About jachamp

Yes I’m a geek and a photographer. So please send me ideas for things you’d like to see me cover, explain, or simply talk about.

Protecting Data From External Attacks

Stop and read this before you make a mistake


Wannacry, Jaff, Cryptolocker, and many many more belong to a category of hacking tools called ransomware. This software works by infiltrating your system via a infected Word document, an image using steganography, a corrupt media file, or a host of other ways.

This works by using encryption algorithms that encrypts all of the data in your hard drive. More over, it also can encrypt data on ANY drive that you may be connected to. This includes USB thumb drives, attached hard drives (whether via USB or network connection), and any cloud connected drives such as Box, Google Drive, Microsoft OneDrive, or any other similar service.

So how do you protect yourself? Technology professionals know to use tools like Ghost, EaseUS, Acronis, or backup software like Crashplan, Carbonite, or even Backblaze can be used to take the data off of your hardware and place it on to either a local hard drive or some cloud based host.

Your data is protected with these tools because the imaging and cloning tools, essentially take a real time picture of your hard drive, store on the connected storage device that you then disconnect when the process has finished.

Yes these tools take a significant amount of time to run based on your drive size. Since many people have 1 terabyte or larger drive in their desktop, all-in-one, or laptop, you can start this process before going to bed at night. First make sure that you have setup your system not to go to sleep during the imaging process. Then follow the directions provided with the product you are using. Some products are free to use for personal use while others may run into hundreds of dollars but provide online data storage with its plan.

Before you disconnect the attached or networked drive, take the time to test your image/backup to insure it is holding data in a valid form. Once you have done this, you should make a hash of the data and I will cover that in a later piece. It is imperative for your data’s safety and your own sanity that the data you have stored on the drive is perfect. Any number of things can cause this data to become corrupt.

This is why I always suggest making a copy of your image and storing it someplace away from the location of the machine. What were to happen if your laptop and backup drive were stolen from your home? You would lose the original data plus the backup that you have just created. If your data is stored at some other location, they may get the laptop but you can replace that and then restore from your image, backup.

This goes for those of you with Windows systems, Mac systems, and even Linux systems.

This will be continued later this week….

Simple Way to better secure your stuff

Many of you are going to take a vacation over this coming Summer. Before you do, do you have a written record of all of your valuable things?

Having a record of everything can save you in the event of a fire, theft, or other damage.

I’ll show you a trick that will add an additional layer of security to your valuable items.

a guitar

Here is a guitar I found on Google images

Step one–identify the item–in this case we’ll use this random guitar image I found online:

Locate the serial number of the item. Sometimes the serial number can be found in a conspicuous space on the back of the item. Other times it is crafted into the model number of the device. On still other items, you can only get the serial number by peeking side of it.

If finding the serial number involves a screwdriver, a soldering iron, and dozens of screws, perhaps you would be better served pulling the serial number of the device off of the box it came in, your receipt, or sometimes you may need access a combination of buttons or commands that will push the items display to reveal the serial number.

However you come about it, the serial number for the device will give you the best evidence that the item is yours. The serial number is what you register with the manufacturer to secure your warranty. It is what you turn into your insurance company so they can provide coverage.

Now record that into a Google spreadsheet or an externally stored Microsoft Excel spreadsheet along with photos of the item.

Once you have that all recorded and saved on an external site, like OneDrive or Google Docs. You will want to store this some place outside of your home in the case of data loss, theft, a fire, or some other unforeseen circumstance.

Now you will want to take one additional step in order to prove property is yours and to find an easy way to get stolen or lost merchandise back.

I have used Zint for years. Link goes to Zint on SourceForce.net.

Now you’ll want to put as much personal information as you can out there. For example — your name, an address (use your work address), and a contact phone number with a description of the item into the software with the serial number. Remember to include, make, model number, year of model, serial number, and if possible, color of the item.

When you have done this it will create a QR code that you can now print out on a small sticker that you should affix to your device in a very inconspicuous place. For a device like a TV or stereo, place the sticker next to other stickers on the back of the device where the UL and power information are situated.

The finished product should look something like this —

Sample QR code

Congratulations, you have now taken a major step in protecting your hard earned devices or personal treasures.

A VPN, Tor, DNS, or just clear my cache

Stop and read this before you make a mistake

The newly passed legislation that gives your Internet provider permission to monitor your web browsing, and then sell it to marketers, is not new. In fact, before this legislation was passed, this has been the way things have been done for years. You see, the FCC rule to protect your browsing privacy has not gone into effect yet. So nothing has really changed, however, interest in Tor and Virtual Private Networks, VPN’s, has skyrocketed.

Rather than see you waste money or effort unnecessarily, I’d rather educate you so that you can make up your own mind.

1) A virtual private network or VPN, is an encrypted network connection where your browsing requests go through a private tunnel and come out somewhere else. This private tunnel is encrypted and thus only the exit node knows what you are asking for. The data within the tunnel is hidden. VPNs are the best of the available options to protect your browsing from your ISP’s spying eyes while allowing your full access to the functions of the internet. This includes media streaming, and file sharing.

This will likely cost you money and it is very difficult to tell who owns these VPN providers. So it is best for you to review these providers and use your best judgement if you opt to pick one.

2) The Onion Routing network, otherwise known as Tor, is a point to point encrypted tunnel that plays whack-a-mole with your packets. Your connection goes through the Tor software which encrypts it. Each point along the line that handles your packets continues this encryption with only the exit node, and those who control it, seeing the final destination and content of your browsing request.

A word to the wise: It has been noted that many governments have set up exit nodes for Tor connections and that includes the US government. Tor is also the only way to get to the dark web and I advise your strongly to avoid the dark web unless you know how to turn off scripting, turn off Java, turn off all active content as much of the dark web consists of serious exploits aimed at your PC.

Also, please remember that whoever controls the exit node controls your data. So plan accordingly.

Now, let’s talk about some bad advice that is out there on how to hide your browsing from your ISPs.

1) No — erasing your cache will not prevent your ISP from seeing your browsing habits.
2) No — using HTTPS for every site you visit will not protect you much either. While the data you send back and forth to the site you are visiting is encrypted, you should know that the visit to the site itself is known to your ISP.
3) No — changing your DNS server alone will also not do much to protect you unless you do that in conjunction with a VPN or Tor. What happens when you type in a URL into your browser is that a request is made to turn the letters your system sends out into a series of numbers that relate to the site your are requesting. DNS does this, however your traffic to your site must travel from your system through your ISP’s hardware, to the site you specified and then the data returns back on the same path but only in reverse.

4) Using ad blockers and using incognito mode do not provide you with any protection either.

These are just some of the things that are being talked about right now. If I missed something, or if you wish to ask any questions, please feel free to drop me an email.

WIndows Tips from the command line

A screen grab of Superfish intercepting an interaction with Bank of America (PHOTO COURTESY OF PCMagazine).

The first of several Windows tips

Starting today I am going to help you with a set of simple commands that can bail you out in the event your computer has some problem.

Windows tip #1–many of you have never used the command line interface or even know what it does. Windows has a large set of programs that run in command line mode but you do not have an icon to any of them.

One of these programs is called taskkill.exe — C:\Windows32\System32taskkill.exe

This program is very powerful and can save you if some program gets stuck.

In order to use it, you will need to know the proper name of the program running … i.e.: Internet Explorer’s executable file is iexplore.exe — in order to find the names, open up the command line tool and run it as Administrator.

There are two ways to do this:

1) Hold down the Windows key while pressing the “R” key
2) Click on the Start button (if you have it)

Either way you get the Run line to come up, type in “cmd admin” and press enter. A box that resembles an old school black and white computer screen pops up.

The first command you should know is C:\Windows\System32\tasklist.exe — this opens up a list of all running programs and gives you their name, the name of the program, the process identification number, and whether it is a service (meaning that it starts up when you boot up your computer) or if it is a console (meaning it runs when you ask it to) program.

Your screen should like this:

A printoout of the C:\Windows\System32\tasklist.exe command

Windows command line tasklist.exe

Find the AppleUpdateService.exe program. It has a process identification number of 1872. This is an example of a program that is harmless to terminate/kill.

With the commandline console still opened type in ‘C:\Windows\System32\taskkill.exe \f \im AdobeUpdateService.exe’ — now you should know that the \F means “FORCE” and the \IM means image name. There is a bunch of these and you can find them explained on DOSPrompt.com.

This will immediately terminate the program and it will react as if you have just unplugged the system. It will immediately stop and not allow any process it may be controlling to complete. Where the taskkill.exe command is most useful is in terminating browsers should one indicate a site that will not let you leave it unless you click on a box asking you to perform some task.

There is a reason why you will want to stop that browser immediately but we will go into that later.

You can also use the ‘C:\Windows\System32\taskkill.exe \f \PID 1872’ and it will terminate the same program. Only now, instead of using the programs name, you are using its process identification number.

This is the first of a series of tips on using the commandline in Windows. If you have questions, comments, something to add, or think this is stupid…please let me know.

For a list of commands that run in Windows command line, you can go to Microsoft’s Technet Site. You should also feel free to perform your own searches to find a list of commands that are explained in a way that makes better sense to you. Technet is a Microsoft product but it is not really meant to be used by the home user.