Firefox Security Hole Is Why You Need An Adblocker And An Update

Windows:

  • When I clicked “Help” then “About Firefox” it immediately downloaded the patch.  
  • Click on the “Restart Firefox To Update Button”

Linux (Debian)

Assuming you have “real” Firefox installed and the sources in place.

  • Open Terminal as Root.
  • Smile because you have Root.
  • apt-get update
  • apt-get upgrade
  • Restart Firefox when you click on the button that appears.

Other Linux Distros will vary, of course.

Mac apparently does not have the problem.

What happened?  Hackers.  Simply put, a Hacker exploited a hole in Firefox so that advertisements could push some code onto your machine to take it over.

Now, this business about ad blockers.

I run one and I use it very aggressively. It is for this reason.  It is also that I truly hate being pandered to and watched.

The latest trend is to watch what you are doing via “tags”.  A 1 pixel “dot” of a picture will be pushed to your browser as an anchor for them to watch what you are doing.

The best thing for you to do is to run an ad blocker.  You tell it what to block, and yes, it gets very technical because you have to take responsibility to block these things.  For the most part, an ad blocker with (free) subscriptions will block most, but never all, of these nasties.

When you run an ad blocker you will also notice that your browser runs much faster since it isn’t trying to paint all those ads for all those products that you will never use.

Lets be honest, have you ever actually clicked on an ad intentionally?

Me neither.

Heck, I don’t even see youtube commercials because I run an ad blocker.

The easier one to use is Ad Block Plus.  It is controversial because they allow certain advertisers to pay *them* to be allowed past the blocker.  I would recommend this for basic users because unless you want to learn how to use it, it’s pretty simple.

The one I am using is called uBlock.  I’m still learning how to use it.  It removes the ads, but I haven’t figured out how to make it remove the blank space the ad created.

It’s up to you.  Ads and Hackers, or a better browsing experience.  I know what I chose.

Now, if you will excuse me, I have a browser to restart.

Getting Your SMS Texts Back on Android After Leaving the IPhone

This is something I usually don’t do.  A Reblog.

I’m doing it so I have the info later on and will have to repeat it.  Now you know why I have so many recipes on here – so I can bake and not have to go digging through the “Recipe Box of Doom”!

The backstory is that when Kevin went to The Isle Of Man, I borrowed a shiny old or “new to me” iPhone 4s for two weeks.  The reason is that iMessage on the iPhone will do what passes for an international text for free.  Google’s Hangouts works that way too.  But either way you have to have two people on the same hardware.  Either Android or iPhone – but not mixed.  Both systems are proprietary, and I believe that both will not play well with each other.

Since he had the loaner, I went off my beloved Samsung Galaxy S4 for two weeks.   I came back to the S4 because I use the phone like a computer and create content on it like pictures and videos mainly for my own entertainment and use here.   The camera on that iPhone has thankfully been improved in later versions, it was too saturated and too poor and grainy in low light situations.  The software was rubbish since HDR didn’t work well at all, but this is also iOS 6 when the current phones get iOS 8.

Got all that?

Anyway, here are the steps – and if you’re coming here and want the original, here is the direct link.  I have no pictures here since I followed the steps and it worked first time immediately.  The steps were beyond annoying when I got to iCloud since Apple wants you to stay on their services.  Removing the phone number from iCloud required hunting around in every nook and cranny of the site in order to delete the number from wherever you find it.

Steps:

1)  Before you leave your iPhone, turn off iMessage.  This is done by going into the Settings app, selecting Message, then flicking the slider to off on iMessage.

2)  Remove yourself from iCloud.  On the Mac, there is (or was) an iCloud app that you could do this from.  Since I am normally using Linux or Windows (in that order) I had to go to the website for iCloud.  Start on the settings link (icon) and go through every single aspect, link, and sublink on there.  If you see a phone number, delete it.  It also argued with me to disable “Find My iPhone” in order to proceed with some of this.  I did and chased my tail around until complete and I was dizzy.

I’m sorry I can’t be more specific.  I had to go through all of the account details manually myself.

3)  Have all your iPhone friends delete and readd your contacts.   Good luck.  As annoying as the iCloud step was, this one may simply be impossible.  Luckily for me, I had few people iMessage me during the two weeks.  If your contact used iMessage to talk to you, they will not be able to recontact you until Apple’s servers all realize that you have dropped off of iMessage – that could be as much as 45 days, however with me it was instant.

4)  Ask your readded friends to “Send Message as Text Message” on their iPhone.  Yes, seriously.  They’re going to wonder if they really want you as friends at this point.  Hopefully you don’t lose too many as a result.

5)  Wait 45 days before using your new non iPhone on this number.  I had to ask myself whether they were serious about this one, but apparently either I was lucky or this particular bullet is old news.  It was in my case.

6)  Text “STOP” to 48369 .  That’s the Apple support guy’s hint.  It worked for me immediately.

After running through all of this, my S4 is working fine.  I SMS Text everywhere, I am not using iMessage anywhere. 

I have read that some people on iPhones hate green text bubbles, and SMS is green while iMessage is blue.  All I have to say to that is grow up since there are worse things to hate.

First world problems, really!

Thanks, Apple, But I Think I’ll Pass on Yosemite

I have computers on Windows, Mac OSX, and Linux.  Various levels and flavors of all of the above actually.

There’s always the question as to when or whether to upgrade them.

Linux is pretty simple – when your distribution changes, give it a week or so and listen to the chatter.  If the chatter is clear, go for it.  I’ve never had a problem here.

Windows.  I have a Windows 7 machine that won’t get upgraded because it’s an old Core 2 Duo machine.  It will either die before Windows 7 does or it will get given away.  Windows 8 became Windows 8.1 as soon as it was offered to me.  Windows 8 was an abortion, Windows 8.1 is manageable.  Just add Classic Shell and it cleaned up almost all of that Modern/Metro hideousness and pushed it aside.  Classic Shell made that ugly block land go away and replaced it with all the desktop land goodness that I need to get things done.  It’s still there, lurking under the hood, but I couldn’t tell you the last time I had to use one of those ugly blocky programs that Microsoft mistakenly thinks I need to slice, dice, and make julienne fries.  Other than network access which the Modern/Metro interface gets in the way massively and then drops you back to a desktop app to actually get the job done to disable and enable things.

I don’t.  ‘Nuff said about that.

Then there’s the Mac.  I always liked the sleekness and the design of them.  Beautiful hardware, a well thought out interface.  When I need to use my Mac, it is almost always a pleasure.  I got the thing, installed Snow Leopard, and it purred.  When the Mavericks upgrade was offered, it was free so why not?  I noticed no real problems there, and since I am a lightweight user of my Mac it’s fine.

I’ve heard reports that Mavericks slowed memory access from the prior version, Lion, but like I said: I’m a lightweight user so I don’t notice.

They put out a new operating system, Yosemite.  Since I knew about the memory speed issue, I thought I’d wait.  Let the experts go after it.

I’m glad I did because there are some privacy issues that made me uncomfortable with things.

Everyone likes having search functions on their computers and generally don’t think twice about how things are done.  What happens is that that information you are looking for is sent back to the program to check its indexes and report back to you when it finds what it thinks is the right answer.

That was all well and good back in the good old days when it was enough just to search this current computer.  Some smart people decided that they’d go out and do a search on the internet to give back more content.   It’s a built in function on the desktop called Spotlight that phones home to Apple and does that search. 

Fair enough if you’re actually doing an internet search.  But why do you need that search to go back to Apple if you’re just looking for a file on “this” computer?  If you are searching for movie information or maps, it’s going to send back your current location, as well as the current device you are on, and anything else that it thinks is pertinent such as language settings and what apps you have used.

To be fair to Apple, you can turn this off, but I have done enough support to know that unless someone turns that sort of thing off for you it won’t get done. 

The flip side to that is that if you have turned it off, location services are one of those things that get rather naggy to have turned off.  Your searches get a helpful prompt asking you to turn on location services and eventually you wear down and just leave them on.

Checking my Android phone, location services is turned on there, and we know that all that sort of thing goes on there with Google.  If you want a smartphone these days, you are either going to have Apple or Google put their hand in your pocket and watch over every move you make that they believe they need to, it’s part of the game.

The idea of having big brother was scary enough when I read 1984, but the reality is that we all now have that big brother in our own pocket and don’t think too much about it.

Nothing to see here, keep moving on.

All this was reported in the Washington Post’s technology blog a while back, and apparently Apple has been taking heat about their decisions to make these changes. 

There is a website called fix-macosx.com that promises to give you information how to take back some privacy and turn off some of Apple’s data collection.

This all is a change of heart since the old days where the Mac was more privacy friendly.  Now, they’re going all in and sucking down all this info while you happily go along with it.  Since Apple is notoriously tight lipped about what they do internally, I suspect that it will be a long time before we find out just exactly what they’re doing with all that data.

No thanks, I’ll pass.

How Do You Protect Your IPhone From Wirelurker When They Don’t Know What It Does?

I’m reading the tech news.  In reality I read it about every day and far too much of it is out there.  Your mind may haze up from time to time, and that’s normal.

There’s a new virus out there that they’re calling “Wirelurker”.  The big problem is with this one is that they are still figuring out how it works and what it does.

The group that discovered the virus, Palo Alto Networks, let out a rather gloomy press release.  Basically, it said that you’re probably already infected and even if you didn’t get infected it will get you anyway through use of chargers or your Mac.

Huh?

Apparently it started as a rather fringe infection vector.  People who Jailbreak-ed their iPhones and connected up to a third party app store called Maiyadi, in China got it first.

Chinese third party software.  Probably not the safest out there.

What it did was to rewrite the apps that ran on the iPhone and add code to it that caused the virus to replicate and move onto the next victim.

So someone stepped out of the Walled Garden that Apple made and they got caught, end of problem, right?

Nope.

It infected their Macs, and moved on.  It also infected any other iOS devices plugged into the machines such as iPads and iPod Touch.

The recommendations are one of the broadest that I have ever seen for avoiding this virus.

This is the first time I saw a third party app store used as an illustration of a safer app store.  They recommend that if you do use third party apps, make sure it is the Cydia app store and only go to trustworthy sources.  Problem there is that you never really know since those third party app stores aren’t really looking into the source code like Apple does.

They say don’t even plug it into a charger that you don’t know about and don’t use any non approved sources.  Since the virus is so stealthy you won’t know that your charger is infected until later – but basically that lets the rest of the windows world in.

There’s a vulnerability with the USB devices that you have in your house.  More accurately the USB devices you will buy to replace the ones you have now.  Plugs, cables, and chargers.  It can be rigged to push a virus into whatever it is connected with.  While this particular threat hasn’t been seen in the wild, yet, give it time.  Yes, it’s doom and gloom and fear mongering, but give it time.

Thinking about a new charger?  Better make sure that you spend the extra money and get it from a recognized source. 

If the whole charger thing is questionable, their stated concern is that if you have an infected iPhone on your network, the virus will walk back to the next phone that is connected to the network via email servers and the like. 

Once it is in your phone, it can theoretically grab your address book and spam your contacts thereby sharing the fun.  This is one of the first “traditional” viruses to hit the iPhone platform.

The Apple Myth of No Viruses Here was built because they have the reputation of “vetting” or looking over and analyzing the software that sits on their own app stores.  If you remain in the Walled Garden, all will be well.  That is the theory and for the most part, up until now, it works.  However since the infection vector is from outside of the walled garden and you have to go outside the garden to update or charge the phone, you will have a vulnerability.

The solution will be that Macs and iOS devices will need to run a virus scanner.  Once the virus definitions are kept up to date, this will clean out the problem. 

If it sounds familiar, welcome to the Windows world. 

Once the signature to the virus is found, it will get out to the Windows based virus scanners and that should clear it up as well.

But it isn’t there yet, so stay tuned.

Bottom line is that if you have an iOS device, make sure you stick with Apple’s App Store and stay tuned.

iPhone6 Killer Feature? They Bend.

A lesson for you tech buyers is to wait at least a week or three before you buy.

Standing in line from midnight the night before outside of one of the few tech big box stores is all about the social aspect as well as being able to say “Look What I Got”.

Boring, but I understand it.

Those people have already stood in line, got their iPhone6 in shiny metal flavors and are using it.  They probably found out about the major flaw.  The phones are so thin that they bend in normal use in a trouser pocket.

Apple has yet to make a statement on the defect, but it’s clearly not Suitable For Intended Use – you know, the old English Common Law Warranty of Merchantability?

I’ll leave the law to the Lawyers, but you might want to stay tuned. 

If you did buy one of those phones, make sure it is in a shirt pocket or a caddy on the belt.  

If you didn’t, wait.   They will probably have to do a quick redesign on the back of the thing, most likely going to Tungsten or some other more durable metal.  Sure it won’t be as light as the current Aluminium, but it also won’t bend like that foil you used to wrap your baked potato last Sunday Dinner.

I learned that it wasn’t the best to buy first a long time ago. This kind of risk that you take when you buy first is a major annoyance to me.

I had bought a 1986 Ford Taurus.  Beautiful car, in cream with a tan interior.  One of the first ones out of the factory.  I almost immediately had problems with the front end of it.  A front wheel drive car that pulled to the left.  After two trips back to the shop for a replacement of the rack and pinion, I traded it in on a Chevy Nova.  I didn’t have that car for more than a year, and I haven’t considered a Ford since.  The Nova was a great little car, but as sexy as a toaster.  Maybe it was the Sexy that was the problem.  Sexy in machinery breaks.  It’s fragile.  Durable is best.  The Nova also lasted 10 years before it started to rust out in the New Jersey and Pennsylvania Winters. 

I stuck with Durable but wanted something different.  That’s why I drive a Jeep Wrangler that is 12 years old.  It’s my third Jeep.

So wait a bit, you don’t want a lemon car like the Ford I had, and you surely don’t want a bendy lemon like the iPhone 6.

So how DO you know when your phone is obsolete?

I have a friend who visits about once a year.  I have a standing request that he brings his “Daily Driver” computer with him when he comes.

He calls it a tune up.  What I generally do is go through the machine, run a virus scan, uninstall spyware, and send him on his way.  It runs much faster because I’ve cleaned out the junk.

He’s also been using that machine for longer than even I have expected.  He’s gotten newer machines, but he keeps coming back to that beast of a 17 inch “laptop” because I’m able to keep it going.

Eventually, he’ll have to stop using it, and then it will have a second life as either a table leveler, something to hold a shelf down in the linen closet, or I’ll put Linux on it and it will be good for another 5 years of use.

I’m leaning toward Linux, but that is because I actually do like using the environment.

Computers have a longer life than the manufacturers want you to believe because they exist to make money by selling you new.  It’s Planned Obsolescence.

With a phone, it appears much more clear cut.  Especially with a smartphone, things have a shelf life.  The vendor puts out a new model, it can do more, but does it really warrant you getting a new one?

Again like with my friends beast of a laptop, to me, it appears that it is software driving the decision.

There are two schools here.  Apple and Android.  Not looking at this as a fanboy of either set up, I have a preference for Android because I can do things with it like use the phone as a multimedia computer much easier than I can with iOS.  I look at it as a use case to form a decision as to which works best for me.

Your Mileage May Vary.

With Apple, there is a clear end of life with their phones.  When you can no longer run their current operating system, it is time to consider moving on.  Apple has always done this with their computers as well.  For a while their PowerPC computers were supposed to be the best thing out there.  Then they came out with Intel based computers that made their old computers look horrible and they stopped supporting them after one more upgrade.

My iPhone is an old 3GS.  It will still make calls, but as a computer, Apple is actively pushing it away.  I have software that ran on it until I updated it, then all the sudden the older software is gone, and the newer one doesn’t work because I don’t have the current operating system.  One after another app is going away and eventually that will be the end of it.

Of course if you have the latest iPhone 6, it’s obsolete when you drop it on the ground on the first day it’s out because you just broke the screen.


Android is a different animal.

Android support varies with the company that made the phone or tablet.  Typically, an Android phone will get updates within the operating system version that it was bought with.  After that you are on your own.

My tablet, a Samsung Galaxy Tab 2, got updates until the current OS came out.  That doesn’t mean that the tablet is unusable, it merely means that it will get more behind the times as I run into the same problem that my old iPhone had.  Software won’t be written for it.

There is another problem with the older versions of Android.  The browser that shipped with every version of Android except the current one has a rather nasty bug in it.  The short of it is that if you have an older Android device, do not use the default browser.  Disable that browser, and install another.  I did that at the start and I use Firefox which is the suggestion that is made by most security groups.

Why is that a problem?  Because if you don’t have a current device that runs the current Operating System, you aren’t going to get an update and you are on your own.  That means you have just hit the wall with using that phone, it’s now obsolete – if you want to be secure.

It all seems a bit alarmist, but considering how many people use their phones and tablets as their main computing devices these days, it really does pay to be aware of what that device is capable of doing.  It is a computer and they do need to be kept up to date.  But when you can’t do that any more, you have to be aware what not being up to date can mean.

Weird Browser Stats

There are Lies and then there are Statistics.

I’m sure we’ve all heard that before.  I was going through statistics on this blog.  Not really sure why, but occasionally I do check it.  Other than realizing that people in far flung parts of the US, China, The Ukraine, and others like to look at recipes, pictures from the Florida Keys, and read cute stories about cute dogs, it does help inform me as to whether I should continue this exercise of writing something each day.

Even if it is a copy and paste exercise on the weekends.   Bad Joke Saturday and Bad Joke Sunday have to get their Bad Jokes somewhere!

All statistics are approximations, your mileage may vary…

Some of the hits are obviously false, such as those from crawlers and the like.  I’ve been told to ignore those, and I won’t be even saying who they are here because I don’t want to encourage them.

Yes, it’s like the misbehaving child at the family table – ignore your bots and they’ll behave.

If you do look at your statistics and see something coming from a Vampire or a Zombie site, ignore it or you’ll get spiked as well.  Google Analytics is correct, Blogger is not.

But within that stat page, I also get reports on what kind of technologies that are being used to look at the blog.  

Someone is using something called “NS8” to get here.  I had to follow that one up.  I mean, it’s not like it’s one of my Linux readers, or someone using their iPhone or Mac to surf here, I can tell what that is.  I know that when someone surfs me with Iceweasel, they’re on Debian Linux since that is what I use on my Linux Machine.  Stability, thy name is Debian.  They really should use the slogan “Debian, It Just Works!”.  Even on your 10 year old computer…

Anyway…

Not having ever heard of NS8 I looked it up.   NS8 is “most likely” a copy of the old Netscape Browser version 8.   To give you an idea, that’s equivalent to Firefox 1.0.   Firefox is on version 25 at this date. 

Congrats, you are using the latest version of Firefox!  is what you should see when you click on that Firefox link.

PSA – Upgrade your software when you can.   Or some blogger will be waggling a finger at you for not doing so.

I’m looking at you Windows XP People.   You’re almost as bad as I was when I got my Mac – it had OSX Leopard on it, and I immediately upgraded a month later to Snow Leopard.

My Mac Peeps will know what I’m talking about.   How’s your Mavericks?  Kewl?

Immediately, a month later.   Er… well they do say that Macs have no viruses and well…

Not content to just wonder about this NS8 thing, I also got a visit from someone using something called “OS;FBSV”.

Er, wha?

The best I can tell is that somehow, someone, is using their iPhone in Facebook to follow through. 

Hey, it may not matter to you, but I am a curious type.

I did after all have a person surf my blog from something called “Windows NT 6.1”.  Most likely someone got bored while working on a server somewhere in a noisy server room and surfed my page.

I just hope I didn’t bore them or the rest of you too much with all that.