April 24th, 2014
Wireless networks are everywhere and are responsible for keeping our most used devices, like PCs, smartphones and tablets, connected to the internet. They’re far from perfect, however. A WiFi network is generally slower and less stable than hardwired connections to your modem. But, as noted in a video recently posted by Techquickie to YouTube, there are a few ways to improve your wireless network. Some of these tips require the purchase of additional hardware, but here are the absolutely free ways to improve your network.
- Find the right spot for your router
Surprisingly, making your network reach the entirety of your home or office could be as easy as moving your router. There are a number of factors that contribute to limitations to the size of your router’s range. First, understand that the coverage area is sphere-shaped. Placing your router close the center of your home will give you a better chance of covering all of it. Putting a router on the floor, or next to thick walls and thick objects, particularly those made of stone, metal or concrete, greatly reduces the coverage area so try to avoid those while finding an ideal spot.
Software and firmware updates are vital to patch security vulnerabilities, but can also be helpful in improving your router’s coverage area. To check for the latest updates, just go to the manufacturer’s website. For example, the Linksys website has a ‘Support’ section with updates for all of their products.
Regardless of your router’s manufacturer, you should be able to switch between channels. If you’re using a 2.4 GHz band router, you’ll want to use channel 1, 6 or 11 because these are the only usable, non-overlapping channels. Deciding between these three depends on the other routers in use in the area. For example, if you have neighbors on each side and one uses channel 1 and the other uses channel 11, you’ll want to use channel 6. Unfortunately, it doesn’t always work out so cleanly. In addition to other networks, things like baby monitors and cordless phones contribute to interference. You can either use trial and error to find the best network for your area, or look for available tools and mobile apps that show you the other networks in use.
If these tips don’t work, you’ll probably need to add or upgrade hardware in order to improve your network. A new 5 GHz router, if your devices are compatible, will greatly improve your connection speeds. Other options include adding a new antenna or repeater.
If you’re having trouble with your network and need to fix your router, modem or other hardware, call Geek Rescue at 918-369-4335.
April 18th, 2014
Microsoft released an extensive update to Windows 8 in the fall, which, while useful, also confused many users. At the beginning of the month, Microsoft released their second significant update for Windows 8. This time, it’s quite a bit less robust than Windows 8.1 so they simply called the new iteration Windows 8.1 Update. Again, this update is useful, particularly for desktop users, but it takes some time to get accustomed to. At Information Week, Michael Endler published usability tips to help users acclimate after updating.
There are a number of new features and options, but some will be hidden and unused the first time you boot up Windows 8.1 Update. Head to the ‘PC Settings’ menu, which can be accessed a number of different ways. Some key options to consider include the ‘Corners and Edges’, which includes the new feature to pin Windows apps to the desktop taskbar. Also, ‘Search and Apps’, which allows you to adjust which programs open which file types. You can also manage storage space from ‘PC and Devices’ under “Disk Space”. You’ll be able to uninstall apps, sort installed apps by size and empty your recycle bin.
Windows 8.1 allows users to search for files and apps in a number of ways, but Windows 8.1 Update adds an obvious search field to the Start screen’s top-right corner. The search function itself is finicky, however. For example, you’ll need to know what specific app titles are when you search for them, or your search won’t reveal them. Searching for “Pictures” won’t allow you to find the “Photos” app.
As the updates for Windows 8 have rolled out, users have been able to pin more and more to their taskbar. This is a useful feature that users clamored for, but it opens the door for overuse, which actually hurts usability. Not only will your pinned apps appear on the taskbar at all times, but open apps appear there also. If the number of apps on the taskbar gets too large, you’ll have a hard time finding what you want, which defeats the purpose of pinning apps in the first place.
To make the use of tiles more appealing to desktop users, Windows 8.1 Update includes the ability to right click to change the settings of tiles. Resize, unpin, uninstall and more are available from a menu when users right click on a tile. Also, adjust the way apps are displayed by visiting the ‘Tiles’ section of the Settings menu.
Installing new apps from the Windows Store doesn’t automatically add them to the Start screen or taskbar. You’ll be able to see them in the ‘All Apps’ view, but some users have struggled to find apps they’ve recently downloaded. Windows 8.1 Update includes visual notifications that help. When an app finishes downloading, users will see a notification in the top right corner and another “new app” notification will remain in the bottom left until the app is opened.
These tips will help you transition to Windows 8.1 Update by customizing it to your liking and avoiding potential problems.
Anytime you’re having computer issues, call on Geek Rescue for help at 918-369-4335.
April 15th, 2014
Installing a major update to your operating system can be a daunting task. Many users feel this way as evidenced by Windows 8 still owning the lion’s share of the market over Windows 8.1. It doesn’t seem to matter if the update is offered at no cost. What matters is that users think updates will be too time consuming, too complicated, or cause issues with compatibility or storage. Naturally, the audience’s reluctance to update their systems is frustrating for Microsoft, who is forced to roll-out multiple versions of the same patches and updates constantly. As Mihaita Bamburic reports for Beta News, Microsoft has found a solution to force users’ hands.
Microsoft recently announced that by May’s Patch Tuesday, roughly 30-days away, there will be no more security updates provided to Windows 8.1 users who haven’t installed Windows 8.1 Update. The update, which is the first major update released for Windows 8.1 and aims to help make it more usable for desktop users, has only been available since the beginning of April but adoption numbers have been low.
This is a move that attempts to force users to install the update because without it, their computers will be at risk to the latest threats and exploits. As it is, Microsoft is having to spend an inordinate amount of time creating patches for each version of Windows currently active and altering those patches for users who haven’t updated their operating systems fully.
For Windows 8.1 users, the best option is to bite the bullet and download the update. If you’re concerned about losing data, updating is an ideal time to back-up your files. You can even create a restore point that will allow you to revert back to the state of your system before the update is installed in case you run into problems.
If you have issues with your computer that an update from the manufacturer won’t fix, call Geek Rescue at 918-369-4335.
April 11th, 2014
A common piece of advice is to keep applications updated, especially antivirus programs, to try to keep up with constantly evolving cyber threats. At Dark Reading, Tim Wilson reports on the recently released Websense 2014 Threat Report that finds advanced, targeted attacks are more prevalent than ever before. This means that relying on out of date malware definitions and failing to patch vulnerabilities quickly are more likely to cause users to become victims of an attack.
Websense reports preventing more than 4-billion attacks in 2013. Almost all of these attacks were intelligently designed to by-pass traditional security tools and pursue confidential data. The worry is that not only are the highly targeted, advanced attacks able to fool traditional security infrastructures, but attacks considered more common and able to affect users on a large scale are also using advanced tactics to avoid detection and prevention.
A common attack tactic is the use of malicious links, either on a website or included in an email. Clicking these links causes the download of malware, or directs users to phishing sites designed to steal log-in credentials or other important information. In 2013, 85-percent of these malicious links were found to be located on legitimate, trusted websites that had been compromised. This makes it exponentially more difficult to recognize and prevent this style of attack because the website being used isn’t designed as an attack site.
About one-third of all malicious executable files discovered in 2013 contained custom encryption of programs designed to remotely take control of a system or mine data from it.
There were also a reported 67-million exploit kits discovered throughout last year. An exploit kit is a way for developers with expertise to design an attack and sell it to others to be easily customized and launched at the target of their choosing. These kits make it easier for more criminals to launch an attack because it only takes money, rather than expertise.
The takeaway from the Websense report is that no user is safe. There are so many threats to your safety, you’re bound to run into one eventually. This report also speaks to the importance of being proactive in your security. Update and patch often and be looking for new ways to protect your network.
For help improving the security of your network at home or at the office, or for help recovering from an attack, call Geek Rescue at 918-369-4335.
April 9th, 2014
Recently, you may have noticed the scores of headlines reporting attacks on wireless routers. Major brands like Linksys and Asus have been plagued by attacks and experts are speculating that attacks on these devices are becoming a trend. Lucian Constantin at ComputerWorld reports on the details of why wireless routers have become such a popular target of cyber attacks.
The most obvious target of attacks is your computer. It contains a wealth of information that could be valuable for criminals to steal and processing power that attackers can harness. Because computers were being targeted by such a large volume of attacks, security began to improve. Not just in the form of antivirus programs, but even in the way operating systems and other applications were built and updated. Suddenly, it was much more difficult to attack a computer directly.
While hackers began developing more intelligent threats, most attacks will target the path of least resistance. That is no longer a user’s computer. Now, that’s a user’s router.
Wireless routers haven’t been the target of many attacks in the past, so manufacturers and users have not made security a priority. This has made attacking them now relatively easy. In fact, security flaws that haven’t been available to attackers for more than a decade are often still open on wireless routers.
In addition to the relative ease of access, attacking wireless routers allows criminals to access every device connected to them. Now, instead of using a targeted attack to infect one computer, a single attack targeting a router can infect every device in the home, which could include laptops, smartphones, tablets and even TVs, DVRs and other internet ready appliances.
Adding to the problem is the fact that routers aren’t updated automatically, which leads to many of them being extremely outdated from a security standpoint. They aren’t being made securely in the first place, but when a vulnerability becomes public, the patches and updates that are released aren’t being widely implemented. This is true of most applications that require users to actively search out an update and manually install it. In the case of routers, it requires some technical expertise to change settings and update. Many users fail to even change their router’s name and password from the factory default.
The first things for users to understand is that their router is vulnerable. It does need to be updated periodically and needs to have a strong password associated with it. For those who are capable, it’s a good idea your router’s admin interface unavailable from the internet.
Creating an effective security infrastructure requires securing a number of potential attack points. For help improving security for your home or business, or for help recovering from an attack or malware infection, call Geek Rescue at 918-369-4335.
March 28th, 2014
A recent study found that many businesses are falling short on basic security measures. While many use antivirus programs and similar tools, they fail to implement them or monitor them correctly, or fail to keep them sufficiently updated. This leads to vulnerabilities that could allow for costly attacks. Brian Prince of Security Week reports on the common vulnerabilities contained in most companies’ security.
Managed security provides, Solutionary, recently released a report about common threats and vulnerabilities they’ve observed with their clients. In it, they find that while nearly all companies understand that using an antivirus program is a necessity, many of them fail to properly maintain it. Because malware and attacks are constantly evolving, it’s already incredibly difficult for security tools to detect threats. When those tools aren’t kept up to date with the latest definitions, it becomes almost impossible for them to provide any real security.
Solutionary found that less than half of the malware that they captured in honeypots was detected by their clients antivirus programs. Compounding that problem is that many of these malicious items downloaded more malware to infected networks, which also weren’t detected by the antivirus program in use.
Many of the vulnerabilities found in a company’s security resides in internal systems. Generally, this happens because external facing systems are a known attack point. Businesses usually spend the majority of their security budget on protecting them. Internal systems, like operating systems and applications like Microsoft Office are regarded as less important. Failing to properly update Windows, or applications leaves known vulnerabilities exposed. A vulnerability in Microsoft Word could lead to a network wide infection.
Missed updates for antivirus programs, operating systems and other applications happen because of a lack of asset management and because the IT security team doesn’t fully understand key pieces of the company’s infrastructure.
For help creating an effective security infrastructure for your business, call Geek Rescue at 918-369-4335.
March 17th, 2014
Each year, people gather in Vancouver for what’s called a hackfest. Experts attempt to break through the security of popular applications to reveal potential vulnerabilities. This year, web browsers were the focus with each of the most popular browsers being hacked successfully with at least one exploit. As Sebastian Anthony of Extreme Tech reports, Mozilla’s Firefox experienced the most security problems and four zero-day exploits were found.
A zero-day exploit refers to a way to successfully attack an application that’s discovered by someone outside of the manufacturer. These are dangerous exploits because they are revealed before the manufacturer has an opportunity to patch them. This leaves users vulnerable for days or weeks.
The vulnerabilities in Firefox are said to allow hackers to “do just about anything with your computer” when attacked correctly. These attacks all stem from convincing users to visit malicious websites specifically created for attacks.
Mozilla’s web browser has always been considered less secure than the other leading browsers. It was first included in the hackfest in 2009 and has been successfully exploited every year except 2011. In the past three years, however, all four major browsers, Chrome, Internet Explorer, Safari and Firefox, have all been successfully hacked at least once. Seeing four successful exploits in a single year is still a surprise.
Experts point to Firefox’s lack of a sandbox for its primary security shortcomings. A sandbox is a way of segregating one application from the rest of the system. This way, a successful exploit on the application doesn’t make the rest of your system vulnerable. Chrome, Safari and Internet Explorer, since version 9, all have implemented sandboxes. Firefox still does not use one, which allows attackers to exploit the browser to gain access to other applications and functions of a user’s computer.
All of the exploits discovered during the three day hackfest are reported to the browser manufacturer so they can be patched. Even so, it’s important to remember that no browser offers you perfect security. All have vulnerabilities that can be exploited if you aren’t careful or don’t have the correct security infrastructure in place.
If you’ve been the victim of an attack of would like to explore better security options, call Geek Rescue at 918-369-4335.
March 14th, 2014
Once each month, Microsoft releases a batch of patches to close security vulnerabilities and fix bug and compatibility issues in their products. Last month, just days after the monthly patch release, an exploit was discovered and publicized for Internet Explorer 10. That exploit stayed vulnerable until this week when March’s patch release included a fix. This situation, as Antone Gonsalves of Network World points out, reveals the flaws in the current patching schedule for Microsoft and many other software manufacturers.
Not only was a known exploit unpatched for weeks, but that exploit was also made public. That means those with the means and motivation to attack unprotected users knew exactly how and where to strike.
After a few days, Microsoft did release a temporary solution in their “Fix It” tool. Unfortunately, very few users know how to access that tool, which leads to low numbers of installations. So, while a temporary fix was available, it was neither widely publicized or used.
The other option for overcoming this particular vulnerability was to upgrade from IE 10 to IE 11. For most individual users, this was a viable solution. However, for enterprise level users, changing web browsers company-wide often takes more time and planning.
Meanwhile, attackers struck multiple websites in multiple countries on multiple continents.
Despite this specific shortcoming in the patch schedule, Microsoft is actually ahead of many other software companies in this regard. For example, while Microsoft routinely releases new patches and updates once per month, Oracle releases updates quarterly and Cisco releases updates only twice per year.
The best solution suggested so far is to remove Internet Explorer from this monthly patching schedule. While it’s more than enough to update most applications once per month, IE faces a high number of attempted attacks and exploits each day. It’s much more likely that a critical vulnerability will be found and immediately exploited in IE than other applications. Even with a faster patch release, however, some IT departments might struggle to stay up to date and fully patched.
For those companies affected by unpatched vulnerabilities, there are some ways to better protect yourselves while you wait for the application manufacturer. Segmenting network assets, limiting user permissions and using application whitelisting are all ways to significantly improve security and lower the chances of a devastating and costly attack.
For help implementing an improved security infrastructure, call Geek Rescue at 918-369-4335.
March 10th, 2014
Recently, Apple has been making headlines for the wrong reasons. Multiple security flaws have been reported that affect users of both iPhones and iPads and Macs. While in the past, a lower number of targeted attacks made Apple’s operating systems safer environments than Microsoft’s Windows these reports suggest that Apple doesn’t necessarily have a more secure operating system. At Network World, Bob Violino takes a closer look at OS X, the operating system used on Macs, to expose the potential security flaws within.
How often an operating system is patched and updated often makes the difference in keeping attacks at bay. Unfortunately for Apple device users, support is usually only given to the current operating system and the previous version. This leaves a number of users with older machines in the lurch. Currently, users of OS X Snow Leopard from 2009 are already missing out on some updates and the critical security patches they are given access to come slowly. This is in contrast to Windows users who typically enjoy support for much longer. Windows is ending support for XP users this April after nearly 13 years.
Many users aren’t certain about how to properly secure their computer. Even more advanced users may not be aware of points where they are most vulnerable. To help users protect themselves, security configuration guides from the manufacturer are extremely helpful. Unfortunately, no recent version of OS X has been provided with a configuration guide from Apple. This leaves users in the dark about proper security and leads to many believing they’re more secure than they actually are.
As mentioned in the first section, updates are key in protecting users from attacks. Apple has been slow to update OS X, however, especially concerning its open source components. Slow updates mean that users could be vulnerable to a known exploit. Even if it doesn’t affect security, compatibility and other issues aren’t being fixed in a timely manner.
- Easy To By-Pass Passwords
OS X includes a feature that’s designed to make working with your Mac more convenient. Any attached disk that includes an installed version of OS X can be used to boot the machine. Unfortunately, this allows someone to by-pass the password required to log-in on your machine by booting from an attached disk. This only comes into play if your laptop or computer are stolen, but it still a concern.
This isn’t a exhaustive list of potential security issues with OS X, but it illustrates that there’s additional security required for most users.
If you’re having problems with your Mac, bring it to Geek Rescue for a fix. If you’d like to explore security options to protect yourself from future attacks, call us at 918-369-4335.
February 26th, 2014
It’s common knowledge that computers need to be protected with antivirus programs and other security tools to keep from being infected with malware and attacked by other means. Very little attention is given to protecting a router, however. Wireless routers have become common. A decade ago, many homes used wired connections to the internet, but with the rise of mobile devices came the rise in demand for wireless internet. The more devices are connected to a router, however, the more valuable a target it is for attackers. As many as 70-percent of these routers contain vulnerabilities and suffer from a lack of security. These factors explain why attacks on routers have been steadily increasing over the past year.
So, what’s at stake if your router is attacked? A compromised router allows a third party inside your firewall. From there, they’re able to monitor all activity and data being sent through the router. Emails, log-in credentials, credit card information and more is available to be intercepted and monitored. Steve Bell at the BullGuard blog published a few ways to improve your router’s security.
Just as it’s important to keep your computer’s operating system and antivirus program updated, it’s important to regularly check for router updates as well. Updates to the firmware may not be automatically pushed to your router, even if the update is able to eliminate a serious security vulnerability. That’s why it’s vital that you regularly check with the manufacturer’s website to see if any recent updates have been created.
The lack of security for most users browsers comes from a simple lack of knowledge of the device’s capabilities. Many routers come with an option to encrypt data, but it may not be turned on by default. Be sure to read through your router’s manual or browse through the settings to find useful security tools.
A quick look through settings can not only allow you to enable more robust security on your router, but it also can help you avoid attacks. The first change you need to make after setting up your router is to choose a new name, which is also called a service set identifier, or SSID. You’ll also want to change the password. Routers are sent out with default names and passwords. Attackers know these typical passwords because manufacturers use the same ones over and over. Changing them immediately improves security.
Router attacks are difficult for typical users to detect. That opens the possibility that a criminal could be monitoring your activity through a compromised router for months. To avoid that, you’ll want to take the necessary security precautions.
If you’d like help setting up a secure wireless network, or have been the victim of an attack, call Geek Rescue at 918-369-0745.