Microsoft Office 365 / Office 2013 Activation Problems

While Office 2013 has a cloud storage component (today called Skydrive), there are times that subscription payers may receive an error that says
"Sorry, we are having temporary server issues."
Additionally, using a trial version again, on a machine that has experienced this issue, COULD give you a warning that you need to ACTIVATE, but you still cannot activate.

This problem is associated with subscription users of the Office 2013 Home Premium or Office 365 Home Premium.

This product has very poor error messages and informational messages that do not represent the true problem.  Yet, solution to this problem is simple and time consuming.

You need to make sure the computer is connected to a FAST internet connection. With a FAST Internet connection, the removal and installation of this product is time consuming. Expect 30 minutes to remove, and over 45 minutes to install.
You will also need to make sure you are connected to a power line, and that your control panel power saving status (sleep or hybernate) is basically off for non-battery settings.

1. Access your subscription account webpage.

2. Close the current instance of all Office 2013, or Office 365 programs, and make sure the computer is not running any processes in the process tab of the task manager.

3. Go back to the webpage, which should still be logged in to the subscription account information, and go to the ACTIVATION section. DEACTIVATE the particular device that is allocated to the problematic machine.

4. From the control panel - choose the upper left pull-down and change to the option "Small Icons",  the select "Programs and Features", once the entire list displays, click ONCE on the item "Microsoft Office 365 Home Premium" and then choose the button at the top of this list "Uninstall" This will take a while.

5. Once the uninstallation is complete, you can go back to the Office 365 Subscription page, and download the installer using the green Install button. Avoid using the Trial installation download, as well as older downloads from previous attempts. The file that starts the download is very small, but the actual 'streaming' installation process will take a long time. A very long time.

Once installed, you should no longer experience the error, nor that Activation issue.
For more help on technology problems, or security concerns, review our main blog at http://menlotechnical.com/blog.

Security - More than 700,000 APPs in the Android Market Place (High Risk)

Android Devices Remain Dangerous to the Enterprise and Small Business. Image complements of visnetwork

There is a concept in business IT to stop being "structured" and "uptight" about allowing wireless devices to be a part of a corporate campus. While a Blackberry Server and Blackberry devices were a standard for a long time, newer devices to compete with this network model have brought critics forward to claim the older Blackberry model is pointless and pre-historic.  Yet the design of Blackberry - and its security - has allowed it permission to be a standard in the enterprise. Pundits of this architecture typically have no response to the security aspect of adopting new wireless devices to a business network.  This concept is also known as Bring Your Own Device (BYOD), and continues to be a hot topic in business. While people want the easy approach of simply buying something at the store and connecting it to a corporate network, the security problems this causes are too vast and dangerous to ignore.
This is reviewed and discussed in this great post at CIO.gov.

A recent Trend-Micro report states that over 700,000 apps are likely to steal your personal information.  This is up from 509,000 last QUARTER.

According to the people at Neowin, they highlight findings of the TrendMicro report:

The majority of these malicious apps are disguised as popular apps, but contain malware that could see victims subscribe to costly services. FAKEBANK is a common and prominent malware that does just this. By spoofing "legitimate apps", it creates shortcuts to mobile banking programs. Johnathan Leopando, of Trend Micro, says infected users may then be at risk of entering their banking details into a malicious app.

Additionally, on July 23, 2013, trade magazine Infoworld printed Report: Android Spyware on the Rise discussing a recent Malware investigation report by Kindsight. The report findings review the most popular recent infections, vectors and behaviors:

The malware threat most commonly seen on Android devices was an adware Trojan program called Uapush.A that sends SMS messages and steals information, Kindsight said. Uapush.A was responsible for around 53 percent of the total number of infections detected on Android devices.
The second-most-common Android threat was a Trojan program called QdPlugin, whose primary purpose is to install and control other adware programs. This malware is distributed as repackaged versions of legitimate games and connects to a control server located in the U.S.
A particularly worrying trend is the increase in the number of spyware threats that appear in the top 20, according to Kindsight. Spyware programs can typically record phone calls and text messages; track the phone's location; monitor email, social media and browsing activity; access photos and contact information, and more.
"Until now mobile spyware has been aimed at the consumer market, with the promise of being able to track your loved one's every move through their phone," said Kevin McNamee, security architect and director of Alcatel-Lucent's Kindsight Security Labs, in a blog post Tuesday. "But locating teenagers and a straying spouse are only one part of the story."
"Mobile spyware in the 'Bring Your Own Device' context poses a threat to enterprises because it can be installed surreptitiously on an employee's phone and used for industrial or corporate espionage," McNamee said.

While this is nothing new to discuss and blog about (see titles below), it remains a significant security concern for the businesses we help at Menlo Technical Consulting.

Malware Infections Soar on Android Devices Over Recent Past   3/20/2012  
Android Mobile Devices are Targets for Malware   12/26/2011  
eWeek periodical says more advanced trends for breaches 2012   12/20/2011  
Why Android is Still a Problem in the Enterprise   10/22/2011
Android – Marketplace Apps 400% Spyware Increase   5/13/2011


Interesting Infographics on the topic:
Kaspersky Labs Infographic 1

Kaspersky Labs Infographic 2

Universities Warned to Protect Their Computer Networks from China

In a July 16, 2013 article, a New York Times article Universities Face a Rising Barrage of Cyberattacks, Stanford University computer networks were attacked by China sources according to the article.  In another article about the same incident, Stanford Probes Breach, As Attacks on Universities Soar.

The attacks have been increasing in sophistication as well as in frequency, often going undetected, which is prompting university officials to reconsider the open nature of their networks.

“A university environment is very different from a corporation or a government agency, because of the kind of openness and free flow of information you’re trying to promote,” David J. Shaw, the chief information security officer at Purdue University, told the Times. “The researchers want to collaborate with others, inside and outside the university, and to share their discoveries.”

Some research universities work with government agencies on classified projects, but even those that don’t, like Stanford, still work on projects that produce patents and other intellectual property used in commercial, medical and academic fields. And intellectual property has become the prime target of many cyberattacks, officials say.

 

A threat map showing trace lines of where some attacks to the USA originate.

 

University attacks are gaining momentum and are very insipid.  According to Bill Mellon of the University of Wisconsin:

“We get 90,000 to 100,000 attempts per day, from China alone, to penetrate our system,” said Mr. Mellon, the associate dean for research policy. “There are also a lot from Russia, and recently a lot from Vietnam, but it’s primarily China.”

China and Russian Federation are two most frequent countries where unsolicited attacks come from, as a consensus of many computer security researchers. In today's cyberthreat landscape, universities, small to large businesses  - of all types, as well as non-profits should be most concerned about blocking these Internet traffic sources as much as possible. Today a simple subscription to an annual firewall protection service may be all that is needed to avoid these attacks.  Most institutions do not need to allow Internet traffic from China nor the Russian Federation.

One source of this problem are network capable printers. Another article in GCN.com How Hackers can Turn the Internet of Things into a Weapon explains, printers can allow easy access to any hacker who has found his or her way past the security of a private computer network.  Such devices have insecure webpages to help maintain things like drum life, toner quantity, number of printed pages, etc. Until businesses who produce these devices improve the security of them, it is very important to immediately alter the security on these devices to prevent the harboring of infections on private computer networks.

To view the daily reporting of attacks over the Internet, stop by ShawdowServer.org dedicated webpage to view statistics of these attacks.  Or consider visiting the threat portal at ArborNetworks.com for their interpretation of current Internet attack trends.

DDoS Attacks Stopping Websites from Working Summer 2013

There used to be a misconception that if everyone flushed their toilet at the same time, the water supply demand would break. The same idea was behind a strike of buying gas when the prices go up - stop buying gas to protest the price increase. We hope that democratic societies allow for voting to get a certain politician into office works the same way.
That same concept - for many members of a group to cause a strong effect on a few, is used in the computer / Internet world. Specifically the 'bad guys' who are trying to get notoriety for respect, or earn money for doing bad things on behalf of others, have devised a similar idea in the Internet world.

The Internet is a lot like automobile roads and traffic. It was designed to handle a huge amount of traffic and do so through routes that are shortest path to their destination.  Hackers have figured out that they can take control of many computers and use them to attack a few machines at specific locations - like Visa, Bank of America, Macy's, government web sites, or even Internet providers like Comcast and website hosting places like GoDaddy.

HOW DDoS WORKS
Simply explained - the attack is easy to understand; an individual has control over a bunch of 'drone' or 'zombie' computers (which have previously been infected with a Botnet, allow hackers to control them from anywhere in the world, whenever they want) to attempt to go to a website.
Typically websites are designed to handle 30 to 75 people looking at a website at once. Bigger companies can handle much more simultaneous traffic.  When the amount of people looking at the same time goes up to 10,000, it may be difficult to 'serve' those 'webpage requests' all at once. Hackers will employ tens of thousands of machines to view a website, at the same time, which in effect with cripple the website from displaying.  This effect is called a Distributed Denial of Service Attack (DDoS) attack.  Other attacks are based around attacking the machines which help route a PC to the particular page they are trying to visit. This second explanation is what has just happened over the past several months. (BIND 9 has been patched for a vulnerability.)

Recently layman's tools to command and control these kinds of Botnet infected PC's have become readily available. As recently as mid-June 2013 through August 2013, many many websites are made unavailable because of DDoS attacks, or intercepting an unpatched website look up machine.  The effect of which is over 700,000 websites stopped working in July 2013.

MOTIVATION OF HACKERS
In some cases, their motivation is political - to free a political prisoner, or to represent ideologies.  But the DDoS tools are so common today that many attacks are now done because 'it can be done,' and it will provide credibility to various hackers for respect of other, more powerful hackers. I do not want to get into the childish psychology of these 'younger' hackers, but in general it is no longer just for a specific political purpose. It is for personal gain and an individual's ranking in a type of hacker social stratum. 

Neustar has created a helpful infographic showing the 2012 DDoS statistics, as compared to 2011 DDoS data. Kaspersky Labs has created this infographic to help understand how Botnet's effect your computer as well as the Internet at large.

For more detailed information on DDoS attacks, here are a few websites explaining the types, trends, technologies and effect on the world:

ArborNetworks.com Live Threat Portal
NetworkComputing.com DDoS Attacks Getting Bigger, Report Finds
ComputerWeekly.com  New Threat Portal pegs DDoS Attacks at 2570 per Day
Rivalhost.com 12 Types of DDoS Attacks Used by Hackers
Akamai.com The Challenge: Safeguarding Against DDoS Attacks
Verizon Enterprise 2013 Data Breach Investigations Report
Rivalhost.com Understanding Web Threats: Denial of Service Attacks
eWeek.com How Do Booters Work? Inside a DDoS Attack for Hire
Circleid.com 5 Steps to Prepare for a DDoS Attack
Bankinfosecurity.com Who's Really Behind DDoS?

Snall Business Is Still a Hacker's Main Target

Recent reports still show that the hacking community is still targeting small business for their lack of regularly updated security practices in IT. So if you are operating a small business and have not taken your computer security seriously, you should.

Rackspace Hosted Exchange SMTP Changes

Rackspace has decided to improve their email security for their clients and resellers. This means SOME people who have been using their SMTP servers (secure.emailsrvr.com) as CRAM-MD5, will have to reconfigure their email clients to new outgoing email server settings.

This update will only effect users of the following email clients:
 - Mozilla Thunderbird
 - Apple Mail Client (Apple Mail app on iMac's)
 - Older Apple iPad's, iPhones and iPod's that have not upgraded to iOS 6.x


Here is the official announcement and details:

On June 26, 2013, Rackspace will be performing a maintenance on the Rackspace Email and Microsoft Hosted Exchange environments which will remove the ability for mail clients to send mail using the legacy authentication protocol, CRAM-MD5. Once removed, a very small portion of our customers may lose the ability to send mail until their mail client's SMTP authentication method is changed.

Why is Rackspace making this change? Rackspace is continually striving to improve the quality, usability, and security of our mail offering. While CRAM-MD5 is a secure authentication protocol, the industry as a whole has been migrating away from using this mechanism. The recommended method for sending mail today is to use PLAIN/PASSWORD authentication over an SSL or TLS connection.

Will I be impacted? Our extensive testing in preparation for this maintenance has proven that the vast majority of mail clients do not use CRAM-MD5 by default. It is very difficult to pinpoint each and every mail client, version, device, etc that could be impacted, although we do know that if you are running one of the following configurations you could be impacted by this change:

- Thunderbird
- Apple Mail (Mac Mail)
- Apple devices still running legacy iOS versions (prior to IOS 6.x)

* NOTE: Customers using iPhones with Mobile Sync enabled will NOT be impacted.

I'm impacted / will be impacted... How do I fix this? If you feel you may be impacted, or after the maintenance is complete you are no longer able to send mail from your client, you can resolve this issue using one of the following means:

1) Re-configure your mail client so it does not use CRAM-MD5 authentication for SMTP (sending). We also suggest connecting to our system via SSL or TLS when sending mail. Instructions for setting up your mail client can be found at https://help.emailsrvr.com. Please refer to this article http://www.rackspace.com/knowledge_center/article/end-of-support-for-smtp-authentication-using-cram-md5 for instructions on changing the SMTP authentication method.

2) Of course, Fanatical Support is always an option! You can call or chat with a member of our support team and we can walk you through the process.

Is there a workaround while I'm trying to set this up properly? Absolutely! You can always login to webmail to access and send email like normal should you experience issues and need to send something quickly. The webmail login can be accessed here: https://apps.rackspace.com/. You may also read the frequently asked questions below.

...

Frequently Asked Questions

Q: Can you tell if I’m affected?
A: Unfortunately, we have no way of identifying which users specifically are connecting with CRAM-MD5 authentication.

As long as your users are connected with PLAIN/PASSWORD authentication over an SSL or TLS connection, they will not see an impact.  It's always best to double check on the mail clients in question.

Q: Why are only certain clients affected?
A: While we do not know for sure every email client and/or version that could be affected, email clients will be affected if configured using CRAM-MD5.  We have put together instructions for the most common clients and devices that we are aware of that could be configured using CRAM-MD5. As far as we can tell, outlook users will not have any issues. Please refer to this article http://www.rackspace.com/knowledge_center/article/end-of-support-for-smtp-authentication-using-cram-md5 for instructions on changing the SMTP authentication method.

Q: What will happen if I do nothing and I’m affected?
A: Your incoming emails will still be delivered as normal.  You will receive an error, however, when attempting to send emails using SMTP.  As a work-around, you can always use webmail to send/receive at apps.rackspace.com

Apple Online Help - Apple Discussions

Here is the link for Apple product users who experience problems with their devices. It is helpful to undersand a few things before clicking on this link.

- There is probably no unique situation you are dealing with that hasn't been answered before in these online forums.
- There are people who are helpful and know what they are talking about and there are more people who do not. Make sure the people who seem to have advice or answers have been well rated under their user names. This is determined by their "Level" So a Level 1 person often doesn't have the clout or understanding that a Level 7 person would have. In other words, consider the source.
- Also consider advice and answers based on how follow up comments or entries. When you see things like "You are the BEST!" and "You ARE a Genius!" this means often that it could be very helpful advice.
- When you search for issues, try to remove as many extraneous words from the search as possible. For instance: a problem where your imac is not starting and gives you an error on the screen "no system volume found", you will want to search for "no system volume found"; a problem where you can not turn on TimeMachine you can search for 'timemachine not working' or 'timemachine will not start'  Both of these will give you different results.

Here is the link:
Apple Discussions

NBC Special Report - Identity Theft On The Rise

Identity Theft on the Rise

More lucrative than selling cocaine, identity thieves can easily file taxes and make money from other's returns without the stress and complications of a drug deal.

NBC Correspondent: "It has happend almost 1 million times this past year."

Tampa, FL Police Investigator: "I had a drug trafficking offender tell me that he could make $5,000 to $10,000 for a kilo or two of cocaine. He can submit ten tax returns a day and make between $40,000 and $50,000 and watch cartoons."

Beth Tucker, IRS: "Last tax filing season we stopped $20 Billion in fake returns."

Visit NBCNews.com for breaking news, world news, and news about the economy

Here is the US Taxpayer Guide to Identity Theft