Subscribe: Data Doctors Advice Columns
http://feeds.datadoctors.com/feeds/AdviceColumn.xml
Added By: Feedage Forager Feedage Grade B rated
Language: English
Tags:
card  computer  devices  don  files  goo  https goo  https  information  internet  lsquo  make  pay  security  windows 
Rate this Feed
Rate this feedRate this feedRate this feedRate this feedRate this feed
Rate this feed 1 starRate this feed 2 starRate this feed 3 starRate this feed 4 starRate this feed 5 star

Comments (0)

Feed Details and Statistics Feed Statistics
Preview: Data Doctors Advice Columns

Data Doctors Advice Columns



Computer Advice and Answers to Reader Questions



 



If I got hit by ransomware, should I pay the ransom?

Wed, 24 May 2017 00:00:00 +0700

(image) Ransomware is one of the fastest growing cyber-crimes because it’s one of the most profitable.  Unlike other malware that a hacker may or may not be able to monetize, ransomware is a direct path to getting paid through extortion.


The Ransomware Business Model

Today’s sophisticated ransomware scams are based on a proven business model that often times will even come with tech support websites to make sure you get your data back.

The criminals know that if word got out that paying the ransom did not result in getting your files back, no one would ever pay. 


There is no guarantee, however, that if you pay the ransom, you will get your files back as we don’t have any credible data to work with.  Most companies that have been hit with this attack don’t want the word to get out, much less admit that they paid the ransom but didn’t get their data back.

A couple of things are certain: paying the ransom is risky and absolutely encourages them to continue attacking others.

Before You Consider Paying

There are a number of steps you can take before you have to decide whether you should pay the ransom or not.


The easiest way to avoid having to pay the ransom is by having a solid backup that isn’t connected to your computer or company network.

If you do have an uninfected backup that can be restored, removing the infection and the encrypted files is pretty easy to do by anyone with even moderate technical skills.


Which Ransomware Do You Have?

If you don’t have a current backup, there may be tools available that can break the encryption if you were hit with one of the older or less sophisticated strains of ransomware that have been cracked.  


A website called https://NoMoreRansom.org has created a repository of keys and applications that may be able to decrypt your files.

To help determine which strain you’re infected with, you simply upload a couple of the encrypted files along with some of the details within the ransom demand note.

For security reasons, make sure to choose files that don’t contain any sensitive personal or corporate information (picture files are usually a good choice to use for the upload test).


Protection Tip

First and foremost in protecting against this growing threat is the proper backup strategy.

Unfortunately, a traditional external backup drive isn’t good enough because anything that’s connected to your computer or is available through a network share will be encrypted as well.


Even if you routinely disconnect your external hard drive when you aren’t backing up, you’re still not fully protected as this malware runs silently in the background so you could unknowingly overwrite your good files with encrypted files.


The best backup solution physically stores your files separate from your computer and incorporate ‘file versioning’, which means it keeps multiple copies of the same files as they are changed.


Incorporating a cloud-based backup such as Carbonite (https://goo.gl/XKum9f) provides the best protection against not only ransomware but fire, flood, theft and even employee sabotage. 




How can I check to see if my HP laptop has the key tracking problem?

Wed, 17 May 2017 00:00:00 +0700

(image) A recent discovery by Swiss security firm Modzero exposed a major security problem in a large number of HP laptops.  They found that an audio driver that was ‘listening’ for specific ‘hotkeys’ was also recording every keystroke and storing them in an unprotected log file.

Often referred to as ‘keylogging’, this type of activity is usually associated with nefarious programs that try to steal passwords or other sensitive credentials by recording all your keystrokes.

In HP’s case, there’s nothing indicating that anyone was remotely capturing the keystrokes contained in the log files; It’s more of a major mistake made by the company that provided HP with the software.

Who’s At Risk?

Conexant is a primary supplier of audio componentry to most of the major laptop manufactures as well as devices like Amazon’s Echo (Alexa), but this particular issues appears to be isolated to specific HP laptops.

They inadvertently left special debugging code active in the final driver provided to HP, which can potentially be exploited in a number of ways because every keystroke you make – even if you can’t see the character as you type – is being captured to this unprotected file.


It’s the digital equivalent of your computer ‘talking in its sleep’; any program that cares to ‘listen’ could make use of this extremely sensitive information.

Owners of any of HP’s Elite, EliteBook, ProBook or ZBook models from 2015 and 2016 should check their computers for the bug.


How to Check Your Laptop

The following steps may be a bit technical for some, but it’s too important to ignore, so make sure you get help from a trusted technical resource.

Different model laptops exhibit different behaviors, but many of the most common models will have created this log file in the following location: C:\Users\Public\MicTray.log.

If your computer has this log file and you can see data in it when you open the file, your computer has the problem.

If you see the file with no data in it, you’re still not in the clear as the debug output could still be exposing your keystrokes to other programs or it will be empty if you just logged into your computer.


To check for leaking keystrokes, you can run Microsoft’s DebugView while typing random characters on your keyboard to see what is being captured.  If you see any lines in DebugView that refers to ‘Mic target’, your computer is operating with the defective audio driver.


How to Kill the Keylogger

Both HP and Microsoft have released updates to fix the problem, so if you regularly keep your computer updated, you may have already fixed the problem.

HP laptop owners that want to make sure they have the updated audio driver can go to HP’s driver download page in the ‘Support’ section of their website.

This logging behavior goes back to October of 2016, so even if you have fixed the problem, your old backups could contain old log files. Make sure you search for and delete any instance of the MicTray.log file in any of your backups as well.




Q: Is there an easy way to get my personal information off of public listing websites?

Wed, 10 May 2017 00:00:00 +0700

(image) If you’ve ever tried searching for someone on the Internet, you know how many ‘people search’ sites are available online offering information for a fee.

What’s even more shocking to so many is the type of information that can be easily found: your full name, address, previous addresses, birthdate, phone number and more.

Private or Public?

While many would perceive this type of information to be private, the reality is that so much information is easily acquired because it’s actually very public.

Most of the sites you’ll run into are data brokers that collect information from a variety of public record sources: real estate transactions, court records, voter registration databases, marriage and business licenses and the list goes on.

Combining public records with social media profiles, advertising networks and your various online shopping accounts is a huge data-mining resource for many companies in today’s digital economy.

The Bad News

When it comes to public records, there is very little you can do to remove your information.

If you’re willing to pay a visit to your county clerks office, it would allow you to review what is being made public and allow you to inquire as to what information can be removed or at least redacted from the public view.

What You Can Do

Knowing that certain records are always going to be public should get you to start thinking like a celebrity.

High-profile individuals have always had to work harder to protect sensitive personal information and you can do the same.

Using a P.O. box or better yet, a private mailbox service from companies like the UPS Store or PostNet prevents your primary home address from being shared via public records.


A P.O. box will only accept US postal mail and often can’t be used for things like voter registration, which is why having a physical address through a private mailbox service is better.

A private mailbox service can also accept the shipments from all your online purchases, further protecting your home address.

Creating a trust or a Limited Liability Company (LLC) for all of your real estate transactions is another way to mask a lot of your personal information.  It’s important to not use personally identifiable names or your home address when you create these entities.

Opting Out

Many of the data broker websites allow you to ‘opt-out’ of their databases, but they don’t make it easy.

You’ll have to manually go to each one to make the opt-out requests, so it’s also very time consuming. One of the most comprehensive resources for finding how to opt-out is at PrivacyRights.org (https://goo.gl/41rlP2).

Keep in mind, these data brokers are constantly scraping sources, so if you move, sell your home or do anything to change your public records, it will reappear in many of these databases.

If you don’t want to try to manage this manually, there are services such as Albine’s DeleteMe (https://goo.gl/qrHNAM) that help automate the process and then monitor changes for you at the cost of $129 per year.




I want to resurrect my vinyl record collection, so I need to buy a turntable. Any suggestions?

Wed, 3 May 2017 00:00:00 +0700

(image) The “vinyl revival” as it’s been called, has been growing for the past ten years and there are many reasons for it.

For those of us that grew up pulling a record out, cleaning it and reading the liner notes while listening to the ENTIRE album, nothing in today’s digital music world comes close to that experience.

It’s much the same reason that those that grew up with the tactile experience of reading newspapers and magazines still prefer it over e-books and reading online.

Depending upon the quality of your sound system and your ear for sound, there can be a dramatic difference in what you hear -- I typically describe it as a ‘warmer’ sound.

Listening Options

How you plan to listen to these vinyl gems has a lot to do with which class of turntable you should consider.

If you don’t own any stereo equipment and plan on using your computer speakers, a Bluetooth enabled speaker or a TV sound bar, you’ll want to steer clear of a traditional turntable.

A traditional turntable will require a traditional amplifier with a specific ‘phono’ input on it because the output signal is very low.


Newer turntables have a built-in ‘preamp’ that boosts the signal enough so that it can be directly plugged into your computer via USB or to powered speakers or Bluetooth speakers commonly used by computers.


If you have a surround sound amplifier that lacks a phono input, you’ll still need a turntable with a built-in preamp.  If you don’t want to limit your future options, look for a turntable that has a switchable preamp so it will work with older or newer amplifiers.

The Downside to Cheap

Vinyl records have a consideration that pure digital music fans have never encountered: they wear out!

The wear comes from the contact of the cartridge needle in the grooves of the record and which cost you in the long run.

Cheap, especially all-in-one turntable solutions, use low quality cartridges and tonearms that can wreak havoc on your vinyl collection.

If you want to get the longest life out of both your vinyl collection and the turntable itself, look for something that is fully automatic, has a replaceable cartridge and an adjustable tonearm.

Belt Drive vs Direct Drive

Unless you’re a DJ or looking at more expensive turntables, you’re most likely going to end up with a belt-driven model.

This is not to say that belt-driven turntables are inferior, as explained by Bill Goodman of Arizona Hi-Fi (http://tubeaudio.com), one of the top 10 Hi-Fi stores in the U.S. according to Popular Mechanics (https://goo.gl/0e2F5f). 


“In general, belt-driven turntables have less audible vibration because the belt absorbs the motors vibration” Goodman said as he showed me a $16,000 belt-driven model.


The Vintage Option

If you are looking to score a vintage turntable, don’t forget to shop your local vintage record stores.  Legendary vinyl retailers such as Stinkweeds (http://stinkweeds.com) have been continuously selling vinyl for 30 years and offers both vintage and newer technology turntables.




Is it safe to buy one of the new Samsung S8 smartphones?

Wed, 26 Apr 2017 00:00:00 +0700

(image) Samsung’s well documented issue with exploding batteries in its Galaxy Note 7, rightfully has many consumers concerned about newer phones having the same issue.

In what has to be one of the worst PR nightmares in tech history, Samsung had to recall the phones not once, but twice as a result of a faulty design and a manufacturing defect.  

Why Batteries Explode

Lithium Ion batteries used by all smartphone manufacturers can become unstable if they overheat, so technically any device that uses this type of battery could experience a similar result.


Related: How safe are portable battery packs?: https://goo.gl/A7gKgU

We’ve seen similar issues with overheating batteries that catch fire in everything from laptops to hover boards and Tesla cars, so this isn’t unique to Samsung.

What’s Changed at Samsung

For obvious reasons, Samsung knows it has to release their new flagship phones (Galaxy S8 & S8+) without a hitch.

According to Samsung, the primary change to their manufacturing process is they now thoroughly test each batch of batteries from their suppliers with what they are calling an ‘8-Point Battery Safety Check’ (https://goo.gl/NF0qQT).

Under the new testing process, if they encounter a single faulty battery in a production batch, as many as 15,000 can be rejected and sent back to the supplier.

So much is riding on the launch of Samsung’s new smartphones, I’d be very surprised if we see any real issues with the battery.

Early Testing

The review unit that I’ve been testing from Verizon has run cool to the touch, even when it’s charging unlike several of my other Android devices.

The design of the S8 series is beautiful and the ‘bezel-less’ display design makes it seem like you’re just holding a screen in your hand.

They’ve gone to ‘virtual’ buttons, so the entire face of the phone is glass making for a stunning display that runs over the edges. When it’s placed next to a similar size iPhone, the increase in screen real estate becomes more obvious.

The larger S8+ is the same width as the S8 but taller, so it fits in your hand the same despite the much larger display.


Samsung wanted to make it possible for the average person to stretch their thumb across the entire screen for one handed use even with the larger screen.

The fingerprint scanner is on the back next to the single camera lens, so you may find yourself needing to wipe the lens if you choose to use it as your unlock mechanism.

The greatly improved, but not perfect facial recognition can unlock the phone as long as there is enough light for it to properly recognize you. Some reviewers have claimed that they were able to fool it with a picture and Samsung says that it’s not as secure as the other options, but it‘s really handy when it works.

Should You Be Afraid?

I wouldn’t be afraid of buying the new Samsung phones based on the past battery issues, but as with any new technology, letting a few million ‘early adopters’ be the guinea pigs for you is always a safe bet. 




I was one of the backers of the Plastc card, but they just announced that they are shutting down. Is there anyone offering a multi-credit card that works?

Wed, 19 Apr 2017 00:00:00 +0700

(image) Plastc is just the latest contender in the ‘Smart Credit Card’ space to go out of business.


This race to create a universal digital credit card that allows you to electronically consolidate all your credit, debit and gift cards on a single device started in 2013 from a company called Coin.

The Obvious Need

Coin’s slick video demo (https://goo.gl/6O2gPB) of what the card was supposed to do went viral and convinced a lot of people (including me) to take a risk and back their crowdfunding campaign.

Their initial goal to raise $50,000 was met in 40 minutes and they ended up with roughly 350,000 backers; a clear indication that the concept of this type of device resonated with a lot of people.

The Risks of Crowdfunding

Spurred by Coin’s crowdfunding success, a whole host of others launched similar campaigns including Stratos, Swyp and Plastc to name just a few, none of which are viable options to date.


The Coin card did finally ship in 2015 after many technical delays and the reviews of it were mixed.  I found it to be inconsistent depending upon the credit card terminal that tried to read it, so I still needed to carry all my cards as backup.

Anyone deciding to take a chance on backing any kind of a startup through a crowdfunding campaign should go in assuming that the product will either fall short of the hype or that it may never ship.

The Rush to Grab Backers

On the heels of all the complaints about the Coin card’s performance, many companies promoted their cards as a better option, adding features that the Coin card lacked.

The Plastc card was heralded by the technical media as one of the best options for “One Card to Replace Them All” causing many to pre-order their cards to take advantage of a healthy discount.

As great as they made it sound, having had the experience I had with the Coin device, I warned last year of the risks of backing a product still under development (https://goo.gl/9ZVe1N).

Why Smart Cards Aren’t The Answer

The mobile payment space is a huge battleground and my opinion is that these ‘smart cards’ are just an interim step in the eventual roadmap to mobile pay devices.

Coin has been acquired by Fitbit, Stratos was acquired by Ciright One in order to stay alive and the parent company of Swyp is pivoting, while Apple Pay, Samsung Pay and Android Pay continue to grow in popularity.


Despite the wreckage of companies that have tried to create the ultimate all-in-one card, newcomers like the EDGEcard (http://edgesmartcard.com) are still popping up with the promise of the ultimate smart card.

Mobile payment technology that’s integrated into devices we already use everyday rather than a separate stand alone device is where we will all likely end up, so my advice is to stay on the sidelines and let the smoke clear.




Is it safe to continue using Windows Vista?

Wed, 12 Apr 2017 00:00:00 +0700

(image) Operating systems aren’t something that most users think about, but the reality is you engage with your operating system every time you use your computer.

This essential interface becomes very familiar and changing to a new one often evokes a visceral response, which is why we see so many people clutching to their old familiar versions of Windows.

Microsoft realized how much of a deterrent this was for millions of its users each time they released a new version of Windows, so they made a change.

The Last Version of Windows

With the release of Windows 10, Microsoft proclaimed that it would be the last version of Windows ever.

It’s not that they’re going to abandon the Windows platform; they just plan to deliver Windows “as a service” much like how we get updates to our browsers.

Windows is no longer the primary ‘cash cow’ for Microsoft, so for now, once you’ve installed Windows 10, the updates will be free for as long as you’re using the same computer.

In this model, changes will occur incrementally so users don’t have to contend with deciding whether to switch to a new unfamiliar interface.

Vista End-of-Life

Microsoft actually stopped mainstream support for Windows Vista on April 10th, 2012 but continued what they call ‘extended support’ until April 11th, 2017.

When they ended mainstream support, they were simply saying that they would longer be creating any enhancements or new features.

Extended support continued to provide the all-important security updates, which has now ended.

Risks of Continuing with Vista

If the Internet weren’t such a prominent component in daily computing, continuing to use Vista would be a let less risky.

In fact, if you have a computer that has no way to connect to the Internet, there’s no reason you can’t continue to use Vista.

Hackers know all the backdoors and security holes in every piece of software ever created. From this point on, when a security hole is discovered in Windows Vista (and now there’s more incentive for hackers to find them), Microsoft will not be developing a fix or patch for the hole.

If you’re a small business, not only are there major security concerns, depending upon your line of work, there may be compliance risks as well as major incompatibility issues with newer programs.

Windows Vista was originally released in January of 2007 when the Internet was a very different place.

The safeguards built into Windows 10 are exponentially better at defending your computer against today’s threats, so as painful as it may be, upgrading isn’t a question of ‘if’ but a question of ‘when’.

It’s Not Just Windows

Security risks exist in virtually every program you use, so using really old versions of any software puts you at a higher risk of being exploited.

Popular program such as Microsoft Office are a constant target of thieves and hackers because they know most people don’t think about updating them nearly as much as they do their operating system, so it’s important to update or remove old programs if you’re no longer using them.




In light of the recent Internet privacy legislation, will using a VPN keep my ISP from tracking what I do online?

Wed, 5 Apr 2017 00:00:00 +0700

(image) The recent bill passed by both houses of Congress will essentially overturn a rule passed by the previous FCC chairman that would have required Internet Service Providers (ISPs) to ask for your permission before sharing your browsing and usage data with third parties.

The rule was never put in place, so in a sense, the recent bill leaves things the way that they have always been.

Your ISP Knows The Most

Regardless of any regulations, your ISP has and always will know the most about how you generally use the Internet as a normal course of providing you their service.

The issue is really more of what they can do with that information, which is now a confusing mess that’s up in the air.

Services like Facebook and Google can only track you when you’re using their resources or their associated third parties, which admittedly, is pretty extensive but your ISP logs every site that you visit.

For clarity, when you visit encrypted sites (those that start with https://), your ISP can see that you went there, but they can’t see what you do within the site, so much of the ‘privacy’ that many people want already exists.

How VPNs Hide You

Using a VPN, which stands for Virtual Private Network, will reduce your ISPs ability to track where you go online because everything you do after you connect to a VPN is masked in a private ‘tunnel’.

Your ISP would then only see you connecting to the VPN, but nothing afterwards, but there are tradeoffs.

VPN Tradeoffs

If you decide to us a VPN service, you’re essentially trading WHO can see everything you’re doing from your ISP to your VPN service provider.

Can you trust a VPN service provider any more than your ISP?  That‘s the primary question you’ll have to answer yourself before making the change, so make sure you’ve thoroughly researched any company before you start using their service (some of them are based in other countries and aren’t necessarily subject to our privacy laws).

Keep in mind that a free VPN service is most likely selling your browsing history to pay for the service and even some pay services could do the same because there’s no regulatory body overseeing these companies.

Some VPNs can also degrade performance, depending upon the quality of their network and can be confusing for non-technical users.

Tech-savvy privacy advocates often choose to spend the money to setup their own VPN server, but that’s not a very realistic option for most people.

True Privacy; All or Nothing

Using a VPN might limit how much your ISP knows about your browsing habits, but that won’t stop the dozens of other ways you’re being tracked every day by lots of others.

If you’re truly concerned about privacy, you’ll need to completely change what you use to browse the web, how you maintain your computer and stop using all of the most popular websites and social networks as a real person.




I'm having trouble connecting to Wi-Fi in various parts of my house and yard. Should I add a range extender or just buy a new Wi-Fi router?

Wed, 29 Mar 2017 00:00:00 +0700

(image) Wi-Fi connectivity has become one of the most common problems most of us face, whether it’s at home, at the office or on the road.

Weak signals in specific areas can be very frustrating as we’ve become accustomed to having the Internet at our fingertips at all times.

Common Causes of Problems

If your wireless router is fairly old and you’ve never done a firmware upgrade, you may be surprised by how much better if operates if you simply do the update.

If you’re not familiar with the process, go the support section of your router manufacturers website and search for ‘firmware update’ to get specific instructions.


The further you are from a wireless router, the more likely it is you will experience performance issues, which is why the concept of a ‘range extender’ makes sense.

But before you attempt to use a range extender to solve your problems, you need to make sure you understand all the potential causes.

If you live in an urban area surrounded by many other wireless routers, you’re problem may be less about range and more about congestion.

Wi-Fi signals are transmitted on an open frequency that can be shared by many devices that can cause interference and there are a finite number of channels in which they operate.

If you can see a long list of wireless access points available to your device when you initially try to connect, your router could be trying to use the same channel as lots of other routers causing congestion.

Adding a range extender to solve a congestion problem won’t get you very good results, so using resources to see if changing channels might help is another possible solution: https://goo.gl/r3oucp.

Newer wireless routers are capable of automatically avoiding congested channels when they are rebooted and most routers do diminish in performance over time, so if yours is more than 3 or 4 years old, upgrading to a newer one may be the best solution.

If you do decide to try the range extender solution, try sticking to the same manufacturer as your router for the best results.

Mesh Networks

If you do decide to purchase a newer router, there have been so many technical advances over the past few years, especially if you have a large area with ‘dead zones’ to cover.


A ‘mesh network’, which was once the domain of expensive, high performance business networks, is now readily available for consumers.

Instead of relying on a single device to do all the work, newer offerings from companies like Linksys (https://goo.gl/A9kOme), Netgear (https://goo.gl/shZ1Lu) and Google (https://goo.gl/gTu4tB) use multiple transmitters that all talk to each other around your house removing the ‘single point of failure’ issue.

The technical merits of the higher performing platforms that typically use MU-MIMO (Multi-User Multiple Input, Multiple Output) allow you to keep adding devices to increase your coverage area without a huge degradation in performance.




I'm interested in adding smart devices to my home but have heard horror stories about security. What should I know before I get started?

Wed, 22 Mar 2017 00:00:00 +0700

Smart or connected devices such as doorbell cameras, thermostats and home security webcams are growing in popularity, with estimates that over 24 billion internet-connected devices will be installed by 2020.If you plan on installing these devices in your home or business, understanding the security issues is pretty important.IoT - The Internet of ThingsOften referred to as the ‘Internet of Things’, these everyday items generally incorporate Internet connections to allow for remote access, monitoring and control.Getting alerts on your smartphone whenever a webcam detects motion or when someone rings your doorbell as well as having finite control over your thermostat and lighting from just about anywhere has tremendous appeal.As someone who loves to travel, I personally love the added benefits as they provide pinpoint control as long as you have an Internet connection.Access is AccessThe thing to keep in mind is that if you can access your devices from outside your home, technically, so can anyone else.The Internet is one huge global network of devices all connected to each other, so you can be next door or on the other side of the ocean and have the same access.The primary thing keeping unauthorized users from accessing anything you install on your network is whatever security has been setup by that device.The Default Password ProblemUsernames and passwords are the primary line of defense you have against unauthorized access and making sure they are secure is always your first task.There have been lots of stories over the years, especially when it comes to web cameras, showing how many of them are completely open to the world because the user didn’t change the default username and/or password.If you've already installed smart devices on your network and want to see if they are publicly accessible via websites like Shodan, checkout BullGuard's IoT Scanner: https://goo.gl/HbmIuzUsing any Internet connected device with the default administrative password will make you a sitting duck as every default password for just about every device ever made is readily available online at sites like: https://cirt.net/passwordsDon’t Be AfraidLots of Internet security experts have written about the ‘security as an afterthought’ approach that the industry has taken, and rightly so.Security should never be taken lightly by anyone using anything connected to the Internet, but it can also be overhyped or agenda driven.No different then driving a car that could potentially kill you every day, empowering yourself with knowledge is the key.If You Don’t Understand It, Get HelpNothing is 100% ‘hacker-proof’, especially if a malicious party is motivated, but unless you’re a celebrity or a politician, you’re much more likely to become a victim from a ‘random act of hacking’.This means you made it really easy for an outsider to take advantage of you because you skipped simple security measures like updates and patches that can appear too complex for non-technical users.For the average user, the convenience benefits far outweigh the risks when it comes to most IoT devices, so don’t let the ‘horror stories’ keep you from educating yourself and using them.[...]