Pros and cons of RightTrack or SnapShot devices

Insurance companies are starting to offer discounts if you plug one of their devices, often called a RightTrack or SnapShot, into your car’s ODB2 port.

One of my college buddies asked me about them when his insurance company offered his family a 5% discount to plug these into their cars, and then make them eligible for up to another 25%. Those are compelling numbers. So what are the potential drawbacks?

Read more

Do I have enough CISSP work experience?

It seems like about once a month an aspiring coworker asks me how to get enough CISSP work experience. I think this shows a misunderstanding of the requirement, so I’m going to try to clear it up.

You don’t have to get your five years of work experience in one big lump. And that’s a good thing, because that would be hard to do. Sometimes you can get a security job without a cert and work your way toward it, but a lot of employers want you to come in with the certification already.

But that’s OK. As long as you’re doing something more than selling computers at retail, odds are you have some security experience that can count toward the requirement.

Read more

Simple tips to prevent ransomware

Last week at work, I noticed some odd events in an event log, and when I investigated them, I found they were part of a failed ransomware attack. This got me thinking about how to prevent ransomware at home.

Ransomware, if you aren’t familiar, is an attack that encrypts your data and demands a ransom, usually around $300, in bitcoins, and you get a short deadline until it destroys your files. More often than not, paying the ransom is the only way to get the files back, so it’s much better to prevent it.

Read more

Spot phishing e-mails with Outlook

I got e-mail the other day from Turbotax saying someone had filed my taxes for me. Obviously a cause for concern, right? Here’s how I determined the message was fake in about three minutes. You can spot phishing e-mails with Outlook the same way.

Some people will tell you not to even open a message like this, but if you’re a computer professional, at some point someone is going to want you to prove the message was fake. I think this is something every e-mail administrator, desktop support professional, security professional, and frankly, every helpdesk professional ought to be able to do.

So here’s how you can get the proof. And generally speaking, Outlook 2010’s default configuration is paranoid enough that this procedure will be safe to do. If you want an extra layer of protection, make sure you have EMET installed and protecting Outlook.

Read more

High side vs low side

High side vs low side

The other day I heard a reference to the “high side vs low side” of a computer system in a podcast, and the speaker didn’t stop to clarify. Worse yet is when you hear “on the low side” or “on the high side.” I came from the private sector into government contracting myself. I wasn’t born knowing this jargon either, so I’ll explain it.

Read more

Download more RAM — Safe? Scam? Joke?

Download more RAM — Safe? Scam? Joke?

A software developer asked me today about a website called Download More RAM. I don’t think he heard my other coworkers snicker. He asked if it’s possible to download RAM, then asked if it was a security issue. I said it’s best not to visit it, and spared him the history lesson.

Yes, there’s some history to it.

Read more

When will SSDs be cheaper than hard drives?

When will SSDs be cheaper than hard drives?

When will SSDs be cheaper than hard drives? Based on history, it’s possible to make an educated guess, and I’m going to do it.

Back in 2011, I noticed that historical hard drive pricing fell in line pretty nicely with Moore’s Law, and predicted that SSDs would do the same. I predicted that SSDs would reach 25 cents per gigabyte sometime in 2016, and was wrong. They hit that price in 2015. So I was late by a few months.

But I’m still willing to try to predict when SSDs will cost less than hard drives. I’ll predict when they’ll hit parity too.

Read more