Why has Amazon has pulled books on bomb making but still sells chemicals for thermite?

Print Friendly, PDF & Email

Odd “news” item on Channel 4 News in the UK tonight, a feature length piece on Amazon’s “people who bought X” and also “bought Y” algorithm available to make thermite! Yes people – that’s lethal bomb making stuff.

So you start with the base chemical, enter that in Amazon and apparently it does the recommend thing. And yes it does!

 

 

 

 

Even after they have removed bomb making books. Which is a bit bonkers, this still works, so why?

Well for those read my last article about terrorist how-to’s and ISIS call to arms videos still being published on youtube.

Roll on those stupid terrorists who order this stuff on Amazon – you’re address, credit card details and every other data footprint is exactly what they want.

Now the real piece of journalism would have actually been to have ordered it and filmed armed police turn up on their doorstep?

I bet if I ordered what I just searched for on Amazon I could be in Belmarsh before you could say where’s my tea towel, or perhaps have my data footprint sucked into GCHQ on a perpetual basis.

And didn’t we see this on Seven?

Posted in Just saying | Leave a comment

LogMeIn Corporate reinstall issue: Error 1920. Service ‘LogMeIn'(LogMeIn) failed to start.

Print Friendly, PDF & Email

If you have a LogMeIn Corporate reinstall issue with this error then I will remotely fix this for you for £50.

Please use the booking form below.

logmein_install_error_1920

logmein_install_error_1920

 

 

 

 

 

 

 

 

 

 

Loading...
Posted in Uncategorized | Leave a comment

Why I like Spectrocoin; an interesting UK based bitcoin wallet provider and exchange

Print Friendly, PDF & Email

I was going through all my 2FA account backup bits of paper at the weeked and found a few I hadn’t used for ages and came across Spectrocoin from an account I had set up in 2014.

Obviously I had lost interest in them since like many others they had never managed to find a UK friendly bank to allow BACS/FPS payments. Cryptopayme and the defunct Lazycoins did very briefly.

Like all the exchanges currently operating in the UK even seemingly with FCA blessing they still only offer a cheap way to obtain bitcoin IF you do a SEPA payment in EUROS to credit your account with fiat to start with. The best route for this is in the UK currently Fidor UK who do SEPA payments at £2.50 a go 🙂

Aka the current UK list appears to be:

cryptopay.me
coinfloor.co.uk
spectrocoin.com

So what is cool about SpectroCoin even with the SEPA payments madness plagued on all UK bitcoin exchanges:

  1. Open an account just with your social login FaceBook or Google accounts
  2. You can withdraw as gift vouchers. On the UK mobile phone networks and generate Amazon gift vouchers
  3. It has debit card which if your balance is ZERO incurs no monthly £1 charge, I’ve just ordered one
  4. You can transfer bitcoin to another spectrocoin.com account holder with ZERO bitcoin fees – instantly
  5. You can transfer bitcoin to someone who has yet to open a spectrocoin.com account holder with ZERO bitcoin fees just by entering their email address. They receive an email to open an account
  6. Their developer API section is the coolest documented reference I have ever seen
  7. If I were in the business of crypto payment integrated solutions at EPOS street level this would be the player I would be looking at. This platform right now has the ability to provide fee less bitcoin to bitcoin instant payments at retail level
  8. If you have a merchant wallet with Spectrocoin you can have you bitcoin automatically converted into British Pounds for example and not be subject to bitcoin price fluctuations
  9. At the end of a day a merchant can move their fiat to their Spectrocoin Debit card and pay suppliers instead of traditionally waiting receive cleared funds
  10. They have tech support people via web chat who are there in the evenings and the weekend UK time

Lets say that again in laymans terms – they have a real-time friction free in transaction fee terms at retail level, bitcoin payment solution that is not waiting for the lightning network and payment hubs in the following countries

I think is what the Americans call on-ramp, I do hope they stay in business!

My referral link is this one https://spectrocoin.com/en/signup.html?referralId=857436169

 

 

 

Posted in Tips | Leave a comment

How to get bitcoins?

Print Friendly, PDF & Email

Well getting bitcoins can be a painful journey and a steep learning curve however if you live locally just book an appointment and pop round for a coffee.

For people who don’t live locally I have set up a national service to help explain bitcoin called Get Coins! http://www.getcoins.co.uk/ So please tell all your friends!

 

Posted in Just saying | Leave a comment

Finding duplicate photographs software

Print Friendly, PDF & Email

Clients often end up with an AWFUL lot of duplicate photographs.

Auslogics Duplicate File Finder does the trick
https://www.auslogics.com/en/software/duplicate-file-finder/

 

 

Posted in Tips | Leave a comment

Create system images of your Windows PC, the easy way to prevent heart attacks

Print Friendly, PDF & Email

What are System Images on a Windows PC?

They are a visualized hard drive of your computer that can be used to either recover data or run your dead PC in a visualized environment. These are slight different to backup software that run continuously on your Windows PC like the native “File History” facility.

Think of “File History” back up as day to day. It bails you out of:

  • Accidentally deleting a file or folder
  • Allowing you view a file from several saves back with the same file name

A System Image can be thought much more of a get of jail card for complete failure and disaster recovery if the data is kept off-site and the data since last system image is also held off-site.

With a combination of the two backups and additionally the use of cloud services such as GDrive and DropBox could form a complete disaster recovery process.


How to Create a System Image Backup in Windows 7, 8, or 10

There is a great tutorial for doing this at https://www.howtogeek.com/howto/4241/how-to-create-a-system-image-in-windows-7/

And also at this page to do a restore https://www.howtogeek.com/239312/how-to-restore-system-image-backups-on-windows-7-8-and-10/

100% of the details on this page are correct BUT the backup that this procedure does is really a lot more useful than it appears.

While you can’t restore a system image backup on another PC, you can extract individual files from a system image backup. Microsoft says it’s not possible to extract individual files from a system image backup, and they don’t provide an easy tool to do so — but they’re just standard VHD (virtual hard disk) image files that you can “mount” and copy files from using File Explorer or Windows Explorer.

It says that you cannot take restore the “system image backup on another PC”, whilst this is technically correct we can do something really cunning with this .VHD backup.

We can install Microsoft Virtual PC software on another powerful Windows PC and copy the .VHD file to it. He we can now run your old PC inside another PC while your replacement PC gets to you.

So if you run a full the procedure every night to an external drive then read this guide below “Automating the creation of .VHD files on Windows 8 / 10” to automate it on Windows 8 and above, here is the link to the original web page tutorial.

In Windows 7 the scheduling for creating an automated “Create a System Image” was built into the operating system. Then Microsoft removed this method making it very complicated. This will have been due to commercial agreements drawn up with third party backup vendors like Acronis who offer some very good comprehensive paid for solutions.

This youtube clip demonstrates your emergency fall back. It shows a Windows PC running a Windows PC inside it. The Windows PC inside it is a .VHD file

Automating the creation of .VHD files on Windows 8 / 10

How to schedule a Windows 8.1 System Image backup

  1. Decide whether you want to run a daily or weekly backup of Windows 8.1. Also make sure you understand that every new backup will overwrite the previous one. So, if the backup fails, you won’t have a recovery copy to fall back to.
  2. Connect an external drive with enough free space. This will depend on how much data you have in your hard drive(s).
  3. Launch PowerShell as administrator (this is really important because this operation needs the highest administrative privilege as possible).
    Quick Tip: Go to the Start screen do a search for PowerShell, from the result right-click Windows PowerShell, and select Run as administrator.
  4. Type the following command to create a daily full Windows 8.1 backup and press Enter:Syntax:
    SCHTASKS /Create /SC DAILY /TN <TaskName> /RL HIGHEST /ST <Time24HrsFormat> /TR "wbAdmin Start Backup -backupTarget:<TargetDrive>: -include:<WindowsDrive>: -allCritical -quiet"

    Example:

    SCHTASKS /Create /SC DAILY /TN DailyFullBackup /RL HIGHEST /ST 14:06 /TR "wbAdmin Start Backup -backupTarget:F: -include:C: -allCritical -quiet"

    Or type the following command to create a full backup of Windows 8.1 weekly and press Enter:

    Syntax:

    SCHTASKS /Create /SC WEEKLY /D <DayOfWeek> /TN <TaskName> /RL HIGHEST /ST <Time24HrsFormat> /TR "wbAdmin Start Backup -backupTarget:<TargetDrive>: -include:<WindowsDrive>: -allCritical -quiet"

    Example:

    SCHTASKS /Create /SC WEEKLY /D MON /TN WeeklyFullBackup /RL HIGHEST /ST 13:00 /TR "wbAdmin Start Backup -backupTarget:F: -include:C: -allCritical -quiet"

Finally, if you want to double-check whether or not the task has been fully created. Go to the Start screen, do a search for Task Scheduler, expand the Task Scheduler Library, and on the list from the right, you should be able to see the task. This is also a good place to visit and troubleshoot the task if it isn’t running correctly.

http://pureinfotech.com/schedule-windows-81-system-image-backup/

Businesses – low cost disaster recovery

Now businesses can go another step further and introduce a work to home sync on “File History” style backups.

So with nightly System Image backups, GDrive/DropBox, File History work backups sync’d to home this could provide you with a pretty comprehensive disaster recovery process.

But this isn’t just low cost disaster recovery. It is actually disaster recovery.

As well as backup being only as good as when you last tried to do a restore from your backup. The other most singular most important aspect is how quickly you can do it.

Scenario

Standard commercial cloud backup solution:

  • Fire or theft
  • Order new PCs or borrow PCs required
  • Download data
  • Wait for download – this could be days

DIY work<->home synchronization of last day’s data

  • Fire or theft
  • Order new PCs or borrow PCs required
  • Recover data
  • No waiting

Should you require consultancy, please just book an appointment with me at:

http://www.totnesit.com/book-an-appointment/

Posted in Backup | Leave a comment

Terrorist videos on FaceBook & YouTube + WhatsApp encryption

Print Friendly, PDF & Email

There is lot of discussion in the media right now about about terrorist videos being published on the likes of YouTube and FaceBook, something must be done… Even the Daily Telegraph joined in last Saturday 25th March 2017.

Why nothing will be done about terrorist videos

But NOTHING is going to happen,  because this material is actually being used to track and profile terrorists:

Source Camera Identification Using Footprints from Lens Aberration
https://www.eee.hku.hk/optima/pub/conference/0601_EIf.pdf

Automatic source camera identification using the intrinsic lens radial distortion
https://www.ncbi.nlm.nih.gov/pubmed/19529575

Digital Photos Give Away a Camera’s Make and Model
https://yro.slashdot.org/story/08/11/18/0115242/digital-photos-give-away-a-cameras-make-and-model

Digital images contain their maker’s mark
https://www.newscientist.com/article/mg20026826.200-digital-images-contain-their-makers-mark/

Tracking where video was taken by the mains hum on the audio recording. Electrical network frequency analysis – ENF analysis is founded on research originally carried out by Dr Catalin Grigoras.
https://en.wikipedia.org/wiki/Electrical_network_frequency_analysis

http://www.telegraph.co.uk/news/uknews/crime/9739037/Met-Police-use-electrical-hum-to-solve-crimes.html
http://www.bbc.co.uk/news/science-environment-20629671
https://perpetuityresearch.com/1748/solving-crime-with-only-a-hum-the-power-of-the-national-grid/
http://www.aes.org/e-lib/browse.cfm?elib=14411

 

As long as terrorist videos help the security services, they will be allowed on the web. (Whether there will be any advertising next to them is a different matter.)

WhatsApp encryption is another RED HERRING because of zero-day vulnerabilities

January 2015 David Cameron made this statement:

Thanks to the CIA’s Dark Matter leak this month, we discovered that zero-day software has being deployed on computers and phones for a LONG time. Even Apple once thought to be pretty impregnable has been as open as the proverbial barn door.

http://thehackernews.com/2017/03/wikileaks-cia-mac-iphone-hacking.html

So what are Zero Days?

A zero-day vulnerability – commonly just called zero-days by hackers – is an undisclosed computer-software vulnerability that both hackers and the security services can exploit.

Zero-day software allows your devices to be controlled by other people – in most cases now; remotely. And this software implanted on the device is not detectable for many years into the future due to its sophistication.

With regards to computers and phones a zero-day allows the security services to read the messages of the terrorist as they are being typed into an application like WhatsApp before it’s even encrypted. So being able to decrypt the encrypted message is totally unnecessary. It’s red herring.

The British security services were using zero-day exploitation  more  than fifty years ago. During the early Common Market discussions in 1960 – 1963, We created remote monitoring facilities that could listen to the French encryption devices before the messages were encrypted. This was brought to light by Peter Wright’s revelations in Spy Catcher, published in 1987. The Song remains the same.

We live in a world where you can safely assume that any Internet connected device can be remotely monitored by the security services. The recent Wikileaks Dark Matter Leak implies this clearly.

The issue of encrypted communications is a red herring. That problem was solved a very long time ago, The bigger fish is whether the security services can use zero-days without a warrant and with impunity? This is the news item.

 

Posted in Just saying | Leave a comment

Passwords, to save (in browsers) or not to save….

Print Friendly, PDF & Email

Dear Mark,

I was talking to a friend, Rick,  about security for  passwords on the laptop.

He told me to go to Firefox. See Options, Security, Saved Logins and there were a whole list of my saved passwords for anyone to see in the computer.

Same with Google going through Settings.

I did not realize saved passwords were stored on the laptop.


I replied:

1.
Don’t save passwords in Chrome, these will get copied into Google’s cloud

If you’re Google account gets hacked, then ALL these passwords are available to the hacker…

Also go to : https://passwords.google.com

Go to saved passwords, delete them all. Then switch off the sync’ing setting, this will prevent further accidental saving of passwords to Google from Chrome usage.

At the end when you enter https://passwords.google.com your screen should look like this, make sure the bottom line “Saved passwords” looks like this:


2.
If you want to save passwords on the PC, then use FireFox and add a Master Password to protect them. Click this link for the official tutorial

  • Three lines icon (top RHS) – [this is the Menu icon in FireFox speak]
  • Preferences
  • Security
  • Use Master Password

In effect you use two browsers, Chrome for your Google intensive work where you get the tight integration and FireFox for your general with password protection for locally stored passwords. If you don’t get a Mozilla account then there is no risk of them ending up in Mozilla’s cloud either. If you use a Master Password on your computer then passwords are held on the machine encrypted unless you enter your master password when you first start using FireFox.

To more fully appreciate the risks, then read what the FireFox Senior Security Engineer has to say which is the first reply

https://www.reddit.com/r/firefox/comments/2yl09k/how_secure_is_the_firefox_master_password/

Password management is a game of two halves, pain in the neck or the same pain but slightly further down.

Next in my password article series is here:

http://www.totnesit.com/hate-passwords-love-deterministic-password-generators/

Posted in Passwords | Tagged , | Leave a comment

Hate passwords – love deterministic password generators

Print Friendly, PDF & Email

A deterministic password generator allows you to remember one simplistic pass-phrase that you can remember for all your passwords but

  • Unique passwords are generated for each site and logins you use
  • They gives you the ability to rapidly change all your passwords in one go

Actually I recommend a combination of the two, my favourite is KeePass for a Password Manager with the password management file store on DropBox and SaltThePass which is a deterministic password generator on you mobile. Android or iPhone. KeePass is also available for Windows, Linux, Mac, Android and iOS.

I use KeePass as Password Manager with the password management file store on DropBox + two-factor authentication, this gives me the facility to cope with some complex information I don’t want to write down. This is the same for all Geeks, we ALL use KeePass like the early days the Geeks were the ones that used Google first.

So when do I use SaltThePass? I typically only use it with web sites that provide two factor authentication to login. That means that you need you mobile with you to be able to access the web site, pretty much using the same technology that you use when you log into your bank account with the PIN generator which is different each time.


My next related article in this password series is here:

http://www.totnesit.com/two-factor-authentication/

Posted in Passwords | Tagged , | Leave a comment

Two Factor Authentication

Print Friendly, PDF & Email

Two-factor simply means that there has to be something else other than a password entered when you log into a web site. Try this explanation by Brit Christopher Bernatt, missing the 1970’s Open University BBC 2 late spots, then he’s our man.

Common UK sites and sites that you might use offering this now are:

  • All the High Street Banks
  • ebay.co.uk
  • amazon.co.uk
  • paypal.com
  • gmail.com
  • live.com (hotmail.com, outlook.com email systems)

You can also find a comprehensive global list here at https://twofactorauth.org/

OK here’s the kicker, if you watched Christopher’s video if you still do not understand how it works. Then you should have been using yesterday.

You will not find a Geek not using it.

Here’s the example, you’ll still meet Doctor’s who enjoy a crafty cigarette or maybe have a class A problem, you know – you see the odd documentary on TV.

But you won’t find any IT or person involved in the Computer Industry that does not have two factor enabled on every account they possibly can.


Posted in Passwords | Leave a comment