Online Security Part 2 – Malware for the Rest of Us

(continued from Part 1)

However most malware is typically more subtle. A common sign of infection is when an internet browser (Internet Explorer, Edge, Chrome, Safari, etc.) displays a different website than the user types in. This can also happen to links clicked on from a Google search. The technical terms for this malware include a “browser redirect virus” or “browser hijacker.” It can also change the homepage, add new toolbars, display advertising, and create pop-up messages even when not online.

Other signs can include a computer that suddenly runs very slowly, constantly crashes / freezes, or if a user discovers new icons that appear on the desktop. Malware is a very complex topic, it can be difficult to detect and remove even for experts. Worse still, it can include spyware that steals passwords and emails itself to others so it’s obviously best to avoid getting it in the first place.

One key to avoiding malware is to think before clicking on any link online. Dangers can include free software downloads, links on shady websites of all types, downloading a “required” video player, and clicking on online ads. Even plugging in a friend’s USB memory stick can deliver malware. Another way it can be installed is through something called “social engineering” where a user is tricked into clicking on a dangerous link through a carefully written fake email, text, or instant message. These messages are also known as “phishing campaigns” and they can be VERY convincing (even coming from friends).

To summarize, here are a few tips for avoiding malware. Keep in mind that each of these suggestions could be expanded into an entire post!

  • Make sure computer and phone software is kept up to date (if you’re still on Windows 95, you’re really in trouble).
  • Never click on links or open attachments in messages from unknown sources. Unexpected messages from known sources should be also be treated with suspicion since some viruses can access a user’s email and send a message to friends in their entire address book.
  • Never click on links in emails from banks, Apple, Google, Microsoft, etc. Access the website directly.
  • Backup regularly! Backups are an effective way to recover from digital and physical disasters if the 321 rule is used: three full backups on two different types of media with one copy stored “somewhere else” (more details in a future post).
  • On Windows, at least use Windows Defender (anti-virus software is a massive topic on its own).
  • Use strong / unique passwords and a password manager. Two factor authentication is an advanced technique that is also very effective for securing critical accounts such as email, banking, and social media (another topic for a future post).
  • Look for secure connections to websites (the padlock symbol = HTTPS) and logout when done. The padlock is in different places on different computers / browsers. Some examples are below.

Additional Resources:

  1. Glossary – https://www.f-secure.com/en/web/labs_global/terminology
  2. General Articles – https://www.f-secure.com/en/web/labs_global/articles
  3. Symptoms – https://blog.malwarebytes.com/101/2016/05/how-to-tell-if-youre-infected-with-malware/
  4. Google Safe Browsing – https://www.google.com/transparencyreport/safebrowsing/
  5. Google Malware Efforts – http://www.theverge.com/2017/1/25/14391462/gmail-javascript-block-file-attachments-malware-security
  6. Google Malware Video – https://www.youtube.com/watch?v=uJRqZTNMCMo
  7. Antivirus? – https://arstechnica.com/information-technology/2017/01/antivirus-is-bad/
  8. Ransomware – https://www.f-secure.com/documents/996508/1030745/Ransomware_how_to_ppdr.pdf
  9. Phone Malware – https://arstechnica.com/security/2016/11/1-million-android-accounts-compromised-by-android-malware-called-gooligan/

Online Security Part 1 – Malware for the Rest of Us

People are afraid of online threats for good reasons. We use computers and the internet for everything from banking to social communication to storing cherished family photos and videos. So many devices are portable, which can result in additional security issues. This series of posts will present a variety of simple and practical techniques to stay safe from the worst online threats such as malware (aka viruses) from infected websites and “phishing” emails, online account hacking, and the dangers involved when using public WiFi hotspots. It will also include an introduction to the terminology and symptoms of malware, hopefully making it a bit easier to figure out if a computer or online account has been compromised. It will conclude with suggestions for creating strong and memorable passwords. Each post will be relatively short and a deeper discussion will follow in future posts.

The problem for most of us is that the official definitions are unnecessarily complex. For example, the definition for malware is “Parasitic software fragments that attach themselves to some existing executable content. The fragment may be machine code that infects some existing application, utility, or system program, or even the code used to boot a computer system.” This definition means practically nothing to non-technical people. Actually, it’s possible to ignore most of the techno jargon, but knowing a few basic terms is necessary because even a Google search requires knowing a few right words.

More simply put, malware is the general term for computer viruses, worms, trojan horses, ransomware, spyware, adware, scareware, rootkits, and other malicious programs. The details of each of these types of malware will be provided in a future post, but for now it helps to learn the obvious symptoms of malware so it can be removed as soon as possible. Ransomware is the easiest to identify since the point of this malware is to tell the user they have been infected. The cyber criminal scrambles the files and will not unscramble them until the ransom is paid (if ever). Some messages even make it sound like the user has broken federal laws (you can’t even believe criminals these days!).

(continued in Part 2)

Apple Demonstrates the Problem With Being “Perfect” – Part 3

As Part 2 of this series demonstrated, the truth seems to be that technology doesn’t have to be perfect to be usable. Microsoft and Google are posting record profits despite a wide variety of serious flaws in their products and services. Apple is clearly being held to a higher standard. To a large extent, people don’t know or care if their phones, tablets, or computers aren’t perfect. They just want to use them to get work done without issues requiring convoluted fixes and the threat of viruses. I constantly see people in companies, airports, etc. with their phone’s apps just as they were when it came out of the box plus a few standards like Facebook, News, and Sports. Often people only upgrade when they replace the device with a newer model. Apple has done an great job with this less tech savvy group. For example, Apple stock apps like Mail, Maps, and Calendar are very functional and sync seamlessly between mobile devices and desktop computers. Even more impressive, Apple’s utilities like macOS Time Machine and iOS backup are outstanding. I restored my computer after a rare filesystem problem and an hour later the computer rebooted exactly how it was at the end of the last backup. Try that with Windows or Android. Also, macOS and iOS are mostly secure from online threats. Even the techie Mac users I know don’t run anti-virus software.

Technology breakthroughs don’t have to come on a yearly schedule like clockwork. In an article in 9to5Mac that explored if Apple has become “boring” recently, Ben Lovejoy made the following comment, “It is, of course, a recurring debate – but one often fueled by the myth that Apple was inventing new product categories on an annual basis. We insert here our usual reminder that the Mac was launched in 1984, the iPod in 2001, iPhone in 2007, and iPad in 2010.”

To be fair, Apple has slipped lately. The battery life controversy with the new MacBooks and iPhones, software issues with iCloud, high prices, and other issues are worrisome, but Apple products are still the best option for a large majority of users. So what is behind the anguished screams that seem to be coming from every direction? A future post will focus on the different, but related issue of explosion of fake online news that is fueling the fire. Where has “real news” gone? Even a guy who was helping us with a bathroom tiling job was bragging about becoming a writer for “referral networks” which is just another fancy name for creating fake reviews. Negative articles about Apple make people click on them, generating revenue, so another future post will provide some concrete ways to work around this. Even one of my favorite tech sources has commented on the situation in his own industry. Here’s a quote from the full article.

Combine those two factors and we’re looking at a world where large swaths of the American public (and the rest of the world) will have very bad information about crucial news, because they’ve created their own very bad newspaper. It’s a problem technology has helped create, but it’s hard to see how technology will fix it.

— Peter Kafka

Maybe technology won’t fix it, but making people aware is the first step.

Apple Demonstrates the Problem With Being “Perfect” – Part 2

To continue the short rant that ended Part 1 of this series, Windows 10 is far from perfect and continues with the tradition of bizarre Microsoft design decisions. For example, the “system tray” found on the bottom right of every Windows main screen is full of obtuse software by default including something called the Intel Rapid Storage Manager (don’t touch these settings!), Synaptics Touchpad (I have adjusted my Mac touchpad once in four years), Lenovo Solution Center (an oxymoron), McAfee Anti-Virus, etc. McAfee is a joke in itself, more like buying a used car than software.

On the other hand, macOS shows only Bluetooth status by default. Also, high end Windows machines aren’t cheap anymore either. Microsoft’s Surface Book is pushing $2,200 and has several serious issues.

In the world of mobile operating systems, people threatening to jump ship from iOS to Android should read the balanced, well written article: “What I Learned about My iPhone After Switching to the Google Pixel.” The author sums up his experience with Google most recent phone by saying, “If you’re predisposed towards Android, or don’t enjoy iOS, the Pixel presents a superb overall experience… For now though, even though I’m still carrying around my Pixel, my iPhone remains my main device.” I have a Android Nexus 6 phone that I keep updated and I came to exactly the same conclusion. Even Google’s flagship phone from last year, the Nexus 6P, is experiencing a software problem (boot loop) so severe that it disables the phone completely. The thread on Reddit has almost 500 comments. If the iPhone had the same problem… Ugh, I shudder to think of the media frenzy. “Coincidentally,” the Pixel XL with 128 GB is EXACTLY the same price as the iPhone 7+ with 128 GB, $869. So much for Android being the less expensive option.

Finally, since I love acoustics, I found this article to be a fascinating glimpse into what happens when people stray away from the closed systems that Google has created: “An Audiophile Switches From iOS to Android.” His conclusion, “My journey from iOS to Android on a Google Pixel phone has been frustrating with respect to audio playback… Google could make all of this a nonissue, but based on the company’s responses, I don’t have a good feeling the company will ‘Do the right thing.'” By contrast, his iOS audiophile configuration is straightforward: Lightening Connector to USB, then the DragonFly USB DAC.

So where does that leave Apple in the wild world of consumer electronics? We will see in Part 3 of this series!

Apple Demonstrates the Problem With Being “Perfect” – Part 1

Welcome to 2017! It would be great to start the year with a post about Apple creating the next generation of breakthrough products and providing them at reasonable prices, but unfortunately 2016 was rough. To make matters worse, lately the news has been sounding like Chicken Little, “The sky is falling!” Even the smallest complaints are being screamed from the rooftops. Last month’s Monthly Recap explored this in detail, but with the continuing deluge of negativity, it’s worth taking a step back to try to see the big picture.

In short, Apple is a victim of its own success. For the past decade, every year has brought another industry changing product or feature. The video of Steve Jobs’ iPhone 1 unveiling is a reminder of how revolutionary it was and still is. So much so that the rest of the industry is just not beginning to catch up. This dominance has made Apple a favorite target for critics, which begs the question: Why does Apple have to supply a continuous stream of “perfect products” when nobody else does? ReCode’s article, “All Apple gave us in 2016 was a thinner iPhone, a touch bar, and too many dongles” paints a bleak picture, but where consumers are spending their money sends a different message. Other tech news sources wrote recently, “Huge demand for Apple’s ‘boring’ iPhone 7 may lead to Apple’s highest revenue in history” and “From Apps to iPhones: Holiday Shoppers Invest in Apple.”

Maybe Apple products are becoming boring, but they’re profitable workhorses. I’m currently using an “ancient” 2012 MacBook Pro which feels almost as fast as it did four years ago and still runs the most current version of MacOS. It’s so good that a year ago, Cult of Mac wrote a post, “Why is Apple’s ancient 2012 MacBook Pro still so popular?” By comparison, a brand new Windows 10 machine that I purchased for a specific project last month already has had a two hour “anniversary” upgrade and still constantly bombards me weekly with forced update notifications requiring a reboot. The anniversary upgrade took so long that I almost turned it off midway through (which would have been a disaster). The 2012 MacBook took less than a half hour for its most recent major upgrade.

The next part of this series will look at Apple in relation to the other major players in the tech world: Microsoft and Google. Certainly some of the recent criticism is warranted, but how much?