Protecting Data From External Attacks

Stop and read this before you make a mistake


Wannacry, Jaff, Cryptolocker, and many many more belong to a category of hacking tools called ransomware. This software works by infiltrating your system via a infected Word document, an image using steganography, a corrupt media file, or a host of other ways.

This works by using encryption algorithms that encrypts all of the data in your hard drive. More over, it also can encrypt data on ANY drive that you may be connected to. This includes USB thumb drives, attached hard drives (whether via USB or network connection), and any cloud connected drives such as Box, Google Drive, Microsoft OneDrive, or any other similar service.

So how do you protect yourself? Technology professionals know to use tools like Ghost, EaseUS, Acronis, or backup software like Crashplan, Carbonite, or even Backblaze can be used to take the data off of your hardware and place it on to either a local hard drive or some cloud based host.

Your data is protected with these tools because the imaging and cloning tools, essentially take a real time picture of your hard drive, store on the connected storage device that you then disconnect when the process has finished.

Yes these tools take a significant amount of time to run based on your drive size. Since many people have 1 terabyte or larger drive in their desktop, all-in-one, or laptop, you can start this process before going to bed at night. First make sure that you have setup your system not to go to sleep during the imaging process. Then follow the directions provided with the product you are using. Some products are free to use for personal use while others may run into hundreds of dollars but provide online data storage with its plan.

Before you disconnect the attached or networked drive, take the time to test your image/backup to insure it is holding data in a valid form. Once you have done this, you should make a hash of the data and I will cover that in a later piece. It is imperative for your data’s safety and your own sanity that the data you have stored on the drive is perfect. Any number of things can cause this data to become corrupt.

This is why I always suggest making a copy of your image and storing it someplace away from the location of the machine. What were to happen if your laptop and backup drive were stolen from your home? You would lose the original data plus the backup that you have just created. If your data is stored at some other location, they may get the laptop but you can replace that and then restore from your image, backup.

This goes for those of you with Windows systems, Mac systems, and even Linux systems.

This will be continued later this week….

WIndows Tips from the command line

A screen grab of Superfish intercepting an interaction with Bank of America (PHOTO COURTESY OF PCMagazine).

The first of several Windows tips

Starting today I am going to help you with a set of simple commands that can bail you out in the event your computer has some problem.

Windows tip #1–many of you have never used the command line interface or even know what it does. Windows has a large set of programs that run in command line mode but you do not have an icon to any of them.

One of these programs is called taskkill.exe — C:\Windows32\System32taskkill.exe

This program is very powerful and can save you if some program gets stuck.

In order to use it, you will need to know the proper name of the program running … i.e.: Internet Explorer’s executable file is iexplore.exe — in order to find the names, open up the command line tool and run it as Administrator.

There are two ways to do this:

1) Hold down the Windows key while pressing the “R” key
2) Click on the Start button (if you have it)

Either way you get the Run line to come up, type in “cmd admin” and press enter. A box that resembles an old school black and white computer screen pops up.

The first command you should know is C:\Windows\System32\tasklist.exe — this opens up a list of all running programs and gives you their name, the name of the program, the process identification number, and whether it is a service (meaning that it starts up when you boot up your computer) or if it is a console (meaning it runs when you ask it to) program.

Your screen should like this:

A printoout of the C:\Windows\System32\tasklist.exe command

Windows command line tasklist.exe

Find the AppleUpdateService.exe program. It has a process identification number of 1872. This is an example of a program that is harmless to terminate/kill.

With the commandline console still opened type in ‘C:\Windows\System32\taskkill.exe \f \im AdobeUpdateService.exe’ — now you should know that the \F means “FORCE” and the \IM means image name. There is a bunch of these and you can find them explained on DOSPrompt.com.

This will immediately terminate the program and it will react as if you have just unplugged the system. It will immediately stop and not allow any process it may be controlling to complete. Where the taskkill.exe command is most useful is in terminating browsers should one indicate a site that will not let you leave it unless you click on a box asking you to perform some task.

There is a reason why you will want to stop that browser immediately but we will go into that later.

You can also use the ‘C:\Windows\System32\taskkill.exe \f \PID 1872’ and it will terminate the same program. Only now, instead of using the programs name, you are using its process identification number.

This is the first of a series of tips on using the commandline in Windows. If you have questions, comments, something to add, or think this is stupid…please let me know.

For a list of commands that run in Windows command line, you can go to Microsoft’s Technet Site. You should also feel free to perform your own searches to find a list of commands that are explained in a way that makes better sense to you. Technet is a Microsoft product but it is not really meant to be used by the home user.

Pa$$w0rds–good or bad without breaking your brain

Every year some computer security firm releases its list of the worst passwords that people are using. While I do not know the methodology used to compile these lists, I do know that I see these passwords used over and over again in both public and private sector arenas.

password image by Linux Screenshots on Flickr.

password image by Linux Screenshots on Flickr.

Why are people using passwords like 123password? It is likely because the average person, not techno-geek, has a hard time remembering what some ‘best-practices’ list decided was a good password. You know the one; there must be on capital letter, one lower case letter, one number, one special character, and the DNA signature of your neighbor’s cat (I just made the last part up).

Now this is a big deal because passwords are a big deal. They keep people from snooping on your computer, your email service, the websites you frequent, or even keep people out of your bank or credit card accounts.

Passwords are like diapers and politicians. They should be changed and often. Why? Because if you leave a password in place for too long you give an outsider a longer opportunity to crack it open and then gain access to your data/information.

So while password, letmein, 123456, qwerty, or something similar are examples of bad passwords, using a password like 3!dxt*RT2nr$xgg5t06 is a good password but not because it is complex. It is a good password because it is long however the human brain can only remember so much of this string, you have to go back and remember that you are trying to outsmart a computer and not a human being.

A human will guess words that can be found in a dictionary or will tell a computer to look for words that exist in a dictionary. In short…words that make sense to another human being. A computer does not care about dictionary words or special characters.

I will now enter the word “entropy” into this discussion. Entropy, while sometimes relating to thermodynamic relationships in chemical processes, also means a lack of predictability or reliability that can lead to a disintegration of order leading to disorder and thus a large positive run towards randomness. This is a good thing to have in a password or pin.

For instance…your four digit PIN that you use on your debit card has a number of possible combinations of 10^4 (numbers 1-4 give us 10 and since there are 4 of them, that gives us the number of possible combinations) possibilities.

And that 16 character string of special characters, upper and lowercase letters, numbers and your cat’s DNA marker? Well that only nets you an entropy, randomness score, of 119 bits. However, if you were to take the last names of your two favorite teachers, the model of your first car, and your first home phone number..that entropy ramps up to over 200 and that would take the most power computers, hundreds, if not thousands, of years to crack that password…and by then you should have changed it more than two times to something else.

Some examples of good strong passwords in this model are: hulusucksbecauseofcommercials , bernsteincoplandRodeoin38time, spotroverslurpeepepsi

The main purpose of this blog entry is to illustrate to you that a secure password can be one that is long, and strong but more importantly, something that you can easily remember. Just do not use the names of your kids, your pets, or other personal information that you might not want disclosed to the general public.

Which memory card for your DSLR?

The Sandisk Extreme Pro 64GB Class 10 280GB oer seciond SDXC card

Need for speed? That 280MB/sec rating may not be the number you are looking for.

When you think about your camera and your memory card needs, do you think bigger and faster is better? Wait a minute..not so fast. Some cameras cannot handle newer SDXC formats, some cameras cannot take advantage of the 128MB/sec read rates or faster, and sometimes smaller and slower win the day.

My example..I have and still use a Nikon D90. It works, takes great photos and works with all of my lenses so why not right?

Well the first thing to note is that I shoot in RAW format, meaning NEF files for the Nikon (Canon uses a CR2 format, Panasonic uses a generic RAW format) are going to be a different size as you get more megapixels. So my D90 takes RAW photos in about 10-11 megabytes per image. While my D7100 uses a 28 megabyte raw image. Your camera has a common raw file size average and you should know it.

Now…for my D90, I never use anything bigger than a 16GB SDHC card. Sure it will support a 32GB card but I get into a grey area I try to avoid.

If I have 28 GB worth of images on the card and it fails, I am going to be mad. However if I only have 7-10GB of photos on card, I will still be angry at the loss but it won’t be nearly as bad as with 32GB. See?

Now a word about speed. Most cards will put their fastest speeds on the card and that is usually the speed a device can READ from it. What you want are cards that sync up with your camera speed. If you shoot at 7 frames per second and have a 90MB/sec write speed on your card, you might be able to eek out a few more shots before your camera’s buffer for the number of images it can hold, runs out.

So..ignore that 250 MB/sec listing on the card and look up the write speed for that card. Odds are it is going to be less than the read speed for that card.

That’s a quick lesson. If you have questions, please let me know. Next time, the quickie lesson will be over picking lenses to take on a trip.