The new computer scam

[Duane Meadows]

Suggestions...

1. Don't set up automatic backup... backing up the encrypted files won't help much!

2. Run your hard drive encrypted all the time! With modern PC's, the overhead isn't that bad.

3. Replacement hard drives are cheap. Usually no need to replace whole computer.

4. If backing up to an external drive, disconnect when not actually in use. Don't use the backup drive for any thing else

5. Run Linux for web-surfing/email and anything for which windows/OSX isn't absolutely mandatory.

6. Don't open unsolicited email, or email from an unknown source.

7. If you must run windows... Don't run Internet Explorer!

8. DON'T pay crooks!!!!

9. Get rid of XP or older operating systems!

[Phil Thien]

I see lots of ads for 32 and 64-GB USB 3.0 class flash drives that are deeply discounted. I think I just saw 32-GB versions for about $15 or $20 (I think at Best Buy).

Most people don't have anywhere near that much data. So having a couple of them with copies of your important stuff would be easy and cheap.

Easy to keep off-site, too, in the detached garage or a relative's house. Onsite backups are great but if disaster (fire, for example), they aren't much help.

[Jerome Stanek]

I see lots of ads for 32 and 64-GB USB 3.0 class flash drives that are deeply discounted. I think I just saw 32-GB versions for about $15 or $20 (I think at Best Buy).

Most people don't have anywhere near that much data. So having a couple of them with copies of your important stuff would be easy and cheap.

Easy to keep off-site, too, in the detached garage or a relative's house. Onsite backups are great but if disaster (fire, for example), they aren't much help.

Throw them in a fire proof box.

[Wade Lippman]

2. Run your hard drive encrypted all the time! With modern PC's, the overhead isn't that bad.

What software will do that?
How does it help with ransomware? Can't they encrypt it again?
Does it interfere with backups? Several times I have needed a deleted file and found it on a 2 month old backup. Will that still work?

[Phil Thien]

What software will do that?
How does it help with ransomware? Can't they encrypt it again?
Does it interfere with backups? Several times I have needed a deleted file and found it on a 2 month old backup. Will that still work?

Wade, you're correct, encrypting volumes, folders, or files, won't prevent the crypto-locker from doing so again.

If you're running the Windows backup applet on something like Windows 7, I'd suggest creating an additional user account on your PC called "Admin," with full administrator rights. Assign a unique password to that account. Now demote all the other accounts so they don't have administrator rights.

Now, if you infect your machine while logged in as one of the demoted users, malware won't be able to access the backup volume data. And an infection that occurs under the user "Phil" (for example) won't be able to attack other demoted users, like "Karen."

The only exception is, if UAC (User Account Control) pops up asking for elevated privileges and you type in the password for "Admin." In that case, the malware will have access to pretty much everything on your PC and backup drive.

[Dan Hintz]

Now, if you infect your machine while logged in as one of the demoted users, malware won't be able to access the backup volume data. And an infection that occurs under the user "Phil" (for example) won't be able to attack other demoted users, like "Karen."

The only exception is, if UAC (User Account Control) pops up asking for elevated privileges and you type in the password for "Admin." In that case, the malware will have access to pretty much everything on your PC and backup drive.

That helps, but it is in no way foolproof (particularly for Windows).

[Phil Thien]

That helps, but it is in no way foolproof (particularly for Windows).

The modern operating system is the most complex thing ever conceived of by man. Nothing is foolproof where any of them are concerned.

New security vulnerabilities that provide access to malicious code (often with system or administrator rights) are discovered on a fairly regular basis. Inexcusable seeing as there are so many excellent development tools that will identify most of them.

But the vast majority of home users are nailed because they are running with administrator rights. No security hole is necessary when you leave the front door wide open.

[Curt Harms]

I see lots of ads for 32 and 64-GB USB 3.0 class flash drives that are deeply discounted. I think I just saw 32-GB versions for about $15 or $20 (I think at Best Buy).

Most people don't have anywhere near that much data. So having a couple of them with copies of your important stuff would be easy and cheap.

Easy to keep off-site, too, in the detached garage or a relative's house. Onsite backups are great but if disaster (fire, for example), they aren't much help.

Winnah!! I think flash drives are available up to 256 GB. these days and with USB3 interfaces should be fairly speedy. Except for videos or a lot of hi-res photos, even 32 GB. of emails, docs and spreadsheets seems like quite a bit of data for an individual or small biz.

[Ole Anderson]

After my last episode I created another user account that is non-administrator that is now my default login. So now any changes require a password

[Andrew Pitonyak]

No, what stinks is how they can get away with it because of bitcoin. The only purpose of bitcoin is to facilitate illegal transactions. Why on earth is it legal?!

Some guys on NPR were saying exactly the same thing about cash.

Never occurred to me that the intent was to support Illegal transactions when it was created. I have heard reasons stated for wanting to use bitcoins, and supporting crime was never one of them.The fact that you can use it kind of like cash is certainly one of the reasons that certain criminals may want to use it. On the other hand, there are ways that a bit coin may be identified later after it is spent in a way that is even more traceable than cash (according to forbes), so if they do it long enough, and if officials take interest in them, their choice of payment options may make them more likely to be caught down the road.

[Scott Shepherd]

On the other hand, there are ways that a bit coin may be identified later after it is spent in a way that is even more traceable than cash (according to forbes), so if they do it long enough, and if officials take interest in them, their choice of payment options may make them more likely to be caught down the road.

I hadn't heard that, I'll have to look into that. It was my understanding that doing bitcoin transaction behind TOR is about as untraceable as you can get these days. Not that you can't be found, but it certainly makes things VERY difficult for the average law enforcement people.

Bitcoin is basically a monetary system (even though they say it isn't money) without the banks in the middle of it all. That's part of the reason it's doing well. It's just peer to peer transactions and no one else has their nose in your transactions.

[Wade Lippman]

Some guys on NPR were saying exactly the same thing about cash.

Never occurred to me that the intent was to support Illegal transactions when it was created. I have heard reasons stated for wanting to use bitcoins, and supporting crime was never one of them.The fact that you can use it kind of like cash is certainly one of the reasons that certain criminals may want to use it. On the other hand, there are ways that a bit coin may be identified later after it is spent in a way that is even more traceable than cash (according to forbes), so if they do it long enough, and if officials take interest in them, their choice of payment options may make them more likely to be caught down the road.

No, that is the whole point of it; it is definitively anonymous. I am sure some people are paranoid that if the government sees you buying ammunition with a CC that black helicopters will come down to take you to a camp, but the only sane purpose is to allow criminals to get payments without any chance of getting caught.

[Curt Harms]

No, that is the whole point of it; it is definitively anonymous. I am sure some people are paranoid that if the government sees you buying ammunition with a CC that black helicopters will come down to take you to a camp, but the only sane purpose is to allow criminals to get payments without any chance of getting caught.

Someone living under an authoritarian government might beg to differ. Remember, bitcoins and their like are not used only in the U.S. Of course to that authoritarian government, Falun Gong, Tiannamen square protesters and the like were viewed as criminals.

[Wade Lippman]

I am sure they ARE illegal and effectively blocked in China. So how does letting extortionists use them here help anyone.

[Scott Shepherd]

I'm sure it makes hiding money easier, but in reality, bitcoin is being used for a lot of legitimate transactions. Amazon, Target, CVS, Microsoft, Dell, etc. all take bitcoins and I don't think they are all fostering illegal transactions.