Wednesday, 17 November 2010

Want faster broadband? Vote now BT - The Race to Infinity

BT are giving everyone the chance to vote for which areas get the next generation of faster broadband.  Ensure the Ilkely and Addingham area is well represented, we don't get great ADSL broadband speeds here, and we might be in with a chance.

BT - The Race to Infinity

Monday, 15 November 2010

Fake Antivirus and Antimalware - now they phone you up to scare you!

Interesting article on the BBC entitled Warning over anti-virus cold calls to UK internet users covering some findings from the Get Safe Online annual report.

Not content with scaring people into clicking on links and fake dialogue boxes to get users to install malicious software on their computers, organised gangs are now cold calling people on the phone and scaring them too.

Don't fall foul of this (and don't be scared off using the internet either).  Read the oceans of good advice out there on sites like Get Safe Online and others that are linked from my previous posts, as well as the useful links section on the Addingham IT website.

Sunday, 7 November 2010

Fake Antivirus and Anitmalware Update

Previous posts have been updated linking to useful information by BBC Click

Friday, 15 October 2010

BBC First Click

BBC launches First Click campaign with resources to help get first time users online - Great initiative!

Thursday, 14 October 2010

Choosing secure passwords...

...can be a nightmare if you have lots of websites to log in to. However this tip from Mozilla on how to create strong passwords that you can remember without ending up writing them down is a good place to start.

The direct link to a video on the same subject - How to choose strong passwords on youtube

Half of UK Wifi networks can be hacked in seconds

Good survey data and news coverage on wireless security again today, example here from the Telegraph and others.

See my previous posts on wireless security as well. Get in touch if you're concerned and want a wireless checkup or help securing your network.

Sunday, 10 October 2010

Fake Antivirus or Antimalware - look and think before you click

This post has been taking shape in my mind for a month or two now, and its writing becomes more pressing every time I visit a customer who ends up with one of these problems.

I'm getting a steady stream of customers coming to me asking for help in cleaning off stubborn infections like this. Recent examples include -
- Internet Security 2010
- Antivirus 2010
- Antimalware Doctor
- AntivirusGT
- Security Tool

The problem usually starts with an email, or a website, or website popup window that puts a message on your screen stating that some sort of action needs to be taken by your antivirus software; for example, a problem has been found and needs to be fixed urgently. The problem is that this is often a picture made to look like a genuine window with buttons to click on and adorned with colourful shields that look just like those used by Windows and popular security packages. These are designed to tempt you to absent-mindedly click your agreement (probably thinking you're helping to protect yourself).

Once you make that first click you are often taking steps to install a replacement for your current security measures, which will then do some or all of the following, and often a lot worse -
- install other malware, viruses or adware
- pretend to scan your computer, report falsely that it has infections
- demand payment to 'upgrade' your protection to a version which can remove the infections (whether real or not)
- slow your pc down
- stop you accessing many administrator features of Windows in case you use them to try to remove the problem software
- disable or divert Windows Security Centre alerts

These infections are increasingly difficult (but thankfully not impossible) to remove, so prevention is better than cure.

So the next time you get a message in a window like this and before you click anything - have a think about the following points -
- is this really a message from my own antivirus, or does the logo look a bit different
- is this just an advert type message in a web browser sidebar or popup window
- is the name or wording a bit different to what you normally see
- go to your current antivirus or security software control panel and see if any problems are reported there too
- if in doubt don't click, close all windows and get your existing software to start a full system scan
- don't install or replace security software without being very sure of its source and where you're downloading from or what the source of the program is

With increasing capability in Windows these programs now often rely on tricking you into clicking something to allow the program to be installed. Don't unwittingly be part of one of these rogue programs getting onto your own machine.

Update 07/11/10 - BBC Click has recently covered the same issue

For help removing one of these problem programs, for preventative advice, or help installing better security protection contact Addingham IT.

Thursday, 30 September 2010

Gmail converstaion view

Not much of a post, but big news if, like me, you disliked this feature because although grouping related 'conversations' together seemed useful (like threading in other applications) Gmail's view never really made sense to me in use. Covered by ZDnet Gmail now allows you to switch off the conversation view.

Wednesday, 15 September 2010

Searching for free stuff online might cost you more than you think - be aware and avoid the risks

Two useful articles to bear in mind when you search for free stuff online. Don't let it put you off searches for legitimately free items, but be aware of the risks.

ZDnet - 'Free' searches increase chances of malware

Cnet - Searching for free stuff online can be costly

Thursday, 5 August 2010

Recovery disks

Recently I've been called out to more and more machines where the hard drive has completely failed and customers don't have access to the manufacturer recovery disks or Windows media to restore their system.

PCPro has just done an article this topic here The Recovery Disk Rip Off

In most cases these days new machines don't come with recovery CD/DVD included. The software required is often in a hidden partition on your hard disk. Which is great if you're recovering from virus or software crashes, but if your hard disk becomes physically faulty for any reason then you lose everything.

So, if your machine is still working or whenever you get a new one, look for the instructions on how to burn your own copy of the recovery media to some blank CD/DVDs before you end up stuck without and have to pay the price for new ones and wait several days for them to turn up before you can get back online.

Thursday, 1 July 2010

Microsoft report increasing attacks on Windows XP vulnerability

Microsoft are reporting in one of their technical blogs that a rapidly increasing number of attacks are taking place on an unfixed issue with Windows XP Help and Support centre.

Concerned users should turn off the feature as described here until a fix is issued

Update: The fix for this has been issued, make sure you have downloaded by Windows Update.

Saturday, 26 June 2010

More wireless security

If I haven't already convinced you in previous posts to secure your wireless internet connection; Google's blunder with its Streeview cars collecting too much data when capturing network id data for geolocation services is yet another good reason. Have a good read -

Friday, 14 May 2010

Antivirus software review

Discussed widely in the last few days is this recent set of test results for Antivirus software.

Whatever you think is the best commercial software (there are anecdotes of every piece of antivirus software letting something through occasionally), I think it does illustrate well a few points I like to make to all customers.

Firstly if you ever shop, bank or register personal data online with your PC then I believe it is worth paying for commercial software over free. It might seem like a lot of money can be saved at renewal time, but what price a machine cleanup or fraudulently used bank details (just in the personal time it takes to get things sorted out).

Even AVGs comparison of its own products to their very popular free version shows that there is better functionality in a paid for version.

Secondly all internet security and antivirus products are not created equally, and their performance does differ. That software performance and how it impacts your over-all PC performance are very subjective so you will always find nay-sayers about any product. Look at a range of reviews; use places like Which as well as PC magazines, articles and personal recommendations and make a personal choice that suits you.

That personal choice can and should be impacted by factors like - how many questions will your product ask you about what to do and how well informed and qualified do you feel to answer them. Especially when those questions are affect security policy on your machine or are about whether to let some obscure process with a weird name access the internet. Many commercial packages still ask users a lot of questions about what to do.

I have always been a fan of Symantec products since first using Norton Commander as a field engineer 18 years ago. I've used their security and Antivirus products ever since and been very happy (in spite of many people complaining about a performance hit which I never saw personally and has been improved a lot in the 2010 products). Even though an advanced user I have used Norton 360 for 2-3 years now as I often recommend it because of its low demand for user input, which makes it ideal for the less confident user.

Most of the virus cleanups I've done in the last 5 months have I believe been caused by two factors -

Social Engineering - the user was tricked into thinking something normal was happening (eg visually by having a mock Microsoft logo, or security shield on display, or a tempting link in an email - like arranging a parcel redelivery) and the user pressing OK, without asking enough questions about what they were agreeing to.

Weak backup from security tools. All requests for help in this area so far this year have come from users who used free security tools of some kind or another.

Golden rules - think about the real worth of good security software and when using your machine think 'am I expecting this message on screen now and does it make sense given what I was in the middle of' before clicking any buttons to agree to anything.

Nearly caught out - discount vouchers offer after an online purchase

I heard about this problem a long time ago but had almost forgotten about it when last week I nearly got caught once, and then saw the same potential catch 10 minutes later.

Two very popular websites, both reputable national companies, one probably one of the most popular ones selling rail tickets in the UK and one a retailer of computer parts I've used for years, both came up with the following situation:

I'd completed a normal and safe purchase on both web sites, when I was presented with a final screen confirming my order. On that screen there was also a button marked continue, next to a message offering a discount off my next purchase. The button actually led me off to an external site (Shopper Discounts and Rewards) where I believe (I didn't see, I killed my web session part way through loading as soon as I saw it was an external web page) if you agree and claim your discount; actually your credit card details are passed on from the first site and you end up pretty seamlessly joining a subscription service for discounts costing something like £10 a month, which does get you vouchers, but it is far from clear that it's a subscription service.

Fortunately I think I stopped the page before I was joined against my will, but it just goes to show that it's too easy to get complacent about online safety.

There is a long discussion (the link is to page 41!) and advice about how to escape if you've been caught by this on one of my favourite web sites Martin Lewis'

Thursday, 18 March 2010

Who is using your broadband - follow-up

Well today the House of Lords approved the new Digital Economy Bill and sent it back to the House of Commons.  The expectation is that the Bill will be pushed through before a general election.

This has implications for my previous article about security of your connection and further than that means that knowing what even approved users from your household are up to on your connection is, whether we agree with it or not, becoming of the utmost importance.

This week the BBC aired a Panorama programme titled Are the Net Police coming or you? that discusses the issue and the different views on the subject, as well as why people need to be concerned about what goes on over their internet connection.

If you are concerned about what you can do to protect yourself from the implications of this legislation the get in touch with AddinghamIT now some initial advice and a free quote.

Wednesday, 3 February 2010

Wireless network security - Who is using your broadband and why you should care.

Many people enjoy the benefits of using a wireless network at home, or at work, to connect a variety of equipment such as PCs, laptops, phones and printers together and to the internet.  However, a recent survey by has shown that as many as one in four people are unaware that an unprotected wireless network can be used without the owner’s knowledge by anyone close enough to it, or of the risks that this can entail.

Almost half of Britain’s home broadband users now use some form of wireless network, and the range of most of these will extend beyond the bounds of their property.  Nearly 20% of such networks are not even protected by passwords, let alone any other form of security.  In a recent experiment by the ISP Talk Talk, 23 unsecured wireless network connections were found in one street alone in Stanmore, and devices which detect and automatically connect to open networks are now freely available.  For some network owners, this might be a deliberate choice to allow access, made perhaps in return for their own use of unprotected networks whilst they are travelling, but it should be a choice made in the knowledge of some of the potential pitfalls of this approach.

At the least, it may be that if someone else is using your broadband connection they could slow down your connection speed and, if they are using it to download material in quantity they could take you over the download limits set by your ISP, for which you could be charged.

More worryingly, if unknown users have used your open network to download material illegally - for example, prohibited material such as pornography, or music and films downloaded in breach of copyright – then the suspicion of anyone investigating the downloading will fall on you as the network owner first.  On the face of it, you are the one responsible.  You could find yourself in the position of having to prove your innocence, possibly with your computer having been confiscated or your internet connection cut off for the time it takes you to do it.  I can’t imagine that anyone would want the work and anxiety that this would involve.

What’s more, you might ultimately struggle to prove that someone else was the culprit, as not many wireless routers keep a sufficiently detailed log of identifiable user activity.  One pub which operated a wireless hotspot for the benefit of its customers found itself in this position towards the end of last year and was fined £8000 for the downloading by an unidentifiable customer of files protected by copyright.

Finally, allowing open access to your wireless network could, by making an unknown network user appear to come from a trusted local IP address, compromise the security offered by your firewall and make it easier for your computer to be hacked.  This would obviously be a concern for anybody, but for those who use their computers for business purposes and who have customer information stored on it, it would cause the added problem of putting you in breach of Data Protection Act requirements for keeping the information secure.

My advice to anyone with a wireless network would be to secure it as soon as you can, so the next question is how to do this. 

Many wireless routers sold in the UK rely on the purchaser to configure the security settings, and in many cases this is never done.  Even where it has been done, many routers use the Wired Equivalent Privacy (WEP) protocol, which has now been shown to be easily defeatable within 2 to 5 minutes using tools available on the internet.  If your router is using this protection, I would recommend replacing it with the Wi-fi Protected Access (WPA) encryption system or, better still, its newer version WPA2. 

If you would like to know more about these issues, or would like advice on how to upgrade the security of your network or help with doing it, please don’t hesitate to contact AddinghamIT now for a quote.