This is a follow up to last week's note about the Avi Ben Stella hoax/keyword attack.
In spite of three layers of firewalls, a couple of anti-virus software packages, and an alarm that something was trying to get "in" - one of the "Avi Ben Stella" websites did manage to infect my computer.
Fortunately, I do nightly backups and clone my hard drive periodically. Rather than "clean" my system of some bug that my anti-virus software missed the first time, I just wiped out the drive and was back in business in a few minutes.
How?
Step 1: Removed infected drive. My new computer case makes this easy. This took about two minutes because I have a messy desk.
Step 2: Installed spare drive with the most recent clean image. This takes about two minutes because I keep the drive in a fire-proof box, and I stopped by the 'fridge for a soda first.
Now my computer looks just as it did a couple of weeks ago.
Step 3: Installed whatever system updates my software vendors pushed down since I created the backup image. The key updates to get are operating system and anti-virus software. I guess I don't have to do this right away, but why wait? It doesn't hurt that I keep a software update log, but that's way too geeky for most people.
Now my computer is up to date, but my working files are a couple of weeks old.
Step 4: Reload from last night's backup my current working files. I'm now back in business. Later, I'll go back and restore all my files from backup while taking care not to overwrite today's work. I'll let that run overnight because it takes a couple of hours. I have a lot of files.
Total time - <10 minutes.
Total cost - $0.
Preparing for the incident cost me $150 for a spare 1.5 TB drive, $50 for an internal hard drive docking bay, and $50 for imaging and backup software. The docking bay isn't entirely necessary, but it's very convenient because it lets me use hard drives as if they were floppy disks. Remember those?
I also use a spare 500 GB drive salvaged from a failed external Western Digital USB back-up device. I don't count this last item as an expense because I consider Western Digital drives to be worthless anyway. I bought one external 1TB USB Western Digital drive. It failed, I replaced it, and the replacement failed - as did its replacement. Mean-time-between failures: about 12 months. At least Western Digital has great customer service. I use their hardware for paperweights now.
With $200 of back-up hardware, one might ask why not just get a backup computer instead.
I have one.
I set it up for my kids. They don't get hand-me-downs. If my hardware fries, as it has in the past, I want something on which I can run big data jobs. It also serves as the family's digital video recorder and multi-media center. An underpowered box with a creaky old operating system won't do. My kids have the fastest box on the block - next to mine.
I don't believe in using technical failure as an excuse for blown deadlines. I also have three uninterrputed power supplies and a backup generator. No, I'm not a fan of our utility company, either.
Last step: I'll go ahead and wipe the buggy hard drive and load a fresh image on it. That'll take a couple of minutes of my time, but I'll need to let it run overnight. My computer definitely works harder than I do.
© 2009 - Robert Lawton, all rights reserved
Sunday, August 30, 2009
Tuesday, August 25, 2009
Avi Ben Stella - Social Engineering at its "Best"
There’s an "Avi Ben Stella" message going around about a kid in a coma. It's obviously a hoax, but it is more than that. It is a social engineering attack aimed at those who Google suspected hoaxes for more information.
How does this attack sucker the cautious? The "Avi Ben Stella" name is unique, so people who Google it will find the "right" web page - a page loaded with malware which will try to auto-download and infect their computer.
Best bet? As with all other messages of this nature, don't "pass it on". But in this case, don't even Google it.
And yes, I found this out the hard way. I first checked Snopes which listed it as “undetermined”. However, this is a new form of attack, and it's a new message, so I then searched Google in depth. I soon I hit a few of the earliest web pages with this key term. When I did, my firewall went into a frenzy, and I had to close the infected web page via the Task Manager.
So now we have it: a social engineering attack that takes advantage of “safe” behavior – Googling before posting or forwarding "to everyone you know". Those who want to play it safe should forego Googling and stick to trusted sites (like Snopes) and search within those sites for more information. It's not as broad a search, but it's safer.
As far as social engineering goes, it's pretty clever. It’s like infecting condoms with aids before they are used - only those who exercise due care are vulnerable.
Incidentally, this "keyword" approach to steering people to a specific web page has been used for years on auction and dating websites to help customers bypass the site's fee system.
© 2009 - Robert Lawton, all rights reserved
How does this attack sucker the cautious? The "Avi Ben Stella" name is unique, so people who Google it will find the "right" web page - a page loaded with malware which will try to auto-download and infect their computer.
Best bet? As with all other messages of this nature, don't "pass it on". But in this case, don't even Google it.
And yes, I found this out the hard way. I first checked Snopes which listed it as “undetermined”. However, this is a new form of attack, and it's a new message, so I then searched Google in depth. I soon I hit a few of the earliest web pages with this key term. When I did, my firewall went into a frenzy, and I had to close the infected web page via the Task Manager.
So now we have it: a social engineering attack that takes advantage of “safe” behavior – Googling before posting or forwarding "to everyone you know". Those who want to play it safe should forego Googling and stick to trusted sites (like Snopes) and search within those sites for more information. It's not as broad a search, but it's safer.
As far as social engineering goes, it's pretty clever. It’s like infecting condoms with aids before they are used - only those who exercise due care are vulnerable.
Incidentally, this "keyword" approach to steering people to a specific web page has been used for years on auction and dating websites to help customers bypass the site's fee system.
© 2009 - Robert Lawton, all rights reserved
Thursday, April 23, 2009
Old Cahokia Courthouse Reopened
The Old Cahokia Courthouse reopened for the first time today since last December when former governor Rod Blagojevich closed numerous state historic sites.
The French originally built the structure as a home in 1740. The building became a courthouse in 1790. The city of
© 2009 - Robert Lawton, all rights reserved
Monday, April 20, 2009
Phoenix Recycling Expands
Longacre Park Recycling is gone, but Phoenix Recycling & Shredding, Inc. has branched out and taken its place at the same location. Phoenix Recycling is a non-profit organization which provides employment for persons with developmental disabilities or traumatic brain injuries.
Separate recycling as follows:
- Plastics - milk jugs
- Plastics - #1
- Plastics - #2
- Plastics - #3 through #9
- Office paper
- Cardboard
- Cans - tin (clean)
- Cans - aluminum
- Glass - clear
- Glass - brown
- Glass - green
Operating hours:
- 8:00 - 1:00 Monday - Friday
- 8:00 - 2:00 Saturday
- Closed Sunday
© 2009 - Robert Lawton, all rights reserved
Saturday, April 18, 2009
Moye Kids Finish Marathon
Moye Elementary School, O'Fallon, Illinois, conducted its third annual "Read and Run Marathon" on Saturday, April 18, 2009. During the year, students read 26 books and exercised the equivolent of a 25 mile run. On this day, the students completed the 26th mile by running a course around the school's neighborhood. Over 120 children participated in this event designed to promote healthy choices.
© 2009 - Robert Lawton, all rights reserved
Sunday, March 22, 2009
Carriel Jr. High School's New Administrators
Congratulations go to Carriel Jr. High School's first administrators.
Principle - Doug Wood, Ed.D., principal, Fulton Jr. High
Asst. Principle - Kelly West, asst. principle, Moye Elementary
Kelly West, vehicle virtuoso
Monday, March 16, 2009
School Dropoff Statistics
A photo survey of drivers dropping off children at a local elementary school produced interesting results. The survey took place on a sunny Monday morning during the 15 minutes prior to the school's start.
Vehicles
- 9 pick-up trucks
- 34 vans
- 34 cars
- 41 SUVs
- 2 drivers using cell phones
- 3 drivers with beverages
- 2 drivers with children on their laps
© 2009 - Robert Lawton, all rights reserved
Saturday, March 14, 2009
St. Baldrick's Fund Raiser
Miles Quintal gets a buzz from his barber in O'Fallon’s Blazier Field dugout. His father reports “I’m surprised. Miles spends a lot of time on his hair.” Funds raised go to help kids with cancer.
© 2009 - Robert Lawton, all rights reserved
Sunday, March 8, 2009
Maryville First Baptist Church
Very windy day. Needed high shutter speeds just to stop motion on my zoom lens. Need a better zoom lens. Experimented with HDR software, Photomatix - interesting.
© 2009 - Robert Lawton, all rights reserved
Uploaded and published in Wikipedia on the day of the shooting.
Created
Notes from my various photography-related adventures. It's photojournalism on-the-fly. All images are for sale. Contact
rklawton@LawtonPhotos.com for details.
rklawton@LawtonPhotos.com for details.
Subscribe to:
Posts (Atom)