Mike's Mostly Tech blog

OS X Security and Malware

Please folks practice safe computing – keep your systems up to date, don’t install pirated software (including music and videos), clear your browser cache often, and don’t install ‘helpers’ or ‘codecs’ you cannot thoroughly verify.
Using the line, “I have a Mac I don’t get worms or virus’ etc.” is not only naively silly, it can also be costly.
Remember OS X is built on a Unix foundation and Unix has been around since 1969! So you can bet as the Mac user population increases the number of hacks ‘ported’ to OS X will start to grow exponentially. That coupled with the Apple’s misleading marketing campaign saying, “Mac’s don’t get virus’ etc.” often leads to poor computing habits that can, and I am sure will be exploited more and more.
So keep safe out here.
Some scary info:
http://www.sophos.com/blogs/sophoslabs/v/post/4811

http://www.sophos.com/blogs/sophoslabs/v/post/3710

Peace out

Stop Spam Calls

Ok, how many of you have gotten calls that were dialed by an automated system?
You know the kind. Your phone rings and if you pick it up there is a ‘pause’ before someone gets on the line.
Who then proceeds to tell you that,
”the FBI needs your information..”
“your car warranty is about to expire..”
“you owe money to such and such and we can reduce the amount…”
“we are in the neighbor hood doing x for the Jone’s etc.”

The list is just about endless.

Or how about getting messages on your voice mail or answering machine that tell you “to call 800-xxx-xxxx ext. xxx for a very important matter.” Or “you have an outstanding balance please call 800-xxx-xxxx etc.”

These calls and nearly all like them are made by ‘dialing programs’. There are two types most in use today.

The first and most common is the programs that actually dial a whole set of numbers for a given area code and prefix.
Example: 310-473-xxxx from 0001 on up.

The second is used mostly by fraudsters, bill collectors (illegitimate and some times legitimate) and other scammers.
The program dials a given set of numbers the same way.

HERE IS THE KICKER:
Since the calls are made by machine they follow rules! And we can exploit them to our advantage!
The programs were designed to save money by dialing fast and not wasting the time of (expensive) people. Although one could argue that wages in Bangladesh aren’t that high, you still need real people, even if they don’t speak proper English, to carry on a real conversation.
So when the dialer get’s an out of order or line disconnected ‘tone’ it marks the number as ‘no good’ and moves on.
If however you pick up the phone the system knows the number is valid and puts you through to a person who will then annoy the crap out of you.
Same goes for the calls on answering machines and those going to voice mail – if the dialer get’s an out of order or line disconnected ‘tone’ it marks the number as ‘no good’ and moves on. If your machine or voice mail answers with a ‘message’ like, “hello we are not here ……” the call then plays the message to call a certain 800 number back etc.
With any of these calls the absolute worst thing you can do is actually call that number!!
Your phone will be marked as ‘valid’ and ‘worth calling’ forever!
[This also applies to spam email too!! Never respond to spam email to ‘be removed from list..’]
So how do you we beat the machines?
Quite simple actually.
By playing the ‘call could not be complete’ or ‘number disconnected’ tone before your answer message.
That’s right by simply placing that ‘beep beep beep the number you are dialing…’ tone before your message you will kill the auto dialed call. If you are like me you can even play the tone before you answer a live call!
Just play the tone then record your message.
Make sure you tell people who should be calling you – family friends – that they should ingnore/wait for the actual message.

So where to find the ‘tone’.
Here are a couple links to the tones with the associated message.
Remember you only need the ‘tone’ at the beginning to make the dialer think the number is bad.
You can find them here:
Disconnected number:
Wave format:
Call not completed as dialed:
Wave format

I have created a looped tone with out the message that I use. It plays the ‘beep beep beep’ twice in a row. I will try and find a ‘place’ to put it when I can for easy download. Check back.

Speeding up Firefox

I have written here before of the extensions and add-ons I use in Firefox. [see end of post]
So I though I should add what tweaks I use to speed up and enhance the browser itself.
Give them a try and if they do not improve you browsing experience with Firefox you can always go back to the default settings. [see end of article]

To speed up Firefox 3.x:
Launch Firefox thenType in
about:config
into the navigation bar, you will thne be ‘warned’ say you will be careful.
You are going to be adjusting the browsers default settings and parameters.

To find a value simply type the name of the setting (or copy between the quotes and paste it) in to the ‘Filter’ line and hit enter.
If the configuration exists it will be displayed.
Simply double-click and make the adjustments – change integer or boolean value.

If the key/setting does not exist you will have to add/create it.

For values with “true” after them,
Right click below the ‘Filter bar’ (in the empty space since no values were found)>Choose New>boolean insert the value, hit ok then select true

For values with numbers after them,
Right click below the ‘Filter bar’ (in the empty space since no values were found)>Choose New>Integer insert the value, hit ok then insert the number

Insert OR adjust these values and settings (no quotes):

“network.http.pipelining”, true

“network.http.proxy.pipelining”, true

“network.http.pipelining.maxrequests”, 8

“content.notify.backoffcount”, 5

“plugin.expose_full_path”, true

“ui.submenuDelay”, 0

“content.interrupt.parsing”, true

“content.max.tokenizing.time”, 2250000

“content.notify.interval”, 750000

“content.notify.ontimer”, true

“content.switch.threshold”, 750000

“nglayout.initialpaint.delay”, 0

“network.http.max-connections”, 48

“network.http.max-connections-per-server”, 16

“network.http.max-persistent-connections-per-proxy”, 16

“network.http.max-persistent-connections-per-server”, 8

“browser.cache.memory.capacity”, 65536

“browser.turbo.enabled”, true

Restart Firefox, and it should be much more responsive and faster!

This works for nearly all high-speed connections and modern PC’s (Mac’s included).
If you are a dial-up connection DON’T DO THIS.
AND
Please step in to the 21st century, and get some form of high-speed (dsl, cable etc.) internet.

If these don’t seem to work for you, you can always reset them to their original state:
When you change a preference setting or add a new preference, the associated about:config entry will appear in bold type with a user set status.
To restore a preference setting to the default value or to remove an added preference, context-click (right-click) on the preference and select Reset.

Or you can read more at Mozilla’s site:
http://kb.mozillazine.org/Resetting_preferences

Firefox Extensions I Use

Windows Utilites and Tools

After cleaning up a friends system recently and dramatically improving it’s performance, appearance and usability I was asked again, nay begged, to recommend as many of the applications and or utilities I use(d) to install or put onto an existing or new installation of Windows to ‘protect it’ and to help keep it running optimally and take full control of your applications, system preferences and resources.

The list below contains most of the things I install on, or use, on all of my machines.
There are also ‘portable’ or ‘non-install’ versions of nearly all of these applications which I carry on my thumb drives too. But I will not provide the links for them as they can be easily found the same place as the full installs of these applications.
There are of course many others I use for network administration but I won’t include all of those here now.
I just wanted to put this up so that those of you looking for some very good freeware applications to enhance and improve your computing experience could find them in one place. And to keep it as secure and trouble free as possible.

Firefox:
Download here
[see list at end for Firefox extensions and add ons I use too]

7-Zip opensource file archiver:
http://download.mozilla.org/?product=firefox-3.0.10&os;=win⟨=en-US
App:
http://superb-west.dl.sourceforge.net/sourceforge/sevenzip/7z465.exe

Notepad++ Opensource notepad on steroids:
http://notepad-plus.sourceforge.net/uk/about.php
Appinstall:
http://superb-west.dl.sourceforge.net/sourceforge/notepad-plus/npp.5.4.2.Installer.exe

Windows PowerToys:
http://www.microsoft.com/windowsxp/downloads/powertoys/xppowertoys.mspx

ClearType Tuner PowerToy:
http://download.microsoft.com/download/b/7/0/b7019730-0fa3-47a9-a159-98b80c185aad/setup.exe

Alt-Tab Replacement:
http://download.microsoft.com/download/whistler/Install/2/WXP/EN-US/TaskswitchPowertoySetup.

Open Command Window Here:
http://download.microsoft.com/download/whistler/Install/2/WXP/EN-US/CmdHerePowertoySetup.exe

Tweak UI:
http://download.microsoft.com/download/f/c/a/fca6767b-9ed9-45a6-b352-839afb2a2679/TweakUiPowTweakUiPowertoySetup.exe

The entire Syinternals Suite:
http://technet.microsoft.com/en-us/sysinternals/bb842062.aspx

Complete tool set:
http://download.sysinternals.com/Files/SysinternalsSuite.zip

Of those I use most are:
Process Explorer and AutoRuns

Revo Uninstaller – freeware:
http://www.revouninstaller.com/
App:
http://www.revouninstaller.com/download/revosetup.exe

JKdefrag:
http://www.kessels.com/Jkdefrag/
App:
http://www.kessels.com/JkDefrag/JkDefrag-3.36.zip

Mike Lin’s Startup Control Panel:
http://mlin.net/
App:
http://www.mlin.net/files/StartupCPL.zip

Unlocker
http://ccollomb.free.fr/unlocker/

Wholockme
http://www.dr-hoiby.com/WhoLockMe/

File assassin
http://www.malwarebytes.org/fileassassin.php

A great spyware finder:

Spybot Search And Destroy
http://www.safer-networking.org/en/spybotsd/index.html

Don’t confuse this application with other that are trading on the ‘Spybot’ name and are in
and of themselves ACTUALLY spyware. The one and only original FREEWARE application is here.

http://www.spybotupdates.biz/files/spybotsd162.exe

CCleaner:
http://www.ccleaner.com/
http://www.filehippo.com/download_ccleaner/download/d1565b7fb77b48a3692a199d871845fd/

Taskbar Shuffle – a simple, small, free utility that lets you drag and drop your Windows
taskbar buttons to rearrange them:
http://nerdcave.webs.com/
download:
http://nerdcave.webs.com/downloads/ts2.5_setup.exe

Another program much like Tweak XP:
http://xenomorph.net/?page_id=336
installer:
http://xenomorph.net/files/xdn_tweaker_setup.exe

ImageBurn CD/DVD burner:
http://www.imgburn.com/
App:
http://download.imgburn.com/SetupImgBurn_2.4.4.0.exe

VLC Media Player:
http://www.videolan.org/vlc/
App:
http://www.videolan.org/mirror-geo.php?file=vlc/0.9.9/win32/vlc-0.9.9-win32.exe

KeyPass:
http://keepass.info/
http://downloads.sourceforge.net/keepass/KeePass-2.07-Beta-Setup.exe

ANTI VIRUS APPS:
I have used both of these and they are fine freeware applications.
I also am quite happy with corporate versions of McAfee and Symantec despite the idiot rantings of people who don’t do this for a living.

AVG free AV:
http://free.avg.com/
App Download:
Freeware download

Clamwin Free AV:
http://www.clamwin.com/
http://downloads.sourceforge.net/clamwin/clamwin-0.95.1-setup.exe

FIREFOX EXTENSIONS I use:
Better Gmail
https://addons.mozilla.org/en-US/firefox/addon/4866

Google toolbar:
https://addons.mozilla.org/en-US/firefox/addon/6249

pdf download:
https://addons.mozilla.org/en-US/firefox/addon/636

stop autoplay:
https://addons.mozilla.org/en-US/firefox/addon/1765

FoxyTunes
https://addons.mozilla.org/en-US/firefox/addon/219

Video DownloadHelper
https://addons.mozilla.org/en-US/firefox/addon/3006

Adblock Plus
https://addons.mozilla.org/en-US/firefox/addon/1865

Redirect Remover
https://addons.mozilla.org/en-US/firefox/addon/537

Grease Monkey for firefox – allows of additional script functionalities in firefox:
https://addons.mozilla.org/en-US/firefox/addon/748

GreaseMonkey Scripts:

Remove Facebook Ads:
http://userscripts.org/scripts/show/46560

YouTube HD Ultimate:
http://userscripts.org/scripts/show/31864

GZoom:
http://userscripts.org/scripts/show/7840

Device Drivers/Manager and Disk tools

Excellent tools:
DeviceRemover is a Device manager on steroids!
You can view almost any data on a device, update or backup drivers, and pretty much control anything you want for the device.
This can be a great help when some device all of a sudden stops working – like after an update, or when re-installing/installing an operating system.:

http://www.pro-it-education.de/software/deviceremover/DeviceRemoverSetup.exe

Using this utility is very easy.
But this is one utility you’ll want to use with a great deal of caution unless you really know what you are doing!!
You will be dealing with device drivers and settings and could easily ‘brick’ your devices or even your entire Operating System!

So make sure you have everything backed up before tweaking.
To back up just the drivers first you can use the above mentioned ‘DeviceRemover’ application or try this one:
http://small.drivermax.com/soft/dmx/drivermax.exe

http://www.howtogeek.com/howto/windows-vista/copy-windows-drivers-from-one-machine-to-another/

Better yet and more preferable is to have an ‘image’ available of your entire system.
I have previously gone on about the utter importance of having recent images of your entire system should you have to recover data [your hdd drive dies, you get a virus or trojan, you need larger drive, etc.] so I won’t prattle on too much.
A disk image is a giant file that saves the state of an entire disk.
Disk images can re-create an entire disk drive.
I recommend having an external drive or secondary hdd for images.
I you don’t have one of my favorites, and most important, tools – Acronis True Image or Norton Ghost, there are freeware applications available to create complete system [hard drive] images.
Good Description of the difference of image vs backup is here.
Here is one:
http://www.sysresccd.org/Main_Page
Here is the direct ISO download that can be ‘burned’ to CD:
http://downloads.sourceforge.net/systemrescuecd/systemrescuecd-x86-1.2.0.iso

Safe computing……..

Change Login Image OSX

Change your Login background Image with a single “Drag-and-Drop” with this tool
http://www.loginox.branox.com/

Or you can do it ‘manually’ by using the terminal:
Find a desktop wallpaper image, save it to your desktop as background.jpg, and in the Terminal enter:
sudo mv /System/Library/CoreServices/DefaultDesktop.jpg /System/Library/CoreServices/DefaultDesktop.jpg.old

You’ll have to enter your password to complete the operation. Then, in your Desktop directory in the Terminal, type:
sudo cp background.jpg /System/Library/CoreServices/DefaultDesktop.jpg

Now, next time you log off, your logon screen will have your new custom background. To undo the operation, in the Terminal, type:
sudo cp /System/Library/CoreServices/DefaultDesktop.jpg.old /System/Library/CoreServices/DefaultDesktop.jpg

Alternately, you can modify your logon background by changing a preference versus overwriting the file.
Here’s the command:
sudo defaults write /Library/Preferences/com.apple.loginwindow DesktopPicture “/Library/Desktop Pictures/Aqua Blue.jpg”Substitute “/Library/Desktop Pictures/Aqua Blue.jpg”
with the path to the picture you want to use.
This technique works in both Leopard and Tiger.

Conflicker Worm is here!

Yes folks, it looks like the worm is very active again.
Please take the time to protect yourself and your data. A few minutes of safety can save hours or days of frustration and money.

The worm started spreading late last year, infecting millions of computers and turning them into “slaves” that respond to commands sent from a remote server that effectively controls an army of computers known as a botnet.

The Worm is quietly turning personal computers into servers of e-mail spam, flooding users with malicious emails that in turn can spread the worm again.
It is loading more malicious software onto computers under their (botnet creators) control.
According to Russian-based security researcher Kaspersky Lab.
“Conficker installs a second virus, known as Waledac, that sends out e-mail spam without knowledge of the PC’s owner, along with a fake anti-spyware program.
The Waledac virus recruits the PCs into a second botnet that has existed for several years and specializes in distributing e-mail spam.
Conficker also carries a third virus that warns users their PCs are infected and offers them a fake anti-virus program, Spyware Protect 2009 for $49.95.
If they buy it, their credit card information is stolen and the virus downloads even more malicious software.”

Please don’t be one of those who get scammed, lose control of their system or lose their data altogether.

Microsoft has some good resources here:
http://www.microsoft.com/protect/computer/viruses/worms/conficker.mspx

And offers a great free scan that I recommend here:
http://onecare.live.com/site/en-us/default.htm

For further steps you can take read my two previous posts:
http://mycraniumdrain.blogspot.com/2009/03/conflicker-protection.html

http://mycraniumdrain.blogspot.com/2009/03/more-conflicker-check-for-infection.html

Peace and safe computing

Improving Firefox’s font display

As most of you know I am a huge Firefox fan, primarily because of the extnsions;
things I could not do without, like ‘Better Gmail, DownloadHelper and Stop Autoplay.
All of which I have discussed in previous posts.
But one thing I wish Firefox did was ‘render/display’ pages as nicely as IE 7.
Because, with IE and XP/Vista using ‘ClearType’ and the ‘Aero’ interface pages just look great and I can read them very easily with my old eyes.
Here is a tweak I have used to enable much better font selections (for me anyways) in Firefox.
oops…
Looks like the folks at life hacker have already done a great tutorial (better than mine) on it so go here:
http://lifehacker.com/5197352/force-firefox-to-use-windows-vista-cleartype-fonts

Please note that before you change ANYTHING take COMPLETE and thorough notes of your settings – ALL of them, in all tabs, in case you don’t like what this does!!

For those looking to improve language skills

Lean languages on the cheap!
Free here:
http://www.oculture.com/2006/10/foreign_languag.html

http://lifehacker.com/5194843/a-master-list-of-free-online-language-lessons?skyline=true&s;=x

and some very good pay ones:
http://www.michelthomas.co.uk/default.htm

http://www.rosettastone.com/

Share External Mac Volumes

If you have a mixed environment of PC’s – MS Windows and Macintosh, it can be tough to configure access to shared resources on shared machines.
Sure you might think OSX can do this with the ‘Windows File Sharing’ but you are limited to the ‘home’ folder.
Sharing a Windows folder or drive is actually fairly simple and straight forward.
Here is a great tutorial from Lifehacker on how to mount Windows shared folders in OSX:

http://lifehacker.com/software/mac-os-x/how-to-mount-a-windows-shared-folder-on-your-mac-247148.php

But what about sharing other (like external drives) resources on you Mac with other Macs and PC’s
By that I mean what happens if one of your Mac’s used for Graphic Arts or Pre Press has external drives that need to be shared to other Mac’s and PC’s
I have found VERY few articles that describe this easily and succinctly in over a decade of working with Mac’s.
So here is what has worked for me.:
——————————————
You can share any volumes on the Mac, USB, Firewire and other internal drives etc.

First TURN OFF WINDOWS FILE SHARING in the System Preferences.
I find the first example works best for me most of the time.
Then Go to Applications

Then Utilities and find the Terminal application and open it.

Open Terminal and type;

cd /etc

sudo pico smb.conf

———————————————————-

You’ll be prompted for the password.

Then scroll down to the end of the options and add something like this below:

[BIG EXTERNAL]

comment = BIG EXTERNAL

path = /Volumes/BIG EXTERNAL/

browsable = yes

public = yes

read only = no

Or maybe like this:

[USB]

comment = USB Drive

path = /Volumes/USB Drive name

valid users = joe user

public = no

writable = yes

printable = no

When done making your changes, hit Control-O to write changes to disk (save additions to smb.conf file) and press Return when prompted for a file name. The hit Control-X to quit pico and close the Terminal window.

Now go to your Window PCs and try and ‘browse’ the network and find your shares.
——————————————————

To share additional folders, duplicate the section above — but change the name, comment, and path for each new folder.
I have used this and veriations of this technique for years with great success.
Hope this helps you get productive.

Ok now what if you need to mount an NTFS volume ‘in’ OS X?
There are a few solutions.
This one is condensed from tips from MacOSXHints:

Snow Leopard has the ability to mount NTFS volumes as read/write, but it’s not enabled by default — just read only is supported, as in 10.5. Here’s how to get full read/write support for NTFS drives in Snow Leopard.
First, uninstall NTFS-3G or Paragon if you’re using either one!

Here’s how to get read/write support for NTFS drives in Snow Leopard:

1. In Terminal, type diskutil info /Volumes/volume_name, where volume_name is the name of the NTFS volume. From the output, copy the Volume UUID value to the clipboard.

2. Back up /etc/fstab if you have it; it shouldn’t be there in a default install.

3. Type sudo nano /etc/fstab.

4. In the editor, type UUID=, then paste the UUID number you copied from the clipboard. Type a Space, then type none ntfs rw. The final line should look like this: UUID=123-456-789 none ntfs rw, where 123-456-789 is the UUID you copied in the first step.

5. Repeat the above steps for any other NTFS drives/partitions you have.

6. Save the file and quit nano (Control-X, Y, Enter), then restart your system.

After rebooting, NTFS partitions should natively have read and write support.
This works with both 32- and 64-bit kernels. Support is quite good and fast, and it even recognizes file attributes such as hidden files.
[There may be good reasons why Apple left support disabled, so use at your own risk!]

Another solution that may be simpler is to use this utility which ‘puts’ a GUI onto the above style tweak.

Anyhow I hope this helps