Although we have tested Windows 10, and haven't seen any MAJOR problems with the operating system itself (from a clean installation)... we do have one machine in the shop now that has experienced major data loss due to the customer's attempt to upgrade from Windows 7 to Windows 10.  So, before you attempt to do an 'in place upgrade'... if you have data you do not want to potentially lose (pictures, documents, email, etc.)... BACKUP-BACKUP-BACKUP before attempting the free upgrade!!!  If you do not know how to backup all your data, or are unsure, we have backup and imaging services and/or can perform your upgrade for you to ensure you have no catastrophic data loss - and to ensure your computer is working smoothly with Windows 10!  Call or contact us today for more information!

15 Jul 2015 at 10:37, Stuart Burns

Throughout my career I have seen many Windows releases with minimum requirements that were a little bit deceiving. Sure, the machines would boot, but you would sometimes have enough time to brew a fresh pot of coffee before the computer was in a usable state.

That usable state excluded any applications you wanted to run on top of the OS. Around the Windows 95 and 98 era, this experience wasn’t pleasant if the hardware was close to the minimum requirements.

You quickly found out how patient your users were if you didn’t give them a PC that worked at a reasonable speed. In current times, with even the most lowly machines having multiple cores and running at multiple gigahertz, it shouldn’t be a problem... right?

So with Windows 10 round the corner, and Microsoft doling it out as a free (for now) upgrade to users of Windows 7 and 8, everyone should be able to upgrade to Windows 10 with no problems... right?

Setting aside the actual usability of Windows 10 itself, the answer to the question from the hardware perspective at least is: “Probably, with caveats.” What can you, as the administrator, do before Windows 10 lands to make sure you and your company are prepared?

Even machines four or five years old will meet the minimum specs. The hardware minimums are:

1. 1GHz CPU

2. 1GB for 32 bit version, 2GB for 64 bit

3. 16GB free disk space

4. DirectX 9 driver that is WDDM approved

Microsoft has defined the minimum specifications for Windows 10 on their website. Alongside the minimum requirements is a statement that any machine running Windows 8.1 should be capable of running Windows 10. That is quite a bold statement to make. Only time will tell if this statement turns out to be true.

To those people who, by choice or need, are still running Windows 7, no such guarantee or statement has been made. As long as the machine – or machines – in question meet the minimum specifications, it will be the long-used “suck it and see” approach. If the upgrade doesn’t go as planned, however, Microsoft has provided a roll back mechanism. It should prove useful for those machines that don’t work as expected or for users who decide Windows 10 is not for them.

Hello there Windows 10
The new look for your Windows 7 PC?
One problem that I suspect a lot of Windows 7 upgraders may face is the fact that the hardware or peripherals that were purchased when Windows 7 came out almost six years ago will have little to no chance of having the correct Windows 10 drivers available, given the speed with which add-on hardware becomes obsolete. Sure, some Windows 8 drivers may work but even then it would be touch-and-go as to whether they work as expected.

Please contact us for more information on upgrading or purchasing a computers with Windows 10!

The Windows Server 2003 end of life is just days away. Microsoft will officially end support on July 14. Yet, despite the fact that Server 2003 is 13 years old, 61 percent of businesses are still running at least one instance of it within their networks.

The small businesses still running it need to understand that while their computers are not going to suddenly stop working on July 15, by continuing to run Server 2003, they’re leaving their businesses vulnerable to a myriad of threats. The implications of failing to migrate WILL compromise your data (possibly to include customer/client data that you are responsible for keeping secured), Starkville Computers and MainStream Technologies, Inc. can help you make it through this change with relative ease.  Please contact us for a free consultation regarding if/how this change may impact your business.

From now until Wednesday 6/17/15, almost all of our already low priced refurbished computers are discounted from $25 to $75. A few examples are: 

•  Dell Inspiron N4010
• Windows 7 Home Premium
• Intel Core i3 Processor
• 4GB RAM
• Was $300 now $250

• HP Pavilion G7
• Windows 8.1
• 8GB RAM
• AMD A4 Processor
• 17" Screen
• Was $325 now $250

Press Release – FAA Selects Mississippi State University Team As Center of Excellence for Unmanned Aircraft Systems

May 8, 2015

Contact: Laura Brown 
Phone: 202-267-3883; Email: laura.j.brown@faa.gov 

WASHINGTON – After a rigorous competition, the U.S. Department of Transportation’s Federal Aviation Administration (FAA) has selected a Mississippi State University team as the FAA’s Center of Excellence for Unmanned Aircraft Systems (COE UAS). The COE will focus on research, education and training in areas critical to safe and successful integration of UAS into the nation’s airspace.

The team brings together 15 of the nation’s leading UAS and aviation universities that have a proven commitment to UAS research and development and the necessary resources to provide the matching contribution to the government’s investment.

“This world-class, public-private partnership will help us focus on the challenges and opportunities of this cutting-edge technology,” said U.S. Transportation Secretary Anthony Foxx. “We expect this team will help us to educate and train a cadre of unmanned aircraft professionals well into the future.”

The COE research areas are expected to evolve over time, but initially will include: detect and avoid technology; low-altitude operations safety; control and communications; spectrum management; human factors; compatibility with air traffic control operations; and training and certification of UAS pilots and other crewmembers, in addition to other areas.

“This team has the capabilities and resources to quickly get up and running to help the FAA address the demands of this challenging technology over the next decade,” said FAA Administrator Michael Huerta.

The FAA expects the COE will be able to begin research by September 2015 and be fully operational and engaged in a robust research agenda by January 2016.

Congress appropriated $5 million for the five-year agreement with the COE, which will be matched one-for-one by the team members.

In addition to Mississippi State University, the other team members include: Drexel University; Embry Riddle Aeronautical University; Kansas State University; Kansas University; Montana State University; New Mexico State University; North Carolina State University; Oregon State University; University of Alabama, Huntsville; University of Alaska, Fairbanks; University of North Dakota; and Wichita State University.

The FAA will determine the relationship between the new COE and the six UAS sites the FAA announced last year once the new team develops detailed research plans. The FAA expects COE flight testing to occur at one or more of the existing test sites.

Congress mandated that the FAA establish the COE under the Consolidated Appropriations Act of 2014. Like university think tank partnerships, the agency’s Centers of Excellence bring together the best minds in the nation to conduct research to educate, train and work with the FAA toward solutions for aviation-related challenges.

Only $299.00!

If you have been curious about the look and feel of the upcoming Project Spartan (Windows 10) Operating System, be curious no more!  We have a computer setup in our office that you are welcome to come by and take a look at!  Our opinion??? There is a lot of work yet to be done before the final version is ready for release this summer, but overall, it appears that a lot of the complaints from the troubled Windows 8 have been heard by Microsoft!  You are no longer forced to use the Metro Live Tile interface, the old, familiar desktop comes up as default.  The new Start Menu gives us the best of both worlds, plus you can enlarge the menu to full screen view.

Biometric passwords give the ability to do face, finger, or iris scanning.  Come take a look at the new task view button, virtual desktops (which we have seen on mac computers for years),  increased performance (although it still won't run efficiently on older machines), web page annotation, and much more.

If you do have a touchscreen device, you will still get the full functionality that Windows 8 attempted to give you.  For gamers, there are additional features such as an Xbox app that will be improved in the coming months.

"Windows 10 isn't going to fix everything, but these changes to Windows 8's most divisive elements have made a world of difference to the OS. And that's crucial to Windows' future, as Microsoft is still looking at the big picture: PCs are old news." ~cnet

Come on by... or call for an appointment, for us to give you a quick overview of the "new and improved" Windows 10.

If you’re an American and haven’t yet created an account at irs.gov, you may want to take care of that before tax fraudsters create an account in your name and steal your personal and tax data in the process. [USE LINK ABOVE TO GO TO IRS.GOV AND SELECT ONLINE TRANSCRIPT]

Recently, KrebsOnSecurity heard from Michael Kasper, a 35-year-old reader who tried to obtain a copy of his most recent tax transcript with the Internal Revenue Service(IRS). Kasper said he sought the transcript after trying to file his taxes through the desktop version of TurboTax, and being informed by TurboTax that the IRS had rejected the request because his return had already been filed.

Kasper said he phoned the IRS’s identity theft hotline (800-908-4490) and was told a direct deposit was being made that very same day for his tax refund — a request made with his Social Security number and address but to be deposited into a bank account that he didn’t recognize.

“Since I was alerting them that this transaction was fraudulent, their privacy rules prevented them from telling me any more information, such as the routing number and account number of that deposit,” Kasper said. “They basically admitted this was to protect the privacy of the criminal, not because they were going to investigate right away. In fact, they were very clear that the matter would not be investigated further until a fraud affidavit and accompanying documentation were processed by mail.”

In the following weeks, Kasper contacted the IRS, who told him they had no new information on his case. When he tried to get a transcript of the fraudulent return using the “Get Transcript” function on IRS.gov, 

He learned that someone had already registered through the IRS’s site using his Social Security number and an unknown email address.

he learned that someone had already registered through the IRS’s site using his Social Security number and an unknown email address.

“When I called the IRS to fix this, and spent another hour on hold, they explained they could not tell me what the email address was due to privacy regulations,” Kasper recalled. “They also said they could not change the email address, all they could do was ban access to eServices for my account, which they did. It was something at least.”

FORM 4506

Undeterred, Kasper researched further and discovered that he could still obtain a copy of the fraudulent return by filling out the IRS Form 4506 (PDF) and paying a $50 processing fee. Several days later, the IRS mailed Kasper a photocopy of the fraudulent return filed in his name — complete with the bank routing and account number that received the $8,936 phony refund filed in his name.

“That’s right, $50 just for the right to see my own return,” Kasper said. “And once again the right hand does not know what the left hand is doing, because it cost me just $50 to get them to ignore their own privacy rules. The most interesting thing about this strange rule is that the IRS also refuses to look at the account data itself until it is fully investigated. Banks are required by law to report suspicious refund deposits, but the IRS does not even bother to contact banks to let them know a refund deposit was reported fraudulent, at least in the case of individual taxpayers who call, confirm their identity and report it, just like I did.”

Kasper said the transcript indicates the fraudsters filed his refund request using the IRS web site’s own free e-file website for those with incomes over $60,000. It also showed the routing number for First National Bank of Pennsylvania and the checking account number of the individual who got the deposit plus the date that they filed: January 31, 2015.

Kasper said he can’t prove it, buthe believes the scammers obtained that W2 data directly from the IRS itself, after creating an account at the IRS portal in his name (but using a different email address) and requesting his transcript.

The transcript suggests that the fraudsters who claimed his refund had done so by copying all of the data from his previous year’s W2, and by increasing the previous year’s amounts slightly. Kasper said he can’t prove it, but he believes the scammers obtained that W2 data directly from the IRS itself, after creating an account at the IRS portal in his name (but using a different email address) and requesting his transcript.

“The person who submitted it somehow accessed my tax return from the previous year 2013 in order to list my employer and salary from that year, 2013, then use it on the 2014 return, instead,” Kasper said. “In addition, they also submitted a corrected W-2 that increased the withholding amount by exactly $6,000 to increase their total refund due to $8,936.”

MONEY MULING

On Wednesday, March 18, 2015, Kasper contacted First National Bank of Pennsylvania whose routing number was listed in the phony tax refund request, and reached their head of account security. That person confirmed a direct deposit by the IRS for $8,936.00 was made on February 9, 2015 into an individual checking account specifying Kasper’s full name and SSN in the metadata with the deposit.

“She told me that she could also see transactions were made at one or more branches in the city of Williamsport, PA to disburse or withdraw those funds and that several purchases were made by debit card in the city of Williamsport as well, so that at this point a substantial portion of the funds were gone,” Kasper said. “She further told me that no one from the IRS had contacted her bank to raise any questions about this account, despite my fraud report filed February 9, 2015.”

The head of account security at the bank stated that she would be glad to cooperate with the Williamsport Police if they provided the required legal request to allow her to release the name, address, and account details. The bank officer offered Kasper her office phone number and cell phone to share with the cops. The First National employee also mentioned that the suspect lived in the city of Williamsport, PA, and that this individual seemed to still be using the account.

Kasper said the local police in his New York hometown hadn’t bothered to respond to his request for assistance, but that the lieutenant at the Williamsport police department who heard his story took pity on him and asked him to write an email about the incident to his captain, which Kasper said he sent later that morning.

Just two hours later, he received a call from an investigator who had been assigned to the case. The detective then interviewed the individual who held the account the same day and told Kasper that the bank’s fraud department was investigating and had asked the person to return the cash.

“My tax refund fraud case had gone from stuck in the mud to an open case, almost overnight,” Kasper sad. “Or at least it seemed to be that simple. It turned out to be much more complex.”

For starters, the woman who owned the bank account that received his phony refund — a student at a local Pennsylvania university — said she got the transfer after responding to a Craigslist ad for a moneymaking opportunity.

Kasper said the detective learned that money was deposited into her account, and that she sent the money out to locations in Nigeria via Western Union wire transfer, keeping some as a profit, and apparently never suspecting that she might be doing something illegal.

“She has so far provided a significant amount of information, and I’m inclined to believe her story,” Kasper said. “Who would be crazy enough to deposit a fraudulent tax refund in their own checking account, as opposed to an untraceable debit card they could get at a convenience store. At the same time, wouldn’t somebody who could pull this off also have an explanation like this ready?”

The woman in question, whose name is being withheld from this story, declined multiple requests to speak with KrebsOnSecurity, threatening to file harassment claims if I didn’t stop trying to contact her. Nevertheless, she appears to have been an unwitting — if not unwilling — money mule in a scam that seeks to recruit the unwary for moneymaking schemes.

ANALYSIS

The IRS’s process for verifying people requesting transcripts is vulnerable to exploitation by fraudsters because it relies on static identifiers and so-called “knowledge-based authentication” (KBA)  — i.e., challenge questions that can be easily defeated with information widely available for sale in the cybercrime underground and/or with a small amount of searching online.

To obtain a copy of your most recent tax transcript, the IRS requires the following information: The applicant’s name, date of birth, Social Security number and filing status. After that data is successfully supplied, the IRS uses a service from credit bureau Equifaxthat asks four KBA questions. Anyone who succeeds in supplying the correct answers can see the applicant’s full tax transcript, including prior W2s, current W2s and more or less everything one would need to fraudulently file for a tax refund.

The KBA questions — which involve multiple choice, “out of wallet” questions such as previous address, loan amounts and dates — can be successfully enumerated with random guessing. But in practice it is far easier, said Nicholas Weaver, a researcher at theInternational Computer Science Institute (ICSI) and at the University of California, Berkeley.

“I did it twice, and the first time it was related to my current address, one old address question, and one ‘which credit card did you get’ question,” Weaver said. “The second time it was two questions related to my current address, and two related to a car loan I paid off in 2007.”

The second time round, Weaver said a few minutes on Zillow.com gave him all the answers he needed for the KBA questions. Spokeo solved the “old address” questions for him with 100% accuracy.

“Zillow with my address answered all four of them, if you just assume ‘moved when I bought the house’,” he said. “In fact, I NEEDED to use Zillow the second time around, because damned if I remember when my house was built.  So with Zillow and Spokeo data, it isn’t even 1 in 256, it’s 1 in 4 the first time around and 1 in 16 the second, and you don’t need to guess blind either with a bit more Google searching.”

If any readers here doubt how easy it is to buy personal data on just about anyone, check out the story I wrote in December 2014, wherein I was able to find the name, address, Social Security number, previous address and phone number on all current members of the U.S. Senate Commerce Committee. This information is no longer secret (nor are the answers to KBA-based questions), and we are all made vulnerable to identity theft as long as institutions continue to rely on static information as authenticators. See my recent story on Apple Pay for another reminder of this fact.

Unfortunately, the IRS is not the only government agency whose reliance on static identifiers actually makes them complicit in facilitating identity theft against Americans. The same process described to obtain a tax transcript at irs.gov works to obtain a free credit report from annualcreditreport.com, a Web site mandated by Congress. In addition, Americans who have not already created an account at the Social Security Administration under their Social Security number are vulnerable to crooks hijacking SSA benefits now or in the future. For more on how crooks are siphoning Social Security benefits via government sites, check out this story.

Kasper said he’s grateful for the police report he was able to obtain from the the Pennsylvania authorities because it allows him to get a freeze on his credit file without paying the customary $5 fee in New York to place and thaw a freeze.

Credit freezes prevent would-be creditors from approving new lines of credit in your name — and indeed from even being able to view or “pull” your credit file — but a freeze will not necessarily block fraudsters from filing phony tax returns in your name.

Unless, of course, the scammers in question are counting on obtaining your tax transcripts through the IRS’s own Web site. According to the IRS, people with a credit freeze on their file must lift the freeze (with Equifax, at least) before the agency is able to continue with the KBA questions as part of its verification process.

This entry was posted on Monday, March 30th, 2015 at 12:23 am and is filed under A Little Sunshine, The Coming Storm, Web Fraud 2.0. 

WINDOWS 10   IS coming this summer, Microsoft has confirmed, and will be free to anyone using Windows 7 or better. Even people who didn’t pay for it.

That’s right, even Windows 7 and 8 users who don’t have a valid Windows license will get a free bump up to Windows 10. The release timing and new upgrade scheme were revealed by Microsoft operating system chief Terry Myerson at the WinHEC technology conference in Shenzhen, China, Reuters reports. Microsoft did not respond to a request for comment.

It’s a surprising move given the importance that Microsoft has placed on Windows license revenue in the past, and the lengths Microsoft has gone to to prevent the spread of pirated copies of the operating system. But the company has spent the past year reinventing itself in many ways, including going so far as to announce a free version of Windows for devices with screens smaller than nine inches.

Meanwhile, operating system pricing expectations have also been changing. Apple has offered free upgrades to OS X since 2013, and mobile operating system updates have long been free. Apple can make up for some of this lost revenue through increased hardware sales, and Microsoft is trying this strategy as well with its Surface tablet/notebook hybrid and other new devices. But Google offers its Android mobile operating system for free, making money off mobile advertising and app sales in the Google Play Store. Microsoft may similarly see a free Windows 10 as the gateway to alternate revenue streams.

The company now offers a range of cloud services, including Office 365, Skype and OneDrive, that Windows users may be more likely shell out for, even if they didn’t buy an operating system license. And even if those customers don’t end up buying cloud services from the company, at least they’re staying in the Microsoft ecosystem. Last quarter Microsoft’s revenue from consumer licensing — including both Windows and Office — accounted for only 16 percent of the company revenue, down from 23 percent the previous year. With Apple and Google Chromebooks slowly eating into Microsoft’s market share, the company could be thinking that a non-paying customer is better than no customer at all.

The company could also be worried about leaving millions of machines running outdated operating systems and software. Unpatched systems can spread malware and viruses, and releasing security updates for decades old platforms is costly. Microsoft has been campaigning to get users to retire Windows XP and the Internet Explorer 6 web browser, but China has been particularly slow to upgrade both. To make matters worse, the Chinese government, which has long clashed with Microsoft over piracy, even banned the use of Windows 8 on government computers largely due to concerns over upgrade costs.

The move to simply give away updated copies to pirates could ensure that Microsoft doesn’t end up in the same situation again. But regardless of the reason, it’s certainly a change of direction for the company. And welcome news to those who acquired Windows through less than legal means.