warning

, ,

Emergency Flash Update

, ,

        Here's a warning to heed right now, according to Jim Hamm.  "I recommend you read this article and update the Adobe Flash Player in your browser for security reasons. An easy way is to click here. If you're using the Chrome browser it will update Flash automatically."

, , ,

Bing and Botnets (What?)

, , ,

        "Here's an interesting article on how automated botnets are searching Microsoft's Bing to find a weakness, or something they can harvest for nefarious purposes," begins Jim Hamm.  
        He explains, "Google, for example, has a 20-person team fighting this type of search all the time. The hackers are always looking for a weakness in a website, a bank's or retail database, or your computer, to try and steal something. 
           "It's no wonder sites and computers get hacked — the search by hackers is relentless," is Jim's final comment. 
        So now we've learned about Bing and Botnets.  See, we do need to keep up!  

, , , , , , , , ,

Need Another Reason to Switch from Windows?

, , , , , , , , ,

         Whether you use Windows— or not — there's some helpful info here for all of us!  Don't miss the suggestions about thumb drives and external drives.  Thanks to John Carter for the following detailed report!   He starts with the news article.  Feds: Infected USB drive idled power plant 3 weeks

       " There are four ways to protect yourself from a virus: 
        1) Keep an hourly updated anti-virus app running continuously. Since any new virus won't be detected and a cure found for up to 24 hours, this isn't any kind of guarantee that a Windows OS won't get a virus.
        2) Switch from Windows to any one of the dozens of Linux distributions. Linux is probably the most secure OS on the market simply because hackers know their return on investment isn't big enough to warrant going after it. There's just not that many Linux computers in use compared to the vast number of Windows computers. Still, installing an anti-virus app on Linux will give added peace of mind.
        3) Switch from Windows to a Mac. Because Mac is based on Unix, it has the same low-profile for hackers as Linux. There have been recent viruses found on Macs in the past couple of years — maybe two or three — so an anti-virus app is now recommended for Macs for added peace of mind.
        4) Stop using computers. (Now we know John is smiling when he says this!  Read on for more of his report.)
       "LInux and Mac are no longer safe now that hackers have discovered a way to infect any computer with a Java virus. But if the browser has Java turned off, or if you don't even install Java on your computer (and this does not include Javascript, which is still safe — for the moment), you're pretty secure when it comes to Java viruses that come in through email or a website. 
        "Still, this doesn't protect a computer when the virus is embedded in a brand new thumb drive or external hard drive that you just bought. So, another step in purchasing any thumb drive or external hard drive is to reformat it before using it.
        "Is Linux or the Mac really free from attack? Many companies using Unix as their primary operating system get attacked daily, but mostly by hackers trying to find a way into the computer through some unguarded port. Hackers don't go after personal computers in this way, simply because there's no assurance that their efforts will return as much of a reward, but this doesn't mean they won't try. 
        "Any computer, regardless of the operating system type, needs to be secured with a firewall for protection against attacks from the Internet, and that firewall needs to be monitored constantly and updated frequently — which almost no personal computer owner knows anything about."
        Well, it's time to come to the conclusion — for now — and John winds up with, "If everyone switched from Windows to Linux or Mac, the hackers will start going after them and we'll be back to grabbing at straws to figure out how best to protect our computers. But for now, either one is a better solution than using Windows."
, ,

Explaining Java & JavaScript

, ,

      Looking at Safari > Preferences > Security you might be puzzled.  You’ve heard we need to protect our computers from the latest Java exploit by unchecking “Enable Java” and “Enable Plug-ins.”   Maybe you've already checked to “Block pop-up windows” and “Enable JavaScript.” 
        A Google search for the difference between Java and JavaScript brings up some websites.  See http://www.htmlgoodies.com/beyond/javascript/article.php/3470971/Java-vs-JavaScript.htm  Written by the co-author of a JavaScript Primer Series, Joe Burns explains the similarities and differences. 

,

Watch Out for Roaming Charges

,

        The article about unexpected charges to smartphone users caught my attention.  An email to Jim Hamm gives us his take on this potential problem.  "Years ago when we first got a cell phone and had to be aware of possible roaming charges while traveling in the US. Now we are on AT&T and roaming may be a thing of the past -- at least for us. If AT&T doesn't have a signal in a particular area, then we just don't get service and can't make a call. I'm not sure what the situation may be for Verizon."  See the article here

, ,

Bookmark This NOW: System Status

, ,

        Probably this will be the handiest website for you to bookmark!  Jim Hamm strongly suggests, "Here's a site published by Apple that will alert you to a known problem with a particular Apple System. 
        "Let's say, for example, you're having a problem with iCloud Mail. Is it your computer, or ? A quick check of this site will alert you if it is a known problem that may be system-wide. If there's no alert showing, then take a closer look at your computer."  
        He closes with this, "You might want to bookmark this site -- it could be helpful."  But as soon as you view that site you WILL see its usefulness. 

,

See Examples of Clever Schemes of Crooks

,

        This is not a new posting at TruthorFiction, but it still applies and might give you helpful information.  Go to http://www.truthorfiction.com/rumors/p/phishing.htm  and scroll down to “Crooks Using Clever Schemes to Try to Get Your Personal Financial Information.”  It quotes seven different emails so you can protect yourself if you receive some similar email.  
        Remember you can click on Reader at the right side of the address bar and print out just the information without all the ads.  After going to Reader then you can click to Print and you can also choose to save it as a PDF on the menu that comes up and you can direct it to “Mail as a PDF.” 

, ,

Be Careful With Chrome

, ,

        This alert is just in from Jim Hamm:  "If you use the Chrome browser occasionally (as I do), here is an article about carefully reading the 'permissions' question before completing the installation. I hadn't paid much attention to this previously, but will now, especially after reading the following quote in the article." 

        "Research scientists at Barracuda Networks recently discovered malicious extensions in the Chrome web store that fooled more than 90,000 users of the browser."
, , ,

FaceBook Concerns

, , ,

        "For those of you with FaceBook accounts, and getting ready to upgrade to iOS 6 when it comes out, here's something else to worry about. iOS 6 will have the ability to sync your Contacts with your FaceBook friends. This is a two-way sync, so your Contacts (Address Book on older Macs) will potentially get a bunch of new information added. The problem is that FaceBook is scheming to increase the use of useless Facebook.com email addresses, and will send them to your Contacts. Check out the story for the details."  This info from Prez Art Gorski.  http://www.tuaw.com/2012/09/04/with-ios-6-your-address-book-may-be-invaded-by-facebook-com-em/

, , , ,

Java Fix Doesn't Work (Updated 8-31)

, , , ,

  We start out with the latest warning on Java, received at 3:20 pm Friday, 8-31.  Jim Hamm brings us up to date.  (Then read the rest of this for the background of this huge issue.)         "Now this is amazing. A few hours after Oracle issued a patch for the security flaw in Java, another exploit has been found. This has been forwarded to Oracle, but since Oracle never comments on these security breaches they didn't say anything. It doesn't appear the hackers have found this opening yet, but after they read this article, they'll probably start trying.          "Although our risk of hacking might be small, I think it's best to disable Java. I did so a long time ago and haven't missed it yet."         You saw this here on 8-27.   Here's a warning from Jim Hamm,  "If you've still got Java enabled in your browser, now's a good time to disable it. Another vulnerability with Java has surfaced. Take a read on this. In Safari, Java can be disabled in Preferences > Security > uncheck enable Java."         With another notice of a potential malware risk from Java 7 Jim sends this link  The last paragraph in the article states, "Mac owners can disable the Java plug-in from within their browsers, or remove Java 7 from their machines. To do the latter, select 'Go to Folder' from the Finder's 'Go' menu, enter '/Library/Java/JavaVirtualMachines/' and drag the file '1.7.0.jdk' into the Trash."         Here's a quick test to see if Java is disabled in your browser, from our eagle-eyed Jim Hamm.  He tells us,  "Just click here and if the box comes up empty, you're okay — Java is disabled."         And, Jim sends the latest:  "Here's an article describing how Oracle knew about the Java vulnerability to a malware attack since early April. And, moving right along at a snail's pace, Oracle doesn't plan a fix till October. Given Oracle's slow response to acknowledging and fixing malware attacks, it's a wonder any developer use Java at all."         We were surprised to see a fix announced here this afternoon, (Thursday, August 30).  Keep us informed on the latest and we'll pass the word along!  !           A hot topic: this just out an hour ago, (8-31)  and recommends you turn Java off or delete it.  

, ,

iCloud Vulnerability, Continued . . .

, ,

        Here's another story in the saga about iCloud vulnerability, sent to us by Jim Hamm.  He comments, "Apple has an article explaining what to do about iCloud if you plan to sell your Mac or other Apple device.

        "What is not clear in Apple's article (at least to me) is that your device must be connected to the internet to decommission iCloud. Although, thinking about this, it does make sense. But it's easy to overlook, and it could be made plainer.  
        "As a side note, one must also de-authorize the device from iTunes as well before selling your Mac or other Apple device. If I recall correctly, only five devices can be authorized to play iTunes under one account.
        His final comment, "I imagine we'll learn more about the pros and cons of using iCloud as time goes on." 
, , , , , ,

Hacking Incident Warns Us About Passwords

, , , , , ,

        The latest on this situation is updated 8-5.  Read the whole thing.         Jim Hamm sent this link about a horrible hacking of a man's iCloud account.  This evening John Carter sent a further warning of the need to establish strong passwords to avoid such a terrible thing.         Here's the first from Jim:  "Here is a scary tale of woe: Mr Honan's iCloud account was hacked. What's even scarier, the hacker was then able to remotely wipe Mr Honan's iPhone, iPad and MacBook Air! Yes, all dead. If you happen to use a Gmail account, a two-step verification process is available to prevent hacking. As far as I know, this feature isn't available for iCloud. So, one should have a very strong password for your iCloud account. Yes, I know, it's probably remote that your iCloud account will be hacked. Mr Honan thought so, too."           But Jim, can that really be true?  He wrote back with two other sites on the issue.  Here and here.          John Carter went into more detail on what we should do about our own passwords.  ". . . if your passwords are short and simple, be prepared to be hijacked and potentially lose all the money in your bank or all the files on your computer.          "A strong password contains a mix of letters and numbers with at least one uppercase letter, and the password should be at least 8 characters long. A very secure password will be 10 or more characters long. The password should never contain a word that can be found in the dictionary or letters or numbers in a sequence or that repeat.          "Some of my clients do not even have a password to login to their computer, and this is a grave mistake because it makes all your other passwords in the Keychain Access application accessible to anyone that manages to hack into your computer.

        "Do yourself a favor and use passwords that are complete garbage. Write them down where you know you can access them quickly. Protecting yourself will save me a trip to help recover your files — if that's even possible. Smile when you have to type in that long gibberish because you know you're being protected. After a few times of typing it in, it will become second nature. 
        "One approach is to alternating case, intermix numbers with letters, and where allowed, toss in a symbol. For your different passwords, you only need to make one letter or number different or add one letter or number."  
        So, consider yourself warned, thanks to Jim and John.          Now, Jim Hamm brings us the update of 8-5. "Here's update three from the guy who was hacked via iCloud and had his iPhone, MacBook Air and iPad wiped clean:         "Update Three: I know how it was done now. Confirmed with both the hacker and Apple. It wasn’t password related. They got in via Apple tech support and some clever social engineering that let them bypass  security questions. Apple has my Macbook and is trying to recover the data. I’m back in all my accounts that I know I was locked out of. Still trying to figure out where else they were."           And here's Jim's final comment -- at least for now!  "The hacker sure must have been one smooth talker to convince Apple's tech support to let him into Honan's iCloud account, which wasn't his. So much for strong passwords. It seems they can be circumvented.  According to another report, the hacker then used  Apple's 'Find My Phone' service to remotely wipe the three devices."
, , ,

Precautions About Java

, , ,

        Got Java?  Note these precautions forwarded to us from Jim Hamm. 
        "Here's another article describing the risk of keeping Java enabled on your browser.  If you need to access websites that require Java, I like the suggestion in the article to have a browser set aside for this purpose. I think Chrome might be good for this. As I've mentioned previously, I have Java disabled in Safari and haven't had any problems accessing websites. It seems there are fewer of them nowadays." 

        Jim goes on to say, "I'm surprised that Oracle hasn't been more aggressive in patching Java and making it more secure against malware. There is some debate going on between Oracle and Google on who "owns" Java.  See this article. 
        "Regardless of the court outcome, I think it's wise to disable Java in your browser, just to be on the safe side."
        But Jim, is Java the same as JavaScript in the Preferences in Safari?  "No, they are completely different programs."