Ransomware: Time to Pay Attention or Pay Big Bucks

This post is a very long one, but it’s important you read every word if your data is important.

If you follow us on Facebook.com/pcmdx you know we’ve posted twice over the past month about ransomware attacks that we’ve been called to.

The attacks usually use the same method.  The user will receive an e-mail from an unknown sender and it will have the subject line of “Invoice Attached” or something similar.  The word invoice is the common denominator.

The user will look at the e-mail and see that it asks them to open the attached Word document, which is the “invoice”.  When they open the document, the ransomware attack begins, however, it is not noticeable to the user.

These particular attacks encrypted all of the users Office files (Excel, Word, Powerpoint, Access, Outlook PST) files.  It did not encrypt any PDF files or any image files, which usually would have been encrypted as well.

The user will notice that the attack has taken place when they attempt to open one of the files and the Windows program selector launches.  This is the Windows feature that comes up when you attempt to open a file and no program is associated with it, meaning it doesn’t know what program to use to open the file and it asks you to choose one.  In this case, there’s no program to launch an encrypted file.

We were called to attempt to recover the files and to remove the malware that encrypted the files.

The ransomware senders (we’ll call them the “bad guys”), usually have the ransomware program generate a text file that it leaves in each directory that has files that were encrypted.  We found this text file in all of the directories with Office files, as well as the Desktop.

The text file is the “ransom note”.  It explains what happened to the user’s files, and details how the files can be decrypted back to a usable state.

In a nutshell, the bad guys want a payment made via Bitcoin, usually ranging from a few hundred dollars to several thousand.

Although not always the case, once the ransom is paid, the decryption code is sent via e-mail.  Once the code is entered, the files are decrypted and are usable again.  It should be noted that this is some of the time, not all of the time.

In two of the cases, the ransom was not paid and the users accepted the fact that the files were gone.

In one of the cases the user felt that they needed the files, there was no backup, so they agreed to pay the ransom, although we recommended against doing so.  The payment process took about three hours to complete.

It included opening a Bitcoin wallet, which is a software based wallet.  Once the wallet was created, Bitcoin needed to be purchased.  We found a seller in Tennessee who would sell the amount of Bitcoin needed (B 0.74, which was about $350, the amount of the ransom).  Since there’s a trust issue between seller and buyer, the only way to pay the seller was to go to a Western Union type facility and wire the money.  In this particular case, the Walmart 2 Walmart method was chosen.  For those of you who don’t know what that is (and we didn’t know until this episode), you go to Walmart, fill out a form with the recipient’s name, address and phone number, give Walmart the cash amount, they then wire it to the Walmart closest to the recipient, who then picks it up.

Once the seller has been paid, he places the Bitcoin in an electronic escrow account, which the Bitcoin buyer then accesses and sends to his electronic wallet.  Once this has been completed, he sends the ransom Bitcoin amount to the wallet of the bad guys, which is given to him in the ransom note.  Once the bad guys confirm receipt, they provide a program to decrypt the files.  If this sounds complicated, it is.  Very complicated.

With this client, we received the decrypt program, ran it and it responded that the ransom had not been paid, therefore it shut down, without decrypting any files.

As odd as this may sound, the bad guys did have a “support” form on their web site where one could ask for help if the files didn’t decrypt.  We used this form and they responded by asking that we submit five of the encrypted files to them and they would send a new decrypt program.  Based on the timestamp of the response, we determined that they were in western Europe.

They provided a web site address to send the files to, but it required their e-mail address in order to send, which they refused to give, so we were unable to send the files.  After a back and forth requesting their e-mail address, they blocked any further conversation, so the episode was closed.

The client lost his files.  The client lost his ransom money.  The moral of the story is DON’T PAY THE RANSOM AND MAKE SURE YOUR FILES ARE BACKED UP! (PCMDX had recommended that they do not pay the ransom, however the client insisted).

The latest type of ransomware goes a step further.  It doesn’t encrypt the files.  It encrypts the entire hard drive, so nothing is usable.  Unless you have an backup image of your hard drive, you won’t even be able to log into Windows.

So what can you do to prevent ransomware from ruining your day, or your year?

First, ask yourself one simple question:  “Is there anything on my computer that I cannot absolutely, positively live without?”  If the answer is “Yes”, then you need to take steps to protect yourself against malware (including viruses, ransomware, Trojans, worms, rootkits, etc), hardware failures,  data theft, and other data losing issues.

The very first thing you need to do is to make sure you have a backup of your system.  PCMDX uses and installs two backup strategies, an image based backup and a file based backup.

An image based backup consists of an image, or “picture”, of you hard drive.  The backup software makes an exact replica of your hard drive.  In the event of failure or loss, the backup software recreates the hard drive onto another hard drive.  Think of it like cloning your hard drive.

PCMDX believes this to be a better system for one main reason:  time savings.

A conventional backup copies only the data from a hard drive.  Let’s say there’s a failure of the hard drive.  Here’s the recovery steps:  reinstall the hard drive, reinstall the operating system, reinstall the updates and patches,  reinstall the programs,  copy the data from the backup.  This could take hours, perhaps days until completed.

If there’s a hardware failure on a computer with an imaged backup, here’s the recovery steps:  reinstall the hard drive, insert rescue disk, point to image location, begin restoration.  45-60 minutes later it’s like nothing happened to the computer in the first place.  Everything is as it was when the image was created.

Depending on the software used, individual files can also be recovered from an image.  This is great if a user accidentally deletes a file.

The cost of setting up a backup system is less than what would be paid if there’s a ransomware attack.

We cannot emphasize the two following points enough:

  1.  Have a backup plan in place.  If you don’t know how to implement one, call PCMDX today.  We’re not talking about backing up one or two files on a thumbdrive (although that’s better than nothing).  We’re talking about backing up your system, and other systems in your network in case of disaster.  Again, if you answer the question “Is there anything on this computer that I cannot live without” with a “yes” answer, and you don’t have a backup plan in place, you need to create one today.
  2. NEVER open any attachments from senders you don’t know, from senders you’re not expecting anything from, from e-mails that are vague in nature or have spelling and/or grammar errors in the body of the e-mail.  If in doubt, call the sender and ask them if they sent you an attachment.
  3. If you’re hit, DON’T PAY THE RANSOM.  Our latest experience proves that even after you pay it, you’re dealing with people who have no ethics, no morals, no sense of right and wrong, and very poor command of the English language.  Your files are lost and paying the ransom simply adds to the cost of fixing the problem without recovering your data.

One other bit of information:  If your PC is on a business network, and you have networked drives (places on a server where you can access your files), including Dropbox, OneDrive, and Google Drive, those files can be encrypted as well.  Make sure they are also part of the backup plan.

Feel free to share this with your friends.

 

 

What exactly is “the cloud” and why should you care?

So many of our clients have heard of “the cloud” buy don’t know what it is, how it works, and why they should care about it.

Let’s take a look at the answers to these questions.  First, what is “the cloud”?  When a network diagram is drawn, one of the items on the diagram is the Internet.  The Internet is represented on the diagram by a basic drawing of a cloud.  So, anything that is not on the local network, inside the building(s) is considered to be on the internet, hence the term “the cloud”.  Anything not local (on the PC, or on a server located in the building) is on “the cloud”.  We can have software running on the cloud (Google Docs, Microsoft Office 365, Adobe applications, etc.).  We can also have storage on the cloud (Dropbox, OneDrive, Google Drive, iCloud).

How does it work?  Simple.  You install the client software from the cloud provider, enter a user name and password and you’re on the cloud.  Now, whatever you place into the folders on your cloud drive is on the cloud.  If your computer were to stop working, anything stored on the cloud would still be accessible from another computer.  If you have more than one device (a device is anything that can access the internet including a computer – PC or Mac, smartphone, tablet, game console, etc.) you can access your cloud data from any of these, provided you have the user name and password.

So is it safe to store things on the cloud?  It’s probably safer on the cloud than it is on your local device.  Malware Bytes just wrote an exceptional article outlining the safety of storing things on the cloud, which is well worth the read.

Here are some tips from the article:

If you’re ready to store data on the cloud, we suggest you use a cloud service with multi-factor authentication and encryption. In addition, follow these best practices to help keep your data on the cloud secure:

  • Use hardcore passwords: Long and randomized passwords should be used for data stored on the cloud. Don’t use the same password twice.
  • Back up files in different cloud accounts: Don’t put all your important data in one place.
  • Practice smart browsing: If you’re accessing the cloud on a public computer, remember to log out and never save password info.

What’s multi-factor authentication?  Probably one of the very best methods of protecting yourself.  If you own a smartphone, you give the cloud provider the number.  If someone logs into your account from an unknown device, and you have two-factor authentication enabled, before it allows them to log in, a code is sent to the smartphone via text.  Prior to gaining access, the code must be entered.  If the code is wrong or not entered, no access is granted.  It can be done via e-mail also.  Two-factor authentication should be used for any and all sensitive data and sites, including banks and credit card sites.

What’s encryption?  Encryption is where the data stored is encrypted, meaning that it’s useless unless the public and private keys are used to decrypt it.  Anytime you see the “https://” before a web site URL, the data is encrypted.  This prevents the bad guys from taking a hard drive containing data and simply hooking it up to a computer and reading it.

Hardcore Passwords:  In Alabama the most popular password is : rolltide.  Second most popular is: wareagle.  If you’re using either one of these, or variations of them, change them.  Now.  Don’t use your spouses name, your child’s name, your pet’s name, your birthday, or any word that can be found in the dictionary (combining words is OK).  Your password needs to be at least 8 characters long, contain both upper and lower-case letters, at least one number and one symbol.  The longer, the better.  We prefer passphrases instead of  passwords.  RedDog12! meets the minimum security, however it won’t take long to crack to an expert.  “The red Dog was running on the land with 12 friends!” won’t be cracked anytime soon and meets all of the requirements.  Yes, a space is considered a character.

Different Cloud Accounts:  We use all of the major cloud accounts.  We don’t store all of our data on each.  Some data on one, other data on others.

One neat thing that some cloud providers, like Dropbox, provide is sharing capabilities.  Person A can grant access to a folder in their cloud account to Person B.  Both A and B can look at the files in the folder, but only those files. Person B cannot see anything else on Person A’s account.  This is very useful for parents who have kids in college.  Instead of e-mailing something as an attachment, simply place it in the cloud folder and within microseconds the other person has the file.

This post only touches the very surface of the capabilities of the cloud.

Should you ever need help with your cloud account, or just need help setting one up, contact PCMDX today at pcmdxal@gmail.com or via phone at 205-201-0389.  We’ll service both business and residential accounts, and specialize in security.  And don’t forget to like us on Facebook so you can get updates on important computer and security information.

Wendy’s 4 for $4 may hit more than your waist line

wendys

In January 2016 Wendy’s restaurants reported that they had suffered a breach in their network that handles credit cards.  The report included the following: “As reported in the news media in late January, the Company has engaged cybersecurity experts to conduct a comprehensive investigation into unusual credit card activity related to certain Wendy’s restaurants. Out of the locations investigated to date, some have been found by the cybersecurity experts to have malware on their systems.”

What this basically means is that someone had installed software designed to harvest credit card data (“malware”) on Wendy’s network, which is the same thing that happened at other retailers and restaurants over the course of the last few years.  Our sister site, DontBecomeAnotherTarget.com has a list of many of these merchants.

Some credit unions, according to the article, have said that this breach has already exceeded the fraud that the Target breach caused in 2013.

The worst part?  According to the article, “the restaurant chain hasn’t yet said how long the breach lasted — or indeed if the breach is even fully contained yet.”  What does that mean?  That means you don’t use your credit or debit card at Wendy’s.  Period.

It’s unknown if Wendy’s had passed their latest PCI DSS (Payment Card Industry Data Security Standard) prior to the breach, however post breach they are not compliant, since the malware should have been discovered during the required scans.

If you’re a merchant that takes credit cards, you’re required to be PCI compliant.  We’ve encountered so many merchants who don’t have their own IT department who are under the false impression that they are compliant because they’ve signed (or “attested” online) a form from their credit card processing company indicating that they are compliant.

The credit card processing companies, like every other portion of the credit card chain (Merchant>Processor>Bank) have to be compliant, but each entity is required to do their own PCI Self-Assessment Questionnaire (SAQ).  The credit card processors will have the merchant sign/attest a form that indicates that the merchant knows they have to be PCI Compliant, even if the merchant has no clue what that is.  Once the merchant attests to this, the credit card processor has fulfilled their obligation.  If a breach occurs with the merchant, all the credit card processor has to say is “But you signed that you were PCI compliant” and they’re off the hook.

PC Medics of Alabama (PCMDX) specializes in SMB (Small to Medium Businesses) PCI Compliance.  If you process under 6,000,000 transactions per year, PCMDX can make sure you’re compliant.  If you’re not compliant, we’ll take the necessary steps to make sure you become compliant.  We then take care of your SAQ, and we make sure you remain compliant.

Our client base includes restaurants, dentists, doctors, and various other merchants, so our experienced staff can handle any merchant that takes credit cards.  Call us today for a free visit and estimate on how you Don’t Become Another Target. And if you don’t have a dedicated IT department, we can handle that for your as well, which let’s you concentrate on your business, while we take care of your IT needs.

Windows 10 – Update 3.1

Since we just posted a Windows 10 update, and since Microsoft just made some major changes in the Windows 10 upgrade, we didn’t think we could wait a few weeks until our next Windows 10 post, so we’ll call this “3.1” (for those of you that have been around Windows for a while, there’s some humor in this, unintentional of course)

On Monday, February 1, 2016, Microsoft made the Windows 10 upgrade a “recommended update”.  What does that mean?  Well, it means that when Windows 7, 8 or 8.1 perform automatic updates, Windows 10 may be one of those updates, even if you’re not interested in upgrading.

You’re still given an opportunity to stop the install, however, there is the chance of accidentally installing it.  Of course, Microsoft indicates that if you upgrade and you’re not happy, you can roll back to your previous operating system.  We have found that this does not work all the time.

So how do you prevent this from happening?  Go to Control Panel>Windows Update.  Once in the main screen of Windows Update, uncheck the option that reads “Give me recommended updates the same way I receive important updates”.  That will prevent the Windows 10 update from launching.

For now.

 

Windows 10 – Update 3

The questions about Windows 10 upgrade have not stopped.  We get them daily.

“What do you think of Windows 10?”

“My computer keeps bugging me about upgrading.  Should I?”

“Do you think it’s time to upgrade yet?”

It’s looks very pretty.  No.  And No.

We’ve talked about the upgrades in our two previous posts (Part 1 and Part 2)

In their latest campaign to convince users to upgrade, Microsoft has taken to SMB (Small to Medium sized Businesses).  They have a Facebook post that features a video that shows the benefits of upgrading to Windows 10.  Here’s the part that bothers us about the video:

About a minute in, the “Microsoft Spokesperson” shows a business how easy it is to upgrade.  He sits in front of the PC surrounded by “employees” of the company, clicks on the Windows button in the system tray, it launches the upgrade process.  The he says “Just agree to the terms and conditions and you’re done!”.  They all go to lunch and by the time they get back they live happily ever after since the Windows 10 upgrade is complete.

OK, let’s get out of make-believe land and back to reality.

We all have done it.  Most of the time we continue to do it.  We’re used to doing it.  What?  Agreeing to the Terms and Conditions without reading them.

But in this case, is it the right thing to do?  Needless to say, we’re required to accept the terms and conditions on any software that we install, but all those pages contain information that may be good to know.  Especially in this case.

Windows 10 offers two types of install, Express and Custom.  Express means you agree to the terms and conditions, and accept all of the default settings.  For those of you who haven’t seen the default settings, many of them include a feature that sends information back to Microsoft.  Microsoft uses this information to deliver a more personal experience.  In the Express settings mode, this includes a variety of tracking software.

Microsoft has said they’ve discontinued the practice of tracking everything.  However, they just released the latest stats on Windows 10:

“Here’s the list of milestones that Microsoft just achieved:
  • People spent over 11 Billion hours on Windows 10 in December 2015.
  • More than 44.5 Billion minutes were spent in Microsoft Edge across Windows 10 devices in December alone.
  • Windows 10 users asked Cortana over 2.5 Billion questions since launch.
  • About 30 percent more Bing search queries per Windows 10 device compared to prior versions of Windows.
  • Over 82 Billion photographs were viewed in the Windows 10 Photo application.
  • Gamers spent more than 4 Billion hours playing PC games on Windows 10 OS.
  • Gamers streamed more than 6.6 Million hours of Xbox One games to Windows 10 PCs.”

How do they know this?  Hmmm….

PCMDX clients know that we’re huge advocates of Microsoft, however our main focus is privacy and security.  Yes, if “they” want it, “they” will get it, however, we don’t have to leave the door not only unlocked, but open for them.

No, at this time we’re not recommending that those of you using Windows 7 upgrade to Windows 10.  Those of you using Windows 8 or 8.1 will have to decide if privacy or usability is more important.  We’re writing this post on a Windows 10 laptop (it came with the laptop).  It’s much more user friendly than Windows 8.  But we turned off all of the data mining features that we could turn off.

Is this the best operating system that Microsoft has released?  The word “best” is subjective.  What’s best for you may be different than what’s best for us.  Is it the most feature packed?  Absolutely.  Is it powerful in today’s internet world.  Yes.  If you use a PC to check e-mail, update your Facebook status, and surf the web, then there will be little difference between Windows 10 and Windows 7.

But wait!  Microsoft just issued a warning to those who use Windows 7.

And the latest information tells us that Microsoft will start to make the Windows 10 upgrade a “Recommended Update”.  What does that mean?  Glad you asked.  It simply means that if you have your Windows Update settings set to install all updates automatically, it will install the files even if you’re not interested.  This means if you don’t want it, you’ll have to turn off the automatic update function and go to “Notify me of updates but let me decide to download and install them” in the Windows Update settings in Control Panel.  Which means that you’ll need to make sure you install the important updates at least once a month.

Stay tuned.  Microsoft wants you to have Windows 10.

Your credit card got hacked…how did it happen?

We read every day stories about people’s credit cards that were “hacked”.  We put the word hacked in quotes because it’s really not the correct term.  The better word is breached.

Regardless of the what you call it, the bad guys got your credit card number and now you have to jump through a bunch of hoops in order to fix it, from calling the credit card provider, to looking over your statements to see where all the bad guys used your card.

But how did you get here?  Where did the bad guys get your card?  When did it happen?  What method did they use?

First thing’s first.  It most likely didn’t happen recently.  Unless you lost your card, chances are your card was compromised weeks, if not months ago.  So don’t blame the last place that you used your card.  Not only did they probably not have anything to do with it, but you’re also making possibly a slanderous statement against that company and could find yourself in legal trouble.

The card may have been compromised at a merchant who was not PCI Compliant, a requirement for any merchant who takes credit cards.  Unfortunately, many merchants don’t have a clue that they need to be compliant, or under the assumption that they already are, based on wrong information they are receiving from their credit card processor.  Here’s some simple facts:

  •   No breach has ever occurred at a merchant who was 100% PCI Compliant.
  •  All breaches that have occurred were at merchants who were not PCI Compliant.  

The card may have been breached at a gas station or ATM that had a skimmer installed.   This method collects card information for a period of weeks or months.  The bad guys (and girls) then take the numbers and encode them on pre-paid credit cards they purchase at a drug store, and go on shopping sprees.  The length of time between the skimmed cards and the using of the accounts could be a few months.

Banks have become smarter when it comes to compromised accounts.  Many years ago when a card was compromised, the victim would find charges that were made in other states or even other countries.  Today, if there’s suspicious activity on an account, often times the bank will call the account holder and ask them if they are in another state.  If they are not, they will not authorize the transaction.

Because the banks are now monitoring accounts, the bad guys are adapting.  Usually, if a card holder is based in a particular ZIP code, the bad guys will harvest all of the account numbers for that area, then descend on that area and begin to use the compromised accounts in that area.  That raises less suspicion with the banks.  However, the time between the breach and the using of the account can be weeks or months.

Here’s a great article that gives you a very detailed view on credit card breaches.

If you’re a merchant who takes credit cards and are not sure if you’re PCI Compliant, contact PC Medics of Alabama today at 205-201-0389 or via e-mail a info@pcmdx.net for a free consultation.  Our PCI Compliance experts will go over your network and give you recommendations on how to become compliant.

And the most vulnerable software of 2015 is…Apple OS X

In what must come as a shock to many Apple fans, a list of the most vulnerable software of 2015 was just released and Apple OS X led the pack with 384, followed closely by Apple iOS with 375.

The list includes any and all software that is installed on a computer.  A computer is defined here as any device capable of processing data.  This includes, but is not limited to, computers, PCs, smartphones, laptops, servers, tablets, etc.

Operating systems (what makes the device run – like Windows, OS X, Android, Chrome, Linux) were obviously included.

In the past, Microsoft was often been criticized for making software that was vulnerable to attacks, yet in 2015 the first Microsoft entry on the list was Internet Explorer, which has been replaced on the Windows 10 operating system by Microsoft Edge (although IE will still run on Windows 10).

Linux fans have also been big critics of Windows OSs, yet Ubuntu Linux (#11)comes in ahead of Microsoft’s first entry of a PC OS (Windows 8.1 #12).

You’ll see from the list that many programs you use on a daily basis (yet may not be aware that you’re using, since many run in the background allowing you to do certain tasks) like Adobe Flash Player (#2) and Oracle Java RE (#29).

So what exactly does this mean?  It means that you need to keep your system updated, patched, backed up and protected against vulnerabilities like malware.

All of the companies on the list release updates and patches for their software on a regular basis.  Microsoft does it on “Patch Tuesday”, the second Tuesday of the month, or, in the event of a zero-day vulnerability, they may release it sooner.

Apple has their updates, which can be installed automatically, as do Adobe and Google.

But that just addresses patches and updates.  You also need to keep your files backed up.  There are plenty of programs and services out there that help you back up, most automatically.  Don’t know if you need to backup your device?  Just ask yourself one question:  “Is there anything on this device that I can absolutely, positively not live without?”.  If the answer is Yes, then you need to have a backup.  If you’re a business, you don’t have a choice but to backup.

Everything listed is something you can do yourself and it takes only a couple of hours per month if you’re a home user.  If you’re a business user, it might require an IT professional to make sure you’re patched and backed up.  PC Medics of Alabama services both residential and business clients, so contact us today for a free estimate if you don’t want to tackle this yourself.  You can reach PC Medics of Alabama via phone at 205-201-0389 and via e-mail at info@pcmdx.net .

 

Windows 10 – Update 2

It has been several months now that Windows 10 has been on the market.  Most PCs that you buy today in stores are going to no longer come with Windows 8.1 with the free upgrade, but with Windows 10 pre-installed.

PCMDX has been working with several Windows 10 computers, including laptops, tablets, and workstations.

Based on what we’ve learned, our recommendation at this time is as follows:

If you have Windows 7, stay there.  You don’t need to upgrade just yet, and some programs (now also known as “Apps” or “Applications”) may not work in Windows 10, even though they do work in Windows 7 or 8.  Many vendors who’s programs don’t work on Windows 10 simply state that they don’t support it, therefore if it doesn’t work, they can’t help you.

Windows 10 has a “revert back to previous OS” feature.  You only have 30 days from the upgrade to rollback, and   many users claim that this feature does not work when they try it.  We’ve also found it not to work on PCs that we’ve attempted a rollback on.

If you have Windows 8, read on.  In our opinion, Windows 10 is a clear upgrade to Windows 8.  It’s really a cross between all that’s good about Windows 7 and Windows 8.  The most asked for feature is back, the Start menu, but it will take some time to get used to, with some of the changes.  If you’re running programs on Windows 8, you may have a problem running them on Windows 10 if the program vendor has not released an update.

Our biggest issue with Windows 10 is the lack of controlling Windows Updates (WU) without going into some complex settings.  With previous versions of Windows, you were given several options when it came to WU.  You could turn WU off altogether (not recommended).  You could be notified of WU being available, but not download and install them until you’re ready.  You could download them and be notified when they are ready to be installed.  Or you could simply let Windows download and install WU.

Windows 10 doesn’t give you these options.  It simply updates on its own.  Because it may require a reboot, it might give you an option to delay the reboot process if you’re currently working on something.  But it will eventually reboot on its own.

We have a problem with this, and hopefully Microsoft will address it by going back to giving the user options.  The reason we have a problem with this is because every once in a while, Microsoft will release an update that will negatively affect a PC.  This has happened numerous times in the past two years.  When updates are set to Automatically Download and Install Windows Updates, if the update is bad, the user will find that their PC might not function properly.  The user then has to find a way to correct the issue.  Usually Microsoft will withdraw the update within a few hours of it’s release.

Windows Updates are release on the second Tuesday of the month (which is referred to as “Patch Tuesday”).  If there’s a critical update that needs to be installed, Microsoft will release it as needed, but that’s rare.  On Patch Tuesday, all computers set to Automatically Update, will do so, usually around 3am.  By 9am, if there’s a bad update, Microsoft will pull it, but it can take as long as the rest of the day.

We recommend setting your Windows Update settings to Notify but Don’t Download Updates. picking a day AFTER Patch Tuesday to do your updates, like the second Saturday.  Then download and install the WU.  This will give Microsoft time to remove the bad updates.

So, to summarize, we suggest waiting on Windows 10.  If you do decide to do the upgrade, do so knowing that you may not be able to go back unless you do a fresh install of the previous operating system, which wipes out all of your settings, programs and data.  Also, you may want to follow the instructions on doing a custom setup of Windows 10.

We’re still in the first year of Windows 10, so many features of the OS have still to be discovered.  Check back often for Update 3.

Before you get rid of that old PC or Laptop, read this!

So you’re about to replace your PC or laptop.  You’ve transferred all your files and folders and are ready to sell it, donate it, give it to someone or throw it out.  Before you do that, STOP!

Simply deleting files from your hard drive doesn’t make them go away.  All it does is remove the “pointer” to the files so that the operating system (OS) thinks that it’s OK to write new data to that space.  In other words, the data is still there until something else overwrites it, and even then, a good “undelete” program can recover it.

OK, so how about formatting the drive?  Will that take care of it?  Nope.  A good undelete program can still recover the data.

A recent study by Blancco Technology Group and Kroll Ontrack showed that 48% of the used hard drives being sold on Amazon still had enough residual  data on them to reveal information on the previous owner.

So what should you do?  There’s a number of options.  PCMDX sponsors an organization called Learning To Be the Light (2BTL). 2BTL refurbishes PCs and gives them to low-income students in the Hoover City Schools.  Any student who is on free or reduced lunch, 2BTL  will give them a PC, a monitor, keyboard, mouse and anything else they may need.  If they are a junior or senior in high school, they are also given a laptop in addition to the PC.

When someone gives their PC to 2BTL to be refurbished, 2BTL  will ask if they want the old hard drive.  If they do, then the old HD is removed and given to the person giving the PC.  This is by far the safest method because all of the data is on the HD and the HD doesn’t take up much space.  So if you’re giving away or selling your old PC, try to remove the HD first.  A replacement drive usually will cost under $100.

What’s the downside of doing this?  Usually restoration software is on the HD, which means the recipient will have to order the restore software or re-install the OS, then re-install the drivers.  This can be complicated and expensive.

If the person giving the PC to 2BTL  doesn’t want the old HD, then 2BTL  will use a software program called Darik’s Boot and Nuke (DBAN).  DBAN is a free program that will not erase the HD, but write data over the existing data 8 times, usually in the form of 0s and 1s.  After 8 times, the original data is not retrievable, even by the best forensic experts.  This will work on most non-SSD, non-RAID HDs.

The downside of this process is that it’s very time consuming, sometimes taking over 24 hours per drive.  The recipient of the HD, if they plan on using it again in the same PC, will have to order restore software or install the OS, then drivers.

Either method is inconvenient, however, having your personal information compromised is more inconvenient.

If you need to sell or otherwise get rid of your PC or laptop, but don’t want to give it to Learning To Be the Light, PCMDX can take care of securing your HD before you hand your PC or laptop to the new owner.  Contact us today for a free estimate at 205-201-0389 or via e-mail at pcmdxal@gmail.com .

If You Use Firefox, You Need To Patch Right Now

A zero-day threat has surfaced on Firefox browser.  If a user lands on a compromised web page, the browser could fall prey to an attacker who could steal files on a Windows or Linux computer.

The fix is simple, which just required to update the browser.

To do so, open Firefox, click on Help>About (if you don’t see the Help selection in the menu field, right click on the grey area towards the top of the Firefox window, and click on Menu Bar).  Once you click About, a box will open that will show you the version of Firefox you’re have installed and a button to upgrade, if applicable.

Click on the Update button (if it’s there – if you’re up to date, the button won’t be available).  Once the update is complete, you’ll be asked to restart Firefox, and you’re done.

Patches should be run on Firefox (and other applications) at least monthly.