Computer News & Safety – Harry Waldron Rotating Header Image

November, 2016:

Leadership – Three common obstacles to personal growth

John Maxwell reflects on the need to think beyond current limitations and common constraints which often create barriers for successful achievement.

To make it up the growth slope, we need to figure out the best route and make steady progress on the way up. That often means removing obstacles that are in our way. And today I want to talk about three huge obstacles that might be found on the path to your potential. Leaving them there will slow or even stop your growth progress. Removing them can free you to run toward your growth goals.

1. Scarcity — How do you view options? Resources? Opportunities? A person with a scarcity mindset believes that those things are limited. That we’re all competing for a finite number of resources or options.

2. Insecurity — Insecurity is a minimizing of one’s self – it’s seeing your abilities, talents, and strengths as deficient in some way. When you believe you’re not good or talented enough, that’s an obstacle to growth. Insecure people may recognize chances to advance and grow, but they don’t believe in their ability to seize those opportunities.

3. Powerlessness — A belief in powerlessness comes out of the assumption that we have no ability to affect our world. Powerlessness often begins with a wound – perhaps from someone in authority ignoring or dismissing your voice – but it hardens over time into a mentality that cannot recognize personal responsibility for anything that happens in life.

The good news is you don’t have to live with negative beliefs. In fact, just by recognizing them within yourself, you are in position to take the first step of growth. And that is to choose to believe differently. This is something you can right now, today. Your beliefs are your choice.

If you struggle with a belief in scarcity, choose instead to practice abundance thinking. If you struggle with insecurity, practice confident thinking. If you struggle with a feeling of powerlessness, embrace responsibility. Roman Emperor Marcus Aurelius once wrote, “Very little is needed to make a happy life; it is all within yourself, in your way of thinking.”  If you confront and change your beliefs, you’ll clear the way on your uphill journey of growth.

IoT Malware – New Mirai botnet impacts one million German users

A new variant of the IoT based Mirai botnet has surfaced creating a major distributed denial of service (DDoS) attack in Germany as documented below

A new wave of attacks involving the Mirai botnet has crippled internet access for nearly a million home users in Germany. The latest attacks used a new version of the Mirai malware (Linux.Gafgyt.B) which is configured to exploit a weakness found in routers widely used in Germany. While the original Mirai malware (Linux.Gafgyt) was designed to perform brute-force attacks on a range of routers, this latest variant exploits a weakness in the CPE WAN Management Protocol which leaves TCP port 7547 open on the device. According to Germany’s Information Security Bureau, the attacks began on Sunday November 27 and continued into Monday.

Virulent threat to IoT devices — Mirai first appeared in September, when it was used in a huge distributed denial of service (DDoS) attack against the website of journalist Brian Krebs. The malware has since spread quickly, infecting a range of IoT devices including routers, digital video recorders and web-enabled security cameras. It caused major disruption in October, when it powered a DDoS attack on domain name system (DNS) provider Dyn that temporarily knocked a number of major websites offline, including Spotify, Twitter, and PayPal.

Guarding against attack — Users of IoT devices should take a number of precautionary measures to minimize the risk of infection from Mirai and similar threats:

**  Research the capabilities and security features of an IoT device before purchase
**  Perform an audit of IoT devices used on your network
**  Change the default credentials on devices. Use strong and unique passwords for device accounts and Wi-Fi networks.
**  Use a strong encryption method when setting up Wi-Fi network access (WPA)
**  Disable features and services that are not required
**  Disable Telnet login and use SSH where possible
**  Disable Universal Plug and Play (UPnP) on routers unless absolutely necessary
**  Modify the default privacy and security settings of IoT devices according to your requirements and security policy
**  Disable or protect remote access to IoT devices when not needed
**  Use wired connections instead of wireless where possible
**  Regularly check the manufacturer’s website for firmware updates
**  Ensure that a hardware outage does not result in an unsecure state of the device

Solar Technology – India completes World’s Largest Plant NOV 2016

This amazing technological feat was completed in 8 months

Following eight months of construction, India has finished building its new solar power farm in Kamuthi which will replace California’s Topaz Farm as the world’s biggest solar plant. The massive facility packs 648 megawatts, which should suffice to power over 150,000 homes, and consists of 2.5 million solar modules, 576 inverters, 154 transformers as well as 6,000 kilometers of cables.

The solar plant spreads over 2,500 acres (or 10 square kilometers) of land and costed a total of $679 million to build. By comparison, Topaz Farm, which can generate up to 550 megawatts of power, took almost two years and over $2.5 billion in funds to build.

Leadership – Personal Growth requires daily small steps forward

As John Maxwell reflects, we should all strive for continuous improvement with a theme of personal improvement each day. Small improvements each day will add up over time and result in positive changes in both character and contributions.

There are several great reasons to pursue growth. It can help us achieve our career goals. Over time, it creates momentum, which encourages more growth. And an emphasis on growing – rather than “arriving” – makes it easier to learn from failure. I encourage people to grow because growth increases hope.

A Growth Mindset Is the Seed of Hope — Growth in the natural world is all about looking forward. A sapling becomes a mighty oak by growing slowly over time. When we have hope, we can imagine a better future. And hope isn’t just wishing for things that might be. It’s the firm belief in things that will be. It’s looking past your present circumstances with the belief that you have a future.

A Growth Habit Strengthens Hope — Choosing to grow is important. But that decision is not enough to create change on its own. Next, we need to acknowledge that growth is a gradual process – that in fact, it happens one day at a time. And then we need to establish the habit of growing on a consistent basis.

Growth Over Time Realizes Hope — When we take small steps of growth every day, over time, we see progress. And then our hope has the most potential to be realized. If you string together enough days of consistent growth, you begin to change as a person. You become better, stronger, more skilled, or all of the above. And when you change yourself, you can change your circumstances. This begins a cycle of growth strengthening hope, leading to more growth, resulting in even more hope.

Apple – Tips to recover iPhone storage when full

This Business Insider slideshow shares techniques & strategies to quickly recover iPhone storage when the internal storage drive is full

We’ve all been there: you try to download an app or take a photo, and your iPhone says you don’t have enough storage.  It’s a super frustrating situation that can render your phone practically unusable. Luckily, there are a few easy ways you can quickly clear up space on your trusty Apple device. We’ve created an easy guide to make the process as painless as possible.

Android Malware – Gooligan infects over 1 million devices

Over 1 million users on older Android versions 4 and 5 are exposed to a new malware agent that allows access to Google applications

Anyone running an older version of the Android operating system, be warned: Malware is infecting 13,000 Android devices every day, putting at risk the private details of more than 1 million Google accounts. 

That’s according to cybersecurity software company Check Point, which discovered a new piece of malware called “Gooligan” that’s infecting Android phones and stealing email addresses.  Users who download Gooligan-infected apps or click links in phishing messages are being exposed to the malware, which allows attackers to access sensitive information from Google apps like Gmail, Drive, and Photos.  Once attackers hack into the device, they’re buying apps on the Google Play store and writing reviews posing as the phone’s owner, Check Point says.

Anyone who owns a device running Android 4 and 5 — that includes Android Jelly Bean, KitKat, and Lollipop — is most at risk, according to Check Point, and those devices make up nearly 75% of Android users.


Leadership – Best practices when confrontation is needed

John Maxwell offers great advice for leaders and managers, who must sometimes correct problems or issues with members of the team.  It is always best to do so privately and encourage professionals at the end, when these corrections are sometimes needed.

I bet you’ve heard this before: In any organization, people are the most valuable asset. And as a leader, you probably understand that it’s true. No matter how you measure it, people offer the highest return on investment over the longest time. When you take care of your people and treat them well, they have the potential to create incredible success for the organization.

However, we sometimes interpret this concept in an ineffective way. “Taking care of” people is understood by some leaders as “always being ‘nice’ and never offering any correction.” And that belief can cause real problems. Why? Because everyone needs correction sometimes. People aren’t perfect, so they’re going to make mistakes. Communication isn’t foolproof, so sometimes followers misunderstand what is being requested. And a need for a course correction arises.

The Ten Commandments of Confrontation

So, keeping in mind the overall goals of clarifying, and treating the person the way they would want to be treated, here are my Ten Commandments of Confrontation:

1. Thou shalt confront others in private.
2. Thou shalt confront as soon as possible and not look for “a better time.”
3. Thou shalt stick to the issue at hand.
4. Thou shalt make thy point and not repeat it.
5. Thou shalt deal only with actions that can be changed.
6. Thou shalt avoid sarcasm (especially in an email or text).
7. Thou shalt avoid words like always and never because they are rarely accurate.
8. Thou shalt ask questions and offer suggestions.
9. Thou shalt not apologize for the confrontation.
10. Thou shalt remember to highlight the person’s positive contributions.

Congress — Consumer Review Fairness Act of 2016

Congress has passed the “Consumer Review Fairness Act of 2016” preserving freedom of speech when negative reviews are posted online.

A bill protecting US customers’ right to post negative online reviews is awaiting the President’s signature.  The Senate this week unanimously passed legislation that will outlaw the use of “gag clauses” by businesses trying to silence criticism of products and services.  Following its introduction in the fall of 2015, the Consumer Review Fairness Act gained House approval in September and proceeded through the Senate on Monday.

The Consumer Review Fairness Act voids any provision of a form contract that prohibits or restricts individuals from posting written, oral, or pictorial reviews about the goods, services, or conduct of a company.  “Reviews on where to shop, eat, or stay on websites like Yelp or TripAdvisor help consumers make informed choices about where to spend their money,” Internet subcommittee ranking member Brian Schatz (D-Hawaii) said in a statement.

The full text of bill is noted below:

H.R.5111 – Consumer Review Fairness Act of 2016

Windows 10 Professional – Feature and Security update deferral settings

While corporate settings will govern many WIN10 PRO and Enterprise devices, home users using WIN 10 professional have an option to delay feature updates for a period of time allowing complex feature releases to better achieve stability as fixes are performed based on early issues.

Forced updates in Windows 10 have their appeal. For Microsoft, it helps keep the majority of its users on the same build of Windows 10, reducing legacy support issues. For users, it keeps your system up-to-date and reduces the chances of getting hit with malware that takes advantage of unpatched systems.

But some folks resent the idea of having updates forced on them—especially when some of those updates cause problems. If you’re running Windows 10 Home you’re at the mercy of Microsoft’s update schedule. Windows 10 Pro and Enterprise users, however, have the opportunity to defer certain types of updates.

First, click on Start and select the Settings cog icon on the left side of the Start menu to open the Settings app. Now go to Update & Security > Windows Update; under the “Update settings” sub-heading, select Advanced options. A new Advanced options screen will pop up. From here, click the Defer feature updates check box.

What deferring Windows 10 updates means — Adjusting this setting puts you on a special update channel for Windows 10 known as the “Current branch for business.” This version of Windows 10 doesn’t receive feature upgrades as quickly as everyone else. Security updates, however, are delivered on the same schedule regardless of branch. Microsoft says that when you defer upgrades you won’t be forced to install feature updates (such as the upcoming Creators Update) for “several months.”

Malware – ImageGate embeds malicious code in graphics files

Checkpoint security describes an innovative attack where ImageGate embeds malicious code in graphics files.  Users should exit their browser session if an unusual file unexpectedly starts to download after clicking on an image.

Check Point researchers identified a new attack vector, named ImageGate, which embeds malware in image and graphic files. Furthermore, the researchers have discovered the hackers’ method of executing the malicious code within these images through social media applications such as Facebook and LinkedIn.

According to the research, the attackers have built a new capability to embed malicious code into an image file and successfully upload it to the social media website. The attackers exploit a misconfiguration on the social media infrastructure to deliberately force their victims to download the image file. This results in infection of the users’ device as soon as the end-user clicks on the downloaded file.

As more people spend time on social networking sites, hackers have turned their focus to find a way in to these platforms. Cyber criminals understand these sites are usuallywhite listed’, and for this reason, they are continually searching for new techniques to use social media as hosts for their malicious activities. To protect users against the most advanced threats, Check Point strives to identify where attackers will strike next.

Check Point recommends the following preventive measures:

1.If you have clicked on an image and your browser starts downloading a file, do not open it. Any social media website should display the picture without downloading any file

2.Don’t open any image file with unusual extension (such as SVG, JS or HTA).

ImageGate: Check Point uncovers a new method for distributing malware through images