Category Archives: General

Feelings, Thoughts, Musings, and more on my life and experiences.

Please support TN HB1303 / SB1134

Published on March 31, 2015

This is a letter I wrote to my Tennessee state Congressman and state Senator last week that I wanted to make open.

Representative Gravitt and Senator Gardenhire,

My name is David White, and I live in your district. I’m the Founder of Develop CENTS , an IT consulting company that works with nonprofits and small businesses. We’re a member of the Chattanooga Area Chamber of Commerce. Thank you for your service in the State Legislature.

I’m asking for your support of TN HB1303 / SB1134: “AN ACT to amend Tennessee Code Annotated, Title 7, Chapter 52, relative to additional authorization to provide broadband and Internet services.”

As you know, Chattanooga is becoming a world leader in technology services and technology infrastructure. The job growth and economic success our city sees is a direct result of EPB’s investment in high-speed internet.

Huge internet service providers like Comcast provide low-quality services, and their customer support isn’t any better. Without competition coming from organizations such as EPB, these services won’t improve for everyone.

This improvement is hindered as a direct result of Tennessee law that currently blocks EPB’s broadband expansion.

As an IT consultant, I work with several nonprofit organizations, and I see first hand how beneficial a reliable broadband connection can be. Businesses, nonprofit organizations, and individuals deserve a choice, and often times there are only subpar choices available.

EPB’s expansion would improve these choices, increase market competition, and increase the overall quality of internet for thousands of Tennesseans.

I urge you to support the bill in your respective Chamber.

Sincerely,
David White

Share

An Analysis of an Attacker’s Attempt to Control my Windows Machine

(Note: This blog post was originally published on September 30, 2014)

This morning, I received a call from a Short Code phone number (609773). The number looked strange (I don’t think I’ve ever received a phone call from a Short Code phone number before), but I decided to answer. What transpired is an analysis of the conversation I had with someone who was trying to hack into my Windows PC.

The man with a thick accent said that he was calling to inform me my computer had not been updated in quite a while, and asked if I was aware of this. He said that this could lead to system files becoming “outdated or corrupted.”

I quickly decided that this was a perfect opportunity to speak with a black-hat hacker and learn about some of his methods. (Note that I put am emphasis on “black-hat” because hackers in-and-of themselves are not necessarily evil people. You might have cousins, family members, or friends who are “programmers” for a living. If they are a programmer, they are a hacker. Again, let me emphasize: A “hacker” is not necessarily a bad person!)

I said “no, I wasn’t. How do I fix it?”

He first had me open up msconfig, a Microsoft Windows utility for editing and troubleshooting programs that run when the computer is first turned on. He had me click on the “Services” tab and then double click on the Services tab underneath. He asked me to tell him how many services were in a “Stopped” status.

I said “several.”

Now let me pause here by saying that nothing he had asked me to do (so far) was harmful to my computer. Msconfig is a legitimate program, and it is safe to use. I am assuming that he directed me to see all of these “stopped” services so that I would be more concerned and hopeful that he could “fix” these services so that they would all start when the computer started (which is actually not at all necessary).

The man on the other end of the phone then directed me to go to a website (supremocontrol [dot] com) and then directed me to click on the Download button, and then to download the software from that download page.

Update: According to some research I’ve performed, Supremo Control seems to be legitimate software. Scammers commonly want to gain remote access to your PC, and they will use valid tools to do this. Supremo Control software is not the problem in this case. The scammers who are using the software ARE the problem.

That said… I can’t find a whole lot of information about Supremo as a company. Google “Supremo” by itself, and you get results for the company. Google “Supremo Scam” and you get a whole lot of results about people complaining about the scam. I wish there were more articles, or even a Wikipedia article, that would help legitimize Supremo as a company.

While he continued to give me instructions, I was already logged into my local CentOS 7 test machine, and so got a copy of the homepage and of the “Download” page of this malicious website.

At this point, I stopped following his instructions, as I didn’t have a safe Virtual Machine of Windows running at the time with which I could test without getting my primary Windows install infected.

After directing me to “run” the downloaded file, he asked for a 9-digit number (which would identify my machine to him so that he could login remotely, and then a 4-digit “password” that the program supposedly was supposed to provide.

After telling him repeatedly what these numbers were (even though I made them up out of thin air), I could tell he was very confused because he couldn’t connect to my system! After a few seconds of silence while he tried to figure out what was going on, I hung up on him.

In summary, let this be a reminder and a lesson for ANYONE to never trust a computer “technician” who calls you out of the blue and tells you that your computer is infected. You should always ensure that the person you talk to on the phone regarding the security of your computer is someone you know and someone you trust.

In the future, I will hopefully be able to analyze the file, but I don’t have the resources to do it (safely) right now. If I had an operational VirtualBox of Windows, I would have loved to have continued our conversation through the very bitter end, so that I could learn more about his tactics!

Questions or comments? Let me know!

 

Addendum (posted in December, 2015): Due to the number of comments requesting assistance, here are a few resources.

  • Develop CENTSMy Company, Develop CENTS, provides IT consulting, technical support, web hosting and more. I’ve written several blog posts on security-related issues, all of which are accessible at https://developcents.com/blog/Note that I run this business for a living, so if you contact me directly, I will only be able to provide some general guidance. For more in-depth support, I will ask you to pay my standard hourly rate.
  • Malwarebytes: If you are concerned that your computer may be infected by a virus, then one of the programs I typically recommend is Malwarebytes. Note that the free version can only legally be used by individuals on non-commercial computer equipment (i.e. if you use a computer for business functions, then you should get the paid version)
  • Spybot Search & Destroy: Spybot is another good antivirus / antimalware program. Make sure to read and understand the licensing. For example, if you’re a business, you should not use the free version.
Share