17 | January | 2018 | The IT Nerd

Archive for January 17, 2018

EXCLUSIVE: Linksys Rolling Out Firmware Fixes For WRT32X & WRT3200ACM

Posted in Commentary with tags Linksys on January 17, 2018 by itnerd

I just got off the phone with representatives from Linksys who shared with me some news in relation to the WRT32X and WRT3200ACM issues that I’ve been writing about for the last month.

First, they shared with me the root cause analysis of the issues that these routers have had. One cause is this Google issue that I wrote about yesterday. But I want to add to what I wrote yesterday to say that the problems with things like Google Chromecasts and Google Home killing your WiFi also extends to Android phones. Why is this important? When I was trying to troubleshoot the WiFi issues with my WRT32X, I had a couple Android phones turned on and connected to WiFi. When they were turned off, I found that I had a much better WiFi experience than when I had them turned on. This was validated by the experiences of users who were on the Linksys Community. Now this confirmation, further validated by Google saying that they are issuing a fix for this behavior, explains what I was seeing.

However, Linksys isn’t waiting for Google to fix this. The beta firmware for the WRT32X and WRT3200ACM that I told you about this past weekend has a fix for this issue in it. Now I did mention that it was a beta, but I couldn’t find anything wrong with the WRT32X variant of this firmware. Thus I feel comfortable recommending that you install it. But if you don’t want to run beta firmware, which by the way is completely understandable, production firmware is either out or will be out soon. In the case of the WRT3200ACM, that firmware is live as of now. All you need do is turn on the auto update of your router and you’ll get it. One thing that I should note is that about 50% of WRT3200ACM routers that are in production have received this update already. The version for the WRT32X is coming very soon as it’s still in the QA process. But if you have a WRT32X, you may want to proactively turn on auto update to get this firmware when it appears as it should be out sometime over the next few days. When it does pop up, I’ll post an update on what my experiences with it are.

One other thing. To further ensure that nothing else that can be classified as “bad” happens. Such as the Google fix breaking something else, Linksys will be monitoring the situation and be doing additional validation on the Google fix to ensure all their users are happy. One thing that was stressed to me on the call with Linksys is they really want to do right by their users. That’s why you saw them handing out replacement product such as Velop whole home Wifi nodes to customers. WiFi is important to everyone everywhere and Linksys gets that.

In closing, I have an ask for anyone who has a WRT3200ACM or a WRT32X. When you get this firmware update, please leave a comment below with what it’s like as I think it’s important for people to share their feedback on this. Given the results that I saw with the beta, I suspect that users will be very happy once they get the production firmware on their routers. And I think that the world should know about that.

2 Comments »

Good day. You’ve Been Pwned!

Posted in Commentary on January 17, 2018 by itnerd

The phone in my home office rang at 4AM this morning. It never rings at that time of the night. So half asleep, I had a look at the call display screen. The call was from India. Since I do have clients from India, I decided to answer it. The person on the other end was in a panic. They said that they got my number from someone who I had flown over there to help and that I came highly recommended.

If I wasn’t half asleep, I would have been flattered.

In any case, they explained their situation. One of their database servers was down. And it turned all their databases into .java files. That woke me up as I had a feeling I knew what was going on. I then requested to start a remote session using GoToAssist with the customer. Once I established the remote session, I started to poke around and I soon confirmed what I was thinking. They had been pwned by ransomware. The confirmation was this file that I found:

Basically, they had been pwned by a variant of the Dharma ransomware [Warning: PDF]. I say a variant because the version that I had previously seen encrypted things with a .Dharma extension. But according to this, the new variant that I was dealing with encrypted files with a .java extension. To make matters worse for the customer. He didn’t ever do backups of his databases, which were mission critical to his businesses.

#Fail. You should always backup your data. Especially if it’s mission critical.

The fortunate thing for this customer is that that there were ways to eliminate the files and possibly recover the data using file decryption software that was mentioned in the article. I then used the instructions to eradicate the virus by hand. I then confirmed that it was gone by scanning it with Trend Micro’s online scanner as the antivirus software that the server had wasn’t working. My next step was to use the file decryption software that was mentioned in the article to start encryption the databases. It took a while, but I was able to get them all back. I then was able to move them to a freshly built database server and make them accessible to the company.

Total time invested: 3.5 hours.

The thing is that this customer was VERY lucky. Ransomware attacks typically don’t have happy endings. The fact that it got in and it was able to do what it did indicates that they need a complete review of their IT security practices as clearly this ransomware was able to get in and pwn them. It could have been a human doing something dumb, or it could have come in via something like a PC that was exposed to the outside world. It could have even been a disgruntled employee. They also need to get into a backup regimen as the fact that they don’t backup mission critical data is a #fail. Thus I will be making arrangements to go there in a couple of months. But in meantime, I have some late nights and early mornings to look forward to as I plan on doing what I can from the other side of the planet.

Fun.

#Fail: BMW Will Make Apple CarPlay A Subscription Service In The US

Posted in Commentary with tags Apple, BMW on January 17, 2018 by itnerd

From the “they really didn’t think this through” department comes news via The Verge that BMW in the US will charge $80 a year to subscribe to Apple CarPlay. They argue that this is cheaper than their price to add it on to your BMW which is a one time fee of $300 to get Apple CarPlay forever because:

The first year will be free. Thus you’re only paying $160 rather than $300 if you’re leasing for 3 years.
It will make it “easier” if you flip between Android and iOS devices because you’re not paying for something that you’re not using. That’s an interesting argument as no BMW I am aware of ships with Android Auto. But BMW’s own services will apparently play nice with Amazon Alexa and Google Assistant. Eventually.

This is a really dumb idea and its clearly a cash grab aimed at members of “Team iPhone.” There are cars out there that come out of the gate with Android Auto, or Apple CarPlay, or both, and they don’t nickle and dime you to death for it. I think for that reason alone, the predictable blowback from iPhone users will make BMW rethink this. Also, you have to wonder if they let Apple know about this as I am pretty sure that the folks at Apple Park will be dialing up the folks in Bavaria if they’re not happy about this.

4 Comments »

Bizarre Link Sent To iOS & macOS Devices Will Cause Them To Crash

Posted in Commentary with tags Apple on January 17, 2018 by itnerd

A Twitter user by the name of Abraham Masri has apparently discovered an exploit that looks like GitHub link on the surface, but it crashes Messages on both macOS and iOS. It’s been dubbed the “chaiOS” bug.

https://twitter.com/cheesecakeufo/status/953401511429726210

PLEASE NOTE: While I did repost the link, this is a use at your own risk sort of thing.

I tried this on my test iOS device and got mixed results:

In some instances, sending the link would cause both the sender and recipient’s device to respiring or cause the Messages app to instantly freeze and crash.
Reentering the thread would cause the Messages app to crash again and again, making the only viable solution to regain access to that thread to delete it and start a new one.
I am unable to reproduce this on the latest 11.2.5 iOS beta.

It isn’t known if Apple will put out a mitigation for macOS. But for you, you may want to avoid clicking on any links that you get in messages.

1 Comment »

Guest Post: NordVPN Discusses What Can Companies Can Learn About Cybersecurity From The Equifax Breach

Posted in Commentary with tags NordVPN on January 17, 2018 by itnerd

Those credit card users who have a credit card report most likely had their personal data exposed because of the Equifax data breach. Affecting over 143 million of consumers in the US, UK and Canada, the attack was one of the biggest global cybersecurity crimes of 2017.

The hackers were able to access Equifax clients’ names, Social Security numbers, birth dates, addresses and even driver’s license numbers. Around 209,000 people got their credit card numbers stolen as well.

It turned out that the attackers were using a well-known Equifax vulnerability to go through with the breach and data theft.

As a result, Democrats in Congress are now calling for increased governmental oversight and penalties to those organizations that fail to protect consumers’ personal information. Tech companies that aim to protect users’ online data agree that more government regulation is needed.

“We believe that big organizations – banks, credit card agencies, healthcare institutions and others – often fail to address known vulnerabilities that could be easily fixed in order to avoid similar breaches,” said Marty P. Kamden, CMO of NordVPN and cybersecurity expert. “The most dangerous moment comes when a vulnerability is disclosed but not yet patched – this is when hackers rush in to exploit it. Many organizations are not as fast to fix their bugs as cybercriminals are to launch a breach. On the other hand, companies are also vulnerable as their own employees may be unknowingly downloading infected files. Therefore, businesses, – both big and small – need to make cybersecurity their priority.”

Here’s NordVPN’s advice to businesses on how to secure their data from cyberattacks:

Fix all your vulnerabilities as soon as they are spotted. When system vulnerabilities are discovered, there should be a procedure in place to fix them immediately.
Avoid opening emails from unknown senders. The rule is simple: if an employee is not familiar with the sender, it’s better they do not open any emails and never click to download any attachments or links.
Use only https URL. Make sure all websites that your employees give data to have the secure ‘https’ URL. The ‘s’ in the URL means that it is a secure protocol and your data is encrypted properly.
Use a VPN (Virtual Private Network). VPNs connect you to the Internet through an encrypted tunnel. A VPN server acts as a relay between the Internet and a company’s device, so nobody can see what data is traveling over the Internet. All that can be seen is that you are connected to a VPN server. A VPN service provider, such as NordVPN, can offer multiple benefits to small businesses, including secure data connections for remote workers and increased safety for business owners to share sensitive company data via an encrypted connection, so it’s not seen by any third parties.
Update your firewall. Most systems have an automatically installed firewall – make sure to properly configure and maintain your company’s firewall in order to keep the network secured.
Use anti-virus. Use up-to-date virus protection to make sure your company’s system is protected from malware such as malvertising (advertisement online with malicious codes).
Strong passwords and two-factor authentication. Perhaps the most basic requirement for any online account setup is using strong passwords. Weak passwords make it simple for hackers to break into your system and cause severe damage. Two Factor Authentication, also known as 2FA, is a two-step verification system that adds an extra layer of security to any organization. Besides password and username, it involves something that only the user can potentially know.
Update your operating system. It sounds simple and easy to do, but it happens that companies ignore the pop-up reminders for software updates. However, it’s one of the most important things to do with a computer, as such updates often fix security vulnerabilities and system bugs.
Be reasonable with rules. It’s not reasonable to ban the use of company’s computers or Wi-Fi outside of the company’s network. People need to connect when it’s most convenient for them. A more productive and efficient approach is to improve the expertise in cybersecurity for staff members.
Don’t single out one responsible person. Cultivating a secure mindset should be the responsibility of the whole team. And if an attack does happen, the real culprit is the hacker, not your staff member. Blaming employees for cyberattacks will only lead to them hiding potential threats.

Guest Post: 3 Ways To Guard Your Business Against Data Loss That Could Doom It

Posted in Commentary on January 17, 2018 by itnerd

Data loss is every business’s nightmare. In fact, the majority of companies that do experience a mass disappearance of vital, computer-kept information never turn their lights on again.

About 60 percent of small businesses that lose data shut down within six months, according to a study released in 2017 by Clutch, a Washington, D.C.-based research firm. Another report, by Gartner, shows a sizeable impact on medium-sized companies as well; 51 percent of those that encounter a major data breakdown close down within two years.

Cyber security experts say those stark numbers underscore the importance of being prepared with adequate security measures. Many businesses are not, according to the Clutch study, including 58 percent of small businesses.

“It basically comes down to the idea that how you protect and treat your data is commensurate with how important you think it is,” says Penny Garbus, co-founder of Soaring Eagle Consulting Inc. (www.SoaringEagle.guru) and co-author of Mining New Gold – Managing your Business Data. “You protect your jewelry and money, but you aren’t protecting your data. If you aren’t, you’re putting your entire business at risk.”

Companies both large and small often try to ensure the security of their IT infrastructure by outsourcing to a third-party security vendor. A recent study on cloud security conducted by Forrester Consulting found that nearly 80 percent of participants saw value in outside security expertise. Garbus gives three main ways that managed security services can save a business from the disaster of data loss:

Security check-ups. These are essential for cyber security. “The question you must ask yourself is, how much downtime can my business afford,” Garbus says. “One of the best ways to prevent cyber security issues is to have an expert conduct regular health checks on your system. That way if there are any lurking vulnerabilities or potential issues, they can be fixed before causing any damage.”

• Performance measures. This includes analysis of software, server, cloud and firewall Business these days operates in the realm of remote servers, cloud computing and unrelenting security threats. “As the technological landscape evolves and data security has become increasingly important, businesses recognize there’s much more to it than handling issues as they arise,” Garbus says.

• IT development updates. Hackers are becoming more sophisticated every day. For example, ransomware was able to stall private businesses, hospitals, universities, and government agencies. “If you’re handling sensitive data, it’s smart to upgrade the cyber security methods you’ve been using from the beginning of your business,” Garbus says. “Small and medium-size companies aren’t as likely to have a dedicated IT person to oversee the multiple systems, so it behooves them to have a service in place that can keep abreast of changing technology.”

“You might think managed security is mainly for big businesses, but you can certainly make a case that small-to-medium businesses benefit the most,” Garbus says. “In many ways, they have the most to lose.”

About Penny Garbus
Penny Garbus, co-founder of Soaring Eagle Consulting Inc. (www.SoaringEagle.guru), is co-author of Mining New Gold – Managing Your Business Data. She has been working in the data-management field since leaving college when she worked as a data entry clerk for Pitney Bowes Credit. She later ran the training and marketing department of Northern Lights Software.

The IT Nerd