Category: Security

Technology Update 11/12/18: Resisting Technology

1.  Although I covered the new Mac computers and iPad Pro at length in a blog post for my Apple clients on 11/1 (https://theacronym.com/2018/11/01/recap-of-apples-brooklyn-event/) I wanted to make everyone aware of these new models.   Apple has a new Mac Mini desktop that starts at $799, a Mac Book Air laptop that starts at $1199. If you’re frustrated with Windows and want to go Mac, these are your points of entry.  The iPad Pro is an interesting device.  It has as much or even more raw power than almost any personal computer out there.  It’s extremely portable.  Apple even sells a magnetic keyboard that makes it like a laptop.  With the keyboard, it will cost at least $1000.  For some it could become a primary computer.  For others, the iPad Pro may represent a strong secondary device.   If you can learn to play within its rules, it’s a much simpler device than a desktop Windows or Mac environment.  Don’t forget the regular iPad @ $329.  It is the best value in the Apple family.
2.  With all of this Apple excitement, I don’t want to leave out the Windows world.  New models are out as well.  If you want something like an iPad Pro, that still runs a full version of Windows  — look no further than the new Microsoft Surface 6.   With Windows systems, I will always go back to my clubhouse leaders.   For a premium product, you can’t go wrong with the Dell Latitude 5000/7000 laptop, Lenovo Thinkpad T480, or Thinkpad X1 Carbon.  These are systems built to last.  In terms of desktops, I am still a fan of the Dell Optiplex and Lenovo Think Centre systems.   Most of these computers are custom orders and not found in stores.  Occasionally, I do go on a shopping trip with a client at a big box store and last week there was such an occasion that arose.  I didn’t want to pull just anything off the shelf.  At about $500, this HP desktop met my standards.  It looks good on the desk and there was only one junk program that I had to remove.  It is a great option for the budget conscious.  https://www.bestbuy.com/site/hp-pavilion-desktop-intel-core-i3-8gb-memory-1tb-hard-drive-128gb-solid-state-drive-hp-finish-in-natural-silver/6290502.p?skuId=6290502
3. Resisting Technology
I know that some of you are hesitant to embrace new technologies offered by the devices you own.  One that I don’t think you should avoid is Apple Pay (or for those of you with Android phones that support it, Android Pay).  Adding your credit or debit card to the Wallet on your iPhone costs you nothing and takes only about 5 minutes to set up for one card, if that.  Stores like Panera, Starbucks, Dunkin Donuts, Stop and Shop, Best Buy, Costco, Macy’s and thousands more will allow you to pay by tapping your phone.  Why should you do it?  If you would already pay with a card, using Apple Pay helps prevent identity theft.  The store never gets your 16 digit card number. It gets a very long, randomized string of numbers.  If a particular store suffers a massive breach, like Target or Home Depot did a few years back, you will be in the driver seat.  The super secure card number you used via Apple Pay cannot come back to zap you.  Your Apple Pay device generates a dynamic security code for each transaction. I use Apple Pay whenever I can.  Check out the Wallet app on your iPhone if you’ve never looked at it.
Advertisements

Technology Update 10/03/18: An Absolute Liar

The world of technology is really disgusting at times, with its scams and trickery.  I’m here to help you make sense of it, to provide some I.T. therapy.  We have to fight back or at least mount a strong defense.
** Want to get one quick point out of the way:  No new consumer focused Macs have been announced yet.  I expect laptops and desktops, along with a new iPad Pro by the end of the month ***
Fake E-Mails and Calls – A Lesson for All
I made an emergency visit to a client earlier this week.  The report I got was that a SPAM email was opened and then calls started pouring in from “Microsoft.” Then the client claimed to have found the number for Microsoft and called them with a message and an expectation of a call back.  This really had my wheels turning.  The client used a Microsoft email account (Outlook.com, formerly known as Hotmail.com).  When I got there, I saw what had happened.  The email talked about an email upgrade in 2018.  To be fair, sometimes Microsoft or other email providers do upgrade their services and let users know the details.  However, the e-mail was sloppily composed.  It was as if an elementary student decided to try out size 48 font.   Furthermore, the sender’s address was @outlook.com.  An official e-mail from Microsoft would never look like this.   It seemed like the mere opening of the e-mail triggered the sender to make a phone call to my client.  The sender did not work for Microsoft.  They are an absolute liar!   Then my client searched through the MSN.com website for a Microsoft phone number, using the Bing search engine. Stuff like this wants to make me pull my fingernails out.   They were asked to log into a Microsoft partner website on a Microsoft.com website address, then receive a call back.  Calls were made to and from a phone number with a 425 area code.  It’s very convenient that that area code pertains to the part of the country where Microsoft is headquartered.  When I arrived, the client was waiting on a call back from the 425 number.   I investigated the phone number and the advice I gathered said to avoid it and do not take the calls.   Therefore, the second call after the initial scam call was very suspicious. Another liar?  It doesn’t even matter at this point. With the right software, bad actors can pretend to use legitimate numbers.
Due to the fact that my client used a Microsoft e-mail account and they logged into Windows 10 with this account (the default option these days), and was logged into the Edge browser with it as well, I immediately had them change the password to the account.  I also ran a malware scan on the computer and found no infections.  The client is already using one of my strategies to defeat scam calls — a cheap answering machine with an external speaker.  Taking it to the next level, a call blocker can be used as well.  This model gets outstanding reviews on Amazon and blocks up to 2000 numbers. https://amzn.to/2OyFwzG   An upgraded model that blocks 5000 numbers costs a few $$ more.
 
In less than one hour, I helped to restore sanity to a troubling situation.  Had a different career path worked out for me, I would have become a psychotherapist.  Right now, I’m just happy to be your technology therapist.  🙂
Bottom line:  Microsoft, Google or Apple are not going to call you.  In some cases, these companies will call you after a case has already been opened.  With the exception of Apple, which makes their support number public, do not go Googling numbers for Microsoft and Google.  I have seen this end in pain too many times.  Also — leave SPAM e-mails alone unless you are sure it was mistakenly placed there.
Musical pick of the week:  https://www.youtube.com/watch?v=OnVUKES-mDE

 

E-mail authenticity

Was that e-mail really from you?
I got asked this question by a client recently.  And it makes me think about trust in e-mails. We all have the right to question whether e-mails are authentic. I seek the same answers. I take the security of my e-mails and client contact information very seriously.
I guess I could start by saying that my business e-mail account has never been hacked.  With that said, this fact would not stop a bad actor from an account pretending to be me.  With the right e-mail program you can make the “From” address anything you want.  However, they would need my address book.  I send all of my group e-mail out as BCC (which means that you don’t see all of the recipients).  That address book is stored in the cloud in an account protected by two factor authentication (something you should have enabled on your iCloud, Google, and Microsoft accounts used with e-mail / contacts).  Further enhancing security, my second factor is not my phone number, meaning I authenticate by something more secure than a text message.  My contacts are locally stored on 3 devices – a laptop, a smartphone, and a tablet.  All three of those are locked with encryption.  Considering all of this, it would be pretty hard for a bad actor to send an e-mail to all of my clients.   I should also add that I almost always use one of three salutations in my e-mail updates:   Dear Clients and Computer Students (for all clients), Dear Mac Family, and Dear Windows Clients, depending on the group I am addressing.  Great question!  Thanks for asking.

Technology Update 8/8/18

Trusting in Technology
Have we given too much control of our lives over to companies like Google (You Tube), Apple, Facebook (Instagram), and Twitter? In my mind I try to rationalize the idea that Microsoft is a half-step better.  However, they own a major information distribution platform in Linked In.  Microsoft certainly has the power to shape how job seekers and those engaged in professional networking see the world.  We couldn’t have a conversation about the techno powers of the universe without talking about payment processors.  The most well known, PayPal, comes to mind.  Some I know and respect had a business relationship with PayPal dating back at least 5 years.  Revenues were approximately $500K per year.  Recently PayPal told him, we don’t agree with your values, so you can’t accept payments with PayPal anymore.  Is this where we are headed?  Will we let protests by internet mobs, with no due process, no right to confront accusations literally shut down the ability of individuals to earn a living?  However, I think what we have to remember is that the six companies mentioned above are private businesses.  They are not an open, democratized soap box like the public square.  They do have the right to de-prioritize or even ban accounts.  My point is, they should just say we are a private business and we say what goes.  Don’t claim to be something you are not.    Additionally, individuals and organizations should not base their business model off of someone else’s sandbox.  Having a website that you control is crucial.  Roadblocks will give rise to innovation and new platforms.
Still waiting for “consumer” Mac laptops…

Beware Browser Hijacks

Most of you use the Google Chrome browser.  It is my browser of choice as well.  However, this message is still applicable if you use Firefox, Safari, or even Microsoft Edge.

The security threat I see most often these days is the browser hijack.  This does not mean your whole computer had been taken over by malware.  However, your browser has been corrupted.  Your homepage may be unfamiliar to you.  Google searches are being rerouted to a strange search engine.  Its even possible that all of your browser traffic is being intercepted.  Scary stuff!

You can tell if you are being hijacked by searching in the search box of your browser or going to Google.com.  Search for whatever you’d like, “new restaurants Philadelphia” for example.  The results page should CLEARLY come up on a Google page (or possibly Bing if you use the Edge browser).  It should be obvious – clear as day.

If you do not see Google search results, you have a problem.  It’s likely that you have mistakenly installed a bad extension in your browser.   Most often, this is not a crisis requiring the operating system to be reinstalled.

However, your browser history needs to be cleared, the offending extensions need to be removed, and the browser needs to be reset.
Don’t lose hope!

Weekly Technology Update

A. Privacy:  GDPR and Oath.   You may have received a bunch of notices recently detailing the updated privacy policies of various services that you use.  The European Union’s new privacy laws take effect on May 25th.  These regulations are known as GDPR.   They are taking customers’ data a lot more seriously than we are on this side of the pond.  International companies such as Facebook and Google are adhering to these standards even for their American customers.  It’s a solid business practice.  Did you know that you can download all of your Facebook (or Google) data in a single file?  Did you know that you can control how Facebook advertises to you?   GDPR = Good.   To find out more http://money.cnn.com/2018/05/21/technology/gdpr-explained-europe-privacy/index.html

Additionally, some of you who have a Yahoo or AOL account may have received notices about policies from an organization known as Oath.  (My joke is — “zero authorization to violate your privacy,” but I’ll get back on topic.).  Oath is a division of Verizon that oversees both Yahoo and AOL.   Yahoo users may have even been asked to accept the new terms.  You really don’t have a choice if you want to keep using the account.   As a quick primer for those new to the VIP Computer Care family — my favorite free e-mail accounts are Google and Outlook.com.   Customers may choose a paid e-mail account if they want to get actual customer support.  My favorite choices  here are Fastmail ($20 per year), G (G Suite a paid Google account, $5 per month), or Office 365 (a paid e-mail account from Microsoft, $5 per month).

B.  Windows:   I’m still compiling reports of horror stories from users that had bad experiences with the latest version of Windows 10 (version 1803), released on April 30th.  Whenever possible, I have set your Windows computers to a 120 day delay schedule.   Unfortunately, I had to help a customer last weekend who couldn’t delay Windows version upgrades.  He purchased a consumer grade Windows desktop.  I offered the next best thing.  I managed the upgrade for him.  It took 2 hours, which is about what I expected.  With fingers crossed, there were no hiccups.  I am not recommending that I do this proactively for others, at this time, if you have already been set up for a delay.  Ultimately, Microsoft will iron out the wrinkles.  After all, hundreds of millions of business customers rely on Windows.   Version 1803 should be ready for prime time in a few months.  In August, lets talk about upgrading your computer. 

C.  Mac:  Apple’s big annual event, the WWDC, is happening on June 4th.  While it’s not specifically a new hardware event, Apple has been known to release new Macs at this event.   We can only hope that they offer a mea culpa on the Mac Book Pro and their awful keyboards.  At the very least, they could update the Mac Book Air with 2018 innards.  (The 2017 Air, while still my #1 choice at this date and time, features 2015-era parts.)   Additionally, the Mac Mini needs a major refresh.  It has not been updated since October 2014.  Apple needs to keep a $500-600 Mac on the market to welcome new customers into the family. 

Facebook and Google Privacy

If you are a Facebook user, I would encourage you to tweak your privacy settings or get some help doing so.  From the computer, when you are on Facebook.com you need to click the triangle in the upper right corner of the Facebook page.  From there click on Settings.  Then click privacy.  Those settings can be tweaked to your liking. I  think the most important one is the setting all the way down at the bottom.   Do you want search engines outside of Facebook to link to your profile?  That should be set to “No.”   After you have adjusted those options, you will also want to look at Apps and Websites from the Settings page.   There you will see all of the websites and apps that you have given access to using your Facebook account.  Some of these may be valid, but there may be some that you want to revoke.   In the Security and Login section you can turn on two factor authentication for your Facebook account.   I highly recommend it if your Facebook account is important to you and you want to prevent unauthorized access.   Finally, you need to go to your Facebook profile page by clicking on your name at the top of the screen.  You should go through each entry in the About section and decide whether info like your birthday, employers, Likes, and so on are shared with Only Me, Friends, Friends of Friends, or the whole world.   It’s time for a tune up!   You may need to put the same effort into your Google account as well.