Archive
How to stop robocalls – Jolly Roger Telephone
I wanted to share my experience filtering calls to my 90-year-old mother who has had her phone number for 60 years and appears to be on every scam caller list. Every list. And she felt compelled to answer every call. Every. Call.
First, I switched her phone service from Comcast to Google Voice. I won’t go into the technical details of the move, but it’s a two step process (Comcast to burner phone, then burner phone to Google Voice). This was my first step to filtering her calls because I believe Comcast customers are being targeted by scammers and I hoped that moving to Google Voice SPAM filtering would offer better control over her calls.
Initially, I moved to Google Voice as part of a cost reduction for my Mom, and it provides ‘spam filtering’ capabilities. It turned out that the spam filtering wasn’t very good for faked local numbers so after some research, I went with the nuclear option and configured call filtering using Jolly Roger Telephone (link below).
Jolly Roger is *amazing*. Robots answer the phone and hang up telemarketers and scammers and Mom’s phone never rings. The record voicemail was 7.5 minutes…
To be honest, Jolly Roger is pretty good, but the Final Solution was to put every ‘good’ caller onto the whitelist and block every other area code in the United States, block all foreign calls and block all toll free calls. The whitelist was more of a challenge. I had a phone history of several months and included her doctors, friends, family, etc. Jolly Roger includes simple check boxes to block 800 calls, overseas numbers, and similar. Ultimately, I configured a ‘blacklist’ of prohibited callers using wildcard entries for EVERY AREA CODE in the US except two local area codes.
It seems extreme, but then we just had to deal with faked local numbers, and I had a large list of exchanges that I blocked.
Netgear security update
Check your router for a vulnerability by entering the string below into your browser (change [router-address] to the IP address of your router (example: 192.168.1.1)).
http://[router-address]/cgi-bin/;uname$IFS-a
If that page shows anything but an error or an empty page, your router is affected and you need to apply the patch just published by Netgear (link below).
Netgear models impacted by this vulnerability:
R6250
R6400
R6700
R6900
R7000
R7100LG
R7300DST
R7900
R8000
D6220
D6400
Yahoo! Mail security issues.
I’m seeing a lot of issues with Yahoo Mail accounts being compromised, so I’m posting my notes here and will update as I understand the problem better. An example is when you get e-mail from friends with a single, SPAM URL in the message and it’s sent to 10-15 people (in alpha order) from their Yahoo! Contacts.
I suggest that you NOT check the box ‘keep me signed in’ when you log into Yahoo Mail (highlighted in red rectangle on screen shot below). From what I can tell, some web sites with malicious content take advantage of cached Yahoo credentials and send mail with these SPAM links to everyone in your Yahoo contact list.
I also recommend using “two factor authentication” wherever possible. Two factor authentication uses something you know (your password) with something you have (phone number, cell phone). When accessing a web site, you enter your password (something you know), and then are prompted to enter a code sent to your phone (voice), or your cell (text), which are things you possess. This is used when resetting passwords on your bank or credit card web sites.
Another option is to consider moving to Google Mail which appears to be more secure, and I know from testing that Google’s two factor authentication is quite comprehensive and I use an Android app on my cell phone to generate a code.
Yahoo login – do not
Yahoo Two factor authentication reference links
http://lifehacker.com/5938565/heres-everywhere-you-should-enable-two+factor-authentication-right-now
Computer Backup Recommendations
This is the first in a series of reference articles that answer frequently asked questions from friends, family, and clients. I will update these articles as required.
Feel free to let me know if you have any questions or recommendations.
Required hardware and software
Software – Acronis TrueImage 2012
Hardware – external hard drive – USB, eSATA, Firewire
Overview
I recommend imaging all PC systems. Imaging the system is easy, and fast (1GB/min typically). Imaging software takes a ‘snapshot’ of your computer. This snapshot can be used to restore your system automatically. By restore, I mean if your hard drive dies, you can install a new drive (same size or larger), and restore *everything* in one operation – Operating System (Windows), applications, and data. After the restore, your system will be *exactly* where it was when you performed the backup.
In addition, the image can be used to restore individual files and folders, but more importantly, if your system is compromised due to a virus or system problem, you can restore the entire system back to a known, good state.
Acronis (and other imaging software) can be configured to image your system on a schedule (Friday nights for example). You can also setup the software to automatically shut down your computer after the backup is completed. I typically do this monthly on all our computers, setting up the jobs before I got to bed and having the system shut down.
We have three external USB drives – one reserved for my business systems, and two for home systems. All my backup drives are encrypted (I use Bitlocker). I recommend selecting a hard drive with enough capacity to hold at least two backup images for all your systems.
Reference links
Rosewill RX-358 V2 BLK (Black) 3.5″ SATA to USB & eSATA Enclosure w/Int.80mm fan
http://www.newegg.com/Product/Product.aspx?Item=N82E16817173042
Acronis True Image Home 2012 – upgrade and special offers often available from Acronis
http://www.acronis.com/homecomputing/products/trueimage/
Acronis TrueImage Home 2012 from Newegg
http://www.newegg.com/Product/Product.aspx?Item=N82E16832200030
Buffalo Technology AirStation N300 Wireless Router and AP Model WZR-HP-G300NH
My trusty Linksys WRT54G running Tomato firmware appeared to be dying. My upload speed, as measured by speedtest.net, was in the range of Kbps instead of Mbps. Download speeds were inconsistent, in the rage of 10 Mbps to 14 Mbps.
I researched a ton of routers, and my criteria was to have two radios, support 802.11N, and QoS. I also wanted it to support bridging, AP, and act as a repeater. Devices I considered, included Netgear, Cisco E4200, and the Buffalo N300.
I’m delighted with the Buffalo N300, which I picked up from Amazon for $65. Setup was very easy. I didn’t use the automated install software, I just connected to the router directly and configured the router since I was familiar with the DD-WRT software (v24SP2-MULTI (03/21/11) std).
The router web interface was a bit sluggish initially, but after the initial configuration was completed, and it was running for 15 minutes it became much more responsive.
I haven’t used any of the client connection features, and connected manually. All our wireless devices connected seamlessly, and one test call on our VoIP phone worked. I won’t have time to test our Roku and Netflix streaming until the weekend, and will test VoIP calls, including international, later this week.
Initial speedtest.net results below:
Before – Linksys WRT54G
After – Buffalo N300
UPDATE: Google “advanced sign-in security”
When you bump into people at a funeral discussing e-mail security problems, you know it’s a mainstream issue. A woman we were chatting with just spent the better part of two weeks restoring access to her MSN account after she received a variation of the “Mugged in London” scam. The result was someone hijacked her account and she had to work through MSN to restore access.
Just like Facebook’s support for SSL, using two factor security for Google is something everyone needs to implement.
The process is detailed on The Official Google Blog – Advanced sign-in security for your Google account.
The process is called 2-step verification – this allows you to link your account to your mobile phone, a Mobile application (Google Authenticator on the Android), and printable backup codes that you can keep in your wallet. In addition, you can have application-specific passwords to supposed access on your smartphone.
If you’re running Google Apps on your smartphone, I recommend doing this all at once – it will eliminate password prompts and confusion later.
The process also provides a summary of Connected Sites, Apps, and Services that have access to your Google Account. In my case, this includes paulbegley.com access to Blogger, pulsememe.com (Google Reader), google.com (Google Calendar), and tweetdeck (Google Buzz). I had forgotten about setting up Pulse access to my RSS feeds on Google Reader, but it was a good reminder.
You can revoke or renew access at any time using the 2-step verification process.
UPDATE: Note that once you enable advanced sign-in security, you may need to generate a new password for third party applications. I ran into this with Feeddemon, but it was a simple fix:
- In Google, sign in and go to My Account.
- Click on Using 2-step verification
- Go to Application-specific passwords
- In the section “Generate new application-specific password”, enter the name of the application (Feeddemon for my example), and click “Generate Password”
- A unique password will be generated containing four four character, alpha-numeric characters. Paste this into the password prompt for your application, and you will be authenticated.
User registration
Due to ‘bots registering fake users, I just disabled new user registration. I’m not sure how I will handle this moving forward, but I want to allow comments, I just don’t want 20 fake accounts created each day.
Stay tuned.
Stop Paying for Windows Security; Microsoft’s Security Tools Are Good Enough
Stop Paying for Windows Security; Microsoft’s Security Tools Are Good Enough
I have been using Microsoft Security Essentials since it was in beta. It does a good job, with very low overhead, and high rate of accuracy, including malware and Trojans.
If you use Security Essentials, keep your workstation patched, and use multiple browsers with ad blocking software, you can feel pretty secure running Windows.
Microsoft Security Essentials
http://www.microsoft.com/security_essentials/
Recommended Firefox Add-Ons – AdBlock Plus
https://addons.mozilla.org/en-US/firefox/addon/1865/
Recommended Chrome Extensions – AdBlock v2.0
https://chrome.google.com/extensions/detail/gighmmpiobklfepjocnamgkkbiglidom
Malware as twitter password reset
Wow. This caught me by surprise this morning. The message below (forwarded to Google Mail) looks legit, but if you hover over the link, you see it points to a binary (password.exe) hosted on gameroomhaven.com.
Most of the message is legit. The links at the bottom of the post are legit, pointing back to twitter.com. However, the e-mail address in the SPAM is one I only use for a high school alumni site. Based on that, I started to look at the message more carefully and noted the malware link posing as the password reset URL.
Lesson here, don’t click on links in your e-mail without verifying the source.
Using the Google Mail ‘Show original’ feature (drop down in upper right corner of each message) showed the source code for the message where the malicious URL is obvious. A snippet from the original below:
Hey there. Can't remember your password, huh? It happens to the best of us. Please open this link in your browser: http://www.gameroomhaven.com/password.exe This will reset your password. You can then login and change it to something you'll remember.
