A gallery of fail -or- Why you need to know who your technician is

If you weren’t aware, I teach computer classes part-time at Madison College. I teach one night a week during the fall and spring semesters to keep up-to-date on my tech skills and to hone my communication skills. As I’ve said before in my practice, it’s great to be a top-notch computer technician and many people are just great and dandy at being able to troubleshoot, diagnose, and repair all sorts of technical problems. But the confusing tech jargon, suffering social skills, and lack of empathy can make working with an experienced computer technician somewhat difficult. Thus, not only do I teach to the technical knowledge, but I am always sure to emphasize customer service and communication skills. I can only hope that my influence will carry over to my students’ professional lives.

Sometimes, a lack of social skills isn’t the only thing missing from a computer repair. Sometimes the technical skills are missing too. That brings us to a case I wish to share with you all.

While teaching a computer hardware course I told my students to feel free to bring in any non-working computer. It’s a win-win – they get their computer fixed, and I get to teach them what was wrong with it. One night a woman brought in her computer. It had recently been taken in for a repair at Best Buy and the Geek Squad had looked at it for her. The computer had shut off one night and would not start up. It acted as if it was unplugged – no lights, no display, nothing.

She was charged $99 right off the bat to have the case opened. They accepted the machine for repair and told her that they would call her in a few days. They did, and when she went to pick it up the bill was well over $200. The problem turned out to be a bad power supply, a not-uncommon issue with older PCs, but the price seemed a little high for that. Not knowing any better at the time, she paid it and all was well.

That was, until the PC stopped working again a few weeks later. By then she was in my class and eager to find out what was wrong this time.

So we opened up the case and found this:

Zip-tied power supply

There – I fixed it!

And this:

zip-tied power supply

A little crooked but hey, so are we!

And also, this:

zip-tied power supply

We needed to use two zip ties – Bob, add $20 to the bill.

Those are zip-ties holding in the power supply. What happened was this: Her computer had a proprietary power supply. Most power supplies are squares that fit the case universally. Others may have proprietary designs that requires a power supply especially designed for the case. In her case, a power supply that fit her case should have been ordered and installed. They are more expensive and may be more difficult to source but they are available if one looks around.

Instead of taking that step, however, the Geek Squad decided to shoehorn a common power supply into the case using zip-ties. This little innovation worked at first, but after a little time and a few computer moves, bumps, and vibrations, the power supply dropped – right onto the CPU/processor fan. That, in turn, caused the processor to overheat. Once the processor overheated the computer was pretty well done for.

As I explained this to the student she remained very calm – much calmer than I thought she would. She understood what I told her and, at the end of class, we packaged everything back up for her and that was that.

Next week she came to class early with a grin on her face. She told me that she had gone back to Best Buy, confronted the Geek Squad, and, armed with the evidence, her new-found knowledge, and utter determination, she was able to not only get her money back but snagged a $50 gift card as well. In the end I think her computer hardware course just about paid for itself.

The lessons are many, but I’ll leave you with this: knowledge is power, and be sure that you know just who exactly is working on your computer. Not only is your security and privacy at stake, but you just never know what boneheaded fix may be in store.

Speed up your computer by installing more software?

Frustrated computer user

What happened to my cat video? No!!!!!

I’m sure that most everyone who watches some amount of television has seen them – the person frustrated by blue screens of death (BSODs), errors, and pop-ups on their computer. The person behind them recommends that they get RepairMyPCNow (or whatever) to alleviate all of their woes. These commercials tout software that claims to, among other things, boost your computer (and Internet) speed by 50%, eliminate viruses, stop crashes and get rid of blue screens. So the question is, does that software work? Can you really just install something and have it make a significant difference in the speed and security of your computer? The short answer is not really.

Let’s take an objective look at this: Installing more “stuff” onto your computer is not likely to do you any favors in the speed and reliability departments. You may not know this, but legitimate software, such as antivirus programs and anti-malware programs, actually slow down your computer’s performance, sometimes significantly! We use antivirus and anti-malware programs, however, because the hit on the computer’s performance is slight compared to the hit in performance that the computer would suffer if it were to be infected with a virus or, more commonly, a piece of malware. There is also a plethora of different antivirus and anti-malware programs out there that can be used if they are slowing down your computer significantly.

Likewise, any other software that is running is going to add to the cumulative load that your computer runs when it boots and runs. If you’ve ever witnessed the boot speed of a newly-installed computer you’ll see that it is much, much faster than a typical computer that has been in use for a year or two. This is because a new computer doesn’t have the software load on it that one in use typically has. We install software, though, because it is necessary in order for us to do tasks on a computer. But we also install the right software, not just anything and everything that is available to us.

One needs to examine the security aspect of installing unknown and non-vouched-for software onto their computer. By installing FRepairMyPCNow (or whatever), you’re opening your computer up to someone that you shouldn’t necessarily trust. Remember, the common denominator in malware and in computer malfeasance is money – the almighty buck is the driving factor behind most scams, spams, and shams. You can pay $49.95 for software that may or may not work or you could pay around the same amount to have a qualified computer technician look at your computer in person, verify the security of it, remove any junk software, and attend to any other issues that may be present.

Dirty CPU fan


There’s also the hardware aspect to consider – if your CPU fan is dying a slow death because the bearings are shot, no amount of software is going to be able to fix that. Same thing if your hard drive is dying, the amount of memory you have is too low, or your CD drive isn’t working – software cannot fix that. Most blue screens I come across are actually hardware-related due to overheating or bad memory. It happens and it requires a skilled technician to accurately determine the root cause of any BSODs. Same with slow Internet speeds – this could be hardware or software-related and again, a qualified computer technician is the best way to get this sorted out.

It does sound easier to install this kind of software – you don’t need to schedule a technician and it’s right there online. But what are you really getting? Is more software really the answer? Simply put, nothing can beat an experienced computer technician when it comes to diagnosing and repairing your computer.

What do you do with that old computer?

An old computer

It still works! Kind of….

There’s nothing better than the feeling of a new computer – the speed, the responsiveness, the speed, the new games, the speed – it all makes you want to forget about the hunk of junk that’s now sitting in a basement corner collecting dust. You can either leave it there until the end of time or get rid of it, but how? What should you do with that old computer?

There are a few ways to repurpose that old machine if it is working order. One suggestion is to have it reformatted, have the operating system reinstalled (Windows or OS X), and give it to the kids, a family member, or a friend who might not have a computer. The advantages of this are twofold: it keeps a computer out of the landfill and, if given to the kids, it keeps them off of the parents’ computer, lessening the chances that the computer used for online banking and work isn’t as likely to be compromised. Of course, there are ways to lock down a child’s online activity but nothing beats having junior on a computer of his or her own.

Another way to repurpose that old computer is to donate it to a local non-profit, such as a free clinic, school district, or charitable organization. Many non-profits would likely welcome a newer, working computer. A qualified technician can determine whether or not your machine is suitable for donation and, if not, many will donate parts and labor to get the computer up to snuff.

If your computer is broken beyond repair or is so old that it is no longer considered useful then the machine should be recycled at a local recycling center. Many municipalities have a recycling center that will accept to take broken or old electronic devices. In many cities and states, including Wisconsin, it is against the law to put any sort of electronics into the trash. Goodwill Industries will recycle old computers free of charge.

Remember though, before you donate or recycle your computer you will want to have the hard drive wiped and/or destroyed to protect any personal data.

Wiping a hard drive securely can be done by just about anyone brave enough to risk it. I use a free tool called Darik’s Boot and Nuke (DBAN) to erase old hard drives securely. DBAN wipes a drive using a variety of methods to ensure data on the hard drive isn’t recoverable. It’s freeware, meaning anyone can download it, burn it to a CD, and be off and running. The DBAN site has instructions on just how to download the software, burn it to a CD, and wipe a computer’s hard drive.

DBAN is also very dangerous – once a drive is wiped the data that was on it cannot be recovered at all, so if the disk accidentally finds its way into the family PC, gets booted, and someone types ‘autonuke’ (all very unlikely but hey, you never know), that could be disastrous. There’s also the issue regarding a computer that doesn’t work – if you can’t boot the computer then using a CD-based program to erase the drive becomes impossible. Also, DBAN won’t work on some laptops with certain features like SD card readers without disabling those devices in the BIOS.

If you do not feel comfortable using this or any other tool or the computer doesn’t work at all I suggest you contact a reputable, trustworthy computer technician to erase or destroy the drive for you. You’re trusting this person with your personal data so I’d recommend against just choosing a name out of the phone book. Instead, ask around for help or have a computer-savvy relative or friend erase the hard drive in your presence.


A destroyed hard drive

How many of us have wanted to do this at some time?

Destroying a hard drive is another method for ensuring that a computer’s data is not recoverable. This process varies but essentially means that the drive is physically destroyed to such an extent that reading anything off of the drive is impossible. There are a few specialized machines out there that are designed just for this purpose.

At Jay’s Computers I don’t have a machine capable of crushing hard drives (yet!) but I will erase hard drives for free and recycle customers’ machines for free. Your data is important, and keeping it safe and secure is one of my primary goals when working on your computer.

Whatever you do decide to do with your old machine, be sure to have the hard drive erased or destroyed so that your data stays secure if you decide to donate or recycle it.


Scam AlertI feel a knot in my stomach after having just gotten off of the phone with a regular client of mine. She had been having some issues with an anti-virus program, so she went online and found a site that promised to fix it for her. In the end they remoted into all three of her and her husband’s computers and removed “hundreds upon hundreds of viruses and junk files”. They then turned around and charged her $400 for their services.

Realizing that she may have been scammed she called them back only to be hung up on. Now she and her husband are closing their credit cards, resetting passwords, and generally being very anxious about their computers. I know that these computers were, in fact, not infected at all, as I had just worked on two of them in the past month. Instead, what happened is that the scam artists remoted in, blanked the screen so that the customer couldn’t see what they were doing, and then likely installed malware or spyware onto the computers. I’ll find out just as soon as I get them in my hands this evening.

I’m not upset that they didn’t go to me for help in the first place, as I am sure that they wanted to take care of this particular problem on their own. In the end, however, they’ve really found themselves in a predicament and it’s one that I hear about all too often – you MUST work with someone you trust when it comes to your computer and, essentially, your data. I work hard to earn peoples’ trust and, likewise, I look around before trusting other people with things I need to have fixed. Trust is the building block of any professional and personal relationship.

The lessons learned here are numerous but I want to focus on a few:

1) Though it didn’t happen in this situation, please be aware that no one, at any time from any company, will ever call you and ask to work on your computer because it has a virus or problem. That includes Microsoft, McAfee, Norton, etc. If someone calls you and asks to remote into your computer, hang up immediately.

2) Establish a trust relationship with anyone who works on your computer. Local computer stores are usually more trustworthy than big-box computer repair stores (or sketchy online websites) for a multitude of reasons. At a big-box store the technicians are generally ill-trained and ill-equipped to fix any but the most basic of issues, whereas someone who is in business for themselves generally has been on the front lines of support for some time and has a vested interest in fixing your machine properly the first time around.

3) Always get a second opinion. I encourage people to shop around for not only the best prices when it comes to computer repair but also for the best solution to the problem. I’ve heard big-box stores tell egregious lies about computer repairs (bad motherboard or bad hard drive always seems to be the scariest and also tends to rake in the most money) just to pad the bottom line. Always get a second or even third opinion from a trusted computer repair shop Many places will give you a free written estimate before performing any work. Or, at least I do.

4) Last, don’t be too hard on yourself should you befall a scam. These are professional con artists whose very job it is to extract a large amount of money from you in the shortest amount of time. These crooks will often also install malware or spyware in order to gain constant access to your computer to steal credit card, banking, or other personal information.

Behind every scam is a thief waiting to take your money. Follow my advice and you should find yourself better prepared to face these crooked predators.

Tutorial: How to Install, Configure, and Use LastPass

One of the most common mistakes when creating a new account, be it for a hobby website, online banking, or web email, is creating a password that’s too weak or easily guessed. On the flip side, creating a strong password has its benefits but they tend to be easily forgotten in the flood of unique passwords we use (you do use a unique password for everything, right?)

The goal of a good, strong password is threefold: It should be not easily guessable (containing no personal information like birthdays, pet’s names, etc.), it should be random (a mix of UPPER, lower, numb3rs, and $ymbol$), and it should be unique (not shared across many sites or accounts).

What’s a person to do?

To simplify managing my passwords, I use a program called LastPass. LastPass is a free password management tool that uses a master password to remember the passwords for all of your websites. All you need to do is download the appropriate version of LastPass, install it, setup an account, and start using it!

One thing I do want to mention before I get started – LastPass did have a possible security concern in February 2011. While it looks like nothing was ever compromised, LastPass did the right thing by reacting very quickly and forcing users to reset their master passwords. To this date, it is unlikely that anyone ever actually compromised their security. Even if someone had, LastPass uses encryption and hashing to prevent your passwords from being revealed. To this day I trust LastPass wholeheartedly and recommend it to my clients.

Installing LastPass

Go to http://lastpass.com and click on the Download link at the top of the page. The website is smart enough to take you to the proper download for your operating system. Even if you are not using some of the web browsers that are supported you can download and install the application.

LastPass Download Link

Download Link Save the file to a location where you can find it or just click on Run to open it automatically after downloading.

Once the installer starts you will be asked to select your language.

Choose Language

Click on the Next button until you get to the installation options screen. Here you will be prompted to install LastPass for the browsers you currently have installed. Click on the Next button again to install the plug-ins.

LastPass Choose Browsers

The next screen will ask you if you already have an account. Select the option to create a new account. Click Next.

LastPass Create Account Screen 1

On the account creation screen you will need to enter your email address and a LastPass Password. This LastPass Password is also known as your master password – it is the key that will unlock the vault that contains all of your other passwords so it needs to be as secure as possible! One thing that may help you is to use spaces – instead of a password, use a passphrase. This makes a password more secure by an order of magnitudes. A passphrase also has the added bonus of being easier to remember – a sentence is lot easier to quote from memory than a mess of letters, number, and symbols. Another method of ensuring some security is to use number or symbol substitution – that is, use a number or a symbol in place of a letter. For example, the word ‘squirrel’ could be written as ‘$qu!rr3l’. It’s a much more difficult to crack than a plaintext password and a little easier to remember, though not nearly as secure as a passphrase.

Then, use something that can help you remember what your password or passphrase is. In the screenshot below I used a common typing exercise for my passphrase and entered 4th grade as my reminder, since that is when I learned that phrase. If you forget your password or passphrase later on LastPass will use your email address and password reminder to help you remember it. If you still can’t remember it you’ll be sent some special instructions to reset it. The best thing to do though is to remember this password or passphrase! I promise; it’ll soon be the only one you’ll need to remember.LastPass Create Account Screen 2

After you click Next you will be prompted to reenter your password or passphrase. Once done, click Next.

LastPass Create Account Screen 3

LastPass will then ask you if you want to import any insecure items on your computer. Assuming you think you have some, go ahead and choose yes. If the computer is new or you haven’t used saved passwords in your browsers, click No. Note – this only checks for insecure passwords in your web browsers, not in any other locations.

LastPass Import Insecure Items

Once you are finished choose whether or not LastPass keeps you logged in or automatically logs you out. This option is dependent on how your computer is setup – if multiple people login using the same Windows or OS X user account then you will want to be automatically logged out. If you have your own Windows account then you may choose to keep yourself logged in. Being automatically logged out is more secure but also a little less convenient.

LastPass Login or Log Out

Configuring LastPass

Once you are done installing Internet Explorer and Firefox may ask you if you want to install the LastPass add-on. Go ahead and allow this.

Firefox Allow LastPass add-on

Once your browser is up and running you should see the LastPass icon. In Firefox it is usually found in the upper-right corner of the web browser. In Internet Explorer it is located in the upper-left of the browser. If you do not see it right away, make sure that the LastPass Toolbar has a check next to it (under the View Menu in Internet Explorer, on Firefox it is located in the Firefox button, Options, LastPass Toolbar).

Internet Explorer LastPass ToolbarFirefox LastPass Toolbar



Click on the icon to see the LastPass menu:

The top option allows you to logoff.

The My LastPass Vault is the area where all of your passwords are stored,

Recently Used will bring up sites that you’ve used in the past few days.

Sites stores all of the site groups and sites filed under those groups.

Secure Notes allows you to jot down a note that is password protected (as long as you are logged out of LastPass).

Fill Forms will save you some time when you are presented with a form asking for your name, address, ZIP, phone, email, etc. Not only does it auto-fill these forms for you but it keeps all of that information secure.

Preferences allows you to change some options in LastPass, including automatically logging you out of LastPass after a certain amount of time, highlight form field boxes, and to show you your vault after you login. I usually uncheck the Show My LastPass Vault After Login since it is distracting and somewhat insecure. There are many other options – feel free to explore them and tweak LastPass to your desire.

Help will be the first place to go if you still have questions after this tutorial.

Tools includes some advanced tools that are included with LastPass, including importing passwords from other password managers and checking for LastPass updates.

Generate Secure Password will allow you to have LastPass gernate (and remember) a password for you. More on this in a second.

Go Premium allows you to add additional features, such as LastPass on your phone and better support.

LastPass Toolbar Menu

Using LastPass

To use LastPass, simply visit a site that you need a secure, random, and/or unique password for and get going! For this example I am using Pinterest.

LastPass Generate Secure Password Page 1

At the password prompt I can right-click and choose LastPass. One of the options is to generate a secure password. When I do this I am presented with a box that allows me to create a secure, random, and unique password. In this example you can see that the password generated is very difficult to remember. This is not a problem however because LastPass is going to remember it for me!

LastPass Generate Secure Password 2

If I click on the Show Advanced Options checkbox I can:

-Specify a password length,

-Choose which types of characters to use and whether or not I want the password to be pronounceable,

-Avoid Ambiguous (duplicate) Characters, and

-Require Every Character Type (A-Z, a-z, 0-9, and special/symbolic characters).

With a little tweaking I can get a password like this:

(One caveat – there is no universally-accepted method of password complexity. Some sites let you use spaces, some don’t. Some sites will say that you must use some special characters, some will not. Some even impose a character limit. Unfortunately it is up to you, the person signing up for the account, to make sure that the password meets the minimum password requirements, no matter just how arbitrary they may be. Luckily the advanced section below makes generating a password with these requirements much easier).

LastPass Generate Secure Password 3

To accept your password, choose Copy. You will be prompted that your generated Password will be saved to your Vault. You can then right-click in the password field, choose Paste, and your password is now set!

LastPass Vault Prompt

Once you fill out the rest of the form and choose Submit you’ll see the LastPass message bar at the top of the screen. This bar will automatically pop up when a password is used and ask you if you want to save the site. This is the method that you will use to add your established sites to LastPass.

LastPsss Save Site Message Bar

Clicking on the Save Site button brings up the Add LastPass Site box. You can change the name to anything you’d like. The Group is a box you can use to organize your sites. In this case I will leave the name as Pinterest and make a new Group of Hobby Sites:

LastPass Add Site box 1

I can also choose whether or not to have LastPass automatically log me in when I visit the site. Since Pinterest has a very low threshold of pain for me should it ever be compromised, I’ll choose to AutoLogin. Generally you want to avoid AutoLogin at sites like online banking, credit cards, etc. This will add a small layer of protection should someone get into your account and start clicking on your sites. They can still just as easily right-click and login with your saved passwords though in the login fields on those sites so it is always a good idea to lock your computer or log out of LastPass when you leave your machine. (You can lock your computer very quickly by pressing the Windows key + L at the same time).

Here you can see LastPass automatically logging me in:

LastPass Auto Login

As you start visiting your regular sites LastPass will begin prompting you to save the site after you successfully log in. I suggest doing this at first and having LastPass remember your password for you. as you grown more comfortable with LastPass you should start to change your site passwords with generated passwords.

On sites where your login is remembered, all you’ll need to do in the future is right-click on the username or password field (if LastPass hasn’t already filled them in), choose the LastPass menu item, and choose the option that corresponds to the site you are on.

You can also use LastPass to simplify the filling out of forms. After you fill out a form LastPass will ask you (via the message bar) if you want to save the entered information. You’ll need to create a profile and enter some personal information. I steer clear of sharing credit card information or my SSN – while I trust LastPass and the strength of my master password I do not trust myself to always remember to logout of LastPass or to leave my computer secured every moment of the day.

This is great and all, but what about the other computers you use? LastPass has you covered – it will remember all of those passwords for you! Simply install LastPass like we did above but instead of creating a new account simply login to your existing one. For shared computers you can access your LastPass password vault by going to http://lastpass.com and logging in with your master password.

I hope that this tutorial will help you to begin using secure, random, and unique passwords to keep your personal information protected.

It’s not always your computer that’s acting up

Outlook Not Responding

The other week I had a client whose email was locking up. Specifically, the email program, Outlook, would force close or lock up for seemingly no reason.

This particular client is pretty tech-savvy so I was a little concerned that this would be an issue above and beyond a simple fix. I don’t back down from a challenge but I like to fix things without having to backup everything up, restoring the operating system, and then putting everything back on. It’s just easier for the customer and technician to fix it without using the nuclear option.

During my initial investigation I found a few small problems but nothing that would account for the slowness I was seeing. On a hunch, I ran a speedtest on the client’s Internet speed and was astonished to find that the download speed was about .60 Mbps and the upload was .97 Mbps. Not only are those two values reversed (upload is generally lower than download by a significant factor) but they were extremely low given that she was on cable Internet.

I reset the customer’s modem since it had been running for about 6 months straight. I noticed that the modem was an older model that wasn’t being issued to customers anymore.

(A quick aside – when you call the help desk and they have you rest your cable/DSL modem and/or computer, many times it is a legitimate way to eliminate some issues. Other times it buys us technicians a few moments to figure out another path of troubleshooting. In any case, it almost never hurts to reboot.)

When the modem came back up the speeds remained the same. I diagnosed the issue with email as an equipment problem – the client simply was not getting the speeds from the cable modem that were supposed to be there and the email client was trying in vain to download emails on a pipe that was only a little faster than traditional dial-up. The cable modem, in this case, was the cause of the slowness.

As it turns out, I was right. The customer contacted the cable company. They came out, replaced the very outdated cable modem, and the problem with email and everything else was fixed! Of course it’s not always an equipment problem – it takes some experience and troubleshooting to diagnose that – but rest assured that it’s not always your computer that’s at fault.

What do you do when your Internet or email account is compromised?

This past week I have had two individuals contact me about their accounts being compromised. In one case it was their Internet provider’s account and, in another, it was Yahoo.com. Since this seems to be happening more regularly I thought I’d share some tips for those who may find themselves in this position.

The first thing you should do is contact the company that has your account. If it is your Internet provider, give them a call or, better yet, use an online chat to get your password changed. Once you have changed your password, login to your account and immediately change any secret questions and answers (or other password reset information, like your birthday, address, etc.) that you might have in that account! You will want to do this because the person who took over your account may have written down the answers or changed the answers to something that they can use to reset your password back again. Keep in mind that you don’t have to be honest in your answers – a simple Google search can reveal your high school, its mascot, the year you graduated, and the town you were born in. One fancy trick is to choose a question and then give a response that is meaningless to the question but is simple to remember. For example, if there is a question that asks for the name of your first pet, use your spouse’s name, or the name of a friend’s pet, or whatever you will remember!

You may also find that you need to change your language settings and other regional information. Overseas hackers will sometimes need to change the display language to match their region so they can read everything in your account and understand it.

And, it should go without saying that you should choose a strong password! Use a mix of UPPER, lower, numb3rs, and $ymbol$ to make your password as strong as you can. Also, you should never use the same password for multiple sites! I know remembering multiple passwords, let alone strong passwords, can be difficult. That is why I suggest using a password tools like LastPass. Lastpass can help you remember those passwords for multiple sites, generate strong passwords, and even log you in automatically across multiple computers. I use it on a daily basis and it makes life much easier. I will be writing an article soon about how to install, configure, and use Lastpass.

So why do criminals exploit your email account? Simple – it’s so they can send a large amount of spam from a once-trustworthy email account. Most email accounts that spew out spam are short-lived because Internet providers will shut them down soon after they are discovered. For this reason spammers are always looking for a fresh account to use. Since most email accounts also have an address book with the personal addresses of friends, contacts, and other people, the spammers essentially get a two-for-one deal. By the time you change your password (or your Internet provider shuts your account off) the spammer is already well along on a search for a new account to exploit and the cycle repeats itself.

So why spam? Again, it’s simple: spamming is a free and sometimes easy way to make money. While I certainly will never buy anything from a spam email, not everyone is as close-minded as I am. This wonderful article on TechRadar explains it well:

After 26 days, and almost 350 million email messages, only 28 sales resulted [from spam emails],” says the research paper.

Yet even with this apparently abysmal response rate of less than 0.00001 per cent, the researchers still estimate that [spammers] are still bringing in about $7,000 (£4,430) a day or $3.5m (£2.21m) over a year.

I think Dire Straits explains it best.