Archive for February, 2019

IT Security for home users – upgrade your OS

Thursday, February 28th, 2019

The mainstream operation systems (including mobile OSes) have an upgrade function (in case of a mobile OS, whether your carrier releases updates is a different story….)

Use that function and install those updates!

macOS: Go to the Apple icon, select “About This Mac” and click on “Software Update…” Most of the updates require a reboot, even on MacOS.

Windows: From the “Windows Settings”, go to “Update & Security”. Check for updates, install what’s available and reboot.

Ubuntu: Run ‘sudo apt-get update && apt-get dist-upgrade’
(if you feel like protesting because <your valid reason here>, then you already know what you’re doing and you shouldn’t be reading this anyway (unless you want to fact-check my ramblings))
Other Linux versions use different commands, if you’re unsure, google for the appropriate command on your platform.

IT security for home users – a simple guide (overview)

Tuesday, February 26th, 2019

I have been thinking about writing about this for a while… there is much information on staying secure out there and everything, I repeat, everything can already be read and practiced, even as a home user.

But maybe it bears repeating… so why not summarize some good practices here and maybe add my two cents.

Trying to stay secure as a home user usually comes down to just a couple of things:

  1. Upgrade your OS
  2. Disable what you don’t need
  3. Upgrade your application
  4. Change default passwords
  5. Upgrade anything else

Did I mention “upgrade <your stuff here>” already? You should do that.

If you fear breaking stuff by upgrading, then don’t upgrade *right away* – in IT, we say “avoid x.0 releases”. This applies to both OS and applications.
Wait for a x.1 or better x.2 release and install that one. Many vendors work hard to release good products but just as many release under time pressure and cut corners to make it in time, to save costs etc. It happens.

Keep coming back to read the details.

Follow-up questions…

Wednesday, February 13th, 2019

This weekend, I had another one of these slumps… where staying at home seems a waste of time but going out is not much better because it isn’t really comfortable anywhere (at least in winter).

The problem was compounded by this dreaded feeling of “I should be doing something instead of nothing” and “I wish things were different”.
Steve Vai, in one of the many youtube interviews he gave, once went on record saying “he only felt bored one afternoon” which he seems to remember vividly as it was so unusual for him.

Great for him. Me on the other hand feel pretty limited in what I can do at my present location so I was lying in bed thinking “I wish things were different” – as a somewhat responsible adult with working experience, such a statement is not really useful though. The inevitable follow-up question thus is “how should things be different”?

I became aware of the requirement to ask a follow-up question thanks to age, wisdom and training (be it professional or as a result of bringing up kids).

Unfortunately, the answer to that is not really simple. Every decision results in some consquences with which you will have to live. How far you want to go is up to you.

Books I’m reading at the moment (February 2019)

Tuesday, February 5th, 2019

The Chronicles of Thomas Covenant part VII by Stephen R. Donaldson (https://en.wikipedia.org/wiki/The_Chronicles_of_Thomas_Covenant)

星空を願った狼の by Shiina Takasato (https://ja.wikipedia.org/wiki/%E9%AB%98%E9%87%8C%E6%A4%8E%E5%A5%88)
http://iss.ndl.go.jp/books/R100000002-I026521234-00
Still 50 more pages to go….

Desperation by Stephen King
(https://en.wikipedia.org/wiki/Desperation_(novel)) – Gardens of the Moon by Steven Erikson is such a good read, I put this on the backburner…

红豚 by a friend of a co-worker but it has a low priority at the moment

PADI Tec Deep Diver Manual
Not sure if I will ever do this… but it’s interesting to read about it, at least at the moment.

限りなく透明に近いブルー (https://en.wikipedia.org/wiki/Almost_Transparent_Blue)

Getting there….

anti-mining malware measures

Tuesday, February 5th, 2019

A recent article on heise (https://www.heise.de/ratgeber/Mining-Parasiten-erkennen-und-loswerden-4198965.html) outlined how one can investigate a possible infection of a mining trojan on one’s computer. Typical symptoms of such an infection include a high CPU usage (usually resulting in the fan spinning despite running no high-load applications).

The general way to go on about this is to identify the process causing the high load and terminating it. On Windows, the OS-included application to use for that is TaskManager, on MacOS it’s Activity Monitor. On Windows platform, one other freely available tool is ProcessExplorer by Sysinternals.
Using those tools, it’s easy to list the running processes, sort them by CPU percentage and terminating them.

There is a serious limiting factor to this solution, however.

As malware creators are also getting more proficient, some of them include checks in the malware binaries which terminate the mining processes as soon as tools resp. their process names such as Taskmgr.exe, Activity Monitor or procexp64.exe are detected running.

The article therefor recommends to rename the binaries and running them again. This way, the malware will not suspend its activity and can easily be identified and subsequently be terminated.

On earlier Windows platforms, copying taskmgr.exe and renaming it was straightforward. On Windows 10 however, a renamed Task Manager binary does not display any data – I’m still trying to figure this one out.

Renaming procexp64.exe however is straight-forward. Extract the binary from the downloaded zip file, rename it and off you go.

On macOS Mojave (10.14.x) and High Sierra (10.13.x), Activiy Monitor can be renamed as follows:
Open the Utilities folder
Copy and paste Activity Monitor (provide an administrator password if asked)
From the context menu of the copied item, select “Rename”
From the context menu of the renamed item, select “Show Package Contents”
In the subfolder MacOS, rename Activity Monitor
In the Contents folder, open Info.plist
Change the following strings to the name you chose: Executable file, Bundle name, Bundle display name

Run the renamed Activity Monitor binary by running the Unix executable in the folder MacOS