Digiland DL718M tablet: a review

The Digiland DL718M tablet is an inexpensive (sub-$40) tablet sold at consumer electronics stores like Best Buy. Make no mistake, it’s a basic tablet for basic needs. But given reasonable expectations you can buy one of these and be happy with it.

This isn’t a new market by any stretch. But it seems like tablets in this price range are usually Black Friday specials, or only available on online marketplaces far abroad. The Digiland DL718M is one you can get today if you want.

Read more

A scammer called me a fraud

Someone I know got a tech support scam popup that said their computer was being hacked. I said to bring the computer over. I wanted to see it.

I found the malicious site in the browser history–I’ll tell you how to do that after I finish my story–and pulled the page back up. The computer played an MP3 file with a scary-sounding message and urged me to call an 888 number. So I called. I got voicemail. I left a message.

Read more

Recommended DD-WRT settings

I’ve been asked a few times now for my recommended DD-WRT settings, or at least my good-enough settings. I think that’s a great idea, so I’ll walk through how I configure a DD-WRT router. Follow these steps and I can almost guarantee you’ll have the most secure network on your block.

For the purposes of this tutorial, I am going to assume you are configuring DD-WRT as your primary router.

Read more

Cleaning a PC when fdisk-format-reinstall isn’t an option

There are any number of pie-in-the-sky pundits who will tell you when a computer starts to get slow, to format the hard drive, reinstall Windows, and go on your merry way.

Unfortunately it’s not always realistic. I don’t clean up PCs all that often anymore, but here’s what I do when I need to.

Read more

The workstation events you want to be logging in Splunk

Every once in a while the NSA or another government agency releases a whitepaper with a lot of really good security advice. This paper on spotting adversaries with Windows event logs is a fantastic example. It’s vendor-neutral, just talking about Windows logs and how to set up event forwarding, so you can use the advice with any log aggregation system or SEIM. I just happen to use and recommend Splunk. But whatever you use, these are the workstation events you want to be logging.

I want to call your attention to a couple of items in the paper. Most breaches begin on workstations, and this paper has the cure.

Read more

Stream from Windows Media Player to Android

I wanted to be able to stream from Windows Media Player to Android. I have lots of media stored on my Windows computers, but what if I’m in a room that doesn’t have a computer, or outside?

Good GenXer that I am, I spent decades collecting CDs. Some of my stuff is as common and ordinary as it gets. But some of it isn’t on any of the streaming services and probably never will be because there were exactly two other people alive who liked it.

I ripped most of them with Windows Media Player and stored them on my PC with the biggest drive. But that’s not necessarily where I want to listen to music from. Media Player can stream between multiple PCs, but it can also stream to an Android phone or tablet, which, in many cases, is even more convenient.

Read more

A guide for safe and private web browsing

Continuing in the theme I’ve been following for the last couple of days, here’s a guide to security and privacy with web browsers. Like the guide I linked to yesterday, I’m not sure I agree with it 100%–I think saying never use Internet Explorer is too absolute–but I do agree with the overwhelming majority of it, and if everyone did all of this instead of what they’re doing now, we’d be in a much better state.

And, on a somewhat related note, here’s a rundown of what Windows 10 changes in the way of privacy, and some recommendations, but here’s a hint: You’re going to want to type privacy into your Windows search bar, pull up everything related, and start shutting stuff off. Use your discretion, but chances are there will be several things. If nothing else, there are things that are appropriate for a Windows tablet that aren’t appropriate for a desktop PC.

Let’s get back to privacy and safety in general, whatever OS you’re running. Here are some highlights.

Read more

uBlock settings for better malware protection

I have some easy uBlock settings to improve how it protects you against malware. You don’t think of ad blockers as a security tool? I do. It’s a good idea to use one even if you configure it to allow most ads through.

My favorite ad-blocking extension for Chrome is uBlock, because it’s faster and more resource friendly than the better-known Adblock Plus. It also comes configured by default to block known malicious sites, where Adblock Plus makes you dig for that feature.

But it’s still possible to tweak uBlock to give you even better protection against malware, and that’s a good thing. It’s one thing to detect malware and block it after you download it. But it’s even better to detect and block it before you download it in the first place. That keeps you safe if your antivirus software is slow to update for any reason.

Read more

How to mitigate MS15-078 or future Microsoft font driver vulnerabilities

Microsoft rushed out an out-of-band patch, MS15-078, to deal with active exploits in their font driver yesterday. Since pushing out patches takes time, my boss asked me what we could do to mitigate the issue in the meantime.

The biggest threat, by far, is exploit-bearing fonts being downloaded from web sites. Ideally you only install trusted fonts from trusted sources locally on your workstations, right? If not, I suggest you start that practice as well.

You have a couple of options when it comes to blocking fonts in browsers.

Read more

Expect a rough road ahead for Flash

Adobe has patched Flash twice in two weeks now. The reason for this was due to Hacking Team, an Italian company that sells hacking tools to government agencies, getting hacked. Hacking Team, it turns out, knew of at least three unpatched vulnerabilities (also known as “zero-days” or “0days”) in Flash, and exploits for these vulnerabilities were among the things that got breached.

That’s why Adobe is having a bad month.

Read more