All on line accounts (including email) have passwords. If you have not changed them recently, you are at greater risk of being ‘hacked.’

Most security experts advise changing passwords every 90 days. Until recently this seemed like overkill, but the situation I described in my last column illustrates why changing passwords frequently is important.

I assisted two customers who had their Frontier email accounts hacked. They probably had not changed their passwords in a very long time.

Frontier has used Yahoo as their email provider for several years. If you have a Yahoo email account, you probably recently received notification of a pending class action settlement “relating to data breaches occurring in 2013 through 2016.”

In 2013, malicious actors gained access to all existing Yahoo accounts (approximately three billion worldwide). In 2014, approximately 500 million, and in 2015 and 2016, approximately 32 million. So this illustrates how important it is to change your passwords frequently.

Using a complex password is also important. I see way too many people using simple words or easily guessed combinations of information such as telephone numbers, street addresses, or names of children.

A complex password should be at least 8 characters long and include a mix of uppercase and lower case letters, numbers, and symbols such as @./|$*&-_. It should not should be a just a sequence of numbers or contain any words found in a dictionary.

So something like “password1” is really bad. To create a complex password you can replace letters with symbols or numbers that are similar, for example “p@$$W0rd1.”

Another way is to come up with a sequence of words that makes sense to you, then use the first letter of each word. For example “Excellent advice for you from Peter Newell Affordable Technical Solutions” becomes “EafyfPNATS.” That is a fairly random sequence, but to obfuscate it even further, substitute numbers and symbols: “ea4yfPN@T$.”

Remembering clever complex passwords like this might not be so hard if you didn’t also have to change them often.
The problem is compounded because you absolutely should not use the same or similar password for different accounts, and when you change passwords the new ones should not just be variations of the old ones.

The natural response is to write them down. Experts warn against it but there is just no way most people will remember a large number of passwords that change frequently. If you do write them down on paper, you shouldn’t keep the paper near your computer.

Another way is to keep them in a file on the computer. However, if anyone gets access to your computer, they have all your account information. A simple way to solve this problem is to put the information in to a passworded file. This can be easily done using a spreadsheet program such as Excel or LibreOffice Calc.

Password Managers are another solution. All you need to know is the master password. This is a topic for a future column.

If you have not changed your passwords recently or are not using complex passwords, I advise you to change them as soon as possible. For assistance with all things technical, you can contact me at 315-376-8879, solutions at atspn.com, facebook.com/AffordableTechnicalSolutions.

Original newspaper column published September 2019

A question recently posed on Quora went something like: “If the polarity in AC changes (i.e. no positive/negative, hot/ground), why is there a hot and ground wire in the real world (worse yet neutral)…”

I am an Electrical Engineer but I am not a licensed Electrician. This is a discussion of concepts, not specific advice on electrical wiring.

Current can be thought of as flowing through a single point, but voltage (also called potential difference) is always between two points. There is no ‘polarity’ at one point. Only with respect to some other point.

With AC (alternating current), the direction of current flow in the wires and the polarity of the voltage between the wires changes in a sinusoidal pattern. The voltage reaches a positive maximum at a particular instant and half a cycle later it reaches a negative maximum.

In AC wiring, “hot,” and “neutral” really have nothing to do with polarity. “Hot” and “neutral” define the relationship of the wires with respect to ground.

“Ground” itself is a relative term. It could refer to earth ground or some other common point. For example, most vehicles have a negative “ground” system so you could say the positive battery terminal is “hot” with respect to “ground,” but the system could be just as easily designed to have the positive terminal connected to chassis of the vehicle and then the negative terminal would be considered “hot.” Either way, the chassis is not connected to actual earth ground.

In the AC power distribution system, the secondary winding of a power transformer feeding a home or business with single phase power is center tapped. The center tap is connected by a wire to earth ground at the power pole. This establishes a definite relationship to “ground” at that location.

You typically see three wires twisted together going in to a building. Two “hot” wires that are insulated, with approximately 220V between them, and one bare “neutral” wire connected to the center tap. Half of the standard 110V circuits are connected to one of the “hot” wires and the neutral. The other half of the circuits are connected to the other hot wire and the neutral. If you have a 220 appliance like an electric stove or clothes dryer, it is connected across both “hot” wires.

There is also a local ground wire. All of the outlets and appliances have a connection to this local ground.

Creating a “neutral” wire by connecting one side of the power circuit to ground enhances safety because there is one less “hot” wire. If everything is working properly then you should be able to touch the “neutral” wire with no problem because back at the breaker box “neutral” and “ground” are both connected to the same point.

However the neutral wire is part of the power supply circuit which means current flows through it. The wire and the connections have some resistance. This means that at the point where power is being used there could be a small voltage difference between the neutral and ground. It should be extremely small unless there is a problem with the wiring.

Call an Electrician if you have wiring problems, but call me for computer and general technical assistance. Affordable Technical Solutions. 315-376-8879. solutions@atspn.com.

Original newspaper column published October 2019

In the early 1900s, hams were considered irritations and nuisances to the “real” communicators – the commercial sector and the military. Amateur Radio was almost outlawed, and ultimately relegated what were then considered “useless” frequencies above 1.5 Mhz.

Hams rose to the challenge and figured out how to effectively use the higher frequencies. They also demonstrated that they could actually be of use as a service.

In 1913, college students/hams in Michigan and Ohio passed disaster messages in the aftermath of severe storms and flooding in that part of the country when other means of communications were down.

A Department of Commerce bulletin followed, proposing a dedicated communications network of radio amateurs to serve during disasters. A magazine article noted that amateurs – who were once considered nuisances – were now considered to be essential auxiliary assets of the national public welfare.

The American Radio Relay League was formed in 1914, and disaster response communications provided by radio amateurs became more organized and useful. In 1920, Amateur Radio was used to help recover a stolen car, of all things!

Soon, the use of Amateur Radio for natural disasters emerged, with hams active in deadly flooding in New Mexico and an ice storm in Minnesota.

More organization followed, such as a “MoU” with the American railroad system for Amateur Radio support when the railroad’s wire lines were down.

A major New England flood had amateurs supplying the only efficient means of communications from the devastated areas to the outside world, prompting the chairman of the Federal Radio Commission to say the future of radio depends on the amateurs.

In 1935, the ARRL Emergency Corps was formed with the goal of having an Amateur Radio Emergency Station in every community — a goal that remains just as urgent today as it did then! Just look at today’s emphasis on the neighborhood and community as “first responder” and on self-reliance in the post-disaster survival chain.

In 1936 the ARRL Emergency Corps provided essential communications during major flooding across a 14-state region, solidifying Amateur Radio’s status as a critical disaster response communications asset and public service.

Amateur Radio was shut down during World War II, but communications techniques pioneered by hams were put to use during the war. Many hams joined the War Emergency Radio Service, which provided some disaster communications during the war period. After the war, the ARRL reconstituted its disaster response communications programs and networks, and the first Simulated Emergency Test was run in 1946.

The Radio Amateur Civil Emergency Service (RACES) was formed by the government for civil defense (CD) purposes during the Cold War.

The roles, procedures, protocols, equipment and techniques of Amateur Radio in public service, disaster, and emergency communications continue to evolve, fueled by advances in Amateur Radio technology and its application, and lessons learned from each and every incident that involves amateur communications support.

Commercial and government communications infrastructure has reduced the need for Amateur Radio emergency communications. But these systems still do fail. Many readers of this column experienced just such a failure during the recent torrential rainstorm.

As the ARES Section Emergency Coordinator for Northern New York, I encourage anyone interested in radio communications for emergency preparedness (and just for fun as well) to get involved in ham radio. For more information, contact me at 315-376-8879 or solutions@atspn.com, and visit the Northern New York Amateur Radio Association web site www.nnyara.net.

Original newspaper article published November 2019

Microsoft will discontinue support for Windows 7 on January 14.

Don’t panic.  Don’t just run out and buy a new computer. You have options. Call me.

“End of support” does not mean Windows 7 will stop working, just that there will be no more security updates from Microsoft.

Over time Windows 7 will  effectively become less secure as additional security flaws are discovered but not patched. Microsoft will issue updates for Windows 8 and 10. Thes updates will be analyzed by hackers to determine what security flaws they fix, and then malware will be written to attack the flaws. Unpatched systems including all Windows 7 computers will be vulnerable because they won’t be updated.

This was a major concern when Microsoft ended support for XP in 2014, although I did not really see this happen with my customers. Many continued to use XP for quite a while without an increase in malware problems. However, it may be worse this time. Windows 7 program code and structure has more similarity to Windows 10 than XP did to Vista and 7.

Most people still using Windows 7 like it and do not want to give it up, especially if they have already tried Windows 10.

If you are a casual home user and your computer has adequate malware protection and you are careful, I think you can get away with continuing to use Windows 7 for a while. But eventually it will become so outdated it just won’t work well on the Internet.

Unfortunately if you are using your computers for business, and particularly if your business or organization is subject to privacy or security regulations, then you probably have little choice but to stop using an ”unsupported” operating system if you want to be in compliance.

Possibly more significant is that within a couple of years support for other software on Windows 7 will be dropped. In particular, out of date Internet-based applications will start to have problems. Anyone who has tried to use an old web browser has already experienced this.

So what can you do?

Many users just go out and buy a new computer with Windows 10, but this is a costly option which may not be necessary. There are alternatives.

You can continue to use Windows 7 for a while as long as you are careful, have all the available updates installed, know your system is clean, and have good antivirus software.

You can update your existing computers from 7 to 10. It is much less expensive than buying a new one. Another advantage is that is you keep your programs, settings, and data.

Most computers in the last 10 years can handle Windows 10. The most likely hardware upgrade required would be an increase in RAM.

But another great option for those who don’t like Windows 10 or Microsoft’s tendency to force you into updates and changes you don’t want, and don’t “need” Windows,  is to dump Microsoft  altogether and switch to Linux.

Web surfing, email, word processing and all the other common things most people do with Windows can be done just as easily with Linux. The graphical user interface of a Linux distribution such as Linux Mint is designed to be very easy for Windows users.

Since Linux is not Windows, it is immune to all Windows malware because programs written specifically for Windows will not install and run.

My favorite Linux distribution is Linux Mint.  The graphical user interface is very similar to Windows and most users have no trouble switching.

So far, I have switched about 30 customers from Windows to Linux. Many of them are still economically and happily using their 10+ year old Windows Vista PCs converted to Linux, but some have just had it with Windows problems on newer computers and dumped Windows 8 or 10 for Linux Mint.

References:
Windows 7 End of Support Information from Microsoft
Switching from Windows to Linux
General Information about Linux on your PC
$79 Risk Free Linux Conversion Offer

Original Question on Quora.com:
Which Linux distribution has the best GUI for novices in 2020? Will it dramatically speed up an old Windows 8 laptop?

My Answer:

“Best” is matter of opinion. I happen to like Linux Mint

According to many references it is the most popular, especially for Windows converts. The desktop is very similar to classic Windows.

An advantage is that because it is so popular there is a very large user community which means it is likely you will find lots of help and answers on the forums.


Some people will say ZorinOS is better for beginners from Windows. I tried it a few years ago and it was OK but I found the documentation was a little lacking at that time. I have not looked at it recently.

According to Slant – Zorin OS vs Linux Mint detailed comparison as of 2019

When comparing Zorin OS vs Linux Mint, the Slant community recommends Linux Mint for most people.

As to the question “What are the best Linux distributions for desktops?Linux Mint is ranked 5th while Zorin OS* is ranked 39th.

The 4 distributions ranked above Mint (Debian, Slackware, Arch, and Salix) are definitely not suitable for beginners coming from Windows.

6 Best Linux Distributions for Beginners in 2019  rates only Ubuntu above Mint, primarily because it “has great documentation and community support.” But I think Mint is better because all the the desktop environments (Cinnamon, Mate, and XFCE) are a lot more like classic Windows. And XFCE in particular is very lightweight so it runs well on older hardware.

Mint is based on Ubuntu so aside from differences in the desktop environments it is almost the same. Software written for Ubuntu also works on Mint.

I have converted computers for many customers. Mostly old Vista and a few old XP computers to Mint XFCE because it is the most lightweight Mint distribution. Most have had no problem making the transition.
On the same hardware Mint XFCE is faster than Vista and much faster than Windows 10.

I expect I’ll be doing a bunch more conversions now that Windows 7 will no longer be “supported” by Microsoft. Any Windows 7 PC will have hardware that runs Mint very well.

Mint XFCE uses about 350MB of RAM. Windows 10 uses about1.3GB! Mint Cinnamon uses a little more but I had it on an old Vista laptop with 2GB RAM and it ran fine until the hardware failed.

So yes, Mint would speed up an”old” Windows 8 laptop, especially one that didn’t have much RAM.

Link to my original post on Quora      About Quora  Q & A

The 2019 Halloween storm knocked out power to thousands, particularly in Hamilton County. Those fortunate to have an automatic whole-house generator experienced minimal inconvenience.

A system that automatically starts a generator and switches over the house mains is really handy, but it does have its downsides. For one thing, it’s an expensive system to install. For another, it can lead you into being complacent when the electricity goes off.

Just because you still have electricity, it doesn’t mean you have an endless supply of power, because the generator needs fuel. If it’s connected to a natural gas pipeline you might be OK, but if it uses propane or gasoline (more likely in the north country) you only have what is in the tank.

Perhaps you can get a refill, but maybe not. So it might be a good idea to figure out how to conserve fuel.

Most people can get by for a while without continuous power. Running a generator for a short period every few hours will keep the house warm and the refrigerator cold.

The trick is knowing how to manually control an ‘automatic’ generator. Typically you can put it in manual mode.

You may only need a small amount of electrical power for essential appliances. A small generator can be connected directly to the equipment that needs to be powered, or to the home wiring.

To safely connect any generator to your home wiring, you must disconnect from the power lines first. The safe way to do this is with a transfer switch. This is a double-throw switch that connects the house to either the power line or your generator.

There are basically two types of generators.

A conventional generator must rotate at a certain speed to provide the required voltage (117VAC) and frequency (60Hz.)  While it will use less fuel under no-load conditions than under full load, it can’t actually run slower to conserve fuel.

Inverter generators are a combination of a conventional generator which supplies raw electrical power and electronic circuitry which converts it to the proper voltage and frequency.  The motor only runs fast enough to supply the needed power.

Another advantage of good inverter generators is that the AC power they produce is clean and stable. This makes them ideal for powering sensitive electronic equipment.

“Solar generators” are not really generators. The name is misleading. Generally they are just an inverter powered by a battery, with a small solar panel that charges the battery. They can’t replace an actual generator for long- term or high power use.

Aside from actual outages, momentary power interruptions can occur at any time. They make your computer quit in the middle of whatever you were doing, make clocks flash, and reset various other electronic devices.

The simple solution is an uninterruptible power supply (UPS). This is an inverter powered by a rechargeable battery. If the power drops the inverter automatically switches in and provides power for a few minutes, enough time to save work and shut down your computer. A UPS also provides superior protection from power surges. I have them on all my systems and they are well worth the minimal cost.

Original newspaper column published November 2019

In the last few months I have assisted a number of customers in resolving problems with their Frontier Yahoo email. The initial evidence of the hack was that some of their contacts received a bogus email such as the following:

“Subject: Urgent favor

How are you? I need a favor from you. I need to get a Gamestop Gift Card for my Nephew, Its his birthday but i can’t do this now because I’m currently traveling. Can you get it from any store around you? I’ll pay back as soon as i am back. Kindly let me know if you can handle this.”

This email came directly from the hacked Frontier yahoo email account.

In other words, it was not an email from some other account with the sender’s address spoofed. The hacker had direct access to the Frontier Yahoo account. Before sending the scam email, the account settings were changed to add a reply-to address and adding forwarding all incoming email to sophieyyyyyyyy@gmail.com.

Thus any direct reply to the scam message would go to the hacker’s email without the hacked account holder knowing. This would allow him to continue the scam. In addition, while any email sent directly to the hacked account would be received and seen by the account holder, it would also be forwarded to the hacker’s email.

Without checking account settings, the only way the account holder would know is when someone contacted the account holder after spotting the suspicious email, or when they didn’t respond to an email that was sent.

The first two customers contacted Frontier and were advised to change their passwords, which they did. While this most likely prevented further hacking, it did not fully resolve the problem.

Frontier failed to advise them to check other settings. In one case, Frontier actually remoted in to the customer’s computer to assist them. But the “tech” failed to find and remove the bogus reply-to and forwarding.

Consequently, customers called me because they were still having problems receiving emails. Finding and implementing the solution was relatively simple – check account settings and remove the bogus reply-to and forwarding.

Unfortunately, my customers thought that the problem was resolved when Frontier advised them to change the password. This meant that for a week or so they were still using a compromised account. The hacker was receiving copies of all emails sent to the account and replies to all legitimate emails sent by my customers through the account were diverted to the hacker.

When I contacted Frontier about an unrelated matter on a different account, the Frontier support person alluded to the hacking problem without being specific. However, to my knowledge, there was no recent notification from Frontier to their customers of a problem.

Just recently I spotted the problem on another account when I received one of the bogus emails. I was able to call the customer, alert her to the problem, and fix it, but it still required that the customer directly call Frontier in order to change the account password, as well as logging in to the account to eliminate the bogus settings.

It is unclear whether the hacked account problems I just described are due to the massive data breach at Yahoo reported back in 2017 where hackers gained access to credentials for 200 million Yahoo accounts, or if this is some new hack only affecting Frontier Yahoo accounts.

In any case, if you have Frontier Yahoo mail or any Yahoo account, the password should be changed and settings checked immediately. This applies even if you are not actively using the account.

As always, if you need assistance, you can contact me at 315-376-8879, by email, or Facebook.com/AffordableTechnicalSolutions.

Responding to bogus telephone calls from “Microsoft Support” or “Symantec Norton:”

No one is monitoring your computer for malware or other problems. If you get a phone call from out of the blue, IT IS A SCAM.

Never allow access by anyone who’s identity you can’t verify. Once a scammer has access, you can never be sure what they may have done. It is pretty easy to steal personal data or install monitoring software or a remote access “back door” they can use any time to get in.

Certainly never pay them anything. You are wasting your money and giving away your financial information.

However, allowing remote access from someone you trust is fine. Just make sure you know who you are talking to. Get the phone number from your bill, user manual, or the actual company web site. Do not use search results. They are very misleading.  

Using remote access to get help can be a convenient time-saver. If you call me for support, I will use a remote access tool which is perfectly safe and totally under your control. It only allows access when you run the program and grant access.

Not having a full system backup:

It is very rare these days that you get software installation or “Factory Recovery” disks with a new computer. However, Windows 10 includes the ability to make a recovery drive. Even if your computer is 5 or 10 years old, it’s not too late. Make your recovery media now.

Mobile devices usually have a way to restore to factory defaults.

Not backing up user data on a regular basis:

Reloading the operating system is sometimes the only way to fix problems. However when this is done, all user-installed applications and personal files are deleted.

Files can also be accidentally erased. File systems can get corrupted Ransomware can render data inaccessible. Storage devices can physically fail.

USB flash drives and hard drives are cheap and easy to use. You can get a few gigabytes of free “cloud” storage from DropBox , Microsoft, and many other places. iCloud and Google drive are ideally suited for iOS and Android devices, respectively.

You can simply copy important files to backup storage, or you can automate backup using tools built in to the operating system, or by using a third-party backup program. Backing up to at least 2 other locations is recommended.

Installing junk software:

“Potentially Unwanted Programs” get installed in Windows either by tricking you in to thinking they are actually useful, or as “drive-by downloads” when installing some other program or program update. Be careful what you download and install. Most of the “free” driver updaters, system optimizers, bargain finders, toolbars, and similar programs do more harm than good.

Problems tend to accumulate until the computer becomes slow or actually unusable. An ounce of prevention is worth a pound of cure.

Apps on mobile devices eat up memory. There are many questionable apps that are spyware, just like on the PC. Be careful.

Head off problems with a periodic professional computer checkup and tune up. I can usually do a basic check and tune by remote access. Call me at 315-376-8879. 

Original newspaper column published January 2019

When helping customers, I frequently run in to the problem of unknown account names, passwords, and license keys and unavailable program installation media or files.

If you forgot your password I can usually get you back in to your computer or at least recover data. It is not so easy on mobile devices or on-line accounts.

Mobile device security is generally much tighter on the assumption that a tablet or phone is easily lost or stolen. Be particularly careful about repeatedly trying different passwords, because some devices will permanently lock you out after a number of incorrect entries.

The only way to make the device usable again may to do a full reset. This will erase all apps, settings, and stored data. If you don’t have your pictures and other files backed up somewhere else, they will be permanently lost.

If you have an on-line account associated with the device, and you have used that account to back up everything, and you have access to that account, it may provide a way to recover without permanent data loss. Typically this involves connecting the device to a computer, running a program, logging in, resetting the device, then restoring from the backup you hopefully created.

The key is that you still need to back up and to know the credentials to log in to the on line account.

Most computing device problems are software problems. Some problems are easily found and fixed, but in other cases it’s like looking for needles in a haystack in the dark.

Many times the only practical method is to reload the operating system from scratch. This means all installed application software must also be reinstalled.

If you are using Linux, this is probably not an issue, since it is likely you are using all open source applications. They can be downloaded and installed directly from the program repositories using the built-in software manager or appropriate commands.

The same is not true on Windows or MacOS, or your mobile device. You may have downloaded and installed some free programs, but chances are you have purchased others. They may have been downloaded and installed, or on a computer installed from physical installation media such as a CD. Either way, you need to have the installers and the activation keys.

If you have the install media or file but no key, you are out of luck. If you have the key but no actual installer, you are out of luck. If you have purchase records that are only in email or a digital file you can’t access, you are out of luck.

Key point one is that you must have adequate records of all your user accounts, passwords, purchases, and product keys. This means write the information down and keep more than one copy of it in safe places.

Key point two is that you must save installation media or files. You must also do regular backups of any other important files. This means copying them to at least one other place, whether it is another computer, a flash drive, or on-line storage.

If you need assistance in sorting out your records and creating backups, you can call me at 315-376-8879. 

Original newspaper column published January 2019

A customer asks:

Morning Peter – I have a question, do I need this file? [CNET_TechTracker_2_0_1_51_Update] I am committed to cleaning up my file space in 2019. I have just begun. I found the article below on Tech Tracker, which states some say YES keep it others NO.

Answer:

Good for you. File maintenance is a very important task that most people avoid doing and end up with user folders so cluttered and unorganized they can’t find anything.

The screenshot you sent shows Windows indicates this file is an ‘application.’ It appears to be a 2010 update to CNET TechTracker. It is ancient and not needed. Delete it.

CNET Tech Tracker may or may not be installed on your computer. It is a non-essential ‘free’ program that helps keep software on your computer up to date. Other than that I do not know anything about it. CNET is a fairly reputable outfit, but I am skeptical of supposedly free helper programs like this. CNET is making or hopes to make money somehow. Either by delivering advertising, collecting data,  or trying to convince you to pay for a premium version or to download some of the updates.

If you were to set Windows to show file extensions, you would see that full name is CNET_TechTracker_2_0_1_51_Update.exe This indicates it is an executable file, in other words a program.. “Application” or “app” is the in-vogue name for a program.

You should look very closely at any ‘application’ in any of your user data folders because it is not a document, picture, etc. it is a program which will execute when you ‘open’ it. This means it can install itself or do virtually anything else. This is a primary way that computers get infected with malware and other junk programs.

In particular, there should be no ‘applications’ in your Documents folder unless you put them there for a very specific reason such as to save an installer for some program that you purchased.

Another folder you should clean up is your Downloads folder. It is very typical that all kinds of program installers, updates, and a lot of other junk accumulates here. If you have actual ‘documents’ or pictures that you want to save (maybe downloaded as email attachments or from some web page link), move them to the appropriate place. If there are installers for program you purposely downloaded, you should make a special folder for them so you don’t delete them accidentally. Delete all the other accumulated junk.

No legitimate program should be permanently installed or running from Documents or Downloads, so deleting anything there should not screw up the computer.

There are many other hidden folders that should also be checked and cleaned up. Some of the places questionable programs install themselves are the application data folders because it is easier for junk programs and malware to get themselves ‘installed’ in to these folders compared to a proper installation in the Program Files folder. So any time I do a diagnostic and see something is running from an appdata folder I am suspicious of it.

Describing how to do a thorough check and clean up is beyond the scope of this column. If you need help, call me. I can do routine clean up by remote access. 315-376-8879.

Original newspaper column published January 2019