Yet Another Reason To Not Buy That Cheap Computer From A Box Store

Ever notice those annoying update centers that come preinstalled on every name brand PC.  They just sit there I’ve never actually seen them update anything, sometimes they give you annoying pop ups for no reason.  Just sitting there in the tray for no reason.

Well one thing they are doing is opening all sorts of security holes.

http://arstechnica.com/security/2016/06/how-pc-makers-make-you-vulnerable-to-man-in-the-middle-attacks-out-of-the-box/

The next time you’re in the market for a new Windows computer, consider this: if it comes from one of the top five manufacturers, it’s vulnerable to man-in-the-middle attacks that allow hackers to install malware.

That’s the take-away from a report published Tuesday by researchers from two-factor authentication service Duo Security. It found third-party updating tools installed by default threatened customers of Dell, HP, Lenovo, Acer, and Asus. The updaters frequently expose their programming interfaces, making them easy to reverse engineer. Even worse, the updaters frequently fail to usetransport layer security encryption properly, if at all. As a result, PCs from all five makers are vulnerable to exploits that allow attackers to install malware.

“Hacking in practice means taking the path of least resistance, and OEM software is often a weak link in the chain,” the Duo Security report stated. “All of the sexy exploit mitigations, desktop firewalls, and safe browsing enhancements can’t protect you when an OEM vendor cripples them with pre-installed software.”

In short, every single manufacturer was found to use pre-installed updaters that allowed someone with the ability to monitor a PC’s network traffic—say someone on the same unsecured Wi-Fi network or a rogue employee at an ISP or VPN provider—to execute code of their choice that runs with System-level privileges. The updaters are mostly used to deliver new versions of software and bloatware that come pre-installed on new PCs and are separate from Microsoft’s Windows Update, which is widely believed to be secure. The report provides a strong reason why it’s a good idea to wipe newly purchased machines and reinstall Windows minus all the custom crapware. At a minimum, third-party software should be uninstalled or blocked using a firewall.

Update: Lenovo has issued an advisory recommending customers uninstall the Lenovo Accelerator Application, which comes preinstalled on many notebooks and desktop systems running Windows 10. As the image at the top of this post illustrates, the Duo Security report uncovered several major shortcomings in the app’s update mechanism, including its failure to use any sort of encryption when checking for or downloading updates and the failure to validate digital signatures before installing them.


Dear Yelp, Please STOP CALLING ME!

Dear Yelp;

I get that you have no way of knowing this but we have a very good relationship as it stands.  I write reviews, find awesome places to eat from you, list my business on your site.  I’m even pretty serious about defending your site and pointing out how silly people are when they claim you are some sort of extortion racket.

I like you, really I do, just not in a give you money sort way  I’m flattered you have assigned me a personal contact person but  really I don’t want her, I’m not interested in you in that way.  You’re cool and all just not for me.

Since April 20th this lovely young woman has called and left voice mails telling me how excited she is to be my contact person at Yelp.  She’s so excited she won’t stop calling even though it’s obvious I’m intentionally ignoring her.  She’s so eager that she will even call me multiple times in a row.  Like just now at 5:17pm and again at 5:23pm.  I’ve been running in circles all day doing you know my actual business of repairing computers and talking endlessly with clients on the phone.  Nothing makes me happier than having Yelp call twice in under 10 minutes 17 minutes after the end of my business day.  It’s says it right there 5pm in the voicemail greeting she has listened to 7 times in the past few weeks.

So sadly I have been forced to block your number, I will also be adding caller ID filters to my call screening software the blocks the word Yelp.  I’ll still use the site love it.  Though I do now understand why plenty of business owners think you are an extortion racket, it’s your unwanted and overly aggressive sales force.

Love the site, hate your idiotic sales force.

Love Always,

John.

 

By the way I will paying to promote this post on Facebook, sorry they are just better than you.


The Myth of the $200 Computer

 

It happens a few times a year.  A customer is faced with either a computer that cannot be repaired or a one that is so old that it’s not worth repairing.

They will ask what their options are and I will explain to them for $350-$500 they can get a custom built PC from me that will be the best computer they have ever owned and last them a decade.

They scoff at this idea and proudly proclaim that they can just head on over to Staples and get one for $200.

I will not deny that yes there are times of the year where you can get some great deals; Back to School, and Christmas being good examples. Times of year when stores will stock up on somewhat outdated inventory and sell it as loss leaders to get parents into the stores.   However these deals are actually rare and becoming more hard to find.

Anyway let’s set that aside and look at what you get when you buy a bottom of the line PC at big box retailer.

Just this weekend I was faced with a client who did the “I don’t need anything fancy I can’t get something for $200” eye roll. He ended up at Walmart where to his surprise there are no $200, in fact you can’t even find a computer that does not include a monitor, his only option was a $250 Acer AXC-704G-UW61.

The bare minimum to manufacture a PC is over $200.  So how can they sell you a PC for such a low price.  Either you are getting very old outdated and barely usable parts.  This computer had really cheap slow parts in it. So cheap, slow, and built to a price point that they were designed to be cheap, and as we discovered the hard way not even fully functional.

The other way they bring the price down which is the case more and more you are getting a computer that has been subsidized by installing tons of Spyware.  This PC was riddled with Spyware, in fact the first program they installed on it before they even installed the drivers was Spyware.

XYO6ZbP - Imgur

This miracle of modern technology was then dropped off here so I could begin the process of transferring and installing all the software and files he needs for his business onto the this wonderful new PC.  Set it up on the desk and problem #1, this computer has no VGA or DVI ports only HDMI.  So now we either need a HDMI monitor, a video card, or a some sort of converter.   So now it’s a $270 PC, and we wasted a days labor. Nowhere on the box was it mentioned that this computer had only HDMI ports. It has two USB 3.0 ports but since it’s only two those will be taken up by your keyboard and mouse.  So if you want to actually use those ports you need a hub now it’s a $290 computer.

 

Okay we get it hooked up to a monitor.  I know have to spend half a day removing all the SpyWare that is preinstalled onto the PC.

Finish that, install al the business software we need, and star transferring his files onto the new PC.  The transfer is going to take 6 hours so I leave and come back.  In that time the PC has put the monitor to sleep and the only way to get the monitor back on is to unplug the power from it.  So now we have to leave the monitor on displaying a screen saver 24 hours a day otherwise the PC turns the monitor off and then will not turn it back on.

Finish everything, leave the computer alone over night come back  and now it for some reason has shut down and will not restart.  Pull the power and it will turn back on.  At this point it is finally decided this $200 PC is going back.

Now we have wasted 3 days,  the client owes me well over $100 in labor and we have accomplished nothing.

You get what you pay for.



Time to Pay More Attention to Things That Can and Will Actually Harm You…

We tend to focus on huge headline grabbing issues that in reality have little chance of directly affecting our lives.  You can put locks and cameras on your house, but with a phone line and a network connection you are letting crooks into your life everyday.  Ransomware is a huge out of control problem that is getting no attention. I’ve had this hit several customers and have seen it hit numerous hospitals and law enforcement agencies.  If you contact the FBI the FBI tells you they can do nothing about it and you should pay the ransom.  You need to keep proper routine backups and make sure you have a set of backups that are offline not attached to your PC or network. Don’t put it off, take care of it now.

 

From Krebs

A Kentucky hospital says it is operating in an “internal state of emergency” after a ransomware attack rattled around inside its networks, encrypting files on computer systems and holding the data on them hostage unless and until the hospital pays up.

A streaming red banner on Methodisthospital.net warns that a computer virus infection has limited the hospital's use of electronic web-based services.

A streaming red banner on Methodisthospital.net warns that a computer virus infection has limited the hospital’s use of electronic web-based services. Click to enlarge.

Henderson, Ky.-based Methodist Hospital placed a scrolling red alert on its homepage this week, stating that “Methodist Hospital is currently working in an Internal State of Emergency due to a Computer Virus that has limited our use of electronic web based services.  We are currently working to resolve this issue, until then we will have limited access to web based services and electronic communications.”

Jamie Reid, information systems director at the hospital, said malware involved is known as the “Locky” strain of ransomware, a contagion that encrypts all of the important files, documents and images on an infected host, and then deletes the originals. Victims can regain access to their files only by paying the ransom, or by restoring from a backup that is hopefully not on a network which is freely accessible to the compromised computer.

In the case of Methodist Hospital, the ransomware tried to spread from the initial infection to the entire internal network, and succeeded in compromising several other systems, Reid said. That prompted the hospital to shut down all of the hospital’s desktop computers, bringing systems back online one by one only after scanning each for signs of the infection.

“We have a pretty robust emergency response system that we developed quite a few years ago, and it struck us that as everyone’s talking about the computer problem at the hospital maybe we ought to just treat this like a tornado hit, because we essentially shut our system down and reopened on a computer-by-computer basis,” said David Park, an attorney for the Kentucky healthcare center.

The attackers are demanding a mere four bitcoins in exchange for a key to unlock the encrypted files; that’s a little more than USD $1,600 at today’s exchange rate.

Park said the administration hasn’t ruled out paying the ransom.

“We haven’t yet made decision on that, we’re working through the process,” with the FBI, he said. “I think it’s our position that we’re not going to pay it unless we absolutely have to.”

The attack on Methodist comes just weeks after it was revealed that a California hospital that was similarly besieged with ransomware paid a $17,000 ransom to get its files back.

Park said the main effect of the infection has been downtime, which forced the hospital to process everything by hand on paper. He declined to say which systems were infected, but said no patient data was impacted.

“We have downtime procedures to going to paper system anyway, so we went to that paper system, he said. “But we don’t feel like it negatively impacted patient care. They didn’t get any patient information ”

Ransomware infections are largely opportunistic attacks that mainly prey on people who browse the Web with outdated Web browsers and/or browser plugins like Java and Adobe Flash and Reader. Most ransomware attacks take advantage of exploit kits, malicious code that when stitched into a hacked site probe visiting browsers for the the presence of these vulnerabilities.

The attack on Methodist Hospital was another form of opportunistic attack that came in via spam email, in messages stating something about invoices and that recipients needed to open an attached (booby-trapped) file.

It’s a fair bet that as ransomware attacks and attackers mature, these schemes will slowly become more targeted. I also worry that these more deliberate attackers will take a bit more time to discern how much the data they’ve encrypted is really worth, and precisely how much the victim might be willing to pay to get it back.

Tags: , , ,