Just Doogit

Ransomware – What it may mean for the future of viruses

After consulting with a friend whose business was recently hit with a computer virus and the increased prevalence of this type of attack, I wanted to assemble some information to bring people up to speed, talk about some quick fixes that haven’t been compiled yet and speculate on what this may mean for the future of malware on the ever widening scope of the internet.

What is Ransomware?

Perhaps the most memorable cyber-hold-up in recent history involved the theft of enormous amounts of data from Sony in December 2014. We may remember the embarrassing details from emails, exorbitant executive salaries and leaked social security numbers of tens of thousands of employees that made the news cycle. What may be less apparent in recent memory is that the hackers offered Sony the chance to squelch the leak by acquiescing to its demand for cash.

Ransom note discovered in leaked email files (source: Mashable)

The concept seen in the Sony attack is the same as the ever more frequent hijackings of small business and personal information. The most prevalent type of ransomware infects your computer through a malicious link or email and uses strong encryption to lock important files on your computer. Often times the only resolution is to give into the demands of the malignant program and pay the ransom (typically in the range of $300-10,000). It is the equivalent of a shady character kidnapping your family photo album, work contacts, and important work files while promising they will return it if you drop a certain amount of ‘unmarked cash’ in a dark alley.

How do they get away with it?

Hackers use a lot of sophisticated techniques to mask their location, and then deal exclusively in Bitcoin along with services like Bitcoin Tumblers to anonymize their money trail. As the success rate for these attacks increases, so does the sophistication. Security experts who have analyzed the viruses consider the advanced techniques used to obscure their methods and collect payment to be at a level “worthy of any legitimate development in the corporate world” (Rick Howard, Palo Alto Networks). The following diagram explains the flow of the attack from beginning to end:

Anatomy of a ransomware attack. Source: Cyber Threat Alliance

Anatomy of a ransomware attack. Source: Cyber Threat Alliance

One version of Ransomware, Cryptowall 3.0, is reported to have extorted over $325m so far. The newest version of Cryptowall uses one of the strongest available encryption algorithms, RSA-2048, which is impossible to crack with conventional technology. The details are quickly lost in technical jargon, however an (over-simplified) visualization is to think of a very large combination lock to a safe with a numerical keypad. Encryption works by generating a (pseudo)random key using an encryption algorithm, in this case RSA 2048 bit. This is the largest of the RSA numbers and carries a cash prize of $200k for anyone who can factor it into two prime numbers. The number used to create the key is uncrackable because of how large it is–617 digits.

RSA-2048 = 2519590847565789349402718324004839857142928212620403202777713783

Computers are really good at solving complex math equations, but even the most powerful supercomputers out there cannot brute force their way through a number that large. In short, the encryption technology behind most ransomware is unbeatable. That is why it is important to get ahead of this growing problem and protect against ransomware attacks.

Ransomware Prevention and Damage Reduction

There are several methods used to either prevent ransomware viruses or in the event of an infection help to recover data.

  1. Backup, Backup, Backup – While not necessarily a tool to prevent ransomware, frequent backups are the most reliable way to control the damage caused by the variety of viruses. Since ransomware is constantly evolving due to the resources it extracts from victims, it will be near impossible to prevent every new variant. Similar to an intelligent response plan for other cyber threats, resources should be aimed at mitigating damage and recovering from attacks rather than preventing  every possible vector. It is important to always keep backups separate from the source, as ransomware viruses have been known to infect all connected drives. If an external backup drive is the only viable option, make sure the device is unplugged after each use to stop the virus from migrating to the backup. Additionally, most cloud storage providers now provide a few GB of storage for free with larger storage options at only a few dollars per month.
  2. Anti-virus software – fortunately most major anti-virus packages have started to integrate modules into their software which attempts to detect and prevent ransomware before it encrypts a large portion of a system’s files. Instead of scanning the computer for traces of known viruses, most modern prevention software monitors the behavior of a file system for anomalies in the file system.  If files are being quarantined and encrypted by an unknown tool, the anti-virus program will step in and kill the process. The top two anti-virus suites this year as ranked by PCMag were Kaspersky Internet Security and Norton Security. Those are a good place to start to protect against ransomware and viruses in general.

    Top Anti-Virus Suites for 2015 - Source: Dennis Technology Labs via PCMag

    Top Anti-Virus Suites for 2015 – Source: Dennis Technology Labs via PCMag

  3. Safe browsing habits – The Cyber Threat Alliance (CTA) report states that roughly 2/3rds of the attacks originate from phishing emails. These emails were consistent with other malware attacks, with filenames such as ‘internal’, ‘voice’, ‘fax’, ‘invoice’, etc. attached to inconspicuous looking messages.

Email containing CW3 attachment. Source: Cyber Threat Alliance

Example email containing ransomware attachment. Source: Cyber Threat Alliance

The other 1/3 of attacks came from exploit kits which are propagated through compromised web servers. No trends in link names or sites were identified; however it is important to note that attacks were only successful on vulnerable browsers. The surest way to prevent against these exploit kits is to download software updates as they become available.

3. Up to date software – This applies to both browsers and operating system updates. Frequent patches will keep most exploits from accessing a computer’s file system via a vulnerability. Windows can be configured to automatically update as important releases are made available. Browsers must be updated manually, so it is best to check the developer’s website regularly or use the ‘check for updates’ button in the browser’s toolbar.

Ransomware Removal

In a perfect world, it would never get to this point, but if it does, the main defense discussed earlier is to use a backup which is not infected. If that option is not available, or previous backups are also encrypted with the ransomware virus, there are still a few possibilities to remove ransomware.

On October 28, 2015 Kaspersky Labs released over 14,000 decryptor keys which can help unlock files encrypted by CoinVault and Bitcryptor ransomware variants. The application is 100% free an may offer a solution if the computer was hit with one of the cracked variants. Check out the tool by clicking on the Kaspersky Lab logo or link below.

Computers infected with the CryptoLocker ransomware virus (usually indicated with a ‘.7z.encrypted’ extension) unfortunately do not have a lot of recourse other than using backups. In a last ditch effort to remove without paying up, use the following removal steps:

  1. Install a robust anti-malware scanning package (recommend versions are Malwarebytes and HitManPro–both have free trial versions),
  2. Perform a first scan and second opinion scan (to be sure) and then do the same for backup drives.
  3. After scans have been performed and if the virus was able to be removed, move the old files over to the freshly scanned computer.

Alternatively, a more effective method is to wipe out the hard-drive completely and restore from an uninfected backup copy. This moethod is more likely to completely remove the virus and any headache associated with it.


What this may mean for the future of computer viruses

Now onto the good part.

[Quote from Daemon]

Wild conjecture about AI

Need to reform future developments in machine learning (AI code of ethics, 3 laws of robotics, etc.)


Whiteboard Desk-Under-the-Stairs DIY Project

So I’ve been doing a lot of designing, woodworking and building things lately. My recent project has been a whiteboard desk for the area under the stairs.

The project took A LOT longer than I anticipated, but I worked on it in fits and starts between work trips and vacation. I like that this type of activity turns on a part of my brain that wasn’t otherwise active. One that shows me it’s OK to start with a blank page and an idea and end up with a finished product. It’s a lot of hard work though. Such is life.

You should totally check out the full album I posted on Imgur here.

Desk Project Main Photo

New Condo and Renovations

Hey Guys,

Doogie checking in. Big news–I bought my first place and have started the fun part of the renovations which is ripping things apart. I will post some updates on the projects that we will tackle–most of them ourselves. The major renovations underway are:
1. Open up the kitchen by removing several walls
2. Move door frame by 6” to allow room for the fridge, install pocket door
3. Remove popcorn ceilings
4. Rip out 10′ interior concrete wall, install drywall over it
5. Sand down cabinets, replace cabinet doors with updated maple doors
6. Install new counter-tops in kitchen and bathroom
7. Various electrical work
8. Remove mirrors, repair drywall
9. Complete master bathroom remodel
10. Paint
11. Remove carpet, prep sub-floors and install hardwoods throughout
12. Update light fixtures and hardware

We have a contractor coming in to help with the difficult stuff–mainly drywall, framing, ceiling texture, and electrical work. We really lucked out and found some reliable helpers who will start next week.

See below for ‘before’ photos. Our budget for the entire remodel is $15k, which will keep the place within the limits of the market. Not looking to flip the condo, but will live in it for awhile and then keep it as a rental property.

Lastly, we set a goal of having all of this done by the end of the month. Let’s see if we can do it!

New Condo Living Room 2 Living Room 3Master Bedroom

PSA: Kids, stay indoors. Also my experience with the US healthcare system

UPDATE: The final total for the three hour visit at the hospital was just over $1,900. This is after the initial bill of $860 which should not have been more “unless other tests were ordered”. It is what it is… insurance covered roughly 80% of the bill, so other than the outrageous cost of medical care in the U.S. and the mediocre quality of care received (hte hand specialist laughed at the splint they had me in), I am OK with the situation.


I’m writing this with eight working fingers. My dangerous activities have finally caught up to me this Labor Day weekend. While I am a bit bummed that this happened, I am also a firm believer that everything happens for a reason.


~10:30 am – i injure my hand at turkey moiuntain on the downhill course. at first i think it’s still possible to ride it off, but since i can feel some moving parts in my hand where there usually aren’t any. I limp my way back the mile or so to the car and slowly make my way to an urgent care facility.

10:50am – The nurse at the Urgent Care Facility has some doubts as to where or not they will be able to treat me if the break is serious, so I weigh my options and decide to head to the St. Francis Hospital in Tulsa.

11:15am – I arrive at the St. Francis Hospital Trauma Center and check in at the front desk. I tell them that I am in a bit of pain, but that my injuries are not life threatening. At this point I’m not even sure that I am in the right place. Frankly I am a bit worried that this broken bone ‘is going to rack up an astronomical bill, and I voice this to the receptionist. He tells me that he “is not the billing department” and that since I am here he “might as well check me in”. Glad to see that no one is interested ‘in ;using the tools available correctly.
11:25am – A nurse named Cathy brings me back to my first waiting area where my vitals are taken and I  am asked a ton of questions, some of them new to me. Some interesting ones are: “Do you feel like your life has no purpose?” and “Do you feel safe at home?”, which weren’t really relevant, but it’s good to hear they are required to ask mental health and domestic abuse questions to everyone, even slightly clumsy bikers.

11:33 (9 minutes later): A male ER doctor stops by the room for around two minutes to take a visual look at  my hand, and immediately recommend an x-ray. The staff assure me that the next step will take place soon, so I hang tight in the room. Really, I am distracted by a flat screen monitor near my bed with a pretty interesting monitoing system that the hospital uses. Among other things, patients are listed in diffrent blocks of the hopital floorplan along with total wait time, their nurse and doctor’s names, as well as what I expect is an estimated time of completion for my room. This helps me keep track of time throughout my stay here.

11:38am: I am whisked to another room and hooked up to a machine which automatically monitors my blood pressure, pulse, and oxygen level. I check the monitoring system and see that the times on my assigned block have reset, and there’s now a blinking icon of a bone next t0 my name. Cathy comes back in and tells me that the doctor recommended a pretty heavy narcotic to relieve the pain. This surprises me a bit since I said I was at a 7 on the pain scale, so I ask if less drastic measures can be taken. I am also a bit worried about the cost, which is the probably the bigger deciding factor in the decision not to get legally high at the ER.

11:55am: The nurse comes back in and hands me two pills which she says are Loritab. I hang out in the chair usually reserved for visitors and play the waiting game.

12:40am: Two radiology techs find my room and wheel up a portable x-ray machine. Photos of the bones in my hand are taken from every conceivable angle, and some are taken of my wrist.

1:20: After another 40 minutes, a radiologist comes by the room with the results of the x-rays, on his iphone. His words, ‘this was not on my iPhone’. He’s pretty upbeat about the situation but doesn’t tell me anything besides ‘it’s dun’ broke’ and recommends that my hand is put into a splint.

1:35: A nurse comes in to splint me up. After three guesses, she finally gets the injury right. We’re putting a splint on you broken fingers? Your broken wrist? Oh, your hand is broken, I’ll cast the entire thing. I have to convince her that only the bottom two fingers should be splinted, and sure enough, she checks with the doctor to makke sure. My hand is put into a plaster cast which covers a straight line from my pinky to my elbow. The semi-permanent cast is then wrapped in not one, but two cloth ace bandages.  I look like the michelin man.

1:55: After some more paperwork they tell me I am free to go. It’s kind of confusing since I feel like I should owe someone something. I am a bit neurotic when it comes to these things, so I make sure to find the billing department.

2:15: After some considerable wandering around and many bad directions (does anyone know how this place is paid for?), the department is found and I get an  estimate on the cost. Bum-ba-bum! $860 before any additional fees are added on.

So what does $860 do for you in a hospital?

Entrance Fee

Two waiting rooms

One Hydrocodone

One minute with the ER doctor

Five minutes with an orthopedic doctor

Nursing care during your stay


Overall, I am not surprised. It was Sunday, I was worried about the alternatives and needed my hand fixed. Knowing what I know now, I absolutely did not receive better health care at the ER over an urgent care center. My hand specialist laughed at the splint I came in with and agreed that I would have been just as well off going to a clinic.

Just another lesson I learn in life.



Supplements visualized

Supplements visualized

Supplements visualized

reposted from informationisbeautiful

September Birchbox – An exercise in brand development


Is it possible to be under-whelmed? Yeah, I’d say that’s what I am feeling right now. Amidst all of the hype, I was ready to be fully impressed this month as I anxiously waited for the post-man. But like Calvin waiting for his copter-beanie, I was painfully reminded that hyping up a product too much can have negative consequences. All in all, it’s not a bad deal for $20 ($15 if you buy it annually), but there are a lot of filler items which will go unused. Hey, you can’t win them all, and I do have 11 more chances after this one.

Initial impressions and un-boxing:

The box was a bit smaller than I was expecting, measuring around 10” x 5” x 4” (check it out in the first picture, next to my newest toy, the GoPro Hero 3), but was professionally packaged and was a nice surprise on my doorstep. I opened up the birchbox outer packaging to reveal… yet another branded box, this one with a pull out drawer with its contents neatly packaged in tissue paper. This month’s theme? At least for my box, it’s “ADVENTURE READY” (#ADVENTUREREADY for all you tweeters out there, get your thumbs ready). The biggest prize, I guess, is the 10-issue free subscription to Men’s Health magazine. One that I used to frequently buy at airports, but found that the internet works just as well for no money at all. At least it’s a solid magazine, and one I am interested in. Inside another mini-burrito sized package is also:

  • Hanz de Fuko – Quicksand (hair product?) – Sample size
  • Vitaman Grooming Cleanser (face wash) – 1.7 oz (50ml)
  • Ernest Supplies – Cooling shave cream – 0.3 oz (8ml)

Alongside the other goodies, is a Los Angelas ‘LUXE City Guide’, and a since this is an ‘adventure’ themed Birchbox, a passport carrier made by a company called ‘Men in Cities’. At least I think it’s a passport wallet, my passport refuses to slide fully into the right pocket.

Overall, I think the passport wallet and the Hanz de Fuko hair product show some promise. The rest I am going to need to grow into.

What I like about it:
Great packaging and consistent branding throughout. I am always fascinated by companies which are able to shape their products with a unique style. I am very impressed by how well the packaging and color palette were put together, and that everything arrived neatly despite traveling some 1,500 miles to get to my house. The samples definitely cause me to branch out into areas which I would not have bought products. Usually I am very routine oriented, so maybe this will help me break out of that and try something new.

What could be improved:

There were no descriptions in the box. OK, sure, this looks a like tiny-sized version of the hair product I currently use, but it could also be lip-balm (manly lip-balm?). Even if it had a piece of paper that said ‘go to to find out more about your box, that would have been helpful.

There was also a lack of relevancy. Are there really travelers out there who carry their passports without a wallet? I get that the Men’s Health subscription is supposed to tie into the adventure theme, but the rest of the items I am not sold on.

Overall, I like the variety, but I am not sure if I would recommend this to a friend at this point.

Costa Rica


Dear Diary,

Alright so here’s the low down. Down low? Whatever the kids are saying nowadays. For shizzle. The flight in was pretty uneventful except for a guy with some serious aggro issues. I spotted him in the Atlanta terminal wearing a tweed blazer from 1985 and a visor with a gator emblem. He had his wife and kids in tow who looked pretty upset to be vacationing in Costa Rica. Rough life. I usually fly standby so that I can avoid planning anything ever, which means that I board last and have to scrap for a  place to store my carry on baggage. My very brief interaction with Mr. Charmer goes something like this:

I get up from my seat and look toward the back of the plane as everyone is shuffling their belongings and getting ready to de-plane. I meet my new charmer of a best friend, who I will refer to as Chaz. I have never met a Chaz I liked.

Kevin: Hey, my bag is somewhere a few rows back.
Chaz: That’s a real bummer man.
K: Do you think I could squeeze past you to grab it?
Chaz: I dunno, can you?

There’s an awkward moment as I stare at him to gauge whether or not he is joking, then I pat him on the shoulder as I wedge myself between him and the seat. There’s not a lot of room, and he’s not budging, so you can imagine how fun a process this is proving for the both of us. Whatever, Chaz, you asked for it. Looks like I will make it to San Juan, Costa Rica with only that minor speed bump.

The heat is stifling as we exit the airport terminal. Angie describes the humidity as feeling ‘like a blanket’, while I compare it to having a wet towel over ones face. Walking out of the airport in San Juan is a bit like being accosted by the paparazzi. Locals shout and paw at us as we walk through a crowd of taxi drivers, tour guides, and money changers. I am most surprised that even the Dollar Car Rental employees are attempting to sell cars by shouting at us. While most look harmless enough, we decide to take our chances at scoring a ride away from the action. We are especially wary after our trip to Belize last year. While significantly more third-world, we found that Belize’s locals offered help only to panhandle. Using my very broken high-school Spanish, I ask a A refreshingly nice Costa Rican man helped us easily locate an ATM upstairs near the departure gate. The exchange rate, however, requires some mental acrobatics. I decide that the easiest way to convert to USD is to drop three digits and double it. Easy enough!

The bus station is pretty non-descript and a lot like other developing countries. A brightly colored waiting area in an open steel building brimming with locals. We stick it out for an hour for our bus to Quepos before we see a direct route next to it. “Is it expensive”we ask. “Yes it is” the boleteria man says. “How much more?” we inquire. “500 colognes”. A dollar. A dollar for an hour saved and less of a headache since we will be arriving in Manuel Antonio, our destination, instead of Quepos. I guess expensive is relative.

San Juan - Coca Cola Autobus Terminal

San Juan – Coca Cola Autobus Terminal

The bus ride itself has been gorgeous. Sweeping landscapes full of dense forests with massive elevation changes. Some how the three hours flies by without much of a hitch. As I say that, we now have company. An innocent looking girl with Downs sits across the aisle from us and I thought it would be a good idea to smile at her. Turns out that was not a good idea. We are now best friends. She moves to the seat in front of us and is completely turned around.  She wears a huge smile on her face, and sits happily smacking her chewing gum while staring in our general direction. Not at us, but just kind of, near us. It’s quite cute for the first five minutes, then it becomes obvious that this is not going to stop any time soon. There are no words. Literally. That’s not a saying I am using. Angie and I have have not spoken except for the occasional glance to acknowledge the awkwardness of the situation. I consider GoPro’ing the interaction since no one will believe us, but decide against it since it may come off mean. In the end, I realize that the girl’s mom has the patience of a saint and wave off the situation as nothing more than dealing with the locals on public transportation.


We arrive in Manuel Antonio no worse for wear and stop to watch the end of a soccer match between the two neighboring towns (Quepos and Manuel Antonio). At this point, we are still wary of people pestering us and I almost wave off a kind man who helps us find the correct bus to our hotel. I stop to pick up a few very necessary beers at the local convenience store and we go on our merry way. Onward to the bus stop, and to a very hazardous walk to Hotel de Gaia, since pedestrians do not have the right of way in Costa Rica.

The hotel is nothing short of spectacular. From the moment we step on the property, all of our needs have been methodically anticipated and taken care of. A man named Fabio takes our names and whisks us to the top of the hill in a golf cart, where we are greeted with fresh fruit juice and our bags are taken to our room while we fill out the paperwork. A quick tour of the hotel includes a stop at the Spa, where we learn that a 20 minute massage is included with the stay. The restaurant offers a breathtaking view of the lush rolling hills which only stop at the Pacific Ocean. There’s  no doubt about it, this is a beautiful country. We watch what remains of the sunset and head to our room. The room is what you would expect of a hotel of this caliber, but includes a view which is anything but ordinary.

Angie and I awake the next morning just after 5am to catch the sunrise on the panoramic top story of the hotel. The top floor seems like a missed opportunity, but maybe we don’t have the full story. The only things on the roof are a few sticks and the occasional bird which joins us for a minute. The sunrise is almost as gorgeous as the sunset the night before, and after we retire to our rooms to prepare for the zipline tour.

Free breakfast is never a bad thing, and in this case, it is awesome for even paid breakfast. I devour a plate of huevos racheros, while Angie nibbles on a traditional Costa Rican breakfast of rice, beans, and friend plaintains. More fruit, senor? Of course! More fresh pineapple juice? Why not. By the way, here’s the bill for this amazing breakfast. It’s zero dollars and zero cents. I leave a hefty tip of 5,000 colognes. Sounds like a lot, but in reality it’s only $10 and will do well to support the four or so staff waiting on us for breakfast.

At around 8am, a shuttle arrives at the bottom of the hotel property to take us to today’s tour. The guide makes short work of the trip by offering up his knowledge of the area, throwing a vast assortment of historical and biological anecdotes at our ears. Our group is really what makes the trip. In this case, we have two married couples who have just turned 60 and a spanish-speaking asian man from California with his two sons. The Asian man is stereotypically attached to his camera phone (like I am attached to my camera like a Asian man), and you can tell he just wants to capture this exciting adventure with his sons. I am really bad at being able to tell when Asian people are happy. I think it has something to do with their lack of wanting to publicly display emotions. But I catch a smile or two from them during this very epic journey though the rain forest via high-speed pulley system. The two married couples are very unique. One of the wives admitted that the trip to Costa Rica was somewhat of an existential crisis, after realizing that they needed to reclaim some excitement in their lives. They were very interested in the camera equipment I brought, so I offered to email them a link to the videos when they are ready. Even Angie was a character to observe. She conquered her fear of heights like a champ, which of course furthered my belief that there is nothing she cannot do. The  canopy tour itself was exhilarating and gave us a number of vantage points which would otherwise not have been available. Plus there’s the fact that you are rocketing down a cable at 50 mph while staring into a section of dense forest which can only be found in a few places on this earth. The guides were enjoyable to be around and made the trip even more unforgettable. Paulo carried a DSLR camera and snapped some shots that even I, an amateur yet prideful photographer, could not have capture.

We rappelled down the last platform just in time to miss the daily afternoon shower, or in today’s case, the afternoon monsoon. Our delicious lunch was prepared by two CR women who looked like they knew their way around a pot of black beans and rice. We buy a photo CD, make the drive back to Manuel Antonio, and bid farewell to our brief but close new friends.

As I sit writing this I am surrounded by greenery. I had no idea that as a colorblind person I could see so many shades of green. Different trees, bushes, grass, and leafs cover an expanse of hills that would make Southern California jealous. Anything that is not green is either blue or white, which paints a colorful picture that I will save in my mental scrapbook. All the while a torrential downpour threatens my stronghold under a pop-up umbrella on the edge of the exposed hanging deck. It takes quite a bit of dripping before I realize that maybe it’s not the best idea to be writing part of my story on an electronic device in the middle of what may be the hardest rain I have experienced. What I lack in intelligence I make up for in… I dont know… determination? Certainly not height or wit. The rain continues for the rest of the day while I camp out and meditate on the sights, sounds and smells of the scenery.

items to remember for future travelers:
Take a taxi with a meter to the Estacion autobuses, terminal CocaCola
Use the direct route Manuel Antonio (its only a dollar more and saves an hour)
The bus can drop you by your hotel, if it’s on the way, so either plan ahead, or beon the lookout
MidWorld tours has an agreement with some hotels and will pick you up right from where you stay
It will most likely rain every afternoon during wet season. Either plan your activities before noon, or plan on getting wet

© 2015 Doogit

Theme by Anders NorenUp ↑