December 14, 2007

Slooooow Computer

Is your system not running the way it did when you bought it? Remember that
feeling when you clicked on something and your PC reacted immediately?

Most clients I speak to think they just need a new computer. It must be
time, they sigh. Well, not really. Here is an example of a heavily
fragmented drive:


This poor drive is bleeding to death!! The red indicates fragmented files.
These are files that have been split and separated on the disk. When your
system wants to use these files, it must reassemble them first, which is
time consuming work for your processor AND hard disk. Thus, your computer
runs sloooowly.

Notice something else with this drive---the white space is the FREE space
left on the drive. Not much there, I'd say. Windows needs a lot of breathing
room. In fact, Microsoft recommends that you leave 20% of your disk free of
data. This gives the drive and the operating system plenty of room to run
efficiently.

So before you drop a large chuck of change on a new system, do a little
house cleaning first:

- remove programs you no longer use
- archive files that no longer need
- defrag your drive

If you haven't installed any new software, that PC should run just like you
purchased it.

Posted by at No comments:

December 13, 2007

Wow, Vista's floating bubbles are cool!

I keep telling myself... I need to update to Vista, I need to update to
Vista. It's already happening---people are asking me questions about Vista
that I can't answer.

I've been resisting the upgrade because XP has been working fine for me, and
I have a lot of critical data that I need to run on a stable environment.
Thus, I can't really afford to upgrade and work through any of Microsoft's
bugs just yet. After all, I have a business to run.

I guess I'll need a dual-boot system to support those poor people who have
walked into a computer store and seen the glamour and glitter of this new
operating system---gosh, those floating bubbles are so cool!

One of the problems with consumers is that they seem to have very few
options. Even if you wanted to buy a new system with XP installed, you'd be
hard-pressed to find one. In fact, Dell doesn't even offer XP for it's "Home
User" customers. Interestingly, if you tunnel down into the business
options, you'll find XP is offered on new systems. What does this tell you?
Well, it tells me that businesses, like mine, can't afford to run critical
programs on an unstable system.

Dell doesn't want to lose money, so they are offering XP for those
businesses that request it. I haven't tried, but I'd bet that even the home
user can call Dell and insist on having XP installed on a home system. This
is what I recommend.

Vista's beta version has been out since 2005. In a few short weeks, it will
be 2008. You'd think that Microsoft could clean-up most of its code in three
years, but apparently not. The long awaited service pack 1 for Vista should
be out soon, but based on the information I've read, this service pack still
won't do it. It sounds like a ploy to somehow build confidence in the minds
of business owners that Vista is now "business ready". As a former IT
manager, I'd be taking on a HUGE risk if I suggested an office update to
Vista right now.

So what happened to Microsoft? Why can't they produce a good operating
system the first time around. Sure, we've put up with them in the past by
waiting for service pack 1, but now not even that will ease my mind.

Microsoft is so fixated on security and piracy that they've lost focus on
the honest consumer trying to use her computer as a tool rather than a
shield. Let's just add a few more lights to this dead tree and maybe people
won't notice the brown needles in the dark.

Okay, so you get that I don't recommend upgrading your current system or
buying a new system with Vista installed. Now it's time I uncover some of
the specific issues I have with Vista and some of the reported problems.

1) How many versions of Vista does the consumer need? For crying out load, I
don't want to study 6 different versions to find the one I need. Most people
just buy the most expensive "Ultimate" version if they can't decide. Nice...
Perhaps this is exactly what Microsoft wanted us to do? Let's face it, they
went overboard with the versions---we really only need two versions at the
most.

2) Apparently, changing your password with Vista is a mystery. Several users
have reported that they tried to change their passwords, and Vista spit back
that it couldn't do it. Yet, when you log back in, the password was changed.
Hmmm...

3) Hardware compatibility is always a struggle, and I accept this. This is
one area where service packs do come in handy---they fix incompatibility
issues for the most part. However, now to take advantage of a High
Definition viewing experience, you'll need a monitor that can support it. I
understand buying a new video card, but the monitor too???

4) The BSOD is alive and well. Several people reported the infamous Blue
Screen Of Death upon reboot. Blue is a nice color for Intel, but not for
Microsoft! Of course, this usually indicates a hardware compatibility issue,
so I guess until item #3 is addressed, we have to live with this.

5) Wireless networking is pretty common these days. Yet Vista has this
annoying problem with connecting to an available signal. It reports "no
connection", but lets you surf the Internet anyway. What gives? Of course,
not everyone has this problem, but XP has never reported "no connection"
when one existed. This concerns me.

6) Here's a strange one... Read this on a Vista newsgroup. A user disabled a
few startup programs using the "msconfig" command from running the next time
he booted. However, when Vista rebooted, it said that some startup programs
were blocked. Apparently, it was blocking the actual msconfig utility that
was trying to remind the user he had made changes to his startup group.
Nice... Vista was blocking part of itself from running.

Okay... Enough said. Here's my recommendation: If you are ready or need to
buy a new systems today, then insist on XP. Eventually, the software
monopoly will have its wish, and we will all be using Vista, but let's wait
a little longer.

Posted by at No comments:

December 11, 2007

Backup Backup Backup

How important is backing up your critical data? Ask anyone who has lost
theirs.

Backing up data is kind of like the desire to exercise more even though your
heart is just not into it---the intentions are good, and occasionally you do
it, but it really never becomes a task you do consistently. Speak for
myself, right? Well, I am.

In a business environment, it's a no-brainer---the IT department worries
about such things. However, at home who's going to care? Let me paint a
picture.

Fewer than 1 out of 10 people backup their data regularly

The home user is primarily a careless user---let's call him Fred. Fred is
willing to spend "some" money on data security, but very little time. He
relies on third party applications and defunct hardware solutions to handle
the unpleasant task of keeping his data safe. However, Fred doesn't realize
that it's not money that will set him free from this responsibility, it's
his initial time.

Strategy

Fred needs a backup strategy. Like exercise, if Fred can overcome that
initial pain and investment, the effort will eventually pay off. Okay, so
Fred realizes that he needs a strategy. Big deal, that's simple---he backs
up everything and he's covered.

Rather than try to figure out how Fred really feels about his data, I'll
just outline my current strategy. Keep in mind that until you lose
everything, you can't really appreciate the value of having a strategy at
all. I'll humor those who need a laugh then...

Step#1

What data is important to me?

Digital photos. If my computer died today, I'd ask myself what would be the
hardest things to recover? The very first thing that came to my mind was
pictures---all those digital photos I've been storing on my hard drive for
the last three years. Memories are impossible to replace.

Money/Quicken files. I also do all my banking online now. I use MS Money to
help me keep track of my computer gadget purchases among other less
important stuff like the mortgage payment, water, gas, and telephone bills.
Several years of bank statements are also on my hard drive. If I lost this,
it would be painful but not as bad as my photos.

Docs and spreadsheets. I have a collection of documents and spreadsheets I
don't think I can replace easily. For example, several iterations of my
resume are stored on my hard drive along with that spread sheet I created on
the pros and cons of building or buying my next PC.

Email messages. I have literally thousands of email messages. If I lost
them, it certainly wouldn't be the end of the world, but there are a few I'd
like to keep. For example, my son's teacher used to correspond with his
mother and I via email. It would be nice if we could preserve these until
our boy grows up.

Wait, what about all the programs I have loaded, not to mention the very
software that runs all these programs? Gosh, I'm just not that worried about
them. I've got the original CDs right here. I can always reinstall them. In
fact, if my hard drive does crash, it might be a good time to do some spring
cleaning anyway. Half the applications installed on my system I don't even
use.

Step#2

How much space do I need?

As a general rule, I like to have twice as much space than I need. This will
provide me with room to grow. This is an important step because it will
ultimately determine the final hardware solution I use.

For example, if I only cared about my digital photos, I might be able to get
away with backing them up on CDRs or DVDRs. I could live with this solution,
but I fear I won't backup often enough. This, of course, leads into the next
step...

Step#3

How often do I need to backup?

I guess the real question is how much recent data am I willing to live
without? Clearly, if I only use my computer once a day for email and three
times a week for web surfing, then I don't need to be backing up every hour.

On the other hand, if I use my computer for business purposes, and I rely on
very timely data, then perhaps I need to be a little more careful how I
answer this. In my case, I want timely data.

In my last backup strategy (several months ago), I was a bit more lax. I
only backed up once a week. However, after I experienced my first real
system disaster (yes, it happens to the best of us), I realized that I had
lost a weeks worth of photos. Of course, it had to be the week my son
finished his soccer season, and I was designated to capture the trophy
ceremony. I still kick myself today for losing those photos, not to mention
disappointing all the other parents.

I needed timely backups---several times per day, in fact! You might think
this is a bit extreme, but you'll understand my strategy in a bit.

Step#4

What type of media do I use? There are certainly no lack of choices here.
There are Zip drives, Jazz drives, CDRs, DVDRs, Tape drives, Hard drives,
Floppy drives (Ooops, scratch that one), etc.

This decision will ultimately be determined by my backup space needs. In my
case, it was several gigabytes.

One serious options was DVDRs. This media can hold up to 4.7GB of data. This
would allow me to save an entire year of photos on one DVD. However, when I
looked at some of the "cons" involved, I decided against DVDR for now.

For example, the DVDR format is still not standardized. I just don't want to
invest in something I'll have to worry about supporting several years down
the road. Furthermore, DVDRs are still relatively expensive, not to mention
the $10 to $15 per blank DVD.

Zip, Jazz and CDR drives don't fulfill my needs either. They just don't have
the capacity. What inexpensive solution is left? Tape and hard drives seem
to be my only other choices. Bingo! I decided to use a combination of these
two technologies.

Step#5

What type of backup software do I use?

I struggled over this one for a long time. Again, there are tons of
different software packages written for this type of task. You could
literally spend thousands of dollars on backup software. I decided to spend
as little as possible and still feel like my data is safe.

I use Robocopy. Robocopy is a small Microsoft application that runs from the
command prompt. It's included with Windows 2000 resource kit, but I'm sure
it's available to anyone who searches for it---just do a google search on
"robocopy.exe".

Robocopy is a small but powerful utility.

Posted by at No comments:

December 10, 2007

XP Search Function

When you use the Search option on the Start menu to find files containing
specific text, the results may not include files of all types. In fact, if
you haven't installed any service packs, quite a few file types will be
omitted.

Microsoft created this situation deliberately, to avoid having you find
"irrelevant" files, but in the initial release of Windows XP the software
company overdid the limitation. Updating with the latest service pack will
allow Windows XP to search several dozen more file types.

The Search function relies on an internal filter to find words; file types
that don't have a defined filter won't be searched. If you find that certain
file types don't appear in the search results, you can try assigning the
plain-text filter to those types.

To do this, launch Regedit from the Start menu's Run dialog and navigate to
the key HKEY_CLASSES_ROOT\.??? (where .??? is the extension you want
searched). If you don't find a subkey named PersistentHandler, create one.
Double-click on the value "(Default)" for that subkey and set its data to
{5e941d80-bf96-11cd-b579-08002b30bfeb}. Repeat the procedure for any other
file extensions you want included.

You can also change a setting in the Content Indexing Service to index all
files. Select Search from the Start menu. Click on the Change preferences
link, then on the With Indexing Service link. Scroll down to Change Indexing
Service Settings (Advanced) and click on it (you don't have to turn on
indexing).

Now select Customize from the View menu, check the Console tree box, and
click on OK. Right-click on Indexing Service on Local Machine in the
left-hand pane and click on Properties. On the Generation tab, check the box
Index files with unknown extensions and click on OK. Close the Indexing
Service console.

Note that both of these techniques require that you first update your system
to the Windows XP Service Pack 1.

Posted by at No comments:

December 9, 2007

Warranties

This is more a consumer alert than anything else. As a geek, I like to spend
a lot of time perusing around in computer stores. Ninety percent of the time
I never really buy anything, but I like window shop.

Regardless, I happened to notice a shopper who was interested in an MP3
player. I couldn't help but overhear the sales guy pitching his extended 2
year warranty spiel: "if you have any problems whatsoever, just return it
and we'll replace it no questions asked.".

This always cracks me up, and it's really becoming a scam more than
anything. This particular sales guy is trying to sell a warranty on
something with absolutely no moving parts in it. I didn't stick around long
enough to hear the outcome, but it sounded like the customer was going for
the "piece of mind" over the cash in pocket.

Not more than 3 minutes later in another isle of the store, I overheard a
similar conversation. Again, the sales person was trying to sell a warranty
on an LCD screen: something about protecting yourself against pixels that
may go bad over time. Two thoughts raged through my head at the time:

- If a pixel does go bad, how will I know it, and...
- With TFT (Thin Film Transistor) screens, how likely is it for one or more
transistors to go bad within the first year anyway? Again, this goes back to
the "no moving parts" argument.

True, there are literally millions of tiny transistors in each flat panel
monitor, and for manufacturers to guarantee that each and every transistor
works will put them quickly out of business; the very manufacturing process
is flawed, so they would have a hard time claiming this in the first place.

Therefore, it is expected that some pixels will not work when you first turn
on your new display, but additional pixels dying over time is not as likely
as you might think. In my opinion, it doesn't warrant spending the extra
cash.

It is becoming blatantly obvious that consumer electronic stores are using
these warranties as profit blankets. They are perfectly legal, and for some
they actually come in handy, but to me they are scams. Consider offers of
extended warranty very carefully. May the buyer beware.

Posted by at No comments:

December 8, 2007

Spy WHERE?

The Enemy

Spyware is everywhere! It can degrade your computer's performance to a crawl, steal personal information, track the sites visited on the Internet, and install itself without your knowledge.

How You Get It

Your system gets infected with spyware basically three different ways:

1) Drive-By Downloads
2) Bundled in software that you install
3) Installed by other spyware.

The biggest offenders are file-sharing programs like KaZaa, Morpheus and Grokster. Tests have shown that one of these applications can easily load 50 or so unwanted objects (spyware). Technically, most of these applications are legitimately installed. When the EULA (End User License Agreement) flashes before your eyes, it often states somewhere that it will load spyware onto your system.

In my opinion, spyware is the worst thing that has happened to computers in the past few years. Most anti-virus programs won’t even touch this stuff. Some spyware inserts itself deep into the operating system and then spawns new processes (programs) every time you reboot. Those Matrix fans will know what I'm talking about... How many Agent Smiths did Neo take-on at one time?

Just in the past 2 months I’ve disinfected over a half dozen PCs with varying degrees of spyware infestation. The removal process even for savvy users can take anywhere between 1 and 6 hours, and there is no guarantee the system will be completely parasite free.

How You Know

How do you know if your system is infected with spyware? Here are some tell-tale signs:
Your phone bill includes expensive 900 number calls (provided you have a modem installed and connected)
  • You open IE and don't get the page you expected to get by default (a.k.a. browser hijacking)
  • Your Favorites List has some new entries you didn't put there
    Your system runs noticeably slower than it did before
  • The send/receive lights on your network card blink wildly when you're not doing anything
    You get more than just a few of pop-up advertisements while you surf

Of course, the worst kind of spyware is the kind that you don't know about (hence, the name "spyware"). Fortunately, most spyware application developers are competing with each other and in the process are leaving a data trail.

Removing It

I used to tell clients to just run an anti-spyware utility and that should do it. This course of action just doesn't work anymore. In addition, there are entries in the registry (Windows core database) that, while somewhat difficult for a tech savvy user to identify, are impossible for an ordinary user to catch.

Disinfecting a system can be a very time consuming exercise. Unfortunately, there aren't any easy solutions. You can run two or three different anti-spyware utilities, and this may take care of most of it, but there is some sypware that cannot be removed by simply running a software utility.

The ONLY way to completely remove spyware with a high degree of confidence is by using what I call the BFR method: Backup, Format, and Reinstall. Otherwise, you must systematically remove the spyware from your system application by application. It can be done, but at what cost? Sometimes the effort pays off and sometime it doesn't.

Work-around

Given the scope of this war, I’m strongly urging all of my clients (past and present) to change their portal to the Web. In short, stop using Internet Explorer and install Mozilla FireFox as soon as possible! This software is easy to install and is Free. When asked to make it your default browser, answer YES.

Unfortunately, you can't easily remove or disable IE all together, but you can remove it from the Windows Components List. However, the first time you launch a program that calls for IE, it will automatically reinstall itself---thanks Microsoft!

IE is a core component of Windows XP. It is needed for you to perform Windows Updates (FireFox will not help you here). I recommend first cleaning your system of spyware, then just leave IE alone.

FireFox is less prone to pop-ups, and can never be a victim of Microsoft’s ActiveX controls---a common spyware vehicle to infecting your PC.

FireFox not only loads faster than IE, but it even supports features that IE doesn’t. For example, Tab-Browsing is a cool feature. This feature allows you to open several webpages simultaneously with one mouse-click. Trust me, after you browse the web using tabs, you’ll never want to go back to one page at a time. No, I am not a Mozilla share holder "yet".

Despite all the recent efforts by Microsoft to make IE a secure browser with SP2, I believe it’s an unrealistic expectation at this point in time. Naturally, spyware developers are going to target the largest audience possible. Almost 90% of all home computers have Windows installed on them.

Reload Your Ammo

At a minimum, if you suspect your PC is infected with spyware, run an anti-spyware utility and stop using IE. If you can’t get your PC back to normal or at least functional again, then contact me and I'll try to help you figure out the best option for you. Most direct PC manufacturers like Dell, Gateway, and HP come with Restore CDs. This makes it easy for you to wipe your drive and reinstall yourself.

Recommended Anti-spyware utilities:

  • Spy Sweeper by Webroot (Free trial then subscription for $29.00)
  • Ad-Aware SE by Lavasoft (Free download)
  • Spybot Search and Destroy by PepiMK Software (Free download)

Note: To date, there isn't ONE anti-spyware utility that can detect and clean all spyware programs. Therefore, having more than one utility isn't a bad course of action.

Prevention

Of course, the best way to fight spyware is by stopping it from entering your system in the first place. Note, however, that TOTAL spyware prevention is probably an unrealistic goal. Here's a short list of things you can do to prevent the bad Spyware:

  • Avoid using file-sharing software like KaZaa
  • If you use an Instant Messaging service like AIM or IM, disable the file-sharing option
  • Avoid visiting porn, dating and/or bootleg software web sites
  • Get one or more anti-spyware programs and perform periodic scans
  • Read the EULA carefully before installing ANY new software
  • Avoid sharing your computer with other family/office members
  • Stop using Internet Explorer as your primary browser
  • Avoid opening email with suspicious subject headings
  • Delete unsolicited e-mail without reading it if you can
  • Turn off the preview pane feature in Outlook and Outlook Express
  • Install a pop-up stopper like the google toolbar

Posted by at No comments:

December 7, 2007

FireWalls

We hear the term "firewall" a lot in the Internet community. Most users know
that it's some kind of protection device that is important, but what is this
exactly?

The simplest definition of a firewall is something that prevents
unauthorized access to a PC or network. "Unauthorized" is the key word here.
Many users unknowingly give authorized access to their PCs through viruses
and spyware.

Before getting too deep into this firewall newsletter, let me just say that
it is virtually impossible to be 100% safe against outside attacks! However,
there are ways to minimize your exposure.

Microsoft recommends the following three step method:

Use a Firewall
Get computer updates
Use up-to-date antivirus software

Personally, I would add one more:

Don't use Internet Explorer (use FireFox).

FireFox is simply a lot more secure than IE, but don't take my word for
it---poke around on the Internet and ask your computer savvy friends. In
fact, I read one article stating that IE was "insecure junk". Not
surprisingly, I share this opinion.

Preventing unauthorized access to your computer is a challenging battle.
It's difficult because we need to authorize access if we want to surf the
web and receive email. Here is my much un-technical firewall analogy:

Your home is built with many windows and doors. When you leave your home,
you must open the door to walk out. While your door is open, the potential
(however slight) for someone or thing to enter is there until you close it
behind you.

Much like your home, when you request a webpage with your browser, your PC
must open its door or "port" to request the page. Even if your computer has
a firewall and is patched with all the latest security updates, the port
MUST OPEN for your request to be made. So again, the threat is still there
even if you take all the necessary precautions.

To take this analogy one step further, not having a firewall on your PC is
like walking out your door and leaving it wide open. When a thief walks or
drives by, he notices an open invitation to enter your home and pilfer your
belongings, not to mention all the critters outside looking for shelter and
food.

Even if you left your front door wide open, a thief may not happen to pass
by. The Internet is much worse in this regard---hackers are actively looking
for open ports on your computer. They don't have to be walking or driving
down your street; they can easily run a program that scans for open ports.
As soon as they find one, they stop and see what you've left them to look
at.

Unlike your home, your computer has more than 60,000 ports that can
potentially expose your PC to malicious attacks. Even if you verified the
integrity of every port on your PC, a hacker can send you an email with a
virus that will open-up those ports again. Internet security is so dynamic
and we must stay vigilant.

There are essentially two types of firewalls: hardware and software. Do you
need both? This will largely depend on your behavior. Personally, I don't
like the software firewall option only because I don't need anymore stuff on
my system slowing it down. However, I am extremely conservative, so this may
not be the right solution for you.

Hardware Firewall

This comes in the form of a router. A router basically hides your PC's
Internet address from the rest of the world. It also plays a significant
role in closing down or hiding ports that Microsoft leaves open by design.

Routers are very inexpensive these days. If you have a broadband connection
(Cable Modem or DSL) to the Internet, this is a MUST HAVE component. For a
hardware recommendation, contact me---not all routers are created equally.

Software Firewall

Having an application protect your system will require system resources and
may slow down your computer. However, one of the benefits of a software
firewall is that there are more logging and reporting capabilities. Thus,
you can "see" if a hacker makes an attempt at compromising your system.

Software firewalls, like any application, need to be installed and
configured correctly to be effective. Personally, I prefer a hardware
firewall solution, but if you like the software concept and don't want to
invest a lot of money, then ZoneAlarm is one software firewall product to
check out. XP also has its own software firewall. It's not as comprehensive
as ZoneAlarm's version, but it's a great alternative to nothing at all.

Both?

The best most secure solution is to have both a hardware and software
firewall. The hardware firewall will help keep your computer ports closed,
but it won't protect you if your system contracts a virus and clandestinely
opens a port that was previously closed. Having the ZoneAlarm software
installed will warn you of if a virus or other malware attempts to
compromise your system somehow---this is the intent anyway.

Note: Leaving Microsoft's software firewall active when you have a hardware
firewall installed does absolutely nothing for PC's security. If you already
have a router installed, you can safely disable Microsoft's software
firewall.

Posted by at 1 comment:

December 6, 2007

HDCP

High-bandwidth Digital-Content Protection is a way to provide digital
content to hardware-compliant digital displays such as PC monitors and
HDTVs. In its simplest form it requires a transmitter and receiver---the
transmitter taking the form of your next DVD player (Blu-ray or HD-DVD) and
the receiver taking the form of your current or next HDTV or PC monitor).

HDCP was developed by Intel for the "paranoid" (read greedy) film industry
and content providers like Sony. It is by far the best way to protect
digital content from piracy.

The technology works on an authenticated key principal---the transmitter
(DVD player) will query your receiver (HDTV or PC monitor) to make sure that
the equipment is HDCP compliant before any video is shown. Guess who holds
the key? Not you. The beauty of this technology for content providers is
that if a hacker does somehow figure out the key, Sony can blacklist it. So
far there is no legislation that prevents content providers from doing
whatever they want with their content.

Here is the consumer rub: If you just purchased a brand new HDTV or LCD
monitor that doesn't support HDCP, you won't be watching high definition
DVDs when they come out sometime next year (2006). Moreover, you won't be
enjoying the full power of the next release of Windows (Windows Vista)
either.

Most people don't understand the implication here, and that's exactly what
the manufacturers and resellers of high tech, non-HDCP compliant devices are
banking on this holiday season. Intel is the designer of HDCP, but content
makers like Sony will be forcing us to use it to their ultimate benefit
(profit).

The best case scenario for people when high definition DVDs come out next
year will be that they'll be able to watch at a lower resolution. The worst
case scenario is that they'll get to experience a blank screen with maybe
some audio.

Most people I've talked to about this don't seem to be that worried, yet
like gasoline prices, I think we are just getting used to (through
conditioning) greedy corporations taking advantage of us---Sony and
Hollywood being among the top 10, in my opinion.

Today, I went to Costco to inquire about HDTVs. My question to the helpful
sales person in the TV section was: can you direct me to your HDCP compliant
HD Plasma TVs? After a short surprised stair, the answer was: we don't have
any at our store, but you can find them at our online store. Hmmm, this is
interesting.

When I asked why anyone would spend 2 to 4 thousand dollars on a TV that
isn't HDCP compliant, the answer was: because people have the money and
don't understand technology. Those were the salesman's exact words. Not sure
why, but I was shocked to hear this. I am a firm believer that you don't
need to understand new technology in order to enjoy its advantages over
yesterday's technology.

Then I found myself at Best Buy. This time my inquiry was met with a blank
stair followed by another question: uh, you're gonna have to help me out on
that one? Clearly, the word is NOT out yet---HDCP will be the future of DVD
copy protection, and we'd better get used to it.

High Definition DVDs will mostly likely come in one of two forms: Blu-ray
and/or HD-DVD. Both of these technologies use a blue laser optical disk
format. At this wavelength of light, it will be possible to squeeze more
than 20GB of data on a single disk---equivalent to 2 hours of
high-definition video.

Perhaps I'm making a big deal out of this, and my wife teases me for
agonizing over every technology purchase I make, but I just can't get past
this. I buy a beautiful HD Plasma TV and then have to watch the next
generation DVDs in low-def or not at all? Oh, I'm sure Sony, Toshiba and
others will develop a "black box" that attaches to my new HDTV to overcome
this shortcoming, but it won't be for free.

This also applies to the monitor market for your computer. One of the
biggest selling points for me with LCD displays, aside from low power,
clarity and minimal eye-strain, is the long life these displays are designed
for. I may upgrade my computer once every 2 years, but my monitor should
last 8 or more years.

When Windows Vista comes out later in 2006, to take full advantage, you'll
need to have a HDCP-compliant monitor. So, to purchase an expensive monitor
without HDCP support today seems a bit wasteful to me. Yet Dell and others
are offering their LCD displays without regard to tomorrow's
incompatibilities.

The bottom line is if you purchase a new HDTV or PC monitor from the floor
selection at your local electronics and appliance store before 2006, there's
a good chance it is NOT HDCP-compliant.

Caveat Emptor

Posted by at No comments:

December 5, 2007

DRM

For those of us who know what this means, it's a dirty three letter word.
For those that don't, Digital Rights Management is a technology used to
protect digital content from piracy. The definition sounds fair enough. I
have no problem with trying to protect the rights of those who work hard and
create. Moreover, I think businesses and corporations have the right to make
money as well---after all, that is why they are in business in the first
place.

However, when I go to a store (online or bricks and mortar) and buy a song,
collection of songs, or a movie, shouldn't I be able to listen to or view
this content whenever and however I want? Obviously, if I buy a CD, make
10,000 copies and sell those copies for a profit, then I must be violating
some type of law---I get that. What I don't get is why I have to pay (and
sometimes in more ways than one) two or sometimes even three times for that
same content depending on where I want to listen?

All About Control

In the late 90s, content providers felt that their lucrative business was
threatened, so they lobbied hard to get some laws in place to protect
copyrighted digital content. Unfortunately, DRM goes beyond just trying to
protect rights and keeping businesses profitable. DRM is a way to control
you and your wallet.

The media industry want to control how and where we hear and view "their"
content---"nickel and dimming" us as we go. There is currently no
legislation preventing content providers from doing whatever they want. In
fact, content providers like Sony, are abusing DRM in unscrupulous ways to
control consumers.

Just last year Sony and its subcontractors added a form of spyware to over
10 million music CDs. When consumers tried to play the CD in their PCs, it
would automatically download and install software that would track their
online behavior and even share personal information with what Sony calls
"reputable" third parties. Sony was slapped on the hand when they agreed to
settle the dispute with consumers by replacing the CDs with spyware-free
music. To me, this sounds like offering to provide free condoms after giving
you VD.

The damage is done, and the settlement was like I said, a mere slap on the
hand for Sony. According to the January edition of PC magazine, the damage
is much worse than Sony would like to admit. This spyware cannot be easily
uninstalled and it makes your system vulnerable to other attacks by
"disreputable" third parties.

Legally Speaking

Considering the legal aspects of this issue. There is also something called
Fair Use Rights. This law basically says that I have the "right to use
copyrighted material in ways that do not interfere with the copyright
owner's market for creation". Obviously, there is lots of room for
interpretation or misinterpretation here.

DRM Promotes Piracy!

The irony in all this is that content providers are doing the exact opposite
of what they intended. Profits are slowly eroding. For example, Apple's
iPod sales are way up, but iTunes downloads are down, according to Rob
Enderle, Principal Analyst, Enderle Group. Personally, I think DRM is slowly
pushing honest paying customers into a state of rationalized dishonesty.
Sony and others are likely creating their own monsters. Said another way,
DRM promotes piracy!

After that slap on the hand, Sony did say they would "reevaluate" their
position on DRM. Make no mistake folks, there is no reevaluation going on.
Dare I say ALL content providers participate in some form of DRM today and
the list keeps growing? If they didn't, they wouldn't be able to stay
competitive. Who pays the price?

Apple's iTunes

Here's what you can expect to find using the iTunes DRM model. Keep in mind
that there are several different DRM technologies out there. Content
providers have no restrictions on how they implement DRM. However, it is
against the law to tamper with DRM in any way.

Okay, iTunes (the software) is free! Yipee. However, after that it goes
down-hill. Music costs 99 cents per track or $9.99 per album---not too bad.
Here's where it gets tricky:
. You can burn each track to CD as many times as you like, but you can
only burn any given playlist 10 times.
. You can only play and/or save your downloaded tracks on five
different computers. Keep in mind that if you ever need to reinstall your
operating system say because you got a virus, then you have four left.
. You can transfer your music to as many Apple iPods as you like (How
nice! Too bad we can't listen to more than one iPod at a time). I guess
Apple is saying that we can share files among other iPod owners, but not on
the Internet---At Apple, you are family!
. The iPod supports AAC (Advanced Audio Coding), AIFF (Audio
Interchange File Format), MP3, or WAV formats only. If you have a library of
WMA (Microsoft's version) formatted files, then you'll have to convert those
to one of the above supported formats. Converting the WMA files can be
tricky too because they have their own flavor of DRM.
. You cannot "stream" songs downloaded by iTunes. This means if you
setup a wireless home entertainment networked system, you won't be able to
listen to your downloaded iTune files from a PC in a remote room of your
home.
. iTune files will not play on a portable device other than an Apple
iPod. Nice!



Eating Cake

Okay. So I buy an iPod and fill it with iTune formatted songs. Needless to
say, Apple has strings to my wallet for a very long time. Yet is there
another way? Can we still have our cake and eat it too? YES, at least with
music.

MP3

Meet the format that is still unrestricted. MP3 stands for MPEG Audio Layer
III. In the late 80's a German guy named Karlheinz Brandenburg figured out a
way to compress a digital song without any noticeable loss of sound quality.

To date, almost every digital music player sold supports the original MP3
format---even the extremely popular iPod. Interesting, isn't it? So the
question people should be asking themselves is how can I convert my
DRM-laden music into MP3?

Well, hackers figured it out rather quickly. With perhaps the exception of
HDCP (High Definition Copy Protection) every flavor of DRM technology has
been cracked. If you're going to collect thousands or even tens of thousands
of songs, do away with restrictions before you archive. Imagine finding out
after years of collecting iTune songs that Apple has become a Pear and you
have to open your wallet one more time to convert to yet another proprietary
format?

Here's how to do it

MP3 was the first

What people want is fair use of content purchased at a reasonable price.

DRM Timeline:

1985 - The first attempt at copy protection for VHS videocassettes. This was
easily foiled by hackers.

1994 IBM introduces its idea of DRM technology. Never hits mainstream.

1994 DirecTV launches satellite TV service using smart cards. Hackers
quickly developed "smarter" cards.

1996 The CSS (Content Scrambling System) debuts on some DVDs, making use of
a 40-bit encryption algorithm to protect content and enforce region coding.
Hackers use a little reverse engineering and break the algorithm in 1999.

1997 Because of hacking problems, DirecTV finishes replacing its first
version of smart access cards.

1998 Congress passes the DMCA (Digital Millennium Copyright Act), outlawing
the dissemination of technology that works around copyright protection
technologies.

1999 DVDs get Macrovision protection. Hackers easily break the code.

2003 Apple launches a DRM system called FairPlay. Microsoft also launches
its own WRMS (Windows Rights Management System).

2004 The European Union passes the EUCD (EU Copyright Directive), which is
similar to the DMCA. Real Networks introduces a DRM system called Helix. HBO
begins using CGMS-A (Content Generation Management System for Analog),
designed to prevent consumers from making copies of on-demand programming.

2005 Macrovision introduces RipGuard technology, which is designed to
prevent individuals from using ripping software to copy a DVD.

It comes down to the rights of consumers vs. the rights of business," says
RedMonk analyst Stephen O'Grady. "What people want is fair use of content
purchased at a reasonable price."

Posted by at No comments:

December 4, 2007

SPAM

Let's all agree that email is an awesome tool/technology to keep in touch
and conduct business with. In fact, according to many sources, there are
many more email users than there are Web users.

Surprisingly, Email is still technically an unreliable service. In fact,
Information Week conducted its own study and found that almost 40% of all
emails are not getting to their destinations. Personally, I think this stat
is a bit high... Regardless, many business models heavily depend on it.

Reliable or not, its wide-spread use and dependence cannot be disputed.
Unfortunately, with the good comes the bad. Spam, Email Spoofing, Phishing,
Zombies, Viruses and Spyware continue to plague its usefulness.

So what can be done? More legislation? I'm afraid not. In 2003 the CAN-SPAM
Act was adopted, but since then there has been more spam than ever.

This is a global problem. Given this, we need a global solution which isn't
likely in the near term. Awareness and countermeasures are our only defense
right now I'm afraid.

I think it's safe to say that spam has become an epidemic. More than 50% of
all email is spam! This is a huge number considering that millions of
messages float around the Internet every day. And before you start
complaining that you probably get your unfair share of spam, Bill Gates gets
4 million emails a day and most of it is spam. Of course, I would never say
that he deserves it. ;-)

Most people know what spam is by now, but if you were wondering, the simple
definition is junk mail. It's mail that you did not ask for---well, not
intentionally anyway.

Not too many years ago, email was the epitome of the Internet (perhaps it
still is); you could send someone a message several thousand miles away
without it costing you a dime.

Of course, email has never been completely free, but today it's getting
quite expensive, especially for big corporations. To the home user spam is
more of a nuisance. However, if you consider your time money, then email is
getting more and more expensive for everyone.

So how do we fight spam?

No, these are not dead bodies that have been brought back to life by a
supernatural force. However; Zombies are one of the Internet's worst
nightmares.

Your PC can become a zombie when it gets infected by a virus or worm. This
worm copies itself to the Windows system directory under a random name, and
registers this file in the system registry auto-run key. It then begins to
randomly scan for further machines to attack on TCP port 445. It also
listens on TCP ports 113, 3067, and other random ports allowing hackers
backdoor access to infected (zombie) machines. Compromised machines also
attempt to connect to several IRC servers to receive commands and transmit
data to their controllers.

Hackers use the vulnerabilities of your Operating System (Windows) to launch
many different forms of attack on the Web without you ever knowing it. Yes,
your PC could be spamming the world this very moment. Smart Computing
magazine reported that more than 33% of all spam messages go through zombie
PCs.

I don't believe the home user intentionally wants to be a part of the spam
problem, but the reality is that many are. In fact, if you do have a zombie
running on your computer, don't be surprised if your ISP (Internet Service
Provider) disconnects you from the Internet. Comcast and others are dealing
with the spam zombie problem this way.

Help the Internet community by protecting yourself and avoid getting
shutdown. Here are a few ways you can do this:

If you have a broadband connection (Cable or DSL) to the Internet, make sure
you install a router/firewall.

Keep your Windows Operating System updated with the latest patches and
fixes.

Install anti-virus software and keep it current.

Try to keep your system free of spyware.

Install a software firewall to prevent malicious traffic from leaving your
computer.

Power-off your pc at night.

So you get an email from your friend who tells you to stop sending her spam,
or worse, viruses. You insist you never sent out an email on the day in
question. In fact, you've been on vacation all week and your computer's been
powered down.

Welcome to the concept of spoofing. This is a cleaver practice by
unscrupulous people who use your "reply to" email address to spam the world,
including your friends and family.

You might be asking yourself what good spoofing does if a spammer wants to
hear back from you? After all, the reply address doesn't point back to the
spammer...

The truth is they don't want to hear back from you via email. They want you
to open the message and accidentally or intentionally click on a
conveniently large blue hyperlink.

You have just fulfilled the spammer's objective: use social engineering to
persuade you to open their message, and worse, click on a hyperlink that
takes you to an unknown website.

Unfortunately, it doesn't stop there... that unknown website might not even
be a website at all---it might be a malicious application you just
downloaded: a spam zombie or a keylogger (applications that capture your
confidential information by recording each key you type and transmitting
this information to a third party via your Internet connection) perhaps.

The only way to avoid spoofing is by keeping your email address completely
private... And what is the point of that? Just don't automatically assume,
if you get a virus or spam from a friend via email, that it came from them.

You just signed-up with eBay because you want to sell that old 17lb 35mm
camera you took to Europe with you once before you were married with
children.

Shortly after your account is finalized on eBay, you get a message from
PayPal warning you that an unauthorized email account was setup, and to
correct the problem, you need to resubmit your account info... Concerned,
you correct the problem by filling in a very legitimate looking form.

Bam! Part of your identity has just been stolen. Like spoofing, it's social
engineering at work once again. Phishing is a way to entice you to provide
thieves your financial info. For a "phisherman", it only takes one good
catch in a sea of millions to satisfy his appetite for the day.

Follow this link for an example.

Here are two ways to defend against this sort of practice:

Never respond to emails that ask you for financial info or point you to a
website that does.

Verify the domain address in your web browser. Make sure that you are at a
legitimate website address, and that it is securely "locked" with the tiny
lock icon in the lower right corner of your browser window.

Unfortunately, there is no sure-fire way to avoid spam all together unless
you are Bill Gates and form an entire department to filter it for you. Much
like spyware and viruses, spam is something we have to live with. However,
we aren't completely powerless. Here are some things we can do to minimize
spam:

Protect your primary email address - do this as you would your social
security number. Even the IRS doesn't need to know your email address.

NEVER reply to unsolicited email - by replying, you are essentially telling
the spammer that you exist. Don't fall for the "opt-out" ploy.

Create more than one - with all the free email accounts available these
days, why not create one for those times when you need to provide one on the
Internet: travel reservations, shopping, filling out forms, subscribing to
news groups, etc.

Filter out spam - find out if your ISP (Internet Service Provider) can
filter spam at the server level. Personally, I don't believe in adding
additional software to my computer to fight spam, but for some, adding an
anti-spam application might be the best solution.

Avoid e-greeting cards - Tell your friends and family not to send you
e-greeting cards. Nobody should be posting your email address on the
Internet without your approval.

Use defensive behavior - Don't open suspicious looking email. If the subject
field has a mix of incoherent letters and numbers, just delete it.

Change your email address - obviously, the least appealing thing to do, but
if you are getting more spam than legitimate email, it's time to pull out
and get relocated.

Hide and wait - Sometimes it's possible to deactivate your primary email
address for a period of time. This will cause the spammer to realize that
your address doesn't work anymore. You will eventually be removed from their
list. After a month, reactivate your primary account and start over.

Posted by at No comments:

December 3, 2007

Read The EULA

More than 63% of people accept End User License Agreements without reading the text. Do NOT install any software on your PC without first reading the EULA!

End-User License Agreement - This is a legal contract between you and the software manufacturer! Notice the word legal. This means software companies can legally infect your computer with spyware! All you have to do is press "OK" or "I ACCEPT" and the wonders of data installation and manipulation take place without notice.

Example:

... by installing the Software on your computer, you understand that: (i) certain system non-personally identifiable information, including statistical data, stored on your computer will be made available and transmittable to our servers or the servers of affiliated companies; (ii) other information available now or in the future including links, services, messages advertisements, cookies and the like may be installed on your computer and; (iii) we may automatically transmit to and install on your computer, Software improvements, corrections, adaptations, conversions to more recent Software versions or any other changes to the Software, with or without giving notice...

It's like giving permission for a thief to take an inventory of your property!
Posted by at No comments:

December 2, 2007

Wireless: Hip or Hype?

I've wanted to write about this topic for a long time now. In technology
terms, that would be about a year.

When I purchased my first wireless router, I said: wow, this is cool. Then,
as I used it, I became less impressed. Internet access from anywhere in the
home without running wires sounded like a convenient and inexpensive way to
expand my connection; however, convenience has its price.

Developers quickly identified the weaknesses in the 802.11b wireless
standard early on. Yet, it sold like hotcakes. Now consumers have the option
of going with the latest and greatest standard: 802.11g. This standard
supports more than twice the speed of the older "b" standard.

To keep this simple, the only two standards the home user needs to be
concerned with are "b" and "g". The "b" standard is the old standard. It
claims to provide 11Mbps (million bits per second) throughput. The new "g"
standard claims a maximum throughput of 54Mbps.

Speed:

Did you notice I used the word "claim"? The claim is really a theoretical
number, and you can forget about ever getting this speed from your wireless
device. So let's look at some real-world numbers.

802.11 Max theoretical Distance/feet Approx. real
----------------------------------------------------
802.11b 11Mbps 3 5.1Mbps
30
1Mbps
100
50Kbps
802.11g 54Mbps 3 17.5Mbps
30
10Mbps
100
2Mbps

Note: the above is the best case scenario. This means that your PC is within
a few feet (dare is say inches?) of your wireless router with no
interference, no obstacles, and no security enabled---hardly real-world,
right? The numbers get worse, so keep reading.

Note: These are not my numbers. This data is according to a white paper
written by Atheros Communications, Inc. (a developer and manufacturer of
wireless chips).

Range:

The above numbers do not include one of the biggest determining factors of
wireless speed: distance. The advertised operational distance is in the
hundreds of feet. In fact, I read one claim that said the operating distance
for a wireless b device was 500 feet. This is laughable! Typically, your
computer can be approximately 75 feet away from your wireless router using
the line-of-sight scenario with no interference.

Obstacles:

Add a few obstacles to your wireless networking environment and you can
begin to see the true limitations of wireless. For example, if your wireless
router and your PC are separated by 4 or more walls/ceilings, then the data
transfer drops to almost zero! If have a network in place that proves this
statement wrong, then consider yourself lucky.

The distance can be as little as 30 feet (line-of-sight) of separation, but
if your router tries to penetrate too many walls, you'll find yourself
cursing inanimate objects. Here are a few compounds wireless (or more
specifically Radio Frequency) has a hard time penetrating. Generally, the
denser the material, the harder to penetrate:

BRICK, METAL, LEAD and CINDER

For best results, Linksys recommends the following:
Place your router as high as possible. If you have a multi-level home, place
the router on the top floor.
If you want to use a wireless connection outside, place your router near a
window.
Keep your router away from metal objects, TVs, monitors, filing cabinets,
etc.

Interference:

The 802.11b and g standards use a transmission frequency of 2.4GHz. This is
the same frequency of many cordless phones and microwave ovens. Interference
with these devices will literally disconnect from the network. One minute
you're surfing the Web, and the next minute you find yourself wondering what
happened to your browser when it displays "The page cannot be displayed".

Security:

Here's something that everyone wants---to browse the Web without having to
worry about losing their identity or inadvertently providing someone with
private information. Today, there are several ways to secure your wireless
connection. However, like with most forms of security, there is no
fool-proof method out there.

Enabling security on your wireless network is a good thing, but it comes at
a performance cost. Most users are more than willing to pay this cost, but
consider the following:

According to Interlink Networks (a developer of security software for Wi-Fi
networks), a professional hacker can break "most" WEP (Wired Equivalent
Privacy) networks in 5 minutes.

Not to over-analyze this claim, but what percentage of the population in the
US are "professional" hackers? The word professional implies that this elite
group of people gets paid to hack. If this is their profession, how likely
is it that they will try to hack into your system without an invitation? The
thrill, the money---oops, that's right they get paid.

Also, what are "most" WEP networks? Do they mean that there are some they
can't crack in 5 minutes? What makes the "few" other WEP networks harder to
break into? Perhaps, they are alluding to the different WEP encryption
levels: 40, 64 or 128 bit.

My point about security:

Although I can appreciate those who are concerned about security, I'm not
quite sure I feel the same way. If you connect to a corporate office via
your wireless connection, then you are most likely using a VPN (Virtual
Private Network) solution provided by your company. VPNs are secure
connections already; you don't need WEP or another type of security to
secure a connection.

Where is the threat?

I find it interesting when I'm asked to disinfect a system full of Spyware
and viruses that was connected to a tightly secured wireless network. Sure,
the threat between a PC and a wireless router spanning maybe 100 feet with a
dozen (neighbors) or so potential hackers is minimal, but yet the system is
completely exposed to millions of Internet hackers world-wide.

In short, the real threat to your identity is not your wireless encryption
level, but rather the other thousands of Malware (Malicious Software) we are
subject to as member of the Internet community.

Having said this, for those who still feel uncomfortable with wireless
security and don't mind paying for the slight performance hit, I recommend
enabling WEP with 128-bit encryption. If you are like me, and are not too
worried about wireless security, then disable SSID (Secure Set Identifier)
broadcasting and enable MAC (Media Access Control) filters. The other more
secure security measure now available with wireless is WPA (Wi-Fi Protected
Access). However, there is addition cost for more security in the form of
performance.

Wireless Fan:

As you might have guessed by now, I'm not a big wireless technology fan.
Maybe I'm old-school, but I prefer wires any day of the week. Wires with
today's technology can provide secure, reliable connection speeds of
up-to1Gbps (Yes, 1 billion bits per second).

If you are in the process of building a new home, don't even hesitate to
install Category 6 wiring to every room in your home before the sheetrock
goes up. This will not only provide every room with a connection to the
Internet, but it will also prepare you for the ever growing future
entertainment products on the market today like Media Centers. To give you
an idea, the difference wire is several hundred times faster than wireless.

Of course, this doesn't mean much to those who use their wireless connection
only to surf the Internet. Your speed will ultimately be limited to the
bandwidth your service provider allows. This number is typically between
128Kbps and 3Mbps. Yet, if security is your number one concern and you live
in an apartment complex with many neighbors you don't know or can trust,
then wires is another strong reason to abandon wireless.

So although I'm not a "big" fan of wireless, I am a little fan of it. I have
a wireless network installed in my home, and use it primarily for my
children and casual Internet browsing on my laptop. I don't use it to pay my
bills or purchase things---not because I'm worried about security, but
rather because I'm worried about a reliable connection. As soon as the
microwave goes on, my connection is lost.

Wireless Future:

The future for wireless is getting faster, however. There is a new standard
coming out called the 802.11n standard. This standard promises a measured
(not theoretical) speed of 41Mbps at 60 feet. The mission is to exceed a
real-world usable speed of 100Mbps. I'll be looking for this to come out in
2006. In the meantime, get wired! You won't regret it.

Wired:

For less than the cost of a new PC, I can help you get your home wired. I
work with licensed and bonded low-voltage wiring contractors that can turn
your home into a high-speed home network. If you have more than one
computer, there is nothing like challenging your friend to play a little
Quake death-match on a high-speed LAN. No more waiting and searching for a
fast "ping time" on the Internet. Play multiplayer games they way they were
intended---fast and responsive.

Posted by at No comments: