Monday, May 23, 2016

Why are Windows updates necessary? Are they?


    Yes, yes they are. Let’s just get that straight right off the bat. Software updates for anything connecting to the Internet are increasingly crucial as digital thieves find more and more lucrative ways to steal your Greenbacks and ruin your life.

    What’s that? Priceless family photos? Let me lock down your computer with a virus that uses high-grade encryption – and hold your files at ransom until you pay up.

 “What did I do to deserve this?”

 ... you wail, as your lament forever-gone images of loved ones who left you too soon – finding yourself unable to pay the exorbitant fees, or just incapable of understanding the strange currency the miscreant demands his earnings in.

    In the best case scenario, you didn’t do anything. You faithfully let your computer run it’s updates on a daily basis before you shut it down for the night, your antivirus protection was subscribed and up to date – and you still got hit.

 “What?!” You stare at your screen blankly. “Isn’t this article in favor of updates?”

    Yes it is. But I’m not going to sugarcoat it -  everyone needs to have a better understanding of what is necessary to protect against these threats, so we’re going to take it a just a bit deeper than ‘updates = good.’.

   If you take away one thing from this article, let it be this: Security always has, and always will be a catch-up game.

   The reason why you got infected with ‘Ransomware’ in the example of above wasn’t your fault at all. The reason was that Microsoft, (who provides security updates for Windows) and your antivirus vendor of choice (Symantec, Mcafee, etc) were a step behind on defending you against the particular strain of virus you contracted. And this is always how it will be. They cannot fathom every change a hacker will make to gain access to your system. They can only defend you against the viruses they ‘catch’, study, and send you updates for.

   And therein lies why you should update. Why you NEED to update – to be as secure as you possibly can be. While updates can never be fully ‘up to date’ - they help immensely, so you aren’t vulnerable to every attack ever created.

 So, what do you need to make sure is updated?

 - Your Operating System (Windows, Mac OS, Linux, Android, or iOS)
- Your Web Browser (Firefox, Chrome, Opera, or Internet Explorer)
- Your Antivirus (avast!, AVG, Windows Defender, Microsoft Security Essentials, ESET, Norton…)
- Your applications (Microsoft Office, Adobe’s suite that is too long to list here)

  For all the complaints about Windows 10, there is one huge bonus to using it. Security updates are automatically applied for the Home edition. This is a big for users that always put off or ignored updates, unknowing of the threat.

 Since 10 is the latest and most updated – I recommend it to consumers.

   My favorite web browser is Google Chrome, because it is the most up to date on security patches, and updates in the background 90% of the time - with no needed interaction from you!

   My mobile Operating System of choice is iOS, aka, an iPhone or iPad. Apple seems to be the only mobile manufacturer that takes updates seriously, and that’s a huge problem – because Android currently has the largest market share. Thousands to millions of users are vulnerable on older Android devices, with no way to update – since manufacturers of Android devices often don’t offer them, or they are even shipped to market… OUT OF DATE ALREADY. This is a terrible disservice to their clients, as phones now hold the keys to our whole mobile lives.

 The antivirus I use is Windows Defender, and it is baked into Windows 8 and 10. In 10, all updates are automatically applied through Windows Update. One less thing to do!
If you are on a Mac, my go-to antivirus application is Avast.

 Now that we’ve got an idea of what and why - let’s go back to our example. How did you get infected?

   It's called a 'drive-by-download', and malware has been using it for some time. It's one of the most scary things I have to educate my customers on.

  There is code (in things like Internet Explorer's Active X and Adobe's Flash) that allows for the browser to call for a download and run, even if nothing was clicked.
This explains further:

  To protect yourself, I recommend using Chrome+Adblock/NoScript addons due to the frequent automated updates, blocking of known malware, and blocking of potentially dangerous code. Also, this Ransomware blocker from MalwareBytes can potentially save you if it still gets on your system.

PS: This concept is why some in the security community have all their endpoints (client machines) run Adblockers. Advertisement networks have been known to facilitate drive by downloads on major websites:

 That’s it for now! Check back soon for a detailed guide on how to set things up like this.

Monday, November 17, 2014

Are Chromebooks Viable?

When I mentioned getting a Chromebook, I was asked to test it with work applications to check viability. Here are my findings.

I got a refurbished, debranded, HP Chromebook 14, codename ‘Falco’.

2GB of RAM
Haswell Celeron (Intel)*
14” LCD (1366x768)
Intel HD Graphics (Haswell)
3x USB 3.0
Webcam and dual mics
6 – 10 hour battery life (for real!)

Like its Super Smash Bros’ / StarFox namesake, the Falco is fast.

As I expected, having a superfast computer with minimal overhead
and instant boot/resume time changed my workflow. I didn’t expect
how much it would do that, however.

System resume is immediate. You’ll doubt that it actually sleeps at all – but the battery’s lack of change would indicate otherwise.
Case in point, I charged the Chromebook for the first and only time around 8pm Tuesday night. I used it for work all through Wednesday, and this morning I almost didn’t stop to leave my charger with the device for my wife to use, because frankly, it still doesn’t need it. It’s at 20%.

Regarding workflow: With this kind of battery life and ease of access, you don’t really stop to think about what you need when moving locations – you just go and do whatever it is you need to do.

The screen is bright, the sound is excellent (for the price, and even more), the keyboard and trackpad are top notch, and the responsiveness is amazing.

Now on to the cons.
-          For now, Autotask is using legacy web technologies that Chrome doesn’t support any longer. While most things work, and it does load Autotask windows faster than any other machine I’ve used, this is a problem until the Autotask UI update, which happens in days from this post.

-          N-Central works, but DirectConnect doesn’t seem to. I may find a workaround for this though. EDIT: I did. Other users state this should work.

-          Weight. The battery likely makes up a decent portion of the machine. This laptop is noticeably heavier than any of the Thin and Lights we have at the office (X Series ThinkPads in particular). But I think the battery life well makes up for it.

Despite these shortfalls, the Falco has convinced me that most users really don’t need anything more than a Chromebook. Pages load extremely fast, and it’s really difficult to ‘break things’. Even the hardware feels sound. I would happily recommend one of these to many or all of my clients for personal or ‘on the go’ use.

All in all, it is a great device that I would recommend to anyone as a secondary/portable - and I’m certain it would eventually dwarf nearly all use of their primary workstation.

Thanks for listening,


*ARM/Other architectures shouldn’t exist, really. There’s terrible communication from OEM’s to consumers on what they’re actually getting, and how limited they will be on a non-standard arch. I’m looking at you, Windows RT.

Thursday, August 16, 2012

Why I'm Upgrading To Windows 8 - and Why You Shoudn't

Or rather, "Why You Shouldn't - Unless You Have a Tablet".

Windows 8 is a touchscreen-centric operating system, the only real advantages of upgrading exist there.

While there are some small speed improvements, you should really just think about getting a Solid State Drive instead.

I'm upgrading because I need to be familiar with the latest. This is my field - technology. You won't need to know it unless you share my choice of field - simply because it won't be the go-to OS for businesses.

That's what XP and 7 are for. This is for tablets.

I'm upgrading primarily because I have a SSD I want to take full use of now, and I'd rather upgrade to 8 at the same time.

I'll be using the Release Preview (more here) and upgrading to the full version of 8 Pro when it comes out in October. It actually doesn't expire until January of 2013, which is pretty nice too.

Since I'll be using it on a touchscreen-less laptop, I'll be using these tweaks to bypass the Start Screen.

Back to work.

Wednesday, July 25, 2012

How to Install CM7 on the MyTouch 3G Slide (Aka, HTC Expresso)

I recently had to install CyanogenMod 7 on my Grandma's phone, the HTC Expresso slider.

Why would I do such a silly thing? Why does she even have a smartphone?

Well, the stock OS that can only be considered the result of a miscarriage between HTC and T-Mobile is horrible. Buggy as heck, and basic features like Messaging and Contacts are a pain to work with due to missing features, gaudy theming, and all-around bad code.

Grandma has a smartphone for two reasons:

A. Texting. We are a texting household, mostly due to the fact my Dad is Deaf, but also due to the fact that texting is more convenient. You may be thinking, "Why would you need a smartphone for texting?" And you'd be right. But I'm sure you've noticed how IM-style chat conversations can be easier to follow than the crummy pop-ups you'd get on a 'dumbphone.'

B. Wifi calling. We live in a valley surrounded by trees that gets almost no cell-service whatsoever. Drive two minutes up the street, and you're good to go! But in the house? Tough-luck bro. Fortunately, T-Mobile, in their wisdom, decided to try something revolutionary - Wifi Calling. No signal? No problem. Have Router,  Will Text. Very few of their non-smartphones offer this feature, so it was necessary.

On to business, says I.

Lucky me, I had had the exact phone almost two years ago(which I had since passed along to Mom), and rooting it wasn't too bad. This should be a breeze, right? Things should be even easier with things like SuperOneClick around! Right?

Wrong. So, so wrong. 

After over ten hours of searching (and watching far too much MacGyver on my second monitor during that time) and researching, and testing, and soft-bricking the phone, I was starting to get annoyed. There are other things I needed to do, but Gramma came first because, well, she's Gramma ^_^


These are the threads that I followed to successfully root the phone. It is by far the worst root method I have had to use out of the ten or so Android devices I have had to root. Sadly, it's necessary if your phone received, or came with, the 2.2.1 OTA update from T-Mobile(Use Settings > About Phone to check)
If it's an older version, use this instead.

Disclaimer. This is not for the weak-hearted. As with any howto, follow the steps exactly if you want it to work. Also, this howto is for your benefit. Under no circumstances do I accept any responsibility for damage caused to you, your phone, any other device, your cat, your guinea pig, or your bacon as a result of you reading or following anything on any of this content or the content linked below. Have issues? Google your error. That's what I do.

Part 1: Create a Gold Card.

Part 2: Rooting the Thing.

Part 3: Don't Enable WiFi-Calling Before This Step!

Download the Zip file here, then install it like you did Cyanogenmod. Choose the zip, install it from SD Card.

Thanks and more ranting:

Thanks to everyone who made the articles linked here. Without you guys, our phones would all be garbage.

To the carriers and manufacturers: We want vanilla Android. Don't make us 'fix' your products ever again.
HTC, your 'open bootloader' process didn't help at all.  Recommendation? Give testing phones to the CyanogenMod team BEFORE they are released. Pay them, then use the ROM they create rather than your junk. Unmodified.

Monday, December 5, 2011

Is Android Ready?

Is Android Ready?

Although Android has gone mainstream already, and is currently the dominating smartphone OS, there is still some skepticism over its overall polish and usability.

So my question to you is this: "Is Android Ready?"

To clarify, I don't mean, "Is Android Ready - For group 'x'?"

I mean, quite simply, is it ready as a whole? Would you consider it a complete product?

To start the discussion, I am going to argue that Android, as an Operating System, is indeed ready. However, Android, as a marketing movement, is not.

What do I mean by that? I mean that since manufacturers have some inexplicable desire to mutilate vanilla Android with their custom skins, they are stealing value and ease-of-use from their customers. One of the biggest problems caused by their customization is a lack of uniformity. Though Android is inherently customizable, out of the box, ALL ANDROID PHONES SHOULD LOOK THE SAME. I don't mean the hardware, I mean what you see on the screen. I mean the default apps. I mean the /experience/.

What would this do for a user? A few things:
1. Unified experience, tutorials work across the board. When a user decides to use Google to look up a 'how to' thread or video, they should be able to use it across any android device. This means that the community as a whole, and also manufacturers, will be able to better cater to the user, and they will need less manpower to handle manuals and FAQ's, such as what is needed for HTC's Sense, Samsung's TouchWiz, and ViewSonic's Tap'n'Tap.

2. One less thing to 'go wrong'. With that one less layer of customization, users will inevitably have less problems. For example, the Droid Incredible 2 has problems with its Clock widget and app due to Sense customizations (see: ) and ViewSonic's Tap'n'Tap is so horrible, some users returned it rather than trying to install a custom ROM such as CyanogenMod (which shouldn't be necessary at all).

3. Less confusion, easier marketing. Even some less savvy users have seen the hype about Google's latest OS releases, such as Ice Cream Sandwich (Android 4.0) and eagerly await their updates to the spiffy new software. With no additional customizations, the manufacturers could port the latest releases to their devices with relative ease, which in turn may mean some devices get more updates during their lifetime.

Let's hear what you have to say below! Remember, Why give two cents when you can give a nickel? :)