Marketing by terror

I’ve mentioned Android webjacking before, but here’s another example. Things like this are not usually “viruses” on your handheld device, but rather malicious code embedded in a legitimate website by unscrupulous advertisers.

screenshot_2017-02-16-11-04-16

 

First, this exploit makes your phone buzz like a hornet that’s just been pinched in a vise, and locks your browser. No going back. Second, vulgar sites? No, actually this popped up when I was trying to leave a comment at retailcomic.com. I trust the site not to hide exploits like this on purpose.

 

screenshot_2017-02-16-11-04-35

The claims on these “warnings,” along with being written in questionable English, are absolute lies: “If the problem can not be resolved immediately , the viruses will spy your phone, and destroy your SIM card, delete all your contacts.”

Now I’m just following the trail to see who’s behind this.

screenshot_2017-02-16-11-04-49

Looks like someone is hawking an app (surprise, surprise):

screenshot_2017-02-16-11-05-09

A comment at the app’s site complained, and the developer responded; notice the salutation “Dear,” usually seen on Nigerian scam emails but certainly a red flag that the app developer is not a native English speaker.

 

Screenshot_2017-02-16-11-05-51.png

Despite the apology and denial of malicious intent, I would be very suspicious of apps that are advertised in this way.

Be careful out there.

The Old Wolf has spoken.

Beware the Zeus virus (No, you’re not infected)

I’ve written about scams that get you to call a phone number and help bad guys access your computer before. Here’s another variety you need to be aware of.

My wife’s computer has had this happen twice in the last few weeks (click the image for a larger view):

zeus-virus-scam

Chrome is locked up – you can’t close the tab, click away, or do anything else except kill the browser in Task Manager. A computerized voice repeatedly intones, “Your computer is infected. Your data is being stolen. Call this number for support…” You can imagine that this would be very frightening to someone who is not computer-savvy, and a lot of people will fall for it.

Just to see how the scam works, I called the number (855-335-8826 – don’t call this number) and got an agent with a foreign accent (sounded Indian or Pakistani to me) asking how he could help. Putting on my “geezer voice,” I told him that my computer was talking to me and telling me that my data was being stolen.

  • Agent: “Have you downloaded anything lately?”
  • Me: “No.”
  • Agent: “I will direct you through a couple of steps so I can access your computer and help you fix this problem. Look at your keyboard in the lower left – do you see the Window key? I want you to press that key, together with the letter ‘r’. [Note: he wants me to run a program.]
  • Agent: “Type the letters ‘hh’, then a space, then the letter ‘t’ in the ‘open’ box. Then press the “OK” button.

hht.jpg

  • Me: “Ok, I did that.” [This is what I get]

page-display

  • Agent: “Do you see the little question mark in the upper left hand corner? I want you to click that and select the option that says “Jump to URL.”

url

  • Agent: “Now type this in the box: ‘www.support.me’

jumptourl

  • Me: “OK, I’ve done that.” [This is what I get]:

support

  • Agent: “I will now give you a 6-digit code to enter into the box. Your number is 925837. Please type that into the box and click ‘Start Download’.”
  • Me: Do you really think I’m going to allow access to my computer by a bunch of scammers? Get a life. *click*

What’s going on here is that if I had entered the number, I would have given complete control of my machine to a random scammer, and from that point he could have

  1. Stolen sensitive data like passwords, contact lists, or financial information.
  2. Infected my computer with malware
  3. Taken control of my machine and woven it into a spamming botnet.
  4. Other things more horrible that I wish to contemplate.

There are websites out there that tell you how to remove the “infection” that causes this popup; most of them exist to shill programs like Zemana, Malwarebytes, and HitMan Pro. Free versions of these are legitimate, but don’t be conned into buying “Pro” versions unless you really need their features. Others may ask you to download their own proprietary removal tool. Be wary of such sites.

The key here is that if you get the “Zeus” malware popup, NEVER CALL THE NUMBER. You’ll just be opening yourself up to fraudsters who want to do very bad things to you and your computer.

Be careful out there.

The Old Wolf has spoken.

Philippe Kahn, Prophet

I was on site in 1986, the year Philippe Kahn, CEO of Borland, had the temerity to say in the midst of a crowd of Mac enthusiasts in San Francisco, that the Macintosh was a piece of shit.  That took a lot of gumption; I’m reminded of the scene in The Patriot where Mel Gibson walks into a bar and shouts, “God save the King,” exiting hastily in front of a cloud of knives and axes.

He was wrong then.

128k-macintosh

The 128K Mac was a thing of beauty and innovation (at least for folks who had not been inside the Palo Alto Research Center.) It introduced the world to the concept of a real graphical user interface, and made things possible in the world of graphics, sound, fonts, gaming, design, music, and artwork that would never have been possible in the IBM world – even by adding a dozen cards – more so as the machine morphed into faster and colorized versions. Dark Castle, HyperCard™, designable fonts, MIDI, user-accessible resources… they were all so fun!

The beautiful 1988 Battle Chess game by MacPlay riffed on the biggest disadvantage at the time – the price differential. “Pawn takes King” has the pawn whip out a Macintosh Price List, whereupon the king suffers a fatal coronary.

pawn-takes-king

Flop for flop, the Macintosh machines were about half again as costly as a comparable IBM device, and remain so to this day – but back then the “coolness” factor was enough to overcome that little annoyance. From 1984 until about 1990, I was a devotee.

But Kahn was just 30 years too early.

My wife has an iPod, and years ago one of her kids gave her an iTunes gift card for some music. So we had to set up an AppleID for her to be able to use it. Hold that thought.

Recently she acquired an iPad from her mother, and it was necessary to switch ownership of the pad to her account. Hold that thought.

For about six months last year, I worked for a cloud storage company as a tech support agent, and with remote tools I delved into a lot of Mac systems while I helped customers with their tech issues.

From the experiences I had trying to navigate the Apple environment to resolve what should have been the simplest of problems, I can safely go on record as saying that the Mac world is a place of overpriced, underpowered hardware, combined with a byzantine tangle of AppleIDs, iTunes (an abomination of desolation if ever I saw one, a heavy-handed store thinly disguised as an impossibly cumbersome media management tool), iCloud, Photo Library, and other bits and pieces which form a virtual nightmare to navigate. For Mogg’s sake, they even make you create an account to look at their help forums. And when you try to do that, you hit a brick wall.

applehqiz

My Username is OK. I agreed to the Agreement. “Please check the form for details” shows virtually no additional information. Thanks, Apple.

dongles

Add to this some recent technology decisions that seem difficult to fathom, including a plethora of dongles, the removal of a standard audio jack, and those easily-lost wireless earbuds, and it makes me wonder why anyone would go with Apple hardware any longer. For the longest time a relative imperviousness to viruses and malware was a big draw, but that era has ended, and there’s not much a Mac can do that a PC can’t, and for about 60% of the price. The “coolness” factor is just not there any longer.

a_very_long_flight

It’s been a long time since I’ve been religiously attached to any hardware or operating system. I’ve used so many, it’s basically “whatever gets the job done.” But for a brief period, the Mac was really a wonderful, dazzling, entertaining and useful new thing. Today, I’m pretty convinced that the company has lost its way and its vision when it comes to computers. I don’t hate Apple; I’m really hoping they can turn themselves around. If they don’t, it’s a sure bet that somewhere in the future, another Steve Jobs is waiting.

The Old Wolf has spoken.

The Saga of Window 10 – so now my scanner doesn’t work any more.

When I first bit the bullet and upgraded from Win 7 to Win 10, I lost my HP PSC 950 printer – no available drivers could get it to work. By dint of a lot of pray-and-try fiddling, I was able to get my Canon all-in-one (MF 4350D) to print, but the Canon toolbox was no longer recognized, so my ADF feeder was bricked.

Now, after the Anniversary Update, the entire scanner function is gone. Sticky notes are locked to a minimum size, regardless of how much text is on them. Chrome demands permission to run every blasted time, along with other programs like Paint Shop Pro 7.0 and WinAmp, to name just a few. And you can now no longer tell Windows not to restart your computer after an update, but only specify when you’d like to do it… and you can’t specify longer than a 12-hour exclusion window. ¹

Do you have any idea how enraging this is?

ernie

(With apologies to Bud Grace.)

Do you remember the scene in Dirty Harry where the serial killer, Scorpio, pays to have himself beaten up by a thug so he can blame his injuries on the police?

Yeah, that’s what I’d like do do with every Microsoft executive responsible for the Mißgeburt that is Windows 10. In an abandoned warehouse somewhere, until they beg abject forgiveness from every frustrated user who had Win10 forced upon them without permisson, and even those of us who upgraded by choice.

Not very charitable of me, I know. But the frustration level has risen to such a point that some Linux distro is starting to look darned attractive, learning curve notwithstanding.

I have some words for Microsoft, but they’re not suitable for what I try to keep as a family-friendly blog. Fill in the details yourself, it won’t be hard.

The Old Wolf has spoken.


¹ Edit: A month or so after I had written this draft, Canon (bless their souls) had come up with a new driver for my printer, so at least the scanner works again. And Windows did fix the issue with sticky notes. The rest of my frustration remains. Yes, these are #firstworldproblems, but I live in the first world and depend on my machine for a whole lotta things.

IT is an expense. IT doesn’t make money for the company.

I saved this from over at reddit some time ago, and I’m sharing it here because I thought it could use wider exposure. This post is largely for IT professionals, of whom I know a fair community, forgive me if it doesn’t seem relevant.

On the other hand, if you’re a manager or a director responsible for IT¹, you may want to read this with some care.

A question was asked, “Isn’t there a live sandbox environment² you can freely make mistakes in before you jump in the actual live databases or whatever and make changes? If not, why not?”

A comprehensive answer was posted by redditor /u/catherder9000, which I have only bowdlerized a little, and I hope the author is not mortally offended.

It is all about scale.

(Sort of like how this post could have been summed up in 2 sentences, but enjoy it anyway!)

Lets say you work at a company that is a large small business (40-50 million revenue yearly, 100-200 people). Your IT department is a 1-3 man team, because “you’re an expense” …most business people think only sales people make them money. Don’t worry that you can’t make money if things don’t work, only sales makes you money.

Now lets pretend your last major upgrade to the servers was accomplished with a $75,000 budget. Getting that budget with the equipment you demanded was required was hard fought. Some corners were cut on “not absolutely necessary” things, things like a second slightly smaller and slightly slower server to run as a mirror of the first one, a server where you could do all your testing on. That “saved” the company $30,000, right? You just like to spend money, you never make the company any money.

Then, a year later you have something that absolutely has to be done to the server. You are pretty sure it will work, your outside support people are confident it will work, you have no server to test it on because all your other servers are much too small to handle it or are already tasked with other “critical” services. So you go with your best judgement and go live with a big change during the wee hours to cause the least interruption.

1 AM STUFF GOES BAD.

Now you’re scrambling. By 5AM you’re in a frantic attempt to get back online before major business starts, nothing you or your vendor have tried has worked, they’ve called in a half dozen of their T3’s and developers all to no avail. People are rolling in, things aren’t working. Calls are happening. Pages are going out. 6AM, the owner rolls in. His stuff isn’t working. You’re now thinking about reverting to last night’s backup because the changes you were told would work without a hitch were nothing but a giant frozen boot to the face hitch. People are getting really frantic about not being able to do business, nobody can order anything, nobody can sell anything, nobody can maintain inventory, nobody can do anything but sit around with their thumbs in their ears and surf the web. You’re just an expense, you don’t make the company money.

6:30AM, you make the decision to give up attempts at fixing and instead roll back to the last backup. You start the restore telling everyone “this should be resolved by 9:30AM everyone we have is on it and a full restore should take 2 or 3 hours tops.”

9:35 rolls around, 9:40… 10:15 the backup fails at the last point. What the…? How the…? This is impossible! You make some calls, you explain that you have to attempt rolling back to the offsite backup, yes you understand that will lose the half the day’s business and everything will have to be manually entered when the system is back up. You’re given the “Well for pity’s sake get it back up what do we pay you for!?!” (The go ahead. They have utmost confidence in your abilities.) You start the other restore. It works, but was much slower than the onsite one because fiber is only so fast. 3:00PM you’re back online, things seem to be stable again.

3:30, nobody in IT has slept in 32 hours. You’re called into a meeting with management. People want answers. You explain that you were assured everything would go smoothly by the vendor, you tell them that you were confident on your role in the upgrade as well. What should have been a 2 hour downtime during the night turned into a 17 hour ordeal. It was an unforeseeable incident. You mention that, “Had we had a working test environment to try this on first, we would have discovered the problem and avoided it.”

Nobody wants to hear it. Everything is about reentering the previous day’s sales, orders, receivables, inventory adjustments, etc. 4:30 the business day is basically a wipe. The downtime has cost the company a couple of hundred thousand in lost business for the day. You’re just another expense, you don’t make the company any money.

Nobody learns from it other than yourself, a few other people in IT, and the vendor who “has never seen this problem before”.

dt990808shc0

Your request for a new sandbox server is declined. Your request for a 2nd local backup server is seen as “another” frivolous idea.

You’re just another expense, you don’t make the company any money.

Welcome to IT.

The Old Wolf has been there.

¹ IT = Information Technology. You know, the computer or data-processing department that doesn’t make any money. When things are going well, they wonder what they pay you for. When things go to hell, they wonder what they pay you for.

² A sandbox is a separate place, a mirror of your computer systems, where software can be tested without impacting your production machine. If things go bad, no harm no foul.

Have you noticed that the search function in Windows 10 really sucks?

What a difference from Windows 7. Half the time I’ll search for something I know exists in my libraries, and Win10 won’t find it. I ask for a search only in my desktop, and it will search the whole drive. Even a file that’s clearly there won’t show up, either with a name search or a content search. Pfaugh.

Edit: “Everything” is not designed to search file contents, but it still works like a dream on filename searches, with endless options.

Enter “Everything,” by Voidtools (aka David Carpenter). A tiny 400K program, works like greased lightning. Check it out. It’s free (but he appreciates donations.)

everything-search-window

The Old Wolf has spoken.

 

Microsoft “non-support” – I’m not just blowing smoke here.

In my previous post, I ranted a bit about Microsoft’s efforts to alienate their customers by making competing or foreign programs (like Chrome – horrors!) incompatible or forcing them to ask permission to run, every time. We’re talking Windows 10 here, the latest and greatest.

Here’s an old joke, but one which remains totally valid in the 21st century:

A helicopter was flying around above Seattle when an electrical malfunction disabled all of the aircraft’s electronic navigation and communications equipment. Due to the clouds and haze, the pilot could not determine the helicopter’s position and course to fly to the airport. The pilot saw a tall building, flew toward it, circled, drew a handwritten sign, and held it in the helicopter’s window. The pilot’s sign said “WHERE AM I?” in large letters. People in the tall building quickly responded to the aircraft, drew a large sign and held it in a building window. Their sign read: “YOU ARE IN A HELICOPTER.” The pilot smiled, waved, looked at her map, determined the course to steer to SEATAC airport, and landed safely. After they were on the ground, the co-pilot asked the pilot how the “YOU ARE IN A HELICOPTER” sign helped determine their position. The pilot responded “I knew that had to be the Microsoft building because, like their technical support, online help and product documentation, the response they gave me was technically correct, but completely useless.”

One would think that after all these years as the 900-lb gorilla in the software space, someone at Microsoft would wake up and realize that this is a critical failing that generates massive ill will toward the company.

No, I’m not blowing smoke. Here’s an example, related to my last post.

I went to the Microsoft support site today, and asked a simple question: “Why does Windows Firewall in Win10 block Google Chrome?”

Here’s the page that comes up – one relevant to Windows Vista, dated 2011.

Someone named “Samuthra G,” tagged as a Microsoft agent, replied:

Hi,As the issue is with Google Chrome I would suggest you to post your query in the Google forum for better assistance:
http://www.google.com/support/forum/p/Chrome

And this was designated as the “most helpful” response. Thank you so much, Microsoft and Samuthra G; nothing like blowing an unhappy customer’s problem off by blaming someone else.

Two months later, a user named “Karmana” followed up with the perfect response:

Why is it, over the years, that I have noticed the vast majority of supposed Windows or Microsoft higher-certified helpers cannot seem to actually read the questions asked by the original poster?  Samhrutha, your answer to QW_895 is not only unhelpful, but if you were/are a Microsoft employee, then it is also highly irresponsible to blow off the OP by saying, “It’s not our problem.”  Taking responsibility for one’s own products is a strong first step in positive Public Relations!

To this day, this is my boilerplate experience with Microsoft forums. First of all, the people who answer never give a relevant answer – it probably has to do with the fact that their first language is not English, and that they’re paid pennies per hour to respond to these questions. Second, if they do give a response that’s even on-topic, it’s almost always so technical as to be incomprehensible or un-implementable by the average user.

Today I tried contacting the Microsoft support site, just to see what happens:

support

Having already tried a search without success, I figured I’d take advantage of their offer:

support-2

So I entered my question again: “Why does Win10 firewall block Chrome?” What I got was a list of articles – and once again, the most relevant hit is the worthless exchange I referred to above.

support-3

So I clicked the “Talk to a person” link, and was connected via Chat to a friendly Microsoft agent somewhere on the other side of the world.

“Clarisse” asked me some questions about which version of Windows I was using, provided a case number, and ended up suggesting that I uninstall and reinstall Chrome. So just for the hell of it, I gave that a try – predictably, without success. These agents in India or wherever are minimally trained, minimally paid, and working from scripts without much understanding of what’s happening under the hood.

If I wanted, I could pay $149.00 per year for premium Microsoft support, which would allow me to ask questions at any time and also enable remote desktop support, but I somehow feel that paying for support to solve problems that Microsoft generates is probably not the best allocation of my resources.

The challenge is that Microsoft is so widely accepted as the de-facto standard in the business world that people need it to conduct their daily affairs, and most people would rather muddle along with the best they can do rather than delve down into the guts of an operating system to try to find a fix or a workaround. Microsoft knows this, and based on results, they don’t care to spend any time, effort, or money to improve their byzantine and useless support system.

It’s sad. For myself, I don’t really feel like facing the Linux learning curve, and I’m seriously afraid of something like this:

cautionary

As for Apple, I love the idea of the Macintosh platform, but unless the company brings their prices in line with PC hardware, I won’t be able to justify the expense. From a functionality standpoint, the lines between PC and Mac world have blurred considerably since 1984 when the Mac was introduced as the sexy computer for the rest of us, so the draw has diminished substantially.

Still not a happy camper.

The Old Wolf has spoken.