Meierj Computer Services

People arrested for Child Pornography after Neighbours had connected to their wireless router.

admin — Mon, 25 Apr 2011 15:41:28 +0000

There have been several reported incidents in New York, where homeowners had their front doors broken in and were arrested for child pornography. They were not guilty, but their wireless routers were not properly secured and either neighbours or passing strangers had connected the wireless routers to download child pornography.

Computer users often disregard security advice from technicians and IT personnel. Technicians do not have time to communicate all of the possible dangers when they give advice. One of the reasons that it is difficult to communicate this effectively is that most computer users are not properly exposed to the stories of what happens in the technology world. The odd time that technology horror stories do make the mainstream news, they are often not reported accurately.

http://tiny.cc/mvq89

I am not aware of this happening in Red Deer or Central Alberta as of yet, but I am sure it’s only a matter of time until it does.

Dropbox: We can view your files, we’re just not allowed to…

admin — Wed, 20 Apr 2011 17:46:02 +0000

An elephant in the room on IT issues is this: Literally anything & everything on your computer(s) is potentially accessible. There are a long list of tools and utilities for retrieving, resetting, or cracking passwords for Windows, E-mail programs, network shares etc. There are programs for resetting or cracking passwords for Microsoft Word, Excel, Access, Quickbooks, & Simply Accounting. There are programs for recovering deleting files. There are programs for monitoring networks to skim login passwords. There are programs to remotely monitor screen activity, some of them can be used relatively surreptitiously.

Stories of techs and IT personell who overstep their bounds, steal data, or go rogue do not often make the mainstream media. However, as one who follows tech news closely, there are more stories then most people are aware of. Numerous people that have worked in big box store tech departments have either been caught, admitted to, or have claimed that coworkers/excoworkers comb computers for photos, videos, music or other personal files for their own “uses”.

Numerous celebrities have been embarrassed by photos or other files being made public. IT is potentially one of the sources for leaks.

PR spokespersons for big box stores and IT companies can easily claim that abuse of privilege never happens because they have a policy against it. That’s kind of like claiming that your employees are never late, never miss a coffee break, never take an extended coffee break or extended lunch break, don’t txt their friends or use facebook at work and never steal from their employer because that is company policy.

All of the preceding ramble has been to give some background as to why “the cloud” makes IT a bit nervous. There are steps you can take to monitor and protect your own computers and networks from data loss. Controlling physical access is a big part of that. Setting security policies to help limit access is another part of that.

When your data is stored somewhere “in the cloud”, you do not know who has physical access to it, you do not know how good the security is, you do not know how well everything is monitored. Do you or don’t you believe companies claims about the security and reliability of their service? Are you going to use “the cloud” for all of your data, data that isn’t sensitive, or for none of your data?

When you realize that your data is stored on someone else’s computer, when you have some awareness of the lengths to which government has gone in the past to be able to access data, when you regularly read about large companies having their data stolen, when you have a rough idea of what is breakable in terms of security, it becomes difficult to believe that the owners of large datacentres don’t have any ability to get into the data that is stored on them. No matter what they claim.

http://tiny.cc/nw7wc

“Magical” Hard Drive

admin — Fri, 08 Apr 2011 18:45:36 +0000

Although there are occasionally some pretty good sales on computer products, it is quite important to know your products and what you are actually getting. Pirated Software has no value, so paying any amount of money for it is ridiculous. In recent years there has also been an increase in the appearance of fake hardware and even “pirated” hardware.

This story is on the discovery of a 500GB external drive that had been very “cheap”, but upon further investigation was not a 500GB drive. A product like this could have resulted in unrecoverable data loss before one realized that there was anything wrong.

http://tiny.cc/25lqx

How Epsilon Data Breach occured: Phishing Attack

admin — Thu, 07 Apr 2011 18:30:33 +0000

This story contains a great example of an e-mail phishing attack. Epsilon allegedly have $500-$700 million in revenue. They likely spend millions on IT and corporate Antivirus Security Software. And yet, all it takes is the wrong user falling for a phishing attack and suddenly you are in the news for all the wrong reasons, going into damage control mode and wondering what your client list will look like at this time next year.

http://tiny.cc/gxxax

E-Mail Threats

admin — Thu, 07 Apr 2011 14:39:46 +0000

Infections are largely preventable if one practices safe computing and maintains a certain level of caution when browsing the web and checking e-mail. I’ve had lived in Red Deer and had high speed internet for over a decade. I have had no major infections and only a very few minor incidents. I put this down to keeping my computers windows updates current, saying yes to Adobe & Java Updates, using Opera or Google Chrome as my main browser instead of Internet Explorer, & reading and being aware of what kinds of attacks are in vogue. For at half of the last decade I have not run antivirus or security software. There are distinct patterns to the process of how an infection happens. Being aware is most of the battle.

Several days ago, a security breach was announced by a company called Epsilon. Apparently Epsilon is a third party marketing company that is contracted by many large companies to handle their e-mail campaigns. Best Buy and Air Miles are among the clients that have contracted Epsilon for services. There will likely be a significant increase in e-mail phishing scams and infection attempts to the e-mail addresses that were stolen.

Massive Email Breach Exposes Data From 50+ Major Retailers, Including Target

http://tiny.cc/xi4io

After Epsilon: Avoiding Phishing Scams & Malware

http://tiny.cc/ekb0q

Seven Tips to Avoid Post-Epsilon Phishing

http://tiny.cc/6fb3e

Samsung “Keylogger” fiasco lesson or Fallibility of Antivirus Software

admin — Thu, 31 Mar 2011 18:04:21 +0000

Yesterday, virtually all of the big tech sites reported on a story where a tech claimed to have found keylogging software on two brand-new Samsung laptops.

Original Story: http://tiny.cc/2vozy

When I read the tech’s original story, the part that jumped out at me was this: “The findings are false-positive proof since I have used the tool that discovered it for six years now and I am yet to see it misidentify an item throughout the years.”

Wow. I found this to be the most shocking allegation of all. I would not be willing to personally put money on any antivirus program that has been around for 6 years having that flawless of a record. It smacks of naivety. For the record, antivirus programs both miss infections that are real as well as falsely claim that files are infected that aren’t. If one has any appreciation for the changes in recent years to infection techniques, it is not even remotely surprising that all products are less than perfect. The sheer number of infection techniques as well as the resources devoted to discovering and exploiting those techniques is constantly rising due to the various schemes that are used to monetize infections.

Here is Sunbelt Software admitting that the problem is due to their software mis-identifying a folder: http://tiny.cc/uk6bn

The lesson to take from this story is: Antivirus software is fallible. Claiming that a system is free of infection is not necessarily correct. Claiming that a file or folder is infected is also not necessarily correct.

Bill C-28 Implications for corporate E-mail

admin — Mon, 28 Mar 2011 18:16:34 +0000

What are the implications for Business E-mail from the new Bill C-28?

Article about the Bill: http://tiny.cc/a8hsk

Recommendations from Zero-Spam: http://tiny.cc/cvgb0

Dangerous Disposal of Old Cell Phones…

admin — Thu, 24 Mar 2011 14:10:53 +0000

As technology continues to permeates our business and personal lives, protecting our data also rises in complexity. When we dispose of computers, it is recommended that the hard drives either be scrubbed our even destroyed as opposed to formatted. Multifunction Printers need to be checked for hard drives and taken care of appropriately. Added to the list of devices that can contain private and personal information is our cell phones. E-Weeks article claims half of used cell phones contain personal information.

http://tiny.cc/57k4k

2011 MacBook Pro Issues

admin — Wed, 23 Mar 2011 15:09:10 +0000

There are numerous stories of MacBook Pro’s freezing under load. Those interested in buying one may want to hold off for awhile until these issues are resolved.

Ars Technica: http://tiny.cc/f1nq5

Gadget Labs: http://tiny.cc/n1nfk

Maximum PC: http://tiny.cc/gd2gz

BBC Infection “only detectable by about 20% of antivirus products”

admin — Fri, 18 Feb 2011 19:26:43 +0000

“simply browsing to the page is enough to get infected with a malicious executable”

“Only about 20 percent of antivirus products would detect this file”

http://tiny.cc/u8ryu