July 18th, 2014
Chances are, you have a router sitting in your home or office somewhere to help create a wireless network. Do you know how best to use this router to get the best performance possible from it? There are a number of variables like how close to walls or other interfering devices the router is placed that affect performance. Even incredibly minute details can hinder performance. At LifeHacker, Melanie Pinola explains the best way to position your router’s antennae.
The majority of routers have both antenna pointed straight up. That’s understandable when you consider the way a car’s radio antenna is situated. That’s not the ideal position for your router’s antennae, however.
An Apple engineer recently spoke about how to get optimal performance from your router and included this nugget. The ideal antenna placement is perpendicular, with one pointing straight up and another pointing horizontally. The reason is that “radio reception is maximized when both client and access point have matched polarization.” Put simply, your device’s antenna and the router’s need to be on the same plane.
Some device have vertical antenna, while others have horizontal. So, to get ideal connectivity for any device, your router’s antennae should point each way.
Similarly, there’s a specific way your router should sit also. If the router has feet on it, it’s because it’s designed to sit on those feet. Putting a router on its side when it’s intended to sit flat hinders performance. This is especially important for routers with internal antennae.
If you’re having problems with your hardware, be it your router, modem or computer, call Geek Rescue at 918-369-4335.
July 16th, 2014
Does the browser you use really make a difference in the performance of your device? Depending on your device and the browser you’re using, yes it does. There have been a number of studies to determine which browser runs the fastest and which takes up the most resources. At Forbes, Ian Morris reports that Google’s Chrome browser actually has a significantly negative impact on the battery life of Windows laptops.
The reason can be traced back to the “system clock tick rate”. As soon as Chrome is opened, it sets the rate to 1.000ms. When Windows is sitting idle, that number should be 15.625ms.
Those numbers likely mean nothing to you, but here’s what they signify. To save power, your processor sleeps when it has nothing to do and wakes at predefined intervals. At Windows default idle rate, the processor wakes about 64 times each second. That sounds like a lot until you realize that with Chrome open, it wakes 1-thousand times each second. Microsoft reports that a clock tick rate of 1.000ms increases power consumption by “as much as 25-percent”.
Other browsers, like Internet Explorer, also adjust the system clock tick rate, but only when they need to. For example, if you’re streaming a video, IE will adjust to 1.000ms. For normal browsing that’s less taxing, the rate stays at 15.625ms. That means power consumption is only increased for certain tasks, as opposed to Chrome, which increases power consumption as soon as it’s opened and keeps it high until all Chrome windows are closed.
This is only an issue for machines running Windows. Mac and Linux machines use “tickless timers”, which make Chrome’s habits ineffective. Mac users have reported, however, that Chrome seems to take up more resources than other browsers.
For users hoping for a fix, don’t hold your breath. Google has known about this bug since 2010 and hasn’t made it a priority. Microsoft is also likely to invest in a fix since other browsers, their own included, don’t have this issue.
For the time being, it appears that Chrome users best option is to switch to an alternate browser if battery life is a concern.
At Geek Rescue, we solve your computer problems. Whatever the issue, call us for help at 918-369-4335.
July 15th, 2014
Since 2013, Cryptolocker, a particularly nasty form of ransomware capable of locking users out of their own files, has been terrorizing its victims. The US Department of Justice, however, has announced that the malware is no longer a threat. Robert Westervelt has more details at CRN.
The DOJ has been working on a global operation to track down those responsible for Cryptolocker and the associated Gameover Zeus botnet. They believe they’ve found the responsible party, a 30-year old Russian computer programmer. He remains at large, but the infrastructure used to operate the malware has been dismantled, which has made Cryptolocker incapable of encrypting files on computers it infects.
All told, the ransomware and botnet were able to infect hundreds of thousands of devices and cost victims more than $100-million.
While Gameover Zeus infections fell by 31-percent over the past month, spurred by a law enforcement seizure of servers used to communicate with the botnet, there remain over 100-thousand infected computers.
Unfortunately, Cryptolocker was far from the only ransomware infecting users. Copycats and other forms of the malware are still a threat to infect a user’s system, encrypt files then demand a ransom payment in exchange for decryption. Victims of ransomware of this nature have little defense once they’re infected. The best course of action is to make full back-ups of your files regularly so that you can restore them in the case of an infection.
Ransomware has actually been on the rise recently thanks to kits being made available for sale by hackers. These kits automate attacks so that those with less expertise are able to execute them.
If any of your devices are suffering from a malware infection, or other issues, call Geek Rescue at 918-369-435.
July 14th, 2014
Common advice to web users is to always use a unique password for each online account. By doing so, all of your accounts aren’t compromised if someone else learns one of your passwords. The main complaint that accompanies this advice, however, is that it’s impossible to remember dozens of passwords and which account they each go to. That’s why password managers have become so popular recently. A password manager stores your log-in credentials for any site and encrypts them. Users are able to access their passwords, or have the password manager log-in for them, by using one master password. As Zeljka Zorz reports at Help Net Security, however, this introduces more problems if the password manager itself is insecure.
A group of researchers at the University of California-Berkley set-out to test some of the most popular password managers available to find any vulnerabilities that would lead to a user’s log-in credentials being compromised. The five managers tested, LastPass, RoboForm, My1Login, PasswordBox and NeedMyPassword, all contained some form of vulnerability.
The vulnerabilities were found in different features of the products and the root causes of each also were different for each vulnerability.
After the flaws were reported, however, all but NeedMyPassword responded and fixed the issues within a few days. It should also be noted that the vulnerabilities found by the researchers have no evidence of being exploited in the wild. This means that while the potential for an attack existed, no attackers had found it before it was discovered and patched.
That’s an important characteristic of any application. While vulnerabilities are unavoidable, being proactive in finding them and fixing them before they’re exploited is vital.
For users, the news that password managers contain vulnerabilities is no reason to avoid them. It is important to keep track of the news of potential attacks and regularly change your master password, however.
Many attacks that compromise online accounts stem from malware that’s infected your device. For help recovering from an attack, cleaning your system or creating a more secure environment, call Geek Rescue at 918-369-4335.
July 11th, 2014
Gmail is one of the most popular email clients around and iOS devices are likewise incredibly prevalent. It stands to reason, then, that millions of individuals access their Gmail accounts on their iPhone or iPad. As Jeremy Kirk reports for Computer World, doing so leaves users vulnerable to data theft.
At issue is a lack of a vital security technology that would keep attackers from spoofing security certificates and gaining access to the encrypted communications being sent through Gmail. Any website or application that has users sending potentially valuable personal information uses digital certificates to encrypt that data. Attackers have been able to fake these certificates, however, and decrypt the data.
Google would be able to put a stop to these man-in-the-middle style of attacks by implementing a technology called certificate “pinning”. This involves hard coding legitimate certificate details into an application. While Google has known about this vulnerability since late February, they’ve yet to implement pinning.
Making this more odd is that this vulnerability only affects iOS users because Gmail for Android uses certificate pinning. This is being referred to as “an oversight by Google”.
For the time being, using Gmail on your iPhone is unsafe. There’s always a possibility of your messages being intercepted by a third party.
At Geek Rescue, we offer a number of email solutions for home and business, as well as support for mobile devices, including iPhones and Androids. If you’re having issues with technology, call us at 918-369-435.
July 9th, 2014
When it’s time to upgrade to a newer smartphone, what should you do with your old phone? If it’s too old, or no longer functioning, you’ll probably look into recycling it. But, if it’s still in good shape, you can sell it for good money. The problem is that selling your phone might also mean giving someone else access to your data. AT ZDNet, Jack Schofield reports that a recent experiment by security company Avast revealed how vulnerable even deleted data is on smartphones.
Avast bought 20 previously owned Android smartphones off of eBay to find out how much data they could recover from the previous owner. Even though the phones had been wiped and returned to factory settings, the team was able to restore emails, text messages, images, contacts and even a completed loan application rich with valuable personal information.
All of this was possible through the use of available forensic software.
So, is selling your old smartphone really worth it if you’re risking losing control of your personal data? Probably not. There’s also an added worry with more employees using their personal smartphones for business. Their company’s data could be at risk also if they decide to sell their old smartphone for a few extra bucks.
There are plenty of apps available that claim to be able to effectively wipe your phone, but it’s hard to find out which are actually able to do the job. Many experts suggest that the only way to truly erase what’s stored on your phone is to destroy the hard drive completely.
This vulnerability is bad news for those who want to sell their old devices, but it could be good news for those who have accidentally deleted or lost access to important data. In those cases, it’s likely that those files can be restored through the right process.
At Geek Rescue, we’re able to recover lost, deleted or corrupted files from all devices. We also help secure your device, or reset it to factory settings. Whatever your need, give us a call at 918-369-4335.
July 2nd, 2014
In the fall of 2013, hackers infiltrated Target’s point-of-sale system and were able to steal credit card information from thousands of customers. That large scale attack prompted a re-evaluation of security by most companies to attempt to better protect customer data at its most vulnerable points. As Jaikumar Vijayan reports for Computer World, however, more businesses were recently victimized by a similar POS attack that compromised customers’ credit card information.
Information Systems and Supplies (ISS) provides POS systems to restaurants in the northwest. Recently, they informed customers that those systems may have been compromised, which may have led to the theft of customer’s credit card information.
The breach in security stems from attackers gaining access to ISS’s admin account, which allowed them to log-in remotely to ISS customer servers and PCs. Through remote access, data stealing malware was planted on the POS systems, which is capable of stealing the numbers of any credit card used between since the end of February.
It’s unclear exactly how hackers first gained access to the ISS admin account, but it’s believed to be fallout from a phishing scam.
One password was used to log-in to each POS system managed by ISS before this attack. Since learning of the breach, ISS has instituted unique passwords for each customer system.
This attack holds lessons for both individual users and businesses. This is an example of why reusing passwords, or using a single password to access an entire network, is dangerous. If one password is all that stands between an attacker and all of your most important data, you’re likely to suffer a catastrophic attack. It’s important to implement multiple passwords, two-factor authentication and other security measures.
Last year, nearly two-thirds of successful data breaches were caused by security vulnerabilities introduced by third party applications. Many businesses assume that third party software is secured and maintained by the vendor who supplies it, but that’s not always the case. Unfortunately, this mistrust leads to attacks that are able to use third party software to infiltrate an entire network.
At Geek Rescue, we offer support and service to both individuals and businesses. For help recovering from an attack or improving security to prevent one, call us at 918-369-4335.
June 27th, 2014
Google’s Chrome is the most used browser with just over half of internet users choosing it. Oddly, many of those individuals use Chrome every day without knowing all of the features and capabilities it offers. All browsers have hidden features that typical users don’t take advantage of regularly. As Evan Dashevsky of PC Mag explains, Chrome is ripe with additional features that make browsing easier and more convenient. Here are five useful features you probably don’t know about.
When you’re searching for information, the number of clicks and websites you have to visit can be exhausting. This trick helps you streamline that process. Any site that has a search bar included on it can be saved in your Chrome browser as a search engine. To do so, right click on the search bar and click ‘Add as search engine’. Now, if you’re searching for something you think might be on that site, you can simply type the name of the saved site in your address bar, press tab and enter your search term. Instead of searching Google, Chrome will search through the site you entered for your query. Since you can do this from any site or new tab, it saves you a few clicks.
Most users have learned, many by accident, that they can move a tab from one Chrome window to another, create a new window with it or rearrange the order of tabs in a single window. What few realize is that you can actually move multiple tabs at once. To do so, hold shift and click on the tabs you want to move together. For Mac users, hold the command key.
If you’ve got an image file saved and you’re not sure what it is, Chrome can help with that too. Just drag the file into Chrome and it will display the image. It’s much quicker than some other alternatives, but there are no additional editing features. This is for viewing the image only.
- Open Recently Closed Tabs
Most Chrome users take advantage of browsing in multiple tabs at once, which means most users have also accidentally closed a tab they immediately wanted back. Thankfully, Chrome includes a feature that acts like an Undo tool in a word processor. By pressing Control-Shift-T, you can regain your most recently closed tab. Keeping hit those keys and you can restore more tabs.
The address bar in Chrome is actually called the Omnibox, most likely because of all of the additional features built into it beyond just typing it URLs. For example, typing simple math equations into the Omnibox will produce the answer. It’s also capable of converting units, like telling you how many days a certain number of hours equates to. You can highlight text on a website and drag it directly into the Omnibox to search for that text. Also, the folded piece of paper or lock icon in the far left side of the Omnibox can be clicked to reveal information about the site you’re currently on like the cookies and permissions it uses.
At Geek Rescue, we know the tips and tricks needed to get the most out of your devices. For help with repairs, security and more, call us at 918-369-4335.
June 26th, 2014
A well-known online scam is directing users to malicious websites by sending them emails claiming to contain links to en e-card. Usually, the goal of these scams is to infect users with malware, but as Sean Butler reports for Symantec, the latest scam attempts to steal users’ money by promising a get rich quick scheme.
The email messages used in the scam appear to be sent from a legitimate e-card website, 123greetings.com. It contains only one sentence with a link to supposedly view your e-card. In most scams of this nature, this link would take you to a website where malware would be downloaded to your device. In this case, however, you are delivered to a site that’s made to look like 123greetings.com. Instead of malware, users are met with a long message that appears to be from a friend urging you to take part in a get rich quick scheme.
This spoofed version of the e-card site was only registered on June 17, according to WhoIs. From that site, users are sent to several other sites that all attempt to verify the authenticity of the ‘business opportunity’. Users are promised the chance to make thousands of dollars each week, but there’s a significant catch. It requires an initial payment of $97.
In addition to stealing a user’s money, contact details are also obtained, which could allow the spammers to attack the same individuals in future scams.
It’s never a good idea to follow links sent in unsolicited emails, but there are additional clues that this particular email isn’t legitimate. Most notably is the use of URL shorteners. Actual emails from 123greetings, aside from including much more than a lone sentence and link, include the full length with their domain name. The emails sent as part of this scam are shortened to obscure the true URL.
For additional tools that keep malicious emails like this out of your inbox, or for help recovering from a malware infection, call Geek Rescue at 918-369-4335.
June 24th, 2014
Moving part of your business’s operations to the cloud offers you a number of advantages, including more flexibility and mobility. It does introduce a few challenges related to security, however. Since employees are able to access more from more places, that means the possibility of criminals accessing important data increases. Another possibility is a crippling denial of service attack that makes any applications or data stored in the cloud unreachable. That’s what happened recently to a company hosted in Amazon’s Web Service Cloud. That attack prompted Tech World’s Brandon Butler to publish a list of tips for protecting any infrastructure as a service cloud.
- Two-Factor Authentication
The primary worry when data is available from anywhere is that log in credentials will be stolen or hacked allowing a third-party to access everything stored in the cloud. To prevent this from occurring, two-factor authentication is extremely useful. Rather than a simple log-in name and password, two-factor authentication requires a unique PIN for a user to log-in from an unrecognized device. This PIN is often sent to the user’s registered phone via text message. If an unrecognized device tries to log-in to the cloud, even with a recognized username and password, a PIN will be required, which should keep attackers out.
One of the keys to spotting a developing problem with the cloud is closely monitoring regular activity. You need to know what behaviors are normal so you can spot irregular or suspicious activity and investigate before any real problems develop. There are a number of tools available to help monitor activity like when and where users log in from. Keeping a close eye on these reports allows you to see when unknown IP addresses are attempting to gain access.
Unfortunately, no security tool can guarantee that no criminal will ever gain access to your data. In the event someone does gain access to the cloud, it’s important to have encryption in place so important data isn’t readily available to them. It’s also important to understand that not all encryption is created equal. While some is useful to protect your data in the event of a large scale attack against the whole system, that same encryption likely wouldn’t be effective should an individual user’s account be compromised.
As with anything else, if it’s important, it’s important enough to make copies. Making back-ups doesn’t improve security or protect you from an attack. It does, however, make attacks much less costly because recovery times are much shorter and much less data is completely lost. Some cloud services automatically back-up data stored there, but not all do. It’s important to know if your data is being backed up, or if you need to make arrangements yourself. You’ll also need to decide if everything stored in the cloud needs to be backed up regularly, or if there is specific, vital data that needs the most attention.
The cloud is becoming an invaluable tool for business and securing it properly is vital to the success of your operations.
For help implementing and securing the cloud, call Geek Rescue at 918-369-4335.