When bad thing happen to good computers . . .

PC Recommendations, a new Squidoo lens

2006-07-14T11:38:00.000-07:00

Heath and others at Squidoo are often exhorting lensmasters to make specific recommendations to make the lens more useful and effective. I’ve been attempting to do that and decided to go the whole way and make some lenses that are just about recommendations.

My first is at www.Squidoo.com/pcrecommendations/

Since I’m a computer consultant it’s natural that I have good experiences (as well as bad) and some favorite products and services. In the PC Recommendations lens, I’ve started with PC memory and some end user utilities like spam control. I’ve described my experience and/or impression of the product and provided a link. Some are affiliate links, so I’m especially hopeful for them. Interesting that one of my recommendations is for Crucial Technologies, a major memory chip company with a huge on-line presence. They seem to show up on the lens as an advertiser all the time, so they are getting lots of value from my lens!

Internet security suites software, argggh

2006-06-26T13:16:00.000-07:00

PC manufacturers insist on inflicting swollen and faulty security suite software on unsuspecting customers. Software to protect you from all evils sounds like a good concept, right? Good idea, bad implementation from Symantec and from MacAfee. One of my first setup acts is to uninstall suite software – generally it’s just a trial anyway. MacAfee has sunk even lower in my view because their software auto starts, and their own uninstall option refuses to work because MacAfee services are running. Essentially a novice user is stuck with something that they might not want, can’t uninstall, and may well slow or retards their system performance. Aaaargh! Your choices are to try to kill the services, or restart in safe Mode and try the uninstall process.

and on to WordPress

2006-06-02T18:36:00.000-07:00

Well, I've tried MSN Spaces and Blogger and Yahoo. So it's on to WordPress. I've started a hosted Blog using WordPress. The intention is to consolidate several blog experiments into one ongoing blog with categories.

The blog is called One Stormy Day (that's www.onestormyday.com)

I'll keep this up for the foreseeable future, but all new posts will be at One Stormy Day.

Check it out and say hi. Thanks, Jack

Ps I’ve also created several lenses at Squidoo:
www.squidoo.com/iloveamystery
www.squidoo.com/otr
www.squidoo.com/benjaminfranklin
www.squidoo.com/fredricbrown
www.squidoo.com/retireinarizona
www.squidoo.com/arizonacities
www.squidoo.com/hoa
www.squidoo.com/computerconsultant
www.squidoo.com/eehibbard
www.squidoo.com/gasolinealley

Anti-Spyware Group Publishes Guidelines

2005-10-28T07:11:00.000-07:00

My Way News

Anti-Spyware Group Publishes Guidelines

2005-10-28T07:09:00.000-07:00

In the news, ready for commentary and comments.

Software updates - the good, the bewildering and the ugly (part 1)

2005-08-12T11:13:00.000-07:00

The good - Keeping your operating system and security utilities updated is a necessity. With all the internet evil doers out there you need to keep your defenses in repair and up to date. Software is often too large (read bloated?) so that bugs need to be repaired, and the bugs in the repairs sometimes need to be re-repaired!

The bewildering - should you let updates happen automatically? Or should they be manually controlled? Does application software need to be updated? (sounds like a part 2, doesn't it?)

The ugly - Sometimes a good intention leads to a bad result. Today I Installed a Microsoft update (rollup 1 for W2k SP4) on a Compaq server running W2K server. On the required reboot, Active Directory was inoperable. This rendered the server essentially unusable. After exploring a little, I felt that the update could be the cause. Fortunately, uninstalling the update went smoothly and seems to have resolved the problem. Googled and saw some references to issues with the rollup, and info that Microsoft was going to reissue the rollup. The issues sited didn't cover my symptoms, but indicated a bad update was being offered. This rollup update covers all W2K systems, workstation and server. Very ugly!

Do you let Microsoft and others automatically update your software?

Controlling private surfing can reduce the risks of exposure

2005-08-04T16:32:00.000-07:00

Seems obvious doesn't it? Much of the malware that infects computers comes from clicking the wrong button, surfing to the wrong site, or just being tricked. Large organizations that use Internet filters, proxy servers, etc have less spyware to deal with. The range of surfing is restricted, and so is the risk.

The smaller office is less likely to restrict Internet access because of the perceived costs of installing and managing such controls. Home PC's are generally wide open because PC's and kids seem to hard to control. Microsoft's built-in controls are not an easy solution.

We researched the filter tools for a law office client and found one that was reasonably priced and did a beta test. Good results led us to spread it through the office. While cutting down personal surfing was the primary goal, we saw a marked decrease in the number and severity of malware infestations. I described this product, FilteGate, at my "Software I Like" blog.

Software and services that I use and can recommend . . .: Internet access filters - can you limit surfing activity?

Have you tried to restrict access? How effective was it?

Check your Internet visibility

2005-07-18T08:21:00.000-07:00

Want to know how your PC looks to the outside world? Are you vulnerable? Do you have any back doors open that can give somebody access to your PC?

To test your Internet visibility Â– Go to Symantec.com and select "Symantec Security Check", and follow the steps to let them scan your PC. They'll give you a report on any open ports or other apparent openings.

Symantec Home Page

If you are in an office, you should certainly get a clean report! If not, it's time for a security audit. Computer, Network and Internet Security

If you are behind a good firewall, that is properly setup, you will pass this test. This does not protect you from doors you open when you surf - that's a different security risk.

Coalition Issue Definitions for 'Spyware'

2005-07-12T06:29:00.000-07:00

This mornings headlines brought this. The article is a teaser. Sounds like a starting point. Now to find the actual document that they reported on!

Coalition Issue Definitions for 'Spyware'

Good news - definitions, suggestions of concent controls, cooperation amongst players like Symantec and Microsoft.

How does the saying go? "The devil is in the details".

Why good computers go bad - let me count the ways

2005-07-10T11:17:00.000-07:00

I was invited to speak before a large and active computer club at one of our clients, Leisure World Community Association. Since so many home computers I see are riddled with problems, I gave them an overview of why this can happen. This was over a year ago, but the conditions faced by home computer users are generally the same!

"Why Good Computers Go Bad" presented to LWCA Computer Club

Have you noticed your computer being slower than it was, and wondering why?

Is your wireless network secure? Take four steps to safety.

2005-07-02T10:18:00.000-07:00

Adding wireless capability to your network can add convenience, but it can also increase risk. There are four basic steps to providing minimal security to your wireless network:

Set a unique SSID – each wireless network has a name to identify it. The name is the SSID, for System Set Identifier, or the ESSID for Extended Service Set Identifier. The manufacturer presets each device with a default SSID. Many techs use the default SSID because it’s easier. Don’t be lazy. Use a unique name for your network.
Disable Identifier Broadcasting – usually by default, a wireless network broadcasts it’s id and availability, to make temporary connections easier. Don’t advertise your network. When somebody asks their laptop to show available networks, do you really want it to show yours?
Enable data encryption – the access point or router that is the base of your wireless network can encrypt the data. Any device that is going to connect to your network will have to be setup with a unique key to unlock the data. While these are imperfect data locks, they do what a lock is supposed to do – keep out the casual snoop, and make it hard work for the better-equipped hacker. Activate the WEP or WAP encryption on your system.
Use a router firewall – any decent router (wired or wireless) comes with a built in firewall that is your first line of defense against attacks from the outside. Make sure your router’s firewall is active. Even though you can setup a simple network without a router, it’s a good idea to install a router for the firewall protection.

Have you ever used your laptop to connect to a wireless network, and seen other networks being advertised and unsecured?

Little Agreement on Spyware Guidelines

2005-06-25T11:52:00.000-07:00

The article below caught my eye because it sets out a major problem with spyware, adware; lack of an agreed upon definition of the name and scope of the problem. An extreme view says that any outside agent that installs even a cookie. Some say it is bad only if it does something destructive. Some include pop-ups in the bad category, some don't. Adware became spyware, or are they two different things? Lawsuits from some of the purveyors of adware scare the big guys, including Microsoft, Symantec and McAfee into holding back on their protection.

Bah humbug! If it went on my PC with out my specific knowledge and consent, it doesn’t belong there. If it tracks anything I do without my knowledge and consent it should be gone. I lump these entire Internet born invasive elements under one term – malware. A good tool will allow me to override blocks and protect certain sites and cookies.

Microsoft’s Anti-spyware is my current favorite because of it’s superior updating and scheduling features and it’s easier to understand user interactions. But, it doesn’t touch cookies. They claim it’s because of imbedded passwords, etc that make logging into favorite sites easier.

I think that can be easily addressed, and that MS is also avoiding it more because it is controversial. Cookies have always gone onto the PC uninvited, and that was ok until it became abused. I think that cookie control should easier for the user to manage, and controlled by default.

Little Agreement on Spyware Guidelines

What are your thoughts on the issues of cookies - wide open or restricted?

The silver bullet defense for a trashed hard drive

2005-06-24T06:00:00.000-07:00

Sometimes it just takes too much effort to clean up or recover a PC after a virus or malware has trashed it. Some home computers have been neglected so long that there are layers of spyware, adware, Trojans, etc.

When a PC is beyond reasonable recovery, you have to start over. Starting over can mean restoring the OS from the manufacturer CD, reinstalling applications, and probably missing a lot in the process.

Time for a silver bullet; image the operating system drive. That image file is the silver bullet that saves you hours and much grief. After I get the operating system drive setup and all applications working, I create an image file of that drive. I store a copy of the image on the second drive, and a second copy on a portable drive or a network drive setup for backups. Updating the image periodically is also well-invested time on PC’s that change a lot over time.

Of course, you want to separate data from the operating system. This way the data is not affected if your operating system is whacked and you want to restore it.

The value of this was shown just last week. The hard drive on a client’s manager’s PC died. We replaced the hard drive, re-imaged the system, did a little clean up, and finished in 45 minutes. Normally reinstalling the operating system and applications and doing all the updates can take hours.

Click here for specific product recommendations . . .

Have you had to rebuild/replace your hard drive and applications? How long did it take?

Be careful who you trust to check or clean your system

2005-06-15T10:22:00.000-07:00

Many infected PC's I see, have been infected after the owner clicked an offer to good to be true. It goes something like this:

- A window pops up informing you that you may have spyware, etc.
- Offers a free scan/clean of your PC.
- You click (free is good isn't it?).
- Your free offer now infects your PC.

There are hundreds of "spyware killers" offered. Many are useless, many are evil doers themselves. That's why I only use (and recommend here) products that I've been able to research, test and verify for safety and effectiveness.

Following is a link to a list (not mine) of bad choices that masquerade as spyware killers:

Rogue/Suspect Anti-Spyware Products & Web Sites

Have you had any bad experiences with rogue anti-spyware products?

Will Microsft charge for their Antispyware after it comes off beta testing?

2005-06-08T10:32:00.000-07:00

This is important to me because this product has become my antispyware remover and protection of choice. The answer seems to be a qualified no. Here is an extracted quote that seems to say it will continue to be free:

"...Gates announced the company's plan for making the personal version of the final Windows AntiSpyware software available at no additional charge to licensed Windows customers as part of the Windows value proposition. The offering will offer full functionality to consumers, including the ability to detect and remove spyware, continual protection that helps guard against more than 50 ways that Web sites and programs can put spyware on a PC, and protection against the latest threats through the combined efforts of the SpyNet ™ community and Microsoft researchers. For business customers, with more complex infrastructure support, management and deployment needs, Microsoft plans a managed anti-spyware solution that will be available as part of a paid solution..."

My concern is in how "Windows value proposition" may limit availability, and in what other limits MS might put on the product to push users to a paid version. I might be overly suspicious, but Microsoft security problems with Internet Explorer have been a huge part in driving this spyware and malware epidemic almost out of control!

The full press release is at this link -

Gates Highlights Progress on Security, Outlines Next Steps for Continued Innovation: Keynote Address at RSA Conference Details Microsoft's Latest Efforts, Including Technology Deliverables, Customer Guidance and Partnerships With the Industry,

The Microsoft Antispware beta offering ends at the end of July. I'm still installing this beta product, and hope I don't come to regret the decision, and have to explain a flip-flop to all the users I've moved to this product.

What is the best anti-spyware software?

2005-06-08T09:15:00.000-07:00

Unfortunately there isn't a single answer. For protection my choice is Microsoft Anti-spyware. For troubleshooting and cleanup I use a number of tools, but the top three antispyware removers I use are: Spybot Search and Destroy; Lavasoft's Adaware, and the MS program.

I currently install Microsoft's beta anti-spyware on each PC I touch for service, and on any new PC I setup. The major reason for this choice is that it has built-in scheduling of updating and scanning. A great program like Spybot doesn't help as much over time since the updates are manually driven. Experience shows that you cannot rely on users to do updates on their own!

Unfortunately there is no single program that catches and deals with all threats. That's why I use several when I'm doing a cleanup. Invariably, one finds and removes things that others miss. Over time I've tried many other products but routinely use the big three: Spybot, Adaware, and MS Anti-spyware. I'm always looking for new and better tools, so speak up if you have some experience to add here.

Spybot - Search & Destroy from Download.com

Adaware - SE Personal Edition from Download.com

Microsoft Windows AntiSpyware from Microsoft.com

Are you using anything better?

Malware/virus cleanup – chances of success

2005-06-04T10:08:00.000-07:00

I’m going to post about techniques and tools to clean systems, but first I thought I better make clear that cleaning is not always a viable option. When I’m faced with a PC that is suffering from a malware attack, I know going in that the chances of complete recovery might be 50/50. Some malware cripples your anti-virus system. Some cripples the Windows Operating System; you might not be able to open the registry editor, or open task manager. Some PC’s have been open and under siege for so long that they contain hundreds of infestations (I’ve seen PC’s with two thousand!). I know that some techs out there will immediately object and say that all of those are reversible and any corruption can be rooted out. This might be technically accurate, but practically ‘taint so!

If you can’t spend many hours or days on this repair, you may be faced with the unappetizing decision to rebuild your software system. I make a reasonable effort to repair, but at times have to go to plan B – rebuild/restore the PC. It’s sad but true. So, what to do?

Keep all of your original software; especially the operating system and system restore CD’s. Put it in a plastic baggie, and add any CD’s that you subsequently use to install. This way you have a fall back point. Most painful; gets you back to the beginning; might loose data.
Backup – ok, I saw you shrug. Nobody back’s up regularly you think. Actually some of us do. Backup you files (may only be My Documents, may be other folders). Backup you email, files, settings, and passwords.
Be careful about copying files and settings from a bad PC to a new PC as you may be bringing malware trigger files with you.
Image – make a restorable image. There is software that allows you to make an image of your hard drive. This image can quickly get you back in operation. Make an image after first installing the system, and setting up all of your applications, peripherals, and networking. Then make an update to the image periodically, especially after a major install, upgrade, etc. This makes recovery from a bad attack; hard drive failure, etc, almost painless.

Spyware, malware, adware - it's all bad stuff!

2005-06-03T12:07:00.000-07:00

Setting up supporting computer systems and networks used to be about hardware and software. Today it's about hardware, software, and security.

We spend a large amount of our computer system consulting time on safeguarding systems and users, and in dealing with infected PC's.

This space will be about some of our experiences, some solutions, and some advise. I plan to talk about many spects of security including: firewalls, viruses, security software, and everybody's favorite - spam.

This information is free. Just remember that one size doesn't fit all - my experience and advise may not be relevant in your situation. Proceed at your own risk. If you need professional help don't hesitate to contact me (jstankevicz@saiaz.net) or my business, SAI Consulting (http://www.saiaz.net/) .

Please add your own experiences and suggestions. This space is not for solving specific problems.

Here are other focused blogs that may be of interest:

http://dealingwithspyware.blogspot.com/

http://homeownerassociation.blogspot.com/