Beware Locky

The internet can be a very scary place.

Over the past week, computers throughout Europe and other places have been hit by a massive email spam campaign carrying malicious JavaScript attachments that install the Locky ransomware program.

Antivirus firm ESET has reported a spike in detections of JS/Danger.ScriptAttachment, a malware downloader written in JavaScript that started on May 22 and peaked on May 25.

Many countries in Europe have been affected. The company’s telemetry data also showed significant detection rates for this threat in Canada and the U.S.

JS/Danger.ScriptAttachment can download various malware programs, but recently it has been used to primarily distribute Locky, a widespread, malicious program that uses strong encryption to hold users’ files hostage.

While Locky doesn’t have any known flaws that would allow users to decrypt their files for free, security researchers from Bitdefender have developed a free tool that can prevent Locky infections in the first place. The tool makes the computer appear as if it’s already infected by Locky by adding certain harmless flags, which tricks the malware into skipping it.

The use of JavaScript-based attachments to distribute Locky began earlier this year, prompting Microsoft to post an alertabout it in April.

The attachments are usually .zip archive files that contain .js or .jse files inside. These files with will execute directly on Windows without the need for additional applications.

However, it is very uncommon for people to send legitimate applications written in JavaScript via email, so users should avoid opening this kind of file.

Will Locky make it to the United States in a big way? I hope not. However be sure to be aware of it and use all of the security tips we have recommended in the past.

Microsoft’s Windows 10 Install Deception

The ironic part of this story is that I actually like Windows 10 – alot. However there are many reason while someone may not want Windows 10 on their computer just yet. Sadly Microsoft is really trying to make this a all Windows 10 world – and the world is simply not ready yet.

Again – Windows 10 – in the right place – on the right device is awesome, however it not appears Microsoft is attempting to confuse the normal consumer so badly that Windows 10 will one day just appear on their PC.

Here is what is happening friends.

Microsoft is certainly not winning people over with the way in which it is pushing Windows 10 down users’ throats, and things have just got worse. It seems the company is making a series of final pushes before the free upgrade offer ends on July 29, but it also seems that Microsoft’s zealotry concerning Windows 10 is simply losing fans.

What some people have called harassment started back in October 2015 when consumers complained that just saying NO to a Windows 10 upgrade was becoming a difficult and irksome task indeed. At the time Microsoft said that the upgrade would come as a ‘recommended update’ for Windows 7 and 8.1 users, although, according to a spokesperson for Microsoft, “Windows Update settings are configured to accept ‘Recommended’ updates”. This was perhaps sneaky, but entirely expected.

It seems that wasn’t enough though, and just lately Microsoft stooped to a new low by making the red x on the Windows screen – the x we all know will close the window  – to mean the same as ‘OK’, I want to upgrade to Windows 10. For all intents and purposes this is an act of deception, something we might expect to happen when we’re trying to watch the latest blockbuster movie online for free, but not when we’re dealing with our trusted and loyal friend Microsoft.

In its own fairly weak defense Microsoft said that the upgrade could be cancelled. Perhaps, but only after an unwitting user had fallen inside a trap that had been laid.

So just when we thought Microsoft might be feeling a little repentant after being roundly criticized for their deception, the company seems to have taken its wily ways a little further. So much so that one of the best-known tech writers following Microsoft, and co-host of Windows Weekly, Paul Thurrott, called the move “indefensible” and said that the entire debacle concerning the upgrade push has now undermined Windows 10.

If you do not want Windows 10 just yet I highly recommend Steve Gibson’s “Never Windows 10” application.

TOS 50 Book Mission # 15 – “Elusive Salvation”

With Dayton Ward’s latest time travel adventure “Elusive Salvation” we are treated to 4 centuries of Star Trek – spanning several Trek time periods.

The story opens with the crash landing in the Arctic in 1845 of a ship by a race known as the Iramahl who are fleeing the oppression of a race known as the Ptaen. Flash forward to 2283 where an unidentified object is spotted approaching Jupiter station that eventually is determined to be an Iramahl ship which is looking for its missing people who may or may not be still alive some 4 centuries later.

To locate the crew in the past, Kirk sends a message to Roberta Lincoln (see the classic episode “Assignment Earth” who is living in the 1970’s to see if she and Gary Seven can help locate the lost Iramahl crew.

Dayton Ward, as he did in his previous novel of this series, “In Histories Shadow” does an awesome job of mixing parts of the past & present (star Trek) with a fascinating tale of oppression while at the same time drawing on episodes of three (yes 3) Star Trek series which make for nice references throughout the adventure. The book is a very easy read and an enjoyable one up through the breakneck finale which will take your breath away.

This is a very worthy book to be included as part of the 50th anniversary Pocket Book run which is occurring throughout 2016. The Star Trek novels released throughout 2016 should pay homage to the best of Star Trek which “Elusive Salvation” surely does.

Floppy Discs Live at the DoD

Here is a surprising story and one that demonstrates how government can lag behind in respect to technology – although this is ridiculous. Prepare yourself.

America’s nuclear arsenal is still being controlled by an outdated computer system that takes 8-inch floppy disks, according to a new report from the Government Accountability Office.

The title of the report on the government’s information technology infrastructure — “Federal Agencies Need to Address Aging Legacy Systems” — is what I would classify as an understatement.

“Agencies reported using several systems that have components that are, in some cases, at least 50 years old,” the report says.

One of those very old systems is the Pentagon’s Strategic Automated Command and Control System, which coordinates US nuclear forces like nuclear bombers and intercontinental ballistic missiles. Failry important stuff would you not agree?  As the report clearly states, it is running on an IBM Series/1, a minicomputer that started out with 16K of memory. What?!

It also has a disk drive that uses 8-inch floppy disks. For anyone younger then 30 here is what these floppy disks look like:


Many of us already were aware that these antique systems were in use since at least 2014, when CBS aired a report on the day-to-day life of nuclear missile launch officers. At the time, the Air Force told CBS using such aging equipment was actually a good thing, “since no modern day hacker would ever be able to break in to old equipment that’s not connected to the Internet.”  I did not agree when I heard this in 2014 and I still do not.

Thankfully two years later it looks like this is finally changing.

It has recently been reported that that the Department of Defense is planing to update “data storage solutions, port expansion processors, portable terminals, and desktop terminals by the end of fiscal year 2017.

Better late then never I guess.

Protect Yourself Against Ransomware

If you are a regular reader of this fine technology blog you must know that ransomware is dangerous, malicious and becoming more widespread with each passing day.  You do not need to panic because there are steps you can take to minimize the risk that your computer will be infected.

Update Often

Make sure that your software, operating system and plug-ins like Java and Flash are kept up-to-date by turning on their automatic update feature.

Some hackers are exploiting vulnerabilities in those programs to install ransomware automatically when consumers visit hacked websites.

Back-Up Your Data

If your files are locked by ransomware, the only way to recover them without paying the ransom is from backup copies. If you are not yet doing regular backups, you should start.

Even if you are doing regular backups – beware. Some ransomware can find and encrypt files on anything that looks like an attached drive, including external hard drives you may have connected, drives you may have on your local network or cloud services like Dropbox and OneDrive

To protect yourself use cloud backup services like Carbonite or Mozy in addition to an external hard drive that you disconnect after each backup. You should back up your data in multiple places or on to multiple drives.

Run Anti-Virus Software

First please keep it up-to-date and have it set to scan for viruses automatically. Anti-virus software can usually detect and block known ransomware.

However be aware that anti-virus programs typically struggle to identify and protect your computer from new versions of ransomware, so they are not a perfect solution. Some anti-malware programs can act as a kind of backup, allowing you to undue changes ransomware and other malware have done to your computer.

Think Before You Click

This bay me one of the most important tips here. Be skeptical of links or documents sent to you in email and be wary of clicking on them. A good rule here is that if you did not specifically request the links or documents contact the sender directly (in person or by phone) and verify the legitimacy of the email before clicking on anything.

117 Million LinkedIn Hacked Passwords Up for Sale

LinkedIn was hacked four years ago and more problems from it have surfaced this week. The new information released reports that the 117 million user emails and passwords that had been stolen four years ago are now being offered for sale.

The June 2012 LinkedIn hack was originally believed to have involved 6.5 million passwords. However, a report yesterday by Motherboard said a dark Web marketplace and another site, LeakedSource, had both obtained data from 167 million hacked LinkedIn accounts which would mean that even more then the original reported leaked email addresses were stolen. Of those, 117 million included emails and passwords, the remaining accounts are believed to be of users who logged into the site via Facebook.

This is Not a New Security Breach

Wednesday’s report on Motherboard said the publication had learned from a hacker using the name “Peace” that emails and passwords from 117 million LinkedIn users were among the 167 million accounts held in a hacked database posted for sale on The Real Deal, a dark Web marketplace. Peace was seeking five bitcoins — about $2,250 at today’s exchange rate — for the data.

The publication reported that the database of LinkedIn account information was also in the hands of LeakedSource, a paid-subscriber site that allows people to look up whether their online username or password data has been found to be publicly available on the Web.

LinkedIn responded to Motherboard’s report in a blog post on Wednesday by Chief Information Security Officer Cory Scott.

“We are taking immediate steps to invalidate the passwords of the accounts impacted, and we will contact those members to reset their passwords,” Scott wrote. “We have no indication that this is as a result of a new security breach.”

LinkedIn Looking for Suspicious Activity

While the LinkedIn passwords hacked in 2012 were protected using the SHA-1 hash algorithm, they were not “salted,” which provides further protection with the addition of random data to hashed passwords. Without that added protection, passwords and other hacked data are easier to crack.

According to Motherboard, a person at LeakedSource said site personnel had been able to break into around 90 percent of the hacked LinkedIn passwords within three days.

A post published Tuesday on LeakedSource said LinkedIn users who found their information on the site could ask for that information to be removed from its database at no cost. The site also posted a list of the top passwords it had identified in the hacked data, indicating that many hundreds of thousands of users had chosen easily broken passwords such as “123456,” “linkedin” and “password.”

In Wednesday’s blog post, Scott noted that LinkedIn has “for several years” both hashed and salted all its user passwords. He added the site also encourages members to use other available LinkedIn tools such as email challenges and dual-factor authentication.

A blog update posted later in the day said that LinkedIn was using automated tools to look for and block any suspicious activity on affected accounts. It added, “We have demanded that parties cease making stolen password data available and will evaluate potential legal action if they fail to comply.”

Protect Your Passwords

This is another story that demonstrates the importance that you can not trust others with your security. Your passwords should be complex and encrypted. This is easily achievable by using password managers such as LastPass. Also when possible use two-factor authentication.

Netflix Brings Us

Netflix has just launched what is probably the simplest speed test on the Web. It’s called

It’s incredibly minimal, and loads pretty much immediately, probably because there are no ads. It only measures your internet service provider’s (ISP) download speed, which it will present in huge digits after a few seconds of testing.

And that’s it. A frequently asked questions section explains that keeping the site minimal was a conscious choice:

Netflix does give you the option to compare your results with, which provides detailed results on upload speeds, latency and other metrics as well. That’s a nice touch, given the companies aren’t affiliated at all – there’s isn’t even a link to Netflix proper.

This is obviously part of the Netflix’s continued battle against slow ISP speeds, and I would not be surprised to see links to show up on the Netflix site and apps, especially when users are having connection problems.. The site ends its FAQ section fairly pointedly:

“If results from and other speed tests often show less speed than you have paid for, you can ask your ISP about the results.”

Will this help for consumers with slow ISP’s? I hope it at least helps shine a light on ISP’s who are proving slow connections to customers who are paying for faster speeds — and not getting it.