Security Blog - Page 9 of 14 - The Practical Paranoid

Q: If the primary person on my iPhone account is…

by Marc Mintz | Jul 25, 2018

Q: How do I know if the primary person on my iPhone account is hacking into my phone?

A: Can they “hack” your phone? Not unless they have a spare $15,000-$1M US hanging around, or they know your PIN. However, if you have jailbroken the iPhone, all bets are off. By definition, you have removed all security from your device.

But… you state “the primary person on my iPhone account”. Normally, the “primary person” is the owner of the account, and possibly the phone itself. If this is the case, it is not “your” phone or account, it is theirs. This may give them access to the Find My iPhone feature in iCloud to track the location of the phone. In the case of a business phone, they may have the legal right to full access.

Q: How can I tell if my Mac has been compromised…

by Marc Mintz | Jul 25, 2018

Q: How can I tell if my Mac has been compromised if my firewall was not turned on?

A: A firewall is only a small part of an overall penetration/compromise prevention program.

In the case of macOS, the firewall isn’t terribly vital. With the firewall off, you would still require an active process (application) waiting for and responding to commands coming in from outside the computer. If you have file sharing, screen sharing, remote login, remote management turned off in the Sharing System Preference, you probably don’t have any apps that can respond to criminal attempts to gain access.

But back to the question how can I tell if my MacBookPro has been compromised? Someone who does quality hacking won’t be seen. You would need to pour over the system logs to even have a chance of noting their work. Someone who is not highly skilled will usually leave your system unstable, or visibly changed.

Q: Is it possible to hack a large number of adult sites…

by Marc Mintz | Jul 25, 2018

Q: Is it possible to hack a large number of adult sites hosted all over the world and take them down?

A: In order for this to be possible, all of the sites would need to be running on the same operating system, using the same web server software, so that they would all be subject to the same vulnerability. In addition, the vulnerability would need to be a zero-day attack – a vulnerability that the software developer did not know existed. And even if all the stars lined up to allow this to happen, a patch for the vulnerability would be crafted in hours, if not minutes, and the sites would be back up and running within hours using backups.

All that being said, not only is this cybercrime, but for most of the developed countries, and most certainly in the USA, it is cyberterrorism. The criminal hacker would most certainly be put away in a very unpleasant place for a non-trivial amount of time, their life savings vaporized in a failed attempt to defend against the legitimate charges, and should they ever be released from that dark place, would likely never be allowed to use a computer again.

All because of their questionalble moral high ground.

Q: What Antivirus Does Google Recommend?

by Marc Mintz | Jul 25, 2018

Q: What Antivirus Does Google Recommend?

A: Google has no recommendations for antivirus. However, one of the reasons I love Google for email is they use VirusTotal to scan all email. VirusTotal uses the malware scan engines of many antivirus utilities to perform more than a dozen scans of a file at once. This helps to ensure that any email received through Google is free from known malware.

Q: What Are The Symptoms Of A Malware Attack?

by Marc Mintz | Jul 25, 2018

Q: What Are The Symptoms Of A Malware Attack?

A: This almost entirely depends on the skill level of the malware developer. Malware crafted by a skilled developer will be invisible to the end user, and invisible to the network administrator for quite some time. There have been malware attacks against governments (who presumably have fairly qualified IT & Network Administrators) that have been active for years before being discovered.

If a malware is created by a developer of less than high skills, then the malware most likely creates problems similar to any buggy software – performance degradation, crashes, screen artifacts, the computer operating incorrectly.

This is why it is important to:

Have a quality antivirus (antimalware) installed on every device.
Have a quality firewall active on the network and each device.
Never log in as an administrator (that gives administrative privileges to malware or hacker on your system).
Enable application whitelisting. This is important because even the very best antivirus only catches 99.9% of the known malware. Whitelisting will stop the unknown from launching.
Have your modem, router, computers, phones, and tablets put through a monthly security and maintenance audit.

New, Best-In-Class Network Equipment For Sale

by Marc Mintz | Jul 23, 2018

MintzIT is clearing out our stock of new, best-in-class network equipment at great discounts.

Asus RP-AC68U AC1900 Wireless Access Point

New, never opened.
2 available.
Currently selling on Amazon for $223 plus $21 shipping.
Specs
MintzIT Price: $175 plus $20 shipping.

Ubiquiti UniFi AP AC Pro Access Point

New. In box.
2 available.
Currently selling on Amazon for $176.
Specs
MintzIT Price: $125 plus $20 shipping.

Ubiquiti UniFi Security Gateway

New, In box.
Currently selling on Amazon for $108.
Specs
MintzIT Price: $65 plus $15 shipping.

Ubiquiti UniFi Switch 24 Port 250w Power over Ethernet

New. In box.
Currently selling on Amazon for $397.
Specs
MintzIT Price: $300 plus $25 shipping.

Contact:
Marc Mintz
505.453.0479

New ransomware uses your real passwords

by Marc Mintz | Jul 13, 2018

Over the past few days we have been seeing many users receiving a ransomware demand. This is nothing unusual. However, in the ransomware letter they provide a password that you use as evidence they have some type of control over some of your IT.

And indeed, it is a password you use.

However, do not fall for this ransomware.

The criminals are using old databases of old hacks of some sites. Since most people use the same 1 or 2 passwords for everything, and never change their password, a password used 10 years ago may be the one used in the letter.

Now that you have ignored the ransomware, there are some things to do:

All of your passwords, for your computer, email, and websites and services you visit should have a password of at least 15 characters, and a different password for each one. Change them now.
I can barely remember where I parked the car last night – much less the bazillion passwords I use. No need for you to remember. There are a few ways to attack the problem:
1. Use a Password Manager. I personally like and use LastPass. It is free, works on all platforms, and it will create and store all of your passwords. It will even copy them to all of your devices.
2. Create a password protected Excel spreadsheet (or any brand spreadsheet). In column A enter the name of the service or site. Column B the URL for the service or site. Column C the login username. Column D the password. Column E is the date of the last time the password was changed. Save this in a file sharing service such as Google Drive, DropBox, OneDrive, etc. so that you and only you have access to the file. Anytime that you need a recorded password, or need to record a password, open the spreadsheet on any of your devices.

You are more powerful than you know

by Marc Mintz | Jul 11, 2018

Q: Are passwords so complex I can’t remember them really more secure?

by Marc Mintz | Jul 11, 2018

Q: Are passwords so complex I can’t remember them really more secure?

A: Nobody ever said you had to remember passwords. You just need to create strong passwords.

“Strong password” is a term defined differently by different government agencies, cybersecurity groups, and IT admins. For my clients, it is defined as:

Minimum of 15 characters.
Recommended but not required, a mix of upper, lower case, numeric, and special characters.

Now, I can barely remember where I parked my car, much less the 1,387 passwords in my life. But most people can remember two or three strong passwords.

Install and use a password manager. There are many to choose from. My personal preference is LastPass.

The password manager will remember almost all of your passwords and challenge questions for you. You just have to remember:

Your computer login password.
Your phone login password.
Your password manager password.

Now you can use ridiculously long and complex passwords, and have no need to remember them!

Q: What are creative ways to combat cyber risk in a large organization?

by Marc Mintz | Jul 11, 2018

Q: What are creative ways to combat cyber risk in a large organization?

A: By “creative ways” are we to assume trying something different, doing cybersecurity in a way that others are not doing?

That may be brilliant at an advertising agency or creating a new startup organization, but when the enterprise’s security and privacy are at risk, perhaps following best practices (as specified in the NIST 800–171, the ISO 27001 and 27002, as well as guidelines published by Apple, Google, Microsoft, et al.) is a wiser career choice.

Q: How can you shut down the people who make malware?

by Marc Mintz | Jul 11, 2018

Q: How can you shut down the people who make malware?

A: How do you stop criminals?

Generally speaking, you can’t. Oh, sure, you can pass laws, catch the criminals, put them in jail, let them out, and some continue to lead a life of crime, while new criminals are made every day.

Those who make malware are criminals. They are hunted down as such, and on occasion are caught, prosecuted, and jailed for a time.

But as with all crime, that is only part of the solution. Each of us must be proactive in our cybersecurity and privacy. And like the old joke: How fast do you have to run to escape a charging bear? Just a little faster than you! Make your systems difficult enough so that malware and cybercriminals give up on you, and move on to the next victim.

Q: How do you start to write a book?

by Marc Mintz | Jul 11, 2018

Q: How do you start to write a book?

A: There may be as many answers to this question as there are authors.

In my case, clients had been asking me to write books for my classes for over 20 years. I tried many times, but I couldn’t get past the first page. I was completely blocked and unable to get a foothold due to the enormity of the task in front of me.

But once someone gave me the most simple of advice, it all came together: How do you eat an elephant? One bite at a time.

Bullet point your main ideas.
Move the bullet points around until there is an arc and logical progression.
Take one bullet point at a time, expand it, adding additional bullet points.
For each of these secondary bullets, expand into a conversational language.
Repeat steps 3 & 4 for each bullet.
Once this has been done, a book is in front of you. It may be very rough and require significant editing – but most good writers have even better editors behind them (I consider myself fortunate to have the best editor I’ve ever met).

Q: I got an alert that someone is watching what I’m browsing.

by Marc Mintz | Jul 11, 2018

Q: I got an alert that someone is watching what I’m browsing. How can they do that?

A. A web browser will not display such a message. It is most likely that a compromised website you visited tossed that at you just like any other pop-up message or advertising. It is also possible that your browser has been compromised, with a plug-in or other item introduced to create these pop-ups.

I’ll bet there was a phone number to call for assistance, or a button to click to purchase a solution to this “problem”.

So, let’s verify all is in good shape, and we can write this off to a rogue web page:

Open the browser.
Verify that your homepage is correct.
Select Security. Verify Warn when visiting a fraudulent site, and Block pop-up windows are enabled.
Select the Extensions tab. If there is an extension present that you don’t recall installing, remove it.
Quit the browser.
Open the browser.

All should be rainbows and unicorns!

Q: How are we able to say words without thinking about what we’re saying next?

by Marc Mintz | Jul 11, 2018

Q: How are we able to say words without thinking about what we’re saying next?

A: I’m not a physiological psychologist or neuroscientist, so I can’t answer directly, but I’ll offer another question: WHY do some people say words without thinking about what they are saying?

Q: How do You Respond When Someone Sends an Email Stating that they are Now Misses Instead of Mister?

by Marc Mintz | Jul 11, 2018

Q: How do You Respond When Someone Sends an Email Stating that they are Now Misses Instead of Mister?

A: This really depends on if you want to be a decent, compassionate human being, or something a few steps below a jerk.

Q: How do I Protect a Computer from Malware and Other Threats?

by Marc Mintz | Jul 11, 2018

Q: How do I Protect a Computer from Malware and Other Threats?

Never log in as an administrator, always login with a non-administrator account.
1. Should malware or a hacker gain entry to your computer, they will likely be able to take on the power of the currently logged-in user. If you are logged in as a non-administrator, they can cause damage to your data, but not the system or applications. If you are logged in as an administrator, they can do anything.
Keep OS and applications up to date.
1. Most updates are about patching a security vulnerability.
Install quality antivirus software (I like Bitdefender).
1. Depending on which authoritative source you wish to believe, there are up to 40,000,000 malware in the wild. It is not a matter of if one will find its way to your device, only when, and how often. A quality antivirus helps to prevent this.
Install quality anti-malicious website software (I like trafficlight from Bitdefender).
1. Most antivirus applications do not check for malicious websites, so a separate utility is used.
Enable application whitelisting.
1. Even the very best, most effective antivirus can catch 99.9% of known malware. That leaves around 40,000 known malware that it won’t catch. We have no idea how many unknown malware will walk right into your system. With application whitelisting turned on, the only applications that can launch are those specified. And a virus won’t be on that list.
Download software only from the developer or as in the case of macOS and Chrome OS, from the Apple Store or Chrome Store.
1. Most of the other sites are a cesspool of malware and infected applications.
Never let someone use your account.
1. You don’t know where they are going. You don’t know what they are doing. And if you have ever been through a divorce, you already know that even those you love and trust the most can sometimes be trouble.
Make all passwords “strong” (minimum 15 characters. It’s ok for them to be easy to remember, easy to enter).
1. A current-generation laptop computer can generate around 100,000,000 password guesses a second. It doesn’t take long to break a password. The longer the password, the exponentially longer it takes to break it.
Use a different password for each website.
1. The bad guys bank (literally) on the fact that most people use only a couple passwords. When one of your online accounts has been hacked (I’ll be you $1 that at least 1 of your accounts has already been hacked), the bad guys get your email address and at password that you use. They will then test this combination at banks, online retailers, credit card sites, etc. until they find a high-value target that uses the same password.
Use a password manager to remember your passwords (I like LastPass).
1. Because if you use a different password for each site, you can’t remember them! Let technology do it for you.
NEVER use email for sensitive information.
1. Email can be made end-to-end encrypted and secure, but most people aren’t up to the task. Instead, use an end-to-end encrypted secure instant messaging service. I like Wire and Signal.
NEVER use a landline or cellular phone for sensitive information.
1. Use an end-to-end encrypted secure voice service. I like Wire and Signal.

Q: How Do I Install a Firewall on a Home Network?

by Marc Mintz | Jul 11, 2018

Q: How Do I Install a Firewall on a Home Network?

A: The DSL or Cable router that comes with your service will have a firewall. To access and configure, you will need the administrator username and password. This is often on a label attached to the unit, along with the URL to directly access the device.

However, the security of these firewall is a point of debate. The devices are very inexpensive, in wide use, with known vulnerabilities and hacks.

Although you can purchase a firewall all by itself, usually the better option is to install a 3rd-party quality router with firewall. There are at least a dozen well-known brands. Stay away from “consumer-class” devices, and go with “business-grade”. It won’t cost much more, but the quality difference can be significant.

I’m partial to the router made by OpenMesh – the G200. Even better when paired with their A62 Wireless Access Point.

You will still need your DSL or Cable router to connect you to the Internet. To get better performance, call your broadband provider, ask them to change it from Router to Bridge mode after you have your 3rd-party router in place.