The Secutity Thread

[Kate the Bionic Uterus]

So much crap out there these days. It is hard to keep up.

Post your security problems and solutions. Post alerts to knew PC/internet/technology security issues. *I am very interested in cell phone and tablet security right now.

Just read this; Unveiling 'The Mask': Sophisticated malware ran rampant for 7 years http://www.pcworld.com/article/2096460/cyberespionage-operation-the-mask-compromised-organizations-in-30plus-countries.html

[wr250]

security problem: prebuilt walmart style computers loaded with crapware bordering on malware.  solution: either clean install of winders or a clean install of linux.

[fotd]

Enable Google 2 Step authentication:
https://support.google.com/accounts/answer/180744?hl=en

I would hate for someone to access my main Google account, considering it's so closely tied into my Android phone.  2 step auth greatly reduces that risk. 

[Kate the Bionic Uterus]

Enable Google 2 Step authentication:
https://support.google.com/accounts/answer/180744?hl=en

I would hate for someone to access my main Google account, considering it's so closely tied into my Android phone.  2 step auth greatly reduces that risk.

Flapping awesome!!! Thanks <333

Google recently announced that it would start including individual users' names and photos in some ads. This means that if you rate some product positively, your friends may see ads for that product with your name and photo attachedâ€"without your knowledge or consent. Meanwhile, Facebook is eliminating a feature that allowed people to retain some portions of their anonymity on its website.

These changes come on the heels of Google's move to explore replacing tracking cookies with something that users have even less control over. Microsoft is doing something similar by developing its own tracking technology.

Lots of companies are evading the "Do Not Track" rules, meant to give users a say in whether companies track them. Turns out the whole "Do Not Track" legislation has been a sham. It shouldn't come as a surprise that big technology companies are tracking us on the Internet even more aggressively than before.

If these features don't sound particularly beneficial to you, it's because you're not the customer of any of these companies. You're the product, and you're being improved for their actual customers: their advertisers.

security problem: prebuilt walmart style computers loaded with crapware bordering on malware.  solution: either clean install of winders or a clean install of linux.

Pre built white box style computers which I'll include HP at this point have always been full of bloatware. There have been reports of PUPs being in certain linux installs. Sometimes they hack into downloads and replace what people think they are getting. So when someone downloads a Ubuntu OS that can be run off of an USB key, you still need to run that through some security scans.

I'm sure many people here use an anti virus, Firewall and other ad-ware/spy-ware detection programs. A popular program these days is http://www.malwarebytes.org/. It's results are excellent however some of you fine people here would be surprised that even after running a full scan using Malwarbytes and then a secondary malware/spyware program like HitmanPro  http://www.surfright.nl/en/downloads and then a boot scan of your anti virus, that some malware/spyware still exists on your hard drive.

It's called a PUP aka Potentially Unwanted Program. You may see it after a scan called something like this; PUP.Optional.Conduit.A, PUP.Optional.Default and other PUP.designations. Even if your scans have removed some PUPs they are very sneaky and are able to hide in the registry, windows folder and other Nook N' Crannies. PUPs are not a virus, but it does exhibit plenty of malicious traits, such as rootkit capabilities to hook deep into the operating system, browser hijacking, and in general just interfering with the user experience. This type of infection is used to boost advertising revenue, as in the use of blackhat SEO, to inflate a site’s page ranking in search results. So where do they come from?

The general rule of thumb (and why I don't use anything by Google) is that nothing in life is free. The same goes on the internet. PUPs get on your computer after you have installed a freeware software (video recording/streaming, download-managers or PDF creators) that had bundled into their installation this browser hijacker. This Potentially Unwanted Propgram is also bundled within the custom installer on many download sites ( CNET, Brothersoft or Softonic), so if you have downloaded a software from these websites, chances are that PUP.Optional.Conduit.A was installed during the software setup process. Also in the last few months it seems even OPEN SOURCE distributor http://sourceforge.net has been found guilty of adding  Potentially Unwanted Programs so be careful. Waterfox and other large profile projects such as GIMP have also moved away from SourceForge recently. The reason being to shady adverts and that SF force their own installer onto users, prompting them to install other software and then finally the software the user actually wants. Waterfox will now use CodePlex for file hosting.The new location for Waterfox files will be at; https://waterfox.codeplex.com/ So please be careful even if you have trusted a download site in the past.

You should always pay attention when installing software because often, a software installer includes optional installs, such as this PUP.Optional.Conduit.A browser hijacker. Be very careful what you agree to install. Always opt for the custom installation and deselect anything that is not familiar, especially optional software that you never wanted to download and install in the first place. It goes without saying that you should not install software that you don’t trust.

So here's how to get rid of the PUP browser hijack.

Make a restore point and back up your files and do the following in order.

1) AdwCleaner; The AdwCleaner utility will scan your computer for PUP.Optional.Conduit.A malicious files and registry keys, that may have been installed on your computer without your knowledge. http://www.bleepingc...oad/adwcleaner/

2)  Junkware Removal Tool; this utility can take a while to complete (like 10-30 minutes) depending on your system’s specifications and will display a log with the malicious files and registry keys that were removed from your computer. So grab a coffee  http://www.bleepingc...e-removal-tool/ 

3) Malwarebytes Anti-Malware; It will remove worms, trojans, rootkits, rogues, dialers, spyware. A quick scan will do or if your having problems with your computer like choppy video or laggyness then do a full scan. Linked above.

4) Run a secondary spyware/malware removal tool like spybot  http://www.safer-networking.org/ or HitmanPro

5) Malwarebytes Anti-Rootkit BETA; Go here and run this http://www.malwareby.../products/mbar/

6) Lastly update your anti virus and run a "BOOT TIME SCAN"


EDIT: This took a long time to write so if members here like this kind of info then say so and I'll write a similar step by step how-to post on what to do if you think you have been hacked or browser high-jacked or if your scans uncovered a trojan and/or a similar back-door type virus.

[wr250]

Pre built white box style computers which I'll include HP at this point have always been full of bloatware. There have been reports of PUPs being in certain linux installs. Sometimes they hack into downloads and replace what people think they are getting. So when someone downloads a Ubuntu OS that can be run off of an USB key, you still need to run that through some security scans.

this is why all Linux distros include a md5 sum. if the image md5sum doesnt match the OEM md5 sum, then its probably compromised. you can create your own thumb drive Linux with unetbootin. its very easy. if you are paranoid like me you will get the ISO from the creator of the Linux distro (EX: ubuntu iso from the ubuntu website) and run the md5sum.
as far as windows goes, i use the official  cd  with the hologram on it, or download the iso from microsofts FTP server. then use the key (on he sticker)on the machine that needs the install.

[Juan]

Yes, I like info like this.  Thank you.

[awake]

yes, thanks for the info

[Kate the Bionic Uterus]

this is why all Linux distros include a md5 sum. if the image md5sum doesnt match the OEM md5 sum, then its probably compromised. you can create your own thumb drive Linux with unetbootin. its very easy. if you are paranoid like me you will get the ISO from the creator of the Linux distro (EX: ubuntu iso from the ubuntu website) and run the md5sum.
as far as windows goes, i use the official  cd  with the hologram on it, or download the iso from microsofts FTP server. then use the key (on he sticker)on the machine that needs the install.

Awesome reply thanks, however therein lies the problem eh? Majority of good folk have no don't speak geek and so when they read something like; "OEM md5 sum" it flies right over their head and they skip that step.

When tech geeks and computer engineers see something that says,"what the flapping flap does that mean?" they go and figure out the problem because that is how their brains are programmed.

For the rest of the folk, they interpret techno-babble as, "NOT IMPORTANT". Because no one took the time to explain it in english their brain auto sorts it to their WOFT file. (WOFT= waste of flapping time) That is a normal psychological response because no one wants to admit their own ignorance all day long. Also because the brain has already created a new causality with that step removed thereby tricking us that everything will be ok.   

And as you have enlightened us, it isn't

[eddie dean]

This info is so discouraging for me. I wonder what kind of tactics software companys will employ in the years to come, if left unchecked.
Thanks for the detailed information Kate! Keep it coming!
By the way, your screen name is one of my favorites on Bellgab!

[wr250]

Awesome reply thanks, however therein lies the problem eh? Majority of good folk have no don't speak geek and so when they read something like; "OEM md5 sum" it flies right over their head and they skip that step.

When tech geeks and computer engineers see something that says,"what the flapping flap does that mean?" they go and figure out the problem because that is how their brains are programmed.

For the rest of the folk, they interpret techno-babble as, "NOT IMPORTANT". Because no one took the time to explain it in english their brain auto sorts it to their WOFT file. (WOFT= waste of flapping time) That is a normal psychological response because no one wants to admit their own ignorance all day long. Also because the brain has already created a new causality with that step removed thereby tricking us that everything will be ok.   

And as you have enlightened us, it isn't

many of these people are the ones calling you and i  kate, when their computer breaks.
as a side note, i always stress the importance of backups upon people. backups that can be disconnected from the computer, whether on a flash drive, removable hard drive , dvd/blue-ray disk, etc. if a business, off site storage as well.

[Juan]

Maybe you folks would be kind enough to tell us how to use one of those checksum thingies.

[wr250]

Maybe you folks would be kind enough to tell us how to use one of those checksum thingies.

you download the ISO file first (ubuntu-13.10-desktop-amd64.iso for example)

next you will need md5sum for windows : http://www.nullriver.com/downloads/Install-winMd5Sum.exe (if on windows, unix type os'es come with command line md5sum program)

then goto https://help.ubuntu.com/community/UbuntuHashes (which is stupid, most linux distros put the md5sum on the download page,see below)

open winmd5sum and browse to the file. i believe it will calculate the md5sum once you click "open". it may take a few minutes.

then simply compare the result against the one listed on the webpage above. in a *nix simply open a command line, type md5sum file and it will calculate it. a rather thorough explanation is here (help.ubuntu.com).

explanation: if you goto the debian os download page (https://www.debian.org/CD/http-ftp/) and click on what you want (amd64 under the "dvd" section for example) it gives you an index of files. the first one is the md5sums for the files on that page, followed by a gpg signature then the files.

[eddie dean]

as a side note, i always stress the importance of backups upon people. backups that can be disconnected from the computer, whether on a flash drive, removable hard drive , dvd/blue-ray disk, etc. if a business, off site storage as well.

I do too! A hard lesson learned for most computer users. Including me!  It only takes 1 heartbreaking data loss to drive the message home,  & to get into the habit of backups. I can sometimes over-do it though, by backing up the backups!
I don't have much pity anymore, when a friend complains to me about loosing data.

Them: "My 'puter' broke, & I lost my entire collection of '70's bush' porn!!"
Me: "No problem. you can retrieve the files from your backup. You do Regular. Backups. Right?"
Them: "no"
Me: "Haw! Haw! From now on, you will."

yeah, I know. I'm a dick! :

[Kate the Bionic Uterus]

many of these people are the ones calling you and i  kate, when their computer breaks.

I never fix other peoples computers because I don't want to know what they have hidden in there. Besides, who has the time. I am too busy keeping my own rigs in shape. I will inform people how to do it themselves and tell them that the money they would spend retrieving the information would be better spent buying an external hard drive.

Anyone who uses their pc for gaming  understands the need for backups and maintenance too. Of course that comes after they lose 6 months of skyrim or some game like that.

I have everything backed up daily to the cloud at the end of everyday at work. I am able to access it from home and I do monthly backups of my personal stuff. I have every computer I have ever owned backed up on the cloud. Basically my entire life

I have an uncle who does data retrieval consultations for the federal government. He does very well for himself and has some crazy stories about the crap he has found on them :S

[Mind Flayer Monk]

Didn't this used to be the security thread (with an r)?

[wr250]

I never fix other peoples computers because I don't want to know what they have hidden in there. Besides, who has the time. I am too busy keeping my own rigs in shape. I will inform people how to do it themselves and tell them that the money they would spend retrieving the information would be better spent buying an external hard drive.

Anyone who uses their pc for gaming  understands the need for backups and maintenance too. Of course that comes after they lose 6 months of skyrim or some game like that.

I have everything backed up daily to the cloud at the end of everyday at work. I am able to access it from home and I do monthly backups of my personal stuff. I have every computer I have ever owned backed up on the cloud. Basically my entire life

I have an uncle who does data retrieval consultations for the federal government. He does very well for himself and has some crazy stories about the crap he has found on them :S

i dont trust the cloud. reasons being its likely the people who run the cloud could pull data from your storage (for whatever reason, including for  govt reasons or simply a employee with no morals).i for one do not need my credit card details, bank records etc on the "cloud" (think quickbooks or similar) or my medical history for that matter.
other reasons: if you get stuck with a slow/expensive internet connection (per minute fees, data caps, stuck on a dish or dialup, etc) it could cost you plenty. better to have your backups on dvd/blueray, external drive of some sort, etc.

and yes this is about security, you being reasonable secure against threats like cryptolocker and so forth. if you have backups these things are never a worry. an inconvenience , yes, but you can recover for the cost of you backup media and some time.

[Mind Flayer Monk]

stuck on a dish or dialup, etc)

I've never used a satellite dish before but I am curious about it. How slow is it?
Surprisingly, I do use dial up every once in a while.

[wr250]

I've never used a satellite dish before but I am curious about it. How slow is it?
Surprisingly, I do use dial up every once in a while.

usually 5mb/sec. in addition you have satellite lag (making gaming impossible, unless you playing cards or something) as well as a download cap and a (usually) 1mb/sec upload.

example hughesnet has a 5/1mb plan for their satellite internet. its $50 a month. i was paying (before i upgraded to my current) $42 a month for 10/1 through my cable company. i am currently paying $65 for 30/1mb/sec . it seems that directtv is partnering with the phone co's to provide internet access now.

[onan]

I don't have anything on my computers that needs to be backed up. If it is important to me, it is tangible.

[albrecht]

Call me a tin-foil hat type but how much of the viruses (and associated problems trojans, backdoors, keyloggers, etc etc) are possibly made by the same companies, and people, and governments who make software to remove them? It has always amazed me for example, that a high-profile anti-virus company is based in Russia- which also is the start of many of the threats. They also are often the first to "find" these viruses or security issues. (And I seem to recall a family member kidnapped a while back so who knows what the ransom was? Key code access, backdoors, or simply money?) A prominent US based company uses the name of a person who, no longer associated with the company, was on the run for a possible murder and was, apparently, experimenting with some substances similar to bath-salts in an almost harem like existence and claims the program now is bad. And the manufacturers of routers, chips, computers, and famous search engines etc also have had "relationships" with government entities who enjoy spying and data-mining. Or are now made in outright communist countries.

[wr250]

Call me a tin-foil hat type but how much of the viruses (and associated problems trojans, backdoors, keyloggers, etc etc) are possibly made by the same companies, and people, and governments who make software to remove them? It has always amazed me for example, that a high-profile anti-virus company is based in Russia- which also is the start of many of the threats. They also are often the first to "find" these viruses or security issues. (And I seem to recall a family member kidnapped a while back so who knows what the ransom was? Key code access, backdoors, or simply money?) A prominent US based company uses the name of a person who, no longer associated with the company, was on the run for a possible murder and was, apparently, experimenting with some substances similar to bath-salts in an almost harem like existence and claims the program now is bad. And the manufacturers of routers, chips, computers, and famous search engines etc also have had "relationships" with government entities who enjoy spying and data-mining. Or are now made in outright communist countries.

viruses made by govt's ? absolutely and without a doubt. esp when they are designed to hit very specialized equipment. yes they infect other computers , but only spread themselves till they find the right hardware, then disable or impair it. im not saying some *hacker , or a group of  *hackers cant do that, but only a govt has the info on some of this equipment.  note many viruses are built on proof of concept code from security researchers by *hackers.
most of these are driven by money. compromised computers bring large dollars to those that rent them out. you can rent a botnet these days to carry out ddos attacks, plant trojans inside major corps, or simply steal bank account or cc info (the reason i wont put that info on the cloud).
you can buy credit card #'s bank info and all the rest (think target break in, info was probably sold within a few hours of the break in)

as far as computer components go, yes they can be manufactured with "undocumented features". since it is there by OE design, it is not a "virus" . it could be a trojan, or other things used to spy. usually these are found quickly by *hackers and security researchers as backdoors into a system, or outgoing data that cant be accounted for by normal processes.the us govt has had this problem with chinese manufactured boards.
famous search engines and OE software manufacturers have in the past and possibly in the present had backdoors into their software. thats all moot at this point as most isp's simply hand over access to equipment and your data on the wire. encryption does not matter as they have unlimited time and funds , along with data centers with enough processing power to crack a 20 char password in a few hours.  your tax dollars at work spying on you instead of being used in a useful way such as helping the poor become middle class,but i digress.

as far as the former owner of a major antivirus co goes, his word is suspect after his binge on cocaine and pot (and god knows what else, i doubt he does) in central america for many years. however that software is garbage, as it hogs resources and slows the computer down excessively, where some of the free competitors barely make a hit on resources, and only slow the computer down during a scan (due to hard drive access) .

if you want to be *more* secure then you need to install a bsd (and not macosx) or a hardened linux distro. no computer is 100% secure from data breaches, with the exception of those with no drives of any kind (optical, flash or otherwise) and will not start up (due to hardware failure). otherwise its an exercise in mitigating risk. 

and this is why i recommend backups. get hit with something , need to re-install your os. with backups you can restore your checkbook program, restore pictures, projects (of whatever kind) ,porn ,music or whatever.

*hackers this is an incorrect term. a hacker is someone who makes 2 things that dont work together, work together.  more correctly the people i  *'d  should be called crackers (as in safe cracker), as they usually have monetary gain in mind, or retribution . the ones with little or no programming skills are called script kiddies.

[albrecht]

*hackers this is an incorrect term. a hacker is someone who makes 2 things that dont work together, work together.  more correctly the people i  *'d  should be called crackers (as in safe cracker), as they usually have monetary gain in mind, or retribution . the ones with little or no programming skills are called script kiddies.

Sorry about that semantics re: hackers, crackers, etc. It would seem that everyone, statistically at least, is compromised unless their computer is some legacy construction without USB/CD/DVD/etc, running in a Faraday cage! And forget about WiFi or the internet!

[fotd]

Use a password safe, so you only have to remember one master password.  I recommend KeePass.  I've been using it for years.  I've got a copy on my windows, linux, and android so I'm never without my passwords.. 

http://keepass.info

[Juan]

I devised a formula so that each password for each website is different, but if I follow the formula, I don't have to remember each password.

[Kate the Bionic Uterus]

Sorry about that semantics re: hackers, crackers, etc. It would seem that everyone, statistically at least, is compromised unless their computer is some legacy construction without USB/CD/DVD/etc, running in a Faraday cage! And forget about WiFi or the internet!

USB and removable drive protection reminded me of this;
http://www.mcshield.net/
Anybody else use it or something like it?

Use a password safe, so you only have to remember one master password.  I recommend KeePass.  I've been using it for years.  I've got a copy on my windows, linux, and android so I'm never without my passwords.. 

http://keepass.info

I use LastPass https://lastpass.com/

I devised a formula so that each password for each website is different, but if I follow the formula, I don't have to remember each password.

... but you DO need to remember the formula XD

I use this if I need a good password;
http://www.wolframalpha.com/input/?i=passwords&dataset=

[wr250]

i use this:

Code Select Expand

cat /dev/urandom| tr -dc 'a-zA-Z0-9' | fold -w 10| head -n 4


gives upper case,lower case and numerics in a 10 char password. it gives 4 passwords. if i want special characters i would do this:

Code Select Expand

cat /dev/urandom| tr -dc 'a-zA-Z0-9-_$#%&@!*’ | fold -w 10| head -n 4

[onan]

I use this formula... what is the next book title I can reverse?

[zeebo]

If these features don't sound particularly beneficial to you, it's because you're not the customer of any of these companies. You're the product, and you're being improved for their actual customers: their advertisers.

Hit the nail on the head Kate.  People need to realize their social networks are really just highly-profiled advertising markets.

[Kate the Bionic Uterus]

Hit the nail on the head Kate.  People need to realize their social networks are really just highly-profiled advertising markets.

Thanks for picking that up. It may be the smartest thing I ever posted XDD By chance did you happen to watch PBS, Frontline this week? They had an excellent (and by excellent I mean disturbing) mini doc on this generation of kids and young adults. They called them; "Generation Like" It was a mind bender, making you question the purpose of social media and mobile technology. http://www.pbs.org/wgbh/pages/frontline/generation-like/

[Mind Flayer Monk]

Frontline this week? They had an excellent (and by excellent I mean disturbing) mini doc on this generation of kids and young adults. They called them; "Generation Like" It was a mind bender, making you question the purpose of social media and mobile technology.

We are three years ahead in the future here at Bellgab Labs:

3) I8U: Logs advertisers that shows you images and places them on a blacklist. It allows you to automatically generate posts about how disappointed you are with the advertiser, and includes quickly generated memes showing the product being used by distatseful people (think Obamaphone).

If you want to learn more about the content covered in that frontline show, this researcher has some good stuff
http://www.isi.edu/integration/people/lerman/publications.php