Category Archives: Things that are bad

What is a vulnerability?

A vulnerability is a weakness or gap in a system’s security that can be exploited by an attacker to gain unauthorized access or perform malicious actions. It can refer to a flaw in software, hardware, or a combination of both, that can be exploited to compromise the confidentiality, integrity, or availability of a system or its data. Vulnerabilities can be discovered through various means such as penetration testing, code reviews, or by being reported by external parties.

(Ed: written by ChatGPT; verified by jrivett.)

What is a DoS attack?

A Denial of Service (DoS) attack is a type of cyber attack in which the attacker attempts to make a network resource or website unavailable to users by overwhelming it with a flood of traffic or requests. This can be accomplished by using multiple computers or devices to send a large amount of traffic to the targeted resource, or by exploiting vulnerabilities in the software or hardware running the resource. The goal of a DoS attack is to disrupt normal traffic and make the targeted resource unavailable to legitimate users.

(Ed: written by ChatGPT; verified by jrivett.)

What is a computer trojan?

A Trojan, or Trojan horse, is a type of malware that is disguised as legitimate software. It is called a Trojan because it typically presents itself as something harmless, like a game or utility program, but once executed, it can perform malicious actions on the infected computer. These actions can include stealing sensitive information, downloading and installing other malware, or allowing unauthorized remote access to the computer. Trojans are often distributed through email attachments, instant messaging, and social media, and they can be very difficult to detect and remove.

(Editor’s note: I’m going to keep posting these definitions as long as ChatGPT is able to generate accurate and useful text. I have no plans to allow ChatGPT to take over all of my writing duties.)

What is malware?

Malware, short for malicious software, is any software designed to harm or exploit a computer system. There are many different types of malware, including viruses, worms, Trojans, ransomware, adware, and spyware. Malware can be spread through email attachments, malicious links, infected websites, and other means. It can be used to steal sensitive information, such as login credentials and financial data, disrupt or damage computer systems, and perform other malicious activities. Protecting against malware involves keeping your operating system and antivirus software up to date, being cautious about the emails and links that you open, and avoiding downloading software from untrusted sources.

(Editor’s note: this post was written by ChatGPT, and its veracity checked by me, the human person who runs this site.)

What is ransomware?

Ransomware is a type of malicious software designed to block access to a computer system until a sum of money is paid. When the ransomware is installed on a device, it encrypts the files on the device and displays a message that demands payment in exchange for the decryption key that is needed to unlock the files. Ransomware attacks can be particularly damaging to individuals and businesses because they can disrupt access to important data and systems, and they can be costly to remedy. It is important to protect your devices and systems from ransomware by keeping your software and antivirus programs up to date and being careful about the emails and links that you open.

(Editor’s note: in case you hadn’t noticed, this is another guest post from ChatGPT. I’m going to keep posting these, but they will always be clearly labeled as ChatGPT’s work. You can play around with the chatbot yourself, but you’ll need to create an OpenAI account first.)

What is phishing?

Phishing is a type of cyber attack that involves the use of fraudulent emails or websites that appear to be legitimate in order to trick people into revealing sensitive information such as passwords, credit card numbers, and account login details. These attacks often use social engineering techniques to manipulate people into taking action, such as clicking on a malicious link or opening an attachment. Phishing attacks can be difficult to identify because they are designed to look legitimate and can be highly targeted, making them a common and effective method used by cybercriminals to steal sensitive information.

(Editor’s note: This is a guest post by ChatGPT, a chatbot launched by OpenAI in November 2022. I asked it the question “What is phishing?”, and it generated the text above. I verified the response as accurate.)

Also see Phishing – What is it? on the Opera web site. Ars Technica has a post about a particularly nasty phishing web site.

Dark Mode Rant

What you see above is what I see after a few seconds of viewing a web site in ‘dark mode’.

Web sites are traditionally shown with dark text on a light background. Which is reminiscent of something… (checks notes)… that’s right, books! Why change something that’s worked fine for literally millennia? Apparently because a lot of people think light text on a dark background looks cool. And, to be fair, some people claim that using dark view is easier on their eyes.

So now we have a ton of web sites, apps, and other assorted crap showing up on our computer screens that is almost entirely illegible to a large proportion of the population (well, me for sure, and I’m guessing I’m not the only one).

When I look at white text on a dark background, after about five seconds, all the lines start to blur together (see image above), and I’m unable to continue. If I persist, I just end up with a headache. For the record, I’ve had my eyes checked, and aside from needing to update the prescription for my reading glasses, my eyes are fine.

Here are a couple of links to web sites that default to dark mode:

A request to web designers and developers: if you can’t resist making your web site dark mode by default, please, please at least provide some method for viewing it in light mode.

Some browsers have built-in features that allow viewing dark sites in light mode. But they’re inconsistent. Firefox has Reader View, which reformats a web page to show it like a book, with less clutter and — more importantly — dark text on a light background. Sadly, the Reader View button, which normally appears at the right end of the address bar, doesn’t always show up. That’s apparently because it’s only able to handle individual posts/articles, not other types of pages.

There are many Firefox plugins for showing web pages in dark mode, but initially I wasn’t able to find one that does the opposite. I had been struggling with a plugin called Dark Reader, which sort of worked, but only with a lot of fiddling, presumably because it was designed to do the opposite of what I want.

Recently, however, I discovered a Firefox plugin called Tranquility Reader. This one does exactly what I want, forcing page text to black and page background to white. So far, it’s worked perfectly on every page I’ve tried.

When installed in Firefox, Tranquility Reader adds an icon to Firefox’s toolbar. Click it once to view the current page as black text on a white background. Click it again to go back to the page’s default colour scheme. Simple!

If you ever find yourself struggling to read dark mode web pages, try Firefox with Tranquility Reader. It may save you from a headache or two.

Related:

Some VPN services should be avoided

People use VPNs (Virtual Private Networks) for lots of reasons, both legitimate and… less so. They are commonly required for remote access to workplace computers by employees. They are used by people who do their banking from public WiFi networks. They are used by people who can’t afford to pay for dozens of streaming and cable services and instead rely on still-considered-illegal downloads of copyrighted media. And some people use VPNs to get around ridiculous regional limitations on access to streaming media.

I myself fit into at least two of those general categories of VPN users. I won’t say which.

Because people want (and rightly feel they deserve) access to their culture, and because Big Media is willing to go after absolutely anyone who dares to defy their stranglehold on culture, savvy media consumers rely on VPNs to avoid costly (and absurd) lawsuits.

But sadly, some VPN services exist only to fleece gullible consumers. There are numerous ways in which a VPN provider can cause problems for its customers:

  • Faulty service can leave the customer’s activity exposed.
  • Logging customer activity, and being willing to provide those logs to Big Media’s law enforcement lackeys, essentially renders a VPN service pointless.
  • Requiring installation of software that is then used by the VPN provider to route other customer traffic through the customer’s computer is just a horrible idea.
  • Selling customer information to anyone who wants it.
  • Poor security can lead to customer data being exposed.

Recently, a group of VPN providers, all owned and operated by one company in Hong Kong, was discovered to be doing many of the problematic things listed above. Needless to say, all of these VPN providers should be avoided:

  • UFO VPN
  • FAST VPN
  • FREE VPN
  • SUPER VPN
  • Flash VPN
  • Secure VPN
  • Rabbit VPN

In general, VPN services should be carefully researched before using them. There are numerous VPN rating sites on the web, but many of them are maintained by the VPN providers themselves, and not to be trusted. TorrentFreak’s “Which VPN Providers Really Take Privacy Seriously” series is both trustworthy and comprehensive, and focuses on investigating the privacy claims of VPN providers.

There’s also a growing chorus of voices encouraging people to reconsider their reliance on VPN services for privacy, arguing that the way most of these services work provides little actual privacy for their customers. Techdirt has more along those lines.

There’s more on the welivesecurity site.

Brian Krebs recently investigated the extremely shady proxy service provider Microleaves (currently being rebranded as ‘Shifter.io’). This service uses a huge network of computers runing their software, often installed without the knowledge of their owners.

Fake malware warning scams

A recent example of a full-screen browser window that appears to be a serious malware alert.

Web sites that make their money from advertising usually subscribe to one or more advertising providers, such as Google Adsense. There are many others, including some that push ads that are really just scams.

One popular type of scam ad takes the form of a malware warning, presented to the unsuspecting user in a full-screen web page that seems to lock out the user completely. The example above (provided recently by a client) appears to be from Microsoft, generated by Windows anti-malware software, and it includes what is supposedly a Microsoft phone number.

In reality, this is just a web page, generated by Javascript from an advertisement on a shady web site. The full screen effect is produced by your web browser’s built-in full-screen view feature, triggered by the ad. These messages are not reporting the presence of malware; they are intended to scare you into calling a phone number. Messages of this type are categorized as ‘scareware‘.

A Google search for the phone number in the example above shows that it’s definitely associated with support scams.

These fake alerts vary in appearance and quality. Some are more convincing than others. Many are based on real malware warnings. You can see other examples by searching Google Images for ‘fake malware warning’.

It’s important to understand that legitimate anti-malware software won’t ‘lock’ your computer when it detects malware, and it won’t insist that you call a phone number.

If you see one of these scary-looking screens, don’t panic. Obviously, don’t call the phone number shown on the screen. Nothing good will come from that. Try pressing the F11 key on your keyboard. This is the near-universal key that toggles full screen view in web browsers. If it is just a web page, pressing F11 will reveal your web browser’s user interface, and you should regain your bearings immediately. Close the tab, and/or close the browser.

Also, please reconsider visting any web site that’s operated by people who care so little for visitors that they are willing to inflict this kind of dangerous garbage on them, albeit indirectly.

More useful information about this from the Safety Detectives site.

Cisco Immunet anti-malware software

In brief: stay away from this software.

I’m always interested in evaluating anti-malware/antivirus software, especially when it claims to be ‘lightweight’. All too often, anti-malware software that’s configured to run in the background has a very noticeable effect on performance.

So I installed Cisco’s Immunet on my main Windows computer. About ten minutes later, I removed it.

The user interface is horrible, seeming more like a first-time coder might have produced it, rather than an organization with the resources of Cisco.

I was very careful to configure Immunet before I ran any scans. In particular, I configured it to ask me before quarantining any files. Imagine my surprise when on its initial scan, it went ahead and quarantined three executables, none of which were actually malware.

Of the three quarantined files, I was able to use Immunet to restore one. The others were irretrievable, and I had to reinstall the associated software. For one of them, I lost its settings as well.

Normally I would persist with an evaluation like this, to give it a thorough test. But really, having suffered this much in such a short space of time, why bother?

This is crappy software. Avoid at all costs.