Tuesday, October 15, 2013

Apple iOS7

After the last two entries, we decided to give you a quick break on a somewhat lighter subject: Apple's latest operating system, iOS7.  It has now been about three weeks since Apple made iOS7 publicly available, and we have been fielding a surprising number of questions.

Interestingly, the question at hand seems to be whether or not to do the upgrade!  Both in phone settings and at the computer (for those who sync your phones to a computer, which we do recommend), Apple's software is fairly persistent in reminding that the update is available.  Technically speaking, Apple has made iOS7 available to iPhone4 and above (including 4S, 5, 5C, and 5S).

Our official advice is to only run the update if you have an iPhone5 or higher.  The 4 and 4S can technically run the update, but the feedback we're getting from our test units is that the phone gets much slower to react.  This is due to the fact that iOS7 is much more resource-intensive to run than iOS6, which overexerts the older phones' more limited processors and memory.  For those who have a 4 or 4S and have already run the upgrade, we do not advise attempting to roll back to iOS6, but it is time to consider a phone upgrade!

As always, if you have any questions, do not hesitate to call your IT provider.  We are hear to help and are more than happy to assist with any smartphone related questions you may have!

Tuesday, October 8, 2013

How did I get that infection, continued

Last week, we discussed how infections are commonly spread, and more importantly, why they can slip past antivirus programs.  Let us now take some time to discuss how you can reduce the risk of infection.

The absolute most effective technique for avoiding infection is to be extremely careful what you click on.  Ages-old advice was to not open emails from people you do not know, or not open attachments in those messages.  That was for a time when infections spread through email and, largely, is out of date.  Modern infections spread through the Internet and infected web sites.  That in mind, when visiting an unfamiliar site, be very careful of what you click and pay particular attention if the site attempts to run any add ons.  Keep your surfing to known and trusted sites whenever possible, as these are not foolproof but will greatly reduce your online risk.

Next, make sure your antivirus software is up to date and current.  To be at its most effective, antivirus needs to have its most current virus definitions, so it knows to 'look for' the most current infections.  If you do not know how to check this, contact your IT provider.  Trust us, we would rather spend a few minutes show you how to check your antivirus or getting you set up with current antivirus than we would clean an infection after the fact.

Also, make sure your operating system is fully patched.  You know that Windows Update warning that pops up when you log in?  Yes, that is what we are talking about.  Not only does Microsoft go through and attempt to fix bugs, but they are also patching security loopholes.  Do not underestimate how important this is!  Did you know that the Blaster Worm which made the news in 2009 had exploited a weakness which Microsoft had patched months earlier?  The entire infection was preventable for anybody who had already taken advantage of a service which Microsoft provides for free!  This applies to Apple products too - you may notice that Apple very quietly stopped advertising that they do not need antivirus software?  This is because of the increasing number of infections that are being discovered which target OSX.

Lastly, make sure your third party software is fully patched as well.  We are talking about those little popups you get in the lower right hand corner of your screen asking you to run an Adobe or Java update.  Do not ignore them!  Most of the time, those companies are patching security loopholes in their programs.  Plus, if you run the updates, they will stop popping up and bugging you until the next one comes along.

For our CommonFocus customers, we would like to inform you that these are all services which are included with CommonFocus service.  We are monitoring your antivirus and ensuring it is up to date & running, as well as controlling and deploying both your Microsoft patches and your third party patches as well.  If you are not currently a CommonFocus customer but would like to explore becoming one, contact our very own Nick Stevenson at nstevenson@pointsolve.com or 866-336-3106 ext 2.

Friday, October 4, 2013

How did I get that infection?

One of the more common questions we get, typically while cleaning an infected PC, is how the infection came to be.  This is a very good question, and we would like to take some time to clear up a few misunderstandings and explain a bit of how infections work.  In our next entry, we will elaborate on the steps that can be taken to reduce the risk of infection.

The first concept to understand, and this is very important, is that no antivirus or security software is foolproof.  Antivirus helps to mitigate risk and good quality antivirus software is very beneficial, but it does not render the PC invulnerable to infection.

The second important concept is that, even if an infection does not get stopped by antivirus software, that does not mean the antivirus did nothing.  In most cases, the antivirus will have stopped the infection from doing any serious harm, and makes our job cleaning up quite a bit easier.

Lastly, even if the PC appears to be infected, it may not necessarily be a virus.  The infection could be malware, which does not attack a PC in the interest of doing damage, but instead attempts to render the PC useless enough to extort monetary gain from the owner of the PC.  We will expand on that a bit later, but the relevant piece of information here is that, because malware does not attempt to damage the PC, it does not always trigger the security mechanisms that antivirus is designed to look for, so many forms of malware will fly under the radar of most antivirus software.

We mentioned that malware attempts to extort monetary gain from the owner of the PC.  This is a type of digital extortion that has surfaced over the last few years and, unfortunately, has caused quite a headache for many in our industry.  Generally, a PC infected with malware will pop up a fake antivirus program that claims to scan the PC and "finds" infections, which it offers to "clean" when the user choosed to "activate" the software by putting in a credit card number.  This is annoying in and of itself, but these programs make themselves impossible to close or remove, and sometimes even lock the user out of Internet access or other capabilities, which makes the malware even more difficult to remove.  Importantly, as we mentioned above, it does not actually attempt to the damage the PC, it simply attempts to exploit the user for monetary gain.

There is another method by which infections can take hold, and that is by loopholes in common software.  Microsoft , Adobe, and Oracle, are three companies whose software is almost ubiquitous among computer users, and thus, the folks who write infections will attempt to locate weaknesses in their software.  Antivirus software is trained to recognize these programs as "safe" and thus, will allow these programs to run.  Unfortunately, if an infection is exploiting a loophole in one of them, the antivirus is fooled into thinking it is one of those programs and may allow it to run.

Keep watching for our next entry, in which we will outline some basic concepts of how to lower the risk of infection.