General Safe-Guarding YOURSELF ONLINE

Gass

Member
"Where it's all at and what to know - should be understood, and of a learning, caring, sharing resource in purpose" !

Posting Rules are same as Adguard Site - https://forum.adguard.com/index.php?threads/important-forum-rules.14859/ There is no need for politics, religion, culture differences as well as bar talk in this thread.
Come learn with us, or be a teacher/instructor of what you've mastered of an understanding and knowledge you've come to know. Though it would be most helpful to include what Device, Platform OS and it's version, being related anything wise to your post(s) or question(s) made. This is unless it's already part of your Adguard signature as displayed or therein added as a "Spoiler" in your Adguard signature.
I hope you'll find this Thread interesting and just as Helpful, please contribute at any level of experience and give a link of the source info, that alone helps a bunch for others to know and adds to the Threads resources of being Fact Based information and knowledge.

I open the door and hardy welcome anyone who comments, adds contents, has answers, gives general or specific advise in deployment concepts and of software that benefits, what they practice earnestly and can backup their added info. with fact(s), shared here with us of a link to the source of this field in knowledge and information. In saying A and B should be done - when C, D and E may help everyone that of a link offers a fuller detail(s) in the concept, principles and practice. Then any News or Articles that is 2017 if possible - not older than 2015 at the most. EX: When possible offer a link, or the source of a fact(s) you've found that goes more in depth than the forum here allows anyone to specific details. EX1: If it's something you've used/using, something you've just herd of in the news/surfing, scandals warnings, bad policies brought to light, and you share it please give a date of how current it is and the site name, if it's a software that benefits or not the name and version of it.
If an opinion you have, then add something to the logic as why it's seen or you feel that way about it - that helps for friendly helpful polite rebuttals, and to insights of why others should know of the pointed out facts in pro's and con's.
I do wish this Topic to stay friendly, understanding, mature and open to a schooling/teaching nature - and NOT to a competitive nature, and/or then what's right for one may not be right for someone else - allow for this in others opinions, we're all friends here with one common interest in Adguard and I hope online safety too.

I'm personally a Windows and Android user, so my content will follow that line of info. but, I do hope others add other info. of their chosen platforms and devices in that knowledge you've gained for a complete member based ecosystem in knowledge being shared here to one and all.


This will probably not be a resource for the knowledgably, (except a refresh ?), but all the same I hope you'll add you expertise to this resource. Mostly it's for those members like me, that wish to know and remember, of more than just scattered bits we find while surfing or that of hearsay in off-topic conversations. A Thread Topic intended and devoted as a shared resource of common sense practices and approach for everyone's benefit across all mediums and devices compatible of users interactions online.

Possible "Topic Fields of Exploration" (TFoE) and Conversations of this Thread, and then resource links given to a basic understanding:
(each [Green "Spoiler" TAB] labeled has it's own breakdown in informational "links" found on the Wikipedia site or others.)
I've included a lot of "Topic Fields", but welcome more that I've missed if staying relevant to a general principle to safe guarding yourself online
.


Desktop / Laptop Computer - https://en.wikipedia.org/wiki/Desktop_computer
Mobile Device - https://en.wikipedia.org/wiki/Mobile_device
Connected Devices - https://en.wikipedia.org/wiki/Connected_Devices
Internet appliance - (An Internet appliance is a consumer device whose main function is easy access to Internet services).https://en.wikipedia.org/wiki/Internet_appliance
Internet - The Internet is the global system of interconnected computer networks that use the Internet protocol suite (TCP/IP) to link devices worldwide. It is a network of networks that consists of private, public, academic, business, and government networks of local to global scope, linked by a broad array of electronic, wireless, and optical networking technologies. https://en.wikipedia.org/wiki/Internet

World Wide Web (WWW) - Is an information space where documents and other web resources are identified by Uniform Resource Locators (URLs), interlinked by hypertext links, and can be accessed via the Internet.
https://en.wikipedia.org/wiki/World_Wide_Web

Domain Name System - https://en.wikipedia.org/wiki/Domain_Name_System
Internet Security - https://en.wikipedia.org/wiki/Internet_security
Electronic Mail / aka eMail - https://en.wikipedia.org/wiki/Email
Email Client - https://en.wikipedia.org/wiki/Email_client
Operating System (OS) - Is system software that manages computer hardware and software resources and the operating system acts as an intermediary between software programs and the computers hardware.
https://en.wikipedia.org/wiki/Operating_system

Web Browsers - https://en.wikipedia.org/wiki/Web_browser
Browser Extensions - https://en.wikipedia.org/wiki/Browser_extension
NOTE: Browser extensions have access to everything done by the browser, and can do things like inject ads into web pages, or make "background" HTTP requests to third-party servers.
While web pages are constrained by the "security model" of the web browser (in particular, the same-origin policy), browser extensions are "not".

VPN's (Virtual Private Network) - https://en.wikipedia.org/wiki/Virtual_private_network
Firewall - https://en.wikipedia.org/wiki/Firewall_(computing)
Comparison of Firewalls - https://en.wikipedia.org/wiki/Comparison_of_firewalls
Antivirus Software - https://en.wikipedia.org/wiki/Antivirus_software
Sandbox - Used to execute untested or untrusted programs or code, possibly from unverified or untrusted third parties, suppliers, users or websites, without risking harm to the host machine or operating system.
https://en.wikipedia.org/wiki/Sandbox_(computer_security)
The domain of privacy partially overlaps security (confidentiality), which can include the concepts of appropriate use, as well as protection of information. The right not to be subjected to unsanctioned invasion of privacy by the government, corporations or individuals is part of many countries' privacy laws, and in some cases, constitutions. This is exacerbated by the research indicating that personal traits such as sexual orientation, race, religious and political views, personality, or intelligence can be inferred based on the wide variety of digital footprint, such as samples of text, browsing logs, or Facebook Likes.
https://en.wikipedia.org/wiki/Privacy

Internet Privacy - https://en.wikipedia.org/wiki/Internet_privacy

Data Mining - the computing process of discovering patterns in large data sets involving methods at the intersection of artificial intelligence, machine learning, statistics, and database systems. The goal is the extraction of patterns and knowledge from large amounts of data, applied to any form of large-scale data or information processing (collection, extraction, warehousing, analysis, and statistics).
https://en.wikipedia.org/wiki/Data_mining

Fingerprinting (algorithm) - https://en.wikipedia.org/wiki/Fingerprint_(computing)
Device Fingerprint - https://en.wikipedia.org/wiki/Device_fingerprint
Note: In fact, device fingerprints can be used to predict the likelihood users will commit fraud based on their signal profile, before they have even committed fraud. Prior to early 2017, device fingerprinting was limited to single browsers, a cross browser fingerprinting method has been published which allows tracking of a user across multiple browsers on the same device.
Canvas Fingerprinting - https://en.wikipedia.org/wiki/Canvas_fingerprinting
TCP/IP Stack Fingerprinting - https://en.wikipedia.org/wiki/TCP/IP_stack_fingerprinting
Audio Fingerprint - http://mtg.upf.edu/files/publications/MMSP-2002-pcano.pdf
My Prior Topic on Fingerprinting - https://forum.adguard.com/index.php?threads/understanding-fingerprinting.12045/

Evercookie - https://en.wikipedia.org/wiki/Evercookie
Zombie Cookie - https://en.wikipedia.org/wiki/Zombie_cookie
HTTP Cookie / aka web cookie, Internet cookie, browser cookie, or simply cookie - https://en.wikipedia.org/wiki/HTTP_cookie
Same link above goes into these as well. . .
Supercookie, can be a potential security concern and are therefore often blocked by web browsers. If unblocked by the browser, an attacker in control of a malicious website could set a supercookie and potentially disrupt or impersonate legitimate user requests to another website that shares the same top-level domain or public suffix as the malicious website.
Third-party Cookie, belongs to a domain different from the one shown in the address bar. This sort of cookie typically appears when web pages feature content from external websites, such as banner advertisements. This opens up the potential for tracking the user's browsing history, and is often used by advertisers in an effort to serve relevant advertisements to each user.

HTTP ETag - If the resource representation at that URL ever changes, a new and different ETag is assigned. Used in this manner ETags are similar to fingerprints, and they can be quickly compared to determine whether two representations of a resource are the same. ETags can be used to track unique users, cached by the browser and returned with subsequent requests for the same resource, a tracking server can simply repeat any ETag received from the browser to ensure an assigned ETag persists indefinitely (in a similar way to persistent cookies). Additional caching headers can also enhance the preservation of ETag data.
So ETag's are a Cookieless cookies in other words. https://en.wikipedia.org/wiki/HTTP_ETag

Local Shared Object / (LSOs), aka Flash Cookies - https://en.wikipedia.org/wiki/Local_shared_object
HTML5 - https://en.wikipedia.org/wiki/HTML5
Comparison of HTML5 and Flash - https://en.wikipedia.org/wiki/Comparison_of_HTML5_and_Flash
Web Storage / There are two main web storage types: local storage and session storage, behaving similarly to persistent cookies and session cookies respectively. - https://en.wikipedia.org/wiki/Web_storage

Browser Sniffing - https://en.wikipedia.org/wiki/Browser_sniffing
Vulnerability (computing) - https://en.wikipedia.org/wiki/Vulnerability_(computing)
Persistence - https://en.wikipedia.org/wiki/Persistence_(computer_science)

Website Visitor Tracking - https://en.wikipedia.org/wiki/Website_visitor_tracking
Web Beacon - https://en.wikipedia.org/wiki/Web_beacon
Computer and Network Surveillance - https://en.wikipedia.org/wiki/Computer_and_network_surveillance
 
Last edited:

Gass

Member
[Question - Opinion]
Is there such a thing as a "Secure and Private Browser"?

Maybe not, but it's better now than it's been of the past in that of Browsers being offered.
Then I'd point out that a "Search Engine" used in combination with a Browser, adds or subtracts to the principles of being secure and private to the user.

What every Browser knows about you - http://webkay.robinlinus.com/
Is your browser safe against tracking? - https://panopticlick.eff.org/
Web Browser Security - https://browserleaks.com/

A complete and thorough Browser's list (updated once every two weeks, and at times sooner).
http://www.webdevelopersnotes.com/browsers-list

Then a much older (2010) The Search Engine List / Comprehensive list of many types of Search Engines.
http://www.thesearchenginelist.com/

Here's an article "19 ways to stay anonymous and protect your online privacy".
https://www.extremetech.com/internet/180485-the-ultimate-guide-to-staying-anonymous-and-protecting-your-privacy-online

It's not the easiest site to navigate having to use the "orange-gray" <<< >>> (above the second image) or below that images texts, to move back and forth in the articles information.
Some points of interest in the above site "link" in 19ways article are Green Tabs "SPOILER" below.
Then being anonymous online is a lot harder, if not impossible being online today.
Please don't focus in on the ANONYMOUS word used in the articles title description (I didn't).
I've given Video's of a guy pointing this out in the last "SPOILER" ANONYMOUS - ANONYMITY.

If you're very serious about maintaining your IP privacy, consider investing in a VPN solution.
These services essentially allow you to disguise your traffic. Your real IP address will be hidden from the world, and your traffic will remain indecipherable to nosy ISPs or governments. Even if your government is actively on the lookout for VPN traffic, you can still benefit from so-called "stealth VPNs. VPNs are by far the best bet for bypassing censorship and snooping, granted do go with a paid VPN service as something offered FREE forthemostpart, makes you the product then. After with, in a VPN your shifting your trust from your
ISP over to a VPN operator. Be sure to read their privacy, logs policies and many factual reviews on them.
Even if you're using a privacy service (like a VPN) to hide your IP address, it's still possible to give away clues to your identity via your DNS traffic. It's easy to detect if your configuration is leaking your DNS information. Simply head over to DNSLeakTest.com, https://dnsleaktest.com/
Running the extended test. If the results show the third-party DNS service you're using you're set. I your ISP's DNS info shows up, you have a DNS leak. Follow the steps listed on the "How to fix a DNS leak",
https://dnsleaktest.com/how-to-fix-a-dns-leak.html
Then test yourself again to make sure everything is working as intended.
Your browser isn't the only vector for third parties to invade your privacy. PDFs and other seemingly harmless files can serve as homing beacons, and potentially alert government entities when you're viewing planted contraband. To prevent unintended breaches of privacy, open suspect files inside of a virtual machine. Load up your favorite OS inside of VirtualBox - or other like programs, configure it to your liking, and then save a snapshot of your VM. Next, download your desired file and then shut off your virtual
machine's access to the Internet. Once you're sure that the VM is cut off completely from the network, you can now open the file safely. Read what you need, make notes, and then shut down the VM. The next time you need to view a file do so inside one, you'll have your VM snapshot ready to go.

I'm in the dark here in that if the favorite OS inside of VirtualBox (which Author said Linux Distro's) must be different than you would normally run on your system - then would something like "Shadow Defender" http://www.shadowdefender.com/ which is known to be free in giv-aways throughout the year, maybe serves the same yet easier purpose for anyone not familiar with VM's usage?
Shadow Defender - is an easy-to-use security solution (for Windows operating systems) that protects your PC/laptop real environment against malicious activities and unwanted changes.
If you want to take privacy beyond a simple VM solution, you can instead boot up a live OS from a CD or USB stick. Knoppix and Ubuntu are good options for normal use, but Tails is custom-built for preserving your privacy and anonymity. Your traffic is automatically routed through Tor, encryption tools are built-in for IM and email, and it won't interact with any of your existing OS installations.
It's an excellent all-in-one package that's easy to use. Still, you need to be vigilant. All of the same Tor disclaimers apply, and if you're using this on a shared PC, you could still be tracked even with a simple key logger.

Tails Informational Video (Adguard does work on this site in blocking the ads - though not as it seems to in-video ads). As Nixie suggests for the most secure solution - Don't Use a USB stick, and burn yourself a Tails CD on a Non-Rewritable Disk.
Third-party cookies are one of the most common methods that advertisers use to track your browsing habits. If you visit two sites using the same advertising service, rest assured that the advertiser is keeping tabs on that information. Every major Web browser offers the ability to turn off tracking cookies. While this is far from a panacea, it shuts down the most common vector used by advertisers to build user usage profiles.
Many sites have begun using location data to offer specific services, and serve targeted advertisements. Mapping applications have legitimate
reasons for gathering location data, but that same technique can be used to help identify who you are. Any legitimate browser should let you toggle on and off location data, and we recommend leaving it off completely. At the least, demand that websites prompt you for access before gathering the data. That said, IP-based geolocation data is incredibly trivial to acquire, so remain vigilant.
If you're browsing the Web without a proxy or a VPN, you're effectively broadcasting your IP to every server you come across, and that information can be used against you. It's worth keeping this fact in the back of your mind if you're criticizing your local government official or blowing a whistle on the NSA, something along those lines especially.
The "Do not track" HTTP header is an optional message that browsers can send to Web servers. You can easily enable it in your browser's settings, but it's rather limited in scope. For this to work at all, the Web server needs to be configured to respect this flag. There is absolutely no requirement of any kind that any website needs to obey this setting, so don't expect widespread protection from trackers. Still, you don't have much to lose. The only potential issue here is that it's an additional datapoint for browser fingerprinting. But if enough people are using it, that shouldn't be a real issue.
Even if your browser is configured properly to hide your identifying information, plug-ins can still be used to endanger your privacy. If you're serious about your privacy you should avoid running plug-ins altogether. Unfortunately, that can leave a number of popular websites completely unusable. To solve this problem, it's recommended in a hybrid approach of use.

First of all, configure your browser to require your approval to run any plug-in.
Next, make sure you're running sandboxed plug-ins. While this is mostly considered a security issue, a rogue plug-in could be used to gather your personal information by an organization like the NSA.
Chrome as just one Browser can be configured to completely disallow un-sandboxed plug-ins, but it can be trickier with some other browsers.
Windows users can run their browsers inside of an application called Sandboxie, https://www.sandboxie.com/ so less sophisticated browsers can receive similar benefit.
JavaScript is a powerful language, but it can leak out identifying information.
By design, it can deliver detailed information to any Web server about your setup. What plug-ins do you have enabled? What size screen are you using? Those small pieces of information can add up, and make tracking your usage profile easier for advertisers and governments. Worse, unpatched JavaScript exploits could potentially be used to trick your browser into giving up even more identifying information. If you want to be truly anonymous, you're going to need to disable JavaScript.
That's easier said than done, since many websites rely on JavaScript for core functionality, so you'd be effectively knee-capping your Web browse.
Privacy Badger, https://www.eff.org/privacybadger
Privacy Badger was born out of our desire to be able to recommend a single extension that would automatically analyze and block any tracker or ad that violated the principle of user consent; which could function well without any settings, knowledge, or configuration by the user; which is produced by an organization that is unambiguously working for its users rather than for advertisers; and which uses algorithmic methods to decide what is and isn't tracking. Although we like Disconnect, Adblock Plus, Ghostery and similar products (in fact Privacy Badger is based on the ABP code!), none of them are exactly what we were looking for.

In our testing, all of them required some custom configuration to block non-consensual trackers. Several of these extensions have business models that we weren't entirely comfortable with. And EFF hopes that by developing rigorous algorithmic and policy methods for detecting and preventing non-consensual tracking, we'll produce a codebase that could in fact be adopted by those other extensions, or by mainstream browsers, to give users maximal control over who does and doesn't get to know what they do online.
Available for Chrome and Firefox "set it and forget it" method of blocking trackers online, this browser extension monitors when sites try to track your browsing habits, and automatically thwarts future tracking attempts. While this add-on was built using the Ad-Block Plus codebase, this isn't truly an ad-blocking tool. Instead, the EFF is only interested in blocking snoops. Best of all, the list of blocked content automatically improves the more you browse - no need to fiddle with filters by hand.

As It's Noted:
A Popular Ad Blocker Also Helps the Ad Industry-
Millions of people use the tool Ghostery to block online tracking technology—some may not realize that it feeds data to the ad industry.https://www.technologyreview.com/s/516156/a-popular-ad-blocker-also-helps-the-ad-industry
A browser extension like NoScript lets you manage which domains have permission to run JavaScript in your browser. This way, you can whitelist only the domains and webpages that you trust. Again not for beginners as the learning curve is steep.
In spite of some infamous security issues, SSL is still extremely important for keeping your Web traffic safe from prying eyes. If you want to keep nosy packet sniffers out of your business, your Web traffic should always be going through SSL connections. Sadly, not every website supports SSL. Even worse, many websites that do support SSL still default to unencrypted connections - and the Electronic Frontier Foundation wants to change that.

The HTTPS Everywhere browser extension, https://www.eff.org/https-everywhere
Provided for free by the EFF, forces SSL connections on countless websites. Chrome, Firefox, and Opera users can all take advantage of this wonderful extension, and keep important Web traffic private and secure.
It's no secret that Google makes money by tracking your behavior for targeted ads, and that's problematic from a privacy perspective. Using two of the most popular, StartPage or DuckDuckGo is good alternatives for some of us, but the quality of Google's results can be difficult to forgo. Thankfully, you can sidestep one of Google's most obnoxious behaviors: URL trackers. When you click on a URL in Google, it actually loads a redirect URL first for easier tracking. Even worse, simply copying the link from Google can give you a long, messy tracking link instead of the plain URL you really want.
When you use this simple little extension called Searchlinkfix, it does away with that completely. COMPATIBLE WITH FIREFOX 57+, this extension prevents Google and Yandex search pages from modifying search result links when you click them. This is useful when copying links but it also helps privacy by preventing the search engines from recording your clicks.
https://addons.mozilla.org/en-US/firefox/addon/google-search-link-fix/

StartPage, https://www.startpage.com/eng/privacy-policy.html#hmb
Startpage is the only privacy search engine that has been independently audited.
DuckDuckGo, https://duckduckgo.com/privacy
Qwant, https://about.qwant.com/legal/privacy/#help_details

Others To Decide on for yourselves:
Peekier - https://peekier.com/privacy
SearX - https://www.searx.me/about
PrivateLee - https://privatelee.com/docs/privatelee/privacy.htm
Qrobe - http://qrobe.it/docs/qrobe/privacy.htm

What"s your thoughts on Wolfram|Alpha
http://www.wolframalpha.com/about.html
http://www.wolframalpha.com/privacypolicy.html

and this Browser
"The Classic Browser"
Guaranteed Safety & Privacy:
What could possibly be safer and more private than a browser that is highly user-configurable but NON-programmable by 3rd parties, and one that doesn't save anything to your hard disk other than your settings? Let common sense prevail! http://theclassictools.com/
When you sign-up for user accounts across the web, using a different email address for each site is a good way to throw unscrupulous third-parties off of your trail. If you actually want to maintain legitimate accounts on popular sites, you can create numerous free email accounts, and then configure email forwarding to funnel all of the messages into a single inbox. It's a lot of additional work, but it also offers the benefit of being able to easily detect which sites are selling your information to spammers.
Forgive the Video's persons brash, salty, and chaffness of his attitude and/or his examples mentioned.
(Though the points he's made are informing, and I feel has their benefits - none the less).
Question: Is Tails a More Secure Way to Use TOR?

Question: How Do You Stay Fully Anonymous?

Same Video (above), it's mentioned of e-Biometrics (I've never herd of) have you?
At the point he starts describing it, is the 4:12 min/sec mark.
 
Last edited:

Gass

Member
4+ Linux Distros Designed for Privacy and Security

Conventional security measures like antivirus programs are behind the curve when it comes to modern hackers and malware. Unfortunately, antivirus software and firewalls give users a false sense of security. In reality, new threats are being developed and unleashed into the wild every single day, and even the best antivirus programs have to play catchup.

Recent ransomware attacks (aka. WannaCry) have targeted Windows-based PCs in over 150 countries – cyber security and privacy is incredibly important. Windows and macOS are easy to use and popular; however, they are much more susceptible to malicious code.

Linux is free and open source, which means there are hundreds of “flavors.” These individual distributions are tweaked to different specifications. Security-focused users will be pleased to know that there are a number of Linux distros designed with security and privacy in mind.
Well-known thanks to the crypto-anarchist Edward Snowden, Tails stands for The Amnesiac Incognito Live System. The operating system is booted from a live DVD, USB or SD card. Tails runs completely within the computer’s RAM, meaning that once you shut the computer down, all trace of it is wiped. This protects you from any potential data recovery techniques after shut down.

In addition, Tails promotes online anonymity by routing all of your Internet traffic through the Tor network. Tor bounces your Internet activity through a series of relays, preventing people from learning what sites you visit and preventing sites from learning your physical location. Finally, Tails utilizes a variety of state-of-the-art cryptographic tools in order to securely encrypt your data. https://tails.boum.org/
Qubes takes an entirely different approach to online security and privacy. The developers call it “security by compartmentalization.” What this means is that Qubes takes various parts of your “digital life” and isolates them in secure compartments they call “qubes.”

In layman’s terms, users configure various “qubes” to handle different tasks. You may have one qube dedicated to your personal finances while another handles work-related activities. This way if malware attacks your work qube, it will be contained to that qube, leaving your other qubes safe and unaffected. Qubes does require more effort to configure; however, it can prevent a single attack from taking down your entire system. https://www.qubes-os.org/
With Ipredia, privacy is the main focus. Start Ipredia by booting a live DVD or USB or install on your hard drive. Similarly to the Tails OS, the main draw of Ipredia is that it reroutes all of your Internet traffic to protect your anonymity. The difference between the two is that Tails routes your traffic through the Tor network, whereas Ipredia uses the I2P network. I2P is shorthand for the “Invisible Internet Project.” Without getting too technical, I2P uses an overlay network to allow applications to communicate with each other securely and anonymously.

Ipredia comes pre-configured with a variety of anonymous software, like an email client, web browser and BitTorrent client. Users also gain access to “eepsites” – anonymously-hosted sites using special domains ending in .i2p. http://www.ipredia.org/os
Whonix is a bit different from the rest. It doesn’t require you to boot from a Live CD or USB, nor does it require you to install it to your hard drive. Instead, Whonix is designed to run inside a virtual machine. This provides another layer of protection as malware attacks are contained within the virtual machine.

As an added benefit, all user traffic is automatically configured to run through the Tor network. This routes your activity through a series of relays, effectively combating network surveillance. Since Whonix runs in a virtual machine, it can be used with any operating system. https://www.whonix.org/
Made famous thanks to appearances in Mr. Robot, Kali is an OS designed specifically to audit the security of existing systems. Kali comes pre-loaded with a wide variety of forensic tools. These are mainly used by IT professionals to assess vulnerabilities and test effective defensive techniques.

If you aren’t familiar with the security tools packaged with Kali, you won’t find it very useful. If you’re keen to learn how Kali can help you prevent cyber-attacks, you’re in luck. Kali’s creators offer a variety of educational tutorials to help users make the most of Kali, free of charge. https://www.kali.org/
Source: https://www.maketecheasier.com/linux-distros-designed-for-privacy-security/amp/
 

anajames

New Member
I recently got to bear the brunt of the Wannacry attack. Lost all my data. Although i was using Kaspersky too. Now have installed Windows 10. Question is what do i need to do to be safe in the future.
 

Gass

Member
I recently got to bear the brunt of the Wannacry attack. Lost all my data. Although i was using Kaspersky too. Now have installed Windows 10. Question is what do i need to do to be safe in the future.
I'll try to answer your question, with what I find online. First, if you don't mind my questions: Why Win. 10? there is a lot known about the calling home it does on a user, of an OS to it's lack of users privacy.
In a general sense, would you inform us what it was you did that got your system infected? No link needed - just what caused the attack, like did you click on something in a site or in going to a site, downloaded file, email or an attachment, etc...

Most Important of all resolves-
Offline stored backups - meaning a backup made (clone of all important operating system drives/partitions) and stored in an detachable medium such as some kind of USB drive (not USB Stick) big enough to hold multiple cloned system images and not get lost/misplaced. Then unplugged when this drive is not in use, just make sure the cloned backups have some kind of bootable means. Windows own restore/refresh won't cut it, as it's, as I believe being an online storage system to the C : Drive storage somewhere (I could be wrong as I'm a learning too) - which ransomware can and does affect.
Edit/Add** Do consider a backup of a backup, or in system backups pulled using TWO different means (softwares), just for the insurance it can give till your confident of the backup/restore process and in any one software means does work.
An example would be to make some back-to-back backups from TWO different softwares (free or paid) and THEN add something to your desktop (like an image or file) or deleting something - as being present or not in the main backups and for the comparison of the restored system images.
Then restore each of these TWO different software backups at different times - to see if all is ok (maybe running a day or two) in between each of these TWO different software restored system backups. Just remember to add or delete as done before to see and a fair comparison in each.

1. source - recommend using MiniTool Partition Wizard to do the clone. Why choose MiniTool Partition Wizard? Well, this free ransomware protection can be used to clone disk, system, and partitions. Besides, it is not only ease of use, but also ensure that when you have finished system cloning or system disk cloning, the destination disk is bootable.
It gives pretty good step by step instructions on the sites link below too.

First and foremost, let's clarify exactly what WannaCry is. In short, this malware is a scary type of Trojan virus called "ransomware". As the name suggests, such virus holds the infected computer hostage and demands that the victim pays a sum of ransom so as to regain access to the files on his computer.

If a computer is attacked by WannaCry, the desktop background will be changed and nearly all file types (such as .7z, .avi, .csv, .doc, .docx, .dot, .gif, .iso, .java. .jpeg, .jpg, .mkv, .mov, .mp3, .mp4, .pdf, .png, .ppt, .rar, .txt, .wav, .xlsx, .zip, etc.) will be encrypted until the user send $300 in bitcoins to the appointed address. If the user do not send the ransom within 3 days, the amount doubles to $600, and the user will lost the chance to decrypt his files after 7 days without payment. In a word, only through ransom can the victims have the possibility of decrypting their files (reputedly it is hard for the hackers to distinguish who paid the ransom).

According to a report, more than 300,000 systems around the world are believed to have been infected. Undoubtedly WannaCry is the most severe malware attack so far in 2017, and the spread of this troubling ransomware is at an alarming rate.
Source: https://www.partitionwizard.com/clone-disk/protect-yourself-from-ransomware.html

1st. source - How to Protect Yourself against WannaCry Ransomware

If your computer is currently running normally, how to stay safe from WannaCry ransomware? Generally speaking, you need to do the following things:
-Never click on a link that you do not trust.
-Be aware of a fake website that uses names similar to popular services.
-Use antivirus and always make them have the last update.
-Make sure your Windows has the last update.
-Disable file sharing support. (Enter Control Panel\Programs\Programs and Features. Then uncheck SMB1.0/CIFS File Sharing Support. Finally, restart your computer.)
-Keep your files backed up regularly (most significant)

Among the several suggestions, regularly back up system and important files is always the best one. Once a computer is attacked by ransomware, cut off internet access and install the patch MS17-010, then restore system and files.
Source: https://www.partitionwizard.com/clone-disk/protect-yourself-from-ransomware.html

Microsoft Security Bulletin MS17-010 - Critical - https://technet.microsoft.com/library/security/MS17-010
- https://technet.microsoft.com/library/security/MS17-010
- https://support.microsoft.com/en-us/help/4013389/title

2nd. source - WannaCry Ransomware: How to protect yourself
  1. If you use Windows, install the patch that Microsoft has released to block the specific exploit that the WannaCry ransomware is using. You can find instructions on this page in the Microsoft Knowledge Base. You can also directly download the patches for your OS from the Microsoft Update Catalog.
  2. If you are using an unsupported version of Windows like Windows XP, Windows 2008 or Server 2003, you can get the patches for your unsupported OS from the Update Catalog. We do recommend that you update to a supported version of Windows as soon as possible.
  3. Update your Antivirus software definitions. Most AV vendors have now added detection capability to block WannaCry.
  4. If you don’t have anti-virus software enabled on your Windows machine, we recommend you enable Windows Defender which is free.
  5. Backup regularly and make sure you have offline backups. That way, if you are infected with ransomware, it can’t encrypt your backups.
  6. For further reading, Microsoft has released customer guidance for the WannaCry attacks and Troy Hunt has done an excellent detailed writeup on the WannaCry ransomware.
Additional resources: see the source site link.
Source: https://www.wordfence.com/blog/2017/05/how-to-protect-yourself-against-wannacry/

Addition aid-
Surfing with some kind of installed program (Shadow Defender / Sandboxie / etc...) where anything system wise that gets infected, then with a system restart will clear every and all changes made that was malicious, and that's the beneficial function of every Light Virtualization program like these. Granted you do run them indeed, no sense to install one if you don't earnestly use it.

Hope I've been able to help out some, as for the specific question you asked of doing something to be safe in the future, who really can say as threats emerge everyday now and the attack vector is great, then just having the knowledge that you'll need to rebound at some point and being prepared to do that rebound is most of it, "simply" plan - where as offline stored system backups helps out the most :)
Thanks, Gass
 
Last edited:

Blaz

Moderator & Translator
Staff member
Moderator
Why Win. 10? there is a lot known about the calling home it does on a user, of an OS to it's lack of users privacy.
Depends on the exact Win10 version. LTSB version has less "spying" items.
 

Gass

Member
Depends on the exact Win10 version. LTSB version has less "spying" items.
Thanks for the point, but what is meant of "LTSB" version, as I've tried Win 10 when it first was offered free - I'd seen in a few hours that it wasn't going to make it into the mostly desktop usage as I had done in Win 8.1.
There's a good non-installed program for Win 10 to help with spying.

How Blackbird Works
Without going into too much detail, Blackbird employs some known and less-known techniques to fully disarm Windows while leaving the smallest possible footprint.
For instance, Blackbird does not edit the HOSTS file in any way, nor does it mess with your firewall settings.
It does not run in the background, instead relying on persistent routes and resolving hostnames to IP addresses each time Blackbird is applied by the user.
After usage no new files are left behind on your computer and you can safely delete blackbird.exe. Blackbird has succeeded when you forget it was ever there. Everything our software does can be restored using the software itself or manually by hand.
(*Dev.notice: Please don't do this manually, it will take forever and is confusing)
There are other tools that claim to block Windows spying but they are cumbersome to use and not as powerful or are limited in scope. So we took Windows apart, piece by piece, analyzed web traffic, system calls, file changes, etc., compared different configurations, designed and built a stand-alone tool and spent hundreds of hours on beta testing so anyone can use it and it gets the job done right.
Updated frequently and regularly, as long as Windows gets updates so will Blackbird.
Privacy is the only thing that should be opt-in by default.
Don't be another cog in the machine, instead throw a wrench in.
Runs on all recent desktop editions (Home, Pro, etc.) and versions of Windows (Vista, 7, 8, 8.1, 10).
http://www.getblackbird.net/download/
(Posted for other users benefits to the knowledge of this Thread)

I've personally used Blackbird on my Win 8.1 system, although I've herd enough about Win 10, and even with the benefits of this program - I'm not going to do it. I'm looking to move over to a Linux Distro in my future.
Thanks, Gass :D
 
Last edited:

Blaz

Moderator & Translator
Staff member
Moderator
Thanks for the point, but what is meant of "LTSB" version
LTSB = Long Term Servicing Branch

It is usually only available to companies or individuals who buy a MSDN subscription.
 

steve1209

Beta Tester
I recently got to bear the brunt of the Wannacry attack. Lost all my data. Although i was using Kaspersky too. Now have installed Windows 10. Question is what do i need to do to be safe in the future.
@anajames

1. As stated run backups, Win 10 has a built in backup & recovery system, after you run it disconnect your external USB drive till the next run, the software is free of course https://www.howtogeek.com/220986/how-to-use-all-of-windows-10’s-backup-and-recovery-tools/

2. Get software ($$$) to prevent ransomware attacks, I use Malwarebytes 3 premium myself, there are others https://blog.malwarebytes.com/101/2016/03/how-to-beat-ransomware-prevent-dont-react/
 
Last edited:

Boo Berry

Moderator + Beta Tester
Moderator
Always check every couple days for Windows Updates and leave automatic updates enabled (no matter how annoying they can be).
 

Gass

Member
Always check every couple days for Windows Updates and leave automatic updates enabled (no matter how annoying they can be).
I mostly agree here, of the point to - with checking every day or couple of days for Windows Updates (though aren't they mostly released on Tuesdays), then in self checking, would that null factor out the need for automatic updates being enabled - wouldn't it? Unless you meant as an extra protection and precaution against user errors of forgetting to do so.

I would add these too as well as of your advise, Sir.
For the most part in running any OS, user/system protection comes from your own vigilance and of using common sense.
Do NOT choose to run your Win OS in a high privileged state as "administrator" constantly, then wisely grant priority of permission to which programs need this level of execution.
Watch what emails or attachment files you click on - unknown senders especially.
Use strong passwords for all accounts, changing your pw randomly and often.
Run scheduled scans and update your AV daily, then if possible use two anti-malwares and a sandbox program, avoiding surfing for any unknown sourced downloads, watch out for streaming or gaming sites and avoiding cracked software.

Side Note:
Since online actives and website interactions often requires your personal information, (email address - worst ones asking, real name, age, address, date of birth, SSN) be stingy and protective of these, as anything in your wallets and/or purses - treat this kind of info. as it's your last $5.-50. dollars with no foreseeable replacement in it of the future and then liken to spending it wisely.

Social sites can seem harmless, but are they really? FREE or Paid to take - Surveys, quizzes, questionnaires and credit reports all can end up mining lots of your info. and sell it. Images posted online containing street signs, house addresses and auto license plates are a no-no to me. Tat's can be bad too as usually no two people have same tat's in the same place.
Most of these are pieces of you that makes you, well you, and most of it opens the doors to your bank accounts or credit worthiness, in any case your financial self - where a thief is so much closer to that last bit in (locked up) knowledge to harm you greatly here. Trust very little in anyone online (you never get a chance to look into their eyes or they in yours) and question a lot of their need why to know, and then where it may end up, and with what it could be added to that's already out there about you.

In e-commence sites (buying something online) try to use a service like PayPay, Payza, though there's pro's and con's here - what's important is to be giving the least amount of your information out. (HACK - yes think of the site your buying from getting HACKED) Most US people can go to Walmart's or another merchant and put money on a gift card (Visa-Mastercard), an online account in association to the gift card has to be made and your correct mailing address used for the shipping/mailing address of your goods to be sent. With the charge to load some domination $50.-$250. etc. that's it, as what the $ amount anyone could steal from you, once it's spent save the account and card for some months later as a possible return/charge back maybe needed and then trash it and repeat, - the $5.-$6. dollars to load is one time fee and not like a prepaid debit card as in every month a fee or charge.
Anyone else got any ideals here about this (buying online) or what do you do / use ?

Gass :D
 
Last edited:

Gass

Member
What You Should Want to Know About WannaCry Infecting Linux

Several days have passed since WannaCry has wreaked havoc on the world with its clever use of an SMB exploit found within Windows, yet the malware continues making the news with new information and speculation surrounding its origins, its trajectory, and the potential for more massive attacks.

Some local press organizations around the world have even made wild claims about the virus, sometimes going as far as to say that a hostile foreign government is responsible. Wild assertions like these aside, there is one troubling piece of information that caught the attention suggesting that Linux is not immune to the WannaCry infection, and that’s just not completely true.

Should Linux Users Worry?
As long as you are not running applications like WINE as root and opening WannaCry through it, you shouldn’t worry about being infected. If you run applications as they are meant to run on Linux, they will do so under an enclosed system with certain restrictions. It is generally harder for an application to overstep the boundaries set for it by the Linux operating system than it would be under Windows. You’d have to practically try to infect yourself with the WannaCry worm in order to encounter any effect from it.

Just Remember to Be Cautious
When something running on Linux tries to get the operating system to do something with root privileges, it will ask you for your password. If you’ve used Linux for a long time, you’re probably already used to the password prompt appearing every time you update an application or install a new one. It’s just part of the daily grind. And if you get a password prompt out of nowhere, that should arouse your suspicion.

Just remember that although Linux is an armored tank, you are the driver. An operating system is a tool (this also applies to Windows, by the way - a hammer can be good, but it can hit your thumb as well!), and how you use it largely determines how safe you will be. Yes, Linux does a great job of protecting you from most threats, but it’s only doing seventy percent of the work. The rest of it has to come from your own vigilance.

Use the tool the way it is meant to be used and don’t get complacent. Most importantly, do not rely on convenience to complete a job. Don’t change folder permissions to a higher level than they should be. Do not run applications as root when they don’t need it. Follow these simple rules and you should be fine.

Edited slightly from the original Source: https://www.maketecheasier.com/wannacry-did-not-infect-linux/
Some good points in the comments there. . .
 

Boo Berry

Moderator + Beta Tester
Moderator
Well, the new cumulative update that was released yesterday for Windows 10 didn't come on a Tuesday, but it didn't contain any security fixes. Microsoft is going to release at least two cumulative updates per month, with only the Patch Tuesday update containing security patches.

Checking for updates once a week manually is probably still a good practice for casual PC users (though I check daily in the afternoon on my devices). But remembering that every second Tuesday of every month is Patch Tuesday when Microsoft releases the new security fixes is something to keep in mind. Also keeping automatic updates enabled is a must IMO, especially if you use Windows Defender (it updates at least once a day automatically).
 

Gass

Member
Checking for updates once a week manually is probably still a good practice for casual PC users (though I check daily in the afternoon on my devices). But remembering that every second Tuesday of every month is Patch Tuesday when Microsoft releases the new security fixes is something to keep in mind. Also keeping automatic updates enabled is a must IMO, especially if you use Windows Defender (it updates at least once a day automatically).
I see and thank you. Being mostly a "casual PC user" as probably most of the readers here are, it's sound advice you've given. I totally agree then for anyone on Win 10 or lesser versions.

I'm (like on Win 8.1) and it's close to being on the old time still after the Day Light Savings Time change, don't ya know. Then, as it could be seen with all versions of Windows now-a-days of the roller coaster ride with updates and patches. To the rollups general way these updates/patches are given now - alas no more pick and choose as it was - unless you understand how and the drawn out process needed - that I'll not go into here.
I called attention of these MS update changes - https://forum.adguard.com/index.php?threads/microsoft-update-policy-change-win-7-8-1-october.14386/


There's a site (AskWoody) with a guy "Woody Leonhard" who makes an effort to inform and keep people in understanding and the know. Offers a (MS-DEFCON System) to Microsoft consumers to know when it’s safe to install patches. What the patch did or affected in some systems as potential harm or side affects.
As well as many other topics and news geared to MS system users, the right hand Menu on the site lists many more than I've given below, but as a quick find here's the given quick ref. - "Note" it appears there's been some house keeping done and in some topics, there is only 2017 info. given now , it just depends what you go to - better than old stuff to sorting through. Yes, though some being sparse now.
Quick Links:
Home Page: https://www.askwoody.com/
Questions: Win10 - https://www.askwoody.com/forums/forum/askwoody-support/windows/windows-10/ask-win10-questions-here/
Questions: Win 8.1 (and Win 8) - https://www.askwoody.com/forums/forum/askwoody-support/windows/windows-8-1/ask-win-8-1-and-win-8-questions-here/
Questions: Windows 7 - https://www.askwoody.com/forums/forum/askwoody-support/windows/windows-7/ask-windows-7-questions-here/
Questions: Vista, XP back to 3.1 - https://www.askwoody.com/forums/forum/askwoody-support/windows/windows-vista-xp-and-earlier/questions-vista-xp-back-to-3-1/
AskWoody blog - https://www.askwoody.com/forums/forum/askwoody-blog/
Knowledge Base - https://www.askwoody.com/forums/forum/knowledge-base/
Tools - https://www.askwoody.com/forums/forum/tools/
Scrolling down near the bottom of the "menu" lists you'll find the links I've gave, as why I've posted them - is so you'll not miss them.

Then also posts on this site - http://www.infoworld.com/blog/woody-on-windows/

Hope this helps you some.
Gass :D
 
Last edited:

Gass

Member
If you think a business / website is secure from hackers because it hires a local / national IT company or someone with a security certificate, think again!
Every day you see news about high profile companies being breached. Do you think they hire "a buddy" living next door?
All of them hire experts with diplomas, certificates, and perhaps decades of experience, and yet millions of accounts containing peoples personal information are stolen, by people who most of the time haven't finished college.

You may think it's getting better, as companies get new certificates and employ new security standards, but in fact it just getting worse. According to informationisbeautiful.net in 2016 alone there were more accounts stolen than 2004 - 2007 combined.

Just think the next time, if you ever needed to recover your password cause you forgot it. Companies sending a recover link to your email or phone is insecure and may be used by hackers to steal your account, which can build from there into your other life's online accounts. :eek:

Imagine a beach full of sand grains 10 feet deep and technology is that beach, being only secure as to the surface sand we can see, many things lay buried that are weak to defenses and all it takes is a pirate or treasure hunter to find some treasure - your treasures.

The History of Data Breaches in USA 2005 onwards.
https://digitalguardian.com/blog/history-data-breaches

Credit Card & Debit Card Fraud Statistics
https://wallethub.com/edu/credit-debit-card-fraud-statistics/25725/

ON A FLIP SIDE:
Criminals wear suits too.
AIG, Goldman Sachs, Lehman Brothers, JP Morgan Chase, Bank of America and Morgan Stanley.
Most of these firms were directly involved in elaborate fraud and theft, financial crooks brought down the world's economy — but the feds are doing more to protect them than to prosecute them.
An old 2011Rolling Stone story but dang - if it hadn't happened or more went to jail, even paid restitution on top of heavy fines - would America be greater and it's people better off?
Here's the link if your interested -
http://www.rollingstone.com/politics/news/why-isnt-wall-street-in-jail-20110216
 
Last edited:

anajames

New Member
I'll try to answer your question, with what I find online. First, if you don't mind my questions: Why Win. 10? there is a lot known about the calling home it does on a user, of an OS to it's lack of users privacy.
In a general sense, would you inform us what it was you did that got your system infected? No link needed - just what caused the attack, like did you click on something in a site or in going to a site, downloaded file, email or an attachment, etc...

Most Important of all resolves-
Offline stored backups - meaning a backup made (clone of all important operating system drives/partitions) and stored in an detachable medium such as some kind of USB drive (not USB Stick) big enough to hold multiple cloned system images and not get lost/misplaced. Then unplugged when this drive is not in use, just make sure the cloned backups have some kind of bootable means. Windows own restore/refresh won't cut it, as it's, as I believe being an online storage system to the C : Drive storage somewhere (I could be wrong as I'm a learning too) - which ransomware can and does affect.
Edit/Add** Do consider a backup of a backup, or in system backups pulled using TWO different means (softwares), just for the insurance it can give till your confident of the backup/restore process and in any one software means does work.
An example would be to make some back-to-back backups from TWO different softwares (free or paid) and THEN add something to your desktop (like an image or file) or deleting something - as being present or not in the main backups and for the comparison of the restored system images.
Then restore each of these TWO different software backups at different times - to see if all is ok (maybe running a day or two) in between each of these TWO different software restored system backups. Just remember to add or delete as done before to see and a fair comparison in each.

1. source - recommend using MiniTool Partition Wizard to do the clone. Why choose MiniTool Partition Wizard? Well, this free ransomware protection can be used to clone disk, system, and partitions. Besides, it is not only ease of use, but also ensure that when you have finished system cloning or system disk cloning, the destination disk is bootable.
It gives pretty good step by step instructions on the sites link below too.

First and foremost, let's clarify exactly what WannaCry is. In short, this malware is a scary type of Trojan virus called "ransomware". As the name suggests, such virus holds the infected computer hostage and demands that the victim pays a sum of ransom so as to regain access to the files on his computer.

If a computer is attacked by WannaCry, the desktop background will be changed and nearly all file types (such as .7z, .avi, .csv, .doc, .docx, .dot, .gif, .iso, .java. .jpeg, .jpg, .mkv, .mov, .mp3, .mp4, .pdf, .png, .ppt, .rar, .txt, .wav, .xlsx, .zip, etc.) will be encrypted until the user send $300 in bitcoins to the appointed address. If the user do not send the ransom within 3 days, the amount doubles to $600, and the user will lost the chance to decrypt his files after 7 days without payment. In a word, only through ransom can the victims have the possibility of decrypting their files (reputedly it is hard for the hackers to distinguish who paid the ransom).

According to a report, more than 300,000 systems around the world are believed to have been infected. Undoubtedly WannaCry is the most severe malware attack so far in 2017, and the spread of this troubling ransomware is at an alarming rate.
Source: https://www.partitionwizard.com/clone-disk/protect-yourself-from-ransomware.html

1st. source - How to Protect Yourself against WannaCry Ransomware

If your computer is currently running normally, how to stay safe from WannaCry ransomware? Generally speaking, you need to do the following things:
-Never click on a link that you do not trust.
-Be aware of a fake website that uses names similar to popular services.
-Use antivirus and always make them have the last update.
-Make sure your Windows has the last update.
-Disable file sharing support. (Enter Control Panel\Programs\Programs and Features. Then uncheck SMB1.0/CIFS File Sharing Support. Finally, restart your computer.)
-Keep your files backed up regularly (most significant)

Among the several suggestions, regularly back up system and important files is always the best one. Once a computer is attacked by ransomware, cut off internet access and install the patch MS17-010, then restore system and files.
Source: https://www.partitionwizard.com/clone-disk/protect-yourself-from-ransomware.html

Microsoft Security Bulletin MS17-010 - Critical - https://technet.microsoft.com/library/security/MS17-010
- https://technet.microsoft.com/library/security/MS17-010
- https://support.microsoft.com/en-us/help/4013389/title

2nd. source - WannaCry Ransomware: How to protect yourself
  1. If you use Windows, install the patch that Microsoft has released to block the specific exploit that the WannaCry ransomware is using. You can find instructions on this page in the Microsoft Knowledge Base. You can also directly download the patches for your OS from the Microsoft Update Catalog.
  2. If you are using an unsupported version of Windows like Windows XP, Windows 2008 or Server 2003, you can get the patches for your unsupported OS from the Update Catalog. We do recommend that you update to a supported version of Windows as soon as possible.
  3. Update your Antivirus software definitions. Most AV vendors have now added detection capability to block WannaCry.
  4. If you don’t have anti-virus software enabled on your Windows machine, we recommend you enable Windows Defender which is free.
  5. Backup regularly and make sure you have offline backups. That way, if you are infected with ransomware, it can’t encrypt your backups.
  6. For further reading, Microsoft has released customer guidance for the WannaCry attacks and Troy Hunt has done an excellent detailed writeup on the WannaCry ransomware.
Additional resources: see the source site link.
Source: https://www.wordfence.com/blog/2017/05/how-to-protect-yourself-against-wannacry/

Addition aid-
Surfing with some kind of installed program (Shadow Defender / Sandboxie / etc...) where anything system wise that gets infected, then with a system restart will clear every and all changes made that was malicious, and that's the beneficial function of every Light Virtualization program like these. Granted you do run them indeed, no sense to install one if you don't earnestly use it.

Hope I've been able to help out some, as for the specific question you asked of doing something to be safe in the future, who really can say as threats emerge everyday now and the attack vector is great, then just having the knowledge that you'll need to rebound at some point and being prepared to do that rebound is most of it, "simply" plan - where as offline stored system backups helps out the most :)
Thanks, Gass

Thanks for a detailed response.
Firstly, the reason using a Windows 10 since my colleague recommended me to. He mentioned something like linux but it was a bit difficult to understand for me. Moreover, as far as i remember there was this email i received and it mentioned a friend name has sent me a friend request. I clicked on it. After an hour or so i got the virus.

Although i was using Kaspersky at that time so as now.

@anajames

1. As stated run backups, Win 10 has a built in backup & recovery system, after you run it disconnect your external USB drive till the next run, the software is free of course https://www.howtogeek.com/220986/how-to-use-all-of-windows-10’s-backup-and-recovery-tools/

2. Get software ($$$) to prevent ransomware attacks, I use Malwarebytes 3 premium myself, there are others https://blog.malwarebytes.com/101/2016/03/how-to-beat-ransomware-prevent-dont-react/
Roger that, thanks for the assistance.
 
Last edited by a moderator:

Gass

Member
Thanks for a detailed response.
Firstly, the reason using a Windows 10 since my colleague recommended me to. He mentioned something like linux but it was a bit difficult to understand for me. Moreover, as far as i remember there was this email i received and it mentioned a friend name has sent me a friend request. I clicked on it. After an hour or so i got the virus.

Although i was using Kaspersky at that time so as now.
Roger that, thanks for the assistance.
@anajames Wow, something that simple and seemly innocent to cause so much harm, and one wouldn't think to be on guard. I hope this helps out others to know how simple it can be to get caught up in all the traps set in motion to harm oneself.

Then again you could run a Linux distro as in a Virtualization software. To get accustomed to it while experimenting in it's use.
Virtualization software is most often used to emulate a complete computer system in order to allow a guest operating system to be run, for example allowing Linux to run as a guest on top of a PC that is natively running a Microsoft Windows operating system.
https://en.wikipedia.org/wiki/Category:Virtualization_software

Virtualization software can essentially turn one computer into several. We'll show you how virtualization works, what it can be used for, and a few virtual software packages for your nonprofit or library. Old but cover the bases.
http://www.techsoup.org/support/articles-and-how-tos/virtualization-101

I use Kaspersky too, as with many of the main ones, a zero day and early attacks takes some time to notice and defend against, when large scale deployments happens all at once.
It's that sandy beach (as technology) being ten feet deep in sand grains and only the top (seen) surface sand guarded against to any defense. With each roll of the tide new sand grains gets exposed to attacks.

Look for the logic in something and try to break it down to the simplest form. If it's something you know nothing about look next door to some relationship in something you do understand and apply that to try to break it down to understand it.
I think of the Olympic flag symbols when doing this

where the circles cross or intersect is a door or bridge to carry over what's understood and then applied to the circle you know nothing about, as the bridge or crossing is the point of commons / related properties shared of both between all.
That make any sense to you? If it did I hope it helps. :)

Gass :D
 
Last edited:

Gass

Member
Does your computer supports Virtualization (aka. VT-x, Virtual Technology)?
To check if your computer supports VT, you could refer to this useful tool called: LeoMoon CPU-V. It does not only detect if your CPU supports Hardware Virtualization, but also Detect if Hardware Virtualization is Enabled in BIOS.
LeoMoon CPU-V - https://leomoon.com/downloads/desktop-apps/leomoon-cpu-v/

Running Android apps on a desktop or laptop is becoming the new norm these days; more and more options are becoming available. There’s even some speculation that desktop and mobile operating systems will eventually merge into a single OS. For now, we have Android emulators like Nox App Player and others to help us play our favorite games and use other Android apps on a PC.

Based on Android 4.4.2, Nox App Player is available for both Windows (XP SP3, 7, 8, 8.1, 10) and macOS Sierra. Considering the fact that Nox App Player is an emulator, don’t think it would work under Wine on Linux, probably can’t get it to run after installation, so move on over to a Windows or macOS Sierra installs.

Android on Your Desktop
Nox App Player has a very clean interface. Upon first glance, you’ll notice that everything is on a single page and there aren’t very many apps installed. It looks like an oversized Android tablet or TV box on your computer screen.

There is a Google Search bar at the top, two rows of icons, and a bottom dock. The status bar is also there, but remember this is based on Android 4.4.2, so when you pull down the notifications, they take up the entire screen. You also get notifications via the Windows taskbar, so you don’t have to worry about missing a thing.

Source of the informational article: https://www.maketecheasier.com/nox-app-player/
Nox App Player Homepage: https://www.bignox.com/
Gass :D
 
Last edited:

Gass

Member
Media Player Subtitles Malware
Subtitles Malware What It Is, and How to Avoid It

The official Checkpoint release on the malware (http://blog.checkpoint.com/2017/05/23/hacked-in-translation/) does not specify exact operating systems, but it does mention the following:
“…the attacker can do whatever he wants with the victim’s machine, whether it is a PC, a smart TV, or a mobile device.”

Warning: check the options settings for subtitles in your Media Player (if a checkbox is available) uncheck it to wart off automatically DL subs.

What files come to mind when you think of potentially dangerous filetypes? .exe files are definitely up there, as are app downloads from shady websites. Quite low on that list will be files such as .txt, which are usually highly trusted not to contain a virus.

This train of thought that something is “too simple” to carry viruses, however, can be great for hackers. They can use this false sense of security to sneak malware into a file that’s “too basic” to carry them. Recently, for example, there was a nasty spike of attacks as subtitles malware were being used to gain control of people’s computers.

Why Subtitle Files?
Getting a virus from a subtitle file seems very strange! After all, isn’t it just a file full of text?

While the subtitle file itself may not be able to do much damage, it can start a series of events that gives hackers access to someone’s computer. The main attack method for subtitle files is to act through a media player. Once installed, the subtitle file works through the media player when loaded to grant hackers access to the victim’s PC. Given how there are twenty-five different subtitle file types in use at the moment, media players have had to stretch themselves to fit every use case. This naturally leaves security holes that can be used.

Even worse, because subtitle files are highly trusted, the amount of security when parsing a subtitle file is very low. Not only are there flaws in the security, but should something take advantage of said flaws, there’s usually nothing there to stop it from taking control.

Due to the benign nature of subtitle files, antivirus software may totally fail to register the threat at all, making them a silent and effective means of gaining access to someone’s computer.

Who Does this Affect?
While there are a lot of lesser-known players out there that might be affected by this exploit, Checkpoint (http://blog.checkpoint.com/2017/05/23/hacked-in-translation/) listed Popcorn, Kodi, VLC, and Stremio are popular video players that were vulnerable to this attack. As such, if you’ve used these players with downloaded subtitle files recently, you might want to perform a malware scan on your computer, especially if you haven’t updated the player in some time.

How Does the Attack Work?
In order for a hacker to get a subtitle file installed on a PC, they perform the following:
1.First, they make or take a subtitle file that fits a popular movie, adding malicious code into it.
2.They post the subtitles to a repository, which both people and software use to download and install subtitles.
3.By abusing the rating system on said repositories, the hackers get their infected file boosted to the top of the list of subtitles as the most accurate subtitle file on the site.
4.Users find the top-rated infected file and install it into their media players. This is done either manually by the user or by a user giving a command to a media player programmed to automatically locate and install the top-rated subtitle files on specific websites.
5.Once run, the infected subtitle file grants hackers access to the victim’s PC.

If you’d like to see a somewhat scary demonstration of the hack in motion, watch the following video.

How Do I Avoid Subtitles Malware?
If you want to keep yourself safe, the solution may be very simple: check to see if your video player has updated itself to fix this issue. Now that the exploit has been found, the developers of the video players have worked on fixing it. Checkpoint reports that the four media players listed above already have patches available to fix this exploit, so make sure that your video players are up to date and running the latest version.

If you want to make sure you don’t fall for a future subtitle trap, be careful when downloading subtitle files. Never download a file that comes from a suspicious-looking website. On trusted websites you can keep yourself safe by looking for trustworthy subtitles. You’re looking for files that are both highly-rated and have been around the website for some time. You can sometimes tell how long a file has been around by its upload date, which some websites list in the details. Don’t rely on players automatically fetching subtitles, as they can be exploited to find and install malicious files.

Also, make sure to check if your media already comes with subtitles. Because the hack depends on downloaded subtitles, they cannot affect subtitles already bundled with physical media (DVDs, Blu-Ray) or streamed media (Netflix). If you use the subtitles that come with the movie, there’s no risk of a malware infection.

Sub-Par Subtitles
When files are “too basic” to carry viruses, it opens a potential door for hackers to exploit. Subtitle files have recently been used as an attack vector to control other people’s computers. By keeping video players up to date and staying savvy, you can avoid this particularly scary attack.

Source: https://www.maketecheasier.com/subtitles-malware-how-to-avoid-it/
Gass :D
 

anajames

New Member
@anajames Wow, something that simple and seemly innocent to cause so much harm, and one wouldn't think to be on guard. I hope this helps out others to know how simple it can be to get caught up in all the traps set in motion to harm oneself.

Then again you could run a Linux distro as in a Virtualization software. To get accustomed to it while experimenting in it's use.
Virtualization software is most often used to emulate a complete computer system in order to allow a guest operating system to be run, for example allowing Linux to run as a guest on top of a PC that is natively running a Microsoft Windows operating system.
https://en.wikipedia.org/wiki/Category:Virtualization_software

Virtualization software can essentially turn one computer into several. We'll show you how virtualization works, what it can be used for, and a few virtual software packages for your nonprofit or library. Old but cover the bases.
http://www.techsoup.org/support/articles-and-how-tos/virtualization-101

I use Kaspersky too, as with many of the main ones, a zero day and early attacks takes some time to notice and defend against, when large scale deployments happens all at once.
It's that sandy beach (as technology) being ten feet deep in sand grains and only the top (seen) surface sand guarded against to any defense. With each roll of the tide new sand grains gets exposed to attacks.

Look for the logic in something and try to break it down to the simplest form. If it's something you know nothing about look next door to some relationship in something you do understand and apply that to try to break it down to understand it.
I think of the Olympic flag symbols when doing this

where the circles cross or intersect is a door or bridge to carry over what's understood and then applied to the circle you know nothing about, as the bridge or crossing is the point of commons / related properties shared of both between all.
That make any sense to you? If it did I hope it helps. :)

Gass :D
that is well explained. And yes i could not digest it could be that simple to get attacked.
 
Top