Malware and the E-Cig: What’s next for vape-bashers?
In recent months, electronic cigarettes have been blamed for the failings of many people who are clueless about recharging batteries safely. They have been blamed for parental carelessness in child-proofing dangerous substances in the home. Now it's malware.
It seems that a hapless vaper got his browser hijacked recently by a malware virus lurking in an e-cig battery charger that connected to a usb port. It turns out that hackers will leave no stone unturned in their efforts to get into your digital drawers. But is it really the fault of e-cigs? Maybe it's just that vape-bashing journalists, who have deadlines to meet after all, will grasp at anything that makes a good headline!
What's next to blame on vaping? Bad weather? Soil erosion? Male pattern baldness? Hangnails?
Having recently had my browser hijacked by an invasive search engine, I may be able to offer some helpful suggestions for avoiding this kind of thing. Far be it from me to plumb the depths of the hacker's mind, but as a recent victim, I can still help.
My own involuntary crash course in data protection happened when I downloaded a well-known browser to my new laptop. It arrived, and was duly installed, but along with it came a “bundle” of programs I had never heard of, most of them about ways to buy things. Their desktop icons huddled in a corner of my screen and eyed me greedily, waiting for me to reach out and buy something from them.
Realizing that I had been hacked, I immediately deleted the newcomer links from the settings of my existing browsers, and uninstalled them from my Control Panel. A few new desktop icons remained, however, so I “restored” my new laptop to an earlier time, before the download. That got rid of the new icons (although I had to reload a couple of untainted programs that had been swept away by my restoration). But the unwanted new search engine was still showing up as my default, despite my explicit settings to the contrary. Apparently these hijacking browsers put secret instructions in hidden nooks and crannies on your computer, directing it to use them instead of your own default search engine.
I used a malware cleaning tool that I found online. It may have done some very salubrious things to my computer, but it did not fix my problem: the name of the hijacking search engine was still big as life on my browser's startup page. I started to use another anti-malware tool from the internet, until I noticed it was “bundled” with another search engine – not the hijacker, but a supposedly reputable search engine that, nonetheless, has invasive tendencies in my opinion. It dawned on me that any smart hacker can call his malware an anti-malware cleanup tool, and the unsuspecting user might infect the very computer s/he's trying to clean.
I looked up “malware” on a well-known encyclopedia-type site, and clicked a link in the reference section, figuring who can you trust if you can't trust blank-opedia. That document gave me the final tip I needed. To get rid of the hijacker's secret instruction to use its search instead of yours, you have to go to Settings and DELETE YOURSELF AS A USER. There should be a heading in your browser's Settings page called “Users” or “People”. Mine says “You are the only **** user,” because, like 'duh', nobody else uses my laptop. I deleted myself with some trepidation, I mean, it seemed like a major existential act. Would I disappear in a puff of smoke? Turned out I still existed – pinched myself just to make sure I wasn't a figment of my imagination. I also disabled “Enable guest browser” and “Enable user creation from the profile manager,” just to make sure. And I instructed the machine not to import bookmarks and favorites. It worked – the hijacking search engine name disappeared. I had to rebuild my bookmarks bar manually, but that was a trifle compared to what I'd already been through. Maybe I'll add myself as a user later on, but for the time being my non-existence does not seem to be affecting my ability to use the computer. Go figure!
So what have I learned from my involuntary crash course? Well, I would suggest that concerned vapers:
Buy your vaping equipment from a well-known supplier, one whose name you trust.
If there is any kind of installation involved, monitor the Wizard process carefully – don't just click OK for everything, but look carefully for check boxes that might authorize unwanted installations, and uncheck them. Perhaps use “custom installation” instead of “recommended”.
OR – recharge your vaporizer from a wall-plug. AND STAY IN THE SAME ROOM WHILE IT'S CHARGING! Your bath can wait.