First Computer Services

Winston-Salem, NC

Beware of Ransomware

By Tom Brown, Owner
First Computer Services

For several years now, unethical people and organizations have been using various methods of trying to extort people out of money that they don’t need to spend. Most of us have probably seen a window that pops up claiming that there are problems with your computer and demanding that you call a certain toll-free number to get it resolved.  Sometimes it’s an unsolicited telephone call from someone with a strange accent claiming to be from “Windows Support” or from “Microsoft.”

Please understand that Microsoft doesn’t call you. And if you feel that you need to talk to Microsoft about a problem you’re experiencing with your Windows computer, just hold that thought. Microsoft probably won’t fix your particular problem, and they won’t offer you any support without a significant fee. Don’t search for “Microsoft’s phone number;” you will just get a list of phone numbers that the scammers are hoping you will call so they can get you to let them into your computer and into your wallet.

“Scareware,” as I have said, has been around for years. But true “Ransomware” is a whole different ballgame. Open the wrong email attachment, visit the wrong website, click on the wrong ad, and you could be a victim. This malware actually spreads through your computer–and your whole network, if you have one–and encrypts all of your data. You will never have access to your data without paying the ransom.

This article provides further information, what to look for, and how to avoid being a victim. But the most important lesson to take away from this is to back up your system(s) thoroughly and often!  If you’re a victim of Ransomware, you will need all those backups.

Google Tweaks Mobile Search

Beginning today, if you use Google to search the web from your tablet or smartphone, the results will emphasize web results that serve up “mobile-friendly” sites. For the end-user who is searching for something that will be easily understood, this feature could save a lot of time.

Webmasters can benefit from Google’s Tips for designing a mobile-friendly website. If you manage a website and would like to see how mobile-friendly it is, you can use Google’s Mobile-Friendly Test to find out.



Your Email Got Hacked?

Q:  Someone a long time ago told me to put AAAAA as an email address at the top of my email list and that they couldn’t hack your email. I have done that for years, and so far it has worked.

Many years ago, in Africa, it was discovered that if there was a total eclipse of the sun, the beating of bongo drums would eventually cause the sun to come back out. In modern times further research has determined that the sun will come back even if you don’t beat bongo drums.

Your email has not been hacked because you are lucky, or doing something else right. Most commonly, you discover that your email has been hacked when your friends start to tell you that you are sending them very strange messages–either spam (Unsolicited Commercial Email, or UCE) or some other nonsense that you would not have written. In that case, what has most likely happened is that a “brute force” attack has succeeded in guessing your password.

If you have an email address, and use email, the global Domain Name System allows anyone to determine the Internet servers that handle your email. Once a hacker knows your password, he can then send out tens of thousands of UCE messages to other email addresses all over the world. Each of those messages will actually be FROM you, because the hacker has authenticated to your email server using your credentials.

The best protection you can provide for yourself is to use a strong password (at least a combination of numbers and lower/uppercase letters) that is long enough (10-12 characters) to make it very difficult to guess–even for a brute-force attack program. If that fails, you should immediately change your password again. Never write down a password (spend a few hours memorizing it), and don’t tell anyone what it is.

Another good strategy is to send and receive your email using an encrypted connection (Gmail makes this easy). If you aren’t using SSL to encrypt your email connections, your username and password are passed over the Internet in plain text, and anyone who can see that traffic can easily decode your password. Ask your email provider how to set up SSL encryption in your browser or email client (e.g. Outlook) settings.

Should I Disable Javascript?

Q: I saw on Fox News that you should uninstall JAVASCRIPT because people can hack your computer and steal all of your information.

Javascipt and Java are two different things. Javascript is used in HTML code and is supported by all web browsers. The majority of websites on the Internet depend on Javascript for a rich browsing experience. All web-browser vendors have worked to make javascript extremely powerful, feature-rich, and secure.

Java is a programming language that is used to produce applications. Java was invented by Sun Microsystems, and is now owned and “supported” by Oracle Corporation which, frankly, bought Sun Microsystems in order to corner certain markets, is in business primarily to promote the Oracle enterprise database platform, and uses high margins on its expensive software to make money. Making money is Oracle’s main goal. Oracle has done a very substandard job of supporting free or open-source software that it “acquired” when it bought Sun Microsystems. OpenOffice (which Sun developed) failed to make progress under Oracle’s “leadership,” and the OpenOffice developers were fired by Oracle when they formed an international organization called the The Open Document Foundation (ODF). OpenOffice was more or less given to the Apache Foundation, but the ODF’s LibreOffice product–which is a highly-functional free alternative to Microsoft Office–has gained global acceptance and is very actively developed and supported.

Oracle’s inadequate oversight of the Java language and its failure to address security issues with the browser plugins that support things like “Java-based chat rooms” have indeed made it very risky to run Java “applets” in a web browser. I recommend that Java (which, on Windows, should be found in “Add and Remove Programs” or in the “Programs and Features” control-panel programs of Windows XP, Vista, and Windows 7) be completely uninstalled. The vast majority of websites do not need Java in order to provide a full-featured experience, and those few websites that do use Java applets should be redesigned in favor of more secure replacements.

You can disable the Java plugin on all browsers, although with the various versions of Microsoft’s Internet Explorer it is not easy to find the option to do so. The simplest and most secure browser on all versions of Windows today is–in my opinion–Google Chrome. Chrome will alert you if you access a site (such as “Java-based” chatrooms) that require the Java plugin and give you the option of using the plugin just on that site. If I trust a site completely, I would allow the plugin to run. Furthermore, the “Extensions” settings of Chrome will allow you to keep the Java plugin installed but disable or enable it as needed. “Disabled” is the preferred setting.

Disabling “javascript” does not in any way protect you against the dangers of the Java browser plugin.

In some form, the Java language will live on for many purposes. Java powers spacecraft, smartphones, and kitchen appliances. Even some automobiles can be found to be running Java software. The beauty of Java–as originally envisioned by Sun Microsystems–is that it is a powerful language that can be coded and complied once, and the resulting application program can be run on a vast array of operating platforms. Whether Oracle Corporation will choose to continue owning and supporting the Java language–and do a worthy job of doing so–remains to be seen.

Tom Brown, Owner
First Computer Services

Gordon Hopper

By Tom Brown

The people you meet–that’s got to be one of the most rewarding benefits of running any business. For example, a few years ago, I met Gordon Hopper at a local retirement community where he had taken up residence. The task was to set up his new computer and printer, Internet access, and get him started with his system. After all was working properly, Gordon sat down in front of his Internet browser and asked, “How can I find out about something?”

Back to Gordon in a moment. I have always been intrigued by submarines, especially the role they played in World War II in both the Atlantic and Pacific theaters of combat. One of my favorite movies is “Run Silent, Run Deep,” adapted from a novel of the same name, in which Clark Gable gave one of his final cinematic performances. So it was no accident that many years ago, when the company I was working for at the time sent me for a week of training in San Francisco, I took time to visit Fisherman’s Wharf and tour the Pampanito, one of the last surviving submarines from WWII.

PampanitoNow back to Gordon. We had set up Google as his preferred search engine, so I just suggested that he click in the address bar of his browser and start typing some key words pertaining to what he wanted to read about. As I watched, he typed the letters “P-a-m-p-a-n-i-t-o.” Long-ago memories came to me and I remarked, “Pampanito? I have been on board the Pampanito!”

Gordon replied, “So have I. I lived in her for four years.”

This remarkable man had been on Pampanito’s crew during the entirety of her six war patrols in the Pacific during WWII.

In the months and years since, I met and talked with Gordon several times and would like to think that we became rather good friends. He was one of many thousands who made the great sacrifice of going to war for his country at a turning point in history. Like one of many thousands, he returned to pick up his civilian life, pursue a successful career, raise a family, and become a blessing to the rest of us with his knowledge, wit, wisdom, and kindness. Unlike many other thousands of his comrades in battle, he had to grow old.

Gordon’s name (misspelled) appears on this page, which details Pampanito’s third war patrol. You can find links there to historic photographs–and even some silent motion-picture footage–of that patrol.

Yesterday, Gordon Hopper passed away. I will miss him. You should, too.

Home Tech Ripoff Alert

For all of you DirecTV fans / customers:

If you have a problem with your DirecTV dish, receiver, or (basically) anything, they will send out a technician. However, there will be a significant fee for the service call.

If your DirecTV receiver and/or DVR malfunctions and has to be replaced, DirecTV will be happy to ship you a replacement. You have to pay the freight. The freight is around $25.

You can avoid all of the above unexpected fees by purchasing the DirecTV “Protection Plan,” which will add around $6 to your monthly bill. Whether you need / use it or not. If you use it (in our experience, anyway) it will take about 5 business days to convince customer service to either (1) dispatch a technician or (2) ship a replacement DVR. The replacement will be older than your original equipment, may very well lack functionality you have become used to, and may or may not work.

If you cancel your DirecTV service and have had your DirecTV “Protection Plan” for less than one year, DirecTV will charge you a $10 Early Termination Fee because you are canceling your “Protection Plan” as well as your DirecTV service.

Other fees and/or charges may apply. Read the (extremely small) fine print on your contract for details.

Just FYI.

Just Throw It Away

Believe it or not, this is one of the most common questions we receive in the web-hosting area of our business. The answer to the question is: Just throw it away.

Everybody is used to receiving spam in email, and junk mail from the post office. Mail from Domain Registry of AmericaThis is spam from the post office. I actually received this in today’s mail, but I receive these multiple times per year, despite having complained directly to the sender. Let’s look a little closer at the return address:

You would think that the U.S. Government itself had sent this to you!

Inside the envelope you will find what looks very much like an invoice. If you read closely, however, you will see that it is just an offer to transfer the domain name registration for a domain that isn’t going to expire for several months. I received this particular one because I am the Administrative Contact for the domain in question. The problem is, the Registrant (who is a client of mine) will also receive one of these “invoices.” Either one of us might happily pay this invoice, but if we did we would be initiating the process of giving the “Domain Registry of America” at least $30. In return, they would initiate a Transfer of Registrar from wherever the domain is currently registered (Verisign, GoDaddy,, or wherever) to the “Domain Registry of America.” For various reasons which I won’t take the time to explain here, that transfer is never likely to succeed. Nor are you likely to ever see that $30 again.

In a day or two I will receive an inquiry from my customer asking, “Do I need to pay this?” The short answer is “No.” The long answer is “Just throw it away.” That’s all you need to know about this one.