IT security for home users – a simple guide (overview)

February 26th, 2019

I have been thinking about writing about this for a while… there is much information on staying secure out there and everything, I repeat, everything can already be read and practiced, even as a home user.

But maybe it bears repeating… so why not summarize some good practices here and maybe add my two cents.

Trying to stay secure as a home user usually comes down to just a couple of things:

  1. Upgrade your OS
  2. Disable what you don’t need
  3. Upgrade your application
  4. Change default passwords
  5. Upgrade anything else

Did I mention “upgrade <your stuff here>” already? You should do that.

If you fear breaking stuff by upgrading, then don’t upgrade *right away* – in IT, we say “avoid x.0 releases”. This applies to both OS and applications.
Wait for a x.1 or better x.2 release and install that one. Many vendors work hard to release good products but just as many release under time pressure and cut corners to make it in time, to save costs etc. It happens.

Keep coming back to read the details.

Follow-up questions…

February 13th, 2019

This weekend, I had another one of these slumps… where staying at home seems a waste of time but going out is not much better because it isn’t really comfortable anywhere (at least in winter).

The problem was compounded by this dreaded feeling of “I should be doing something instead of nothing” and “I wish things were different”.
Steve Vai, in one of the many youtube interviews he gave, once went on record saying “he only felt bored one afternoon” which he seems to remember vividly as it was so unusual for him.

Great for him. Me on the other hand feel pretty limited in what I can do at my present location so I was lying in bed thinking “I wish things were different” – as a somewhat responsible adult with working experience, such a statement is not really useful though. The inevitable follow-up question thus is “how should things be different”?

I became aware of the requirement to ask a follow-up question thanks to age, wisdom and training (be it professional or as a result of bringing up kids).

Unfortunately, the answer to that is not really simple. Every decision results in some consquences with which you will have to live. How far you want to go is up to you.

Books I’m reading at the moment (February 2019)

February 5th, 2019

The Chronicles of Thomas Covenant part VII by Stephen R. Donaldson (https://en.wikipedia.org/wiki/The_Chronicles_of_Thomas_Covenant)

星空を願った狼の by Shiina Takasato (https://ja.wikipedia.org/wiki/%E9%AB%98%E9%87%8C%E6%A4%8E%E5%A5%88)
http://iss.ndl.go.jp/books/R100000002-I026521234-00
Still 50 more pages to go….

Desperation by Stephen King
(https://en.wikipedia.org/wiki/Desperation_(novel)) – Gardens of the Moon by Steven Erikson is such a good read, I put this on the backburner…

红豚 by a friend of a co-worker but it has a low priority at the moment

PADI Tec Deep Diver Manual
Not sure if I will ever do this… but it’s interesting to read about it, at least at the moment.

限りなく透明に近いブルー (https://en.wikipedia.org/wiki/Almost_Transparent_Blue)

Getting there….

anti-mining malware measures

February 5th, 2019

A recent article on heise (https://www.heise.de/ratgeber/Mining-Parasiten-erkennen-und-loswerden-4198965.html) outlined how one can investigate a possible infection of a mining trojan on one’s computer. Typical symptoms of such an infection include a high CPU usage (usually resulting in the fan spinning despite running no high-load applications).

The general way to go on about this is to identify the process causing the high load and terminating it. On Windows, the OS-included application to use for that is TaskManager, on MacOS it’s Activity Monitor. On Windows platform, one other freely available tool is ProcessExplorer by Sysinternals.
Using those tools, it’s easy to list the running processes, sort them by CPU percentage and terminating them.

There is a serious limiting factor to this solution, however.

As malware creators are also getting more proficient, some of them include checks in the malware binaries which terminate the mining processes as soon as tools resp. their process names such as Taskmgr.exe, Activity Monitor or procexp64.exe are detected running.

The article therefor recommends to rename the binaries and running them again. This way, the malware will not suspend its activity and can easily be identified and subsequently be terminated.

On earlier Windows platforms, copying taskmgr.exe and renaming it was straightforward. On Windows 10 however, a renamed Task Manager binary does not display any data – I’m still trying to figure this one out.

Renaming procexp64.exe however is straight-forward. Extract the binary from the downloaded zip file, rename it and off you go.

On macOS Mojave (10.14.x) and High Sierra (10.13.x), Activiy Monitor can be renamed as follows:
Open the Utilities folder
Copy and paste Activity Monitor (provide an administrator password if asked)
From the context menu of the copied item, select “Rename”
From the context menu of the renamed item, select “Show Package Contents”
In the subfolder MacOS, rename Activity Monitor
In the Contents folder, open Info.plist
Change the following strings to the name you chose: Executable file, Bundle name, Bundle display name

Run the renamed Activity Monitor binary by running the Unix executable in the folder MacOS

Books I’m reading at the moment… January 2019

January 7th, 2019

The Chronicles of Thomas Covenant part VI by Stephen R. Donaldson (https://en.wikipedia.org/wiki/The_Chronicles_of_Thomas_Covenant)
So I’ve finished part VI which is somehow an end to the chronicles because (spoiler alert!) at the end of part VI, TC actually dies. Which is unfortunate because it makes me wonder what happends in the parts VII to X… *sigh* – to be continued, I guess

星空を願った狼の by Shiina Takasato (https://ja.wikipedia.org/wiki/%E9%AB%98%E9%87%8C%E6%A4%8E%E5%A5%88)
http://iss.ndl.go.jp/books/R100000002-I026521234-00
50 more pages to go….

Desperation by Stephen King
(https://en.wikipedia.org/wiki/Desperation_(novel))

红豚 by a friend of a co-worker

PADI Tec Deep Diver Manual
Not sure if I will ever do this… but it’s interesting to read about it, at least at the moment.

限りなく透明に近いブルー (https://en.wikipedia.org/wiki/Almost_Transparent_Blue)

Yes, I’m getting spread a little bit but it’ll get better again. And I have a number of other e-books waiting to be read – sci-fi stuff, lots of it.

Update January 23rd: It’s getting worse… I’m also re-reading Equal Rites by Terry Pratchett (couldn’t resist and once in a while I like to read something which makes you laugh) and Gardens of the Moon by Steven Erikson (from the highly-recommended series Malazan Book of the Fallen)

On the other hand, I finished The Chronicles of Thomas Covenant Part VI which is good but I started with part VII, so yeah….

Overall, one down, three more added which makes a net plus of two.

A slightly cautious “happy 2019”

January 7th, 2019

Ah, well…. another year… I wonder what will happen this year. Anyway, if we’re really to talk about resolutions, I’ve decided to pursue my goals more vehemently although I’m somewhat afraid of the consequences for the people around me.

Nonetheless, to all of you out there: happy 2019, may your dreams come true!

phone number? f*** u, twitter

December 20th, 2018

For some reasons I spent a lot of time recently thinking I would like to try twitter. Probably it’s because there is twitter desktop client availabe in linux distributions… corebird

So I signed up on twitter using my email address. After a couple of days, the account was suspended for “breaking the rules” – which is pretty amazing given that I’ve never twitted anything so far.

the only way to un-suspend the account? (re-animate?) provide a (mobile) phone number. well, fark you… not going to happen.

I’ve tried to find alternatives… there seem to be some but I’m not going to spend time creating fake phone numbers just to try to stay ahead in a game of cats and mice for a short while as twitter seems to be really strict about it and blocking phone number blocks and not allowing this and that.

update: fixed two typos

Books I’m reading at the moment… December 2018

December 2nd, 2018

The Chronicles of Thomas Covenant part IV by Stephen R. Donaldson (https://en.wikipedia.org/wiki/The_Chronicles_of_Thomas_Covenant)

The Chronicles of Thomas Covenant part V by Stephen R. Donaldson (https://en.wikipedia.org/wiki/The_Chronicles_of_Thomas_Covenant)

星空を願った狼の by Shiina Takasato (https://ja.wikipedia.org/wiki/%E9%AB%98%E9%87%8C%E6%A4%8E%E5%A5%88)
http://iss.ndl.go.jp/books/R100000002-I026521234-00
I was reading this previously but lost interest throughout (when I bought it, I was told “it’s funny”… maybe it is not in a terry-prattchet-funny-way). Maybe I’ll make it to the end this time

Desperation by Stephen King
(https://en.wikipedia.org/wiki/Desperation_(novel))

红豚 by a friend of a co-worker… correct name to follow 🙂

American Gods by Neil Gaiman
(https://en.wikipedia.org/wiki/American_Gods)
I picked this up in used books shop. I “know” Neil Gaiman from his collaboration on Good Omens (https://en.wikipedia.org/wiki/Good_Omens) with the late Terry Pratchett. It’s good to hold a physical book in the hand while reading because I mostly read e-books on my tablet, but it’s just not the same.

PADI Tec Deep Diver Manual
Not sure if I will ever do this… but it’s interesting to read about it, at least at the moment.

Books I’m reading at the moment… November 2018

November 3rd, 2018

攻殻機動隊 1.5 Human Error Processor by Masamune Shirow

The Last Ringbearer (https://en.wikipedia.org/wiki/The_Last_Ringbearer)

The Chronicles of Thomas Covenant part III by Stephen R. Donaldson (https://en.wikipedia.org/wiki/The_Chronicles_of_Thomas_Covenant)

The Long Walk by Stephen King / Richard Bachman
(https://en.wikipedia.org/wiki/The_Long_Walk)
I read that book in German as a teenager and I wanted to re-read it to see how it holds up and whether I would discover something new about it.

The Eyes of the Dragon by Stephen King
(https://en.wikipedia.org/wiki/The_eyes_of_the_dragon)
I read this book at around the same time as the Long Walk and it was a nice re-read.

American Gods by Neil Gaiman
(https://en.wikipedia.org/wiki/American_Gods)
I picked this up in used books shop. I “know” Neil Gaiman from his collaboration on Good Omens (https://en.wikipedia.org/wiki/Good_Omens) with the late Terry Pratchett. It’s good to hold a physical book in the hand while reading because I mostly read e-books on my tablet, but it’s just not the same.

PADI Tec Deep Diver Manual
Not sure if I will ever do this… but it’s interesting to read about it, at least at the moment.

潜水士試験:合格

October 11th, 2018

What a mess that was… everything completely in Japanese and out of more than 300 testees, I was the only non-Asian person. Well, I passed and that’s what counts.

Above: I was testee #0047

Looking at the list, most people passed but there were some who failed. Anyway, most people used more or less the same textbooks, I will post mine here later. There does not seem to be so much variety of textbooks on this subject.

Next step: Find employment as part-time scuba diving instructor?

Anyway, time for a celebratory beer…