Category: Blog

Tips for protecting your privacy from hackers and spies

August 20, 2018
by Dane

Got nothing to hide? Think again.

Privacy is what sets us apart from the animals. It’s also what sets many countries and citizens apart from dictatorships and despots. People often don’t think about their rights until they need them — whether it’s when they’re arrested at a protest or pulled over for a routine traffic stop.

Ransomware: An executive guide to one of the biggest menaces on the web

Everything you need to know about ransomware: how it started, why it’s booming, how to protect against it, and what to do if your PC is infected.

Surveillance is also a part of life, and it’s getting progressively more invasive. Government eavesdropping is increasing, carried out in wider secrecy, and it’s becoming far more localized. In fact, the last three presidents have pushed for greater surveillance: Clinton introduced mandated wiretapping laws, Bush expanded mass domestic surveillance, and Obama expanded the intelligence service’s reach — just in time for Trump.

Now, with a new president in the Oval Office, many are concerned about the future of their fundamental freedoms and constitutional rights.

There is no such thing as perfect security. But no matter who you are or where you are in the world, there are a lot of things you can do — many of which are simple — to protect yourself in this turbulent time.

THE SIMPLE STUFF

Your privacy, at its core, relies on your data being secure.

There are some professions — such as government workers, journalists, and activists — who face far more and complex threats than the average citizen, who should usually only worry about tech companies tracking them to serve up the best kinds of ads, or government bulk data collection of their personal records. But everyone can take the basic advice and modify it on varying degrees.

While most apps and services nowadays secure your data with encryption on their servers to prevent data from being readable if hacked or served with a government subpoena, many more now are providing it “end-to-end.” In other words, nobody else can see what’s sent, stored, or received, other than you and the person you’re talking to — not even the companies themselves.

Usually, the only way to break that “end-to-end” model is to attack an endpoint, such as the device you’re using, the internet pipe that the data’s traveling along, or the company’s servers.

If you secure each of those points, you’re well on the way in keeping your data private.

SECURE YOUR DEVICES

Your phone is your ultimate endpoint. You carry it everywhere and it usually holds your most personal secrets and sensitive information.

iPhones are widely seen as the most secure mainstream device today. Modern and newer Android devices usually come with strong security features, but there isn’t a universal implementation of encryption yet. Your iPhone encrypts as soon as you lock your screen(even the feds can’t access it), but Android devices have to be shut down entirely.

Here’s a guide on how to secure your iPhone, and here’s another guide for most Android devices.

New to iOS 11? Change these privacy and security…SEE FULL GALLERY

TURN OFF FINGERPRINT PHONE UNLOCK

Your Touch ID or fingerprint sensor is meant to keep your data more secure. But in some cases federal agents can force you to unlock your phone with your fingerprint, because the courts have determined that it’s not a violation of the Fifth Amendment, which protects against self-incrimination. The feds however can’t force you to turn over your passcode.

Turn off Touch ID by going to Settings > Touch ID & Passcode > turn off iPhone Unlock. (Android users can go to Settings > Security > Lock Screen or Nexus Imprint.)

BE MINDFUL OF EVERY APP YOU INSTALL

Each time you install an app, it will ask you for permissions to your phone’s features or data, like your contacts, photos, camera, or even the phone dialer itself. Be mindful of apps that you install, as a single rogue app can punch a hole in your privacy protections.

Take Meitu, the anime photo app that whipped up a privacy storm. For such a simple app, it required almost unlimited and unfettered access to your phone. Remember: if an app is free, you’re paying for it in some other way — and usually it’s with your data.

SET A STRONG PASSCODE

Chances are you’re already using a six-digit passcode, if you’re using a modern version of iOS. But you can make the code as long as you like. We have a simple and handy guide here. Choosing the “custom numeric code” will still give you the number keypad on the lock screen, making the passcode entry easier to type in.

USE A COMPUTER? TAKE THIS ADVICE

Keeping your devices and apps up to date will significantly reduce attacks. Every app or service you install will increase your vulnerability risks because no software is perfect. If you have preinstalled apps or “bloatware,” you should remove those — and that includes web plugins like Adobe’s Flash, Oracle’s Java, and Apple’s QuickTime. Using ad-blockers can prevent ads from installing tracking cookies and even malware (which happens surprisingly often).

MUST READ

Cyberwar: A guide to the frightening future of online conflict

Every device had become a battleground. Here’s everything you need to know.

You should also consider encrypting your computer, which is easy if you use either Windows or a Mac. Just make sure you don’t upload your encryption keys to the cloud, otherwise Microsoft or Apple could be forced to turn them over.

Yes, Windows 10 is more secure than Windows 7, but it’s understandable that many think it’s a privacy nightmare. We have a separate Windows 10 privacy guide that shows you the right options for you.

SECURE YOUR MESSAGING

Now that your device is secure, you should think about your data in-transit — that is, as it traverses the waves of the wireless spectrum and the pipes of the internet.

SMS messages and phone calls can be intercepted and wiretapped at any time — it’s the law. Police can also use cell-site simulators (known as “stingrays”) to force-downgrade your cell connection from LTE to non-encrypted channels to make it easier to snoop on your phone.

It’s not just the messages you send that you need to worry about; you also have to think about the data that’s generated as a result — so-called metadata, such as who you’re talking to, when, and sometimes where. That information alone can tell a lot about your life, which is why it’s so important to intelligence services. Metadata is a core pillar of government surveillance.

Countering metadata collection isn’t easy, but its collection can be limited. The trick? Use the right app.

Let’s get one myth out of the way: There is no secure email solution — at least not yet. While there are systems like PGP encryption, which remains the favorite for scrambling the contents of email messages, it’s not as strong as it used to be and better instant communications exist.

In ranked order, best first:

USE SIGNAL FOR ENCRYPTED MESSAGING

Signal is by far the simplest and the most secure app when it’s used properly. Available for iOS and Android, the end-to-end encrypted messenger was almost universally accepted as the gold standard among security experts and professionals after its debut audit.

The messaging app and its desktop counterpart are also open-source, meaning anyone can look at and inspect the code to ensure there are no backdoors. And, Signal almost entirely removes itself from the surveillance loop by collecting almost no metadata. Even if a user chooses to upload their contacts list to Signal, each record is scrambled and can’t be used by the intelligence services.

Using a secure messaging app alone won’t keep you secure. Ensuring that you properly verify the keys of those you’re talking to will ensure that you’re not talking to someone else. (Image: ZDNet)

The Intercept has a simple guide on how to verify your contacts in the unlikely event that your communications are being intercepted. You usually only do this only once (unless you or someone you’re talking to changes device).

You can download Signal here.

IGNORE THE FEARMONGERS. WHATSAPP IS BASICALLY FINE

If you heard recently that WhatsApp has a “backdoor,” that’s wrong. So wrong, in fact, that some of the world’s foremost security experts and cryptographers have called for the story to be retracted. The Guardian, which published the story, later said “flawed reporting” led the newspaper to “overstate the potential impact on the security of users’ messaging.

The end-to-end encrypted messenger, owned by Facebook, works on a range of devices, including desktop. At its core, it uses the same protocols as Signal — so it’s secure and neither Facebook, WhatsApp, or anyone else can read your messages.

WhatsApp is fine as long as it’s being used properly by verifying your keys with the other party. Make sure that you enable security notifications so you can monitor for any key changes.

Do this by going to WhatsApp then Chats > Chat Backup > then set Auto Backup to Off.

You should also turn off online backups — both on the app and iCloud and Android’s settings — as backups can be cherry-picked out of the cloud by law enforcement with a search warrant.

The app does collect and store more metadata than Signal. That means the government, if it demands data from Facebook, could see who you’re talking to and when. A recent report by Forbes confirms that the company could be forced to turn over data it collects, such as IP addresses, phone identifiers, and even location data in some cases.

IMESSAGE IS OK, BUT BE MINDFUL

Apple’s iMessage is also encrypted end-to-end, but you can’t verify your keys with the people you’re messaging. That’s a problem, because you can’t ever be sure that your messages aren’t being intercepted. Recent developments have shown that the system is vulnerable to man-in-the-middle attacks, so don’t rely on the system for critical communications. And again, don’t back up your messages to iCloud, because Apple can be forced to turn that data over to law enforcement. End-to-end encryption refers to your message securely traversing the internet and not when it’s in storage.

That said, you should regularly carry out an encrypted local backup your iPhone or iPad on occasion. It’s very simple to do, and can restore your data if you break your device.

AS FOR ENCRYPTED EMAIL…

Again, encrypted email is a fallacy, so you should get the idea out of your head. Consider services that don’t require you to handle private keys, such as ProtonMail, which now comes with support for the Tor browser (more on that shortly).

WHAT IS PHISHING?

Everything you need to know to protect yourself from scam emails and more

Don’t click on that email! Find everything you need to know in this phishing guide.

Or, there’s still PGP, which remains clunky and difficult to use for even many advanced users. Even the creator of PGP admits he doesn’t use it anymore. If you really want to use PGP, get started with these Windows or Mac guides from the Electronic Frontier Foundation.

Or, if you can get an invite to Keybase.io (you can find some here or by searching Twitter), you can choose to import your PGP private key and use the web-based encrypt and decrypt tools. This has raised some eyebrows, but it’s entirely optional, as it makes scrambling and unscrambling PGP messages and files significantly easier.

SECURE YOUR BROWSING

Browsing is usually at the heart of what most people do. But just as you’re looking out at the world, you also have a lot trying to look in. Ad networks will track you from site to site, your internet provider will log which pages you visit, and hackers will try to target you.

Without getting too into the weeds, no browser is perfect, but some are better than others.

When it comes to the gold standard of privacy, consider using Tor. It’s like a regular browser with privacy benefits, and it’s often used by the privacy conscious, such as reporters and activists.

The Tor browser lets its users browse the internet anonymously by bouncing traffic through multiple relays. Not only does it hide a user’s internet history, it’s also used to circumvent state-sanctioned network blocks. The service also allows users to browse parts of the dark web, which aren’t accessible through traditional browsers and networks, as well as websites and services that are blocked in your region.

You can use Tor for anything — but streaming video can be slow, and some web plugins (like Flash) are generally disabled as these can be used to de-anonymize you, defeating the point altogether.

With other browsers, to enhance your security, you can install the HTTPS Everywhere plugin(available for most popular browsers), which forces websites that support website encryption to turn it on by default.

Secure sites are your friend, because it means an attacker can’t modify the pages and that internet providers (and the government) can’t see which individual web pages you visit on a domain.

You can also use mobile versions of the Tor browser called Orbot for Android and Onion Browser for iOS, both of which are also open source.

Both of these apps are widely used and trusted by leading security researchers.

DO I NEED A VPN?

A common question is: will a VPN protect my privacy? The simple answer is that you can’t know for sure.

VPNs, or virtual private networks, redirect a user’s internet traffic through a server, often encrypted, in order to make it difficult for others to eavesdrop on their browsing habits or pinpoint a person’s real-world location.

A virtual private network (VPN) enables users to send and receive data while remaining anonymous and secure online.

It’s no surprise that VPNs are therefore popular among activists or dissidents in parts of the world where internet access is restricted because of censorship, or heavily monitored by the state.

But using a VPN means funneling all of your internet traffic through a third-party. All of it. And while it may be encrypted and unreadable, a lot of information about you — such as your location and which unencrypted sites you visit — is still readable.

Security researcher Troy Hunt said in a blog post that because VPN providers control your traffic, “they can inspect it, modify it, log it, and have a very good idea of what it is you’re up to.”

In short: using a VPN means having to trust it to not abuse your trust and to resist demands for your data by the government in which the provider is located.

If you want to use a VPN to avoid geo-blocks or to evade censorship, plenty of decent services exist. The paid-for services are better for privacy than free services, which often monetize your traffic by serving you trackable ads.

If you need anonymity and privacy, your best bet is to instead use Tor — which is free.

PUBLIC WI-FI NETWORKS ARE A BIG ‘NO’

Remember: If you ever use a public network, like a Wi-Fi hotspot in a coffee shop or anywhere else, be extremely careful. Treat this network as though every page you visit will be monitored — which may expose your personal information, including your usernames and passwords.

USE YOUR PHONE’S DATA FOR BETTER SECURITY

If you need a secure network, you should use your phone’s data — such as 4G or LTE — or use your phone as a hotspot for your computer. It’s far better to use your phone’s data plan for anything important than using insecure public Wi-Fi.

You can usually find your hotspot option in iPhone’s settings or Android’s notification tray.

BE AWARE OF STINGRAY ‘DOWNGRADE’ ATTACKS

On that note, be mindful of your connection if you’re at public or high-profile events, including protests or demonstrations. We mentioned earlier that police can use “stingrays” to intercept your phone calls and texts, and possibly your browsing data.

There’s a lot of secrecy surrounding stingrays, such as who has them and what they do, but some news outlets have discovered other tech with similar aims. Most modern phones use high-speed LTE, which comes with encryption, making interception almost impossible. By blocking or jamming LTE and 3G, the stingray can force a phone into connecting to 2G, which can be easily intercepted by the stingray.

If you’re at a protest or other high-security event and you suddenly lose LTE connectivity and are pushed to 2G, that could be a sign your communications are being monitored. (Image: CNET/CBS Interactive)

Android users can select a “preferred network type” such as LTE only by accessing a hidden Android menu. Here’s a helpful guide which explains how to do it.

For iPhones, you have the option to select LTE as a preference, but no way to disable 2G. Go to Settings > Cellular > Cellular Data Options > Enable LTE > and select Voice & Data.

Then, use your smarts: If you’re in a busy area, such as a city, and you suddenly lose LTE connectivity in the middle of a protest, your phone may have been tricked into connecting to a stingray.

SECURE YOUR SERVERS AND CLOUDS

You’ve secured your phone, your computer, and you can communicate and browse with relative safety. But you still store a wealth of data in the cloud — in other words, other people’s servers.

SEE THIS

New iPhone or iPad? Change these iOS 8 privacy settings immediately

Updated: Before you do anything on your new iPhone or iPad, you should lock it down. Here are the important tweaks you need to protect your privacy.

US citizens and residents have Fourth Amendment protections against unreasonable searches and seizures. In other words, police must get a warrant before anything’s searched or taken. But those protections are less clear when it comes to the cloud, according to a guide cross-posted by the Freedom of the Press Foundation. In most cases, authorities still need a warrant to access your data, but they can still serve subpoenas, which don’t require a judge to sign off on, to access limited metadata.

It’s not only wise to be careful with what you store in the cloud wherever possible, but also to ensure that your various clouds are secure. Some services even allow their staff to read and access your content.

USE STRONG, UNIQUE PASSWORDS

You must use a strong, unique alphanumeric password that is at least in the double-digits of characters for each account you have. Use a password manager like LastPass, 1Password, or Dashlane to generate strong passwords for you.

Once you set strong and unique passwords for each account, it’s not necessary to change them often. Many — even government agencies themselves — say it’s bad advice to change your password often.

NOW, SET UP TWO FACTOR AUTHENTICATION ON EVERYTHING

Two-factor authentication adds an extra layer of protection to your accounts. Once you enter your password, you’ll get a code sent to your phone to make sure it’s you.

This helps prevent account takeovers from hackers. CNET has a great explainer on two-factor, and why it’s so important.

If you are a reporter or a government worker, it’s wise wherever possible to have your two-factor token sent to you by an authenticator app, which delivers a code via an encrypted channel. This is because in some cases, SMS messages can be intercepted in a number of ways, such as exploiting flaws in the cell network. But, for most people, receiving two-factor tokens over SMS is generally fine.

You may use many different services, and each process is different. But one website, the aptly-named Turn It On has you covered. It explains how to set up two-factor authentication on dozens of major websites, including Facebook, Google, Twitter, and more.

Just make sure you keep your phone number safe. You might want to set up a strong and secure passcode for your phone account by calling your cell provider.

If you do decide to use an encrypted two-factor app, Google Authenticator is highly recommended, as well as Duo Mobile.

CONSIDER DELETING ACCOUNTS YOU NO LONGER USE

If you know you have an account that you never use, delete it. Holding onto these old accounts may expose you to greater hacks or intrusions down the line, even if you long forgot about them.

There is, however, an important caveat: some sites and services recycle accounts after a certain period of inactivity or after an account is deleted. You should be especially mindful of email providers that recycle email addresses or accounts after a period of time.

Microsoft and Yahoo are good examples. If you delete your account, anyone can register for your email address after a grace period. If that account is still linked to other sites and services — like your social networking account or two-factor authentication — an attacker could log into those accounts by resetting your passwords sent to your old email address.

DON’T STORE YOUR ENCRYPTION KEYS IN THE CLOUD

You should encrypt as much of your data wherever possible. To make life easier, some providers allow you to upload your encryption keys in case you get locked out of your account. Helpful, yes, but a huge risk to your privacy if leaked.

Windows lets you upload your BitLocker encryption key to the Microsoft cloud. To check to see you have already, go to your Microsoft account, log in, and check. Back up the key onto your computer and delete it from the webpage. You can then re-encrypt your device by following this guide.

Macs also offer the same option. Once you begin encrypting your Mac hard drive, you are given the option to upload your key to your iCloud. If you choose not to, you’ll be given a recovery key which can you can keep safe, and your encryption key won’t be uploaded to Apple’s servers.

BEWARE THE HARD PART

There’s a lot you can do to ensure your personal security and data privacy, but all too often it takes two to tango — in that you should ask your friends, colleagues, and others you communicate with to also jump in.

When it comes to messaging and communication, you put your privacy in their hands as they do yours. It’s a collective effort that everyone can — and should — support.

A FINAL NOTE

Today’s security might not be what is tomorrow’s, so this guide will be kept as up to date as it can be. While this guide has been poured over to make sure it’s fair and accurate, do take the time to read more (from the various links).

Blog

Electronic skin allows amputees to ‘feel’ pain and touch

August 2, 2018
by Dane

When Gyorgy Levay lost parts of all four extremities, including most of his left arm, to meningitis in 2010, he resolved to make the best of a bad situation.

He mastered his state-of-the-art prosthetic replacements. He switched the focus of his graduate studies from electrical to biomedical engineering. The native Hungarian even found it interesting how he continued to feel sensations from the hand he no longer possessed.

But like most amputees, he felt something was missing. Because his prostheses had no sense of touch, they felt to him like alien attachments.

Thanks to a team of researchers at Johns Hopkins University, he has learned what they might feel like if they were part of him. Levay was the principal volunteer subject in a two-year study at the university that endowed an artificial limb with the capacity to feel pressure and pain.

Led by Luke Osborn and Nitish Thakor, a graduate student and professor in Johns Hopkins’ biomedical engineering department, the team developed a form of “electronic skin” that registers touch in much the same way the human body does.

Wearing that “skin,” a fabric-and-rubber sheath laced with sensors that the team called e-dermis, on the fingertips of his prosthetic left hand, Levay picked up several small, rounded objects, then did the same with a sharply pointed object.

When picking up the rounded objects, he felt various levels of physical pressure; when holding the pointed object, he felt pain.

To Levay, it felt as though a lifeless appendage—his left hand and arm—were being born again.

“Normally my ‘hand’ feels a bit like a hollow shell,” he said in a phone interview from his hometown of Budapest. “When these electronic stimulations started happening, it felt a bit like filling a glove with water, almost as though it were filling up with life.”

The experiment marked the first time an amputee could feel a range of benign physical pressures through a prosthetic device—and the first time any has felt pain.

“For the first time, a prosthesis can provide a range of perceptions, from fine touch to noxious touch, to an amputee, and this makes it much more like a human hand,” said Thakor, the co-founder of Infinite Biomedical Technologies, a small Baltimore-based company that supplied the prosthetic hardware for the study.

A paper on the study appeared in the journal Science Robotics last month.

The advances are the latest in an area of research that has expanded rapidly over the past decade and a half, thanks in no small part to work done at Johns Hopkins.

It wasn’t until about four years ago, though, that researchers at Case Western Reserve University in Cleveland and elsewhere began taking steps toward imbuing prosthetic devices with touch.

Those researchers achieved their results by affixing electronic sensors to prosthetic limbs. These tiny devices could register touch, translate it into electronic signals and send the signals across a set of wires to the appropriate locations in what remained of the users’ limbs.

Every pioneering experiment has its limitations, and these were no exception. The process required invasive surgery—electrodes had to be implanted in the residual limbs to receive the signals and transmit them across the nervous system—and the work provided only a narrow range of pressure sensations.

The Hopkins team set out to expand the menu of sensations provided, up to and including pain—a category of feeling that, while always unpleasant, serves a crucial survival function.

“Pain is a sensation we use to protect our bodies,” Osborn said. “We can take it for granted, and we certainly don’t always like it, but it serves as a warning system, helping us avoid harmful events.”

The team, which included members from the Johns Hopkins departments of electrical engineering, computer engineering and neurology, turned to biology for its model.

The sensory receptor cells in human skin, they observed, are actually situated at various levels, with those responsible for painful sensation (nociceptors) primarily near the surface of the skin and those responsible for sensing pressure (mechanoreceptors) set deeper.

To replicate this system, they designed e-dermis to have sensors arrayed in two layers, instead of one like earlier engineers.

Then the challenge was to “teach” the sensors in each layer to generate the sensations appropriate to that layer.

Again, they turned to biology.

The team studied the frequencies, amplitudes and wavelengths of the signals the body normally sends when generating sensations of pressure and pain. Then they calibrated the sensory apparatus to mimic those variables.

Osborn elaborated on this “neuromorphic” approach—that is, the creation of technology that mimics biological patterns.

“We knew what an electrical pulse for pain looks like, as well as pulses that convey information of pressure, texture and so forth,” he said. “We created similar pulses and matched them against what the subjects actually perceive.”

The next challenge was to ensure that the system was spatially accurate—that is, that if contact occurs on the prosthetic index finger, the brain perceives it as coming from that spot.

They achieved this through “sensory mapping—probing every square centimeter of the subject’s residual limb and noting where the subject “felt” each of those touches on his “phantom” hand.

The process allowed Osborn and company to wire the sensor on the index finger, for example, directly to the nerve in the residual limb that ordinarily would connect to the real index finger.

Hopkins research offers Pa. woman new arm, 14 years after amputation

“Those nerves that used to go to your hand are still there, they’re just not connected to the hand anymore,” Osborn said. “By stimulating each of those nerves, we activate the location in the brain that says ‘pinky finger,’ or ‘index finger,’ or ‘thumb,’ and the sensation should ideally feel as it would have before the amputation.”

Having mapped the nerve patterns so precisely, the team was able to avoid requiring the invasive implantation of metal electrodes in the residual limb.

They did attach wires from the prosthesis to the appropriate locations on the limb, but they did so on the surface of the skin, a process that is far easier on the subject.

Levay said he appreciated that on many levels.

He happened to be studying biomedical engineering on a Fulbright scholarship at Johns Hopkins when Thakor and Osborn began their research in 2015.

Because he was interested on a personal and professional level, and physically nearby, he made the ideal volunteer subject for the study, which was funded by grants from the Johns Hopkins Applied Physics Laboratory and the National Institute of Biomedical Imaging and Engineering, a division of the National Institutes of Health, among other sources.

The group worked with a number of volunteer amputees during the study, but because he was consistently available over a course of months, Levay emerged as the central, unnamed subject of the paper, titled “Prosthesis with neuromorphic multilayered e-dermis perceives touch and pain.”

The experiments were painful at first, Levay said with a laugh, as Osborn sought to find the right match between the shocks he delivered and the sensations Levay felt.

The longer they worked together, though, the closer the correlation became, until the only pain he felt during the sessions came when he picked up the pointy object, signaling that the experiment had achieved its goal.

That, he said, was pain he was only too happy to feel.

“E-dermis doesn’t work perfectly yet,” Levay said, “but it’s definitely a step further in bringing sensations back to the hand.”

Blog

Staying Safe Online in 2018

June 5, 2018June 6, 2018
by Dane

Cybercrime affects home computer users as well as businesses – and criminals think up new ways to get your money all the time.

Some people have been really frightened by screen pop-ups saying they’ve been looking at illegal content and threatening all sorts of things if t

hey don’t pay up. Check out www.actionfraud.police.uk for the latest scams and you will probably find that lots of other people have received the same messages. Sometimes these scams download programs and viruses onto your computer.

The latest scare is about webcams – emails saying that they have a video of you watching ‘adult entertainment’ and threatening to show it to your address book if you don’t pay up. It should be impossible to remotely control your webcam but, if in doubt, you can always put a sticker over the camera lens – and never pay up because, as we all know, blackmailers are never satisfied!

If you’re not sure, just give us a call – whatever the problem – we can remove anything suspicious.

If you get a phone call from someone you don’t know – ask for their phone number – then look up the number online to check if it belongs to who they say they are. You can always ring them back if the number checks out. If anyone rings you and tells you there is something wrong with your computer, it’s most likely a scam, no-one can access your computer without your permission – if you are worried ring us, advice is free.

Emails purporting to be from official sources like the tax office or your bank are very often phishing scams and if you click on the link will download a virus onto your computer. You will never be asked by genuine officials to disclose personal information like passwords or pin numbers by email or phone.

When buying online, the safest way to pay is by PayPal as they have very comprehensive rules that all users have to comply with – including a refund if you don’t get what you have paid for.

Some good news – it will soon be safer to surf the web – because you will be able to tell which websites are secure and which aren’t. Safe websites will have a little green padlock in the address bar like this:

So, how do you get that little green padlock for your website?

If you have a basic, fairly up-to-date website, it should cost less than £120 to encrypt it, make it secure, and provide the initial SSL certificate. Renewal of your certificate thereafter should not be more than £50 per year. Once your website has an SSL Certificate it will rank higher in search results because Google search engines prefer encrypted sites. If you rely on your website for online sales, the sooner you get an SSL certificate the better.

Rainford IT will be speaking at the launch of the Shropshire Innovation Network being held on 19^th July at University Centre Shrewsbury, Guildhall, Shrewsbury SY3 8HQ 6.00 – 8.00 pm. Free to attend for Gossip readers email [email protected] to book a place – Dane and Kirt will be available to answer any of your questions.

You can also check out our website for the latest scams and what to watch out for and lots of useful free advice so you can keep to up to date:

www.rainford-it.co.uk 01948 840102

Blog

How to easily swap between headphones and speakers in…

May 21, 2018May 21, 2018
by Dane

Blog

How can I stop an unexpected Windows 10 update?

May 19, 2018May 19, 2018
by Dane

How can I stop an unexpected Windows 10 update?

Celia’s working day was almost ruined after she was caught out by an enforced update. Can she stop it happening again?

Yesterday, I intended to take my laptop to visit a client, but when I was about to set off, yup, I couldn’t turn it off without allowing Microsoft to do its upgrades. We all know how long that takes, and I had a train to catch, so I ended up having to wing the whole presentation.

The infuriating thing is that I knew there was an upgrade around, so I had checked the power settings that morning to see if one was waiting to be installed. There was no update at 9am. Somehow Microsoft snuck it in without my noticing.

I do understand that people need to install updates, but can’t Microsoft give us an escape route? This is my computer and my software and my business, so please can you trust me, just this once? Celia

It’s easy to be caught out by Windows updates, and I once left the house carrying an open laptop, confident that the update would finish long before the battery ran down.

However, there is a fundamental divide between consumer and business versions of Windows. With consumer versions, such as Windows 10 Home, Microsoft takes a paternalistic view of updates: it tries to do what’s best for people who don’t know what they are doing. Business versions – Windows 10 Pro and the Enterprise and Education editions – are designed to allow IT departments and knowledgeable customers more control. That includes ways to defer some updates for a week, a month or even a year.

Many update problems stem from business people using consumer version of Windows, and this is understandable for sole traders and companies that are too small to employ IT staff. I don’t even think the extra features in Windows 10 Pro – BitLocker, Hyper-V, Remote Desktop etc – would be much use to people in your position. However, it doesn’t cost much to upgrade, and could be worth it if being able to delay upgrades helped you win a new client.

Otherwise, Microsoft has a Windows Update FAQ and a help page with a troubleshooter that you can download to help fix update problems.

Update strategy

Windows 10 updates pending install — Your PC may appear to be up-to-date, but a search may find updates marked ‘pending install’ or ‘pending restart’. Photograph: Microsoft

Laptops that are only used intermittently seem more likely to receive forced updates. Microsoft tries to download updates in the background without users being interrupted or even aware that it’s happening. If you have an always-on desktop PC, the process is almost completely reliable. If you use a laptop for intense work then shut it down when you stop, there aren’t many gaps for updates to be downloaded and installed. You can help by setting your laptop to stay awake for an hour or two while it’s charging.

You can also pre-empt some inconvenient upgrades by looking for them.

Set aside an hour each week to clean up your PC, tidy away files, check your backups and perhaps run an extra virus scan with something like Malwarebytes Free. During your housekeeping session, run the Settings (cogwheel) app, click “Update & Security” and see if any updates are pending. If there are, you can either install them or click “Advanced options” and pick a time and date when you want them installed. If there aren’t, click the button that says “Check for updates” and see if it finds any.

Your PC may appear to be up-to-date, but a search may find updates marked “pending install” or “pending restart”. After you’ve installed those, check again, because there may be even more updates to install. If you need a lot of updates, they tend to come in batches, not all at once.

Pay particular attention after the second Tuesday of each month – “Patch Tuesday” – when Microsoft usually releases security fixes.

Microsoft is updating almost 700m PCs running Windows 10, and it doesn’t try to update all of them at once. By checking for updates, you can jump the queue and install them at your preferred time, not when Microsoft’s update servers get around to it.

Schedule a restart

When you have a restart pending, the Settings app provides two options: “Restart now” and “Schedule the restart”. Choose to schedule it and you can enter a date and time for the restart, which means you can put it off for up to six days.

Also click on “Advanced options” on the same Settings screen, and select the last option: “We’ll show a reminder when we’re going to restart. If you want to see more notifications about restarting, turn this on.” Instead of simply restarting at the time you entered, Windows 10 will ask again, enabling you to delay it again.

Active hours

Windows 10 lets you set “Active hours” in the Windows Update section of the Settings app. Click on “Change active hours” to set the times when you usually use your PC. You can reserve 18 hours out of 24 for work. Microsoft will generally not update your PC during these times.

If you are using your PC, you should get a “Heads up” notification to tell you that a restart is pending. You can either hit “Restart now” or “View settings” and select a time and date for the restart.

I suspect that Microsoft did once restart my PC during my active hours, after I left it unattended for a couple of hours, so always save any work-in-progress beforehand. It takes less than a second to hit Ctrl-S.

Metered connections

Microsoft knows that not everyone has unlimited broadband, so it allows for “metered connections”. By default, Windows 10 sets ethernet wired and wireless networks to non-metered, and mobile connections to metered. People who have capped broadband and unlimited mobile broadband could switch these around, but the defaults suit most users.

If you have a metered connection, Windows Update will only download priority updates automatically, so it will be up to you to download the others. Setting both connections to metered will limit the amount of data Microsoft downloads, making you less likely to get a major update when you don’t expect one.

To set metered connections, run the Settings app, click on “Network & Internet” and then select “Change connection properties”.

Frankly, I don’t think setting metered connections offers enough benefits to be worth the effort, but some people may find it useful.

Windows 10 Pro

The business and professional versions of Windows 10 provide more control, even to people who are not IT experts. For example, the advanced options page in the Settings app includes an extra control, Pause Updates. This prevents any updates from being installed for the next week, though when the time is up, you cannot pause it again.

If you have Windows 10 Pro, this is the simplest solution to the Windows update problem. You can simply install all available updates on (say) a Sunday then pause updates during your working week.

The business versions of Windows also include Group Policies, which allow IT managers to control how their fleets of PCs work. However, you can edit them manually. Type edit group policy in the Windows search box and run the editor (gpedit.msc), then look for Windows Update in the Administrative Templates section, under Computer Configuration. The default setting is “3 – Download the updates automatically and notify when they are ready to be installed”. You can change it to “2 – Notify for download and notify for install”. That will reduce the chances of Windows 10 installing downloads when you’re not ready for them.

GPEdit also allows you to defer “quality updates” for up to 30 days, and “feature updates” for up to 365 days. This is useful for businesses that need to test applications before installing updates. It doesn’t prevent your PC from restarting to install security updates, but usually this doesn’t take very long.

Disable updates

Windows geeks know that you can do all sorts of things with its Administrative Tools. For example, double-click Services, and find Windows Update in the list. Yes, you can control how this service starts up, and you can stop it from running until you next reboot Windows. People shouldn’t mess with Services unless they know what they are doing. However, a small utility called Winaero Tweaker provides easy access to all sorts of tweaks, one of which is Disable Windows 10 Updates. This is not something I recommend, but there are times when it could be a useful short-term expedient.

At least Winaero Tweaker is safer than people changing Services or editing the Windows registry directly, where ignorance can lead to unfortunate results.

Blog

Computers can spot cancer faster than specialist doctors

March 19, 2018March 19, 2018
by Dane

Computers can diagnose prostate cancer almost as accurately as specialists, according to research that promises to give results within hours.

Artificial intelligence software was trained to grade the severity of tumours accurately in an advance that will ultimately mean much quicker diagnosis.

The machine learning algorithm is already more than 99 per cent accurate at assessing biopsy samples and within a few years could be routinely used in NHS clinics. The use of AI to interpret scans and samples is one of the fastest-progressing areas of medicine, and last year Jeremy Hunt, the health secretary, said that within a decade we could be going to computers instead of doctors for a diagnosis. NHS bosses are looking closely at how to use such programmes to interpret x-rays and MRI scans.

The first such study suggests that the method will also be a viable way of assessing biopsy samples taken from men thought to have prostate cancer. Chinese scientists took tissue from 283 patients and then divided them into 40,000 samples, 30,000 of which were used to train software to spot those that contained cancer.

The program was then tested on the remaining 10,000 samples and was able to distinguish cancer in 99.38 cases out of 100 when assessed against pathologists. It was also able to classify the tumours by grade, Hongqian Guo, of Nanjing University, told the European Association of Urology congress in Copenhagen last week.

“Until now, automated systems have had limited clinical value, but we believe this is the first automated work to offer an accurate reporting and diagnosis of prostate cancer. In the short term this can offer a faster throughput, plus a greater consistency in cancer diagnosis,” Dr Guo said. “We still need an experienced pathologist to take responsibility for the final diagnosis.”

Jo Martin, president of the Royal College of Pathologists, said that AI would help to ease a shortage of specialists and help by doing routine analysis, freeing up pathologists for unusual cases.

Blog

Staying Safe Online from Cybercrime

November 21, 2017November 21, 2017
by Dane

Staying Safe Online from Cybercrime

Cybercrime (or computer crime) is a fast-growing area of crime that affects home computers as well as businesses. Here are some things to watch out for:

Malware is a term used to refer to a variety of forms of intrusive software that can install programs onto your computer and extract information that can be used in scams – like genuine sounding telephone calls – using information they got from your computer (or online). If anyone rings you and tells you there is something wrong with your computer, it’s most likely a scam, no-one can access your computer without your permission – it’s illegal – if you are worried ring us, advice is free.

Watch out for this current telephone scam. Fibre-optic broadband is being rolled out across Shropshire. If someone ‘from BT’ rings and tells you that your new broadband is now working perfectly but you are due a refund because of poor service in the past – this is a scam. They then ask for your bank details so they can pay you – but take money OUT of your account. Never give your bank details to someone you don’t know. Fortunately, in this instance, the person concerned paid via Paypal and was therefore able to get a refund, the scam was reported and the bank recommended she get her computer checked for viruses. We have now scanned her computer, removed fake programs (that windows recognise but are spyware), installed a free anti-virus program and she is now safe to use her new fibre-optic fast broadband.

Premium Rate Telephone Numbers The Royal Society for the Prevention of Cruelty to Animals (RSPCA) is warning the public about rogue websites advertising fake premium rate numbers for their cruelty line. Numbers beginning ‘09’ can charge up to £3.60 per minute and up to £6 per call. You can check call rates on: www.gov.uk/call-charges

The most common scams are phishing scams in an email posing as a government official with a fake link that loads a virus onto your computer. Official sources like the tax office or your bank – will never ask you to disclose personal information like passwords or pin numbers by email or phone. Scam emails include telling you about a tax refund, a court case, a prize you have won. Don’t open the email or click on any links or attachments. Even if it’s someone you know it could still be a virus, you can read the email without opening it.

Windows XP is out of date and the firewalls no longer offer any protection online leaving computers wide open to viruses. We had a serious problem recently with a client who turned his computer on one morning and all his data had disappeared – which necessitated specialist data recovery. If you’re still running a computer on Windows XP you need to upgrade it – the earliest protected edition is Windows Vista.

Social media Be wary when using Facebook – if something looks like it hasn’t been sent by your friend – it probably hasn’t – and their account has been hacked – so don’t click on it. Currently there are fake videos and photos being sent via Facebook – don’t open anything you are not sure of.

Beware of look-alike websites that seem like a quick and easy way to register for things but charge a fee when the services they purport to be offering are actually free. Examples are the Blue Badge disability scheme (which is a scam – obtaining a genuine blue badge is a lengthy process), the telephone preference service and the mailing preference service.

www.tpsonline.org.uk is the correct website to register to reduce unsolicited phone calls.

and www.mpsonline.org.uk is the correct website to register to stop unwanted post .

You can find out more information on current scams and things to watch out for at www.actionfraud.police.uk

this article will be published in the December 2017 edition of the Whitchurch Gossip

Blog

The best steam and teamspeak skins

May 1, 2016May 1, 2016
by Dane

How many hours has humanity spent collectively staring at Steam’s familiar grey interface? It’s time for a change. Fortunately you can reskin your Steam client with user-made varieties that change the look and feel of Steam’s familiar tabs. A new skin can be a great improvement, and they’re very easy to install.

Let’s run through the process first, before moving on to our favourite skins on page two.

Steam Download

Duke Nukem Sound Pack

This is an alternate sound pack for the TeamSpeak 3 Client recorded by the great Jon St. John himself. Customize your favorite voice communication software and get the “Duke” feeling to your TeamSpeak sessions with theese unique sounds.

Who is Jon?

Jon St. John is an American voice actor and singer. He has done the voices for various video games and is probably best known for being the voice of Duke Nukem in all of the Duke Nukem games from 1995 onwards, starting with Duke Nukem 3D.

Bring the the voice of Duke Nukem, John St. John, to your TeamSpeak 3 Client with this new special sound pack.

Duke Nukem TS download

Star Wars: The Old Republic – Sith Skin-

I made this skin for our guild members and skinned it after our guild THE SITH ORDER. There is nothing tied to our guild so it it a Sith skin.

Leave comments if you like the skin.

If you are going to play SWTOR and would like to join our guild, apply to our guild using the link below:

SWTOR Guild: THE SITH ORDER

Our guild website:

http://www.the-sith-order.com/

Enjoy!

Download

Blog

windows 10 keeps disconnecting from wifi (Solved)

April 10, 2016April 25, 2016
by Dane

Was working for a client due to been doing a lot of fixes for windows 10 recently and found this guy who has a wonderful solution to this problem because there can be many causes for this and can send people on a wild goose chase.

So all that is happening is that in windows 10, windows decided to have an option to turn of your network to save power, when I cant imagine why anyone would ever want this but thankfully you can un-check this option in this method below, all credit goes out to him to put the time into showing us how it’s done.

Blog

Stay Safe Online

April 6, 2016April 6, 2016
by Dane

Stay Safe Online in 2016

Cybercrime (or computer crime) is a fast-growing area of crime. More and more criminals are exploiting the speed, convenience and anonymity of the internet to commit a diverse range of criminal activities causing serious harm and posing very real threats to victims worldwide.

Malware is a term used to refer to a variety of forms of hostile or intrusive software, including computer viruses, worms, Trojan horses, spyware, adware, and other serious malicious programs. It can install software onto your computer that extracts information that can be used in scams – like genuine sounding telephone calls – using information they got from your computer (or online).

If anyone rings you and tells you there is something wrong with your computer, it’s most likely a scam, no-one can access your computer without your permission – it’s illegal – if you are worried ring us, advice is free.

The most common scams are phishing scams in an email posing as a government official with a fake link that loads a virus onto your computer. Official sources like the tax office or your bank – will never ask you to disclose personal information like passwords or pin numbers by email or phone. Scam emails include telling you about a tax refund, a court case, a prize you have won. Don’t open the email or click on any links or attachments. Even if it’s someone you know it could still be a virus, you can read the email without opening it.

Windows 10 There have been a few issues with Windows 10 recently. People have updated to Windows 10 and subsequently found that it causes lots of problems because it’s not compatible with older software that has no recent updates – like printer software.

Beware of look-alike websites that seem like a quick and easy way to register for things but charge a fee when the services they purport to be offering are actually free. Examples we’ve heard about recently are the Blue Badge disability scheme (which is a scam – obtaining a genuine blue badge is a lengthy process), the telephone preference service and the mailing preference service

www.tpsonline.org.uk is the correct website to register to reduce unsolicited phone calls

and www.mpsonline.org.uk is the correct website to register to stop unwanted post .

You can find out more information on current scams and things to watch out for at http://www.actionfraud.police.uk

You can report scam phone calls and emails by emailing: [email protected].

You can also check out our website for the latest scams to watch out for with our blog / facebook page – and lots of useful free advice so you can keep to up to date:

www.rainford-it.co.uk

01948 840102

October 2018
M	T	W	T	F	S	S
« Aug
1	2	3	4	5	6	7
8	9	10	11	12	13	14
15	16	17	18	19	20	21
22	23	24	25	26	27	28
29	30	31