Wednesday, December 23, 2009

Single-tasking rules with new text editors

Maybe it's a longing for a simpler time, or the realization that your computer is loaded with distractions, but lately I've been seeing lot of text-editing programs designed to narrow your focus.

Multitasking is out now. Welcome to the wonderful world of single-tasking.  

I've been reading about the Darkroom program for Windows, and Writeroom for the Mac. Then there's WriteMonkey and PyRoom, two other programs that do absolutely nothing but give you a background to type your words on. Almost nothing to play with on any of these programs.

The big question here is, what fun is that? It's not like you can adjust your margins, change fonts, or add fancy graphics here. Your screen looks absolutely barren; even the desktop icons and Freecell game are blanked out.

I use PyRoom (which is pictured here), a text tool that shows you nothing but a green box on a black screen. My text shows up in green in that box. No formatting, no toolbars, no dancing paper clips -- just the text in a box.

When I wrote for the Fontana Herald-News, we used the old Harris typesetting system, which was ancient even in the late 1980s. PyRoom reminds me of the terminal I typed on back then. The only real difference was that there was a string of commands at the top of the screen, which were for setting the type and meant nothing to me, the writer. I was limited to eight characters for the file name (which we called a "slug" back then.

I was quite productive on these old-school screens because, well, there was nothing else to do but write. I'm easily distracted, so it's probably a good thing I don't have an Internet connection at home or I'd get nothing done.

Much as I've tried to multitask, I always do my better work when I'm going the opposite direction. That means when I write, I write. When I design the page, I design the page. Those two disciplines used to be -- and still should be -- kept separate. That's why I do most of my writing on a plain-vanilla text editor instead of something like OpenOffice or Microsoft Word.

With PyRoom you can set the background to a variety of color schemes, but I stick with the default green-on-black. And I understand with WriteMonkey you can even set the sound to give you the clacking of a typewriter; how cool is that? Other than that, your commands are pretty minimal with these programs. Here's the help file with PyRoom:

---------
Control-H: Show help in a new buffer
Control-I: Show buffer information
Control-P: Shows Preferences dialog
Control-N: Create a new buffer
Control-O: Open a file in a new buffer
Control-Q: Quit
Control-S: Save current buffer
Control-Shift-S: Save current buffer as
Control-W: Close buffer and exit if it was the last buffer
Control-Y: Redo last typing
Control-Z: Undo last typing
Control-Page Up: Switch to previous buffer
Control-Page Down: Switch to next buffer
---------


While Darkroom is a Windows program and Writeroom is ported to the MacIntosh, PyRoom has no real preference. It's written in the Python programming language, so it should work with all operating systems. It's also free. 

I wasn't sure I'd like using such a stark text editor, but the more I use it the more I like it. And I get a lot more done when I'm using it.

###


Monday, December 14, 2009

Can't go outdoors? See weather virtually




You know about those frequent computer users, be they writers, gamers, cubicle residents, and programmers. They spend hours squinting at an LCD screen to the exclusion of everything else. For some, computers have become a handy alternative to real life.

If you have to go to a weather site to find out if it's raining outside, then you're just the person I'm talking to.

I read this piece in FilePlaza about YoWindow, a program that makes it unnecessary to even go outside. Seriously. According to the article, it brings the outdoors inside.

From FilePlaza:

... a beautiful landscape changes over time, reflecting the actual weather. It's like watching the weather out your window. Watch the weather with pleasure!

Ugh, no thanks.

Admittedly, I spend a lot more time at the computer than a grown man should. But my favorite at-home workstation is out on the front stoop, with the laptop and a cup of coffee. If the weather is rough I'll sit in a chair by the propped-open front door. My favorite online place is a college campus nearby, outdoors, where there's plenty of scenery (yeah, that kind, too).

I guess YoWindow would have a special value to the office worker who is chained to his cubicle. I've never had one of those jobs, and I'd rather have a battery acid enema than work under those conditions. Even when I worked in newsrooms, I took every excuse to go outside and hunt up my stories in person.

So, if you're one of those folks who is indoors all the time and has a skin pallor that you can only get when raising mushrooms, you might want to take a look at YoWindow.

Or, better yet, find an excuse to go outside and enjoy the real deal.

###

Saturday, December 12, 2009

An old scam takes a new homegrown tack

You've probably seen this scenario in your email box a few times. Someone has lots of money they can't get to, and wants your help in securing it. Just send a reply, and that'll start the wheels turning. 

But these can be sniffed out a mile away. They're usually from someone in Nigeria, or some other third-world country.

I received another one of these scam notes in my email, with a different angle to it. Instead of someone claiming royal blood in some country most people can't find on a map, this one looks all-American. Like, from a U.S. serviceman:

"I am Capt. Bruce Evan Roberts, with the US Navy Joint Special Operations,USS COLORADO around Gulf of Aden, I have $9Million US Dollars in my possession,which was seized/confiscated from somalia pirates between Yemen and Somalia Waters in Gulf of Aden, we want to move the funds out of the USS COLORADO around Gulf of Aden to a secure location to enable you assist us in investing it in a profit oriented business."

And here's the pitch:

"I need someone I can trust to actualize this venture, you will receive this funds through a secured US Military Delivery Freight duly authorized/legalize by Middle East Regional Command. The funds would be kept for us safely by you until I am discharge of my duties here in the USS COLORADO around Gulf of Aden by January 2010. Do respond back to me indicating your response so I can further discussions with you on the safe movement of the funds out of here and how much commission you shall be entitled to from the $9Million. Please do respond to my personal e-mail: brucerobertss@hotmail.co.uk ..."

A couple of obvious red flags. The letter did not come from his personal email box, but from mr.frankies@att.net -- and it's sent to "undisclosed recipients." Even inspecting the source HTML code of the letter doesn't provide any more information than that.

And then, the gist of the letter was enough of a warning. My personal bullscat detector, well, the needle was buried in the red.

Hey, uh, Captain Bruce, baby (if that's who you are). I'd like to extend the same advice I once offered in an online forum after someone responded to my opinions by flaming my shorts off: You just might want to check to see if your identity has been stolen lately. Some jerkface is using your name.

As for y'all email recipients, it goes like this. Despite the American-as-pizza-pie, score-one-for-our-country trappings in the letter, treat it the same as when some Nigerian gazillionaire or Moroccan princess or Venezuelan dictator offers a share in the booty via email. To wit:

See that key on the upper right of your keyboard, the one marked DEL over there? Yeah, that one. It's made for emails like that. Use it with extreme prejudice.

Supporting our troops doesn't include falling into some scam that's using the name of one of our servicemen.

###


Wednesday, December 9, 2009

Facebook security issues? It's the ducky's fault

Gee everybody's so friendly on Facebook ... probably too much so.

Two Facebook users, Daisy Felettin and Dinette Stonily, sent out friend requests to 100 Facebookers each, chosen at randon though concentrating on their own age groups. Between the two of them, 95 people decided to become their friends.

Except Daisy and Dinette don't exist. They were created by the IT firm Sophos to show how easy it is to convince Facebook users to reveal personal information to total strangers.

Daisy (using a photo of a rubber duck as her avatar), is known to Facebook users as a 21-year-old woman, while Dinette Stonily presented "herself" a, a 56-year-old with a photo of two cats as her avatar.

Daisy concentrated on younger Facebook users, and came away with 46 new friends. Of these 46, she got full birthdates from 89 percent of them, family/friend data from 46 percent, a town or suburb from 50 percent, a full address from four percent, and a phone number from seven percent.

Older Facebook users, when dealing with Dinette, were also quick to become friends. Of the 100 approached, 41 became friends -- but another eight approached Dinette of their own accord and befriended the cat-loving phantom. And of the 49 new friends, Dinette got full birthdates from 57 percent of them, family/friend data from 31 percent, a town or suburb from 43 percent, a full address from six percent, and a phone number from 23 percent.

Check out their names again. They're based on anagrams for "false identity" and "stolen identity."

Ugh. There are a lot of people who shouldn't be running computers.

At Sophos, they call this experiment the “rubber duck attack.” There's a purpose behind the goofy moniker, as it shows how you can gather someone’s personal info without any technical expertise, simply by working within the social network’s rules.

I can't stand Facebook. I'd rather not waste my time with it. I was ready to shut down my account when some friends -- real friends, as in people I know and like -- started contacting me there. For many of these friends, that's the online way to keep up with one another.

OK. It goes like this. Not everyone who says he wants to be your friend is really your friend. Got it? You wouldn't invite some random person into your living room just because he says he wants to "friend" you, as they say in Facebook. But then y'all already knew that.

Here's something revealing: The 46 people befriended by Daisy have an average of 220 Facebook friends, while Dinette's 49 new pals have an average of 932 Facebook friends.

I'm tired of belaboring this point: Nobody has that many friends. 

Sophos (the duck people) offer their own social-networking security tips:

  • Don't blindly accept friends. Treat a friend as the dictionary does, namely "someone whom you know, like and trust." A friend is not merely a button you click on. You don't need, and can't realistically claim to have, 932 true friends.
  • Learn the privacy system of any social networking site you join. Use restrictive settings by default. You can open up to true friends later. Don't give away too much too soon. 
  • Assume that everything you reveal on a social networking site will be visible on the internet for ever. Once it has been searched, and indexed, and cached, it may later turn up on-line no matter what steps you take to delete it.

And watch out for potential friends bearing rubber ducks.

###

Tuesday, December 8, 2009

Chrome browser finally available for Linux

A beta of the Google Chrome web browser is now available for Linux.

About time!

Downloading now ... as I write this. Expect more after I install it.

Available in .deb (Debian) and .rpm (Red Hat/Fedora) binaries.

Try it with me, y'all penguinistas!

Thursday, December 3, 2009

Running bombproof Vector Linux on netbook

When it comes to computers, I'm always up to something. It's probably one of my failings.

Although my netbook works very well with the mini-Linux system I recently installed, I wanted to standardize things a bit. I've been working toward a "final solution" that mirrors the system I have on the desktop unit.

So, I was up until around 3 a.m. one Saturday morning, installing a new operating system on the netbook. I am now using Vector Linux, a Slackware-based, rock-solid OS.

It wasn't difficult, but then I've installed many a system on my computers. Really, the only part that was different was that the netbook doesn't have a CD-ROM drive. I was using a thumb drive for the dirty work.

But it's up, running, and all that good stuff.

Part of it is, as I mentioned, I just can't leave stuff alone. In fact, that's partly why I needed to make changes to the netbook anyway -- in full experimental flight I toasted the Windows XP installation, corrupted some system files, and was left with a rather expensive paperweight until I broke out the tools and thumb drives.

In the interim I ran Puppy Linux, a fast little system that weighs in at less than 100 megabytes for the download. It's one of those simple-as-it-gets systems, blistering fast and a joy to use. Really, it's almost too much fun to be on a computer.

But Puppy Linux is a little squirrelly when it comes to downloading and installing new software. That's something the developer is working on and while he's making some real strides, it's not there yet. Plus, I wanted my laptop to have the same system I have on my desktop. Some consistency is always a good thing. That's why I opted for Vector.

OK. Linux is Linux. It's all built around the same kernel, the same X windowing system, the same basic command-line programs you never see. Over the years the gap between the graphics-happy Windows and stodgy command-line Linux has closed, but the solid UNIX base remains. Plus, Linux is free, and tailor-made for those of us who keep experimenting and breaking things.

Vector Linux is based on Slackware, which is probably the most stable, most Unix-like of the Linux versions. I've followed its development for several years, and it was the version I've stayed with the longest. I'm using version 6.0 on the netbook, the same as on my desktop. In fact, it all came from the same download.

See, that's one of the things about Linux. The licensing is different. You can take a download and set up as many computers as you want with it, and there's no Bill Gates around to tell you you're a pirate. In fact, this share-the-love practice is encouraged. I can burn as many CDs of the system as I want, give them away, sell them for a few bucks, as long as the GPL license (which they call a "copyleft") is intact.

Again, installing is a little problematic on the netbook because there's no CD-ROM drive. The best workaround is by using Unetbootin with a thumb drive. I put Unetbootin and the Vector Linux .iso file (which is what you get when you download) onto the drive, then used a Windows computer (had to go to the library for that) to install Vector on the drive so it will boot up. Then clear up some room on the netbook hard drive, use gparted to create a partition for Vector, and reboot with the thumb drive. Follow the prompts on the screen (on my Acer, I hit F12 for boot options), and install Vector on the new partition, a process which sounds dangerous but it's a simple matter of following the prompts. Then put Vector on the GRUB boot loader (a simple cut-paste in a text file), reboot, and I'm running my new system.

OK. That's the simplistic version, and I know I lost many of y'all here. Let's just say I've done this a few times. Don't be surprised if I eventually put together something more detailed, something you can download.

The big zillion-dollar question: Did I lose my work files from the old Windows system? No. They're all there, and I can open and edit every one of them. What's even better, I have an emulation program called WINE that will run most of the Windows programs. In fact, the Windows installation is untouched. Should I rebuild my broken system files and get XP to work, then I have a choice of which system to start when I turn the computer on.

A couple of things still need work. At first Vector didn't recognize my onboard condenser microphone, ruling out recording. Strangely enough, though, I downloaded my favorite sound-editing software (Audacity) through Vector's repositories, and the mic works well with that. I kind of wish I knew why it would suddenly work, but I'm not going to complain. It took a bit of experimenting to get the webcam going, though it's not something I expect to use. So at least these issues are resolved.

I'm still looking for software that would put the laptop in hibernate mode when I close the lid. So far I'm not having much luck. The computer continues to run and the screen saver kicks on, so there's still some battery drain. Unless I find a handy program I can plug in, I may have to recompile the kernel. Now that's getting into territory that's way advanced for me.

But everything else works just fine. My wireless connection works as it did before. I added some of the pretties, installed Open Office, included my favorite news feed reader, and the netbook is battle-ready. With a system that's practically bombproof.

###

You tell me: Does the thought of installing a whole new operating system scare you? Do you break a lot of things while experimenting, or do you leave well enough alone? Any suggestions for my hibernation problem? Use the comments section for feedback.

Screenshot:

Vector Linux running on the netbook. The graphics interface is xfce4. Programs visible are Open Office, and xmms music player. Oh, if you insist, that's a command shell in the foreground, 'cause it IS Linux. I actually use mine. To the right is the gkrellm system monitor. I shot the background photo in Hawaii. Enough eye candy for you?

Thursday, November 26, 2009

Chrome OS promising, but it's more for the future

It won't be ready for the general public for another year, but the sneak preview of the Google Chrome OS is generating quite a buzz.

It may be a Windows-killer, some claim. It'll put Linux on the map, say others. It'll be a fiasco, say still more pundits. So far, nobody's neutral.

Google Chrome, built from the Debian GNU/Linux operating system (which I've always liked), is designed for the ultralight, ultracheap netbooks that are not really built for much more than Web browsing and lightweight office work. And the Chrome system is really little more than a front end for "cloud computing" -- the use of online applications and storage.

According to the Google blog:

... it's all about the web. All apps are web apps. The entire experience takes place within the browser and there are no conventional desktop applications. This means users do not have to deal with installing, managing and updating programs ...

That in itself is enough to really stir the pudding in the computer world.

I guess that's the future of computing, and it stands to reason that one may not even need a hard drive in the future. That's the trend I'm seeing carried out to its logical conclusion, though it doesn't mean I have to like it.

I've fooled around some with online applications, such as Google Docs. While they're OK, I have trepidations about using these for everything. I've also played with bubbl.us, an online mind mapping program. While these concepts are great for portability -- you can access your stuff from any computer without even a thumb drive. I'd rather keep my documents on hard drive. I'm even chary about backing them up online, and I like a lot more choice about what applications I do use. But from what I've read, the Google Chrome system throws you right into the future.

Although InfoWorld’s Randall Kennedy says Google’s Chrome OS will be a big failure, Robert Scoble thinks it's just ahead of its time:

... what about my son who is in high school? By the time Chrome OS comes along in big numbers he’ll be in college. Why take a $1,000 computer to class? Couldn’t he do everything he needs to do on a low-cost computer that’s lightweight, replaceable, uses low power, and just uses the web? Absolutely. InfoWorld is making assumptions that the world is going to stay the same. That simply is NOT true ... what will run on these new devices? A heavyweight OS like Windows 7 that takes me 40 seconds to boot up and does a ton of stuff I really don’t need, or a new OS that just has Google Chrome as its centerpiece?"

Even with nothing but a Web browser? Scoble says this:

... hey, I just wrote this post on Google Chrome while sitting listening to Marc Benioff at the TechCrunch Real Time Crunchup. I have not seen a single thing demonstrated on stage yet that won’t run on Google Chrome OS ... this is a winner, but on a new field ...

I may download the Chrome OS and give it a shot, though I'm not all that enthused about it. Since it's a front end with little more than a graphic user interface, a few core programs, and the Chrome browser, why does the download weigh in at around three gigabytes?

Out of the box, the download on my current Linux operating system is a tick over 700 megabytes. And that includes all the programs that make the computer a self-contained one. You can get surprisingly complete Linux distributions on a 100-megabyte download.

Still, I'm intrigued by this system, and hope it is adopted early and often. There's no secret that I'm a big fan of Linux, and the Chrome OS may finally dissolve the perception that Linux is too busy being geeky to be useful.

Now, understand that none of this is carved in granite, or even in bologna. This sneak preview is available in source code format, and it'll be a while before the final, battle-ready version is ready. In the interim, those who grabbed the download are essentially beta testers. Run it, crash it, make note of what you did, and report back to the developers.

The new operating system still begs the question: What will it do with Microsoft's death grip on the PC market?

Taking the pundits' comments and working the middle ground, the answer is not a lot. TechCrunch writer M. G. Siegler suggests Chrome will nibble into the bottom end of the Microsoft market -- the netbooks, the cheap computers. But until Windows 7 was released, Microsoft had conceded that end of the market. Most netbooks came with some form of Linux preloaded, while a few had Windows XP. Part of the game plan behind Windows 7 (which I'm not going to review; I'm more interested in open-source software) was to recapture some of the netbook users, and by most accounts the new Windows is one of the best systems Microsoft has ever produced.

Siegler writes:

... Google’s positioning for Chrome OS reads like a page out of Apple’s playbook, only from the opposite direction ... Apple, of course, takes the opposite approach, targeting the high end of the market with their high-quality and high-margin machines. If Google is successful with its Chrome OS netbooks (let’s call them ChromeBooks), what we could see is the squeezing of Microsoft, an idea I first laid out a month ago. With attacks from the top and bottom, Windows will be relegated to the middle. And ultimately, if Google has its way, marginalized ...

Stay tuned.

###

Tuesday, November 10, 2009

After rough start, Firefox marks fifth birthday

I never would have expected this. Firefox is five years old.

Despite its promise from the jump, Firefox spent its beta period without any real identity. Literally.

At first no one was really sure what to call it. For a while it was known as Phoenix, then Firebird. I believe the developers had to come up with a fast name change because there's another piece of software called Firebird, and branding is a big thing in the computer world.

With such an inauspicious beginning, it's amazing to see that the product survived, let alone developed a reputation as a stable browser.

To further confuse things, Firefox is open source, meaning you can take the code, tweak it, build something else from it, and rebrand it. This was done with Debian Linux, as the Firefox brand is copyrighted though the source code is not, so that thing that looks and feels like Firefox is called Iceweasel or some such thing. I've also used BonEcho, a rebranded, stripped-down version of Firefox for the ultralight Puppy Linux.

For a while, one of the lesser-known and more tongue-in-cheek Firefox extensions available was called firesomething, which would put a whole different name on the browser every time you run it. The name on it may be SnowSnake this time, and maybe something like BlizzardLizard the next. It was a goofy extension, but brought a chuckle to this user who remembered Firefox's early search for a name.

The browser made it out of beta and released Version 1.0 five years ago this week. Within four days, more than a million people downloaded it. I was one of them.

I was one of the early Firefox adopters. I was running an assembled-from-scratch computer, and already I was sick of Internet Explorer's balkiness and security leaks. I went to the old Mozilla suite, and when that company announced it was throwing its resources into a new, browser-only project, I had to try it out.

The design was a thing of beauty. You were getting a basic browser, and you'd add whatever you feel you needed to it. Now, five years later, the modular design remains. My Firefox has the experimental Google Gears extension, plus the LastPass password keeper. But the biggest extension I have is ScribeFire, which allows me to compose blogs within the browser and post them seamlessly. ScribeFire is big, adds more bloat to the browser, and is sometimes buggy so I'm a bit lukewarm about it. But I use it.

A caveat about Firefox: The more add-ons and extensions you install, the slower it will run. It's like running a car with all the options instead of a model with power nothing and the kind of air conditioner you get when you open all four windows. But even with a lot of chrome on it, Firefox is a good browser, stable, and secure. The developers stay on top of things, and are quicker to solve their bugs than the Microsoft people are at admitting there's a problem with IE. For a while, Firefox had a problem where it would blow up in your memory and consume every CPU cycle you had, but that was solved several updates ago.

Over time, Mozilla dropped its old browser and made Firefox its big Web browsing application. Recently, some fans of the old Mozilla browser took the source code, tweaked a few things, updated the whole thing, and released it as Seamonkey.

Now, Firefox is taking a decent chunk of the browser market. It's the main browser by about 25 percent of Web users, but that's a funny number. Firefox is not routinely installed on computers out of the box, and many users tend to stick with what's already on the box -- like Internet Explorer. Figure it. To use Internet Explorer you unpack the computer, plug it in, and double-click on the big "e" on the screen. You have to go out of your way to get Firefox -- and then install it yourself. But, Firefox now grabs a bigger share than the obsolete IE version 6, which is still a step ahead.

Recently, MozillaZine announced that Firefox was present on a majority -- 50.6 percent -- of computers, based on numbers by the exo.performance.network. So someone, somewhere, is doing an awful lot of downloading.

But while Firefox has seen some real growth lately, the year-old Google Chrome is growing even faster. Roughly four percent of computer users are making Chrome the prime browser, so that one has a way to go, but the growth rate matches the buzz it's generating. I played some with Chrome, but its development has primarily been on the Windows and, more recently, MacIntosh side. Still, I'm pleased by its lightness and speed -- by comparison a fully-loaded Firefox is kludgy -- but Chrome has an unfinished feel to it. I do suspect that, once it is ported to Linux, I may put it on my front line.

Firefox is still my go-to browser, but mostly because it works better with much of the stuff on the Web (particularly the experimental Google Labs widgets). It's probably a little bloated for my taste, though. Much as I tend to shy away from those large, do-everything suites (such as Open Office), I like Seamonkey (the rebuilt and reissued Mozilla browser suite) a bit better. Even with the built-in mail reader and HTML editor, its design is lighter than the browser-only Firefox. I do like Opera for the same reason, though it hasn't caught on in the mainstream computer world at all. Too bad. Opera is the only one that has a chance of outrunning Chrome in a speed test. Both of them are much quicker than Firefox, while IE lags so far behind you'd need searchlights to find it.

But if you want pure speed, Lynx runs circles around all of them, including Google Chrome. But since Lynx is text-only, you might have a problem watching those YouTube videos on it.



Monday, November 2, 2009

Many social-media games turning into scams

I can't get into Facebook. I do have an account, though I use it more to communicate with some of my friends. And I can't see spending a lot of time on it to play the games.

I have some friends who are seriously into the Facebook games and applications. Farmville, Bejeweled, YoVille, and Mafia Wars are real popular among the people I know. I can't be bothered with that stuff myself. I go on Facebook maybe long enough to check my messages, say hello to a few friends, and log off to check my Twitter account.

At first glance the Facebook games seem to be harmless fun. I understand you play many of them in levels; you clear the first level and move up to the bigger and better stuff -- much like the old-school Mario Brothers game or Dungeons & Dragons. So far, so good.

But TechCrunch has been working on a series of articles on the social-media games, and writer Michael Arrington smells a lot more scam than score.

With a lot of these games, there are two ways to hit another level: Earn it by playing well enough to clear the level you're on, or pull a George Steinbrenner and buy a new level. With real money. Your real money.

Already you can see this coming, if you're half perceptive. The game gets you hooked. It's like any other "progressive" type of game, and I can vouch for that. I've spent many hours trying to crack the combination on FreeCiv, an open-source version of Sid Meier's Civilization. Next I know the sun's coming up, my legs are frozen in one position, my left hand is all cramped up from pushing the mouse around, and my butt lost all feeling hours ago. So I can understand that.

But crank in the buy-ins and the special offers, especially if you're frustrated at the %$&#! game and your brain is fuzzed over from a marathon session, then things get real interesting.

On Oct. 31, Arrington wrote this:

... these games try to get people to pay cash for in game currency so they can level up faster and have a better overall experience. Which is fine. But for users who won’t pay cash, a wide variety of "offers" are available where they can get in-game currency in exchange for lead gen-type offers. Most of these offers are bad for consumers because it confusingly gets them to pay far more for in-game currency than if they just paid cash (there are notable exceptions, but the scammy stuff tends to crowd out the legitimate offers). And it’s also bad for legitimate advertisers. The reason why I call this an ecosystem is that it’s a self-reinforcing downward cycle. Users are tricked into these lead gen scams ...

Here's one scam, according to Arrington:

... users are offered in game currency in exchange for filling out an IQ survey. Four simple questions are asked. The answers are irrelevant. When the user gets to the last question they are told their results will be text messaged to them. They are asked to enter in their mobile phone number, and are texted a pin code to enter on the quiz. Once they’ve done that, they’ve just subscribed to a $9.99/month subscription. Tatto Media is the company at the very end of the line on most mobile scams, and they flow it up through Offerpal, SuperRewards and others to the game developers ... nothing in the offer says that the user will be billed $10/month forever for a useless service.

Had enough yet? Here's another:

Video Professor ... users are offered in game currency if they sign up to receive a free learning CD from Video Professor. The user is told they pay nothing except a $10 shipping charge. But the fine print, on a different page from checkout, tells them they are really getting a whole set of CDs and will be billed $189.95 unless they return them. Most users never return them because they don’t know about the extra charge. Woot. Again, sites like Offerpal and SuperRewards flow these offers through to game developers ...

Slashdot, one of my favorite sites for geeky news, says this about the TechCrunch articles:

... the system is rife with scams, and many game developers turn a blind-eye to them, much to the detriment of the players and the legitimate advertisers — not to mention the games that rightly disallow these offers and fall behind in profits. The article asserts that Facebook and MySpace themselves are complicit in this, failing to crack down on the abuses they see because they make so much money from advertising for the most popular games ...

If you play these online games -- or if you're thinking about it -- I highly recommend these three TechCrunch articles, all by Arrington:

Part One - Social Games: How The Big Three Make Millions

Part Two - Scamville: The Social Gaming Ecosystem Of Hell

Part Three - Two Companies That Said No To Social Media Scams

I'm getting awfully tired of doing these pieces on Internet scams. I'd rather do how-tos and reviews any old day. You think these scammers can give me enough of a break to pursue this? C'mon guys ... at least do it for my convenience?

###

Friday, October 30, 2009

Internet reaches middle age



Although few had even heard of this Internet thing (then known as the "information superhighway" until the early or mid-1990s, it got its real start 40 years ago this week.

It was Oct. 29, 1969 when the first two nodes of ARPANET were interconnected between UCLA’s School of Engineering and Applied Science and SRI International (SRI) in Menlo Park, California. And unless you were one of the guys on the inside, you really didn't know or care.

I was a bit of a late adopter. It was 1996 when I used a noisy modem to link into an Internet provider in a nearby city. My computer was an old Leading Edge XP, with an 8088 processor, Hercules graphics card, DOS 5, and 2400-bytes-per-second modem. I used Procomm to link up, and the text-only Lynx browser to surf.

This wasn't the first time I'd used a modem. By then I was an old hand at sending text files point to point over the phone lines. I worked for a newspaper in Kingman, Arizona at the time, and generated a lot of stories from my home office in Bullhead City, 40 miles away. I'd call the publisher, Matt, and tell him to set up the computer for incoming copy, give him five minutes, then send the stuff. Soon Matt would see my text streaming across his screen, a character at a time. One of my other reporters would send me his copy from his home office, I'd edit it from home, then send it to the home office the same way. I was even able to execute commands on my home computer (the Dos-driven PC) from the MacIntosh at work, using an old-school program called Telnet.

Once I got the knack of surfing the Internet, it became a bigger part of my life. And I remember telling my parents about my experiments. Dad was already good with computers -- we'd traded software for several years -- but he wasn't sure about this online thing. A curious toy, he concluded.

At the time, Netscape was the go-to browser before Internet Explorer nuked it in market share. There were rumors that you might be able to surf on the same infrastructure that your cable TV used, and much faster than dialup. Companies began building their own primitive Web sites, and ordinary people were cobbling together their own Web sites on GeoCities (which shut down a few days ago). It was a whole new world out there, the Wild Blue Yonder.

It's been 13 years since I fired up my first Web browser (Lynx, by the way, is still available and still text-only). But a lot has changed since then. Rather than write for print, my work shows up in the ether of the Internet and many of my readers are on the other side of the world.

I've developed friendships with people I'd never met, and who live in places I've never visited. I've discovered musicians I've never heard before and downloaded their music. I've downloaded entire a lot of software and quite a few operating systems -- and asked questions about the software online. I've communicated with a Linux developer in Australia and let him know how I was able to get his system to run on computers that even he wasn't sure could be done. I've debated many a subject online. I've set up the computer to download news from several hundred sources at a time.

I'm an experimenter, and can't leave stuff alone. Besides Netscape, I've used Internet Explorer, Mozilla, Seamonkey (which is what Mozilla has become), Opera, and Google Chrome. Firefox is my most-used browser now, but I notice Seamonkey is now in 2.0 and it deserves a look.

Instead of listening to a whining modem, I go straight wireless. I have about a half-dozen places where I go to do my work -- some indoors, some outside, and I'll unpack my netbook, hit a few buttons, and talk to the world. In fact, once I left dialup I had no earthly reason to even keep a landline -- a cell phone on my hip, wireless Internet close by, a second, Internet-based phone line through Google Voice, all my communications needs are met.

Even then, I'm a bit of a primitive. My cell phone merely makes calls and sends off text messages. It doesn't browse the Web. I can send short text messages to Twitter or this blog, even an email, but my single-function LG doesn't stack up to those iPhones or Crackberries that do everything.

When you consider the all-purpose cell phones, netbooks, laptops -- and I recently read about a pen that's really a computer -- you just may see desktop computers as another dying breed. Even hard drives may become a thing of the past, what with USB thumb drives and online file storage. Some of your netbooks work with just internal flash storage and USB drives, without a hard disk in sight.

The folks at UCLA and Menlo Park had no idea at the time what they'd started.

(Screenshot: The old text-based Lynx web browser, where I made my first forays on the Internet, is still around. It's shown here with Firefox 3.5.3.)

###

You tell me: Remember your first time on line? Care to share? Use the comments section for your input.

Thursday, October 29, 2009

Site outlines 10 ways to spot an Email scam

I've spent a bit of time looking at some of the nefarious things that can find themselves on your computer courtesy of the Internet. You can get bad programs, spyware, viruses, and some eerie email at the click of a mouse.

What with the speed and ease with which one can send off mass emails, the scammer has all the tools he needs to separate many people from their dollars. And you've probably seen a few of these messages showing up in your inbox -- maybe even a few this week.

From switched.com, here are 10 red flags that the email you've received is probably a scam:

Look for things like requests for personal information, lots of misspellings, clickable Web links, innocent-sounding surveys, that "hot tip" you don't remember requesting, unsolicited attachments, and you-must-act-now pitches.

From Switched:

If you see the phrases "verify your account," "you have won the lottery" or "if you don't respond within XX hours, your account will be closed," it's a scam – every time. Hit the delete button and don't look back.


This is one you should delete, kill, whatever you do with it.

It's a jungle out there. But then you already knew that.

###

Wednesday, October 28, 2009

Facebook password-reset email carries a virus

Sheesh!

These writers of viruses and other nefarious code will stop at nothing to spread the love. But while you can see many viruses coming a mile away, I understand this one looks official.

This one, a Trojan horse dubbed Bredolab, comes dressed up as a "Password Reset Confirmation Email" from Facebook. In the email you click on the link to -- you think -- get your new password. That's when the fun -- if you can call it that -- starts. That link downloads system-destroying files, such as rogue "anti-spyware" programs that inject their own spyware, into your computer.

Considering some of the problems Facebook has been encountering -- partly from increased traffic and partly from its own recent redesign, this email almost sounds plausible.

I haven't seen this one myself; I got the details from Mashable! and MXLab.

According to MXLab, here's the body of the message:

Hey vguysville ,

Because of the measures taken to provide safety to our clients, your password has been changed.
You can find your new password in attached document.

Thanks,
The Facebook Team


Here's the drill. If you see something like this from Facebook, watch out. It's probably not from Facebook. Bear this in mind:

- If you didn't request a password change from Facebook, you have no reason to receive a reset confirmation. Don't bother opening it; dispose of it immediately.

Enjoy your computer, don't be skeered of the virus bogeyman, but be wary when you go online. Cool?

###

Tuesday, October 27, 2009

Computer issues being resolved

I can say it now: The laptop is back among the living.

Most of my software is back up. I've knocked off most of my to-do list. I'm writing this column on it, and soon I will upload it and download email and news. I'm extremely pleased.

One of the things I noticed is that, with the new configuration, it's handling power better. I haven't checked to see if I'm getting any better battery life, as I tend to forget about things like time when I'm online. Gee, I could fly a passenger jet ...

But I have noticed that it's running much cooler when it's plugged in to the A/C adaptor. Seriously. It's not like I took its temperature (I'm not sure where to stick the thermometer), but I can tell the difference. I take that to mean the CPU isn't working as hard, a good thing.

From my master list, I still need to locate a program that will put the computer into sleep mode when I close the lid. My temporary operating system had that, so this shouldn't be difficult to find or install. From there, most of the work is either convenience or cosmetic -- like rebuilding my menus so they'd be a little more intuituve.

I still want to find an uncorrupted version of the Windows system file I blew out (hal.dll), but there's no rush there.

For the geekus extremis among us, here's a printout of some of the basics. If your eyes glaze over when someone mentions "CPU," feel free to skip over this part:

-Computer- Processor : Intel(R) Atom(TM) CPU N270 @ 1.60GHz Memory : 1022MB (267MB used) Operating System : Unknown distribution Date/Time : Tue 27 Oct 2009 01:31:22 PM GMT+5 -Display- Resolution : 1024x600 pixels OpenGL Renderer : Unknown X11 Vendor : The X.Org Foundation -Version- Kernel : Linux 2.6.29.3 (i686) Compiled : #1 Tue May 19 23:43:56 GMT-8 2009 C Library : GNU C Library version 2.9 (stable) -Current Session- Computer Name : epulsifer Desktop Environment : Unknown (Window Manager: Fluxbox) -Misc- Uptime : 17 hours, 5 minutes Load Average : 0.23, 0.15, 0.15

This "uptime" is interesting. Keep in mind, this is a laptop and I don't have that sleep-mode switch fixed, so it's been running, powered and plugged in, with the lid closed.

Just for yuks, I checked to see how long my desktop (which also runs on Linux) unit has been booted up without a restart:

7d 17:46

OK. I rebooted that computer a week ago. I usually only shut the desktop down when I'm experimenting with another computer (not enough power cords to go around), replacing a part, or moving the unit.

Just try doing that with Windows.

###

(Pictured is a screenshot from the laptop. OK, you may not recognize a lot of this stuff if you're a Windows user. The interface -- Fluxbox -- is pretty minimal, but it stays out of my way.)


Monday, October 26, 2009

Resurrecting laptop took plain & fancy fixes

OK. I think I'm back up and running.

Was out of the loop for a few days; my main access to the Internet went south until I was able to fix it.

This laptop is my mobile workhorse. Although I do much of my writing on the home computer, it's strictly a standalone unit that doesn't conect to the web. To upload and download, I use my Acer netbook for all the dirty work.

The Acer was victimized by my tendency to experiment. I'm not even sure what I did. I jiggled when I should have joggled, and corrupted a couple of system files. Now, that computer is driven by Windows XP, which doesn't lend itself well to evil experiments. Anyway, when I boot up into Windows, an error message pops up letting me know just what I'd b0rked, and won't let me go any farther than that. A dead computer.

Thanks to some other experiments I'd run, the netbook wasn't dead in the water for very long. I have a few quick-and-dirty solutions that brought it back to the land of the living, but I'm not done yet. Working on a "final solution," but the duct tape and spit will work for now.

From quick-and-dirty land:

I have a Linux system installed on a 1-gigabyte thumb drive, and I set up the laptop's BIOS to look there first before booting anything else up (instructions are on the screen). I'm using a variant of Puppy Linux, which is great because it runs in memory. Once I'm booted up, I can pull the thumb drive and work without that thing hanging out of the computer. It's probably an OCD thing.

If you're a Linux user, you can set up any version to run with a program called Unetbootin. It's very cool. You grab the .iso image file of whatever Linux version from the Internet, install it to the thumb drive via Unetbootin, fire up the computer with the thumb drive installed, and you're running Linux. You'll be able to access the files on your hard drive as before. The only caveat is that, unless your version of Linux is designed to run completely in memory (such as Puppy Linux), you won't be able to remove the thumb drive without screwing things up.

On that USB drive, I have all the goodies I need -- wireless fixins, a Web browser, text editor and word processor, and a program to play mp3s while I work. I'm all set there, at least for now. And I have the same system installed on a smaller, 256-megabyte USB drive that stays in my cell phone case, so I have a backup.

That was my temporary fix, and it served me well. But it wasn't the final solution. The good news is that over the weekend I got much closer to something more permanent. A newer, more expandable version of Puppy Linux is now installed on my hard drive, and I can boot directly into it without using the thumb drive. Much cleaner, much more permanent.

One of the limitations of Puppy Linux is that its ability to install newer software is a little squirrelly. The developer, a nice Australian guy named Barry Kauler, built the system for speed and a small footprint, and many of the add-in programs had to be adapted for that system. But, through the "woof" project, one is able to import software from Ubuntu repositories or the Slackware-based .tgz format.

I know this means nothing to non-geeky types, but here's the upshot: Newer, better software. With the old Puppy Linux, I'm limited to version 2 of Firefox; now I'm able to grab the newer -- and in this case better -- version 3.5.

OK. Almost there. But something's still missing:

I'm a news junkie, and a big part of my blogging is my ability to capture all the news I need. Plus, I want something that would give me some flexibility. I want to be able to move all this news from my laptop to the desktop at home.

In short, I want a portable RSS reader that I can use online or offline.

For those who don't know about such things, an RSS reader is the world's greatest invention for news junkies such as myself. You subscribe to your feeds, download the news you want, and read it at your leisure. Most news websites and blogs -- including this one and The Column, Reloaded (which I highly recommend) -- allow you to subscribe; but some will just give the partial feed, a paragraph or two, while others give the full text and graphics.

My own feeds include a handful of news outlets -- Yahoo! News, CNN, Newsweek, the BBC, ESPN. Plus many blogs. I have tons of political blogs in my feeds -- Daily Kos and the Huffington Post on the left, The Heritage Foundation on the right, and the libertarian Cato Institute. Although my politics are pretty well defined, I like to see what all sides have to say.

I never bothered counting the number of news feeds I have, but I have more than 1,00 news items to sort through every day. Some, obviously, are good for little more than a glance at the headline. Others I'll read, mark, prioritize, quote from, and link to in my blogs. And still others I'll forward to friends.

If you're a Gmail user, you have access to Google Reader, which fits most of the bill. But I wanted my news to be more portable than that. Google Reader does have offline capabilities, but that's still experimental.

I considered using a second, 8-gigabyte thumb drive that I use as my mobile storage disk. That's where I keep my work files, plus my Portable Apps suite.

I love Portable Apps. That's where I have a handful of to-go programs. There's Firefox, Abiword, Thunderbird, a few games, and Open Office, all on a flash drive that I can plug into anyone's computer, do my work, and leave no trace. I wrote about Portable Apps in my other blog, and it's one handy tool. The developers have some great programs available, but no RSS reader. And I'm ticked. In a pinch Thunderbird will work, but it's a poor option at best. And, these Portable Apps programs are Windows-based, meaning I need to use an emulator -- such as WINE -- to run them. Useful as WINE is, that's one layer of software I don't want to mess with for something as crucial as gathering the news.

While running my temporary system from the thumb drive, I experimented with several Linux-based RSS readers, and none were satisfactory. But with the freshly-installed Puppy Linux I tried the multi-platform, Java-based RSS Owl, and so far the interface works. While uploading this blog, I will test my installation to see if it actually downloads the news. I hope so. RSS Owl was my go-to news reader on Windows, so there won't be any real learning curve.

Fast update: It's working! I'm excited!

OK. What's still unresolved is my ability to share my RSS news with my desktop computer. The only real solution I see -- and this is theoretical -- is to score a router and network the two computers. But that's another project I'll study on later. My plate is already piled so high it's ready to tip over.

Here's my to-do list:

- Laptop lid switch - fix. (One problem with my system right now is that it doesn't go into sleep mode when I shut the lid. This means I either leave it powered up, or shut the whole thing down.
- Firefox 3.5 (Will download this in a few days.)
- Thunderbird, with calendar (My favorite mail reader, and there's a calendar add-on that, well, keeps me organized. Shoot, keeping myself organized is a losing battle most of the time, but let's not go there.)
- A couple of games (I'm not real big on that, but it's not all work and no play, and I do like a lightweight game or two every once in a while.)
- Gantt (This is a program that I use for planning, when time is important and there are definite steps to be taken. The one I use on my desktop is a Java-based program, and it's a simple download and install.)
- RSS reader!! (As I mentioned, this is being addressed.)
- qt3 (This is a series of library files that are needed to run Scribus, an open-source page layout program.)

That's the more important stuff. The rest of the list is something I can attack later:

- GIMP (This is an open-source graphics and photo-manipulation program, on a par with PhotoShop.)
- Audacity (This is a simple sound-editing program. I've used the laptop to record band rehearsals. Also need to come up with something better than the lousy condenser microphone that came with the laptop, but that's not an immediate need.)
- Open Office (I do have that, via Portable Apps, on my thumb drive. In truth, I don't use it all that much.)
- TweetDeck (This helps me organize my Twitter account, and it's quite useful. Twitter, by the way, is great for keeping up with the absolute latest news, but it's also the biggest time-waster since the Internet was invented.)

Enough already!

Tuesday, October 20, 2009

Scareware a big business, but fake virus 'protection' can be removed





Viruses and spyware are a real concern when you spend any time on the Internet, and some people are feeding on your fears for big bucks.

But while there are quite a few legitimate anti-virus programs out there, there are more that not only do not get rid of your viruses and malware, but install more of the same on your hard drive.

Symantec, which owns Norton, says more than 40 million people have fallen victim to the "scareware" scam in the past 12 months. According to the BBC, "online criminals make millions of pounds by convincing computer users to download fake anti-virus software." Which translates into an awful lot of dollars, not to mentioned the number of computers that are trashed by this cottage industry.

Over my years of surfing on the Internet, I've seen plenty of this. An ad shows up on a Web page I'm browsing, offering to scan my hard drive for free. Or flashing a message that would make even the most savvy Web surfer sweat -- that viruses have been detected.

The idea is that you click on the ad and it will scan your disk, or install a virus-protection device. That's what you think, anyway.

In reality, the scan or program is useless at best. At best.

At worst, the program or scan will install its own spyware, or its own virus, and really make hash of your hard drive -- and maybe even bill your credit card in the bargain.

Welcome to the rogue security software. They either are disguised viruses, trojans or are nothing but a sales pitch, trying to push another product to the user.

Call it scareware, because it's designed to frighten you into buying its product or download its own viruses, Trojan horses, or spyware.

Most of my Internet work is with this netbook, using Windows. But even while using Linux I've even seen these ads come up. I'm talking about the ads saying that viruses have been detected on my computer.

Which told me right away the claim was a bunch of horsesqueeze. For several reasons, Linux is not prone to viruses or spyware. Nor is MacIntosh, really.

OK. Time to check your computer. See what kind of virus protection you have. If it's from this list, you're in a bunch of trouble:

Cyber Security
Alpha Antivirus
Braviax
Windows Police Pro
Antivirus Pro 2010
PC Antispyware 2010
FraudTool.MalwareProtector.d
Winshield2009.com
Green AV
Windows Protection Suite
Total Security 2009
Windows System Suite
Antivirus BEST
System Security
Personal Antivirus
System Security 2009
Malware Doctor
Antivirus System Pro
WinPC Defender
Anti-Virus-1
Spyware Guard 2008
System Guard 2009
Antivirus 2009
Antivirus 2010
Antivirus Pro 2009
Antivirus 360
MS Antispyware 2009

These are rogue programs, according to ghacks. And if you have one of these, you'd better get rid of it awful fast. You probably clicked on something, downloaded what you thought was virus protection, and you may have noticed your computer running like crap.

So what do you do?

There's an article in ghacks which mentions "Remove Fake Antivirus," a portable software program for the Windows operating system that has been designed to uninstall 27 different rogue antivirus software programs from the computer system. You can download Remove Fake Antivirus here, and it's free.

I downloaded and ran it, though for me the on-the-workbench test was inconclusive. This is probably because I know the likelihood of me actually downloading and installing some of this scareware is really slim. The dialogue box showed, though, that it was removing each of these antivirus programs. My assumption was that this is the "default" dialog box. After running the program, you will be asked to reboot.

In truth, I'm a little chary of installing a virus-protection program from a non-company website (this is from a blog, how sketchy is that?) but sites like Download Squad (which gave it really lukewarm reviews), Softpedia, TechForums, and CNet (which rated it two-and-a-half stars out of five; not that great, and none of the readers reviewed it) carry links and product descriptions. Plus, I've never found reason to fault the information I get from ghacks.

A caveat: Here's one of the Download Squad reviews:

Well, I ran it, and it killed my main windows service and forced a restart. When the PC came back up, I had no internet connection. Warnings should be posted.

With that in mind, I checked things out when I rebooted. The Windows security service flashed a warning saying I had no virus protection, but I see ClamWin had loaded itself in the system, per normal. A glitch, perhaps? The good news was that my wireless Internet ran just fine. But be careful!

Menawhile, there are several good virus-removal programs out there. Some -- Norton and McAfee -- are the kind you pay for, while others -- AVG, ClamWin, and Avast! -- are free. The for-pay ones are probably a bit better than the free ones, but any of these are good for the computer and your peace of mind. That is, if you update them every so often -- there's always some idiot thinking that if he builds a better virus, the world will beat a path to his door. These viruses seem to be coming down the pike faster and faster. A virus protection program is only as good as its updates, and it's also useless if you don't run it regularly.

For spyware removal programs, only two are worth downloading -- AdAware by Lavasoft, and Spybot Search And Destroy. And neither one is perfect. But, unlike antivirus programs, you can have both installed and running on your computer. I highly recommend you run both, one after the other, as part of your regular security regimen. What spyware program one doesn't catch, the other one probably will.




Thursday, October 8, 2009

Ways to keep phishers out of your email

A few days ago, I wrote about how phishing (Password Fishing) attacks exposed a lot of Hotmail user accounts. It turns out the attacks were much bigger than Hotmail -- Google's Gmail (which is my go-to email system) got compromised, along with Yahoo, Earthlink, Comcast, and AOL.

Shoot, it might be easier to list the major email carriers that didn't get hit.

Meanwhile, the major email carriers are in damage control mode, and many put out statements and how-to's for self protection.

Here are some basics, courtesy of Mashable. Most of these involve passwords, the user's first line of defense:

*****

Use different passwords on different sites After all, if you use the same login credentials for multiple sites and one gets compromised, they all are. Since many of us use umpteen web services daily, it’s worth checking out a good password manager tool to help you keep the all straight — and safe.

Don’t use common words or sequences — Simple dictionary terms or sequential numerical sequences won’t cut it. You should make sure your passwords are a mix of letters, numbers and symbols.

Don’t base passwords on personal data — Hackers often use “social engineering” techniques to greater effect than running actual lines of code. Since we routinely share various bits of personal data with others, things like pet names, middle names, birthdays and so on don’t make a good basis for passwords.

Don’t leave your password somewhere visible — If you simply must write it down, don’t put it on a post-it attached to your monitor. Relatedly, if you keep a list of passwords on your computer, name the file something more cryptic than "password file."

Make sure your password recovery questions are also secure — Strong passwords that lack semantic meaning are unfortunately also easier to forget. Many sites allow you to reset your password over email or after answering one or more Security Questions you set up when creating the account. Make sure these aren’t based on common-knowledge personal data either — try to make them difficult to guess, and avoid any information you’ve posted publicly online anywhere as well.

*****

Good advice, that. An analysis of the data from Hotmail showed the most common password among the compromised accounts to be '12345.' I mean, duh! You don't need expensive software to crack that password, and it appears there are quite a few folks around that have no business running a computer. But that's fodder for another rant.

Here's more, from gHacks:

*****

The most powerful weapon against phishing is common sense and the following rules that every user should oblige to.

If you are not a customer of the site delete the email immediatly. Don´t click on the link or reply.

If you are a customer and you are not sure if the email is legit do one of the following:

Contact the institute by phone or contact at the official website ( do not use the email link of course) and ask if the mail is official.

Instead of using the link provided open the website by typing in the official link there. The site should have news about the email on their starting page. (most of the time).

*****

There's plenty more on that site. I highly recommend checking it out.

If you're using Firefox (as I am), go into the Tools > Options > Security in the Firefox options to set up your protection levels. I really recommend you do this now, while you're reading this. If you don't find these options, you're probably using an older Firefox. You'll find more Firefox phishing protection and testing tricks here.

Also, I did download LastPass, though I haven't installed it yet. I see where it involves creating an account online, though it's free for private use. According to the manufacturer, the password information is stored on your own computer. Still, I'm a little chary of using any Web-based password keeper. I'll install it and take a look at it, but my instincts tell me it's not a perfect solution.

In the meantime, enjoy your computer. It's a great tool, and the more plugged-in the world is, the more your computer will become a part of your life. But be careful. It's a jungle out there.



Tuesday, October 6, 2009

Phish tales: My Twitter, 1000s of Hotmail accounts hijacked

I'm fairly new at this Twitter thing, and I'm still prone to rookie mistakes. And for a few days, I was paying for one.

I occasionally get worthless tweets from folks about quick-and-dirty ways to build my traffic. Most of them are pure crap, by the way, but while some are harmless crap, others are more nefarious. I came across one -- GET 1000's OF FOLLOWERS, with a link. OK. I could smell the crap all the way from here, but I thought I'd take a look at it to, well, see what was going on. Research purposes, you understand.

I clicked on the link and immediately got the warning that the site was possibly one for phishing. For those who don't know what that is, phishing is when someone is trying to harvest information from you. Valuable information that you wouldn't give out otherwise. Like a password.

As soon as I saw that warning, I clicked on it to basically abort the mission. Supposedly, that was the end of that.

Not so. Soon after that, I noticed I had been making some real strange tweets, or more correctly, some jerkface was sending them out under my name. Every day. There would be some message credited to me, advertising some "service" that gives you thousands of followers. Or something. In social media, followers and friends are the coin of the realm. The more followers you have, the bigger your network and the more valuable your site. I use Twitterfeed to link my writing directly into Twitter, and all of my followers (right now about 40 of them) gain access to my work.

Soon I noticed these posts linking to the phishing site started going out every day, with the link and my name on them. Some idiot hijacked my Twitter account, and I became a spammer.

I tried a few quick damage-control measures. Blocking the original source of the link. Adding a disclaimer to warn followers away from that link. Part of that was saving face -- letting my followers know it wasn't me sending those things. And the spam messages still showed up, every day.

Final analysis: There seems to be a simple fix, a real no-brainer. Change your Twitter password. I did that, and the messages stopped. D'oh!

Meanwhile, those who use Hotmail for email (I'm not sure why you'd want to) are getting phished big time. According to gHacks Technology News:

Microsoft has recently confirmed that thousands of Windows Live Hotmail customer’s credentials were exposed on a third party website. According to Neowin the account information were posted by an anonymous user at the pastebin website. The list that was posted contained over 10.000 account details of accounts starting with the letters A and B which suggests that additional lists might be in the hands of the attackers. Initial investigations suggest that only accounts used to access Windows Live Hotmail were affected (which includes email accounts ending with hotmail.com, msn.com or live.com ... Microsoft determined that the attack was not a breach of internal Microsoft data and believes that the account data was gained by a phishing attack. Phishing attacks are common ways these days to lure users into entering their account data on websites that look like the real deal but are not ...

Again, the gHacks-prescribed fix is a simple one: Change your password. Now.

There are a few before-the-fact and after-the-fact ways to protect yourself here:

Changing your password is the best back-end fix, though it is a pain in the butt. Even more painful now, when you access your accounts through a third-party application or site. For me, this meant changing the passwords on TweetDeck and Twitterfeed. As I write this, I'm pretty sure I haven't checked if my feed on this blog has been fixed yet; probably not. Note to self: Fix.

I haven't really checked it out yet, but there's a program called lastpass that's supposed to make it easy. It was mentioned in the gHacks piece, so I downloaded it and will give it a go. Might have something to write about there; stay tuned.

Also, the other standard self-protection rules apply. Don't click on Twitter links unless you know the source. Pretty much the same rule as opening email attachments. I know I'm screwing myself here, as I get a fair bit of blog traffic through Twitter. But y'all pay attention to what the link is. If the link is attached to a blog post (in my case it's prefaced with a COLUMN or WORKBENCH) it'll be OK. Those attachments will only mess with your mind, not your computer or Twitter account. If the preface is something like GAIN ZILLIONS OF FOLLOWERS, MAKE MILLIONS WHILE SITTING ON YOUR BUTT, or LOSE 20 POUNDS OF DANGEROUS UGLY FAT WITHOUT CUTTING OFF YOUR HEAD, the link is probably real sketchy and you'd do well to ignore it. But you don't need me to tell you that.

This last is going to require some extra vigilance, as so much Twitter traffic involves passing links back and forth. Especially mine. Looking at the last 40 tweets from my network (representing about two hours), 31 have clickable links. Most will refer me to a blog post or a news story. This is probably disproportionately high, as many Twitter users merely use the account to keep track of some friends. Mine actually doubles as a news feed, so I'm going to have a higher percentage of links.

Sometimes it's tempting to cut all cords and wireless, eschew all technology, and go back to quill pen and foolscap. But that's not an option, not if I wish to function in today's hooked-up dialed-in world.

###

You tell me: What protective measures are you employing here? What works? What doesn't? Do you have any horror stories you wish to share? Use the comments section below.


Wednesday, September 23, 2009

Twitter's appeal: People love the mundane

I'll have to admit, this Twitter grows on you.

A couple of years ago, I hadn't even heard of Twitter, and even a year ago I wondered what the point of it was.

Twitter is called a "microblogging service," which allows one to post whatever he wants online, as long as it's no more than 140 characters. Twitter basically asks the question, what are you doing now?

And most of the posts (called "tweets" in Twitter parlance) indicate that a lot of people have no real life, and should stay away from computers. I mean, how many posts about the mundane can you endure?

It's this mundane stuff that seems to be much of Twitter's appeal. And, it's become huge. According to ComputerWorld, people are tweeting from the car, the theater, from restaurants, even from the can. But, the Helsinki Institute for Information Technology studied these short messages -- actually from Jaiku, a microblogging platform that Twitter is practically edging out of existence -- and suggests most of the posts are beyond inane. And the Oxford University Press studied 1.5 million "tweets" and came to the same conclusion.

Newsweek columnist Daniel Lyons calls Twitter "a playground for imbeciles, skeevy marketers, D-list celebrity half-wits, and pathetic attention seekers," citing folks like Shaquille O'Neal, Kim Kardashian, znd Ryan Seacrest as regulars in TwitLand.

"It's morbidly fascinating, kind of like the forbidden thrill you get watching Maury Povich's show or professional wrestling," Lyons wrote. "You know it's awful. You know you shouldn't enjoy it, yet you can't look away. That, I'm afraid to say, is why I've come to believe that, of all the hellish things that have been spawned in the fever swamp that is the Internet, Twitter may turn out to be the most successful of them all—not in spite of its stupidity, but because of it."

Lyons said that one recent study -- though he didn't cite it in his article, so the findings are immediately suspect -- said that 40 percent of tweets were "pointless babble." Only 40 percent? My own study, using a time-honored methodology called "pulling numbers out of my butt," suggests close to 70 percent of tweets are mindless, worthless wastes of server space.

Shoot, I don't want to know what you're having for dinner, unless I'm invited. I personally don't give a rip that you're going to the bathroom now, and I REALLY don't want to know how it came out. Are we on the same page here?

Twitter is one of those things where the machine is invented first and you find out what you can use it for later. And, so far, a few put it to good use. It was someone on Twitter who brought us up to speed, real-time, on the election protests in Iran a few months ago. Someone else used the microblogging service to send us the first pictures of that plane crash in the Hudson River in January, the one where the pilot did such an incredible job of keeping all his passengers alive.

I've picked up a few blog ideas from tweets, and some interesting reading has come my way through Twitter. A few job leads. And, I notice businesses use Twitter to introduce product lines, throw out ideas, you name it. Used properly (and I'm sure there's a trick to it), one with good leadership chops can build his own ready-made parade to get in front of.

When you do the Twitter thing, you find out who else is using that service, and you may elect to "follow" a person. Or someone else may opt to follow you. For a minute that seemed too strange for words, like I'm being stalked or something. But that's how word about something can get out quickly. I have a mixed bag of followers on Twitter. Most are legit, the kind of folks I wouldn't mind chatting with over some coffee. But other followers are nothing but smarmy hucksters with an agenda. But since I'm the one making the tweets, I'm calling the shots. I'm pretty selective about who I follow, but am less discriminate about who chooses to follow me. Hey, if the sketchier followers click on the link and make it to this article (and if they're not easily offended), we're all cool with it.

Admittedly, I wasn't really sure what to do with my Twitter account once I opened it. I used it for a while for short, newsy items via text message directly into a sidebar on one of my blogs -- like dispatches from last November's election -- until I found out how to post directly to the blog from my cell phone. But after that I figured out how I can use Twitter.

I'm finding it another vehicle for getting word out on my blogs. Both -- The Column, Reloaded and The Workbench, Reloaded -- automatically drop links into Twitter through a service called Twitterfeed, so you can open my prose directly from there. As soon as I started using that, my readership jumped considerably.

Occasionally I'll send out a tweet on something else I'm working on, sort of a teaser for this blog. I've done this from the computer, and often via text message from my phone. (If you see a ~E at the end of a tweet -- or a short blog entry -- it means I turned my cell phone into remote control. I love showing off.)

Ooooh, I'm doing something really stupidly mundane now, and I've got to let my followers know all about it. A 140-character review to follow.

(Lest I forget: Follow me on Twitter!)



About YOU