If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below. |
|
|
|
Thread Tools | Rate Thread | Display Modes |
#1
|
|||
|
|||
Concerned
Ever wonder if somehow, the content of your hard drive could be being 'tapped' to the outside world (cloud) via the router in the background? Maybe in brief, small, snatches so you wouldn't notice it? Maybe during a Macrium backup? How wud one know? JW |
Ads |
#3
|
|||
|
|||
Concerned
On 12/26/2017 6:57 AM, Paul wrote:
wrote: Ever wonder if somehow,Â*Â* the content of your hard drive could be being 'tapped' to the outside world (cloud) via the router in the background?Â* Maybe in brief, small, snatches so you wouldn't notice it?Â* Maybe during a Macrium backup? How wud one know? JW For a naive attack of that form, using a product like ZoneAlarm would tell you. Any time an "unknown" process attempts to use the Internet, you give your permission. However, all Microsoft telemetry cannot be blocked this way. The Microsoft telemetry addresses, cannot even be blocked by the HOSTS file. Only an external filter can remove that. Microsoft telemetry also cannot be stopped by removing DNS, as Microsoft has numeric IPs it can use for this communication (to the Vortex server). If I wanted to siphon info from your machine, I would disguise the executable so it "looks" like some other executable that already had permission. The Windows outgoing firewall is programmable, and Microsoft has already punched holes for some of their installed stuff. For example, someone finds six rules for Microsoft Sticky Notes (one would presume, to let it through the Firewall). Apparently, using the proper uninstall procedures for things like that (not just deleting some files), also removes the Firewall rules. https://www.tenforums.com/antivirus-...all-rules.html And I doubt Microsoft would specifically list their telemetry ones. ******* If you haven't seen a Windows Firewall prompt yet, are you sure yours is turned on ? I think I've seen a couple attempts, by programs I've installed, to open a connection, and the Windows Firewall prompts for permission. This is similar to what ZoneAlarm would do. The difference is, ZoneAlarm would probably prompt for *everything* the first time, so you would feel "more protected" by having to tick "OK" over and over again. The Windows Firewall would at least already have Sticky Notes "pre-approved" :-) Â*Â* Paul The best security is to delete all programs that you do not need from your computer, and only install those programs that you need. The next security rule is turn off you computer when you are not using it. Have it turn on only whey you need it. Finally turn off the wireless lan and disable the hard wired connection when you are not using the internet -- 2017: The year we learn to play the great game of Euchre |
#4
|
|||
|
|||
Concerned
On Tue, 26 Dec 2017 07:04:42 -0500, Keith Nuttle
wrote: On 12/26/2017 6:57 AM, Paul wrote: wrote: Ever wonder if somehow,** the content of your hard drive could be being 'tapped' to the outside world (cloud) via the router in the background?* Maybe in brief, small, snatches so you wouldn't notice it?* Maybe during a Macrium backup? How wud one know? JW For a naive attack of that form, using a product like ZoneAlarm would tell you. Any time an "unknown" process attempts to use the Internet, you give your permission. However, all Microsoft telemetry cannot be blocked this way. The Microsoft telemetry addresses, cannot even be blocked by the HOSTS file. Only an external filter can remove that. Microsoft telemetry also cannot be stopped by removing DNS, as Microsoft has numeric IPs it can use for this communication (to the Vortex server). If I wanted to siphon info from your machine, I would disguise the executable so it "looks" like some other executable that already had permission. The Windows outgoing firewall is programmable, and Microsoft has already punched holes for some of their installed stuff. For example, someone finds six rules for Microsoft Sticky Notes (one would presume, to let it through the Firewall). Apparently, using the proper uninstall procedures for things like that (not just deleting some files), also removes the Firewall rules. https://www.tenforums.com/antivirus-...all-rules.html And I doubt Microsoft would specifically list their telemetry ones. ******* If you haven't seen a Windows Firewall prompt yet, are you sure yours is turned on ? I think I've seen a couple attempts, by programs I've installed, to open a connection, and the Windows Firewall prompts for permission. This is similar to what ZoneAlarm would do. The difference is, ZoneAlarm would probably prompt for *everything* the first time, so you would feel "more protected" by having to tick "OK" over and over again. The Windows Firewall would at least already have Sticky Notes "pre-approved" :-) ** Paul The best security is to delete all programs that you do not need from your computer, and only install those programs that you need. This wud take me some effort and time. The next security rule is turn off you computer when you are not using it. Have it turn on only whey you need it. This seems an easy safeguard. Finally turn off the wireless lan and disable the hard wired connection when you are not using the internet I always try to pull the cat5. But my router is co-used by house TVs, so it cannot be turned off. Otherwise it could. I am thinking of placing most, if not all, my data on an external hard drive which can then be manually switched on and off - on only when used. Gotta be careful tho - cud lose data. Thanks JW |
#5
|
|||
|
|||
Concerned
|
#6
|
|||
|
|||
Concerned
Big Al wrote:
On 12/26/2017 07:32 AM, wrote: Finally turn off the wireless lan and disable the hard wired connection when you are not using the internet I always try to pull the cat5. But my router is co-used by house TVs, so it cannot be turned off. Otherwise it could. Keith was saying turn of the wi-fi on you PC (if it's even of ) and pull the cat5 cable. Thus removing the PC from the router, not turn off the router. Laptops at least, have a "Radio" setting for the Wifi, and when you turn that off, there should be no connection to the router. Paul |
#7
|
|||
|
|||
Concerned
wrote | The best security is to delete all programs that you do not need from | your computer, and only install those programs that you need. | | This wud take me some effort and time. | That doesn't sound good. It sounds like you're overdue to figure out what's on your system. Another point is to always configure software not to allow auto-updating. Paul's advice to have a good outgoing firewall stops malware calling home, but if you allow all programs to call home anyway, that doesn't offer much help. Many people have gradually developed the idea that good software should always auto-update. That's never been true. Which is why corporations are allowed to put off updating Win10. You and all other SOHo customers are the unpaid beta-testing team. The same goes for other software. Bad bugs in updates are not at all unusual. If it works fine now it probably is fine. | | | Finally turn off the wireless lan and disable the hard wired connection | when you are not using the internet | | I always try to pull the cat5. But my router is co-used by house TVs, | so it cannot be turned off. Otherwise it could. | I use a UPS with a network cable run-through. It provides a dual service: surge protection and, by having it on the desk, I can easily just pull the cord when I'm not online. | I am thinking of placing most, if not all, my data on an external hard | drive which can then be manually switched on and off - on only when | used. Gotta be careful tho - cud lose data. That won't help much if it's turned on when you use the computer. External disks have been sold to the public as a big advantage but most people who use them are just wasting money on extra storage they don't need. Some other points to consider: * Shopping online is risky. * Banking online is risky. * Allowing javascript in the browser is the main venue of problems, along with tricks like getting you to click a bad link in email. Using a HOSTS file and NoScript can go a long way to reduce your risks and also reduce tracking. * Webmail that doesn't allow disabling script and 3rd-party content is both a security and privacy risk. Try to use a real email program if possible. Those have blocked script and web bugs for years. If you use something like gmail you can't stop Google spying, but you can at least get your email via something like Thunderbird and benefit from the security features it has. (There are successful companies, like Constant Contact, whose whole business model is based on spying via email, tracking when and how much you read someone's email. Yet that tracking only works with webmail.) * Do you use a cellphone? If you use apps you probably have to enable geo-location and other methods that apps use to track you for targetted ads. Phone apps are the new malware. Even Apple have a hard time keeping the sneaky ones out. * You mentioned Internet-connected TVs. Those are an extreme intrusion, and it's not new: https://www.washingtonpost.com/news/...-their-owners/ https://securityledger.com/2014/05/b...g-no-smart-tv/ https://securityledger.com/2015/11/v...-your-screens/ https://threatpost.com/red-button-at...rt-tvs/106547/ You said that you're concerned about collection of data, but what data? Security? Privacy? Are you concerned with a keylogger getting you credit card info? An attack that gets to your bank account? Photos of your kids being spread around? The risks depend on what you use your computer for and what you want to protect. It's not just an amorphous bad element that's waiting to sneak into your computer and cause harm. How about"smart" appliances? That's an impending calamity that's entirely unnecessary. There have already been cases of hacked doors locks and the like. And for what? What kind of nut thinks they need to open their front door from their phone? Privacy is being attacked from all angles. With that come privacy risks. With those come security risks. I was reading an article in the NYT just this morning about stores rejecting cash payment. The article made it sound like only "luddites" use cash. (They even used that word, which has been given a meaning based on misperception. The Luddites were against losing their jobs, not against new technology.) The NYT reporter was similarly sloppy and gossippy throught the article. It was a "light reading" piece. But it was also shocking: The Dig Inn, a lunch spot in Manhattan, refuses to accept cash. They claim various vague reasons. Other nearby shops are doing the same. It's the new normal. Blah, blah, blah. But then the whole thing turns out to be not just a case of fuzzy-headed technophilia -- Visa is paying a kickback of $10K to companies that refuse to take cash. The Dig Inn also provides payment by their phone app. That means they'll probably get access to personal info about you. The people at the Dig Inn might not even understand that. But anyone from advertisers to Facebook and Google to the people who wrote their app might be paying them a small kickback in exchange for that data. So paying for a sandwich at the Dig Inn could mean 30 companies know that you went to 123 6th Ave next and stayed there for 73 minutes. It gets very complicated very quickly. The end of cash means the total ubiquity of tracking. But it's not only a privacy problem. Using the Dig Inn app means there's data on your phone for malware apps to tap into. It means you're trusting the backend that Dig Inn is using -- that they won't somehow expose your data to hackers. Whether that's Dig Inn themselves, Square, Visa, or whoever. Someone is processing and storing you credit/debit data. And debit card protection is not as good as credit card protection. Not to mention that cashless increases costs for everyone. Credit cards get a few % fee. Debit cards used to get 65 cents per transaction. I don't know offhand what the fee is now. By using credit/debit for things like groceries, coffee and lunch you're literally paying a superfluous middleman to give your $5 to the clerk, while you put your money and privacy at risk. It gets complicated, but if you're concerned about security and/or privacy there just isn't any simple fix. You have to start thinking in those terms. If you install a firewall while allowing Samsung to hack your TV and using various cellphone apps, with your phone always on, then in a very real sense you're keeping the horses safely in the barn while the cows, goats and chickens are all wandering off down the street. |
#8
|
|||
|
|||
Concerned
|
#9
|
|||
|
|||
Concerned
That won't help much if it's turned on when you
use the computer. External disks have been sold to the public as a big advantage but most people who use them are just wasting money on extra storage they don't need. I think using an external drive for data storage is a great idea! I've been using a powered (2 usb plugs) external drive for some years now with great success. This is a custom built unit using a 500gb SATA 7200rpm 2.5" hard drive in an enclosure) My newest laptop doesn't have a hard drive, only SSD and so this works perfect. (I will never buy one with a built-in hard drive again!) The other computers on my home network can access the external drive via login credentials. I recently replaced that external drive with a WD 2tb USB3 compatible (1 plug) unit. A bit slower (hardly noticeable) than the old one, but large enough to put all my files from the other computers on it. The other computers are now configured same as this SSD unit; -only installed software on the local drive. Now I just backup my profile data to the external drive so I can easily migrate to a new machine. -- Garry Free usenet access at http://www.eternal-september.org Classic VB Users Regroup! comp.lang.basic.visual.misc microsoft.public.vb.general.discussion |
#10
|
|||
|
|||
Concerned
"GS" wrote
| I think using an external drive for data storage is a great idea! | | I've been using a powered (2 usb plugs) external drive for some years now with | great success. This is a custom built unit using a 500gb SATA 7200rpm 2.5" hard | drive in an enclosure) | | My newest laptop doesn't have a hard drive, only SSD and so this works perfect. | (I will never buy one with a built-in hard drive again!) The other computers on | my home network can access the external drive via login credentials. | I don't see why it's better than internal. Because it's mobile? I can see it if you need to transport your data to work. Otherwise, why pay more for an external case and slower connection? You probably get no protection from surges if it's always connected. And why does an SSD make a difference? It might not technically be a hard disk, but it's functionally a hard drive. I've known many people who've heard that it's great to buy an external disk for storage. It's such a fad that the nearby Staples sells far more models of that than they do internal disks. But most people don't need the space. Most don't even know how much space they're using. And externals are pricey. A typical example: I built a computer for a friend that I think had a 500 GB disk. After some time he talked to a professional tech support person who told him he should have an external disk to get more space. So he bought one and started putting all his data there. It wasn't even being used as backup but rather as the only data storage! So he has no backup. Meanwhile, he's used maybe 70 GB of the 500 GB internal disk. The external disk is never unplugged. He never needs to travel with data. He just wasted $80+- for no reason. | The other computers are now configured same as this SSD unit; -only installed software on the local drive. Now I just backup my profile data to the external drive so I can easily migrate to a new machine. | So what do you do with all that extra space? If you have 500 GB or 1 TB disk with only the OS then you're wasting gobs of space. You don't even use it to store redundant copies of data?! I always build computers with 2 disks. These days it's one SSD and one regular. The first disk has the OS and data partitions. The second disk is redundant. I copy most things there, in case a disk suddenly dies. I also put mostly just the OS and software on C drive, but C drive is just the first of 5 partitions, not a whole disk. (5-10 GB for XP. 60-100 GB for Win7.) I then keep disk images for all computers, so that C drive can be restored easily. And I back up data to DVDs, USB and old hard disks. So I have multiple backups. Your system seems to be missing easy opportunities for extra backup. Maybe you write DVDs? But I don't understand why you don't treat the external as backup rather than a solitary, primary data store. |
#11
|
|||
|
|||
Concerned
"GS" wrote
I think using an external drive for data storage is a great idea! I've been using a powered (2 usb plugs) external drive for some years now with great success. This is a custom built unit using a 500gb SATA 7200rpm 2.5" hard drive in an enclosure) My newest laptop doesn't have a hard drive, only SSD and so this works perfect. (I will never buy one with a built-in hard drive again!) The other computers on my home network can access the external drive via login credentials. I don't see why it's better than internal. Because it's mobile? I can see it if you need to transport your data to work. Otherwise, why pay more for an external case and slower connection? Since I have Lou Gehrig's I'm pretty much confined to a wheelchair and so my units MUST be portable. The external drive fits in a shirt pocket but I have it velcro'd to my lid and use a 90 degree usb adaptor so the wire runs tightly along the side of the chassis. You probably get no protection from surges if it's always connected. I have UPSs to handle power surges/outages. And why does an SSD make a difference? It might not technically be a hard disk, but it's functionally a hard drive. SSD drives are blazingly faster than an optical drive for both bootup and app loading. The powered usb drive I built ran as fast as the built-in hard drive (external 7200rpm vs local 5400rpm). The new WD usb3 unit (not 'powered') runs almost as fast as did the old (powered) one. I've known many people who've heard that it's great to buy an external disk for storage. It's such a fad that the nearby Staples sells far more models of that than they do internal disks. But most people don't need the space. Most don't even know how much space they're using. And externals are pricey. A typical example: I built a computer for a friend that I think had a 500 GB disk. After some time he talked to a professional tech support person who told him he should have an external disk to get more space. So he bought one and started putting all his data there. It wasn't even being used as backup but rather as the only data storage! So he has no backup. Meanwhile, he's used maybe 70 GB of the 500 GB internal disk. The external disk is never unplugged. He never needs to travel with data. He just wasted $80+- for no reason. Well, if he uses/accesses that data with more than 1 computer than it's not wasted. I can do this with any of my computers both directly wired or over my network. Backups are stored on external media and so using data needs to be transfered there to back it up. I don't need to do this because the data is already there and so is effectively backed up ongoingly. System files are all I need to back up as far as regular maintenance gooes, as well as apps that write data to the AppData folder under my user profile (ie: Firefox, Thunderbird, Avast, and SolidWorks). The other computers are now configured same as this SSD unit; -only installed software on the local drive. Now I just backup my profile data to the external drive so I can easily migrate to a new machine. So what do you do with all that extra space? If you have 500 GB or 1 TB disk with only the OS then you're wasting gobs of space. You don't even use it to store redundant copies of data?! The new one is 2TB; I have backed up (system/profile) data from 3 other 500GB hard drives (no where near full) to it, each in their own (computer name) folder. "Main" folder is the primary data storage. I always build computers with 2 disks. These days it's one SSD and one regular. The first disk has the OS and data partitions. The second disk is redundant. I copy most things there, in case a disk suddenly dies. I also put mostly just the OS and software on C drive, but C drive is just the first of 5 partitions, not a whole disk. (5-10 GB for XP. 60-100 GB for Win7.) I then keep disk images for all computers, so that C drive can be restored easily. And I back up data to DVDs, USB and old hard disks. So I have multiple backups. Your system seems to be missing easy opportunities for extra backup. Maybe you write DVDs? But I don't understand why you don't treat the external as backup rather than a solitary, primary data store. The external serves for both system backup{s} as well as portable data storage. This makes my life much easier when passing along old computers when I replace them. (I always buy state-of-the-art hardware** and so people who know me line up for my discards) ** My CAD software requires some serious hardware which, of course, is rather costly. I've found that most OEMs charge Rolls Royce prices for these units, BUT I've also found that gaming units use the same hardware but go at Corvette prices (less than half compared to CAD workstations). -- Garry Free usenet access at http://www.eternal-september.org Classic VB Users Regroup! comp.lang.basic.visual.misc microsoft.public.vb.general.discussion |
#12
|
|||
|
|||
Concerned
On Tue, 26 Dec 2017 16:25:04 -0600, Mark Lloyd
wrote: On 12/26/2017 12:44 PM, Mayayana wrote: [snip] I don't see why it's better than internal. Because it's mobile? I can see it if you need to transport your data to work. Otherwise, why pay more for an external case and slower connection? You probably get no protection from surges if it's always connected. A backup drive should be external, so it can be disconnected and can be safe from anything (malware, user errors, bad software, etc...) And that "etc." includes nearby lightning strikes and theft of the computer. that could affect your computer. A strong ditto! If can also be used on multiple computers. Also, have at least TWO backup drives and never connect both of them at the same time. Another ditto! But note that Wayne said "I am thinking of placing most, if not all, my data on an external hard drive which can then be manually switched on and off - on only when used," and GS said "I think using an external drive for data storage is a great idea! My newest laptop doesn't have a hard drive, only SSD and so this works perfect." GS thinks it's a great idea; I think it's a *terrible* idea. Those quotes suggest that neither if them have any external backups, just the single external drive they use for data, and they think that its being external provides them with adequate protection. It doesn't; they are both playing with fire. |
#13
|
|||
|
|||
Concerned
On Tue, 26 Dec 2017 16:52:56 -0700, Ken Blake
wrote: On Tue, 26 Dec 2017 16:25:04 -0600, Mark Lloyd wrote: On 12/26/2017 12:44 PM, Mayayana wrote: [snip] I don't see why it's better than internal. Because it's mobile? I can see it if you need to transport your data to work. Otherwise, why pay more for an external case and slower connection? You probably get no protection from surges if it's always connected. A backup drive should be external, so it can be disconnected and can be safe from anything (malware, user errors, bad software, etc...) And that "etc." includes nearby lightning strikes and theft of the computer. that could affect your computer. A strong ditto! If can also be used on multiple computers. Also, have at least TWO backup drives and never connect both of them at the same time. Another ditto! But note that Wayne said "I am thinking of placing most, if not all, my data on an external hard drive which can then be manually switched on and off - on only when used," and GS said "I think using an external drive for data storage is a great idea! My newest laptop doesn't have a hard drive, only SSD and so this works perfect." GS thinks it's a great idea; I think it's a *terrible* idea. Those quotes suggest that neither if them have any external backups, just the single external drive they use for data, and they think that its being external provides them with adequate protection. It doesn't; they are both playing with fire. And let me add another point to that: as far as I'm concerned, a laptop may be great for traveling, but it's a very poor choice to be used as a main home computer. It's more expensive than a desktop, more expensive and harder to upgrade, more susceptible to being dropped and destroyed, more susceptible to being stolen, etc. And if it is used for traveling, having to take an external drive along with it is a major pain. |
#14
|
|||
|
|||
Concerned
"Mark Lloyd" wrote
| A backup drive should be external, so it can be disconnected and can be | safe from anything (malware, user errors, bad software, etc...) that | could affect your computer. | Yes, but a backup drive is not what we're talking about. That's why I questioned it being external. On the other hand, like so many things, a lot of it comes down to personal preferences. |
#15
|
|||
|
|||
Concerned
On Tue, 26 Dec 2017 16:52:56 -0700, Ken Blake
wrote: On Tue, 26 Dec 2017 16:25:04 -0600, Mark Lloyd wrote: On 12/26/2017 12:44 PM, Mayayana wrote: [snip] I don't see why it's better than internal. Because it's mobile? I can see it if you need to transport your data to work. Otherwise, why pay more for an external case and slower connection? You probably get no protection from surges if it's always connected. A backup drive should be external, so it can be disconnected and can be safe from anything (malware, user errors, bad software, etc...) And that "etc." includes nearby lightning strikes and theft of the computer. that could affect your computer. A strong ditto! If can also be used on multiple computers. Also, have at least TWO backup drives and never connect both of them at the same time. Another ditto! But note that Wayne said "I am thinking of placing most, if not all, my data on an external hard drive which can then be manually switched on and off - on only when used," and GS said "I think using an external drive for data storage is a great idea! My newest laptop doesn't have a hard drive, only SSD and so this works perfect." GS thinks it's a great idea; I think it's a *terrible* idea. Those quotes suggest that neither if them have any external backups, just the single external drive they use for data, and they think that its being external provides them with adequate protection. It doesn't; they are both playing with fire. And let me add another point to that: as far as I'm concerned, a laptop may be great for traveling, but it's a very poor choice to be used as a main home computer. It's more expensive than a desktop, more expensive and harder to upgrade, more susceptible to being dropped and destroyed, more susceptible to being stolen, etc. And if it is used for traveling, having to take an external drive along with it is a major pain. Generally, I agree! Exception... Given my situation (stuck in a power wheelchair) my pocket size external drive is velcro'd to the laptop's lid and so no pain at all taking it along. The laptop velcros to a computer tray attached to the chair; all is very well secured. I put my desktop in the closet after I was forced into the wheelchair because it's not portableg. -- Garry Free usenet access at http://www.eternal-september.org Classic VB Users Regroup! comp.lang.basic.visual.misc microsoft.public.vb.general.discussion |
|
Thread Tools | |
Display Modes | Rate This Thread |
|
|