In our ever growing desire to make our lives more efficient and hassle free, we find ourselves turning more and more to technology to alleviate the bottleneck in our lives. As someone who works in the tech industry and genuinely enjoys new and breakthrough technology I am generally all for a more tech-based society. Often times, however, I think as a society we get so excited about new tech and their potential to make our lives easier we overlook the potential risks. If you have read any of my articles you will know that I have pressing concerns when it comes to privacy and security. This is one of the things we overlook. We are so excited about a new program, new phone or new smart device that we fail to ask important questions. It could be that as a society we are becoming numb to the potential risk or perhaps we need to be more proactive in our education – maybe a little bit of both.
Smart devices by their very nature present privacy and security issues because they log information that can be potentially accessed by others. Therefore, when we start talking about smart homes and smart security systems red flags go off in my head regarding the potential privacy and security risks. Smart homes and smart security systems are connected to your home network and can be potentially accessed and controlled remotely. A concerning statistic for me is that, while 92 percent of potential smart home consumers are concerned about privacy and security 89 percent say they would live or equip their home with smart devices without any real regard for their individual privacy.
Consider if you have camera’s, baby monitors, smart locks and alarms connected to your home network. They are designed in a manner that you can access these devices from your office or any other remote location you have access to the internet. But, hackers have already demonstrated that they can with relative ease breach these devices.
The separation between accessibility and conveniences, privacy and security are too large to ignore. What then can be done? The fault really lies with both the consumers of these products and the producers of these products.
As producers, they need to actively work on providing simple security solutions that alleviate the possibility of these devices being compromised. Now, let's just make something clear, with technology and smart devices, you can never be 100 percent protected. There is no such thing as an unhackable device. However, producers owe it to their customers to provide the most secure option as possible. I also get that by adding more complex security and authentication you could potentially remove some of the convenience, but when comes to convenience versus security (especially when it comes to our homes) then security should take precedent. I have read that wearable technology that can authenticate our identity through individual heart rate could act potential solution.
On the other hand, as consumers, we have a responsibility to ourselves to not only ask the questions about security and privacy that need to be asked but also, if these devices don’t meet a certain standard we have a responsibility to hold those companies accountable by simply not investing in their products. Eventually, they will get the hint and up their game.
Some security experts and people in the tech field might say that I am being overly cautious. The intention is for consumer awareness. Consumers should be aware of what they are buying and as with anything you buy, I strongly suggest that you do your research.
You might have noticed on Friday, October 21, that some of your favorite websites weren’t working, Netflix, Twitter, Amazon, Spotify and others were all experiencing outages. As you no doubt have heard the cause were DDoS attacks on DYN, a domain service provider. At around 7:00am EST hackers unleashed one of the largest DDoS attacks which shut down many websites, they weren’t hit just once, but three times in the same day.
So what exactly is a DDoS attack? DDoS stands for a ‘Distributed Denial of Service' (DDoS). That basic concept is to overwhelm a website by making requests (traffic) from multiple sources. Hackers, build networks of infected computers, these infected computers are called ‘botnets’ and work on the hackers behalf and enables them to increase the severity of their attack.
Perhaps the scariest thing about such an attack is there is very little you can do to protect yourself. And as made evident by the recent attack on DYN, they have the capacity (likely hundreds of thousand of infected computers working together), to shut down large parts of the internet. Once of the reasons this particular attack was so effective was because of who it targets. Normally, hackers target specific organization like banks or government websites. Because they targeted DYN which provides domain names for many companies, they were targeting part of the internet infrastructure which allowed them to take down multiple websites at once.
To see a map of DDoS attacked visit: http://www.digitalattackmap.com/#anim=1&color=0&country=ALL&list=2&time=17099&view=map
It is very likely that Windows 10 will be the last version of Windows to be released, indefinitely and at the very least for a very, very long time. During the Ignite 2015 Conference Microsoft employee, Jerry Nixon stated that although Windows 10 has been released, it will be the last version of Windows and therefore development is ongoing. Does this mean the end of Windows? No, not at all – Windows is not going anywhere. What is really changing is the way in which Microsoft releases newer updated versions of its Windows software. Microsoft released a statement that helps clarify where they are headed with Windows. “Windows will be delivered as a service bringing new innovations and updates in an ongoing manner, with continuous value for our consumer and business customer.” Basically what this means is future updates, patches and version releases will be released under the Windows 10 brand or just “Windows”.
With all this being said when is the next big update likely to happen? It looks like it will be sometime in Spring of 2017, as of right now it looks like the next big update will come in March. However, if software releases have taught us anything it is that release dates don’t necessarily hold true so don’t hold your breath just yet.
There is suppose to be a second big update in 2017 as well, which at this point looks like it will come in late summer or early fall.
BlackBerry has announced that it will be shutting down their hardware division as of October 1. BlackBerry also reported another loss of earnings in the amount of $372 million this quarter. Moving forward BlackBerry CEO said the company will shift its focus to software that makes smartphones smart.
So, what does this mean to a BlackBerry user? Wait, do BlackBerry users still exist? There are in fact still BlackBerry users living in the world today, while they may be few, they are loyal. I myself am a loyal BlackBerry user, operating the Priv – which to be perfectly honest, is a great phone.
At the end of the day, BlackBerry deciding to shut its hardware division doesn’t really mean much to a BlackBerry user. In all likelihood, it will mean the BlackBerry brand will strengthen and the company itself might see some meaningful growth. BlackBerry CEO has said that it plans to outsource the function of hardware development to external partners, while BlackBerry itself will focus on the software that actually goes into the phone – these outsourced phones will carry the BlackBerry TM and brand. This is a decision in my opinion that is coming a little late but has the potential to turn BlackBerry’s fortunes around. From a user standpoint, this means that we will get a better quality phone, in terms of hardware and the physical casings, while the software will continue to be the secure, business orientated model many of us have come to enjoy.
In a testament to this BlackBerry has passed their upcoming phone, the DTEK60, through the FCC. And if the phone lives up to the specs that were released (which I believe it will), not only will it be significantly better than the DTEK50 but it will be a solid smartphone all around. The phone will reportedly host a Qualcomm Snapdragon 820 Processor, 4GB of Ram, 5.5” QHD Screen, 21MP rear camera, 8MP front-f camera, and a fingerprint sensor. That is, in my opinion, better than the Nexus 6P. Unfortunately, by outsourcing the hardware development of BlackBerry, the trademark physical keyboard will likely be a thing of the past.
Evidently, I think the decision to cease hardware operations and outsource the hardware development to external players, while focusing on the software and BlackBerry brand will ultimately, work out on both the companies favor and us hardcore BlackBerry users.
GASP! Shocking news (not) from Yahoo that there has been a massive data breach, with over 200 million user passwords and other personal information being sold on the ‘dark web’. Before I go into the things you should do in the event you are affected, or even if you think you are – I think this would be a good time for me to say (write) these three words, ‘ZERO-KNOWLEDGE SYSTEMS’, they are out there, they do exist and they are worth it.
Now, with that out of the way, there are some things you should do immediately if you feel you have been compromised.
Now, most security experts and Yahoo itself will tell you to sign up for two-factor authentication as it adds a layer of protection to your login process. However, I do not use two-factor authentication, if it requires sending an SMS to my phone. Mobile devices are inherently insecure and can be “socially engineered out of your control”, SMS messages, in particular, are especially vulnerable. For this reason, I personally would say no to two-factor authentication IF it is provided through your mobile network. I am sure some will say that is bad advice, but I cannot I really care – I am speaking from experience here. There are other two-factor authentication types, for example, an RSA token, that doesn’t require communication between two computers. It is far more effective and secure – although it is also less convenient which is why it is not instituted by corporate companies.
Again, let me just say that Zero-Knowledge Systems are the way to go that offer end to end encryption. If Yahoo offered that with the email services 200 million people wouldn’t have had their personal data stolen. On that note, if you are interested in using a Zero-Knowledge System email I would personally recommend Tutanota.
In the world of IT there is a war being waged, a war between two super powers – one is older and has reigned for many, many years. The other, is a powerful newcomer (relatively speaking) and has garnished a smaller, yet strong and loyal following.
Yes, I am talking about the war between Windows and Apple. ‘War’ might be a little strong, but the point still stands, each have their advantage and each have a rightful claim to the throne. So which do you choose?
For the fun of it, let us do a pro’s and con’s list to try and determine which one is superior. Full discretion, I am fairly biased, I am a PC user – but I will try my best to remove myself from my loyalty and be objective as possible, for the purposes of this article. I might even be able to convince myself to migrate over to Apple? No, you’re probably right – I doubt it.
Let us start with cost:
Apple computers are expensive, considering what you are getting for hardware, the price compared to Microsoft computers is significantly higher. Many people would no doubt argue that the Apple ecosystem is superior to Microsoft’s and therefore the extra price is warranted. But, Apple does have hardware limitations that make it difficult to upgrade cheaper models.
To Apples credit they do have a program that allows for the easy installation of Windows, Linux or any other operation system you want, in addition to Apple’s OS, and for someone who is less familiar with computers; it is significantly easier to setup a dual boot on an Apple computer.
Microsoft computers are built by many manufactures and therefore, you have a large variety of computers to choose from, in varying price ranges that can easily be upgraded compared to their Apple counterparts.
Upgradable and Configurable:
Microsoft computers are infinitely easier to upgrade than Apple computers. Apple limits what you can upgrade, usually ram and hard drive. With Microsoft computers virtually every part of the computer, from ram to motherboard can be upgraded – therefore, you could purchase a middle of the range computer and upgrade it as needed. I would also argue that the Windows OS itself is more configurable than the Apple OS – which for some people likely doesn’t matter but for other like myself, my OS is highly customized.
Viruses and Malware:
I will concede defeat on this one. Apple computers get targeted much less than their Microsoft cousins when it comes to viruses and malware. But let’s just get one thing straight, the belief by some that Apple computers (and other apple products for that matter) can’t get viruses or malware is simply not true. Microsoft has a much larger user base and therefore, it makes those uses a more worthwhile target.
Microsoft computers are known for their bloatware. When you first purchase a Microsoft computer the manufacture of that computer most likely added bloatware to the machine – Can it be annoying? Yes. Can you get rid of the bloatware easily? Yes.
Windows offers a far superior gaming experience. Plain and simple the hardware limitation with Apple computers make them far less desirable when it comes to gaming.
Microsoft has been around a lot longer than Apple; as a result, the number of software available for Microsoft is greater than Apple. Often times you can find a similar Apple program to your Microsoft program – but I would argue they are not as good.
A Microsoft computer that is a number of years old can easily support newer operating systems like Windows 10, without much trouble or effort. You might have to upgrade some of your hardware but that’s a small price to pay versus purchasing a new computer. Can you do that with an Apple computer? I think not.
There are no doubt other pro’s and con’s between Microsoft and Apple but these are the ones I would consider most important. At the end of the day it is all about what you want in a computer. Take myself as an example, I am currently running a Dell Laptop that I purchased for a middle of the road price but have upgraded and configured to my specification and it is a power house. If I was to purchase and Apple equivalent I would be looking at least a couple thousand dollars - easy. It might not be as sexy as an Apple, but I wouldn’t trade it in for an Apple if they paid me. On the other hand, I know many people who feel the same about Apple, and I can see how the Apple ecosystem would be very appealing.
So let us know which you prefer and why, Microsoft or Apple?
I decided to write about this today because one of our clients was a victim of this particular piece of malware. ‘BackDoor Agent’ is a malicious program that has affected around 500,000 people, worldwide. While that number is particularly low compared to many other viruses and malware, this one deserves special mention because it gives hackers the ability to remotely access your computer system.
Once the Hackers have access to your computer system they can transmit information, modify files and install other software that is likely unwanted. These types of programs are called a ‘Trojan Horse’. If you know anything about Greek mythology or maybe you have seen the movie Troy, you likely know the general premise behind the Trojan Horse. In Greek mythology, the Greeks constructed a huge wooden horse, hid men within it. The Greeks as a manner of subterfuge got into their boats and sailed away, leaving the Trojan Horse behind. The leaders of Troy thinking they have won, hauled the Trojan Horse inside the walls of Troy, where the armed men inside waited until night fall to attack.
In a similar way, Trojan Horse malware, are sent to you, usually through email (but not always), the computer user unsuspectingly opens the email with the attachment thinking something important has just arrive. However, they have just invited inside the firewall of their computer a Trojan Horse. These Trojan Horse’s sometime carry relatively harmless pieces of malware and sometime, they contain malware of a much greater threat. The greatest indicators of a Trojan Horse on your computer will be the degradation in computer performance and the appearance of unwanted programs that you don’t recall downloading.
If you think you are the victim of a Trojan Horse or more specifically a BackDoor Agent, it is crucial that you get the malicious application off your computer immediately – if you are not comfortable doing this yourself, please bring your computer in to us at GMF Computers and we will remove any viruses or malware present and make sure your computer is up to date with the latest virus definitions and windows updates.
Being vigilant is always the best way to protect yourself with regards to privacy and protecting your important information, like debit and credit card pins and account numbers. With the news coming out of Calgary that a customer at a gas pump found a ‘skimming machine’ on the pump, I thought it would be a good idea to explain what a skimming machine is and how it works.
A skimming machine is a device used by individuals who are trying to gain access to your bank account information, debit or credit card, through the use of technology that captures the data from the magnetic strip. Most skimming machines are placed over top of the original card reader, whether it is at a gas pump or even an ATM. They look identical to the original card reader and so they can be difficult to spot. Credit card fraud is a roughly 12 million dollar industry in Canada, and while that is down considerably from roughly 140 million in 2009 it is still a big problem. So how do you spot skimming machines?
Always do a quick check for tampering. If you are taking money out of your regular ATM at your local branch, you are no doubt familiar with how the machine looks and operates. Do a quick check around the screen, keyboard and card reader for any signs of tampering. If something doesn’t look right there is no harm in double checking with a teller. The same goes for any ATM; they all tend to work in a similar manner so if something seems off, don’t use it and notify someone immediately.
Skimming machines usually sit on top of the original card readers and are not securely fastened. Therefore, if you touch the card reader and it moves or feels loose that would be considered unusual. ATM machines are well built so if anything seems loose, that would signal a red flag for me.
Always assume someone is watching. Maybe someone is not physically standing over your shoulder, but observing through the use of micro cameras and transmitters. Whenever you are using your debit or credit card, always protect your pin. You might be in the middle of a store and no one is in sight, but that doesn’t mean that someone isn’t trying to watch. Even if you don’t notice anything unusual with the ATM itself, always cover your pin with your hand.
By remaining vigilant you will significantly reduce the likelihood of having your card information stolen. But always be aware of the credit card and bank statements. If something looks abnormal or you see a purchase you didn’t make, the sooner you report that to your bank the better.
Privacy is a growing concern among many technology users. Technology and their ever increasing advancements mean more of our personal and intimate details are ending up online in some form or another, whether it is social media or some other platform. This is true for both our personal and professional lives. From a business perspective, there are many tools out there that are convenient and easy to use but don’t necessarily consider our ‘private’ information important enough to protect it properly. However, there are some companies out there that specifically use the business model of keeping our private information completely and entirely secure. These companies use a model called Zero Knowledge – I will define what that means in a moment.
For this article I am going to focus specifically on cloud storage systems, but keep in mind that the Zero Knowledge paradigm can be applied to any system or platform, in so far as, that particular company is willing to lose access to your personal information. When enlisting the services of an online cloud platform there are some important questions you should ask yourself. One, is my privacy worth protecting? Two, should I allow someone other than myself to control my private information, and three, should I blindly trust that a company has my best interest at heart when it comes to that information? The answers to those questions should be fairly clear.
So what exactly is a Zero Knowledge System? Let me first give you some examples of what are not Zero Knowledge Systems. They would include cloud platforms like, Dropbox, Google Drive, and OneDrive. These platforms are easy to use and they offer convenient ways to access your data from anywhere. However they are not completely secure, because those companies have access to your encryption keys which means they have access to your data. This puts your privacy at risk, hackers can more easily gain access to that information and two Government entities can also more easily gain access to your personal information. A Zero Knowledge System (ZKS) is the complete opposite of those platforms listed above. Zero Knowledge Systems provide a platform for you to securely store your data, they provide the means to encrypt that data, but they themselves do not actually have access to that data – they do not have access to your encryption key. This means for examples, a hacker couldn’t hack into their servers and gain access to millions of encryption keys. It also means that government entities cannot coerce or subpoena companies to give them access to your data because they do not actually have the encryption keys to that data – the government would have to get a warrant and come directly to you for your encryption key.
A good example of a company that provides a Zero Knowledge platform is SpideOak. They provide three basic, yet very important services. One is called Semaphor, Semaphor is a real-time collaboration tool that allows for encrypted conversation and easy file sharing, it is similar to Skype, but safer from a privacy perspective. Second is SpiderOak One, SpideOak One is a cloud storage platform that allows you to securely access your data anywhere. The third one is Encryptr, which is a Zero Knowledge password manger.
In many cases I think people associate technology with a loss of privacy and as such, they accept it as something that is inevitable. However, I would argue and I think Zero Knowledge Systems are proof that technology actually has the means to both makes our lives easier and increase our privacy, so long as we, as users, align ourselves with companies (like SpideOak) that operate on a platform of true and genuine privacy.
Let’s admit it. We don’t do as good of a job as we should keeping our computers (and technology in general) maintained and while you might think it doesn’t really matter, or perhaps it is inconvenient, a properly maintained computer helps ensure it lives well beyond its typical life expectancy. And sure there are exception to this where either you got a lemon and it died well before it should have or you have a computer that just doesn’t want to die – but this are exceptions and not the rule.
Cleaning and maintaining your computer means both the physical machine and the virtual computer itself. Dust impact can cause many problems inside the computer, for example, if there is not enough air flow and the computer begins to overheat it can cause serious damage to the components. Not maintaining the virtual computer can cause a whole host of problems you would rather avoid.
Scanning your computer is a no brainer, and yet sometime we simply forget to do it (I am no exception to this and I work in the industry). Most Anti-virus programs can be configured to run scans at predetermined times, once a month, once a week or whenever you really want it to. But these often times get missed, for example if your computer is shut down during the allotted time. Additionally, these scan are usually quick scans of the computer system which are not as thorough. That is why it is important to open your anti-virus program and run a ‘Full Scan’ at least once in a while – I would argue you should do this at least once a week.
Applications are seemingly harmless programs that sit on your computer. Some of them you use and some of them get automatically downloaded with other software you downloaded and other you downloaded but don’t use any more. The problem with applications or any type of software is that they a prone to security failures and holes. This is not intentional (in most cases) but hackers and programs are good and exploiting holes in software. That is why it is so important to one, remove unwanted or unnecessary programs from your computer and two keep your applications up to date, because these updates often come with important security patches that help fix these security flaws.
Your hard drive, I am begging you, literally on my hands and knees begging you to back up your data. Have you ever seen a grown man cry like a baby? As you all know, your hard drive is where all your data is stored, from application data to your personal data. What you might not know is that hard drives are incredibly finicky and temperamental creatures and if not properly cared for they will bite you. In some case you might get away with a minor flesh wound in other cases a limb. Okay, okay, enough with being dramatic.
Over time the data on your hard drive can become fragmented, data stored is not always stored in contiguous blocks which cause pieces of your data to become separated from the pack. Your computer in all likelihood can find those fragments but I would expect there to be some degradation in performance and wear and tear on the drive itself (they don’t live forever). Again, it is important to uninstall programs that are not frequently used so they are not taking up space on your hard drive. It is also important to clean up your temporary files and any files that are unnecessary. For example, sometime when you uninstall a program there are residual files that are left behind. Always a good idea to keep your downloads folder cleaned as well so you are not using up unnecessary space.
Do backup your data. This isn’t so much maintenance protocol but a keep your personal data safe protocol. Hard drives will stop working and if you don’t have your data backed up there are no guarantees that it can be retrieved. There are tools out there that will read your hard drive and give you some important information, for example, how many hours are on it, what the temperature is and if there are any bad sectors. This will help you determine if you need to replace your hard drive or not.
Quick side note: if you do decide to replace your hard drive, I highly recommend a SSD (Solid State Hard drive). They are significantly more stable and faster.
Windows, much like other pieces of software on your computer are prone to security flaws. As with other applications it is important to install Windows Updates, this will help protect your from any bugs within windows itself and also help protect your from any security flaws.
Computer maintenance is key, not only can it help protect you but it can increase the life of your computer. Some of these things you can do yourself – and I highly recommend that you do. However, if you want a complete top to bottom cleaning come in and see us at GMF Computers, we will clean your computer of any viruses and malware, do all your updates to windows and other software, clean out your temporary files, junk files, unnecessary files, clean your registry and do a dusting of your physical computer. Plus, we will test your hard drive and let you know its condition.