For those of you with Windows computers, tablets etc, please read the
following web site if not already done so ...

https://www.getsafeonline.org/nca/


--
Regards
Bob Hobden
Posting to this Newsgroup
from the W.of London. UK

On Thu, 5 Jun 2014 11:59:37 +0100, "Bob Hobden"
wrote:

For those of you with Windows computers, tablets etc, please read the
following web site if not already done so ...

https://www.getsafeonline.org/nca/

That's far too much for me to read!

Steve

--
Neural Network Software http://www.npsnn.com
EasyNN-plus More than just a neural network http://www.easynn.com
SwingNN Prediction software http://www.swingnn.com
JustNN Just a neural network http://www.justnn.com

On Thu, 05 Jun 2014 13:24:19 +0200, Martin wrote:

On Thu, 05 Jun 2014 12:19:42 +0100, Stephen Wolstenholme
wrote:

On Thu, 5 Jun 2014 11:59:37 +0100, "Bob Hobden"
wrote:

For those of you with Windows computers, tablets etc, please read the
following web site if not already done so ...

https://www.getsafeonline.org/nca/

That's far too much for me to read!

In that case you are doomed.

Symantec link always downloads a 64 bit copy, contrary to the instructions on
the Symantec website

I don't think I will respond to Symantec marketing.

Steve

--
Neural Network Software http://www.npsnn.com
EasyNN-plus More than just a neural network http://www.easynn.com
SwingNN Prediction software http://www.swingnn.com
JustNN Just a neural network http://www.justnn.com

On 05/06/2014 12:44, Stephen Wolstenholme wrote:

I don't think I will respond to Symantec marketing.


Agreed. Unfortunately, the hype over all this makes me think that
either the gov agencies or the AV providers are running a marketing
campaign.

Yes, these threats are potentially dangerous - but they have been for a
long time now. There really isn't anything significantly different
about it now. Yes, such malware will increase and become more
effective, as will the means of trapping the unwary. You always need to
be vigilant and this news doesn't change that.

However, the hype over this '2 week window' is largely meaningless. If
you are very recently infected with cryptolocker (like the day the
'command and control' servers were taken down) then you may have 2 weeks
to get it cleaned up before the servers are back and able to issue the
encryption keys. This will be a very small number of people affected in
this way though.

As with all these things, some basic hygiene will keep you safe.
(Particularly relevant for windows users, of course). My view of the
important stuff is as below. Some parts are more important than others.
You can do all the right things with protective software, but the
absolute key is your online behaviour. So...

* Keep programs and operating systems fully patched and remove programs
you don't use;

* Have an anti-virus program running in real time, keep it updated at
least once a day and run periodic system scans;

* Have an anti malware program such as 'malwarebytes' or 'spybot search
& destroy' - keep them uptodate and run periodic scans;

* Don't click on links in emails (preferably at all, but certainly not
unless you absolutely know the source of the mail and what the link is);

* Don't open any attachments in emails unless you absolutely know the
sender and what they are sending and you are expecting it;

* Never click on a link in an email to change account details - always
go direct to the correct site and to the correct part of it to change
your details;

* Be very careful about what websites you go to and what you click on;

* Remember that social media is a prime location for picking up malware;

* Never change any sensitive details on any public wifi network - and
don't use any sensitive log in details;

* If you have home WiFi, make sure it is very secure;

* Preferably have a router to connect your broadband rather than a USB
modem;

* Change your passwords regularly; don't use the same password for
multiple services; have complex, difficult to guess passwords. (A good
password manager such as LastPass can help take away a lot of the burden
of this as long as you know its limitations).

If you have an eBay account, change your password *NOW* if you haven't
done so in the last couple of weeks.

Doubtless some will disagree with some of the items above. I know
people that refuse to use AV programs, for example - but to take that
step, you need to be super-vigilant, and most people just aren't. Most
people that get hit with malware are not IT professionals and I accept
that from scratch, some of this stuff can be daunting - unfortunately,
that is what the bad guys know and they are their targets

Sorry this is a bit long, but some of it might help someone...

--
regards andy

On Thu, 05 Jun 2014 13:57:04 +0200, Martin wrote:

On Thu, 05 Jun 2014 12:44:13 +0100, Stephen Wolstenholme
wrote:

On Thu, 05 Jun 2014 13:24:19 +0200, Martin wrote:

On Thu, 05 Jun 2014 12:19:42 +0100, Stephen Wolstenholme
wrote:

On Thu, 5 Jun 2014 11:59:37 +0100, "Bob Hobden"
wrote:

For those of you with Windows computers, tablets etc, please read the
following web site if not already done so ...

https://www.getsafeonline.org/nca/

That's far too much for me to read!

In that case you are doomed.

Symantec link always downloads a 64 bit copy, contrary to the instructions on
the Symantec website

I don't think I will respond to Symantec marketing.

NCA isn't Symantec marketing.

Then why did you mention Symantec in the thread?

Steve

--
Neural Network Software http://www.npsnn.com
EasyNN-plus More than just a neural network http://www.easynn.com
SwingNN Prediction software http://www.swingnn.com
JustNN Just a neural network http://www.justnn.com

On 05/06/14 13:18, News wrote:
On 05/06/2014 12:44, Stephen Wolstenholme wrote:

I don't think I will respond to Symantec marketing.


Agreed. Unfortunately, the hype over all this makes me think that either the gov agencies or the AV providers are running a marketing campaign.

Yes, these threats are potentially dangerous - but they have been for a long time now. There really isn't anything significantly different about it now. Yes, such malware will increase and become
more effective, as will the means of trapping the unwary. You always need to be vigilant and this news doesn't change that.

However, the hype over this '2 week window' is largely meaningless. If you are very recently infected with cryptolocker (like the day the 'command and control' servers were taken down) then you may
have 2 weeks to get it cleaned up before the servers are back and able to issue the encryption keys. This will be a very small number of people affected in this way though.

As with all these things, some basic hygiene will keep you safe. (Particularly relevant for windows users, of course). My view of the important stuff is as below. Some parts are more important than
others. You can do all the right things with protective software, but the absolute key is your online behaviour. So...

* Keep programs and operating systems fully patched and remove programs you don't use;

Yes, but you want to disable/remove services; an installed but non-running program is not a threat.


* Have an anti-virus program running in real time, keep it updated at least once a day and run periodic system scans;

Yes, but one of the AV *vendors* recently said they are becoming ineffective. At
best they are heuristic and the updates scan for what has recently been discovered
by the vendor to be active in the wild - which implies some people have already
been affected.


* Have an anti malware program such as 'malwarebytes' or 'spybot search & destroy' - keep them uptodate and run periodic scans;

I hear good things about MS EMET tool, but I'm not in a position to have an opinion.


* Don't click on links in emails (preferably at all, but certainly not unless you absolutely know the source of the mail and what the link is);
* Don't open any attachments in emails unless you absolutely know the sender and what they are sending and you are expecting it;

Necessary but not sufficient; there have been drive-by attacks where opening the
email wasn't necessary.


* Never click on a link in an email to change account details - always go direct to the correct site and to the correct part of it to change your details;

Valid, important, but phishing is completely different to malware.

* Be very careful about what websites you go to and what you click on;

Necessary but not sufficient; sometimes malware is delivered via advert
networks used by reputable sites. Yet another reason for having an adblocker
in your browser.


* Remember that social media is a prime location for picking up malware;
.... even reputable social media sites!


* Never change any sensitive details on any public wifi network - and don't use any sensitive log in details;
* If you have home WiFi, make sure it is very secure;
Valid, important, but not a malware phenomenon.


* Preferably have a router to connect your broadband rather than a USB modem;

Why? Surely it is what is inside the device rather than its method of connection.


* Change your passwords regularly; don't use the same password for multiple services; have complex, difficult to guess passwords. (A good password manager such as LastPass can help take away a lot of
the burden of this as long as you know its limitations).

Arguably impractical. There are many alternative strategies.

In any case remember the purpose of a password is to shift
responsibility from the website back onto you "if the right
password was given it must have been you"


If you have an eBay account, change your password *NOW* if you haven't done so in the last couple of weeks.

Doubtless some will disagree with some of the items above. I know people that refuse to use AV programs, for example - but to take that step, you need to be super-vigilant, and most people just
aren't. Most people that get hit with malware are not IT professionals and I accept that from scratch, some of this stuff can be daunting - unfortunately, that is what the bad guys know and they are
their targets

You forgot what will become very important, especially with
the Internet of Things...

* don't have any "smart devices" where the manufacturer doesn't
regularly update the software. For example "smart TVs", which are
just computers with an aerial

* when visiting any financial website, use the browser in a
"live CD" operating system on either a CD or USB stick.
Turn off the machine, boot directly from the CD/USB, only visit
the financial website, turn the machine off. Since you get a new
original operating system every time you use it, it simply cannot
have been infected with malware. Of course, neither can you store
bookmarks nor cookies between sessions!

The live CD/USB is also helpful in an internet cafe, but won't stop
someone shoulder surfing.

"Stephen Wolstenholme" wrote
I don't think I will respond to Symantec marketing.

Where on that page is there any Symantec marketing?
There is a link to a removal tool by Symantec as there is a link to a
similar tool by McAfee and a few others. I used the McAfee tool because I
use their anti-virus and firewall programs but anyone can use any one from
what I read. Even if you are sure you haven't been infected as I was, what
is the harm in downloading and running one of those tools just to be 100%
sure. Perhaps you might get a few e-mail adverts from them, so what.
--
Regards. Bob Hobden.
Posted to this Newsgroup from the W of London, UK

On 05/06/2014 14:39, Tom Gardner wrote:
On 05/06/14 13:18, News wrote:
On 05/06/2014 12:44, Stephen Wolstenholme wrote:

I don't think I will respond to Symantec marketing.


Agreed. Unfortunately, the hype over all this makes me think that
either the gov agencies or the AV providers are running a marketing
campaign.

Yes, these threats are potentially dangerous - but they have been for
a long time now. There really isn't anything significantly different
about it now. Yes, such malware will increase and become
more effective, as will the means of trapping the unwary. You always
need to be vigilant and this news doesn't change that.

However, the hype over this '2 week window' is largely meaningless.
If you are very recently infected with cryptolocker (like the day the
'command and control' servers were taken down) then you may
have 2 weeks to get it cleaned up before the servers are back and able
to issue the encryption keys. This will be a very small number of
people affected in this way though.

As with all these things, some basic hygiene will keep you safe.
(Particularly relevant for windows users, of course). My view of the
important stuff is as below. Some parts are more important than
others. You can do all the right things with protective software, but
the absolute key is your online behaviour. So...

* Keep programs and operating systems fully patched and remove
programs you don't use;

Yes, but you want to disable/remove services; an installed but
non-running program is not a threat.


The list was intended to be for someone that doesn't know a lot about
how computers run under the bonnet. Having lots of old programs lying
around (and possibly running if they have insinuated themselves into
automatic startup) is no good for housekeeping - and is potentially
another place that an infection could hide (although no more likely than
in a 'wanted' program).


* Have an anti-virus program running in real time, keep it updated at
least once a day and run periodic system scans;

Yes, but one of the AV *vendors* recently said they are becoming
ineffective. At
best they are heuristic and the updates scan for what has recently been
discovered
by the vendor to be active in the wild - which implies some people have
already
been affected.

Which is why it is a tool to assist thoughtful safe computing.



* Have an anti malware program such as 'malwarebytes' or 'spybot
search & destroy' - keep them uptodate and run periodic scans;

I hear good things about MS EMET tool, but I'm not in a position to have
an opinion.

Yes - must have a closer look at that



* Don't click on links in emails (preferably at all, but certainly not
unless you absolutely know the source of the mail and what the link is);
* Don't open any attachments in emails unless you absolutely know the
sender and what they are sending and you are expecting it;

Necessary but not sufficient; there have been drive-by attacks where
opening the
email wasn't necessary.

Again, mine was a basic list that will protect from 95% of attacks via
most vectors.



* Never click on a link in an email to change account details - always
go direct to the correct site and to the correct part of it to change
your details;

Valid, important, but phishing is completely different to malware.

It can be - phish links can also be to sites containing malware - and
whether you get infected or give someone the password to your bank
account, the end result is not good.


* Be very careful about what websites you go to and what you click on;

Necessary but not sufficient; sometimes malware is delivered via advert
networks used by reputable sites. Yet another reason for having an
adblocker
in your browser.

Wouldn't disagree there.



* Remember that social media is a prime location for picking up malware;
... even reputable social media sites!


* Never change any sensitive details on any public wifi network - and
don't use any sensitive log in details;
* If you have home WiFi, make sure it is very secure;
Valid, important, but not a malware phenomenon.


* Preferably have a router to connect your broadband rather than a USB
modem;

Why? Surely it is what is inside the device rather than its method of
connection.

Maybe things have changed, but I've always considered a router to have
more inherent firewall capabilities than a modem. But maybe its not the
case - and certainly it is not for security 101.



* Change your passwords regularly; don't use the same password for
multiple services; have complex, difficult to guess passwords. (A
good password manager such as LastPass can help take away a lot of
the burden of this as long as you know its limitations).

Arguably impractical. There are many alternative strategies.

I find it eminently practical. Strategies depend on what works best for
someone. The only strategy that is really dangerous is very weak
passwords, repeated. (Apart from obvious things such as not remembering
complex passwords and writing them down on a postit stuck to your forehead).


In any case remember the purpose of a password is to shift
responsibility from the website back onto you "if the right
password was given it must have been you"

Sure, but a whole other argument



If you have an eBay account, change your password *NOW* if you haven't
done so in the last couple of weeks.

Doubtless some will disagree with some of the items above. I know
people that refuse to use AV programs, for example - but to take that
step, you need to be super-vigilant, and most people just
aren't. Most people that get hit with malware are not IT
professionals and I accept that from scratch, some of this stuff can
be daunting - unfortunately, that is what the bad guys know and they are
their targets

You forgot what will become very important, especially with
the Internet of Things...

* don't have any "smart devices" where the manufacturer doesn't
regularly update the software. For example "smart TVs", which are
just computers with an aerial

* when visiting any financial website, use the browser in a
"live CD" operating system on either a CD or USB stick.
Turn off the machine, boot directly from the CD/USB, only visit
the financial website, turn the machine off. Since you get a new
original operating system every time you use it, it simply cannot
have been infected with malware. Of course, neither can you store
bookmarks nor cookies between sessions!

The live CD/USB is also helpful in an internet cafe, but won't stop
someone shoulder surfing.


Not particularly forgot - I'm sure I didn't include a lot of things -
but it wasn't intended as a definitive article - just a list of things
that most people could do quite easily.

Perhaps the best thing would be to get someone to print the internet off
for you (the general you, not you personally) and return to physical
bartering

--
regards andy

On 06/06/2014 09:11, Martin wrote:
On Thu, 5 Jun 2014 17:21:10 +0100, "Bob Hobden" wrote:

"Stephen Wolstenholme" wrote
I don't think I will respond to Symantec marketing.

Where on that page is there any Symantec marketing?
There is a link to a removal tool by Symantec as there is a link to a
similar tool by McAfee and a few others. I used the McAfee tool because I
use their anti-virus and firewall programs but anyone can use any one from
what I read. Even if you are sure you haven't been infected as I was, what
is the harm in downloading and running one of those tools just to be 100%
sure. Perhaps you might get a few e-mail adverts from them, so what.

Stephen didn't read what was on the website.

One question I had is that if you are already using one of the tools listed why
should it be necessary to download and run a test for a specific virus.


Not sure how this malware works, but a lot of viruses disable the av
programs when they infect a machine (and block access to common av
websites). And if someone has bad or non-updated av, they still might
get infected.

--
regards andy

On 06/06/14 11:08, Chris Hogg wrote:
On Fri, 06 Jun 2014 09:20:30 +0100, News
wrote:

On 05/06/2014 14:39, Tom Gardner wrote:
I hear good things about MS EMET tool, but I'm not in a position to have
an opinion.

Yes - must have a closer look at that

I've just asked on uk.d-i-y about it, if you want to follow the
thread.

See also http://www.dedoimedo.com/computers/windows-emet-v4.html
and have a look at his other pragmatic opinionated views

On Fri, 06 Jun 2014 10:11:22 +0200, Martin wrote:

On Thu, 5 Jun 2014 17:21:10 +0100, "Bob Hobden" wrote:

"Stephen Wolstenholme" wrote
I don't think I will respond to Symantec marketing.

Where on that page is there any Symantec marketing?
There is a link to a removal tool by Symantec as there is a link to a
similar tool by McAfee and a few others. I used the McAfee tool because I
use their anti-virus and firewall programs but anyone can use any one from
what I read. Even if you are sure you haven't been infected as I was, what
is the harm in downloading and running one of those tools just to be 100%
sure. Perhaps you might get a few e-mail adverts from them, so what.

Stephen didn't read what was on the website.


I looked at the first page. The message I got from the first line is
somebody is trying to sell something so I didn't read anything else.

Steve

--
Neural Network Software http://www.npsnn.com
EasyNN-plus More than just a neural network http://www.easynn.com
SwingNN Prediction software http://www.swingnn.com
JustNN Just a neural network http://www.justnn.com

On 05/06/2014 13:18, News wrote:
Most
people that get hit with malware are not IT professionals and I accept
that from scratch,


Some of the professionals running IT for large companies seem to be
clueless about malware etc.


--
mailto:news{at}admac(dot}myzen{dot}co{dot}uk

On 05/06/2014 14:39, Tom Gardner wrote:
Yes, but one of the AV *vendors* recently said they are becoming
ineffective. At
best they are heuristic and the updates scan for what has recently been
discovered
by the vendor to be active in the wild - which implies some people have
already
been affected.


This is no different from what has been happening with AV software for
the past 15+ years. Some people will always be caught with a new or
modified virus before the 'fix' is found.

--
mailto:news{at}admac(dot}myzen{dot}co{dot}uk

On 05/06/2014 17:21, Bob Hobden wrote:
"Stephen Wolstenholme" wrote
I don't think I will respond to Symantec marketing.

Where on that page is there any Symantec marketing?
There is a link to a removal tool by Symantec as there is a link to a
similar tool by McAfee and a few others. I used the McAfee tool because
I use their anti-virus and firewall programs but anyone can use any one
from what I read. Even if you are sure you haven't been infected as I
was, what is the harm in downloading and running one of those tools just
to be 100% sure. Perhaps you might get a few e-mail adverts from them,
so what.


Are you sure that page was genuine? All the links could be to install
Malware!


--
mailto:news{at}admac(dot}myzen{dot}co{dot}uk

"alan" wrote

Bob Hobden wrote:
"Stephen Wolstenholme" wrote
I don't think I will respond to Symantec marketing.

Where on that page is there any Symantec marketing?
There is a link to a removal tool by Symantec as there is a link to a
similar tool by McAfee and a few others. I used the McAfee tool because
I use their anti-virus and firewall programs but anyone can use any one
from what I read. Even if you are sure you haven't been infected as I
was, what is the harm in downloading and running one of those tools just
to be 100% sure. Perhaps you might get a few e-mail adverts from them,
so what.


Are you sure that page was genuine? All the links could be to install
Malware!


Absolutely certain it's genuine and all the links are correct.
--
Regards. Bob Hobden.
Posted to this Newsgroup from the W of London, UK