Cyber Security Series

As you may know I’ve been doing cyber security for a while and lately at work I’ve been doing cyber research. Really all of my career I have been doing cyber but until now it hasn’t been all that I have done. All of the other stuff has actually fed into the cyber research. Networking, program development, reverse engineering, etc.

At work out focus is on industrial control so I have to keep that for work, unless for some reason they let me talk about it here OR I no longer work for them. But everything else is open so I can tell you how to protect yourself on the web, protect your home network, your small business computers and network, web sites,etc.

Of course this will be way to much for one post, or even a couple so I am hoping to do a post for each type of network you might be protecting. I want to start with the most simple and most common and work my way up to enterprise level network protection. This could take a while, I’m starting on drafts today and hope to post a new one a couple of times a week. If there are points people want to know particularly post comments to this post and I will add them.

I will also be posting more about specific attacks and alerts if I can. One of the first |I will cover is the increasingly prevalent crypto-locker style attacks where a users computers files are encrypted and locked so the user cannot access them without paying a ransom.

But to start it all off, some tips to keep safe on the internet. If you can, switch the system you browse the internet to Linux. The attacks out there are all aimed at Windows systems so if you can switch it removes 99.9% of the attack surface. But I know most people cannot do this so you have to make your copy of Windows more secure. Start by applying every important or recommended patch to Microsoft Windows and always keeping your patching up to date. If you can switch to Windows 10 this is better than staying with XP or Windows 7. 10 is more secure, just not totally secure. Turn automatic updates on in Control Panel on older Windows and Setting on Windows 10.

Install an Anti-virus and yes even Microsoft’s Windows Defender is good enough for home use. Again make sure it updates regularly and scans. Do a manual scan once in a while. Windows update should update the antivirus and once a month when it runs it runs the Malware Removal Tool. This tool provided free by Microsoft tackles a list of known malware and removes it from your system. One way you can detect malware is that some malware disables updates so check it is enabled once a month or so.

Then Don’t use Internet Explorer (IE). Use Google’s Chrome or Mozilla’s Firefox or even Edge, although Edge is not as known to us researchers as the others it’s not IE so it’s safer. Disable Flash. Most sites that use Flash also use HTML 5 and can show movies and the like without it. Also ads that use flash won’t work. And unless you are sure you need it disable Java in your browser. Flash and Java vulnerabilities in web browsers are the most common attack against Windows.

After that just be more cautious. If you receive an email or message with a link or attachment, stop, think and decide if it is real or not or someone is trying to “phish” you.

I will cover this all of in more detail in the first post hopefully coming soon.

Advertisements
Posted in Computers and Internet | 1 Comment

I’m back, I think

I keep doing this, I write a bit then drop off the face of the earth. I don’t mean to it’s that to cope with the health issues and pain I end up doing other things and posting here, or anywhere gets pushed aside.

I want to write stuff for you guys but I have two issues. I don’t know what people want help with as a group and gaming gets in the way.

Gaming helps me focus on something other than the pain. But it has to be a specific type of game and i get very immersed in it. Gaming is not the only thing that helps, programming is also another way to do this, I get so focused I can ignore the pain. The pain is from my lung condition and the associated things with it. Writing stuff doesn’t work so the gaming ends up winning.

But I want to write stuff for you guys so if you can suggest what you want me to write about please do. Otherwise what else can I do for you? I keep thinking I should be either recording or streaming game sessions or computer help videos but I need to know what you guys need or I can’t do it for yo.

Thanks,

 

Posted in Computers and Internet | Leave a comment

Minecraft and Minetest

I hope everyone by now has heard of Minecraft. The top selling game on a couple of platforms, XBox and IOS at least and winner of more awards that it has employees, as they like to say. Minecraft, for those of you yet to experience it is a deceptively simple game where you mine and place blocks. Due to the number of types of blocks, both mineral and animal/plant life, you can do a lot of things from just build a simple house and garden to create a simulated company with factories and machines. There is also a large mod and server community that make additions to the game and use it to play various games and tournaments.

I own a copy or two of Minecraft and play it and like it.

And then along come the copycats and look-a-likes and some of them are just jumping on the bandwagon, so why am I talking about Minetest? Well it is a lot like Minecraft and gets a lot of comparisons but it’s different. First of the Minetest game is a lot like the look of minecraft, and there are basics that are the same but  it’s open source and the philosophy is decidedly different. Minecraft runs great on its own and can be played without any mods. In fact the XBox and PS-3 versions don’t have any mods and the game is very playable and with enough imagination can be played for quite a while. Minetest is designed to be modded to be playable. Yes you can make structures and stuff with the basic game but there are no mobs, just basic ores and no way to do anything like you can do with redstone. (Redstone allows you to make electrical circuits and up to computer like functionality although spread out over a large area.)

Everything is added by using mods. Mods for cows, sheep, new trees, new ores, new devices and the counterpoint to redstone, mesecons. Mods are easy to get, easy to program and easy to add to the game. (The game is written in Lua where original minecraft is in Java.)

I like minetest for a few reasons. It’s open source so community driven and coded. It comes with Ubuntu, from ubuntu servers (although to get the latest I had to add a new source to synaptic/apt.) You can swap in new mods very easy without restarting the game, although mods that change the world can only be applied by recreating the world since the new ores, for instance from more ores, have to be added when the world generates, not many mos are able to retrofit although mobs will just start spawning the new mobs on save and reopen a world.

It also seems quicker to save and I get fairly decent frame rates even on this old laptop.

But minetest is not a finished product. the version number should tell anyone that as it is currently 0.4.10. I also have this problem of falling through the floor every once in a while so when you start a game immediately set home ( use /sethome) so that when you start the inevitable plunge through the earth typing /home takes you back to that point. Once you build a home do the same sethome so you won’t telelport to your spawn point.

And check out the mods. I am always going to have more ores, more blocks, mesecons, pieworks and compassgps installed and probably unified inventory and technics unless testing something that conflicts.

So if you want something finished and fun get Minecraft, it’s worth the low cost relatively. Get the PC version, Windows or Linux and then you can add mods and see the things that your favorite You Tuber is playing but also get Minetest, also fun, to see what the future is going to hold and maybe play with programming in Lua and joining the community while this new take on open world blocky gaming grows into a full fledged game.

Posted in Fun, Open Source, Programming | Tagged , | 2 Comments

Don’t fall for Microsoft Phone Scam

Yet again there is a scam going around where you receive a phone call purportedly from Microsoft or some other official sounding Windows related business. Microsoft will not call you to tell you that you have a problem with your computer. Ever. It is a scam.

This is not a new scam but it must be paying off for the scammers as they keep doing it. The scam goes like this, the scammers call you and tell you they have found something wrong with your computer. T prove this they will ask you to open up the Administrative Tools and Event Viewer and in the event logs they will point at events in the log and try to tell you that the events are due to a virus. They are not. If your computer has an anti-virus package (you have one of those right?) it is the only thing that can tell you that you have a virus.

At this point they will then try to talk you into installing a program that lets them access your computer and once you let them in they will infect your computer with malware and bill you for the “service”.

Remember, Microsoft or other tech service companies will never call you and tell you that you have a virus or “problem” with your computer. If you suspect that someone is calling you to scam you hang up on them. Never let a complete stranger access your computer.

Amusingly one of these scammers called here and my wife answered the call. She has some sense and I had warned her about this scam so when it happened she realized it immediately. She chose to not hang up but have some fun with them so she slid over to one of our Linux computers and acted a bit naively and messed with the scammer for about an hour. When he asked what version of Windows she was using she said “puppy” because that system is running Puppy Linux. Then they asked her to go to the start menu, and of course there is no “Start Menu” and she asked them “applications?” The caller, “no start menu”… Apparently he ended up quite mad and frustrated with her and hung up.

If you chose to do this be careful. I also got a scammer calling me and I played with them for a while and I ended up getting a death threat emailed to me so caution, please. We don’t think there was ever any real danger of them attacking me but be safe. These are phone scammers, but they are also criminals and they can get ugly fast. A lot of online crime is now organized crime, where there is a buck to be made by criminals organized crime will surely true to get that buck.

Stay safe out there and if you would like to know more about viruses, malware, online scams, Linux or anything else computer related post a question in the comments. Also press Like and subscribe please.

Posted in Computers and Internet, hackers, Security | Tagged , | Leave a comment

Thanks and what else can I write for you?

I would like to thank all of my readers for something interesting happening. I was talking to one of the guys at work and said that I get a of hits on one of my blog posts, the Windows 8 where did notepad go post. He did a search on Google for Windows 8 notepad and yes you guys have put my bog to the top of the search results for that. 

This highlights an issue with the blog though that of 100,000 + views most of them have been for that one post. I really don’t want to be a one trick pony and I have a lot more to offer but I’m crowd sourcing ideas here. What else do you want me to write about?

There is one other thing that this says to me, if you will indulge me. A lot of people came here to find a way to open notepad. A lot of people use notepad. It seems to be very important that you can use it and Microsoft still includes it. But they didn’t deem it important enough to make an easy way to get to it? I don’t think they know how important a simple text editor is to people. I hope someone at Microsoft notices and fixes that at least if not in this version of Windows in the next and that they don’t abandon it. It works so let us use it. 

Thanks,

Posted in Computers and Internet | Leave a comment

Windows 8.1 Update (still can’t find notepad)

Ok,just finished the update install and I have the new pieces to show for it. It starts off now at the desktop and not the home-screen. That may be just because of my habits and not translate to your system. Also the home screen now has power and search buttons beside  my name. And there is a new Start Menu but it won’t be what you are hoping for.

First when you left click the start button you switch to Start Screen or Desktop just as you did before the update. But Microsoft said they were putting the start menu back? Yes they said they were returning a start menu, try right clicking the start button. Oh and well it is not like the old start menu, it doesn’t have the programs (All Programs) sub menu. Yes there is something like the old start menu but it’s useless.

Almost.

Image

New Start Menu

It does have a run command where you can type in “notepad” to run notepad. (Or the name of any other program to run that program say calculator or winword to run Office Word.)

But you wanted more than that and so did the rest of us. There is file explorer.

The stuff at the top all is in Control Panel already, but having it here will be ok, but some people may end up getting in trouble with it here.

It is what it is a menu off of the start button so it is a start menu,just not like what I was hoping for. 

What were you looking for,is this enough or do you need more?

But it is shiny and new and I will find something I like about it. At least it’s not XP now that the XPocolypse is here. Seriously if you know someone still using XP tell them they have to. By staying on XP they make all of us less secure.

 

 

Posted in Computers and Internet | Tagged , , , | Leave a comment

Day Zero/Zero Day for Windows XP

Tuesday April 8, 2014 is the last patch Tuesday for Windows XP. A lot of sources are stating that the malware community are sitting on a treasure trove of unused zero day exploits for Windows XP (and newer versions of Windows, but newer versions will get patched, XP wont unless you pay for the privilege.)

 The next few days will prove if this is the case or not. Tuesday when the last patches for XP are released zero day writers will check that their exploits are covered or not by the patches and if not will either then use them themselves or offer them up on the open market.

 The malware community has a quite well established market. Using the tor network and bitcoins to keep anonymity while providing trust between various criminals. Some of the malware writers and zero day creators are so sophisticated that they offer development kits, APIs and even help desk services for their products.

 Its not just the bad guys involved in this trade as governments and security companies are also in the mix, some accuse security firms and antivirus firms of being in both sides of the transactions at times, but there is no hard evidence of this while rumors persist. A big part of this scene is state security actors who will buy zero days to use against their foes, the Flame and Stuxnet malware families being created by various American and Israeli departments and used zero day exploits purchased from malware writers. Papers released by Edward Snowden confirm that the NSA has a huge budget for acquiring zero days.

 I am not 100% sure how this will unfold but it could take a couple of turns. Either every possible exploit will be used all at once on XP to take advantage of this time while users are confused about if they should move away from XP or not, OR the zero day writers may test the waters and only release a few to see if they do get patched anyway or that there will be no patching and then once they get their answer to that let go with everything either in a staged assault or free for all.

We dont commonly see the malware writers as organised but they are showing a lot of co-ordination at the moment and they may be using strategies as opposed to opportunistic mayhem.

 Dont forget that a lot of these zero days will not just be against XP but many will be against the whole Windows line. Just upgrading wont make you immune but because you upgraded you can later be patched.

Patching for problems with Windows 7 and 8 will provide more opportunities for malware writers to continue attacking Windows XP. Each new patch issued for the current versions of Windows will possibly patch something that is common to XP and not patched. By reverse engineering these updates and trying the same thing with Windows XP a malware writer can find new ways to attack XP making it even less secure than ever.

Normally I am all for open source but today brings news that may allow open source to be used against Windows users. Microsoft open sourced  Dot Net. Now not all of dot net and not the first part of dot net they have open sourced but the issue is that suddenly there is a whole pile of more Windows code available to developers but is new enough that not everything will be gone through by many people. While this state is true, until the many eyes find the many bugs, there is room for malware writers to use the newly released code to find more zero day exploits. Hopefully with more eyes on the code these will be found by good guys before exploited but it is a new area of concern.

April will be an interesting month on the malware front. The summer may prove to be just as interesting and we have to be vigilant and proactive when new zero day exploits are discovered and patch everything as soon as there are patches and implement workarounds where we dont have patches yet.

So what to do about it for your computer(s)? First do you know if you are using Windows XP or not? If you don’t know, if you have a My Computer Icon on your desktop right click it and select properties. The dialog that comes up will tell you what version of Windows you are running. If you don’t have a My Computer icon then press the Windows Key (the one with the windows flag) and the Pause/Break key at the same time. If that pops up a window you have Windows and the dialog will tell you the version.

Another way to tell if that is too complicated is to browse with your web browser to http://amirunningwindowsxp.com

If you are running Windows XP I suggest upgrading to a newer version of Windows immediately if not sooner. Or if the price is too high or your computer too slow and you have someone near who can help you,switch to Ubuntu Linux for free. (Download and burn the live CD from Ubuntu.)

 

Posted in Computers and Internet | Tagged , , , | Leave a comment