Someone I know got a tech support scam popup that said their computer was being hacked. I said to bring the computer over. I wanted to see it.
I found the malicious site in the browser history–I’ll tell you how to do that after I finish my story–and pulled the page back up. The computer played an MP3 file with a scary-sounding message and urged me to call an 888 number. So I called. I got voicemail. I left a message.
I picked up a couple of refurbished Linksys EA6200 routers this past weekend. For whatever reason, DD-WRT isn’t officially supported on them, though it does seem to be a popular DD-WRT router. A lot of people make the upgrade far more difficult than they need to. With some simple hacks, Linksys EA6200 DD-WRT installation is pretty straightforward.
I came up with an 18-step process that I simplified just as much as I could. Unlike some methods I’ve seen, I don’t have you editing any binary files or creating custom startup scripts.
I’ve been asked a few times now for my recommended DD-WRT settings, or at least my good-enough settings. I think that’s a great idea, so I’ll walk through how I configure a DD-WRT router. Follow these steps and I can almost guarantee you’ll have the most secure network on your block.
For the purposes of this tutorial, I am going to assume you are configuring DD-WRT as your primary router.
One of the best things you can do to improve your security in a corporate environment is to limit the use of Java, or whitelist Java. Undoubtedly there will be one or more legacy web applications your company uses that require Java, and it’s almost inevitable that at least two of them will be certified for one and only one version of the JRE, and it won’t be the same one.
Believe it or not there’s a solution to the problem of conflicting JREs, but it took me years to find it, because I had no idea that Oracle called it “Deployment Rule Set.” The secret’s out now. If you run Java, and you want security, you needDeployment Rule Set.
Last week, Symantec discovered a worm that infects routers and takes measures to make them more secure. For lack of anything else to call it, Symantec is calling it malware, and most of the security echo chamber is probably howling over this, but I think I understand why it was created.
Sometimes you need to capture a web page in PNG or JPG format. And if you need to do that, it probably helps to be able to do it in an automated fashion, like by a script.
That’s IEcapt‘s purpose in life. IEcapt renders web pages using the Internet Explorer engine, then outputs it as a graphics file. Uses include e-mailing a dashboard to someone or capturing steps when technical writing. Sure, you can use a tool like Snagit, but IEcapt is free and can be automated.
I’ve talked before about the infamous Jeep hack, but there’s more to learn from it than just that cars are vulnerable. The way Charlie Miller and Chris Valasek hacked the Jeep has implications for any computer network.
Continuing in the theme I’ve been following for the last couple of days, here’s a guide to security and privacy with web browsers. Like the guide I linked to yesterday, I’m not sure I agree with it 100%–I think saying never use Internet Explorer is too absolute–but I do agree with the overwhelming majority of it, and if everyone did all of this instead of what they’re doing now, we’d be in a much better state.
And, on a somewhat related note, here’s a rundown of what Windows 10 changes in the way of privacy, and some recommendations, but here’s a hint: You’re going to want to type privacy into your Windows search bar, pull up everything related, and start shutting stuff off. Use your discretion, but chances are there will be several things. If nothing else, there are things that are appropriate for a Windows tablet that aren’t appropriate for a desktop PC.
Let’s get back to privacy and safety in general, whatever OS you’re running. Here are some highlights.