I suppose this has happened to a few AW'ers over the years. A few days ago I started to receive phone calls telling me friends had received emails, apparently from me. asking for money. The content of the email is that I've been mugged and robbed at gunpoint in Wales but I've managed to make it to the embassy (an Australian embassy in Wales?). I need cash for immediate accommodation etc.

Actually I was in Wales a few weeks ago (but survived the experience unscathed). And it could be considered a somewhat funny story. But it's not. Over the past months I've sent emails to 8,000 libraries and 5,000 high schools in the USA to introduce my book 'The Guardian of the Gate'. If they have all received this email it will make me look very unprofessional. I'm not all that happy to have to send each one a second email explaining the mess.

The reason I'm telling this here, is that things became very 'interesting' this morning. My email account was with Gmail. They don't ask for personal information so you have to fill in a form (using some other email address) which is matched by a computer and a reply email sent out. Because I don't use any of the bells and whistles in Gmail I was told there was not enough information to let me in so I could change my password and take control again. Luckily I realised I'd have given my wife's email address as backup so when I tried again I was let in.

In the list of emails were all my failed attempts to change the password - and in the data were other email addresses and information concerning a film website which had been emailing me. I don't know if this is a clue to the thief. I handed over the information to the police and to see the details made me feel uneasy. But what happened next had me really worried. An entry had been added to the list of emails received. It was from a few minutes back, while I was logged in, and it was someone trying to have the password changed again. The fraud was trying to get back in again. That was really scary.

I cancelled my account with Gmail immediately. I don't mind writing suspense but I can't hack it when it happens to me. So in future I'll be changing all my passwords on a frequent basis and I'll be using randon sets of mixed numbers and letters, lower and upper case. And I hope to heaven it doesn't happen again.

My Dad received an email 'from' an old friend of his a few days ago. According to the email he had been mugged or robbed or something in England. And needed Dad to send 6,800 British pounds so he could get home. There was some kind of link in the email for where to send the funds. The gentleman in question is almost 86 years old, and hasn't left the US in at least 20 years. Dad may be old, but he isn't senile. Deleted the email and left a phone message for his friend.

MM

I'm so glad you are all right and got your account closed.

I had a friend from the US who *did* lose all her money and so on while travelling in Ireland a few years ago -- fortunately, she was able to use someone's phone to call me and ask for the money to come home, or I would have thought the email from her to be a scam.

you may have a key logger on your system, so now they will have your wife's password also.

This is what I would do:

You are able to run linux off a cd without installing it.
so download a linux distribution- (puppy linux is quite small. ubuntu user friendly.)
pop the cd into the drive, restart your pc and the live cd will start up rather than windows. this way you can be sure that no malware is running in the background.
(note: running a live is a little slow.)

I would then go in and change all my passwords- email, paypal etc

(you don't need to cancel her gmail account, only log out, log back in and change the password.)

If you are worried that you may have something on your pc then I would just backup all my stuff, format my machine and reinstall my os.

In future use firefox for browsing rather than internet explorer, and install the no script plugin. this stops java scripts form running in the background, so unless you give the website permission, it cannot hijack your browser.
if you really worried about future attacks- switch to or dual boot with ubuntu and do all your secure transactions through that

you may have a key logger on your system, so now they will have your wife's password also.

This is what I would do:

You are able to run linux off a cd without installing it.
so download a linux distribution- (puppy linux is quite small. ubuntu user friendly.)
pop the cd into the drive, restart your pc and the live cd will start up rather than windows. this way you can be sure that no malware is running in the background.
(note: running a live is a little slow.)

I would then go in and change all my passwords- email, paypal etc

(you don't need to cancel her gmail account, only log out, log back in and change the password.)

If you are worried that you may have something on your pc then I would just backup all my stuff, format my machine and reinstall my os.

In future use firefox for browsing rather than internet explorer, and install the no script plugin. this stops java scripts form running in the background, so unless you give the website permission, it cannot hijack your browser.
if you really worried about future attacks- switch to or dual boot with ubuntu and do all your secure transactions through that
Or you can help them get rid of it instead of trying to convert them to Linux. Saying just to switch to Linux doesn't help them at all and if they want to get rid of it and continue to use Windows, then they're going to need to know how to get rid of it, especially for future reference.

I've never used Linux, but from what I've heard, it's not exactly user friendly.

Or you can help them get rid of it instead of trying to convert them to Linux. Saying just to switch to Linux doesn't help them at all and if they want to get rid of it and continue to use Windows, then they're going to need to know how to get rid of it, especially for future reference.

lol am I reading the same reply as you? ;)

Im suggesting that they run a single live session of linux straight off the CD, without installing it. That is the safest way to go online and change passwords if you think your machine has been compromised. if you just change your password when your machine is infected, you risk them getting hold of those new passwords as well.

this will deal with the biggest threat quickly- which helps when someone may potentially be using your paypal account

I then suggested that they backup, format and reinstall their os- they can run a virus scan, but those are not always 100% effective. (I was running 3 malware scanners and they only picked up a threat on one of my cds 2 years later)

I then suggested that in future they use firefox with no script enabled rather than internet explorer

those are all windows suggestions.

only at the end I mention dual booting- ie running linux and windows simultaneously on a computer if they are really worried about future attacks. unfortunately windows is vulnerable to attack, and im going to keep suggesting people do this.


I've never used Linux, but from what I've heard, it's not exactly user friendly.

hmmmm unfortunately that is the perception, and maybe 5 years ago I would have agreed, but now days ubuntu is more user friendly than windows- to install and to use.

- the last time I installed, I didnt have to install a single driver, where as on windows 7 I had to install about 4 or 5 to get everything working

- all software is installed under categories rather than just lumped together in a start menu -


http://i893.photobucket.com/albums/ac138/ave3/Screenshot-1.jpg

- finding and installing new software uses an app centre like the iphone or android. safe and easy

http://i893.photobucket.com/albums/ac138/ave3/Screenshot-UbuntuSoftwareCenter-1.png

- you have
1) tabs in your file browser
2) far more intuitive place to eject your usb storage devices
3) file previews
4) shortcuts

http://i893.photobucket.com/albums/ac138/ave3/Screenshot-images-FileBrowser2-1.jpg

You've got malware.

This is a known instance of malware.

You need to thoroughly scan your computer or the same thing will happen again.

If you Google with phrases from the email "you" sent about being stranded you'll find how to remove the malware.

I'd still cancel the gmail account. I had the same basic thing happen, and Google traced it to the account, not to malware on my computer.

Whenever anyone e-mailed that account, they, and everyone in the Gmal address book, got hit with spam. My computer didn't play a part because it was packed away for a renovation we went through. No computer in my home was hooked up, and we didn't use laptops during that entire period. It all happened with no computers even plugged in at home.

Malware can certainly do this, but, apparently, so can a compromised Google Gmal account.

I have tried Ubuntu. It works well, but I simply had way too much software that wouldn't run on it. For me, this is a deal breaker. Others may feel differently.

And Windows 7 is pretty darned secure, if you just take a little time to learn how to secure it properly.

Malware can certainly do this, but, apparently, so can a compromised Google Gmal account.


The malware is deliberately designed to collect Google passwords. It's what it does.

It contains a key logger, a registry re-writer, and it creates two separate back doors--one of which attempts to install a root kit.

Whenever anyone e-mailed that account, they, and everyone in the Gmal address book, got hit with spam. My computer didn't play a part because it was packed away for a renovation we went through. No computer in my home was hooked up, and we didn't use laptops during that entire period. It all happened with no computers even plugged in at home.


thats the bugger with these key loggers, once they get hold of your password they no longer need your pc- they just set up their server to retrieve all your mail and forward contaminated links to all your contacts. you should be able to shut them out by changing passwords/ recovery email addresses and cancel all added forwarding options.

thats the bugger with these key loggers, once they get hold of your password they no longer need your pc- they just set up their server to retrieve all your mail and forward contaminated links to all your contacts. you should be able to shut them out by changing passwords/ recovery email addresses and cancel all added forwarding options.

But how does it work without my home computer even being hooked up? I hadn't used that e-mail account for several weeks, and so hadn't typed a password for several weeks, before the trouble started.

I do know from Google that the e-mail account itself was hacked, but I can't see how a keylogger would have mattered when I didn't type the password, and wasn't using the account when all of this happened.

I'm also pretty darned good at finding malware on my computer. I keep all the best paid software on my computer, and I used it to run every test imaginable. All came up negative.

lol am I reading the same reply as you? ;)
I misread it and I'm sorry. I was still livid about having to reformat my computer because of stupid Microsoft Office. Can suggest system reformat, but I already tried that and all it gave me was a black screen of death and a cursor.

Can't do anything, let alone see if the system restore worked, when you can't log in into your account, let alone GET the login screen.

It wasn't a virus or anything. It was AVG PC Tuner that deleted stuff as registry errors when it shouldn't have. Only way to fix things is to do a reformat, which I had to do.

So I was quite miffed. It took me all day (not because I suck at doing a reformats; it was my first one and I had to install everything, including all of my Steam games) and I was really tired.

Again, I'm sorry.

But anyway, from what I've been told by Linux users, is that Ubuntu is the friendliest one of Linux. Vista sucked and changed a lot of stuff so it wasn't quite user friendly, but Windows 7 is easy to learn from, along with finding things.

Not the point though (I just woke up, so I might seem like I'm rambling). Personally, I wouldn't go and change passwords until after getting the malware/key logger, or at least tell him how to get rid of it so he knows for future reference. I do agree with NoScript from Firefox, but also Adblock Plus and Web of Trust. The TC should scan with Malwarebytes and see what comes up.

Like I said, I was already irritated and when I read your response, to me, it sounded like you were trying to switch him to Linux and not deal with the key logger. I hate when people try to convert others like that without actually trying to help, you know? It's irritating, and it just set me off. Like I said, I'm sorry. You just caught me on a really bad night because that's after I finished up with the reformat (and finding out Trillian partnered up with an adware website).

You are able to run linux off a cd without installing it.
so download a linux distribution- (puppy linux is quite small. ubuntu user friendly.)
pop the cd into the drive, restart your pc and the live cd will start up rather than windows. this way you can be sure that no malware is running in the background.

Burning a Live CD isn't the most trivial task for most users. A link like this (https://help.ubuntu.com/community/BurningIsoHowto) would be helpful.

hmmmm unfortunately that is the perception, and maybe 5 years ago I would have agreed, but now days ubuntu is more user friendly than windows- to install and to use.

- the last time I installed, I didnt have to install a single driver, where as on windows 7 I had to install about 4 or 5 to get everything working

It can be, but it really depends on your hardware set-up and what you want to do with it. I like Linux, but you still have to go into the command line a lot more than in OS X or Windows. Distros like Ubuntu are good about including drivers for most configurations, but lest you need one they don't have, I often have to resort to the terminal to install what I need.

If one has a techy friend they can run to for help, then I'd say it's as user friendly as Windows, though. It's the workarounds that tend to be more difficult for average users (even when they can be much easier if you're used to *nix).

ETA: The fact that most distros these days no longer preinstall proprietary codecs for stuff as common as mp3's is also annoying. General users don't care about ideology.

But how does it work without my home computer even being hooked up? I hadn't used that e-mail account for several weeks, and so hadn't typed a password for several weeks, before the trouble started.

I do know from Google that the e-mail account itself was hacked, but I can't see how a keylogger would have mattered when I didn't type the password, and wasn't using the account when all of this happened.

I'm also pretty darned good at finding malware on my computer. I keep all the best paid software on my computer, and I used it to run every test imaginable. All came up negative.
Did you use Malwarebytes to look to see if you have had malware? Sometime regular virus scanners won't pick that up, even if they are the best (a lot swear by Norton, but I honestly think the anti-virus sucks and does more harm than good [not saying that that's one of the best anti-virus software out there; I was just giving an example, albeit a poor one]). You could have had a key logger on your computer before not being hooked up. Or your password wasn't strong enough and someone was able to get into your account that way. OR your secret question or whatever method you use to retrieve your passwords with was easy enough for the hacker to use and get into your account (that's if your password was changed when you found out about it and tried to get back in).

Am I the only one that gets confused when people say "reformat" without saying they also reinstalled the OS?

I keep thinking "okay...so you reformatted, but you still need to install an OS, right?"

Am I the only one that gets confused when people say "reformat" without saying they also reinstalled the OS?

I keep thinking "okay...so you reformatted, but you still need to install an OS, right?"
Well, you are reinstalling your OS when you reformat. I don't have a Windows disc myself, but I have a repair disc that lets me reformat the HDD and reinstall Windows.

Am I the only one that gets confused when people say "reformat" without saying they also reinstalled the OS?

I keep thinking "okay...so you reformatted, but you still need to install an OS, right?"

No; it's a linguistic marker though when people do confuse the two.

And I'm ecstatic that I no longer do phone support.

Well, you are reinstalling your OS when you reformat. I don't have a Windows disc myself, but I have a repair disc that lets me reformat the HDD and reinstall Windows.

You don't have to reinstall your OS when you reformat. You do (generally) have to reformat when you reinstall an OS. There are plenty of times you may want to reformat a drive without installing anything on it, though, so that's why saying "reformat" alone tends to confuse me.

On a separate note, it baffles my mind that OEM's still don't always provide a full Windows install disc.

You don't have to reinstall your OS when you reformat. You do (generally) have to reformat when you reinstall an OS. There are plenty of times you may want to reformat a drive without installing anything on it, though, so that's why saying "reformat" alone tends to confuse me.

On a separate note, it baffles my mind that OEM's still don't always provide a full Windows install disc.
They don't even come with a repair or a recovery disc anymore.

They do provide the means to create one -- which one should always do before getting into trouble, because if the hidden restore partition on the hard drive becomes unusable, you are up fecal creek.

They do provide the means to create one -- which one should always do before getting into trouble, because if the hidden restore partition on the hard drive becomes unusable, you are up fecal creek.

It's still ridiculous, IMO.

If you sell an OS license with your hardware, you ought to provide the means to install it, whether it's preinstalled or not.

Totally ridiculous. Even more so when the damn restore crud doesn't work, as in my case...but that's another story and involves a bit of faulty hardware.

But how does it work without my home computer even being hooked up? I hadn't used that e-mail account for several weeks, and so hadn't typed a password for several weeks, before the trouble started.

I do know from Google that the e-mail account itself was hacked, but I can't see how a keylogger would have mattered when I didn't type the password, and wasn't using the account when all of this happened.

there are a few other way they can get your password
- if you use the same password on multiple sites, a smaller site may be hacked, and then they will have the email address you used to register and your password.
- if you get your browser to auto save passwords, they can hack those quite easily.
- there are other ways as well- security questions are all the same - whats your mothers maiden name etc
- some people use their usernames on other sites as their passwords so for example my password may be ave. Others common ones include your birth date, social security, 12345 etc etc

I misread it and I'm sorry. I was still livid about having to reformat my computer because of stupid Microsoft Office. Can suggest system reformat, but I already tried that and all it gave me was a black screen of death and a cursor.


lol I completely understand that frustration- I have very nearly thrown my pc out the window on more than one occasion ;)


If one has a techy friend they can run to for help, then I'd say it's as user friendly as Windows, though. It's the workarounds that tend to be more difficult for average users (even when they can be much easier if you're used to *nix).

Im a complete linux noob, and am fortunate that I didnt have to use the terminal at all, although my pc is quite up-to-date and I only use it to write, run photoshop and to watch videos, encode mp3's etc.

the biggest frustration I had was relearning where everything was, after being a windows user for so long. ubuntuforums was my friend :)


ETA: The fact that most distros these days no longer preinstall proprietary codecs for stuff as common as mp3's is also annoying. General users don't care about ideology.

ubuntu 10.10 now gives you the option to add restricted extras on install which is quite nice.

there are a few other way they can get your password
- if you use the same password on multiple sites, a smaller site may be hacked, and then they will have the email address you used to register and your password.
.

This is a possibility. I usually use a different password for each site or purpose, but I did use that particular password at a couple of other sites because they were related, and I was bouncing back and forth between sites and the Google e-mail.

I have a friend who got frustrated with the lack of security in Windows, , and the lack of software use in Ubuntu, so instead of adding Ubuntu to his main computer, he sat up two computers at his work station, one for Windows and one for Ubuntu. The same keyboard is connected to both, and he toggles back and forth as needed.

It's a bit crowded, but it works very well for him. I have a spare computer tucked away, and I've thought about doing the same thing.

I have a friend who got frustrated with the lack of security in Windows, , and the lack of software use in Ubuntu, so instead of adding Ubuntu to his main computer, he sat up two computers at his work station, one for Windows and one for Ubuntu. The same keyboard is connected to both, and he toggles back and forth as needed.

It's a bit crowded, but it works very well for him. I have a spare computer tucked away, and I've thought about doing the same thing.

This doesn't provide any more security, merely a backup.

You can be compromised in a ten minute session on a computer you don't own. Given the presence of multiple login authentication schemes, one log in packet often leads to others.

If an exploit gains access to an email account it often provides access to your old email, providing opportunities for social engineering, or even registration confirmations you forgot to delete. Access to your email account provides the criminal with a way to create new accounts in your name.

The only secure computer is one that isn't connected to the Internet. All platforms are vulnerable, it's just a matter of opportunity.

The only secure computer is one that isn't connected to the Internet. All platforms are vulnerable, it's just a matter of opportunity.

Just what I needed to hear. It seems anything online or connected to teh Internet is at risk. Well, at least his Windows work machine is safe, since it isn't connected to the Internet.

Answer me this. For an extra twenty bucks per month, my Internet provider offers business class e-mail setup, along with several business tool. It isn't accessible through any website, or through any computer that doesn't have the proper software installed. I could only use it through my PC and my laptop, which isn't much of a drawback.

I don't store a password on my computer, and they claim much higher security than any web-based e-mail, plus offer what amounts to damages should the account be hacked through them.

Are they right about the better security, as long as I do my part?

Are they right about the better security, as long as I do my part?

No, not really.

If you're running really good anti-malware security and you keep it updated, and you're paranoid about downloading software or clicking links, and you have a strong password, they can't really do anything for you that any other mail provider can.

I would avoid hotmail. I would avoid muti authentication systems--i.e. don't log into to service X by using your Facebook account.

I would also avoid using I.E. whenever possible.

I would not use my Admin account as my regular account.

With respect to security-- Microsoft's own free security suite and a healthy level of paranoia seem to be the best options currently for Windows 7. Remember that installing multiple security/antivirus/malware apps can cause them to step on each other, and create vulnerabilities.

I would also have a locked non-writeable media emergency boot disc that you've checked to make sure it works, so in an emergency you can boot and scan.

No, not really.

If you're running really good anti-malware security and you keep it updated, and you're paranoid about downloading software or clicking links, and you have a strong password, they can't really do anything for you that any other mail provider can.

I would avoid hotmail. I would avoid muti authentication systems--i.e. don't log into to service X by using your Facebook account.

I would also avoid using I.E. whenever possible.

I would not use my Admin account as my regular account.

With respect to security-- Microsoft's own free security suite and a healthy level of paranoia seem to be the best options currently for Windows 7. Remember that installing multiple security/antivirus/malware apps can cause them to step on each other, and create vulnerabilities.

I would also have a locked non-writeable media emergency boot disc that you've checked to make sure it works, so in an emergency you can boot and scan.

Thanks. I do all these things except I do use my Admin account as my regular account. This is easily changed, so I'll do that.

I do use the paid version of Norton, rather than Microsoft's security suite. Is the Microsoft version better?

I do use the paid version of Norton, rather than Microsoft's security suite. Is the Microsoft version better?
Just a personal recommendation. I used Norton for a number of years, but I switched to Kaspersky and I think it's better. Like most security suites, you have to tame it a bit by setting scan and update times, but it's done a good job for me for the past three or four years.

Just a personal recommendation. I used Norton for a number of years, but I switched to Kaspersky and I think it's better. Like most security suites, you have to tame it a bit by setting scan and update times, but it's done a good job for me for the past three or four years.

Thanks. That's a new one to me, but I'll definitely take a look at it.

This is a possibility. I usually use a different password for each site or purpose, but I did use that particular password at a couple of other sites because they were related, and I was bouncing back and forth between sites and the Google e-mail.

I have a friend who got frustrated with the lack of security in Windows, , and the lack of software use in Ubuntu, so instead of adding Ubuntu to his main computer, he sat up two computers at his work station, one for Windows and one for Ubuntu. The same keyboard is connected to both, and he toggles back and forth as needed.

It's a bit crowded, but it works very well for him. I have a spare computer tucked away, and I've thought about doing the same thing.

I dual boot windows and ubuntu - so I do all my daily work in ubuntu, then when I want to access some software that doesnt run I reboot into windows.

ubuntu and security:
There have been fewer than 30 known (https://help.ubuntu.com/community/Linuxvirus) viruses/worms/Trojans for linux- none of these are a problem any more.

as a default Ubuntu install opens zero ports to the outside world, so a firewall is redundant (http://ubuntuforums.org/showthread.php?t=510812).

It is far less likely that you will pick up something by surfing and regular downloads. Unfortunately you are still vulnerable to other forms of attack (http://www.symantec.com/connect/articles/social-engineering-fundamentals-part-i-hacker-tactics), such as someone tricking you into entering your password into a fake website etc.

here (http://ubuntuforums.org/showthread.php?t=510812)is some very good advice on os security

This advice is fairly generic and applies to almost any OS. These simple steps offer a solid foundation that you should be able to implement almost immediately.


Enforce strong passwords http://en.wikipedia.org/wiki/Password_strength
In general, do not write your passwords down, and if you must, keep them in a secure place (Do not put them on a sticky note attached to your monitor for example).
Limit root access (create a user account with limited privileges, so that a program will not have the authority to get to your data)
Physical access (physical access = big security hole). Physical access allows root access to your system (in other words, someone physically booting into your system)
Do not install software or add repositories from untrusted sources

Take care not to let the "need" to run the newest/latest/greatest compromise security.

Keep your system up to date. Updates, particularly security updates, bring you the newest and latest fixes. (this applies to apps also- such as adobe reader, internet explorer- make sure you have the latest versions running)
let me add - add a no script plugins to whichever browser you are using and backup often.

I dual boot windows and ubuntu - so I do all my daily work in ubuntu, then when I want to access some software that doesnt run I reboot into windows.

ubuntu and security:
There have been fewer than 30 known (https://help.ubuntu.com/community/Linuxvirus) viruses/worms/Trojans for linux- none of these are a problem any more.



It is far less likely that you will pick up something by surfing and regular downloads. Unfortunately you are still vulnerable to other forms of attack (http://www.symantec.com/connect/articles/social-engineering-fundamentals-part-i-hacker-tactics), such as someone tricking you into entering your password into a fake website etc.

here (http://ubuntuforums.org/showthread.php?t=510812)is some very good advice on os security

I undrstand almost all of this, but I'm clueless about add a no script plugins to whichever browser you are using.

I undrstand almost all of this, but I'm clueless about add a no script plugins to whichever browser you are using.
It's mostly a plug-in (add-on) for Firefox and other non-IE browsers. I think there is something along these lines that can also be done in IE, but I've forgotten.

In Firefox, there are all sorts of third-party add-ons, and No Scripts is one of them. There might be other "no scripts" add-ons besides that one.

No Scripts just makes it easy to decide whether scripts run at any particular website. You have several options (always allow, temporarily allow, etc.). It adds an extra layer of security, as there can be malware scripts.

I undrstand almost all of this, but I'm clueless about add a no script plugins to whichever browser you are using.
This:
http://noscript.net/
It's actually a bit annoying, as you have to "allow" most every new site you go to, if you decide you trust it. But it saves from lots of auto-forwards that you wouldn't otherwise see., and all the java and javascript stuff (these are PROGRAMMING LANGUAGES your browser runs to render many or most modern webpages thesedays).

Read URL's carefully. If it's a series of numbers (decimal IP address like 123.45.67.224) or a ".ru" or ".ro" or ".hk" or ".cn" it COULD be okay, but I'd tend not to trust it. Yeah, I have biases against certain areas of the cyberworld.

Thanks. That's a new one to me, but I'll definitely take a look at it.
It used to be that a lot of the upper level security folks (the people who actually write some of the anti-malware software) recommended Kaspersky for home use. It's not as well-known as Norton and McAfee.

Like most Internet security software, it does not play well with others. You'd need to completely remove Norton before loading Kaspersky if you decide to go with it.

I noticed there were some less than 5-star reviews on Amazon for the 2010 version, but I think most of them had to do with people not knowing how to change some of the settings. If you don't tell it when, it will update the malware database on your computer intermittently during the day (I have mine set to update at 2:00 in the morning)--this can be a bit annoying. I haven't had any more problem with 2010 than I did with 2009.

Of course, most "on guard" security software uses more memory and CPU than many other programs, but that's just the price we pay. If you have a fairly new computer with one of the newer operating systems (XP to Seven), you shouldn't have a problem.

Has anyone seen the Denny's commercial where the two customers are trying to decide all the options that have with teh new $2, $4, $6, and $8 dollar meals? In the end, one of them holds his hands up to his head and makes a sound like his brain just exploded.

Right now, I feel like a Denny's commercial.

a large percentage of malware spreads through usb devices, like flash drives. Im not sure if windows 7 has fixed this- (I dont have 7) but xp is certainly vulnerable.

I came across some advice a while back, to add a small extra layer of security to your system that I found very useful and perhaps someone else will as well

here is a simple test you can perform to see how vulnerable your pc is to attacks.

hackers exploit the autorun feature in windows- im going to demonstrate this by auto executing mspaint- that terrible paint program that ships with windows.

1) what you need to do is open notepad

2) copy and paste the following text

[autorun]
action=Testing autoplay: Run paint from usbdrive
open=mspaint.exe
shell\FromFlash=Testing context: run paint from usbdrive
shell\FromFlash\command=mspaint.exe
shell=FromFlash
icon=mspaint.exe
label=Testing AutoRun Stuff
3) select file/save as
- save the file to the root directory of your flash drive
- under "save as type" select "all files"
- call the file autorun.inf

4) now go into c:\windows\system32 and scroll down till you find mspaint.exe copy that file and paste it onto your flash drive (in the same directory that you created the autorun.inf file)

what we have done is create a autorun file the will open up mspaint when you insert your flash drive.

5) eject your flash drive, and plug it back in

6) go to start/my computer, and double click your flash drive

ms paint should open.

you can also mess around with that "what would you like to do" window that opens when you insert a flash drive and see how easy it is to run paint

now imagine that was some kind of malware- as soon as you double clicked, your computer would be infected.

this is scary.

if anyone is interested there is a hack to disable this autorun

1) open notepad

paste the following text

REGEDIT4
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping\Autorun.inf]
@="@SYS:DoesNotExist"file\save as

- save the file to your desktop
- under "save as type" select "all files"
- call the file something.reg

double click on the file and it will ask you if you want to add the entry to the registry- click yes

now perform the test with your flashdrive again- when you double click mspaint should no longer start up.


NOTE: im not sure what all the implications of disabling autorun are, I have had no problems; the blogs out there dont mention any problems, but if you have something that specifically relies on autorun, you should do a little research first.

reference 1 (http://blogs.computerworld.com/test_your_defenses_against_malicious_usb_flash_dri ves)
reference 2 (http://antivirus.about.com/od/securitytips/ht/autorun.htm)

I though the autorun feature would run on step 5) when you plug it in - that's what happens (or happened, before I fixed it) with CD's.

Yes, I have autorun turned off on my XP system, did it by following post #2 here (this is a lot easier than editing the registry):

http://club.myce.com/f3/disable-usb-autostart-windows-xp-2000-a-137650/

Ignore post #3, or read it as "Don't you want your computer to run any random unknown software that might be on a CD or flash drive you've never seen before?" No, you don't.

When you run Windows Explorer or do "Save As..." the flash drive or CD you just put in is still there or "recognized" without running whatever Autorun thing is on it.

I suppose this has happened to a few AW'ers over the years. A few days ago I started to receive phone calls telling me friends had received emails, apparently from me. asking for money. The content of the email is that I've been mugged and robbed at gunpoint in Wales but I've managed to make it to the embassy (an Australian embassy in Wales?). I need cash for immediate accommodation etc.

Actually I was in Wales a few weeks ago (but survived the experience unscathed). And it could be considered a somewhat funny story. But it's not. Over the past months I've sent emails to 8,000 libraries and 5,000 high schools in the USA to introduce my book 'The Guardian of the Gate'. If they have all received this email it will make me look very unprofessional. I'm not all that happy to have to send each one a second email explaining the mess.

The reason I'm telling this here, is that things became very 'interesting' this morning. My email account was with Gmail. They don't ask for personal information so you have to fill in a form (using some other email address) which is matched by a computer and a reply email sent out. Because I don't use any of the bells and whistles in Gmail I was told there was not enough information to let me in so I could change my password and take control again. Luckily I realised I'd have given my wife's email address as backup so when I tried again I was let in.

In the list of emails were all my failed attempts to change the password - and in the data were other email addresses and information concerning a film website which had been emailing me. I don't know if this is a clue to the thief. I handed over the information to the police and to see the details made me feel uneasy. But what happened next had me really worried. An entry had been added to the list of emails received. It was from a few minutes back, while I was logged in, and it was someone trying to have the password changed again. The fraud was trying to get back in again. That was really scary.

I cancelled my account with Gmail immediately. I don't mind writing suspense but I can't hack it when it happens to me. So in future I'll be changing all my passwords on a frequent basis and I'll be using randon sets of mixed numbers and letters, lower and upper case. And I hope to heaven it doesn't happen again.

Exactly same thing happened to me back in the fall, except I was stuck in London (I live in the US) and needed money to get back. (All lies.) An email with this info was sent to about half the people in my email address book. They asked these people for money so I could 'get back home.'

Apparently I was 'phished' or teased onto a site where I wrote in my gmail password and someone grabbed it. I now double-triple check to make sure I am on the correct page when I sign in to gmail.

How I fixed things? I wrote to gmail in a polite but outraged manner. ( I used an old hotmail acct.) They at first wanted 'proof' who I was. I was one of the first users of gmail and I knew exactly who had 'invited me.' His name, phone and address. I also knew exactly what my last legit. email entailed.

Within minutes I had my account back and I saw numerous changes made to it, as you did yours. I removed all that crap and made up a new pw. I keep no cc numbers on my acct (in old emails) or anything worth much to anybody, except all the names in my address book.

I then emailed those people who had been 'scammed,' but luckily they all know how poor I am and what the heck would Diane be doing in London?? No one replied to the scammer with funds or money.

I use different passwords everywhere I go on the net. I change them all the time. When you need to answer a security question, I make up stupid questions of my own and ridiculous answers. I still got phished.

I used to be paranoidally/insanely/ridiculously careful on the net. Now I am ten times more so.

I though the autorun feature would run on step 5) when you plug it in - that's what happens (or happened, before I fixed it) with CD's.

Yes, I have autorun turned off on my XP system, did it by following post #2 here (this is a lot easier than editing the registry):

http://club.myce.com/f3/disable-usb-autostart-windows-xp-2000-a-137650/

Ignore post #3, or read it as "Don't you want your computer to run any random unknown software that might be on a CD or flash drive you've never seen before?" No, you don't.

When you run Windows Explorer or do "Save As..." the flash drive or CD you just put in is still there or "recognized" without running whatever Autorun thing is on it.


correct me if im wrong, but this seems to disable autoplay, not autorun (http://www.online-tech-tips.com/computer-tips/autorun-vs-autoplay/)

I would be interested to know if the mspaint test still runs on your system after diabling autoplay. specifically the one where you double click your flash drive directory in "my computer"

Sorry to jump in, but on the subject of Linux, I'd like to push for a variant called Mint. It's available here: http://www.linuxmint.com/

It's based on Ubuntu, so it gets all the security updates that Ubuntu does. Its layout is a lot more familiar to Windows users as most buttons and menus are basically in the same places as in Windows. I recommend it to anyone who wants to switch over from Windows.

ubuntu and security:
There have been fewer than 30 known (https://help.ubuntu.com/community/Linuxvirus) viruses/worms/Trojans for linux- none of these are a problem any more.

And there have been thousands of holes in Apache, inetd, etc. There's nothing LESS secure than a poorly patched/configured linux/unix box.

A couple of years ago I put up a bare linux box (didn't know what I was doing at the time). I got a call from my cable company 45 minutes later because the machine was performing DOS attacks against a variety of infrastructure sites.


As far as antivirus on windows boxes, I honestly think Microsoft Security Essentials is the best thing out there. It seems to find much more than Norton/AVG/Kapersky, and is significantly less resource intensive. And it hurts me to say that, being a unix guy.

And there have been thousands of holes in Apache, inetd, etc. There's nothing LESS secure than a poorly patched/configured linux/unix box.

I don't think that's necessarily true. The vulnerability is less Linux, and more that poorly patched/configured Linux boxes are more visible, as the majority of them are someone tossing a RedHat CD on a colocated server. A poorly patched Windows box is still, 90% of the time, behind a home router and thus NAT'd all to heck and back, not open to the general Internet for incoming traffic.

Vulnerability is directly related to how much of the system is visible to the Internet, with an inverse correlation as to how much time you've spent securing it. A machine with no Internet connectivity at all isn't going to get 'pwned,' obviously. One that's behind a solid firewall and not reachable /incoming/ by other machines is going to require more user action (going to a webpage or whatever), because you won't just have something hitting your available services. A machine that's got a static dedicated IP and no firewall -- i.e., a server? -- you'd better keep an eye on.

Every service you open up to the world on your machine is one more thing you'd better be watching for vulnerabilities in. If you run Apache, you'd better keep an eye on Apache security notices. If you run PHP in your Apache install, keep an eye on those, too. If you run MySQL for database stuff, keep an eye on MySQL patches and security notices. Etc.

This is true of Windows, Mac OS X and Linux. Your OS doesn't matter; you still have to watch whatever you make available to the world.

Every service you open up to the world on your machine is one more thing you'd better be watching for vulnerabilities in. If you run Apache, you'd better keep an eye on Apache security notices. If you run PHP in your Apache install, keep an eye on those, too. If you run MySQL for database stuff, keep an eye on MySQL patches and security notices. Etc.

And the average user won't be running that stuff anyway.

They will, however, be running stuff like Flash, Java, etc., which are also security holes regardless of OS, and it's likewise wise to keep those updated and secure. This stuff really doesn't have to do with OS so much as what vulnerable 3rd party software you have interacting with the internet a lot. (Well, 1st party software, too, obviously, but that just goes back to OS security.)

Vulnerability is directly related to how much of the system is visible to the Internet
I always liked this place (https://www.grc.com/x/ne.dll?bh0bkyd2) for checking my visibility.

The greatest single vulnerability in any system is the user.

^ said it all

Nothing can protect your system from an angry bear.