AskWoody

Patch Lady – 31 days of Paranoia – Day 17

So you know you’ve been hacked.  Now what?  You can tell your passwords have been reset and you can’t get into your accounts.  You have evidence that a bank account has had funds transferred without your permission.  What can you do?

Well it honestly depends on exactly the level and damage of the attack.  Financial crimes have a higher impact and thus will often get action.  Low impact crimes, for example where someone is spoofing you online and pretending to be you in Facebook and asking for “friend” requests won’t get police action.

But what can you do to at least make authorities aware of the problem?  Obviously with any hacking or cyber activity that has a financial impact, immediately call your financial institution.  They can change bank account numbers, put in place positive pay processes to ensure that no authorized transactions get made without your explicit permission.   For high impact intrusions you can contact the FBI or the Secret Service or the Internet Crime Complaint Center.  For lesser impactful attacks you have much less options.

Think the cyber attack is originating from Azure, or Amazon Web Services?  You can contact them.  And that’s often the best place to start.  See if you can determine where the attack originated from and contact the hoster or ISP that  the attack came from.  Often you can narrow this down by reviewing email header files.

Tomorrow I’ll talk about the ways you can recover from an attack and some of the investigation tools you can use on machines.

Patch Lady – a new ribbon for Office

In the last few weeks you may have received a new ribbon bar look.  It’s a bit whiter and has more contrast than the old icons.  If you think you accidentally clicked on something and think you messed up a view, it’s actually the new look being rolled out to some users.  If you want to go back to the more classic view, you can flip your click to run patching schedule from monthly to semi-annual channel.

There is a user voice item that has (at the time of this posting) 575 votes.

Bottom line, it’s not you, it’s them.  You didn’t do anything other than use your computer and get updates silently in the background.

Patch Alert: Where we stand with the October patches

It ain’t pretty, lemme tell ya.

Information on Computerworld.Woody on Windows.

Patch Lady – 31 days of Paranoia – Day 16

Today we live in a world where recording devices are ubiquitous.  There are recording devices on public streets, recording devices in the door bells of houses, and in general, there is often a video recording that Authorities can obtain to gain more information.  California has a law that states….

California’s wiretapping law is a “two-party consent” law. California makes it a crime to record or eavesdrop on any confidential communication, including a private conversation or telephone call, without the consent of all parties to the conversation. See Cal. Penal Code § 632. The statute applies to “confidential communications” — i.e., conversations in which one of the parties has an objectively reasonable expectation that no one is listening in or overhearing the conversation. See Flanagan v. Flanagan, 41 P.3d 575, 576-77, 578-82 (Cal. 2002).  A California appellate court has ruled that this statute applies to the use of hidden video cameras to record conversations as well. See California v. Gibbons, 215 Cal. App. 3d 1204 (Cal Ct. App. 1989).

If you are recording someone without their knowledge in a public or semi-public place like a street or restaurant, the person whom you’re recording may or may not have “an objectively reasonable expectation that no one is listening in or overhearing the conversation,” and the reasonableness of the expectation would depend on the particular factual circumstances.  Therefore, you cannot necessarily assume that you are in the clear simply because you are in a public place.

If you are operating in California, you should always get the consent of all parties before recording any conversation that common sense tells you might be “private” or “confidential.” In addition to subjecting you to criminal prosecution, violating the California wiretapping law can expose you to a civil lawsuit for damages by an injured party.

If you have security cameras in a location where there is no expectation of privacy – out in the street in front of your house – you would not be under a wiretapping law.  However if your security cameras are inside your house, there is an expectation of privacy and thus wiretapping laws would come into play.  Now let’s layer on how some of these video cameras have less than stellar security and now layer on the ability to search for such internet of things devices through a specially crafted search browser, it’s no wonder that we’re all a bit paranoid these days.  Make no mistake, video cameras often help law enforcement put evidence together.  Case in point a local homicide in my City was able to spot an assailant’s truck in several videos captured by surrounding homes and businesses and was able to use the video as additional evidence of proof that the assailant was in the area where the homicide occurred.  So video capturing helps a great deal.  BUT… as with all technology – it can be abused both in terms of privacy and as well as being used by attackers.

If you set up a home video camera consider the vendor security features:  Make sure it doesn’t have embedded passwords, demands complex passwords, can be updated relatively easily among other things.

Cameras can help make you safer, but they can also introduce security risks as well.

Reviews of the Surface Pro 6 and the Surface Laptop 2

The embargo must’ve been lifted overnight. You can see reviews all over the web.

Bottom line:

Surface Pro 6 is a little faster that the “Surface Pro (2017)” but not that much. i5, 8GB RAM, 256 GB and a keyboard for about $ 1,350.

Surface Laptop 2 is a little faster than the Surface Laptop (1) but not that much. i5, 8GB RAM, 256 GB storage for $1,300.

No USB-C.

Compare with any Chromebook for a small fraction of the price. The ultimate Chromebook, the Google Pixelbook with i5, 8GB RAM, 128 GB storage runs half the price. Admittedly the Pixelbook lacks some key Surface features: Bluescreens, bugs, malware, slow reboots.

Disclaimer: Unless it isn’t patently obvious, no, I’ve never held either a Surface Pro 6 or Laptop 2 in my hands. This isn’t a review. I wasn’t under embargo. Microsoft didn’t give me a test machine.

But I have held a Pixelbook. In fact, my son still uses my original Pixelbook almost every day. Built like a brick spithouse.

Phone scam: Win7 license is “about to expire”

Fascinating story/question from JW:

I’m writing in reference to what my wife & I believe to be a phone scam related to the upcoming termination of Microsoft support for Windows 7. We have now received two phone calls (several weeks apart), from someone claiming to represent Microsoft, informing us that our Win7 license is about to expire, and that we must pay a fee by phone (credit card) in order to continue to use the software beyond a certain date (which has changed with each call). This strikes us as being illegitimate and a scam to get money and our credit card info. Have you heard of this previously and do you agree this is likely an illegitimate request? Is there some useful action we might take other than sharing this with you.

No question it’s illegitimate.

It’s also the first time I’ve heard this one.

As Win7 approaches end of life (14 months to go!) I expect we’ll hear more variations on this theme.

Patch Lady – 31 days of Paranoia – Day 15

We’re on the 15th day of our travels through paranoia and on the day that Paul Allen, one of the founders of Microsoft passed away, I’m touching on the next big disruptor that the Microsoft company is increasingly implementing:  That of cloud services.

Paul Allen and Bill Gates took mainframe computers from locked away in a freezing room only accessible by the few to where nearly everyone has more power in their desktop and laptop than the old mainframes used to have.  The next disruptor is cloud services.  Especially for small firms, my biggest fear for small businesses that rely on cloud computing is that we won’t get solid guidance on how best to secure and deploy cloud services.

Too often people see cloud services as easy to set up, and they are, but they don’t take the time to think about security.  I have personally seen where users of cloud services will often share credentials to another person without thinking of the risk of sharing credentials.  I’ve seen where consultants can misconfigure settings or – as often seen in big cloud breaches – leave files in cloud locations and not set the file security properly.

There’s a lot of good things about cloud services.  And then there’s a lot of risks to cloud services.  Always ask and check on how easy it is move FROM a cloud provider, check on the encryption status, check on the backup status.  And these days I’m seeing more and more vendors providing cloud backup solutions to give users more granular options in restoring files saved in the cloud.

So read those end user license agreements, and ask questions of your vendors before you sign up.

Patch Lady – 7 Metadata problems

Patch Lady here – I patch over the weekend at my firm and normally the 7’s install their patches and go along their merry way.  But not this weekend.

I came in this morning and none of my 7’s had installed KB3177467, nor have their received their October security update because the October security update depends on the installation of KB3177467.

Mind you I installed KB3177467 BACK IN NOVEMBER OF 2016.  So it’s already ON my machines.

Bottom line metadata and patch dependency is totally screwed up on Windows 7 platform and because of that the October security updates detection are screwed up.