Lion of the Blogosphere

How to avoid a cyber-attack

with 52 comments

In case you don’t already know:

1. Use Windows 10. The big cyber-attack that the MSM is talking about takes advantage of a flaw in earlier versions of Windows. Upgrade your OS already!

2. Install the latest Windows updates as they become available. Make sure your computer is set to do this automatically. And yes, the Windows updater is buggy. If it’s not working, fix it by disabling the Windows Update Service from services, then reboot your computer, then delete everything in “C:\Windows\Software Distribution,” then set the service back on (to “Manual (Trigger Start”).

3. Use an anti-virus program! I use Avast because it’s free. I haven’t had a virus infestation, that I know of, since I started using it.

4. When you surf to strange websites, it’s advisable to use a browser where you have all plugins disabled. Buggy plugins, especially those from Adobe, have been known to allow viruses to infect your computer by just visiting a web page. (You should also turn off third-party cookies, even though I don’t think this is a source of malware infestation. But why let third parties track what you’re doing?)

5. Use the uBlock Origin adblocker to protect yourself from “malvertisements,” the most common source of malware infestation (along with phishing).

6. To avoid phishing: uBlock Origin and Avast will sometimes block phishing attacks, but you can’t count on it. You have to be aware of signs that give away fake sites from real sites, and what happens in Windows when something tries to install software (never install any software unless you know what you are installing).

A mistake that John Podesta made is that he clicked on a link to go to “Google” that came in a suspicious email. Never do that! If you are going to change your Google password, then go there by typing Google into your browser address bar, never do it from a link in an email! Same rule applies to your bank accounts, etc.

7. Make sure your email password is really secure. Never use it at any other site, and make sure it’s not something that a password-guessing program could guess.

* * *

This post seems to be very similar to something I previously wrote.

Written by Lion of the Blogosphere

May 14, 2017 at 2:40 pm

Posted in Uncategorized

52 Responses

Subscribe to comments with RSS.

  1. Lion of the Blogosphere: Looking out for the folks.

    Gozo

    May 14, 2017 at 3:02 pm

  2. If you’re going to use WIndows, use the most recent version. But the other OSes are safer.

    Magnavox

    May 14, 2017 at 3:16 pm

    • You can’t play Overwatch on any other OS.

      • You can spin up Windows in a VM and run Overwatch on it. Although you have to have sophisticated software developer or sysadmin knowledge to do that, and you probably won’t get a very good framerate.

        snorlaxwp

        May 14, 2017 at 11:34 pm

      • Or you can dual boot. Never do any internet browsing on Windows OS, only games.

        Magnavox

        May 15, 2017 at 10:50 am

  3. In Windows it helps to use a non-administrator account for everyday usage. A rogue program will probably prompt you for the admin password before it can install itself. Will go right in otherwise.

    BracketCreep

    May 14, 2017 at 3:32 pm

    • That’s what she said.

      Paul Ryan's Sickly Old Lapdog

      May 14, 2017 at 5:50 pm

  4. Do you use the sites that hold all your passwords? I was thinking of doing that.

    ttgy

    May 14, 2017 at 4:34 pm

  5. Should I uninstall windows defender if I am downloading Norton from Comcast?

    ttgy

    May 14, 2017 at 4:35 pm

  6. My advice: Don’t surf for porn; don’t illegally download music, videos, movies, etc. Since I stopped doing these things, I have had no problems with malware. (knock wood).

    fortaleza84

    May 14, 2017 at 4:44 pm

    • So where do you get your fix of porn if it isn’t online?

      JS

      May 15, 2017 at 9:28 pm

  7. Third party antivirus programs are unnecessary st this point. Just use Windows Defender and Firewall.

    Steve@steve.com

    May 14, 2017 at 4:48 pm

  8. It is frightening to me that I cannot consistently find a way to block popups or popunders. Why does Google and their Chrome browser allow this? I don’t like the political “Its the current year” argument but when it comes to technology its fair to ask why I get popups in the current year, a problem that seemed to have gone away many years ago.

    johnBeck

    May 14, 2017 at 4:55 pm

    • Disable JavaScript and I’m sure they’ll go away.

      • They do go away, but some sites, like streaming sites, require Javascript. Even installing Chrome extensions requires Javascript. I even have a Chrome third party popup blocker that barely works.

        JohnBeck

        May 14, 2017 at 8:41 pm

    • uBlock Origin. Won’t get all of them but it’ll get 99%.

      snorlaxwp

      May 14, 2017 at 11:36 pm

    • Chrome has an option to block pop-ups. I’m not aware that I get any when I have it on.

      CamelCaseRob

      May 15, 2017 at 2:28 pm

  9. Or just use a $170 Acer Chrombook, and do all your office productivity at work

    E. Rekshun

    May 14, 2017 at 4:58 pm

    • I think the my computer will be a Chromebook.

      ttgy

      May 14, 2017 at 7:30 pm

      • Highly recommended. Chrome books are a great deal.

        Steve@steve.com

        May 14, 2017 at 11:58 pm

      • steve@steve, What Chromebook are you using now? Should I spend at least 300?

        ttgy

        May 15, 2017 at 7:56 pm

      • I use a 15″ acer chrome book. It’s about $250.

        Steve@steve.com

        May 17, 2017 at 10:27 am

    • I do most of my browsing on a Chromebook but you can’t play games with it, I think.

      CamelCaseRob

      May 15, 2017 at 2:29 pm

  10. I’m sure dbags like anonymous cheer every time they hear about th government or some corp getting hacked. But I knew the chips were going to hit the fan as soon as I heard had stolen/published malware from the nsa. Whoever is involved in this crap should go to prison.

    I just had an interesting thought. Perhaps this was a false flag to justify instituting policies the public would otherwise object to. Pure speculation and no way to know even if it were. But it’s a clever idea.

    destructure

    May 14, 2017 at 5:11 pm

    • I just had an interesting thought. Perhaps this was a false flag to justify instituting policies the public would otherwise object to. Pure speculation and no way to know even if it were. But it’s a clever idea.

      The government should have forced microsoft to keep issuing security updates for older versions of Windows. Is that the kind of totalitarian government regulation that you’re talking about?

      Magnavox

      May 14, 2017 at 9:45 pm

  11. Just use a Mac

    Otis the Sweaty

    May 14, 2017 at 6:11 pm

    • Not gonna help. Macs are prone to attacks too.

      peterike

      May 14, 2017 at 9:49 pm

    • the problem is the bad user interface . imho it takes about 2x as long to do something on a mac as it does on a PC

      grey enlightenment

      May 15, 2017 at 7:46 pm

  12. > A mistake that John Podesta made is that he clicked on a link to go to “Google” that came in a suspicious email.

    Ha ha, classic boomer mistake. I can’t imagine someone born after 1970 making this mistake — at least not one who’s smart enough to hold a white collar job.

    Fact Checker

    May 14, 2017 at 6:14 pm

  13. Any pRon sites that are OK to use?

    Vinvent

    May 14, 2017 at 7:54 pm

    • Use them from a Chromebook.

      CamelCaseRob

      May 15, 2017 at 2:30 pm

  14. off topic, is this more proof of #HBD?

    rivelino

    May 14, 2017 at 8:23 pm

    • Indeed, white people just don’t have natural rhythm like that.

      • Black beautiful voices allow them to be opera singer. Some other unknow factor allow them to be 75% of NBA players wich is one of the most elite professional group on earth. Why are there almost no black person among classical dance companies despite rythm and body motion spectacular aptitudes ?

        Bruno from Paris

        May 15, 2017 at 2:38 am

      • This whole HBD thing really is confirmation bias run amok.

        Magnavox

        May 15, 2017 at 10:55 am

      • NFL players are much better athletes than NBA players

        Otis the Sweaty

        May 15, 2017 at 2:14 pm

      • more #HBD clues!

        rivelino

        May 18, 2017 at 2:09 pm

  15. Or, some things just should not be connected to a computer at all:

    https://pragmaticallydistributed.wordpress.com/2017/05/02/the-security-trend-of-the-future-decomputerization/

    Recent fears about North Korean cyber attacks against American power grids as well as the publishing by WikiLeaks of advanced CIA and NSA hacking programs have proven again that any computer system is potentially vulnerable to an attack over the internet, no matter how advanced its cybersecurity may be.

    If an internet of everything means everything is exposed to sabotage then the time is now for security analysis of what strategically vital assets and infrastructure should either be removed from the control of computers, in part or in total. Because what can be hacked ultimately will be hacked given enough time and enough malicious nerds with too much time on their hands. There are many of these sinister forms of nerd; or at least enough for a nuclear power plant, or more, to suffer a core breach because ransomeware was not paid.

    Of course, a full return to non-computer machinery and manual processes is unlikely. Even inadvisable: If dams cannot be programmed into failing by some psychopath, another psychopath will try to destroy it with a hijacked plane, bomb, or some other traditional device. But that will at least require a different type of psychopath, a psychopath able to leave his room and handle exposure to sunlight. And, unlike a computer vulnerability across a shared network, without computers or a shared network the manual destruction of one dam cannot be part of a simultaneous electronic chain reaction in the computers of other dams.

    It does, afterall, pay to hedge one’s bets. Hedging the mix of digital and non-digital bets we’ve made in our portfolio of high priority systems is overdue now that there is good reason to think we have excessively slanted their operations in favor of automation.

    Some systems that deserve to have their degree of computerization reconsidered include:

    Prison Doors
    Power Grids
    Nuclear Plants
    Water Systems
    Nuclear Weapons
    Traffic Lights

    For the military decomputerization of their programs should be a highlight of their threat analysis. Should certain types of classified documents be written up on paper with typewriters and saved in filing cabinets instead of databases? Does Morse code have a future in military communications?

    The ordinary consumer market also must weigh balancing the risks and rewards of computerizing their products. Is it better for the manufacturers of digital clocks to have them operate on computer chips with pre-installed, non-updatable (i.e., not connected to the internet) computer code? Or no computer chip at all? Or car navigation systems. How vulnerable are they to having malicious code take control of the wheel?

    Like all tradeoffs there is no definitive answer; only the weighing of different kinds of risks against others. But the probabilities will have to be weighed with the understanding that greater reliance on computers brings proportionally greater risks of its own.

    The Undiscovered Jew

    May 15, 2017 at 12:10 am

  16. Your first advice makes me think those hackers would have microsoft stocks.

    Bruno from Paris

    May 15, 2017 at 1:20 am

  17. You forgot backups. Ransomware only works if you’ve got no backups.

    Also, there is disk encryption.

    Ransomware and people with physical access to your devices is what you have to worry most about.

    Btw. Do burglars use data of stolen computers and phones? Or do they just wipe the disk and sell it ASAP?

    Contrarian

    May 15, 2017 at 2:48 am

  18. Lion: would you convert to Scientology for this girl: https://www.youtube.com/watch?v=l-eUufUZYgA

    Otis the Sweaty

    May 15, 2017 at 3:33 am

    • She’s thick waisted.

      CamelCaseRob

      May 15, 2017 at 2:32 pm

      • is that a “no” for you?

        Otis the Sweaty

        May 15, 2017 at 4:46 pm

  19. Avast consumes an extraordinary amount of resources on a laptop PC. It will keep your cooling fan running nonstop as long as Avast is running. Which defeats the purpose of even having it if you disable it in order to prevent heating.

    Ronald McDonald

    May 15, 2017 at 11:32 am

  20. I don’t know jack about computers, but last night “the computer guy.” Leo LaPorte, told his listeners to stay away from antivirus programs. Said they open as many holes as they close, and that windows Defender does fine by itself.

    Explainer 21

    May 15, 2017 at 12:18 pm

    • The Computer Guy is giving inconsistent advice. Windows Defender for Windows 10 and Microsoft Security Suite for Windows 7 are anti-malware programs that run in the background. By the way, you should disable those if you install a third-party anti-malware program such as Avast.

      Avast is headquarted in Czechia; Kaspersky is located in an even sketchier country, Russia.

      Mark Caplan

      May 15, 2017 at 11:11 pm

  21. still use windows 7 and have not had any problems. I find anti virus to be annoying and there are always hidden fees. I just back up all the important files and avoid downloading fishy things . As long as everything is backed up everything is fine

    grey enlightenment

    May 15, 2017 at 7:39 pm

  22. The architect behind the Internet (I believe it is Robert Metcalfe) never realized security was such a big deal.

    JS

    May 15, 2017 at 8:27 pm


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: