January 2017 – Benediktson Computer, Inc.

Are all Computer Vendors alike?

So, rant on. Not only does Dell computer continue to contract with the lowest bidder to produce their equipment; but they have ended all meaningful support for equipment which is out of warranty.

I understand that this is part of their system which favors those who accept the additional markup in product cost called extended warranty and penalizes those who believe they are buying a quality product that should not require an extended warranty. By my reading of the Microsoft Windows license, vendors are responsible for providing media to allow reload of all windows products during the entire product life and if said media is not included with the product, then they are responsible for providing it at no cost to registered owners of products including Microsoft Licenses at the time of purchase.

This is in stark contrast to what I have experienced this last week while trying to service a 2-year old Dell Laptop. With high hopes, I contacted Dell support through their website to find that replacement media was not available for this product; thinking this must be in error, I opened a chat with a Dell support specialist who confirmed that they had discontinued that service. I asked how this was possible given their contract with Microsoft to provide Windows products. He replied that they would sell me media (at a price very much like full original retail) and that was their commitment to their contractual obligations.

Just for some background; companies like Dell buy licenses for windows at a reduced rate (bulk / quantity discount rate) and do not provide a COA (certificate of authenticity) number with the product; the product ID is pre-loaded on the machine. The result is that the owner of said machine must have either the original media that came with the machine (for cost reasons no such media is shipped with most of these systems) or use an install package specific to their make and model of product. Otherwise, the equipment is not legally licensed to run Windows. Some may not have had the experience of trying to run unlicensed Windows products; quite simply, they refuse to start up once they become unlicensed.

So here I hold what is now a $1400 boat anchor that belongs to a client in need of a functioning computer; I will invest $130 in a new license for it (which Dell is morally and contractually responsible for but not going to pay) and install a fresh retail copy of Windows 10 on the machine and the client who purchased the machine in good faith from Dell is caught in the middle.

As consumers, we all can influence the behavior of manufacturers and vendors alike; choose carefully when you purchase, and when possible, spend the 30 minutes to make your own “original media” on a DVD or on a USB stick. I highly recommend that once you have your computer working “just right”, that you have a complete duplicate made of the hard drive / SSD.

If any of this seems overwhelming, I do this regularly and will be delighted to do it for you. It really is so much more cost effective to do before “things” go wrong; and for when things do go wrong, Make regular backups of your data to protect your work.

Frustrating Security Measures.

Ah the frustration of it; my browser has just refused to load a video and I have this popup saying I need to update some module. What should I do now? Whatever you do, DO NOT click on the popup; it may be legitimate or it may be an attempt to infect you with viruses.

Please bear with me as I explain what causes this annoying behavior. Many web elements are precompiled to include a player, the necessary codecs (audio and video compression interpreters), and the actual audio and video material (the part we are waiting to experience) into a single web object. We click on the object and instead of watching a video we get some annoying request to upgrade. Our system is likely already fully updated to the latest elements; upgrading it won’t help one bit. Let me repeat that, no amount of upgrading will resolve this problem.

The problem is in the web object we are tying to watch; it contains elements which are out of date. What can we do? In many cases, you will have another popup or status message which further warns you but also gives you the option of accepting the risk or of activating this specific item or maybe even all items like it. If you trust the source of the item, you can go ahead and activate, or allow, or whatever positive option is offered, watch the video, and get on with your browsing.

Adobe Flash alerting that it contains an out of date component

If you do not trust the source of the item, maybe it is best to heed the warnings and not watch, listen, or whatever. If you simply must watch, regardless of all warnings, verify that your firewall and antivirus are functioning and up to date (I do this daily; weekly is adequate) and go for it.

When firefox has alerts, you can choose to allow using the box that pops up in the upper left region

If there is no option to bypass the warnings, then try to identify which “module” (Adobe Flash, Microsoft Silverlight, etc.) is being accused and go directly to the author’s download page / service and try performing an update to the module in question. If this doesn’t resolve the issue, you can try contacting the author of the video or sound file to get an updated version of the media item you were trying to experience. (I make these last two recommendations based on issues with how Java and Adobe media products function; sometimes updating the installed module will allow you to safely view media items that contain out of date components).

One final note, sometimes one browser (Internet Explorer, or Firefox) will flag a web item as unsafe but another browser (Chrome, Firefox, or Edge) can safely handle that item.

If you have questions regarding what is unsafe versus what is relatively safer, or want help upgrading or just want help understanding this topic or many others please contact Benediktson Computer, Inc.

email: help@benediktson.com or

call 575-956-9723.

Scams again?

Okay, here we are again; another week in which I was unable to accomplish some of the tasks I had hoped to get to because the evil doers of this world are once again trying new ways to steal from the computer users. This week has brought to my attention some brand new schemes and the polishing of some older schemes to trick even the most wary of computer users out of their money. I, myself, received a couple emails that looked very official from Microsoft, Oracle, and Adobe trying to trick me into logging in by clicking directly from the email and providing a username and password to a website that looked very authentic; but, was not.

The sophistication of some of these malicious schemes is frightening; my father received a request for account verification from what appeared to be his stock broker. Only the day before he had received a warning regarding such schemes and was wary enough to check with the broker to see if they had sent such a request. On top of these the folks behind ransom ware attacks have significantly improved their attacks and are, once again, getting past most of the anti virus products on the market.

How do we protect ourselves? As has been the case for some time, knowledge and wariness on the part of the user is the first line of defense. If you have doubts, is there a way to check and see if the supposed source did actually produce the web page or email you encounter? If it is an email, is the return address correct for the business it purports to be from; if it is a web page, is the address (URL) appropriate for the business in question? Sometimes it is hard to tell what the URL of a page actually is; so, I have a few helpful hints. URL’s will appear in the address bar and maybe in the status bar of your browser (usually the second or third row on your screen); the computer reads them from left to right starting with HTTP or HTTPS, this followed with the address of the page, keep reading left to right until you hit .com, .net, .org, or similar, the name to the left of the first top level domain (that .com, .net, .org we found) is the name of the website you are interacting with. If you think you are on your bank’s web site, and you see an address like http://wfbank.ci/ you can be certain it is not your bank’s actual web site. In this example there are a couple indications of trouble: banks use https exclusively; the .ci top level domain indicates the business is registered in Christmas Island, unless your bank is from there, this should be a giveaway too.

Do I really need to be able to recognize the URL of all my financial service providers and all the major software providers I work with? I would recommend that you do; the current scams tend to rely on the user not being able to tell that they are interacting with a scammer instead of a trusted business. One of the services my business provides is to help clients by teaching their employees how to recognize an authentic page from a replaced page, by teaching them what kinds of activities tend to be more dangerous than others and do so within the scope of your business’s regular activities. This is a case where knowledge is very important in prevention.

One final word on scams of all kinds but primarily internet based scams. If your anti virus or your firewall or the safety features of your browser warn you about a page or an activity, there is a real good chance, nay likelihood that danger does lurk in your path; please get a second opinion before proceeding. I would much rather take multiple phone calls or even be called onto a site to prevent a client getting had in a scam than have to clean up the mess after the scam.

Privacy on the internet?

The Expectation of Privacy. In my own home, with the doors locked, curtains pulled, and windows closed I have a reasonable expectation of privacy; a concept bandied about in legal venues to distinguish when material or activities may be scrutinized by legal authorities. When I publish material of any kind to the internet, I make it public (not private) with that act; that is what the word publish means and it is no accident that I use “post” and “publish” almost synonymously. I know that many websites and services (facebook, twitter, etc.) have privacy settings and privacy policies; but, those policies apply to material that has been published to their service. It is this nature of activity that leads me to assert that we should have no reasonable expectation of privacy for all materials we publish to the internet via any of these public services.

Yes, I understand that you can set a post (published media) to friends only, or to only yourself and one other specific individual, and having done so you might feel that you should be able to expect that to be private; but, consider for a moment that you have transmitted that media (a picture, a video, a graphic, or just some text) to a remote computer (server farm or storage facility) out of your personal protection and grasp, into an electronic facility specifically designed to provide that same service to millions of other people. The term “shared storage” comes to my mind along with many of the connotations of the term shared and I see no reason to expect privacy to be included.

With our government and law enforcement both having admitted to asking for and receiving access to information stored in a variety of these services, I feel we, as users of these services, should take seriously the notion that law enforcement expects to be able to use that information in court to convict or assist in the conviction of crimes; this means that they do not recognize any of this information as being private. Any expectation of privacy we have regarding information that we publish is therefore mistaken. This is a separate issue from what happens when hackers expose information on a server; but the result is the same. While it is true that the act of hacking (gaining unintended access to information) may be a crime in itself; once the information thusly obtained is published in the open, it is there for any and all to experience regardless of how it was originally stored.

Does this mean we should stop using internet based services to hold our photos and videos? I suggest that, no it means we should be thoughtful about what we publish with an eye to only publishing material that we consider appropriate for public exposure. As I write this letter, I do so with the expectation that it will be publicly shared and, as such, have little reservation in having it published. There is already a history of embarrassing photos being accessed and made public and I am sure there are similarly embarrassing videos that have been made public without the owner’s (publisher’s) permission; and I would suggest that this is the result of those publisher’s not understanding how public all of the internet is, or of the potential for any given material that has been published to become public.

As one final topic, I want to discuss IM and PM; messages sent via Internet messenger services. These should represent a higher level of privacy expectation and at one time may have; they no longer do so. Regardless of which of the private message services you use (I refer to the publicly available ones like Yahoo messenger, google message services, Skype, and other similar services), they provide a host where the messages are stored and immediately forwarded to the assigned destination; it is this storage which represents the potential breakdown in security. Law enforcement (with court assistance) can request transcripts of the sessions which means that hackers can also gain access to those transcripts or logs of the conversations.

No matter how you communicate; if you do so over cell phone, wired phone, internet, or radio, there is potential for someone to intercept your communication; with most methods the likelihood of unintended access to the material you communicate is quite small, yet very real. The big issue I see is that many folks expect privacy where they should not; anything you publish to the internet is subject to public exposure.