Jump to content


  • Content Count

  • Joined

  • Last visited

  • Days Won


Everything posted by gawguy

  1. Thanks for the valuable info. I have wifi in my home but I almost never use it as I have LAN wires in all rooms. However, it is WEP128. With iPod / iPhone can you download apps to computer then sync them onto iPod?
  2. The g/f won the latest iPod Touch which she doesn't want and now I have it. I always thought about iPods as music players, but the Touch is an internet device used to download and buy anything. Steve Jobs said it's kind of a training wheels for an iPhone. So...my first question is: What about online security, anti-virus, anti-malware for these things? You put in your info on wifi. How secure is it? Is there anti-virus for it? What is best? You also plug it into your computer, which is how viruses spread, and it's happened to me before - from internet shop, to flash stick, to computer, to digital camera. What a pain that was! I hope someone knows about this. I assume it is similar to smart phone issues. Thanks, Gaw Guy
  3. For computer security, it is advised not to work as Administrator in XP. Lately I have been using Switch User to go from my Admin account to my non-Admin account. I'm not sure that doing it that way protects the system from malware. I didn't find a good answer online. However, I need to go back and forth between accounts for various reasons. Does anyone know for sure? Thanks, Gaw Guy "When Fast User Switching functionality is turned on in Microsoft Windows XP, and you click Log Off on the Start menu, you have the option to click a Log Off button or a Switch User button. If you click the Log Off button, you will quit all running programs and disconnect all network connections for the current session, and the session will not remain active. If you click the Switch User button, all active programs and network connections will continue to run (the session remains active), and you will return to the Welcome screen, where other users can log on. The user's session will remain active until the computer is restarted or the user is logged off of the session."
  4. Pattaya People TV news is reporting that Russia is not going to issue visas for its citizens to travel to Thailand, because of a political spat. They're pissed that Thailand gave the arms dealer Bout (?) to USA and not to them. This sounds so very Putin! I can't verify this on internet. Could this be true. I mentioned this to Thai lady last night and her response was a huge smile and a fist pump.
  5. I've searched web for this and no luck. I send txt msg to g/f but she can't respond soon enough, and her response isn't delivered to me. I am on PC and she is on mobile phone. Just how long does she have to respond to my txt and have the response get thru? Thanks, Gaw Guy
  6. I phoned the Los Angeles Thai Consulate and was told the Thai govt instructed them no to issue single entry visas. They didn't say if that was temporary or give any other info. Has anyone gotten a single entry O lately? GG
  7. When I try to bring up wikileaks.org I get msg something like "you can't go there, girlfriend!" Thai at the top...English at the bottom. Thai govt has blocked it yes? How long? Gaw Guy
  8. This is really frustrating and I don't see answer on internet search. I'm was trying to use TuKCom wifi network. I selected it in list of availables. While using it, internet stops working because True Network has taken over the connection and is redirecting me to a login / membership fucking page. It's like a virus. Can I block a wifi network from my list of availables? The TukCom network was even listed as "automatic." Help! Gaw Guy
  9. I have Norton AV now and the update files can be big. Slow internet is not good. I just update them once in awhile. I went to one of the malls the other day on 2nd Rd. Maybe I used the wrong wifi network in the list. It was too slow and Norton kicked it out with message "update failed." Where is fast, free comfortable wifi. What network to select from "wifi networks available." Thanks, Gaw Guy
  10. The Thai Consulate L.A. website lists the Non-Immigrant Type O visa fee as $65 for Single Entry and $175 for Multiple. I sent in my application for Single Entry as usual with $65. I just rec'd email from them requesting additional $110. On my "Application for Visa" form I wrote "1" in the blank for "Number of Entries Requested." Has something changed or did he not see that? Seems like he would look at that before sending the email.. I'm perplexed and it's Fri night so I won't be able to to do anything until Monday, so I'm very curious. Thanks..GG
  11. This is a really good story. Especially the bits about the hacker emailing the victim and asking for help. And his "I'm just borrowing your money for now and I'll give it back" promise. The Gentleman Hacker. As I've worked through all this security stuff and come up with The Plan, a key feature of said Plan is Norton Security Suite 2010. The fellow that was hacked was using Norton. I'm not sure they hacked him online, but may have had some kind of physical access. He also claims to be a very careful person. Reading reviews of Security software, it seems that many of them are making major changes and enhancements in their 2010 versions. I get Norton "free" with my Comcast cable internet. Having set it up and worked with it for a few days I like it. It gets strong reviews too. It also has a password manager module that works well my logins. But you tell me please. How did they hack him? I'm just pasting the article in because it's not that long, but also here's the Link ... "This is a story about how my PayPal account got hacked and how I got it back. I had an unlucky day but with a little tinge of lady luck's blessings which helped me to get back to square one. This story gives a good advice for all the PayPal account holders on earth. Day 1 - 8.30 PM IST I just logged in into my gmail account to check the emails, I was shocked to see 4 emails from PayPal. 1. Password Changed, 2. Payment sent to some email address 3. Bank accounts removed 4. Primary email address changed. Oh my God!, I had $X,XXX in PayPal balance. While I was seeing these emails my gmail also got logged out. When I tried to login again, it did not. The hacker watched my every move. My primary email ID was the one which I used for all my business and personal contacts and it had 14000 archived emails and chat conversations. I was feeling like blindfolded and left in a unknown forest. I just could not believe that this had happened to me. I had Norton anti virus + norton internet security and Spyware doctor, both of them licensed versions!! I know all about fake emails and phishing stuffs, I never clicked on suspicious links. I realized that... "You are safe only if no one targets to attack you." After a few minutes, someone added me to Yahoo messenger and said 'Hi'. I guessed that it was the hacker and it was. The very first sentence he told me was 'Hi, don't worry, you will get back everything within 7 days' .. He told me that he was a good guy and this is the first time he hacked someone. He also told me that he was in real need of the funds and would return my funds within 7 days. I almost believed him. I told him to give back my gmail account and told him that it was very important to me, and to my surprise he gave it back. He asked me what password I needed for the new account and he set it. I logged in and changed the password again. I was happy that I got back my gmail but was still very uncomfortable about the feeling that someone had watched me for so long!! I was late in the night, I was sleepy but I had to hold on. I backed up all my files in my iPod and did a system recovery. After 45 minutes, my PC was as good as new. I again changed all the passwords and got back to sleep at midnight. Day 2 - 6.00 AM IST I saw my friend was online. I chatted with him and told him the entire story. He scolded me that I have not responded in timely fashion. He was so sure that the hacker was no good and chatted with me to make sure I don't call PayPal. The hacker did not achieve that but however he delayed me by 10 hours. I spent nearly 30 minutes waiting for PayPal representative and then some one showed up. I told PayPal, the entire story and they listened carefully. They assured me that 'I will not be held responsible for unauthorized payments sent from my account'. I felt good but not very good, I was not so sure that I would get back the money. I did what I could have done and I needed to relax. I took rest from this issue. Day 3 - 7 PM EST I called PayPal again. It needs a ton of patience to get connected with them. It took a few minutes to spot my account. They told me that "Your fraudulent payments were reversed, did you check your account". I just jumped right there and was so happy. But I COULD NOT LOGIN into my PayPal because the password was not with me! I was not able to reset my password because the hacker also changed the security questions! They advised me to send all the documents and they will help to recover the password. After a few minutes the hacker came online again. And LOL what nerves he got!!.. He asked me to send the documents to him because he said my account got limited and needs to be unlocked!! I refrained myself from talking abusive words and just managed the situation and logged out. Day 4 - 6 PM EST I logged in into yahoo messenger and I saw that the hacker had left me an offline message. Wow! he got frustrated I guess. He left me the PayPal email and password. I logged in and viola! I went inside my PP. Lovely moment it was.. The balance was intact. The four fraudulent payments were reversed. The account was limited though. I just printed the fax cover sheet and sent them the docs. Day 4 - 3 PM IST I got an email that my PayPal account has been restored. I immediately went in and sent 4 big payments to my friends and family members. I could breathe now again! Now whats next?.. everything is back to square one! Now that I have learnt a good lesson. If we think something like "This can never happen to me" you actually attract that situation and within a few days you realize it... the dream comes true.. even though its a bad dream in this case. I contacted me friends and everyone told me that I need to kick out Norton and Spyware Doctor and buy Kaspersky because thats what is best in the market. I went to that site and reviewed their products. They had anti virus and Internet Security 7.0. The anti virus comes inbuilt within Internet Security and hence its enough to buy the latter one. For one year it costs around $60 and for 2 years its around $95. I just bought it right away and installed it, activated it. Again I changed all my important passwords. Bottom line: If you think it wont happen to you, one day it will happen, and you will think about the day when you thought that it won't happen to you. Now that I got my money back, but it may not happen all the time to all the people. You just need to be on top of it. Good Luck!"
  12. Sorry Shygye..The first part was more of a theoretical scenario, than a real one. Their mother takes care of my things really well while I gone and they don't even come over to my home, let alone touch anything. They wouldn't get access as long as I'm alive. But if I died, I would expect her to give all my tech gear to her sons. GG
  13. This came up in my other topic recently and I just came across this article, which has more info than you might ever want to know about the Why's, What's and How's of this subject. It is a white paper from the University of Michigan, Information Technology Security Services. Link Crux of the matter: "The reason you need to quit running as admin is because the hackers are counting on it! When you are running as admin, any piece of code that you launch can: • Install kernelâ€Âmode rootkits and/or keyloggers (which can be close to impossible to detect) • Install, start and stop services (e.g. stop the Windows Firewall) • Disable/uninstall antiâ€Âvirus software • Install ActiveX controls, including IE and shell addâ€Âins (common with spyware and adware) • Copy files into Windows directories • Edit systemâ€Âwide registry values • Access data belonging to other users • Cause code to run whenever anybody else logs on • Replace OS and other program files with trojan horses • Access LSA Secrets which may include domain account information • Modify other local accounts and passwords • Modify configuration files (such as the HOSTS file for web redirection) • Cover its tracks in the event log • Etc. None of these realâ€Âworld malware activities are possible when you are running as a normal (nonadmin)user." After this the article goes on for about another 20 pages.
  14. "Generally you should run the PC in a mode that any changes by other people (i. e. don't login as an admin, but as a user with reduced rights)" Absolutely agree but I've hit a problem. While working online I want to access TrueCrypt. "You must be logged in as administrator to load tc driver." Kind of an ugly problem, yes? GG
  15. That's for sure! However, it's autorun, not autoplay. Different animals. I got autorun virus last time in LOS at one particular internet shop. It hopped onto 2 computers (all partitions) and my camera and was a bitch to fight. Thank you for reminding me. "Putting a blank-read only file named autorun.inf prevents malicious scripts from auto executing. It can only prevent scripts with extension scr from executing. Basically those malicious scr files modify folders, changes the attribute of the folders to hidden and creates dummy folders. I have been using this method, and it works. It prevents he modification of autorun file." Do you agree?
  16. Wow! That answer was worth the cost of admission and all these posts! I didn't know that there was a portable FF. I presume the reason you carry your own is because when you go to an internet cafe either they don't have FF, OR, more importantly, what they have may have vulnerabilities that your up-to-date version does not OR the one they have has been tampered with / hacked already. Is that right? All of the above?
  17. I have been with that plan for a long time except memory media is normal. On the media I store sensitive data in TC container. Isn't that about as good as encrypted stick w biometric lock? I have looked at IronKey options and they look good, just that all these sort of things are very expensive. (They have fun videos on youtube showing Hummers & bobcats running over Ironkey flash drives.) The really important data I have doesn't go outside the house anyway and usually stays on off-line-only systems. It's also written so that if I handed it to you, you might figure out it was passwords, but you wouldn't know what they were or what sites they were for. Pig Latin! No..not even a code..it's just "all up here" - not the pw's, but what they are for. Further question: If I use a password program, are they pw's safe from keyloggers? I see that Norton Security Suite, which I just installed "free" as part of my Comcast package, has a password and credit card safe thingy. That must be totally safe because if anyone got robbed from the Norton safe, can you imagine the fallout??!! Norton would be the new BP ...or PG&E (they blew up the 53 houses in CA.) If I cut and paste pw's from a word or other file are they safe when pasted, not typed? Thanks for the help and insight. Gaw Guy
  18. Stepping back a bit... My topics re computer security stem from reading an in-depth article in June 2010 Rolling Stone Mag about Albert Gonzalez and his drugged out posse of hackers. He "..masterminded the combined credit card theft and subsequent reselling of more than 170 million card and ATM numbers from 2005 through 2007â€â€the biggest such fraud in history. Gonzalez and his accomplices used SQL injection techniques to create malware backdoors on several corporate systems in order to launch packet sniffing (specifically, ARP Spoofing) attacks which allowed him to steal computer data from internal corporate networks. During his spree he was said to have to thrown himself a $75,000 birthday party and complained about having to count $340,000 by hand after his currency-counting machine broke down..." (And http://en.wikipedia.org/wiki/index.html?curid=24030969) He had a network that went into China and Russia. It was a chilling revelation for someone like me whose assets are just about all online. An excellent article that goes through the evolution of the techniques these guys (kids!) used, their different backgrounds and motives, and their eventual capture. Smart aleck Albert had day job working for US Govt in Cybercrimes Unit making $75k/annum, which enhanced his ability to hide while he watched them chased him. So.....eventually your comments and my explorations have led me to the topic of keyloggers. I have three main questions so far: 1) If you only use LAN (not wifi) for computers with sensitive data, does that help protect you from people who would install keyloggers? 2) I have read that AVG Free Edition might not protect against keyloggers, so what is the best protection against an installation? I have access to Norton AntiV for free through my ISP which is Comcast. Should I switch? 3) Is there a way to see if a supposedly "undetectable" keylogger is on a system. Thanks, Gaw Guy
  19. Bit of a misunderstanding here. No one has access to my systems while I'm routinely out or / out of the country. The youngsters are not the ones I worry about with the keyloggers. That would be online thieves. I want to keep the youngsters out of the personal stuff if I "buy the farm" and they "inherit" my computers - their mother, my life partner would naturally give my computers to them. These discussions have given me a plan to keep the files out of their reach so to speak. For one thing, I now understand that they couldn't break into a strong pw protected tc container which is where I have kept them anyway. But pls feel free to make other comments here if you like. As this topic has progressed I've gotten into more and more issues that you guys have raised, and keyloggers deserves its own post. Thanks GG
  20. My plan goes along those lines for a second backup. My computer is secure from keylogger installers, if you mean someone who would come in and install a program when I'm gone. That's not a concern. I don't put that computer on wifi, just lan, so keylogger can't be installed via wifi. I will also be using a password program when I decide on one so I won't be typing in passwords. Does that cover the keylogger issue or not? Thanks, GG
  21. Is the "master password" feature on Firefox similar to this, and if so what are the advantages / disadvantages? GG
  22. First, the financials are more than just a few. Second, this is kind of a mission. About a month ago I decided I wanted better security for everything and went about getting it. For one thing I have a very committed long-term life partner and I most strongly prefer that if anything were to happen to me she not see things that would hurt her. She's very curious. That might happen through her technically trained sons who would likely receive my computers from her. Therefore these files are coming off of the drives on my computers. I had the plan in process and you fellows have helped me refine it. Thanks, GG
  23. In my experience and understanding the hidden volume inside another volume leaves you open to making a mistake working with the two volumes and you can easily damage the "outer" container by putting a little too much in it besides your hidden container and then you lose the data inside the "hidden volume." You still have a huge file or unaccounted-for hd space to attract attention. The plausible deniability stuff has to do with being challenged in person by a thief or authorities and that's not my concern. Ever since I stopped using the "hidden volume" option with tc I've been a lot more confident. GG
  24. So...a program like TC is legal because govt forensic labs can get in, while it is impossible for "normal" people to do so? I don't do or deal with anything of interest to the govt. Just things that either are financials that I want protected and other personal things that would be embarrassing. While tc might not be crackable, I'd still feel better if there weren't 10 - 30 gb files on the drive causing those little hackers to wonder, "What is Uncle GG hiding?" Anyway, with all the help from you lads I do have a plan forming up. Would appreciate anything else anyone has to add. Thanks, GG
  25. Okay Herr Carlton..Here's a scenario. I use TrueCrypt, a very fine program. I go overseas or am otherwise out of the picture. Little relatives get free access to my systems. (Let me say that the HD is locked and Windows requires a password to get started.) Anyway I have lots of smart little relatives who notice that a certain file on a HD is taking up 30gb. It looks like a normal kind of file, but it's a TC container. They look around here and there and find TC program on the drive or on a flash drive. They put the facts together and figure out it is a TC container. Then they decide to try to open it. By brute force or by hiring someone to apply brute force. Could you tell me why that couldn't happen? Why they couldn't get it open? Or what else you have in mind for system security and file security? Thanks, GG
  • Create New...