Core Computing Blog

The Malware We've Been Warned Would Come Is Here

Make sure you're patching your systems. Or call us and we can take care of all of your patching needs for you.

A NEW STRAIN of ransomware has spread quickly all over the world, causing crises in National Health Service hospitals and facilities around England, and gaining particular traction in Spain, where it has hobbled the large telecom company Telefonica, the natural gas company Gas Natural, and the electrical company Iberdrola. You know how people always talk about the Big One? As far as ransomware attacksgo, this looks a whole lot like it.

Read the full article here.

https://www.wired.com/2017/05/ransomware-meltdown-experts-warned/

Continue reading
0 Comments

Tech Helping Domestic Abuse Survivors

We think of tech as social media or business functions. But tech could serve a higher purpose. It could save lives.

"One afternoon three years ago while her children were playing in a park, Kristin Mathiesen was nearby trying to use the precious moments she had to organise a way to leave her abusive partner.

“I had set myself a target to leave him,” she explained. “I only had a few minutes to make the call to the refuge but it turned out I needed to make a couple more calls including a national helpline because there wasn’t a suitable room, it was so much hassle. I didn’t have a smartphone to research anything quickly and in the end I just booked a hotel.”"

 Read more:'I had minutes to make the call': the tech helping domestic abuse survivors

Continue reading
0 Comments

Oh, Those Russians Again...

If you have Kaspersky antivirus on your PC, you may want to rethink that decision and choose another. I don't want to be political on this blog, but there's some scary privacy issues here.

From Robert Reich on Facebook - Sunday, April 2, 2017  (https://www.facebook.com/RBReich/?hc_ref=NEWSFEED&fref=nf):

 

The noose tightens.

1. Recall that after former Deputy Attorney General Sally Yates was told recently by the White House she didn’t have clearance to testify before the House Intelligence Committee, and then, when she said she was going to do so anyway, Devin Nunes, the Republican chair, cancelled last week’s hearing.

2. One of the people Yates was planning to discuss was former National Security Adviser Michael Flynn.

3. Last week Flynn asked for immunity from prosecution in return for spilling some beans.

4. Now we learn that last week the White House asked Flynn to “amend” the financial disclosure form he turned in months ago before he was named Trump’s National Security Advisor.

5. Guess what? Flynn’s “amended” disclosure, released yesterday, lists income from Flynn's consulting firm, whose clients are not revealed, as well as income from several Russian firms that he had left out of his original form -- including the cyber-security firm Kaspersky Government Security Solutions.

6. Kaspersky makes some of the world’s most widely used anti-malware programs, and has documented ties to Russian intelligence agencies. The company’s founder, Eugene Kaspersky, was educated at a KGB-sponsored cryptography school, and worked as a Russian intelligence agent. An investigation by Bloomberg Businessweek in 2015 found that the company frequently used data collected from its hundreds of millions of customers to aid Russian authorities -- including the KGB’s successor, the FSB -- in criminal investigations. Since 2012, many high level positions at the company have been filled with former Russian military and intelligence agents.

7. In December, Russian prosecutors charged a manager at Kaspersky with treason, saying he and two Russian information-security officials were “interacting” with U.S. intelligence officials, according to a defense lawyer in the case.

Continue reading
0 Comments

The Russians are coming...for your Mac?

We've been recommending anti-virus and anti-malware software to our clients for a year or more now. But we still get pushback on it. For the longest time, we Mac users had been free from the worry of hacking and viruses and other assorted malware. But those days are gone (and have been for a while). Enter the Russians...

The Russian hacking group APT28 has created malware that targets Macs. The malware uses Xagent which, on the Mac, is a backdoor to the system. It can be used to execute file or to log passwords, amongst other things.

How does this actually happen? Well, not being a programmer I can't give you a detailed explanation. What I can tell you, though, is that one way it executes itself is by taking advantage of a vulnerability in MacKeeper. You know, that software that is advertised as a protection and cleanup suite for your Mac? It's sneaky too...sometimes you don't even realize you've downloaded it. It shows up on speedtest.net and looks just like the kind of button you should click to start your test. Yes, even I have gotten taken by the ploy. It's not a fun experience and it's, somehow, always surprising when it happens.

Our advice, as always, is to be very careful where you go on the internet. Pay attention to everything that's clickable. And if it doesn't come from the Apple Store and you didn't go looking for it specifically, don't download it.

And always always always, if you're not sure...call us.

Read more about the hack here: https://www.macrumors.com/2017/02/14/xagent-malware-targets-macs/

Continue reading
0 Comments

Starbucks and Alexa

I don't know how secure these things really are. There is disagreement as to whether they are listening all the time or not. The consensus, though, is that we pay for Amazon Echo and our other IoT devices with more than our money. We pay with our data. Whether or not you choose to participate in the Internet of Things or not is up to you. But I encourage you to think long and hard before jumping in for the mere convenience of being able to say, "Alexa, order me a grande no-foam-triple-double-espresso-with-a-shot-of-hazelnut-carmel-topped-latte." 

http://mashable.com/2017/01/30/starbucks-alexa-pickup/#i.vs_7BisiqX

Continue reading
0 Comments

Smart TVs and ransomware

We've seen it in computers...hackers lock up a user's data and hold it hostage for some fine in, usually, bitcoin. But who would have thought their tv could get infected?! 

From the article below: On Christmas day, a family member of software developer Darren Cauthon received an unwelcome gift. According to Cauthon, that person “downloaded an app to watch a movie” on his or her LG smart TV, and the device froze soon after. When it rebooted, it was stuck on a screen purporting to show a letter from the desk of FBI Director James Comey, one claiming in subgrammatical English that the device had been locked up for “your attendance of the forbidden pornographic sites.” To make good, the letter warned, the device’s owner would have to pay a $500 fine.

Read on:

http://www.slate.com/blogs/future_tense/2016/12/28/ransomware_reported_on_smart_tv.html

Continue reading
0 Comments

AT&T Debuts Call Protect Service

AT&T today announced Call Protect, a complementary service aimed at protecting its users from automated phone calls, also referred to as robocalls. The service debuts five months after the U.S. Federal Communications asked wireless companies to offer free robocall blocking services. 

The service offers two solutions to stop robocalls. It can automatically block numbers suspected of fraud at the network level, preventing them from reaching your phone entirely, or it can deliver the call from a suspected number with a fraud warning on the display. The latter feature requires the user to be in an area with HD Voice support. 

AT&T customers can activate the feature via their MyAT&T account or by downloading the AT&T Call Protect app. The app allows users to look at call details, receive spam warnings, block specific numbers and turn on and off Automatic Fraud Blocking. 

Read the full article here:

http://www.macrumors.com/2016/12/21/att-call-protect-blocks-robocalls/

Continue reading
0 Comments

Update: Evernote Changes Its Mind

Just a day after Evernote released its new privacy policy stating that its employees could read users' notes and data, the provider rescinded that portion of their policy.

Evernote's CEO, Chris O'Neill, said, "We announced a change to our privacy policy that made it seem like we didn’t care about the privacy of our customers or their notes. This was not our intent, and our customers let us know that we messed up, in no uncertain terms. We heard them, and we’re taking immediate action to fix it."

"We are excited about what we can offer Evernote customers thanks to the use of machine learning, but we must ask for permission, not assume we have it. We’re sorry we disappointed our customers, and we are reviewing our entire privacy policy because of this."

However, there are certain circumstances in which particular Evernote employees may still view users' notes such as responding to a warrant or investigating violations to their Terms of Service. Users have no ability to opt out of this. 

So, the news is better on the Evernote front I wonder if this will leave a sour taste for Evernote users, though. 

Continue reading
0 Comments

Machine Learning and Its Practical Impact

From SAS (http://www.sas.com/en_us/insights/analytics/machine-learning.html) -

"Machine learning is a method of data analysis that automates analytical model building. Using algorithms that iteratively learn from data, machine learning allows computers to find hidden insights without being explicitly programmed where to look."

In practical terms, machine learning is what companies use to learn your likes and dislikes. It allows them to market products directly to you that you didn't even know you wanted but can't live without. Ever notice how Facebook always manages to put up advertisements about things that you have JUST been looking at? Machine learning. Ever notice how once you look at a fake news site you see more and more of those suggested to you? Machine learning.

From a day to day perspective, machine learning can be annoying. From a security perspective, machine learning should worry you. Here's why (and I quote from http://gizmodo.com/here-s-what-you-should-now-use-instead-of-sketchy-evern-1790104632): "Starting on January 23, 2017, Evernote says the shift to machine learning means the service will collect data and then adjust and offer you services based on how you use Evernote. New reliance on machine learning technologies to improve the service means that “human review is simply unavoidable” in order to 'make sure that our machine learning technologies are working correctly.'”

Sure, you can opt out of the machine learning part of the Evernote update, but you cannot opt out of the humans-can-read-your-goodies part of the update. Our recommendation, therefore, is if you are concerned about other people reading your data, that you remove all your notes and put them into some other application. Here at Core, this is what we will be doing.

For the next couple of weeks we will be testing various options for notetaking. We'll post back here when we have a great recommendation.

Continue reading
0 Comments

A Cautionary Tale, or, Yes Your Mac is at Risk

Over the years many of us in the Macintosh community have gotten a bit complacent. The threats to our system, documents, our computing world have been rare. But I was reminded this week that the incidences might be rare, but they do exist, more so now than ever, and when/if they strike it can be most unpleasant. When we had one of our clients reach out to us this past week asking about a window they couldn’t close, I thought that it might be a good time for a reminder.

This is one of the more common ways to get caught up in some problems that aren’t easily resolved. Below you’ll see a screen shot from the computer of the user who contacted us this week:

Exit Error

One of the problems is that we have become complacent about clicking in windows that pop up. They have become almost part of the landscape, you know they are there, but you rarely pay a lot of attention, you just click. This one got noticed because the default click, “Stay On Page”, won’t close the window and make it go away. When the window wouldn’t close, the user took a closer look and realized there was more wrong than not being able to close the window. Not being able to get out of the window, plus the weird text saying that her Windows (she was in full on Mac mode) is blocked due to suspicious activity (she was trying to open Mapquest) was a bit of a clue that this was out of the ordinary. Thankfully, that’s when we got the call.

So a couple of pointers are in order. First, if you do not have a way to close a window (some of them don’t even have the “Leave Page” option) or a way to exit a program, then you really have two easy choices. One is to call the person who takes care of your IT issues and the other is to simply Force Quit the program (which is another good reason for frequent saves of your work.). The Force Quit function does exactly what the name implies; it forces the program with the funky windows to quit no matter what without having to click on any suspicious buttons. You can get to the force quit command by clicking on the Apple menu in the top left of your screen and selecting the “Force Quit” option. You’ll then get a small window that lists all of the programs currently running on your computer. All you need to do then is to highlight the problematic program (usually a web browser) and click on the Force Quit button on the bottom right of the window. And that’s all you need to do.

In case you’re wondering what would have happened had they not called us but instead had gone ahead and made the phone call requested in the window, here are some likely scenarios.

First, it is almost a guarantee that the person on the other end will need to install some software so they can work on your computer remotely. This gives them permanent access to your machine any time they choose to log on and it won’t notify you of their visit. They usually will then proceed to run some diagnostics (no one has yet been able to tell me exactly what is done), but generally that is done to distract you from the software install. In addition, for this “work” they perform, they will charge you $300, give or take. In the end, the only thing that really happened is you paid them to put software on your computer that gives them complete access. Not good any way you look at it.

In addition to the remote fix ruse, sometimes it will be a requirement that you download a program like MacKeeper or MacCleaner or some such. Those are less invasive in terms of risk, but they are a royal pain in the rear because they reset a lot of your browser settings to direct you to places where your visits equal ad revenue for them. 

But the worst are the ransom ware invasions. In some cases, clicking on these buttons will completely lock up your data through encryption that cannot be unlocked (no way, no how) until you call them up and pay them a ransom of at least $500 to get an unlock key. Even worse is they usually put a deadline on it that will erase your drive if you don’t pay within the time limit. And they mean it.

So the short version of all this is simple. If you see something that you are not totally and completely sure that it is absolutely safe to click on, DON’T CLICK ON IT. Call someone who can help you. If you’re working with a consultant they can usually take care of things almost instantly and before it causes any permanent damage. The same holds true for your internal IT department.

The web can be a risky place, even if you’re going only to places that you have always visited, so remember, be careful out there.

-Jim Vestal

Continue reading
0 Comments

Explaining Elections, or Wandering on the Web

A few days ago I was enjoying a typical visit to YouTube. You know what I mean; someone sends you a link to a video and then over on the right you see a list of about 4 more you want to see, each of which leads to another four or five, and so on. Pretty soon, that little quick visit you took has turned into an hour of watching videos. As I was digging through the video suggestions, I was reminded of another page that I visit regularly that has kind of the same “click through” impulse that pervades YouTube.

It’s called the Scout Report. It’s updated every Friday from the University of Wisconsin-Madison. And what a great resource it is, not to mention fun. Sadly, a lot of the value of the web has been overshadowed in recent years by the strictly social. The social aspects have a great value for sure, but there is so much more to be gained if you know where to look.

That’s where the Scout Report comes in. Each week the Scout Report delivers an excellent list of amazing web sites rich with information. The down side? It’s educational. The up side? It’s educational. And you’ll find yourself clicking away to look at all the linked sites for hours, all the while learning more and more about each weeks focus.

The report for the week of Oct. 28 is particularly timely because it contains a wealth of resources about the history and practice of the election process in the United States. Especially of interest is detailed information about the electoral college. In addition, there is a wealth of links to resources focused on election history, women’s suffrage, voting rights, campaign buttons, polls and so much more.

You can get to the Scout Report here: https://scout.wisc.edu/report. The report I’m referring to above is the report dated October 28, 2016, Volume 22, Number 42, and the link to it is https://scout.wisc.edu/report/2016/1028. Near the top is a list of all the sites and associated links they suggest you visit. A little further down the page you’ll find a brief summary of what you will find at each link. Tremendous resource and one that you can make use of on Election Day so you’ll be prepared to argue with all the news commentators knowing that “Hey! I know this stuff!!” even if they don’t.

The current report (https://scout.wisc.edu/report/current) isn’t focused on any specific topic but it has some incredible resources listed; some educational, some just plain fun. Either way, worth a visit. And I should mention that once a new report is released, the current report is moved to the Past Scout Reports section (https://scout.wisc.edu/report/past) and contain the reports all the way back to 1994. If nothing else it can be fun rummaging around in the early reports just to get an idea of just how much the web has changed. Kind of like digging into a junk/antique shop - you just never know what you’ll find.

If you’re interested, you can always sign up to have the Scout Report delivered to your email inbox each week at this link: https://scout.wisc.edu/user/register. Trust me, it’s worth a quick look every week. Takes about 10 seconds to scan it and I promise that you’ll find some stuff out there that will astonish you and amaze your friends.
Continue reading
0 Comments

When Hopes and Dreams Become Reality

When I was growing up, baseball to me was kind of the essence of all that was good in the world. I loved the game. I loved to play it, I loved to study it, I loved following it, I loved watching it. And the essence of all that, the spirit of baseball, all boiled down to a quote from Ernie Banks, “let’s play two.” To those guys back then, yeah, they needed money to live and they fought for raises and such, but not like today. Back then, they would have played the game for living expenses. Back than it was the love of the game that drove them, not the money. 

With the Cubs win yesterday, all of that kind of came back full force. Especially so when I read a Facebook post from Cody Lefkowitz, the 22 year old son of Pam Lefkowitz, with whom I've worked for over 20 years. It’s really more of an essay on baseball than a Facebook post. I’ve known Cody since he was three. There is no one alive anywhere who loves the game more than he does. 

His goal in life is to be a general manager of a major league team. He spent this summer after graduation searching for his next gig and making a few bucks here and there as a Patched Umpire for any baseball or softball league that would hire him. At the moment, he’s working his way up the ladder. He’s got a position as Media Director with a minor league hockey team (http://www.jackalopes.org/) in Odessa, TX where among many other things, he is the on-air broadcaster. He gets paid an intern salary (not much money, LOTS of experience). 

Most importantly, he’s been a Cubs fan all of his life.

Here’s his post as it appeared on Facebook today, the day after the Cubs won the 2016 Series. (Quick note for those not familiar, “Zayde” is the Jewish term for grandfather and “Bubbie" for grandmother. Dudley was and Shirley still is, two of the most die hard Cubs fans who ever lived.) Anyway, here it is:

=========
From Cody Lefkowitz:

"I can't believe it. It's only been 22 (Almost 23) years in my lifetime, but I feel like I was there for the full 108. My heart has been broken. I've cheered, I've screamed, I've cried. I couldn't have asked for anything better. EVERY... SINGLE... BIRTHDAY wish in the past 22 years has been for a Cubs World Series. I go to petting zoos just to feed the Billy Goats in hopes that the baseball gods would look upon it and it would be enough.

I've gone through the Stages of Grief and the only thing left is acceptance... I still can't believe it. From 1,232 miles away, I'm dressed head-to-toe in Cubbie Blue, wearing my W flag as a cape, because this team is full of heroes. Every last one of them.

From the goat, to the black cat, onto Bull Durham's Buckner-esque play, all the way to Bartman, I've stuck with this team. Everyone says we did this for Harry, and while he is the Poster Child for the Cubs, he is not Cubs baseball.

This team did it for the legends that have left us: Gabby Hartnett, Hack Wilson, Jack Brickhouse, Ron Santo, and Ernie Banks. They did it for the legends that are still with us: Andre Dawson, Fergie Jenkins, Billy Williams, Ryne Sandberg, Kerry Wood, Sammy Sosa, Greg Maddux, and Mark Grace. This team has come in to debunk these "curses" and defy the laws that have been set for them.
I think about my love for the team and my love for the game in general. It's all thanks to my Zayde. 10 years ago, he was taken, but from the start, he's been the biggest fan. Him and my bubbie had season tickets for years. Not only did they do this for the legends, but they did this for the most legendary fans any sport has to offer."

=========

Below is a pic posted by his oldest brother, Jesse. Cody is third from the left. All three boys are in Cubs gear. Jesse, the oldest brother is second from the left. Randy, the middle brother is on the right. On the left is a mystery guest (or at least a mystery to me.)

14915694_10107098798971888_6389127283773743327_n.jpg

- Jim Vestal

Continue reading
0 Comments

An ounce of prevention…

Your IT needs are driving you nuts. You aren’t sure when - or who - to call for help, what to update, what not to update. Hey… is this a virus, trojan, worm, ? How dangerous is it? What do I do about it? My email or backups or maybe even your server isn’t working.

If you run a business, you know the dilemma. Staffing an IT department often isn’t cost effective. But then, neither is having your executive assistant act as your IT staff. Every minute a member of your staff is doing IT work is time that they aren’t helping the company in your core business.

Which brings us to the proverb referenced in the title of this blog entry, ‘an ounce of prevention is worth a pound of cure’. That, in a nutshell, is the essence of managed services.

Properly done, a good managed services provider will make your IT support almost invisible. They do it by providing proactive support to prevent issues from appearing in the first place. It might include virus protection, email spam protection, email services, software updates, security updates, backups, file sharing. On the rare occasions when you need something special, a good provider will have a ticketing system in place that will reach a member of their team immediately and deal with whatever issue you are having quickly and efficiently.

One of the wonderful things about technology today is that no longer is it required that a tech be on site for every little issue. In today’s world, remote tools are very effective. Now, it’s possible for a support person to be actively engaged with the problem computer in under a minute. In most companies that’s faster than an IT staffer could walk to the problem.

But the real beauty of all this is that almost all of this is done after hours and done remotely. No longer will your workday be interrupted by someone coming around to update a piece of software. You won’t be faced with mountains of spam mail, your backups are always done (and done offsite for maximum protection), not to mention all of the other services usually provided in the managed services package.

A good provider will put together a package that consists of a core suite of tools and tasks that will take care of all of the basic IT needs. And a really good provider will be able to find, implement, and maintain solutions specific to the way you run your business. Email, onsite and cloud backups and storage solutions, constant monitoring of your environment and general support. It all comes in one package, at one price, which makes budgeting for your IT needs incredibly easy.

Continue reading
0 Comments

A Caution About Apple's Auto Download of Sierra

In a significant departure from the past, as of this morning (October 4, 2016), Apple has changed their methodology for upgrading your Mac’s operating system.

Today, if your Mac is able to run Sierra, Apple is now pushing out the update without asking permission. This is going to surprise a lot of people and many users will be confused about what to do. The good news is that even though Apple downloads it, they don’t automatically install it. However, they do open a window that asks the user for permission to install, but based on experience we expect a lot of users to approve the install without being totally aware of what they are doing. 

Again, this is something that is not unusual, but it does carry some risk. Many updates and upgrades to software, including software from Apple, will often have issues on various machines and in different environments that Apple didn’t anticipate. In other words, bugs, and sometimes they are bugs that will stop your ability to do your work. This is a major reason why the better IT providers prefer to control software installations. It is their job to know what works and what doesn’t, and by knowing that, they are able to keep your computers up and running and make sure your company continues to be productive.

Historically speaking, every operating system upgrade brings unanticipated problems, some of which can have a big negative impact. This is why we always recommend NOT installing operating system upgrades and updates when they are first available. It’s best to let it wait for at least a week or two before moving forward. In the case of major upgrades from one system version to another, we have found that it is best to wait for the second or even third update to the new OS before doing the initial upgrade. 

So the question now is, how can you avoid having Apple download software on your computer that you may not want or need. And by doing so, helping you to avoid accidentally clicking through and letting it install when you really didn’t mean to.

There are a couple of simple things that you should do.

First, click on the Apple menu in the top left corner of your screen. Select “System Preferences” and click on it. In the case of older operating systems (OS X 10.8 and older) when System Preferences opens, click on the Software Updates button and make sure that the option for automatic updates is NOT checked. If it is checked, click on the box to uncheck it. When you’re finished, it should look something like this:




In the case of newer versions of Mac OS X (10.9 and later) you will have a preference pane called App Store Preferences which controls how your Mac does updates. When you find that button, click on it to access the settings and click the boxes to look like the window below:



In both cases this will leave your system ready to install security updates when released, but will still allow you to decline any downloads that Apple wants to push to your system. And if you really want total control, you can simply uncheck the option to Automatically check for updates. This will completely stop any automatic updates of any kind from Apple.

Second, if your Mac has already downloaded the installer for Mac OS X v. 10.12 (Sierra), should you see a dialog box appear asking if you want to upgrade to the new version of the Mac operating system, do NOT allow it to install. If you have already allowed it to install, don’t worry… you computing world is not in danger of collapsing. It’s just that this initial release of Sierra is just a little too bug ridden for comfort. In our opinion, we would like everyone to wait a bit longer to avoid any unnecessary issues. I’d rather have you wait for version 12.2 or 12.3 before doing the upgrade. If you are having issues with your Mac under the system that you currently have installed, let me know and we can talk about a solution.

For those clients of ours who are under our Managed Services plan, you can pretty much disregard this post as we will have already taken care of everything for you.

If you need clarification on any of this or want some help with taking care of this task, just let us know and we will get together on a phone call and get things configured to suit your needs.

We can be reached during office hours at 847-675-3513 or 24/7 by sending an email to This email address is being protected from spambots. You need JavaScript enabled to view it..
Continue reading
0 Comments

The 25 best hidden features and tricks in your iPhone's latest update

Business Insider recently posted an article on iOS 10 we thought you might be interested in! Click the link below to read the article.

25 Best Features of iOS 10

Continue reading
0 Comments

Over The Hill or Just Over IT

On July 9, 2014 I gave a presentation at the PSU MacAdmins conference on the topic of staying viable in your IT career entitled "Over The Hill or Just over IT".These are the slides from that presentation. file File Name: Aging-in-Tech.pdf Fi...
Continue reading