Categories Menu

Posted on Mar 15, 2017 in Newsletter, Welcome | 0 comments

TWT Newsletter NG – Issue 46 – Another bad month for online security

Click here to go back to the back issues page or click here if you want to subscribe.

Top Windows Tutorials
TWT Newsletter NG – Issue 46

Welcome to the March 2017 TWT Newsletter

Marching forward into March with another feature packed TWT newsletter. It has been another shocking month for IT security, with connected devices and the backbone of the internet itself in the firing line. Get ready to update those passwords again!

Important! A number of our subscribers have had difficulty receiving our newsletter. At we never send out unsolicited e-mails. To make sure your TWT newsletter reaches your inbox, please add to your contacts, buddy list or white list.

In this months issue:-

A bad month for IT security, again!
Tip of the Month – Use video and pictures to protect your valuables
Free Utility of the Month – Snappy Driver Installer
Windows Store App of the Month – Shady Pines
Windows 10 Creators update has an update to Windows update

A bad month for IT security, again!

Another month, another set of data breaches online, this time one with some serious ramifications for thousands of users as internet content delivery company CloudFlare suffered a major and embarrassing security breach. You may be thinking “I don’t use any websites called CloudFlare”, but unfortunately CloudFlare provide services to 5.5 million websites across the internet.

The internet is made up of computers. Computers like your laptop or your smartphone (yes, that counts as a computer now) and computers like the ones that serve web pages, or are embedded in routers and switches that populate the backbone of the world wide web and other online services. CloudFlare provide computers and networking services to major websites that help protect them against attacks, help speed up access by caching pages and much more.

What happens when a company like this suffers a data breach? Unfortunately, lots of bad things. The CloudFlare computers were leaking the contents of their memory, this included encryption keys, cookies and passwords. In one example, a private message exchanged by a customer on the OK Cupid dating site was pulled from the exposed memory contents. Other websites affected by the breach include Uber, 1Password and FitBit. The companies behind these websites themselves didn’t actually suffer any data breaches at all, it was all entirely down to the CloudFlare services that were used to help deliver the websites.

How do you even know if you’ve used a website that uses CloudFlare? It’s not easy, when CloudFlare is working properly it should be invisible to the end user. You can visit this page to see a list of all sites that are affected. There’s also a plug-in for Firefox and Chrome that looks at sites you’ve visited in your history and advises if any of them could have been compromised, you can read more about that here.

If you do find any of the websites you’ve visited are affected by the bug, we suggest changing your password. If you’re struggling with your passwords constantly changing, it’s time to learn how to use a password manager like Roboform or Sticky Password.

It seems as we put computers and network connectivity into more and more devices, we invite disaster when these devices are hacked or shown to contain security vulnerabilities. Never is this more sinister when it happens to toys, the very devices that form an emotional bond with the most vulnerable people in the world. Cloudpets are cuddly toys that connect with an app on a smartphone and allow children to record messages to their friends or family (based on a list of contacts the adult is supposed to approve). Given that these messages might be highly personal and give an insight into a child’s family life, you would expect them to be stored securely. Sadly, it turns out that’s not the case, The personal information of more than half a million people who bought these cloud-connected cuddly toys has been compromised. The details, which include email addresses and passwords, were leaked along with access to profile pictures and an estimated 2 million or more voice recordings between children and their peers and family members.

Despite the embarrassing breach, CloudPets are denying that there was any significant amount of data stolen, despite the evidence to the contrary. If you or any children you are responsible for have been using these toys, we’d recommend deactivating the cloud messaging and picture services. Even then, there’s a chance that the toy could be hacked into delivering sinister messages as it was revealed an exploited website could connect to a nearby toy without any proper authentication. Our recommendation would be to remove the batteries from your child’s CloudPets toy and let them simply keep the cuddly companion without his or her messaging features.

Troy Hunt, the security researcher who discovered this vulnerability, warned that he expected similar things to happen in the future. In a statement on his blog he commented “If you’re fine with your kids’ recordings ending up in unexpected places then so be it, but that’s the assumption you have to work on because there’s a very real chance it’ll happen. There’s no doubt whatsoever in my mind that there are many other connected toys out there with serious security vulnerabilities in the services that sit behind them. Inevitably, some would already have been compromised and the data taken without the knowledge of the manufacturer or parents.”

Still using Yahoo?! Time to switch

Yahoo are the undisputed king of security blunders, again this month they revealed a further 32 million customer e-mail accounts had been compromised. Add that to the existing total,
and that makes for a staggering 1.5 billion accounts compromised. Yahoo blamed a “state-sponsored actor”, that is, a hacker working for a government.

If you’re still using Yahoo Mail, it really is time to switch to another service. If you need your Yahoo account for services like Flickr, change your password regularly, make sure the password you use is unique and use only the Yahoo services you really need.

Tip of the Month – Use video and pictures to protect your valuables

Ever tried claiming on your home insurance? The term “getting blood out of a stone” always seems to ring true when dealing with insurance companies and payouts. Usually, it comes down to proof, the proof you can provide never seems adequate.

If you have a valuable collection, or certain items in your home that are valuable, then it may be a good idea to take photos or even better still a video of these items. You can use your PC to do this, if you have a tablet you can record directly from your devices camera using the camera app, or you can use most modern hand held cameras or camcorders and record to memory card then read this back in your PC.

Once you have this valuable video evidence, don’t forget to back it up! There’s no point recording your prize possessions on your laptop and then having your laptop stolen too! Use OneDrive or Dropbox so that the files are saved to the cloud and accessible from any PC. Hopefully you will never need it, but if you do, it’s one less headache to deal with.

Free Utility of the Month – Snappy Driver Installer

We all know how to keep our PCs up to date with the latest Windows updates (hint, it’s automatic!), but what about other software on our PC. Keeping your web browser up to date is essential, for example, since that ensures you have the latest security fixes for your browser while you surf the web.

Drivers are one thing on most users PCs that people never update. What are drivers anyway? Drivers are the bits of software that let Windows talk to hardware in and attached to your PC. You need drivers to make your Wifi work, for example, so that Windows can use it to connect to the internet. If you have a printer, you need a driver so that Windows knows how to send files to print. Usually these drivers come with Windows, or on a CD or download from the hardware manufacturer.

Why bother updating your drivers if they’re working fine? Well, in most instances you don’t need to, but if you’re running a high performance PC and want to make sure everything is running at its optimum, or if you have unexpected crashes or system reboots, then updating your drivers might be worth a shot. Wouldn’t it be nice if there was a safe, free way of doing this without having to trawl the web to every hardware manufacturers website though?

Well, luckily now you can. Snappy Driver Installer will scan the drivers installed on your PC and using its huge database, advise if there’s an update available. If you go ahead and install the updated driver, you can automatically create a restore point and roll back if you find the new driver doesn’t work as well as the old. Snappy Driver Installer can even identify hardware that Windows fails to find drivers for. Perhaps you have reinstalled Windows on your PC and you can’t find a driver for your network card? In that case, find a USB stick (11gb or bigger) and pop the portable version of Snappy Driver Installer onto it and it will, in most cases, identify your hardware and get you up and running.

With the kind of functionality we’ve only seen in paid software in the past, Snappy Driver Installer is an essential part of any Windows troubleshooting toolkit, get your copy by visiting the official home page here, and look out for tutorials from us in the future.

Windows Store App of the Month – Shady Pines

Another game this month, but it’s not your run of the mill jumping, shooting or fighting game. Shady Pines is a puzzle game where you are tasked with putting together blueprints for buildings. I know, it sounds boring, but I promise it’s not. You will need to piece together the buildings carefully, they don’t have to make perfect sense, but things like windows need to be on outer walls, and interior doors need to be, well, interior. You will soon find this is a twist on the regular old jigsaw style puzzle game, but a very enjoyable one. Levels can be repeated and replayed and your design improved to bring in more money, giving the game some good replayability.

What’s more the game is completely free, so why not take a look by clicking here.

Windows 10 Creators update has an update to Windows update

Just a quick little update on the Windows 10 Creators update to let you know that Windows update is getting a significant update! As many Windows 10 users will know, Windows 10 tries to automate it’s patching procedure as much as possible. This can be annoying, as Windows will sometimes force your computer to restart so that an important patch can be applied.

In the upcoming creator update, you will now be able to defer or “snooze” updates. This will prevent the update from restarting your PC and interrupting whatever it is you are doing. According to our sources, you will be able to defer an update for as long as you like, perhaps even indefinitely.

This is undoubtedly convenient, but let’s not forget that this updating mechanism was introduced precisely because Windows updates are critical to keeping your PC safe and sound as you use the web and the internet. Let’s hope users only defer updates if absolutely necessary, since malware certainly won’t defer attacking your PC otherwise!

That concludes our newsletter for March. On behalf of the team here at TWT, I’d like to say thank you to all our readers, new and old for your continued support. The TWT Newsletter will return on the 10th April 2017 for more tips, tricks and techniques to help you get the best out of your PC, be it Windows Vista, Windows 7, Windows 8 or Windows 10. We hope that you found this newsletter informative and useful. If you did not then please let us know why, you can contact us by visiting this page. If you have enjoyed this newsletter, feel free to pass it on to all your friends and family, or better still encourage them to sign up for their own copy. Until next month, keep checking and enjoy happy, safe and stress-free computing!

Post a Reply

Your email address will not be published. Required fields are marked *