Mike's Mostly Tech blog

Another Flashback Variant – 2nd in two days!

Hey Mac users who still haven’t taken the hint and update your systems’ security there’s yet another version of the Flashback Trojan for you to enjoy.

It infects unprotected Macs in the same way Flashback.K did, through a Java applet exploit, and installs itself without the need of your password.
And, just as its predecessor, Flashback.K erases its footprints by deleting the Java cache and ensures its propagation by installing into the Java Update folder. You can read more here.

Apple released a Java patch in early April, as well as a Flashback removal tool, but clearly not all Mac users patched.

But many Mac users don’t even qualify for the patch—it was only available to systems running OS X 10.6 (from 2009) and later. Mac users running OS X v.10.5 and earlier were advised to disable Java altogether. WTF!! However, it’s quite possible that many users of these older systems just didn’t get the memo and are still running insecure software.

Here is F-Secure’s site that has the checker and removal tool. Check that out too. And please update your systems folks.

Spring Data Backups and Recovery

So it’s spring time woodchuckers. Time for some cleaning and maintenance for many around that house. It’s also a good time to check your backup plans and procedures for your digital data too. Or if you don’t have any make and apply some sort of plan.

You know those stupid commercials about not knowing when you will lose your data. Well, THEY’RE TRUE! It is not a matter of ‘IF’ but WHEN. There are many factors and events that can cause a loss of your important data: Things such as fire, flood, earthquake and other natural disasters. Power surges or outages. Theft of your primary system(s) failure of part or all of your system(s) and of course malicious software such as extortionware or virus’. Remember electronics like everything else WILL fail. And of course usually when you need it most or expect it least.

So please design and USE some sort of plan. I recommend a solution that utilizes technology to it fullest. And for that I recommend backing up you data locally to external/removable hard disk drive(s) (that can and should then be stored in a fire safe or safe deposit box!) along with a combination of some form of ‘cloud’ type of service. I’ll discuss both here.

Cloud Storage solutions such as Mozy, Carbonite etc. and other ‘Synchronization’ type of services such as; Dropbox, Box.net, iCloud, SkyDrive and many others offer a wonderful addition to ANY backup plan. And I use many of them and recommend them as an addition or supplemental solution. You can read my previous article here.

There are a number of things to consider with ‘Cloud’ services, things like:

Bandwidth and storage size – you will be backing your data up to the cloud, and it’s your Internet connection you’ll be using. You need to evaluate your internet connection (and ISP rules and limits regarding that bandwidth – some ISPs severely restrict the amount of data you can use per month!), and whether or not you need to increase your bandwidth speed and/or allotment.

Backup and Restore times – If you are backing up (or synchronizing) a lot of data, how long will it take for the backup and more importantly the ‘restore’ to occur? There are two methods for moving the data back and forth – one is to backup the ‘entire’ file(s) each and every time they are modified. The second is to just synchronize/backup the changed data (called delta or diffing).

Will the company be there when you need it?! – Startups sometimes offer amazing prices for cloud storage but require a leap of faith on behalf of users that they’ll still be around next year. It’s possible that even established services could disappear overnight, but more likely the owners will tell you if the service is to terminate, and give you a chance to make other arrangements or retrieve data. Make sure to choose one with a LONG track of ‘being there’.

System Resource Usage – Some applications can cause your system to dramatically slow down while others are ‘lighter’ on systems resources and synchronize or back up when you are not using your system or at scheduled times. The best way to find out which works for you is try a few of them.

And of Course Security – This is not a small thing. You must make sure your account is protected by a very secure username and password AND that the service you use is very reputable. Also for backup services (vs just the synching type) do they offer ‘full file encryption’? How are your files AND passwords stored on that system – are they themselves encrypted? Are files encrypted before they are sent to the cloud storage provider and are they transmitted via a secure connection (https, sftp etc.)?

On a personal note I don’t put ANYTHING in the ‘Cloud’ that contains any truly sensitive information. I simply synchronize documents, photos and other files that I may not really want to have someone access but that I would still not be ‘harmed’ if they were somehow compromised and accessed. For these purposes – easy access to my documents and files from anywhere, and also collaboration with individuals or teams, the cloud reigns supreme; I can place working documents into many locations, access them from just about anywhere and even share them if I need to. I can also restore ‘lost’ or previous versions of documents and files fairly quickly and easily with these ‘cloud services’. Like I’ve mentioned many times previously, I am extremely careful about my personal security so I use cloud services as an ‘adjunct’ to my ‘real’ back/disaster plan.

I back up ALL my data using disk imaging. It is the only method that can reproduce, to an exact point in time, your existing system; Operating System, Applications AND files quickly and easily. Usually within less than a couple hours depending on the size of your image(s).

With disk imaging (or cloning) I have the ability to be up and running extremely fast. I can restore an entire system or individual files. No need to re-install an operating system and applications and then update them just to be able to access my files. External Hard Disk Drives (and spare internal ones too!) are very inexpensive and getting cheaper all the time!

I have written many times previously [read here and here and for Macs here ]about the prudence and wisdom of having backups of your digital data. And by backup I mean that your data exists in TWO places at once and is able to be accessed or recreated from either source quickly and easily. For this I believe the best solution is to use Disk Images for both Windows PC’s and Mac OS X systems.

Please read my other articles (linked above) and get and work a backup plan. For my Windows operating systems I use and recommend Acronis and for Apple OS X systems I recommend Carbon Copy Cloner. Both provide a superior solution to those built into either respective OS.

Peace, and good luck.

OK Mac guys here we go again!

There’s Another Mac Trojan Spreading Via Microsoft Office documents and email attachments. The Trojan apparently spreads through infected Office documents, and it’s in “active stage”, which means that it searches through documents on infected machines.

Please note that this is a very sophisticated and malicious attack that not only ‘infects’ your machine but also installs a ‘bot’ to control it, scan through your system, and take what ever it wants to! ALL WITHOUT YOUR INTERACTION AFTER THE FIRST INFECTION!

The attack vector utilizes several vulnerabilities. The Java whole that Apple finally just fixed last week. And a Microsoft vulnerability that MS patched 3 years ago. (but they may update that patch too).

Please folks keep your Operating System, Applications and security software up to date and don’t be one of those poor naive bastards that thinks this cannot happen to you.
You can read more here and here

Windows AND Mac System Security News 04-12-2012

For OSX users:
Apple just released Java for OS X 2012-003, an update to the Java implementation in OS X. The update removes “the most common variants of the Flashback malware.” Check that out here. You should definitely update your Java NOW!

For Windows users.
It’s even scarier again. Trend Micro has found some scary ass Ransomware.

You can and SHOULD read the scary details here.

From TrendMicro’s blog, here is some of the details.

“We have encountered a ransomware unlike other variants that we have seen previously. A typical ransomware encrypts files or restricts user access to the infected system. However, we found that this particular variant infects the Master Boot Record (MBR), preventing the operating system from loading. Based on our analysis, this malware copies the original MBR and overwrites it with its own malicious code. Right after performing this routine, it automatically restarts the system for the infection take effect. When the system restarts, the ransomware displays the following message:

This message prompt informs affected users that the PC is now blocked and that they should pay 920 hryvnia (UAH) via QIWI to a purse number (12 digits) – 380682699268. Once paid,they will receive a code that will unlock the system. This code will supposedly resume operating system to load and remove the infection. This particular variant has the “unlock code” in its body. When the unlock code is used, the MBR routine is removed.

Bottom line PLEASE keep your security software, Operating Systems and Browsers (including and especially browser plug-ins like Java, Flash etc.) up to date and patched.

Peace.

Mac Fanboys and Girls let the terror start

UPDATE:

There is now a simple tool you can use to check to see if you are infected by this Trojan. So far they are finding more and more people with it!

The tool is called, appropriately enough, the FlashbackChecker tool. You can get that here. Download and run it and see if you are in the clear.

Note that FlashbackChecker can’t actually remove the Trojan, it can only detect it. So, if you or a family member does find it on their machine, you’ll have to go back and run those original terminal commands (from F-Secure’s site) to determine exactly what you need to remove.

—-

Mac Trojan is infecting LOADS of people!! OK now the terror starts for you fanboys (and girls). My last article told you of this Mac Trojan. Now it’s apparently infected at least 600,000 users so far (read here) and it’s terrifying everyone! It’s written in an unknown language, doesn’t even need your password to compromise you! Please read and take precautions.

It’s written in an unknown language, and doesn’t even need your password to compromise you, and.

For instructions on how to check for and how to remove it you can AND SHOULD go here. This is F-Secure’s site.

NO system that is connected to a network is EVER safe. It can only be made more secure. Don’t ever think you Operating System is your security; it’s not – YOU ARE!

Be safe out there people!

[side note: I wonder how many calls I’ll get about this and how to repair the damage? The compromised system I can fix – your emptied bank account I cannot. Just saying.]

New Flashback Trojan Infecting Macs NOW

A new Mac Trojan that can now infect your computer from little more than a visit to a website AND requires NO PASSWORD TO INSTALL is making it’s rounds and promises some scary things!

The exploit was patched in February for MS Windows systems, however Apple has yet to release one for OSX.
Read more about it here.

F-Secure has a method for checking for and removing the infection here.

So once again folks please do not be naive and think you are immune to attack simply because your Operating System is not MS Windows.

Be safe out there.

Cleanup or Refresh an iDevice and Properly Restore it.

I’ve recently had a few people who had some problems with their iPhones and asked for some help. They were all of a sudden unable to receive calls and texts reliably or at all and or were notified they were running out of space. All were instructed by Apple and/or their carrier (in all three cases it was AT&T but could easily have been others) that they needed to reset their phone to factory settings. Problem is that without properly backing up the device(s), settings, applications and files everything is wiped!

Fortunately it’s pretty easy to back up iDevices and reset them to factory settings then restore the user files and settings such as contacts, call logs and messages. However as I’ve mentioned before Media such as images/videos and other media can sometimes be wiped and lost.

iPhones also have this problem of ‘filling up’ with pictures and videos. The only way to get them off is to manually delete them individually from the phone – a real pain in the anus.

So back to my favorite iDevice backup tool – DiskAid. It has it’s own backup tool that can ‘override’ iTunes backup and works real well. I use it often but some people would rather just use DiskAid to ‘remove’ data from their phone and do their backups in iTunes. So I’ll show that here to show the steps I took.

Get DiskAid and install it on your PC or Mac. And please read my previous post in iDevice backups.

First I used DiskAid to copy all photos and data – Diskaid has the ability to actually ‘SEE’ your data and remove pictures, movies and other items taking up space on your phone.

This copied off the images and movies to the PC.

Then I deleted a whole bunch of images and movies that were still on the phone to free up loads of space.

Cleared up to

The ran the iTunes Backup too.

1. Connect your iOS device to a computer with the latest version of iTunes installed

2. Select your iOS device in iTunes under Devices

3. Right-click (or Control-click) the device and select Back Up

The full iTunes backup can take a while be patient!

Also make sure you ‘Transfer you purchased items to iTunes:

right-click (Windows or Mac) or Control-click (Mac only) your device in the iTunes Source list, then choose Transfer Purchases from the shortcut menu that appears.

Then right-click after that is finished and run the ‘Sync “iPhone” one last time for good measure.

Now to ‘clear and restore’ the device.

Click on the ‘Restore’ radio button and choose the last backup you just created. You will be prompted:

If you have completely backed up, transferred files and synced all should be OK.

When the restore process has completed, the device restarts and displays the Apple logo while starting up:

After a restore, the iOS device displays the “Connect to iTunes” screen. Keep your device connected until the “Connect to iTunes” screen goes away or you see “iPhone is activated.”

Then to restore information from a backup connect your iOS device to the computer with which you normally sync then in iTunes:

Right-click (or Control-click) the device and choose Restore from Backup

Remember some of these steps can take some time – be patient!!

Your device should run much more smoothly after this.

Well hope this helps some. Peace out.

iPad 3 Review

Tough parody, this is probably the most accurate review I’ve ever seen!

More Scareware going around–Fake disk errors and hidden files.

More security news. There is another round of Scareware/Trojans going around that trick users into infecting their machines http://bit.ly/zqaBJK and then ransoming a fix for money.

This new threat, named "Trojan.HiddenFilesFraud.A" by Bitdefender’s researchers, hides all files and folders on your machine and disables some standard keyboard shortcuts so you can’t un-hide them. To further inflame your mania it displays error messages as-if from Windows reporting such worries as "damaged hard disk clusters." Disk scareware hides files.Just when your frenzy is at its peak, the fake disk repair tool goes to work. It busily spins and flashes and eventually reports a plethora of errors. Want the problem fixed? All you have to do is register… for $80. The worst of it is, even when you do register it doesn’t unhide your files. Pay $80 for the repair utility that will do absolutely nothing once purchased. The scam is done, the money is gone. And there is a good chance your credit card will be used for more fraudulent activity in the very near future!

It displays a fake ‘error’ and ‘fix window’ that if clicked on (EVEN TO CLOSE!!) actually infects the machine! The the user is supposed to be scared enough and convinced to reach for his pocket and

Please keep your Anti-virus/Spyware application, Systems and especially your Browsers up to date! I have posted previously on how to ‘get out’ of this bogus application look here http://bit.ly/pUhosM and throughout my blog for MANY articles regarding security please check them out. Or you could just pay me to fix what you mess up for not following my advise. Smile

Be safe folks! Peace.

Fix Running out of Internal Storage Space Android devices

Have you ever received an error stating that “you are running low on storage space” or something to that effect on you Android phone? Then when you check you see that you have what looks like loads of free space on you internal SD card AND your external one too! And then you can’t figure out what is causing that error notification and you are not sure what you are to do?

Like most people, you probably do some research on the net. And in most of the first responses/search results you see people start telling you that you need to either uninstall and remove applications or even ‘move’ some application to the external SD card? Well DONT DO THAT YET! As with most stuff on the internet not all that makes it to the top of the search results is good advice or even close to correct!

But fret not. There is a solution you can use FIRST that is much simpler and probably the RIGHT one. [Don’t get me wrong, you may actually have way too many applications and if your device is rooted (and if it’s not why not?) you can actually move most of your downloaded applications to an external SD card. But that is for another post]

I’m going to add a few ‘pre’ steps here.

1st do a full Titanium Pro backup. [Read through my previous posts about this application.] In case you clear the cache and settings of an application that absolutely needed you can restore the data via Titanium! Saved me having to re-enter all my book marks and settings in my browsers (Dolphin HD and Firefox)! Simply opened Titanium and chose Backup/Restore, found the application in question and restored data. BAM done.

2nd I’d do a full CWM backup. I’m a believer in images. [all you have to do is read through my blog to figure that out.] If you don’t have a custom CWM based recovery don’t worry. Titanium should be all you need.

OK, So let’s free up loads of space by clearing application caches and data stores.

By clearing the cache that some applications use, you can reclaim quite a lot of storage space!

Go to Settings >

Applications >

Manage applications

on your Android. Press the Menu button and select the Sort by size option. If you’re on Android 2.2 or above, select the All tab first.
Select/Click on a chosen application and from the Application info screen.
To check if an application has a cache, select it in the list and it will be stated on the resulting screen. To clear a cache, simply press the Clear cache button. You may also clear an app’s ‘data’. This will not only clear the cache, but also all the data the app has generated. Basically, when you select Clear data you’re “hard resetting” the app. You will be warned that settings and ‘databases’ will be deleted and you will possibly be required to ‘re-enter’ in information – that is OK. It is what you want.

A couple of apps that may have a cache (and data) of several MB or more are Facebook, Maps, Market, Internet, Media and Gallery.
For example, I reclaimed 1.2GB!! by erasing the data for Media Storage. It forced my some of my media apps to rescan and locate all my stuff again, but the associated data for Media Storage was still much smaller in size than before I cleared it.
I also did this for my Facebook application and cleared 20MB of data. I did have to re-enter my credentials and settings (contacts sync yes or no etc..) when I first launched the application again but WOW, it is much faster now!.

There are some ‘Cache Cleaner’ applications available in the market. You can search and check them out. But why waste time – and more storage for that matter. When you can do it easily as above every few months or so to keep things snappy. Plus I have found most ‘helper/optimizer application whether for PCs, Mac, iPhones or Android are usually a complete waste. There are a few worthwhile applications and utilities – I do use some, but they are ones usually reserved for true developers and or uber geeks like me. And when I find those I will usually post about them.

I hope this helps some. I know I get asked about it often.

Peace out and be productive and have fun!