Triona's Tech Tips

Sony has recalled more than 69,000 desktop Vaio PCs and Vaio laptop docks due to an electric shock risk from the computers’ AC adapters. Sony’s web site provides details about the recall. Affected models include:

• All-in-one computers sold after September, 2007
  • VGC-LT series
  • VGC-JS240, VGC-JS250, VGC-JS270, and VGC-JS290 series
• Notebook docking stations sold after September, 2005
  • VGP-PRBX1
  • VGP-PRFE1

In similar news, Belkin has recalled some of its TuneBase in-car iPod dock due to a fire risk. Belkin’s web site has details about the recall. The affected models include the TuneBase FM with Hands-Free, TuneBase Direct with Hands-Free and TuneBase™ FM with ClearScan with model numbers as listed on the back of the product:

• F8Z441, F8Z441ea, F8Z442, F8Z442ea, F8Z176, F8Z176eaBLK

There are also reports, unconfirmed by Apple, of some Time Capsule backup modules failing after an average of 17 months. Disturbing, given that these devices are supposed to preserve your data. I recommend that everyone, not just Time Capsule owners, use multiple methods of backup. You can find out more on the timecapsuledead web site.

Through November 1st, 2009, new subscribers to the free email version of Tech Tips will receive a special tip sheet on Four Easy Ways To Protect Your Computer. Just click here to sign up.

This week sees the public release of Microsoft Windows 7. I’ll be giving you an in-depth look at Windows 7 in next month’s Tech Tips (so don’t miss your free subscription and special gift). To whet your appetite, let’s talk about whether or not you should upgrade.

If you use Windows, you’ll have to upgrade eventually, especially if you haven’t already made the leap to Vista. Many people have delayed this either because they don’t like the changes to the Windows look-and-feel, or because they have software that isn’t compatible. But, as I said in a previous article:

It’s sad to say, but our decisions to upgrade have become less about whether we need it for productivity and more about whether our computers can remain functional against the continual onslaught of cyber-attacks. Remember, Windows XP is 8 years old. These attacks are sneaking through despite our best defenses. Windows Vista is no panacea, but its improvements in security offer better protection.

This is even more true of Windows 7, which improves on Vista’s security while eliminating some of the headaches that slowed Vista adoption, notably incompatibility with drivers. In the past most of us have chosen to hold off until the first Service Pack comes out, but in this case we may not have that luxury. Hardware makers aren’t likely to support three versions of Windows, so they will be eager to get everyone off XP as soon as possible by making new equipment Vista- and Windows 7-compatible only. Between that, the Internet threat risk and Microsoft’s lifecycle policy, XP’s days are numbered.

The good news is, Windows 7 is supposed to be more stable than Vista, so waiting for the first Service Pack isn’t a necessity. Also Windows 7 comes with a compatibility mode for XP, which may make migrating your applications easier.

If you have an older computer and are considering an upgrade anyway, Windows 7 is a wise choice. If your computer is less than three years old and doing what you want it to do, you don’t have to move to Windows 7 right away. But plan for the future, knowing you will eventually have to make that leap even if you’re not fond of Windows 7′s Vista-like look.

Are you planning to move to Windows 7? Why or why not? Click Comments to discuss.

Through November 1st, 2009, new subscribers to the free email version of Tech Tips will receive a special tip sheet on Four Easy Ways To Protect Your Computer. Just click here to sign up.

Mozilla Firefox has upped the ante in the fight against cybercrime with automatic checks for updated plug-ins.

Plug-ins are bits of software that work within your Web browser to provide additional functionality. Mozilla debuted this feature with a check for updated versions of Flash, a popular plug-in used to view video content. Outdated versions of programs like Flash are used to spread viruses and malware.

Firefox will run the check automatically, or you can visit this site to check your plug-ins manually. You still have to update them yourself, but Mozilla’s new feature provides a more intuitive way to do so. You can also view your plug-ins and get more information about enabling and disabling them. The check works for both the Windows and Mac versions of Firefox. It’s such a good idea I suspect we’ll see this sort of functionality added soon for Internet Explorer and Safari, the default browsers for Windows and Mac, as well as other browsers like Opera.

Mozilla says it will continue to expand this feature to include additional plug-ins, which is great news for users struggling to keep their computers free of malware and other threats.

We all know the risks of computer viruses, but what do you do if you think you have one?

First, follow Douglas Adams’ advice: Don’t Panic! Run your antivirus and anti-spyware software to see if they can remove the infection. Windows users might try the free online virus scanners from McAfee and Trend Micro. Malwarebytes is a good Windows resource for removing spyware and other kinds of virus-like intruders. Mac users should try the free programs Avast for Mac or ClamX AV.

Some viruses are easily removed, but others embed themselves deep within your computer. The worst-case scenario is having to format and reinstall your computer from scratch, which is why backups are a must.

There are some commonly-held misconceptions about how to prevent computer viruses.

• Adding “aaaa@aaaa” to your address book doesn’t work. It was a trick from years ago that only applied to one particular virus… for about five minutes, until the virus-writers wrote a workaround. These days it’s the equivalent of fighting a wildfire with a squirt gun.
• Booting into Safe Mode also doesn’t work. Safe Mode is used to diagnose computer problems by starting Windows into a minimal version where only the basics are loaded. Most of your software won’t function and the virus will remain in the background, chewing on your system.
• Fake antivirus software and computer cleaners will only add to your woes. Ads for these run rampant across the Internet, especially when you’re searching for legitimate tools like the ones I mentioned above.
• Fake security bulletins claim to be magic cure-alls, but they’re far from it. They are scams out to trick you into clicking on malicious links and further infecting your computer.
• Fake pop-up Web windows pretend to scan your computer, but they are also scams trying to trick you into clicking them.

Your best protection is prevention. Maintain good backups and stay tuned to Tech Tips for the latest computer news. Through November 1st, 2009, new subscribers to the free email version of Tech Tips will receive a special tip sheet on Four Easy Ways To Protect Your Computer. Just click here to sign up.

In November I’ll teach you about Do-It-Yourself Tech Support. If you have any computer questions, let me know.

The computer zombie problem (see here and here) is only getting worse. According to a recent study by Trend Micro, computers often remain infected for up to two years, with median infections lasting 300 days. Many people don’t realize they are infected, and never get rid of the problem until they replace their computers.

What’s wrong with having a zombie computer? Viruses and other infections can slow down your computer, and cause freezes and other unpredictable behavior. There’s also the risk of data and identity theft. And if that doesn’t concern you, consider this: most virus infections, spam and other threats come from the zombie computers of innocent victims.

The good news is, there are easy ways you can keep your computer protected. Through November 1st, 2009, new subscribers to the free email version of Tech Tips will receive a special tip sheet on Four Easy Ways To Protect Your Computer. Just click here to sign up. And keep an eye on the Tech Tips blog, where you’ll find the latest computer news plus links to free resources that can help keep you secure.

I’d like to encourage you to spend fifteen minutes today checking and updating your computer’s protections. Your computer will work better, and you’ll be doing the world a public service by helping to eliminate Internet threats.

In November I’ll give you an in-depth look at the new version of Windows in The Lowdown On Windows 7. If you have any computer questions, let me know.

This month’s Patch Tuesday gives us a plethora of critical updates for both Microsoft and Adobe Acrobat Reader (Windows and Mac). Now is a good time to verify that you have all the latest updates you need to keep your computer free of viruses and other malware.

The expected Microsoft patches include updates for Windows (including the latest version, Windows 7), Office, and Internet Explorer, plus Windows Server, SQL Server and several other products. You can read the advance notification here. If you have Automatic Updates enabled you will receive notice of these updates automatically, or you can manually check to make sure you are protected by visiting update.microsoft.com.

Adobe’s updates will include patches for Acrobat Reader. As I said before I encourage you to install version 9.1.3 if you haven’t already. You can check for updates within Reader by going to the Help menu and selecting Check For Updates, or you can download the latest version from Adobe’s site (but be sure to go to Help, Check For Updates afterwards since Adobe doesn’t always offer the most recent version for download). You can read about the Adobe updates here. Please note that these updates apply to both Windows and Mac.

Subscribe FREE to the email version of Tech Tips between now and October 14, 2009 and I’ll send your special gift: a tip sheet on Computer Housekeeping for PC and Mac.

Apparently the phishing scam that netted usernames and passwords for thousands of Hotmail accounts was wider than previously thought. The latest news indicates that Gmail, AOL, Comcast, and Yahoo! users, among others, may also be affected.

My advice to everyone is to make today Password Change Day. Get out there and change the passwords for all of your accounts. Use a combination of numbers, letters and symbols (where allowed) and be sure to use a different password on every system. Again, you can follow my password tip sheet (PDF) for guidelines on creating strong passwords.

I am often asked, “what does it matter?” accompanied by the protestation, “I don’t have anything important in my email anyway.” I would like to respond that you should care if:

• You want to avoid identity theft. Many people use the same password or set of passwords for all systems. If someone gains access to your email password, even an old one, they will try to use it to get into your other, juicier accounts, like your bank. And they will probably succeed.
• You hate viruses. Most viruses are distributed through compromised computers (called zombies).
• You hate spam. Most spam is sent from compromised computers. Your email address book is a gold mine for spammers because it’s a list of guaranteed good email addresses.
• You want your computer to work properly. Nothing slows a computer down like being zombied (see above).
• You don’t want someone else surfing the Internet on your dime. If you use an email account from your Internet provider, the same password is used both for email and to authenticate you to your provider’s network. If you use a common dictionary word without symbols as the password–shazam! instant access.
• You don’t want to go to jail for someone else’s crimes. Take the above scenario and imagine that the person who’s hijacked your Internet account is dealing in pirated software or child pornography. Unless you can prove it wasn’t you (and that may be difficult), you could be held liable. People committing crimes on the Internet use other people’s accounts for exactly this reason.

Although some people advocate that you not write your passwords down, I say it’s okay as long as you keep the written record somewhere secure, like a locked drawer or safe. (NOT on a sticky note on your monitor or under the keyboard, please!) Excel spreadsheets and other computerized means of tracking passwords are not good ideas, because the first thing a virus will do is check for convenient lists of the rest of your passwords. You might as well hand out your passwords on your business cards. And no, password-protecting the spreadsheet doesn’t work either; those are cake to crack. Properly encrypted password managers do work, but I favor the old-fashioned paper approach, as long as it’s kept out of sight.

It really isn’t that difficult to maintain different passwords on every system. I’ve done it for decades. If we would all follow the basic, simple practice of secure password management, we could cut down on the viruses, spam and other problems that plague us all.

You should also be aware of the kinds of scams that caused these breaches in the first place. Try the SonicWall Phishing Quiz to test your skills on identifying phishing attempts, when a hacker emulates the login page of a site to con you into entering your username and password.

Subscribe FREE to the email version of Tech Tips between now and October 14, 2009 and I’ll send your special gift: a tip sheet on Computer Housekeeping for PC and Mac.

I tweeted (e.g. posted on Twitter) about this also, but wanted to make sure all my Hotmail users know to change their passwords immediately following a breach that resulted in at least 10,000 usernames and passwords being distributed online. It’s likely this is just the tip of the iceberg, so protect yourself by changing your password to something with a mix of letters, numbers and symbols, that is NOT in use on any other system. (Yes, I know, it’s a pain. But what’s more of a pain, multiple distinct passwords or getting your account hijacked?)

You can also see my password tip sheet (PDF) for help on choosing strong passwords.

Subscribe FREE to the email version of Tech Tips between now and October 14, 2009 and I’ll send your special gift: a tip sheet on Computer Housekeeping for PC and Mac.

Several of my readers have reported receiving fake Microsoft security bulletins via email. Like other scams, these are designed to deceive you into clicking links that will infect your computer with viruses.

This particular scam is quite clever. It uses the same terminology as a real Microsoft bulletin, down to a legitimate-sounding number for the purported patch, which in this case is supposedly for Outlook. But, note the provided link. The text of the link looks like it goes to Microsoft, but when you mouse over it, the actual link (see the status bar at the bottom) goes to the scammer’s site.

Fake links are easily created. Like so:

http://update.microsoft.com/realistic-sounding-link

What I did was type the realistic-sounding link, highlight it, and link it to a different address (in this case something innocuous: the address for this blog). Note that if you mouse over the linked text, you’ll see the actual address in the status bar at the bottom of your screen.

When it comes to fake security bulletins, bear in mind:

• Microsoft doesn’t email you security bulletins unless you have actively signed up for their security bulletin notification service. Which I wouldn’t expect most people to do: the bulletins are highly technical and not very helpful unless you know what to expect.
• If there are updates for your computer and you have Automatic Updates turned on (and there are reasons you might not want to), you’ll get them automatically without having to click on anything.
• Some of these scam emails come with attachments pretending to be the patch you need. Don’t click on them! It’s another way to infect you with viruses. Microsoft never sends updates by email.
• To find out if your Windows computer needs updates, go to update.microsoft.com and scan for them. Never click on a link in an email message.
• Scammers will say anything to get you to click on links, because it’s the easiest way for them to infect your computer.

In this case, you can see at the top of the screenshot that my email program, Mozilla Thunderbird, alerted me that this message might be a scam. Your email program may or may not do that, so caution is your best policy.

Thanks to everyone who sent this my way.

Subscribe FREE to the email version of Tech Tips between now and October 14, 2009 and I’ll send your special gift: a tip sheet on Computer Housekeeping for PC and Mac.