News Articles

There can be no denying that Facebook, like so many of the other New/Social Media tools available, is a force to be bargained with. With more than 500mil current users and the number climbing quickly daily, the networking power of Facebook has become an avenue of information, marketing and potential profit for any business.

EPC, Inc. would like to remind everyone about their Facebook presence online and invites YOU to “Like” EPC in an effort to grow the awareness and viability of our Facebook tether to the Internet.

Simply click here to visit and “Like” our presence on Facebook now!

It’s one of the best ways to find out about our current events, our charity efforts, our recycling initiatives and sales throughout the year. You won’t be sorry you did!

Do YOU have a Facebook account? Thought about creating a profile for yourself or your company? Tell us in the comments section below how YOU are using Facebook to change the way you communicate, network and do business. We’d love to hear about it!

Help us understand “the Value of Facebook” now.

For those of you that haven’t taken the time to attend any of EPC’s recent sales, the time has come. This weekend, is EPC’s 2010 Tax Free Holiday Sale providing you with the opportunity to get some of the best computer equipment you can imagine, at a significantly discounted rate – and pay NO SALES TAX. Read on below for more details and be sure to tell your friends and family with students going back to school/college about this great sale!

“Mark Your Calendars! Saturday, August 7th, 2010 is the date for the EPC NO SALES TAX Computer Sale, and you’re invited! In addition to saving 15% on all used computer equipment, YOU PAY NO SALES TAX! Get there early from 8am-2pm and take advantage of great deals! Also check out the new “CLEAR” 4G Wireless Internet access – the fastest mobile internet connection ever to be offered! If you sign up during our sale this weekend, you get to take an additional 5% off your used equipment purchase! It all happens THIS WEEKEND!”

Click here to link to view the event flyer…

Click here to view the Additional 5% CLEAR 4G Wireless Internet Coupon…

It sounds like a plot out of  a summer spy movie, but security researcher Thomas Ryan tested what would happen when posting a fake profile of a real-life Abby Scuito. The results? Over 300 “friends” in the military, information security, and intelligence fields, a few job offers, and invitations to security conferences.

Ryan, the co-founder of Provide Security, said the goal of the study was to determine how effective social networking sites like Facebook, Twitter, and LinkedIn would be as tools in covert intelligence-gathering activities. He crafted “Robin Sage”, a 25 year old Navy cyber threat analyst who graduated from MIT. Even though the profile had some red flags, like a 25 year old having “10 years experience,” it took less than a month to make connections with many in security related fields. Virtual friends shared photos, personal information, invited Robin to conferences, and a few even expressed interest in hiring her.

If Robin were a foreign agent, she would have had access to a lot of very useful information, said Ryan, who is scheduled to present his findings at the upcoming BlackHat security conference in Las Vegas.

Even if you are not in the spy game, what can you learn from this?

  • Like your momma said, “If it sounds too good to be true, it usually is.”
  • If you don’t know them, don’t friend them.
  • Always be mindful of how information posted online could be used against you by identity thieves. For example, how many answers to your security questions for your bank account can be gathered from your Facebook profile?

Social networking has the potential to bring friends together regardless of distance, just be careful who you invite to the party.

Article Inspiration: CIO.com – Fake ‘Femme Fatale’ Shows Social Network Risks

In a recent blog post on Blue Planet Green Living entitled Computer Recycling – The Downside of Upgrading, Caryn Green discusses many of the hurdles we face as an electronics recycler. She does a good job of highlighting the major issues – overseas dumping, identity theft and data privacy, organized crime elements, and the environmental impact. However, even with all those potential issues, we still run into potential clients that say “I will not pay for electronic recycling!” (more…)

Federal prisoners and prison staff members were exposed to toxic levels of heavy metals for years, says a new report from the National Institute of Occupational Safety and Health. (more…)

Well, here we are again. A few weeks after Microsoft pushed out a critical patch to all versions of Internet Explorer, Jorge Luis Alvarez Medina, a security consultant with Core Security Technologies provided details of another attack against the beleaguered browser. This time, an attacker “may be able to access files with an already known file name and location.” If that sounds a bit scary, it should. It falls into a class of attacks called “Local File Disclosure”  and can be exploited by sending the victim to a malicious site at attempts to access files stored on your computer. The attacks leverage different design features of Internet Explorer that can be combined to do serious damage. Secunia has rated this as “Moderately critical(more…)

Data Privacy Day is Jan 28In honor of Data Privacy Day (January 28), Cintas published 10 tips for protecting confidential business data. This list is a good starting point to creating your own data security program. I will list the tips below with additional recommendations on each. Many of these tips are written with paper documents in mind, but nearly all apply to digital storage as well. To see the see the original list, see Cintas’ site.

  1. Implement a document management program. This falls in the category of “identify your treasures.” Make a list of the different types of documents you need to keep – invoices, receipts, contracts, etc. Next determine who needs access to these documents in order to do their job. Identify security measures needed to maintain privacy of the data. Lastly, train all employees on responsible information-handling. Many certifications like PCI and Red Flag require this secure document management training to be compliant. (more…)

data-destructionWhen you replace your computers, what happens to the data on them? With increased legal scrutiny and identity theft protections, it is important for you to know exactly what happens to the information on your end of life computers. Some companies prefer to keep this responsibility in-house, using tools like Blancco, KillDisk, or dBan. Software drive wiping can take a long time, and if you have a large number of machines to wipe, dedicating an employee to wipe drives can be costly. (more…)

ie6_smallMuch has been written about the recent hack targeting Google, but somewhat lost in the shuffle is that the attack specifically targets Internet Explorer 6 on Windows 2000 and Windows XP. Based on their analysis of the attack, Microsoft’s Security Research and Defense blog urges users to upgrade to a newer platform or enable DEP (only available on Windows XP Service Pack 2 or later).

In their blog post, Assessing risk of IE 0day vulnerability, Microsoft outlines the potential impact on the main OS and browser combinations.

Windows 2000 Windows XP Windows Vista Windows 7
Internet Explorer 6 Exploitable Exploitable (current exploit effective for code execution) N/A
(Vista ships with IE7)
N/A
(Windows 7 ships with IE 8)
Internet Explorer 7 N/A
(IE 7 will not install on Windows 2000)
Potentially exploitable (current exploit does not currently work due to memory layout differences in IE 7) IE Protected Mode prevents current exploit from working. N/A
(Windows 7 ships with IE 8)
Internet Explorer 8 N/A
(IE 8 will not install on Windows 2000)
DEP enabled by default on XP SP3 prevents exploit from working. IE Protected Mode + DEP enabled by default prevent exploit from working. IE Protected Mode + DEP enabled by default prevent exploit from working.

In spite of this, Microsoft still has no plans to drop support for IE6, leaving it up to the individual to upgrade if they desire. Because of this, there are still many major corporations that have not yet upgraded from this now ancient browser – IE 7 was released over 3 years ago.

Even though this event is likely to not change their behavior, if upgrading the operating system is not an option, they should at least consider deploying Firefox and the awesome extension IE Tab for those times when they just have to use Internet Explorer.

Also – Google doesn’t get a free pass here. How is it that the maker of the most secure browser still has workstations running IE6?

computer-frustration-200

I was reading 10 seriously annoying default configurations at TechRepublic today and was inspired to come up with my own.

1. Windows Update

I love the idea of Windows Update, but its implementation drives me crazy. First, every update seems to require a restart of the computer. Coming from a linux background that is extremely frustrating, especially on a Windows server. No I can’t restart the Exchange server 3 times a week, thank you very much. Second, some updates are only visible after prior updates are installed, which compounds the restart problem. Third, there’s no way for 3rd party software developers to latch into this update process. This makes keeping a machine secure much harder, forcing admins to rely on tools from vendors like Secunia to keep their systems up to date.

2. User Account Control (UAC)

Much has been written about UAC, a feature of Windows Vista and later that prompts the user performing risky actions – like installing software. Unfortunately it prompted so much that many simply disabled the messages. I personally feel that UAC was one of the “features” that prevented mass adoption of Windows Vista. Thankfully Windows 7 gives you more granular control of the messages UAC displays.

3. Internet Explorer on Windows Servers

I completely agree with the author of the TechRepublic article. Internet Explorer on a Windows 2003 or 2008 server is virtually useless. Yes, you shouldn’t use Windows server for general purpose browsing, but with nearly all reference guides and support online there are times when you must use a web browser on the server.

Say you are in the server room, working on an Exchange server that’s not working. You need to research an error message from the system log so you hop over to Google. Instead of showing you the website you are prompted to add Google to the Trusted sites list. Click on one of the relevant links, add the site to your Trusted sites. Repeat this a few times and tell me that you don’t want to throw the server through a wall.

4. “Are you sure you want to empty the Recycle Bin?”

The whole point of the recycle bin is to prevent accidental file deletion. You have to interact with the Recycle Bin in order to empty it. Why confirm again that these are files need to be deleted?

5. ActiveX component install process

I know that ActiveX is a major security risk, but do I really need to confirm 3 different dialogs before it will install an ActiveX component in Internet Explorer 7 or 8?

6. Menus that change based on frequency of use

This came into vogue after Office 2000 implemented “Personalized Menus.”  The basic idea was that the Office apps had too many options and the average user could not get to the options that they needed quickly. So if an option was not used often, the software auto-hides the option for you. Yeah – great idea. Try walking a friend through a configuration change, only to discover that the menu option is hidden. Here is an idea – if there are too many options in a program, perhaps it is too complex and should be streamlined.

7. Hiding File Extensions

Why design a file system that requires the use of an extension to determine its file type, then design a file browser that hides those extensions. This is the first setting I change on any Windows machine I manage.

8. Hiding System and Hidden Files

If #7 is the first change I make, this one is number two by a few seconds. This one is even cross platform as the Gnome file browser also tries to “help” you by hiding these files from view.

9. Errors cause Copy / Move operations to stop completely.

Ever try to move a bunch of folders from one drive to another – maybe you are backing up your photo collection, maybe you are moving documents from one computer to another. If one file cannot be copied the whole process just stops. Now you have to figure out why the file copy did not work and start all over again. To solve this one, install a 3rd party file copier like TeraCopy.

10. Desktop Cleanup

Everybody uses the desktop a little differently, I tend to use mine as a scratch pad. I keep files that I am currently working on the desktop, and move them to other locations when they are no longer needed. The Desktop Cleanup wizard is like a maid that comes in behind you and starts putting files into random cabinets.

I know it seems like I was picking on Windows with this list, I know there are just as many annoying system defaults on other platforms, but these are the first ten I could think of. Chime in with your list in the comments section.