All posts by remotehelpexpert

Internet Browsing and Your Privacy

Computer Security, Technical Tips, ,

This is not about a crazy nut conspiracy theory. It’s about how your internet surfing activities are kept track of. Many of you know about “cookies”, small files that your internet browser saves in your computer as it visits websites, and that they can be used to keep track of what websites you visit.

A less known fact is that websites include code in them that keeps track and report specifics of all visitors. Then there’s companies that specialize in collecting, analyzing and selling such information, which your browser normally gives away when visiting a site.  Things like date and time of your visit, your computer’s operating system, your IP (Internet Protocol) address (which can pinpoint your geographical location within a few miles radio), your internet service provider, what link took you to the particular website you’re visiting, which browser and what version of it you’re using, even your screen resolution!

The biggest company in this activity of web tracking is, by far (no surprise), Google with Google Analytics. Many other smaller companies also engage in this type of “surveillance”.

What can you do? For the Firefox browser users, there is a free add-on called Ghostery, which you can get here: http://www.ghostery.com/ . What does it do? it alerts you if there are trackers in the website you are visiting and gives you the option to block them. There is also a way to pull a big list of known trackers and with one click choose to block them all, so you don’t have to continuously click to block individual trackers as you visit websites.

I thought you should know about this and what can be done about it.

The Future of Communication

Technical Tips

When it comes to computer related subjects, evolution seems hyperbolic. From the slow-start days of the computer in the 1940s, to the speed of evolution in the new millennium, this has become self-evident. It’s not easy to keep up with the new developments in the computers themselves, and the applications that are developed for them.

Such is the case with electronic communications. First used over 40 years ago, and originally modeled after traditional (snail) mail, it seems to have become obsolete in structure and function. Google took a shot at updating it based on tools available now that weren’t available 40 years ago, and recently came up with an attempt to answer the question: What would e-mail look like if it was invented today? The answer: Google Wave. Still in Preview and only obtainable by invitation, it is but a rough draft of what it can become, and I think it is already impressive.

It would take a really long article to explain everything Wave can do. But since a picture is worth a thousand words and a video is probably worth thousands of pictures, I leave you with a few million words worth in these videos below. I have arranged them in sequence, from short and simple to long and complex:

This first video is short and very graphic, and gives a basic notion of what Google Wave is:

http://www.youtube.com/watch?v=rDu2A3WzQpo

This next video is a guy’s take on demonstrating what Wave can do, by “translating” a scene of Pulp Fiction into Wave:

http://www.youtube.com/watch?v=xcxF9oz9Cu0

These next two are from Google team members, first the abridged overview (less than 10 minutes version):

http://www.youtube.com/watch?v=p6pgxLaDdQw

And then the full version that is mentioned at the beginning of the above one. It is for you to watch if you are curious for more information from the above videos. It is 80 minutes long:

http://www.youtube.com/watch?v=v_UyVmITiYQ

So there you have it. In my opinion, this represents an evolution, and the future of communication.

Public Wireless Networks, More About

Computer Security,

My most recent article on public wireless networks security has gotten quite some feedback from my readers, which is appreciated. It has also raised a number of questions. While I always love to answer correspondence on an individual basis, there were enough common ground in some of the questions to justify a follow-up article. So here we go.

The main point raised was what to do when one is on the road for prolonged periods of time and cannot just wait until the next time one is home and able to connect the portable computer to a secure wireless connection to do banking and other sensitive data transmission type activities. The earlier article tips were more about what not to do. But can one DO about it? Note: because the technical level of my articles is geared toward the non-initiated and the technical details are generally left out, I will only cover what can be done in a generic way.

For starters, you can make sure your general portable computer security level is robust:

  • Is sharing files and folders enabled in your laptop’s wireless connection? it shouldn’t.
  • Are any of the services that allow remote connections to your computer running? they should be disabled.
  • Is your wireless card set to roam aggressively so if it finds a stronger signal it connects to a new hotspot automatically? that opens the door to connections to rogue hotspots and should therefore be set to not changing automatically.
  • Is wireless network ad-hoc (computer to computer) mode disabled in your laptop? it should be to avoid accidentally connecting to someone else’s computer.
  • Is your firewall on, and if your operating system is Windows XP, do you have a more robust firewall in place? consider free alternatives like Comodo’s or ZoneAlarm’s firewalls.

That covers a few points. But even with all the above points taken care of, there is still the problem of connecting to a hotspot that has no encryption. What to do then when one is about to engage in sensitive emails handling, online transactions, banking? The solution with the most consent is, use a private virtual private network (VPN). What is a VPN? It’s a type of network technology that allows secure communication between 2 computers or groups of computers via a public channel, usually the internet. It has many uses and providing wireless security while on a public hotspot is just one of them.

Both free and paid versions of personal VPN programs exist that can be applied to this problem. An example of a free one is Hotspot Shield, that can be found here: http://hotspotshield.com/. An example of a paid one can be found in this link. There is no implicit recommendation of either of these examples, although the free one was recommended to me by one of my readers. Update: See http://remotehelpexpert.com/blog/?p=1615 for an update on the hotspotshield recommendation.

So if you are in the situation where you are on the road constantly and need to use public hotspots, you might want to consider a personal VPN solution as a deterrent to wireless sniffers and man-in-the-middle type of attacks.

Public Wireless Networks, How Secure Are They?

Computer Security,

In a nutshell: Not very. With portable computers being more and more popular, and wireless access in public places being found more and more often, this becomes a problem.

Let’s take a look. Public wireless networks (hotspots) like those found at airports, cafes, libraries, hotels, supermarkets, etc. lack encryption. What is encryption? basically the transforming of information using a special formula that is only decipherable by having a certain piece of information – a key. So your hotspot with no encryption looks like this:

laptop –> wireless receiver –> Internet

Nothing wrong with that, except the information is traveling from your laptop in the form of radio airwaves spreading in all directions in plain form and it’s therefore possible for a “sniffer” to intercept the data – an activity that has been given the name of “sidejacking”. And since there is no encryption, your data is open to view.

Let’s look at the same setup, but with encryption enabled:

laptop  –> (encryption) –> wireless receiver –> (decryption) –> Internet

Now the wireless aspect of the data transmission is protected by encryption, and is no longer available to sniffers who might want to access it. Of course strictly talking any encryption can be broken, but the difficulty to do it when using good encryption discourages most cyber-criminals as long as the target (you) doesn’t look too attractive, as I’ve explained in this earlier article.

So, what rules emerge from the above data? when using a public, non-encrypted hotspot to access the internet:

1) Do not enter passwords or supply other credentials in a website, unless the webpage itself is protected with encryption (in browsers like Internet Explorer or Mozilla Firefox you’ll see a lock in the lower right corner to symbolize encryption is being used in that web page, and typically the website address starts with “https://” instead of “http://” , signifying the page is secure). Even then and for reasons beyond the level and scope of this article this is not particularly recommended.

2) Avoid banking or doing online transactions, even in a secure webpage.

3) Basically, don’t do anything on your computer related to an internet connection you wouldn’t mind doing if you had a bunch of strangers right behind you looking at your screen and taking notes!

Wait until you get home (or to a secure wireless network)  to do any of that. And I surely hope you have encryption enabled at home if you connect wirelessly to the internet!

Hope this data helps.

Tips for Travelling with Laptops

Technical Tips,

An increasingly popular type of computer, laptops have seen a surge in demand over the last few years. Did you know that in 2008 and for the first time ever, the number of new laptops sold surpassed the number of new desktop computers sold? and now with the even lighter version of portable computers, the netbook, they are becoming more and more popular.

All trivia aside, since more and more people are jumping on the laptop bandwagon, I figured it’d be a good idea to write a couple of tips about how to go about them when one is on the go.

Since when you’re mobile you mostly depend on the laptop’s battery life, it’s a good idea to economize in what uses power the most. For example, if you are just using a word processor or watching a movie, you can turn off the wireless adapter. Also try to use a lower-than-maximum screen brightness when depending on battery power.

There are four main power states the laptop (or any computer for that matter) can be on. These are, in descending order when considering power consumption (1) Fully on, (2) Suspend/sleep, (3) Hibernation, (4) powered off. In sleep mode, several parts of the computer are turned off, but the computer is still capable of responding to user input, such as a key stroke or mouse click/motion. In hibernation, it’s a different story. All the running programs and opened files at the moment of starting hibernation are saved to the hard disk and the computer is effectively shut down. But while it is necessary to press the power button to resume normal operation, coming back from hibernation is much faster than starting the computer from scratch. This is therefore the preferred state in which a laptop should be transported – hibernating. The power consumption is at its minimum, the hard disk is not operating (important since moving a laptop around with its hard disk on can lead to damage to the hard disk) and yet turning it back on takes a minimum amount of time.

Since it is usual to close the lid of a laptop when carrying it around, you should know that what the laptop does when you close its lid is something you can change. The range of actions (when closing the lid) go from doing nothing, to putting the laptop to sleep, to hibernation, to shutting down. It is also possible to have different actions occur depending of whether or not the laptop is plugged in to a power supply when the lid closes. For example, you can set the laptop to go to sleep if the lid is closed when plugged in, but hibernate if the lid is closed when powered by the laptop’s battery.

One more thing you should also know in regards to the subject is about rechargeable batteries: They have a limited number of recharges before its ability to hold charge degrades.  After about the 60th recharge the battery will start to wear progressively and perceptibly, to the point where it holds only a few minutes worth of charge or no charge at all. So try to use the laptop’s battery power only when it’s needed.

Proper use of a laptop’s power settings will increase the time you can use it while on the go.

“Should I Turn Off my Computer at Night?”

Computer Security, Technical Tips

If I had a penny for every time I have been asked that question… I’d be writing this article from a bungalow in the Bahamas.

But I don’t. So, to the question at hand.

People in favor of turning the computer off at night bring up valid points, the main one being power consumption. But did you know that properly set power management settings reduces idle power consumption around 70%?

Others reason that with the computer off when not in use during the night the possibility of a hacker intrusion attack is reduced. True but if that is the concern, you can disconnect the computer from the internet (through disabling the network adapter, or a switch for many laptops with wireless, or disconnecting the network cable, or turning off the router, or…). And the truth is, it is relatively easy to repel hacker attacks if you have a sound computer security setup in place.

So now that we have those out of the way, let me tell you what is good about leaving your computer on at night.

There are several routines that traditionally computers are scheduled to perform after hours, when the computer is idle. These include: virus scans, hard disk defragmentation, system restore points, Windows updates, system backups, among others. When you turn your computer off at night, all these routines are not performed and to that degree your system is running in a non-optimum state.

And did you know that over time, it is more taxing for the electronic components of the computer to go from room temperature to operating temperature to room temperature to operating temperature than to remain in the same relative temperature range?

One last thing. Just about the only thing that is good about shutting your computer down at night and restarting it in the morning is that all memory errors and such are cleared up. The maxim “when in doubt, restart” applies here. So if you are one of those users that turned your computer off at night and decided to change to leaving it on, I recommend a restart at least every few days, to clear such errors accumulated over time. It will do for a smoother operating computer.

This subject has people that advocate for either of both possible answers and thus I expect some percentage of people to disagree with my position. If so it is your prerogative and I respect it. But the above is my take on the subject, based on over 25 years of experience with computers. Up to you to follow it or not.

Setting Up a Home Office

Technical Tips

A trend-in-the-rise in recent times, more and more people are starting businesses from home. Perhaps you and your spouse work together in the same business, from home. Regardless of what business category yours is in, it’s almost certain that part of the setup must include computer equipment. Permutations of the setup will depend on the type of business, but the basic elements are basically the same:

Small networks like a home network are usually setup as a workgroup. In this setup, there is no central computer and the existing computers are setup in a peer-to-peer networking setup. Yet with this setup printers and files can be shared between computers. Printers these days have multi-function capabilities, which means they can also send and receive faxes, something often needed in a home business setup. This function can also be shared among computers.

Normally this setup will have some sort of high-speed internet service, which typically goes modem–>router–>computer(s). Depending on how close the computers are to the router and whether or not it is therefore easy to do a wired networking setup, a wireless one can be done with relative ease. The wireless function can also include the printer if so desired.

Software installed in the computers will vary. But almost certainly you’ll have an email client program, some sort of accounting software for bookkeeping, and perhaps CRM (Customer Relationship Management) software to keep track of client prospects’ activities throughout the sales pipeline and to make sure the customer retention percentage remains high.

Investing the time in properly setting up your home business computer apparatus can help boost efficiency and thus productivity.

The Ultimate Malware Protection Tool for Web Surfing

Computer Security,

A few weeks ago I covered in an article the best protection model for a computer when it comes to malware. You can find that article here.

However, good as it might be, with the advances in malware technology there is still a chance your computer will get infected while browsing through websites, if you’re not careful.

For those who need and want ultimate protection while web surfing, the answer is virtualization. Simply put, virtualization in this context refers to the creation of a  separate operating space within your computer, which can then act as a sandbox. In other words, it’s like a computer within your computer. While not strictly correct, this is the easiest way to portray it for the non-advanced user. But the point is that while you are browsing, you can choose to turn virtualization on and thus everything that might impact your computer in terms of malware can be discarded at a press of a key once you finish your browsing session.

There are several programs that achieve this, perhaps the most known is Sandboxie, http://www.sandboxie.com/

Other programs have a built-in feature that can be used as a sandbox. For example, I use Acronis True Image Home 2009, a backup application. It has a function called “Try and Decide” which is simply an implementation of the mentioned virtualization function, with the same results.

So when is it recommended to use one of these programs? For example, if you are required to browse the web constantly and you often do searches and you are not sure of whether or not a malicious website might come up in the top search results, effectively infecting your computer when you click on that search result.

Virtualization or sandboxing is something that can be turned on or off selectively. In other words, you can have a sandboxing program installed and only use it when you deem it necessary.

And in some instances it can be proven to be very necessary.

Spam and Links in E-mails

Computer Security, Technical Tips

The CAN-SPAM Act, a law that sets the rules for commercial emails, includes a requirement to tell recipients how to opt out of receiving future email from businesses. This is why, when you get a commercial email, it is supposed to give a way to stop receiving such emails. Methods can include replying to the email and putting a certain subject such as “unsubscribe” or have it in the body of the email itself when replying, etc. Some emails come with a link that you are supposed to click on to unsubscribe. While in the past this has been a legitimate way to unsubscribe to certain emails, this is now superseded by a more basic rule of email handling, DO NOT CLICK ON LINKS IN EMAILS FROM UNKNOWN SENDERS.

Why? because this is one of the easiest ways to infect your computer. All you have to do is click on that “unsubscribe” link and it takes you to a malicious website that will try to infect your computer just by virtue of accessing the webpage your web browser will land on.

So if you get an email that looks like spam, and you want to handle it, do it in some other way if unsubscribing means clicking on a link. I wouldn’t even bother sending an email asking the sender to stop sending those emails, as that is a known way to harvest valid email addresses for further spamming. Block the sender if you want, mark the email as spam so your spam filter will learn to better recognize it, report it if you wish, but that’s it. Don’t fall for the trick.

The Many Faces of Software Piracy

Technical Tips, ,

You’ve probably heard, one way or the other, about software piracy. It is the mislicensing, unauthorized reproduction and illegal distribution of software, whether for business or personal use. Generally speaking, it means illicit use of software that is normally sold to users. While I’m sure many can think about obviously flagrant examples of this – like walking to a computer store and shoplifting a copy of a program you’d normally pay for – there are more subtle ways of indulging in software piracy, and as it gets more and more into what is called the “gray area”, more and more people seem to justify it. I’ll cover some of these in this article.

Sharing Copies

Normally every software program is sold with a specific number of licenses – how many computers you can install it on. Different software companies have different mechanisms to prevent abuse in the form of installing software in more computers than the license covers. However they’re not perfect and some of them can be circumvented. That doesn’t mean it’s legal. Don’t install a program by “borrowing” a CD from a friend. And don’t allow for that to happen with the software you own and paid for.

OEM

The most often misunderstood term when it comes to software, it’s represents one of the most common forms of software piracy. OEM: Original Equipment Manufacturer – For example, when you buy a new computer and get all those CDs with the programs already installed in it – that’s OEM software. It is sold to the company that sold you the computer by the companies that make the software, under specific licensing.  Said licensing has its terms.  For example, when it comes to Windows operating systems, it is supposed to be sold by the licensed reseller WITH a new computer, and it is irrevocably linked to that computer. What does this mean? It means the operating system cannot be sold by itself. It means it cannot be sold with a different computer, than the originally intended one.

In this scenario it is common practice for unscrupulous resellers to sell the operating system by itself. Why? because of the reseller license, they get it at a lower price and can sell it at a lower price than the retail version and still make a profit. It is also easier to install many more copies than one is supposed to.

One of the sleaziest “circumventions” I’ve seen on this happened to a client of mine recently. The client went to eBay to look for a copy of Microsoft Office 2003 to buy. A seller was offering OEM copies of it for about $60. To try and circumvent Microsoft and eBay’s policies on OEM software, the seller would include some generic piece of “hardware” with the OEM software he was selling, and with that interpretation of the policy he thought he was covered. In this specific case the piece of hardware turned out to be a data cable used inside computers. C’mon! How could that be compared to a full computer or hard disk, like it’s supposed to? I informed the client she needed to return the purchase and get a refund, and the seller got reported to eBay.

Key Cracking

This is the most obviously illegal form of software piracy. One of the mechanisms used by software companies to make sure you own an original copy of the software they sell is the use of product or activation keys, a sequence of numbers, letters, or numbers and letters that is to be input during the software installation to validate the installation – make sure it’s legit. This key is normally generated using an algorithm (formula) but it can be cracked by somebody who knows enough about the subject, or who gets a program that does exactly that, created by somebody who knows enough about it. Not only is this completely illegal, but also often times “key cracker” programs and “cracked” versions of programs are available from sources that more likely than not have malware embedded in them, and it’s one of the easiest ways to infect a computer. So if you buy a program from a reseller and you get a CD in the mail with a printout of a product key or a photocopy of the original product key sticker, most likely that key is not legit, whether illegally reproduced or generated with key cracking techniques.

The Maxim

When it comes to buying software (and other things), if it looks too good a deal… it’s probably not legit.

Conclusion

Most users use properly licensed software and are honest. For the minority that don’t, here’s my message to you: Beware. Don’t indulge in software piracy in any form, no matter how justifiable, attractive or tempting; discourage others from doing it and report those who don’t play by the rules. Otherwise it will come back and “byte” you you-know-where.