Ok - I'm on my way to integrating Google Voice into my "phone system" of my iPhone, RingCentral, and Google Voice. First, let me say that gVoice is pretty cool since it records all voicemails as mp3 files plus records all text messages. Being able to refer back to them at any time is very cool. The problem I've faced is how to use it effectively with my current mobile number (which everyone has) plus my RingCentral account - which I planned to use as my "business" phone line and fax line.

Here is what I have setup now:

My iPhone voicemail is automatically forwarded to my Google Voice account. This gives me an mp3 archive of all voicemails that I receive. I get a txt message and email alert to all voicemails received.

I use RingCentral primarily when I am at my computer so that I can easily record conversations (such as dealing with customer service departments). RingCentral also has a great faxing functionality.

So far all of this has greatly helped my manage my telephone calls. It's not perfect and I receive a ton of phone calls, but it helps.

----------------------

Call Forwarding Codes
----------------------

[dest] = destination number
[sec] = number of seconds before forward

Forward All:
Activate: *21*[dest]*11#
Cancel & Retain: #21*11#
Re-establish: *21*11#
Cancel & Forget: ##21*11#
Status: *#21*11#

If Busy:
Activate: *67*[dest]*11#
Cancel & Retain: #67*11#
Re-establish: *67*11#
Cancel & Forget: ##67*11#
Status: *#67*11#

if no answer:
Activate: *61*[dest]*11*[sec]#
Cancel & Retain: #61*11#
Re-establish: *61*11#
Cancel & Forget: ##61*11#
Status: *#61*11#

If Unreachable:
Activate: *62*[dest]*11#
Cancel & Retain: #62*11#
Re-establish: *62*11#
Cancel & Forget: ##62*11#
Status: *#62*11#

------------------
Conditional Forwarding / Unanswered Codes for carriers
------------------

DIRECTIONS:
   1. Find your activation code in the list below.

   2. Enter the first code exactly as written, as if you're dialing someone. Replace [GVnumber] with your GV phone number. For example, if your GV phone number is 203-555-1212, and your service is CellCom, then you would enter *682035551212.

   3. Press "Send" or "Talk" or "Enter" on your phone to dial that number.

   4. If multiple codes are given, repeat steps 2 & 3 for each code. THIS IS IMPORTANT.

   5. After following the steps above, try calling your mobile phone from another phone and leave a voicemail. The message should appear in your GV inbox!

Wireless Carrier or Network   --- Activation Code
AT&T Cingular, T-Mobile, GSM network: *004*1[GVnumber]*11#

Verizon (CDMA network): *71[GVnumber] AND *90[GVnumber] AND *92[GVnumber]

Verizon (TDMA Network): *74[GVnumber] and *73[GVnumber]

Bluegrass Cellular: *90#[GVnumber] and *92#[GVnumber]

Cellcom: *68[GVnumber]

Cincinnati Bell: *004*[GVnumber]#

US Cellular: *74[GVnumber]

If your wireless carrier is not listed, please call your carrier and ask them to configure the following three forwarding conditions to your GV number:
    * Busy Call Forwarding (Busy Call Transfer)
    * No Answer Call Forwarding (No Reply Forwarding)
    * Unreachable Call Forwarding (Phone Off Forwarding)

Wireless Carrier Customer Care Number
Sprint: 1-888-211-4727 or dial *2 from your mobile phone
Nextel: 1-800-639-6111 or dial 611 from your mobile phone
Alltel: 1-800-255-8351
Cellular One, Dobson, MetroPCS: Dial *611 from your mobile phone
Update:

Here are some deactivation codes:

DIRECTIONS:
   1. Find your deactivation code in the table below.
   2. Enter the first code exactly as written, as if you're dialing someone.
   3. Press "Send" on your phone to dial that number.
   4. If multiple codes are given, repeat steps 2 & 3 for each code

Wireless Carrier or Network ---> Deactivation Code
AT&T Cingular, T-Mobile, GSM network: ##004#

Verizon (CDMA network): *73 AND *900 AND *920

Verizon (TDMA Network): *740 AND *730

Bluegrass Cellular: *900 AND *920

Cellcom: *680

Cincinnati Bell: ##004#

US Cellular: *740


References:
Google Voice & iPhone Call Forwarding
http://www.mobilitee.org/archives/514

Problem with limited iPhone call forwarding features
http://getsatisfaction.com/att/topics/problem_with_limited_iphone_call_forwarding_features

Instructions to use Google Voice as your voicemail when people call your cell phone number
http://www.google.com/support/forum/p/voice/thread?tid=00a93855af6943b4&hl=en

Labels: google voice, iphone

As many of you know, I am a huge fan of the iPhone. It has transformed the way that I do business with tech support.

One of the best features is the email client when paired Google Apps email. Using Google Apps (or Gmail) allows you to store a virtually unlimited amount of email online. This means you can access your email anywhere. It also means you have access to your email - anywhere - even from your iPhone.

Link: Archiving email - don't delete

As an example, I have over 18,000 emails dating back to 2004 that I have retained. Why? Simple - I want to be able to search back through all emails between myself and clients if needed. I can access these via the web from any computer of internet-connected device, and I can get to them all from my iPhone.

--------------------------------
How to Search Your Email with the iPhone
--------------------------------
Requirements: iPhone, Google Apps for your Domain (or Gmail), Mobile Sync

Step 1
Open your email app and tap on "Mailboxes". This will show you all of the folders (or labels) within Google's email.

Step 2
Tap on "All Mail" - which is your archived email. Remember about archiving and not deleting? Here is a good reason why.

Step 3
Tap on the search box.

Step 4
Type something in the search box and choose how to search - I typically use "all" unless I am looking for email to or from a specific person, etc.

Step 5
Tap on "Continue Search on Server" - which will search through every email you have ever sent/received.

Well it's official - eBay has sold Skype in a deal worth a couple of billion dollars. It also appears the Skype may be getting ready for an IPO and going public.

http://blogs.zdnet.com/BTL/?p=23623&tag=nl.e539

Why is this interesting? Many of you have asked me how the current lawsuit will affect Skype usage in the future. Many of you have loved ones overseas and depend on Skype for communication. Also, I'm a big fan of Skype and use it fairly often.

My opinion is that the founders of Skype will work out a licensing deal with the current owners and everyone will be happy.

Thanks for point this out to me Bill.

It's a toss up on whether to post this here or on my political blog. I hate the Obama Administration and Congress (both sides of the aisle) - and people were worried about NSA wiretaps? Right.

Here is the summary: If you are dumb enough to agree to cars.gov, then you agree to let them do anything they want.

This application provides access to the [Department of Transportation] DoT CARS system. When logged on to the CARS system, your computer is considered a Federal computer system and is the property of the U.S. Government. Any or all uses of this system and all files on this system may be intercepted, monitored, recorded, copied, audited, inspected, and disclosed... to authorized CARS, DoT, and law enforcement personnel, as well as authorized officials of other agencies, both domestic and foreign.

 Here's the EFF.org link with further information (actually slightly defending the TOS):
http://www.eff.org/deeplinks/2009/08/cars-gov-terms-service

While Glenn's video is a little bit off the mark, why in the world would the Fed's even release a terms of service that invasive? It points to the overarching need of the Feds to think they can encroach into everything we do. Wrong.

------------
It infects Windows machines via fake codec and fake Flash Player update packages planted on malicious Web sites.
------------

http://blogs.zdnet.com/security/?p=3912&tag=nl.e550

I've been preaching about this for some time now - one of the worst things about sites such as MySpace is when users are prompted to download and install something to watch a video. It happens far too often-and not always through MySpace.

Today I had a friend and customer bring a laptop with this exact symptom. Whether you use MySpace or not, you need to be careful about clicking. Remember that your anti-virus does not stop 99% of these types of malware.

-- Post From My iPhone

ATT did a stupid partnership deal with Yahoo a couple of years ago to provide email services through Yahoo, and they have done it without proper warning to customers. That means that some of you using services such as Gmail to pop3 your Bellsouth email in - suddenly find it not working. I've also had customers who try to login to webmail.bellsouth.net and get redirected to the Yahoo portal - and then can't login.

First, QUIT using your Bellsouth / ATT email. Second, sign up for Gmail. Pretty simple - and you won't lose any email.

If you are already "popping in" your Bellsouth to Gmail (or another email service), you will probably need to modify the settings for gmail to pull in your Bellsouth email. Here are the steps:

1. In Gmail - click "Settings"
2. Click "Accounts" tab
3. Find the Bellsouth account in "Get Mail from Other Accounts" - click "Edit Info"
4. Change the POP3 server to pop.att.yahoo.com
5. Change the port to 995
6. You may need to check "Always Use a Secure Connection (SSL) when retrieving mail".
   

An alternate method is to login to your Bellsouth email and have it forward to your Gmail. Yahoo only allows forwarding and POP3 with premium accounts, so I'm guessing the partnership allows both.

Labels: bellsouth, gmail, yahoo

As usual, something has been designed without a good forethought on security ramifications. Recovering your computer from thieves sounds great in marketing materials - but it comes with a price.

If you have purchased a computer with the ability to contact Lojac, then you are at risk. No you don't have to subscribe to CompuTrace LoJac - you just have to have a computer with the code embedded in the BIOS.

This vulnerability is particularly nasty because it leads to a "persistent and complete control of a compromised system." That's right - once compromised, you effectively can't get rid of it.

Look, the only effective way to protect your data in the event of theft is to encrypt your entire hard drive - and use a sufficiently strong password.


Reference:
Researchers find insecure BIOS 'rootkit' pre-loaded in laptops
http://blogs.zdnet.com/security/?p=3828&tag=nl.e539

Labels: encryption, lojac, truecrypt

Well I've been wanting to do this for a while so I finally sat down, googled around, looked at code, and figured out an easy way to embed iPhone video in html.

First we need to detect the iPhone's userAgent string and redirect to another page where we will embed the video.This script should go in the area"" area of your code. You can redirect to any page.


Next we need to embed the video along with a splash graphic when a user lands on the redirected page.



In the script you can see that I forced my image size to be 850 pixels wide. That allows the image to be large enough on the iPhone display to be seen well. Here is what the user sees on the iPhone display on the embedded video page.

There are also ways to do this via javascript, but I've found the embed method to be simple and straightforward.

Source Code

Sample Page (visit on your mac/pc and then your iPhone)

Labels: code, iphone

Initially I thought there may be some issues with the Farm games on Facebook as I had several customers experience malware issues (pop-ups, Antivirus 2009, etc) all within a short timeframe. The common denominator seemed to be the "farm" games on Facebook.

After reading up on the recently revealed zero-day exploit in Flash, I now know that I was close to correct. It is related to a similar vulnerability in Adobe PDF docs.Estimates are that 90% of all Windows users (and that is 90% of all computer users) are vulnerable.

90% of ALL Windows computers are vulnerable.

What is Flash? Most of the animations and videos that you see on websites, including the farm game, are developed using Flash technology. I use it for my tutorials and videos as well. It is what powers all YouTube videos - except the iPhone versions. Flash itself isn't bad - but like most things, security flaws are found and exploited.

For a couple of years, I have tried to explain to clients and friends that websites, especially social networking ones such as MySpace, are dangerous since they pull in content from 3rd party sites - think about the "pimp my profile" junk. That content cannot necessarily be trusted as you didn't create it.

It is becoming more common-place for the "bad guys" to exploit a server that pushes content into these sites, and that content can likely exploit your computer if you have a vulnerability - and in this case 9 out of 10 people are affected, essentially everyone.

Also, I have been preaching about the attack vector of opening email attachment videos, etc, that are forwarded through 10,000 people on a list - and nobody knows who created it.

How can you trust something that you have no clue who created it? That is like opening your door to a complete stranger just because they tell you a "friend" sent them over. You are asking for trouble.

-------------
So What Can You Do?
-------------

First, make sure you have a backup. Period. If something happens to your machine, do you want to risk losing your pictures and other valuable data?

Second, realize that your ANTI-VIRUS DOES NOT HELP. That is counter to what the marketing and ads tell you, but it is true. Your favorite a/v program (Norton, Trend-Micro, McAfee, etc) are a semi-good alarm system. What does an alarm system hopefully tell you - that someone is already in the house!

Third, be quit using Internet Explorer - use FireFox. While this vulnerability affects Flash and PDF's in Firefox too, you are crazy to continue with all the risks of Internet Explorer.

Fourth, if Adobe prompts you to upgrade your Flash player or Adobe Reader, make sure it is really an Adobe update - and do it.

Lastly, call or email me.

Oh yeah - you can always go buy a Mac. They are aren't affected by this.

It's no secret that I really love (in a tech sense) my iPhone and iPod. I'm not a Mac user, but I have always respected Steve Jobs. He seems to have an insight into things that is not perfect - but very very good.

Here is a speech he gave at Stanford University in 2005. It's worth listening to.

I've just installed Windows XP on a Gateway GT5694 and finding the drivers wasn't the easiest thing in the world. I'm posting the drivers that I used to install, including the SMBus, Wireless, Video, etc.

Be aware that some of these were direct from Gateway and are the Vista drivers which contain the XP drivers as well. A couple were direct from RealTek and from ATI.

If you have any trouble post a comment here, but the support will probably be limited. As long as you can get the netwwork drivers going, I can setup a remote support session and actually help you out.

Gateway GT5694 XP DRIVER DOWNLOADS

Labels: drivers, gateway, xp installation

Just got my emailed invite from Google Voice! It looks like they might be rolling it out to the full public soon.

What is cool about a Google number? It gives you one central number that can ring mulitple devices (cell phone, home phone, office phone, etc). Think about the power of that for a minute. There are also features like SMS, voice mail transcription to SMS, and more.

My first attempt to update to the iPhone 3.0 software on Windows XP resulted in a "Hardware Not Found" message when the Windows Hardware Wizard attempted to install the new drivers.

Unplugging the phone and plugging back in didn't help. Pointing the Hardware Wizard to the default driver location didn't help. Apparently the driver was corrupted? I even tried downloading an alternate copy, but that didn't help either.

C:\Windows\system32\drivers\USBAAPL.SYS

I plugged my iPhone into another laptop and iTunes recognized it as in "recovery mode". Since I didn't want to sync it to that particular laptop, I decided to reinstall iTunes on my main laptop. Once I downloaded and installed iTunes (without uninstalling first), it recognized my iPhone in as in "recovery mode".

After following the prompts to restore it,  it popped up running the 3.0 software! However, it had none of my installed apps, etc. iTunes prompted for a restore from backup so I allowed it, of course. 


The restore worked perfectly and after several minutes of reloading my iPhone everything works great!


The cut/copy/paste is very elegant - good job Apple even if it seems like a simple thing.

Seems that a family video with low-quality music can't even escape the scrutiny of the RIAA. Come on you morons.

Oh yeah - and thanks Vimeo for standing up to the RIAA???

Labels: riaa, vimeo

As most of you know, I am absolutely thrilled with my iPhone. It has been the one device that has truly begun to transform how I do things. Here is a quick list:

• Accepting credit card payments via CC Terminal by Innerfence
• Time tracking / invoicing via Timewerks
• Synchronized contacts and calendar by Google
• Twitter posting via Tweetie
• Blogging with BlogPress
  
• e-Books via Stanza and the Amazon Kindle app
• Recording notes and info via Evernote
• Stock trades via the E*Trade app
  
• Tracking packages with the FedEx app
• Conducting presentations with Air Mouse
• Business VOIP and Faxes with RingCentral
• Client notes with Google Docs
• ToDo List with Remember the Milk
  

Each and every one of these applications is incredibly easy to use. While the iPhone and it's apps won't ever replace my laptop computer, it certainly complements it. There are many cases now where I can go to a client's location and walk in with just my phone.

I've got to hand it to Apple - I know there are other mobile devices that can do many of the same things. However, there is no other device that does them as smoothly.

(Now if AT&T would just get their cellular network up to par, and release some of their restrictions on data  for the "unlimited" data plans!)

Labels: blogpress, iphone, kindle, ringcentral

At the suggestion of one of my blog readers (from this post), I have added some donation buttons to the right side of the blog. There are two choices: (1) Using secure PayPal and (2) using my secure Authorize.net payment form.

Donations are requested but not required. I post information here for the benefit of everyone, and because I love sharing information. If you do find that some of my information helps you, and you have a few extra dollars - anything is appreciated. After all, it does cost money and time to maintain this site.

Thanks again to everyone who subscribes and to everyone who has commented on posts or emailed me directly!

Labels: blog, firefox

Last week was fun in the IT (information technology) world. Not because of any real damage by conficker - but because of the absolute media over-hype of something they don't have a clue about. I had a couple of customers call me - and the conversations were short: "Rex, do we need to worry?" - "No Bob you don't." - "Ok - thanks Rex."

absolute media over-hype of something they don't have a clue about.

None of my normal customers were affected by Conficker - and I have over 500 clients. Why?  Mainly because they follow my Simple Rules for Computing. That means you do the following:

1. You have a good backup of your data files (my docs, etc)
   
2. Behind a NAT router
3. Use OpenDNS on your network
   
4. Follow common-sense and don't open every email attachment sent
5. Don't install software that you don't absolutely trust
6. Keep your computer patched (see links below)
   
7. Lastly - run anti-virus such as AVG

Notice I put anti-virus last on the list? That's because anti-virus programs don't stop the majority of complex viruses, trojans, and worms these days. Your anti-virus today is much like an alarm system - it warns you once something is already on your system. Think about it this way - if the anti-virus programs really were that good - we wouldn't need to worry about anything right?

Here are the bullet points about Conficker:

• If you are running Auto-Updates on your computer - you were patched in October 2007 and have nothing to worry about.
• If you are behind a NAT router (Linksys, DLink, Netgear, etc), then you can only get the worm through attachment, malicious website, or possibly a USB drive.
• Conficker has infected quite a few machines in the US.
• It is a very complex worm and is designed to change itself frequently.
• If you are infected, Microsoft has a removal tool - but I recommend the usual backup, wipe your machine, reinstall Windows so that you can trust your machine again.
  

--------------------
What was the deal about April 1st?
--------------------

There was code in the worm that indicated it would do something on April 1st. Nobody knows for sure yet, but many guess that it would download another set of instructions. That's it.

If you weren't already infected, you had nothing to worry about. Period.


------------------
Helpful Links
------------------

Vista Updates
http://www.microsoft.com/windows/downloads/windowsupdate/learn/windowsvista.mspx

XP Updates
http://www.microsoft.com/windows/downloads/windowsupdate/learn/windowsxp.mspx

Labels: conficker, security, spyware and malware

This is nearly as bad as forwarding emails for urban legends. For the past 2 days a text - sms - message was circulating around the Shreveport / Bossier City area claiming a gang initiation at Wal-Mart was going to take place. Supposedly, 3 women would be shot.

FWD: Police r askn all women do not go to walmart 2nite there is a gang initiation n 3 women will be shot. This is not a prank this is serious. ::pRAYiN 4 sTReNG

My neighbors were in a frenzy. The public were calling radio stations. The Shreveport police issued a statement refuting the "gang initiation". Obviously, it was started by someone who (1) had a beef with WalMart and wanted to harm their business for an evening or (2) was bored and had nothing better to do. Mission accomplished on both counts.

Can you trust a "fwd" in a text message? Not anymore than you can trust one in an email. 99% of them are jokes, myths, urban legends, or just plain stupid. Please stop spreading them unless you know something for a FACT.

Labels: sms, urban legends

When you put a file in your "recycle bin" or "trash can" on your computer, it is not really gone - not even after you empty the recycle bin. The information can be recovered with freely available software. Granted, over time the file becomes harder and harder to recover, but it can be recovered.

You can permanently erase a file though. Free programs such as Eraser allow you do erase single files, folders, or even nuke the whole drive. As a matter of fact, wiping the whole drive is the only way to insure that the files can't be recovered.

In the past, people have touted the fact that erasing over a file once was not  secure enough. As a matter of fact, most of these programs will do up to a 35-pass wipe of the file or drive. It looks like you don't need to be that paranoid though. In reality a single pass will do the trick.

even firms specialising in data recovery, openly admit that if a hard disk is overwritten with zeros just once, all of its data is irretrievably lost.

http://www.h-online.com/news/Secure-deletion-a-single-overwrite-will-do-it--/112432

You should also remember that encrypting your whole drive is a much better solution for data protection. You only need to wipe the drive if you think your encryption password has been compromised - or just change the password.

Labels: encryption, erasing data

I've found a new best friend as a parent - Hulu. My twin boys have been watching movies all afternoon. That was a welcome rescue since they've been trapped inside all day.

-- Post From My iPhone

Labels: chase, iphone

Well I've had my iPhone for a week now. So far I love it. There are a lot of cases where I don't have to take my laptop - I can just take my phone.

This is my first test from the iPhone using iblogger. We will see how it turns out.

I tried blogpress for the iPhone but it's not very robust. The only cool feature was inserting pics, but the app locked up with multiple blogs.

Labels: iphone

Labels: gmail, google, google apps, iphone

Labels: email, gmail, google, google apps

Labels: firefox

This is one of those little aggravating things that I finally decided to blog about. Have you ever been to a convience store (or some merchant) that required you to purchase at least $5 in order to use your credit card? I've encountered this a few times when I stop to get my kids a Dr. Pepper or something - and I don't really want to buy anything else.

If you have, then that merchant is violating the terms of service with Visa and/or MasterCard. You should inform them of that also.

Yeah - I know full well how the credit card processing works. I have a small business too, and I accept credit cards. I also have the cost of processing cards built into my pricing structure.

MasterCard Minimum Purchase
http://www.mastercard.com/us/business/en/common/faq.html#211

Visa Minimum Purchase
http://usa.visa.com/about_visa/ask_visa/index.html#anchor_4

Labels: credit card

==================

From Customer Email
==================
Follow-up via email about the privacy registration. Remember, it doesn't hurt to do a private registration if you are more comfortable with that. I just tend to be very practical and realistic about things.

(1) When you register a domain name, the information that you use is entered into the WHOIS database. This information serves a number of purposes, but is primarily used to contact the registrant of a domain or IP address.

http://en.wikipedia.org/wiki/Whois

(2) The information that is displayed on a WHOIS query is no more than is publicly available from any phone book, whitepages.com, or any other publicly available database. Therefore, there is NO risk of identity theft through this information.

(3) The most important thing to remember is to use a strong password for your domain account login. Periodically login to your domain account and check the contact information, etc. Loss of your domain can possibly destroy your business.

(4) For ID theft to happen, someone needs to have authentication information - such as account login/password, SSN, security question/answers, etc. You name, address, and phone number don't usually qualify. This same information is available on any check that have ever written - plus your bank name, account number, and routing number.

(5) You are 1000x more likely to be an ID theft victim if you write a check to a cashier and put your SSN or DL number on the check. This type of scamming is more prevalent than you think.

(6) You can use "false information" as the registrant; however, ICANN frowns upon this. At any rate, you need to make sure that your contact information can be verified in the future in case there is any sort of dispute with your domain name. I have encountered plenty of situations with clients where they did not have control of their domain and it was very tough to get control back.

http://www.icann.org/en/registrars/wdrp.htm

Hacking and Credit Cards
http://www.smartergeek.com/blog/2008/12/hacking-and-credit-cards.asp

About Encrypting Your Data - Again
http://www.smartergeek.com/blog/2009/01/about-encrypting-your-data-again.asp

While scanning through some email newsletters, I came across this article . It looks like data security is still an afterthought to many organizations. I cannot stress enough that it is very important to secure your important data.

Even home users have Quicken, Money, or Quickbooks files. I have several clients that store a list of their passwords or other important information in Word documents on their computers. That's fine - I keep my entire business stored on my primary laptop. The difference is that my entire hard drive is encrypted. If someone steals my laptop, that will not be able to access my data.

As I've said before, the irony is that the software to do all of this is free and open source. It is easy to use and once you encrypt the drive, your computer acts normally. The only time you notice anything is when you restart the computer. You must enter the password at reboot or the operating system simply won't start.

One other point that  I'm going to state again - Windows and Microsoft and Security don't go in the same sentence. Just because you have a Windows login password doesn't mean anything. That is trivial to bypass.

Also remember the following:

• Rule #1: You are only as good as your last successful backup - from which you can recover.
  
• www.truecrypt.com - open source and free
  

Labels: backup, encryption, rule #1

While doing some quick research for a customer of mine with a Mac - I ran across the Youtube Video from Google showing off Picasa for the Mac. I'm very glad Google finally released it!

http://picasa.google.com/mac/

As most of you know, I'm a huge fan of Google's products - and I use Picasa to manage all of my pictures . I even signed up for Google's extra storage (10GB), although you get 1GB for free. I have a lot of pictures and video that I share though.

That's one of the other benefits of Picasa. You can import, edit, and share video easily. I know Flickr is popular and a great place to share - but I just like the features of Picasa better.

Labels: mac, picasa

Well this year started out a little shakey on the technology front. I have been attempting to post about malware for 2 hours using my Blogger.com account and kept receiving the following error:

java.net.ConnectException: Connection timed out

Just so you know, I use Blogger.com to post my blog to my own webserver using the FTP publishing built into Blogger. This has worked out great now for a couple of years - I have 4 blogs that I maintain with the service. This morning when I tried to publish my blog though - it just decided not to work.

A little research shows that this has been a recurring problem with Blogger and Google with no real resolution. It's very aggravating to say the least so I wanted to share what fixed my account since Google has not posted any sort of resolution - and contacting Google for support is lackluster at best. They have claimed repeatedly that the problem is fixed but it just keeps cropping up. Apparently some time around Christmas and January 1, 2009, it started showing up in many accounts.

Some posts from Google suggest that it may be an active vs passive FTP issue. Typically Google suggests the issue the on the side of the website host - this is obviously not the case. The problem is Google/Blogger side.

Come on Google and Blogger Team - post the problem AND the resolution.

=============

Resolution for my account:
=============

• In your Blog account settings, go to FTP publishing.
• Set the ftp server to: yousite.com

*I use FTP publishing to publish my blog from blogger to my own website. If you don't use the same setup, this may not work for you.

Previously, I had entered ftp.smartergeek.com - just as Google's instructions said. This has worked fine for 2 years and still works fine in other blogs I have under the same Blogger account using the exact same settings. Who knows - but this worked for me.

Happy New Year to everyone! Unfortunately, my first post of the new year is not a positive one.

For example, malware programs now infect computers and then routinely use their own antivirus capabilities to not only disable antivirus software but also remove competing malware programs.

source:
http://www.infopackets.com/news/security/2008/20081216_internet_security_is_losing_the_online_war.htm

Ok - I've been preaching for a long time that your anti virus program is one of the last lines of defense on your computer. Anti-virus programs are like an alarm system on your house - and an alarm system tells you when an intruder is already there. This is typically too late.

Once Pandora's Box has been opened, it is nearly impossible to get her back in the box. Once your computer has been compromised, that is it. You simply cannot trust it any longer. As I've recommended over and over, the only way to fully trust a computer is to make sure you have a good backup of your data, wipe the machine, and reinstall from scratch.

Research compiled by PandaLabs suggests that a staggering number of infected computers, as many as 10 million, are being used to distribute spam and malware over the Internet each day.

source: http://www.nytimes.com/2008/12/06/technology/internet/06security.html?em

That's right - the bad guys don't have to have a warehouse of computers to spit out fake-viagra ads. They just use your computer - and your neighbors.

Microsoft researchers were amazed to find out that a lot of malware will make sure that the security update features of Windows are turned on - in an effort to stop other competing malware from getting installed! This is a real war being raged.

Microsoft has been releasing it's Malicious Software Removal Tool for sometime in an effort to combat some of this. However, the truth is that the MSRT is about as effective as anti-virus software - it's more of a marketing gimmick than anything.

Once a machine has been compromised - you can't trust it unless it gets wiped clean.

=========
What do you do?
=========

 It's really pretty simple. You have to think of security on your computer in layers. The first and most important layer is common sense - be careful of what you do.

Most people think of their computers like a television set - but it's not. Your computer is connected to hundreds of millions of other devices as soon as it is turned on if you have a cable or DSL connection. Remember that not everyone in the world has good intentions.

Here is my quick review of how to stay safe:

• Be wary of all emails - use common sense.
  
• Make sure you have a NAT router.
  
• Run Firefox - never use Internet Explorer again.
  
• Use OpenDNS to help protect your network.
  
• Be wary of phishing schemes.
  
• Use strong passwords.
  

Read and review the following posts. The vast majority of my clients DO NOT get re-infected or even infected in the first place. That's because I preach these things to everyone.


Why did I get infected in the first place?
http://www.smartergeek.com/blog/2008/07/why-did-i-get-infected-in-first-place.asp


Layered Security Basics
http://www.smartergeek.com/blog/2008/03/layered-security-basics.asp

Simple Rules for Your Computing
http://www.smartergeek.com/blog/2008/01/simple-rules-for-your-computing.asp


PayPal Phising Email
http://www.smartergeek.com/blog/2008/11/paypal-phising-email.asp



The Importance of Backups
http://www.smartergeek.com/blog/2008/07/importance-of-backups.asp

References (if you don't believe me):


Thieves Winning Online War, Maybe Even in Your Computer
http://www.nytimes.com/2008/12/06/technology/internet/06security.html?em


Internet Security Is Losing The Online War
http://www.infopackets.com/news/security/2008/20081216_internet_security_is_losing_the_online_war.htm

Microsoft kicks fake security software off 400,000 PCs
http://www.computerworld.com/action/article.do?command=viewarticlebasic&articleid=9124346&intsrc=hm_list

McAfee Avert Labs Blog
http://www.avertlabs.com/research/blog/index.php/2008/11/

There is only 1 printed magazine that I subscribe to anymore - that is Wired Magazine. For some reason, I just enjoy reading the articles and the layout.

This month's issue contained a very interesting article on a guy name Max Butler. To quickly summarize - when the Fed's busted him, his laptop had over 1 million credit card numbers. If you want an interesting read into the mind of someone who basically took over the underground market, then read the article.

There is also a cool 4 minute video that shows the machines used to actually print the plastic cards.

One Hacker's Audacious Plan to Rule the Black Market in Stolen Credit Cards
http://www.wired.com/techbiz/people/magazine/17-01/ff_max_butler?currentPage=all

Second video discussing CardersMarket.com
http://www.identitytheftsecrets.com/cardersmarket-identitytheft-second-video.html

================

Other Helpful Links
================


FINANCIAL CRIMES REPORT TO THE PUBLIC
FISCAL YEAR 2006
http://www.fbi.gov/publications/financial/fcs_report2006/financial_crime_2006.htm#Identity

Facts and Stats
By Identity Theft Resource Center
http://www.idtheftcenter.org/artman2/publish/m_facts/Facts_and_Statistics.shtml

Visa Zero Liability
http://usa.visa.com/personal/security/visa_security_program/zero_liability.html

Visa Tips for Your Protection
http://usa.visa.com/personal/security/learn-the-facts/protection-tips/index.html

Labels: credit card, id theft

It just seems like there is never enough time in the day to get everything done!

As many of you are aware, I also have a domain/hosting company setup at www.webspacegeeks.com. Typically I use this site to register domains and setup hosting for my web development clients. Every now and then I get a "drop in" customer who finds me via a link for a message board post or something.

Anyway, I did a little tweaking today on the header logo and overall look of the site. If you need a domain name or some hosting, drop on by and take a look.

=============
From Email to a client
=============

I've finally compiled my list of suggestions for helping to secure them and streamline the process of setup. This will help insure consistency of the laptops which will provide a much better classroom experience. Hopefully, the computers will be running XP, but these recommendations will work for Vista as well.

Implementing all of this will take quite a bit of time to get it setup. However, the long-term benefits greatly outweigh the short-term expense.

*Assumes all computers running the same (or very very similar hardware).

==============
Initial Preparation - before any use by a student or faculty
==============

Cost: FREE (except time & software licenses)

• All computers must have any "junk" software removed.
• Default applications must be installed - Firefox, MS Office, PDF Creator, OpenOffice.org, AVG, Adobe Reader, Picasa, Google Earth, Virtualbox, Thunderbird, etc.
• All class specific applications must be installed - typing software, etc
• TCP/IP set to OpenDNS.

===============
Imaging of Computers
===============

Cost: FREE or $100/computer

Imaging of the computers is very critical. This insures that you have a full and complete bit by bit backup of your systems. In a worst-case scenario, it can save tons of time. Also, after the class is over, the computer can be returned to "ready to go" state for the student.

The basic step is your setup 1 computer just how you want it (known as the master). It has all the software and drivers installed needed. Once you have this master setup, then you can image all the other computers (known as slaves) to the master.

The advantage is time. Rather than have to go to each computer and set them all up individually, you create them all at once by using a master/slave setup on your network. The master computer is running the server version of the imaging software and distributes its image to all the slaves on the network.

Free - There are free open source solutions out there that work really well although they aren't as intuitive as the proprietary options.

http://www.clonezilla.org  - best open source for networked imaging

http://ping.windowsdream.com - best for single machine imaging

$100 / computer - these are software that I've used in the past extensively and work well.

Acronis True Image Echo Workstation
http://www.acronis.com/enterprise/products/ATICW/

Norton Ghost
http://www.symantec.com/norton/ghost

===========
MS Steady State
===========

Cost: FREE (except setup time)

Note: Runs on 32-bit XP, Vista only

Microsoft has released a product called Steady State. Once installed, it uses imaging technology to return a computer to an exact state every time the computer is restarted. This means that after setting up a computer initially, the computer will be returned to that state after every reboot.

This software can be incredibly useful to make sure that a computer is always in a clean workable state for the classroom. Unlike relying totally on imaging (which requires the master/slave process each time), Steady State returns the computer to a proper state after reboot - automatically. The computer can much more easily be locked down for internet access, etc.

Windows SteadyState in the Classroom
http://www.microsoft.com/windows/products/winfamily/sharedaccess/seeit/classroom.mspx

Windows SteadyState Disk and System Protection
http://www.microsoft.com/windows/products/winfamily/sharedaccess/whatis/diskandsystemprotection.mspx

FAQs
http://download.microsoft.com/download/f/c/6/fc6955de-0765-46fc-b2a9-47b4d4bcd160/SteadyState_2.5_Technical%20FAQ_updated.pdf

==============
Network Access and Protection
==============

Cost: Service - FREE (except setup time), Router - $60

All computers should be using OpenDNS for security and robustness. This is easily setup in the tpc/ip settings; however, ideally the classroom computers should be running on a separate subnet from the main building network. They need to be behind their own router that we can control.

We should immediately purchase a WRT54GL, flash it with DD-WRT firmware, and install it on the building network. Then we setup the student laptops to connect to it only.

WRT54GL
http://www.newegg.com/Product/Product.aspx?Item=N82E16833124190

DD-WRT Firmware
http://www.dd-wrt.com/wiki/index.php/What_is_DD-WRT%3F

OpenDNS
http://www.opendns.com/smb/solutions

==================
Educating Users
==================

One of the most important steps in this process is educating the users/students on basic safety and security. Fortunately, I have a couple of blog posts that help address this. During the class itself we also spend quite a bit of time discussing simple security issues.

Layered Security Basics
http://www.smartergeek.com/blog/2008/03/layered-security-basics.asp

Simple Rules for Your Computing
http://www.smartergeek.com/blog/2008/01/simple-rules-for-your-computing.asp

Why did I get infected in the first place?
http://www.smartergeek.com/blog/2008/07/why-did-i-get-infected-in-first-place.asp

Myspace and Antivirus 2009
http://www.smartergeek.com/blog/2008/12/myspace-and-antivirus-2009.asp

Labels: acronis, backup, security, xp installation, xp software

Recently, one of my clients was discussing a possible business deal with a relative - who happens to work for a Fortune 500 company in some capacity. Let's call him "Bob." The discussion turned at some point to open source software and Bob stated, "Major companies will not do business with anything open source."

Now, I may be off the mark just a bit on the quote, but I'm pretty close.

I guess Bob hasn't ever heard of Red Hat, Novell, IBM, Sun, Google, and Amazon just to name a few.  Oh yeah, let's also remember some of the smaller players - such as the Mozilla Foundation. Does Bob think that Google runs on Windows boxes?

What about BIND which powers DNS? Even Apple has been in on the open source game with much of OSX deriving from NetBSD and FreeBSD.

Anyway, let's just suffice it to say that open source software and applications that run on open source code are alive and well and growing at an exponential rate. This growth is being experienced all the way from large corporations down to small businesses such as mine. Anyone that thinks differently really needs to put down the Kool-Aide.

Open source firm sees growth during slump
http://pacific.bizjournals.com/pacific/othercities/sanfrancisco/stories/2008/12/15/story7.html?b=1229317200^1747088
"The trend was bolstered by Sun Microsystems Inc.’s January purchase of MySQL — an open source database provider in Cupertino focused on internet applications — for $1 billion, according to Yuhanna. That “further validated the open source database market’s worthiness, and enterprises can now expect even more reliability and improved support in the coming years,” he wrote."

Subject: Amazon and Open Source
http://oreilly.com/pub/a/oreilly/ask_tim/2004/amazon_0204.html



Open source success due to Microsoft, claims report
http://www.networkworld.com/news/2008/121908-open-source-success-due-to.html?hpg1=bn

Open Source at Google
http://google-opensource.blogspot.com

Google's Open Source Android OS Will Free the Wireless Web
http://www.wired.com/techbiz/media/magazine/16-07/ff_android?currentPage=all

Scalr: The Auto-Scaling Open-Source Amazon EC2 Effort
http://www.techcrunch.com/2008/04/03/scalr-the-auto-scaling-open-source-amazon-ec2-effort

The Growth of Open Source Software in Organizations - Optaros
http://www.cio-weblog.com/50226711/the_growth_of_open_source_software_in_organizations_optaros.php

How two of the world's largest websites use Linux for high availability
http://www.itwire.com/content/view/21586/1141

The Total Growth of Open Source
http://www.riehle.org/publications/2008/the-total-growth-of-open-source

I know - I know. Typically I don't post about Internet Explorer exploits. However, this one is pretty serious.

I do have a few customers that must use IE for sites such as the Caddo Parish and Bossier Parish websites. Both of them stupidly use Active X controls. Not that either of these sites are malicious, but they tacitly encourage people to use Internet Explorer, which puts users at greater risk.

How do you avoid the IE risks and vulnerablilities? Simple - USE FIREFOX.

www.mozilla.org

--------
The Vulnerability
--------

Microsoft Security Advisory (961051)
Vulnerability in Internet Explorer Could Allow Remote Code Execution
http://www.microsoft.com/technet/security/advisory/961051.mspx

Limited Exploitation of Microsoft Security Advisory 961051
http://blogs.technet.com/mmpc/archive/2008/12/11/limited-exploitation-of-microsoft-security-advisory-961051.aspx

According to the investigation thus far, the vulnerability affects Windows Internet Explorer on supported editions of Windows XP, Windows Server 2003, Windows Vista and Windows Server 2008.

Our telemetry indicates that this issue is impacting home and corporate users.

This issue could impact you even if you avoid surfing questionable sites. Over the past few months, we've seen a surge in SQL injection attacks which enable miscreants to inject content onto trusted sites...

Labels: internet explorer, security

----------------------
From Email:

going to be donating a couple of old computers to Goodwill. What is the best way
to wipe the hard drives? Is reformatting safe enough?
----------------------

Simply deleting files in Windows (and most OS'es) doesn't actually delete the data. It is fairly trivial to recover it. The only way to insure security is to "wipe" or "nuke" the data and drive.

Here is a link to Darik's Boot and Nuke (aka DBaN):

http://www.dban.org/download

You can download a floppy image or CD image depending on whether the machines have a floppy drive.

Another option to use is Eraser which runs under Windows. This would be useful if the hard drives are extras or USB type that can be plugged into a Windows computer. Eraser is also useful on any computer - after sending something to the Recycle Bin - you can choose to "erase" the recycle bin rather than just emptying it.

http://www.heidi.ie/node/6

*It has a "create nuke disk" option - but creates a floppy not a CD - for erasing an entire drive.

*With any of these programs, you can typically choose one of several erase methods such as "1 pass" or "35 pass". Typically a 1 or 3 pass is plenty unless there is top-secret data you are worried about. The more passes - the longer it takes.

Labels: erasing data, security

Recently, I had a friend of an existing client call. His laptop had somehow corrupted (apparently) all of the drivers for XP. Unfortunately, time was short and I could not get it back to a working state, before he had to return to Arkansas.

To further complicate matters, the corrupted drivers included basically all of the core hardware. He could not even use his CD-ROM or USB ports. I'm surprised the thing would even boot.

Here is the email that I sent to him after a lengthy phone call. With as much time and effort as he already has in this, he has hit the "wall of diminishing return". That means it is more efficient time-wise and financially for him to completely redo his computer.

As you can see, I am following my policy of open-information sharing to help this guy. The following steps are my basic process for reinstalling Windows.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Your Laptop:
Sony Vaio PCG-7A2L VGNFS640
Windows XP
Hard Drive Type: IDE

-------------------------------------
Recover/Backup your data
-------------------------------------
**Always remember rule #1: You are only as good as your last successful backup from which you can recover.

(1) Physically remove the hard drive from the pc. Purchase a USB enclosure, install the hdd, and connect it to a working Windows, Linux, or Mac. Copy your data from the drive.

Example Locations of Data
(driveletter):\documents and settings\(username)\my documents
(driveletter):\documents and settings\(username)\desktop

USB Enclosure Examples:
http://www.staples.com/office/supplies/p1_External-hard-Drives_220347_Business_Supplies_10051_SEARCH

http://www.newegg.com/Product/Product.aspx?Item=N82E16817145329

OR

(2) Download a Linux ISO such as Ubuntu onto a working pc. Create a bootable CD from the ISO, make sure your laptop BIOS is setup to boot to CD first, and boot to the Linux live CD (test it - do not install). Linux will see right into your HDD. Copy files to a removable flash drive, etc.

www.ubuntu.com


------------------
Wipe (nuke) the Drive - optional but recommended
------------------

*Backup or recover your data first!!!

**CAUTION**
Once you wipe the drive, your recovery files (if present) will be deleted as well. These recovery files are the Windows installation files that the manufacturer put in a hidden partition on your hard drive. In many cases, your recovery CD/DVD will only work with these recovery files. That means that the computer manufacturer effectively screwed you if your hard drives - you will have to buy a copy of Windows even though you paid for one with your computer purchase. Sony is bad about this.
****************

Because of the odd nature of what happened to your system, I would suggest wiping the drive. Basically you will create a "nuke" disk or CD, boot to that, and start the wiping (erasing) program. It typically will take a couple of hours depending on the size of your drive.

Darik's Boot and Nuke - use this for wiping the drive
http://www.dban.org/download

Download the one for CD and DVD media since you don't have a floppy drive.

Screenshots of DBaN
http://sourceforge.net/project/screenshots.php?group_id=61951

How do I make a bootable CD or bootable DVD with the ISO file?
http://www.dban.org/faq/burning

------------------
Reinstall Windows XP
-----------------

*SATA drives will typically require drivers and a floppy disk drive (CD won't work) to install WinXP. IDE drives will not.

(1) Purchase a copy of  Windows XP Home Edition (full copy - not the upgrade). Put the CD in your drive and boot the computer from the CD. Follow the instructions in the installer. You can use a "quick format" when asked.

WinXP Home Edition
http://www.newegg.com/Product/Product.aspx?Item=N82E16832116511

WinXP Professional
http://www.newegg.com/Product/Product.aspx?Item=N82E16832116513

OR

(2) Purchase a copy of your recovery CD's from the manufacturer. See the warning about nuking/wiping first!

Sony - How to purchase recovery CD/DVDs for computer products.
http://www.kb.sony.com/selfservice/viewContent.do?externalId=C61643&sliceId=2&mdl=null#

-----------------------
Download and Install Drivers
-----------------------

*Sometimes your manufacturer will have the wrong drivers posted or none at all. That is when you find out that Google is your friend.

You will need to visit the support/drivers section of your computer manufacturers website. There you will locate the drivers for your model of computer. Normally you will need to download them using a working computer as Windows will typically not have built-in drivers for your LAN, video, audio, etc.

Copy the driver files to a USB drive, CD, etc, and install them on the fresh installation of XP.

------------------------
Reinstall Software
------------------------

You will need to reinstall any software that you typically use - Firefox, Adobe Reader, MS Office, PDA software, etc.

----------------------
Copy your data back
----------------------

Plug in your USB drive (or whatever) and copy your data back to your nice shiny installation of WinXP!

---------------
Review the Following Blog Posts
---------------
Backup and Imaging
http://www.smartergeek.com/blog/2008/07/backup-and-imaging.asp

The Importance of Backups
http://www.smartergeek.com/blog/2008/07/importance-of-backups.asp

Labels: backup, imaging, rule #1, xp installation

When it rains it pours. This post follows-up to this one.

Getting Rid of Antivirus 2009 - Antivirus 2008
http://www.smartergeek.com/blog/2008/12/antivirus-2009-is-actually-spyware-or.asp

------------------
From Email
------------------

im so aggravated at this thing all i do is check my yahoo mail and talk to my niece on yahoo messenger

----------------------

My Response
----------------------

As I told you yesterday via email and on the phone, I will be glad to help you fix it. I realize that you just want to check your email; however, when other people use the computer, typically they will do more than just check email. If something unintentional happens, then your email checking suffers the consequences.

We can put some systems in place to help prevent this sort of thing from happening in the future. However, I can't change the behavior of the people using the computer - except to warn you of the consequences.

Myspace.com itself is not evil (in a tech sense). It has great social networking value. What happens though is that malicious content gets inadvertently posted on someone's profile page.

People (teenagers and adults) add anything and everything that looks silly to their profile pages, and then Myspace users just click at any "jumping monkey" on the screen. That's where the problem lies - in the behavior of users.

*85% of Myspace users are 18 yrs or older.

source: http://www.web-strategist.com/blog/2008/01/09/social-network-stats-facebook-myspace-reunion-jan-2008/

Fortunately for me, that sort of behavior keeps me in business even though I am an evangelist for responsible behavior. As people screw up their computers, I get paid to fix them and warn them.

Please review the following links:

Why did I get infected in the first place?
http://www.smartergeek.com/blog/2008/07/why-did-i-get-infected-in-first-place.asp

Layered Security Basics
http://www.smartergeek.com/blog/2008/03/layered-security-basics.asp

Labels: myspace, spyware and malware

I say this over and over:

I wake up every morning - not regretting needing to work - but wondering if there are enough hours in the day to do all the cool things I get to do.

Today was no different. It was absolutely crazy. I am working on 4 different windows computers, getting ready to implement a Novell/SuSE network for 70+ users, and troubleshooting various errors for customers. Then I get a phone call from an existing client who had a new user's laptop with some issues connecting to a network printer. That turned into cleaning out XP, fixing some registry entries, etc. Oh yeah - plus I had to do all my normal business stuff.

Then I got an email out of the blue from a web development company in New Jersey that need some help some e-commerce coding errors. They found me from an old post I had made on a developers forum. Turned into a sweet little deal for extra money and more potential future business.

I count my blessings every day and thank God and my customers that I have the job/business that I do. It is never dull and is yet to slow down at all.

PS: Did I mention that I picked up my huge whitetail buck mount today?

As many of you know, I made the decision several months ago to switch to a totally web-based email system. Of course my preference was Google's Gmail so naturally I went with Google Apps for my domain.

6 months later - I don't regret it at all.

There are just too many advantages to name them all, but let me list a few:

• All my email - everywhere. I have migrated email dating back to 2004 up to Google's servers. This means I can search my archives anywhere I have a connection.
• Searching using the power of Google - Lets just say that searching with other email systems is silly compared to Google's. I can find anything I need quickly and efficiently.
• Labels - only when needed. Rather than put 1 email in 1 folder (traditional way), you can put multiple labels on the same email. Efficient and just works.
• Unbelievably powerful filtering for dealing with email.
• SPAM filtering that is top-notch.
  
• Integrated calendar, RTM Tasks, Chat w/ SMS, Google Docs - shall I go on?
• Ability to easily backup my email using a local client (Thunderbird) or one of several apps such as Gmail Backup.
• Easily export or import contacts.
• IMAP and POP support if needed (for backup, etc).
• Persistent SSL connections now.
  

So far these are the only disadvantages I've found.

• No offline email unless I have a current backup in Thunderbird. Not really a big deal though.
• Attachments are 1 at a time. That can be a pain - but I can always use Thunderbird with IMAP for multiple attachments if needed.

Once you start using Google (Gmail or Google Apps), there is really no turning back. Yes, the interface is simple looking - but that is part of its beauty.

What if Google fails or has an issue?
I periodically backup my email locally and those are backed up online. There have only been a few times that Google has had problems. Compared to previous issues with ISP's, etc, Google comes out a winner again.

Labels: email, gmail, google apps

---------------------
From Customer Email to Me
---------------------
from:    xoxoxox@aol.com
to:        rex
date:    Thu, Dec 11, 2008 at 11:20 AM
subject:    Fwd: Urgent: Bill Pay Service Information
mailed-by:    aol.com

Here is a copy of the email I was sent today.  Let me know if there is something I need to do relative to his and my computer


From: MyCheckFree Customer Service
To: :xoxoxoxoxo
Sent: Thu, 11 Dec 2008 12:00 am
Subject: Urgent: Bill Pay Service Information

You are receiving this message because you are a subscriber to online bill payment services through CheckFree or through a provider who contracts with CheckFree for these services. This message is sent on behalf of CheckFree by Silverpop Systems.

December 11, 2008

Dear XOXOXOXO,

We take great care to keep your personal information secure. As part of these ongoing efforts, we are notifying you that the computer you use for online bill payment may have been exposed to software that puts the security of your computer's contents at risk. This letter will help you determine if your computer is actually infected and advise you how to fix the problem and protect yourself against future risk.
The malicious software affects some but not all customers who accessed on line bill payment on Tuesday, December 2, 2008. For a limited period of time, some customers were redirected from the authentic bill payment service to another site that may have installed malicious software. Your computer may be infected if all of the following are true:

    * You attempted to access online bill payment between 12:30 a.m. and 10:10 a.m. Eastern time (GMT -5) on Tuesday, December 2, 2008, and
    * You were using a computer with the Windows operating system, and
    * You reached a blank screen rather than the usual bill payment screen when you attempted to navigate to online bill payment, and
    * After reaching the blank screen, your computer's virus protection program did not tell you via pop-up or other messaging that malicious software was detected and quarantined.

If all four of the conditions above are true, your computer may be infected. We have partnered with McAfee®, the world's largest dedicated security technology company, to provide you with a complimentary copy of its VirusScan® Plus software which, when installed, will detect, block and remove any malicious software from your computer hard drive. Please contact us at 877-800-4864 for further instructions or 800-564-9184 (Option 1) for further instructions. We will also offer you both advice and free services that can help you mitigate any risk you may face as a result of this incident or other everyday exposures you may encounter.
CheckFree will never ask for your password via email or via phone.  If you ever receive an email requesting your password, do not respond and delete the email immediately.

We value your business and your trust, and we apologize for any inconvenience this incident has caused.
Thank you,
Art D'Angelo
Vice President, CheckFree Customer Operations

---------------------
My Response
---------------------
Here is everything I could quickly research. It goes without saying to run a credit report on you and xoxoxo within the next 30 days just to be safe, and of course monitor your bank accounts, etc, which I'm sure you already are doing. I doubt you will have an issue, but better safe than sorry - and it can all be done online.

In easy tech terms, what happened was their DNS settings were modified which allowed attackers to temporarily redirect users to the malicious site. Fortunately, CheckFree is doing the right thing by informing all customers and being upfront about it, albeit a little late in the game.

More info on exploit:

http://voices.washingtonpost.com/securityfix/2008/12/hackers_hijacked_large_e-bill.html

http://voices.washingtonpost.com/securityfix/2008/12/digging_deeper_into_the_checkf.html

We need to make sure that your anti-virus is up to date on yours and xoxoxox's computer and run a scan. If you didn't use your banks online bill pay or CheckFree's site during the affected time, then you are also most likely safe.

Check for your bank or known bill recipients here:
https://mycheckfree.com/br/wps?rq=login&slpg=Y&file=authentication/login_baseline_companies&esc=93096239&sp=10001

If you both are primarily using Firefox then the chances of any problems are greatly reduced. First, Firefox would have warned of an invalid security certificate (SSL) during the redirect. Secondly, Firefox 3 has built-in phishing detection which would have probably warned of the redirect. Thirdly, Firefox doesn't run ActiveX controls (bane of Internet Explorer security) so it wouldn't have installed the software without prompting you to download something - unless the site also had a javascript exploit of some sort.

Here is what we can do to help prevent DNS exploits in the future. I can configure all of your computers to use the OpenDNS system/service which is free and works wonderfully. It takes less than 2 minutes to configure a computer and works in the background so it is totally transparent to the user.

You and everyone you know needs to be running Firefox and not Internet Explorer - I cannot stress this enough for security. Plus, you (and everyone you know) needs to follow some basic (and simple) security practices online.

As an added benefit, OpenDNS allows for filtering of content (porn, etc) on the network level. We can even block Myspace, etc, if we want. We will be adding this to the office network on my next trip out (probably tomorrow as we discussed), and we can add it to your home network. Again, the service is free except the time it takes me to set it up.

More information: www.opendns.org

Lastly, remember that using online services is still very safe. As a matter of fact, in most cases it is safer that writing a check to a local merchant or handing your credit card to a convenience store clerk. Banking online and billpay online is still the best (and safest) way to go, and in this case CheckFree is alerting customers.

Labels: dns, security

--------------------------
From an Email:

i have a question to ask you , my computer keep popping up anti-virus 2009 and saying i have two virus trying to get in but i've checked everything and and run  every update and they all say i'm protected but that anti-virus 2009 want quit popping up so what do i do please help
---------------------------

Antivirus 2009 is actually spyware (or malware) running on your computer. It is not a "virus" really, but rather tries to get you to purchase the premium version. It's a scam. It will tell you that your computer is infected whether it's true or not. Of course, it doesn't protect you from anything.

If you click on it, it will typically try to redirect you to antivirus-premium.com, webscannertools.com or one of several other websites that are fradulent and malicious. Many of these sites have exploitative code that is capable of doing more harm to your system, especially if you use Internet Explorer.

Antivirus 2009 gets on your system the same way that it's previous versions did - Antivirus 2008, System Antivirus 2008, Ultimate Antivirus 2008, XP Antivirus 2008, etc. They arrive via trojans such as Zlob or Vundo, which typically come in through bad video codecs or other installed software that was not safe.

Important: DO NOT INSTALL any software that you don't absolutely trust. If in doubt, contact me.

----------
How to Get Rid of It
----------

You have to be careful when using software to get rid of malware. Many times software that advertises itself as helpful is really spyware also!

Download the following programs:

(1) CleanUp by Steven Gould
http://www.stevengould.org/index.php?option=com_content&task=view&id=29&Itemid=72

Install and run it to remove all temp files.

(2) Next, download and install MBAM

http://www.download.com/Malwarebytes-Anti-Malware/3000-8022_4-10804572.html?part=dl-10804572&subj=dl&tag=button

1. Download, install it and update it.
2. Then run the quick scan - this can take some time.
3. When the scan is complete, clock OK to close the message box.
4. At the main screen, click "Show Results".
5. Then click "Remove Selected".
6. Close the log and restart your computer.

 When you are finished with the scan and have removed the files, restart your computer. Make sure you are running the latest version of AVG with updates installed. I'd suggest running a full system scan.

UPDATE:
This saga continues here: http://www.smartergeek.com/blog/2008/12/myspace-and-antivirus-2009.asp

Labels: spyware and malware

I am constantly asked about the differences in webmail vs an email program.

Webmail Examples: Gmail, Yahoo, Hotmail, AOL


Webmail Advantages

• Can access from any computer connected to the Internet (Win, Mac, Linux)
• If your computer has a catastrophic crash, the email is stored on servers in the cloud that are typically very redundant.
• Your email contacts are available anywhere.
  

Webmail Disadvantages

• If our servers crash, your email may be potentially lost - we do perform backups.
• You must be connected to the internet to view any of  your email - including old email.
• If you are typing up an email and your Internet connection hiccups, you may lose what you typed.
• You have a finite amount of webspace - for instance Bellsouth provides a max of 250MB while GMail (google) provides ~2GB.
• Moving email from one provider to another can be a pain.
• Most webmail clients don't a robust way to import/export addresses
• Many webmail clients are surrounded by advertising (Hotmail, Yahoo, etc)
• Some webmail clients don't work well in all browsers - many have IE only functions.
• If the webserver has a catastrophic failure you are dependent on the providers backup system.
• Most webmail clients are not as robust on features - such as spam rules, formatting, SSL, etc.

Local Email Client - Outlook Express, Outlook, Thunderbird Advantages

• Your email is retrieved and stored locally - to your pc - so that you can backup your own email / addresses.
• Your address book and contacts are easily moveable to other pcs or platforms.
• Message formatting is much more robust.
• Most have more robust features - spam rules, formatting, SSL, etc.
• You limits to email storage are generally only limited to your hard drive storage (or until the software crashes).
• Stability is dependent only on your pc.
• You can chose from many different free or non-free email clients.
• Most email clients offer other features such as newsreaders, calendars, etc.
• If your hard drive is encrypted, then your email is more protected.
• Harder to exploit an email client vs browser exploits for webmail.
• Downloaded email is available offline.
  

Local Email Client - Disadvantages

• You are dependent on your backup system. If you hard drive crashes then you may lose email that has not been backed up.
• Your email is not typically available "anywhere".
• Your contacts are not available "anywhere".

Hybrid Email Solutions
If you want the best of both worlds, then using Gmail or Google Apps is probably your best bet. Both support POP and IMAP. With POP Google keeps a copy of sent mail also which is unusual (but useful) for an email provider. Google's implementation of IMAP is also pretty good.

Well it's been a while since I posted. Between customers, teaching, the elections, deer season, etc, finding time to post has been challenging!

Over the last couple of days, I've received 2 email that almost appeared legitimate for a PayPal Dispute Resolution. To give you some background, I've used PayPal since 2001 and rarely had any issues. Of course, I have a simple rule that I follow since PayPal is not a bank nor FDIC insured:

I don't keep any more money in PayPal than I can afford to lose.

Naturally, PayPal is a large target for scams since they are pretty much the only game in town other than Google Checkout. In the course of using PayPal, I've only had 2 disputes so I am familiar with the dispute resolution process and what the notification emails look like. That is why I did a double-take on these emails.

Of course, I checked out the emails thoroughly, figured out the scam, and decided to blog about them. For good measure, I also logged into my PayPal account just to check, but the important is that I went to www.paypal.com and logged in - not relied on a link in an email!

I've posted on phishing schemes and scams before, but I wanted to caution everyone again. Please be cautious whenever you receive one of these. If you receive one from a bank and you bank online (which you should for safety), then simply go directly to your bank site and login. Call your bank. Don't click links in emails that you don't trust absolutely!

Also, use FireFox and OpenDNS on your computer and home (or business) network. These 2 things will greatly enhance your security.

Labels: email, paypal, phishing

..a group of individuals had apparently installed a device inside a gas station pump in the area. This device had access to all information entered through the payment point.
..The device included a wireless transmitter that broadcast 300-400 feet, allowing someone seated in a car located nearby to capture all the information generated at the pump.At the end of a hard
day’s work, the thief would use this information to print the data onto card “blanks.”

Well, I've said it over and over. While the mainstream press tends to focus on "online predators, blah, blah, blah", the majority of ID theft or bank theft occurs by more traditional methods. Granted, this was making use of some relatively advanced technologies, but it goes to show you that you have to watch out from all angles.

It would be a good idea to read the article linked below.

References:

Happy Birthday…I’ve stolen $2500 from your account
http://blogs.zdnet.com/carroll/?p=1887&tag=nl.e539

For all of us, there comes a time on any given day, week, and month,every year and in different degrees over our lifetimes, when we choose to act in some way that is oriented toward fulfilling our social and psychological needs, not our market-exchangeable needs. It is that part of our lives and our motivational structure that social production taps, and on which it thrives. There is nothing mysterious about this. It is evident to any of us who rush home to our family or to a restaurant or bar with friends at the end of a workday, rather than staying on for another hour of overtime or to increase our billable hours; or at least regret it when we cannot. -- Benkler, Wealth of Networks

The question then becomes: How do you tap into those times and produce income?

It is not an easy one to answer. An obvious choice would be advertising and many of the social networks are taking advantage of that - some in conservative ways such as Digg.com or Facebook.com - but how does an individual or small business tap into this social need? I think the answer again lies in advertising, only in a more subtle and soft-sell manner.

As an example, I created a MySpace.com page sometime back. As all my friends and clients know, I'm not a fan of MySpace at all, but there is a compelling social aspect to the site. In my case though, I put up page to learn how their template works. Sure, I've had some old friends find me there, but even more importantly I've had a couple of clients pay me to create them a MySpace template - one without all the eye-popping glitzy bedazzled looking garbage.

Here is another example. On any message boards that I frequent, whenever I post I always put a URL to one of my websites in my signature line. Do I get much business from that? No, but I have gained a few clients and it only cost me my time.

Facebook has become very popular in the last 18 months. I definitely like it much better than MySpace, and I finally created a profile there. Am I looking to generate business there as well? Maybe. It doesn't hurt to network out. Think of it like going to a dinner party or conference only it lasts 24/7. If I gain some new business great - at the worst I've found some old and new friends.

The vast majority of my business has been through word-of-mouth. Social networking parallels that very closely. It costs virtually nothing except time and effort. Why not tap into it?

Links:
http://www.amazon.com/Wealth-Networks-Production-Transforms-Markets/dp/0300110561

Recently, I've been consulting with a client on network improvements. Following is an email correspondence sent to them in preface to some upgrades - such as migrating to a Novell SUSE Linux network.

============
From Email
============

As a reminder, security is relative. You have to weigh the cost vs usability vs convenience. If security practices are too complicated, end users will attempt to circumvent them at every turn. However, if the security measures only present a small burden to the end users, then most users will embrace them.

There are no 1-stop security solutions. Period. Anyone that tries to embrace that philosophy is selling snake-oil and will lull you into a false sense of security. Always avoid single vendor lockin to proprietary solutions as much as possible. I always favor free and/or open-source solutions where possible.

##############
User Training
##############

Most companies fail at training their users in basic technical skills and safe practices. In the short-term weak training expenditures may result in faster employee turn-around; however, in the long-term it costs more.

Not only should users (employees) be educated on the basic skills for their jobs, they should also be educated on basic security best-practices and company policy. As technology changes, users should be further educated as necessary for their particular job. In today's fast-paced world of data exchange, this is a necessity not an option.

##############
Data Security
##############

First, you need consider that like most things, your data is only as safe as the weakest link in the change. No matter what types of technology you employ, all it takes is one rogue employee with access to the data. This is where your company policies and NDA's come into play heavily. Employees must know that there are severe consequences for breaching policies.

Data must not be permitted to leave the company network unless a user has specific permission to remove the data. This includes USB drives, company and non-company laptops, cell phones, pda's, etc. Even hand-written notes concerning company information must be carefully considered.

Any data that is allowed to leave the company network and confines must be encrypted (see mobile security). It does no good to have the company information locked down, only to transport it in the free and clear.

##############
Email Security
##############

All company email must be controlled tightly through a service such as Google Apps Premier Edition powered by Postini. This allows for superior email security, archiving, and control.

"By 2005, 24% of companies had email subpoenaed and 15% had gone to court over lawsuits triggered by just employee email. According to the same survey, 10% of email at work contained sexual, romantic, or pornographic content." - http://www.amanet.org/press/amanews/2006/blogs_2006.htm

Plan Now for Managing Electronic Data Avoid Tomorrow’s Legal Risks
www.google.com/a/help/intl/en/security/pdf/WP44-BMGuide.pdf

Labels: network, security, tutorials

I have a client (and friend) who purchased a mobile phone running Windows Mobile. His problem was keeping his phone synced to his Google Calendar, which he runs through Google AFYD. Fortunately, Google released a sync tool called Google Calendar Sync.

Running Google Calendar Sync allows Glenn to keep his phone, pc, and online Calendar together.

I also did the mobile setup for his Google Calendar - so he can add appointments any way that he chooses.

After running for over a week with no issues, he recently had an error with the calendar sync. Here is a copy of the emailed notes.

============
From Email
============

Here are my notes on fixing the Google Calendar Sync:

• Google Calendar Sync giving error message 2006
• Tried to launch Outlook - gave error message "unable to open your default folders"
• Checked Taskmanager - Outlook running in background - killed process
• Launched Outlook 2003 - worked fine, closed it
• Ran Google Calendar Synch - worked fine
• CMD -> net statistics workstation - uptime since 9/29/08
• Advised Glenn that he must restart workstation at least every other day

Basically, you have to restart XP (or any version of Windows) at least every other day. In your case, Outlook was "hung" running in the background which would not allow Google Calendar Sync to run properly. I had to kill the process and it worked fine.

You need to restart that computer.

==============
From email
==============
from XOXO
to Rex Moncrief
date Mon, Oct 6, 2008 at 7:25 AM
subject Is this worth having?
mailed-by gmail.com
signed-by gmail.com

Is this worth having?
http://www.komando.com/downloads/category.aspx?id=5536

===========
My Response
===========

Mark Russinovich arguably knows more about the Windows OS than Microsoft does. He has produced some great apps, which is one of the reasons MS finally bought his company.

There are only a small handful of them that I recommend an "above average" computer user should have - and these are ones that I run on a regular basis.

Process Explorer
http://technet.microsoft.com/en-us/sysinternals/bb896653.aspx
*Runs at startup on all my Windows pcs.

Process Monitor
http://technet.microsoft.com/en-us/sysinternals/bb896645.aspx

AutoRuns
http://technet.microsoft.com/en-us/sysinternals/bb963902.aspx

RootKit Revealer
http://technet.microsoft.com/en-us/sysinternals/bb897445.aspx

Systernals applications can be very powerful, which is why I don't suggest them to typical computer users. That is why I also don't recommend downloading them all at once. People tend to get curious and then get off in an area where they don't belong. Of course, that is good for my business, but I try to be honest about technology.

If you want to give some of them a try, but always remember: "You are only as good as your last successful backup - from which you can recover."

*No - Windows System Restore is NOT a backup solution.

Labels: xp software

Well it appears that Google is trying to drastically change the way we use wireless phone networks. As opposed to the carrier lock-in we all face now, Google's vision is an open network where devices or phones connect to any open available network.

Their vision is very similar to how we connect to the internet now. Any computer can connect to the internet as long as it has a network connection.This is also how we connect to landlines based on the Carterphone decision in 1968. Any phone can connect to a landline phone service.

Of course, I don't expect to the wireless carriers to go willingly into the night. They will fight this tooth and nail and do their best to carry on with the current state of lock-in. Like I've said over and over, until we as consumers begin to fight for change - we are stuck in the current model.

Come on Google - help us out and by extension help your company.

Google's Full Patent Application

Labels: google, wireless

Recently, I've been purchasing a lot of things from my local Office Depot. The staff there are friendly and courteous, and their prices are pretty competitive. Plus it's close to my home/office.

Of course, I also love to price/review shop on the Internet prior to making purchases. Upon landing on the home page, they had a nice chair advertised on sale. Regular $139.99 it had an instant savings of $50 that brought it down to $89.99 - not a bad deal really. Besides I could use a new chair.

When I clicked on the chair to bring up the details - the deal got even sweeter! Office Depot was going to pay me $.01 to buy it! Hell, I was ready to order 100 of them, but my local zip code indicated that the stores near me didn't have them in stock. No big deal. I would gladly pay a little freight and order about 5 of them.

When I proceeded to checkout, none of the instant savings were applied though. Hmmm - so I called Office Depot's number - 800.463.3768 - to see what was up. Of course, the kind Indian call center gentleman pulled up the product number and confirmed the chair should be -($.01). After some more "checking" and a 3 minute pause, he stated "I'm so sorry for the false advertisement, but the chair is $139.99 and the website is incorrect. I am reporting this to our corporate department." Damn the luck.

Well, I couldn't stand it so I called back on my Skype phone and recorded the call (yes, it's legal in Louisiana as a one-party state). Sarah confirmed that the chair was being "reported to our corporate department" and that I could place an order for the chair. I couldn't get her to outright say it was "false advertising", which would have been fun.

What did I gain out of this? Nothing really but something to blog about!

MP3 Recording with Sarah from Office Depot Support

I've been working recently with a client on a web project (sales of digital art). As is typical of most of my projects, my expertise in other areas gets tapped - not just web development. After all I am an IT consultant.

This client needed an inexpensive VoiP telephone solution for the online small business. She wants customers to be able to contact a "real person" if needed as well as be able to fax digitally. In my opinion with a combination of free and inexpensive services plus cell phones, it can all happen.

Posted below are excerpts from the email correspondence. Keep that in mind as the "text flow" is not perfect.

You will see that I am recommending Skype as part of the solution. For all the naysayers out there, let me state this upfront: It works and works well. I am running a Linksys WRT54GL with DD-WRT firmware and QoS optimized for VoiP and Skype on a Dell Inspiron 1525 with a built-in webcam - video conferencing works well and barely puts a dent in my dual-core Intel. It offers conference calling features and when combined with Pamela, you can even do call recording and a whole lot more.

=========
From Email
=========

Also, I've been doing some research on the "phone line" and VOIP. I think using Skype may be a very viable alternative. You can purchase a "SkypeIN" number which gives you a "local" number that is routed to your free Skype account. When someone calls your number from a landline or cell, you answer it via Skype.

You can also purchase a Skype subscription which would allow US/Mexico/Canada/International calling for $9.95/month or less. You also have an option of using the include "SkypeToGo" service so that you could make international calls from your cell phone as part of your Skype subscription.

Here is the main advantage that I see. Suppose you contracted with someone to be the "receptionist" for Legally Hung. All you would have to do is forward the SkypeIn number (which acts as the business number) to that persons cell OR have them install Skype for free and login using the account for that number. You can also purchase up to 10 SkypeIn numbers per account.

Of course - Skype to Skype calls are completely free.

References:
http://www.skype.com/allfeatures/onlinenumber/

http://www.skype.com/allfeatures/callforwarding/

http://www.skype.com/allfeatures/subscriptions/

http://support.skype.com/index.php?_a=knowledgebase&_j=questiondetails&_i=331

=========
From Email
=========

As far as the 800-number status, I tend to be a little more realistic about that. How many people actually pay long distance per minute any longer? I would venture to guess (based on my business and clients) that 80-90+% of everyone has "unlimited" longdistance on their landlines and cell phones. That is why you are starting to see a lot of newer companies use local numbers versus worrying about toll free. However, there are stats that prove a toll free number can increase your traditional sales.

I'm not sure how much "customer service" callback you anticipate, but here are some possible solutions and ideas.

Labels: pamela, pbx, skype, voip

Earlier this year, I had the privilege of teaching a basic computer course to 2 classes at a local career training place. The first class was really great as I had a group of students who wanted to learn skills to better themselves and their career choices.

The only downside was that the IT guy for the company had unfortunately ordered a mixed batch of Lenovo and a couple of Acer laptops - all running Vista. To make matters worse, the Acer's were only running 512MB of RAM, which made Vista perform unbelievably slow. All the laptops had trial versions of MS Office, and the class was centered around office-type application skills. This was done prior to my arrival so I was left to deal with the situation as best that I could. We installed OpenOffice.org and used Google Docs extensively.

There were plenty of other issues including bandwidth problems at the facility, spyware (no Vista is not safe), and a host of other technical issues. Of course, it is normal for these types of things to happen; however, the worst part was that it was and still is frustrating to the students. They just want the technology to work.

Unfortunately, after the 2nd class, my business schedule just wouldn't let me commit the time needed to make the classes exceptional. I was left with no choice but to inform the owner that my training days were over. I offered my skills for IT support as needed though.

So what does this have to do with Ubuntu and Linux?

A couple of weeks ago, one of the students called me. Her Lenovo laptop had crashed and Lenovo's support was not up to par. They basically sent her the laptop back with a set of restore DVD's (the originals were lost) and informed her that her hard drive was possibly failing. To make matters worse, the recovery application from the DVD's just wouldn't work. This meant that she would be without her laptop for at least 2 weeks - not acceptable.

I was immediately able to get her laptop to boot up to an Ubuntu LiveCD and see her hard drive - it certainly wasn't failing. However, there was a serious issue with some system files or whatever that was causing Vista to endless reboot. After discussing the situation with her, I suggested that she try Linux.

Most of what she does on the laptop is web-based. She doesn't rely on any Windows-only applications and right now neither does the classes she is taking - most of which revolve around webconference.com meetings anyway. I installed Ubuntu 8.04 Hardy Heron.

Within about 90 minutes, we had Ubuntu running, wifi working, Skype installed for voip, and of course OpenOffice.org for an office suite. We setup audio playing and CD ripping software using Juicer and Rhythm. In the future, she wants to install Limewire for "independent" music, and we need to install Gyachi for Yahoo voice and video chat.

According to her, the other students want Linux. The training company owner wants her to go back to Vista and appears to be upset over change, but she refuses. This is an average computer user that wants a smooth-running system. Linux just works.

2 weeks later - She loves it. Period. Her friends love it. She doesn't miss Windows and hates Vista. Now that is a good experiment!

Labels: linux, ubuntu

Recently, I had to work on a Dell Dimension desktop. Unfortunately for my customer, the hard drive had the "click of death" even though I tried everything, including tapping the drive with a hammer to free the spindle. Luckily, there was no important data so I simply replaced the drive.

I kept noticing something odd that I had first attributed to the failed drive. I kept getting the following error on reboot:

Primary drive 1 not found
Secondary drive 1 not found
Strike the F1 key to continue, F2 to run the setup utility


That was odd considering that the drives were clearly installed and recognized in the BIOS. I checked jumper switches and everything was set to master and the drives were plugged in the ends of the IDE cables. I checked the BIOS again and the drives were recognized fine.

Thank goodness for Google. Here is the solution:

Boot into the BIOS using [F2]
Hold [ALT] F, then [ALT] E
After the beeping stops [ALT] B

It forces the BIOS to reset and re-recognize the drives.

References:

primary drive 1 not found
http://www.daniweb.com/forums/thread7688.html

Labels: bios, dell

For over a year now, I've been using Verizon's Broadband Access which uses the EV-DO technology. It's been pretty fast, and overall I'm a big fan of the service. It provides me a backup internet access if my cable connection goes down, plus with my business I need a constant connection.

Yesterday, I attempted to connect while at a customer's home who had lost their DSL connection. I needed to research some information and typically the Broadband Access is perfect in these situations. I even use it to share out the connection (yes you can use Windows ICS and Broadband Access). Anyway, after about 40 seconds of connection, the software went dormat, then disconnected. That was odd considering I had 4 bars of coverage and was well within the coverage area for broadband. I chalked it up to a temporary glitch with Verizon or interference and managed to fix the DSL connection anyway.

Later that evening I attempted to connect again. Same deal - VZAccess Manager connected, 40 seconds later - VZAccess dormant, and disconnect. What the hell I thought?

First thing this morning, I decided to troubleshoot. After all, I rely on the service when I am not at my office. The first thing I did was try and think of anything that had changed between Tuesday and Wednesday on my machine. My laptop runs a very clean installation of XP Pro - and I know every piece of software that is installed.

Linksys Print Server Utility 1.0
On Tuesday, I was at a client's office and we installed a Linksys WPSM54G Print Server, which requires the installation of Linksys Print Server Utility 1.0 and naturally Linksys thinks it has to run at start-up. Typically, I would remove software like that from startup, but in my hurry I just hadn't done it yet.

First thing - stop the software. Second thing, simply exit the software to test. VZAccess stayed connected as long as I wanted it to! As a matter of fact, I'm posting this while connected.

My final resolution was to simply remove the software from startup using MSConfig rather than completely uninstall it. I may need the software for further troubleshooting with my client.

Labels: linksys, verizon, vzaccess

From email:
-------------------------
is it possible for use to put a password on our wireless hubs to block out some local hacker that is exceeding our bandwidth?
-------------------------

We've discussed this before - the issue is NOT a local hacker accessing the wifi. The problem is HughesNet gouging and screwing over their customers.

While I'm a definitely an advocate of encrypting WiFi with WPA, because of the wireless mesh system that we are using to get wireless to Bob's house, you can't encrypt the wifi there.

For a "local hacker" to be using your wifi, he would have to be within 500 feet of the house AND know to setup and use a directional antenna. That is very very unlikely - almost impossible - in your area. This is why I've never worried about encrypting your wireless. You actually have "security through obscurity" in your case.

On my last trip there, we discussed this very issue and determined that the bandwidth overages were due to several things:

(1) HughesNet's pathetic rolling bandwidth caps.
(2) Leaving Limewire running on pc's even after songs are downloaded.
(3) Several users watching Youtube, downloading songs, etc - normal surfing habits (see #1)

I'm sorry to say but it is very easy for users to exceed the bandwidth caps from HughesNet even under normal use. Since most ISP's have peering arrangements, HughesNet is NOT doing this for the "quality of their network." It is simply another way to gouge the users. Your real gripe is with HughesNet - it's not a "local hacker."

References (please read):

HughesNet Lowers 'FAP' Caps
Despite New Spaceway 3 satellite
http://www.dslreports.com/shownews/HughesNet-Lowers-FAP-Caps-97011

http://www.broadbandreports.com/shownews/Track-Your-Remaining-HughesNet-Cap-Space-89144

http://www.ripoffreport.com/reports/0/244/RipOff0244913.htm

http://customercare.myhughesnet.com/fap_announce.htm

http://www.dslreports.com/blog?cat=87

http://en.wikipedia.org/wiki/Peering


Reply from Email:
---------------------
There is something funcky going on and I am running out of ideas. Yesterday I upgraded my hughs account to allow another 50 megs og download. All of the computers were turned off except my laptop and our PS3. Withing 40 minutes of the upgrade where they reset all of my usage they said I our server did a 211 meg download and then a 420 meg download.

So now I am using a dialup service to access the internet.

If it isnt the people across the street then somewhere we have a real nasty virus.
----------------------

As an example:

50MBs (megs) = only about 15 songs
Most MS patches or updates are more than 50MB's.
Vista SP1 is 434.5 MBs
XP SP3 is 316.4 MBs
To download the newest Acrobat Reader update requires 20MB's.
An iTunes update requires about 50MBs.

I'm not sure what is going on except that 50MB's is nothing. Plus according to many reports, HughesNet's method for monitoring the traffic (bandwidth) is very slanted towards the benefit of HughesNet - surprise.

You are being screwed over by HughesNet like most of their customers. I'm 99.999% sure it is not a hacker issue - unless your computer is exploited and you are sending spam out in the background - and Vista is not secure either.

The people across the street are a couple hundred yards away. The can "see" your wifi potentially, but they would have to have a directional antenna to transmit back to you since TCP/IP is a 2-way communication - very very unlikely.I will be glad to make a trip up and check things out, but I pretty much guarantee you what the answer will be - HughesNet is sticking it to its customers and getting by with it.

I'm not trying to be complicated or difficult, just giving you the truth about what is going on. You don't have many choices in your location so basically you are dealing with a monopolistic ISP.

Labels: hughesnet, mesh, wifi, wpa

From an email:

-----------------------------
The thing that I am having problem with are those damn AAC tags… What the f*** are they, why the f*** are they, and why the f** can I not figure them out I think I understand they are away to control content.
-----------------------------

Well let me try to keep this fairly simple. AAC is a digital audio format that is supposed to be the "next generation" of MP3. However, MP3 is so ubiquitous that it's going to be a while before it gets replaced.

Apple uses their own "version" of ACC with extensions for DRM (digital rights management). That allows them to control the content so that it only plays back under iTunes and specifically under your iTunes account. In short its a pain in the ass. Steve Jobs has publicly stated that the DRM is to appease the RIAA, although I have my doubts since Apple likes to control everything from cradle to grave.

There are basically 2 ways to convert your music in iTunes from AAC to MP3:

(1) By default, iTunes wants to rip (convert) everything to AAC. Click on Edit -> Preferences -> Importing (or Edit -> Preferences -> Advanced -> Importing) then change the Import Using from the default setting to "MP3 Encoder". Click OK to save this setting. Next you can r-click an AAC file in iTunes, and try to "convert selection to MP3". The only problem is that this won't work for purchased AAC music (DRM'ed).

(2) If you must buy audio from iTunes, then your best bet is to setup a playlist, burn it as a music CD, then immediately rip it back to high bit rate MP3. That frees up your music to play on any player. Of course, that could eat up a lot of CD's, so you would probably want to learn to use something like MagicISO, CD Emulator, or NoteBurner to keep from using a ton of CD's.

References:

http://en.wikipedia.org/wiki/Advanced_Audio_Coding

http://www.apple.com/hotnews/thoughtsonmusic/

http://www.salon.com/tech/feature/2007/02/23/itunes/

http://www.engadget.com/2007/02/06/a-letter-from-steve-jobs-on-drm-lets-get-rid-of-it/

Labels: aac, itunes, mp3

This "white paper" was created to present to several clients of mine. I'm posting it to my blog so that it can be reviewed and maybe raise some questions as to how you handle your home and business information.

PDF Copy Here

Company policy concerning safety and security of data

• How important is your data?
• What is the company policy about sharing data?
• What workers / contractors have access to what data?
• What would you do if that data were leaked to a competitor?
• Do you allow users to surf MySpace, FaceBook, or similar sites? How do you know?

“Over 90 percent of the Webpages that are spreading Trojan horses and spyware are legitimate sites, some belonging to household brands and Fortune 500 companies, Sophos reports. Most have been hacked through SQL injection.” - source: Sophos.com

“Cross-site scripting

AJAX also increases the possibility of so-called cross-site scripting flaws, which occur when the site developer doesn't properly code pages, experts said. An attacker can exploit this type of vulnerability to hijack user accounts, launch information-stealing phishing scams or even download malicious code onto users' computers, experts have said. Big-name Web companies such as Microsoft, eBay, Yahoo and Google have all experienced cross-site scripting flaws on their Web sites.” - source: Cnet.com

"Certification" method to insure all outside pc's (ex: laptops) are clean and malware free

• How do you know if the pc's are infected or not?

• What is the policy on maintaining anti-virus and safe surfing habits?

Secure Backup Method

• What is your backup method?

• Have you practiced recovery from disaster?

• Do you use imaging software to recover the OS and applications?

• Are your backup files secure?

Data Encryption on Laptops and Remote Devices

• Are your laptops and remote devices utilizing data encryption?

• How much is your data worth if it gets into the hands of a competitor or criminal?

There is some evidence that cyber criminals are now specifically targeting laptop users, encouraged to do so by the finding that corporate laptops hold an average $525,000 worth of sensitive data. - source: Bahn, October 2007

Company Email and Consistency

• Do your workers use their personal Yahoo or AOL accounts for email?

• Do you want your clients to have an image of your company with potentially suggestive email addresses? (ex: cutiegirl69@yahoo.com)

• What will you do if a lawsuit and discovery injunction requires that you are able to provide all communications?

Further Resources:

The Growing Importance of E-Discovery on Your Business

http://www.google.com/a/help/intl/en/security/pdf/importance_e_Discovery.pdf

Business Guide to Compliance

http://www.google.com/a/help/intl/en/security/pdf/WP44-BMGuide.pdf

The Impact of the new FRCP Amendments on your Business

http://www.google.com/a/help/intl/en/security/pdf/WP42-FRCP_0107.pdf

Protecting Off-Network/Laptop Users

http://www.google.com/a/help/intl/en/security/pdf/off_network_workers.pdf

2007 Annual Study: Cost of a Data Breach

http://www.ponemon.org/press/PR_Ponemon_2007-COB_071126_F.pdf

Labels: backup, email, encryption

--------------
Question from email
--------------

I just noticed that my C: hard drive is nearly full. I need to configure iTunes and DVDFab to save and run off of my D: drive.


-------------
Solution
-------------

Here are the steps to move your mp3 files from one drive to another and configure iTunes:

1. Copy your current music folder (typically "My Music") to your other drive.
2. Open iTunes -> Edit -> Preferences -> Advanced tab
3. Click change and select the folder on your new drive.
4. Click OK to exit from the Preferences.
5. Close iTunes and then restart iTunes.

Once you have done this, you can then delete the original files from your "My Music" folder. Just make sure that you did copy all the music files over!




Here is how to configure DVDFab:

1. Start DVDFab
2. Click Common Settings button -> General
3. Browse and select the Output Directory
4. Browse and select the Temporary Directory
5. Click OK

By the way, DVDFab is an absolutely great application for making legal backups of your movies, or encoding them to iPod format.

Labels: dvdfab, itunes

As taken from a recent email conversation with a customer:

There are several issues that can cause internet connectivity issues. If Verizon says that their service is running smoothly, then typically they are correct - although I have seen cases where the ISP states that nothing is wrong with their service and there really is an issue.

As I'm sure you are aware, any downtime in your ability to use the Internet leads to productivity loss and costs you money. It would be well worth your time to contract with me to straighten out your network. For instance, when we first met you were having issues with Outlook Express - and the problem was that you had well over 13,000 emails in your inbox causing OE to choke.

One other very important point to remember is that you really should have a backup system in place. If your pc's go down, you risk losing your data which is far more important than the hardware itself.

http://www.smartergeek.com/blog/2008/07/importance-of-backups.asp

Here are some possible things causing your issue:


SPAMMers don't have warehouses full of computers. They use exploited PC's - zombies - to send out the spam. That is part of why it is so profitable.

Problem: Zombies are uploading/downloading on your network consuming your bandwidth and causing you to think your Internet service is down.

Resolution: All pc's on your network should be thoroughly checked out, possibly re-imaged, and practices put in place to avoid the problem in the future.

------------------
Email and Spam
------------------

This issue is closely related to "Zombies". Your users receive an inordinate amount of email and much of it is spam. This consumes bandwidth and can cause what appear to be "temporary outages" in your Internet connection.

Problem: Too much inbound spam.

Resolution: Migrate to Google's email service as recommended several times.

-----------------
Users abusing Network
-----------------

This happens much more frequently now. Users tend to want to view MySpace.com or Youtube.com on company time and using up company resources. Video and audio consumes a lot of bandwidth, which can cripple your legitimate traffic.

Resolution: Setup a system to restrict certain domains and websites plus enforce a company policy that prohibits such usage.

--------------------
Hardware Issues
--------------------

Hardware can begin to intermittently fail. There is always a possibility that your router or modem is occasionally having an issue.

Resolution: Replace faulty hardware.

-------------
Additional Resources
-------------

http://www.smartergeek.com/blog/2008/07/why-did-i-get-infected-in-first-place.asp

http://www.smartergeek.com/blog/2008/03/layered-security-basics.asp

http://www.smartergeek.com/blog/2008/02/spam-and-phising-example.asp

http://www.smartergeek.com/blog/2008/06/backing-up-your-system.asp

http://www.smartergeek.com/blog/2008/01/simple-rules-for-your-computing.asp

http://www.smartergeek.com/blog/2008/01/virus-lessons-101-revisted.asp

http://www.smartergeek.com/blog/2008/01/smartergeek-newsletter-1-5-2008.asp

Labels: backup, google apps, rule #1, spam, zombies

Recently, I had a customer who needed XP installed on a Gateway ESX e4000 - originally, it came with Win 2000 Professional. Putting XP on a computer is no big deal, but sometimes finding the right drivers can be. In this case MPC computers has purchased some of the Gateway models, and of course the drivers for this model are not listed on Gateway's website.

*Note: MPC is out of business.

The only driver that gave me any issue was the sound driver. However, if you "manually" install the driver using the "Have Disk" function, then it will install just fine.

If you have any questions or want a zipped copy of the drivers that I used, comment to this post or email me.

UPDATE 1-2-2009:
It appears that MPC is going out of business. Here is a download link to the XP Drivers that I used. If these drivers or this post help you out, please let me know.

UPDATE 2-25-2009:
Reposted driver downloads directly from my site. Sorry about that to anyone who attempted to download them and couldn't.

UPDATE 3-5-2009:

Added screenshot of audio "have disk" manual driver installation. Click image for larger version.

IMPORTANT UPDATE 6-18-2009:

Received an email from Steve at www.mpcdrivers.com and www.mpctechsupport.com - looks like he has a great site with virtually all drivers for the Gateway - MPC models. If you are looking for additional help or these drivers don't work, take a look on his site.

Best of all they are provided for free - like mine. If his site helps you out, make a donation to help him out.

Labels: xp installation

Obviously, backing up your data is the most important since you can always replace failed hardware. However, recovering from a system crash can be very time-consuming. Installing XP, Vista, or Linux plus all your applications and then tweaking your system can be a pain.

Acronis® True Image Echo Workstation
http://www.acronis.com/enterprise/products/ATICW/

Add-ons / Acronis® Universal Restore
http://www.acronis.com/enterprise/products/ATICW/universal-restore.html
*This allows you to recover to an image if the hardware changes. It basically resets the HAL in Windows, and can be very useful.

Acronis is nice because it will image while the system is running under XP. I've used it for several years now and had great luck with it.

Here is the method that I suggest you do for a complete backup of your computers.

1. Backup all important data "bulk data" (movie files, word docs, spreadsheets, pictures, email files, etc) to removable drive, DVD, etc. A great utility to find a lot of extra data is JDisk Report.
   
2. Delete the "bulk data" from each machine after backup and before imaging. This keeps the image file(s) from being too bloated.
3. Run a temp file cleanup utility, Diskeeper Pro, and Registry Mechanic.
   
4. Image the PC and store the image to a removable drive, DVD, online storage, etc. Use the "archive splitting" option in the imaging software so break the images into 4.7 GB chunks so they will fit on a DVD.
   
5. Copy the "bulk data" back to the pc once imaging is completed.
   

Now you have a "clean" image of the pc that can be recovered relatively quickly and easily. If you have a computer that you use a lot and add software too, you can do an incremental image with Acronis also, which can be set to run automatically.

Additional Resources:

Technology Report 1-8-2008
http://www.smartergeek.com/blog/2008/01/technology-report-1-8-2008.asp

Firefox and Google Bookmarks
http://www.smartergeek.com/blog/2008/07/firefox-and-google-bookmarks.asp

Trusting Google with your Email
http://www.smartergeek.com/blog/2008/07/trusting-google-with-your-email.asp

Backing up your System
http://www.smartergeek.com/blog/2008/06/backing-up-your-system.asp

Labels: acronis, backup, imaging

When Gmail first came out I started using it as an address for message board registrations and things like that. Since I've owned my own domains since about 1999, I've always used them for my primary email. My old method of backup was to use Outlook or Outlook Express and finally Thunderbird for POP3. Periodically, I would backup the appropriate files for those applications.

The problems with that were several. First, I have a LOT of email. As the Outlook .pst file or the Thunderbird files began to grow in size, performance suffered. If I "archived" email to a CD/DVD and then removed old ones from Outlook or Thunderbird, searching archives meant restoring them, searching, then cleaning up again.

A couple of years ago, Google released a service called Google Apps for your Domain. Among other things, it allows you to use Google's GMail "engine" to handle the email for your domains. You have the advantage of basically unlimited storage, alternate port usage (SSL and TLS) which comes in handy for ISP port 25 filtering, web access, POP3 access, and more recently IMAP support. One of the cool things is that even if you use POP3 access, Google Apps archives a copy of your received and sent email. This means you can access all of your email from your browser, its very searchable through your browser, and it provides a great backup solution!

The Trust Issue

Several people have commented about "trusting Google" with your email. Well, here is the reality check. Trust is a relative thing. We trust that MS's software (Windows, Outlook, OE, etc) is not doing anything behind our back. We trust that our ISP handles our information correctly, but that has proven to be a shaky deal lately.

Most of those same people "trust their ISP" with their email or another 3rd party email service. In my opinion, I trust Gooogle far more than anyone else.

ATT/Bellsouth, Verizon, and a host of other service providers have given me far more reasons to distrust them than Google.

One other thing to mention about "trust" is that at least Google gives you all the mechanisms to move your email away from Google should you choose. By providing contact import/export, POP3 access, and IMAP support, you have full control of your mail. In contrast, Yahoo requires a premium subscription for export and POP3 access, most of the major ISP's such as ATT/Bellsouth don't provide any contact export, and POP3 access only helps retrives your received email - not your sent email.

I migrated my email service over a year ago and have been very pleased with it. I have email dating back to 2004 stored online and have plans to push email archives dating back to 2002. Many of my clients are now migrated to the service and love it.

Web Access or Local Application

As the line continues to blur between web-based applications and local applications (software on your computer), it gets more difficult to recommend which is best. About 2 months ago, I made the decision to go 99% web-based email. This means I use my browser (Firefox) for my email. The advantages are many, but mainly it gives me access to my email anywhere I have a connection. Plus I don't have to worry about contact synchronization.

There are a few disadvantages though:

• Must have a connection to read any of your email.
• Adding attachments is not as easy as drag/drop for multiple attachments.

This is one of those things that you just have to try both and see which works best for your situation and tastes. Now I said "99%" of my email. If I have an email that I need to attach several files, then I will use Thunderbird with IMAP. This gives me an easy way to attach multiple files quickly and easily.

Following Rule #1

Rule #1: You are only as good as the last successful backup from which you can recover.

As much as I trust Google, ultimately I trust myself more than anyone. Periodically (about once every 2 months), I POP3 down all of my received email and IMAP a copy of all of my sent email to local Thunderbird files. Then I export a copy of my contacts to CSV. Then I backup email adn contacts to DVD.

If something does happen to Google's service, at least I have a local copy.

References:

What is EFF's Lawsuit Against AT&T About?
http://w2.eff.org/legal/cases/att/faq.php#1

Google Apps for your Domain
http://www.google.com/a

Backing up your System
http://www.smartergeek.com/blog/2008/06/backing-up-your-system.asp

You like Yellow Dots from your Printer?
http://www.smartergeek.com/blog/2008/02/you-like-yellow-dots-from-your-printer.asp

AT&T and Other ISPs May Be Getting Ready to Filter - Bits - Technology - New York Times Blog
http://www.smartergeek.com/blog/2008/01/at-and-other-isps-may-be-getting-ready.asp

Labels: backup, gmail, google apps

I've been saying this for a long time too, but newspapers and the way we gather news are changing drastically. I'm not the only person who doesn't really read a newspaper. There are a lot of other people that prefer "time shifting" content.

Timeshifting content means viewing content when you want - not waiting for the radio or TV program time. Blogs, rss feeds, podcasts, and iPods help you do this easily.

Jessica DaSilva recently blogged about a staff meeting in which the editor in chief declared that the print edition was an add-on to the website.

“People need to stop looking at TBO.com as an add on to The Tampa Tribune,” she said. “The truth is that The Tampa Tribune is an add on to TBO.”

Just like anything else, traditional media needs to learn to innovate and expand into the new ways of communicating and gathering information - or they will die out. The warning signs have been on the wall for several years now.

References:

"It's worth fighting for"
http://www.jessicadasilva.com/2008/07/02/its-worth-fighting-for/

Net To Newspapers: Drop Dead
http://www.businessweek.com/magazine/content/05_27/b3941024.htm

Silicon Insider: Newspapers Nearing Death?
http://abcnews.go.com/Business/SiliconInsider/story?id=629221&page=1

Newspapers are dead…
http://scobleizer.com/2007/03/24/newspapers-are-dead/

This just in: Newspapers not dead yet
http://news.cnet.com/8301-10784_3-9975760-7.html?hhTest=1

Labels: old media, timeshifting

All too often, I have clients whose computers crash. Fortunately, I can recover the data most of the time, but there are times when the hard drive physically fails. In those cases recovering the data becomes nearly impossible and very very expensive.

Recently, I created a document for my clients on "The Importance of Backups". Here is copy/paste of that document and a PDF copy. Spread the word.

The Importance of Backups

Rule #1: You are only as good as your last successful backup from which you can recover!

The most important thing on your computer (PC or Mac) is not the hardware nor really the software. These can be replaced relatively easily. The most important thing is your data. Period.

Backing up your data can be very simple and painless. For most people, it should not take that much time either. Here are some simple ideas:

• Purchase a “thumb drive” and simply copy any important data to your drive.

• Use blank DVD-R's and your DVD burner – blanks cost less than $0.20 each.

• Purchase a removable hard drive – you can get 320GB of storage for about $100 now.

• Most of your data will be located in your “My Documents” folder on an XP machine.

• Certain programs, such as older versions of Quicken or Quickbooks, like to store the data file in the program directory. Always check those programs and move the data file to your My Documents.

• You may not want to backup all your music each time if you have an iPod – that will serve as your backup.

• Pictures, music, and videos take up the most storage space. You may not want to back them up every time depending on your storage capacity.

Off-site backup is very important. It won't do you any good if you backup your data, but your house burns down.

Also, thieves steal computers, removable drives, etc. I have had several clients this year who have suffered business and home theft, including their computers. You need to periodically store a backup at a trusted family member or friends house or safety deposit box.

You also need to consider the safety and security of your backups. This means that your backup data should be treated as securely as your live data. With JungleDisk you can encrypt your data so that neither JungleDisk nor Amazon employees have access to your data. If you are using DVD's or a removable drive, then I recommend using TrueCrypt containers to keep the data safe.

My Recommendations:

Primary Backup: JungleDisk which uses Amazon's S3 service. This gives you encrypted off-site backups that is a no-brainer to use and very cost effective. Typically you can have 30+GB stored for less than $10/month.

Secondary Backup: Every 2 weeks, I copy my TrueCrypt container to a removable USB drive.

Tertiary Backup: Once a month I copy everything to removable DVD's. The files on the DVD's are stored in an encrypted TrueCrypt container, and the DVDs are locked in a fireproof safe.

Printable PDF Copy

Backups-Importance.pdf

Labels: acronis, amazon s3, backup, jungledisk, rule #1

Back in 2005 I was hired by a customer in Sulphur Springs, TX (lived there for a couple of years) to network his daughter's home using a HughesNet internet connection. This customer had been told by several people that it couldn't be done. Fortunately, he had the forethought to pre-wire his daughter's 2-story home with cat5e cable. That made it much easier.

Prior to this, he had been paying for separate dialup connections and phone lines for all the kids (grandkids). Successfully networking the HughesNet connection would start saving money within a couple of months.

The real catch was that he wanted to use the same HughesNet connection at his home, approximately 300' away, and he didn't want to run any cable. Fortunately, this was about the time when the Linux firmware community was really starting to thrive.

Since then, I have used the same basic setup several times to do a wireless mesh. It's worked out great although I don't get much call for it anymore.

Here is the setup that I used:

(2) WRT54G version1's with Sveasoft firmware (Alchemy-6.0-RC5a v3.01.3.8sv)
(1) Linksys WRT54G v5 (added later for downstairs wifi saturation)
(1) Cantenna (added later as tree grew in the way)
(1) Linksys 8 port switch
Some patch cables and ends

It was really a simple setup. I flashed both of the WRT54G v1's with the Sveasoft firmware and cranked up the transmit output power. I setup WDS on them and was able to successfully pull in the signal at his house nearly 300' away. For the daughter's house it was just a matter of making patch cables, connecting everyone to the first WRT54G v1 and the 8-port switch, and cleaning up the spyware and viruses already on the their pc's.

After about a year, we added a Cantenna at his house to pull in a stronger signal to the 2nd WRT54g v1, and we added a WRT54G v5 to the downstairs to saturate the daughter's house in wifi.

This system has been running remarkably well ever since the original installation. Periodically, I visit them (driving from Bossier City, LA, to Sulphur Springs, TX) and do some pc upgrades or remove viruses, etc. The relationship has worked out very well, and I'm pleased to call them my friends and not just clients.

Recently, the wifi signal has been a bit sporadic though. After a phone conversation, I followed up with an email. Here is a copy/paste of the email for informational purposes.

#######################
Hi,

Basically there are 2 options. Here is the information on both:

----------------
Cable Run
----------------

1000FT Outdoor CAT5e Cable - Gray CMX Rated PVC
http://www.computercablestore.com/CMX_Rated_Outdoor_CAT5e_catID712.aspx

Surface Mount Boxes
http://www.computercablestore.com/Installation_Accessories_Surface_Mount_Boxes_catID1911.aspx

OR

Wall Plates
http://www.computercablestore.com/1_Port_Blank_Wall_Plates_catID1913.aspx

You will need the cable, wall plates or surface boxes, plus some RJ45 connectors - I have plenty of RJ45's plus a tester. You would run the cable in the ditch for your water and up to the house. We can connect it to the downstairs or the upstairs Linksys WRT54G. It doesn't matter. I'd say the ideal scenario is to connect the cable to a faceplate or surface box.

I've ordered from ComputerCableStore.com before (been a few years) and had no trouble. However, if you can find the cable cheaper that's fine too - as long as it is outdoor rated.

You might also consider running it through PVC pipe or something for added protection. Plus, we don't need to really exceed 300' for the run as the Cat5e spec.

This is the best scenario as it gives you full bandwidth back to the main house.


---------------------
Wireless Upgrade
---------------------

Linksys WRT54GL
http://www.newegg.com/Product/Product.aspx?Item=N82E16833124190

Cantenna
http://www.cantenna.com

What we would do is add the WRT54GL downstairs and flash it with Linux firmware so that we can add WDS (wireless distribution system) and turn up the transmit power. This is exactly what I did back in 2005.

Then we add the cantenna to the WRT54GL and point it to your house.

I will use one of the following to flash the firmware and "upgrade" the router:

http://www.sveasoft.com
*Running on the upstairs router plus your router in your house.
*May need to purchase new license.

OR

http://www.dd-wrt.com

OR

http://www.openwrt.org

Recently, one of my customers had a question about losing bookmarks in Firefox. Here is the thread from that:

---------------
No I was not saving them under there, I had Star or something that said My Favorites that I used to click on. FireFox upgraded and since then I can not locate my favorites.
---------------

Ahh - that is actually good then! You were using Google Bookmarks and the Google Bookmarks toolbar. Your favorites (bookmarks) are safe with Google. Whenever you save your bookmarks with Google, they are tied into your Gmail account. You can also go to the following URL and also find your bookmarks:

www.google.com/bookmarks

Here are 2 add-ons (extensions) for Firefox that are now updated to work with the new Firefox:

Google Toolbar
http://www.google.com/tools/firefox/toolbar/FT3/intl/en/index.html

GBookmarks
https://addons.mozilla.org/en-US/firefox/addon/2448

Both of these will give you ways to access your Bookmarks that are stored with Google. Let me know if you still can't find them.

*The following advice is based on my experience over the years servicing thousands of computers, instructing users, and researching common-sense approaches to security for the average users.

If your computer gets infected by a virus or spyware or malware, it is because you have asked for it. Period.

You may not have intentionally asked for it, but at some point you asked for it. That means that you didn't follow common sense, are using an unsafe browser (such as IE), opened an untrusted attachment, or put an untrusted PC on your network. In other words - you asked for it.

Normally, your pc will get infected simply because you have your security settings too low. In the case of Windows and Internet Explorer, even after SP2, low security settings are the default. Microsoft tries to empower the user, but their method of doing so exposes the user to multiple vulnerabilities.

First and foremost, quit using Internet Explorer to surf the Internet. Use an alternate browser such as Firefox, Opera, or anything but IE. It is full of exploits and is arguably the main reason that Windows is exploited.

Second, follow some common sense rules for security. Everyday user security does not have to be complicated, but you need to follow some general guidelines. It is a layered approach. There is not 1 single product or piece of software that will protect you from all the threats. As a matter fact, most of the more popular security applications (Norton, McAfee, Trend Micro) have a tendency to lull you into a false sense of security.

The analogy that I like to use is this: Current anti-virus programs are like an alarm system on your house. They tell you (hopefully) when the burglar is already there.

Plus, I'm definitely no fan of Norton or McAfee or even TrendMicro. Countless times, I've run across pc's that were horribly infected even though Norton was installed and up-to-date. If these programs worked as well as they are touted, then people like me would not have a business model.

The point is this: Use common sense and a layered approach.

Recently, I had a potential client email me with some questions. I'm reposting my reply here.

------------
I really need pages to load faster.
------------

Having more RAM will help the pages load a little faster; however, the only way to get more "speed" for your pages is to have more bandwidth for your connection. Think of your internet connection as a garden hose. If you are on dial-up, then you have a drinking straw. Adding RAM will only help slightly - you will have to go to cable or DSL to "speed" up your connection and thus make the pages load faster.

If you live in an area where cable and/or DSL service are available, then usually you can switch to them for not much more money than what you are paying for dialup.

-----------
1. I have XP Pro now and like it but did not pick it below because now it has an additional cost but maybe I should add it?
-----------

XP Pro only has a few advantages, most of which are never used by the average person. It gives you is the ability to install IIS (internet information services), which allows your computer to act as a web server. Unless you are a web developer this serves you no purpose. It allows a higher number of concurrent connections for network shares - this is typically never an issue for home users even if you have 2-3 computers at home. XP Pro gives you more control over file sharing permissions - again this is typically not an issue for home users.

You can save your money and use XP Home edition. Do not order Vista - it is a pain in the rear.

-------------
2. I also have Office Small Business Edition which maybe I can transfer to new computer?
-------------

If you have the original CD's for Office, then you can install it on your new computer. Technically, you are supposed to uninstall if from your old computer. If you don't have the CD's, then you can't move Office from one machine to another.

Another alternative is to use OpenOffice.org (www.openoffice.org), which is free and open source.

--------------
3. I need to be able to have the option of dial-up. Currently I have a 56k fax/modem....not sure if what I picked in a modem will do the job?
--------------

Basically, any dialup modem will be just fine. No matter what you purchase, the modem itself will have little effect on your pages loading faster as just about all "modern" dialup modems follow the v.92 spec. Again, you will have to go to broadband - cable or DSL - to get a "faster" connection.

----------------
4. I would like to do whatever I can to help load pages faster.....I do a lot of graphics (charts etc) downloading and its way too slow. I also use Word and Excel fairly often.
----------------

Again, the only way to "speed" up your downloading and browsing is to go to broadband - cable or DSL. Adding RAM will help slightly but you need more bandwidth. Dialup sucks. The ISP's that still provide dialup are not spending any money to update their infrastructure with dialup. They are spending the money on broadband technologies.

If Word and Excel startup a little sluggish, then adding RAM will help that. However, if your computer is several years old, then Windows could be "clogged" with temp files, etc. Cleaning out the OS or reloading it from scratch (formatting your drive and reinstalling) will make it run as fast as it did when it was new.

------------------
5. Eventually I would like to have a wireless network which would allow me to have two desktops and laptop on the network. Should I purchase something now with that in mind?
------------------

I recommend you just buy a laptop and run that. Most of my customers, including businesses, are now purchasing laptops since the price gap has narrowed considerably. Laptops are as powerful as desktops, more portable, have wifi built-in, are more convenient, can run dual-monitor, etc.

If you are set on a desktop tower, then you can buy a wifi USB device from Wal-Mart, Office Depot, or Best Buy for under $50 and make any computer WiFi enabled. You would need to purchase a WAP (wireless access point) such as a Linksys WRT54G and setup a home network, which is easy enough.

Again, you would be better served with a broadband internet connection, but you can share dialup to through a wireless network. Your internet surfing would be excruciatingly slow though.

----------------
6. What do I need to transfer files from old computer to new computer?? Laplink?? (I have never done that before so what would make it easiest would be great.)
----------------

Actually, you don't even need laplink. If you purchase a WAP/router (Linksys WRT54G or equivalent), you can setup a home network and copy the files. You could also just buy a 4GB or 8GB thumb drive, and copy/paste the files. You could actually just do it with an ethernet patch cable.

Laplink will work but it's not necessary at all.

----------------------
7. If I need service, would there be any problems if you order it in LA but I live in Indianapolis?
----------------------

If you have cable/DSL then there wouldn't be much problem. I have several clients that I support remotely. However, if you have dialup only, then it would be more difficult as I could not remotely access your computer very efficiently. I could still support it, but it would be far more difficult.

If there was a physical issue with the computer, then I would arrange for service through Dell, etc - if you purchased it through me or we setup a support payment/contract. I'm generally much faster and way better than calling Dell or any other tech support service.

-----------------------
8. How would we arrange payment? I have a credit card or?
-----------------------

I could arrange payment via credit card and Google's Checkout service, which accepts all major credit cards.

You could also send a check or money order, although the check would need to clear prior to ordering, etc. That's my company policy.

----------------------
9. I would like the option of AOL and Earthlink installed as it was on this one so I could pick either.
----------------------

I'm no fan of AOL or Earthlink; however, if that is your choice for dialup then having it pre-installed is fine.

The following post is from an email with a client. Since the issue of screen resolution versus font size, etc, comes up from time to time, I decided to post it on my blog:

-------------------------------

The smiley faces and fonts, etc, are found when you use HTML formatting for email. You have to be careful when using HTML in email, since different email clients will render the HTML differently. However, if you want enable it, you can do the following:

• Open Thunderbird
• Tools...Account Settings
• Click Composition and Addressing
• Check "Compose in HTML Format"

For the font sizes when you are writing an email, you don't really want to make the font size for the email larger - again most email clients will render it differently. Besides, you don't really want to send an email that is composed with 24pt font sizes. It will piss people off.

What your issue stems from is the high screen resolution of that laptop. It makes everything system wide appear small even though the actual font size in your email message is correct. We have tweaked the screen resolution settings in Windows XP as good as we can and still have the system display things properly; however, you can tweak Thunderbird to show things on your screen larger.

• Open Thunderbird
• View...Font Sizes

This will show the fonts larger when you construct the email, but not actually increase the font size in the email.

If you need help with this, feel free to call or email me. We can setup a remote session and get everything fixed!

Recently a client (and friend) asked me about backing up her computer prior to installing XP SP3. That's a smart idea considering all the SP3 issues that are occurring.

Most people don't think about data backup, but it is very important even for home computer users. Think of all the information that we store - pictures, email, documents, tax files (TurboTax), etc. What happens if you have a fire or flood or lightning strike? It's not really the computer that's all that important - it's the data.

So far this year, I have had 2 clients whose homes were broken into. Guess what the thieves took in addition to the TV's and DVD players? They stole the computers AND the backup drives!

-------------------------
System Wide Backup
-------------------------

Backing up the entire system really requires "imaging" software such as Acronis True Image (which I use and recommend). This type of software creates an entire system snapshot so that even if your hard drive fails, you can recover everything just exactly how it is. Of course, you need to create the image and store it in a removable or secondary drive, or burn it to DVD. The image files also tend to be large - for instance if your hard drive has 20GB being used out of an 80GB drive then the image file will be about 12-15GB (compression on the 20GB).

You can use the Windows System Restore functionality built-in to XP; however, it is not nearly as reliable and effective as MS touts it to be - of course. I actually disable my System Restore in Windows to free up the additional hard drive space.

-----------------
File Backups
-----------------

If you don't want to image the machines, then you at least need to backup any important data files - such as your My Documents folder, any additional pictures, music, etc. Also be aware that sometimes programs such as Quickbooks create the data files in the installed directory by default (c:\program files\intuit\quickbooks), which is very stupid but it does it. You can move those files, but just be aware of thinking of everything including your Firefox or IE or Safari bookmarks, etc.

If you use Gmail or Google Apps, your email and contacts are safe with Google online. However, if you use Thunderbird (or Outlook or OE), and POP or IMAP your Gmail, then you will need to export out a copy of your address book. In Thunderbird, I recommend copying the entire Thunderbird profile directory and with Outlook you should export out a copy of your .PST file. For OE, find the profile directory and copy out all the .DBX files and export out a copy of your address book.

----------------
Recommended Backup Solution
----------------

The best backup solution that I have found right now is also one of the easiest. I use, recommend, and love an application called JungleDisk. JD automatically backs up any files or folders that you tell it too. The data is stored using Amazon.com's S3 services. I recommend you use the built-in encryption (256bit AES) which prevents anyone (including JD and Amazon) from seeing your files.

JD allows you to install a single copy of the software on multiple computers in your home or office. They will all backup to the same Amazon storage account, which is very very economical (click on the picture). I'm running it and have setup several of my clients with JD and it works flawlessly.

The software has an easy to use recovery mechanism and you can even keep version histories. I have mine set to keep the last 90 days of file revisions so I can go back in time.

One word of caution though, follow the warnings about keeping a good record of your encryption key and use a strong key (more than 20 characters). If you lose the key, you cannot recover your data.

I strongly recommend JD and Amazon as your primary backup solution

----------------------
My Services
----------------------

If you need help coming up with a backup solution or setting up JD, then I charge a reasonable fee (typically 1 hour) to set everything up for you. After that, it will just work.

Contact me if you need help!

As most of you know, I am no fan of Windows Vista. Arguably, it is on par with Windows ME - which was a total flop. Almost every business customer that I have still runs XP or pays me to install XP on their new Vista pc's. They can't stand Vista's lackluster performance, DRM overhead, absurd RAM requirements, and odd behaviors and quirks.

Formatting a drive and installing XP is not a big, except on Toshiba laptops. Their driver support, even if the laptop was built during the XP time, is marginal at best. I've spent more hours digging around the 'Net looking for Toshiba drivers than I care to count.

Recently, a client of mine needed a laptop faster than I could get one from Dell. Against my better suggestion, he purchased 2 Toshiba a205-s5825 laptops, both with Vista. Naturally, he wanted to run XP on at least one of them and so the saga begins.

First, I formatted the drive. Ok - no big deal, but when I rebooted to an XP CD with SP2 slipstreamed in, it refused to see the HD. Hmmmm. I checked the drive in several partitioning utilities and sure enough it was there.

Next, I figured that XP just wasn't seeing the SATA drives. That's common, but the on many recent computers the BIOS will allow XP to see SATA. As most of you are aware, to install 3rd party SCSI or SATA drivers so XP will see a drive requires a floppy drive. Yes, the venerable floppy still has its place, and I keep a USB floppy around just for these situations.

I dug around the 'Net and found the Intel Matrix Storage Manager-7.5.0.1017 driver exe file. You can install that on a working XP box, then copy the drivers from the installation. Or - you can download them directly from here (yeah these are safe).

Here was the problem. The fr**k*ng BIOS on the a205 saw the USB floppy fine, but XP refused to see it. I hate Toshiba almost as much as HP. No matter what I tried - no floppy for me.

Ok - so let's slipstream the drivers into the XP CD and be done with it. Grab a copy of nLite and make sure you have a CD burning program and know how to deal with an ISO file.

You can use these instructions for nLite since it's late and I don't feel like typing them:
http://www.nogodforme.com/HPDV6500T.htm

*If you can't figure it out, just email me, and I will help you out.

Last, I booted to my shiny new XP CD and voila! It decided to play nicely. Now I just have to find all the drivers!

Drivers

Well this has been fun. Basically, there is zero support on the Toshiba USA support site. Fortunately, the Toshiba Europe site has the drivers listed. I picked a model and downloaded them and presto! After completely installing all the drivers and apps needed, I promptly made an image of the PC. The I burned a DVD of the image, XP SP2 slipstreamed .iso file, and the drivers.

Here is a screenshot of the driver listing (click for larger version):



References:

nLite
http://www.nliteos.com/download.html

Downgrading a Toshiba Notebook to run WindowsXP
http://www.tempusfugit.ca/toshiba_xp.html

"No Drives Found" when downgrading to XP
http://www.tempusfugit.ca/no_drives.html

Toshiba EMEA - Wireless LAN Driver Portal
http://aps.toshiba-tro.de/wlan/?page=downloads

Update 8-18-08 *Has some additional driver links
Downgrading Windows Vista Home Basic to XP Pro on Toshiba A205-S5800
http://www.chaohan.com/node/122

I get asked over and over about how to stay safe with computing. After all, my business is keeping my clients safe after cleaning up their computers and networks. My system and recommendations work. Typically, I don't get much repeat business for spyware and viruses. When I "fix" a computer and give my customers the safety rules, I typically don't hear from them again unless they upgrade or recommend me to a friend.

The following information is the same speech I give to everyone, and have written about in the past. It provides all the information you need to keep your pc's and networks safe and running smoothly. I will update this one periodically.

-------------------------

Security Layers
-------------------------


Safety and security is a layered process just like your home. There is no one simple thing can solve every security problem. No matter what the marketing hype from Norton or McAfee or TrendMicro says - they are in the business of selling you products and not really keeping you secure. Windows XP and Vista certainly aren't safe by themselves, and actually neither is a Mac or Linux box. You have to employ layers of security.

Common Sense

The first layer of security is common sense. No amount of hardware or software protection is going to help if you ask for a virus or ask for spyware. That's right - if you get a virus or spyware then you asked for it. Maybe it wasn't intentional, but you asked for it. So the first thing is to use common sense.

For instance, I will never send you an email that has one line that reads: "Open this attachment now!"

I'm as long-winded in email as I am in speaking or blogging. If you get a one-line email from me, then it was most likely spoofed and is a phishing scheme or attempt to get you to install malware.

NAT Router

The second layer of security should be your NAT (network address translation) router. Otherwise you are bare naked and bent over to the world. The DHS (Department of Homeland Security) and CERT have provided a basic list of home network recommendations.

It is incredible that I still encounter about 70% of home users with a cable connection and no router. That is way too dangerous and accounts for a large part of my business. I have clients who were on a cable modem with their business pc directly attached running XP SP1 and confidential customer information on the pc. That's a huge problem.

FireFox - Not IE

One of the most important layers is to use Firefox and quit using Internet Explorer. It is simply one of the largest attack vectors for Windows. IE is tightly integrated into Windows so what attacks IE can more easily attack Windows. Also, Firefox does not support ActiveX controls. It is also open source so we know what is "under the hood" and can more easily ferret out the flaws in the code. With IE we are dependent on Microsoft and we all know how that usually ends up.

OpenDNS

The next layer is to run OpenDNS on your network. This simple step will typically increase your internet performance (since most ISP DNS systems are not very robust), and it adds phishing protection and surfing history and control.

Anti-Virus

The last layer of security should be anti-virus. Why is this down the list? Simply because most viruses, trojans, etc, are designed to bypass detection. A/V companies are several steps behind the bad guys - always. Once Pandora's box is open, you can't guarantee anything. That means that if a virus has gotten on your system, then all bets are off on safety even if your a/v software says it was cleaned or quarantined. You get lulled into a false sense of security.

-----------------------

Zombies and Bots
-----------------------


Most computer security threats today are not really designed to crash your computer. Also rare are attacks to "steal your identity." Most intruders are looking to turn your computer into a "zombie" in order to launch attacks at websites or other computers or networks. Even more common is the fact that most zombies are now created to help send spam out in the background.

Unfortunately, we can't stop spam and thus the intruders until we take the economics out of the equation. I'm not sure of the current numbers, but worldwide spam accounts for billions of dollars in revenue for the spammers and advertisers.

-----------------------------------------------

Software Firewalls Cause Problems
-----------------------------------------------


What? Yep - you read that right. You do not need a software firewall when you are behind a NAT router. A NAT router already does stateful packet inspection and acts as a hardware firewall, which is far superior to software. In the end, Norton Internet Securities and other similar bloat-ware cause way more problems and issues than they solve - well they actually don't solve any.

Hint: Bellsouth's DSL service provides you with a "modem" that is also a NAT router. For instance, the Westell 6100 is a NAT router with only 1 ethernet port. You can buy a simple switch for less than $20 and connect multiple computers or devices with no configuration!

----------------------------

So what can you do?
----------------------------

• Use alternative browsers to Internet Explorer such as Firefox, Safari, and others.
• Run OpenDNS on your network.
  
• Follow basic safety such as making sure you absolutely trust an email before opening an attachment or clicking a link.
• Use Google's GMail which has a very robust spam filtering system, SSL connections, and online virus scanning.
• For business email, use Google Apps for your Domain, which provides all the advantages of Gmail under your own domain.
  
• Use AVG (free edition for home users) and let it auto-update.
• Use TrueCrypt for encrypted file containers or encrypting your whole drive.
• If your computer slows down (software speed, etc), contact me immediately so we can asses what may be wrong.
• DONT use Norton or McAfee products - you will have a false sense of security.
• If you have a wireless network make sure WPA security is used. Don't rely on WEP. It is badly broken.
  

Computer scientist fights threat of ‘botnets’
http://www.news.wisc.edu/14380

CERT® Coordination Center
Before You Connect a New Computer to the Internet
http://www.cert.org/tech_tips/before_you_plug_in.html

Is It Time to Ditch IE?
Feds say switching browsers is one way to deal with security threats.
http://www.pcworld.com/article/id,117550-page,1/article.html

This happens all too often. You get forwarded an "Urban Legend" email like the one about Obama being the anti-Christ. One of the 500 people that have forwarded the thing (as attachments no less) has some spyware or adware running on their computer.

You think to yourself: "Self, now so-and-so would never send me anything bad."

So you click the link or install the software attachment - and open Pandora's box! Then it's too late - the pop ups hit. The spam increases. All because you didn't follow my simple rules. These are very similar to phishing schemes, except they don't really try to hide the links. They rely on just a bit of social engineering. That's all it takes.

Please be wary!

Well this is a scary thought - employees at utilities companies, government agencies, and other companies just looking through your account information. While the article focuses on Milwaukee-based WE Energies, I should imagine that the practice is very common-place.

The IRS took 219 disciplinary actions, including firings and suspensions, against employees who browsed through confidential taxpayer information last year, according to the U.S. Treasury Inspector General for Tax Information. That was more than double the number the previous year.

Worker Snooping on Customer Data Common
By RYAN J. FOLEY
http://ap.google.com/article/ALeqM5ghPenZUJTE7BfSfgQbj6RX597DEAD8V019TG0

Recently I had a client forward an email to me. She was concerned that she may have some security problems due to an email she received. These sorts of emails use a social engineering scare tactic to try and entice you. Kudos to her for asking me about it first!

This is a perfect example of what a SPAM and Phishing email looks like - so I figured I would post it with some notes. Yeah - I removed the email address and names to protect the innocent.

This is also a perfect example to all the AOL users out there. Quit using AOL. It sucks. Switch to Gmail.

Call me - my rates to setup Gmail AND move all your AOL email and contacts are very reasonable.

Click the image to get a larger and clear view.

Well this is definitely a case to watch as it appears it will go all the way to the Supreme Court. Here is the quick scenario.

The case arose when Kevin Boucher, a Canadian citizen with legal residency in the US, was traveling from Canada back to Vermont on December 17, 2006. He and his father were stopped by customs agents while crossing the border. A subsequent search of the laptop by an agent revealed adult porn and animations of adult and child porn. The key here is that the agent was able to access the files without a password.

After obtaining a subpoena on December 19, a Vermont Department of Corrections officer attempted to access the drive only to find that it was encrypted with PGP (Pretty Good Privacy).

Secret Service Agent Matthew Fasvlo, who has experience and training in computer forensics, testified that it is nearly impossible to access these encrypted files without knowing the password. There are no "back doors" or secret entrances to access the files. The only way to get access without the password is to use an automated system which repeatedly guesses passwords. According to the government, the process to unlock drive Z could take years, based on efforts to unlock similarly encrypted files in another case. Despite its best efforts, to date the government has been unable to learn the password to access drive Z.

Now, whether or not the kid has child porn in the encrypted drive is not the main point. He admitted to having porn and possibly child porn in his temp files. He actually allowed agents to view files, which prompted the initial arrest. The point here is whether the government can compel you to reveal a password - something that is in your mind. This has far-reaching implications on your rights under the 5th Amendment.

I'd have to say kudos to the kid for encrypting his drive in the first place. I cannot stress enough the importance of encrypting your data. Not that you need to worry about government snooping, but you should certainly be worried about theft of data. It is a very serious potential problem and disaster.

If you want to learn more about encrypting your data, hard drives, or email, contact me. Also look for upcoming blogs and tutorials on the methods that I use, including total disk encryption using TrueCrypt and email encryption using Gmail, Thunderbird, and Enigmail.

References:

Judge: Man can't be forced to divulge encryption passphrase
http://www.news.com/8301-13578_3-9834495-38.html

Feds appeal loss in PGP compelled-passphrase case
http://www.news.com/8301-13578_3-9854034-38.html

DOJ: No comment on forcing encryption passphrases
http://www.news.com/8301-13578_3-9835392-38.html

In Child Porn Case, a Digital Dilemma
http://www.washingtonpost.com/wp-dyn/content/article/2008/01/15/AR2008011503663.html

Well, I had read about this a while back, but a recent Slashdot post brought it to my attention again. Did you know that the US Government convinced printer manufacturers to encode every page of a document with a pattern of yellow dots to identify the printer (and user)? If that doesn't give you an uneasy feeling about surveillance than I don't know what will.

References:
Secret Printer ID Codes May Be Illegal In the EU
http://hardware.slashdot.org/article.pl?sid=08/02/15/1612226&from=rss

Is Your Printer Spying On You?
http://www.eff.org/issues/printers

As I reported previously, the GeekSquad and BestBuy has some serious issues going on such as the porn incident. Unfortunately for them, it serves as bad publicity. Fortunately for me, it drives more business to me.

The most recent thing is losing a laptop, and I have to agree with the lady who filed the suit. It's not about winning $54 million - it's about sending a clear message to BestBuy and other stores that you had better take customer information and service very seriously.

I have filed a lawsuit against Best Buy and launched this blog in an effort to bring attention to the reprehensible state of consumer property and privacy protection practices at America's largest consumer electronics retailer, with the hope that it might motivate Best Buy to effect changes and spare future consumers the experience I have been subjected to -- or worse.

Of course, it goes without saying that her data should have been encrypted on the laptop. Then her fears about identity protection would be minimized greatly. However, she does have a point about the way that BestBuy handled the situation, and apparently they are continuing to drop the ball.

Good luck Raelyn Campbell!

BestBuy vs Consumer Protection Blog
http://bestbuybadbuyboycott.blogspot.com

Over the years, this issue has come up time and time again. Most ISP's (internet service providers) now block port 25, which is the outbound email (SMTP) port. In the name of trying to "help block spam", they make it a huge headache for customers who use their own domain or another email provider. If you call Bellsouth or Comcast as a residential customer, their answer is "tough - upgrade to a business account". That is absolutely a waste of money.

As most of you know, I DO NOT recommend using your ISP's email account.

Many email services also don't allow you to use anything other than port 25 for your outbound email so customers are left with configuration issues to get their email to work if they use an email client such as Thunderbird, Outlook, Outlook Express, MacMail, etc. If you use a laptop, then things get really fun when you are on a network that is not your own such as a hotel, family member's house, customer, etc.

What do you do for now? The setup varies slightly from service to service, but basically you are going to setup your email client to use your ISP's outbound SMTP server and your ISP-provided email address/password for authentication.

What is the real solution? Use an robust email service that uses non-standard ports.

For instance, I HIGHLY recommend Google's email service - Gmail. It uses non-standard ports (995 inbound POP and 587 outbound SMTP) plus SSL connections on the inbound and TLS on the outbound for enhanced security. It also supports IMAP and a host of other features. You can use it as a central point for your email as it will POP in your other email accounts. You can even set it to reply from those account addresses if you don't want your Gmail address easily revealed.

Another solution is to just purchase your own domain and use Google Apps for your Domain for your email needs.

I use both of these methods for all of my email and have begun to migrate most of my customers over to the system. It just works - and the service from Google is basically free.

As usual, if you need help with any of these services, contact me. For a reasonable fee, I will be glad to setup everything including migrating your existing email over.

Helpful Links:

Webmail vs Local Email
http://www.smartergeek.com/forum/forum_posts.asp?TID=390

Anti-Spam Techniques in Email
http://en.wikipedia.org/wiki/Anti-spam_techniques_%28e-mail%29

ATT / Bellsouth E-mail Best Practice Guidelines
http://www.postmaster.bellsouth.net/best_practice.htm

ATT Bellsouth Port 25 Filtering Help Center
http://www.att.net/csbellsouth/s/editorial.dll?fromspage=all/home.htm&categoryid=&bfromind=62&eeid=3784168&eetype=article&render=y&ck=

Comcast takes hard line against spam
http://news.zdnet.com/2100-3513_22-5230615.html

Thunderbird - Cannot send email
http://kb.mozillazine.org/Cannot_send_mail

It appears that www.wesla.org (WESLA Federal Credit Union) has some serious issues going on. The site has been down for a couple of hours at least. At 3:55pm CST, a client of mine IM'ed me over GoogleTalk about it. More than just the homepage is down as well - looks like the whole site.

There are several things that can cause this so hopefully the admins will have it figured out pretty quickly.

*Note: No I don't use WESLA.

------------------------
Note: This blog is about the subject in general - not meant to be taken personally by the one who just sent me the email.
------------------------

Ok everyone. Please STOP sending this crap to me. I can only hit "reply all" and send refutes about these urban legends so many times before I get really tired of it. I realize that most people don't know as much as about computers and technology as I do, but just a little thinking and forethought would save all of us time and save some internet email traffic. Besides, most people who send me email have heard by soap box lessons about this kind of stuff.

Did I mention that I HATE unsolicited emails containing urban legends? Stop proliferating this crap. Please. They waste time, resources, and bandwidth. Instead of doing something productive, I have to respond to people and insure them that mass panic will not happen. Worse yet, I get the phone calls from clients wanting to know what all these things are about. When I tell then about urban legends, myths, and hoaxes, they just can't believe that "cousin Tommy - the family computer guy relative" would send them an email that was fake. Just because "Tommy" has an iPod and can play Guitar Hero and instant message does not make him an expert.

There is no virus that caused mass panic in New York and was reported on CNN. Software code can remove data but can't cause actual damage to a hard drive. Clicking on links in an email that obviously point to a ridiculous URL (website) such as : http://notme.hk/ should really be your first clue. Another clue would be not opening any untrusted attachments. A third clue is "this alert was received by an employee of Microsoft" - umm who cares and it was unsolicited anyway?

In summary, don't fall for the social engineering tactics at all. And don't forward them on to me unless you are genuinely asking me if there is any truth. If you do, then you will surely end up on my email newsletter list along with all 500 people that you cc'ed - since I'm sure every one of you needs real technology help.

All -

I just received this warning from my wife. I checked on Snopes. It is a REAL virus!

Read below.

- G****


Importance: High

FYI . . . Please take this seriously and read the link below . . .


Virus --CNN announced -- Snopes confirms as real.

Here is a link to the snopes page:

http://www.snopes.com/computer/virus/postcard.asp


PLEASE SEND THIS TO EVERYONE ON YOUR CONTACT LIST!!

A new virus has just been discovered that has been classified by Microsoft as the most destructive ever. This virus was discovered yesterday afternoon by McAfee. This virus simply destroys Sector Zero from the hard disk, where vital information for its functioning are stored.

This virus acts in the following manner:

It sends itself automatically to all contacts on your list with the title:

'You've received a Post Card from a Family member'.

As soon as the supposed virtual card is opened the computer freezes so that the user has to reboot. When the ctrl+alt+ del keys or t he reset button are pressed, the virus destroys Sector Zero, thus permanently destroying the hard disk. Yesterday in just a few hours this virus caused panic in New York, according to news broadcast by CNN.

This alert was received by an employee of Microsoft itself.

So don't open any mails with subject:'A Post Card from ' As soon as you get the mail, delete it !! Even if you know the sender !!!

Please pass this mail to all of your friends.

Forward this to everyone in your address book. I'm sure most people, like myself, would rather receive thi s notice 25 times than not at All.

References:

http://www.snopes.com/computer/virus/postcard.asp

http://virusbusters.itcs.umich.edu//hoaxes/virtual.html

http://antivirus.about.com/cs/hoaxes/p/virtualcard.htm

http://www.trendmicro.com/vinfo/hoaxes/hoaxDetails.asp?HName=This+Is+Not+A+Joke+-+VIRUS+ALERT

I've been asked about this issue several times. To keep it simple:

No you don't have to buy a new $1500 HD television before February 17, 2009, and throw away your old TV.

What is happening is that the over the air (OTA) television stations will no longer be broadcasting in analog. They must begin broadcasting digitally. That's all it means.

FAQ's (Frequently Asked Questions):

Q. What if I am on cable or satellite (like DishNetwork)?
A. Then you don't have to worry about anything unless you also use rabbit ears.

Q. If I have an older analog television, will I have to throw it away after February 17, 2009?
A. Nope. You can purchase a digital-to-analog converter box to continue using your rabbit ears.

Q. Do I have to buy the digital-to-analog converter box?
A. No - If you have a TV imported after March 1, 2007, then by law it has a digital tuner built-in.

Q. How much does the box cost?
A. The price is expected to be around $60, but the Feds are providing coupons to everyone worth $40 to offset the cost. That brings your total outlay to about $20.

Q. The salesman at <> said I had to buy a new HD TV or I won't be able to watch television much longer.
A. The salespeople at those stores are typically very ignorant of technology and/or liars.

Q. Why is the Federal government mandating this?
A. "...because all-digital broadcasting will free up frequencies for public safety communications (such as police, fire, and emergency rescue). Also, digital is a more efficient transmission technology that allows broadcast stations to offer improved picture and sound quality, as well as offer more programming options for consumers through multiple broadcast streams (multicasting). In addition, some of the freed up frequencies will be used for advanced commercial wireless services for consumers."

Q. Who is going to buy up the spectrum?
A. Hopefully Google!


References:

http://www.dtv.gov/consumercorner.html#faq5

FCC Consumer Facts
http://www.fcc.gov/cgb/consumerfacts/digitaltv.html

Google's Public Policy Blog
http://googlepublicpolicy.blogspot.com/search/label/Telecom

Official Google Blog - Who's going to win the spectrum auction?
http://googleblog.blogspot.com/2007/11/whos-going-to-win-spectrum-auction.html

Everything You Always Wanted to Know About the 700-MHz Auction but Were Afraid to Ask: Expert Op-Ed
http://www.popularmechanics.com/technology/industry/4246037.html

700 MHz Explained in 10 Steps
http://gigaom.com/2007/03/14/700mhz-explained/

Imagine that police arrest an individual for a simple traffic infraction, such as running a stop sign. Under the search incident to arrest doctrine, officers are entitled to search the body of the person they are arresting to ensure that he does not have any weapons or will not destroy any evidence. The search incident to an arrest is automatic and allows officers to open containers on the person, even if there is no probable cause to believe there is anything illegal inside of those containers. What happens, however, when the arrestee is carrying an iPhone in his pocket?

Now you might think this scenario is far-fetched, but it's not really. Just imagine if you have your laptop, and the officer decides to search it. You may have data on there that is none of law enforcement's business. As a matter of fact, none of it is their business!

Here's another scenario that I preach to all my clients, family, and friends.

You can always replace your hardware if it gets stolen. You can't replace your data or the damage done if someone gets their hands on it.

While you may think that you don't keep enough data on your computer to matter, I bet the vast majority of you reading this post allow your email program or web browser (IE or Firefox) to remember your passwords. With that information, someone can have access to your email and a lot of other things. By using some social engineering combined with the data they are able to pour through, some serious damage can be done.

Oh - you didn't think about that did you? What about all those pictures of your family, kids, etc?

Fortunately, there is a pretty easily solution to most of this. You need to install and use TrueCrypt. This simple, free, open-source program will solve just about all of those problems. You know all those stories in the news about stolen/lost laptops with tons of SSN's and personal data? Well, there is simply NO excuse for that. You can install TrueCrypt, create an encrypted container, put your important data in it, and that's that. I actually use 2 containers. One is for my most important data that I cannot afford to lose. The 2nd container is used to hold my Thunderbird email and settings. As a bonus, I only have to backup 2 files - the TrueCrypt containers, and my backups are encrypted as well.

Another rule to remember: don't have your browser remember your passwords. First, this means you will forget them. Time and time again, I revamp customer computer systems and they have no clue what their passwords are. Secondly, if someone does steal your computer (swiped laptop or breaking into your house and taking your desktop), then they may get a nice computer and whatever software you have installed, but they won't have easy access to your email, banking sites, etc.

http://en.wikipedia.org/wiki/Post_Office_Protocol

Although plain text transmission of passwords in POP3 still commonly occurs, POP3 currently supports several authentication methods to provide varying levels of protection against illegitimate access to a user's e-mail.

Here's something else to think about: Did you know that the vast majority of email flies around the 'Net in plain text? That's right - your email has zero protection! Why do you think you should never ever ever send your SSN or credit card number via email? Let me give you a good example. People like me will sit at a hotel and run some network sniffing software. Your email client checks your email - I get to see your username, password, and email all sent across the network in the clear.

This is one of the reasons that I've been migrating and pushing most of my clients over to Gmail (Google's email service). Gmail uses an SSL connection from your email client to their servers. This is actually more secure than using your browser since Gmail only uses SSL for the login with your browser. The best news is that all major email applications support it (some better than others - like Thunderbird), and it totally stops the hotel scenario. And its free!

Now, that doesn't stop someone at Google from potentially viewing your email; nor does it stop anyone along the path from Google to the recipient's email. As as an example, many people use their ISP's email systems - Comcast, Bellsouth/ATT, Verizon, etc. We can't even trust them to deliver us the services we were sold and paid for. You think we can trust them with our email? The way around this is using something such as OpenPGP/Enigmail so that the entire contents are encrypted. Alternatively, you can do something as simple as create a small TrueCrypt container, put your message and contents in the container, and forward that as an attachment. Call the recipient and tell the the password. Simple but effective!

In the near future, I will releasing several video tutorials on how to set this up. As always, if you want assistance in creating a relatively secure way to store your data, then contact me.


References:

The iPhone Meets the Fourth Amendment
http://papers.ssrn.com/sol3/papers.cfm?abstract_id=1084503

www.truecrypt.org

You know that broadband internet coverage in the United States sucks right? Huh - you mean you thought it was so cool that you can now get a 1.5Mbs DSL connection? Bellsouth/ATT offered you 6Mbs Extreme? Have you checked your upstream connection lately? That is why it is technically known as aDSL. The "a" stands for asymmetric - as in the downstream bandwidth is much greater than the upstream.

Even with 6Mbs or 10Mbs (that mega-bits not bytes), the US is still way behind in the industrialized world with connectivity. For the most part, we created the Internet, and our connections suck.

Fixing US broadband: $100 billion for fiber to every home
...But these 100Mbps connections are coming slowly; in the meantime, countries like Japan already have them. To avoid falling further behind, the report calls for a national broadband policy to be passed this year, one that includes $100 billion for a fiber-to-the-home infrastructure that will connect every household and business in the country.
...Between 1999 and 2006, the US fell from third place to 20th in the International Telecommunications Union's broadband usage measurements.

Now here is the really interesting part of this whole deal. Ever heard of the "$200 Billion Broadband Scandal"? Let me summarize then. Basically - back in the mid '90s the telecos (telephone companies) were supposed to deploy fiber and fiber/coax networks to millions of homes by the year 2000 as part of the Telecommunications Act of 1996. We are supposed to have 45 Mbs connections. All 50 states and the District of Columbia contracted with their local telecommunications utilities for the build-out. Guess what? We don't have millions of homes with fiber do we? They all failed. The telcos made billions.

The $200 Billion Rip-Off: Our broadband future was stolen.
Over the decade from 1994-2004 the major telephone companies profited from higher phone rates paid by all of us, accelerated depreciation on their networks, and direct tax credits an average of $2,000 per subscriber for which the companies delivered precisely nothing in terms of service to customers. That's $200 billion with nothing to be shown for it.

...As just a small example of the way the phone companies took advantage of ineffectual regulation, they charged an average of $1 per month per customer to run Bellcore, the research organization set up to replace Bell Labs after the 1983 split up of AT&T. But when Bellcore was later sold and the profits from that sale distributed to the telephone companies, not to the customers, ALL BUT ONE RBOC CONTINUED THE $1 CHARGE DESPITE THE FACT THAT IT NO LONGER DIRECTLY SUPPORTED ANYTHING.

Broadband in the US is now defined as anything with a download bandwidth of 200 Kbs or greater. Big deal.


Broadband Scandal eBook (406 pages in PDF)
http://www.teletruth.org/docs/SCANDALFINAL92006.pdf

http://www.fcc.gov/Reports/tcom1996.pdfPublish Post

Fixing US broadband: $100 billion for fiber to every home
http://arstechnica.com/news.ars/post/20080131-fixing-us-broadband-100-billion-for-fiber-to-every-home.html

Good Example of a Phone Bill Breakdown
http://www.newnetworks.com/dirtyphonebill.htm

I've been on my soapbox about this for a long time now. People want to gripe about the cost of a gallon of gasoline, which has to be drilled, refined, shipped, heavily taxed, etc. However, nobody thinks twice about paying $5 per gallon for bottled tap water.

1 liter ~ .25 gallons

$1.19/liter x 4 = $4.76/gallon (approximately)

Just doesn't make sense does it? Oh - you think that your is pure and therefore it should cost more. Right? Wrong. The fact is that most bottled water is no more safe than the vast majority of municipal water supplies.

In 1999 the NRDC tested more than 1,000 bottles of 103 brands of water. (This is the most recent major report on bottled water safety.) While noting that most bottled water is safe, the organization found that at least one sample of a third of the brands contained bacterial or chemical contaminants, including carcinogens, in levels exceeding state or industry standards. Since the report, no major regulatory changes have been made and bottlers haven't drastically altered their procedures, so the risk is likely still there.

Bottlers don't have to let consumers know if their product becomes contaminated, but sometimes they pull their products from stores. In fact, between 1990 and 2007, this happened about 100 times, says Peter Gleick of the Pacific Institute in Oakland, California. Among the reasons for recall: contamination with mold, benzene, coliform, microbes, even crickets.

If you like bottled water and want to continue to pay for Coca-Cola's massive marketing campaigns for your Dasani, then that's great. Just don't gripe about the cost of gasoline around me. As a matter of fact, unless you want to drill, refine, and produce you own gasoline then shut or walk - and use that overpriced bottle of Dasani to quench your thirst.

http://www.rd.com/content/rethink-what-you-drink/

It is my goal to make sure that your computer continues to run at it's peak. It should be a tool to help you rather than a headache due to poor performance. To accomplish that goal you must pay attention to certain rules that will greatly diminish the chances of a problem arising in the future.

Rule #1: You are only as good as your last successful backup from which you can recover!

Realize that your computer is a complex machine that uses complex code to make things easy for you. Sometimes problems can occur even if you do everything right.

Use Firefox! Firefox is far safer than Internet Explorer since it is not deeply tied to the operating system. Only surf through Internet Explorer if you have a particular website that requires its use – and you trust the website fully.

Never open any email attachments that you do not absolutely trust. Just because the sender appears to be a friend does not mean the email is safe. Think about spoofed emails!

Never install software that you do not absolutely trust – if in doubt at all CALL ME or EMAIL ME! Just because a friend or co-worker says something is safe does not mean it is.

Security and safe-computing are layered much like your home security (locks, alarm, guns, neighborhood watch, etc).

You are behind a NAT router. Running over-bloated software such as Norton Internet Securities is asking for trouble actually. A software firewall (behind a NAT router) only helps you after you are exploited – when its too late.

You should run AVG for anti-virus and keep it updated – but you can still get a virus if you “ask for it.”

You are running OpenDNS through your router and network settings to help avoid malicious websites and make your internet connection slightly faster.

Common sense is the key – if you are in doubt then ask me.

Your computer should continue to run just as fast next year as it does today. However, if you install a lot of software than runs processes at start-up, it will slow down somewhat.

If you will follow this basic list, your computing experience will be much more fun and productive!

AT&T and Other ISPs May Be Getting Ready to Filter - Bits - Technology - New York Times Blog: "AT&T and Other ISPs May Be Getting Ready to Filter"

If you don't know what "net neutrality" is then I highly suggest that you read up on it. This is especially true is you like to use the internet without real fear of some "big brother" group looking over your shoulder.

Unless you are really into tech circles or pay attention to tech news, you may not have even heard about the efforts of ISP's (internet service providers) like ATT, Comcast, Verizon, and others to effectively try and get paid 3 times to provide their services.

1st time: Google pays for a connection (large one) to provide you content.
2nd time: You and I pay for a connection (at home or work) to see the content.
3rd time: Google has to pay again to insure their content is provided quickly by multiple ISP's.

Google can afford this. SmarterGeek.com cannot. You cannot with your personal blog.

Here's the bigger picture. For companies like mine or even your personal blog, the potential is that our content may be throttled or filtered. This is crazy. The internet was designed to be an open medium. That is why it is so pervasive in our lives. It is digital free speech. Don't belive me? Watch and listen to the "father of the internet".

Please email or write your congressman or senator and let them know that you won't tolerate ATT's stance. Better yet, speak with your wallet. Avoid their services if at all possible.

FCC Pressed to Stop Comcast’s Internet Blocking

Occasionally, I have a few things that I do to help recharge my creative batteries. You know what I mean - something that inspires you when things are getting monotonous.

One of those is listening to the Windows XP installer or theme music. To find that track just search your computer for title.wma (showing hidden files) which is a Windows Media file. That audio track is just soothing, probably because I've heard it so much installing XP on computers. Of course, I've converted it to mp3 format and even have it loaded on my iPod.

(if you can't find it, just contact me)

Another thing I like to do is to watch the "The Machine is Us/ing Us (Final Version)" video, that I've blogged about previously. While doing following links from the video, I ran across another of Dr. Michael Wesch's videos. That led me to his "Information R/evolution" which led me to google for a magazine article from 1995 shown in the video.

The Internet? Bah?
Hype Alert: Why Cyberspace isn't, and will never be, nirvana
By Clifford Stoll
Feb. 27, 1995
Full Text Here | Highbeam Archive Here

Now Clifford is not just an amateur writer or tech person. However, he definitely had some very wrong opinions and quotes. Let's take a look at some of them just for fun.

The truth is no online database will replace your daily newspaper, no CD-ROM can take the place of a competent teacher and no computer network will change the way government works.

Umm - newspaper subscription rates are falling at an incredible pace. I get 75% of my news from online resources such as newspaper sites, blogs, etc. I believe that government is changing the way it works, albeit slowly, due to the internet. Now we not only have "freedom of the press", but we have instant freedom of the press.

I do agree somewhat on replacing a competent teacher with a CD-ROM. There really isn't a substitute, but it's also fair to say that the internet has definitely changed the learning landscape. Many classes/teachers now require papers to be submitted online, MIT has released much of its course materials online, and many others are following suit.

How about electronic publishing? Try reading a book on disc. At best, it's an unpleasant chore: the myopic glow of a clunky computer replaces the friendly pages of a book. And you can't tote that laptop to the beach. Yet Nicholas Negroponte, director of the MIT Media Lab, predicts that we'll soon buy books and newspapers straight over the Internet. Uh, sure.

I think Jeff Bezos and Amazon's Kindle would certainly disagree with this. While there is certainly something to be said for reading a good ole book, digital text is certainly here to stay. Even Sony has an ebook reader out, although I'm no fan of Sony.

You can't tote your laptop to the beach? Hehe. Yeah right. Mine goes everywhere I go. Typically, I have some sort of Internet connectivity as well.

Then there's cyberbusiness. We're promised instant catalog shopping -- just point and click for great deals. We'll order airline tickets over the network, make restraunt reservations and negotiate sales contracts. Stores will become obsolete. So how come my local mall does more business in an afternoon than the entire Internet handles in a month? Even if there were a trustworthy way to send money over the Internet -- which there isn't -- the network is missing the most essential ingredient of capitalism: salespeople.

What's missing from this electronic wonderland? Human contact.

I hope he didn't miss the explosion in online sales and businesses. We now do just about everything that he said we wouldn't - and I have some other news for him. There are some things that just don't require human contact. Like standing in endless lines to be greeted by a salesperson who is barely knowledgeable and is just a sales-drone anyway. I'd much rather search online, read honest product reviews, purchase, and have it delivered right to my door. At the least I will research something online, read reviews, drive to a local store, and buy the thing without ever talking to a sales-drone.

In conclusion, I just thought many of his predictions were oddly right even if they were 180 degrees opposite of reality. The Internet and web continue to get more pervasive in our lives. I hope it keeps on.

What intrigues me the most about the Web and Internet is the collaboration. I can email, Skype, or IM people across the world. I can remotely support computers for people I have never met "in real life" and get paid for the service.

Blogs, podcasts, message boards, and videocasts also me to learn from others while pushing my own content out in the same manner.

That is the web to me - pushing the boundaries of collaboration.The following videos really defines the reasons that I love the Internet and the Web.

------------------------------------

------------------------------------


------------------------------------

------------------------------------

References:

http://mediatedcultures.net/

Digital Ethnography of YouTube project
http://mediatedcultures.net/youtube.htm

With the recent onslaught of Trojans, viruses, and Windows exploits, I thought it would be a great idea to share my "lecture" on the subject. Please read this information carefully as it will help you avoid all these nasties 99.9% of the time. If you have any questions, please don't hesitate to ask me. I'm going to post this information on my website and add to it occasionally as I think of things.

Pass this around to your friends. I've done several virus cleanings lately so the problem is very real and very much out there.

============
Free Anti-Virus Software
============

You do not need to pay for expensive anti-virus software. Most of that is marketing garbage anyway. 

Plus they tend to hog resources if you are on a slower computer. I cannot count the number of computers running up-to-date Norton or McAfee or TrendMicro that are infected. I make a decent part of my living by fixing them. Don't fall for the hype just because a trial-version is installed on your computer or the local BestBuy goon says Norton is the best.


Besides, antivirus software is one of your last lines of defense. Most viruses and malware are designed these days to work around your anti-virus software anyway. Use antivirus as a tool in your arsenal - don't rely on it.

I recommend a free solution for home/personal use by www.grisoft.com. AVG Anti-Virus performs as well or better than Norton and McAfee and is free. How can they give it away free? Well, Grisoft is in business to make money...on the corporate side. They use the free home version to promote their business. Quit paying for something that you can get free!


[ Google AVG Download ]


============
Lesson 1
============

Most email viruses and Trojans are spread through BLANTANT USER IGNORANCE!

Let's face it. Over the last few years, everyone has heard some news report about the proliferation of viruses for the Windows operating system or Outlook or Outlook Express. However, the viruses continue to spread faster and faster.

90+% of viruses are spread though email attachments NOT by reading an email. If you don't click (or run) the attachment, then you don't get infected. It's pretty much that simple.

Many exploit patches are released by MS (Microsoft), but users fail to update or don't know how. MS has made it easier than in the past and has promised a new Security Initiative to help stem the tide.

Windows Update Site:  http://v4.windowsupdate.microsoft.com/en/default.asp   (follow the instructions for CRITICAL updates-don't worry about the others)

==========
Lesson 2
==========

Keep your AV (anti-virus) software up to date. For that matter, make sure you are running AV software and it is configured properly.

It's not enough to just install an AV program such as Norton or McAfee. You MUST keep the "virus signature" files updated daily or weekly. Several thousand viruses make their way to the Internet each week. The AV companies currently do not develop detections or removal methods until the virus is already in the "wild".

Most of the popular AV software has a mechanism to automatically update itself. Use it. Pay the extra money for a subscription or whatever you have to do.

Recommended AV Setup

(1)     Have it scan all email attachments
(2)     Have it set for automatic background scanning
(3)     Have it set to run periodic full computer scans

==========
Lesson 3
==========

Always pay attention to your emails and use common sense! AV software is not perfect.

Look at the text in the email. If it is short and curt or has very dramatic misspellings then it is probably a virus. This is especially true if there is an attachment to the email. Always scan an attachment again before opening it by saving the attachment to your hard drive (like MyDocuments). Go into your MyDocs folder and right-click to scan the file with your AV software. If your AV software does not install an option when you right click a file, then you are using the wrong AV software.

==========
Lesson 4
==========

Don't trust an email just because it appears to come from a friend.

Most viruses today spoof the return address and headers. You have no way of knowing really who it's from. Also, MS will never send you an email unless they intend to sue you for something. Then you will also get a certified letter in the mail too from their attorneys. The point is that don't trust emails just because they appear to be from someone. Think about real junk mail in your USPS mailbox.

==========
Lesson 5
==========

Learn the generally safe attachment file extensions versus the dangerous ones.

If you don't know about file extensions, then you really should have me train you on Windows and PC basics. With that said, here are the BAD extensions:
*    .exe
*    .pif
*    .scr
*    .bat
*    .vbf
*    .zip (only bad sometimes and mainly recently)

NEVER open one of those or you are toasted. Any of those files can wreak havoc on your computer. If you really are expecting to receive a .exe file from someone (since they can have legitimate uses in email), then telephone and confirm that the person really sent the email to you.

Here are the GOOD file extensions:
*    .gif  (used for pictures like logos and things)
*    .jpg (used for photos)
*    .jpeg (same as .jpg)
*    .png (used for images rarely)
*    .zip  (if from a confirmed source)

==========
Lesson 6
==========

If your computer acts "funny" or begins crashing much more than normal, have it inspected by a qualified professional.

It's a fact of life that Windows will crash and lock-up. However, if your computer has been running fine and only recently begins to "act up" without any new software installations or anything, then chances are that you have a virus or Trojan. It is always best to have a qualified person take a look at the computer. The problem can be determined and a course of action taken.

============
Frequently Asked Questions
============

Q. Why do I need to be that concerned about it?
A. The truth is that you can go on about your life with an infected computer or never worry about security. This is about the same as always leaving your home or car unlocked to the entire world, literally. You should always be concerned about security. At the very least, most Trojans these days are designed to help proliferate SPAM. Do you really want to be responsible for helping to spread more herbal-type Viagra?

Q. What if I just turn my computer off?
A. Turning your computer off only stops the problem until it turns on again. Once your computer is running (with an infection) you are vulnerable.

Q. Everyone says that the Internet is not safe. Doesn't this prove it?
A. The truth is that the Internet and computers are no less safe than most other public things. After all, you can get robbed at gunpoint just about anywhere. Remember that the Internet literally connects you to others on a global scale. Just as in real society, there are people out there with ill intentions.

Q. Aren't these just kids (aka script kiddies) unleashing these viruses?
A. Some are doing that; however, there are basically 2 reasons these days: economics and political statements. The economic side is due to the spammers entering the scene and partnering with virus writers. By political statements, I mean that many people have a deep hatred of MS. Without getting too deep in the subject, these people feel that the only way to get the attention focused on MS's poor security habits and coding is to wreak havoc through viruses on a global scale.

Q. What about these other "Internet Security" products?
A. If you follow my lessons here and those of mine for Spyware/Adware, then you don't need anything else.

Periodically I will create a "Technology Report" for my clients when returning computers that I have worked on - whether software or hardware. As I create these, I am going to post any of them that I feel will provide important information.

Computer Issues:

1. Had EFS setup on MyDocuments and Desktop Folder
2. Had Privacy bit set on MyDocuments
3. Lots of software installed/uninstalled in past
4. Various unknown registry edits
5. Strong WinXP password for desktop logon
6. No established backup method.
7. Running “double NAT” setup with Bellsouth + additional router

Recommendations:

1. EFS is NOT recommended for file encryption. There are many issues with this system, but the most glaring is that if your user account becomes corrupted, Windows crashes, or you change your password to your local account, then you lose access to the data. Also, there are 3rd party tools that can recover data from EFS files. Thus the security supposedly provided is not great.
2. Setting the privacy bit on folders only stops Windows users. You can easily boot to a free Linux live CD and see all the data.
3. Installing and testing various software is great. Just make sure you have a backup point to revert too should you need too. WinXP system restore is not a good solution. Either Acronis or Norton are recommended.
4. Editing the registry can be dangerous. It is a good idea to use imaging software – since simply backing up the registry does not mean that you can boot your OS in the event of a serious registry issue.
5. Having a logon for WinXP only keeps people from temporarily accessing your files. Easy workarounds include booting to safe mode as the Administrator, booting to a live Linux CD, or using several free tools to reset passwords.
6. Rule #1: You are only as good as your last successful backup from which you can recover. An easy backup solution is DVD's or a keychain (thumb) drive.
7. Double NAT can cause intermittent issues. Additional router was setup as a switch to provide extra LAN ports for additional computers. The Westell 6100 is not very robust in features though. In the future, the Westell may need to be bridged and use the additional router to handle the PPPoE as well as full routing/DHCP functions.

Additional Recommendations:

• Encrypting data is very easy using TrueCrypt, which is free and open source. The recommended method is to create a 4.5GB container file and map the My Documents folder to a drive letter that is assigned to the encrypted container. Also, the email clients can be mapped to the same container or another container just for email files. Backing up the encrypted files means your backup is encrypted also.
• Outlook and Outlook Express data files have been moved to a location in My Documents for easy back.
• Rather than using Outlook or Outlook Express, you should use Mozilla Thunderbird with the Sunbird calendar extension. This can even be synched to your online Google Calendar, which I also recommend.
• Start using Thunderbird for your POP3 client. Have Gmail check your Bellsouth email through the POP3 settings in Gmail so that you don't lose any email and have a single online source of backup. Gmail provides an SSL connection on inbound and outbound which provides addition privacy and security. Also, since most ISP's only filter port 25, the Gmail SMTP settings will work with any ISP. Gmail also keeps a copy of all mail sent from your POP3 client stored under your Gmail sent folder. This way you have access to virtually all of your email – or IMAP is supported.
• Use Gmail's bookmarking feature via the Google Toolbar. This gives you a central web-based solution so that your bookmarks are accessible for any Internet connected computer.
• Software based firewalls provide no protection behind NAT. Norton's software causes many more issues than it helps solves, and it is very bloated and resource hungry. The only time a software-based firewall would help is if your PC was already exploited and then it is too late.
• DON'T use MS Backup.
• Don't use Windows Media player for managing your CD's. You will get trapped with WMA files and eventually have to convert them to MP3. Use iTunes for managing your music, podcasts, etc.
• Use Keepass software as a central repository of passwords.

There are many pieces of software and much advice that is purported to be the end-all solution to safety on a Windows computer. The truth is that much of the software and recommendations are worthless and overkill. Much of the software will actually cause other issues. The software and solutions I recommend are easy to follow and work – period.

*Software*
Adobe Reader 8.0 | Alzip - File Compression | Audacity 1.2.3 - Audio Editing Software | AVG 7.5 - Free antivirus | CDBurnerXP - Free CD/DVD burning software| CleanUp - temp file cleaning utility | DirectX 9c | Eraser 5.8 - secure file deletion software | Filezilla 2.x - FTP Client | Inkscape .43 - Vector drawing program | iTunes - mp3 playing/organizing software | Jave Runtime Environment 5.0 | JDiskReport 1.2.1 - file/folder reporting utility | Limewire 4.11.0 - p2p file sharing/download mp3s | Mozilla Firefox 2.x - The best web browser | Mozilla Thunderbird - The best email client | Music Rescue - iPod music recovery | OpenOffice.org 2.2 - Full Office Suite | PC Inspector Smart Recovery - SD card picture recovery | PDFCreator - PDF creation software | Picasa 2 - picture managment software | Scribus 1.3.3.8 - Desktop Publishing software | Super (c) - Video conversion software | The Gimp - Image editing software | TrueCrypt - file encryption software | VideoLAN VLC - multimedia player | Google SketchUp – Modeling program | Moz Backup – backup Firefox and Thunderbird settings | Blender – 3d Animation software | BitPim – cell phone access | Pidgin – IM client | MP3 Tag Tool | DIVx Bundle | OpenDNS / Homing Beacon

Well, it's been forever and a day since I've done a newsletter. Funny how time seems to just keep right on moving along non-stop. As you can see, I've decided to publish my newsletters as part of my tech blog now. It just makes it much easier than typing up the newsletter in the forum and publishing across multiple formats. Once I've got it in my blog, it's here - so let's get started.

Don't worry. There is plenty of free information in this one as usual, and it's full of Google stuff.

##########################
##########################

Google's 411 Service www.google.com/goog411/
1-800-466-4411
1-800-GOOG-411

If you are a cell phone user or even landline user, it can be an expensive hassle to call information and get a phone number. Google to the rescue again. Guess what? Yeah, it's free.

Just dial it from any phone and follow the voice prompts. It can't be any easier.

------------

Google SMS

Another great way to get mobile help from Google is to send an SMS (text) message to Google. Simply send a text to 46645 (GOOGL) and get a reply. For instance, if I send a text that reads "movies 71112" then Google replies with the movie listings in my area. You can also text something like "pizza bossier city, la" and get all the pizza listings.

For a full list of features go here: http://www.google.com/intl/en_us/mobile/sms/

Google Docs and Spreadsheets
http://www.google.com/google-d-s/tour1.html

Want an easy way to create and collaborate on word processing and spreadsheets? Google launched their "docs and spreadsheets" some time back. While you can't do advanced word processing or Excel macros, I think you will find that for most users there is plenty of power.

You can have multiple people editing a document in real time. This is very powerful stuff for small businesses and organizations!

Support is provided for DOC, XLS, ODT, ODS, RTF, CSV, PPT, etc. You can import and export as well as have full support for PDF's.

Routers on Cable Connections

It is incredible that I still encounter about 70% of home users with a cable connection and no router. That is way too dangerous and accounts for a large part of my business. However, I do believe in safety first so I constantly urge all my clients, friends, and family - If you are on a cable connection, get a router!

Safety and security is a layered process just like your home. There is no one simple thing can solve every security problem, right? The first layer of security in your computer network should be your NAT (network address translation) router. Otherwise you are bare naked and bent over to the world. The DHS (Department of Homeland Security) and CERT have provided a basic list of home network recommendations.

Most computer security threats today are not really designed to crash your computer. Also rare are attacks to "steal your identity." Most intruders are looking to turn your computer into a "zombie" in order to launch attacks at websites or other computers or networks. Even more common is the fact that most zombies are now created to help send spam out in the background.

Unfortunately, we can't stop spam and thus the intruders until we take the economics out of the equation. I'm not sure of the current numbers, but worldwide spam accounts for billions of dollars in revenue for the spammers and advertisers. So what can you do?

• Use alternative browsers to Internet Explorer such as Firefox, Safari, and others.
• Follow basic safety such as making sure you absolutely trust an email before opening an attachment or clicking a link.
• Use Google's GMail which has a very robust spam filtering system, SSL connections, and online virus scanning.
• Use AVG (free edition for home users) and let it auto-update.
• Use TrueCrypt for encrypted file containers.
• If your computer slows down (software speed, etc), contact me immediately so we can asses what may be wrong.
• DONT use Norton or McAfee products - you will have a false sense of security.
• If you have a wireless network make sure WPA security is used.
  

Computer scientist fights threat of ‘botnets’
http://www.news.wisc.edu/14380

CERT® Coordination Center
Before You Connect a New Computer to the Internet
http://www.cert.org/tech_tips/before_you_plug_in.html

Is It Time to Ditch IE?
Feds say switching browsers is one way to deal with security threats.
http://www.pcworld.com/article/id,117550-page,1/article.html



####################
####################

That's it for this edition of the newsletter!

As usual, watch your RSS reader for updates to my tech blog for more information and future newsletters. Don't forget to check out my online tutorials as well.