Be a password ninja!

Be a password ninja!

Our dog, Daisy the West Highland White Terrier, decided she desperately needed a pee at 5:50 am on Saturday; and the weekend makes it my turn to get up with her! After dealing with her needs and turning on the coffee machine I didn’t fancy picking up the project I have been working on and decided to try something new.

I needed a link for the password reset and password change pages of the project I am working on. I wanted to present the user with some simple to understand advice on how to pick a good password; don’t get me wrong there are some great resources out there but none of the ones I came across was simple enough for what I wanted. Being the over the top domain name owner that I am (seriously I have a problem) I went and bought some more.

On Saturday morning I wrote a simple one-page website that is now hosted on be-a-password.ninja (and beapassword.ninja just for completeness sake). It is a work in progress and just a simple site for the moment, as brain power and time allows it will become more detailed and hopefully more useful to the world. But for now, go and become a password ninja!

If anyone has any suggestions or comments (make them constructive) please leave a comment here!

And for those who don’t know, this is Daisy! IMG_20180521_200109-min

The header image for this post was supplied by @lasayehommes on unsplash.com. Thanks!

Read more

IT Support Scammers

IT Support Scammers

No matter how strong your technical security is (antivirus, firewalls, security headers, well-written applications, etc) there is always one sure route to failure, social engineering. If a privileged user can be convinced to perform nefarious acts on a system that system is compromised. That being said most professionals are not going to fall for that (although I know one who did fall for a variant the old Nigerian finance scam to the tune of several thousand pounds); the less initiated are a different story and we as IT professionals have a duty to help them!

IT Support scams appear to be on the rise again; I am aware of at least ten people who have received calls claiming to be from Microsoft in the last year. Luckily for them (and me) most of them realised what was going on before it was too late, some were less savvy and their machines required a lot of my time.

What is a support scam?

IT support scams almost always start off with an unsolicited phone call. The scammers have either acquired the victim’s number on the black market (data breaches, stolen files, etc) or they are just simply dialling every number one at a time (read about auto-dialers here).

Once a scammer gets ahold of their intended victim they claim to be from a trustworthy firm, typically Microsoft (or Apple, Google, etc). The scammer uses the victim’s trust in a well-known firm to build a conversation and start engineering their way into the victim’s system.

How many of the uninitiated (think your grandparents or that little old lady who is a friend of your mothers) understand half of the notifications their laptop shows them? The scammer preys on this; telling them that “Microsoft has detected some problems with your machine”, asking them if they spotted that “update alert” the other day. The odds are that windows update has popped up an alert (or perhaps some anti-virus software has) in the last week and the user has ignored it. The scammer will walk the victim through some screens on their machine claiming that common files are viruses or getting them to look at the system event log to see all the “critical system errors” it shows (we know that badly written applications like to error, your grandparents do not).

Eventually, when the scammer has convinced the victim that they are at risk they encourage them to install some remote access software, sometimes a custom remote access trojan (RAT)) other times just something simple like TeamViewer. With remote access the scammer can do as they please, stealing documents, leaving malicious payloads (ransomware, keyloggers, etc), once they become embedded they often ask the victim to hand over their credit card details to pay for “a cleaning service” which they have no intention of providing.

How can we stop the spread?

Simply put making the vulnerable users security as simple to understand as possible is the first step; if they know they are secure because someone they trust told them so (hopefully they trust you) and showed them how to know they are secure then they are less likely to be scared into acting by a scammer. Most importantly tell them about these scams, make sure they understand that anyone who calls them about their computer is almost certainly lying if they have any doubt they should hang up and call you for assistance!

Make sure they have antivirus and firewall

For most standard users the built-in Windows 10 security software is more than enough, especially from a firewall perspective. If you want to go one step further and install one of the many free antivirus programs be careful which one you pick. All the freemium products try and force their paid for products on you with every update, our potential victims are just going to click past the update messages because they mention spending money. Pick an antivirus program which is not just free as a hook for the paid software; Sophos provide a good product which is less needy (thanks to their top line coming from corporate subscriptions and not one-off payments). Depending on who the user is (friend or family) you may be willing to install the good stuff, add them to your personal subscription (I use ESET Nod for security and it costs all of $5 a year to add another user) that way they will never get nagged about converting to a paid subscription.

Keep them up to date

Provide a simple way for them to keep all the little bits of software (Adobe, Java, etc) up to date. The more up to date their software the more secure they will be, free programs such as Adobe Software and Java are often filled with security holes, keeping them updated is especially important. I use a product called Ninite Pro to silently push updates to family machines, for the machines that I do not want to spend money on (think friends rather than family) I place a copy of the Ninite Updater on their desktop named “UPDATE” and tell them to run it once a week, this ensures all those little programs are kept up to date without the user having to understand what they are!

Educate!

Explain how to be secure online, what to do and what not do to (don’t forget the dangers of oversharing on social media!). Antivirus is useless if they don’t understand the popups, show them what they look like and explain the jargon (write it down for them).

But most of all, tell them to contact you if they are concerned! It may seem like an invite for countless support calls but one or two calls a year which can be dealt with over the phone are better than a week of extracting malicious software from their laptop (and them being scammed out of a few hundred pounds).

TLDR;

  • Educate your friends and family about IT support scams so they don’t fall victim!
  • We need to work together on this!

The header image on this post was provided for free by @rawpixel via unsplash.com. I chose it because it looks like us all fist bumping when we agree to work together on this!

Read more

WCF Service aborted by the server

WCF Service aborted by the server

An error occurred while receiving the HTTP response to http://localhost:12345/SomeService.svc. This could be due to the service endpoint binding not using the HTTP protocol. This could also be due to an HTTP request context being aborted by the server (possibly due to the service shutting down). See server logs for more details.

This evening I spent more time than I would care to admit working on a problem in a WCF Service I am building. The service has been working well for a number of weeks whilst it has all its functions ironed out; suddenly today after adding in one of those functions it stopped working in debug. I blame tiredness and a busy day in the office for me not realising the error faster, but for those who like me get tired here is the cause of the above error (or at least this version of the error).

[DataContract]
public enum LoginResultFlag {
    [EnumMember]
    Success = 100,

    [EnumMember]
    Failure = 200,

    [EnumMember]
    PasswordChangeRequired = 300,

    [EnumMember]
    AccountLocked = 400,

    [EnumMember]
    RequiresChallenge = 500,

    [EnumMember]
    SetupChallengeResponse = 600
}

Can you see the problem; it took me a little while of trial end error before I spotted it the moment I looked at the enum. Enums cannot be null, at their most basic they are integers and take the value 0. If you specify integer values as I have done here without adding a zero value then it cannot be serialized/deserialized through the web service boundary. All I had to do was add the following to the enum:

[EnumMember]
NotSet = 0

Problem solved!

The header image on this post was provided by Maria Freyenbacher on unsplash.com. Thank you Maria!

Read more

Microsoft Surface Book fan noise and overheating

Microsoft Surface Book fan noise and overheating

My work laptop is a first-generation Microsoft Surface Book (the 8GB model); it is by far the best laptop that I have worked with (both personal and professional). Granted there are better devices out there (a few Lenovo models come to mind) but I can’t afford them and my employer is unlikely to authorise them (getting the surface book required a guilt trip!).

Other than the first SB that I had suffering death within a few months (horrid grating fan noises, followed by a replacement) I have not had a single problem that wasn’t related to configuration or an old application not supporting HDPI screens. My employer’s system team can be a little slow at pushing out Windows Updates via WSUS (machines are blocked from accessing the internet variant of Windows Update); since the last “big lump of updates” my device received (I am guessing it included the last Win10 version update) the SBs fan noise has gone through the roof! Within minutes of turning the machine on (without even opening a program) the fans would be screaming along like they were cooling a data centre, and the back of the screen (where all the bits are) would get hot to the touch. After some google based research (and tying a few sets of instructions together) I have found what appears to be a solution!

#Shutting up the fans, and keeping a surface book cool! In their infinite wisdom Microsoft decided to teach Windows 10 that a device in the “Surface Family” is, in fact, a tablet computer (yes they can undock but they are largely used as laptops); to me this is silly. This includes a feature called “Connected Standby” which allows the machine to run in a low power state responding to the “on button” in much the same way as a smartphone or tablet. There are both plus and negative points to “Connected Standby”; one of the negatives being you lose access to all the normal Windows Power Management features (such as hibernate or sleeping).

Step 1: Disable Connected Standby

Disabling “Connected Standby” (CS for short) is as simple as flipping one flag in the registry.

This is a semi-technical article so I will not go into the perils of messing with the Windows Registry; if you are not comfortable in the registry please ask someone who is for assistance. You have been warned.

  1. Start the registry editor (regedit.exe)
  2. Locate the node “HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Power”
  3. Set the key “CsEnabled” to 0 (zero).
  4. Reboot

Step 2: Less is more

The SB is rather powerful for a low profile “2in1” machine; the problem here being that CPUs generate a lot of heat and that heat has nowhere to go inside the case. This means that the small fans inside the “screen case” have to run at insane speeds to force the hot air out of the sides. When the SB gets too hot (and the fans can’t cool it down fast enough) the processor is put into “thermal throttling”; in simple terms it has it’s maximum speed lowered to prevent damage from excess heat. This means that things take longer to process causing the heat buildup to last longer (the processor takes longer to return to an idle state).

Preventing the processor from getting into the “thermal throttling range” in the first place prevents the artificial slowdown. Many people will know what “overclocking” is, to deal with this problem we are going to use “underclocking”. Now wipe the shocked look off your face, lowering the maximum speed of the processor to prevent thermal throttling will actually give you a net gain in overall average speed! The game we will play here is finding that sweet spot which is low enough to prevent overheating but not so low that we notice the difference. I have found that 90% CPU is about the sweet spot.

How to under-clock the processor

You could use some complicated CPU Voltage management software (Intel provide a program for the SBs CPU), or you could play a less dangerous game and just use the Windows Power Configuration Manager that we unlocked by disabling “Connected Standby” earlier.

  1. Right click on the battery icon in your task tray
  2. Select Power Options
  3. Depending on which power plan you have set, select “Change plan settings” alongside the active plan
  4. Click “Change advanced power settings”
  5. Navigate to “Processor power management > Maximum processor state” and set both options to no higher than 90%

Done, you have prevented the processor from reaching critical thermal levels. Before someone comments about it, I am aware this is not true underclocking but it has had the same effect.

Keep an eye on your CPU Temperature using a tool such as SpeedFan and adjust the percentage as necessary over the next few days until you find your devices sweet spot (all physical machines are slightly different, depending on what you do and how well it was put together!).

The header image for this post was provided for free by Hush Naidoo (@hush52) via unsplash.com. Thanks Hush!

Read more