The Silicon Underground

Home » Page 268

This week’s photo leak is a reminder of the need for good passwords

Dave Farquhar security September 2, 2014September 1, 2014apple, celebrities, decent password, nexus, OPSEC, passwords, tweet

This week, numerous celebrities, mostly female, had their Apple accounts hacked and intimate photos stolen and leaked. There are several things we all need to learn from this.

We don’t know yet exactly what happened, though I’ve heard several theories. One possibility is that the celebrities’ accounts were hacked recently. Another is that someone who’s been collecting these photos through various means was hacked.

The incident probably was inevitable, but it’s also entirely preventable. I can think of three things that led to it. While this discussion may seem purely academic, there are misconceptions many people, famous and not, have and need to get rid of.

Netstat scam and netstat scammers

Dave Farquhar scams September 1, 2014May 10, 2023command prompt, hp, Netstat, troubleshooting

A longtime friend’s aunt almost got taken by a fake tech support scammer. He told me about it, and in the process, this was also the first I’d heard of the netstat scam, or netstat scammers.

She saved herself by saying she’d have to check things out with her nephew first. That’s a good trick. Fortunately for her, the scammer didn’t try to delete anything, though he did immediately change from being very pleasant to being very rude. That matches my recent experience with these low-life crooks precisely.

She was vulnerable because the flawed MS14-045 gave her trouble and she had a case open with HP. So when this crook called, she thought at first that HP or Microsoft were following up with her about that.

The scammer’s best trick was to get her to open a command prompt and type netstat. Read more

Outsource your DNS to make your Internet connection more reliable

Dave Farquhar security, Servers and Networking August 29, 2014August 29, 2018benchmark

Early this week, Charter had a major outage affecting most of its customer base. Those who use third-party, non-Charter DNS servers were unaffected.

This is a case where making a performance-related change to your system also makes it more reliable.

Tech Central in South Africa trolls the tech support scammers

Dave Farquhar scams August 28, 2014August 26, 2014trolls

Apparently the fake Microsoft tech support scammers call South Africa too. Tech Central’s experience is close to mine, but since they actually let these jokers into one of their machines, they found out something about their game that I’ve never seen.

Apparently, once you get further into their sales pitch, they get into your machine, ask for payment, and if you hesitate to pay or refuse, they start deleting files out of revenge.

I’ve never actually let these guys get into a system I care about, though I have actually let one in to a system that really did have a couple of viruses on it. I wanted to see if they would find any real problems. They didn’t.

So, knowing that they maliciously delete would-be customers’ data if they show second thoughts, I think it’s a good idea to string these guys along for as long as we can when they call those of us who know better. Two of us doing that each night is enough to save one person from being victimized.

Net neutrality is not Marxism

Dave Farquhar Uncategorized August 27, 2014August 31, 2014AT&T, cable tv, internet providers, Major League, Major League Baseball, net neutrality, netflix

There is a fear campaign going on, suggesting that net neutrality is Marxism, or a plot for the government to take over the Internet.

That’s name calling. There’s actually something very different going on.

Chrome goes 64-bit

Dave Farquhar Software August 26, 2014August 28, 2014chrome, firefox

Google released a stable 64-bit Chrome today for Windows. You can download it from the main page by selecting the Windows 64-bit build. It upgrades cleanly over the 32-bit version.

It’s really fast but not always pretty. Read more

Stopping comment spam, 2014 edition

Dave Farquhar Spam August 26, 2014August 19, 2014database backend, spam

I’ve been blogging for nearly 15 years, so I’ve seen my share of frustrations over the years. The toughest source of frustration for me to shake has been spam. I have actually had spambot traffic knock my site offline in the past–here’s what I did about that–so suffice it to say that if a computer can’t keep up with it, there’s no way a human can keep up with filtering the amount of spam even a moderately popular blog receives. I’ve used two plugins to augment WordPress’ built in antispam capabilities. Read more

The way home security ought to be

Dave Farquhar security August 25, 2014August 23, 2014ips

Last week, the show formerly known as Pauldotcom featured the creator of Iguardian, a dead-simple Internet security device. It’s a tiny computer a little larger than a pack of gum that you can plug inline between your router and your modem for extra protection. Basically it does what most people think a router does.

If you want to know what it actually does, read on. Read more

How to cut your water bill

Dave Farquhar DIY, Saving money August 22, 2014September 10, 20171960s, 1980s, hardware store

I’ve talked a lot about how to cut your electric bill and how I successfully cut mine 19 percent, but I haven’t talked much about water bills. Part of it is because water is cheap in St. Louis–the two largest rivers in North America converge here–but in some parts of the country, water usage is at critical levels, so cutting your water bill could mean saving real money.

I’ll never forget a commercial I heard when I was in third grade. “Did you know that every time you flush your toilet, you use 5-7 gallons of water?” a guy said with a drawl, before urging people to flush less. Being very juvenile, I thought it was funny.

But if your house is older, your toilet may very well be trickling water all the time, literally nickel and diming your water bill continuously. You can fix that for less than $10. Read more

PDQ Deploy looks like an interesting tool for a Windows sysadmin

Dave Farquhar Software August 21, 2014August 16, 2014Libre Office, Microsoft Office

I’ve been looking into ways to manage Java where I work, and I have some ideas, but wanted to see how other people are solving the same problem I’m trying to solve.

PDQ Deploy looks like an interesting solution for someone who needs to remotely push a lot of software packages but wants something cheaper than Microsoft SCCM that has an easier learning curve. In a small or medium-sized environment, it looks like something that could save server and desktop administrators alike a lot of time. The $250/year price per administrator doesn’t seem hard to justify in my mind.

I’m sure one thing that’s kept some environments from replacing Microsoft Office with something like Libre Office is the time and effort required to keep it up to date. PDQ Deploy would take care of most of that problem.

Since we have a large investment in other tools at work, I’m not sure PDQ Deploy is really the answer there, but I think it would be helpful for some people.