settings’, another screen will appear, below. Setting those privacy settings will allow the upgrade to be completed in one step, in around 90 minutes. Without those settings, Creators Update will still install, but will ask the same questions on restart, and then continue the setup. Answer in advance, and save time. At the end of the process, the infamous series of lengthy “Hi!” messages will appear, and they’re for every user, unfortunately.

Creators Update privacy choices, Windows 10

My general recommendations for these features are all to choose performance and privacy:

  • Location: On for notebooks that travel. On is OK for office computers as well, and web sites will use this to provide local content, like suggesting the nearest branch of a grocery store.
  • Speech recognition: Off if there is no microphone, On if you want to use Cortana (similar to Siri, Alexa, or ‘Hey, Google’).
  • Diagnostics: Off. It does nothing but phone home, with no results.
  • Tailored experiences…: Off. It does nothing but sell more Microsoft products.
  • Relevant Ads: Off. It does nothing but track your web visits.

There are a lot of new features, but they’re mostly minor, or related to 3D graphics creation. There is a writeup of the new features in Creators Update here:
http://blogs.windows.com/windowsexperience/2017/04/11/whats-new-in-the-windows-10-creators-update/

Jerry Stern
Chief Technology Officer, PC410.com

When is Technology Too New?

Newsletter Reprints

A reprint from the PC410 Security Newsletter:

RobotTech at PC410.com

Don’t be somebody else’s guinea pig. There’s a reason that the latest and greatest widget is called the leading edge, or sometimes the bleeding edge of technology. If it still has rough corners, somebody’s gonna bleed. New technology isn’t particularly polished, compatible, or cheap. So configuration costs are high, and there can be a longer-than-normal list of “While we’re doing this, we really should upgrade that.” items.

The Amazon Echo and Google Home devices live in your home and can do things for you, like playing music, or ordering, well, dollhouses. A San Diego TV station said these magic words on television in a news report:”Alexa order me a dollhouse”, and multiple Amazon Echo boxes heard that broadcast and obeyed, by ordering a dollhouse.

And then there was the Google advertisement for Google Home during the Superbowl. Early adopters of the new Google gadget found that when the television said the “OK Google” trigger phrase, their Gooogle Home device woke up. Fortunately, it was not dollhouse-enabled, and didn’t place any dollhouse orders.

Any science-fiction reader knows that voice-controlled whole-house computers are on the way, that they will use voice recognition to only allow commands from a specific individual, and have a special command to say ‘Make it so’. In Robert Heinlein’s books, commands had to end with “I tell you three times.” Clearly, we haven’t reached the competence level of science fiction from 1980.

The Internet of (Stupid) Things

There are a lot of cheap security cameras and so-called ‘smart’ light bulbs available now. Theses devices ‘connect to your cell phone’ and let you control them. Warning flag there–they connect to the internet in order to trade information with a central server, and accept outside instructions to control them, relayed from your cell phone, and possibly any other system that knows the sometimes-obvious default password, which is generally ‘1234′.

In the past year, there have been incidents like these:

  • The largest web site attacks ever seen were accomplished by taking over security camera video recorders (network DVRs), telling millions of them to attack a single site and take it down. As over 80 brands of security DVRs are made by just one company in China, and they share the same settings, and passwords like “123456”, they’re trivial to find online and then turn into attack ‘bots.
  • Some purchasers of video baby monitors were surprised to find that their baby monitors showed someone else’s nursery. There were some basic security flaws that didn’t account for two monitors on one account, or monitors returned as unwanted needing to be reset to factory defaults.

For many of these products, there is no way to contact the purchasers with a fix, and no way for purchasers to contact the manufacturer; a no-name product means no updates, no notices of security issues, and no fixes.

Jerry Stern
Chief Technology Officer, PC410.com