Friday, June 26, 2009

Security Snake Oil: The Bogus Email Address

This is the first post in what I think may be a series of security snake oil e-mails and ideas that are forwarded my way. However, before reading this, know that the best way to handle your computer security is outlined here;

Just received this forward on how to "protect" your e-mail address book from worms:

How to protect your e-mail address book:

A computer repairman says this is like having gold. This is a good thing. I learned a computer trick today that's really ingenious in its simplicity.

First dead giveaway that this isn't real is that the fix is "simple". There's no panacea for computer security.

As you may know, when/if a worm virus gets into your computer it heads straight for your email address book, and sends itself to everyone in there, thus infecting all your friends and associates.

This trick won't keep the virus from getting into your computer, but it will stop it from using your address book to spread further, and it will alert you to the fact that the worm has gotten into your system.

Here's what you do:

First, open your address book and click on 'new contact,' just as you would do if you were adding a new friend to your list of email addresses. In the window where you would type your friend's first name, type in ' A'.

For the screen name or email address, type AAAAAAA@AAA.AAA

Now, here's what you've done and why it works:

The 'name 'A' will be placed at the top of your address book as entry #1..

First problem is that may not be the case. Just because you see it first does not mean that it'll be the first e-mail stored on the drive. Data is stored in the way that the computer can access it the quickest or perhaps as you've added it. Then when the computer goes to show you the details, it will sort that data into a human readable format. However for the worm, it'll get it in the quickest order the computer can hand it back.

This will be where the worm will start in an effort to send itself to all your friends.

When it tries to send itself to AAAAAAA@AAA.AAA, it will be undeliverable because of the phony email address you entered. If the first attempt fails (which it will because of the phony address), the worm goes no further and none of your friends will be infected.

Second place this breaks down is assuming the worm will stop on error. It won't for 2 reasons:

  1. Internet mail delivery doesn't work this way. It takes the e-mail and then tells the app it's received it. The app then moves on while the mail delivery system tries to deliver the message.
  2. No worm writer would stop on a bad e-mail address. Even if it did get immediate failure, it would just skip to the next address and keep going.

Here's the second great advantage of this method: If an email cannot be delivered, you will be notified of this in your In Box almost immediately. Hence, if you ever get an email telling you that an email addressed to AAAAAAA@AAA..AAA could not be delivered, you know right away that you have the worm virus in your system. You can then take steps to get rid of it!

This is the only valid point in this article. Having a bad e-mail address in your address book would guarantee a failure you may catch. However, it doesn't matter much as your computer already has a problem. And this problem could be stealing your identity, invading your privacy and generally causing problems. The best bet is not to try and catch the problem to fix it, but to keep it from happening in the first place.

True Security Options

I've seen a number of e-mails from friends and family talking about different ways to handle computer security and to ward off bad things. Almost every time what's recommended in these e-mails or articles won't help or are of at best dubious benefit. Instead of this snake oil, there are a number of things that you can do to keep your system safe. In fact, for the longest time, I didn't even use an anti-virus application and as of yet, I have not gotten a virus or malware on my system. (I've since started using one, just as a precaution ....)

The top 4 most important things your an do:

  • Always patch your computer and keep your applications up-to-date. (Use Windows Update, Apple's SoftwareUpdate, or the appropriate updater for your system)
  • Don't open attachments from someone you don't know
  • Don't click on random links in e-mail, Facebook, Twitter, etc, especially if you don't know who it's from
  • Use a hardware firewall (like a router, any router). This means you can reach out onto the Internet, but stuff outside the internet cannot reach back to you. (I generally like Linksys, but just about any company's router will do)

In addition to the above, here are a few more things you can do:

  • Avoid pirated software and most music sharing sites as many of the files contain malware, viruses, worms, etc.
  • Be aware that Windows by default hides the extension of a file, so the file you see as image.jpg may very well be image.jpg.exe (where .EXE is an executable file that could contain a worm, virus or some other bad thing)

This is not an exhaustive list by any stretch of the imagination, but these are the basics, like locking the doors on your house and car, keeping valuables out of sight, etc. They won't deter a determined intruder, but will save you from the drive-by and opportunistic attacks.

Keep this page bookmarked as I'll continue to add links and details as I have more.

Monday, June 15, 2009

Mindy 2.0 Part 1

So, about a two weeks ago now my server computer, named Mindy (named for the Animaniacs character), decided that it was too hot to work and died. Well, at least sort of died. When I got back from a trip, she was no longer responding to pings and when I tried to reboot her, she would power down after about 20-30 seconds. Best as I can tell, I have a temperature management failure on either the power supply or the motherboard, not sure which.

In thinking about how to approach fixing the problems, I was stuck with two basic paths: try and find the failing component or replace the core components and build a version 2.0 Mindy. If I had a good computer store handy, I would have tried replacing the individual components, but the closest real store I have access to is MicroCenter out in Fairfax or Rockville. (And no, BestBuy does not qualify as I need real parts, not the desktop/consumer parts they have). In addition, my hope was to get this back and running ASAP, so ordering a new power supply and then a new motherboard, etc, just seemed to be a slow process.

In the end, I decided to just replace her guts and upgrade the mainboard, power supply, CPU and memory. This was a good excuse for me to upgrade from the 18-month old Core2 CPU and desktop motherboard and move to a server-type board with a dedicated PCI-E slot for the RAID card I have and to target the new Intel Core i7 chip. So on the recommendation of a friend via Facebook/Twitter, I went with a SuperMicro C7x58 motherboard. In addition, I purchased 12Gb of RAM, a Corsair 630 watt modular power supply and 3 1TB hard disks.

The parts arrived from Newegg on Wednesday, but we had friends over for dinner that night, so I wasn't able to start working on the transplant until Thursday evening while watching Burn Notice and Royal Pains on USA (good shows, btw). I took my time and slowly moved the parts and completed the upgrade about 10:30, too late for me to want to try starting the system. But at least everything fit and looked like it was going to work well.

Friday morning came and I woke up a bit earlier than normal, so I thought I'd give it a quick run. When I went to hook the monitor up to try it, it was at that point I discovered that the motherboard I picked did not include on-board video.

Crap. I didn't even think to look at that. I assumed that it would include Intel integrated video, but alas I was wrong.

Friday came and went and I hadn't been able to get out to get a video card. I did take a few minutes to try and ID the right one both by online shopping and asking friends via Twitter/Facebook what they recommend. Saturday came and went and I had ID'd the card I wanted to buy from BestBuy, a PCI-E 16x passively-cooled video card. Seemed like a good choice as it didn't draw much power and didn't need a cooling fan to work.

Only, it didn't fit. Turns out the card had a HUGE heatsink that spanned both sides of the card. Crap again. The two PCI-E 16x slots I have available surround the PCI-E 8x slot that holds my AMCC/3ware RAID card. I had planned on using the one furthest away from the CPU as it was clear on the non-RAID card side. Unfortunately, the heretofor unknown back-side heatsink wanted to take the same space as the RAID card's jumper pins. And if I tried the CPU-adjacent slot, it hit the humongo CPU fan that came with the i7 processor I purchased.

Sigh, so that meant my first attempt at a video card failed, so back online I went. This time, I decided to purchase a PCI-based inexpensive video card, since the area round my PCI slot is completely clear. As I type, it's being delivered from NJ, so hopefully it'll arrive tomorrow so I can give this whole thing another shot. In the meantime, thank goodness for the Lenovo S10 and Google Apps for domains as they can temporarily replace some of what I relied on Mindy 1.0 (or maybe 1.5) to do.