GEConsult LOGO
GEConsult BLOG   blog app ver. 5.1 by GEConsult.ca
± Safe Computing± Safe Computing  Comment 
 posted by Glen Holman2017-10-16

Take this seriously! My organisation was hit. 3 users lost a week of email and about 50 documents. Gary's team got us back up and running but at a cost that amounted to more than the demanded ransom. But better that than supporting the criminals who may or may not have coughed up the encryption keys. Only the fact that our file server doesn't run on Windows saved us from more devastating circumstances.
Comment  posted by Gary Eikenberry2017-10-15
A reccent ransomware crisis we were called upon to help remedy resulted in > 30 billable hours of support time and 2 days of lost productivity. In the end there was minimal data loss because of a solid backup strategy and a fast reaction to shut everything down. But this was far from trivial.
2 days later we received a call from another client who had been hit by the same exploit. They weren't a quick and their latest backup was compromised, resulting in 2+ days of downtime and 6 days of lost data.
Safe computing practices and personnel policies to teach them and make them mandatory are absolutely critical in the current IT environment. If you use email or a web browser (and who doesn't?) you are vulnerable. If you don't take steps to protect yourself your are naive.
Comment  posted by Gary Eikenberry2017-05-19
The recent media uproar about the WannaCry exploit has, once again, brought the issue of computer security to the forefront but some clarification is called for. First, this was not a case of hacking as it has been mislabeled. It was, in fact, a particularly virulent example of malware which, by all indications, required user action, such as opening an email attachment or a web link, to launch the code that did the damage.
If anything, the damage done in this case should serve to underscore the basic tenets of safe computing:
1. Regular backups are critical.
2. All systems should be kept up to date. Old and unpatched operating systems and software are as dangerous to computer networks as broken floorboards or windows are to a house.
3. Policies and user training to prevent the user actions which invite malicious code into networks are equally important: the best locks and alarm systems for your home aren't much help if its residents open the doors indiscriminately to anyone and everyone who comes along.
Comment  posted by Peter Fenstermachlenburg2017-02-23
Don't trust Apple to keep you safe! An ill-advised click on a website that was probably bogus in the first place created a real mess.Malware designed for Windows can't harm OS-X, but a Java applet launched by a click doesn't care what your operating system is.
Comment  posted by Dave Canus2016-12-05
Today we were hit for the second time in less than a month with "fake" ransomware. Fake because the files on the PC aren't really encrypted but you can't get past the message that says they are. By removing the hard drive and accessing it as an external device Gary was able to save the files and then restore the PC from a cloned image before reloading the files copied from the drive before it was re-done.
Fake or real, ultimately the only solution to these attacks is a good drive clone and/or backup.
Whatever you do, don't pay these idiots to encourage this scourge.
Comment  posted by Gary Eikenberry2016-08-14
Overheard in a pub: "This whole computer virus thing is just a protection scam perpetrated by the guys that make the software." Malware is indeed a big business but the ones getting rich are not the anti-malware software companies. Ransomware, on-line identity and credit card theft are major revenue streams for organized crime and terrorism. Failure to protect yourself with safe computing habits amounts to aiding and abetting.
And most anti-malware software, especially the free versions that most people use, will not, on its own, protect you from things like phishing exploits and clicking sketchy links or "OK" buttons without understanding what you're accepting or agreeing to.
Comment  posted by P. MacAuslan2016-08-11
Good point! Ask yourself "How much does a good backup strategy cost?" Then ask yourself "How much would it cost us to recover from a ransomware attack or some idiot unplugging a running server to plug in a hoover?" You can buy anti-malware products but they aren't foolproof. To protect yourself from fools (or machine failure or nasties that slip through the anti-malware gaps) you need backups!
Comment  posted by Glen Holman2016-06-29
The importance of backups can't be over-emphasized. One of our laptops was hit with ransomware. Probably from opening an email or a website. Fortunately it was discovered before anything got introduced to our server. Even though paying to have the laptop recovered cost less than paying the ransom the most recent backup for the laptop was almost 2 months old so the lost data also represented a cost.
Comment  posted by Dave Canus2016-05-29
Take this seriously. Failure to do so can cost time, money and loss of opportunity. Believe me. I'm speaking from experience.
Comment  posted by Gary Eikenberry2016-05-28
It's important to stress that running something other than Windows can no longer (if it ever did) keep you safe. Lately we've been seeing a number of web-based exploits that are what we refer to s operating system agnostic, which is to say that they attempt to do their dastardly deeds regardless of what system you're booting. If you use a browser and are connected to the Internet you are potentially vulnerable. Of course this type of threat generally requires that you visit a compromised website, but without the proper protection you won't necessarily know that the site you're visiting is compromised.

A staff member for a client organisation recently thought she was clicking a link that would take her to eBay. By the time she realized that the "eBay" that the link had sent here to was not the real thing, the damage was already done. Not only had she given up her eBay account access information, but the malicious code that had run in the background had installed a downloader worm on her office workstation.
Comment  posted by Gary Eikenberry2016-05-26
Whatever your operating system or computing environment, a few simple habits can help protect you from malware and other threats which can transform your computer into a portal to a nightmare of hijacked email, ransomed data, stolen passwords or even stolen identities and other disasters. Just as I tell students in my self-defence and street-proofing classes, I don't intend to make you paranoid, but want to stress the importance of arming yourself with some information and techniques to make you safer. Have a look at
http://www.geconsult.ca/safe.php for an overview on safe computing.
± ABOUT this Blog± ABOUT this Blog  Comment 
 posted by Gary Eikenberry2016-05-26

We welcome your questions, ideas and input on Internet, Information Technology and related topics, however this is a moderated blog. Off-topic or disrespectful comments will be deleted.

± Database Tools± Database Tools  Comment 
 posted by Phil MacAuslan2017-02-23

The SQL utility that allows us to convert a CSV dump from a different table or an external database or spreadsheet, such as from a client, is a tremendous time saver, as is the utility to do a bulk import by mapping fields from one table to another. These are both things we need to do frequently. What used to require an outside programmer or specialised database manager can now often be handled in-house.

Comment  posted by Gary Eikenberry2017-02-22
We certainly appreciate Phil's praise, but feel that a little clarification is called for.
dbChameleon is a generic database management web app specifically for working with MySQL.
I would also add that we've been working with Phil and his company since the release of version 3.0.0 and many of the utilities to which he refers have been developed and refined in co-operation with him and his staff.
Comment  posted by Phil MacAuslan2017-02-20

Any business that depends on an on-line or even in-house database needs to take a serious look at GEConsult's dbChameleon.

This is a mature product which is quite accessible for regular office staff as well as more sophisticated database managers. At Coriolis Campaign we depend heavily on importing and massaging datasets from external sources for data mining and the market analysis sides of our business. dbChameleon makes this work more manageable and cuts our costs by greatly reducing the amount of custom database work we have to hire out.

± That old computer doesn't belong in the trash± That old computer doesn't belong in the trash  Comment 
 posted by Lindsay Frye2016-07-25

Most of the talk about operating system changes these days seem to involve Windows 10. After I was hit with a 3rd malware infection on my Windows notebook in less than 2 months I decided to ask Gary to replace Windows with Linux.
As a graphic designer I'm still more or less tied to my MacBook for a lot of things but for things like writing letters and proposals I tend to prefer the Ubuntu (Linux) notebook more often than the Mac and certainly more often that I did when it was Windows 10.
I seriously doubt that I'll want to go back. I'm even finding some free Linux graphic apps that might rival some of the costly commercial ones I use on the Mac.
Comment  posted by Peter Firth2016-05-29
I tried a dual boot first on my laptop. It didn't take long before I was switching my default from Windows 8.1 to Ubuntu Linux. Its Unity desktop interface has really grown on me.
Comment  posted by Victor Hamid2016-05-28
2 points:
1. You might be surprised how painless switching from a Mac to Ubuntu Linux or from Windows 7 to Lubuntu Linux can be.
2. There lots of charities out there looking for used computers that can be re-purposed for domestic low income users or for third world use.
Comment  posted by Gary Eikenberry2016-05-26
"E-waste" is a growing environmental issue. Give some thought to getting off the planned obsolescence treadmill. Even if the latest software from Microsoft or Apple requires ever-newer and more powerful (and often more expensive) hardware, there are open source alternatives which may well surprise you with how well they can accomplish everything you need on the very same hardware you're being encouraged to replace. And even if you are addicted to having the latest thing, consider the alternatives to landfill or even e-Waste disposal sites. Read our tips on Green Computing at http://www.geconsult.ca/green.php.
± Windows 10± Windows 10  Comment 
 posted by Gary Eikenberry2016-12-06

The ability to easily turn off Cortana and her privacy-compromising ways is gone as of the anniversary update. You can still do it with a registry hack but that isn't exactly an improvement. And Bitlocker is turned on by default, which presented some special problems on at least one dual-boot machine running Windows 10 Home. Until I found a way to disable it, every time after booting to the non-Windows OS it was necessary to enter a 48 digit "Bitlocker Recovery Key." Search the Microsoft sites & forums for information for how to disable Bitlocker and you get lots of information about how secure and wonderful it is and how to enable it but nothing about turning it off -- or at least nothing that works on the home edition post-anniversary update. I might add that the same issue cropped up on a client's laptop which had to be booted from a non-Windows USB thumb drive to clean off a malware infection, only to be told that the drive was not accessible, which meant it couldn't be scanned and cleaned until I booted to the compromised OS in order to disable Bitlocker. Somehow that doesn't strike me as making the computer more secure -- in fact, it's almost like Windows 10 with Bitlocker is a new form of ransom ware. They may not demand payment, but retrieving and entering that recovery key is, at best, a tedious exercise.
Comment  posted by P. MacAuslan2016-08-11
We run a mixed platform shop with Microsoft, Apple and Linux systems. All of our MS desktops and notebooks have now been converted and all be 2 of them have been subjected to the anniversary update. On the one hand it's more secure but on the other having to repeatedly reset our privacy settings to tell Microsoft to keep it's damned nose out of our business is a pain in the ass. And messing up McAfee on the notebooks wasn't exactly a security enhancement. I also don't like the fact that the anniversary update messed with desktop and start menu preferences.
On the plus side Windows 10 seems to integrate better with our mixed platform network with 2 Linux-based servers, one in Toronto and one in Ottawa. Windows 7 was more difficult to get and keep properly configured and Windows 8 & 8.1 on the 2 laptops we tried it on was downright obstreperous.
Comment  posted by Gary Eikenberry2016-08-08
More on the anniversary update -- in particular nasty surprises to watch out for: http://www.techrepublic.com/article/windows-10-anniversary-update-watch-out-for-these-nasty-surprises
Comment  posted by Gary Eikenberry2016-08-04
We've had reports and have encountered a few issues with the Windows 10 Anniversary Update (August 2016). In particular some anti-malware products either prevent the installation or are disabled or forced into error by the update.
An additional issue is that privacy settings and some preferences are reset to defaults by this update. We recommend carefully reading any warnings during the update and reviewing your settings and preferences following the update.
Comment  posted by Dave Canus2016-08-01
We took the plunge and had a mostly positive experience. Our accounting system will only run in 7 so 1 of those machines wasn't upgraded and the other one was but had the accounting software set up in a virtual machine. That's a little awkward but since the person on that machine only goes into accounting once or twice a month she can live with it and prefers to be on the same system as almost everybody else.
We kept the laptops used by our guys in the field on Linux because we had been having virus issues on them. Besides we would have had to pay to put Windows 10 on them since it would have been a new install instead of an upgrade.
Comment  posted by Gary Eikenberry2016-07-28
A more detailed evaluation and saga can be found at win10.php.
Comment  posted by Gary Eikenberry2016-07-26
With the Windows 10 free upgrade deadline almost upon us I'm still getting calls and emails asking if it's a good idea. Unfortunately I can't give a definitive answer. My experiences with upgrading my own systems and those I support have been mixed. My experience as a user (I'm entering this post on a desktop system running Ubuntu Linux) is also mixed. I have clients who are quite pleased with it and others who have tried it and decided to stay with or revert to Windows 7. In the final analysis my recommendation is to thoroughly evaluate your requirements and try it before committing to an upgrade. It might be right for you.
On new systems, if you're committed to or confined by circumstances to the Windows ecosystem I would rate it as acceptable and less disruptive than 8/8.1.
Of course I will continue to recommend one of several Linux alternatives if you don't have a requirement for a Windows only application with no compatible Linux alternative.
± The Googlization of Navigation± The Googlization of Navigation  Comment 
 posted by Gary Eikenberry2016-09-15

It seems that many users are losing the ability to use basic website and web application navigation systems. They've become so accustomed to the Google search paradigm that they can't be bothered with nested menus or other means of organizing sites and applications, even if typing a search phrase and then scrolling through the resulting list actually takes longer than menu-based navigation.

In preparation for doing some re-design work, one of our clients recently implemented a short-term tracking project to try to understand how users moved through their site. They were surprised at the number of times someone actually left the site to return to Google to enter a search phrase that included their domain name and what the user was looking for on their site rather than using the site's internal navigation system.

They were concerned that users would jump out to Google and, with ads, results shaping and paid placement, might end up on some completely different site. A design consultant suggested that they needed a more intuitive navigation system, but in the end they asked us to build an internal site search system.

We're not sure if this "if you can't beat 'em join 'em" approach is the answer, but we're implementing the site search tools on our own site as a demonstration.