DFWCI Blog

Our Frisco Office is On Line

wizard — Tue, 09 Mar 2010 10:57:10 +0000

Finally, after weeks of moving and prep work, our new Frisco location is on line.

We recently relocated from inside The Computer Wizard in Plano to our new office in Frisco, Texas.

Right next door (and upstairs from) Giovannis Restaurant you will find our new offices, which we share with Warren Paul Harris Photography.

There is no elevator and I don’t carry computers upstairs, so prepare yourself in advance for a flight of stairs if that’s an issue for you.

We are operating by appointment at this location, so I can concentrate on location work. Call in advance to arrange for me to meet you at the new office:

DFW Computer Investigations
9741 Preston Rd. Ste 303
Frisco, TX 75034
469.387.4101

Merv is right outside the door to greet you (you’ll see what I mean when you get there)

DIY Data Recovery

wizard — Sat, 16 Jan 2010 12:00:32 +0000

We get more and more cases of either data recovery or forensics where our work is hampered or simply made outright impossible as a direct result of someone else trying to recover the data before it gets to us.

Can you search the web and find software solutions to recover your data? Sure you can. Dozens of them. Some are actually very good tools. You may even stumble across some of the tools we use to do the same thing. So why shouldn’t you try and recover your own data?

The simple answer is that you will probably destroy the valuable data you seek to recover in the process. When a file is deleted, accidentally or intentionally, the space it occupied is now available for use. Therefore, the very next program that is installed or file that is created has a high likelihood of writing over the recently deleted file you need to recover. This renders that file UNrecoverable by any means. Therefore, if you install ANY software on your computer to try and recover your data, the odds are, you have just permanently destroyed the file you wanted to recover.

We have had forensics cases where there was nothing we could do as a result of an IT technician snooping around the computer to examine the data and changing all the file dates in the process, then installing data recovery software and overwriting the remaining data we needed to recover. This resulted in a very expensive complete waste of time.

Our recommendation: If the data is important to you, just bring it to us as soon as you find you have a missing file. The outcome will be better – and probably less expensive. Fewer things are more frustrating than paying to recover something that cannot be retrieved due to a misguided recovery attempt in the wrong hands.

And if, for any reason, your drive is unreadable or un-bootable – TURN IT OFF IMMEDIATELY and do not turn it on again. The more you run a failing drive, the worse your odds become for recovering your data. A failing hard drive is not going to get better with time. It will definitely get worse – and this may happen very quickly. Every second it spins reduces it’s lifespan and your odds of a successful recovery of your priceless data.

Arctic Blast May Limit Hours of Operation

wizard — Thu, 07 Jan 2010 12:37:39 +0000

Just FYI:

As a result of the Arctic Blast today, coupled with slick streets, we will be opening when the roads are less slippery, as some of us do not want our vehicles crumpled by those who have no idea how to drive on ice.

We will likely be open by noon. Call first to find out. If you get voicemail, we are not in yet. Feel free to email us for an update.

If You Came Here Looking for Computer Repair…

wizard — Tue, 22 Dec 2009 12:33:42 +0000

The bright folks at Google have misdirected you. For some reason, their business mapping system insists on providing erroneous results and linking The Computer Wizard to our website. (see image below of search results in Google) Believe me when I tell you we have been trying endlessly for months to get Google to fix this problem. It is like trying to communicate with a chimp on Saturn. (not the defunct auto manufacturer) All we get back are boiler-plate responses from individuals who don’t actually read the original message. It’s not like you can just pick up the phone and call Google, you know. They’re much too busy working on World Domination to be bothered talking to anyone. Google has surpassed even Microsoft in the whole “Resistance is Futile. You will be assimilated.” thing.

To get you where you actually wanted to go, for Computer Repair, Malware Removal, Hardware and Software Support or Networking, click the link below:

The Computer Wizard

Google search results for computer repair in Plano, Texas

Are You Fortunate Enough to be Cancer-Free?

wizard — Sat, 12 Dec 2009 13:13:29 +0000

Watching the local NBC Affiliate news program the other night, I saw this story about 12-year-old Leukemia patient, Jack Barker. Jack discovered something as simple as a Snuggy can make all the difference to a kid stuck with a needle and a cold, liquid poison being pumped through his veins. This brave little guy wants to raise enough money to give one of these simple solutions to every kid in the cancer ward at Children’s Medical Center Dallas. Why not just the usual blanket? Jack discovered the Snuggy not only keeps him warm, but gives him the freedom to use his hands for games, operating a computer or reading while being infused to treat his disease. When the Snuggy company heard about his idea, they donated 100 of their products to his cause, but he needs a lot more. As soon as I heard about his project, I felt compelled to donate some money to help. It has always been my feeling that we should do whatever we can to make this world a better place, so something as simple as bringing some comfort to a child afflicted with a nasty disease seems like a no-brainer. Seeing a story like this makes me grateful to not be dealing with what these kids are forced to endure.

If you are fortunate enough (or even if you’re not) to be cancer-free, Read Jack’s Blog to donate and make a difference this holiday season in a young child’s life. A small thing for you may make a big difference to one of these kids fighting for their life.

Protecting your Mobile Phone

wizard — Sat, 26 Sep 2009 14:02:23 +0000

Mobile phone hacking (like tapping a landline) is becoming so easy it is (or at least should be) incredibly frightening. Stay tuned to our blog for a lot more information on this topic in the very near future as we assemble all the critical information. Meanwhile, to protect yourself from falling prey to someone who wants to invade your privacy, steal your identity or simply spy on you, heed the following guidelines:

Never leave your phone out of your sight. Keep it in your hands, in your pocket or purse and never leave it anywhere you cannot see or touch it at all times. Don’t go to the bathroom and leave your phone on the table with your “friends”. I know this is a pain, but it only takes a minute or so to download the software to hack your phone or record the IMEI number from your phone for this purpose.
Password protect your phone so it cannot be accessed without typing in the code first. I know it’s a pain, but this is critical, especially if the phone is lost or stolen, since many people keep access codes, combinations and passwords in their phones.
Never open an attachment that comes to you in a message or email. Simply delete them. Open these on your computer if you want, but never on your cell phone. This is the most common method of gaining access to your phone for purposes of monitoring everything you do on or near your mobile phone.
Secure your cell phone account with your provider. Use a complicated password no one will ever guess. Make sure you customize your account so your Social Security number is not the method they use for identification, but rather your password.
If your phone becomes compromised, just get rid of it immediately. Open a new account (in person – at a physical store) with a completely different provider. And make sure you don’t have the old phone with you when you purchase the new service. If it has been compromised, it’s entirely possible someone is “listening” to everything you do and say.
Signs your phone may be compromised:
Your phone “locks up”, becomes unresponsive, or slow to respond
Your phone lights up, shows signs of activity while not in use
Any behavior that is out of the ordinary may be a sign your phone is hacked

Keyloggers

wizard — Tue, 22 Sep 2009 11:07:53 +0000

We are occasionally approached to assist with the gathering of evidence via keyloggers (usually incorrectly referred to as Spyware) by individuals hoping to gather information about a spouse’s activity.

We always decline these offers, as it is illegal to do so.

Refer to the following excerpts from the Texas Penal Code:

TPC § 16.02. Unlawful Interception, Use, or Disclosure of Wire, Oral, or Electronic Communications

Text of section effective until Sept. 1, 2005

(a) In this section, “covert entry,” “communication common carrier,” “contents,” “electronic, mechanical, or other device,” “intercept,” “investigative or law enforcement officer,” “oral communication,” “electronic communication,” “readily accessible to the general public,” and “wire communication” have the meanings given those terms in Article 18.20, Code of Criminal Procedure.

(b) A person commits an offense if he:

(1) intentionally intercepts, endeavors to intercept, or procures another person to intercept or endeavor to intercept a wire, oral, or electronic communication;

(2) intentionally discloses or endeavors to disclose to another person the contents of a wire, oral, or electronic communication if he knows or has reason to know the information was obtained through the interception of a wire, oral, or electronic communication in violation of this subsection;

(3) intentionally uses or endeavors to use the contents of a wire, oral, or electronic communication if he knows or is reckless about whether the information was obtained through the interception of a wire, oral, or electronic communication in violation of this subsection;

(4) knowingly or intentionally effects a covert entry for the purpose of intercepting wire, oral, or electronic communications without court order or authorization; or

(5) intentionally uses, endeavors to use, or procures any other person to use or endeavor to use any electronic, mechanical, or other device to intercept any oral communication when the device:

(A) is affixed to, or otherwise transmits a signal through a wire, cable, or other connection used in wire communications; or

(B) transmits communications by radio or interferes with the transmission of communications by radio.

(1) an operator of a switchboard or an officer, employee, or agent of a communication common carrier whose facilities are used in the transmission of a wire or electronic communication intercepts a communication or discloses or uses an intercepted communication in the normal course of employment while engaged in an activity that is a necessary incident to the rendition of service or to the protection of the rights or property

of the carrier of the communication, unless the interception results from the communication common carrier’s use of service observing or random monitoring for purposes other than mechanical or service quality control checks;

(2) an officer, employee, or agent of a communication common carrier provides information, facilities, or technical assistance to an investigative or law enforcement officer who is authorized as provided by this article to intercept a wire, oral, or electronic communication;

(3) a person acting under color of law intercepts a wire, oral, or electronic communication if the person is a party to the communication or if one of the parties to the communication has given prior consent to the interception;

(4) a person not acting under color of law intercepts a wire, oral, or electronic communication if the person is a party to the communication or if one of the parties to the communication has given prior consent to the interception unless the communication is intercepted for the purpose of committing any criminal or tortious act in violation of the constitution or laws of the United States or of this state or for the purpose of committing any other injurious act;

(5) a person acting under color of law intercepts a wire, oral, or electronic communication if:

(A) oral or written consent for the interception is given by a magistrate before the interception;

(B) an immediate life-threatening situation exists;

(i) respond to and deal with life-threatening situations; or

(ii) install electronic, mechanical, or other devices; and

(D) the interception ceases immediately on termination of the life-threatening situation;

(6) an officer, employee, or agent of the Federal Communications Commission intercepts a communication transmitted by radio or discloses or uses an intercepted communication in the normal course of employment and in the discharge of the monitoring responsibilities exercised by the Federal Communications Commission in the enforcement of Chapter 5,

Title 47, United States Code;

(7) a person intercepts or obtains access to an electronic communication that was made through an electronic communication system that is configured to permit the communication to be readily accessible to the general public;

(8) a person intercepts radio communication, other than a cordless telephone communication that is transmitted between a cordless telephone handset and a base unit, that is transmitted:

(A) by a station for the use of the general public;

(B) to ships, aircraft, vehicles, or persons in distress;

(C) by a governmental, law enforcement, civil defense, private land mobile, or public safety communications system that is readily accessible to the general public, unless the radio communication is transmitted by a law enforcement representative to or from a mobile data terminal;

(D) by a station operating on an authorized frequency within the bands allocated to the amateur, citizens band, or general mobile radio services; or

(E) by a marine or aeronautical communications system;

(9) a person intercepts a wire or electronic communication the transmission of which causes harmful interference to a lawfully operating station or consumer electronic equipment, to the extent necessary to identify the source of the interference;

(10) a user of the same frequency intercepts a radio communication made through a system that uses frequencies monitored by individuals engaged in the provision or the use of the system, if the communication is not scrambled or encrypted; or

(11) a provider of electronic communications service records the fact that a wire or electronic communication was initiated or completed in order to protect the provider, another provider furnishing service towards the completion of the communication, or a user of that service from fraudulent, unlawful, or abusive use of the service.

(d)(1) A person commits an offense if he:

(A) intentionally manufactures, assembles, possesses, or sells an electronic, mechanical, or other device knowing or having reason to know that the device is designed primarily for nonconsensual interception of wire, electronic, or oral communications and that the device or a component of the device has been or will be used for an unlawful purpose; or

(B) places in a newspaper, magazine, handbill, or other publication an advertisement of an electronic, mechanical, or other device:

(i) knowing or having reason to know that the device is designed primarily for nonconsensual interception of wire, electronic, or oral communications;

(ii) promoting the use of the device for the purpose of nonconsensual interception of wire, electronic, or oral communications; or

(iii) knowing or having reason to know that the advertisement will promote the use of the device for the purpose of nonconsensual interception of wire, electronic, or oral communications.

(2) An offense under Subdivision (1) is a state jail felony.

(e) It is an affirmative defense to prosecution under Subsection (d) that the manufacture, assembly, possession, or sale of an electronic, mechanical, or other device that is designed primarily for the purpose of nonconsensual interception of wire, electronic, or oral communication is by:

(1) a communication common carrier or a provider of wire or electronic communications service or an officer, agent, or employee of or a person under contract with a communication common carrier or provider acting in the normal course of the provider’s or communication carrier’s business;

(2) an officer, agent, or employee of a person under contract with, bidding on contracts with, or doing business with the United States or this state acting in the normal course of the activities of the United States or this state; or

(3) a law enforcement agency that has an established unit specifically designated to respond to and deal with life-threatening situations or specifically trained to install wire, oral, or electronic communications intercept equipment.

(f) Except as provided by Subsections (d) and (h), an offense under this section is a felony of the second degree.

(g) For purposes of this section:

(1) An immediate life-threatening situation exists when human life is directly threatened in either a hostage or barricade situation.

(2) “Member of a law enforcement unit specially trained to respond to and deal with life-threatening situations” means a peace officer who has received a minimum of 40 hours a year of training in hostage and barricade suspect situations. This training must be evidenced by the submission of appropriate documentation to the Commission on Law Enforcement Officer Standards and Education.

(h)(1) A person commits an offense if, knowing that a government attorney or an investigative or law enforcement officer has been authorized or has applied for authorization to intercept wire, electronic, or oral communications, the person obstructs, impedes, prevents, gives notice to another of, or attempts to give notice to another of the interception.

(2) An offense under this subsection is a state jail felony.

TPC § 16.04. Unlawful Access to Stored Communications

(a) In this section, “electronic communication,” “electronic storage,” “user,” and “wire communication” have the meanings assigned to those terms in Article 18.21, Code of Criminal Procedure.

(b) A person commits an offense if the person obtains, alters, or prevents authorized access to a wire or electronic communication while the communication is in electronic storage by:

(1) intentionally obtaining access without authorization to a facility through which a wire or electronic communications service is provided; or

(2) intentionally exceeding an authorization for access to a facility through which a wire or electronic communications service is provided.

(d) If committed to obtain a benefit or to harm another, an offense is a state jail felony.

(e) It is an affirmative defense to prosecution under Subsection (b) that the conduct was authorized by:

(1) the provider of the wire or electronic communications service;

(2) the user of the wire or electronic communications service;

(3) the addressee or intended recipient of the wire or electronic communication; or

(4) Article 18.21, Code of Criminal Procedure.

Texas Licensing of Computer Repair Shops

wizard — Fri, 10 Apr 2009 12:00:49 +0000

Texas Private Security Board Again Refuses To Exempt Computer Repair from Licensing Law

Board Passes on its Second Opportunity to Clarify Law

WEB RELEASE: October 31, 2008
Media Contact:
Matt Miller (512) 480-5936
John Kramer (703) 682-9320

[First Amendment]

Austin, Texas—The Texas Private Security Board yesterday declined for a second time to adopt a rule that would end the justifiable confusion over whether computer repair technicians in the state must be government-licensed private investigators to continue solving their customers’ computer problems.

Under 2007 amendments to Texas’s Private Security Act, a computer repair technician without a government-issued private investigator’s license may not take any action that the government deems to be an “investigation.” The law’s definition of “investigation” is extremely broad, including the “review and analysis of, and the investigation into the content of, computer-based data[.]”

The Board first considered language designed to clarify the law at a July 23, 2008 meeting. The investigations industry suggested that the Board issue a rule that, “The repair or maintenance of a computer does not require licensing under the [Private Security] Act, even if during the course of the repair or maintenance the person discovers information described by [the relevant subsection of the law].” The Board tabled the proposal and placed similar language on its public agenda for October 30, 2008. Yesterday, the Board declined to discuss its new language in public, deciding in secret behind closed doors to again table the proposal.

Computer repair technicians are not the only ones at risk. The law also punishes consumers who knowingly use a tech who doesn’t have a P.I. license to perform any repair that constitutes an investigation in the eyes of the government. Consumers are subject to the same harsh penalties as the repair shops they use—criminal penalties of up to one year in jail and a $4,000 fine, and civil penalties of up to $10,000—just for having their computer repaired by a technician who has taken the time to learn about computers rather than surveillance and other aspects of the gumshoe trade.

The Institute for Justice Texas Chapter (IJ-TX) is challenging the new law and the Board’s actions under the Texas Constitution. IJ-TX filed a lawsuit in Travis County against the Board on behalf of Texas computer repair technicians and their customers on June 26, 2008.

“We would have welcomed the July proposal as a step in the right direction,” said Matt Miller, IJ-TX executive director and lead attorney on the case. “But the fact is there is still an absurd law on the books that says you have to be a government-licensed private eye to answer common customer questions about how a computer was damaged or used. That needs to change. We are disappointed the Board has again declined to make a clear statement that computer technicians do not need a private investigator’s license to address their customers’ concerns.”

Testimonials, Case Histories and Horror Stories

wizard — Fri, 10 Apr 2009 11:25:45 +0000

Completely Avoidable Data Recovery – Book Publisher

Actually, all data recovery is avoidable – if you maintain a current backup. Very simply put: “The difference between inconvenience and catastrophe is… a current backup.” You can quote me.

Early in 2008, a new customer brought in an external 2.5″ USB drive for data recovery. We were told it contained every book this publisher had ever published and was her backup drive.

When we commenced the recovery analysis of the drive, it quickly became evident this would be a Clean Room Recovery case, as this drive was never going to spin again.. of it’s own volition.

I called the client and asked how we got to this point in time. She related the following scenario”

Her computer had contracted a virus. She took it to the Geek Squad, where, after their analysis, they informed her they could not remove the virus and would have to reinstall her Operating System — and did she have a backup of her data. She informed them that she did have a backup and so the intrepid agents at the Geek Squad formatted her drive, destroyed all her data and reinstalled her OS — and returned her computer.

Consider:

It was almost NEVER necessary to reinstall a computer to get rid of a virus at this point in time. We didn’t do this as a matter of course.

No prophylactic backup was done. We always backup data before we format a drive – even if the client tells us they have a backup. It’s just a good idea, don’t you think?

Anyway… I told her to pull the plug on her computer immediately and bring it to me. Naturally, she wanted to know why and I told her it was much more likely we would get her data from the computer than her backup drive.

When we removed the drive and connected it to our diagnostic machine, I was disappointed to find it was a 200 gig Maxtor. The 200 gig drives were only made for a very short period of time and have a higher than average failure rate. That, coupled with the fact that it was a Maxtor drive, made the likelihood of drive damage much higher. Sure enough, the drive tested bad and we could not get a complete data recovery pass to complete without our diagnostic machine locking up. The geniuses at Geek Squad should have noticed this and installed a new drive.

Ultimately, it took over a week, running this failing drive at below freezing temperatures to recover all her data. She was thrilled – and this will get my first book published this year.

Completely Avoidable Data Recovery – Custom Bike Builder

Back in 2006, we had a gentleman come in, who related the story that he had done a System Restore to try and solve some consistency issues with his computer and had not considered the total loss of his data in the process.

It seems there were a lot of critically important photos on his computer that simply must be recovered. I asked him for specifics, as the more information we have about what we’re looking for, the less time we spend doing it. He told me to specifically look for any files named “Sonny and Me” or “Barger.”

I said, “Hold on there, speedy! Do you have pictures of Sonny Barger in here?” He answered to the affirmative. I then asked how he came to know the past president of the Oakland Hells Angels and he told me the tale of building a custom bike for Sonny. I asked where the inimitable Sonny Barger was these days and was surprised by the answer. You would be too…

To continue, it was a lengthy and difficult recovery as the entire data structure had been badly damaged in the restore process (unusual) but we were able to recover all his photos and he was most grateful. Hey! Where’s my custom bike?…

A Current Backup Can Make All the Difference

wizard — Fri, 10 Apr 2009 02:29:24 +0000

The best way to be sure you will never need a backup is to be sure you have one (Murphy’s Law of Data Loss)

We recommend multiple backups, preferably on different media and definitely in separate locations. It is highly unlikely two separate structures in different cities will burn down at the same time.

There are many options for backup:

All writable optical disks will eventually fail. We tell everyone to assume a 1.5-3 year lifespan. If you keep them in a fireproof safe, they will last longer. This will NOT protect them in a fire! Period.

Tape is the best long-term storage. Good for 30 years and it’s not continually spinning and wearing itself out like a hard drive. Very inconvenient and expensive to implement – and slow to operate – even slower to Recover.

External hard drives are your best bet from a convenience and cost standpoint. Have at least TWO – if not THREE backups of everything and in different buildings – preferably different Cities. Assume all your backups will fail and you will at least be prepared.

Only turn on your hard drives when you are using them. Power them completely off the rest of the time to dramatically improve their life span. We use special enclosures that spin down the drives after a short period of not being accessed.

Web-based backup is incredibly convenient, but frequently too expensive for very large amounts of data. If I had to backup the 800+ Gigs of photos I store (the quantity goes up every week) it would cost me a fortune.

There is a a difference in quality in hard drives. Not all drives are created equal. We use nothing but Western Digital drives. Best reliability and failure rate in the industry. In our experience, Maxtor is historically the worst. Period. We have had to recover lost data from more damaged Maxtor drives than any other brand. Second is IBM.