I got hacked again this past week. I had the week nicely structured to stay in my office and get lots of work done. Things I had been trying to complete for the past couple week. This is the second time I have been hacked with this computer and I have only owned it for 3 months. So the first hack involved someone diverting my email for 6 hours. I could not get it back, but I stopped the diversion (I think) with the help of ATT. Who knows what information was transmitted other than a lots of what is really spam.
Ok, so then I start getting these phone calls from “Microsoft Windows” noting errors they are receiving from my computer. Now most you recall that Microsoft used to ask if you wanted them to be notified of errors, but since everyone said yes, they now just do it automatically. Mostly the “Microsoft Windows” guys left messages on my cell phone since that is the number registered with Microsoft. I picked up the phone one time, but the “Microsoft Windows” guy could not tell me which of my computers was sending the messages (I have more than one).
But that did not stop the calls which have accelerated of late. So I get another call that I answer (from a number in Washington state) from “Martin” with “Microsoft Windows” who, without accessing my computer, knows over 9,000 errors had been sent, starting the day I bought the computer. He also knows the software serial information, computer serial numbers, etc., all of which he can recite over the phone and ask me to check to verify he is with “Microsoft Windows” because otherwise he would not have that information. And then he notes that because the 25 digit codes for Windows 8 is not visible, “Microsoft” will cause a key lock on my computer – a message that I again could verify without him accessing the computer. And of course that’s how he tries to convince me he is calling from “Microsoft Windows.”
NOTE: Miscrosoft DOES NOT Call you – it is a scam (see the internet). So I have the hacker on the phone. He emails me his info (of course he has my registered email like everything else), which I note says pcsync.org, not “Microsoft Windows.” I asked and I was suddenly disconnected. And within the hour, the computer is locked. Clearly the acceleration of calls was because the hackers knew about the key lock because they installed it and they want to get to the last minute. Now Martin called back about 20 times in the next 2 hours trying get me, but the number he left is not valid (despite his website listing it). And of course he will fix the problem for $239 plus whatever else he can sell you. That’s the hacker scam – create a problem than get you to pay to fix it.
And when it locks – the result is a window that asks for Startup password – which Microsoft will tell you, indicates you have been hacked. Except, then Microsoft says they need the 25 digit code for the operating software to fix your computer. “But you need to get that from Dell” even though Dell only loads the software – you need to register it with Microsoft to make it work. So I called Dell, and the first person says sure they can give it to you, but the second “no they need to send CDs.”
OK they are both wrong. With Windows 8.1 the code is not on your computer if pre-loaded. And of course Dell does not give you a recovery disk when you buy it. Dell knows about the code. So does Microsoft. So an hour plus wasted there with two good organizations who clearly do not communicate. So I am shut out of the new computer and the email.
Good news though is that maybe 10 years ago I was advised by Gateway (the old cow computers) to use iyogi.com to fix a prior issue. So 13 hours later and lots of time with Amit, we are sort of back up running. And of course iyogi knows about the code issue that Dell and Microsoft mis-advised me on and told me the story above. And yet we both wondered how pcsync.org (the hackers) was tracking my computer error messages to Microsoft from day 1? Have they hacked Microsoft? Dell?
And the next day one of my friends, in talking about this says – “Hey wait, I keep having pop-ups for pcsync on my computer also.” And later in the day, another says the same thing –“ pcsync is on mine too.” And neither has a Dell – but they do have Microsoft Windows 7 or later. And makes me wonder, who is taking responsibility for protecting the consumers here? Clearly the computer manufacturers do not take responsibility. Maybe they can’t. Microsoft doesn’t appear to either, so that leaves us . . . . . vulnerable. Mr. Gates you have a great operating system, but this problem costs us lost productivity, money, time, irritation…even when you have all kinds of anti-maleware and anti-virals on your computer. If the hackers can get in day 1, how do you stop that? And apparently the maleware doesn’t see it (hint).
So the questions:
- Does “Microsoft Windows” know about this?
- If so, why have they not fixed it?
- Do the computer manufacturers know this issue occurs?
- Why have they not talked to Microsoft about it?
- Why doesn’t the maleware address it?
- How are they getting in?
- Is Microsoft hacked – perhaps the biggest hack of all?
- And why have the internet police addressed pcsync and their ilk? It is all over the internet!!!!!
Clearly the penalties for hacking are not nearly severe enough. And from a law enforcement and cyber security perspective, we clearly lack the resources to protect individuals, so beware!
And if you see pcsync – call iyogi or someone who can help. Quickly!!
There is an interesting ethical issues that arises in this discussion also. Engineers are entrusted to protect the public health, safety and welfare. When there were few people, projects did not impact many so little thought was given to the “what could possible happen” question. We are still paying for that. Now that there are more people, conflicts become more likely and more frequent. Most times engineers are not asked to evaluate the unintended consequences of the projects they build. Only to build them to protect the public health safety and welfare while doing so, but from a specific vantage point. So if you know a project will create a long-term consequence, what action should you take? There are many water supply examples, where we have engineered solutions that have brought water or treated water to allow development. South Florida is a great example – we drained half a state. But no one asked if that development was good or appropriate – we drained off a lot of our water supply in the process and messed up the ecological system that provided a lot of the recharge. No one asked in the 1930 if this was a good idea. Designing/building cities in the desert, designing systems that pump groundwater that does not recharge, or design systems that cannot be paid for by the community – we know what will happen at some point. So the question is whether there is a conflict between engineers meeting their obligations to the public and economic interests in such cases?
And finally, when considering the ethical issue: