Mar 31, 2017

Verizon set to royally screw over their customers with spyware now that Congress voted to repeal privacy restrictions

Congress recently moved to screw over all American's by voting to repeal broadband privacy restrictions allowing internet service providers to actively spy on their customer's internet usage and sell that information to the highest bidder. A few days later Verizon made it known that they plan to step up their douche-baggery by also installing spyware on their customer's smart phones!

From EFF:
Within days of Congress repealing online privacy protections, Verizon has announced new plans to install software on customers’ devices to track what apps customers have downloaded. With this spyware, Verizon will be able to sell ads to you across the Internet based on things like which bank you use and whether you’ve downloaded a fertility app. 
Verizon’s use of “AppFlash”—an app launcher and web search utility that Verizon will be rolling out to their subscribers’ Android devices “in the coming weeks”—is just the latest display of wireless carriers’ stunning willingness to compromise the security and privacy of their customers by installing spyware on end devices.
Isn't that just lovely? Don't worry though, you should be able to stop douchey big brother Verizon from watching all of your phone activity. There are a couple of ways you can disable Verizon's AppFlash.

From The Hacker News:
How to Get Rid of ‘AppFlash’ on Your Verizon Android Phone 
Users can get rid of this bloatware in two ways: you can either root your device and remove the app in question, or only disable the app.
  1. Root to remove AppFlash from Android: Since the company has made AppFlash a default app on the home screen of its Android handsets to help users search content and browse the internet, the app can not be uninstalled.

    So, in order to uninstall AppFlash, you are required to root your Android device and then delete the app from your storage memory.
  2. Disable AppFlash without Root: Since rooting is a dangerous process that void your device warranty, you can simply disable AppFlash.

    Disabling bloatware apps on newer phones is easy, as Android has a built-in way to do this, which doesn't require any root access.

    Just head on to Settings → Apps (or 'Applications' on some phones) → AppFlash. Now open it and click 'Disable,' 'Force Stop' and then 'Clear Data' as well.

I'm not sure how the folks at Hacker News got the above information, but on my Google Pixel I don't have AppFlash installed (Yet) so I can't test disabling it myself. If it's like most bloatware that comes on phones these days, I'm sure they are right though. Let's hope... for privacy purposes anyway.

What do you think about this? Are you ticked off? Don't care? Let us know in the comments!

Mar 30, 2017

How to fix WinEvtLog: Security: AUDIT_FAILURE(4625) caused by Windows Defender

I've written in the past about how I really like the built in Windows Defender as my antivirus of choice in Windows 10 and above. More specifically, I wrote about how to configure it for regular updates and scheduled scans. Well, I recently went back to it on my main laptop and when it kicked off it's first quick scan all of a sudden I noticed a lot of alerts coming from one of my work servers!

The alerts I was seeing were WinEvtLog: Security: AUDIT_FAILURE(4625) coming from our host based intrusion detection monitor.  Our log monitor was also sending alerts saying Microsoft-Windows-Security-Auditing: An account failed to log on. Subject: Security ID: S-1-0-0 Account Name: - Account Domain: - Logon ID: 0x0 Logon Type: 3 Account For Which Logon Failed: Security ID: S-1-0-0. All of the alerts listed my computer's host name as the account that was failing the audit!

Well, it turns out that by default Windows Defender wants to scan network files and network file shares. That's honestly pretty annoying since we have antivirus on those servers already, and I don't need Windows Defender to scan anything except what's on my local machine. It's also annoying because it kicked off all of the alerts!

Well, to disable network scanning is fairly simple. You just need to open powershell as an administrator and run the following:
  • set-mppreference -DisableScanningNetworkFiles 1
  • set-mppreference -DisableScanningMappedNetworkDrivesForFullScan 1
To see what settings you have enabled or disabled you can run the following from powershell to get a list:
  • get-mppreference

As you can see above, network scanning has been disabled. Now when I run a scan, it stays local to my computer only and doesn't kick off anymore alerts!

Did you find this helpful? Let us know in the comments!

Mar 28, 2017

Man possibly jailed forever for not giving up his encryption password

Cryptographically secure pseudorandom number g...
(Photo credit: Wikipedia)
I am a huge proponent for encryption. I'm also a huge proponent for the 5th Amendment which protects you from self incrimination through testimony. Apparently a judge in Philadelphia as well as the 3rd US Circuit court of appeals says the 5th Amendment doesn't apply in this particular case.

You see, Francis Rawls was charged with possession of child porn which is a horrendous crime. The issue here is that in order to make the case against him the police seized a number of devices including some encrypted hard drives. Without the contents of those drives, the prosecution doesn't really have a good enough case to really throw the book at him. Rawls apparently won't give up the passphrase for the drives citing the 5th Amendment despite the court's order, so Rawls is being held indefinitely until he coughs up his passphrase.

From Ars Technica:
On Monday, a US federal appeals court sided against a former Philadelphia police officer who has been in jail 17 months because he invoked his Fifth Amendment right against compelled self-incrimination. He had refused to comply with a court order commanding him to unlock two hard drives the authorities say contain child porn. 
The 3-0 decision (PDF) by the 3rd US Circuit Court of Appeals means that the suspect, Francis Rawls, likely will remain jailed indefinitely or until the order (PDF) finding him in contempt of court is lifted or overturned. However, he still can comply with the order and unlock two FileVault encrypted drives connected to his Apple Mac Pro. Using a warrant, authorities seized those drives from his residence in 2015. While Rawls could get out from under the contempt order by unlocking those drives, doing so might expose him to other legal troubles. 
In deciding against Rawls, the court of appeals found that the constitutional rights against being compelled to testify against oneself were not being breached. That's because the appeals court, like the police, agreed that the presence of child porn on his drives was a "foregone conclusion." The Fifth Amendment, at its most basic level, protects suspects from being forced to disclose incriminating evidence. In this instance, however, the authorities said they already know there's child porn on the drives, so Rawls' constitutional rights aren't compromised.
I'm no lawyer, but from what I can understand from the law surrounding the 5th Amendment and encryption is that it only applies if the police have no idea what's on your encrypted drive, and the only way to find out is by asking you for a password. In this case, they had eye witness testimony that child porn was indeed on the drive, as well as other system logs showing that illegal files were saved on those drives.

Another way the 5th Amendment doesn't apply to encryption is when there is a physical mechanism like a key to unlock the drive. A physical key does not require testimony, and therefore does not require you to testify against yourself to hand that key over.

There is a nice video explaining this here from the EFF:

I certainly don't condone Rawls' actions here, if he indeed does have child porn, but there is a lesson to be learned here for those of you that value your privacy and your rights. Number one, if you want to be able to use the 5th Amendment to protect your passphrase, then you can't have any other un-encrypted "tracks" pointing to what's on your encrypted devices.

What do you think about this? Let us know in the comments.

Feb 14, 2017

4 Software Tools to Help Run and Operate Your PC Like a Pro

We often use cars as analogies for computers, but it's not exactly a 1:1 matchup. With cars, hardware modifications are responsible for improvements, but with computers, both hardware and software can make a difference. Here are four kinds of software tools you can use to run your computer like a pro.

Hardware Monitor Tools

Software tools can help you monitor your hardware to make sure your computer is running smoothly under the hood. Like smartphones, computers generate a lot of heat, with some parts running as hot as boiling water. Heat sinks and fans may be needed to keep your computer from overheating — and if these parts aren’t working correctly, your computer can be at risk of malfunction.

Hardware monitoring tools help you keep your computer’s temperature under control and your machine running right. These tools give you dashboards that display key hardware information, including the voltage and temperature of different parts of your computer, and how well your fans are running. Some of today’s best hardware monitoring tools include HWMonitor, Speed Fan and Open Hardware Monitor.

PC Tune-up Utilities

To keep your computer running at top speed, you need a PC tune-up utility. With constant use, your computer will inevitably start to slow down. Outdated drivers from obsolete apps, archived files you no longer use and large cached data can all slow down your performance.

PC tune-up utilities help fix this problem, automating tasks such as defragging your hard drive, fixing your Windows registry, and deleting duplicate files to free up disk space. Some utilities also have advanced functions such as optimizing your boot process. PC tune-up utilities come in both freeware and premium varieties. CCleaner is a popular free tune-up utility, but PCMag rates iolo System Mechanic as today’s best premium option.

Password Managers

A long password is a strong password, but the downside is that it can be hard to remember. Of course, creating one that's hard to remember makes it tempting to leave that information lying around on a sticky note, which kind of defeats the purpose of having a password altogether. On the other hand, creating a password along the likes of "ABC123" can make it easy to crack.

Password managers overcome these difficulties by automatically generating strong passwords for each site you visit that requires a login. The manager program then saves and inputs your passwords for you the next time you log in, relieving you of the need to type it in each time. Advanced password managers can also remember billing information for credit card purchases. Some managers have other advanced features such as syncing your passwords across all your devices.

Automated Cloud Backups

In an age of rampant cybercrime and ransomware, having reliable backups for your data is a necessity. Without a good backup system, you run the risk of losing all your files at any time. The most efficient way to back up your data is to schedule automated cloud backups. Backing up your data on the cloud allows you an unlimited amount of storage space. Top backup services such as Mozy provide military-grade encryption to ensure your data stays safe in the cloud.

Feb 12, 2017

I admit it. I'm a huge professional wrestling nerd!

PThis isn't going to be a technical post today. It's definitely going to fall in the realm of geekiness though, and it's something I need to get off my chest for some reason. Sort of like alcoholism I guess, one only truly can get help if they admit they have a problem. Then again, like is famously said, it's not a problem if you do it every day!

In all serious though, I love professional wrestling. I am what they say in the business, a huge mark! I am not going to lie and say I've been some super fan my whole life. I obviously enjoyed it when I was a kid in the 80's with Hulk Hogan, Macho Man, The Junkyard Dog, Rowdy Roddy Piper, etc. I stopped watching in the early 90's during my high school years. It was in the late 1998 that got into it again when I was in the Navy. We used to huddle around the TV in our berthing area every Monday and watch Monday Night Raw. It was awesome!

Like an idiot, I got married in 2000, and my wife hated professional wrestling so I stopped watching it for a very long time. When I got divorced in 2014 I decided to see what was going on in the WWE and I was hooked again! Since I became single again, I've also branched out into watching the bigger independent promotions like Ring of Honor, Impact Wrestling, Lucha Underground and most recently WCPW. I can't get enough!

In fact, I am a very active person these days. I like to go jogging every day, and on my jogs I listen to wrestling podcasts like Conversation with The Big Guy, WrestleZone Radio and Talk is Jericho!

Wrestling is Fake

The biggest criticism I hear of professional wrestling is that it's fake. In response to that I always say, it's not fake, it's scripted! In all serious though, everyone knows that matches are pre-determined, the punches are pulled, the kicks are sold, etc. That being said, the risks profession wrestler take to put on their live performance is very real. Jumping off a 20 foot high steel cage and landing on a table hurts. Yes, the table breaks your fall, but it still hurts. Having a 250 pound man land on you from a 20 foot fall also hurts very much. I'll say it again, the risks are real.

Shane McMahon Elbow Drop Off Hell In a Cell at Wrestle Mania 32

Not only do some of these stunts hurt, they also sometimes end careers. Here is a video with a young Steve Austin in Japan performing a pile driver incorrectly and breaking Masahiro Chono's neck in 1992.

The ironic thing about that is that Steve Austin later in his WWE run would also suffer a career ending neck injury when Owen Hart botched the exact same move.

The pile driver has effectively been banned in WWE because of this sort of thing. They still allow a less risky version of the pile driver known as the Tomb Stone pile driver, and it's only allowed to be done by The Undertaker and Kane, two of WWE's biggest and strongest performers.

Just last year during the inaugural Universal Championship match, Seth Rollins threw Finn Balor into the ring barricade and it dislocated Balor's shoulder. Balor popped his shoulder back in and finished the match anyway like a complete bad ass, and went on to be the inaugural Universal Champion only to have to give up his title the next night because he had to go on hiatus due to his injury.

Check it out.

So now we know the risks are real, and the injuries are real there is still a problem with predetermined endings right? Well, not really if you stop thinking of it like fake fighting, and more like you are watching a staged performance. You would never go to a circus and say that the trapeze act, or the tight rope walking acts are fake. They are just as scripted, but the risk is real! Think of it more like a live action stunt spectacular!

Another way to look at it is like watching an action movie, or a TV show like Game of Thrones. You don't watch those things and yell at the screen that it's fake right? It's entertainment, it has a good story, and looks real enough that you can get into it.

Bottom line, it's supposed to be fun.

Some People Think MMA is Better

Some people prefer to watch real fighting. I get that, and I enjoy a good MMA fight myself having grown up taking martial arts classes off and on my whole life. I like watching a great fight! That being said, is MMA better? Not in my opinion, and the reason why is the lack of story and it is hard to follow sometimes.

When you have two random guys rolling on the ground grappling, it can be hard to see exactly what they are doing, and that sometimes makes me lose interest. In wrestling, movements are big, flashy and there is always a cool finishing move like in a good video game! I'd prefer to see Randy Orton hit an RKO out of nowhere a million times than see one fight where Conor McGregor chokes someone out. Real MMA endings are more often than not pretty boring.

The Apparel is Cool

My girlfriend can attest that I have way too many wrestler tshirts. I have some from WWE Shop, some from TNA's Shop, and a few from Pro Wrestling Tees. I like the last one the best because a big portion of the sales go directly to the wrestlers instead of the promoters and that's how most of the independent guys make their money.

I also have a bunch from TeePublic which I like because the fit is perfect, and the designs are super unique because they are made by fans. At the time of this writing, you can take 25% off your order too with code COOLCAT25 at checkout. Here are a few of my favorites:

Tyrus T-Shirt

The Shirt of Jericho - Drink it in!

Moose T-Shirt
Finn Balor T-Shirt

I Prefer Sports Entertainment Over Sport

In the end, I think I just prefer to be entertained over the actual sport of it. You like your favorite football, basketball and baseball teams right? Well, I like my favorite wrestlers and wrestling promotions. It's the story that draws me in, and the whole spectacle of it that makes me stay. It's also really amazing to see these amazing stunts being performed, and if done well, nobody seriously gets hurt doing it. As mentioned above, that's not always the case either, and when a serious injury does happen, it's amazing to see these performers power through it all to put on a good show.

Tonight is a great night for it too because WWE SmackDown Live is having their Elimination Chamber special tonight and WCPW is also having their True Destiny special! Time to get the beer and popcorn ready!

Jan 23, 2017

3 Services Like Uber, But For IT Freelancers

I spend a lot of time thinking about the future. I'll be honest, I'm coming up on six years at my currently company that shall not be named. I love working here, and hope to keep working here for the very far reaching future. I've told others that I work with, that as long as the company sees value in me, I'll be loyal to the company. Still though, you never know what might happen.

For a lot of you in the Information Technology (IT) business, you probably work in a big city. So getting laid-off, although it still sucks, as long as you have a good looking resume and know your stuff, you will find a new job relatively quick. It's the best thing about IT, everyone uses computers so there is always a need for IT experts.

Well, that was my thinking until I moved to a podunk little one-horse town in nowhere Colorado. It is a rural area with a ton of small businesses, and no permanent IT jobs! Everyone out here outsources to independent contractors, and the only jobs don't pay what you can make in the big city. This situation makes me kind of nervous, because if my current company decides that they don't like me working remotely from podunk Colorado, then what will I do?

Well, I've been planning it for the last few years actually. I call it my "plan b", and that is to start my own independent IT consulting business. I got to talking with a local dentist up the street about who fixes his computers when they have issues. He said he had to call a company in a town that is an hour away, and usually it takes them a few days before they can come on site. That means that when something goes down for this dentist, his business could potentially be on hold for a few days! What's that I smell? Opportunity!

Back when I first got into IT in San Diego, I used to do my own home computer business on the side. I learned then that if push came to shove, I could make money on my own. I also learned about a few tools one can use to get jobs, and they are sort of like Uber, the independent taxi-like service that is letting millions of people work on their own time and use their car to make money. These tools, unlike Uber, are geared towards IT people. Here they are:

All of these services have apps that you can download to your phone. They will also send you email and text alerts when contract or freelance jobs come up!

When you are thinking about setting out on your own, and being your own boss it can be a scary prospect. However, if you plan for it right, and execute it properly, you can make decent money doing freelance work like this and being your own boss.

Like I said, for me this is my plan B option. I sincerely hope things continue your work out with my current company, but you never know what the future may bring. It gives me peace of mind having options like the services above to know that I will be able to find work if I need it.

Jan 4, 2017

Trying a new backup software program at home

For years I have been using Crashplan for home backups, but I stopped using their cloud service for backups because if I forget to renew they delete all my backups in the cloud and I have to start over. I started just using their software to backup to a local NAS device I have with RAID5 enabled. I figure that was good enough for most things I needed.

Well, I noticed that on my laptop that I had configured to backup to the NAS (Using a technique I developed) stopped working. I'm not sure if Crashplan got wise to it or what, but it stopped backing my stuff up and said it couldn't connect to the backup location. I decided I needed to use something else.

I at first thought about using the built in Windows backup program, but the problem with that is that it doesn't use encryption or offer an option to password protect your backups. I'm backing up files from my Bitlocker Encrypted files to an un-encrypted NAS device. I don't want to compromise that encryption security by storing my files un-encrypted on the backup device. Makes sense right?

So I decided to try out a free third party backup program called AOMEI Backupper Standard!

Here are the features from their page:

  • Backup system and create a system image to keep Windows and applications safe.
  • Backup entire hard disk (HDD), SSD or specified partitions to create an image file.
  • Backup or sync your most important files and folders on a regular basis.
  • Set and forget with automatic backup, incremental/differential backups to save time and storage.
  • Clone a smaller HDD to a larger HDD for disk upgrade, or clone HDD to SSD for better performance.
  • Real-time file sync: monitor files for changes and synchronize new added, modified or deleted files from source to target path as soon as the change has occurred.
Besides what's listed, they also offer encryption and compression settings as well as the ability to email you when backups complete or fail so you can set it and forget it!

I will try this out for the next few weeks. If it continues to work well, I think I may have found my new backup solution!

Jan 1, 2017

ExtraTorrent under major DDoS attack

ExtraTorrent has been under massive DDoS attack for the last few days. It's still going on apparently. For the last few days users may have noticed their RSS feeds are no longer working because if it. Also if you try to browse to their site now, you are greeted with the following CloudFlare DDoS protection screen:

I've also noticed that periodically you will also see a 503 Service Unavailable error, or you will get an error page from CloudFlare saying they can't connect to the backend web servers.

This has obviously been happening since at least around Christmas time. TorrentFreak reported the following on December 27th:

The popular torrent site ExtraTorrent has suffered several major DDoS attacks over the past few days. The problems appear to be related to the site's recent ban of 'unofficial' proxy services. Meanwhile, The Pirate Bay is also down, but for now it's unclear what's causing the issues on their end. 
ExtraTorrent, one of the largest torrent sites on the Internet, just experienced one of the most turbulent weekends in its ten year history. 
While many people were celebrating Christmas, the site’s operators were busy keeping the site online, after it was pounded by DDoS attacks. 
“Extratorrent faced tons of cyberattacks over the last three days. Most of them were DDOS attacks. Cloudflare can’t help us because we get 40 to 50 million requests from the U.S. every hour!” ExtraTorrent’s SAM informed us. 
To counter the attacks the site temporarily limited several functions to save resources. The login functionality for users is disabled, for example, so there are no fresh torrents. In addition, the site’s operators have removed the added protection against unofficial mirror and proxy sites.

In the meantime, you can use alternative sites like LimeTorrents or Yify to get your movies and TV shows although none of them support RSS feeds. Hopefully ExtraTorrent can get this straightened out soon.

Twitter Delicious Facebook Digg Stumbleupon Favorites More

Design by Free WordPress Themes | Bloggerized by Lasantha - Premium Blogger Themes | stopping spam