Latest News - Computer Repair & IT Support in Vancouver, WA and Portland, OR

Latest News

Core i9 superchip leads Intel's new X-Series CPUs

The future is here, and it has 18 cores.

Intel on Tuesday took to the stage at Computex in Taipei, Taiwan, to unveil its newest range of processors, dubbed the X-Series. With its eyes set on content creators, overclockers and pro gamers (plenty of whom are crowding the Computex halls this week), Intel is pulling out all the superlatives it can muster to talk up the "extreme" processing power it's offering.

But extreme doesn't come cheap.

Netgear routers can be easily exploited, US-CERT warns

Several Netgear routers are vulnerable to a command injection flaw and can be remotely hijacked, according to an US-CERT advisory.

Exploiting this vulnerability is trivial”, the advisory reads. “By convincing a user to visit a specially crafted web site, a remote attacker may execute arbitrary commands with root privileges on affected routers.”

The flaw, discovered by a user going by the Twitter handle Acew0rm, affects models R7000 and R6400 running older and current firmware. US-CERT also added the R8000, firmware version 1.0.3.4_1.1.2, on the list of vulnerable devices.

An exploit leveraging this severe vulnerability has been publicly disclosed, enticing hackers to carry out attacks on the vulnerable aforementioned equipment.

Shodan reports some 2600k Internet-facing Netgear R7000 routers and around 800 R6400 routers, in the US only. Most of them are used by telecom/cable companies.

Toshiba HDD Recovery Case Study: Hard Drive Clicking

What to Do When You Hear Your Toshiba Hard Drive Clicking

When a hard drive is clicking, something is usually wrong with its insides. Normally, your hard drive clicks just once when you turn it on. This click comes from the read/write heads as they lift off of their ramps and position themselves over the drive’s hard disk platters. From that point, the read/write heads find your hard drive’s firmware. Once they’ve successfully read the firmware, the heads can read all the rest of the data on your drive. But if they can’t read the firmware, the heads retreat back to the ramp. Then they try again. And again. And again. They don’t stop trying until you power off the drive. This produces the rhythmic “Click of Death”.

When your hard drive suffers a mechanical failure, you only have one option if you want to get any data back. You must bring it to a professional data recovery company. Do-it-yourself instructional videos on how to open up and “fix” hard drives and urban legends like the “freezer trick” may sound enticing. But don’t be lured by their siren songs. The innards of a hard drive can only be reliably repaired by professional hard drive repair specialists.

Furthermore, physical failure can also result in damage to a hard drive’s firmware. Hard drive firmware can only be accessed and repaired by highly-skilled and well-trained data recovery experts with special tools. Hard drive manufacturers play their cards close to their chests when it comes to hard drive firmware. There’s very little in the way of documentation for firmware, how it’s supposed to work, what corruption looks like, etc. Anyone who knows anything about hard drive firmware either designs it for a living or has years of experience and training in a data recovery lab.

Ransomware forced hospitals to cancel 2,800 operations and shut down systems

Ransomware is a serious enough threat for most organisations, but just imagine if you’re in the business of keeping people healthy and saving lives.

At the end of October, three British hospitals suffered a “major incident”, as a malware attack infected the Northern Lincolnshire and Goole NHS Foundation Trust (NLAG), forcing the almost complete shutdown of IT systems and the cancellation of routine patient operations for several days.

As ZDNet reports, NLAG has now confirmed that the malware that infected their computer systems was a variant of the Globe ransomware, which uses the Blowfish cryptographic algorithm to encrypt victims’ files.

Configure Windows 10 like a privacy pro

Windows 10 has only been around for a couple of days, but it is running on more than 67 million computers worldwide already. The new operating system is being aggressively pushed to all Windows users who own a valid license for Windows 7 or Windows 8/8.1, provided they want the upgrade and their computer meets the minimum requirements.

The average of 11 million new customers per day is somehow understandable: Windows 10 is free of charge, brings back old features users have begged for since Windows 7 (such as the start menu) and, most importantly, will be permanently updated with new features for the supported lifetime of your device.

Like any free offering, though, Windows 10 comes with strings attached – in this case in the form of fine print that some users might regard as invading their privacy. Here is a quick tutorial on how to properly configure your brand new Windows 10 installation to minimize the impact on your privacy and help you make the most of it.

The ABC of Cyber-Security: V is for Virus

What is a computer virus, anyways?

A computer virus is an application that can copy itself by attaching its code to other files on the system. Its mission is to spread from file to file and computer to computer, mostly causing damage and compromising the integrity of the infected computer. Most of the times, the virus would modify system files, rendering the host unusable. In short, a virus could mainly deteriorate system files, which prevents the operating system from booting.

Remember: while the term “virus” is improperly used for computer malware, it is not a virus unless it can infect files.

A little history

The first computer viruses were born in academia, and pitched for totally different purposes than infecting systems and causing havoc among computer users. For instance, in the late 50s, British mathematician Lionel Penrose published a report called “Self-Reproducing Machines,” an overview of a simple two-dimensional model able to self-replicate, mutate and attack computer systems. The practical part of the project was ported by Frederick G. Stahl on an IBM 650 system. At that moment, scientists and researchers were exclusively concerned with artificial intelligence and the blooming field of robotics.

The ABC of Cybersecurity: A is for Adware

“If you’re not paying for it, then you are the product,” reads an old proverb. This stays true to date, despite the massive move to digital. Advertising is still a multi-billion business and it was only a matter of time until it made it as a stand-alone category of software suggestively named “adware”.

Adware is a contraction of ad-powered software, a form of monetization that allows a developer to offer their products for free to the public but still be paid by an advertising agency. In exchange of the money, the developer would either bundle code that displays ads for the ad network or convince the user to install software from a different publisher along with the original product. Sounds fun at first, but adware has plenty of room to misfire. The dividing line between adware and spyware is so blurred and so unregulated that the original offer might be more than you bargained for.

The ads, which could be either pop-ups or videos, may not be a problem at first, but remember that there’s a shady program running in the background spying on your activity, silently profiling your browsing habits, or persistently pushing you to buy a product through an affiliate network.

There is definite controversy around advertising-supported software as some e-book readers or phone and chat applications include it and also receive user consent for certain benefits. Occasionally companies will include information about Adware in their terms and conditions or in the end-user license agreement. But who has the patience to thoroughly read that until the very end?

Aggressive adware is not innocent and has so far hijacked a great number of well-known and trustworthy applications coming from reputable developers.

Why Updating Your Software Makes the Internet a Safer Place for Everyone

Realistically, there are flaws in pretty much every piece of software. Development is a constant back-and-forth of finding vulnerabilities that hackers could exploit and then patching these pieces of code to fix those issues. In fact, most large companies employ people specifically to try to hack into their software so that the company can find and fix vulnerabilities before hackers take advantage of them.

Just in the past few weeks, Apple released “urgent updates” for both iOS and their desktop OSes to block a hack that could turn your Apple device into a spying tool. This exploit has been described as the “most sophisticated spyware” ever seen, and could let the hacker read messages and take control of your iPhone or other device. This is pretty scary when you think of all the data that gives them access to such as credit card numbers and banking info.

The three main ways many security experts protect themselves are updating software regularly, turning on two-factor authentication, and using a password manager. Thankfully, it’s getting easier than ever to keep your software up-to-date, so here are a few tips to make sure you’re on top of things:

• Turn on automatic software downloads on any device (including IoT products) that has them (e.g. for an iPhone, go to Settings then iTunes & App Stores, and then turn on Automatic Downloads for App Updates);

• for desktop operating systems, make sure you have automatic updates configured (e.g. in Windows 8, go to Settings then Change PC Settings, then Update & Recovery to choose how updates get installed);

• if you’re running anti-virus software then make sure it is always updated (as the software can only protect against viruses it knows about);

• and it’s never a bad idea to go to your application menus and manually Check for Updates every week or two (especially for browsers, which are a common area for vulnerabilities).

Google-Announced Windows Vulnerability Exploited In-The-Wild, According to Microsoft

A recent zero-day vulnerability in Windows operating systems has been discovered and announced by Google researchers, affecting Windows Vista through Windows 10 Anniversary Update.

Although the company was given 7 days to patch the reported kernel privilege escalation vulnerability, Microsoft failed to release a patch in the allotted time. It did say, though, that it will become available by next Tuesday. Stating that it was irresponsible for Google to publish the zero-day before a patch was available, Microsoft has also said in-the-wild attacks are already exploiting it.

“The Windows vulnerability is a local privilege escalation in the Windows kernel that can be used as a security sandbox escape. It can be triggered via the win32k.sys system call NtSetWindowLongPtr() for the index GWLP_ID on a window handle with GWL_STYLE set to WS_CHILD. Chrome’s sandbox blocks win32k.sys system calls using the Win32k lockdown mitigation on Windows 10, which prevents exploitation of this sandbox escape vulnerability,” reads the Google Security Blog.

The spear-phishing campaign used to leverage the zero-day vulnerability is believed to have been conducted by hacker group Strontium, also known as Pawn Storm, APT28, Fancy Bear, Sednit, Sofacy and Tsar Team. Although the team suggests it was a “low-volume” campaign, it’s unclear how many victims could have been targeted.

Why Data Backup is needed now more than ever for Small Business

A recent survey of 400 employees, sponsored by CloudBerry Lab, Inc., reveals that more than one-third of small enterprises may have no data backup at all.

While 36 percent of the 400 respondents said they kept complete backups of their key business information, exactly the same percentage of respondents have no backups whatsoever. About 27 percent also said they had lost business data “several” or “many” times.

“In spite of a few bright spots, we have to give enterprises an overall grade of C in the area of backup. In our view, the increasing threat landscape will cause that grade to drop, unless organizations begin reconsidering their strategies,” said Alexander Negrash, Director of Marketing for CloudBerry. “There are newer, more modern options available, making the best backup processes available to even the most resource-constrained companies.”

Extra Copies, Extra Confidence

Having an extra copy of anything important just makes good sense. Here are some suggestions on how taking action now to protect your important data will pay off in the future.

First, there are three different forms of backup:

A full backup includes a copy of everything on the computer.

Differential backups only make copies of the files that have changed since your last full backup.

Incremental backups only make copies of the files that have changed since your last backup (whether it was a full or an incremental backup).

A good backup creates duplicates of your information that can be put on any device, so long as it has sufficient space to handle the load of data. Since a backup system contains at least one copy of information worth saving, the data storage requirements can be different from case to case. Organizing the type and amount of storage space available and managing the backup process can be complex, depending on the size and scope of the project.

6 Ways to Protect Yourself from Hackers

Data breaches have become an almost predictable problem with banks, major retailers and other businesses around the world, including last month’s news that more than 500 million Yahoo accounts may have been compromised.

Properly protecting your personal information greatly reduces the risk of identity theft.

1. Stranger Danger

Be sure you know and trust whomever you might be giving your personal information to. Never respond to blind requests for information over the Internet. Do not open emails or attachments from unknown sources and do not download anything from anybody you do not know.

2. Use Different Passwords for Different Accounts

According to a Gartner study, more than 50% of online visitors use the same password for multiple accounts. As a result, if a criminal discovers the login and password for one account, such as Yahoo, they can then gain access to other accounts with the same login information. This is the easiest way for a hacker to gain access to online bank accounts, healthcare information and other online accounts that carry personal and identity information.

This form of hack is called “credential stuffing.” Not only is credential stuffing the easiest form of hack for a criminal to execute, it is also the easiest hack to protect yourself from—simply use different login information for each online account you manage. It is helpful to use a password management program. Many programs are available to manage your different logins, such as 1Password and others.

Inside Your Slow Hard Drive: Why I Can’t Drive 55

Like people, hard drives tend to slow down as they get older. Their parts get worn out. They can’t think quite as quickly. But what makes your hard drive slow down? Rarely is the spindle motor that spins your hard disk platters the culprit. Your hard disk platters still comfortably spin at their designated speed (usually 5,400 or 7,200 RPM). No, what makes your hard drive slower are usually its read/write heads.

Hard drive performance decreases with age, especially as the drive fills up and the data on it becomes more spread out across the disks. The more data you have, and the more spread-out it is, the harder your read/write heads have to work and the longer they have to search to find it. Not only does this lead to increased latency and seek times, but it also puts increased stress on your read/write heads. The headstack is already the most delicate of your hard drive’s internal components.

If you’ve ever wondered why defragmenting your hard drive is so important (and why it speeds your computer up), it’s because the data you write to your drive is rarely contiguous. That is, every block that makes up a file you create doesn’t necessarily exist end-to-end on the same track on your hard disk platter, or even on the same surfaces of the platter. Sometimes, the hard drive has to shuffle data around as part of its normal operation. This makes the read/write heads travel farther and take longer to read data. Defragmenting, as its name suggests, reorganizes your data to make things a little easier for your read/write heads.

But sooner or later, those read/write heads wear out. Eventually, like the client in this unresponsive hard drive recovery case, your drive will slow down and die as its headstack deteriorates.

USB Data Recovery Case Study: A Cautionary Tale

When you too hastily eject your USB flash drive and your PC won’t recognize it anymore, which part of the drive has failed?

Mechanically, your flash drive is still fine. The USB plug itself still works, the PCB hasn’t shorted out, and the controller chip and flash memory chip are still healthy. What has failed is the logical structure of the flash drive.

When you access a data storage device, be it an internal or external hard drive or SSD or a USB flash drive, your computer follows a chain of machine logic to reach the physical location of your data. If a part of that logical chain breaks down, your computer becomes a blind man in a dark room trying to find a black cat.

Safely Remove Hardware and Eject MediaRemoving a USB flash drive without properly ejecting it from your computer first can break one or more links in the logical chain. Your computer might be in the middle of a read or write operation, even if you don’t know it. If you’d tried to eject the device properly, your computer would say, “Hey, hold on! I’m not done with that!” and you’d know to wait and then try again. Interrupting the computer can cause data corruption that breaks the device’s logical chain. It’s a bit like yanking a sandwich out of someone’s hands in mid-bite.

When you unsafely eject a removable storage device, the most at-risk link in this logical chain is the partition table. This link in the chain points to the locations of the device’s partition superblocks, which go on to further describe the setup of the drive’s filesystem and its partitions. Most external devices, especially USB flash drives, only have a single partition. Improperly ejecting your flash drive doesn’t always corrupt the partition table. But when it does, it makes your device appear blank. Without that partition table, your computer doesn’t know how to read any of the data you’ve put on the drive.