In my previous post, I mentioned that WordPress automatic updates [above minor level] were not enabled by default. I referred to a WordPress technical article to assist with fixing, but decided to go one step further – utilize the new Site Health tool for WordPress. I used this tool to point me in the right direction on what needed to be done: enable all updates automatically and also to enable the latest PHP version on the back end.
Instructions on enforcing automatic WordPress updates and using the latest PHP can be found here!
WordPress updates can be very important, both from a security and performance perspective. Although doing these WordPress, or any, updates can be done manually at any time, why not set them to automatically install? To my knowledge, there is no check box anywhere in the dashboard to achieve this. There are plug ins that can be used, but I believe ‘less is more’ when it comes to plug ins – they can fill up the plug ins directory and even increase the odds of a security breach. So, the best method is to directly edit the wp-config.php file. Minor updates are enabled by default, but there are a couple of other higher level updates needing to be enabled.
The PHP file sits at your hosting WordPress folder location.
Full instructions are contained in this WordPress article.
It is not so much that teenagers or “tweens” are so tech-savvy that they can all hack, black hat style, straight into school systems and networks. It’s more akin to walking around the building’s front locked door and discovering an unlocked door in the back. Why waste time breaking in or breaking down the front door when you can simply open the unlocked door in the back? Anyway, this article by “The Atlantic” demonstrates clearly that some teens will stop at nothing in order to communicate with each other during school. And to think … we used to throw paper balls containing messages when we were young.
“The Hottest Chat App for Teens Is … Google Docs”
How a writing tool became the new default way to pass notes in class
Computer Antivirus software continues to be very relevant and necessary these days, despite the fact that social engineering and malware exploits may be more dangerous and numerous. Of course, most antivirus programs these days are combined with other security services [suites] or they do account for the various methods hackers employ to cause trouble, get your information or money. Everyone should use one of the top 4 or 5 rated antivirus programs (Norton, McAfee, ESET etc.) or at least Windows Defender on a PC, if you are on a budget.
But if you get a file or website virus type warning, it is always best to double check or cross reference from VirusTotal.Com. This super useful site allows for uploading files to the site for a quick analysis. Your antivirus would likely quarantine or delete a suspicious file but it is possible a mistake was made, so why not double check? And it is free! Also, any file can be uploaded for a quick ‘virus check’, not just the files giving warning etc. from a scan application. Finally, actual web site addresses can be checked. This can be useful if you are on a site that is acting slow, unusual or one that gives you that weird, uncertain feeling.
Site summary services:
“Any user can select a file from their computer using their browser and send it to VirusTotal. VirusTotal offers a number of file submission methods, including the primary public web interface, desktop uploaders, browser extensions and a programmatic API. The web interface has the highest scanning priority among the publicly available submission methods. Submissions may be scripted in any programming language using the HTTP-based public API.
As with files, URLs can be submitted via several different means including the VirusTotal webpage, browser extensions and the API.
Upon submitting a file or URL basic results are shared with the submitter, and also between the examining partners, who use results to improve their own systems. As a result, by submitting files, URLs, domains, etc. to VirusTotal you are contributing to raise the global IT security level.”
Example of a random Windows executable file [from System32 folder] results, below.
This is a safe, standard Windows master boot record related file, called “MBR2GPT”. I know it is safe, but, this is to give a demo of the positive results. If you see a file, any file, that looks suspicious or maybe have never seen before, upload it and see for yourself.
In a nutshell: the cybersecurity companies that design software that is intended to protect our computers … got hacked. Therefore, it is fully possible that now the hackers understand the defense mechanisms of the companies that fight cybersecurity, at least at the PC, Mac, workstation level and maybe more. This is not good!
Details are sketchy, as is common with these hacks, and two of the victims [Norton and McAfee] deny any breach, but Trend Micro admits a breach occurred. Although Trend said the hack only affected their “lab”, this does not necessarily make customers feel any better about it, given they are in the CYBERSECURITY industry.
I had a chance recently to dig into the Google Cloud Platform, in particular Kubernetes clusters and virtual machine instances. This is the “Compute Engine” offering of the GCP, or Google Cloud Platform. The GCP also offers much more, for example, Cloud Storage [data, object storage], Cloud SQL [MySQL/PostgreSQL], and App Engine [building web + mobile apps]…
According to “Tech Radar”, Microsoft is working on a lightweight version of Windows 10. The reason behind this project is to have a viable operating system that can be installed on devices, laptops or tablets that are lighter in dimensions. In other words, devices that have relatively smaller ‘specs’, such as memory / RAM, hard drive, or CPU. These devices normally have smaller screens. Think Chromebook.
This is exactly what the article refers to, and personally, I am surprised that Microsoft seemingly gave up on this Chromebook dominated market years ago. Many students and others prefer lightweight systems for a variety of reasons, but classroom learning in a primary factor: elementary and secondary students in particular do not need powerful systems. In fact, cheaper is better in my view, given the beating these systems take in backpacks and in dirty classrooms ;>
This “Check Point” [or “ThreatCloud”] cyber attack map is mesmerizing. It is a live cyber or hack attack map containing oodles of attack lines that follow live, currently in progress cyber attacks. The threat map lists the time, the attack name [or virus or hack type], the source and the intended victim location: the target.
The attacks are unrelenting and endless and the lines are ongoing in this dynamic situation.
One take away I have is that every country in the world can be a cyber target. Likewise, attack sources seem to come from almost anywhere in the world, although ‘botnets’ [a group of secretly hacked, controlled computers] are likely a major factor in this.
My favorite part of this product, by “SmartKlear” [Carbon Smartphone Cleaner], by far: “the same technology used in the NASA space station“. Wow, NASA technology at only $14.95!
“This smartphone cleaner kills bacteria and wipes smudges, streaks, and oily fingerprints right off the screen. SmartKlear uses an invisible carbon substance that repels dirt and oil—the same technology used in the NASA space station”