Author: cavemandave

Oh, boy. Another big company in trouble. Well, technically, there are three main companies in trouble, but Intel is in the most trouble. AMD and ARM are not 100% safe, but there are and have been protocols in place with their CPUs to prevent the kind of vulnerabilities that are plaguing all modern Intel CPUs (dating back at least 20 years, allegedly). What actually goes on?

To put this in simple terms, the kernel (which sits between your operating system and your CPU and directs traffic) is supposed to separate the user’s experience from the bare metal of the processor. This means that a user who sits down at a computer cannot easily see what the CPU sees and is doing with each and every bit of information because the kernel encrypts everything. What Meltdown and Spectre do is exploit the lack of this separation and encryption to capture these individual bits of information. It is a slow process, but it can be modified to capture entire bytes at a time. This gives an attacker an easy way to surreptitiously read the information stored in memory, which can contain valuable information such as passwords, SSN, and other things which you may have had to type in.

The reason that Intel is more at risk is because an attacker can accomplish this remotely. With AMD and ARM, the risk is still there, but an attacker would need physical access to the machine due to their protocols in place that provide better separation between the user and the processor. What does this mean for Intel? Well, its stock price fell sharply in the days after the kernel bug was revealed, but that’s superficial. This means that every computer with an Intel CPU from the past decade (at least), even Macs, are vulnerable. We at Bendy Computers are taking this quite seriously, and would recommend an AMD system if you are looking for a new computer.

For your current system’s security, please accept all updates offered by your Operating System or CPU manufacturer.

Oh, boy. It seems like there’s some new information leak every day, and there’s probably even more than you or I realize. But this one is a big deal. Equifax, being such an important company to the structure of credit in the modern world, is privy to all kinds of personal information. This includes address, date of birth, Social Security number, tax ID, credit card numbers, etc. The works. And all of this data was leaked for 143 million Americans. What does this mean for you? It means that anyone can buy this information about you and use it to open up accounts in your name or take loans with zero intent of paying them off. This can and will destroy your credit. We at BendyComputers would always recommend that you have a high credit score, as it is not only necessary but imperative when it comes to important aspects of life such as renting an apartment, buying a car, or financing a home, just to name a few. One way you can go about protecting yourself is via freezing your credit, but this has its downsides, too. You can read more about that in your spare time.

Okay, but how did this happen? Well, it would appear that a high-ranking executive in charge of the databases used to secure all of your personal information used the default login credentials rather than changing them to something more secure. That’s right, the hacker merely had to be on the same network as the database and type in “admin” “admin” for the username and password and POOF! Everyone’s valuable information at his fingertips. Perhaps Equifax should have read my post on Password Security!

Everyone’s heard that they need more RAM in their computer. “It’ll help things run faster!”, “Chrome tabs eat the stuff for breakfast….”, “Dedotated WAM”, whatever it is, you’ve heard it too. But you might not know what it is. Here’s a crash course on RAM.

RAM, or Random Access Memory, is a form of high-speed storage that your computer needs in order to process tasks quickly. When you open a Chrome tab, for example, a basic version of that page goes to RAM so that system resources can access it in quick succession. RAM has two main advantages over other types of storage that make it capable of running such demanding tasks at high speeds; it is wired to connect directly to the CPU, and it uses a simple and fast technology to store data. The latter point has an imaginary asterisk next to it because there are faster types of RAM than your desktop RAM, but you likely won’t run into this, so we can ignore the asterisk and move onto that technology in question. The chips you see on your DIMM actually hold the information, and each bit of information gets its own capacitor and transistor. That’s it. This simplicity lends itself to high speed and high density, which is what you want in a consumer computer. High speed is achieved by sending electrical signals billions of times per second (most DDR3 RAM operates between 1333MHz and 2133MHz, but DDR4 can reach speeds of over 3200MHz)*. Uh oh, asterisk time. [*As the frequency of the RAM increases, so does CAS latency. This largely negates the high speeds, but some chips can maintain high speed and low latency.] That ties in nicely to the connection with the CPU. When your CPU is performing 3.5 billion operations per second and your RAM is getting up there in speed as well, your entire computer runs more seamlessly. Tasks are able to be completed fasted due to this direct link, whereas they would take longer if there were some intermediary between the RAM and the CPU.

Odds are, you do actually need more RAM. If your computer seems sluggish, this is a great way to give it some more life. Don’t let the most simple of upgrades hold you back!

You’ve probably heard a bit about encryption on the news; ISIS is using it to thwart international governments’ attempts to shut down their communication network, the NSA is breaking it to spy on you and me, all that kind of shifty-sounding junk. That may leave some of you with the impression that encryption is a tool for malicious entities to use and exploit. Yes, they do use it and exploit it, but the purposes of encryption as a whole are very positive. Don’t let one bad apple spoil the bunch.

Encryption is a vital technology when it comes to security on the web. Every time you buy something on Amazon or ebay, your credit card information and address are encrypted so that nobody can just pop in, grab your information, and deplete your bank account. If you want to register for classes at college, your traffic is encrypted so that there’s a smaller chance of data corruption and you don’t end up registering for Art 101 instead of Thermodynamics. Emails between you and your boss are encrypted for the sake of confidentiality. Encryption is a tool of security. It just so happens that some terrorist organizations are also reaping the benefits of this technology. As much as we despise terrorist organizations, their operation remaining intact is a ringing endorsement for the security benefits of encryption. And, yeah, the NSA is building in backdoors so that they can bypass encryption on your devices, but there are ways around that.

Encryption is the way you should be keeping yourself safe. If you aren’t concerned about encryption, pay a visit to DEF CON one year with an unprotected device and see what happens….

I touched on deep packet inspection in my post about VPNs, but I never really went into the details of it because it’s not something you or I will have to worry about in the foreseeable future (hopefully things stay that way). It’s mostly used by authoritarian governments (think China from here on out) to keep an eye on their citizens. If someone were to use a VPN to bypass a firewall or location-locked content, DPI would see this, deny the web service, and tell the government to “pay a visit” to the user.

But how does it work? A packet is a piece of information that contains data about your current internet usage. It contains the web data that you are passing between you and the server, a source and destination IP address, a source and destination MAC address, and a whole bunch of other stuff that doesn’t matter in terms of this explanation. All of this is packed up layer by layer (imagine an envelope inside another envelope inside another envelope and so on) into what we call a packet, which is passed over the web. The Great Firewall will see these packets and take a look at the destination MAC address; if it’s not approved, it gets rejected. This is where a VPN works; it disguises the destination MAC address so that the Great Firewall will let it by. The government caught onto this and has started implementing DPI. They look through all the layers and see what the web data is so that it can’t be disguised. Imagine they receive an envelope and open it. It contains another one. Previously, they would put this envelope back in and let it through. With DPI, they tear into the second one. Which contains a third one, which they open. This goes on until they see unapproved web traffic, they get angry, they throw the VPN user in jail or worse.

The way around this? Disguise your VPN traffic. The current solution is to use stunnel, but they’ll catch onto that soon enough, and someone will find another way to get around.

So you read my last post on safe passwords and now you want to be even more secure. How do you do that? The easiest way (which just so happens to be the solution that most of the tech world uses nowadays) is multi-factor authentication. This is an idea that allows you to combine different types of login credentials so that you and only you can log into your accounts.

Multi-factor authentication largely depends on the existing password infrastructure. You have a password, you put it in, the website counts that as the first factor. Then, it’s up to the web developers as to what other kinds of factors they use. Some could use fingerprint or iris scans, others might send a one-time password to your phone, and others might require a second password, but this is less secure. The point is that if some malicious entity has your login credentials, they can only get so far. They can put in your username and password, but when they have to check your phone for the one-time password, they’re out of luck. Let’s say, hypothetically, that they do have your phone and put in the one-time password. They’re prompted for your fingerprint and are foiled. Your data is behind many walls. You’re safe.

This can use as many steps as you or the developer chooses. The most common today is two-factor authentication, but places that require more security can use four, five, or even six layers of this. It works because it assumes that even if the hacker or thief has all of the information that they think they need, there’s something along the chain that they’re missing. Of course, if they have your unconscious body and can use your fingerprint they can get in, but I think you have other things to worry about at that point.