23 November 2018

EICAR testing on VirusTotal

Here's the results of testing EICAR (inside a simple txt file) in different file formats using VirusTotal. In order of most detected to least. Most of the ones where they were not detected were inside Office files. Interestingly, Malwarebytes fails on a least 7 of the compressed file formats. A recent AV-Test.org result indicates a similar lack of protection.


  • .txt
    • 58/60: Missing popular ones: Malwarebytes
  • .zip
    • 51/57: Missing popular ones: Malwarebytes, Symantec
  • .gz
    • 44/56: Missing popular ones: Ad-Aware, Avast, Malwarebytes, Symantec
  • .tar
    • 43/56: Missing popular ones: Ad-Aware, Avast, Malwarebytes, Symantec
  • .bz2
    • 43/59: Missing popular ones: Ad-Aware, Avast, Comodo, Malwarebytes
  • .7z
    • 41/57: Missing popular ones: Ad-Aware, F-Prot, Malwarebytes, Symantec, Panda
  • .xz
    • 29/59: Missing popular ones: Ad-Aware, Avast, Comodo, F-Prot, Malwarebytes, McAfee, Microsoft, Sophos, Webroot
  • .wim
    • 16/59
  • .xlsx
    • 2/57
  • .docx
    • 1/58
  • .pptx
    • 1/58
  • .pub
    • 1/56
  • .rtf
    • Failed to scan at all

How good/bad is Vodafone Secure Net?

All Vodafone contracts come with 3 months of free Vodafone Secure Net, which is advertised as blocking malicious websites and files. If you don't cancel it, you're charged £1 extra per month. Vodafone have 444 million customers worldwide, so they could be earning up to nearly 1% of revenue through it.

It can be managed through the app or via the website.



Test 1: EICAR in a text file hosted on a website
Secure Net successfully blocked this one and displayed me a message saying so. You also get a text message confirming this.

  


Test 2: EICAR in a zip file hosted on a website
Secure Net failed to block it this time. However a standard mobile antivirus was able to block it. The link it was coming from was from Kaspersky.



Test 3: A genuine trojan dated from 2010 contained in zip file hosted on a website
Secure Net failed to block this file.
I then uploaded it to VirusTotal to test it to see if most antiviruses would detect it - 47 of 59 got it. Surprisingly, a popular one - Symantec - did not detect anything wrong.



So overall, Secure Net is good at blocking EICAR, even over HTTPS. It's clearly scanning in real-time as well as the EICAR file was brand new on my site. However, it didn't detect the trojan, even though the majority of antiviruses did.

Conclusion
Secure Net isn't worth it, and is essentially a scam and complete waste of money. Having an actual mobile antivirus is more likely to protect you.

19 November 2018

Facts & stats about HIV & World AIDS Day


TL;DR

Today, 36 million people live with HIV and nearly 1 million die every year die because of AIDS, so it’s important to raise awareness of it, support people with it, and remember the 35 million who’ve died from it. The PARTNER study announced this year tested 100,000 people taking ART to achieve an undetectable viral load, and there were zero cases of transmission – this means HIV may no longer mean a death sentence, and it can be stopped from spreading to others, so could be stopped once and for all. In spite of that, there is still heavy stigma surrounding it.

You can get 100 free ribbons from World AIDS Day if you agree to paying £15 from donations. 

Introduction

I don't have HIV, but there is still stigma around it. I've made this to try and explain the key points about it and AIDS.

As I wasn't taught this in school, and this isn't something provided through the news, I've had to research and understand this all myself, as I was stigmatised of HIV as well.


  • HIV is a virus that infects your immune system, bonding itself to your DNA. At some point after this, either months or years, the virus replicates and it triggers AIDS which leaves your immune system vulnerable, which, if left untreated, may result in death
  • HIV is transmitted through contact with bodily fluids such as blood, and typically during sex e.g. oral, anal, or vaginal sex, but also includes breast milk
  • Mothers can pass it on to their children if no treatment is taken
  • Straight people can get it just as well as gay people
  • There are 36 million people living with HIV in 2017 globally
  • About 1 million die from HIV-related causes yearly globally

Treatments and cures


  • There is no cure for HIV yet, though some people are naturally immune
  • A drug was developed in 1987 known as an antiretroviral therapy (ART), which stops the virus from creating copies of itself by inhibiting the enzymes that allow HIV to replicate
  • This has been improved upon every year. Someone who is HIV-positive but is strictly adhering to taking the drug will have an undetectable viral load, meaning the tests can't detect any HIV, so they are essentially HIV-negative when it comes to sex
  • It takes up to 6 months for someone taking ART to have an undetectable viral load
  • HIV-positive people will still visit a doctor on a regular basis to check they are still undetectable
  • Half of the global HIV-positive population are receiving treatment
  • There are multiple strains of HIV and so different variations of the drug, it can vary from 1-4 pills per day
  • In rare cases the standard drug may not prevent transmission (4/1763 cases, 0.22%, in the HPTN 052 study), however the virus was still detectable using tests in all these cases
  • When the treatment does work so that people have remained undetectable, there are zero cases where HIV has been transmitted (the PARTNER study of over 100,000 people, or Opposites Attract study of 12,000 people)
  • Even in the presence of other STIs or using condoms, an undetectable viral load still has been proven to prevent HIV transmission
  • The tests in Canada may be less accurate

Also


  • PrEP reduces the risk of getting HIV if taken before sex by blocking it from taking hold. This trial started September 2017. It can either be taken on demand or daily.
  • PEP is similar, but is typically taken immediately after a potential risk of transmission, and is available for free on the NHS. It needs to be taken for a month after sex and strictly adhered to.
  • You can get a free HIV test from Terence Higgins Trust, or your local sexual health clinic.
  • As will all drugs, viruses can become resistant due to mutation. It's important to regularly be tested.

Summary and thoughts


HIV is still a problem, as it kills nearly a million people every year. The best treatment is for everyone sexually active and negative to take PrEP, and positive people to take ART and strictly adhere to the daily treatment. The sooner the treatment is taken after transmission, the more likely the treatment will work.

To prevent further transmission, it is important to check with all sexual partners on their HIV status and if they are positive, whether they are adhering to taking ART and regularly being tested to ensure an undetectable viral load. Using condoms also prevents other STIs so are recommended.

The ultimate goal is still to eradicate HIV. Abstaining from sex would resolve this, however this is very hard to prevent. The next best option is to educate people, provide protection, and reduce the chance of transmission as much as possible. Even with all this, the treatment does not work in rare cases, and like any virus, it may become resistant. It's possible bacteriophages may able to cure it one day.. It's important to remain vigilant, continue research and to keep it under control.

The wider public need to be informed of the stigma and also how to be safe.

Sources


21 October 2018

Advice for buying a laptop or computer

Processor


Intel i3, i5, i7 (or i9)
Do not get Celeron or Pentium
Check the performance on www.passmark.com. Highest rating is 20,000 which is a Xeon. In 2018 you'll want a minimum of 3,000.

RAM

4GB RAM minimum

Other specs

  • SSD is 10x faster than HDD. Also consider NVMe rather than SCSI
  • WiFi: ac compatible, 4x MIMO is better
  • Bluetooth 5.1 is the latest
  • Storage: Windows needs at least 50GB to upgrade on its own. Some games can be 200GB. Office takes 10GB.

Manufacturer

Dell, HP, Lenovo, Toshiba, Asus, Acer, in that order
For gaming laptops: Razer, Alienware, Zoostorm

Resellers

Amazon, eBuyer, Overclockers, John Lewis, Currys/PC World

18 October 2018

Developer truths



  • This proved to be non-trivial
  • I wouldn't trust what I just said
  • Does this need to be insanely complicated?
  • X people are like Y people. They have no interest in getting a system working
  • I think the mistake was looking at it
  • We just assume magic happens
  • It looks quite good if you don't read it
  • We're laying the groundwork for winning the most improved project award
  • It's not the complete answer
  • They want to hear about problems early, but if you tell them, they panic
  • I seem to be spending every day more and more confused
  • This has a long, varied and ugly history


25 September 2018

Bi Visibility Day

It was Bi Visibility Day on 23rd September so I've made a blog to help answer any questions you may have.


What is bisexuality?

Bi or bisexuality is an umbrella term used to describe an emotional, romantic and/or sexual orientation towards more than one gender. Some people might be equally attracted to both men and women, or they may have a preference towards one gender (and this preference may vary over time).

Pansexuality refers to a person whose emotional, romantic and/or sexual orientation towards others is not limited by their sex or gender.  Some people consider this to be a more inclusive term, as it goes beyond the gender binary.

Why do we need bi visibility?

Bisexuality is typically invisible as it may be mistaken for a gay, lesbian or straight relationship. Bisexuals struggle to feel accepted as some people try to categorise them into gay or straight, and deny that bisexuality exists. Studies show bisexual people are more likely to remain closeted, consider suicide more, and are more likely to be homeless than their lesbian and gay counterparts (Science Daily, Taylor & Francis, MAP, Stonewall).

What issues do bi people face?

Bi-erasure is the downplaying of people or characters who are bi so that they are not given the same treatment as straight or gay people. For example there are very few bisexual public figures and role models, and there is a trend of characters in fiction (including LGBT+ films) where bisexual characters may be mentioned in books or by filmmakers off-screen, but when it comes to the actual film, they are sidelined or their bisexuality not mentioned at all (e.g. Love, Simon and Thor: Ragnarok).

Biphobia is the assortment of prejudices faced by bisexual people, such as the belief that bisexuality is synonymous with promiscuity, or that bisexual people are confused, in denial of homosexuality, or just greedy.

Some people consider that a bi partner cheating on them with someone of the opposite sex would be less problematic than if they did the same thing with a same-sex partner – suggesting that bisexuality is not equal to other sexualities. Bi people are being forced to believe that they’re technically gay with gay people, and technically straight with straight people – which is not the case.

What are the reactions to people coming out as bi?

Some negative reactions to bisexuality are actually negative responses to homosexuality, and a catch-all form of same-sex discrimination. Parents may wrongly perceive bisexuality to be a phase/experimentation, and that the end game will be a conventional heterosexual relationship. Many bi people will feel pressured to pursue this, with their relatives treating bisexuality as a lucky close-call with the horror of homosexuality. Meanwhile bi people who are in relationships that appear outwardly heterosexual will be made to feel excluded by close-minded gay people, who wrongly accuse them of retreating into ‘straight privilege’, and may be judged for being part of the lesbian and gay community.

How do we help people to be more accepting of bi people?

If someone states their sexuality, the best thing to do is to accept it at face value. Regardless of your personal understanding of that identity, the person insisting upon it has decided that it’s the identifier that best fits them, and that should be good enough for anyone. Acceptance is the kindest and most decent response, lifting potentially years of anxieties from people who have had to find the courage to make a statement of their sexuality.

Acceptance also happens to be the best path towards more dialogue. Ask questions, engage with that person, get involved and take an interest. Just by doing that you not only stand to make that person feel more comfortable and respected, but you’re even helping to tackle wider bisexual issues within society. Whether it be a conversation with a friend, or a fleeting supporting character in a movie, acknowledgement and appreciation of bisexuality can mean a whole lot to them.

What are some good resources?

Final thoughts

For someone who is curious and unsure about their identity, I would always encourage reaching out, and being proud of realising your sexual identity. Coming out means not having to hide your feelings, having a personal sense of achievement, and the fact that coming out helps to resolve long-term issues as well, such as visibility, representation, and acknowledgement.

This blog was written with generous help from Josh Scully.

1 September 2018

Addiction



In particular response to addiction of video games:

Games are an escape from reality. But games are also a form of play. Both are important to be a functional human being. Technology has evolved a lot in the last few years and I think we are just beginning to scratch the surface. Addiction in general has become a problem with technology, not just games. Social media, movies, series, games, dating: many vices and sins are now easier to accomplish than ever before.
This Kurzgesagt video explains addiction well among other videos they've done on drugs: https://www.youtube.com/watch?v=ao8L-0nSYzg and this one https://www.youtube.com/watch?v=qS6LoRYUdhw

Modern Day Sins (source)


Mental Health

But I think the real problem here is actually mental health and the generalised problem of addiction itself. I'm not sure if it's best to blame video games. I'm more inclined to blame technology. But I feel most that any addictive behaviour is detrimental. What we really need is to reduce addiction on a much bigger scale. If we properly recognise and incorporate mental health awareness into society, and get everyone to feel completely unburdened to talk about their mental thoughts - even to a stranger standing next to you in a queue - then, and only then we will actually be on top of the wider issue of mental health.

Vulnerability

To do that we need to break down some stereotypes of masculinity (not showing vulnerability). To other species it's normal to hide vulnerability, but in this modern world, vulnerability can mean life or death when it comes to mental health issues. The world simply does not suit this innate compulsion to display self-confidence, charisma, and high self-esteem at all times regardless of how you actually think or feel. And this isn't just a throwaway first world problem. This problem actually kills people and that means it really is a serious issue. Sometimes these issues go unlooked as well. PTSD can haunt people their entire lives and never recover (just look at the Hillsborough disaster). Unfortunately, we can't yet erase memories, so we must have after-care.

Maslow's Hierarchy of Needs (source)


Education

I don't blame video games. I blame the education system for not adequately preparing kids for how to live in a modern day world with modern day problems. There is a huge range of subjects that kids need but just don't get (common sense, finance, communication, presenting, respect, owning problems, mindfulness, proactiveness, etc.) This link has some great ideas for example https://successfulstudent.org/20-life-skills-not-taught-in-school/ (except guns of course).
And if we look after our children, all of the gaps that society has to fill will become far less problematic, and then they will know better how to look after themselves. We should arm our children with all of the best weapons to deal with whatever life will throw at them, based on the current modern day issues.

Creativity

We also have to 'preserve' that creativity that kids have - modern day parents are scared of letting their children play outside alone, meaning they spend more time indoors. But it's so important that kids do have time to play and have fun - not just for exercise or energy release, but for mental well-being: it builds up skills in team-working, and doesn't have to be as serious as sports. Play is crucial to development. See this most popular TED video for reference: https://www.youtube.com/watch?v=iG9CE55wbtY

Overall

Video games, in principle, and on their own, are good. Addiction is not good in any form. Society must be reshaped to deal with all addictive outlets and properly prepare children for modern day issues. Fear of showing vulnerability must end. Communication is key.

24 July 2018

Using Proxies with browsers

Downloading Chrome
To download the full version of Chrome instead of the .Net installer (in case you get the error message), use this link instead:
https://www.google.com/intl/en_hk/chrome/?standalone=1
Or try the MSI version (Chrome Enterprise) - it's the same thing, just installed vi MSI instead of EXE.

IE
In IE you can change it under Internet Options, but if an Administrator has blocked editing, you can change it with a regedit - save the following to a file with .reg as the extension and run it to merge.

---
Windows Registry Editor Version 5.00

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
"AutoConfigURL"=""
"MigrateProxy"=dword:00000001
"ProxyEnable"=dword:00000001
"ProxyHttp1.1"=dword:00000000
"ProxyServer"="http://proxy.myserver.com:80"
"ProxyOverride"=""
---

Chrome
Make a copy of a shortcut to Chrome, and under Properties, set the Target to:
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --proxy-server="http://proxy.myserver.com:80" --proxy-bypass-list="localhost"

Firefox
Proxy settings are specific to this application so just change it under Options.

13 July 2018

Troubleshooting tips for a few things

Slide Masters in PowerPoint
If the slide master is not updating a property such as a date in the footer:

  1. On the slide, go to Insert > Header & Footer, then untick the Date or other field no longer needed and click Apply
  2. Repeat the step to re-add the property, it will be re-read from the master slide.

There is no way of getting the total number of slides, so enter this manually into the master slide, then repeat the steps above (adjusting for 'Slide number') to re-add the new format.

Stop Chrome running in the background
https://www.omgchrome.com/stop-chrome-running-in-background-windows/

Firefox is not opening

  1. Try a new profile manager – edit a copy of the Firefox shortcut to “firefox.exe –P”
  2. Use C-Cleaner or BleachBit to clean the temporary files of Firefox
  3. Try Firefox in Safe Mode (with Add-Ons Disabled)
  4. Try resetting Firefox
  5. Try under a different user account
  6. Try running as admin
  7. Reinstall Firefox
  8. Scan your machine for malware


Windows Spotlight images not being updated

1. Try disabling it, restarting and turning it on again via Settings
2. Try deleting the files mentioned here https://www.cnet.com/how-to/where-to-find-the-windows-spotlight-photos/ 

10 July 2018

Locking down Windows 10

This GNU article has a good list that explains the privacy issues with Windows 10 along with many other O.S.es and devices.

There are a lot of sources that can help with this:


  • TronScript has a telemetry-disabling script that will turn off a lot of call-home features, including privacy-recording KBs, services, scheduled tasks and other registry keys.
  • The Unattend file from my last blog disables a lot of settings as well but only works if using sysprep and there may be newer settings in the newer Windows 10 that also need locking down.
  • Some third party tools offer privacy protection, e.g. this list, however they may not be legitimate and I don't endorse them. How To Geek explains the right thought process on these.
  • Group Policy can disable a lot of things. Common Criteria hold a security level known as a Protection Profile that can be added, intended for corporations.