Tuesday, September 27, 2011

This Is Not The Article You Are Looking For

I've not updated here in a month, and what a month it has been!

I haven't had time to work on all the things I've wanted to, and even when time does grant me those precious few moments, I've spent them doing other things as a means to unwind. As I write this, I'm going through my Google Docs (soon to be G-Drive perhaps?) and I'm looking for any unpublished works that I can throw up here. I don't think I'm going to do that though as I'd like to do something fresh.

Unfortunately, I haven't had much of a response to anything I've put up on here. I was hoping that as I wrote more that people might show interest and give me some direction. Despite the geeky name, I wanted to make this blog more for the average user and less for those of us who can count in the Binary number system but can't remember our anniversaries or important birthdays. (That's why we wrote that script to remind us, right?)

I've never wanted to try and draw a line in the sand between "Average User" and "Power User", but it's obviously there. Unlike some other techs I've worked with, I don't look down upon the "Average User". I respect all that they can do that I cannot and I hope that I can impart some knowledge into their computing activities. Nothing drives me more crazy than seeing an "Average User" either too afraid to make the most of their computers, or not have enough fear to know what they ought not do. We're not all that different from each other, it's just that we know different things.

So this is a call out to anyone out there listening. What do you want to know about? How have my articles been? Do I need to find better ways to explain things?

I've always had a running list in my head of topics to write about, so I'll outline them here real quick.

  • Home Networking
  • Home Network Security
  • Computer Entertainment Systems
  • How To Choose a Mobile Device
  • WiFi: What You Should Know
  • Are You Anti-Social Media?
This is in no way a chronological list, nor is it definite. I look forward to commentary if possible. :)

Saturday, August 27, 2011

In Case of Emergency, Break Glass


As I’m sitting here writing this article, there’s a major hurricane bearing down on the south-eastern coast of the United States. Earlier this same week, a 5.9 magnitude took place in Virginia, shaking the ground from Georgia to New England. The earthquake wasn’t devastating, and my heart goes out to all those who have been impacted by the coastal storm. The truth is that while these are the events making headlines, there are many disasters that have a chance of occurring at any time. If a lightning strike caused a fire at your office, what would you lose? What if a pipe bursts while you’re away vacationing, what losses would you suffer there?

Some people, especially those who are not comfortable with computers, thumb their noses at the idea of storing pictures, important documents, and other such things digitally. They prefer to retain their physical copy and feel it’s easier to protect it from harm that way. Others enjoy how easy it is to retain digital copies of things, but have no action plan in place in the event of a disaster. For those of you who fit into the first category, you should proceed reading with an open mind. Those who fit into the second, keep reading and you’ll learn how easy it can be to prevent the loss of your information.

If you’ve sworn off the notion of putting things on your computer instead of in your shoebox then let me try to change your mind. First of all, you can do both! You can purchase a device called a scanner, which are often bundled together with a printer and sold as a “multi-function printer”. This will let you scan in your important photographs, documents, articles and so on. You can then store these on your computer while retaining the “hard copy” in your proverbial shoebox. Further, now that you have a copy on your computer, you can find a safer place to keep that box. Take a look around your area for environmentally controlled storage, though it may be costly. If you purchased one of those multi-function printers, you can also print out copies of whatever you back up. This is perfect for when family or friends may wish to see that baby picture of you or a loved one. Now that you have your information on your computer, it’s time to learn how to protect that as well.

You don’t need to have a fire or flood to lose data on your computer. A computer virus can often times make information unreadable, while hardware failure is nearly as common as a computer virus. The truth is that your computer will fail at some point, the only question is how long until it does. The easiest way to protect your information is to use a service that does it for you. Carbonite (www.carbonite.com) is one such service, though there are others if you take a search around. I prefer Carbonite because of how easy it is to use and how affordable it is. All you have to do is install their program and be connected to the Internet. Carbonite will automatically back up your computer to their servers and in the event of a disaster or failure, you can have it all restored. If you don’t want to pay the annual fee to keep your data safe then you can look at services like DropBox or you can simply put your pictures on a service such as Facebook.

Another way you can protect your information is by purchasing a storage device. This can either be an external hard drive, USB flash drive, or a memory card. You can also put information on DVD writable discs if you so choose. To be safe, you may wish to pick two devices to use, such as an external hard drive and a USB flash drive. Put the same information on both and send one to a relative for safe keeping. You can also combine this with the above suggestion, keeping a copy online and a copy on a storage device, since storage media also has a chance of failing.

Regardless of what backup method you choose, you should always retain the information you’re backing up. If you put a file on a USB flash drive and send it away, then delete the file from your computer, you’re still running a risk of losing that file forever. If you work for a company that doesn’t practice data protection, then you may wish to suggest some of the cheaper alternatives and perhaps enact them on your own if policy allows that. Keep in mind that depending on what you do for work, keeping a copy of something you’re working on may be illegal or against company policy. With that said, you could always back up what you’re working on and delete it the moment you are finished.

The last thing to mention is encryption, and this ties in with what I mentioned above. Encryption is a way of locking information so that only someone with the key can see it. Be wary of storing things online without encryption, especially documents that contain personal information. If you chose to store things on a storage device that you plan to keep with you, check to see if the device supports encryption. If that device is lost and found by another individual, they may be given enough information to cause you harm, financially or otherwise.

Good luck, and be safe out there!

Monday, August 15, 2011

Phishing and You


Recently I went on vacation to a nice lake in Rhode Island and I spent that week on and off a small boat with a fishing rod in hand. I found fishing to be relaxing, even though I barely caught anything. The rhythmic action of cast, wait, reel was almost comforting. So what does this have to do with being safe online? Well, today we’re going to talk about a tactic called “phishing” and how you can avoid being caught - hook, line, and sinker.

Phishing is almost an art form with how creative and clever criminals have become. The entire purpose behind fishing is to lure you in to providing important personal details to the criminal. There are some popular ways that criminals phish for information, but they’re all relatively easy to recognize if you know what to look for. On top of that, I can help you by providing some tips to help filter out any and all phishing attempts. Much like a fish in a lake can’t avoid seeing the hook and lure, we can’t avoid seeing these phishing attempts.

The first tactic we will cover is the e-mail scam. In this attempt, the criminal sends you an e-mail from a seemingly authentic source, asking you to do something or provide some information. Sometimes they want you to reply with information, but more often they ask you to visit a website. The source could seem like a real company, such as Facebook or even your bank, but forging the sender of an e-mail is as easy as typing in a fake name. The red flag for you here is that no company I know of will ever ask you to “re-enter your password” in an e-mail. If there is an issue with your password, they will just send you a random one and ask you to log-in to change it. Further, no bank should ever ask you to provide your account information. They should already have all this information, and most banks or credit card companies will actually call you directly with such sensitive issues.

So how can you further protect yourself from this scam tactic? If you’re somewhat savvy, then you can look at the link that they’re asking you to click. In most mail programs, holding your pointer over the link will show you the real destination in the bottom of the program’s window. The link shown in the e-mail is more than likely fake, so they will not match up. The best solution is to head to the company’s website in question manually: If the e-mail claims to be from Facebook, then type in: “www.facebook.com” in your web browser and head over to the Help section. There will likely be contact information, so you can call or send a message to the company and ask if the e-mail was authentic.

You should NEVER click a link in an e-mail without first making sure that it is real! Keep your eye out for fakes that look similar, such as: “ww.wfacebook.com.co” Just because the link has the company’s name in it doesn’t mean it’s authentic. The company’s web address should look something like “www.facebook.com”. Do you see the difference? If you do happen to click on a link, you should always check your web browser’s address bar at the top and see where it took you. Once again, if you’re suppose to be at a company’s website then their actual web address should be in that address bar. We call these addresses URLs, in case you hear that term. Most modern web browsers are smart enough to discover such phishing attempts, but you should protect yourself by staying alert anyway.

The next tactic we’ll cover is a little more broad and may actually use e-mail as well. I call these  “Too Good To Be True” scams. If a man walked up to your front door today and said that you could get a free car by just doing a few simple things, you’d probably shut the door on him. The problem I’ve found is that online, people are accustomed to hearing about “great Internet deals”, so when they see a scam that says “Get a free Laptop, Click here!” they’re more apt to follow. I’m not saying that all sweepstakes and give-aways online are scams, but you should at least vet out the offer before you provide any information at all. This also includes scams targeting users of popular games, such as FarmVille on Facebook. Offers that claim you can cheat or win free coins or other in-game items by performing a few simple tasks are also attacks.

To protect yourself from these attacks, you should inspect the deal or offer and look for a few key components. Most sweepstakes or give-aways are sponsored by a company, after all someone needs to pay for the prizes right? If you can’t find a link to a sponsor, then take a look at the address bar. Does it appear to point to a reputable company? If not, then it’s not worth trying. Most of those offers want your name, e-mail address, street address, and other information. Even if they don’t use such information in an attack, they will most certainly sell it to the highest bidder, giving you more spam and more headaches later on.

On Facebook and other social sites, the scams often come from people you trust that have actually been compromised. Once again, this is where being alert and observant pay off as you should never download a program from Facebook, nor should you ever go to a web address that doesn’t look authentic. A relative of mine recently sent me a message asking to “check out her webcam!” and provided a link. Now, not only did I know my aunt better and knew she didn’t have some raunchy webcam site, but the link provided in the message just looked strange. When in doubt, reply to your friend or relative and ask if they did indeed send you the link. You could even call them if you have their phone number. If they didn’t, then suggest to them that they have their computer scanned and cleaned.

The third avenue isn’t even online, and has been gaining popularity recently. The scam involves the criminal calling you directly and pretending to be from “cardholder services”, a bank, or other important institution. These are harder to discern, but you can still practice good safety tactics and avoid being had by these con artists. If you answer the phone and someone is on the line asking for your personal information, ask them what company they’re calling from and what exactly it is that they want. If they can’t tell you, then that’s an obvious red flag. If they do tell you, then write it down and tell them you’ll call right back. Look up the company’s real telephone number and call them directly. If there’s something wrong with your account, they will be able to tell you and you’ll be safe in knowing who you’re talking to. If there’s nothing wrong, then you can report the incident to them and help save others from being scammed.

The bottom line is that you shouldn’t trust anything or anyone on the Internet. Your best friend’s account could be compromised, so the e-mail they sent you with “vacation pictures” pointing you to a website that wants your personal information may not be authentic. The only way to really be safe is to check with people directly.

Tuesday, August 2, 2011

Password Safety

You don’t need to be a techie to understand the importance of a password. We all understand that they are the keys to our online life, but it’s also important to understand good password safety. After all, you wouldn’t leave the keys to your front door of your house hanging from the mailbox. It also wouldn’t be a good idea to put your alarm system’s pin code on a post-it note above the panel. I’m here to give you a few tips to keeping your passwords safe as well as recommend a program that will do it all for you.

For the examples below, I’m going to be using http://howsecureismypassword.net/ to test the strength of each password. This website gives you an idea of how easy a password can be cracked. “Cracked” is a term used to describe a computer guessing a correct password. Before we begin, why not test your current one? Don’t worry - it’s safe as it doesn’t send your password anywhere and it’s not associated with an e-mail address or user name.

The first step in keeping your password safe is to create a good password. The trick is to create a password that cannot be guessed easily and you need to remember that it will likely be a computer doing the guessing. Hackers use whole dictionaries to help crack passwords, so using a common word is the same as pinning your password to your forehead. I recommend taking two words that mean something to you and splitting them in half, then using the two halves to create a new word. I happen to like pizza and beer, so I might split those in half and come up with pizbe, or bezza. This alone won’t make a strong password, but you’re eliminating one avenue of attack. According to the tool I’m using, either suggested password would take less than a minute to crack.

Before I go into making a stronger password I want to stress avoiding the use of personal information in your password. People are often tempted to use things like a social security number or a phone number when creating a password, but you may be inadvertently giving a criminal more information about you. If a website is hacked and your password discovered, a clever criminal may be able to figure out exactly what that number means. Keep in mind that the last four of your social security number is all you often need to verify your identity.

To make our password stronger, we’re going to want to add some numbers to make it harder to crack. In this example, I’m going to use the numbers 8 and 24. Pizzas often come in cuts of 8 slices, and beer comes in cases of 24, so both numbers would be easy enough for me to remember. That means a password could be ‘piz8be24’, or I could do be24piz8. While these are stronger, they still only take about 3 hours to crack. Three hours isn’t a lot of time, but it’s far better than under a second. We’re going to want to do better by making our password case-sensitive and adding special characters. A character is either a letter, number, or symbol such as #, $, or !.

A case-sensitive password is one that has both upper and lowercase letters. Most websites actually treat these letters differently, so ‘a’ and ‘A’ aren’t the same. This is why you should always make sure your ‘CAPSLOCK’ key is off when you’re creating or entering a password. Going with our example, I’m going to change one letter to uppercase: ‘be24Piz8’. This improves our password, going from a cracking time of 3 hours to 10 days. If the website allows it, we can also use special characters to make our password even stronger. For instance, if you flip the lowercase ‘i’ upside-down, it looks like an exclamation point ‘!’. That slight change would give us ‘be24P!z8’ and bring the time-to-crack up to 46 days!

The last thing we can do to make our password super-secure is to make it as long as possible. For a good password, 8 characters should be your very minimum with an upper range of 12 to 16. The longer you make your password, the harder it will be to crack. If I stretch this password out to ‘be24erP!z8za’, our lovely tool tells me that it would take 4 million years to crack! All I did was put numbers in the middle of words I know, and change one letter to a special character.

Now that you know how to create a super-strong password, let’s talk about the second step in password safety: keeping things separate! You can’t trust that any website out there will keep your password safely locked up and away from would-be criminals. When you create a password, you’re basically making a key and giving a copy to the website. If you used the same password for every website, then all a hacker would have to do is break into one website and they’d be able to get into every other website where you use the same password. The easiest way to get around all this is to use different passwords everywhere you go.

I know what you’re thinking: “How am I going to remember all those passwords?” The simple solution is to actually keep a few different passwords and alternate where you use them. As a rule of thumb, you should never re-use your e-mail or bank account passwords. These should be unique and as strong as you can make them. For all other websites, you can take the password you have and rearrange it. For example, I could use ‘be24erP!z8za’ for one, and ‘p!z8zaBe24er’ for another. Most websites give you at least three chances to enter the right password, so if you keep three different passwords to alternate, you’ll get in with at least one. If you still can’t remember, you can often reset your password using your e-mail address. This is why your e-mail account MUST ALWAYS have a unique password that is strong and never re-used!

Speaking of unique passwords and protecting your e-mail or bank accounts, one good practice you should get into is changing your passwords regularly. At the very least, you should change your e-mail and bank passwords at a decent interval, like when you need to change the clocks or replace the battery in your smoke alarm.

As promised earlier, I wanted to recommend a program that will help you keep all your passwords safe and secure. This program has been vetted by some top security analysts, and while I could go on for hours about all the technology in it, I’ll simply say that it’s very secure and works very well. The program is called LastPass and is available from http://lastpass.com. This program is like a bank vault for all your passwords, and it fits right into your favorite web browser. What this program can do is generate a password for you, one that is nearly impossible to crack, and save it in a safe place so you don’t have to try and remember it. It can also generate a different password for each site you visit, saving each one separately. It remembers which password goes to which site, so you can easily fill it in when needed. The only password you need to remember is the one to your LastPass account, which should be as strong and secure as you can make it.

I hope to write a tutorial for using LastPass in a future article, but for now you may want to read up on it here: http://helpdesk.lastpass.com/

Disclaimer: Do NOT use the passwords suggested in this article. They are examples to show you the finer points of password creation.

Saturday, June 25, 2011

Tablet Talk


If you’re a Star Trek fan, you may recall these nifty little devices called PADDs or Personal Access Display Device. They were handheld devices that Starfleet used to interact with the ship’s computer and more. Like other Trek Tech used in Real Life, the PADD has become a near-reality today with Tablets.

Some would say that Apple pioneered Tablets with their launch of the iPad, but the truth is that tablets have been tried again and again since the late 1980’s. In the late 1990’s tablets had finally taken a form near what we identify today, however their usability was lackluster and adoption failed. That’s not to give credit to Apple’s iPad, without it we would not be entering this new age of Tablets.

So why now? Apple made the iPad easy to use in many ways. You can have your data, your applications (apps), and your communication all in one place. You move around with simple gestures and the entire interface is very natural. This is something that Google is adopting in their Honeycomb (and future: Icecream Sandwich) versions. So now that you have a brief history of tablets, let’s look at the meat!

Tablets are computers. You trade your mouse and keyboard for a touch-screen display. The specifications found in computers translate over into tablets fairly easily. Unlike a desktop computer, a tablet cannot be upgraded. This means that “saving a buck” will leave you with an outdated tablet before you can blink!

Price Ranges:
I’ve seen tablets range from $100 to $1000. The differences are often in the specifications and features. Keep in mind that some of the low-end tablets are “eReaders” that have been re-branded. These are perfect for reading digital books, but lack at everything else.

Specifications:
Processor (CPU): Anything that “computes” has a processor. From your desktop to your cell phone. Tablets are pushing 1ghz (gigahertz) in speed, and often have dual cores. Dual-core is like having two processors in one and makes for easy multi-tasking (running more than one app). Some of the low-end models I’ve seen have 500-600mhz (megahertz), which are nearly half the speed of the newer ones. This means if you go cheap, you won’t be able to run some apps very well.

Memory: Like PCs, Tablets have memory. Unlike PCs, there’s two types of memory. You have program memory and flash memory. Program memory is similar to a PC and is where your programs save information when they’re running. Having a lot of memory means your apps may run smoother and you can run more apps at once. Current tablets seem to have about 1GB (gigabyte) of memory. In comparison, PCs tend to come with 2-8GB. Cheaper tablets have anywhere between 128-512MB (megabyte) of memory. If you go cheap, you will not be able to have as many apps open and some may not run.

Flash: As I mentioned above, Tablets also have Flash memory. This is much like your PC’s hard drive as it stores information that you’re not currently using. Flash is much slower than program memory, but also much greater in size. The average for current tablets seems to be about 16GB, where cheaper tablets will have much less. If the tablet has an “SD Card” slot, you can supplement the flash memory with removable cards. This means you don’t really have to spend a few hundred more on a model with more Flash. Keep in mind that the SD Card slot has an upper limit of 32GB, with some cheaper models supporting even smaller.

Display: This is a very important factor in deciding on a tablet as the display is not only what you’ll be looking at while you use it, but also your primary way of interacting with it. The screen size you choose will depend on your needs: Smaller 7” screens are good for reading books, e-mails, and viewing web pages. The larger 10” screens will display movies better and feel less cramped. I highly suggest going into a retail store and trying some of the tablets on display to see what size screen you prefer. Another important feature is the type of screen. The two main types of screen are Resistive and Capacitive. Don’t get caught up in what those words mean, just understand this:
    • Resistive can be used with your finger or a stylus. This allows for “handwriting” with a stylus.
    • Capacitive requires a conductor, such as your finger. A plastic stylus will not work on this screen.

The screen type you choose will depend a lot on what you plan to do with the tablet. From what I’ve read, a lot of users prefer Capacitive as it reacts better to the “swipe” gestures that most modern tablets use.

Camera: One of the biggest complaints that people had about the original iPad was it’s lack of a front-facing camera. Most modern tablets have both a rear and front camera, allowing you to take pictures and to participate in video chat. The MP (mega-pixel) of a camera determines the quality of the picture. Keep in mind that you can also get a high-MP camera for about $100.

Wireless/Ports: Having a tablet can get quite boring if you can’t communicate with the Internet or other devices. You should make sure your tablet choice has the minimum:
    • WiFi (802.11b/g/n)
    • 1x Micro USB port (for direct connection to your PC)
    • 1x 3.5mm headphone port (for listening to music)

Other recommendations are:
    • HDMI (for high-def video to your TV)
    • Bluetooth (for wireless connection to your PC and other devices)
    • 1x USB 2.0 port (for connecting other devices, such as USB jump drives)


Another consideration is “3G/4G”. First of all, what is 3G? It’s a means of getting online while you’re away from a WiFi hotspot. This uses the same technology that your cell phone does, and often requires a data plan through a wireless provider. The 3G/4G models of most tablets carry a considerable price increase on their own, but you also should factor in the monthly cost of the wireless contract through the provider. Alternatively, some wireless providers offer what’s called a “MiFi”.

Physical: Remember that you’ll be holding this tablet for most of your time using it. You don’t want one that’s too heavy, or too bulky. Sometimes going with a smaller screen makes for a lighter and easier to use tablet. Again, I recommend going into a retail store and trying some of the display models before you make a choice.

And finally...

Operating System: I saved this for last as there’s a lot of opinion to be had. The main Operating System (OS) choices are:
    • iOS (Apple)
    • Android (Google)
    • Windows 7 (Microsoft)

There are other choices out there (WebOS is going to power the HP Touchpad), but those are the top three out there now. The OS is what ultimately ties all the other specifications together and provides your user experience. This is not a choice to be taken lightly, so I’m going to put this into a section below.

What OS is right for me?
Your OS choice will depend on what you plan to do and your overall experience as a user. The general opinion is that iOS (iPad) is the easiest to use for a newcomer, where as Android has more features and can be customized. Keep in mind that Android is “open source”, which means anyone can download a kit to develop on it. Apple tends to restrict development for iOS and dictate who can publish apps in their online store.

While some apps have been developed for both iOS and Android, not all have. Sometimes the features found in one version are not in the other. If you know you’ll want to use a certain app, you should check to see which OS it runs best on before deciding on a tablet.

The user experience is also important and is where some would say Android lagged behind. Honeycomb is the newest version of Android and is specially designed for tablets. Cheaper tablets will not have Honeycomb and therefore may not be as smooth and easy to use.

Windows 7 on tablets is very similar to Windows 7 on the PC. There are some tablet enhancements, however overall the reviews point to a poor user experience. If you’re an avid Windows user and you want to make sure all your apps and data will work on both your PC and your tablet, then this may be the right choice for you.

Keep in mind that these OSes are updated by their developers, so the opinions in this article may not be accurate in a few months.

Security
We’ve all heard about hackers breaking into websites and viruses infecting our PCs, but many people don’t hear about security concerns for mobile devices. Two reasons for this is how new these devices are, and the lack of need given how successful infecting PCs has been. This is changing, and there are a few security concerns to consider for your tablet as well.

A recent CNN article addressed mobile security and highlights some of the technical points. To put things simply, Android has been a major target for malware and attacks targeting vulnerabilities. iOS (iPad) has proven more secure, which some has attributed to Apple’s strict control over App Store publishing. Users can often feel a false sense of security when they see an app hosted in Google’s Android Market, when even some apps there can contain malware or malicious content aimed at logging and stealing your data. This may be a particular issue if you’re shopping for a tablet to use for business. You should always read reviews and check into things before you download them.

Another thought is encryption, which will help protect your data in the event your device is stolen. Apple’s website mentions that the iPad can encrypt data, while Engadget discovered that Android 3.0 can enforce encryption as well. I cannot comment on how secure these really are, but they are obviously an added layer of security.

There are other concerns, such as using your device at public hotspots (WiFi available freely and often without encryption). Android has since been patched after version 2.3.3, but some of the cheaper Android tablets are running versions 2.3 or older.

Final Thoughts
Your tablet needs to fit YOU. Do not get an inexpensive tablet just because you don’t want to save up for a better one, especially if it doesn’t fit your needs. On the other hand, if an inexpensive or older model tablet works for you, then you should go for it. If all you wish to do is read eBooks, then you may want to look at the Kindle or Nook. The iPad or iPad2 is a great choice for those who just want something that works. Android-powered devices are better for those who just love to tweak and play around with things.

Feel free to comment and ask for advice.

Welcome to XOR Blog

Welcome!

As an IT Professional, there are many things that I often find myself wanting to comment on. My other blogs aren't exactly the best platform for doing so, so I decided to create one designed specifically for IT and Technology.

What can you expect from me here? I'm going to try to keep my posts on-topic with technology and helpful. You may see reviews, guides, and opinion pieces. If you like what you read, then please share it with others.

Thank you!
- Jonathan