Saturday, August 16, 2014

What Is The Deal With The New Facebook Messenger App?




     Smartphone users of Android and iPhone got a somewhat rude awakening earlier this month, when Facebook forced its users to switch to a third party app for messaging with Facebook. This move created a stir of blogs and posts, of mostly overblown and over hyped privacy concerns. Most of the posts highlight draconian "Terms of Use" features and policies such as "call phone numbers on your contact list without your intervention" or "use of the camera at any time without your permission" or "access to contact list without permission".

     The reason we are hearing so much about this is because of the way Android handles policy permissions on its operating system. Facebook doesn't get to write its own version of the policy and is forced to use "generic" language to comply with Android application permission rules.

     Application developers tend to have more control over Apple iOS application permissions which handle the process differently.

     Android users must agree to all the permissions at once in order to use the app. This tends to be true for most applications that are written for Android. On the iPhone, users are prompted for permissions during normal use of the application. For example, if the iPhone user never makes a call using the Facebook messenger the app might not ever ask for permission.

     iPhone users can actually deny permissions as well, when they come up. The iPhone might be considered superior to the Android if privacy is a top priority.

     What this all really boils down to is, while some users think that this is a cumbersome action to download a separate application that was once included in a single application, they aren't actually giving up much privacy in the process.

Here is a link to Facebook's help page, if you are concerned about your privacy using the app on your Android smartphone:

https://www.facebook.com/help/347452185405260

Thursday, April 10, 2014

Information Security: Heartbleed Bug

The Heartbleed Bug

The heartbleed bug is the latest security exploit that affects OpenSSL. It is officially named "CVE-2014-0160". It affects many websites that run OpenSSL, it exploits a weakness in cryptographic software library. SSL/TLS provides communication and security privacy for common web communication applications such as web, email, instant messaging and some virtual private networks. The heatbleed bug essentially allows anyone on the internet to read the memory of systems protected by vulnerable versions of OpenSSL software. This compromises the secret keys and usernames and passwords, and access to actual content. This allows attackers to eavesdrop on communications, steal data directly, and impersonate users and accounts. The attack allows a remote attacker to read up to 64kBytes of system memory from your system per attack attempt. The attack works against servers as well as clients.


 Note: You should change passwords only at sites that have patched for the security flaw, sites that have not patched yet, do not change the password, because if you change the password before a patch, the attacker may have access to your new password.


The following websites have patched their security flaws, and you should change the passwords right away:

Change these passwords now (they were patched)

  • Google, YouTube and Gmail
  • Facebook
  • Yahoo, Yahoo Mail, Tumblr, Flickr
  • OKCupid
  • Wikipedia
Don't worry about these (they don't use the affected software, or ran a different version):

  • Amazon
  • AOL and Mapquest
  • Bank of America
  • Capital One bank
  • Charles Schwab
  • Chase bank
  • Citibank
  • E*Trade
  • Fidelity
  • HSBC bank
  • LinkedIn
  • Microsoft, Hotmail and Outlook
  • PayPal
  • PNC bank
  • Scottrade
  • TD Ameritrade
  • Twitter
  • U.S. Bank
  • Wells Fargo
Don't change these passwords yet (still unclear, no response)

  • American Express
  • Apple, iCloud and iTunes
Related:



Thursday, February 27, 2014

IT credentials training and progress

I started working on obtaining my IT credentials as of August 2013.

prepped and sat for the CompTIA A+ exam August 27th, 2013, and passed.

prepped and sat for the CompTIA Network+ exam October 8th, 2013, and passed.

prepped and sat for the CompTIA Security+ exam November 14th, 2013, and passed

prepped and sat for the ISC2's SSCP exam December 5th, 2013, and failed with a 664/700.

prepped and sat for the CompTIA Healthcare IT exam February 5th, 2014.

I am currently working on my CCNA (Cisco Certified Network Associate), and plan to take it and pass it sometime on or around March 20th, 2014.

I am also working on my Windows Server 2012 MCSA certificate, (which consists of 3 exams, the 70-410, 70-411, and 70-412) which I plan to obtain by June or July 2014.

I also plan to take and pass the Windows 8.1 exam 70-687, hopefully sometime in June of 2014.

In summary, I hold the following credentials:

CompTIA Healthcare IT (does not expire)
CompTIA Security+ (good until Nov 14, 2016)
CompTIA Network+ (good until Nov 14, 2016)
CompTIA A+ (good until Nov 14, 2016)

I hope include to my current list of credentials, my CCNA title and MCSA title by the end of summer of 2014. 

I am using labsim/testout for both CCNA and MCSA Server 2012, along with a few books.

Preperation material for CCNA exam 200-120:

Exam objectives for CCNA 200-120:  http://www.cisco.com/web/learning/exams/docs/200-120_composite2.pdf

Online training:

 Labsim/Testout at http://www.testout.com/home/it-certification-training/library-suite

Books/e-books:

Exam Cram Cisco CCNA routing and switching exam 200-120 (fourth edition) copyright 2014. First printing December 2013.
CCNA Routing and Switching Study Guide covers exam(s) 100-101/200-101/200-120 by Todd Lammle ISBN: 978-1-118-74970-8 (ebk.) copyright 2013
Cisco CCNA Routing and Switching 200-120 Official Cert Guide Library Wendell Odem, CCIE no. 1624. ISBN-10: 1-58714-385-2 copyright 2013, first printing April 2013

Preparation material for MCSA Windows Server 2012R2:

Whats new for MCSA Windows Server 2012R2:
 https://www.dropbox.com/s/8b3vei4a12bbsk4/ebook_whats_new_in_windows_server_12.pdf

Exam objectives:

Windows Server exam 70-410
https://www.dropbox.com/s/ouxb9gkycunm75g/70-410_OD_R2.docx

Windows Server exam 70-411
https://www.dropbox.com/s/1uhexpd728bum6u/411_OD_R2.pdf

Windows Server exam 70-412
https://www.dropbox.com/s/salfzu1sqz8711n/412_OD_R2.pdf

Online Training:

Labsim/Testout at http://www.testout.com/home/it-certification-training/library-suite

Books/e-books:

Exam Ref 70-410: Installing and Configuring Windows Server 2012 R2 [Paperback]
Book Description Publication Date: March 10, 2014 | ISBN-10: 0735684243 | ISBN-13: 978-0735684249 | Edition: 1
Available on Amazon on or after March 10, 2014: http://goo.gl/6cxJfw

Exam Ref 70-411: Administering Windows Server 2012 R2 (Exam References) [Paperback]
Book Description Publication Date: June 25, 2014 | ISBN-10: 0735684790 | ISBN-13: 978-0735684799 | Edition: 1
Available on Amazon on or after June 25, 2014:  http://goo.gl/H8D77N

Exam Ref 70-412: Configuring Advanced Windows Server 2012 R2 Services [Paperback]

Book Description Publication Date: March 25, 2014 | ISBN-10: 0735673616 | ISBN-13: 978-0735673618 | Edition: 1
 Available on Amazon on or after March 25, 2014: http://goo.gl/nGu7xs

Preperation material for Windows 8.1 exam 70-687:

Exam objectives for Windows 8.1 exam 70-687:
https://www.dropbox.com/s/imdnvq60hwyydsm/70-687_OD-changes-1.pdf

Online Training:

Labsim/Testout at http://www.testout.com/home/it-certification-training/library-suite

Books/e-books:

Exam Ref 70-687: Configuring Windows 8.1 [Paperback]

Book Description Publication Date: March 28, 2014 | ISBN-10: 0735684774 | ISBN-13: 978-0735684775 | Edition: 1
Available on Amazon on or after March 28, 2014: http://goo.gl/5orAXt

Tuesday, November 19, 2013

Cryptolocker Virus



Cryptolocker:  What to do to protect yourself and what to do if you get it.

What is Cryptolocker? Cryptolocker is a Trojan horse virus that surfaced late September 2013, a form of ransom ware that targets computers running Microsoft Windows software. Cryptolocker disguises itself as a legitimate attachment. When activated, it encrypts a variety of files with a mixture of RSA and AES encryption. When finished it prompts the user to pay a fee for the key to unlock the files being held ransom.

There is a screen that displays a timer with a countdown, the purpose of the timer is to create a sense of urgency to “pay” the fee to get the files back.  In November of 2013, the creators of the virus put up a website for users that have had the timer run out, and on the web page it has an option for those users to pay a ransom even if the timer has run out.


The ransom must be paid with Moneypak vouchers or Bitcoins. Once you send the payment, and its verified, the program will then decrypt the files that are encrypted.



What should you do if you are infected with Crytolocker? The first thing that you should do is disconnect the machine infected from the wireless or wired network. That way the virus won’t have a chance to infect other networked devices. Ideally, you should have your files backed up and accessible on a non networked device or drive.

Is it possible to decrypt the files by Cryptolocker? Unfortunately, at the time of this writing there is no known way to decrypt the files private key easily and quickly. The only method of restoring the files is from a backup copy or imaged copy of the files.

How do I find out if I have been infected with Cryptolocker? Make sure you have an Anti-virus suite or program installed and its definitions are up to date. Run a full scan. There are various tools available on the web that can help if you do not have an anti-virus installed, a quick Google search will point you in the right direction. There are also methods of manually removing the virus from the registry, which is not recommended for the non-computer savvy user.

How do I become infected  with the Cryptolocker virus? The infection is typically sent out to company emails, and disguised as a customer support related issues from another company, for example FED EX, USPS, UPS, DHS, etc. The file might be named 1056_FORM.exe or 1056_FORM.pdf.exe. Since Microsoft does not show file extensions by default, the files look like normal .PDF files. 

I have provided links below to pages that discusses in depth the Cryptolocker virus and methods of mitigation, and methods of removal:

http://www.networkworld.com/news/2013/111413-cryptolocker-practices-275987.html?hpg1=bn

Wednesday, September 4, 2013

Your Computer and Second Hand Smoke


Second hand smoke will damage a computer. It is best to think of the computer tower as a lung, taking in the dust, debris, smoke and other particles in our environments. The computer takes in the same air as we breathe in our own homes. Normally the dust in a computer of a non-smokers household is a dusty grey color. In a smokers household the inside of a computer will appear quite different. Externally and internally there will be staining. There will also be a different color build up, this is from nicotine. 




It will be a brown to a dark brown in color. It will be sticky and may even appear to be moist. It will gunk up the entire computer. Making anything that is being sucked into the computer to build up. This makes the computer not have the air flow it needs, fan blades are coated and build up can be uneven causing the fans to not run as effectively. 



It also blankets the entire inside of the computer making it impossible for the cooling system to work properly. This then leads to hardware failure, costly repairs, and possibly the death to the computer.