Ransomeware TeslaCrypt Virus: Don’t get it in the first place

TeslaCrypt Ransomeware malware bug makes you PAY— actual dollars!

“WHAT?!” you say.

“Yep,” I say.

Baddies get into your computer, lock everything up and demand actual CASH to let you get it back! 

Scuttlebutt is that most will unlock your content. The fee seems to be around $500. But I sure don’t want to test them. And no matter what, it’s a dirty dirty trick.

The bug seems to have cropped up February, 2015 and was passed by gamers who were forced to compromised websites.

At that time, Internet Explorer and Opera browsers were targeted.

[ed note: Make sure your browsers automatically update.

In IE, go to the gear for Settings. Choose “About Internet Explorer” and then click the box for automatic updates.

For Opera: On the menu line,  go to Settings > Preferences > Advanced > Security. In the “Auto-update” section at the bottom, from the drop-down list, click Automatically install updates. Then “OK”]

Also make sure your Adobe Flash Player, Adobe Reader and Microsoft Silverlight browser plugins are up-to-date, or disable them entirely.

Further explanation at ThreatPost.com describes the TeslaCrypt as

a potent collection of exploits for vulnerable Adobe products (Flash, Reader, Acrobat), Internet Explorer and Microsoft Silverlight, that has in the past … been dropping ransomware on infected computers
 …researchers said the attackers behind the current WordPress compromises—numbering in the hundreds—were exploiting an unidentified vulnerability with obfuscated JavaScript. The malicious code redirects traffic to a domain … where the users are presented an online ad that forces traffic to the site hosting [the actual virus.]

But further, Tom’s Guide says you can get this bug  from emails.
Advice  for avoiding it in the first place is basically the same as always:

Do not open unexpected email attachments
… even from friends!

Make your passwords strong

  • Eileen123 is NOT a strong password.
  • bigfatscissorsh0use! might be

See that? big fat scissors house!  (with a zero for an O)

Four random words — that you can actually spell without looking them up — makes for a very secure password.

Keep your website secure

You could be keeping your website up to date yourself.

  1. Make backups on a schedule that matches the regularity of your additions. If you post once a week, there is no reason to back your site up hourly!
  2. Update WordPress plugins and core when they’re available. Upgrade WordPress to the latest version, 4.4.2, in order to resolve a handful of bugs and vulnerabilities in the content management system.
    Wordfence plugin will alert you when changes are made or updates are available

If you’re not paying attention to these things, get help!

Contact me to talk about a website maintenance program .

PS:  Here’s a link to how some people have removed the problem.  I HAVE NOT TESTED THIS. SO I MAKE NO GUARANTEES ABOUT ITS VALUE OR DISVALUE (if that’s even a word)


Back up, back up, back up all your devices!

Buying insurance is like betting on failure.

But sometimes that’s what you gotta do!

I read an interesting article about Mobile Security Tips over at mobileoffice.about.com

Melanie Pinola says:

Backups are like insurance—while you don’t want to ever have to need it, you’d be glad to have it in an emergency. So, especially before taking your mobile devices on the road, it’s vital to make a backup.

I say backups are critical for all your digital equipment…
not just phones, but laptops, tablets, and desk top computers.

If you’re going a way for a while, back up important stuff from your desk top machine someplace else.  Theft, fire, who knows?

I had an external hard drive that saved everything. When I went away, I’d hide it someplace other than my office.

No one ever broke in (Knock wood!) or stole it.

But then the darn thing died. Quietly and without warning.  It was a ClickFree device.  I don’t recommend them anymore. If it had made warning noises, I might have reconsidered. About the only thing I missed was financial data. And that, friends, is a HORRIBLE thing to lose! But that’s my cross to bear.

Backups are now even higher on my list of automatic activities.

  • I have automatic backups of client websites and my own.
  • I backup sites before I make changes other than adding content.
  • I have automatic backups of my computer to an online backup service. I like SpiderOak. But check out PC Magazine’s review of Best Online Backup Services for 2015. A nice thing about an online service like Spider Oak is that I can access my information from any computer I’m working on. Even public ones. BUT I DO NOT RECOMMEND THAT!
  • I have started removing content that I no longer need and putting it on CDs. I know there is controversy about how long CDs will be viable. So if I put it on a CD it really means, “I don’t need it, but I can’t bear to throw it away.”

I’m pretty crappy about my phone and tablet. But then I don’t keep anything on either that is really critical. I might be sad about pictures, but then I really don’t take many.

And know this: FREE is probably not the best option when you’re talking critical info.

If it’s free today, maybe the makers will figure, at some time in the future, that nobody really cares about it, and POOF, it could be gone.  Pay for stuff to keep the makers supporting the product.

Keeping track of the details

The busier I get the more I worry about forgetting details or things I said I’d do. Sometimes tasks get shoved down in the list for good reasons. But then they can be lost for ages. And I hate that!

I’m thinking Bullet Journals, but I’ll get to that in  a minute.

Getting Things Done: Complications abound

I tried David Allen’s “Getting Things Done.”  There were a lot of rules to keep straight. Some I have  hacked to work for me. Here’s my most gratifying:

Step One (Day One):

  1. Gather up all the papers on my desk and lying around the office
  2. Pay no attention to their value (grocery coupons and invoices are all the same)
  3. Put them all in a box or basket.
  4. Enjoy the cleaned up space.

Step Two (Day Two):

  1. Sit down, maybe with coffee, maybe wine, maybe bourbon (depending), maybe the TV is on: Look at each paper and write on the top (or on a post-it) where it goes (upstairs files, desk drawer, or what ever makes sense to me)
  2. Pile up the “like” papers and
  3. File all at once.

Nice. And pretty quick… for cleaning. But not keeping track.

Notebooks: Lost in the pages

For years I used paper notebooks.

I saw a man on a plane copying stuff from one spiral notebook to another. He told me everything he’d noted in the month was in one notebook (the “write stuff in one and only one place that you trust” method). He’d refer to the notes. Cross out what’s done. Keep track of phone numbers, etc,. everything he’d collected that month.

At the end of the month he copied what he still might need to do into a clean notebook. Then he filed the old one. Generally different colors each month helped remind him where he might have jotted stuff.

I used that system for a long time. It has worked. notebook3-linethru I can generally flip thru the pages quickly and find what I need.notebook3-crossout

I cross out the stuff that’s done. Or draw a big box around a group of things and put a big X across the middle.

But sometimes stuff just gets lost in the book. Or I spend too much time paging thru to find what I’m looking for. And then… Oh, look, a chicken!

Computer Lists: Lost in the ether

I use my computer’s calendar to keep track of events and contact info, so I don’t need to write that in a book. But the “To-Dos” are harder.

If I keep the list in my computer, I’ll probably never see it. So I need to write it down on paper (that I can find again!)  I’ve tried ToDoist (you have to sign up) and Google Task list, to name a few.  None have really helped me see what I need to do next.

Bullet Journals: Is this the one true way?

I’ve been playing with the idea of using a bullet journal after Joe Casabona, at WordCamp Scranton, suggested it as a great way to use the (beautiful!!) speaker gift notebooks.

The instructions seem a little overwhelming (Like David Allen’s rules).

However, today I stumbled on a revised notion of tabs and dots.

Everybody gets the notion of tabs.  Post–its are great for tabs because you can easily move them around. These heavy duty ones are great, but the regular small size post-its, stuck on upside down so the non-sticky part sticks out, work pretty darn well also.

But the dots are brilliant!

dotsFold over colored stickers on the edges of pages to signify pages that go together. Red for food journal pages, green for things you just want, blue for gift ideas. You get it, right?

Use those big ¾” colored dots (these 1 3/8″ x 1/2″ rectangular stickers seem better. More room to write on them what they’re signifying.)

Marking a collection of pages on the edge and there’s a much greater chance that I’ll be able to find those pages when I’m looking for that content.

Have you used Bullet Journals? Have you found a way to make the process simple? What’s been working for you?


Updating iPhone Apps

Find the App Store icon and click on it.
Find the App Store icon and click on it.

I posted a link to this article on Social Media Examiner  on my Facebook page.

I think the first of the ways is particularly cool so I said so on Facebook

My first friend asked: “Great.. How do I update to the latest Facebook App?”

Pretty basic question.
But I have learned that if I GET it once at least 3 other people are wondering the same thing.

So here’s how (complete with my own phone screen shots!)

Find the App Store icon and click on it. Looks like a big A and I circled it in the screen shot at the right.

Please don’t hate me because I have 86 apps to be updated. (That’s what that little 86 means in the red circle)  There are excuses and reasons.. but please don’t ask about them.

On the next screen, click on the  UPDATE button with the arrow that’s circled in the lower right of this screen (below).

photoThen scroll down til you find an app you want to update.

We’re talking FaceBook here.. but it could be any APP  and it could be ALL apps. (Yep, if there are 86 you could be scrolling a while. OR you could choose the UPDATE ALL in the upper right corner, that I did NOT cirlce)

I already updated my FaceBook app. (na na na)  So the button at the right says OPEN.

But if I hadn’t it would say:  UPDATE

Click that and then wait…. a while.

When the button says OPEN, you’re good to go.


Why do you need a new website?

Let’s pretend you wake up one morning and decide you want a new website.

Curious Monkey asks whyBut here’s the question: Why?

Maybe you finally figured that the site you made in 1999 is a little out of date and you want to fix that. That MIGHT be a good reason. But if your website is doing what you want it to do, then maybe “change” isn’t enough of an answer. After all, the Marlboro Man hasn’t changed much in more than 50 years!

“Why” is a big question.

Is your website doing what you want it to do? Do you know what you want it to do? Do you know what you have to do to make that happen?

“If you’re stuck, throw some money at it.” That’s what my friend Leslie says.

But if you’re not independently wealthy, that might not be a good idea. And even if you are, it’s probably not a good idea.

You have to know what you want your site to do for you and for your visitors.
Your web developer should not be the one to decide that for you.

garage framingSay you get a contractor to build a new garage. You have to plan what you want to do with it. What should be different from the one you have? And even though the men doing the work swear it’s reason enough, bigger is not the only criteria.

We thought about the one we’re building and planned it.

We made sure there is capability for plenty of outlets, put windows in the wood shop and the lift bay, but no windows, besides those in the door, in the general garage area. We continue to think about it as the process proceeds.

Your website is no different. What do you want to have happen there?

  • Should people buy something?
  • Be educated about something?
  • Sign up for a newsletter? (Do you know what the purpose of that is? That’s a conversation for another day.)
  • Do you want them to return time after time?
  • Or do you just want them to see that you really exist and do not have two heads?

You can surely find someone to redesign/rebuild your site, make it more up to date, add features you didn’t have before like maybe a way to signup for a newsletter, add google analytics and links to social media.

If you’re not clear about what you want, two things happen.

  1. You’re at the mercy of your web developer and what s/he thinks you should have.
  2. And then, when you don’t like what s/he does, you’re both in for endless tweaks and twists. That makes the process tiresome for both of you (at best) and costs you more money.

In the end this is all about communication—between you and your visitors and then between you and your designer.

Think about how you want to talk to your visitors. Conversationally? Technically? Formally? Any answer can be right but you must decide.

People need to know you before they like you. Then they have to like you before they trust you enough to give you money.

If you need help with the writing, ask for it. A developer should have at least one colleague who can help with that.

Why do you need a new website?
To realign your site with your message.

But before you start, you have to know what you want people to do when they visit. Only then can you help them get on the track that leads where you want them to go.

Make sense?

How not to have a free event

This week I got an invitation, from someone I respect—who I’ll call Gene—to attend a telesummit where she was speaking on a topic of interest to me.

I clicked through using the link in her email.

The first time I clicked it, the link was just wrong. It went to the website of the woman holding the event (not to Gene) where I couldn’t find anything about the telesummit.
So I wrote to Gene and asked.

She sent a new email to me and everyone else on her list (appropriately by blind copy) with the correct link and an apology. (Great. Thanks.)

Finally I got to the home page of the event which bragged:


After entering my contact info, I got the standard message to confirm my request.
No problem.
But no confirmation came.

I signed up three times before I got the confirmation email.
I dutifully accepted that and jumped to the page about the event where:

I find more more crap about what’s coming.
(Notice I’m getting a bit perturbed?)
But still no schedule.
No idea what the speakers are talking about.
No info about how to call in and listen.
No nothing.

EXCEPT a place to sign up and PAY.
(Do you think she thought I missed that part above about: ABSOLUTELY FREE?)

I checked my email again and found a new email from the event leader with a link to the “details” for the summit. (Finally.)
In her defense, it did include the dial-in info, dates and general times of the calls. But it did NOT include the times of each talk.

It was just a list of the speakers, with their lovely pictures, bios and links to their webpages. And STILL NO SCHEDULE.

Boy, this woman lost my interest (i.e. respect) in what she’s presenting and then too, by association, have the rest of the speakers.


Now I know  I’m just getting pissy here. But let me look past the general event problems to general site problems. (I am, after all, a web developer!)

Some of the speakers’ bios have bold words, some do not. Some include logos, others do not. It looks very haphazardly put together.

Each of the speaker’s bio blocks had their name at the top, as would be expected. But the names were all underlined like they are links. And they are not links.

Underlining is NOT NECESSARY on the web (unless you’re using it to show a link).
It does NOT make people pay more attention.

In the very dark ages when we used typewriters, underlining (or all CAPS) was the only way you could make text stand out. And it was a pain to add to the copy. But now you can use different colors, or fonts, or weight to show importance.


Look, I absolutely understand that mistakes happen. I do not mean to be hypercritical here.  But there are so many problems with this invitation that it leaves my trust bucket with a big hole in it.

If I were a speaker in the event, I know I’d be pissed.

A BIG part of putting together an event is paying attention to hundreds of details.

Testing links and checking content for consistency are a huge part of what gives a person credibility on the internet. If you can’t get the details of your own project straight, why should I trust you with my time or money?

You can’t do it quickly unless you were somehow born knowing how to do it. And that takes a LOT of experience.

Get someone to test your links, to step through your steps. Ask someone new (NOT the person who wrote the content) to read it all and see if it makes sense.

How do you insure that you don’t make too many mistakes?
(and, for you, what exactly are “too many?”)

If you’ve got other ideas, please share them in the comment section below. I’m always looking for ways to strengthen my technique.

(PS: I will still be attending Gene’s talk. I still want to know what she has to say. But I surely will not be trying to figure out what any body else is talking about. It’s just too hard!)