Dear Yelp, Please STOP CALLING ME!

Dear Yelp;

I get that you have no way of knowing this but we have a very good relationship as it stands.  I write reviews, find awesome places to eat from you, list my business on your site.  I’m even pretty serious about defending your site and pointing out how silly people are when they claim you are some sort of extortion racket.

I like you, really I do, just not in a give you money sort way  I’m flattered you have assigned me a personal contact person but  really I don’t want her, I’m not interested in you in that way.  You’re cool and all just not for me.

Since April 20th this lovely young woman has called and left voice mails telling me how excited she is to be my contact person at Yelp.  She’s so excited she won’t stop calling even though it’s obvious I’m intentionally ignoring her.  She’s so eager that she will even call me multiple times in a row.  Like just now at 5:17pm and again at 5:23pm.  I’ve been running in circles all day doing you know my actual business of repairing computers and talking endlessly with clients on the phone.  Nothing makes me happier than having Yelp call twice in under 10 minutes 17 minutes after the end of my business day.  It’s says it right there 5pm in the voicemail greeting she has listened to 7 times in the past few weeks.

So sadly I have been forced to block your number, I will also be adding caller ID filters to my call screening software the blocks the word Yelp.  I’ll still use the site love it.  Though I do now understand why plenty of business owners think you are an extortion racket, it’s your unwanted and overly aggressive sales force.

Love the site, hate your idiotic sales force.

Love Always,



By the way I will paying to promote this post on Facebook, sorry they are just better than you.

The Myth of the $200 Computer


It happens a few times a year.  A customer is faced with either a computer that cannot be repaired or a one that is so old that it’s not worth repairing.

They will ask what their options are and I will explain to them for $350-$500 they can get a custom built PC from me that will be the best computer they have ever owned and last them a decade.

They scoff at this idea and proudly proclaim that they can just head on over to Staples and get one for $200.

I will not deny that yes there are times of the year where you can get some great deals; Back to School, and Christmas being good examples. Times of year when stores will stock up on somewhat outdated inventory and sell it as loss leaders to get parents into the stores.   However these deals are actually rare and becoming more hard to find.

Anyway let’s set that aside and look at what you get when you buy a bottom of the line PC at big box retailer.

Just this weekend I was faced with a client who did the “I don’t need anything fancy I can’t get something for $200” eye roll. He ended up at Walmart where to his surprise there are no $200, in fact you can’t even find a computer that does not include a monitor, his only option was a $250 Acer AXC-704G-UW61.

The bare minimum to manufacture a PC is over $200.  So how can they sell you a PC for such a low price.  Either you are getting very old outdated and barely usable parts.  This computer had really cheap slow parts in it. So cheap, slow, and built to a price point that they were designed to be cheap, and as we discovered the hard way not even fully functional.

The other way they bring the price down which is the case more and more you are getting a computer that has been subsidized by installing tons of Spyware.  This PC was riddled with Spyware, in fact the first program they installed on it before they even installed the drivers was Spyware.

XYO6ZbP - Imgur

This miracle of modern technology was then dropped off here so I could begin the process of transferring and installing all the software and files he needs for his business onto the this wonderful new PC.  Set it up on the desk and problem #1, this computer has no VGA or DVI ports only HDMI.  So now we either need a HDMI monitor, a video card, or a some sort of converter.   So now it’s a $270 PC, and we wasted a days labor. Nowhere on the box was it mentioned that this computer had only HDMI ports. It has two USB 3.0 ports but since it’s only two those will be taken up by your keyboard and mouse.  So if you want to actually use those ports you need a hub now it’s a $290 computer.


Okay we get it hooked up to a monitor.  I know have to spend half a day removing all the SpyWare that is preinstalled onto the PC.

Finish that, install al the business software we need, and star transferring his files onto the new PC.  The transfer is going to take 6 hours so I leave and come back.  In that time the PC has put the monitor to sleep and the only way to get the monitor back on is to unplug the power from it.  So now we have to leave the monitor on displaying a screen saver 24 hours a day otherwise the PC turns the monitor off and then will not turn it back on.

Finish everything, leave the computer alone over night come back  and now it for some reason has shut down and will not restart.  Pull the power and it will turn back on.  At this point it is finally decided this $200 PC is going back.

Now we have wasted 3 days,  the client owes me well over $100 in labor and we have accomplished nothing.

You get what you pay for.

Time to Pay More Attention to Things That Can and Will Actually Harm You…

We tend to focus on huge headline grabbing issues that in reality have little chance of directly affecting our lives.  You can put locks and cameras on your house, but with a phone line and a network connection you are letting crooks into your life everyday.  Ransomware is a huge out of control problem that is getting no attention. I’ve had this hit several customers and have seen it hit numerous hospitals and law enforcement agencies.  If you contact the FBI the FBI tells you they can do nothing about it and you should pay the ransom.  You need to keep proper routine backups and make sure you have a set of backups that are offline not attached to your PC or network. Don’t put it off, take care of it now.


From Krebs

A Kentucky hospital says it is operating in an “internal state of emergency” after a ransomware attack rattled around inside its networks, encrypting files on computer systems and holding the data on them hostage unless and until the hospital pays up.

A streaming red banner on warns that a computer virus infection has limited the hospital's use of electronic web-based services.

A streaming red banner on warns that a computer virus infection has limited the hospital’s use of electronic web-based services. Click to enlarge.

Henderson, Ky.-based Methodist Hospital placed a scrolling red alert on its homepage this week, stating that “Methodist Hospital is currently working in an Internal State of Emergency due to a Computer Virus that has limited our use of electronic web based services.  We are currently working to resolve this issue, until then we will have limited access to web based services and electronic communications.”

Jamie Reid, information systems director at the hospital, said malware involved is known as the “Locky” strain of ransomware, a contagion that encrypts all of the important files, documents and images on an infected host, and then deletes the originals. Victims can regain access to their files only by paying the ransom, or by restoring from a backup that is hopefully not on a network which is freely accessible to the compromised computer.

In the case of Methodist Hospital, the ransomware tried to spread from the initial infection to the entire internal network, and succeeded in compromising several other systems, Reid said. That prompted the hospital to shut down all of the hospital’s desktop computers, bringing systems back online one by one only after scanning each for signs of the infection.

“We have a pretty robust emergency response system that we developed quite a few years ago, and it struck us that as everyone’s talking about the computer problem at the hospital maybe we ought to just treat this like a tornado hit, because we essentially shut our system down and reopened on a computer-by-computer basis,” said David Park, an attorney for the Kentucky healthcare center.

The attackers are demanding a mere four bitcoins in exchange for a key to unlock the encrypted files; that’s a little more than USD $1,600 at today’s exchange rate.

Park said the administration hasn’t ruled out paying the ransom.

“We haven’t yet made decision on that, we’re working through the process,” with the FBI, he said. “I think it’s our position that we’re not going to pay it unless we absolutely have to.”

The attack on Methodist comes just weeks after it was revealed that a California hospital that was similarly besieged with ransomware paid a $17,000 ransom to get its files back.

Park said the main effect of the infection has been downtime, which forced the hospital to process everything by hand on paper. He declined to say which systems were infected, but said no patient data was impacted.

“We have downtime procedures to going to paper system anyway, so we went to that paper system, he said. “But we don’t feel like it negatively impacted patient care. They didn’t get any patient information ”

Ransomware infections are largely opportunistic attacks that mainly prey on people who browse the Web with outdated Web browsers and/or browser plugins like Java and Adobe Flash and Reader. Most ransomware attacks take advantage of exploit kits, malicious code that when stitched into a hacked site probe visiting browsers for the the presence of these vulnerabilities.

The attack on Methodist Hospital was another form of opportunistic attack that came in via spam email, in messages stating something about invoices and that recipients needed to open an attached (booby-trapped) file.

It’s a fair bet that as ransomware attacks and attackers mature, these schemes will slowly become more targeted. I also worry that these more deliberate attackers will take a bit more time to discern how much the data they’ve encrypted is really worth, and precisely how much the victim might be willing to pay to get it back.

Tags: , , ,

Wendys Credit Card Breach Is a Big One

Banks are reporting that fraudulent activity from the Wendys credit card breach is out pacing the Target and Home Depot breaches.


A number of credit unions say they have experienced an unusually high level of debit card fraud from the breach at nationwide fast food chain Wendy’s, and that the losses so far eclipse those that came in the wake of huge card breaches at Target and Home Depot.

wendyskyAs first noted on this blog in January, Wendy’s is investigating a pattern of unusual card activity at some stores. In a preliminary 2015 annual report, Wendy’s confirmed that malware designed to steal card data was found on some systems. The company says it doesn’t yet know the extent of the breach or how many customers may have been impacted.

According to B. Dan Berger, CEO at the National Association of Federal Credit Unions, many credit unions saw a huge increase in debit card fraud in the few weeks before the Wendy’s breach became public. He said much of that fraud activity was later tied to customers who’d patronized Wendy’s locations less than a month prior.

“This is what we’ve heard from three different credit union CEOs in Ohio now: It’s more concentrated and the amounts hitting compromised debit accounts is much higher that what they were hit with after Home Depot or Target,” Berger said. “It seems to have been been [the work of] a sophisticated group, in terms of the timing and the accounts they targeted. They were targeting and draining debit accounts with lots of money in them.”