You, Robot

Asking for me by name, the caller identified herself as “Barney.” And who are you with, Barney? No one, just Barney, she replied, going silent. My assistant and right hand, a young woman who goes by the name of Seed, repeated the question just to be sure she had heard correctly and got the same response. Standoff. Faced with this act of stonewalling Seed gave up and tossed the ball into my court. Shrugging her shoulders and holding the phone toward me as though for inspection, she signaled that she needed an official ruling. Take or don’t take?

When you are in business for any length of time, you become a target for all manner of operators seeking your time or money. Mostly your money. Dealing with them properly requires a certain artfulness. You could, in theory, simply tell all of them to take a flying leap. But that leaves a sour taste and debases, in a small way, both caller and callee. It is also a good way to develop a bad reputation, and to generate–if you believe in such a thing–bad karma.

If you are any good you develop a palette of techniques for dealing with cold-callers, and are able to shape each response as the occasion requires, quickly but nicely getting most of them off the phone, but cultivating with just the right amount of enthusiasm the occasional potentially worthwhile prospect. Over the years I have gotten very, very good at this. Seed is every bit as good as I am, if not better, and deftly sorts the wheat from the chaff with crisp, feminine efficiency. But this opponent had her bollixed.

Decision time. Is it a sales call or a potential supplier? a business prospect or just another tire kicker? In such moments it often comes down to little things. Sometimes I will decide to take a call simply to have a momentary diversion. If, for example, the person on the other end sounds cute I might decide to treat the call as an opportunity to do a little harmless flirting. Mildly intrigued by the prospect of talking to a woman with an old guy’s name, I made an executive decision and indicated that I would take the call. Seed handed the phone over and I said, in my best and most professional voice, “Can I help you?”

In a Midwestern-accented voice that reminded me instantly of Sarah Palin, Barney greeted me warmly: “How’s the hardest workin’ guy in business?” Her voice oozed familiarity. I was momentarily flummoxed. Do I know you? I thought. That question was soon answered for me, when after some introductory pleasantries Barney launched into what sounded an awful lot like the prelude to a sales presentation. It was a very smooth launch, though, and Barney was in no hurry to tip her hand. So I continued to hold out the faint hope that this might yet turn out to be a fruitful interaction.

After only a few moments of monologue it became fairly obvious that Barney was, in fact, working up to a pitch, though the exact nature of whatever she was selling had not yet become apparent. I wasn’t having much luck in the flirting department, either. My little bon mots were all met with awkward silence as Barney continued to stick doggedly to the script, clearly in no mood to play. So I began to tune her out, offering just enough attention that I would be able to react at the right moment with a polite “Thanks but no thanks.” When out of the corner of my ear I heard her say something about “am 1300”–talk radio–I knew for sure, and mentally prepared to bail.

Barney was determined to hold the floor, though, and resisted all attempts to distract her from her mission. At some point another call came in, and I told Barney I would have to take it. But Barney was in the zone, and kept right on talking. So I tried another way: Barney, I have another caller.  Still no reaction. I felt a quick flush of irritation. Sharpening my voice, I curtly declared that I was putting her on hold. This seemed to get Barney’s attention and she stopped in mid-utterance with such suddenness that it was as though the power to her voice had been cut. After a pause she came back with something like, “OK I’ll be right here.” But there was something off about her intonation, as though this sentence held no memory whatsoever of the previous ones.

The other caller turned out to be a repeat customer who needed help with an issue he was having, so I spent a little time with him, troubleshooting. Barney can wait, I thought. After four or five minutes I switched back over and was greeted with the sound of Barney schmoozing no one in particular, which seemed kind of odd. Most sales call originate in call centers. You can tell because you clearly hear many other voices in the background. But if Barney was in a call center she must have had the place to herself, because in place of the usual background cacophony of sales agents working it, there was only silence. At the sound of my voice, Barney stopped and repeated her original introduction, syllable for syllable, inflection for inflection, as though we were starting all over again: “Hey how’s the hardest workin’ guy in business?” This was getting weird.

After a moment, Barney shifted gears and jumped, finally, into the sales pitch. School was going to be out in a few months, and all those kids suddenly milling about were a “magnet” for child abductors, who, as everyone knows, are everywhere. The concerned citizens at Computer Medic were being offered the chance to make a difference by reminding everyone of this clear and present danger with a public service announcement. For a fee, of course.

At this turn of events, my mood abruptly changed. I had three serious problems with what Barney was proposing. First of all, I had absolutely no interest in any radio advertisement of any kind because I know from experience that they are a waste of money. Second, I had no interest whatsoever in being associated in any way with talk radio, or as I call it “shout radio,” because everything about it offends me. It is a form of what used to be called yellow journalism, an industry of agitation populated by overpaid professional blowhards who cynically gin up synthetic outrage amongst the gullible, day in and day out, for the sake of ratings and profits. Third, I detest–that is not too strong a word–the world view that embraces the message Barney would have me deliver: that danger is everywhere, that no child is safe, that no one can be trusted, and that we must always be vigilant. It’s complete bullshit, has absolutely no basis in fact, and makes everyone needlessly paranoid and fearful. It’s one of the reasons our society is such a mess and so many kids are are, too. It’s probably the main reason so many Americans live in gated communities. Because of this completely bogus fear, children are, by and large, no longer allowed to walk to school alone. Or play outside alone. Or do anything whatsoever out of the sight of their parents, who hover like surveillance drones, monitoring their every scripted move.

It was time to pull the plug on this little charade. Barney had a pretty good head of team built up by now but I didn’t care. I interrupted her with the bad news, or rather tried to. She ignored the interjection and kept right on talking, not missing a beat, oblivious. Annoyed, I took it up a notch, allowing impatience to creep into my voice, again with no effect. Suddenly it began to dawn on me that I had been duped. Barney wasn’t real. “She” was a robot, a pseudo-friendly synthetic voice fronting an algorithm.

I had to confirm this, of course, so I asked directly: “Barney, are you a robot?” Now this is a pretty personal question that would normally generate a quick and unambiguous reply. From a human, that is. But Barney was unmoved. I tried a couple more times in slightly different ways with the same result. Barney was busted. My annoyance evaporated, and I decided to have fun with it. I began singing: Barney’s a robot, Barney’s a robot, nyah nyah nyah nyah nyah, as Barney yammered on, a digital contrivance blindly obeying lines of code. Finally turning serious, I said something like, “I know you can’t hear me, but I absolutely hate what you are doing and wouldn’t touch your proposal with a BORROWED ten-foot pole.” And then I hung up.

I felt a little sheepish at being suckered so completely. At the same time it was impossible not to feel at least a twinge of admiration for the sophisticated production to which Seed and I had just been subjected. Those guys are good, I thought.

And getting better all the time. The conclusion is inescapable that in a few years you won’t be able to tell the difference between a person and a computer. Some people are unruffled by this, but to me it sounds a lot like Blade Runner. And this is not a good thing.

An Open Letter to Lisa G.

Dear Lisa:

I just became aware of your negative review of Computer Medic on Yelp. Thank you, I think, for your feedback.

It is neither necessary nor appropriate to respond to every critique, but you have made some pretty damaging claims that more or less demand a rebuttal. This will follow shortly.

In my original version of this post I referred to you by your full name. I did so in order to re-establish some balance. Perhaps I’m old school, but it just seems like there is something wrong with a system that allows people to fling hateful and destructive little verbal missiles anonymously, hence with zero personal accountability. It’s crass, rather cowardly, and absurdly unfair.  But at the urging of those whose judgement I trust, I returned you to anonymity. People, I was reminded, can be very unreasonable.

Note that the vast majority of my reviews are strongly positive. Many mention how nicely and thoughtfully they were treated. This is no accident. Every single one of these positive reviews was honestly earned. The fact that you had a different experience should tell you something.

I quite agree with you that it did not go very well, but as a wise man once said, it takes two to tango. Your one-sided account completely glosses over your starring role in this drama.

You see, whether you realize it or not, you set the tone for our transaction by taking a hard line from the very first moment. You were, for no discernible reason, curt to the point of rude. You were pushy and demanding. You interrupted me repeatedly. Your tone of voice and mannerisms conveyed condescension. It was as though you were trying to establish that you were the boss and we were the hired help. I remember thinking “Wow!” and feeling like a scolded child. It occurred to me that you might be one of those women who thinks all men are dolts, and treats them accordingly. No kidding, it really was that bad.

I am a respected and trusted professional with years of experience in a pretty tough business, and have an excellent reputation earned the old-fashioned way. It is not too much to ask that you treat me with a little common courtesy.

But let’s put that aside for a moment.

By chance, you happened to have an unusual problem that required some time to figure out. Ninety-plus percent of the time, a laptop exhibiting the behavior in question has a failed LCD panel. Maybe 5 percent of the time that behavior it is caused by a faulty  video cable, and another two or three percent by some other faulty component. The remaining 1 or 2 percent of the time the behavior is caused by a faulty mainboard. Your case, as it turns out, was of the last type. But to reach that conclusion required testing. Lots of testing. We were very thorough. You clearly do not realize how much effort we expended.

At some point we informed you that you the only way to fix the laptop would be to replace the mainboard. The problem is, this repair would have cost you more than the laptop was worth, and so we recommended against it, as we almost always do in such cases. Ethically, we cannot ask you to pay more for a repair than the computer is worth. We offered you options, but you rejected them. I also got the distinct impression you did not believe me.

You said that we blew deadlines, but they were deadlines imposed by you that would have been difficult to meet even under the best of circumstances.  For example, you called less than 48 hours after dropping off the computer, unreasonably expecting it to be done, and were obviously very annoyed that it wasn’t.

I am sorry that the affair dragged on for as long as it did, but the diagnosis took longer than expected, we hit a snag with one of our suppliers, and after you rejected our proposed solutions, we had no choice but to table the repair and await your decision as to what to do. You apparently did not realize this. After not hearing from you for weeks, we concluded you had abandoned the laptop.

I never argued with you. That would have been pointless. I merely told you, with increasing assertiveness, the realities we were facing. At one point I was, I admit, short with you, but only after you were surly with me.

Neither did I hang up on you. That would have been childish. The incident you refer to was a misunderstanding. I honestly thought that our conversation was over. Right before the phone clicked off I heard your voice again and realized that I had made a mistake. You called back moments later, as I was retrieving your number to call you back. I sincerely apologized and that should have been the end of it. You know this too, yet you dishonestly bring it up in order to score cheap points.

Note that you were not charged a penny, even though we expended time and money trying to solve your problem. Your computer was returned to you in the shape it was received, minus a little unavoidable wear from dismantling and reassembly. So you lost nothing but time. However, it was in every way possible a loss for me. So who got the worse end of that deal?

Could this have been handled better? Yes. Could you have behaved better? Also yes.

Sometimes people just get off on the wrong foot. And sometimes things just go wrong. Perhaps that is the case here. If you would like to clear the slate and start over, I would be happy to meet you halfway.


Scott Snell

City of Austin Sticks it to Small Business Again

I was sitting at my desk not too long ago, front door open to catch the breeze, when I noticed a car pull up outside, bearing the label “Corix Utility Services.” A mousy little man emerged from the car holding a leaflet. He wore a strange expression, seemed to have trouble expressing himself, and had nervous, darting eyes. I was instantly reminded of Andy Kauffman’s Foreign Man character, all weirdly inappropriate expressions and evasive manners. Foreign Man stands at full arm’s length and hands me one of those blue little hangers they leave on your door when they are about to cut off your electricity. Then he turns on his heel and departs about as fast as his skinny little legs can carry him.

This kind of surprised me, because to the best of my knowledge I was current on the bill. So I went to the Austin Energy website and logged into my account to find a most unwelcome surprise: a huge bill, larger than I had ever before received. After picking myself up off the floor, I took a closer look at this bill. In addition to the hefty monthly electricity charge, inflated by recent rate hikes and a slew of new and opaquely named fees, was a nearly $1000 upcharge covering 8 months of bills. This series of bill had been recalculated, apparently, on a higher rate plan than had previously applied. Retroactively. And the recalculated balance was due. Right now. Nice.

Convinced that there must have been some kind of billing mistake, I called the main number for the City of Austin Utilities, and after working through the menu of options to reach a representative for commercial accounts, was informed that “due to the high call volume” there would be a formidably long wait time. I guessed that I wasn’t the only one to get an unpleasant surprise that day.

After about forty minutes, the hold music abruptly gave way to a young female voice: “City of Austin, this is [so-and-so] may I help you.” Restraining my irritation, I briefly recapped the problem and stated my case that there must have been some kind of mistake in the bill. Without a moment’s hesitation, the young lady patiently explained, for what must have been the hundredth time that day, exactly what had happened. As it turns out, the City of Austin had revisited its formula for calculating electric rates for high-demand periods, and by this revised formula, it was determined that they had undercharged their commercial accounts for many months running. Hence the upcharge. Hence the cutoff notice.

I asked the young lady for details, but her explanation was so incomprehensibly dense and laden with jargon that she might as well  have been speaking Mandarin. It became clear that I was wasting my time; the upcharge was not going away. In a synthetically conciliatory tone of voice, the young lady said that she could break the upcharge up into a few equal chunks, payable with each of the next few billing cycles, but that would be the best she could do.

Let this sink in for a moment. Using some subjective formula that only they understood, the City of Austin determined they hadn’t charged commercial customers enough. And their method of correcting their mistake was to sock said customers with a large, retroactively applied fee, due immediately.

Now imagine that you have a business that provides some kind of recurrent service, lawn care for example, for which your customers are billed monthly. Imagine further that you decided to charge every single one of your customers at a higher rate, retroactively, for three-quarters of a year’s worth of services because you made a decision that you had not previously charged them enough. How do you think those customers might respond? The answer is obvious: Those customers would pretty quickly become former customers, and rightly so. And they might also have a few choice words for you as they bade you farewell.

You and I know this, so it would never, ever occur to us to do such a thing. This is the thinking of normal, sensible persons. But Austin Energy, being both a bureaucracy and a monopoly, does not see it this way. It has no problem punishing you or I with an inflated bill, payable immediately, at the same time that it rewards itself with a brand-new headquarters at a cost of over 60 million dollars. This facility, intended to replace the perfectly adequate one it has now, is so lavishly overdone that it has been described as a municipal “Taj Mahal.” Note to Austin Energy management: This is not a compliment.

You might wonder: How could anyone be that tone deaf? And in so doing you underestimate the boundless capacity of the overlord class to behave with unalloyed arrogance. Austin Energy thinks this way because it can. There is no downside whatsoever to self-serving and predatory behavior when your customers have no choice.

A monopoly is not necessarily a problem until it decides to act like one. Austin Energy, the heart and soul of a city government that worships money above all else, ran the numbers and decided that it was time to act like a monopoly because there was no good reason not to.

This is more than a routine irritation. It is symbolic of the runaway greed that is consuming our city. It is one more turn of the screw, maybe that final one turn too many that makes what was once unthinkable suddenly thinkable. Maybe it’s time to give up, to accept that the town I once loved and proudly called home is dead and gone. Maybe, after nearly fifty years, it’s time to shake the dust of this town from my feet and start over somewhere else.

CNET Joins the Dark Side

I have written on numerous prior occasions about the proliferation of malware on the Internet. For the last several years, plague after scam after exploit has flooded cyberspace, with hundreds of millions of victims collectively losing billions of dollars. As if all that mischief weren’t enough already, lately we have been seeing a new and different kind of pest. This new pest isn’t openly malicious; it doesn’t steal your data or your identity–not yet, anyway. But it annoys, degrades the online experience, and compromises the performance of computers blighted by it. It is yet another altogether unwelcome intrusion on our digital sovereignty.

What makes this latest assault different is that it arrives in plain sight, usually as part of a software installation from a trusted source. You run the downloaded software, often called something like an “Installation Manager,” and are immediately met with a series of screens offering you harmless-looking notifications, the sorts of screens we all click through without even reading. But each screen, if not fully deselected, delivers a program. They sound great, promising to enhance the browsing experience, improve security, or help you catalog your precious digital memories, that sort of thing. Wonderful stuff, all. But what each of those programs really does is try to sell you something, one way or another. Some fill the blank spots on your web pages with advertisements. Some reset the home page of your browser to a Google-like search portal that delivers–surprise!–tainted results heavy with ads. Some make their home on your desktop and deliver a steady stream of audio and video alerts. Some pester you with unrelenting and various alarming messages about the health of your system, with the intent of–best case–selling you some form of digital snake oil, or–worst case–stealing and selling your personal data.

Now in theory, you can keep the pestilential software at bay by simply de-selecting the install options presented at each stage of the process by the Install Manager. In theory. Most of the time deselecting does exactly nothing, other than providing the illusion of control. The software loads anyway. It’s a headache and most unwelcome.

I usually quiz my customers to get some idea of how they came to be infected, on the theory that if we figure out how it happened, we can avoid a recurrence.  More and more often, the common denominator is CNET, also known as Specifically, the problem began when they downloaded and installed a program from CNET.

Founded in 1994, CNET is an Internet institution. Originally a provider of creative content for radio and television, it evolved into perhaps the dominant site for technology news and reviews, tech-related blogs, and consumer-products information and reviews. For years, CNET was a trusted source for freeware, shareware, and trial versions of commercial programs. I personally went to it many times over the years. was, for a time, the largest distributor of downloadable software on the planet. That has begun to change, however, as the realization sets in that CNET has gone over to the dark side.

The issue burst into the limelight when Mark Lyon, founder of the security-related website, who is better known by his nom de guerre “Fyodor,” issued a mass email that accused CNET of bundling the StartNow trojan with his Nmap software. Nmap, an open-source network analysis tool, has been downloaded millions of times, is among the most popular freeware applications in history. Following a massive outcry, CNET publicly apologized, removed the offending wrapped software from Nmap–and then promptly started wrapping other popular programs with software that was even worse. To further muddy the waters, CNET worded the Terms of Service (TOS) agreements accompanying the wraps in such a way that it appeared Nmap et al were responsible.

As with a lot of disasters, it started innocently enough. In August of 2011, CNET began replacing standalone software offerings with software wrapped in something it called TechTracker, which purports to inform you when updates to the software installed on your system become available. OK, fair enough. But Techtracker was followed by, and here is only a very partial list, Claro-search, Babylon, Delta-Search, White Smoke, Mix.DJ, Sweetpacks,, funmoods, Wajam, Coupon Companion, Default Tab, Top Arcade Hits, Youtube Downloader, Regclean Pro, Registry Clean Pro, Conduit, Conduit-Search.

The above list is a compilation of pests that we have encountered in the last few months. It is not a complete list of software covertly delivered by CNET; the full listing would run to over a hundred entries. Some of this software is fairly harmless, placing a toolbar in your browser, for example, which you are free to ignore. Others, like Regclean Pro, are merely irritants. They run impressive-looking scans that purport to find all manner of problems with your system. If you allow the scan to complete and then elect to “fix” what the software finds, however, you will be prompted to upgrade to a “Professional” version that will cost you $20 or $30. If you simply close the alert, typically the software will run again, automatically, every few minutes. Others, like Claro-Search, Conduit, or Babylon, are more insidious. These “search engines” are actually marketing vehicles for unscrupulous companies who have paid big bucks to get your eyes on their websites. Furthermore, this scamware actively resist removal, forcing you to hunt down and remove manually their many components. In some cases, if any trace is left  behind, the software will regenerate.

Now, to be fair, it is a common practice among lots of content aggregators to do exactly as CNET has. And when you really get down to it, you could reasonably ask what is so wrong about adding to your free downloads some harmless application that generates a little bit of revenue for the host site. The problem is that the software CNET knowingly adds is simply horrible stuff. It is in no way useful, interferes with key functions, poses security risks, compromises the host computer’s performance, and does it all without asking your permission. For the user, it’s all downside.

There was a time when CNET could credibly claim ignorance, but that time is no more. It has stonewalled and sidestepped, attempted to cover its tracks, pointed fingers at alleged duplicitous partners, done everything but own up to the fact that CNET alone is responsible. The Internet seethes with righteous indignation over this insidious practice. Even popular CNET forums make no effort to deny it. Meanwhile, the silence from company executives is deafening.

You would think that this would be a no-brainer for CNET management. Why risk incurring the wrath of millions of users over what is clearly an indefensible practice? In a word: greed. CNET has bought into the philosophy, which has come to infect American business culture, that absolutely every corporate activity must generate money, and that profit trumps all other concerns.

A reputation is a precious, fragile thing. What takes years to build may be destroyed in minutes. CNET, for years THE place to go for news, information and good, trustworthy content, is now a tainted brand. Once an icon, it is now regarded by millions, perhaps rightly, as just another con artist waiting for the chance to scam the unwary. Years from now I suspect that students in business schools all over the planet will study this as an example of the terrible things that can happen when good judgement is upended by greed.


Bad Business

Because almost everyone has a computer these days, and because almost every computer breaks sooner or later, my customers tend to be a microcosm of Austin society. I see people of every age, every race, every profession, and every income level. I also see people of every ethical disposition, including, just often enough to be considered anomalous, people who clearly have criminal intent.

About three years ago Yolanda–her real name–brought me a computer that, she claimed, she had forgotten the password to.  This is actually a common issue, and normally not a cause for concern. But it can also be a red flag, for obvious reasons. So because of this I almost always politely ask the person to explain the circumstances by which they came to have this problem. And the vast majority of the time the customer tells a story that is believable enough to allay my concerns. So I go ahead and reset the password for them, usually on the spot, and charge a nominal fee.

There was something off about Yolanda, though, just enough to make me a little wary. To begin with, she effected an exaggerated faux-friendliness that I found off-putting. And beneath the phony smile I detected a feral, calculating quality. She also didn’t seem like the sort of person who would make routine use of an expensive laptop. She gave me, as they say, a bad vibe. So I quizzed Yolanda rather more closely than is typical before deciding it was OK.

Even though the password-reset process only takes a few minutes, if I am not completely convinced the situation is legitimate, I will tell the customer that they need to leave the computer with me for a while, on the theory that anyone who had stolen a computer would probably not consent to this. It is a screening mechanism, but also gives me the chance to check the computer out. When I proposed this to Yolanda she rather apologetically said that that she really needed the machine fixed right away so that she could send out some important emails. “I don’t mind waiting,” she said, giving me her best pleading look. I said, OK, took the computer into the back room and, out of her sight, and examined it thoroughly. I could find no clear indicator the laptop might be stolen, so after twenty minutes or so I gave it back to her and charged her the usual fee. She thanked me and left.

A few days after that Yolanda brought me another computer. Same story. Again, I told her she needed to leave it with me. This time, she said, the computer was going to be a birthday gift, and the party was just about to happen so could I please please please reset the password quickly so that she could deliver the gift on time. After a deliberate pause intended to let her know I was uneasy with the request, I consented. Again, I went into the back room and scoured the computer for any clues that it might be stolen. Finding nothing concrete, I handed it back to her, charged the usual fee, and told her that in the future she would need to leave overnight any computer needing service. At this announcement her demeanor visibly hardened, and she said something like “I don’t see why you gotta be like that cuz it only takes you a minute.” Her tone of voice was suddenly confrontational, faintly hostile.

The next time Yolanda came by, maybe a month later, she brought reinforcements. Normally when people come into my shop they sort of hang near the entrance until they are acknowledged, politely waiting to be invited into the space. It’s human nature. But Yolanda and her crew just sort of barged in and took over. She didn’t identify the cast of characters, but I guessed one to be her husband, another to be her son, and the other to be the son’s friend. The husband projected no particular presence, other than that he was definitely not the one in charge. The friend came across as a more or less a normal late-teenager, but probably not the type who was going to make the dean’s list any time soon. But the son, twentyish, whom she addressed as “Yoon-yor,” looked like something Central Casting might have sent over if you had asked for a young ethnic goon. Junior was a stocky five-foot-six or so, with a shaved head and multiple fearsome-looking tattoos, including the teardrop facial tatts favored by latino criminal gangs. His expression, fixed permanently somewhere between a snarl and a sneer, clearly said “Me tough guy.” He strode restlessly back and forth clenching and unclenching his fists, not speaking a word but at one point making, I kid you not, some kind of growling noise. He stared intently at me in a way that, in other circumstances, would almost certainly have started something. But I met his gaze coolly and without visible emotion. The whole show, clearly intended to intimidate, was actually rather laughable, like the worst acting you’ve ever seen. Again, Yolanda told me the same story. Same song, new verse. This time I firmly told her I was busy and that she would need to leave the computer with me if she wanted me to work on it. After a pause, she said “That’s OK; we’ll come back later,” with Junior echoing after a beat, “yeah, later.” But they did not return.

There is a type of person who is not very bright but does not realize it. Furthermore, this type of person is convinced, in spite of all contrary evidence, that they are actually pretty damned smart, but that nearly everyone else is stupid. Yolanda is that kind of person. She called a number of times over the next few months, each time with a different issue, each time working me from a slightly different angle, each time wanting me to drop whatever I was doing and fix her problem. My response was always the same: You’ll have to leave it with me. And each time she made excuses and declined. After a few rounds of this, I grew impatient. She was not getting the point so I began being rather short with her. But short wasn’t getting the job done either so I escalated to downright rude. Almost anyone else would have gotten the hint and left me alone, but Yolanda didn’t even seem to notice.

One day, Yolanda just showed up unannounced. This surprised me a little because the last time we had spoken I was not very nice to her. She was back to her old tricks. A friend of hers had sold her a computer a few days ago, she claimed. They had forgotten the password and just wanted to get rid of it. Apparently this forgetfulness thing was catching. At the time, there were four other people in my waiting room, so I could credibly claim to be busy. This time Yolanda reluctantly consented to leave the computer for a while. “I’ll come back in a little bit,” she said. I responded that I would call her when it was ready.

As soon as everyone left I fired up the computer, an expensive newer-model MacIntosh. Right away, Yolanda’s story began to unravel. First of all the logon screen featured a screenshot of the owner, a college-age girl named Maddy, which didn’t jibe with Yolanda’s “friend” story. I broke the password and logged in. The desktop picture was of Maddy and her very well-to-do family, posing in the backyard of their very nice home. It seemed extremely unlikely that Yolanda would have anything to do with this group. Further, there was loads of personal information–photos, schoolwork, important current documents–all in plain view on the desktop. There was absolutely no effing way whatsoever that any rightful owner would have parted with this laptop in that state. I spied a document named “Resume,” last edited a few days previously, and opened it. “Maddy” turned out to be Madeleine, a UT sophomore looking for summer work. I called the number in the resume. A young woman answered. I said, “Hello, this is Scott with Computer Medic and I have a MacIntosh notebook . . .”  and that’s about as far as I got before she interrupted me. “Oh my god oh my god oh my god,” she shouted over and over, almost breathless with excitement. After Madeleine calmed down she explained that her computer had been stolen from her car, parked in her driveway, a few days previously. They had smashed the window to get it. Yolanda was busted. I arranged for Madeleine to come by to pick it up the computer, and in the meantime made a police report.

I called the non-emergency number, and after being passed around a bit, ended up with a Detective Sheffield in the Property Crimes division. I told him who I was, what I had, who it belonged to, and how I had come to have it. He told me to hang on to it, and that they would be over soon to take a statement and retrieve the laptop. He explained that they would need to document the item, and after doing so would return it to the rightful owner. We agreed to meet at noon at my shop the following day.

During our conversation, Detective Sheffield  revealed that he was very familiar with Yolanda. In fact, he knew her whole family, which he described as “an ongoing criminal enterprise.” He also confirmed my guess about the identities of the people who had shown up with her that time. In closing I said something like, Yolanda’s going to be pissed when I tell her. He suggested I lie and say that the laptop was stolen in a break-in. Although I know he was trying to be helpful and minimize my exposure, I decided pretty quickly that this was not going to be my course of action. First of all, it seemed a bad idea to try to con a con. Second, Yolanda might think that I was trying to rip her off, which could invite retribution. Third, I wanted her to know I had busted her because I detest, with a deep and burning passion, thieves, scammers, and lowlife parasites. I wanted to punish her for involving me in her criminal schemes. And I was not the slightest bit afraid of her, her no-account husband, or her idiot wannabe son.

During this time, Yolanda had been calling every half hour or so, wanting to know when the laptop was going to be done. I took the first call but ignored the next several. Her voice mail messages became agitated, then angry. This was going to get ugly.

Detective Sheffield showed up right on time the following day. He struck me as a decent and likeable fellow, but with the weary and faintly resigned air you might expect of man accustomed to fighting an endless, unwinnable battle. We talked for probably thirty minutes, first about the case, and then about this and that. In the course of our conversation, Sheffield mentioned that he had interviewed Yolanda on an unrelated matter just days before, shaking his head as he spoke, as if to say “what a piece of work.” As he took my statement, Yolanda called yet again, but left no message. I mentioned this to him, and said I thought she was probably starting to get nervous. “Yeah, I’ll bet,” he replied. We completed our business and Sheffield went on his way, laptop and statement in hand. Five minutes later, Yolanda called yet again, but this time I answered. Showtime.

In a very impatient and demanding tone of voice she asked when she could come by to get the laptop. I told her point-blank that the laptop turned out to have been stolen and that she would not be getting it back. “Detective Sheffield, whom I believe you know, just finished taking my statement.” Abandoning her original story, she said no, no, it couldn’t be stolen because she had just bought it at a flea market on Sunday. I retorted: “That’s interesting, because it was stolen the following Thursday. What’s your next story?” Yolanda was just smart enough to realize she needed to maintain a pretense of innocence, but not skilled enough to disguise her true feelings. Beneath a very thin veneer of pretend civility, I could hear genuine hatred in her voice. After hanging up, I thought: This is going to come back to haunt me.

To my disappointment, I received not a word of thanks from Madeleine or her family. Not that I expected hosannas or anything, but a simple acknowledgment would have been nice. I had, after all, gone well beyond the call of duty, at some personal risk.

I did receive a thank you from Yolanda, though, in the form of a break-in a few weeks later. I cannot prove it, but there is little doubt that she was responsible. Late one Sunday night, they levered the front door open with a pry tool, a difficult task that must have taken two or three strong men several minutes. They were in and out very quickly. They took a stack of laptops, including a couple belonging to customers, my invoicing computer with all the business records, and my beautiful, expensive Apple monitor. They would no doubt have taken much more if the alarm hadn’t sounded, scaring them off. It was still blaring loudly, ignored by neighbors less than fifty feet away, when I arrived ten minutes later. The police arrived twenty-five minutes after that, as I was cleaning up.

It worked out alright, though, in the end. Insurance paid for everything, reimbursing me for way more than I asked. I even got a much heavier door and frame out of the deal. It would take about half a pound of C4 to breach this door. A regular customer of mine, on hearing what had happened, was nice enough to donate and install a complete surveillance system. And Yolanda ended up facing a Possession of Stolen Property charge. So maybe there is such a thing as Karma after all.





Microsoft Takes a Mulligan with Windows 8.1

As anyone who has not been living under a rock already knows, Microsoft has released a beta version of its pending reboot of Windows 8, cleverly dubbed Windows 8.1. (Where do they come up with this stuff?) Retail versions of this much-anticipated makeover should be hitting the channel by October. Windows 8.1 promises to restore popular and useful features deleted in the initial release of Windows 8, while tempering some of its more irritating features. The public preview of 8.1 is available here.

With the release of 8.1, Microsoft has tacitly acknowledged what the industry has been saying for months: Windows 8 is a flop.  It is now generally conceded that Windows 8 has been a huge failure, responsible for, among other things, depressing the sales of new desktops and laptops by as much as 30 percent. Some have suggested that the Windows 8 debacle has permanently altered the computer space, tipping the balance irrevocably away from traditional laptops and desktops and toward handheld devices. In my business I see the impact nearly every day, in the form of customers who say–and here I quote exactly– “I HATE Windows 8.” Sometimes, though, they put it a bit more coarsely than that.

Thinking Different

With Windows 8, Microsoft pretty much reinvented the wheel. This is not, generally speaking, a good thing. In place of the desktop and start menu, fixtures since Windows 95 (approximately 200 computer-years) was a visually striking but initially confusing collage of “tiles,” each of which represented categories, applications, or portals. The tiles were designed for use with a touch screen interface, although a mouse may also be used. As an added irritant, many of the tiles seem to have no purpose other than to deliver advertisements, merchandizing opportunities, and other unwanted solicitations. Eminently useful features like the Safe Start option and Help and Support have been removed, radically altered, or made essentially inaccessible. Though not without its appealing elements, perhaps the most common reaction on seeing Windows 8 for the first time has been some variation of “WTF?”

That’s not entirely fair. Among new users of computers, that is people under the age of 10, the reaction has been pretty positive.

To reduce illegal copying, the traditional product activation key has been retired in favor of a dynamic system that generates a key based on the computer’s BIOS. This might help Microsoft fatten its already healthy bottom line, but has the potential for complicating the process of reloading Windows, something almost every user will have to do sooner or later. Already we have seen, on multiple occasions, legitimate reloads of Windows 8 rejected on activation with the message “this key is already in use.” This is a problem.

On the one hand, you have to commend Microsoft for thinking outside the box. You can imagine the internal arguments that must have raged, with a traditionalist faction pushing for an improved yet familiar interface, and a visionary faction retorting that the future was in handhelds and touchscreens. Ultimately, of course, the visionaries won.

On the other hand, you could be excused for wondering what they are smoking these days in Redmond. Although the visionaries might very well be right about the future, we happen to live in the present, and in the present most of us still use mouses and menus. And we really, really like our start button. Furthermore, you have to seriously question the one-size-fits-all approach of Windows 8. Does it really make sense to have only one interface available to serve the entire range of digital devices: handhelds, tablets, laptops, desktops, and workstations?

So of the three major OS roll-outs shepherded by Steve Ballmer (Vista, Windows 7, and Windows 8 ) we have, respectively, one disaster (partially redeemed with two service packs and hundreds of hotfixes), one unqualified success, and one catastrophe. In baseball that might be a good average but in business, not so much. People are beginning to openly grumble: Why is this man still in charge?

It’s easy to play armchair quarterback in these situations, and almost everyone who has been critical of Windows 8 has had the luxury of not having been involved in its creation. It’s different, to paraphrase Teddy Roosevelt, when you are the man in the arena. But seriously, a farm boy from the cornfields of Iowa could have told Microsoft that Windows 8 had major problems. Actually a farm boy from Iowa probably DID tell them that, but they just didn’t listen. I can only imagine the millions that Microsoft spent on focus groups, only to discard almost every bit of their input when it wasn’t what they wanted to hear.

When in Doubt, Double Down

Microsoft has a long history of aggravating its blunders with aggressive, hardball tactics. For example, when it became clear early on that Windows Vista was a problem child, rather than working to address its many deficiencies Microsoft simply ramped up the pressure on OEM builders and hardware manufacturers to support only Vista, at the expense of earlier versions of Windows. And as the complaints continued to pile up, Microsoft circled the corporate wagons. “We have no plans to release a service pack for Vista,” Steve Ballmer famously declared a few months after the initial release. It took a virtual revolt by the biggest players in the business for Microsoft to concede its errors and move to rectify them. Quietly, Microsoft began offering downgrade licenses at no cost to those who wanted them. And to be fair, with two service packs and lots of hotfixes, Vista eventually became a pretty good OS.

With Windows 8, Microsoft seems to be following the same playbook. With the release of Windows 8, literally overnight copies of Windows 7 disappeared from retailer shelves and online inventories. At the same time, large OEMs began offering only Windows 8 on their new units, reflecting either pressure from Redmond, or mass buybacks (or cancellations) of remaining Windows 7 licenses. Or perhaps both. If Windows 7 were an embarrassing failure, you could understand the logic. But it wasn’t; Windows 7 might be the best OS Microsoft has ever made. Where is the logic in pulling a vital, viable product when it is still relevant? A sale is a sale.

What Microsoft seems not to realize is that forcing people to buy something they really don’t like irritates them very much, and leaves them feeling powerless and unappreciated. More importantly, it primes them to consider the competition. And yes, there is competition. Then again, maybe Microsoft knows all this but just doesn’t care.

Deep in denial, Microsoft has been quick to tout impressive-sounding sales figures as evidence of Windows 8’s success. What it fails to mention, though, is that the overwhelming majority of these sales were OEM copies bundled with new hardware. And in the vast majority of those cases, the customer had no choice. If you wanted a new computer you got Windows 8, period. These sales don’t really count. One is reminded of Henry Ford stubbornly offering one car model (the Model T), in one only color (black), even as the rest of the industry began to pass him by.

Although it is far too early to pass judgement, Microsoft may yet snatch victory from the jaws of defeat with 8.1.  However, the buzz is that Ballmer et al have already given up on it and are turning their attention to Windows 9, now in development. Word of advice: When you ask people to give you feedback about it, shut up and listen this time.

New Internet Scam Goes Retro

For several years now we have witnessed a parade of increasingly sophisticated scams involving various types of malicious software. In prior cases the software was typically spread anonymously, rapidly, through thousands of automated servers or through the use of suberfuge. But as the skill  and the reach of the attacks has increased, so has the sophistication of the countermeasures deployed in response. This has, of course, led the scammers to employ new approaches. The latest scam is a novel blend of old and new tactics, with a very personal touch.

The newest scam is basically a confidence operation. The perpetrators initiate the con by calling the intended victim (the “mark,” in con parlance) on the phone. Claiming to work for Microsoft, the scammer informs the mark that “unusual activity” has been detected on their computers and that their personal information is at risk. They then ask the mark to allow them to assess the problem and deploy a solution if necessary. Using a remote access connection, the scammer takes over the victim’s computer and carries out what appears to be a rapid series of scans, consisting of a succession of serious-looking screens. Like a good game of three card monte, the action goes too fast to properly follow. The “scans” inevitably confirm the worst. It’s all a show, of course, designed to soften the mark up for the score.

The payoff comes when the scammer convinces the mark to offer up a credit card number to purchase “Microsoft Security Software,” a bargain at only $99. Once the transaction has transpired, the scammer remotely initiates a download of the software. In most cases, the software is a stock or lightly repackaged version of Microsoft Security Essentials, a free program available from the Microsoft website. A smaller percentage of the time, the software is a harmless but bogus security program that makes a great show of  protecting the computer, but in fact does nothing. But some of the time the purported security software is accompanied by a hidden a back door program, through which the user’s computer may be remotely accessed at will, monitored, or used as an unwitting distributor of spam or malware.

If the mark gets wise and cancels the transaction, the scammer runs the card anyway, usually for a greater amount than agreed. To further punish the mark, the scammer also activates a program (ironically an optional component of Windows) that blocks access to the computer without a password, a password that only the scammer knows.

Fortunately, this scam is on the radar of banks and merchant services organizations, who will generally reverse the charges on request. Law enforcement agencies at local, state, federal, and trans-national levels have also become aware of this scam and are taking it seriously.

The scammers appear to be targeting their marks carefully. In some cases we have heard about, the operators appear to have detailed knowledge about the mark. For example, the fellow who scammed a friend of mine peppered his sales pitch with references to my friend’s home country (Scotland) and went by the name of “Ian Campbell.” (Oddly, Ian spoke with what was clearly an Indian accent, but no matter.) Presumably the scammers are buying information in bulk from data aggregators, and using that information to customize their sales pitch. Thankfully, so far the scam has mostly been small ball, but that could change.

There is no clear technologically based solution to such a scam because it relies on direct human contact. In this case, as in so many others, the best defense is a good bullshit detector. The takeaway is obvious: If it sounds fishy, it probably is. And once again we are reminded that the Internet is a dangerous place indeed for the naive or overly trusting.

FBI Virus Wreaking Havoc across US

The warning, delivered under an official-looking Federal Bureau of Investigation logo, goes something like this:

Warning: Your PC is blocked for one of the reasons specified below. You have been violating Copyright and Related Rights law (Video, Music, Software) and illegally using or distributing copyright content, thus infringing Article I, Section B, Clause 8, also known as the Copyright of the Criminal Code of the United States of America.

The text, which generally runs to nearly a full page, goes on to accuse the user of downloading and/or distributing illegal pornography, distributing malware, or other such abuses and specifies legal penalties including fines or imprisonment that apply. Scary stuff, made all the more compelling because, in many cases, the user has recently been on a porn or torrent site.

Then comes the punchline:

To unlock your computer, you must pay the fine through Moneypak of [$100, $200, $500, depending on the version]

along with a list of instructions explaining how to complete the transaction. MoneyPak is a newish form of money transfer supported by a number of organizations, sort of like a digital money order. Flanking the screen are the logos of the retail outlets that provide MoneyPak services.

The computer is completely blocked and unusable during all of this. Admin tools don’t work, programs won’t load, nothing. The only thing you can do is log off or shut down.

It’s all a scam, of course, playing on the fear (and guilt) of millions of Internet users across the US. I have to admit, up to the part about MoneyPak, it’s a pretty good scam, too. Most people, realizing that something doesn’t add up, eventually figure out they’ve been had. But many do not, and so they go ahead and pay the “fine.” Which, of course, does absolutely nothing.

The FBI Virus exploits security weaknesses in the Windows OS, and is typically delivered surreptitiously when the user visits an infected site or clicks on a teaser link. Some versions activate the warning and lockdown right away. Others do so after a restart. Although many infected sites are guilty of nothing more than, perhaps, a lack of vigilance, the conclusion is inescapable that some infected sites’ owners are in partnership with the malware makers for a share of the illicit profits.

This is no amateur effort. The programming is high-order, thorough, and creative. The malware is well-defended and will disable any installed anti-malware software. Early versions could be bypassed in Safe Mode, but newer variants have removed that option. Attempting a safe start will trigger a Bluescreen followed by a restart. In addition, most online removal tools, such as MalwareBytes and Combofix, will not detect the malware if they even work at all. It is, as we say in the business, a real bitch.

Unfortunately, any instructions I provide for removing this digital pest would probably be obsolete by the end of the week. New variants of the FBI virus are coming out almost weekly, and each is more robust and insidious than the one that came before. In some cases, the malware resides in a tiny hidden partition created at first infection. You would never notice it unless you looked for it. This partition is made active in place of the boot partition, and the hidden, encrypted software this partition contains modulates all of the computer’s activities. Deleting the hidden partition and making the boot partition active once again allows access to the computer in safe mode, at which point standard antimalware programs can be used to remove the remnants.

In other cases, the active ingredients are hidden inside the Appdata folder in the user profile active at the time of infection, as well as in the ProgramData folder in the root. The executables are randomly named, but each occurrence of it will bear the same randomly generated name. Executables are timestamped with the time of first infection. Supporting files (graphics and text snippets) are created with each reboot and timestamped accordingly.

The good news is, the FBI and other Federal law enforcement agencies are going to go after this with both barrels. The bad new is, the perpetrators are hiding behind layers of anonymity that will be very difficult to penetrate, and are most likely residing in places such as China, Russia, or any of a number of former Soviet satellite states, jurisdictions with weak or corrupt law enforcement and nonexistent extradition agreements with the US.

The further bad news is: We ain’t seen nuthin’ yet. the FBI Virus marks a major escalation in the evolution of Internet threats. Whereas previous generations of this type of scamware were typically more of a nuisance than a threat and, generally speaking, not especially destructive or difficult to remove with the right tools, this one goes for the jugular. I really hate to say this, but God help us if the current trend continues, and there is no reason to believe it will not.

The Good and the Bad of Customer Service

In this business you often have to deal with the customer service departments of hardware and software manufacturers. The experience can be easy and pleasant, frustrating and difficult to the point of enraging, or anything in between. After a while you get a pretty good idea of what kind of company you are dealing with based on their customer service. Following are two examples that illustrate how customer service ought to work, and how it ought not.

First, the good example. I recently had to order a recovery CD for a customer’s Lenovo laptop. I went to the Lenovo website and easily located a number for customer service. Called the number and with two keystrokes was talking with a live, native English-speaking representative. I explained what I needed, they forwarded me once to another rep who gathered some information, then forwarded me one more time, where I confirmed the information and gave a credit card number. They explained that the disk would arrive within 3 business days. The cost was, I thought, quite reasonable. Total time to complete: maybe 12 minutes. This was at about 3 in the afternoon. The next morning when I arrived at work at about 9:45, the CD had already been delivered! I was most impressed. Now contrast that optimal experience with the following.

A customer’s computer had become sluggish and unresponsive when surfing the internet. Eventually the internet quit working altogether. I determined that the problem lay with a program called Puresight, installed originally by a Time Warner tech as part of their free  security package.  Puresight is one of those net nanny-type programs designed to keep kids safe from internet bullies. It monitors internet connections and shuts out any potentially offensive content. Problem was, the software was filtering so well that nothing at all was getting through.

Dubious value of the software aside, in this case it should not have been installed at all because the customer was a single woman of grandmotherly age. Installing Puresight for her was totally inappropriate.

Obviously, the software needed to be removed. Problem was, removal required a special password, and that password had been supplied by the TW tech, who didn’t bother to inform the customer. Normally this is not a problem either, as you can simply remove the executables manually. But the makers of the software had gotten a little carried away with the security with this program. Long story short, there was no easy way, and maybe not even a difficult one, to remove the Puresight software without knowing that password.

Apparently, Time Warner had subcontracted their security-software development to Computer Associates, who in turn subbed the development of Puresight to an Israeli company. Calls for support to Time Warner and Computer Associates were absolutely fruitless. Time Warner said “Call Computer Associates.” Computer Associates said “call Puresight.” Puresight said nothing. Voice messages were not returned, emails were not answered. Problem was not solved. Fortunately, the customer was OK with simply erasing the hard drive and starting over. But such a drastic step should not have been necessary. If the companies involved had behaved responsibly, done a decent job, and not passed the buck, that customer would not have been inconvenienced, and this computer medic would not have become frustrated and annoyed.

Unfortunately, there seem to be far too few of the good customer-support experiences, and far too many of the bad ones. But it doesn’t have to be that way. I don’t expect exemplary service every time. But is it too much to expect competent service at least most of the time?


On the Care and Feeding of Digital Devices

A woman came into the shop the other day, obviously frustrated, even upset. She had two laptop computers that weren’t working. Both were older machines. One simply would not start, and the other had, apparently, a broken DC connector (the device that carries power into the laptop from an AC adapter.) One computer appeared to have a failed mainboard, making it non-repairable at a reasonable price. The other computer was marginal because of the likely hefty labor cost to fix. I agreed to keep both machines and use them as a credit for a replacement laptop. The lady was complaining bitterly about the computer with the failed mainboard, claiming that it had been trouble from the very beginning. I was a little surprised, being familiar with that particular model and knowing that it had a pretty good reputation for reliability. Well, I thought, these things happen.

The customer settled on a newer refurbished Dell model, paid and left. The following day she called me and said that the computer would not start. The lights were on but the screen was dark. Plus it would not shut down. Oh great–just what I want to hear.

But through a series of questions I determined that the actual situation was this: She had been using the computer at a public wireless access point, and had then put the computer away in its bag without first shutting it down. She had just closed the lid. Meanwhile, the laptop kept running, got hot in the enclosed space of the bag and locked up due to overheating. It had not been set to go into standby mode when its lid was closed. (Standby is a special low-power state).

This explains things, I thought. That’s most likely why her one laptop was a source of so much trouble for her. She probably never, ever actually shut it down. She just closed the lid and forgot about it. Meanwhile the laptop was running the whole time and she didn’t even know it.

I am perhaps a tad unreasonable on this subject, but my opinion is this: If you aren’t going to use an appliance (like a computer) for a while, SHUT IT OFF. At the end of every day, I power off all my computers, printers, monitors, test equipment, anything that draws power. Not only that, I turn off the surge protectors they are plugged into so that the devices receive no current whatsoever. The reasoning is this:  less energy wasted, less chance of damage due to a power surge, less heat that has to be removed by the AC system–a major consideration what with our lengthy warm season here in central Texas. The only downside is that I have to wait maybe 60 seconds for the systems to power on in the morning. Even on the busiest day, I can spare 60 seconds.

Somehow the idea has gotten entrenched in the public mind that it is damaging to computers and other electronic devices to turn them off and on. At some level this is potentially true, because there is an initial thermal shock as power floods through the cold circuits when you hit the start button. But it’s OK, they can take it. Modern electronic devices are designed to handle thousands of startup/shutdown cycles. Look at it this way: If you follow the conventional reasoning, then you should never turn off the lights, never turn off your television or stereo, never turn off your car’s engine (90% of engine wear takes place in the first half-second of operation). Obviously that would be just silly. By not turning off unused electronic devices, you trade the small possibility of a slightly shortened lifespan for the device for the certainty that a lot of energy will be wasted. And that’s not a very good bargain. So if you aren’t going to use that computer for a while, go ahead–turn it off.

Security 2010 Continues to Wreak Havoc

Since January, the Internet has been bombarded with the latest iteration of the Security 2010 scareware, with fresh outbreaks coming every few days. This blog has written previously about  it.

This malware is the latest generation of a family of rogue software known by many names going back to at least 2006. The basic MO remains the same: On startup an infected computer’s desktop is taken over by a legitimate-looking program that seems to be finding all manner of malware. As this is unfolding, the software also declares that the computer has been hacked and that the user’s identity is at risk of being stolen, among other messages. The software almost completely monopolizes the system, essentially making it unusable. The hook comes when the program informs you that to get rid of the problem, all you have to do is to register this trial version. Simply click on this link (and pay $49.99) . . .

The perpetrators of this scam have so far kept things fresh by releasing new variants every few days to stay ahead of traditional, database-based antiviral programs. These variants continue to add charming new features, such as routines that block or hide all other executables, layered service protocols that block network activity (except a connection to their server to process payment), and the ability to run in safe mode. Some variants apparently block safe-mode operation altogether. New Vista-specific versions are beginning to gain traction as well. Up to now, primarily machines running Windows XP have been affected.

The infection usually occurs when the user interacts with a bogus (but official-looking) security alert claiming to have found malware. These messages may appear when the user visits a compromised website. ANY interaction with this message typically triggers a surreptitious download of the infectious software. The only safe way to close such a message is to use the task manager (ctrl-alt-delete). Internet connections not filtered through a router are especially at risk.

The reach and sophistication of this scam are surprising and disturbing. Millions of users have been infected, many more than once, and the end is nowhere in sight.

Missed Callings

The phone message, left by by an obviously irritated male caller, was brief and to the point: “The only way to get through to you is to send a (bleeping) message because you’re never around to answer the (bleeping) phone. Well forget it–I’m going to take my business somewhere else.” The tone of voice was borderline hostile with hints of insulting.

I had heard the call when it came in, on a Saturday about lunchtime, but had chosen not to answer because the special ring identified it as anonymous. It was an easy call (no pun intended). At Computer Medic we generally don’t answer unknown or anonymous calls for all the usual reasons. It’s policy. We are hardly alone in this.  It is, in fact,  a very common (and common-sense) policy.

Apparently, this fellow had called previously, although he had never bothered to leave a message or a callback number.  This isn’t the first time this sort of thing has happened to us. Over the years this scenario has been repeated often enough for us to recognize it as a syndrome. The callers are almost always male, young to early middle age. The messages usually include a profanity or two, and never, ever include a callback number. Most of the time, the caller clearly intends to be insulting.  Based on what they say and how they say it,  I can only surmise that these people are expecting special treatment, and are annoyed at not getting it. Unfortunately, we’ve learned the hard way that people who expect special treatment tend to be difficult customers.

Then of course there is always the odd case. Once, an anonymous caller left a message saying, “I realize you’re probably not answering because of the blocked number. I’m sorry, but I just got this phone and somehow turned on that feature by accident and can’t figure out how to turn it off.  I’ll call you back in five minutes.” I answered the second call, we had a good conversation, and he turned out to be a pretty good customer. And we figured out how to turn off the number block.

So if you call from an anonymous number and we don’t answer, please don’t take it personally. It’s just policy. Just leave us a callback number and we’ll get back to y0u.

New Twist in Security 2010 Outbreak

Lately, we’ve been seeing a great deal of the Security 2010 malware, the subject of an earlier post. It comes in a number of different flavors but is, so far, removable without major disruption in most cases. It continues to surprise, though, with its clever little wrinkles.

We recently encountered two separate cases of Security 2010 that were, apparently, successfully removed. Yet the users continued to experience frequent browser redirects and tainted search results. Exhaustive examinations of each machine revealed no suspicious executables. Yet in monitoring the IP traffic,  we could see the computers consistently connecting to an address in Eastern Europe immediately before each redirect. How this was happening was a mystery. On a hunch I checked some settings and solved the mystery. The solution actually turned out to be simple. The malware had manually reset DNS primary and secondary values to the aforementioned Eastern European address.

DNS stands for Domain Name Server, and Domain Name Servers are the giant databases that resolve the familiar domain names (e.g. into IP addresses (e.g., which actually define addresses in cyberspace, and which the many routers that make up the Internet actually understand.  Each time you type in a web address into your browser or click on a link, your computer must contact a Domain Name Server to turn that collection of words into an IP address. And each time my customers’ computers attempted to connect to a requested address, the computers would contact the rogue Domain Name Server, which would then falsely resolve the domain name to another unrelated site. Presumably, the owners of the redirecting website were paying the rogue DNS for the redirects. In a way you have to admire their entrepreneurial spirit.

In this case, simply setting the DNS values to default (Obtain DNS address automatically) solved the problem. This setting, the most commonly used, allows your router or Internet Service Provider to connect you to a default DNS.

A Matter of Personal Responsibility

A few days ago I received a phone call from a young man who said that his Mac laptop was damaged and could I possibly fix it. I said, yes, probably, but needed to know a bit more about the problem before committing.

It turns out that he had carelessly dropped the laptop from a height, severely damaging the case. He said it ran, sort of, but clearly had some problems. He wanted me to replace the parts bearing obvious damage so that he could take it back to Apple and, claiming ignorance, have it fixed under warranty.

Now I’m no saint, but I know a bright ethical line when I see one. This was no more a warranty issue than if the young man had worked over his laptop with a ballpeen hammer. I was genuinely offended that he had tried to recruit me into what was, in effect, a scam. I paused a beat and then said something like:  “I am not going to be a part of that deception. You were careless with your laptop and broke it, and it’s your responsibility to fix it.” The young man seemed shocked that a business would turn down the chance to make a buck. I was shocked that he was shocked. Is that what our society has come to?

I have no great love for Apple. I think their products are overpriced and overrated, and I think Steve Jobs is a dictatorial prick who would take out his grandmother if she somehow threatened share price. And don’t even get me started about the uber-irritating, cooler-than-thou Apple mythos. But none of that matters a bit because fair is fair. Period.

Major Malware Outbreak

Over the last few weeks, we have seen a major outbreak of a type of malware known commonly as Security 2010. In our experience, the speed of this outbreak’s spread and it’s tremendous reach are unprecedented. For maximum impact, the authors of this pestware have been releasing updated versions every few days to stay ahead of the common database-driven anti-malware programs.

This is the work of highly skilled, well-funded actors. The authors of Security 2010 have managed to infiltrate large numbers of legitimate, heavily visited websites with their infectious mother-ship software. Simply visiting a compromised website is often enough to deliver the malware. In other cases the user will receive an official-looking message stating that spyware has been detected, and that the user should download software to remove it. Following the attached link delivers the malware to the unsuspecting user.

Infected machines will display an legitimate-looking program that runs on startup bearing the name Security 2010, Antivirus Pro 2010, or any of a number of variations on this theme. The program appears to be scanning for, and finding, malware. The software also displays a rotating menu of  scary messages about dangerous malware supposedly found lurking on the system. The whole display is completely bogus. The software also displays a message that the user has an unregistered version installed, and offers a link to register the software, for a hefty fee of course. However, paying these extortionists will NOT make the problem go away. It is all simply a scam intended to separate the user from his or her money. Unfortunately, lots of people have taken the bait and handed over their credit card numbers to these criminals.

Security 2010 thoroughly monopolizes the user’s computer, rendering it essentially useless. The software also employs a number of defensive strategies to defeat removal, including deactivating firewalls, turning off anti-malware software, and disabling standard system-management tools such as the task manager and, more rarely, regedit. It may also disrupt the .exe file association, making it difficult to run executable files.

Beyond rendering your computer unusable, Security 2010 does not appear to be actively malicious. But it opens security holes that leave the computer vulnerable to other malware infections. Left unattended the problems could grow even worse. At Computer Medic, we have developed very effective methods for dealing with the Security 2010 software, and would be happy to assist you if you should become infected by it.