Prevent RansomWare Attack

The world witnessed a massive cyber attack on 12th May 2017 – specifically known as WannaCry Ransomware which encrypted files in over 225,000 computers worldwide. It was based on EternalBlue exploit of Windows OS implementation of Server Message Block (SMB protocol). The vulnerability was first ‘discovered’ by NSA and Microsoft released a security patch in March itself.  It spread like a wildfire but collected comparatively little money in Bitcoin for the perps. It looked like a dryrun for an eventual assault on computers in specific targeted countries.

Ransomware Attack

There is no reason to conclude that such assaults on the Windows system would be self limiting as it happened in this case in future. It stands to reason that unless you take all due diligence in securing your computers, you might find your computers rendered useless at any time.


decrypting files

Protection of your system hinges on how you treat your system. No amount of Anti-virus, anti-Malware software is going to replace a well designed proactive plan to secure your system. This article is borne out of decades of years of experience in securing computers.

1. Periodic Backup : Depending upon the usage, create a backup at least everyday. If your files are mission critical, it is essential to have monthly, weekly and daily backups.

When you use a backup, make sure that the backup is read only. Other things being equal, I would choose a Linux file server for one of the backups. Linux provides several options to lock down using a combination of permissions and mounting. This way we can ensure that once the backup is created, it can’t be written again preventing data corruption.

2. Ensure that the OS and the software you are running are current and patched. If you are using Windows – make sure that at least Windows Defender is enabled and active. if you are on Windows 10, make sure that the service Windows Update is set to automatic and not disabled. Many power users disable this to prevent undue latency. Windows Defender will not update its virus database if this service is disabled.

3. There is a saying in the espionage industry – ‘Trust No one’. It applies to us as well. Things are not what they seem. If you are on Windows, take the first step of checking file extensions from Windows Explorer. Windows tries to hide the file extension in a default installation. You need to enable it to view file extensions. This helps you see if a file masquerades as a document file with the extension of .doc while it has a real extension of .exe: sinister.doc.exe
Whilst at it check the type column for probable file type as what Windows thinks. Don’t take the word of Windows for it.


Reveal file name extensions

Do Not count on email service providers to check your email attachments for Malware. There are dozens of Malware masquerading as genuine attachments which can pass the peremptory scrutiny of the generic anti virus software of the email service providers. Make a mental note to delete a mail as per the rules below:
Rule 1 : If it purportedly comes from people you know – when they have no need to attach any attachments.
Rule 2: If it purportedly comes from some celebrities. It may temporarily boost your ego to get mails from Celebrities, but chances are they don’t know about you and the mails actually come from hackers who use social signals to smuggle in their nefarious payloads. I have been getting ‘mails’ from all – from the Pope himself down to the President of the US.

Use a separate computer for potentially dangerous activities: -like checking emails, browsing unknown sites, socializing activities. Before you do all that, make a clone of the OS and store the disk separately. Every few days, just purge the existing OS from this computer and recreate the OS from the clone. This computer has no privilege to connect to the main computers. If affected by any Malware or virus, it can’t spread to other computers.

If you have only one computer that needs to multitask, create a Virtualbox and install a Windows in the Virtualbox. Once the Virtualboxed Windows is working as per your needs, copy the .ova file in a separate directory. You can purge the existing Virtualboxed windows at regular intervals and recreate another instance from the .ova file.
This way you have a Sandboxed computer that can’t mess up your precious regular Windows. Remember – a really Secure Computer has no connection to outside world.


Windows 10 Edge Browser

Windows 10 now has the new Edge Browser, named after the EdgeHTML layout Engine which appears to outperform all other current browsers – albeit with its own limitations. Microsoft says that the new browser is developed from scratch and complies with the web standards. Before the Windows 10 Anniversary Update, Edge has many ‘new’ features:

1. Make Web Notes : You can highlight, add comments, create box in the color of the available choice and save the notes. Whilst at it, you may also share your Web Notes in – OneNote, Mail or Messaging.


2. Reading View: You can check out only the content with out the trappings of Ads, Images and other normal paraphernalia of a typical website – a feature borrowed from Apple Safari. In this mode, you get to see a bare bones text only version without any clutter – probably a useful feature for a lengthy article.


3. Using the digital Assistant Cortana: Now the Edge Browser is hardwired with Microsoft’s personal digital assistant which can tell you something about the highlighted text. Cortana can make connections with available text resources in your connected devices and with information supplanted from its Bing Search Engine can help you plan your itinerary if you are traveling, or help you source the ingredient for the recipe you are searching.

Edge Browser Options

Edge comes with other surprises as well – it can read PDF without any plugin. I wanted to check out the resource usage of the browsers running in my Windows 10 Pro Computer. As expected Edge has the lowest usage of resources : from memory footprint to CPU usage.


Resource usage for Edge, IE 11 and Firefox

Edge used only 26.4 MB when compared with its sibling Internet Explorer 11 which took 49.4 MB, this is probably the lowest memory footprint. On the other hand, the regular FireFox 41.0.1 took upwards of 680 MB. It doesn’t stop there – the stability of the browser when the open window has a page which keeps loading additional components is an important factor. Firefox appears to be the most prone to crashing in this list of browsers. Internet Explorer 11, we have noticed from the Windows 7 days, has been stable in the face of many problematic pages. Edge carries this trend forward and remained robust when I loaded pages which caused issues with Firefox.

Normal legacy IE 11 still does duty in Windows 10. You can start Internet Explorer 11 many ways. Type into ‘Search the web and Windows’ the word – Internet and you will see the Internet Explorer as a Desktop app. Or fire your default Edge Browser and navigate to the site you want and from there click on the Ellipsis (three dots) on the top right and select ‘Open with Internet explorer’.
Internet Explorer 11 - starting

When you see their application status if you ALT + TAB you could make out the difference – the old IE 11 is in a lighter blue compared with the new Edge which appears in a dark blue ‘e’.

Edge Browser identifies itself like this:

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2486.0 Safari/537.36 Edge/13.10586

Internet Explorer identifies itself as :

Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko

in my version of Windows 10.

The bottom line is in Windows 10, Edge has the edge over other browsers – in terms of stability, speed and lower resource foot print.


Home Automation – Step by step

Home automation is the technique of controlling networked appliances and devices from anywhere and from an easily accessible control center. This helps to control your home   – with better convenience, better control, saves money and time resulting in a smarter home.

The concept of Home Automation is nothing new. It has been around for a long time. I have used X10 products well over a decade ago. You start with compatible devices which you control with a hand-held remote control. At that time, you used RF frequencies with limited range to control your plugged in devices.

Now there is a wide range of options.

Apple’s HomeKit “is a framework for communicating with and controlling connected accessories in a user’s home.” Google’s Nest ties together devices that “work with nest” for orchestrating personalized comfort, safety and energy savings.

Home/Office automation at the current level of net connectivity implies networked devices and control units which can accept scheduling and interactivity making our lives easy and ‘predictable’.

We started with the premise that our home automation system should  :
a.  Be Reasonably priced
b. Use existing resources as much as possible
c. Ideally use Open Source Products/Software

We hunted for Wifi-enabled devices which we can orchestrate with our simple home-brewed control unit. We spotted this Kankun Wifi Switch costing about US $ 18/- . For a fistful of dollars we can have 5 devices hooked to our control system and we don’t need to bring out our soldering iron at all. So here is what we did:

What you need:

1. Control Unit with Net connectivity
2. Few Wifi Switches
3. Your Mobile Phones/Desk top Browsers

Wifi Switch / Smart Plug

We decided to use the ubiquitous linux box which anyway worked as a NFS server, Router and Firewall – for our control unit. In case you don’t have one linux box conveniently around, you could use a Raspberry Pi. Our Linux box is running on CentOs and to tell you the truth it is getting a little longer in the tooth.  It was built about 6 years ago and uses AMD Athlon 1.9 GHz Processor and 2 GB RAM mated to a 1 TB hard drive. It serves its job very well. That is just to give you an idea that your control unit need not be the latest flashy hardware for this kind of task.

We didn’t have to reinvent the wheel for the Wifi Switch. The folks at Google Group ‘Kankun wifi switch plug‘ have done the heavy lifting for us – CGI scripts, techniques to hack into the Switch and plenty of information on the device.

This Switch uses a Qualcomm Atheros AR9331 processor which is a highly integrated and cost effective 400 MHz System-on-a-Chip (SoC) mated to 32 MB RAM. It uses a relay rated at 10 A (250V) to control the plugged in appliance.

Here is what we found when we logged in:

root@koven:/etc/config# df -h
Filesystem                Size      Used Available Use% Mounted on
rootfs                    1.0M    304.0K    720.0K  30% /
/dev/root                 2.0M      2.0M         0 100% /rom
tmpfs                    14.2M     68.0K     14.1M   0% /tmp
/dev/mtdblock3            1.0M    304.0K    720.0K  30% /overlay
overlayfs:/overlay        1.0M    304.0K    720.0K  30% /
tmpfs                   512.0K         0    512.0K   0% /dev


cat /proc/cpuinfo

system type		: Atheros AR9330 rev 1
machine			: TP-LINK TL-WR703N v1
processor		: 0
cpu model		: MIPS 24Kc V7.4
BogoMIPS		: 265.42
wait instruction	: yes
microsecond timers	: yes
tlb_entries		: 16
extra interrupt vector	: yes
hardware watchpoint	: yes, count: 4, address/irw mask: [0x0000, 0x0580, 0x0610, 0x00c0]
isa			: mips1 mips2 mips32r1 mips32r2
ASEs implemented	: mips16


root@koven:/proc# cat meminfo
MemTotal:          29060 kB
MemFree:            8892 kB
Buffers:            1736 kB
Cached:             5760 kB
SwapCached:            0 kB
Active:             5232 kB
Inactive:           4288 kB
Active(anon):       2072 kB
Inactive(anon):       20 kB
Active(file):       3160 kB
Inactive(file):     4268 kB
Unevictable:           0 kB
Mlocked:               0 kB
SwapTotal:             0 kB
SwapFree:              0 kB
Dirty:                 0 kB
Writeback:             0 kB
AnonPages:          2040 kB
Mapped:             1864 kB
Shmem:                68 kB
Slab:               4732 kB
SReclaimable:        976 kB
SUnreclaim:         3756 kB
KernelStack:         320 kB
PageTables:          280 kB
NFS_Unstable:          0 kB
Bounce:                0 kB
WritebackTmp:          0 kB
CommitLimit:       14528 kB
Committed_AS:      13480 kB
VmallocTotal:    1048372 kB
VmallocUsed:        1520 kB
VmallocChunk:    1043424 kB


dmesg (Snip)


Linux version 3.10.26 (zhaoyuanbiao@ubuntu) (gcc version 4.6.4 (OpenWrt/Linaro GCC 4.6-2013.05 r39365) ) #44 Tue Jul 29 11:44:32 CST 2014
 MyLoader: sysp=00d73bc7, boardp=ed0c292e, parts=97cba183
 bootconsole [early0] enabled
 CPU revision is: 00019374 (MIPS 24Kc)
 SoC: Atheros AR9330 rev 1
 Clocks: CPU:400.000MHz, DDR:400.000MHz, AHB:200.000MHz, Ref:25.000MHz

The manufacturer has thoughtfully provided with Android/iOS app to control the unit. We found that it is better to deploy these switches directly through command line mode.

Our devices came with the following default values:
default ip:
default username/password is “root/p9z34c”

You need to set up the device after plugging it in and resetting it:

Wait for 20 seconds till the blue LED starts to blink slowly.
In case if it fails to blink –  press the small thumb Switch for about 4 seconds and the switch will reset to factory default setting.

Now login to the Wifi Router using the default values given above through SSH.

You will be greeted with this:

Wifi Smart Plug Login

Once you are logged in set up the wifi switch as per your Home Wifi Router:
Add to this file: /etc/config/wireless

config wifi-iface
option device radio0
option network wwan
option ssid 'YOUR SSID'
option mode sta
option encryption psk
option key 'Preshare Key'

Modify the file : /etc/config/network

config interface 'loopback'
	option ifname 'lo'
	option proto 'static'
	option ipaddr ''
	option netmask ''

config globals 'globals'
	option ula_prefix 'fdb4:4233:8f63::/48'

config interface 'lan'
	option ifname 'eth0'
	option type 'bridge'
	option proto 'static'
	option ipaddr ''
	option netmask ''
	option ip6assign '60'

config interface 'wwan'
	option proto 'dhcp'

config interface 'stabridge'
	option proto 'relay'
	option network 'lan wwan'

Now create a file relay.cgi here: /www/cgi-bin/

Add the following to the file:

echo "Content-Type: text/plain"
echo "Cache-Control: no-cache, must-revalidate"
echo "Expires: Sat, 26 Jul 1997 05:00:00 GMT"
case "$QUERY_STRING" in
case "`cat $RELAY_CTRL`" in
0) echo "OFF";;
1) echo "ON" ;;
echo 1 > $RELAY_CTRL
echo ON;;
echo 0 > $RELAY_CTRL
echo OFF;;
case "`cat $RELAY_CTRL`" in
0) echo 1 > $RELAY_CTRL
echo "ON";;
1) echo 0 > $RELAY_CTRL
echo "OFF" ;;

After you are done set the file to execute mode : chmod 755 relay.cgi

Now you add the html file here: /www/index.html


*{ margin:0; padding:0; }
html, body{ height:100%; }
body{ font:15px/1 arial; text-align:center; background:#FFFFFF; }
body:before{ content:''; display:inline-block; height:100%; vertical-align:middle; }
border:2px solid #102838; border-radius:7px; display:inline-block; vertical-align:middle; font-weight:bold;
width:90px; height:100px; position:relative; margin:0 5px;
color:#12678C; box-shadow:0 0 5px rgba(255,255,255,.4);
.checkboxControl2 input{ position:absolute; visibility:hidden; }
.checkboxControl2 > div{
background:-webkit-linear-gradient(top, #002B44 0%, #0690AC 11%, #038EAA 14%, #A0F2FE 58%, #91DBE7 96%, #B9E8E8 100%);
background:linear-gradient(to bottom, #002B44 0%, #0690AC 11%, #038EAA 14%, #A0F2FE 58%, #91DBE7 96%, #B9E8E8 100%);
height:100%; border-radius:5px; line-height:50px; z-index:1; cursor:pointer; text-shadow:0 1px rgba(255,255,255,0.5);
.checkboxControl2 > div:after{
content:'ON'; display:block; height:50%; line-height:4;
transform-origin:0 0; -webkit-transform-origin:0 0;
.checkboxControl2 > div:before{
content:'OFF'; display:block; height:50%; line-height:2.5;
box-shadow:0 8px 12px -13px #89DFED inset, 0 -2px 2px -1px rgba(255,255,255,0.8);
transform-origin:0 100%; -webkit-transform-origin:0 100%;
transform:scaleY(0.7); -webkit-transform:scaleY(0.7);
.checkboxControl2 :checked ~ div{
background:-webkit-linear-gradient(bottom, #002B44 0%, #0690AC 11%, #BFD6EA 14%, #bfd6ea 58%, #BFD6EA 96%, #B9E8E8 100%);
background:linear-gradient(to top, #002B44 0%, #0690AC 11%, #038EAA 14%, #A0F2FE 58%, #91DBE7 96%, #B9E8E8 100%);
.checkboxControl2 :checked ~ div:before{
border-radius:0; box-shadow:none;
transform:none; -webkit-transform:none;
.checkboxControl2 :checked ~ div:after{
box-shadow:0 -8px 12px -5px #89DFED inset, 0 2px 2px 0 #0690AC;
transform:scaleY(0.7); -webkit-transform:scaleY(0.7);

.checkboxControl2 .indicator{ position:absolute; top:45px; left:32px; width:25px; height:8px; box-shadow:0 0 8px #000 inset; border:1px solid rgba(255,255,255,0.1); border-radius:15px; transition:0.2s; -webkit-transition:0.2s; }
.checkboxControl2 .indicator:before{ content:''; display:block; margin:2px auto; width:8px; height:5px; border-radius:10px; transition:0.5s; -webkit-transition:0.5s; }
.checkboxControl2 :checked ~ .indicator:before{ box-shadow:0 0 2px 0px #F95757 inset, 0 0 12px 6px #F95757; background:#FFF; transition:0.1s; -webkit-transition:0.1s; }
var timerx = setTimeout(function(){ switchx("state"); }, 9000);
function switchx( cmd )
if ( timerx ) clearTimeout(timerx);
var relay = new XMLHttpRequest();'GET',"/bin/relay.cgi?"+cmd, true);
relay.onreadystatechange = function()
if( relay.readyState == 4 )
if ( relay.status == 200 )
if (relay.responseText.indexOf("ON")>=0)
$('cbox').checked = true;

$('cbox').checked = false;
timerx = setTimeout(function(){ switchx("state"); }, 9000);
function check(checkbox)
if (checkbox.checked)
function $(id) { return document.getElementById(id); }
<body onload="switchx('state')">
<label class='checkboxControl2'>
<input type='checkbox' id="cbox" onclick="check(this)" />
<span class='indicator' id="Lnav"></span>

The above CGI script and the  html file were adapted from somebody’s work. I am sorry that I can’t find their names to give the credit where it is due. I apologize for any acts of omissions and commission.  


With that we are done with the Wifi Switch. Your Home Wifi Router should allocate Dynamic IP address to the individual Wifi Switch. If your Wifi Router allows you to set the DHCP static IP table, then add the respective MAC address and the IP address to each Switch individually so that the same IP address is served by the DHCP server to the same Switch.

Now to control the Switches from outside, you need to forward the IP Address/Port in the Wifi Router. In our case, I have forwarded one switch like this:

Router Forwarding
Now you can control the devices plugged into these switches directly like so:

Home Automation from Desktop

To control individual Switch : Point your Mobile browser to: your external IPaddress:forwarded-port/

Here is a screenshot of an iPhone:

Home Automation iPhone
To control a group of Switches: add the following to your linux control box in the document root:


<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "">
  <title>Master Control</title>
 body{margin : 0; height:100%; 

    font-family:arial, Helvetica, sans-serif;
    margin:20px 0 0 2.5%;
    box-shadow:0 4px 5px #ccc;

@media all and (max-width:950px){{
       margin:20px 0 0 2%;

display : block;float:left;
height : 200px;
width : 30%;
color : #000090;
font-family : arial, Helvetica, sans-serif;
font-size : 14px; text-align : center;
text-indent : 20px; 
 <meta name="viewport" content="width=device-width, initial-scale=1.0">

 <body onload="start()">
 <div class="container">
 <div class="box">
 <iframe src="" frameBorder="0"></iframe>

 <div class="box">
<iframe src="" frameBorder="0"></iframe>

<div class="box">
 <iframe src="" frameBorder="0"></iframe>

To schedule a routine timer for a device: Create a cronjob like so: (this turns on the device – in this case a solonoid valve to turn on the irrigation for my plants at 10 am for 10 minutes)

0 10 * * * /usr/bin/wget -O – -q > /dev/null
10 10 * * * /usr/bin/wget -O – -q > /dev/null

This is a long blog on Home Automation with many steps to set up/configure and establish some control over the networked devices.


We have set up a cooling fan to reduce the working temperature of sensitive equipment in our lab when the Air-conditioning is not turned on holidays. But then it is for another day and another blog.

Our Parent site TargetWoman - the leading women portal presents painstakingly researched extensive information in the form of thousands of condensed pages. It offers the widest and the most detailed information on subjects women care.