Have You Been Pwned? Find Out with This Tool

pwned

Data breaches and internet security are a big concern for many individuals, and with good reason. Large companies that have had their users’ information (such as email addresses, passwords and password hints) compromised include Adobe and Snapchat.

Luckily, there is a website, Have I Been Pwned?, which searches across various domains and known breaches to see if a particular email address or username has been compromised.  The site’s name comes from the gaming term “Pwned”, which is a twist on the word “owned” (defeated).  The exact origin of this term is disputed.

The website also can inform you if your information has been “pasted,” which the site describes as:

A “paste” is information that has been “pasted” to a publicly facing website designed to share content such as Pastebin. These services are favored by hackers due to the ease of anonymously sharing information and they’re frequently the first place a breach appears.

This website is a valuable tool to find out if your personal information has been compromised.  Check out this post for suggestions on strengthening the security of your accounts.

Pop Away from Popups and Other Unwanted Ads

securitykey

It’s happened to most people:  you’re browsing the internet, and suddenly a window pops up informing you that you need to update your software or maybe that you have a virus or perhaps one saying you’ve won a free iPad. Even to advanced computer users, some of these popup advertisements can look legitimate. How can the average computer user avoid bothersome popups?

Luckily, makeuseof has written a helpful article with some helpful tips on how to avoid malicious popups and how to tell if they are legitimate.

The author advises computer users to always check the URL in the address bar. Most software websites have URLs that are pretty straightforward. For example, if you are attempting to download Adobe Reader, the URL will be www.adobe.com. Try to avoid websites with super long web addresses. If you want to view the URL for a website, move your mouse over the link before clicking on it and the full URL will be displayed in the status bar near the bottom of the screen. Google will display the full URL of the search result in green below the link name. In the example below, the mouse cursor is on the link for the East Greenbush Library’s Wikipedia entry. Note the highlighted area near the bottom of the screen that displays the full link.

linkhighlight

 

Try to avoid pages that are full of text and advertisements. If you are still unsure if a download link is safe, check out a site like File Hippo, which is an aggregate site that contains mirror downloads of many popular programs like Adobe Reader and Java. On a related note, try to avoid the Google-ad results, which are usually the first few results that appear in a Google search and are marked with a little yellow ad banner.

If you are mindful about looking at a link before you click on it, you may notice a common trend of link shortening, for example, tiny.url or bit.ly links. How are you supposed to know if those links are legit? There is a great tool called Unshorten.It. You can copy and paste the shortened link and the site will display the full link as well as a small screenshot of the site. There are also various other sites that preform a similar function.

Some other helpful tips mentioned in the article:

  • Install a good anti-virus program. Many have an internet security feature that will highlight suspicious links and block popups.
  • Avoid searching for things like free video games and free screensavers. These are a common source of malware and shady links.
  • There are various browser-specific tips, such as changing your homepage to one you recognize and blocking popups directly with your browser (these options are found in the browser settings).
  • If you are a more advanced computer user, you may want to use a browser extension such as AdBlock Plus that will block ads from appearing on a webpage.
  • The article gives you instructions on what do if you accidentally click on a popup or ad and seem to be stuck.

If you are still getting unwanted popups after trying the tips discussed in the article, you may have malware installed on your computer. If this happens, there are steps you can take to remove it. Check out makeuseof’s malware removal guide for more information.

 

MakeUseOf Has the Answers to Questions You Didn’t Know You Had

makeuseofStaying current with IT news, trends, and tips is a fundamental part of my job in the library.  While I get this information from a variety of resources, there is one website that keeps surprising me with helpful information on a variety of subjects of interest to me and the patrons I assist.  I’d like to take this opportunity to give a shout out to MakeUseOf, a free online resource with timely articles, reviews, and help guides for all things tech.  What really makes this resource shine is its ability to speak to both new and veteran users at the same time without confusing or boring either!

The home page at MakeUseOf displays headlines and teaser text for their most recent articles.  I find this layout somewhat chaotic, so I prefer to sort the articles by category before browsing.  Selecting “Topics” in the header menu will display the articles by category.  The “Answers” section leads to a user forum where registered members can ask and answer questions from the MakeUseOf community.  Check out the “Top List” section for “best of” lists for a variety of software and services on multiple platforms.  For in-depth technology guides, have a look at their “E-books” area.

As a registered user of MakeUseOf, you can earn points for sharing their content on social media, as well as participating in the forum, polls, and other activities.  Those points can be redeemed for rewards, such as entries in drawings for free hardware and software.  My favorite benefit of membership has been receiving the newsletter.  Each email has a few headlines with teaser text that can be easily scanned, with more information just a click away.  I have happened upon lots of very useful information in these newsletters that I didn’t even know I needed!  You can opt-in to the newsletter by selecting the social media icons at the top of any MakeUseOf page, and then selecting the blue “Email” button.

subscribeWhat do you think of MakeUseOf?  If you have another tech info source you love, please share it in the comments.

Apps to Help Identify a Tablet/Smartphone/Laptop Thief

11719567_sImage credit: seewhatmitchsee / 123RF Stock Photo

We all know tablets, smartphones, and laptops are attractive targets for thieves.  Not only is the equipment inherently valuable, but think of all the data, pictures, and account information you have saved on your phone!  The time to protect yourself is before your device is stolen.

MakeUseOf.com has written some helpful posts on how to prepare your devices for the worst case scenario.  I would recommend reading two short articles: Don’t Be a Victim: Practical Tips To Protect Your Smartphone From Theft and Identify the Guy Who Stole Your Phone, Tablet, or Laptop.

If thieves make you angry, and you would like to gloat at their humiliation and capture, try Revenge of the geek: MacBook thief made a fool of on YouTube. The end of the article contains links to more stories of foiled electronics thieves.

Do you use a recovery tool not mentioned in the articles above?  Please share it the comments section below.

Check Your Computer for DNS Changer Malware

You may or may not have heard about DNSChanger malware (FBI information site or ABC news story), but if your computer is infected it will be obvious after this Sunday.  This malicious software, authored by an international cyber ring, was created to reroute infected computers to fraudulent websites.  Enter the FBI and Operation Ghost Click.  Not only did they take down the criminals responsible, they also put clean servers in place to maintain internet access for affected users once the malicious servers were taken down.

After this Sunday, the FBI plans to shut down the servers that have been keeping infected machines online.  Any machines with DNSChanger malware still active will lose internet access.  As of July 4, the affected machines still numbered about 46,000 in the US.  This particular malware did not discriminate between PC or Apple.  Tablets and routers were also affected.

To find out if your computer is infected, visit this website:  http://www.dns-ok.us on that machine.  If you see a green background, you are all set.  If you see a red background, your computer is infected.  If you get the dreaded red background, there is good news.  The DNSChanger Working Group has put together a page containing tools and a step-by-step guide to fixing your computer.  Unfortunately, the fix can get complicated or take time to complete because this is an exceptionally nasty piece of malware that affects the machine’s boot sector.

I urge you to check your computer(s) ASAP, before the Sunday deadline, in case you need to implement the fix before you lose internet access.  If you do lose internet access on Monday, contact your internet service provider for further instructions.

Searching Anonymously

Lately, I have been reading a lot of posts about how to keep sites and services from tracking your internet activity.  Though many of us have nothing to hide about how we use the internet, it may still be disturbing to know you are being tracked and to have personal information about you sold to the highest bidder.

Here at the library, we use Google Analytics to get information about how people use our site.  Our only reason for doing this is to help improve the user experience in our online locations.  Knowing which of our pages get the most hits helps us tune in to the content you want and need.  We do not sell this information.  Nor do we use it for targeted advertising or nefarious purposes.  Unfortunately, I cannot say the same for the many of the other sites out there tracking their users’ visits.

If you would like to turn off tracking in your browser, you can set this in the preferences/settings area of most browsers. Those browsers that do not currently support turning off tracking have pledged to implement support by the end of the year, according to this c-net article.  Personally, I use a browser add-on called DNT+.  This browser add-on/extension advertises that it goes “far beyond what built-in private browsing modes offer” with a link to this list of concerns not covered by your browser’s private mode.  DNT+ also allows me to pick and choose which sites I allow to track my movements.  For example, I allow libraries, schools and government information sites to track me because I know it will help them to improve their services, and they won’t sell my information.  I do not allow commercial sites to track me because I do not have confidence that they will use the information in an entirely constructive way.  This is all a matter of personal preference, of course.

Even with tracking blockers in place, search engines may still gather information about how you are searching.  If this gives you the creeps and you are looking for a non-tracking alternative browser, check out these suggestions by How-to-Geek.

Do you have privacy concerns you’d like me to cover here?  If so, please note them in the comments and I’ll work up a post.

That reminds me – it’s time to double-check my Facebook privacy settings, too…

LinkedIn Security

If you have a LinkedIn account, you may want to change your password…immediately!  They’ve been hacked.  According to this c-net article, millions of LinkedIn user passwords were leaked online.  Users of both the website and the smartphone apps are at risk.  The article also gives instructions on how to change your password.  Even if you don’t think your password is at risk from this attack, it is good practice to change your passwords regularly.

More on the SOPA/PIPA Strike

Strike Headline

Fight for the Future, one of the driving forces behind yesterday’s internet strike against the SOPA and PIPA bills, reported in an email that the protest succeeded in getting the attention of lawmakers.  Before the protest, only 5 senators spoke out against the bills.  Now, the count is 35!  For more details about how the strike went, see the SOPA Strike website.

The fight is not yet over.  It will take 41 solid “No” votes to permanently stall PIPA (and SOPA) in the senate.  Please continue to contact your legislators (easy email form!) to let them know you value your freedom online.

SOPA / PIPA Threatens the Internet As We Know It.

You may or may not have heard of SOPA (Stop Online Piracy Act) or PIPA (Protect – IP Act), but if either of these becomes law, the Internet will cease to be a free exchange of creativity and ideas.  [Insert personal opinion disclaimer here.  ;-)] While I will agree that piracy is an issue and it robs creators of deserved remuneration, the vague language used in these bills could be extremely dangerous in the wrong hands.

I found this quote in an informational vide0 (below) particularly disturbing:

“…the government and corporations could block any site, foreign or domestic, just for one [copyright] infringing link.  Sites like YouTube, Twitter, and Facebook would have to censor their users or get shut down since they become liable for everything users post.”

For more information, please view this short video:

PROTECT IP / SOPA Breaks The Internet from Fight for the Future on Vimeo.

If you feel so moved, please let your representatives know what you think of these bills.

What Is My Computer Doing?

Have you ever used a computer that was running suspiciously slow?  This is a notoriously difficult problem to diagnose.  If you’ve been keeping up with your regular maintenance, then it’s probably not just a matter of a cluttered browser or hard drive.  Chances are, there is a program running behind the scenes that is consuming your resources.  It could be an anti-virus scan, or it could be something more sinister.  How can you tell for sure?

1.  Windows Task Manager:  If you are on a Windows PC, hit control-alt-delete (three keys at the same time).  On the resulting screen, select Task Manager.  The Process tab is the most telling.  If you click CPU (top of the column), it should put the process using the most memory at the top.  If not, click it again.  DO NOT stop a process without knowing what it does.  This can cause major damage if the process is necessary for normal computer operation.  Instead, look up the process name on a reliable site like ProcessLibrary.com.  The site will give you an idea which program is associated with the process, what it does, and whether it can be shut down safely.

2.  If the Task Manager doesn’t tell you what you need to know, try What’s My Computer Doing.  It’s free software that gets more in-depth than Task Manager.  The paid version will dig even deeper.

Happy hunting!

Data Backup and Recovery

Frustrated Computer UserWe are all familiar with the nightmare scenario – a Blue Screen of Death or some other indication that your computer irrevocably damaged.  While many people have precious documents, pictures, videos, etc. saved on their home computers, few have committed to a backup plan.

The good news is, backing up doesn’t have to be a huge chore.  This is especially true if you have Windows 7.  There are tools built in to Microsoft’s newest operating system that can allow even a novice user to create reliable backups.  For a fantastic, step-by-step article on how to back up a Windows 7 machine, head to the Windows Secrets article, “Build a complete Windows 7 Safety Net.”

Windows Vista also has some built-in backup capabilities.  Again, someone else has already written a great article, so I won’t reinvent the wheel here.

Backing up data on Windows XP can be trickier, since the native tools aren’t as comprehensive.  One of these tools is System Restore.  When enabled, this tool creates “restore points” by essentially taking note of your settings and installed software at a particular point in time.  If data becomes corrupted, sometimes System Restore can help.  However, System Restore can also create a hideout for viruses to reassert themselves after you think you have uninstalled them.  There is a backup utility included in Windows XP, but automated system recovery is not supported.

When dealing with XP, there are some very good third-party backup tools.  For instance, if you plan to backup your data to an external hard drive, many brands pre-load software precisely for this purpose.  I have use the Seagate software at home, and have enjoyed years of successful backups.

If you are willing to pay for reliable backup software, Acronis True Image is one product about which I often read stellar reviews.  It allows for full backups, incremental backups (shorter sessions that only note changes since the last backup), and disk imaging.  Disk imaging not only saves all of your folders and files, it takes a full snapshot of your computer, including the operating system, programs, and settings.  Restoring from an image can save lots of time and headaches.

No matter how you go about it, backing up your data is a crucial element of smooth computing.  Bizarre, unexpected things could happen to your computer at any time.  Wouldn’t you feel better knowing that your precious photos and videos were residing safely elsewhere, should your computer take a turn for the worse?  In fact, I would suggest keeping backups in multiple locations.  External storage has really come down in price, and it could be worth the investment to keep one external drive for regular backups at home and another in a safe deposit box that gets backed up less often.  This way, your data is protected even if you encounter a situation more catastrophic than computer failure.

That reminds me, I think it’s time to backup my work files…

Happy Computing!

Security and shortened links

Traditionally, link addresses to webpages include a path to a file’s location.  For example, in the address www.yourdomain.com/images/family/dog1.jpg indicates that at yourdomain.com, the picture dog1.jpg lives in the “family” folder inside the “images” folder.  As you can imagine, some of these addresses can get quite long.  The links can get even more complicated if the site is built using the PHP programming language.  This can pose a problem if you would like to share a link using software with a character limit, such as Twitter.  Enter the URL shortening services.  By registering your link with a company such as bit.ly or TinyURL, you can get a much shorter link address that will forward to your intended page.

As with many great ideas, some nefarious people have found a way to exploit this service.  They use shortened URLs to mask links to malicious sites.  So, how can you know if that shortened link someone posted or sent you is legitimate before you click it?  Thankfully, there are a few ways to check.

  • bit.ly – If your link has this text in the address, copy the link and paste it into your browser.  Add a + to the end of the link and enter.  This will bring you to a special bit.ly page that will give you details about the link, including the fully expanded URL.
  • TinyURL – Copy and paste a TinyURL link into a browser address bar.  Add the word preview before the address.  For example, tinyurl.com/3k2k91 becomes preview.tinyurl.com/3k2k91.  Following the preview link will bring you to a preview of the page with the fully expanded link without exposing you to malware.
  • If you use the Mozilla Firefox browser, there is an add-on called bit.ly preview that will display information on the link while you hover over it with your mouse.
  • Google Chrome users can also download a similar extension.
  • If you have several links to check, or do not want to use the above options, you can paste shortened URLs into LongURL, ExpandMyURL or Long URL Please.

For more information on how to preview shortened URLs, please visit Joshua Long’s comprehensive guide.  Though people you trust would not willingly send you a malicious link, it’s always a good idea to vet any links before clicking on them.

The lowdown on anti-malware programs

Welcome to Tech Tips!  To learn more about us, please click the “About” tab at the top of the page.

Today’s inaugural post [Warning: this information is outdated! -ed.] concerns anti-virus and anti-malware software.  In today’s world, it seems like our computers are under constant attack.  Fortunately, there are several excellent tools to help us combat nasties that are trying to invade our computers.  The even better news is that many of these tools are free!  Here is the rundown on some of my current favorites:

  1. Microsoft Security Essentials This is a free download from Microsoft designed to work with Windows XP, Vista, and 7.  It is an all-in-one solution including both anti-virus and anti-malware definitions.  A user can set the software to update and run completely automatically, or be prompted to gather updates and run scans (if desired).  I have been using it with Windows 7 for over 8 months without any sort of infection.  To make sure it was really doing its job, I ran another tool once per week to see if MSE had missed anything.  It hadn’t.
  2. Malwarebytes Anti-Malware I use the free version of this product to double-check virus scans by other software.  If a computer is acting suspicious, but the resident anti-virus software didn’t detect anything, I run this program.  Though it is not a good idea to install more than one anti-virus program on a single computer, the free version does not seem to conflict with MSE or Symantec products.  You will need to purchase the full version in order to get realtime protection, automatic updates, and automatic scanning.  (Windows 2000/XP/Vista/7)
  3. AVG Another anti-virus program.  Like Malwarebytes, the free version is limited and scans/updates need to be initiated manually.

A good rule of thumb is to run the deepest scan possible the first time a program is used.  This will probably take awhile, so you may want to do it overnight.  From then on, the shorter scans should suffice, unless an infection is suspected.  If your software finds threats on your computer, make sure to take a look at each one to make sure it wasn’t a false positive.  For instance, some cookies placed on your computer by website may show up as threats, but you may need that cookie to make your online experience more convenient.  For example, online banking can generate cookies that, if removed, require re-registration of your computer.