Spring PC Cleaning

June 6, 2014 by Andy Thompson

It’s spring time. What a wonderful time of the year. We tend to feel energized from a restful winter season and it’s time to take on chores that were neglected or “to do” items that set the stage for our busy endeavors ahead. One of these tasks is cleaning your PC so that it runs efficiently. Believe it or not this process does not have to be equivalent to tearing one’s hair out and it can be very fast using the right tools. In the end you may have two important chores accomplished – a better organization of personal files and dead weight that we can refer to as “clutter” is removed.

We’re going to start off with some information on clutter and how to assess how much free space you may have on your PC. Keep in mind that you may have plenty of free space and still have plenty of clutter on your PC. Assessing the situation can help in determining how your PC is performing and how well it responds to some clean up!

Clutter – Time to Clean

By “cleaning” we are not talking about throwing away things that may have some importance. We are referring to removing what can be considered clutter and organizing files we want to keep. By doing so we can not only improve the performance of the PC but make our lives a lot easier in terms of accessing the files and data we need.

Step 1: Assess

Assess space needs – how much free space do you have remaining. Most of us take pictures and movie files on our cameras and download them to our computer. These add up over time and need to be stored in a safe place (or at least duplicated to your external hard drive in the event you do have sufficient space).

To assess the file space needs you can do the following:

1. Open the Start menu and select Computer. (Some Windows OS systems label this “My Computer” and with Windows 8 you have to type: “this PC” when on the Start screen and select “This PC” from the search results.)

2. Locate your hard drive. This is Local Disk (C:) or Windows (C:) for most computers.

3. View the free space that is displayed for the drive. Tip: you can also right click on the drive and select Properties to see a pie chart of the used and free space.

For most computers there is typically a large amount of storage for your files and you may have a lot of free space available. If you still feel that it has been a while since you have removed unwanted files and, maybe, you feel that your PC is a bit sluggish in some ways.

Typical symptoms of poor PC performance include:
• Slow startup time.
• Slower times to open programs, save files, close programs, and perform regular operations.
• Computer freezes or locks up. This means that your PC does not respond or stalls as if waiting for you to do something. It can be more frequently experienced when more than one program is running at a time.
• Computer crashes or shuts down on its own.
• Redundant programs can lead to excessive action behind the scene (taking up PC processing).

If your feel any of this applies to you and you want to take advantage of a clean PC system, we highly recommended removing clutter from your PC.

Step 2: Backup

Begin by backing up and organizing files (media files especially) that need to be put on to an external hard drive. This article deals with removal – permanent removal – of unwanted items. The key is “unwanted”. We strongly recommend that you make a copy of all files that are important to you. The price of external hard drives makes this a no-brainer and hard drives available these days are often more space than what the average person needs – some are now terabyte in size (1,000 GBs). The added advantage of having a good backup and storage strategy is that you are working toward optimizing free space on your PC.

Recommendation: Try out Microsoft’s Sync Toy. This free tool makes synchronizing your files fast and easy. You can avoid duplication and feel assured that you haven’t missed backing up all your files.

Step 3: Deal With the Junk:

There are files that get onto your computer without us even knowing how they got there. Here’s how they likely got there:

Unwanted files get stored on your PC when you browse the Internet. Web browsers produce caches of files when you surf the net.
Unwanted files get stored on your PC during downloads. Programs create Temp folders and files to temporarily use during an installation.
Remnants remain when you uninstall. Items are not always removed when uninstalling programs. This can happen even after you have successfully completed the un-installation of a program. These are sometimes referred to as “orphan” strings and files which are left in the registry and on the hard drive.
Getting files in email attachments and installing applications from the Internet. Some of these become outdated or are not put into use.

These unwanted items build up from regular day-to-day activities. The result of too many junk files and unnecessary programs is that these items take up disk space and can use available memory thereby resulting in PC slowdown and unexpected behaviours. Maybe the real question though is: how do you best remove these especially when considering that it is a task that you need to do periodically – it’s not a one-time fix.

Use the Right Tool

We are looking at simplifying the process by using automated tools that do the job quickly and efficiently. PC Clean Maestro is designed to clean and remove unwanted items such as recycle bin items, temporary Internet download files, items in the Windows Temp folder, and other cache and system files. All of these items and more can be scanned and cleaned. After performing a quick scan a complete summary is provided and the total size of the junk items is tallied up. In some cases, this can add up to gigabytes of “junk” and can account for 5 -10% of your disk capacity.

With PC Clean Maestro (the free functionality of PC Clean Maestro) you can remove junk files and uninstall programs so as to free up space. By doing so you clear up PC clutter which can bog down the system and lead to poor system performance. Some best practices are provided so that your experience can be simplified and more trouble-free.

Note: If it has been a while since you last opened your PC Clean Maestro you may have a message displayed asking you to update to the latest version. Receiving free updates are part of what is offered with the registered version package and the update is fast!

The Instructions: There are three areas of cleaning that can take place using the Clean Tool. We are staying focused on the free aspects of PC Clean Maestro. The following instructions detail how to remove Junk files from your PC.

First you need to open the program. The window will appear as seen here:
Select items to clean. We are going to focus on Junk items only so clear the checkboxes for Personal Security and Privacy. You can then review and select any of the items in the Junk section (Installer Files, Log Files, Temp Files, etc.).
Note: You can refer to the help file for instructions on how to display all the individual items that are categorized. You can also get information on the three state check box system.
Initiate the scan using the “Start” button.
Review and Clean. A summary of the scan is displayed including the number of detected items found in each category, the size that can be reclaimed, and a “Details” link. The link will provide the complete list of items found and the location of each item. You can clear any selected items before moving on to the next step.
Clean. Click the “Clean” button to permanently delete these junk items.

Best Practices:

Create an automated schedule. Use the Options button in the Main window and select the Clean Scan Schedule. From here you can configure when you want an automated scheduled scan to run.

In Summary – Lean & Clean:

We’ve covered the basics of cleaning your PC and we’ve introduced one aspect of PC Clean Maestro. It’s also great to know that anyone can use all the functionality presented here for free. There are many other features relating to security and privacy that are available for registered users and we will provide steps and tips on how to use these in our articles.

We hope this article has helped gain some insight and offered you some effective strategies on cleaning your PC. We will continue to provide story lines like this that benefit all of us and we will describe them in a manner that is within reach of everyday computer users. If you have some ideas of topics you would like us to cover, email us at: newsletter@compuclever.com

Tech Support Fraud

April 9, 2014 by Andy Thompson

Have you ever played that “Whac-A-Mole” game? It’s the one where moles pop up out of a hole and you bonk them on the head and down they go. It doesn’t matter how many you bop on the head – they keep popping up. That’s pretty much how it is with fraudulent phone call scams. There have been some fines handed out to companies and individuals engaged in these scam activities, but they still keep popping up again and again. If you have ever had one of these phone calls you would agree – the callers are convincing.

We’re going to start off with a description of how this scam works followed by legal action taken against the scammers, and recent activity. Following this we will offer advice in terms of what to do when getting called and what to do if you or someone you know has already had a call and been the victim of technical support fraud.

Description

A tech support scam involves a variety of “confidence tricks” that include part-truths, outright lies, and some aggressive sales pitches. It typically involves someone calling you on the phone and posing as a computer support technician, quite often, from a well-known and reputable company. For example, Microsoft’s name gets thrown in during the early going of the phone call. Other times they pose as support technicians from security companies like Symantec or McAfee or from computer manufacturers such as Dell. The next part of the call moves quickly, most likely to avoid you asking anything about their credentials. They begin to dupe you into believing your computer is infected by taking you on a wild goose chase on your PC.

Fundamentally, this is where many people who have not heard of this kind of scam will succumb as they feel that someone, that is technically capable of offering assistance, is here to improve their computer functioning in some manner. Quite often what the caller will do is to guide you through opening up folders to a location on your computer where you can view a Windows log of errors. Suffice it to say, all Windows operating systems record errors that are harmless and can be considered low-level errors that are not particularly harmful.

Now the sale pitch begins and the caller instructs you to download software or to allow them to remotely access the PC. The con artists will charge for their “help” and have you pay them for useless software. Often the software is not only worthless, it may include malicious software designed to steal online account information and passwords.

An Example:

To see a video example of a tech support scam in action we suggest checking out a video created by a senior security technician, Jerome Segura, who gets a call and not only plays along with the scam but records it in action.^[1] If you want a written description of a call that was stopped short in its tracks… read on.

What They Get

First, let’s take a look at what you get out of this exchange. While you may think you get a better performing PC and some peace of mind, what is more likely is you haven’t gained much of anything or you have put yourself at risk. It’s quite often the case that the software they downloaded to your computer is typically something that can be downloaded for free or they have created it but it does not remove malicious software at all. In fact, there is a potential that the software is malicious. It may be designed to provide remote access to your computer at any time and provide the scammers with the means to gain access to your personal and financial information.

No matter what the payoff is – the goal is to make money from the transaction in some manner. So who is the target and for how much?

…tens of thousands of English-speaking consumers in the United States, as well as Australia, Canada, Ireland, New Zealand, and the United Kingdom, were conned by bogus technical support operations–largely based in India–into paying between $49 and $450 for fake services.^[2]

Refund scams: Another scam involves having paid for tech support services and getting a call about a refund. In this scam the goal is to get your personal financial information, like your credit card or bank account number. Sometimes it will be several months after the purchase before you get a call asking if you are pleased with the service. When you state you are not, they offer you a refund. Alternatively, the caller may start by saying that the company is going out of business and is providing refunds for warranties and other services. No matter how it starts out, eventually you are asked for a bank or credit card account number or you are asked to create a Western Union account. They might even offer to assist you by remotely accessing your computer to help you fill out the necessary forms. Instead of putting money in your account, they withdraw funds.

Taking Action – FTC

The Federal Trade Commission, or FTC, is an independent US agency that works for consumers. Its mission is consumer protection; to prevent fraudulent, deceptive, and unfair business practices. The FTC also provides information to help spot, stop, and avoid fraudulent acts. To this end the FTC has launched a major international crackdown on tech support scams.

At the request of the FTC, a U.S. District Court Judge has ordered a halt to six alleged tech support scams pending further hearings, and has frozen their assets. “The FTC has been aggressive – and successful – in its pursuit of tech support scams,” said FTC Chairman Jon Leibowitz. ^[3]

The FTC chairman at the time went on to say that “tech support scam artists we are talking about today have taken scareware to a whole other level of virtual mayhem.” In May 2013, fines were handed out to three of the alleged perpetrators.

Recent activity

To be clear – this scam goes back several years but it picked up speed around 2010 and continues to go strong despite FTC efforts to the contrary. In fact, in 2011 Microsoft warned Windows users to be on guard and were instrumental in having the FTC file charges against the six scam operators mentioned above. Despite the fines that were imparted, the scam persists and more operators are working the same scam.

More than a year after the U.S. Federal Trade Commission (FTC) heralded a major crackdown on fraudsters posing as Microsoft technical support personnel, consumers continue to receive calls from scammers.^[4]

What are the Odds? You may ask: What are the chances that I will get one of these calls? During the writing of this article this author had received a call with a phone display of: “Colorado 303-442-9287″ It wasn’t the first time receiving a fraudulent call and while wanting to “play along” like what Jerome Segura did in the example above, a different approach was taken. The call went like something this:

Scam Caller (with a foreign accent): “Hello my name is ——— ———- and I’m calling from Microsoft Windows about a problem with your computer. Are you near your computer?”

Author: “Can I get your name and contact information… your phone number?”

<pause>

Author: “You know… it’s a coincidence that you are calling. I am writing an article about tech support fraud. And, I know this is a tech support fraud call.”

Author: “What you are doing is unethical. I know that this is a scam and it is unethical.”

Caller: “We sell software to remove malware.”

Author: “I work for companies that sell legitimate software and what you are doing is tricking people into buying software. It’s unethical.”

Author: “Are you still there?”

Caller: “Yeah.”

Author: “For seniors and for people that do not know better… they are tricked into buying software and it is unethical and in some cases illegal.”

Caller: “Yeah.”

Author: “I have to go” <I was in the process of putting my one year old to bed> “I hope that you can find a better job and I wish you luck in doing so.”

Caller: “OK”

How to Spot the Scam: In this case, the call display number seemed to be legitimate. But, it is important that you do not rely on caller ID alone to authenticate a caller as criminals can spoof caller ID numbers. That is to say, they may appear to be calling from a legitimate company or a local number, when they’re not even in the same country as you. This explains why it sounds as though English is their second language.

Also, it is very rare for Microsoft and most legitimate businesses to make unsolicited phone calls. In a statement provided by Microsoft they clearly state^[5]:

Neither Microsoft nor our partners make unsolicited phone calls (also known as cold calls) to charge you for computer security or software fixes.

There are some cases where Microsoft will work with your Internet service provider and call you to fix a malware-infected computer… These calls will be made by someone with whom you can verify you already are a customer. You will never receive a legitimate call from Microsoft or our partners to charge you for computer fixes.

One of the best ways to detect that this is a scam call is how quickly they proceed. Within the first minutes of the call they will instruct you to your computer and either provide directions or they will ask to control your PC remotely.

What to do…

To fight back, many people try to tie up the callers on the phone for as long as possible or even provide them with fake credit card numbers. We would not recommend stirring the hornet’s nest. We have heard payback stories such as having telemarketing phone calls re-directed to your phone number. It’s far better to be prepared and to defend your ground.

1) When getting a call:

Who is it? This is the first defense against this scam attack. According to the law, telemarketers must tell you it’s a sales call, the name of the seller and what they’re selling before they make their sales pitch. If you don’t hear this information, say “no thanks,” and get off the phone.
When are they calling? According to the law telemarketers can only call between 8 am and 9 pm.
What’s the rush? Telemarketers and scam artists work with momentum. There is no hurry on your part. If you are dealing with a legitimate business they will give you time and can provide written information about an offer before asking you to commit to a purchase.
Is it free? Make sure there are no costs. Often they could be offering something for free but you have to pay for other costs such as support or services. Some of these scams will go as far as instructing you to pay in order to redeem a prize or gift.
Do I give out my billing information? In some cases the caller will be asking you to confirm the billing information they have on file for you. Do NOT give out your billing information or your credit card information! Don’t even confirm that the information they have is correct or they can claim that you approved of the charge.

To Prevent Getting These Calls: Tell the caller you do NOT want them to call you again. You can also enter your phone number on the FTC Do Not Call registry (https://donotcall.gov/). If they call back, they’re breaking the law and you can register a complaint on the same site.

2) Already had a scam call:

Malware? If you feel that someone has downloaded software that is malicious, you need to take action to identify and delete the software using a legitimate security solution. Get started by going here: http://www.consumer.ftc.gov/articles/0011-malware
Passwords? If you gave out any passwords to your PC login system or for online banking – change these passwords immediately.
Credit Card? If you used your credit card to pay for software, services, or for any shipping charges – call your credit card company and reverse the charges. Check your statement or have the credit card provider check for any charges you did not make and ask to have those reversed as well.
Identity Theft? This involves having your personal information stolen and used without your permission. “It’s a serious crime that can wreak havoc with your finances, credit history, and reputation.” Go to this site for more: http://www.consumer.ftc.gov/features/feature-0014-identity-theft

File a Complaint: The FTC offers a complaint assistance site here: https://www.ftccomplaintassistant.gov/#crnt&panel1-1

More “Do Not” Tips:
Here are some basic tips to help in all sales transactions where you feel pressured to pay – even if there is a free gift involved.

Do not give into pressure – you do not have to make a decision right away. Pretend you have a “phone-a-friend” lifeline and call a family member. Or, ask the caller to email or send you mail about the details of the sale. You can also research offers (with the US consumer list^[6] or the BBB^[7]) before you agree to send money.
Do not give out your credit card, banking information, or social security number. Do not even confirm any of this information if they have it and are asking for confirmation.
Do not send cash by money transfer, messenger, or overnight mail. If you use cash or a money transfer you can lose your right to dispute fraudulent charges and the money will be gone. Credit card companies offer some means of defense through a dispute process.

Who Can You Trust

There are companies that work hard to build an ongoing relationship with their clientele. We at CompuClever count ourselves among these reputable businesses. We recommend that you check out more about the companies you deal with by going to their “About Us” page on their website. With CompuClever we accentuate the role of our support and service team for paid customers and we benefit from dealing with issues that come up on your PC system. Take it from us when we say:

Our knowledgeable and friendly Support team is devoted to provide the utmost excellence in customer service. Simply put, we pride ourselves in serving your computing needs and bringing enjoyment to PC computing.

We hope this article has helped gain some insight and offered you some effective defense against these kinds of scams. We will continue to investigate story lines like these that affect each of us on a daily basis and we will describe them in a manner that is within reach of everyday computer users. If you have some ideas of topics you would like us to cover, email us at: newsletter@compuclever.com

[1]http://www.wired.co.uk/news/archive/2013-04/11/malwarebytes
[2]http://www.informationweek.com/security/risk-management/ftc-disconnects-tech-support-telemarketing-scams/d/d-id/1106662
[3]http://www.ftc.gov/news-events/press-releases/2012/10/ftc-halts-massive-tech-support-scams
[4]http://www.computerworld.com/s/article/9244207/Fake_Windows_tech_support_calls_continue_to_plague_consumers
[5]http://www.microsoft.com/security/online-privacy/avoid-phone-scams.aspx
[6]http://www.usa.gov/directory/stateconsumer/index.shtml
[7]https://www.bbb.org/

Facebook Uncovered

March 12, 2014 by Andy Thompson

There is a real and strong allure to joining the crowd on Facebook. Its popularity and set of features makes email look like VHS in comparison to DVD. But… make no mistake – this is a sticky subject. There are many criticisms that have surfaced and we will attempt to sort through these. In doing so, we will avoid getting caught up with information overload. Ultimately each person has to weigh out the pros and cons to make a decision for themselves.

We’re going to start off with a brief description of the history of Facebook and its popularity. From there we present a like and dislike feature set – thumbs up and thumbs down. After that we will offer some general recommendations and alternatives.

First Look

On February 2004, Mark Zuckerberg founded Facebook with his college roommates and fellow students at Harvard University. At first it was limited to Harvard students, but expanded to include colleges in the Boston area and then gradually it included support for students at various other universities before being open to high-school students and then anyone aged 13 and over. When registering for a Facebook account, the user needs to claim being 13 years or older although proof of age is not a requirement. A valid email is required however. You can then proceed to create a “personal profile” – personal data and a profile image that identifies you to other users.

Once you are an active user you can begin to add “friends” who are also on Facebook and you can exchange messages. You also are able to join groups that you identify as sharing a common interest. To date, Facebook has over one billion users although numbers are difficult to ascertain as some of these are considered fake. We’ll cover that later in the article. Suffice it to say:

Facebook is the top social network on the web. Nothing quite compares to it… With all the changes it has gone through over the years and the recent roll out of the Timeline profile, Facebook has always remained one step ahead of everything else on the web.^[1]

With respect to its value, in January of this year its market capitalization rose to over $134 billion. There are over 1.2 billion active users on the site every month and more than 75% of these are mobile device users. As of February 3^rd, the company celebrated its tenth anniversary.

On Top or Losing Ground?

While Facebook is the top social network at present, one study^[2] has shown that teenagers are making the move to other social networking services. While older users continue to saturate Facebook, younger users are making a shift. This younger age group is not so concerned about whether the alternative services are on par or better, and they are not concerned about whether their personal information is being used commercially or as part of surveillance practices. It would appear that the biggest motive is that youth of this age group are getting friend requests from their parents and are looking for more freedom to express themselves.

However, for those over 18 in the U.S., Facebook remains the king of social networking. It is reported^[3] that 71% of adults in the U.S. are using Facebook and among those that only use one networking site, 84% are choosing it as their sole social network.

Thumbs Up

With that many people onboard it’s got to be a good thing right? Well let’s point out some of the positive aspects of social networking and Facebook.

Connected: While many of the posts and newsfeeds are full of items that are specific to one person and speak to what they are having for dinner or some sporting event they are attending, there are news feeds that relate to current events, personal health tips, and social injustices that may not be covered by news media. This form of passing news stories is gaining acceptance as even mainstream media reports on the particular social news items that go “viral” in terms of being shared by many people worldwide. Many of these items are posted in an attempt to gather as much “likes” as possible and to simply be shared perhaps in an attempt to be noticed.

Regardless of the content, it is a way of being connected to what over a billion people find interesting. Some of the news items may not even be covered by top media broadcasting corporations. The fact is, Facebook is a way of connecting:

On January 2014, during the week previous to the company’s tenth anniversary, chief operating officer of Facebook, Sheryl Sandberg, clarified: “He [Mark] always said Facebook was started not just to be a company, but to fulfill a vision of connecting the world”.^[4]

Another benefit to Facebook users is being able to reconnect with friends you might not have seen since your early high school days. For some, this may not be such a desired feature depending on who sends you a friend request. However, it does provide the ability to do a search for long time friends you may have lost touch with.

Rights and Responsibilities: Facebook clearly points out the agreement between you and them in a Statement of Rights and Responsibilities.^[5] In this they state that your “privacy is very important” and they provide a link to the Data Use policy. If you go down the rabbit hole you can get to the page: “Information we receive and how it used”.^[6] It is a long page of information but you can get a full description of the data that you make available to Facebook and how you can choose to adjust your settings so that it is shared by the public or shared only among friends or some customized filter. The real issue for some people is this one item:

For content that is covered by intellectual property rights, like photos and videos (IP content), you specifically give us the following permission, subject to your privacy and application settings: you grant us a non-exclusive, transferable, sub-licensable, royalty-free, worldwide license to use any IP content that you post on or in connection with Facebook (IP License). This IP License ends when you delete your IP content or your account unless your content has been shared with others, and they have not deleted it.

Two positive aspects can be stated here: for one, Facebook is very thorough in laying out these terms. With some items such as safety, account security, and protection of other’s rights, Facebook points out that they cannot do it alone (for example, they cannot guarantee to keep Facebook safe). They elicit the commitment of their users to not bully, to not post content that is hate speech, pornographic, or is violent. They ask that upload material is free of multi-level marketing, viruses, and malicious code. They also emphasize that you will not post other’s personal identification or sensitive financial data. The list of these items is a lengthy one and, while there is some policing of what is displayed, to a large part the ethical participation of its users is required. Secondly, these terms can, and have, been subject to change based on user feedback.

Creation of Groups: Say you have a group of people you want to connect with – family, friends, a social group of some kind. You can easily create a group and invite them to join. Once everyone is all aboard you can have a central place to swap stories, post links, and share photos and video. This is so much easier than trying to get messages to a group by email. The down side… everyone needs a Facebook account and not everyone wants to join up for one reason or another.

With this in mind… we look at the aspects of Facebook that are not favorable.

Thumbs Down

There are a few items that stand out as being difficult to some people when signing on and getting tangled in the Facebook network and these need to be understood.

Backing out: While there are a few hoops you have to jump through to get a Facebook account started, we find opting out to be even a greater challenge. When you want to deactivate your account your profile and “Timeline” disappear and people will not be able to search for you. However, there is some information that remains including messages you have sent and Facebook saves your information including friends, photos, interests, and the like. They do this in case you change your mind and want to come back. To permanently delete your account “with no option for recovery” you have to log in and contact them. What users have found is that they need to manually delete the content that they have posted and shared. As pointed out by Wikipedia^[7]:

In the lifespan of its service, Facebook has made many changes that directly impact its users, and their changes often result in criticism. Of particular note are the new user interface format launched in 2008, and the changes in Facebook’s Terms of Use, which removed the clause detailing automatic expiry of deleted content. Facebook has also been sued several times.

Zeus: A report last year^[8] pointed out how a somewhat nasty malware called Zeus, was being used from Facebook. Zeus is a Trojan horse that stays dormant on your computer until you log into a bank site and then it steals passwords and empties the bank account. Facebook was notified of this but according to the report their response was not sufficient.

Fake Accounts: There are many reports about fraudulent Facebook accounts.^[9] In these situations, an imposter uses another person’s profile such as name, photo, and personal information in an attempt to access the victim’s friend list. The reasons for doing this can include attempting to data mine you or even to attempt an emergency scam with your friends and family. For example, “This is Joanne. I’m in Cancun and I just got mugged and need some money sent to me right away”). If this happens you need to report it to Facebook (https://www.facebook.com/help/167722253287296/) right away.

Fake Likes: One other area of criticism is how Facebook’s revenue is based on false likes. There are those that may want to promote their Facebook page so that more people can view it. Pages can be created by businesses or individual creators. The creators of these pages post items and these posts can appear on other Facebook member’s news feed. However, they can also be filtered out based on what you have previously disliked and liked. This means that your posts that you create to share with your online community could be going out to only a small subsection of your overall friend’s network. Posts about baby’s and weddings get the most likes and comments. Facebook offers the option to pay for greater exposure but critics^[10] claim that these “likes” are coming from developing nations and there isn’t a real interest in the page. While filtering is necessary so that you do not see 1500 posts each day, some suggest that the algorithm logic for this filtering does not provide diversity and a random selection of items.

The Rest of the List: A list of criticisms is sited in Wikipedia, several of which have been from concerns raised in previous years of operation. The list includes the following:

Widening exposure of member information.
Cooperation with government search requests (Facebook participated in the NSA Prism project).
The possibility of data mining and surveillance.
Facebook addiction.
Psychological effects such as bullying.
Identity theft (it is very easy to create an account and impersonate another individual).
Security issues such as a trick referred to as “likejacking”.

It would take considerable research and follow up to see what steps Facebook has undertaken to improve these issues. As stated they do respond to feedback and we can only hope that they continue to do so. Ongoing research looks to gain deeper insight into the social effects of Facebook. From the same wiki page:

Many studies have attempted to discover whether Facebook has a positive or negative effect on children’s and teenagers’ social lives, and many of them have come to the conclusion that there are distinct social problems that arise with Facebook usage.

Ownership and Use of Content: There have been many who have stated their disapproval of Facebook because what they believe to be a loss of ownership of data when posting or sharing. It should be clear that Facebook states in their Statement of Rights and Responsibilities, that users retain ownership of posted content. What needs to be clear is that users grant Facebook the following: “you grant us a non-exclusive, transferable, sub-licensable, royalty-free, worldwide license to use any IP content that you post on or in connection with Facebook”. This is why deletion of content is so important to those who want to delete their account and remove all personal information.

Alternatives

There are alternatives to Facebook. Here is a short list (and we do mean short list – these networking sites pop up very frequently).

Google+: This is a fairly good alternative to Facebook with similar features and it is the second largest social network in the world.

Pintrest : Create and share visual “bookmarks” for planning trips, sharing recipes, organize events and more.

MySpace: Owned by Justin Timberlake this site has a strong music emphasis.

Reddit : Participants submit links and posts that are voted on to determine the position of the post on the site’s page.

Twitter: Good for texting messages limited to 140 characters.

LinkedIn: A social network for professionals.

Keep in mind that alternatives to Facebook will take time to get used to if you are accustomed to Facebook. Also, you may not get the same level of friends that you can connect with. This is likely why there are those that are signed up on more than one.

The Final Chapter:

Social media tools such as Facebook offer such potential in terms of correspondence, staying informed, and participation in online community. The challenge is to take part in shaping it as it evolves. The information that is particular to each of us personally and to the members of our families needs to be regarded with reverence and handled with privacy. We can shape these tools to meet our needs with ongoing feedback.

Considering the time and effort a person can dedicate to these and to staying connected to others via mobile devices… is it any wonder there is growing concern about levels of real, face-to-face social interaction? Is it any wonder this is generating considerable research? Is there any wonder that some people question how meaningful online friendships are when having up to, or over, 1000 friends is the norm? And is it any wonder that there is some doubt as to how well we are able to function without the steady influx of digital information? Likely the best we can do is to get onboard but to give ourselves real and meaningful breaks from the pull of networking on a massive scale.

We hope this article has helped gain some insight about a rather all-encompassing and dichotomous subject. We will continue to investigate these kinds of story lines that affect each of us on a daily basis in a manner that is within reach of everyday computer users. If you have some ideas of topics you would like us to cover, email us at: newsletter@compuclever.com

Hack, Hack

February 13, 2014 by Andy Thompson

Yes it is cold and flu season. But we are referring here to another kind of viral risk – online hacking. It has again crept into the news and hit some of us right in the pocketbook. We explore two recent hacks that have had an impact on the financial security of millions of users. While not much information is released as to how these attacks occur – perhaps so as to not promote further offenses – we can focus on the effects of these attacks and what can be done to protect ourselves. A counter measure to these breaches is the onset of new technological security advances. It can be a challenge for us to keep up with it all but we endeavour to understand it and explore the options.

There have been two recent hack attacks: one that compromised Yahoo mail users and another that targeted Target credit and debit card information. We will begin by looking at the Yahoo attack and provide some password recommendations.

Yahoo Hack

On Jan 30th Yahoo, the second largest email provider with 273 million accounts, confirmed an attack and announced that malicious computer software was able to access a list of Yahoo Mail accounts’ usernames and passwords. Although details were not provided they point the finger at a third-party database compromise. The statement was made:

Security attacks are unfortunately becoming a more regular occurrence. Recently, we identified a coordinated effort to gain unauthorized access to Yahoo Mail accounts. Upon discovery, we took immediate action to protect our users, prompting them to reset passwords on impacted accounts^[1].

This type of cyber crime has been considerably more prominent in recent years. Identity theft can put your financial earnings at risk should an intruder gain access. Hackers focus on theft of passwords as people frequently use the same password for multiple accounts and these stolen credentials may provide access to one’s finances.

Recommendation:
You need good passwords and effective management of passwords. Some tips we have provided here are as follows:

Create a password that is both easy to remember and that is difficult to guess. There are many tricks to this including memory hooks (using the first letters of a popular saying or rhyme), number substitutions (using “1” for the letter “l” or “!” for “I”), and personal formulas (including a birthday with a phrase for example)^[2].
Use different passwords. Although it can be difficult to recall numerous passwords you do not want to use the same password for your banking as you do to log into Facebook. If a single password is compromised it could lead to loss of finances. When creating passwords you can use memory hooks associated with the site or service. For example, for a banking password you could use a combination of initials and letters that are meaningful and still difficult to guess or to hack. If your name was Jane Smith you could have: “tlpwttb@nkJ5” using the memory hook of “this little pig went to the bank” and J5 for the initials.
Create passwords that use a combination of letters, numbers, and that are long enough – at least 8 characters. Ideally you should have 12 character long passwords… but of course, you still have to rely on memory.
Change your password when you feel it has been compromised. You need to be careful not to share out your passwords or have them written down somewhere. If you must keep them in a Word file or spreadsheet, name the file something that does not have the word “password” in it.
Keep your password private! Do we need to spell it out? Don’t share it or print it out and leave it next to the computer. Let’s look at an example. Marko uses the password: “w3Lc0m3!HERE”. This is a good password with a memory hook “welcome here”, it uses numbers and symbols, and 12 characters long. However if this was broadcasted on national television during the pre-game show of Super Bowl 48, you can bet it was compromised and needed to be reset^[3].

One final point… many people feel that they are safe as they have an anti-virus application running on their system. There is a false sense of security that can come from feeling completely safe and protected by having an anti-virus tool. It would be a bit like having a very secure PC system complete with firewall and anti-virus protection and then emailing your credit card details to someone. Also, keep in mind that your information can be made available as described in the hack examples provided in this article.

Target Hack

If you feel safe with the anti-piracy system you have set up – and granted, you are less of a target for attackers – consider how much time and money large corporations put into their protection systems. Yet, we continue to hear of online violations. Wouldn’t you think that those that have been the victims of an attack would have greater immunity?

StoreExterior2013_610x343 — Credit: Target

In 2005, Target was among a list of retailers that suffered an attack that resulted in the theft of millions of credit card numbers. In that attack, Target was reported to get off easy as only a limited number of credit cards were stolen. On Jan 30th of this year, another Target cyber attack was made known to the public.

What Was Stolen: The heist began in November 27th. For two weeks 40 million customer credit and debit cards were stolen from the company’s point of sale system. This data was unencrypted and it took until December 15th before the intruder’s presence was detected. There were also 70 million customers who had personal data stolen including names, addresses, phone numbers, and email addresses. Some of these were the same victims of the credit and debit card theft. In all 11 gigabytes of data was sent to a system in Russia.

Who Is At Fault? One question comes to the forefront – who is to blame? Surely these established retailers have secure systems in place and what about the standards that they need to adhere to?

The security measures that Target and other companies implement to protect consumer data have long been known to be inadequate. Instead of overhauling a poor system that never worked, however, the card industry and retailers have colluded in perpetuating a myth that they’re doing something to protect customer data — all to stave off regulation and expensive fixes^[4].

If proven to have not properly secured its network, Target will have to pay out millions in fines to card companies.

Authentication: Have you ever wondered what happens when you pass your credit or debit card to purchase some groceries? For small business, the transaction goes to a third-party processor to determine whether to send it for authorization. Larger organizations typically use their own processor in such a manner that the information from these transactions travels from the store to a specific destination on the corporation’s network and then once processed it goes off to the proper destination for authorization. The Payment Card Industry (PCI) standard does not require the company to encrypt this data when transmitting over their own private network – only if having to travel via the public internet. The focal point for companies like Target is to secure the passing of information on their private network.

Target was likely using such a secure channel within its network to transmit unencrypted card data. But that wasn’t good enough. The attackers simply adapted by employing a RAM scraper to grab the data in the point-of-sale device’s memory, where it was not secured^[5].

PCI DSS: There is a Payment Card Industry standard in place known as PCI DSS created specifically for organizations that handle cardholder information for major debit, credit, ATM, POS, and other credit and financial transaction cards. This standard stipulates explicit requirements that companies dealing with payment card transactions adhere to proper firewall, anti-virus, and most importantly, data encryption when storing or transferring financial data via a public network.

Despite this being in place, the Target hack occurred. Post-breach investigations show that hacked companies are frequently not in compliance. And, what about the blame game – remember Yahoo blaming a third-party database? With the standards in place, companies are required to obtain regular security audits from third-party businesses. Even if a company manages to gain a level of compliance, it could be that these third –party audits are riddled with inaccuracies and system vulnerabilities are available to hackers.

The challenge with implementation of security standards is that these measures are costly for organizations to implement and can potentially result in a longer transaction time which would adversely affect sales and frustrate customers. So what solutions are being offered to you so that you can better prepare yourself?

New Advances

There are new counter-measures and novel technologies hitting the market to address these issues and, rest assured, you are going to be hearing more about them. We will introduce three of these and we will point out their shortcomings and make one recommendation – with the others we will simply say “watch and wait”.

Password Managers: There are a whole host of password managers hitting the market to address being able to help organize and remember your passwords for you. They work by encrypting the password and storing it on your system in a local database. Many have automatic form filling capabilities to fill in the user and password credentials for you. A good password manager is capable of detecting a site that is fraudulent and using phishing techniques (designed to gain personal data or credentials), or other form of cyber attack.

Shortcomings: While these applications are convenient, users are at risk if their computer is left on or their device is stolen. Password managers typically use a master password but again, this requires the user to come up with a good password that cannot be hacked or easily guessed and in some cases, these master passwords are not encrypted and vulnerable to cyber attacks. In some cases, accessing unencrypted passwords can be extracted when the data is swapped to memory of the user’s hard drive. We recommend looking into all the functions and capabilities of a password manager before trying one.

Recommendation: At first we thought it would be a challenge for us to suggest a Password Manager application as there is a lot at stake. We soon found that one stands out: RoboForm (http://www.roboform.com/). This program includes support for all types of platform such as Windows, Mac, and mobile devices. It is not a free solution but it is under $20 and you get a single license that is good for all your computing needs including all your computers and mobile devices. While it does not have phishing capability – you will have to rely on the security provided by your browser for this – it does have automatic form filler and encryption technology.

Biometrics: This is also known as biometric authentication and it is likely something you have seen in several movies. It involves identification of human traits or characteristics such as fingerprint, iris recognition, face recognition, voice, and much more^[6]. Ease of use is likely the greatest advantage to this form of authentication.

Shortcomings: While it may seem very sci-fi and high-tech, biometric devices can be compromised with what is known as replay attacks and forgeries. An example would be stealing electronic versions of your fingerprints. There are other concerns as well. It was reported that a Mercedes owner had a finger cut off to gain access to the vehicle^[7]. Another drawback is being able to change the biometric data in the case of compromise.

There is considerable potential to this system and we will see more of this form of security. Some predict that by 2016, 30% of companies will be using some form of biometric security. The bottom line is that it should be used with a Personal Identification Number (PIN) or password so as to have a two-part authentication.

New Smart Cards: The latest in smart card technology can be found with credit and debit cards that use the EMV standard; EMV stands for Europay, MasterCard, and Visa. These cards are also known as IC cards or integrated circuit cards. Companies such as Visa, MasterCard, American Express, J Smart, and Discover/Diners Club International are beginning to implement these. The early reports suggest that there is a reduction of fraudulent infractions and improved security. You do have to remember a PIN and authentication is further enhanced with cryptographic algorithms. Transactions are reported to take less time than our existing credit card authentication.

Shortcomings: There are vulnerabilities to this EMV card technology including harvesting PIN’s and cloning magnetic stripes. If you are interested, go to this Wikipedia page to find out more. Since June 2012, EMV has been introduced into the US but it appears to be in its infancy and there are those that remain skeptical about the ability for merchants to update their systems and support this so consumers can use smart cards to do their transactions.

Recommendation:

Some of these new technologies seem a bit daunting when you first encounter them. What we suggest is to simply be familiar with them and be aware as they are more adopted into our daily computing and banking practices. Once the dust settles with the emergence of any new technology we are more likely to safely venture forward where others have previously experienced pitfalls. One thing to take from this article is to get a handle on your passwords and keep your online banking as secure as you are able with proper password protection.

We hope this article and the information provided here have brought you up to speed on potential security risks and what is being made available to counter these cyber threats. We will continue to introduce new technologies in a manner that is not beyond the reach of average, everyday computer users.

[1] Important update for Yahoo Mail useres
[2] http://idtheft.about.com
[3] ZDNet.com
[4] Wired.com
[5] Wired.com
[6] Wikipedia.org/wiki/biometrics
[7] http://news.bbc.co.uk

Looking back and moving forward

January 17, 2014 by Andy Thompson

During the year 2013 we covered a wide range of topics and moving forward we think there are many suggestions and recommendations that can be used in dealing with PC issues you may be facing right now. So, we embark on a two-part adventure: to review the best of our articles and to highlight what PC tips and tricks you can take advantage of immediately. What better way to step up to the plate when asked: What is your New Year’s resolution? We hope it’s to take charge of your computing needs so that your PC works for you! This summary of our top PC stories for us is a celebration of a year’s correspondences to you our readership.

The following topics include our top stories that we find will give you an upper edge on PC good practices and regular use:

Security & Privacy

Digital security – updates and trends
Edward Snowden hit the news this past year and opened up a whole can of worms in relation to surveillance and the reams of digital information that is readily available. Our information article broached the subject of the digital universe and our level of exposure to surveillance. We have become participants and are increasingly more involved in the creation of digital information that can be accessed from online means. We need to ask the question: With the amount of focus directed at gathering digital information can we feel that our private data – including financial data such as credit card information – is in fact secure? Read the full article…

How to protect your privacy
Not only did we reference Edward Snowden but also major companies like Facebook, Twitter, Amazon, and Target and how each have used technology to track and monitor activity. In our How To article we provided five steps to being more PC secure. We looked at: 1) How to make your web browser more secure, 2) email security, 3) data encryption, 4) virtual private networking, and 5) clean up. The last item is likely the most important – no one can access what is not there to begin with. Read the full article…

Backup Your PC

Are you ready for Cloud Storage?
There has been considerable attention given to “cloud” storage and we delved into this topic with both feet. The beauty of this topic is that we have, in other articles, made reference to backing up data to another location and cloud storage is one method of backup of items. We would suggest backing up items that are difficult to replace; a backup copy of family pictures for example would be ideal to store “in the cloud”.

Cloud Storage: In basics terms, this is a method of storing data on servers that are made publicly available through an Internet connection (in the cloud) rather than having the data stored locally on your PC.

We covered the basics of cloud storage including: reasons to use cloud storage (sharing files or backing up data), cost, size, access and more. Read the full article…

Choosing an online storage solution
We also looked at some of the free cloud storage that is made available to anyone. All of these are starting places and any of these storage offerings may suffice for one’s basic needs. Cloud storage can be used as a means of preventing data loss – although by itself it is not sufficient enough in our minds. We find the best use of this technology is to take advantage of the ability to share files. While we outline several cloud storage providers we give the thumbs up to Dropbox as our top pick. Read the full article…

A free local PC backup solution
We brought up the importance of backing up your PC in several articles. The act of backing up your data is a daunting task when considering the numerous files we create and modify on a daily basis. Even making the attempt to manually synchronize files is something we would not do. A viable alternative is to use a free synchronization tool called SyncToy.

Our article on this subject contained a lot of information that we were able to present in one file. It included the following: 1) what data to backup, 2) when, why, and where to backup, and 3) how to use SyncToy. The third area offers step-by-step instructions with screenshots. Read the full article…

Clean Your PC

Too much junk? Keep your PC lean and clean
The creation of free space. Hand-in-hand with removing items from your hard drive to is the need to effectively deal with the accumulation of junk files. In our first article we systematically look at:

Potential symptoms: slow startup time, slow launch of programs, computer crashes, freezes, etc.
Cause and effect: unwanted files remaining on your system, uninstalled remnants, orphaned registry items, and more.
Solution: clean and uninstall. Read the full article…

The Clean and Uninstaller Tools
The companion article covers the steps on backing up, using the PC Clean Maestro Clean Tool and the Uninstaller. Not rocket science by any means… just a good, effective management regime. Read the full article…

Speeding up Your PC

Understanding defragmentation and optimization
Likely the most technical articles we have written were on the subject of hard disk drives and optimizing them with the Disk Defrag tool. Despite the complexity of the subject manner we feel this article is a very good synopsis of the process involving fragmentation of data and its impact on hard drive performance.

Fragmentation: is a condition which occurs when files are stored in scattered sections throughout the disk. This is a result of frequently creating, deleting, and modifying files. Read the full article…

How to Defrag Your Hard Drives
Fragmentation can be a bottleneck to system performance. If you are experiencing slowdowns in opening applications and overall responsiveness along with a shortage of overall disk space, you need to look at the Best Practices section and the steps to defrag your system. For those of you suffering from a bogged down system, you will be impressed by the performance gains. Read the full article…

Guard Your PC from Foistware

Understanding Foistware
Funny how the little things can be completely annoying and such a pain in your side! We introduced “foistware” (also known as crapware). The fact is many beginner users find themselves experiencing these fraudulent little annoyances all too easily. In our first article we looked at what you can expect to see including changes to your PC such as a hijacked browser home page, extra browser toolbars, flashing ads, and more. The result is a slower PC; slower performance and a system that has been customized to use a homepage and search engine that you do not want to use. Often this points you to sites with advertisements and warnings that your PC has errors or you need to backup your PC. Read the full article…

Remove Foistware and restore your PC
With our previous article we looked at identifying the intruder and pointing out detection and some hints for prevention. This article follows up on removal and restoration. Getting your PC back to how it was before the foistware invasion occurred is fundamental to a decent solution. After all, your PC was hijacked and you want it to be returned in good working order. Read the full article…

We have enjoyed providing articles that are packed full of useful tips and tricks to get your PC operating in a manner that best reflects how it first performed when you first began using it. We will continue to introduce new technologies in a manner that is not beyond the reach of average, everyday computer users.