• Categories

  • Pages

  • Archives

Update On An Old Scam – eGreeting Cards.

Virtually every scam out there is one that has existed since the beginning of social use of the Internet; it’s simply been re-purposed in an updated digital format. In this Bulletin, we will focus on the greeting card scam – a perversion of the e-greeting card that you receive in your email inbox and seems to be coming from a friend.

If you open this email and click on the card, you will probably wind up with malicious software that will be downloaded and installed on your operating system.

The malware may be just an annoying program that will launch pop-ups with ads, resulting in unexpected windows all over the screen. However, it can also be ransomware or one of the worst financial malware that’s been around, part of the infamous Zeus family.

If your system becomes infected with such dangerous malware, you will become one of the bots which are part of a larger network of affected computers. In this unfortunate event, your computer will start sending private data and financial information to a fraudulent server controlled by IT criminals.

To keep yourself safe from identity theft and data breach, we recommend that you treat unexpected email greetings with caution and ensure that your computer is using a security program against this type of danger.

BNI Operatives: Situationally aware.

As always, stay safe.

 

Need An Email Vapor Trail? Disposable, Anonymous Email Addresses.

Sometimes you just want to read an article (and have to register), redeem a coupon or spy on the opposition. (One can play clean and hard and be creative!)

The gmail jig – that of creating new, temporary accounts for one-time or express purposes –  is up.  As soon as any of us now experienced email users see a gmail address from an unknown sender, we will either junk it or run back the sender info to identify its real originator.

So, what do you you if you absolutely, positively need to send a non-traceable email?

Fortunately, prescient program developers have filled in this gap and we now have reliable temporary anonymous email generator sites from which to dispatch our hidden sender messages.

Below are our favorite disposable email provider sites:

Guerrilla Mail

Disposable Temporary E-Mail Address:  Lasts for 60 minutes, either use a domain provided to you or create your own.

Hide My Ass – (Ok, our first test run was out of curiosity.  With a name like that…)

“When websites or persons you do not necessarily trust ask for your email address, give them one of our anonymous email addresses and hide your true email address and online identity.” – can last anywhere from 24 hours to 12 months (year) – “Hide behind one of our email address aliases and never have to reveal your real email address.” – “Need to register on a shady website? Stop spam emails from entering your real email inbox.”

SendAnonymousEmail 

“Every day over 60,000 free anonymous emails are sent from our servers, making us the world’s largest and most trusted anonymous email service” – It is a one time use email (obviously can be used multiple times using different anonymous emails)

Anonymize responsibly.

(Visit www.sjbn.co for great info on everything techno-related as it applies to domain searches, email identifiers and tagging.)

 

As always, stay safe.

Is Your WebCam a Peeping Tom? How Your PC’s Camera Can Be Hacked To Spy On You.

webcam spy

Virtually every computer sold today comes with a dirty little secret.

It can spy on you.

What’s more, if hackers can infect your computer with malware they can hijack your webcam and secretly watch you too – regardless of whether they’re based down the street or on the other side of the world.

In some cases, if they’re really sneaky, hackers can even spy on you without the LED on your webcam lighting up.

If you have a webcam – and almost undoubtedly you do if you have a cell phone, pc, laptop, tablet or home (or commercial) camera security system with an Internet connection – then you are at risk of being hacked via your camera’s IP address.

All a hacker needs to do is figure out where your camera is located, and then a stalker can watch your every move.

Luckily, however, there are ways to protect yourself from unsavory or unwanted people spying on you in your own home or business.  We will teach you how to easily protect yourself from being covertly observed without your consent.  But first, let’s explore how a webcam hack can occur. (The more you know, the less vulnerable you are.) For the purpose of this instructional, we will refer to a pc but this information also applies to all of your other electronic devices with cameras.

How Can A Stalker Hack Your Webcam:

To get on your computer, hackers use a remote access tool, or a RAT. If you’ve ever had a tech support rep access on your computer remotely to change settings or try to fix a problem, they used a RAT.

Fortunately, RATs require your permission to let someone on to your computer remotely; the person can’t just take control. That means a hacker has to trick you into letting them on to your computer, and there are several preventable ways they do that.

How Do Hackers Trick You Into Accessing Your PC:

To get a RAT on your computer, hackers have a number of tricks: fake email attachments or malicious links , Trojan viruses, phony tech-support calls, and so forth. Once you’ve been tricked into running a file, clicking a link or otherwise  inviting them on to your system, they will take control and spy on you at will.

Think you are too tech savvy to fall for scam email? Click anywhere on the below indented paragraph to take this quick quiz from our friend, tech goddess Kim Komando, to see if you, like 80% of those surveyed, will fail to distinguish between real email and phishing scams.

Back in December, CBS News joined forces with Intel Security to create a quiz where readers can test their knowledge on phishing emails. The quiz consisted of 10 different emails in which readers simply need to decide: legitimate email or phishing email?

Surprisingly, out of nearly 20,000 people quizzed, 80% fell for at least one of the phishing attempts. Only 3% got a perfect score.

What about you? Take the quiz and see how you do. 

How Can You Spot a RAT?

(Our first line of advice is to avoid unsolicited email attachments and links, run up-to-date security software and thoroughly vet anyone who contacts you claiming to be tech support for a major, known company. Also, you may not know that Windows has a RAT built in. Almost all Windows OS versions contain a RAT for ease of access for real tech support.)

Firewall and Antivirus Software

Firewall software blocks incoming and outgoing port connections, so they are your number one defense against RATs. Firewalls combined with antivirus software catches most threats.

View Processes Running

Right-click your Windows toolbar and select “Task Manager.” Click the “Processes” tab in Task Manager. This window gives you a list of programs running on your machine. Review them for any strange names or names that you don’t recognize as typical programs. If you don’t recognize the name, type it into Google. Several sites tell you if a process is malicious, so you know if you have a RAT on your system.

Odd Startup Programs

In some cases, the hacker might want another program to start when you boot your computer. If you notice any strange programs that start up when you boot your computer, you might have a RAT. These secondary programs are usually malicious software also, so you’ll need to remove them when you remove the RAT.

View the List of Installed Programs

Open Windows Control Panel and view the list of programs installed on your computer. If you notice any odd programs, then it could be malicious. In fact, the popular software TeamViewer used to collaborate remotely with people is often used as a RAT. If you didn’t install it on your computer, you should remove it. This application gives remote access to authorized and unauthorized people.

Slow Internet Connection

If you normally have fast speeds but lately your Internet connection is extremely slow, you should first check the router and wireless connection. However, if the hacker is downloading information from your computer, he uses the bandwidth and creates noticeable lag on the network. If you suspect that someone is remotely accessing your computer, the fastest way to stop it is to disconnect from the Internet.

A security recommendation, protect any and all access to your electronic devices with a really strong password.  This first line of defense has a very high success rate in keeping out most hackers.

BNI Operatives: Situationally aware.

As always, stay safe.

 

 

 

8 Ways That You Can Be Legally Tracked

 fb sub

“But don’t they have to have probable cause to search my email or get my Facebook records?”  I can’t tell you how many phone calls we’ve received with that question  – and as we tell each caller, “We are not attorneys, judges or the court or the police department. But, uh, what happened?” (Who doesn’t want to hear a good story??)

(Anyhow, for the purpose of this article,  “they” means law enforcement.)

Here are the situations and the applicable laws:

1. Phone Records: Calls you have made and received

How they get it

Wiretapping is illegal without a judge’s warrant, however, police only require a subpoena from a court to obtain your phone scrolls (outgoing and incoming calls).

A warrant requires showing probable cause, a subpoena needs only to be relevant to an investigation, a much lesser standard of evidence.

Applicable law: 

Smith v. Maryland, a Supreme Court ruling in 1979, which found that the Constitution’s Fourth Amendment protection against unreasonable search and seizure doesn’t apply to a list of phone numbers.

2.  Location: Your phone is a tracking device

How they get it

Cell towers.

Applicable Law: 

The federal Electronic Communications Privacy Act (EPCA) cited by the police for these records dictates that the data must contain “specific and articulable facts” related to an investigation – again, that lesser standard of evidence.

3.  IP Addresses: Which computers you use

How they get it

Email providers such as Google, Yahoo, MS, etc.  amass tremendous amounts of data about our digital journeys. A warrant is needed to access some emails (see below), but not for the IP addresses of the computers used to log into your mail account or surf the Web. According to the ACLU, those records are kept for at least a year.

Applicable law:

U.S. v. Forrester, is a case involving two men trying to set up a drug lab in California.  Prosecutors successfully argued that tracking IP addresses was no different than installing a tracking device to a phone to track each number dialed by a given phone (which is legal).   Police only need a court to sign off on a subpoena certifying that the data they’re after is relevant to an investigation — the same standard as required for cell phone records.

4. Emails

How they get it

Prior to Sen, Leahy’s bill introduced earlier this year, only recent email required a warrant; email aged over 180 days required only a court subpoena related to an investigation.

Applicable Law

Once again, the ECPA comes into play.  The Leahy bill would require a warrant to get all emails regardless of age.

5. Email drafts: drafts are different

How they get it

Communicating through draft emails, à la David Petreaus and Paula Broadwell, seems sneaky. But drafts are actually easier for investigators to get than recently sent emails because the law treats them differently.

Applicable Law:

The ECPA distinguishes between communications — emails, texts, etc. — and stored electronic data. Draft emails fall into the latter, which get less protection under the law. Authorities needs only a subpoena for them. The Leahy bill would change that by requiring a warrant to obtain them.

6. Text messages: As with emails, so with texts

How they get it

Investigators need only a subpoena, not a warrant, to get text messages more than 180 days old from a cell provider — the same standard as emails.

Applicable Law: 

Currently being challenged in several states otherwise, the ECPA applies.

7. Cloud data: documents, photos, and other stuff stored online

How they get it

Authorities typically need only a subpoena to get data from Google Drive, Dropbox, SkyDrive, and other services that allow users to store data on their servers (aka, cloud storage).  EXCEPT: If that data is shared. (see below).

Applicable Law:

The ECPA defines cloud data the same way it does draft emails – as storage – making a warrant unnecessary. However, shared files, such as a collaboration through Google Docs is considered “communication” so a warrant is required.

8. Social media: Too new to tell

How they get it

Read your social network’s Terms of Service and Privacy Policy. (Stop laughing.) When it comes to sites like Facebook, Twitter and LinkedIn, the social networks’ privacy policies outline how cooperative they are in handing over users’ data to law enforcement. Facebook states it requires a judge’s warrant to disclose a user’s “messages, photos, videos, wall posts, and location information.” But it will supply basic information, such as a user’s email address or the user’s IP addresses under a subpoena.

Applicable Law:

Too soon to tell but we’re know that a Manhattan Criminal Court judge upheld a prosecutor’s subpoena for information from Twitter regarding an Occupy Wall Street arrest on the Brooklyn Bridge in 2011, marking the first time a judge allowed prosecutors to use a subpoena rather than a warrant to get the information.

Bottom Line: Assume that everything you write can and will, if necessary, be read by law enforcement so don’t do whatever it is that you haven’t done.

BNI Operatives: Situationally aware.

As always, stay safe and stop typing your life online.

8 Sure Signs That Your Computer Has Been Hacked (Owned) & A Free Email Tester

hacked

I’m not going to go into a long-winded definition of hacking.  We all know what it is and have all experienced malware in some form or to some degree with our computing experiences.

Cutting to the chase then,  below are eight clear signs that your system is compromised, followed by a free online tool that tells you immediately if your email has been compromised.

No. 1: Fake antivirus messages

Fake antivirus warning messages are among the surest signs that your system has been compromised.  (By the time you see this warning, the damage has been done.  Clicking No or Cancel will do nothing to stop the virus.  The malicious software has already corrupted your PC – often through the Java Runtime Environment or an Adobe product,)

What to do: As soon as you notice the fake antivirus warning message, power down your computer. Boot up the computer system in Safe Mode, No Networking, and try to uninstall the newly installed malware (oftentimes it can be uninstalled like a regular program). Either way, follow up by trying to restore your system to a state previous to the exploitation. If successful, test the computer in regular mode and make sure that the fake antivirus warnings are gone. Then follow up with a complete antivirus scan. Oftentimes, the scanner will find other malware remnants left behind.

No. 2: Unwanted browser toolbars

This is probably the second most common sign of system corruption: Your browser has multiple new toolbars.

What to do: Most browsers allow you to review installed and active toolbars. Remove any you didn’t absolutely want to install. When in doubt, remove it. If the bogus toolbar isn’t listed there or you can’t easily remove it, see if your browser has an option to reset the browser back to its default settings. If this doesn’t work, follow the instructions listed above for fake antivirus messages.

No. 3: Redirected Internet searches

You can often spot this type of malware by typing a few related, very common words (for example, “puppy” or “goldfish”) into Internet search engines and checking to see whether the same websites appear in the results — almost always with no actual relevance to your terms.
What to do: Follow the same instructions as above. Usually removing the bogus toolbars and programs is enough to get rid of malicious redirection.

No. 4: Frequent random popups

This popular sign that you’ve been hacked is also one of the more annoying ones. When you’re getting random browser pop-ups from websites that don’t normally generate them, your system has been compromised.  Even legitimate websites, can bypass your browser’s anti-pop-up mechanisms.

What to do: Once again, typically, random pop-ups are generated by one of the three previous malicious mechanisms noted above. You’ll need to get rid of bogus toolbars and other programs if you even hope to get rid of the pop-ups.

No. 5: Your contacts receive fake emails from your email account

This is the one scenario where you might be OK. It’s fairly common for our email contacts to receive malicious emails from us. A decade ago, when email attachment viruses were all the rage, it was very common for malware programs to survey your email address book and send malicious emails to everyone in it.

These days it’s more common for malicious emails to be sent to some of your contacts, but not everyone in your email address book. If it’s just a few contacts and not everyone in your email list, then more than likely your computer hasn’t been compromised (at least with an email address-hunting malware program). These days malware programs and hackers often pull email addresses and contact lists from social media sites, but doing so means obtaining a very incomplete list of your contacts’ email addresses. Although not always the case, the bogus emails they send to your contacts often don’t have your email address as the sender. It may have your name, but not your correct email address. If this is the case, then usually your computer is safe.

What to do: If one or more contacts reports receiving bogus emails claiming to be from you, do your due diligence and run a complete antivirus scan on your computer, followed by looking for unwanted installed programs and toolbars. Often it’s nothing to worry about, but a check-up can’t hurt.

No. 6: Unexpected software installs

Unwanted and unexpected software installs are a big sign that your computer system has likely been hacked.

In the early days of malware, most programs were computer viruses, which work by modifying other legitimate programs. They did this to better hide themselves. For whatever reason, most malware programs these days are Trojans and worms, and they typically install themselves like legitimate programs. This may be because their creators are trying to walk a very thin line when the courts catch up to them. They can attempt to say something like, “But we are a legitimate software company.” Oftentimes the unwanted software is legally installed by other programs, so read your license agreements. Frequently, I’ll read license agreements that plainly state that they will be installing one or more other programs. Sometimes you can opt out of these other installed programs; other times you can’t.

What to do: There are many free programs that show you all your installed programs and let you selectively disable them. One favorite is Autoruns. It doesn’t show you every program installed but will tell you the ones that automatically start themselves when your PC is restarted. Most malware programs can be found here. The hard part is determining what is and what isn’t legitimate. When in doubt, disable the unrecognized program, reboot the PC, and re-enable the program only if some needed functionality is no longer working.

No. 7: Your mouse moves between programs and makes correct selections

If your mouse pointer moves itself while making selections that work, you’ve definitely been hacked. Mouse pointers often move randomly, usually due to hardware problems. But if the movements involve making the correct choices to run particular programs, malicious humans are somewhere involved.

Not as common as some of the other attacks, many hackers will break into a computer, wait for it to be idle for a long time (like after midnight), then try to steal your money. Hackers will break into bank accounts and transfer money, trade your stocks, and do all sorts of rogue actions, all designed to lighten your cash load.

What to do: If your computer “comes alive” one night, take a minute before turning it off to determine what the intruders are interested in. Don’t let them rob you, but it will be useful to see what things they are looking at and trying to compromise. If you have a cellphone handy, take a few pictures to document their tasks. When it makes sense, power off the computer. Unhook it from the network (or disable the wireless router) and call in the professionals. This is the one time that you’re going to need expert help.

Using another known good computer, immediately change all your other logon names and passwords. Check your bank account transaction histories, stock accounts, and so on. Consider paying for a credit-monitoring service. If you’ve been a victim of this attack, you have to take it seriously. Complete restore of the computer is the only option you should choose for recovery. But if you’ve lost any money, make sure to let the forensics team make a copy first. If you’ve suffered a loss, call law enforcement and file a case. You’ll need this information to best recover your real money losses, if any.

No. 8: Your antimalware software, Task Manager, or Registry Editor is disabled and can’t be restarted

This is a huge sign of malicious compromise. If you notice that your antimalware software is disabled and you didn’t do it, you’re probably exploited — especially if you try to start Task Manager or Registry Editor and they won’t start, start and disappear, or start in a reduced state. This is very common for malware to do.

What to do: You should really perform a complete restore because there is no telling what has happened. But if you want to try something less drastic first, research the many methods on how to restore the lost functionality (any Internet search engine will return lots of results), then restart your computer in Safe Mode and start the hard work. I say “hard work” because usually it isn’t easy or quick.

HAS YOUR EMAIL BEEN HACKED?

A major concern we all have is whether our email accounts have been hacked/owned and that we might experience data leaks if that is the case.  I use this one very reliable digital tool to test for any emails breaches:

PWNEDLIST.COM

(Most legit email testers or anti-hacking sites substitute the “O” in “owned” with a “p” to lessen the confusion between the letter and the numeral zero.)

General rule of thumb regarding online security: If it feels weird, it is.

BNI Operatives: Situationally aware.

As always, stay safe.

Clintonemail.com: How It Is Routed. The Fallout Gets Serious.

UPDATE: 17 MARCH 2015   Dvorak.org

Not often do we break news on Dvorak News but today we do. Hillary Clinton used a spam filtering service MxLogic to filter her spam and viruses. What this means is – employees at MxLogic, now owned byMcAfee – had full access to all her classified state department email in unencrypted form.

Here’s the MX records for clintonemail.com.

clintonemail.com. 7200 IN MX 10 clintonemail.com.inbound10.mxlogicmx.net.
clintonemail.com. 7200 IN MX 10 clintonemail.com.inbound10.mxlogic.net.

I’m Marc Perkel – I’m an email expert and I run a competing spam filtering service Junk Email Filter. (yes – I’m jealous) So I know how email system work. Email from the Internet is routed by DNS records called MX records what are used to look up where to deliver email destined for a recipient. When someone uses a Spam Filtering service they point their MX records to that service and all email for that domain goes to the spam filtering service first – they clean it – and forward the good email on to the recipient server which is secret to the world.

Internet —–> MxLogic ——> Hillary’s Server

What this means is that when Obama or anyone in the State Department emailed Hillary, the email went to MxLogic. It was then decrypted, checked for spam and viruses, and then reencrypted and sent over the open internet to Hillary’s server. While it was at MxLogic it could be read, tapped, archived, or forwarded to anyone in the world without anyone knowing.

This system has serious security implications. Email to McAfee’s servers might be encrypted and email out of McAfee might be encrypted, but while it’s at McAfee any employee who has access to the filtering system can tap and read any email going to that domain. So – for example – if I’m a Russian spy, ISIS, North Korea, or Fox News, or a 14 year old hacker, all I have to do is bribe someone at McAfee or hack their work login,  and they get to read all the email of the Secretary of State. WooHoo!

And – this is one of many reasons they have a rule at the State Department that you have to use their servers.

For what it’s worth I was imagining that I was the email security tech at the State Department and I’m aware that Hillary isn’t playing by the rules. What do I do? If I confront her about it do I get fired? Or does the State Department even have email security? How does this get past the tech guys.

So if I’m in the job I’m thinking that I would require VPN tunnels with SSL down the tunnel. Might even wrap the SSL inside an SSH tunnel creating 3 layers. Might even require PGP keys on top of that. I mean – I have the ability to do that – so why not the State Department?

But – maybe she’s super stealth? While the Russians are trying to hack her state department account, which doesn’t exists, no one would ever think she’s stupid enough to have her email on a private server in her home. Security through obscurity. And that is assuming that she’s telling the truth about that.

Although we don’t know what IP address Clinton’s real email is on. It’s interesting to note IP addresses in the DNS for the clintonemail.com domain. Most host names like http://www.clintonemail.com all map to some holding page of no importance. However that host mail.clintonemail.com maps to a different IP address 64.94.172.146, which is in a data center in the New York area, Internap.com. Interesting that her “home server” resolves to a data center. Seems worth investigating to me. mail.presidentclinton.com resolves to the same IP address and also uses MxLogic.

So I thought, what if she has web mail? And sure enough – I GOT A LOGIN PROMPT! https://mail.clintonemail.com And I have verified by the SSL certificate that this is indeed the clintonemail.com server – still online! Click here and type in mail.clintonemail.com

I already tried hillary2016 for the password and that didn’t work. But I’m looking at this and thinking WTF!

Is Hillary’s server secure? It get’s a B rating here. Only supports weak protocols. Uses only SHA1. TLS 1.0.

Another SSL testing site. https://www.whynopadlock.com/check.php – type in mail.clintonemail.com.  In contrast type in mail.junkemailfilter.com. My server passes – Hillary’s doesn’t.

Shouldn’t the Secretary of State of the United States of America use a server that isn’t weak?

What email went through this system that could have been tapped? Emails about Libya, Syria, Egypt, Israel, Putin, ISIS, the Bin Laded raid, and Chelsea’s wedding guest list!  OMG!

I have been a Clinton supporter. Here’s a pic with me and Hillary in 1992.

If she’s the candidate I would still vote for her in the general election over any Republican. But in the primary – I still dream of Elizabeth Warren, but I’ll settle for Biden. And isn’t that just a little sad.

And – for those of you who make this argument, “Republicans did it too! (Therefore Hillary should get away with it.)” My response – “Are you F…ing kidding me!”

The bottom line – none of this would have happened if she had just played by the rules.

Yahoo and Google Data Availability to Law Enforcement & For Legal Process

email magnifying glass

 

As we’ve surmised by now, Lois Lerner’s missing emails exist – somewhere.  There’s also now the availability of cloud hosting, a method of saving your email on the net that allows you 24/7  access from any remote location.  So, do you really know what happens to all of your subscription information, emails, attachments, etc., once you shut down an email account?  What if your information is requested by law enforcement or in anticipation of litigation?   What is the legal process in such a case?

We’ve conducted research into data retention by the two major service providers: Yahoo and Google:

YAHOO

yahoo data save

Compliance With Law Enforcement:    PRESERVATION

Will Yahoo! preserve information?

Yahoo! will preserve subscriber/customer information for 90 days. Yahoo! will preserve information  for an additional 90-day period upon receipt of a request to extend the preservation.   If Yahoo! does not receive formal legal process for the preserved information before the end of the  preservation period, the preserved information may be deleted when the preservation period expires.

 

GOOGLE

What kinds of data do you disclose for different products?

To answer that, let’s look at four services from which government agencies in the U.S. commonly request information: Gmail, YouTube, Google Voice and Blogger. Here are examples of the types of data we may be compelled to disclose, depending on the ECPA legal process, the scope of the request, and what is requested and available. If we believe a request is overly broad, we will seek to narrow it.

Gmail
Subpoena:

  • Subscriber registration information (e.g., name, account creation information, associated email addresses, phone number)
  • Sign-in IP addresses and associated time stamps

Court Order:

  • Non-content information (such as non-content email header information)
  • Information obtainable with a subpoena

Search Warrant:

  • Email content
  • Information obtainable with a subpoena or court order
YouTube
Subpoena:

  • Subscriber registration information
  • Sign-in IP addresses and associated time stamps

Court Order:

  • Video upload IP address and associated time stamp
  • Information obtainable with a subpoena

Search Warrant:

  • Copy of a private video and associated video information
  • Private message content
  • Information obtainable with a subpoena or court order
Google Voice
Subpoena:

  • Subscriber registration information
  • Sign-up IP address and associated time stamp
  • Telephone connection records
  • Billing information

Court Order:

  • Forwarding number
  • Information obtainable with a subpoena

Search Warrant:

  • Stored text message content
  • Stored voicemail content
  • Information obtainable with a subpoena or court order
Blogger
Subpoena:

  • Blog registration page
  • Blog owner subscriber information

Court Order:

  • IP address and associated time stamp related to a specified blog post
  • IP address and associated time stamp related to a specified post comment
  • Information obtainable with a subpoena

Search Warrant:

  • Private blog post and comment content
  • Information obtainable with a subpoena or court order

Note about general Gmail retention:  Even if you Purge your Trash email or shut down your gmail account, your email remains available for recovery for 20 days beyond when the mail is deleted or the account closed.

Please feel welcome to contact us with more specific questions regarding data retrieval from these two major service providers (and lesser used ISPs w/unique data product.)

BNI Operatives: Street smart; info savvy.

As always, stay safe.

 

 

How To: Restore Your Computer’s Operating Speed

man asleep

One of the most frustrating things in our digital lives is a slow computer.  We might not be fully conscious when logging on each morning but there’s no reason why our electronic devices should be sluggish.

We buy an expensive new pc and revel in its start up, load and run applications speed  Inevitably however, our revered electronic device starts to slow down, crawling at each use and eventually, churning at a glacial speed when  performing routine tasks.  Once we’ve removed our enabling/denial behavior from the human-machine co-dependent relationship, we realize, “Hey. I have important stuff on here! What do I do now??”   Good response but before you can attack the problem, it needs to be identified.

So why the loss of the electronic device processing speed mojo?  The answer is actually quite simple and one need not approach nerd status to understand the causes and solutions.

The good news is that it’s generally not the device’s hardware that is the problem.  In most cases, the hardware is perfectly capable of being restored to its original glory and kept in optimum running condition with minimal effort.

Rather, the problem lies with changes that occur to the computer’s run programs. The 2 most common causes of slowdown (along with easy solutions) are:

Registry errors  –  the most common problem

Each and every instance in which a program, a game or file is uploaded, your device’s registery is updated with new instructions needed to operate that item.  However, when the item is removed, these instructions usually remain on your PC.  Every time you run your computer it tries to execute these instructions but, because the related program can’t be found, it causes a registry error.  Your PC is doing a lot more work than it should and the result is a significantly slower computer.

One of the best ways to manage this electronic slowdown is with a neat little tool from a Seattle based company called the Advanced Registry Optimizer (ARO for short).  ARO scans, identifies and fixes registry errors.  On top of the amazing results it offers, it’s so easy to install and use that it was recently awarded a coveted 4.5 star rating (out of 5) by CNET’s editorial staff.

You can now download a free trial version of ARO which will quickly scan your entire PC and identify the registry errors that may be bogging it down.  The free version eliminates the first 100 errors and if you have more errors that you want to clean-up or want to set the program to run on a regular basis (recommended) you can easily upgrade to the full version for a nominal fee.

To obtain the free trial version simply click here.

Spyware and viruses

Spyware and viruses are malevolent programs that are loaded on your computer without your knowledge or permission.  They have various purposes, including:

  • Changing the default search engine in your browser
  • Tracking your web surfing habits and showing you targeted advertising
  • Using your email program to send out spam to other email addresses
  • Stealing your personal information

Most spyware and viruses gain entry to our computers through files that we download online or as email attachments.  These spies and guise digital demons occupy a large amount of space and require significant computing power.

The simple rule of thumb to follow is to not  download  programs from companies with which you are unfamiliar, especially games, screensavers, emoticons and the like.  In addition, do not open any attachment to an email unless you know – and trust – the sender.  Finally and perhaps obvious at this point of the technological cycle, ensure that an efficient anti-virus / spyware detection and removal app is running at all times.  Our suggestion (as a booster to your normal anti-malware app/service)  is  Spybot, from Download.

Enjoy your “new” pc.

BNI Operatives: Street smart; info savvy.

As always, stay safe.

Tactical Trainer, Christian Swann, on NSA-resistant Communication Encryption.

(This week, we bring you an informative article on protecting sensitive client data from our friend and one-woman whirlwind of accomplishments, Christian Swann (featured below): Christian is a writer, mom, edged and blunt tool instructor for law enforcement and the military, and a risk mitigation security and vulnerability assessment specialist.

christianswann

Be vigilant about protecting sensitive  client data with these tools.

 I wrote an article not long ago about protecting our personal and sensitive important information. As some of you are well aware, once your data is out there, it’s out there. From the first click of the “check out now” button, you are being traced, watched and analyzed. From how much you spend, where you shop, to your favorite products to your prime shopping time – you’re being tracked. But that’s just one aspect of this passive monitoring.   Big Brother (e.g. and fact, as we now all know,  the NSA) has the capability and may not only watching but also listening, recording and even transcribing your confidential client conversations.

What about when it’s not only your information that is being tracked, but your clients’ confidential information is at risk of also being recorded? As a risk and security director of a multi-million dollar company, it is one of the toughest questions and concerns I have. I’m in constant contact with high-profile clients and sensitive data.

The good news for lawyers, corporations and medical professionals, concerned about maintaining their duty of confidentiality is that there are tools and safeguards now to help them.

Legal and risk management specialists, such as myself, need to be very aware of the possibility (or now, probability) of  their communications being intercepted by empowered governmental agencies.  Given the ever-changing, nebulous status of agency data collection laws, legal professionals have to deal with the ambiguity of this usage of collected data –  while contending with the secretive nature of intelligence agency operations, as well as the U.S. Foreign Intelligence Surveillance Court that oversees surveillance warrants.

Lawyers –  and anyone for that matter – should assume all of their conversations are subject to covert surveillance an should  take steps to protect confidential information.

I can’t stress enough that all pertinent emails, electronic messages and communications should be encrypted. There is no shortage of available encryption hardware and software, and I highly recommend using an encryption service such as ZixCorp or the open-sourced TrueCrypt: (Warning: this is an open source method and may not be as stable as desired.) Platform-specific devices are also available, such as, Apple’s FileVault.

“One can also purchase self-encrypting hard drives such as the Seagate Secure and already-encrypted flash drives – e.g.,  IronKey from Imation Corp.  and encryption software such as Symantec Whole Disk Encryption and Sophos Ltd.’s Safeguard“, says Lina Maini of Beacon Network Investigations, LLC.

As for passwords, I recommend a more secure method of authentication, such as security tokens or USB tokens.

Perhaps apparently, I’m a big fan of firewalls, and encrypting everything networked – from email to any and all telecomm technology apps.   I’ve also become a huge fan of the company Silent Circle. One of my favorite features of Silent Circle’s service is the ability to program burn settings.  I.e., one I’ve  sent any type of message: email, text, audio, it is then encrypted and will burn itself at the pre-set time. I’ve chosen.

Many people forget that one a voice message, text or email  has bent sent, that data  has to go through a provider, e.g.,  Apple, and is then is transferred back to the end-user, therefore leaving data footprints that can be copied.

For professionals that mainly communicate via phone, relief from eavesdropping is on its way. This month: Spanish smartphone company GeeksPhone and software company Silent Circle launch Blackphone, an encrypted smartphone that protects phone calls, text messages, emails and Internet browsing. Using VPN technology, Blackphone promises to be an NSA-resistant phone.I’m looking forward to ours arriving soon.

%d bloggers like this: