February 6th, 2014
There are a number of ways for hackers to hijack your web browser. Usually, this stems from a user downloading a seemingly legitimate application like a game or security tool. Hidden as part of that download is malware that allows for browser hijacking. As Lisa Vaas of Naked Security reports, Google Chrome users now have a better warning system in place for any attempts to hijack the browser.
Since October, Chrome has featured a “reset browser settings” option. To find it, go to the Advanced Settings menu and scroll to the bottom. Pushing this button resets Chrome to all of the default settings it came with and removes all extensions and apps associated with your browser. It’s like starting over from scratch, which is useful if a malicious program has changed settings you aren’t aware of.
The first few months of the ‘reset browser settings’ button’s existence, it was limited because of its relatively hidden place within the settings menu. There was always the possibility that users may not know about that option, or that they won’t know their browser is being hijacked.
Now, Google has introduced a new warning system that causes a message to pop-up on screen anytime Google’s settings are changed without the user’s knowledge. Users are able to reset their settings directly from that warning pop-up.
For some users, resetting their browsers back to the factory default settings isn’t the best option, despite evidence of browser hijacking. Many have already asked Google to include an option to return to a previously saved state. This way, you wouldn’t need to completely re-customize Chrome. Some of your extensions and settings would stay in tact, rather than resetting everything and making you alter every setting and add extensions again. There’s been no word yet if Google will make this possible in a later update.
Typically, browser hijacking is easy to spot. You’ll notice your homepage has been changed, or that ads are being injected into websites where they don’t belong. Some hijacking malware can’t be thwarted by a simple reset of browser settings, however. Depending on the type of infection you encounter, failure to find and completely remove the malware could result in repeated browser hijacking. In these cases, resetting your browser only fixes the problem temporarily.
If you believe your computer has been infected with malware, come see us at Geek Rescue or call us at 918-369-4335.
February 3rd, 2014
More than a quarter of all internet users have Mozilla Firefox set as their primary web browser. Just like any other browser, however, there are some security concerns you need to understand. Andy O’Donnell at About recently published a few ways you can enhance the security in Firefox for a safer browsing experience.
Most websites you visit track the actions you take while on their site and even after you leave. Usually, this isn’t connected to anything malicious. Instead, this data is used for marketing to offer you a more personalized experience. Many users would prefer not to be tracked for any reason, however, and Firefox has a handy tool for that. To enable ‘Do Not Track’, go to ‘Preferences’, choose ‘Privacy’ and check the box next to “Tell websites that I don’t want to be tracked.” This doesn’t guarantee that websites will never track you, but most legitimate websites obey your wishes.
- Phishing and Malware protection
It’s easy to lose yourself while surfing the internet and wind up on a less than reputable website. You may not even know a website is malicious at the time, but there are many designed specifically to infect your computer with malware or steal your information. You can provide better protection against malware and phishing by enabling a couple of options in Firefox. From the ‘Preferences’ menu. click ‘Security’ and check “Block reported attack sites” and “Block reported web forgeries”. This checks each site you visit against a constantly updated list of known malicious sites. If you attempt to visit a site on the list, you’ll be blocked and kept safe.
There are a number of attacks that use scripts on websites. There are also plenty of legitimate uses for scripts that developers use to enhance their sites. So, blocking them completely will limit how well legitimate sites you visit are able to function. Not blocking them at all leaves you open many common attacks. The best option is to use an add-on that blocks scripts on untrusted sites. There are many to choose from. To find them, go to Mozilla’s Add-on site and search “noscript”. Click the “Add to Firefox” button next to the add-on you wish to use and follow the on-screen instructions. The default for each site will be to block scripts, but when you visit a trusted site, you can choose to allow them so the website will work properly.
Pop-up blockers have become so widely used that almost no one even tries to use pop-ups anymore. But, there are still some annoyances online if you don’t have a pop-up blocker in place. To enable it in Firefox, go to ‘Preferences’, choose ‘Content’ and check the “block pop-up windows” box. If you run into a site that need pop-ups allowed to function properly, you can always add it as an exception.
Regardless of which web browser you typically use, you need to know tips like these to make it as secure as possible. Additionally, it’s important to have other security tools in place, like an updated antivirus program.
If your computer or any other device has suffered an attack or malware infection, call Geek Rescue at 918-369-4335.
January 29th, 2014
If you’re a laptop or tablet user, you understand how important it is to get the most out of one battery charge. Adjusting settings can earn you some extra time, but optimizing the applications you use is another way to improve battery life. At 7Tutorials, Ciprian Adrian Rusen tested the five most popular web browsers on three different devices to find out which provided the biggest boost in battery life.
Tests on each device were run with ‘balanced’ power plans. Screens on each device were set to never turn off in order to simulate a constant browsing experience. Each device tested browsers Microsoft Internet Explorer 11, both the touch and desktop versions, Google Chrome 32, Mozilla Firefox 26, and Opera 18. All devices were running Windows 8.1 as their operating system.
This tablet featured an Intel Atom processor running at 1.33 GHz and 2 GB of RAM. It featured the longest battery life of any of the devices tested and also the largest discrepancy between a browser’s affect on battery life. Internet Explorer Touch performed the best lasting eight hours and 52 minutes on a single charge. IE’s Desktop version lasted about an hour less, while Chrome and Firefox each ran out of battery after about six and a half hours. Opera lasted six hours and 11 minutes.
- Microsoft Surface Pro 2 tablet
This tablet is much more powerful than the Toshiba Encore and the battery life reflected that. The Surface Pro 2 had a quad-core Intel Core processor running at 1.6 GHZ and 8 GB of RAM. The best browser was again Internet Explorer, but this time the Desktop version outperformed the Touch by about an hour. Firefox lasted four hours and 22 minutes, which was good for second. Opera allowed for three hours and 56 minutes of battery life, which made it ten minutes better than IE Touch. Chrome was the worst performing browser in this test, dying before the three and a half hour mark.
The lone laptop in the test is also the only used device. The battery life was described as poor and even the top performing browser couldn’t last 90-minutes. It also featured a quad-core Intel Core processor. It also had 6 GB of RAM and a much larger hard drive than the tablets. The original battery had been replaced with a generic that fit the same specs. Once again, IE’d Desktop browser was the top performer at an hour and 25 minutes. The difference between the top browser and the worst, IE’s Touch, however was a scant 12-minutes.
The findings from this test suggest that Internet Explorer will likely give your device a longer battery life. Depending on the age of your device and the efficiency of your battery, a different browser might not make much of a difference, however.
If your device is suffering from poor battery life, slow performance or broken hardware, fix it by calling Geek Rescue at 918-369-4335.
January 20th, 2014
Google Chrome is the most used web browser in the world, but it recently made headlines for the wrong reasons. Chrome features extensions, which are additions that improve the capability and functionality of the browser. As Lucian Constantin reports at Computer World, two extensions were removed from the Chrome Web Store after users reported they were injecting adware into legitimate websites. This caused ads and paid links to appear for users with these extensions, which Google explicitly forbids in their extension agreement.
The nature of how these extensions began distributing adware is interesting. Both extensions, ‘Add to Feedly’ and ‘Tweet This Page’, were both sold recently by their developers. Both already had thousands of users who had added their extensions and both were developed as legitimate, useful extensions. Once they were sold, an update was released that featured no bug fixes or additional features. Instead, the update turned the extensions into adware.
When these new malicious extensions are added to Chrome, links on websites you visit are replaced with links to sites within an advertising network. Those responsible for altering the extensions are likely being paid each time a user clicks on these links. The sites a user is taken to aren’t necessarily harmful themselves, but they won’t be where anyone intended to go.
This method of altering existing extensions is effective because most users allow extensions to be updated automatically without having to take any action themselves. So, a third party is able to purchase an extension that is already installed on thousands of browsers and immediately have access to those users. It also seems that extensions with certain permissions are being targeted. Even trusted extensions often have permission to alter content on the websites a user visits. Some also have authorization to post to social media profiles or the ability to access passwords. With these permissions in place, altering an existing extension can give criminals the ability to post spam links, send users to malicious sites and steal log-in information.
Because of the way Google monitors extensions, security experts believe this method wouldn’t be effective for distributing malware. But, hackers can purchase extensions and make changes to accomplish a number of nasty jobs without having to infect users with typical malware.
Changes to Chrome’s Web Store may be coming soon to close this vulnerability. For now, make sure your extensions don’t update automatically and read the permissions of each carefully.
If your computer has been compromised and is need of a repair, call Geek Rescue at 918-369-4335.
January 13th, 2014
There are few experiences more frustrating than when you can’t connect to the internet or your connection is unbearably slow. Almost everything we do, whether for work or in our free time, requires an internet connection, which makes not having one painful. There are a few tools available to help you diagnose internet connectivity problems, but, as Alan Henry of LifeHacker reports, few are as simple and easy to use as the Connectivity Diagnostics app for Google’s Chrome web browser.
As frustrating as a lack of internet can be, perhaps even worse is not knowing what’s causing your outage. That’s why diagnostic apps like this one are so handy. Whether the issue is with your computer, router, network, or service provider, the Connectivity Diagnostics app finds it so you can fix it.
Unlike other similar applications, the Connectivity Diagnostics app doesn’t require any additional software installed to run. It works through Chrome and is completely free. To find the cause of your internet problems, it can check for an active connection, attempts to contact your DNS server, checks for firewalls blocking your connection or pay-portals, tests for DNS resolution delays and tests for network delays. Each test returns additional information on whether it was successful or not to help you pinpoint the problem.
This isn’t an enterprise level application, but it’s perfect for individual users. Because it’s simple to use, you don’t even need to be tech-savvy to diagnose your connectivity issues.
If your computer is having problems you can’t solve, call Geek Rescue at 918-369-4335.
January 10th, 2014
When was the last time you updated your web browser? Periodically, you’re prompted to update to the latest version in various ways, but not all of those prompts are legitimate. As Zeljka Zorz writes at Help Net Security, agreeing to update your browser from the wrong source leads to malware infections.
It’s a common scam that’s been around for years, but internet users in the UK have seen a recent surge in malicious offers to update their browsers. These offers occur in the form of pop-ups that look official enough. They claim to be “critical updates” and many even trap you in an unending loop that prevents you from closing the tab.
If you agree to download the update, what you’ll actually get is some form of malware. In the recent occurrences seen in the UK, a trojan used to steal information was downloaded instead of a browser update.
These scams are seen most on sites where you stream media. It seems users are more likely to believe that an update is needed when they think they won’t be able to stream the video they wanted to watch. But, even if you think your browser is in need of an update, it’s never a good idea to download from an untrusted source. Instead of clicking through on the pop-up, go directly to the browser developer’s site and check for recent updates.
This scam isn’t limited to web browsers either. Warnings that your operating system, or plug-ins to your browser are out of date are also used to convince you to download a malicious file. In every case, don’t download anything unless you’re on the developer’s site. It is a good idea to regularly check to see if applications you use are out of date. Doing so helps close security flaws and eliminates bugs and compatibility issues. But, you have to be careful when downloading and make sure it’s from a trusted source.
If your computer has been infected by malware, bring it to Geek Rescue or call us at 918-369-4335.
January 7th, 2014
Browser hijacking refers to malware that’s capable of changing your browser’s settings without your knowledge. Often, your homepage or default search engine will be changed, new bookmarks or pop-ups added. Spotting the effects of browser hijacking malware is usually easy, but it’s best to avoid infection altogether. Mary Alleyne of Jupiter Support published a list of ways to avoid becoming a victim of hijackware.
- Effective Antivirus Programs
As with any malware, an up-to-date, trusted antivirus program is the key to stopping most infections. Anything you download, even if it’s from a seemingly trustworthy site, should be scanned before you open it. Many antivirus programs also offer constant scanning in the background that will alert you immediately if malware, viruses or trojans have infected your system.
Unfortunately, malware is updated and new pieces released at a rate too fast for antivirus programs to keep up with. This means that even the best antivirus programs can’t be relied on to catch every piece of malware. Since there’s always a chance that your computer will be infected with a browser hijacker or other malware, take precautions and make a plan for how you’ll recover. Back-up important data and look into other security software that will aide your antivirus program.
Most popular web browsers offer higher security if you’re willing to sacrifice some functionality. In Internet Explorer, these settings are available under ‘Internet Options’ on the ‘Security’ tab. While setting the security level to ‘High’ will prevent your browser from automatically executing some code, including activeX instructions that allow most browser hijackers to function, it will also prevent some websites from working properly. For trusted sites however, you’ll be able to add them to an exceptions list that restores full functionality to only those sites.
Almost all browser hijacking malware is specifically coded for one browser. This means that malware that works for IE won’t work for Firefox or Chrome and vice versa. The simplest way to avoid the problem if you’re infected with hijackware is to use a different browser. But, the problem won’t be fixed and shouldn’t be ignored. Switching browsers is a simple way to end the hijacking, but you’ll still want to try to get rid of the malware causing it.
More in-depth fixes like editing the ‘Hosts’ file for malicious entries and searching the registry for specific websites also help overcome browser hijacking malware, but require a little more expertise.
If your computer is infected with malware, Geek Rescue fixes it. Bring your device to us, or call us at 918-369-4335.
December 12th, 2013
Adobe’s products are used across the internet, which is why it’s a serious problem when security exploits pop up for one of them. Lucian Constantin reports for Network World that critical vulnerabilities that existed in both the Flash and Shockwave players have been patched.
The vulnerability involved the players’ auto-play functions. Attacks were being designed to trick user into opening a Microsoft Word document containing malicious Flash elements that were automatically executed upon opening. By exploiting this vulnerability, hackers are able to take control of a user’s computer.
For users who updated Flash recently to version 11.6, a patch wasn’t needed. That version introduced a click to play feature for all Flash elements embedded in Microsoft Office documents. This patch was still needed not only for users with older versions of Flash and Shockwave, but also because it updated the players bundled with web browsers Google Chrome and Microsoft Internet Explorer 10 and 11.
With millions of users of both Flash and Shockwave, they’re valuable targets for attacks. Keeping them updated and patched is important to close security flaws and vulnerabilities.
Keeping applications like antivirus programs and web browsers and your operating system up to date is important for security reasons and to resolve bugs and performance issues. If your computer has been infected by a virus or malware due to a security vulnerability, or if you’d like to improve your system’s security, call Geek Rescue at 918-369-4335.
November 1st, 2013
Google Chrome is the most used internet browser in the US. Users have long complained that it lacks some basic security features that would make browsing much safer. Juan Carlos Perez, of InfoWorld, reports that Google is attempting to make the Chrome experience safer by adding a tool that would block malware from being downloaded.
Chrome already contains options to be alerted when visiting an insecure, or potentially malicious, website. This new malware blocking tool would offer a similar alert from the download tray when a malware file is blocked from being downloaded.
Users encounter a shocking amount of malware online. Some download it thinking it’s something else, while other times the malware is automatically downloaded after clicking a link or landing on a site. As of now, Chrome offers no way of stopping these malicious or accidental downloads.
So far, there’s little else known about Chrome’s malware blocking tool. It isn’t widely available yet. Google plans to an early version of their Chrome Canary browser, which is meant for developers and other tech-savvy users. It’s speculated that should the tool prove to be valuable, it will roll out to all Chrome browsers.
Even with a malware blocker in place in your web browser, you computer is still at risk. Other security measures are needed to protect you from other threats. Without seeing Chrome’s malware tool in action, it remains to be seen how it integrates with other security programs.
Geek Rescue offers a range of security options to keep your devices secure. We also eliminate malware and viruses. Come by or call us at 918-369-4335.
October 7th, 2013
As previously mentioned, antivirus programs can’t be expected to fully protect your computer. Hackers produce hundreds of thousands of new malware every day and even the most up to date security software can’t possibly keep up.
That’s why it’s important to do your part and keep your machine out of harms way as much as possible. Shay Colson, of Information Space, has some tips on how to avoid malware and other potential threats online.
Just as in the forest it’s important to watch where you step, online it’s important to watch where you click. Most malware is downloaded to a computer when the user clicks on something they shouldn’t have. Particularly when you’re on a less reputable website, it’s important to avoid clicking on ads or links as much as possible. Also, make sure any security software you have installed is up to date. That way, if you do encounter malware, you’ll have the best chance of having it detected before it does any real damage.
The simple solution for making all of your accounts online more secure is to improve your password. Make sure it is 8-characters or longer and includes both upper and lowercase letters, numbers and symbols. Some advocate using your least secure passwords for throwaway accounts, medium passwords for social media, but if you want to avoid a potential hacking, use unique, strong passwords for each account. Using all of those different passwords can get confusing, so it’s also a good idea to use a password manager.
Almost everyone makes purchases online. It’s a good idea to use a credit card, rather than a debit card, however, since it’s easier to dispute fraudulent charges on a credit card. Most eCommerce sites give you the option to save payment information for your next purchase. This is a time saver, but it puts your account information at risk. It’s much better to enter your card number each time than have it available to anyone who gains access to your account.
Your mobile device also has access to sensitive data. Keep it safe by utilizing the lock screen. As seen with an iOS bug that allowed users to bypass the fingerprint scanner, or Android’s notoriously easily hacked lock, this doesn’t fully protect your device. However, it offers some protection and is easy to use. Also, be sure to enable services to remotely disable and wipe your phone in case it’s stolen. Both Apple and Android offer this service. It’s extremely useful in keeping your data out of a criminal’s hands.
These tips keep your information safe without installing additional security software. However, you should always have antivirus programs and other security in place. To improve the security on any of your devices, contact Geek Rescue at 918-369-4335. We also remove viruses and other malware from infected machines.