Subscribe: Data Doctors Advice Columns
http://feeds.datadoctors.com/feeds/AdviceColumn.xml
Added By: Feedage Forager Feedage Grade A rated
Language: English
Tags:
data  device  devices  don  dots  files  goo  home  https goo  https  lsquo  make  memory  printer  ransomware  users 
Rate this Feed
Rate this feedRate this feedRate this feedRate this feedRate this feed
Rate this feed 1 starRate this feed 2 starRate this feed 3 starRate this feed 4 starRate this feed 5 star

Comments (0)

Feed Details and Statistics Feed Statistics
Preview: Data Doctors Advice Columns

Data Doctors Advice Columns



Computer Advice and Answers to Reader Questions



 



Do I need to do anything to my laser/copier/fax printer before I get rid of it?

Thu, 20 Jul 2017 00:00:00 +0700

(image) Most of us are very aware of the dangers of disposing of our computers, smartphones and tablets without first wiping it clean of our personal information, pictures and files but not so much with our printers.

Depending upon the type of printer you have, you may very well have to take steps to ensure that your private information isn’t still being stored in the device’s internal memory.

What’s At Risk?

It may not be that obvious, but your printer/fax/scanner can potentially be storing some of the most sensitive information that you have ever printed, scanned, faxed or copied.  Everything from tax returns to medical forms to insurance documents have likely passed through your printer over its life.

More sophisticated network printers that can e-mail documents directly can also be storing sensitive e-mail server configuration and passwords that you’ll want to wipe out.

Consumer Printers

Most consumer grade printers have very little storage memory and it’s generally considered ‘volatile memory’ which means that when the power is turned off, whatever it was storing is gone.

If your printer has no fax or copier functions, it most likely won’t have any type of persistent memory storage that needs to be reset, but just to be sure, check your printer’s ‘Settings’ menu for any options that allow you to reset the device to the factory defaults.


If you ever get a message during the reset process warning you that all your data will be lost, you’ll know that it was storing personal information.

If your device has memory card slots for things like camera cards, don’t forget to check to see if you’ve left any old cards in there.

Networked Multifunction Printers

While most consumers aren’t likely to have printers with internal storage, virtually every business grade copier/printer/fax device is highly likely to be storing a large amount of sensitive information on a persistent storage device.

If your company printer has the ability to receive faxes and route them via e-mail to the proper recipient, it first has to store the incoming faxes in some form of internal memory.

If your device can store addresses for sending scanned documents, you should assume that it can store more than just addresses.

Private printing, which refers to the ability for a printer to hold a print job until you are physically in front of the printer and type in a code, certainly points to an internal storage device.

The ability to re-order print jobs that are in the queue is another indication of internal memory capabilities.


Protection Suggestions

Most of today’s printers that include large internal storage devices also include secure wipe options in their settings.

If you can’t find the reset instructions for your printer, a simple Internet search that includes your exact make and model with the word reset after it should yield the directions.

If you can’t find any info from a general search, try checking at http://resetprinters.com and if you can’t find anything there, you probably have nothing to worry about.




What can I do to be safe when using public Wi-Fi?

Thu, 13 Jul 2017 00:00:00 +0700

(image) The convenience of public Wi-Fi networks has become somewhat of an expectation when we’re away from our primary home and work connections, but it’s important to understand the risks.

Anytime you share a connection with strangers, whether it’s at an airport, on an airplane, in a coffee shop or at a hotel, anyone else on the network can use a variety of tools to capture the traffic floating through the network.

Rented Space

Think of public Wi-Fi as a rented space, like a hotel room - where you have no idea who else has access to your stuff.

Leaving valuable items in your hotel room while you’re out has inherent risks, even though in most cases nothing bad will happen. Using public Wi-Fi also has inherent risks which are greater because of the ease in which compromises can occur.

Any activity that requires you to type in a username and/or password is best avoided on any public Wi-Fi connection.

Man-In-The Middle Scams

While sharing a connection with strangers is a very real threat, a bigger threat is getting fooled into connecting to a rogue connection posing as a legit one.

The off-the-shelf technology available to quickly setup a fake Wi-Fi connection runs less than $100 and fits in your shirt pocket.

Originally developed as an audit tool for IT administrators, these devices have been repurposed by cyber-thieves to setup the hard to detect Man-In-The-Middle (MITM) scams.

They connect to legitimate Wi-Fi connections and then mimic them or they’re setup as an alternative ‘free’ connection in areas where users are generally required to pay.

Thieves know that everyone wants to connect to free Wi-Fi, so they will often call their connections ‘free Wi-Fi’ in airports or in congested urban areas.

VPNs and Private Hotspots

If you’re a regular user of public Wi-Fi, you should consider installing a tool known as a VPN (Virtual Private Network - https://goo.gl/FBGEGc) which will essentially make your data invisible while you’re connected.

The very best way to stay safe in public places is to use your own cellular connection by turning your smartphone into a hotspot (be sure you turn off the Wi-Fi first!)

By tethering to your smartphone, you will be the only one on the connection, therefore bypassing the ‘stranger danger’.


Private Hotspot Issues

Two things to keep in mind if you are going to use your smartphone as your hotspot: battery life and your data plan.

I always find a power outlet whenever I turn on my smartphone’s hotspot because it’s a battery killer.

If you’re on a limited data plan, sharing your phone’s connection with your laptop or tablet can eat up your data in a hurry.

Another option, especially frequent travelers with multiple devices, is to use a separate personal hotspot such as Verizon’s MiFi (https://goo.gl/FpU65P) or Karma’s pay as you go option (https://goo.gl/xo6ZoL).

Both will have exponentially longer battery life as hotspots, so you won’t have to find a power outlet and they won’t eat into your smartphone’s data plan.




I'm considering a DIY home security system. Any suggestions?

Thu, 6 Jul 2017 00:00:00 +0700

There’s never been a better time to consider adding devices to your home that allow you to monitor what’s going on from anywhere in the world.The sheer number of options can be overwhelming, so breaking down your needs is the best way of narrowing down your options.What Do You Want To Monitor?Depending upon what you’re interested in monitoring, your needs could be as simple as a single camera pointing out of a window to an entire family of sensors throughout your house.A couple critical elements for success is a solid internet connection and good Wi-Fi coverage over the areas that you want to install your devices.Completely wireless and weatherproof options such as the Arlo cameras (https://arlo.com) allow you to extend your coverage to locations outside of your home as long as you can get a Wi-Fi signal. Upgrading to a ‘mesh network’ can dramatically improve your Wi-Fi coverage area if needed (https://goo.gl/grSrd7).Monitoring OptionsVirtually all DIY options on the market come with some form of app and alert system that use your smartphone as the monitoring device. This means that you will be the one to make the decision to call the police when something happens.Most monitoring systems offer basic storage of video or image files for free, with a monthly charge for higher levels of storage and some offer cellular connections as a backup should your Internet connection go down.If you want an outside service that offers 24/7 monitoring on your behalf, make sure you calculate the ongoing cost of this service which can range from $10 to $30 per month.Options from companies like SimpliSafe (http://simplisafe.com) and Scout (https://scoutalarm.com) allow you to choose either monitoring method while Abode (https://goabode.com) adds the ability to use short-term on-demand professional monitoring for those times you’ll be off-line (like on vacation).Most of these companies extend support of devices from other platforms such as Alexa, Nest and Zigbee as well.Unique ApproachesIf you’re looking for basic front and back door monitoring, Kuna’s approach (https://getkuna.com) is to integrate a camera, motion sensors and a two-way intercom into the light fixtures on your porch.  You can either replace your current fixture with one of theirs or add their Toucan kit on an existing light fixture.The Rex Plus Electronic Watchdog uses radar to detect intruders and simulate a barking dog. The closer they get, the more frequent the barking becomes (one review claims that it keeps the bears away from the house).If you’re a renter and don’t want to physically install anything, an option called Piper (https://getpiper.com) incorporates a 180 degree camera, motion/sound detection, 2-way audio and a siren into a single device that just needs to plug into a power outlet to work.Tinkerer’s PlatformOne of the more mature home automation platforms is SmartThings (https://smartthings.com) which not only has a large number of devices it can work with, it has over 40 recipes on IFTTT (If This Then That - https://ifttt.com/smartthings) or you can create your own automation triggers.[...]



Should I be concerned about ransomware attacking my Mac?

Wed, 28 Jun 2017 00:00:00 +0700

(image) Ransomware continues to grow in popularity as a sort of ‘gold rush’ has been underway in the cyber underworld.

Hundreds of millions of dollars have been generated over the past couple of years with one security firm reporting that 64% of the victims they surveyed paid to get their files back.

Enterprising criminals are even posting ‘ready-to-go’ ransomware kits on the underground marketplace known as the ‘dark web’ with offers to split the revenue with users of their code.

The complexity of these attacks continues to grow as the security world and cyber-criminals face off in a high stakes game of ‘cat and mouse’.

The Bad News For Mac Users

All of the high profile ransomware attacks you’ve likely ever heard of have targeted Windows users, but some of the more recent code being made available via the dark web specifically targets all of the versions of the MacOS as well.

Since ransomware takes advantage of the user more than the operating system, there are few technical barriers to creating a Mac specific attack because the point of entry is getting the user to do something they shouldn’t do.

The most common attack vector for Macs so far has been through infected programs that are designed to bypass Apple’s built-in security (Xprotect and Gatekeeper).  These pre-made ransomware packages also claim to be able to bypass detection by at least 50 different anti-virus programs for both Mac and Windows.

The Good News

Unlike many of the Windows ransomware exploits that can compromise users through unpatched back-doors, clever phishing scams as well as rigged downloads, Mac users currently can only be exploited via a rigged download.

Despite the growing popularity of Mac computers, they still only account for roughly 7% of computers worldwide, so they still benefit from ‘security through obscurity’.

To further illustrate the difference in malware focus in general, one security firm puts the number that target Macs at roughly 450,000 while Windows has 23 million known threats.

From a practical standpoint, cyber thieves are always going to focus on the largest opportunity as they’re in it for the money.

Don’t Let Your Guard Down

Having said all that, everything is subject to change and having the ‘I have a Mac, so I don’t have to worry’ attitude is a bit misguided – there’s a reason why Apple stopped running the ‘we don’t get PC viruses’ commercials back in 2012.

Making sure you only get programs and apps from reputable sources, install the updates when Apple alerts you and keeping all your other Internet tools, such as your browser, Java and Adobe programs updated are important ongoing tasks.

Every computer user should also have a solid backup process - using an automated online backup service such as Carbonite (https://goo.gl/XKum9f) provides an extra layer of security that will save the day whether it’s ransomware, viruses, fire, flood or theft.

Cyber criminals know that Mac computers are more expensive and that Mac owners statistically tend to be on the higher end of the socioeconomic scale, so keep your guard up!




Trying to decide between Amazon Echo and Google Home. Any thoughts?

Wed, 21 Jun 2017 00:00:00 +0700

(image) The ‘smart home assistant’ market continues to grow and improve but there’s so much more to this battle than what meets the eye.

‘Smart speakers’ allow you to interact with them through verbal commands and connect to a variety of devices and online services to act as a virtual butler in your home.

The Proxy War

All of these devices are actually a proxy to the real battle: the platform wars.

With the ‘connected home’ market expected to grow to over $50 billion by 2022, finding ways to get consumers familiar with one platform over another can lead to a bigger piece of the market.

Amazon was first to market with the Echo, but being first doesn’t always ensure that you’ll end up being the market leader and the gap between Amazon and the rest of field is narrowing.

Echo vs Google Home

Google’s entry into the market was with a smaller device that they call Google Home.

As expected, Google Home is designed to integrate with many of Google’s services like search, YouTube and the Chromecast but also popular services like HBO Now and Hulu.


The Echo has substantially more ‘skills’ (https://goo.gl/t953vP) than Google Home, so you can ask it to do more things.

Amazon has over 10,000 skills while Google only offers a couple of hundred.  This may sound like a huge deal, but it’s likely that the most useful skills like ordering a car or a pizza and getting your favorite playlist to start playing are available on both.

Google’s responses to information found on the web is generally more robust, but as you would expect, the Echo excels when it comes shopping related questions.

If you plan on using the device as a music speaker, Home has a fuller sound and it’s smaller, so it’ll fit in smaller bookshelves and nooks.

Which Is Best For You?

What was once a no-brainer choice (Echo) has now become a little more complicated as each platform has added features and capabilities.

The best way to determine which is best for you is to review the supported services and devices for each.  Start with your preferred streaming service as well as your music and video streaming services.

Amazon made a big splash at this year’s CES with announcements that they were integrating with a lot of other companies including Ford, which is going to allow Alexa to work in the car or check on your car while you’re in your home.

Apple’s Upcoming Option

Apple users will be able to add a third option in December when Apple will reportedly release the HomePod powered by Siri.

As usual, Apple’s option will be the most expensive ($349) vs Amazon Echo ($179) or Google Home ($129) and we really won’t know what it will actually do until it’s released.

If you’d like to dip your toe in the smart home assistant pool but you’re not ready to spend the big bucks, I’d highly recommend getting the Amazon Echo Dot ($49) as a primer.




Have you had a chance to test any of the mesh network products for a larger house?

Wed, 14 Jun 2017 00:00:00 +0700

(image) Wi-Fi can be a challenge when you have a large area that you’d like to cover or when you have construction materials that impact coverage.

Concrete walls, metal structures and lots of metal air conditioning ducts are common reasons that a Wi-Fi signal can be obstructed, even in a smaller home.

In the past, if you wanted to improve your Wi-Fi signal in low signal areas, you either installed another access point or a range extender.

Neither of those solutions was perfect as one required you to run new cables and the other would generally give you half the signal strength as connecting directly to your router.

Mesh Networks

A newer technology known as a ‘mesh network’, while more expensive, is significantly better when dealing with large areas of coverage.

A typical system will consist of three ‘nodes’ which all talk to each other and provide the same level of performance as a result.  It’s almost like having 3 access points in your home.

In our tests using the Ubiquiti Labs AmpliFi HD (https://amplifi.com), we found dramatic improvement in coverage over a traditional single router in a large home.

Ubiquiti has long been a supplier of commercial grade networking devices and recently entered the consumer market to provide some of the same technology at a lower cost.

The Setup

The setup was pretty simple with a base station that took the place of the original router and two additional wireless mesh nodes that simply needed to be plugged into an AC outlet in the areas that we wanted to improve the signal.

The wireless mesh nodes automatically find the base station and connect themselves within a few minutes of plugging them in.  All three will appear as the same SSID (or network name) throughout your house.

A signal strength meter on the nodes lets you know how strong the signal is in your chosen location.

Not only did it fill in the gaps within the home, it extended the signal reach far outside of the house, which allowed for connectivity by the pool, which was a good distance away from the house and the garage, which never had signal before.

The company rates their coverage of the full system at about 20,000 square feet, so if you don’t need that much coverage, you can buy a base station and a single wireless mesh node and save some money.

The Amplifi HD is designed for less tech savvy users, so complicated security issues are handled with their mobile app (iOS or Android), which also allows parents to manage the various devices that connect to it.

The app makes it simple to limit usage by certain devices based on the time of day, so you can create a ‘virtual bedtime’ for internet access for a child’s device.

Conversion Tip

If you decide to replace an existing router with this or any other mesh network solution, make sure you use the same SSID and password you were using on your previous network to avoid having to reset all your devices in order to connect.




Q: Is it true that color laser printers print invisible dots to ID the printer on every page?

Wed, 7 Jun 2017 00:00:00 +0700

(image) The leaked top secret document that led to the arrest of government contractor Reality Winner has caused a long running privacy issue to resurface.

The hidden yellow dot ID pattern technology on some color laser printers has actually been around since Xerox developed it in the 90’s.

The primary reason for the dots is purportedly to help the Secret Service in counterfeiting cases.  Color copiers and laser printers became so good at reproducing colors that they become a tool for counterfeiters some time ago.

Not all color copiers and laser printers print the dots, but for obvious reasons, the printer manufacturers and law enforcement don’t generally acknowledge which printers do and which ones don’t.

Privacy Concerns

Privacy advocates such as The Electronic Frontier Foundation have been calling attention to this for almost a decade (https://goo.gl/4g8XGk). Their position is that your printer shouldn’t be another tool for government surveillance.

In the Reality Winner case, it’s believed to be what led to her arrest because the dots were easily viewed on the document published online by the Intercept (https://goo.gl/b3KlN9).


What Gets Tracked?

The yellow dots when decoded can indicate the make, model and serial number of the printer and in some cases, include the date and time.

With this information, law enforcement can potentially track down the owner of the printer by following the serial number from the manufacturer to the reseller and then to the purchaser.

Making The Dots Visible

By design, it’s nearly impossible to see the dots with the naked eye, so you’ll want a way to magnify any page that you want to inspect.

Using a microscope or magnifying glass with magnification power of 10x or better to view a blank part of a printed document should allow you to see the dots if they exist.

If you want to make it easier, use a bright blue LED flashlight in a dark room, which should turn the yellow dots a dark blue or black.

If you have a good quality scanner and a graphics program that can zoom and invert the colors, you can also find the pattern, which should repeat itself throughout the page.

List of Known Printers

The EFF has published a list of printers that they say do and do not display the tracking dots (https://goo.gl/UV3q9K), but it’s not up-to-date nor is it a complete list.

In some cases, the printer manufacturer will acknowledge the use of the tracking information in their documentation, but it’s not easy to find even if they do.

What Can You Do?

Technically speaking, setting your color laser to print in black and white won’t allow the yellow dots to be printed.

If you have to use color and are concerned about the tracking dots on a known printer, there is nothing you can do to stop them short of getting rid of the printer.

If you are overly concerned, switching to either a color inkjet or any type of black only printer will ensure that the tracking dots won’t be included. 




Which browser is best to use if I tend to open a lot of tabs?

Wed, 31 May 2017 00:00:00 +0700

(image) Tabbed browsing changed the way we used the Internet and has become both a blessing and a curse.

If you spend time gathering information from multiple sources while researching anything online, this feature has been a game changer.

Being able to open additional tabs eliminated the need to hit the ‘back’ and ‘forward’ buttons in order to jump from one page to another, but the downside to this convenience is the memory usage.

Every tab you open consumes working memory (aka RAM) which can eventually lead to significant performance issues so keeping the number of open tabs to a minimum is always in your best interest.

There are many variables involved in determining actual memory usage, so the various testing sites that proclaim one browser over another may not be applicable to you unless you use your browser the exact same way they tested them.


If I had to make a general recommendation, Firefox for Windows users and Safari for Mac users  seem to have the lowest memory usage based on a compilation of various tests.

Changing Your Behavior

If you can change the way you manage open tabs, you won’t have to consider changing browsers.  As convenient as it may be to have a tab open all day with Facebook running in the background, if you can do without it, you can save memory.

Bookmarking your commonly used sites for easy access and remembering that you can quickly reopen recently closed tabs in most browsers by hitting Ctrl-Shft-T should help you feel better about closing idle tabs.

Sniffing Out Memory Hogs

Different web resources will use different amounts of memory, so you if you want to see how much memory a specific site is taking up, most browsers offer a way to do that.

In Chrome, hitting Shift-Esc will open Google’s Task Manager, which lists all of your open tabs along with various details.  If you click on the ‘Memory’ heading, it will re-sort your open tabs in order of the largest memory usage.

Internet Explorer provides the information as a pop-up that you have to open on each page by hitting Control-Shift-U (hitting it again will close the pop-up).

Firefox users can install an add-on called Tab Memory Usage (https://goo.gl/DXtBuK) which will display the memory usage of each page in the upper right section of the browser window.

By identifying the memory hogs in your regular rotation, you’ll know which ones to close first if things start to slow down.

For ‘Tabaholics’

If there’s no possibility for you to change your tabbing behavior, then adding more RAM or installing add-ons may be a better solution to allow for lots of tabs.

Chrome users can try The Great Suspender (https://goo.gl/DCj4Gt) which will automatically suspend unused tabs to free up memory.

Both Firefox and Opera users can try Tab Suspender (https://goo.gl/9sDEcs) to accomplish the same thing.

Unnecessary Add-Ons

Add-Ons also contribute to memory usage, so avoid installing them if you don’t really need them and disable or get rid of the ones you may have already installed that you don’t use.




If I got hit by ransomware, should I pay the ransom?

Wed, 24 May 2017 00:00:00 +0700

(image) Ransomware is one of the fastest growing cyber-crimes because it’s one of the most profitable.  Unlike other malware that a hacker may or may not be able to monetize, ransomware is a direct path to getting paid through extortion.


The Ransomware Business Model

Today’s sophisticated ransomware scams are based on a proven business model that often times will even come with tech support websites to make sure you get your data back.

The criminals know that if word got out that paying the ransom did not result in getting your files back, no one would ever pay. 


There is no guarantee, however, that if you pay the ransom, you will get your files back as we don’t have any credible data to work with.  Most companies that have been hit with this attack don’t want the word to get out, much less admit that they paid the ransom but didn’t get their data back.

A couple of things are certain: paying the ransom is risky and absolutely encourages them to continue attacking others.

Before You Consider Paying

There are a number of steps you can take before you have to decide whether you should pay the ransom or not.


The easiest way to avoid having to pay the ransom is by having a solid backup that isn’t connected to your computer or company network.

If you do have an uninfected backup that can be restored, removing the infection and the encrypted files is pretty easy to do by anyone with even moderate technical skills.


Which Ransomware Do You Have?

If you don’t have a current backup, there may be tools available that can break the encryption if you were hit with one of the older or less sophisticated strains of ransomware that have been cracked.  


A website called https://NoMoreRansom.org has created a repository of keys and applications that may be able to decrypt your files.

To help determine which strain you’re infected with, you simply upload a couple of the encrypted files along with some of the details within the ransom demand note.

For security reasons, make sure to choose files that don’t contain any sensitive personal or corporate information (picture files are usually a good choice to use for the upload test).


Protection Tip

First and foremost in protecting against this growing threat is the proper backup strategy.

Unfortunately, a traditional external backup drive isn’t good enough because anything that’s connected to your computer or is available through a network share will be encrypted as well.


Even if you routinely disconnect your external hard drive when you aren’t backing up, you’re still not fully protected as this malware runs silently in the background so you could unknowingly overwrite your good files with encrypted files.


The best backup solution physically stores your files separate from your computer and incorporate ‘file versioning’, which means it keeps multiple copies of the same files as they are changed.


Incorporating a cloud-based backup such as Carbonite (https://goo.gl/XKum9f) provides the best protection against not only ransomware but fire, flood, theft and even employee sabotage. 




How can I check to see if my HP laptop has the key tracking problem?

Wed, 17 May 2017 00:00:00 +0700

(image) A recent discovery by Swiss security firm Modzero exposed a major security problem in a large number of HP laptops.  They found that an audio driver that was ‘listening’ for specific ‘hotkeys’ was also recording every keystroke and storing them in an unprotected log file.

Often referred to as ‘keylogging’, this type of activity is usually associated with nefarious programs that try to steal passwords or other sensitive credentials by recording all your keystrokes.

In HP’s case, there’s nothing indicating that anyone was remotely capturing the keystrokes contained in the log files; It’s more of a major mistake made by the company that provided HP with the software.

Who’s At Risk?

Conexant is a primary supplier of audio componentry to most of the major laptop manufactures as well as devices like Amazon’s Echo (Alexa), but this particular issues appears to be isolated to specific HP laptops.

They inadvertently left special debugging code active in the final driver provided to HP, which can potentially be exploited in a number of ways because every keystroke you make – even if you can’t see the character as you type – is being captured to this unprotected file.


It’s the digital equivalent of your computer ‘talking in its sleep’; any program that cares to ‘listen’ could make use of this extremely sensitive information.

Owners of any of HP’s Elite, EliteBook, ProBook or ZBook models from 2015 and 2016 should check their computers for the bug.


How to Check Your Laptop

The following steps may be a bit technical for some, but it’s too important to ignore, so make sure you get help from a trusted technical resource.

Different model laptops exhibit different behaviors, but many of the most common models will have created this log file in the following location: C:\Users\Public\MicTray.log.

If your computer has this log file and you can see data in it when you open the file, your computer has the problem.

If you see the file with no data in it, you’re still not in the clear as the debug output could still be exposing your keystrokes to other programs or it will be empty if you just logged into your computer.


To check for leaking keystrokes, you can run Microsoft’s DebugView while typing random characters on your keyboard to see what is being captured.  If you see any lines in DebugView that refers to ‘Mic target’, your computer is operating with the defective audio driver.


How to Kill the Keylogger

Both HP and Microsoft have released updates to fix the problem, so if you regularly keep your computer updated, you may have already fixed the problem.

HP laptop owners that want to make sure they have the updated audio driver can go to HP’s driver download page in the ‘Support’ section of their website.

This logging behavior goes back to October of 2016, so even if you have fixed the problem, your old backups could contain old log files. Make sure you search for and delete any instance of the MicTray.log file in any of your backups as well.