This Account Was Recently Infected! Email Extortion Scam
I recently got an email purportedly from my own account that began with “This Account Was Recently Infected!’ The full email is shown as an image below with the text in the description tag of the image reference. The text was contained in an an image file and since it spoofed my own account, my email client displayed the image. Concerned that my account had been hacked, I looked at the email source, and discovered that it was just a spoofed email originating from a server in Japan. I Googled the first sentence and found many hits for descriptions of the email scam and one that suggested reporting to the FBI.
Because it included a Bitcoin wallet ID, I decided to go ahead and report to the FBI. Finding the right site is not a trivial task, but I did end up filing a report.
Image of Email Extortion Text
The extortion email was presented as an image, which allowed it to get past SpamAssassin and the spam filtering in Thunderbird. It also made it impossible to cut and paste the Bitcoin wallet ID into the FBI report.
Headers from the Extortion Email
In most email clients, you can view the source of the email which will give you information on where the email may have originated. In this case, the header shows that the email started out in
intercom-45-29.pro which does not point to anything in DNSLytics, but
intercom.pro does point to Russian ownership. From the first server, it went to
max-luomo.com which is registered with a Japanese domain registrar. In any case, it is clear that the sender did not compromise my email account or server.
This is a hoax and a scam. Sadly, it is a part of life today.
- Written by Bruce Moore
- Hits: 2166
Ten Software Packages for a New Computer
A friend recently bought a new computer to replace an aging Windows 7 machine, and asked what software I though he should load. It was easy to come up with a short list of programs that would satisfy the basic needs of most people. This list is heavily weighted to open source software and to programs that run on both Windows and OS X, there really are not any sacrifices to be made.
The easiest recommendation is for LibreOffice, an open source office package for word processing, spreadsheet, presentation, graphic design and light database work. It can read and write files in Microsoft Office formats, though because MS Office uses copyrighted fonts, the look will not be identical. Unless you need exchange a lot of business documents with other MS Office users, this will meet your office software needs.
Most people should have a couple of different browsers installed, as some web sites do not work with all browsers, and some browsers are not very good about privacy. I generally use one browser for sites where I am logged in and need to keep session cookies (Chrome), and another (Firefox) where I delete cookies and all history when I close the browser.
Firefox is generally the best browser for those who are security and privacy conscious. The default settings are pretty tight by changing the default search to DuckDuckGo, you can have a much more privacy than with Chrome or Internet Explorer with default settings.
Chrome is the most popular browser and has the fewest compatibility issues at this point in time, but the default settings are not very good from a privacy perspective. With default settings, Google will know pretty much everywhere you go and what you do.
Chromium is an open source distribution of Chrome, but with somewhat better default privacy settings.
Vivaldi is a browser that was developed and released by some of the team that originally developed Opera. Although I used Opera a lot, I have stopped since it was acquired by a Chinese firm. I am just less comfortable about privacy and security with software from Chinese companies, especially after what happened to StartCom after it was acquired by WoSign.
Good security today requires a that you never reuse a password, and this in turn requires that you use a password manager. There are many good candidates; here are a few that I have used.
Keepass is an open source password manager that is available on all major platforms. It does not provide cloud capability, which can be a plus or a minus depending upon your security philosophy; personally, I think lack of cloud capability is a plus as it requires a compromise of your machine to get access to the file and potentially to a key file that you can keep on a flash drive.
This is a popular option for OS X.
An old-fashioned desktop email client is still a necessity for times when you want to work with email but are not connected to the Internet. Thunderbird is open source and has some key features that are hard to find:
- Google addressbook synchronization (via a plugin)
- Google calendar synchronization (via a plugin)
- S/MIME email encryption and authentication (via a plugin)
- PGP email encryption and authentication (via a plugin)
- Integration with major CRM software to keep email attached to customers (via plugins)
- Tools for sending large attachments via a secure cloud-storage link (via plugins). This is really helpful when you need to send attachments that are larger than the receiver's attachment size limit.
- Powerful filters and rules for deleting/forwarding/handling mail based upon the contents and senders.
The only think it does not do is provide a multi-line display like the one in the Apple mail client.
Both Windows and OS X have built-in photo library managers, but if you want to retain the ability to move between operating systems, you may want to consider using DigiKam, an open source photo library manager. DigiKam is perhaps more complex, but it provides more control for facial recognition, file formats and a variety of other things.
It is really handy to have a messaging app that works on your phone, tablet and desktop and that provides end-to-end security. There are many candidates, but here are two that are widely used.
Signal is one of the most secure messaging systems and is now one of the most convenient with a desktop application. It is moderately widely used but is slowly growing in popularity.
Google Hangouts is no longer a stand-alone application, but is instead a browser extension for Chrome. It is available to anyone who has a Gmail account.
Adobe Acrobat Reader
You will need something to read PDF files. Though there are clients that are better, it is always handy to have Acrobat installed.
If you use Google Authenticator for two-factor authentication, you will probably want to have a client on your desktop. This is an area where trust in the application provider is paramount; you will probably want to use one from the Microsoft, Apple or Google Stores respectively.
Microsoft Windows– Oracle Authenticator
Of all of the authenticators in the Microsoft Store, the Oracle product appeared to be the most trustworthy and easy to use. Microsoft has a authenticator in the Apple App Store, but only for phones and tablets. I cannot find one in the Microsoft Store.
Anyone who does work for a non-profit will need to write HTML for a blog post at some point, and for that you will need a simple HTML editor with syntax highlighting and spell checking. Advanced users will want more, but here some simple ones.
Bluefish is a very simple HTML editor with few bells and whistles, but it runs on Linux, Windows and OS X. It taks very little to figure it out.
Brackets is also a cross-platform editor like Bluefish, but has more options and capability than Bluefish.
Audacity for Audio Editing
Audacity is an audio file editor that will help you speed up or slow down audio without changing the pitch among other things. If you are doing video or podcast editing, this can be handly. It is cross-platform.
GRAMPS for Family History
Family history (or genealogy) is a growing hobby with many for-fee packages. If you are looking for something that is free or cross-platform to enable cooperation with people running lots of different systems, GRAMPS is a good open source alternative.
Network Caller ID
Robocalls are a constant annoyance today; Network Caller ID (NCID)can turn you computer (and modem) into an effective call logger and blocker. See Stopping Robocalls from Rachel at Cardholder Services for a longer description of NCID.
- Written by Bruce Moore
- Hits: 1622
What a difference 12 years makes. My first R-related conference was the 2007 UseR! at Iowa State University in Ames, Iowa. It was about 300 people and almost all attendees were from academia. Fast forward to the 2019 RStudio::conf, with 1700 people, almost all of whom are from industry. The UseR! conference now draws about 1000, the RFinance conference draws hundreds, and the BioConductoR conference draws large crowds. The constant theme over this decade has been documentation and reproducibility of research; in 2007, a pharma developed and put the MS Word version of sweave into the open source world because they needed a MS Word version and wanted to contribute. At the 2011 conference in Warwick, RStudio and IDEs that made the use of sweave and then knitr much easier. 2015 in Aalborg brought discussions of Docker and portability/archivability into the discussion.
Reproducible Research Continues to be a Theme
Reproducible research has been a theme in R for a decade, and the RStudio::conf 2019 continued the theme with workshops and conference sessions on Markdown and Bookdown among other reproducibility- and repeatability-related topics. I have continued to stick to LaTeX due to inertia and the early lack of citation capability in Markdown, but that has changed, and it is time to make the switch for new work. Many of the new books in R are being produced in Bookdown rather than LaTeX.
Garret Grolemund’s talk R Markdown: the Bigger Picture pointed out the scope of the repeatability and reproducibility problems in research today and how using Markdown can help in documenting what you did and how you did it.
Using R for Family Reunification
Although much of the RStudio::conf presentations were oriented to the RStudio products and open source packages, many were not. One of the most compelling was Brooke Watson presentation on using R to clean up the total garbage data provided by the U.S. Government on the locations of children and parents who were separated at the border. Regardless of politics, it is clear that the government was unprepared for this policy and did not (does not?) have procedures in place to keep track of kids and their parents who have been separated.
RStudio Package Stickers Continue to be a Hit
The RStudio package stickers were a major hit in Brussels, and continue to be a big hit at R conferences. This has to be one of the best marketing ideas I have ever seen. Whenever they put out a new batch of stickers, there was always a scrum as people searched for ones that they didn’t have.
R and Data Science are No Longer PhD Things
The Education track on the last day was poorly attended, but I think in many ways it was perhaps the most important for understanding the future, the future of R and the future of Data Science. Mary Rudis (@mrshrbrmstr) spoke on teaching R at the community college level and on improving data literacy in the general population. Her presentation talked about certificate programs that do not require a prior bachelor’s degree. Her presentation was followed by Carl Howe’s (@cdhowe) presentation on Teaching the Next Million R Users. Carl is RStudio’s Director of Education or something like that and it is clear that RStudio is looking not just at the professional Data Scientist, but at increasing data literacy in the general population.
Panel Discussion of Data Science as a Career
The conference concluded with a panel discussion that was effectively how to manage a career in Data Science. It has a lot of useful information, but failed to talk about how to survive being the messenger in “shoot the messenger,” which all Data Scientists need to know how to do. How I would answer that question will be the subject of a future blog post.
Knitting is Making a Comeback
When I was a kid, my mom knitted all of the time–it was the major form of her gift giving, and I still have most of the sweaters from my late teen and college years that theoretically still fit. Mom was quite proficient and could do intricate patterns while carrying on a spirited conversation, though if the conversation was too spirited, she might have to rip out a row and re-do it. During the education track on the last day, the woman in front of me did a major portion of a child’s sock during the session. It was pretty cool.
- Written by Bruce Moore
- Hits: 1607
Upgrading Joomla to PHP 7.3
PHP 7.3 was released in December of 2018 at about the same time that PHP 7.1 moved to support for security fixes only; PHP 7.2 is the primary release, but 7.3 offers some incremental improvements. PHP 7 was claimed to be about a 2X performance improvement over PHP 5.6, and each release of the 7 series claims performance of 5-20% better than the previous release. CPanel announced that EasyApache 4 added PHP 7.3 in December, so I decided that three months was enough time for many of the problems to be worked out and took the plunge on moving to 7.3; it went fairly easily.
If you are still on PHP 5.6, or on a Joomla release prior to 3.9, you should probably look at Upgrading to Joomla 3.8, 3.9, 3.10 and 4.0 before reading this article.
As always, make sure that you have backups before beginning any system level work.
Upgrade Joomla Extensions, and Joomla
As always for a PHP upgrade, make sure that both Joomla and all extensions are current and that you are on the current release of Joomla.
Add PHP 7.3 in CPanel
If you have a VPS, you will need to log in to Web Hosting Manager and add PHP 7.3 in EasyApache. It will prompt you to include the PHP packages that are used in the other versions of PHP; say “yes” unless you know that you no longer need some of the packages.
If you do not have a VPS, PHP 7.3 may be available in the Multi-PHP settings within CPanel. If not, call your web hosting technical support to make sure that it is added. This will probably take a day or two, and may be much longer.
In WHM, Update PHP Configuration
You will need to update the PHP configuration so that it matches the settings for your working PHP 7.1 or 7.2:
- Make sure that the maximum file upload and post size are increased, otherwise you will not be able to upload many Joomla extensions.
- Depending upon your site and the defaults, you may need to increase the default memory. Some sites of mine that were fine on 32M in PHP 7.2 required an increase in PHP 7.3.
- Update the php.ini setting for
disable_functionsto disable at least
"show_source, system, shell_exec, passthru, exec, phpinfo, popen, proc_open, ini_set". The CPanel security audit will complain if you do not.
Turn on Error Messages in Joomla
If everything goes perfectly, you will not need error messages, but it will be easier if you turn this on before switching over the first time. If you do not turn it on now, you will have to log in to Joomla each time you switch PHP versions (assuming you are using PHP sessions for performance).
In WHM, Switch to PHP 7.3
Once you have done all the prep work, switch to PHP 7.3 and test everything on your site. If you have extensions for managing photo galleries, make sure to test these; some of them are dependent upon PHP modules that are not installed by default.
Turn off Error Messages in Joomla
Once you are done, make sure to turn error messages off in Joomla. You will probably still get a number of warning messages, but no fatal messages.
If you are current on Joomla maintenance and have already switched to PHP 7.1 or 7.2, moving to 7.3 should be a relatively painless. The most likely problem area will be forgetting to change a memory settings.
- Written by Bruce Moore
- Hits: 3580
Choosing a DNS Server
For several years, I have used the Norton domain name server (DNS) servers as a way to avoid known phishing and malware websites. Unfortunately, Norton discontinued this service earlier this year so I had to look for new DNS servers, as I have been unable to find information on the security approach of the servers provided by my ISP. I also do not like the idea of my ISP selling my DNS lookup information to the highest bidder.
While using my ISP’s DNS servers while I looked around, I discovered that the Norton servers had become really slow, and that browsing performance was much better using a faster DNS server. In looking for DNS benchmarking software, I found NameBench which is available as on Windows via Cygwin and on OS X via MacPorts.
The first run using NameBench was to compare two local caching DNS servers built in to routers, and to compare OpenDNS with Google DNS servers. Figure 1 shows that configuring a caching nameserver on you local router makes a HUGE difference; if your router does not offer this feature, get one that does.
After looking at the importance of a caching DNS server, it is then worth comparing the performance of other public DNS servers, as shown in Figure 2. For this test, I used only DNS servers that do not appear to track requests; this is why the Google DNS servers were excluded from this test.
The sections that follow describe installing NameBench and a review of some of the open name servers available. NameBench is relatively old and appears to have some Python 2.7 dependencies that may present problems in some environments.
Installing Namebench is easy if you have Cygwin or MacPorts installed, but difficult if you do not.
Installing NameBench on Ubuntu
To install NameBench on Ubuntu, use the command
sudo apt-get update sudo apt-get install namebench
It is that easy. Start it from the launcher.
Installing NameBench on OS X
On OS X, you will need to first install MacPorts, which is not trivial; if you do not have MacPorts installed, look for another DNS benchmarking tool. To install it use
sudo port selfupdate sudo port install namebench
Installing NameBench on Windows
NameBench is available under the Cygwin
Comparison of Selected Open DNS Services
Comodo is a security and SSL certificate provider that also provides an open DNS service with malware and phishing blocking. For my connection, it is slower than OpenDNS, but with DNS caching turned on in my router, this is not a big issue.
OpenDNS was one of the early non-ISP DNS services, and was purchased by Cisco in August, 2015. Although it offers adult content filtering free, getting malware and phishing filtering is a for-fee service.
Cloudflare is a non-tracking DNS service, and claims to be the fastest. It does not provide phishing and malware filtering.
Verisign is a well-known SSL certificate vendor that also offers DNS and other services. Verisign claims not to sell your DNS lookup data, but does not make any statements about blacklisting phishing and malware domains.
Google offers a fast public DNS service, but makes no statements disclaiming tracking, nor does it have blacklist for malware and phishing domains.
This article only gives a sampling of the options for domain name services. Before choosing a DNS service, make sure to test the performance at your location.
- Written by Bruce Moore
- Hits: 1610