In today’s issue, I’d like to recount a couple of true tales of technological horror. Well, potential horror, and one of which I personally prevented. My keyboard is starting to heat up from all the alliteration, so I’ll stop that for now.
Seriously though, these are cautionary tales from which everyone can take away a lesson, because ignorance is a great excuse, but it won’t undo the damage that it has the potential to cause.
Let me start at the beginning, with the first story. Last week, I took a personal road trip to points way north of my home in the Florida panhandle. Over the course of 9 days, Spouse Peripheral and I did a lot of driving, and stayed in several hotels. It has become common for such hotels to provide what they commonly call a “Business Center” for the use of guests. This impressive-sounding title usually consists of a typical residential-class PC running Windows, which all guests may freely use. In the last hotel we stayed, the Business Center was located in an alcove just outside the elevator. Heading back to my room after partaking in a sumptuous continental repast of a self-made Belgian waffle, and some questionably microwaved sausage patties, I was distracted while waiting for the elevator by a Windows notification box that appeared on the Business Center’s PC. In and of themselves, such notifications are not uncommon, but this one jumped out at me, because it was a notification of the arrival of someone’s utility bill via e-mail. Private e-mail, on this very public computer? Naturally, I strapped on my imaginary superhero cape (red satin, emblazoned with a garish letter “G” formed from lightning bolts) and I sprang into action.
I assumed that the previous user had merely left his or her webmail open in a browser, but I found no browser running. As I sat there, another notification popped up, this time it was an e-mail Twitter feed notification. I clicked it, and Microsoft Mail opened, and I was suddenly presented with what amounted to a Do-It-Yourself identity theft kit – full access to some stranger’s e-mail account. I tried not to pry too deeply into his business, but I was very interested in helping this ignorant person protect his personal information. In researching how this occurred, I concluded that he had actually added all the information for his personal account to this computer’s instance of the Mail application. There was no way to tell how long ago this had happened, and I shuddered to think of how many less-scrupulous-than-me people had previously stumbled across this. The only thing I did with the account was to send the owner an e-mail from himself, informing him of what he had done, and dropping an invitation to visit my website. Then I removed all traces of his account from Mail, and left with a clean conscience.
I hope the ramifications of this is clear. It is risky enough to use these machines to access your personal information, but this was incredibly irresponsible. With a few minutes of research, I could have had access to scads of his online activity, and would probably have been able to data-mine his entire identity. Lucky for him the Über-Geek Code of Ethics forbids such lurid activity.
The other story I have for you pertains to a Windows vulnerability called “BlueKeep”. This one is serious enough that even the National Security Agency (NSA) is urging users of older versions of Windows to update their operating system. Please note, the NSA, a government agency mostly interested in information gathering, generally does not get involved with such mundane activities as warning about flawed commercial software. They obviously perceive this threat as something more than a nuisance to individuals.
If you won’t take the NSA seriously, you should know that Microsoft has taken the extraordinary step of releasing fixes for a slate of unsupported versions of Windows, including Vista, Server 2003, and even XP.
BlueKeep has the potential to unleash viciously malicious system problems that could spread rampantly across the Internet. Microsoft compares it to the notorious WannaCry ransomware worm, which infected hundreds of thousands of computers in 2017. So, I urge you to heed the advice I’m always hyping, and go update your system, especially if you’re still running an older copy of Windows. Thank me later.
To view additional content, comment on articles, or submit a question of your own, visit my website at ItsGeekToMe.co (not .com!)
