Facebook is the most popular social media platform on the planet. Its users are measured in billions, which just boggles the mind.
Along with that popularity comes a lot of abuse, misuse, and misunderstanding. I want to address the latter by examining several recent memes and general misunderstandings that are at best misleading or wrong, and at worst can actually make you less safe if you believe them.
Google recently rolled out a feature called “confidential mode”, which claims to prevent disclosure of an email message to anyone other than its intended recipient. The message can only be viewed by the person you send it to, and cannot be forwarded or copied.
Or can it?
What’s that old saying? Oh yeah: “If it can be seen, it can be copied.”
Let me show you how by sharing one of my so-called “confidential” messages.
Because it’s so tightly intertwined with Windows itself, repairing Internet Explorer (IE) by uninstalling and reinstalling has always been a somewhat obscure process. With the advent of Windows 10, that process changed. It’s no more or less obscure; it’s just different.
Uninstalling IE can be marginally helpful if you never use it, but by resetting some of the software and settings reinstalling can be a useful diagnostic step if you’re having problems.
Why do some of Microsoft Windows’ updates mess up a computer? I had one update that added a sign-in password when I had never used a password. That computer had nothing on it that was needing to be secure. I never keep important information on a computer. It took “me” three weeks to find out what the password was. Microsoft would not help me for 30 days. This was a computer that I used for my work … and the only computer I had. Two weeks backs (or about) Microsoft did another update. This time it screwed up my computer terribly. It messed up my BIOS. I was able to figure out how to reset BIOS. It also messed my signing into Windows. This time I did have a password. It would not accept this password. It kept asking for my Microsoft account password. I put that account password into the sign-in box and it would not take it. After days of trying to fix it, I decided to go with Linux. So I burned a CD with Linux Mint. It would load up the “live CD” would when I tried installing Linux to my HD it froze my computer. I tried a number of times. I even downloaded another copy of Linux Mint and it still did the same thing. I would be willing to take my computer to a geek and pay to have it fixed, but I am sure I can buy a new computer for about twice the price I would be charged to fix this one. I hope you will advise your readers what you would do in this case.
There are a number of issues here, and a perhaps a misconception or misunderstanding or two as well. Since so many people come to me with similar (though never exactly the same) scenarios, let’s look at the individual issues.
This is one of those “rules of thumb” that have come into existence in recent years that, in my opinion, is totally overblown.
Sadly, webcam manufacturers are feeding the paranoia by providing easy-to-use lens covers with their products. There’s nothing wrong with that, other than it does increase the apparent need for the practice (and perhaps the price).
Cover the webcam if you must, but you can probably guess what I’m about to say.
I avoid Facebook. There are too many problems associated with it, plus it’s just not my thing. However, I have received email invitations (whatever that is) and I’ve deleted them. One person sent several over a few months. Do they get paid to recruit accounts? The invitations were from people that rarely if ever email me that have somehow retained my email address. But I digress. Can someone create a Facebook account in my name without my permission or knowledge? How do I check for any? What unique identifier does Facebook use? An email address? If found, how do I delete an erroneous account in my name? Obviously, if I didn’t create an account, I have no idea what the password is (assuming Facebook requires accounts to have passwords).
I found on Cisco’s Talos blog that my email reputation is “poor.” Apparently my IP address has been sending lots of email. But I haven’t! I have several computing devices: macOS 10.13.4, Windows 8.1 fully updated running Avast Free with weekly scans and a recent boot-time scan; MalwareBytes free with recent full “threat scan.” My wife uses a Chromebook (up-to-date). I use an iPad 2 and an iPhone 7 (both running iOS 11). Sometimes I use older iPhones (a 4S and a 5S). I have no IoT devices other than the router, a Pepwave Surf SOHO MK3. Pepwave says their routers are not affected by VPNFilter. I use a VPN most of the time on my portable devices, even at home. But not the Windows machine. Sometimes my Windows machine slows down, then recovers. My Windows hard drive often runs and runs. Other times, it times out, as expected. My ISP is TimeWarnerCable. I’m surprised they haven’t contacted me. Is there something I can to do detect outgoing traffic (including, but not restricted to, spam)?
I think it’s very unlikely you are sending spam. Possible, sure, but based on your description, you seem to have things well in hand.
It’s important to realize that you are not necessarily your IP address.
It’s also important not to read too much into anyone’s reputation report.
How can I block addresses that come repeatedly to my junk email box? It says I am blocking email but it does not work.
Blocking email by the “From:” address is seriously overrated; it’s effectively useless.
It promises to prevent email from a specific sender from reaching you, but if the sender determined, the block is easily bypassed. And spammers are determined … boy, are they determined! Blocking senders is useless in the war against spam.
I’d love to see a tutorial for removing the many gigabytes of useless trash left behind from Windows updates.
It seems that even when it works, people still aren’t happy with Windows Update.
This is one of those questions I get from time to time perpetuating myths about Windows Update that I’d like to clear up. Yes, there’s quite possibly disk space to be had, but not as much as you might think, and not for the reasons you think.
How do I find out or know that my computer is free of keyloggers? Would Windows Defender or MalwareBytes find them if there are any, or do you have a referenced article on the topic where I can read about it? Understand that this is the biggest security concern I have about my computer nowadays.
How do you know your computer is free of keyloggers? You don’t.
It’s not the answer most people want to hear, but it’s the true bottom line.
There are a few reasons for it, which I’ll discuss, as well as what you and I need to do in the face of this rather grim reality.
I have a document which was created in Word and has 226 pages. When I send it to a client who is using a later version of Word, it looks totally different and has over 330 pages. How can I send the client the document without it changing? Also, they wanted a pdf version, which looks nothing like the Word document. How can I get the Word document to look like the pdf?
Word documents were never intended to do what you’re doing. They were never meant to distribute documents to others for reading.
Your client is on the right track: that’s exactly what PDF is for.
I’ve looked at your answers for problems that seem like they relate to mine, but everything seems to be “check this” or “it might be that”. Why can’t you just give me the specific steps I need to solve my problem? Why can’t I get a straight answer?
It’s a fair question.
I wish I could.
Honestly, I truly wish I could give everyone a simple, step-by-step, here’s-how-to-fix-your-problem answer. When possible, I try. Unfortunately, it’s rarely possible to be that specific.
There’s a reason my most common answer is “It depends.”
Sleep (also called “standby”) and hibernate modes are alternatives to shutting down your computer completely. The idea is that when they’re used, your computer will either shut down faster, start up faster, or both.
The primary difference between the two is what happens to the contents of your computer’s RAM, but there are more subtle differences as well.
Is it possible to remove some of the Recovery Partitions from my SSD laptop? I think some of these partitions are not needed but I don’t know which ones. If they can be deleted, how would I add that space to my C: drive?
The short answer is yes, but no.
Yes, you can delete partitions, but no, I would not advise it. As you say, you don’t know what the partitions are, so you don’t know whether or not they’re needed. It’d be a shame to delete one and find out later that this was a serious mistake.
However, if you feel the need, I do have one approach to doing it more or less safely.
Do you have a general technique for creating new passwords for every single site that needs them? Yes, I did the unthinkable, I lost my LastPass account and have to start over. This is a reminder of the old saying, “When you have dug yourself into a deep hole, stop digging.” Unfortunately, I was stupid enough to keep digging. I hope you can spare some advice for someone who seems to get more stupid with age. There may be others on your list that have the same problem.
The technique is simple.
The problem is that the technique is time-consuming and ponderous.
Let’s review that technique, and what you can do to avoid this situation in the future.
Whenever I get to my Windows desktop screen I always get this message in my notifications area that says there is a problem with your Microsoft account — most likely your password was changed. I haven’t changed it any time recently and when I log in to my Microsoft account, it never shows me there is any problem. This is every time I get to the Windows desktop. What is going on with this? Is this a bug on their part? I don’t really use my local account on my computer.
This was a head-scratcher for me when I first encountered it some time ago.
The short answer is that simply logging in to your PC isn’t enough after a password change. You probably have to log in to a couple of additional places: OneDrive, Mail, and perhaps other apps as well.
I’ve been having a problem installing the “Feature update to Windows 10, version 1709” and after ‘Googling’ the problem, found many others are also experiencing similar problems. Try as I might, the update fails every time, both during MS auto updates and manual updates. No actual error code is reported in the Update History – just “Failed to install on (date)”. So, I contacted the ‘Microsoft Answer Desk’ via a chat session. The agent requested direct access to my laptop – which I granted – and I was eventually informed that my laptop was incompatible with this particular update!
I find this incredible since I was virtually forced to accept Windows 10 OS from my original Windows 7 OS, during the time when it was being installed automatically, whether I wanted it or not… Surely, if my laptop was compatible at the time of the OS ‘update’, then future Windows 10 updates should be compatible. The only solution offered was to ‘Hide’ the update so that I was not constantly being plagued by pop-up windows informing me that the update need to be installed… Not really a solution, I’m sure you will agree.
Have you heard of this problem??
I want to be clear: I do not have a solution for this problem.
While the majority of Windows 10 users have upgraded to 1709 (the “Fall Creators Update”) without problems, there are definitely a number of people sharing your pain.
I’ll share a few straws I might grasp at, were I in your shoes. I’ll also share my expectations of this update, and exactly how they’re not being met.
Spoiler: My expectation is that it should just work.
I get a message that shows hard disk failure is imminent, please back up your hard disk and have it replaced. So I did the backup with the system built in backup process. But it stopped the process halfway. So some files were encrypted and some files were not. I copied the files which were not encrypted to my external hard disk drive. But the remaining files which were encrypted are not able to copy and open. Please give me an idea to recover my files.
I’m sorry to say it’s very possible that you are S.O.L.: Severely Out of Luck.
I’ll run down what I suspect is happening, what I would do in your situation, and additional options you might have.
And, of course, I’ll review how you could have prevented this in the first place.
I would think that no PC would be immune from malicious threats if they landed on some corrupt site that then installed malware or key-capture software. Is there any reasonable way to continue to safely do online banking?
Avoid getting infected.
I know, that sounds trite and flippant, and I don’t mean to be so. Ultimately, though, all the advice boils down to exactly that: do what it takes to stay safe on the internet.
I regularly bank online. In fact, I’ve done so for years without incident. I much prefer it over the alternatives.
Before I begin, I want to be very clear that this is not something I recommend. I believe strongly that keeping your machine as up to date as possible is an important part of keeping yourself safe online. Letting Windows Update do its thing automatically, without having to think about it at all, is the best, safest way for the vast majority of Windows 10 users.
Unfortunately, in recent months we’ve seen Windows Updates cause problems on a small number1 of machines. The ability to disable Windows Update — even temporarily — can be an important step in getting on with your work while you await updated updates that no longer cause problems.
Unfortunately, while Windows 10 Professional has some control over when updates are installed, Windows 10 Home has no such option.
It’s not uncommon to complain about start-up time, or the speed of your computer while booting. As it turns out, the amount of time it takes to shut down is another source of occasional frustration. I mean, how long should it take to turn something off? Why can’t it just shut down now without pulling the plug?
As always, there are many possible reasons. I’ll review the most common.
In your response to the Spectre and Meltdown vulnerabilities the first thing you recommended was to back up. Why? How does that relate to anything? How does backing up help protect me from vulnerabilities?
I do harp on backing up a lot, I know. But it’s on purpose.
As I’ve said elsewhere, nothing protects you and your data like a complete, recent backup.
Why? Because so much can go wrong. And sadly, some of the folks trying to protect themselves from Spectre and Meltdown are probably wishing they’d backed up before doing so.
I have been having problems with the Power button on my computer turning itself on and off. I have stopped shutting down my computer because I have difficulty turning it back on. I just restart it every morning, but I really don’t like leaving the computer on all the time. If I were to cut the power to the computer and then plug it back in the next morning, would I need to use the on/off button and would I be damaging anything?
You may damage your computer.
By pulling the plug or forcing a power-off by holding down the power button, you risk corrupting data on your hard drive and damaging hardware.
I’m not sure what kinds of problems you’re having with the power button, but even that needs to be used correctly, or you could end up with the very problems you’re seeing.
In general, can a PC with no remote software be hacked if it is powered off? The power supply and the internet cable are still connected to the PC. In my discussions with others, 50% say yes, 50% say no. An internet search was also divided in response with no agreement.
It’s a very unlikely scenario that could allow a turned-off computer to be hacked. I’ll describe it and show you how to prevent it.
I was dating a guy who installed Linux on my computer and is also the administrator on my computer. He can completely monitor my computer from his home. We are no longer dating but he is still screwing around with my computer. What can I do? He also knows my passwords.
I normally avoid these types of relationship-related tech questions, because they’re more about relationships than about technology. And I’m certainly no therapist.
However, I get this type of question often enough that I’m going to use it as an example of the technological implications when good relationships go bad.
Short answer: you’re in trouble until you take some drastic action.
Normally, this is where I’d quote the original question.
This topic appears in so many different guises and in so many different ways that quoting a single question would represent only a very small slice of a much larger issue.
Call it what you will, cyber-bullying, or online harassment, is a frighteningly common occurrence. Those most at risk appear to be children and individuals who’ve been in abusive domestic relationships.
Yes, under certain circumstances you can still get it for free.
But you must act quickly. The plan is that the ability to get it for free will end at the end of this year, 2017. In other words, as of the date this is published, you have only a couple of weeks left.
It’s a common frustration. You have a problem, concern, or complaint, and you want to reach out to the company or service involved. Try as you might, you can’t find a phone number. If you do, you find an endless phone-tree of automated assistance options, or worse, a scam.
As far as you can tell, there’s simply no way to locate a real person to talk to.
There probably isn’t, and the reason is simple.
People are expensive. Incredibly expensive. Even when they’re overseas, compared to automated or self-service alternatives, people are still costly and often unreliable.
Let’s look at why this is, and explore your alternatives.
I decided it was time to reinstall Windows 10 “from scratch” on my Dell Latitude laptop due to performance issues, suspected misconfigurations, and general cruft on the machine. Yes, I could have dealt with all the individual issues, but a completely clean reinstall would take less time and result in a significantly “cleaner” machine.
It used to be that “reformat and reinstall” was something Windows needed every year or two. That’s no longer the case, in my opinion, for most Windows 10 users. It’s quite reasonable to expect a stable Windows 10 installation (with updates, of course) to remain in place for the life of the machine.
As you might guess, though, I don’t fall into the category of “the majority of Windows 10 users”. With all the testing, installing, uninstalling, configuring, reconfiguring, and more, I tend to be rather hard on my Windows installations.
I got a file as an attachment to some email. I downloaded it, scanned it with my anti-virus, and then double clicked on it. Windows asked me “How do you want to open this file?” How should I know? Shouldn’t Windows know? What do I tell it?
In an ideal world, Windows would know. In an ideal world, it would simply open the file, or, if you needed to take additional steps, it would tell you what those steps would be.
I’m sure by now you realize we don’t live in an ideal world.
We need to learn a little about file types and file associations. Then we’ll know how to answer the question we’re being asked.
Earlier this week, a vulnerability was disclosed in the WPA2 security protocol that, in the worst case, could allow an attacker to potentially gain access to some or all of the encrypted information transmitted over a Wi-Fi connection.
This isn’t a bug, and it’s not a failure of one manufacturer or another. This is a weakness in the protocol itself.
If you use Wi-Fi on any device, it’s worth understanding how big of a risk this might be, and what steps, if any, you might want to take.
I understand that my password, especially if it’s not very strong, can likely be figured out by a computer driven program using trial and error. For example, all permutations, combinations of numbers, letters and special characters. What I don’t understand is this – wouldn’t a hacker, be it a person or a machine, have to actually try each and every one of these computer derived guesses on the sign-in screen of the website that they are trying to access to see if they get lucky? My experience tells me that after just a few failed attempts at entering a password, the website will not allow any more tries. So how in the heck are they able to try out all of the thousands of possible passwords that he comes up with?
What you’ve described is called a “brute force attack”, and you’re quite right; it’s a rare system that allows such an attack to proceed past the first few errors.
There are some websites that determine how strong is a password. I tried to compare them two of them. [One said that my 20-character example] password can be hacked in 16 billion years. [Another] says the same password can be hacked in 3 seconds. What a joke it is. In your opinion what site might be a reliable password checker?
From a purely algorithmic, or mathematical, perspective, cracking passwords is a fascinating problem.
From a user’s perspective, however, it’s not that fascinating at all. In fact, it’s downright frustrating. One of the best examples of that frustration is the scenario you outline: one sites’ “great” password might be considered horribly insecure by another.
What’s a user to do?
My recommendation? Create strong passwords that don’t need a password-strength meter at all.
On September 7th, the U.S. credit reporting company Equifax announced they had suffered a massive data breach some months earlier.
Equifax’s handling of that breach has since been termed a “dumpster fire” by noted journalist Brian Krebs. Their instructions, website, and tools to help you determine if you’ve been impacted have been nothing short of a total mess. The term I’d use instead of dumpster fire isn’t appropriate for a family publication.
All indications are that if you’ve ever had a credit report, your information is likely part of this mess. Even if you’re not sure, it’s best to assume it.