Saturday, April 27, 2013

Bring that Start menu back in Windows 8


So, how did I get a Start Menu in Windows 8?

Fantastically, I discovered http://classicshell.net!   

The primary detractor from comfortably using Windows 8 has been Microsoft's huge shift away from all previous versions of Windows.  The Start button has been such a staple for as long as I've been using PC's, and I was unwilling to give it up!  Thankfully, the folks over at ClassicShell have put together a nice "open source" package that brings you control over your Microsoft Windows 8.  There are so many advanced options to control with Classic Shell, you can customize this to your specifications.  And, since it is open source software, it is free, and it is trusted.

So go ahead, give it a try!  It beats having to create your own Shutdown or Restart scripts to get the PC to respond appropriately.  And, another cool part is that if you are running multiple monitors, pressing the Start button on your keyboard will launch the Start menu on the monitor currently in use.  The Start menu in the past was only available on the main display.  But now, you can launch the Start menu from any monitor.

There are so many more options available.  Classic Shell is a "must have" for PCKen!

Give it a try!  http://classicshell.net



Saturday, March 23, 2013

SPAM is extremely complicated

SPAM is becoming more and more advanced.  No longer is it just a person sending mass mailings from their computer to everybody on their contact list.  Now, it is a hacker accessing your Twitter, Facebook, or LinkedIn account, and sending SPAM to everyone on your contact list.

I'm currently working on a case where a Facebook account was compromised, and now people on that contact list are receiving emails.  The subject line of the email is the recipient's first name, and the body of the email contain's "Hey" and then the first name of the recipient, and then a hyperlink to a compromised website.

In this particular case, the hyperlink will take you to a website hosted in Latvia, then redirects you to a website hosted in Edmond, Oklahoma, advertising weight loss without exercising.  That website contains a video featuring Dr. Oz.

Now for some more interesting "cover your tracks" maneuvering.  The computer that sent the SPAM originated in Lithuania using a third party AOL client.  The email said it was from an AOL email account with the name of the Facebook person, but the reply to address is a Yahoo email address.

So, to summarize, this Dr. Oz video has traveled from Lithuania to Latvia to Oklahoma to Kentucky.

SPAM is getting more and more advanced.

Make sure you guard your accounts.


Tuesday, July 31, 2012

So you got Spammed?


So you got Spammed?

From time to time we might receive emails that appear to be from a well-known organization such as ADP Payroll, Verizon Wireless, E-bay, or Amazon.
However, when we read the email, we might be shocked to see a bill for some unreasonable amount.
Don’t PANIC!!!    --- if in doubt, give me a call if you need.  (859) 331-3108
Identifying email Spam may seem like an easy task. However, spammers are becoming quite good at copying the look and feel of popular Web sites. Spammers are creating emails and Web sites with common and official looking logos, which is enough to fool even the seasoned computer users.
There is good news though, we have various ways to tell if that email is Spam. Below are some steps to take when looking at your email to see if it has characteristics of a Spam email.
Instructions
1  Look at the email address to help you identify if it is Spam or not. Many times a long string of alphanumeric characters before the @ sign will be a dead giveaway that the email is Spam.
2  Look at what comes after the @ sign to determine if it is Spam or not. If it is supposedly coming from a respected company or well-established Web site, it will certainly not have an email address like [name of business here]@[free email service provider here].com. Business and established Web sites would have their name dot com after the @ sign.
3  Look for a sense of urgency within the body of the email. If it is asking you to do something right away or within X hours, it is a good indication of Spam mail.
4  Look for links within the body of the message. If it is a well respected, highly used business or Web site, a legitimate email would simply tell you to log into your account to fix something, not click on a link.
5 Look for grammatical and spelling errors within the email message. Oftentimes, spammers aren't too concerned with such thing and are hoping the readers won't notice.
6  Look for greetings that are generic. If it says something along the lines of "Dear Valued Customer" or "Dear [company name] Member," it is usually Spam.
7  Look for an email asking for personal information. Banks, eBay, Paypal and other online services make it very clear that they will NEVER ask you for your personal information, especially over email.
Tips & Warnings
It is best to delete Spam before even opening the email. If you do open the email, delete soon after figuring out it is Spam.  Never click a link inside that Spammed email.
Report Spam as often as you want!  If you are on Gmail, it is easy to click the SPAM button.
Report Spam emails within 48 hours. Spammers normally don't use an address for much longer than that, as they know we will begin looking for it soon after.
Do not reply to anyone who has sent you email Spam. Even if you know that is what it is and you want to yell, scream and complain that they are filling up your mailbox with junk, they WILL NOT care. They have already gotten you, since by replying you have told them your email is a valid one.
And finally, NEVER give out personal information over email or on a Web site! This is a perfect way for spammers to steal your identity and really cause you a lot of headaches.

Tuesday, July 10, 2012

How to save $5.05 Million dollars!!!!

How to save $5.05 Million dollars!!!!  Unplug nearly 10,000 servers!

Yup, that's what AOL did.  The giant America Online turned off 9,484 servers in 2011.  That amounts to about 25% of their networked servers.  They saved $1.65 million in energy bills, $2.2 million in Operating System licenses, and cut off $62,000 in hardware maintenance.  It is also reported they gained $1.2 million from reselling hardware or scrapping the metal.  The energy savings reduced their carbon emissions by 20 tons.

Although they decommissioned that many servers, they ended up replacing about 8,500 of them with newer and more efficient servers that run largely in a virtualized environment. This translates to less power consumption and less maintenance.  



It's reported their net savings still come to about $4million, including saving $2.2 million in software licenses from migrating away from its Sybase database applications.

So, what does one do with all that saved cash?  



Well partner, they make an old western video and put it on youtube....  yippee!!!  

http://www.youtube.com/watch?v=l2jieZTASII&feature=youtu.be

Friday, July 6, 2012

DNSChanger malware - July 9th 2012 - Internet shut down?

There have been some questions lately regarding Monday, July 9th, 2012 being the last day for the internet.  What’s going on?  Have the crooks crippled us?

Well, yes and no...  Yes there are always risks going on with the internet.
No, the good guys, such as the FBI, are always catching the bad guys.

So here’s what’s happening....

Back in 2007, six Estonian nationals decided to use a type of malware known as DNSChanger to infect about 4 million computers in 100 countries.  About 500,000 computers were infected in the United States, including individuals, businesses, government agencies, and even NASA.   So undoubtedly, this drew the attention of the FBI.  It was discovered that these cyber-criminals were able to manipulate web traffic from the infected computers to redirect to their evil network.  The result was in the cyber-criminals profiting at least $14 million in illicit fees.  In addition, the malware also prevented users’ computers from updating, thereby exposing the infected machines to even more malicious software.  

The DNSChanger malware would change settings on the infected computer.  So what is DNS if it can be changed?  

DNS stands for Domain Name Service.  Every domain, such as PCKen.com, has both the name that you just read, and an IP address.  For PCKen.com, the IP address is 69.64.156.60.  The domain name is for you to easily remember to visit PCKen’s website.  The IP address is so that the computers all over this planet can have a number to call.  Computers don’t really understand our language.  They require numbers to dial to be able to display the webpage you want.

So, when you type PCKen.com into your web browser, your computer uses a service called DNS to find out the number (69.64.156.60) to browse to.  If your computer has never been to that website before or its been a long time since the last visit, then it has to look to a DNS server to get updated information on what number is assigned to that domain.  For normal home users, that DNS server is operated by the Internet Service Provider.  For most business users, the DNS server is operated by the business IT department.

So here is happened with the Estonian cyber criminals.  They were able to get the DNSChanger malware on to unsuspecting users’ computers (probably through spam or infected websites).  The DNSChanger malware changed settings on the computer, overriding DNS settings and changing them to point to the evil DNS servers owned by the cyber criminals.

Then, when typed in PCKen.com to the browser, instead of your computer being sent to 69.64.156.60 and seeing my site, you would be directed to another site that would tell you that your computer was infected and demand that you pay money to clean it up.

The problem is, lots of people pulled their credit cards out of their wallets.... that’s how $14 million dollars goes into the hands of these crooks.

When the FBI tracked down the source of the drama, they partnered with Estonian officials, and were able to arrest the leaders of this cyber criminal ring in 2011.  And, with court order, they were able to take over the evil DNS servers, replaced them with clean servers.

The problem is, the FBI is still seeing a lot of web traffic being processed through the clean servers.  And it is important to note that the clean servers are not able to actually clean an infected computer.  They can only point domain names to IP addresses.  That’s all the DNS servers do.  But since the FBI is still seeing that web traffic, that means there are a lot of computers and/or routers with have been infected by the DNSChanger malware.

And, on July 9th, 2012, the court order expires.  And the FBI turns off the clean DNS servers.

If your computer or router is pointing to a DNS server that is turned off, you will be unable to browse the internet.  Without a DNS server, the website at PCKen.com will give you “Internet Explorer cannot display the webpage” message. That is what all the hype is about for July 9, 2012.

So, how do you know if you are infected with the DNSChanger virus?  http://www.dns-ok.us/

If you go to that website and get a red background, give me a call.



You can also check out this video by my friends at Sophos...


http://www.youtube.com/embed/Gl7d6cDFDHo

Tuesday, July 3, 2012

HELLO WORLD!

A "hello world" program has become the traditional first program that many people learn. In general, it is simple enough that people who have no experience with computer programming can easily understand it.  Having said that, I just want to express my newness here.


I have written tech papers and research documents - but to formalize IT into a non-formal Blog is a bit of a stretch for me.


So regularly, check back!  I'll have weekly, if not daily, updates about Technology, Information, and PC's.


Let me know also... what do you want me to write about?  What sparks your fancy?




http://pcken.com