Interview with an ID thief

This CNN special report interviews spammer Jason Carpenter. Though it is dated, it is interesting.

Safety Tips For Online Shoppers

It being "Black Friday" (and "cyber Monday" is coming), I think it is a pretty safe bet that quite a few of you are doing some holiday shopping.. and that some of you are going to use the Internet to do some of that shopping.

I would like to remind you that there is a healthy, active, and well-financed underworld of cyber-criminals who are well-aware of the fact that the next few days are prime credit card and "identity" theft opportunities, and are going to be particularly active in trying to GET YOU.

You will see an increase in spam, and bogus pop-opens that tell you you are infected. (The phraudulent Skype alert is active again. Skype — "Windows Requires Immediate Attention".. Not! )

I am posting the following Basic Internet Shopping Tips in the hopes that Tech--for Everyone readers will not join the 9 million Americans who had their identities stolen last year.

• Download Software Updates -- Regularly!
• Use Complex Passwords (include numerals and @#$%^&*[])
• Use Onetime Credit Cards
• Verify Secure Connections See that little padlock symbol at the bottom of your screen, and in the URL address bar?
• Check Your Credit
• Enter Your Shopping Site's Web Address Manually (embedded links=no!)
• Shop From Your Own computer (not a public 'hotspot')
• Don't Send Credit Card Information Over E-mail. Even if you think it's secure. Don't send it over IM either. If you feel uncomfortable about sending personal information online, call up the business.

I would like to direct your attention to the first bulletpoint. The programs on your computer need to be fully "patched" with the latest updates, as exploiting weaknesses is the primary method hackers use to infect your machines.

How do you know if you have the latest updates? For all your installed programs? Do you think you are patched? Don't guess. Be sure!

Today's free link+download: Secunia offers a tool that I highly recommend. The online scanner (which you should bookmark, btw) will scan your machine for roughly 100 programs and tell you if there is a patch/update you need. If you go this route, you will need to visit once or twice a week.)
Better yet, they offer a download, a Personal Edition, which will scan your system against a database of over 7,000 programs.
Even better yet, it includes direct download links to the missing patches it finds.

I just ran it and it found an old ActiveX plug in, and told me that my Java Runtime Environment was out of date.. and I didn't think I had installed JRE on this machine!

Copyright 2007-8 © Tech Paul. All rights reserved. post to jaanix

Share this post :

I Should Be Studying...

I really should spend my time studying today, but.. I think I'll do this instead.

Have a safe and happy Holiday!

How To Install a New Font

Sometimes, our creative side demands that we use a special, uncommon font-- a fancy and festive font perhaps. Fortunately, there are many fonts (and font "families") available for downloading and adding to your computer's repertoire.

Last year around this time, I published the article Add color to your documents, and I demonstrated a few word processor tricks to brighten up your Holiday letters of Season's Greeting. This year, I'm going to suggest you enter "download fonts" in a search engine, and explore the world of typefaces. (Or.. see today's free link below.)

When you have found one you like, and have downloaded it..
To install a font, follow these steps:

1. Click Start, and then click Run.
2. Type the following command, "%windir%\fonts" (no quotes) and then click OK:
3. On the File menu, click Install New Font. (Vista users: right-click in a blank area of the fonts folder, and select from the context menu.)
4. In the Drives box, click the drive that contains the font that you want to add, (usually C:) and turn it blue.
   Note The floppy disk drive is typically drive A. The CD drive is typically drive D.
5. In the Folders box, click the folder that contains the font that you want to add, and then click OK. (Desktop is found in your User folder. C:\Users\username\Desktop)
6. In the List of fonts box, click the font that you want to add. To select more than one font at a time, press and hold the CTRL key while you select each font.
7. Click to select the Copy Fonts To Fonts Folder check box. The new font is saved in the Windows\Fonts folder.
8. Click OK.

 

Windows supports TrueType fonts, or fonts that are designed especially for Windows which can be purchased separately. Some programs also include special fonts (which are installed as part of the program installation). Additionally, TrueType or special Windows fonts are frequently included with printers.

Today's free link: An excellent resource for fonts is 1001 Free Fonts. Each font is available in both a PC (Windows) and a Mac version, so be sure to click the right button.

I'm not sure why.. but this one grabs my attention..
 
.. but it's not what I would use in a Holiday Greeting letter. Hmmm... maybe calligraphy?

Copyright 2007-8 © Tech Paul. All rights reserved. post to jaanix

Share this post :

Recent Reports Outline Our Lack Of Security

Folks, I really didn't want to bring these to you during a Holiday period.

Honest.

So I'm only going to show you the headlines and provide the links so that you can delve further into this alarming state of affairs.

"China is actively conducting cyber espionage as a warfare strategy and has targeted U.S. government and commercial computers, according to a new report from the U.S.-China Economic and Security Review Commission.

"China's current cyber operations capability is so advanced, it can engage in forms of cyber warfare so sophisticated that the United States may be unable to counteract or even detect the efforts," according to the annual report (PDF) delivered to Congress on Thursday. "

From: Report: U.S. vulnerable to Chinese cyber espionage
(If you read it, you'll see "can engage in" should really read "is engaging in".. but, that might ruffle some feathers.)

And..

• Bank accounts were the most commonly advertised item for sale on underground economy servers.
• Symantec observed an average of 61,940 active bot-infected computers per day in the second half of 2007.
• T he United States had the most bot-infected computers, accounting for 14 percent of the worldwide
total, a slight increase from 13 percent in first half of 2007.
• T he education sector accounted for 24 percent of data breaches that could lead to identity theft, more than any other sector.
• Government was the top sector for identities exposed, accounting for 60 percent of the total, a
significant increase from 12 percent in the first half of 2007.
• T heft or loss of computer or other data-storage medium was the cause of the most data breaches that could lead to identity theft during this reporting period, accounting for 57 percent of the total.

Source: Symantec Global Internet Security Threat Report
Trends for July–December 07 (to read the report, click here.)

Copyright 2007-8 © Tech Paul. All rights reserved. post to jaanix

General advice for purchasing a new digital camera*

I have been receiving e-mails here at Tech–for Everyone that have been regarding my recent article about the fella who went traveling, and for the first time left his 35mm gear at home. (He only carried a digital camera.)

These e-mails have been asking me which digital camera it was. The reason they wrote is, they want to buy the same one. I had very carefully avoided naming a specific make or model of digital camera, as (believe it or not) I am not in the business of promoting sales.

But I understand perfectly why people want some advice when it comes to buying a digital camera. There is a whole gaggle of them to choose from– an overwhelming variety.. and when you start shopping, it’s easy to become confused by the jargon.
A “mega” pixel is better than an ordinary, everyday “pixel”.. right? (You bet it is. It contains more vitamins and minerals.)

A long, long, time ago I wrote a three-part advice series on buying a new computer, and today I am going to reiterate a bit of advice from there– when buying a digital camera, you have to hold it in your hands. The “right” camera for you will just, well, “feel right”. If you keep accidentally pushing a button, or put your thumb right on the viewer screen.. that’s not good.

Tip of the day: General advice for purchasing a new digital camera.

* Optical zoom is better than digital zoom. Make sure that the “zoom” feature of your camera is handled by a moving lens. Digital zooming is okay in very small amounts, but the way it works will cause funny-looking “pixilation” when really put to work.
* You want image stabilization. Image stabilization is in my opinion simply a “must have”; fortunately, almost every manufacturer provides it. I won’t spend time, here, describing the different types. If you’re curious, click the link.
* The Megapixel. Folks, there is a lot of confusion regarding the camera jargon word “megapixel”. A higher megapixel number does not necessarily equate with “sharper image” or “clearer picture“.. in fact, they usually have nothing to do with each other.
Megapixels refers to the image (data) size and determines how big an enlargement you can make before you start to experience distortions (think of it as being a bit like film sizes). If the largest prints you ever make are 5 x 7, a three-to-four Megapixel camera is all you need. A 10 Megapixel camera is overkill for the vast majority of uses, and it will simply fill your memory card faster, with fewer shots. (But, you can make poster-size prints.)
* LCD “viewfinder”. I think it is important to have a manual viewfinder, as well as the LCD screen.. but that is personal opinion. In terms of LCD, the two factors to consider are placement and size. It should be big enough that you can see what it is showing when you hold the camera away from your body, and, it should be positioned on the camera in such a way as to not cause you to hold your hand in a funny/odd way so that you can see it.
Important: The LCD screen not only needs to be large enough to see, but it needs to be bright enough that you can see the preview when you're outdoors in sunshine. If the image looks kind of dim in the store...
* And I’d like to repeat, your camera should just feel right in your hand.
* Don’t buy features you won’t use. If you are not a photography buff, and don’t want to memorize a 200-page owners manual, then you don’t want to buy a D-SLR; you want a “point-and-shoot”, (You won’t impress anybody with it anyway) and you don’t need 24 “settings” if you’re only going to use one. Right? Right.

Today’s free link: If you are like the fella I mentioned in the original articles, and like to read reviews and technical specs, or if you just want more information about digital photography (maybe it’s your hobby), check out http://www.pcphotomag.com/.

Copyright 2007-8 © Tech Paul. All rights reserved. post to jaanix

Share this post :

Tips for computing in public

Let me ask you a question: if you were on a long flight, were restless and bored, and the person in the seat next to you took out a laptop and fired it up, would you peek at their screen? Be honest now. Would you? Of course you would.

I read somewhere that 45% of travelers answered “yes” to that  question in a survey. That strikes me as a low number (and tells me more about how people answer surveys than anything else). I mean.. what else is there to look at?

The fact is, in part thanks to the availability of WiFi and public “hotspots”, more and more people are becoming “road warriors” and take their notebook computers with them when they travel. Whether it’s for business or pleasure, people are using computers out in public — where prying eyes can see. You will see people on computers at the library, at Starbucks, and on planes... well, pretty much anywhere.

This raises some security issues, and some privacy issues. “Shoulder surfing” and “screen snooping” can reveal things about yourself that it might not be wise to reveal. Your email address for example. (And if you're using an ATM, entering your PIN..)
There are several security factors to consider when using public WiFi, which I will discuss in a future article(s), such as packet capture, man-in-the-middle, and rogue access points, but today I just want to discuss your privacy.

Tip of the day: Keep your screen private. If you are like me, you really don’t want strangers reading your computer screen. If you are careless enough, someone could watch you and learn things that would allow them to steal your identity. A business competitor could steal company secrets (a brief aside: corporate information loss damages range in the billions each year, though screen snooping is not the usual method for loss). Besides, my “stuff” is my stuff.

If you do any public computing, in any sort of public place, I highly recommend you invest in a privacy screen filter. These are special plastic sheets that fit over your screen and only allow viewing from directly in front of the screen. They work sort of like polarizing lenses, or perhaps a slatted window shade is a better example, so that people (eyes) off to the side will only see black. This narrowness of view works well enough that your airplane seatmate will be unable to see a thing.

You might think these privacy filters would reduce your ability to see your screen, or reduce its brightness, but by reducing glare they actually seem to clarify your view. If you don’t like snoops, and want to thwart cyber-criminals, you’ll want one of these screens. The one I recommend is made by 3M.

Today’s free link: I download large files frequently enough that I find a download manager tool invaluable. The one I use is Free Download Manager. From site: “FDM accelerates downloads by splitting files into sections and then downloading them simultaneously. As a result download speed increases up to 600%, or even more! FDM can also resume broken downloads so you needn`t start downloading from the beginning after casual interruption.”

Copyright 2007-8 © Tech Paul. All rights reserved. post to jaanix

Share this post :