RACS
Solution providers and trouble-shooters for networks. We also provide consulting for systems planning and integration.
Another somewhat negative Google/Android post :( - Hopefully for the safety of everyone for better awareness
Hi All, Happy Sunday.
Ultimately this is another of those "We really cannot trust Google Android devices" posts.
Just sharing with family and friends, as there has finally been a Google Security Blog post published 6 June 2019 that details the Triana Android trojan much better than previously known.
Maybe it's time to consider a refurbished, or new *older model* iPhone that won't break the bank.
Google finally enhanced their play store some time back with Google Play Protect that claims to remove Triada and other nasties.
The problem IMNSHO is that new malware, adware and trojans still keep finding their way into the Google Play Store on a fairly regular basis.
If you use banking or any apps that can affect you financially, I would strongly recommend not doing so on Android devices.
Keep in mind also, that even having contacts on your Android device allows malicious apps to farm these contacts, and upload them to servers for later malicious use.
Even better for the malicious apps (and worse for you and your contacts), should you also keep birth date and other confidential details about your contacts!
Expect these additional details to allow these unscrupulous people to attempt identity theft should you have information about your contacts that is not supposed to be publicly available.
^^Food for thought^^
Apple is by no means perfect, but they will keep you a lot safer than Google.
Microsoft are also gaining traction in some of the trusts stakes of recent.
Forbes Post:
https://www.forbes.com/sites/daveywinder/2019/06/08/google-confirms-android-smartphone-security-backdoor/
Google Security Blog Post:
https://security.googleblog.com/2019/06/pha-family-highlights-triada.html
Australian Apple Store - Refurbished/Certified Products:
https://www.apple.com/au/shop/refurbished
New Zealand Apple Store - Refurbished/Certified Products:
https://www.apple.com/nz/shop/refurbished
14/05/2019
This is to alert all users of WhatsApp to update your WhatsApp ASAP.
All computers and mobiles are affected.
The patch was only released on Friday.
I would recommend stopping anything you are doing and updating this if you have not updated WhatsApp since Friday
Note this caution about the vulnerability:
Targets need not have answered a call, and the calls often disappeared from logs, the publication said. The WhatsApp representative said the vulnerability was fixed in updates released on Friday
WhatsApp vulnerability exploited to infect phones with Israeli spyware Attacks used messenger's call function. Targets didn't have to answer to be infected.
Time to start thinking about upgrading Windows 7 and Windows 2008R2
I feel it is time to start reminding people of the imminent countdown to 14 January 2020 when Microsoft will no longer offer free monthly security updates for Windows 7, Windows 2008 Server, and Windows 2008R2 Server.
Those of you with Microsoft Volume License Agreements (Large Business and Enterprise Users) will have an option for paid ESU (Extended Security Updates) beyond 14 January 2020 - Windows 7 ESU pricing further down.
Home users with Windows 7, you have no option for extended support - it's time to upgrade to Windows 10 or risk nasty things from the internet potentially infecting your computer after January 14, 2020.
For Windows 2008 server and Windows 2008R2 server, business users will need to purchase Microsoft Software Assurance (MS SA), then in turn purchase ESU in addition to MS SA.
To date, I have been unable to find the pricing per server for ESU after you purchase Software Assurance.
If someone knows the pricing, can you please share?
While I am still researching the legitimacy of doing so, you can still (technically) upgrade for free to Windows 10 using an existing Windows 7, 8, or 8.1 license key.
This is despite the fact that the free upgrade offer expired 31 December 2017.
Given that Microsoft will know the date you upgrade to or install Windows 10 using an existing Windows 7, 8, or 8.1 license key, technically Microsoft could claim you now need to pay for it because you missed their free upgrade offer.
I have never yet heard of this occurring however.
My understanding from asking around that this also works for Windows 7 OEM license keys.
I have looked high and low into the legality of doing this, and am currently at my wits end trying to find something concrete about this scenario.
I'll update this again if/when I get advice confirming either way.
Worst case, if Microsoft eventually ask you to pay, then pay..... simple, stay secure and safe.
Windows 7 is now almost 10 years old (Release date was 22 July 2009).
Think of it as the cost of your 10 year internet drivers license renewal - the internet drives us all nuts :)
FWIW - Windows 10 is considerably faster than Windows 7, and contains built-in memory compression technology that allows it to run acceptably in as little as 1GB RAM if you are not a power-user
As always, I welcome any opinions on the above including any omissions, spelling, or grandma errors :P (let's see who reads this to the end lol)
27/01/2019
If you own a web site, the below information is for you, this notification is not aimed at end-users.
For those interested who do not understand DNS, feel free to wander over to RACS DNS training site that we published many years ago.
It was built to educate users, web designers, techs, and accounts payable staff (who always ask about the *different domain invoices* at various times during the same accounting year).
http://dnssecrets.com/
Nothing for sale, it is purely a community service site RACS built for education purposes.
The InfoGram further down the page gives a very clear picture of the basics of how DNS works.
Credit to Web Designer, Search Engine, and Online Presence Specialist Megan Bennett for a great site layout.
Megan's web site is below should anyone need assistance with Web Design, SEO, and Online Presence:
https://www.pixelportal.com.au/
Now, to the reason for today's Tech Tips email:
On February 1, 2019, larger DNS providers are going to make some major changes to aid more secure DNS on the internet - see the site below:
https://dnsflagday.net/
These is a test on this page to see if your domain is going to have issues.
Scroll down to the "Test your domain" section and type in your domain name WITHOUT www.
e.g for RACS, racs.com.au then press the Test! button.
Feel free to revert to myself should you need a hand understanding the result.
Some of my domains are affected to a point, and I have already logged a query with my DNS provider.
TL;DR (Too Long;Didn't Read) version:
The main change is that DNS servers hosted by the vendors named in the article will interpret timeouts as sign of a network or server problem.
Starting February 1st, 2019 there will be no attempt to disable EDNS in reaction to a DNS query timeout.
Simple version - This effectively means that all DNS servers which do not respond at all to EDNS queries are going to be treated as dead.
Technical version - Recursive DNS servers will no longer work around the following:
- Old Windows DNS servers as the don’t return FORMERR to *all* EDNS queries
- Firewalls that block EDNS or EDNS with a DNS COOKIE option queries
Click here to claim your Sponsored Listing.
Contact the business
Telephone
Website
Address
Opening Hours
| Monday | 8:30am - 5:30pm |
| Tuesday | 8:30am - 5:30pm |
| Wednesday | 8:30am - 5:30pm |
| Thursday | 8:30am - 5:30pm |
| Friday | 8:30am - 5:30pm |