DNSchanger is a common walware that has been affecting mac/pc/linux since 2009.
Whilst it does not directly affect the computer, it does alter DNS records.
It does this by silently changing the DNS server on the computer to malicious one controlled by the the cyber thieves..
The FBI did take control of a lot of the malicious DNS servers, but have left them running.
The reason is, if the servers were turned off, anyone affected would loose internet access as they could no longer resolve internet addresses.
These DNS servers will be taken offline on July 9, 2012.
D Revolution has added DNSchanger detection to our website - http://drevolution.com.au (courtesy of of CDN Cloudflare)
If you are infected, there will be a pop up with details on how to remove the malware.
If you have ANY questions, please contact us.
Welcome to the blog of D Revolution. Sydney based supplier of consulting and training to the digital professional.
Wednesday, 9 May 2012
Wednesday, 1 February 2012
File Systems - the state of Mac OS X data integrity
Welcome back to the D Revolution blog after a Christmas hiatus.
Sorry for the nerdy nature of the post - it's often the underlying technology that propels computing forward.
After a year of following a startup company full of ex Apple engineers, they have finally released a product.
Why would I care you ask?
Simply put, HFS+ dates back to 1998 (the year I stared D Revolution) and whilst it has served Apple well, it is missing vital features for a modern filesystem.
Namely, file integrity and scalability.
Whilst Apple have cleverly added features like hard links, hot zones, auto-defragmentation, meta-data journaling, compression and other features without breaking compatibility, it is not a particularly stable and recoverable file system.
With todays disks now up to 4TB and the massive explosion in the amount of data stored, there are a few critical things needed in a modern file system.
1. Data Integrity
HFS+ does not scrub disks looking for bad blocks or corrupt data - ZFS does.
That means ZFS can automagically recover files from non-function parts of a disk - which is actually a fairly common occurrence.
2. Snap Shots
HFS+ can not create disk snap shots which are like an on disk backup of data from a point in time - ZFS does.
That means, if you are backing up large amounts of data on OS X the underlying data can change during the course of a single backup if files are re-saved or left open.
With ZFS snapshots, you can simply backup the snapshot (snapshots are virtually instantaneous irrespective of size) with a completely frozen set of data.
A great side effect of this is you can do hourly snap shots (any of which an be restored) and backup the snapshots once a day to the backup device of your choice.
3. Pooling
HFS+ cannot pool drives together.
Pooling drives would allow for instance, Time Machine to backup to more than one destination drive, or creating effective software RAIDs.
I can't recommend the Ten's Compliment ZFS system yet for a few reasons.
1. You cannot share a ZFS volume over AFP - meaning it won't work for your server storage (an obvious place to use it)
2. It is not bootable yet so you cannot protect your startup disk - making it useless for single disk system like the MacMini, iMac, MacBook Pro and MacBook Air.
I hope to test the system soon by installing an SSD in my MacBook Pro and using the default hard disk for bulk storage.
NOTE: There is a whole raft of products D Revolution will be teasing this year so stay tuned...
Sorry for the nerdy nature of the post - it's often the underlying technology that propels computing forward.
Ten's Compliment have a File System plugin for Mac OS X that allows the use of ZFS instead of the standard HFS+.
After a year of following a startup company full of ex Apple engineers, they have finally released a product.
Why would I care you ask?
Simply put, HFS+ dates back to 1998 (the year I stared D Revolution) and whilst it has served Apple well, it is missing vital features for a modern filesystem.
Namely, file integrity and scalability.
Whilst Apple have cleverly added features like hard links, hot zones, auto-defragmentation, meta-data journaling, compression and other features without breaking compatibility, it is not a particularly stable and recoverable file system.
With todays disks now up to 4TB and the massive explosion in the amount of data stored, there are a few critical things needed in a modern file system.
1. Data Integrity
HFS+ does not scrub disks looking for bad blocks or corrupt data - ZFS does.
That means ZFS can automagically recover files from non-function parts of a disk - which is actually a fairly common occurrence.
2. Snap Shots
HFS+ can not create disk snap shots which are like an on disk backup of data from a point in time - ZFS does.
That means, if you are backing up large amounts of data on OS X the underlying data can change during the course of a single backup if files are re-saved or left open.
With ZFS snapshots, you can simply backup the snapshot (snapshots are virtually instantaneous irrespective of size) with a completely frozen set of data.
A great side effect of this is you can do hourly snap shots (any of which an be restored) and backup the snapshots once a day to the backup device of your choice.
3. Pooling
HFS+ cannot pool drives together.
Pooling drives would allow for instance, Time Machine to backup to more than one destination drive, or creating effective software RAIDs.
I can't recommend the Ten's Compliment ZFS system yet for a few reasons.
1. You cannot share a ZFS volume over AFP - meaning it won't work for your server storage (an obvious place to use it)
2. It is not bootable yet so you cannot protect your startup disk - making it useless for single disk system like the MacMini, iMac, MacBook Pro and MacBook Air.
I hope to test the system soon by installing an SSD in my MacBook Pro and using the default hard disk for bulk storage.
NOTE: There is a whole raft of products D Revolution will be teasing this year so stay tuned...
Tuesday, 25 October 2011
FaceBook security - a cautionary tale…
What to do if your hacked and how do you know
Last Friday started out like any other day - until I received an email from Facebook telling me I had associated my account with a new email address.
Alarm bells rang straight away. I tried to login to FaceBook but my details were not accepted.
If you have set up security questions and mobile numbers (you have - haven't you), you can go to the Facebook Checkpoint - http://facebook.com/checkpoint/
This allowed me to verify I was the rightful account holder and I could reset my password and the associated email address.
What did the miscreant do with his 40 minutes of access to my FaceBook account?
First - He used FaceBook to message my friends that were online saying I was stranded and send money! Luckily I only have 40-ish friends (sad - I know)
Second - He used a copy of my FaceBook address list which he synced with Yahoo to email my contacts direct from the new bogus email address.
Here is a transcript of one of the FaceBook message threads… (names hidden of course)
SCAMMER: Hello
How are you doing?
FRIEND: heyyy david!
im good mate how you doing?
SCAMMER: Am not good at this moment
SCAMMER: Am presently stuck down in Wales UK with my family as we speak
FRIEND: oh wow
SCAMMER: we are in deep mess
FRIEND: haha
how come?
SCAMMER: My family and I came down here to Wales,United Kingdom, for a short vacation and got mugged at the park of the hotel we stayed, all our cash, credit card and Cell Phone were stolen off us at the GUN POINT
FRIEND: oh shit
fark
SCAMMER: but luckily for us we still have our passports with us but don't have enough money to sort the bills so we can get out of here
FRIEND: man...
dont you have travel insurance?
have you gone to the embassy?
SCAMMER: We've been to the embassy and the police are not helping issues at all and our flight leaves soon, but we're having problems settling the hotel bills,the hotel manager won't let us leave until we settle the bills
FRIEND: just give them your insurance details
SCAMMER: i need your help
FRIEND: hahahaha ok very funny
are you with (hidden)
Being an IT guy - how was I hacked?
Whilst I will never know the exact cause, website hacks usually happen due to one of the following reasons.
1. Account password hacked (usually due to insecure password) - this was most likely the cause.
NOTE: I had an 8 character password including a single alpha numeric substitution i.e: I swapped a single letter for a number.
2. Account password used elsewhere and the other site was hacked, they tried the same login details.
This is very common. I had used the password on 2 other "low value" sites so this is possible, but unlikely.
3. Malware installed on machine used to access the FaceBook site.
On PC, this is a big concern. I never access FaceBook on any machine except for machines I own.
As it stands, whilst there are one or two easily spotted trojans for OS X, there are NO remote exploits with key logging or ANY viruses for OS X.
4. Poisoned Adverts.
This is becoming quite common, a javascript embedded in an advert on a website. Some of these poisoned adverts don't have to be clicked - simply being displayed in a browser window is enough.
So, what can YOU do to protect yourself.
1. Make sure you have recovery questions and a mobile number on Facebook and document them!
2. Turn on secure browsing (HTTPS like a banking website) in > Account Settings > Security
3. Turn on Login Approvals in > Account Settings > Security
This means any new computer you use to access FaceBook needs a one time passcode which is sent via SMS to your mobile.
4. Turn on App Security if you use the FaceBook app on an iPhone or iPad in > Account Settings > Security
Some FaceBook Apps can't accept security codes - for these you generate a "App Password" to use instead.
5. Use a passphrase (series of separate words) of 12 or more characters with a mix of uppercase, lowercase letters and at least 1 number substitution.
6. Don't use the same password on multiple sites - especially if they contain sensitive information.
7. If you were hacked, make sure you delete ANY unknown or recently updated authorised apps in > Account Settings > Apps
These can be used to download you address book (like in my case) federate access to IM clients like Meebo.
8. Make sure notifications are turned on in > Account Settings > Notifications
The quicker you get control of your account back, the less damage can be done.
9. If you have been hacked, see the changed email address and contact the provider and get the address shutdown.
Most free providers (which scammers use as throw away addresses) have a "report abuse" link - here are the links I used for Yahoo.
http://help.yahoo.com/l/us/yahoo/mail/yahoomail/spam.html
http://help.yahoo.com/l/us/yahoo/mail/yahoomail/abuse.html
Thursday, 13 October 2011
iCloud, online sync/backups and a new nuggets from the interwebs
Firstly - apologies for having been offline the last fortnight. Simply a case of have too much work and nowhere near enough time!
Release Me - a simple model release app for photographers.
See a good review here
Whilst the software is expensive, it would match up really well with Phase One Capture Pilot for iPad.
Also if you are shooting people professionally (photography that is - not assassin or mob/yakuza hit man) model releases are a fact of life.
Capture Pilot for iPad allows remote viewing of shoots from capture One Pro which is normally tethered to a canon DSLR or a nice expensive digital back from Mimaya/Leaf , Hasselblad or Phase One.
Combine the two iPad apps and in a studio setup, you can be shooting tethered whilst getting releases digitally signed and rating shots all from an iPad.
This morning, I updated to iOS 5 for my iPhone4. Tonight will do the OS X 10.7.2 and iPad updates.
There are plenty of reviews flooding in, this is just a few initial impressions and thought.
1. Leave plenty of time!
The process of downloading the update from iTunes then the multiple steps of backup, update and restoration of data and apps takes a long time!
For my 32GB iPhone 4 with 3GB free space, the whole process took a little ever 2 hours.
2. If you have an Exchange account for email (like with Google Apps) enable banner notifications for Mail in the new notifications centre.
3. Upgrade Mac OS X 10.7.2 using the combo updater - it's huge, but I have had less issues with combo updates instead of the smaller delta updater listed in software Update.
Stay tunes - will update with a further post after a thorough test…
iPad Software Pick of the Week.
Release Me - a simple model release app for photographers.
See a good review here
Whilst the software is expensive, it would match up really well with Phase One Capture Pilot for iPad.
Also if you are shooting people professionally (photography that is - not assassin or mob/yakuza hit man) model releases are a fact of life.
Related Bonus Pick.
Capture Pilot for iPad allows remote viewing of shoots from capture One Pro which is normally tethered to a canon DSLR or a nice expensive digital back from Mimaya/Leaf , Hasselblad or Phase One.
Combine the two iPad apps and in a studio setup, you can be shooting tethered whilst getting releases digitally signed and rating shots all from an iPad.
iCloud and online backups.
This morning, I updated to iOS 5 for my iPhone4. Tonight will do the OS X 10.7.2 and iPad updates.
There are plenty of reviews flooding in, this is just a few initial impressions and thought.
1. Leave plenty of time!
The process of downloading the update from iTunes then the multiple steps of backup, update and restoration of data and apps takes a long time!
For my 32GB iPhone 4 with 3GB free space, the whole process took a little ever 2 hours.
2. If you have an Exchange account for email (like with Google Apps) enable banner notifications for Mail in the new notifications centre.
3. Upgrade Mac OS X 10.7.2 using the combo updater - it's huge, but I have had less issues with combo updates instead of the smaller delta updater listed in software Update.
Stay tunes - will update with a further post after a thorough test…
Monday, 26 September 2011
Crowd sourced design - is it a good thing for the creative industry?
The largest crowd-sourced design website - 99designs.com is heading back to it's roots in Australia.
Started in Melbourne in 2008, the website hosts "design contests".
Companies create the contests and specify the price and often the concept. Designers then submit designs hoping to win the contest.
If you are young designer starting out, it might be a fast way to gain some exposure and credibility.
For established designers, is it valuable service that you should participate in, or is it another way for the "web" to under value a market.
Print brokers essentially did the same thing to printing 15 years ago - got a stable of printers to outbid each other for work. The end results was a headlong rush to the cheapest price!
Similar thing happened to photography with the explosion of stock photo websites.
Post a comment or contact us and let us know your thoughts - good, bad, indifferent.
Started in Melbourne in 2008, the website hosts "design contests".
Companies create the contests and specify the price and often the concept. Designers then submit designs hoping to win the contest.
If you are young designer starting out, it might be a fast way to gain some exposure and credibility.
For established designers, is it valuable service that you should participate in, or is it another way for the "web" to under value a market.
Print brokers essentially did the same thing to printing 15 years ago - got a stable of printers to outbid each other for work. The end results was a headlong rush to the cheapest price!
Similar thing happened to photography with the explosion of stock photo websites.
Post a comment or contact us and let us know your thoughts - good, bad, indifferent.
Subscribe to:
Posts (Atom)