Category: Security

The Value Of Anti Virus and Defensive Computing Strategies

(A couple of definitions before we start. I have talked about VPN’s before, with the VPN being a piece of software that runs on your computer (or computing device) that runs your internet traffic through a private tunnel. This can be done for privacy, security or both. DNS is the “phone book” through which you look things up on the internet (domain name system). By default you use the DNS of your internet service provider. If you own your own router, you can set a custom DNS (free option) that blocks most malware.)

The best anti virus is a strategy built around defensive computing practices defensive computing practices

– If I could only choose 2 of the following 3:  (#1) VPN that has a malware block option, (#2) using Quad 9 or similar as the alternate DNS in my router (which blocks about 99 % of known malware domains) for those situations when I don’t have my VPN on or I have browser bypassing my VPN, or (#3) traditional anti virus software…..

…. I would choose the first 2. 

however since it seems like many clients want to have the additional protection of antivirus software…..  you have to remember that the typical clients I serve are older adults either at home or in their businesses who are not very technologically savvy and like a lot of customer service and handholding.   I don’t necessarily put a lot of weight on antivirus rankings and publications that claim to do those rankings because a lot of them are just paid advertisements.

Traditionally — my go to recommendation for Mac AV has been Intego.  They are a French company with local phone support based in Texas. They’ve actually removed viruses from my clients’ computers so that’s why I trust them. The phone support has been excellent when my clients have needed them.

I’ve had good experiences with ESET on the Windows side – and based on my dealings their customer support was located in Southern California even though they are also a European company. I’ve never tried them out on the Mac but I wouldn’t doubt that they are an outstanding product.

Bit Defender has a legendary reputation but I don’t have a lot of real world experience with them. However, it should be known that they provide support by chat, E-mail and phone – so another senior friendly option.   Another Mac Anti-virus that I have found valuable in the past — though they are not necessarily known for providing great customer support for seniors is Avast antivirus. I don’t know if they still do this but they had a habit of scanning websites before you visited them which I thought was great. One time a Mac client was going to upload some sensitive information to his accountants website and avast detected that it was compromised. It led to a startling revelation for the accounting firm.

An antivirus that I would like to try out but haven’t is PC Matic. You may have seen a lot of their ads on TV. They’ve recently expanded to support the Mac and they use a very different strategy than traditional antivirus by blocking you from ever accessing tons of harmful websites.

In conclusion…

1.  Use defensive computing practices, do not click on links or open attachments from people you did not expect to receive them from. Do not re-use passwords. Use an ad blocker in your browsers.

2.  If desired, use a VPN that offers malware blocking meaning they block malware domains as one of the filter options. Personally, I use Windscribe VPN but there are others that do this as well.

3.  It’s impractical to use the VPN 100% of the time. Frankly, some of my clients just won’t use one period. I actually keep mine on pretty much 100% of the time but I’m allowed to exempt certain browsers so I always exempt one browser and therefore my activity in it is outside the VPN. For those situations that is why I have Quad 9 as the DNS in my router because it blocks 99% of malware domains.  Quad 9 is free to use.

4.   Antivirus is great for when strategies one through three fail or when you’re dealing with attachments or files on the computer. I would just make sure that the antivirus that you’re using scans all files opened, and ideally that they do a little scan of websites before you visit them. If customer support matters to you, I have given you a couple options that are better in that area. 90% of my Windows clients just use the built in Microsoft Defender. This anti-virus also features Smart Screen but it really only works if you are using the Edge browser. If you are on Windows and you are not paying for a 3rd party anti-virus – consider making Edge your primary browser. It is Chrome based these days and works very much like Google Chrome.

Comcast Gems and Basket of Tips

I hope it’s not a mundane Monday for you.

Going to the Movies – Thurs Apr 28 545 PM

For the first time in 2 years, I’m going to the movies.  WOW.  The great thing is that I don’t have to leave my home.  There is going to be an in person premiere of “Keeper of Time” at the SVA Theater in NYC on Thursday.  However, unlike typical theaters, viewers can watch virtually anywhere in the world at the same time.  This 90 minute documentary looks at why we measure time and why we care.  It also profiles four of the highest level watchmakers in the world.  You can find out more and see a 2 minute preview at https://www.keeperoftimemovie.com/home#about .  Tickets are $20 + $4 service fee.  I’ve got my virtual ticket and will be watching on my computer.  Hope to see you there.  Feel free to text me during or after the film if you want to discuss.

Gems of Comcast Services

Continuing with the streaming theme…..

If you need help with any other kinds of streaming such as Amazon Prime, Apple TV Plus, especially for the baseball games, let me know.  I’m finding that many of my clients that have Comcast / Xfinity for their cable TV provider are finding it especially easy to play services like Amazon Prime, Netflix, and others.  The Xfinity X1 remote has a microphone.  Holding down the phone will easily allow you to bring up those services by  name.  If you give the cable box permission (which I think is fine), you can also allow it to display results from the streaming services within the results of other On Demand programming.  My typical senior clients LOVE that microphone button on the remote.  It opens up a whole world of possibilities and usability.  It’s one of the gems of their increasingly expensive service.    Correct me if I am wrong, but I believe Cox cable has a similar remote that you can talk to. 

Roku Is the Best

If you don’t pay for TV or even if you do, having a separate streaming box might be a good idea.  I tend to prefer the Roku.  I have been a Roku user since 2011 or 2012.   It connects to all the major streaming services.  Modern Roku’s are also capable of Apple Air Play (direct beaming from iPhones, iPads, and Macs).  And in a room, like my bedroom, with no cable outlet — I can use the Roku as a virtual cable box for Comcast / Xfinity.

Basket of Tips

1)  I can’t stream?  Can I? Do you think I am capable? Am I too old?  I think you can!!  If you can master these 5 or 6 basic buttons on a remote, you will be streaming like a pro in no time

* The Directional Arrows*

Up — Down — Left — Right

OK,  Back, Exit, Home

>>>You’ve got this!!

2) There are TVs with the Roku platform actually built into it.  As long as is a current year model or last year — it may be a good deal if you need a new TV.  3 years old would be terrible.  I am a bit old school and I still like a separate Roku box or stick with my TV I am not a huge fan of built in Smart TV platforms but my wife uses built in You Tube all the time

3)  By the way — if you watch You Tube all the time — you probably want  You Tube Premium (which is not the same as You Tube TV).  You Tube is getting more aggressive about showing ads.  You either need an ad blocker on the computer or phone (which I use religiously) or sign up for You Tube Premium at $12.99 a month.  No Ads!!  It also gets you unlimited You Tube Music (formerly called Google Play Music.

Tips From Others — Tips 4 and 5 come from what I have learned out in the field

4) In an ongoing discrimination case involving a local police department one officer was asked if he had made a pact or an agreement with another party.   He was ordered to turn over his phone.  “No problem your honor — but I delete my text messages every night.”   Wow!!  As your digital privacy advocate — I love that!!  If you are concerned about this type of thing, you have my permission to erase your tracks like this.

5)  Want to prevent digital intruders or from that computer being ONLINE all night?  You can turn off WiFi or put your device in Airplane Mode every once in a while.  I don’t do this all the time.  I wouldn’t recommend doing it every night as updates are important but I would be OK with doing this some of the time or most of the time as some of my clients do. 

TMobile Improves Customer Security

https://tmo.report/2022/03/exclusive-t-mobile-adding-number-transfer-pin-for-port-outs/

According to the article — they will be implementing the NUMBER TRANSFER PIN  (NTP) soon.   This will require one to go onto the T-Mobile website or app to obtain a PIN number to transfer their number to another carrier.  Bravo!!!

There has been so much number transfer fraud — especially with this company.  It’s about time.

Weekend Technology Notes

Big Kid Macs

I was basically right in the email that I sent out to my Mac clients early Monday morning about Apple’s new Mac Book Pros. I knew the pricing would be higher.  The new Mac Book Pro 14 inch starts at $1999 and the 16 inch (which I don’t expect a lot of my clients will be buying), starts at $2499.  These are not rip offs by any means.  They are high powered professional machines.  Unless the “best” is desired out of principle rather than practicality, I think the Mac Book Air is going to suit the vast majority of my Mac clients seeking a laptop.  The 512 GB model @ $1249 would be the one I steer you toward.

Couldn’t Stop This Scam

I had a sad phone conversation with a client today about their friend.  Sadly this friend had been given my name before but had never joined my business family and the system of services and education that I provide.  This person got a  call from “Amazon” saying that someone had tried to purchase an iPhone Pro Max with their card but they had “stopped” it.   Sound real?  Think again.  The representative was granted access to the victim’s computer and had them log into online banking.  There the refund was “issued.” However it wasn’t.  The scammer simply adjusted the text code on the banking website.  Instead of a $1400 refund, the victim was “credited” $14,000 – by “mistake” of course.   The scammer said they would lose their job and demanded the difference back as a wire transfer.   Hint:  If it was $1000 involved, the scammer would have asked for gift cards.  However, the scammer saw that there was more than $14,000 in the victim’s bank account.  Only a wire transfer would do!  Their bank actually allowed the victim to send out the transfer, which went to Hanoi. 

UNBELIEVABLE!!   It really happened.  And the victim still believed it was real.  I told my client to tell this guy to go to his bank immediately.  Explain he is the victim of a crime.   Maybe — it can be reversed — but it’s doubtful in my opinion.  It’s hard to claw back a wire transfer, especially an international one. 

Update On T-Mobile Breach

Here is the most updated info from T-Mobile

https://www.t-mobile.com/brand/data-breach-2021

It turns out 47.8 million customers were affected (which is about 1/2 their US customer base).  It breaks down to 8 million cellular accounts and 40 million prospective customers that applied for credit.  Keep in mind credit was pulled in the past whenever new customers signed up or financed a phone.  (T-Mobile and Sprint now are one company.  I don’t know how many of these records pertain to old Sprint customers or if they are pre-merger T-Mobile accounts).    T-Mobile CLAIMS that no financial data, like Social Security #’s were accessed. 

Here is what they are doing however.  They are going to offer two years of ID theft protection through McAfee.   I’m going to skip that.  McAfee hasn’t done anything good for computer security since the 1990s.  The late, great company founder John McAfee despised what his old company had become before his death.  You can sign up for it if you wish, but I would prefer that  you obtain all of your credit reports from annualcreditreport.com, then sign up for a credit freezes or at the very least fraud alerts.

Secondly — here is something you can take action on today.  T-Mobile is asking you to change your account PIN.  This is also known as a billing passcode.  You can do it online or you can call 611 from your phone and talk to customer service.  If that billing passcode is in the wrong hands — someone can port your number out — steal it and take it to a different company. 

T-Mobile Data Breach

I don’t know all of my clients that have T-Mobile so I am going to make a general announcement in the weekly newsletter later.  However, I know you have T-Mobile.

Per reports I read in multiple sources like this Bloomberg article….

https://www.msn.com/en-us/money/companies/t-mobile-investigating-claims-of-data-breach-on-online-forum/ar-AANlDJU

TMobile’s entire customer database has been breached by hackers!! 100 million people.  The data discovered included full names, social security numbers and driver’s license numbers.    This is disgusting.  This information should have been stored in an encrypted fashion. 

My Thoughts

– I don’t think I’m going to leave T-Mobile tomorrow.   This could have happened to Verizon or AT&T as well, in theory.   They could have better security, but I don’t know.

– I don’t apply for credit all the time, so more often than not, I keep my credit reports frozen.  No one can open up accounts with the freeze in place.   If you do have your credit run often, you may want to consider a FRAUD ALERT instead, which will require your permission before lines of credit are opened.

– I assume T-Mobile will be providing its customers with a couple of years of some credit monitoring service.  That may be worth using, but keep in mind that during this pandemic annualcreditreport.com is offering all 3 credit reports free on a weekly basis.  https://www.annualcreditreport.com/index.action  — this website is the only one authorized by the federal government for obtaining free credit reports.   (The one on TV with that hideous jingle is NOT the same website.)

Websites for setting up credit freezes

https://www.transunion.com/credit-freeze

https://www.equifax.com/personal/credit-report-services/credit-freeze/

https://www.experian.com/freeze/center.html

Windows Ransomware Protection and Windows 11

Two Points for you today

1.  Some of you use a 3rd party anti-virus – a Norton, an Avira, ESET, etc.  That’s fine.  Keep using it if you like the features it provides.  However, for most Windows clients I say to use the built-in Windows Defender.  This is what the majority of you are doing.   You have heard about these awful ransomware attacks in the news.  Individuals and companies get their files locked and then get asked to pay thousands of $$$ in ransom.    Fortunately, Windows Defender now has anti-ransomware technology built in.   However, it has to be turned on.  I found this helpful article from Forbes that tells you how to do it.  If you feel uncomfortable doing so yourself, write this down and we can save this task for a future appointment.   https://www.forbes.com/sites/brookecrothers/2021/05/16/yes-windows-10-has-ransomware-protection-heres-how-to-turn-it-on/?utm_source=pocket-chrome-recs&sh=d09573a4c575

***If you use a different anti-virus — look into whether or not it has anti-ransomware capabilities.  This Forbes article is not meant for you at this time.

2.  There should be some exciting news coming out of the Microsoft camp this week.  On Thursday, they are announcing the future of Windows — which may entail a new version of the operating system called Windows 11.  Some test versions of this new software have leaked out into the wild and I have attached a picture for you.  I think Microsoft is going for a fresh look and a simplified interface.  When Windows 10 came out in 2015, it was billed as the last version of Windows ever.  It will be interesting to see how Microsoft explains their change of heart.   If they indeed call it Windows 11, it seems like a game of copycat is being played here.  The latest mac OS is also called version 11.  I have no idea when Windows 11 will be released or which existing computers it will be appropriate for.  I’ll fill you in as I find out.


windows11main_edit

My Thoughts On Life Lock and Identity Theft Protection

I remember when Life Lock first started out — they used to take out big ads in the WSJ (circa 2007).  Their CEO was a bold man — Todd Davis.  He would put his full social security number in those ads and say — go ahead and try me.     I remember there were some years after that when  people sued Life Lock, said they were a scam.  Then the credit bureaus stopped wanting to partner with Life Lock.   Life Lock did not give up but they evolved (several years back).  They ended up buying into one of the largest credit card processing companies so they could see all the transactions flowing through and this would give them a mechanism to protect you.   However, you have to give them all your credit card #’s and bank account #’s — so they can protect you.  I don’t think that’s a bad thing — for people who really want the service.  My bullet points on them are

-Life Lock is legit – despite some of their past controversies. 

-But customers should not be fooled by their $7.99 a month price they have on lifelock.com right now.  If you look at the cost of the REAL membership with the $1 million protection “Option 3”   — its $42 a month for a husband and wife ($35 / month paid annually)  and $25 / $30 a month if for individuals.  Those are just the first year introductory prices for year 1.  The “true price” for the 2nd year kicks in and is much higher.  I think someone has to really want the protection to want to pay that kind of $$ and you have to want the Norton services, which cannot be separated out.

-Again, you have to give them all account #’s for the protection to work.

-They are now partnered with Norton Anti-Virus — one and the same company and say that this is one of their key benefits.  It might be a great for a Windows computer — but in my personal experience with Mac clients — Norton is awful.  so this isn’t much of a selling point. 

What I do instead…

– I get free copies of my 3 credit reports each  year by the only site authorized by the federal government per a law that was passed about 15+ years ago.   https://www.annualcreditreport.com/   (During this Covid 19 era– they are actually allowing for free WEEKLY credit reports)

– I regularly keep all 3 of my credit reports frozen — and this can be done for free on each of the 3 bureau’s websites.  If i need to apply for credit — I go in and unfreeze the report the bank wants unfrozen.     (By comparison Life Lock only offers locking for one bureau)

-With my approach, I don’t have an “insurance” policy protecting me or monitoring of all my credit card purchases.  I check all of my banks online regularly. 

So bottom line — I think Life Lock can be great if you want all the hand holding or if you think you need all of the hand holding.  However, it can be very expensive.  Check around for other identity theft insurance without all the software if you think you need this.   More affordable options are Zander Insurance and Identity Guard.  These two companies and Life Lock offer US based phone support when needed.

Using A VPN–Privacy and Security Factors

I have previously written generally about why VPNs are important, even for consumers and small business owners.   Here I am going to get specific, covering two many reasons for use (privacy and security) and the scenarios where they come into play.

Rewind:  If I were to rewind just a step, a VPN is an application you run on your computer, smartphone and tablet to give you a private tunnel out to the internet.  I’m not going to endorse one over the others — but the three I like are Express VPN, Windscribe, and Private Internet Access (PIA).  Costs range from $2 to $10 per month.   I have explored Mozilla VPN (put out by the Firefox people) with some clients and it lacks a key feature at the moment so I am not going to put it on the same level as the other three. 

So today I am talking about “John the consumer” and “Jane the plumber.”   John uses computers and other devices at home.  Jane owns a plumbing company and has an office on Main Street that she controls.  (I’m going to leave working in an office under some big corporation out of the discussion because they often tell you what you can and can’t do with your computer).    John and Jane have two factors to consider when using a VPN — Privacy and Security depending on where they are using the internet

1.  At home or their office — Here the reason to use a VPN is PRIVACY.  John and Jane have routers with up to date firmware, computers with antivirus software, and computers and smartphones with the proper security updates.  Their internet connections are secure.   Speaking for myself, my home / home office Internet is totally secure even if I never use a VPN.  If you meet all of these parameters I laid out — there is like a 99% chance no one is going to infiltrate your internet connection.  John, Jane, and I use a VPN in the confines of our homes and offices because we don’t want our internet providers to know every website we visit.  We don’t want news or other shopping or informational websites recording our IP address (which ultimately links back to us).  It’s an issue of principle and privacy — not primarily for security. 

2. On Public WiFi –  I’m talking about the mall, the library, the hotel,and the coffee shop now.  People are going out a lot more and traveling.  You do not have control over these public internet connections.  It should not be presumed to be secure as in #1.   This is a different ballgame.   Here John and Jane use their VPNs for security.  Even though you are on that public WiFi connection, you are doing so through your VPN tunnel.  You will be protected from bad actors on that network.  Snoops on that network are not going to be able to do harm to your devices.   You are still getting that private connection,  but the security of the VPN is the biggest factor here. 

2a.  I should add this section here to say — I have found limited situations over the years where public WiFi connections refuse to play nicely with a VPN even after the settings are adjusted.   In these scenarios, if I am just using my smartphone, I turn WiFi off and just use the cellular connection.  At least I have a secure connection.  If I needed to use a laptop and couldn’t use a VPN, I would set up my smartphone as a hotspot. 

When Not To Use A VPN

– With Express VPN, Windscribe, and PIA — a split tunnel can be set up to allow certain apps to bypass the VPN.   Some bank websites do not work properly with a VPN on.  John, Jane, and I set up one browser to split off from our VPNs so that we can access any website that does not play nicely with the VPN.  This split tunnel feature does not work on iPhones.  It may work on some Android phones.

– When downloading operating system updates:  These happen outside of any browser and are typically very large files.  As long as John and Jane are on a secure connection in the home or the office, it wouldn’t be the end of the world to turn the VPN off solely for the purposes of the updates.

In conclusion, after digesting these two installments I’ve sent you, you may decide a VPN is not for you or it is right up your alley.  The choice is yours.  VPN use in on the rise among people like John and Jane.  They keep theirs on automatically, whenever their devices are in use.  Surfing the internet through a VPN tunnel is a pathway to freedom.

Important Security Update

For iPad and iPhone

If you have an iPhone or an iPad (even an Apple Watch) – there is an important security update that I just got notice of on Friday.   It is known as iOS / iPad OS 14.4.2.   This update fixes a critical flaw in Web Kit.   Web Kit is the engine that powers Safari (all the website browsing you do) on those devices, along with any apps that might render parts of websites.    Without Web Kit, the iPad / iPhone does not function. This update covers the iPhone 6s and later and iPad Air 2 and later.   Even though Apple is not updating the iPhone 6 and original iPad Air anymore, Apple did you a real favor.  They have issued an OS 12.x update for these 2 as well so that you have the Web Kit fix as well.

Settings >> General >> Software Update.    Get Updating!