TECHdodo

Steam is a DRM based software distribution system used to sell and distribute games. I use Steam. Yes, even though I don’t like DRM in general, I like steam. Steam is one of those rare cases where they actually made DRM useful. A unified interface that synchronizes multiple installations on different PCs, not to mention really good sales from time to time.

The fact I do use Steam attests to the fact I am not against paying for games, or music, or books, or whatever. I really like Netflix too, and don’t mind paying for it. The issue I have with DRM is the inconvenience and intrusiveness that often comes with it. Nook and Kindle are good examples, There is no reason a Nook can’t be used to read Kindle books, but out of the box it won’t work. You have to hack your Nook device to read Kindle books. Kindle can’t read Nook books either. DRM punishes legitimate customers and the amount it protects intellectual property is dubious at best. Anything I buy at Steam, I could probably download for free. Steam, however, makes it easier to get it from a legitimate source while supporting the programmers and publishers who create it.

However, a while back, in November of last year, they had a breach. Hackers infiltrated their website and got the data of their users. This is another problem with businesses tracking their customers, and not just web business for that matter. If a business collects personal information about you, and that information is acquired by someone else, then that information is now available to people who would use it for nefarious purposes. Since Steam has a lot of information about you, what kinds of games you play, who you play them with, how much you play them, where you live, your email address, etc.. If they don’t keep that information safe, it can be used by others. Google, Apple, Amazon, your grocery store, they all collect information about you and they save it, and it is out there and it needs to be kept safe. If they can’t keep it safe, then they shouldn’t collect the information in the first place.

Once again, as I always do when I write about this subject, I urge you to take steps to protect yourself. At places like Steam for example, don’t leave your credit card information with them. Enter it every time you make a purchase, or use a payment service like Shopsafe or Paypal instead. Most importantly, just think about what information you have out there and try to keep it to a minimum if possible. Use a different email for anything sensitive like banking information. If you are shopping use an email address that you expect could be hacked, because the more people who have it, the more exposed it is and the possibilities it has to be compromised.

This whole social media thing is getting out of hand. Everywhere I go and everything I do online, I am asked to share share share share.

I got an email from Google the other day asking me for feedback on my purchase experience from Google Apps. I was going to fill it out, thinking it was feedback for them, but when I went to click the send button, it didn’t say send, it said “submit your review”. What? I was writing a review? No, I was providing feeback, those are two different things. Feedback is to help a service provider know how they are doing with their service. A review is to let potential customers know how the service provider is doing with their service. They are not the same thing.

I saw it when I did my taxes. Turbotax wanted me to share on Facebook and Twitter how much much they got me. Really? What are they going to share? Are they going to share the actual dollar amount, or are they just going to use my account and my contacts to send out ads to all my friends? Shouldn’t I get paid for that? In the old days that was called a referral fee or affiliate marketing, now it is just invasive.

It really is becoming invasive. I don’t kneed to know how many songs a friend of mine is listening to on Spotify. I really don’t. Your friend listened to three songs on Spotify. Really? Well good for them, why are you telling me? Do I use Spotify? No. Have I ever indicated I might want to use Spotify? No!

I saw it when I installed a new app on my phone the other day. It is showing ads, but only from one place, the place I had lunch on Saturday. Before I went, I looked up their menu on my phone. The thing is, I didn’t install the app until Sunday. How does this App know I ate there or looked up this restaurant before the App was installed?

With the recent Bruhaha over Google circumventing security settings to give their users a better experience to Google+, I really think the whole way we are monitored online needs to be re-examined. This is really the only reason I haven’t joined Google+, even though I would actually liek to use it probably, but just because I might want to use it to share things with certain people, I would only want to share what I want to share, not things I am doing all the time.

I read an article, I think it was on LinkedIn, about this recently. The article mentioned an incident, real or imagined, which is disturbing. They can determine, from what customer’s buy, when women are pregnant and they actually sent a flyer to the home of a teenager who was pregnant before her parents even knew about it. That really is an invasion of privacy.

I read another good article about this somewhere the other day. I would link to it, but I forget where I read it. The gist if the article was how concerned corporations are with their security. If you crack the DRM on a song or a book so you can use it on a different device, they get all upset, but by default corporations violate your privacy, but that is ok. By default, if you sit down to use a computer, any computer, any phone, you shouldn’t be tracked. You should only be tracked if you actively request to be so and you actively request to turn that functionality on. Why is our privacy any less valuable than their media. They are violating our privacy for one reason and one reason only, because what we do online, where we go, what we watch, what we read, who we know, is worth money, a LOT of money. However, they want to be the one’s that profit from that, rather than the people they are stealing that information from.

The network breach of Zappos should be a lesson for consumers everywhere. The reason I say this is because Zappos isn’t any fly by night flash in the pan Internet retailer. They are owned by none other than THE Internet retailer Amazon.com. Therefore, you would hope their security would be about as good as it gets. Even so, they were infiltrated and the names, emails, phone numbers, addresses and partial credit card numbers of their 24 million customers were compromised.

What lesson can you take from this? The lesson is that you can’t trust ANYONE to keep your data secure. You can’t trust Zappos, you can’t trust Amazon, you can’t trust Google, and you can’t trust Facebook. Just because they say they won’t release your information does not mean that it won’t get released. This doesn’t mean you can’t protect yourself to some extent, it just means you can’t rely on them to protect you.

There are some steps you can take to make yourself more secure online.

The first thing you can do is use a disposable email account for web shopping. You should do this anyway because of all the spam online retailers, even legitimate ones, will send you. Buying a $3 item from an online retailer subjects you to their spam for life unless you navigate their website to find out how to turn it off. By using a separate email account for this type of activity, it keeps your primary account clean, even if something like this Zappos breach occurs.

The second thing you can do is use disposable credit card numbers. Bank of America, for example, has shop safe. I am sure by now most credit card companies have a similar service. If you buy something online, you can go to their website and request a temporary disposable credit card number for the amount of the transaction. You use this number to make your purchase and that’s it. That is all that card is good for. If someone hacks into a retailer’s website and steals all the information contained there, including your credit card number, you don’t really care, because they number isn’t valid anymore anyway.

The third thing you can do is use unique passwords at any website you use. Ideally they should be totally unique, in which case you can keep track of them with a program used for such a purpose. Personally, I use KeePass. I have used it for years and years. It works well, keeps your passwords in a secure encrypted file, and they even have a version for Android, so if you have an Android device, you can just use that. If you simply can’t be bothered with that, then use some kind of formula that you can remember the 1st , 3rd, and fifth 5th characters of the domain name of the website, a # character, your birthdate, and your grandmothers initials. You can use such a formula, whatever you come up with, on any website you visit so you will always know your password even though you will have a different password for every site. It isn’t as secure as having a totally unique unrelated password for every website, but it is a lot more secure than using the same password on every site.

The fourth thing you can do is use a virtual phone number. Keep your real phone number private and use a Google Voice number, or something similar, for everything else. The number is free. If it gets compromised, you can either get a new one, or simply let all calls to that number go to voicemail.

By taking some simple preventative measures such as these, you can make the possibility that you will become a victim in the case of a security breach by an online retailer less likely.

Windows Security Suite 2012 is a nasty piece of Malware. This is just its latest iteration, it has been around for awhile and I have probably even written about it before, but it has been rearing its ugly head with a vengence since the new year. My son got infected with it about a week ago. In its current form it is a real pain in the next to get rid of. It prevents you from being able to run any applications on your system, even task manager. It also prevents you from even being able to boot into safe mode. I had never seen malware do that before. It was a new one for me.

When he got it, the way I was finally able to clean it out was using a mix of directions I found in other locations.
The first thing I did was pretend to register it with a fake license key. 1147-175591-6550, 2233-298080-3424 or 3425-814615-3990

Once you have done this you can fix your registry with the FixNCR.reg file about halfway down this page

http://www.bleepingcomputer.com/virus-removal/remove-xp-security-2012

Then you can run the rkill.exe program you can also find on that page to kill the malware that is running.

When I had the infection a week or so ago that was all I did and then I ran a system restore to the day before and once that was finished I no longer had an infection. I ran Windows update to make sure all security patches were installed and I made sure Microsoft Security Essentials had the latest updates, so I thought I was safe.

Then a couple of days ago a coworker mentioned that their spouse got infected by a virus and it turned out it was the exact same virus. I told them how I had cleaned it out of my system and then the next day they said they had been able to clean it out the same way.

Then today, my son got infected again. I was sitting right there when it happened. He was just at some random website. He didn’t download of install anything.

Tonight it seemed even harder to clean because the rkill utility wasn’t killing the malware. I ran it a dozen times, but it wouldn’t go away so I couldn’t run restore or malware bytes to clean the infection. Then I read about someone else who was having the same problem and they said they had gotten around it by rebooting their computer and running the rkill utility before the malware had a chance to run. I tried that and rkill and the malware seemed to have a bit of a duel. The rkill ran, then the malware dialog appeared for a short time, but then rkill seemed to be able to kill it.

If you get this infection, sorry, but it is a real pain in the butt. It does seem to be possible to clean it though, but it sure isn’t easy.

One other thing. This is a Windows only virus. It targets Windows PCs. If you were using a Linux machine you wouldn’t have to worry about getting infected. As an alternative, you can run your web browser in a virtual Linux machine within Windows and you still won’t be able to get infected. Just something to consider since having all of the Windows updates and security updates installed and not downloading or installing any software, my computer still got infected, it might be something you want to consider after cleaning it your second or third time.

As I discussed here previously, I wasn’t too pleased with Ubuntu’s attempt to copy Apple with their Unity interface. I have been using Ubuntu for a long time and I was comfortable with it the way it was. I am not going to count out Unity just yet. I think it has some potential, but even the Apple interface takes some getting used to and I myself personally don’t really care for it. I use a Macbook pro from time to time and it is just hard for me to get used to the menu for an active app to not be on the top of the dialog for that app but instead being on the menu bar and going to an app desktop to run apps instead of a start button and menus. I am not saying the menu method is better than an app launcher method, it is just the method I am most familiar with in a desktop environment. On my phone, I like the app launcher method. One of the greatest things about Linux though is variety. If you don’t like something use something else. I hadn’t really looked at many other Linux distributions, other than Puppy, in quite some time. I tried KDE and Gnome on Ubuntu. I also tried Fedora with the latest Gnome interface and KDE. I also tried out Mint with their interpretation of the latest Gnome interface. What I found myself using though, going back to again and again, was the same version of Linux I was  using before I switched to Ubuntu all those year ago, and that is Mepis.

I had always liked Mepis because I didn’t usually have to do much to get it working on whatever hardware I wanted to run it on. Now for the last few months, this is what I have been using. It looks good. The windowing environment is familiar and comfortable. It works well. It does seem to require more memory than other distributions I have used in the past. When I ran it in a virtualbox it was very sluggish and almost unusable until I bumped the memory up to over 800MB. After that it ran well. I have also had a few problems in installing apps from synaptic package manager. When this has happened, I have jumped to the command line and installed them using apt. Also, I got really used to using sudo for everything when I was using Ubuntu and even though I added myself to sudoers, something still isn’t right and I have to log in as root to do some things. Right now though, it works well for what I want to use it for. Does it mean I will stick with it forever? Once I start using something, unless I find something it doesn’t let me do that I want to do, or it greatly changes how it works, looks or feels, I don’t tend to jump around much.