remote-support

Home

Digitalwelcomemat industry news, PC hints, IT tips and more

Eset has released a short security Ebook

ESET, the security and antivirus software provider, has released a short security Ebook entitled 'Social engineering handbook'. Its worth keeping up to date on this information even if it isn't new to you. It good to refresh your thinking on the topic. Security should be a perpetual focus.

Staff/User education is an important part of security also (...and they love it)

Get it here: https://digitalwelcomemat.com/files/ESET_Social_engineering_handbook_v6.pdf
 

  1825 Hits
  0 Comments
1825 Hits
0 Comments

BitLocker data encryption may be happening without your knowledge

BitLocker data encryption may be happening without your knowledge, that means that your automaticity getting extra security from Microsoft without any effort required on your part, but also a caution...

When you add an outlook.com home user account to a new Windows PC as part of the initialisation (as Microsoft now requires) Microsoft can/will/may auto-encrypt the hard drive with windows BitLocker. It does this without asking or telling you. It associates the long encryption key with your Microsoft account (normally a hotmail.com or outlook.com account) and stores the encryption key under your account on the web.
The reason that they do this is to make your PC more secure so if the hard drive is removed from the PC or laptop it can't be just plugged into another PC and have data read. While this is good in theory, forcing data encryption on unwitting home or small business users without asking or telling them I don't feel is a good policy. In an enterprise IT environment significant planning and testing would be implemented before even considering(!) encrypting the data. Having data is no use whatsoever if you can't access it.
There are a few things that can go wrong, under certain circumstances you PC may prompt for the key before stating Windows and if you don't have it your never (never ever, EVER) getting your 30 years worth of data back. Here are some examples:

  • Sometimes Microsoft just doesn't store the key (yes, I have seen it!)
  • A random Microsoft account may be used to setup the PC (for example a service providers account) then a local or domain accounts may be use from that point onward, in 5 years' time you may not know which Microsoft account was used or have access to it to find the key.
  • What if you get hacked and locked out of your Microsoft account?


So what should you do? That's difficult, I'm not going to 'recommend' that you deliberately use 'less security' than you could but here are some thoughts.

  • At least now you know, you've been warned
  • Consider going on to https://account.microsoft.com/ and printing out your BitLocker key and putting it in a safe place
  • BACKUP ALL YOUR DATA periodically to an independent medium or location


A PC that just sits in a factory, contains no data and/or just connects to a remote desktop session does NOT need BitLocker turned on its an unnecessary overhead.

  1922 Hits
  0 Comments
1922 Hits
0 Comments

Email scam, don't click

Email scam, don't click...

  1923 Hits
  0 Comments
1923 Hits
0 Comments

Office 365 antispam issue

I have encountered an unusual and concerning Office 365 antispam issue today. A customers emails with PDF attachments to an Office 365 mailbox have been 'silently' blocked (quarantined) by O365 because they had a PDF that contained a big pond (Telstra) email address in the footer. After a [long] period of investigation removing the big pond email address resolved the issue. The reason that was given by Office 365 was "Detection technologies: URL detonation reputation".

My biggest concern with this is that MS was 'quarantining' the email which means they weren't letting the recipient know that there was an email and wasn't letting the sender know that it wasn't being delivered. To me this breaks the fundamental rules of how email is meant to work. Either it should be delivered, or you should get an error message bounce back. This issue only occurred in the last week, the customer has been sending the same PDF for more than a year.

I will take this up with Microsoft and see what they say. My concern is how many other users have been sending PDF documents or quotes out to customers that contain emails or links that have them silently not delivered.

Note this finding is based on all the evidence I have been able to gather to-date.

  2082 Hits
  0 Comments
2082 Hits
0 Comments

Don't plug a heater or other high current draw appliances into a UPS

Don't plug a heater or other high current draw appliances into a UPS:

With winter upon us I wanted to remind you not to plug a heater or other high current draw appliances into a UPS (uninterruptable power supply). A UPS is a 'box' that contains a battery and some electronics to allow for a limited amount of 'runtime' for your computer if the power goes off. They have the ability to deliver only a relatively small amount of current (stated in its VA/Watt rating) anything beyond that will overload the UPS, shut everything off and possibly cause damage.

Examples of equipment that should *NOT* be plugged into a UPS

  • Laser printers
  • Heaters
  • Air conditioners
  • Photo copiers
  • Paper shredders
  • Vacuum cleaners
  • Kettles/jugs, anything that cooks or heats food
  • Hair driers, curling irons

The only things that should generally be plugged into the UPS are computers, networking equipment (switches routers etc) another other small sensitive electronic equipment such as EFTPOS terminals and similar.

Plug your 'high current draw' devices direct into a power-point/wall socket, some experts suggest these should not even be plugged into a power board either for fire safety reasons.

Example UPS units
  1920 Hits
  0 Comments
1920 Hits
0 Comments

Bad email, don't click

This is a typical example of a phishing email. If you click on the link the bad guys will harvest your username and password and start using them to access you email inbox, send emails or worse.

This is a 'obvious' fake email, but people keep getting caught out so I will keep reminding you. Admin and management staff, consider sending this information on so your staff can be reminded.

Multi factor authentication on your Microsoft account will mitigate the impact of being fooled into clicking this. Talk to me if you want this turned on.

  2432 Hits
  0 Comments
2432 Hits
0 Comments

Password popups due to Microsoft changing the office 365 authentication method.

Some users are reporting a persistent password popup in their mail application this morning, this is due to Microsoft changing the Microsoft/Office 365 authentication method and requiring 'modern authentication' by default.

If you are using Outlook 2013 this can easily be solved by changing\adding a Registry setting in Windows which is normal and 'IT support level' change:

(more details here https://learn.microsoft.com/en-gb/microsoft-365/enterprise/modern-auth-for-office-2013-and-2016?view=o365-worldwide)

This can also be easily pushed out by 'group policy' if you have a Windows domain.

If you're seeing this in another mail app for example on your phone this will require further investigation and planning.

Alternatively, some authentication methods can be turned back on again but Microsoft has made this change to improve security.

Here is some further reading on the subject:
https://techcommunity.microsoft.com/t5/exchange-team-blog/basic-authentication-deprecation-in-exchange-online-september/ba-p/3609437


  2575 Hits
  0 Comments
2575 Hits
0 Comments

Windows updates 21H2

I advised last week that there were problems with the 21H2 Windows update from Microsoft. Microsoft has reported that the 'MSI install issue' is resolved now with another patch. As far as the Intel sound card driver conflict goes this is a Windows 11 only issue so Windows 10 users can allow updates to naturally instal now as usual. If you put a 7 day pause on your windows updates they will automatically begin again in a few days.

For Windows 11 users MS has setup a compatibility block so the offending upgrade shouldn't auto install however they say 'We recommend that you do not attempt to manually upgrade using the Update now button or the Media Creation Tool until this issue has been resolved and the safeguard removed.

Here is the link if your running Windows 11 and want to track this issue:
https://docs.microsoft.com/en-au/windows/release-health/status-windows-11-21h2#2746msgdesc

For those customers where I manage Windows updates via Windows Update services, I have now release the 21H2 update for Windows 10 as it resolves a number of vulnerabilities.

Just a reminder about allowing Windows updates to install, I strongly recommend logging off each evening and restarting your computer once a week. This allows a few things to happen which should enhance your computing experience as well as allow for better security. I also recommend leaving your computer on overnight at least once per week to allow installs to complete (that is if you don't leave it on all the time anyway)

Some of the befits of logging off and restarting:

  • It allows windows updates to auto-occur when they are needed, at least on a 24 hour basis.
  • Logging off closes all your programs/applications which releases all the memory back to windows to be 'cleaned-up' and reused, it closes all open programs and resolves any transient 'weirdness' that may be happing. 
  • Restarting does the same as logging off but it also does same for system processes and Windows services
  • If you have roaming user profiles setup in your organisation data is only saved back to the servers when you log off, if you have a power outage before that time data may be lost.
  • It forces you to clean-up, save your documents and close off the clutter. It could be just me but I can't see how having 15 word documents open at the same time for a month helps with productivity! (but perhaps that's just me:-/ )
  3035 Hits
  0 Comments
3035 Hits
0 Comments

Backup for home data

Every now and then someone asks me about a backup strategy for home, this is my current recommendation. I suggest you investigate what's suitable for your own environment before making decisions.

Macrium reflect free: Full *system* backup, install and run this periodically even if only once when you get a new PC and its fully setup. This allows you to go back to a working state if you get virused or you have a hard drive failure or a bad windows update.

https://www.macrium.com/reflectfree
Cost $free

Notes:
Make sure you make a "rescue disk" on a USB thumb drive when you install the software

Backblaze: Continuous backup of all^ *data* files to the internet for off-site cloud/internet storage. Unlimited storage

https://www.backblaze.com/cloud-backup.html
Cost US$70 per year

Notes:

  • May not be suitable if you don't have good internet
  • May not be suitable if you don't have unlimited internet
  • Doesn't keep "versions" (at the base cost)
  • Backups files only stored for 30 days after deletion
  • ^Check that it *IS* including that weird folder location that your [insert weird software product name here] is using
  • Hint: Make an automated copy of all your data to one "always-on" PC in the house and you can back up an unlimited number of PC's

Remember all PC's will fail eventually, there is a good chance that you will eventually lose all your data if you don't have some strategy in place.

EXTRA NOTE:
saving all your data on an external hard drive is NOT a backup. That's just data on an external drive, which is arguably more susceptible to failing that your actual PC. A backup is a second copy of your data.

  3060 Hits
  0 Comments
3060 Hits
0 Comments

Spam phishing messages

A example spam/phishing message, obviously don't click on these:

From Wikipedia, the free encyclopedia
Phishing is a type of social engineering where an attacker sends a fraudulent ("spoofed") message designed to trick a human victim into revealing sensitive information to the attacker or to deploy malicious software on the victim's infrastructure like ransomware. Phishing attacks have become increasingly sophisticated and often transparently mirror the site being targeted, allowing the attacker to observe everything while the victim is navigating the site, and transverse any additional security boundaries with the victim.[1] As of 2020, phishing is by far the most common attack performed by cyber-criminals, with the FBI's Internet Crime Complaint Centre recording over twice as many incidents of phishing than any other type of computer crime.[2]

  3496 Hits
  0 Comments
3496 Hits
0 Comments

Recommended answers to the "stay signed in to all your apps" question for Office 365

Recommended answers to the "stay signed in to all your apps" question for Office 365:

When you connect to or interact with Microsoft office 365 in some way using your PC or laptop, such as when you setup your mail in Outlook, you will often get the popup below asking you if you want to "remember your account". While this may seem like a reasonable idea, unless you explicitly know what this is will do and want that to happen I strongly suggest you chose "no, sign in to this app only".

This will avoid some potentially undesirable consequences such as "binding" your PC to your organisations Azure active directly security for administration, setting up for you files *not* to be saved to your PC or network share by default, but instead being saved to your organisations online "SharePoint" server. If this happens by accident these and some other consequences will need to be reversed, sorted out, and things put back where they belong.

This is also why I also recommend that all PC's are initially installed as standalone PC's with a local administrator account.

If you're a digitalwelcomemat customer, your organisations centralised security and file store won't be Microsoft Azure or SharePoint so there is no advantage to using this Microsoft "feature".

  3613 Hits
  0 Comments
3613 Hits
0 Comments

Digital Pacific Phishing attack underway, do not click

 Digital Pacific Phishing attack underway, do not click (see image below)...

  2459 Hits
  0 Comments
2459 Hits
0 Comments

Another 2 Seagate hard drives failed....

Another 2 Seagate hard drives failed.... what, again? I hear you ask

  2726 Hits
  0 Comments
2726 Hits
0 Comments

Hard drive monitor software

Yes, your hard drive will fail and all the data will be lost, it's just a matter of time.

Based on my experience, hard drives are the component that fails the most out of all the internal PC components (second would be the internal power supply) especially older style platter hard drives, imagine an old record player spinning the and playing the same record for 3 -5 years 24 hours per day that's essentially what the hard disk has to do. 

You should assume that your disk will fail "at any moment" and strategize your backup, duplication or redundancy strategy based on that assumption.

However even with good strategies in place it can still be still painful and expensive when a drive fails. I have recently added hard drive monitoring software to my standard recommendation for mission critical systems and really any other PC that can't be replaced by a simple reimage, "the accounting lady's PC" is a good example of a unique complex system where a disk failure can be very painful and costly.

My recommended software for this purpose is HD sentinel (https://www.hdsentinel.com)

See the screen shot below for an example of the display you can opt to have this open at startup and or monitor and email is there is any issue. Note also for server's its able to "see through" the RAID array and monitor the disks directly*.

For HD sentinel professional:

  • A 5 computer license is USD $53 (lifetime license)
  • or USD $29.95 for a single PC/server

As always investigations will need to be made about licensing and general suitability for your environment.

This blog post has been provided for the benefit of digitalwelcomemat IT customers.

Treat this information as informative only and do not take actions or make decisions on the basis of the information contained here. All IT decisions and actions should be made after consultation with your chosen IT professional taking into account all the of the relevant factors.

  3002 Hits
  0 Comments
3002 Hits
0 Comments

Recovering a deleted file

Every now and then I get asked this question:

I deleted my file can I get it back?

[For traditional drives not a SSD with TRIM...] When you delete a file it doesn't actually delete it at all, it just removes the bit of information from the storage "Index" or "table" that records where the file is located and that it exists.

Theoretically if you use some special undelete software straight away and nothing else has happened on the storage device you can get your file back 99% of the time*. 

HOWEVER: as soon as the bit of info in the storage "Index" or "table" is deleted, that also marks that space free and available to be overwritten with data again. Unfortunately that "nothing else has happened on the storage device" scenario seldom exists so there is only a chance that you will be able to reasonably recover the file. As soon as data is written over that spot on the storage it's a LOT more to get the original file back.

So if you want to recover a deleted file it needs to be done ASAP preferably before you start to write more data files to that storage drive.

There are a million undelete software programs out there some are outright virus\malware, some say they are free but aren't, some you have to pay for, and a very few are legit and free. I suggested testing any new and unknown software in an isolated environment before you start installing random internet software in your everyday PC.
  2922 Hits
  0 Comments
2922 Hits
0 Comments

Issues with Netflix performance?

Issues with Netflix performance? Check your internet speed direct from Netflix by using this Netflix tool:

https://fast.com/

  4501 Hits
  0 Comments
4501 Hits
0 Comments

Don't get scammed, hover before you click...

Don't get scammed, hover before you click...

  4384 Hits
  0 Comments
4384 Hits
0 Comments

Laptop purchase price vs satisfaction index

Laptop purchase price vs satisfaction index; Although this *is* an accurate indication of my experience in terms of feedback received, this information is meant to be taken as tongue-in-cheek. Make your own investigations and consider your own unique needs and preferences and don't rely on this information for your purchasing decisions.
 

  4678 Hits
  0 Comments
4678 Hits
0 Comments

Office 365 support scam (suspected)

If you receive an unexpected support request or offer for help from "Microsoft" its probably a scam. Here is one of the more sophisticated ones, so much so that I cant tell without detailed digging if it is or isn't a scam (well I have a pretty good idea). This content was contained in an attached PDF.

If in doubt don't click, so I have taken my own advice.

  4851 Hits
  0 Comments
4851 Hits
0 Comments

Router reset?

Just like the IT crowd (https://www.youtube.com/watch?v=t2F1rFmyQmY) sometimes the solution *is* turning it off and on again and that applies to the modem router as well.

We sometimes use various phrases to say shutdown and restart, phrases like; Reset, restart, power cycle or reboot. What is meant by all of these is restart or, shutdown wait a few seconds and then start-up again.

What we DON'T mean is reset the device to factory defaults either via a hardware button or via the web interface.
By the way even if Telstra tells you to do a factory reset don't do it then either unless the helpful level 1 Telstra tech support person is planning to drive to your home or office to re-set it up for you.

  6040 Hits
  0 Comments
6040 Hits
0 Comments

Welcome:

digitalwelcomemat now has a blog!

Subscribe for the news as it happens, call me for support on 0404 493 770 or access my remote support solution here: http://help.digitalwelcomemat.com/

Digitalwelcomemat provides IT consultancy and services for business customers on the NSW Central Coast in Australia.

Search

Articles

Contact:

Give me a call: 0404 493770

Go to top