Free Wireless . . . or Evil Twin?

Just a thought, to encourage all you coffeshop surfers out there to think twice about what you're doing when connected to the Free WiFi links that you know so little about. The truth might be that you're not as secure as you think, and you may not even be connecting to the access point that you think.

With the proliferation of WiFi hotspots, there has also been an increasing incidence of techie ne'er-do-wells hijacking public WiFi sites, filtering all the traffic through their computers, passing the traffic through to the internet and stealing any snagging the "pertinent bits" (credit card numbers, bank account info, etc.) for themselves.

These so-called Evil Twins are relatively easy to set up, and sky's the limit as to what they're able to extract from the traffic that you put through them.

PC World lays out the case for basically not trusting any WiFi access points that you don't personally control. Most people would never notice the difference when attaching to an Evil Twin . . . so best to just keep the sensitive financial dealings to a non-public network that you trust!

Notebook power: hibernate, sleep, or ???

More and more people are going toward notebook computers these days, it seems. With this movement comes new challenges and options that people need to be aware of. One of the most frequently misunderstood facets of notebook computing is how to tell the computer to shutdown or stop work. Here are a couple tips:

• Sleep mode (standby on some computers) will park the hard drive (stop spinning) and turn off the display, fans and other larger consumers of power. The system "session" is saved (open docs and all) and will fire up immediately the next time the computer turns on. Data is retained in standard system memory (RAM), which requires a small amount of power consumption. You know your computer is in sleep/standby by the intermittant "glowing" (usually amber color) of the power light.




• Hibernate mode will do exactly the same thing, but instead of keeping the session in internal RAM and continuing to use power, it actually saves the data from RAM off to a file on the hard drive, and shuts down power to all system components. It does require an extra 5-10 seconds on startup because the computer does actually need to retrieve this data from the hard drive, and to load Windows.




• So, the difference probably depends on how much you'll be starting up and shutting down. I myself prefer the zero-battery-drain so I always train my notebooks to use hibernate by default.




• Another thing to think about (and that I always train on my notebooks) is the behavior when the power button is pressed, and when the lid is closed. These settings are in Control Panel - Power Management in Windows. I usually have the computer shut down when the power button is pressed, and to hibernate when the lid is closed. Then, when I'm done working I usually just shut the lid and know my battery will not run down and my session will be saved exactly where I am.



• If you're finding that your computer is depleting its battery and/or is losing the place where you were, you're probably using sleep/standby. Consider switching to hibernate.

Speed Up Your Broadband

Here's a nice article from MSN on helping to speed your broadband connection. Most of the suggestions are throw-aways, but #1 and #2 definitely highlight some real potential for improvement.

Most DSL customers in the Mpls/St Paul area are given/sold a DSL modem (usually Actiontec) by Qwest, and I have found instances where upgrading the device's firmware has indeed yielded better speeds. This step is not for the tech newbie, however, as firmware upgrades are not quite as simple as downloading and running a program. There are also cases (usually cable) where the customer is not given access to their device, so it's not an option for those situations.

I do highly recommend speedtest.net for testing connection speeds. Always seems in line with what it should be.

Is Your Printer Lying To You?

I just wanted to quickly share an article from slate.com that examines how and why printers lie about their toner levels . . . and what to do about it. FixYourOwnPrinter.com is a helpful web site (cited in the story as well) . . . though it appears to be down at the time of this posting!

Use Your Idle Computer To Help Find a Cure

Distributed computing is the process of solving very complex computing projects through the use of many, geographically-dispersed computers. Basically, the "problem" is split up into sub-tasks scaled for execution on almost any hardware platform, and the results are then transmitted back to a central system that incorporates the sub-task results into the ongoing solution.

You load software on your computer, and it processes for one of these organizations that are seeking "big answers to big questions." You can turn it on and off as you please (e.g. I turn it off when I'm working with video editing), and you can throttle it to only use a certain percentage of your CPU. And, you can usually login to a web portal to allow you to see how many "work units" you have processed.

My first encounter came in Berkeley's SetiAtHome initiative, in which individuals can load a program to help process data from radio telescopes to search for signs of alien life.

I never got fired up enough about that to actually try it, but now I've found something much more compelling: Stanford University's FoldingAtHome. It's a human biology project, seeking the causes and cures for protein mutation-related illnesses such as cancer, Parkinson's, Huntinton's, Alzheimers and ALS.

I've got plenty of experience in the past few years (as I'm sure most reading this have) with these diseases, and this is such a miniscule amount of effort that it's embarrassing to even call it a "sacrifice".

If you decide to do FoldingAtHome, you can join my "team" (143189) and track your individual results, and our collective team results. Comments encouraged!

Alert: UPS E-mail Virus

Whew! It's been a while. Sorry for the little summer hiatus!

We've had a few customers fall prey to a "UPS virus" lately. The virus code has been out for a few months now, but the fake UPS e-mail wrapper is new. The victim will receive an e-mail something like this:

From: United Parcel Service [some spoofed return e-mail address]
Sent:
To:
Subject: UPS Tracking Number 4126976729

Unfortunately we were not able to deliver postal package you sent on July the 1st in time because the recipient's address is not correct.
Please print out the invoice copy attached and collect the package at our office

Your UPS

There's an attached zip file that will launch a virus if clicked.

I have not yet figured out why or how, but both AVG and Symantec only seem to partially detect and clean the virus. It's a relatively harmless virus, as I have not seen it re-sending itself or anything like that. It does produce some phony Windows XP Security errors (red X in the Taskbar, with a message about being infected and "click here to fix"). Following the link leads to a phony virus removal application for sale.

We've seen at least two variations of the virus. Here are a couple of Symantec posts on the variations, with cleaning instructions: http://securityresponse.symantec.com/security_response/writeup.jsp?docid=2008-051910-0118-99&tabid=3

http://www.symantec.com/security_response/writeup.jsp?docid=2008-050916-1055-99&tabid=1

A Few Thoughts on Battery Backups

It's important to have good battery backup, especially for business servers, as a sudden power loss means sudden crash of the operating system. We've seen our share of corrupt Windows and other files, as well as physical hard drive damage, as a result of power failures. The solutions to such issues are rarely cheap, so battery backups can be thought of as an insurance policy against such events.

Something a little bothersome that I've seen lately, even in very knowledgeable technicians, is a penchant for under-powering their power backup solutions. Part of the confusion comes from the fact that UPSes (battery backup units, to the non-techie) are usually rated on VA (volt-amps), whereas computer products only list consumption of Watts. In my experience, it's best to multiply by 1.2 the total wattage of the systems being plugged into a UPS, to determine the number of VA the devices will consume.

So, for a basic server with a 500 watt power supply, many people would purchase a 500 VA UPS . . . and then wonder why their server still crashes violently every time the power goes out. 600VA would be a minimum size for protecting such a machine; I'd even size it a bit bigger at 750 or 850VA to allow enough time to make sure everything shuts down and/or to allow for other low-voltage peripherals (monitor, network switch, etc.).

APC, one of my favorite UPS manufacturers, has some nice resources, including an online UPS selector tool. It really helps think about issues like Watts-to-VA conversion and continuous uptime after the power goes out.

APC also has a nice computer power FAQ section on their web site. Here's one tip I found interesting and useful, regarding chaining surge suppressors off of UPSes. Interesting things to think about.

Microsoft Skydrive Online Storage: Free and Useful

Have you ever wanted to just put some files "online somewhere," either to have later or to share with someone? Google's got its offering, and if your company has a server there are always tools like FTP, but Microsoft's new Skydrive online file storage service might fill the need better than either of those.

The Pros:

• Clientless - just uses an internet browser - and works across OSes (not limited to Windows).
• 5GB of data, which is more than Google offers, and probably more than enough for most
• Sub-folder capability, to help separate and organize your files
• Shareability allows you to invite other people to retrieve the files, or even upload their own files. This is on a folder-by-folder level, and you can launch invitations to people for access to specific folders.
• Public Folder capability, to allow anonymous users to access files you designate as Public.

The Cons:

• You can only upload or download 5 files at a time, and no files bigger than 50MB. (I assume these rules are to attempt to thwart P2P music and movie sharing.)
• Transfer rates are fairly slow.
• You and your users must have a Windows Live login (except for folders made Public). No big deal for me, as it's free and pretty easy to sign up, and I've not seen a deluge of MS-related spam as a result.
• This is not a "corporate" solution, in that there is no guarantee that your data will be there tomorrow, there is no way to ensure/verify privacy and intrusion protection is not very strong.

In short, Skydrive is good for non-critical data that needs to be available quickly and easily, and perhaps even shared with mutliple users. It's definitely not a corporate solution, and is far from being compliant with standards like HIPAA . . . but it fills the "casual sharing" need very well.

Worldwide Free Calling - Coming

I think most people reading this already know about Skype and the wonderful - and free - things possible using Skype.

Coming soon (the makers say May 15th) is a new hardware device that has a new angle: internet speakerphones that allow free international calling over the web. The device is the Snap Personal Internet Communicator. Worth checking out if you're spending a bunch of money on standard international long-distance fees.

Photoshop for Free - Kind of

Just a quick note for any shutterbugs out there. If you've been looking for some good photo manipulation software and don't want to pay the full-boat price (~$900) for Adobe Photoshop, Adobe recently announced their online Photoshop Express version.

I'm definitely going to try it out. This sounds interesting: "Do what you want with your photos. Give them cartoon colors. Distort them . . . Pop Color, Sketch, Hue, Black & White, Tint, and more."

I normally use MS Picture Manager, which is a great-but-little-known utility included with Microsoft Office Suites. If you own either Office 2003 or 2007, you might need to dig for it on the CD (doesn't install automatically), but it is there . . . and it doesn't cost any extra.

One-page Intro to Linux

We build Linux systems, I use Linux some myself, and I talk (sometimes kind of advanced-ly) on this blog about it quite a bit.

For those who are not familiar - and I know there are a lot of you - this is the nicest, most concise article I've seen to lay it all out for you. Right down to the penguin mascot!

And for those who are familiar, this is a good resource to bookmark, so you can refer your "uninitiated" friends to the world of Linux (without getting too geeky and intimidating about it).

Foxtrot's fave Linux version right now is Ubuntu. It's free to download and try, the setup is simple (no real techie jargon questions to install), and the device support is unrivaled among Linux distros. I'm not sure how they do it, but just about every time I've loaded Linux it has found all my devices and made them work without any interference from me.

Disappointment at Comcast's Network Blocking

We've had a couple interesting episodes lately, with Comcast unilaterally and without warning permanently blocking certain traffic to/from some of our customers.


In the worst case, they started blocking port 25 for one of our customers, which is the SMTP port for sending/receiving e-mail. I have many issues with how they've handled the issue:

1. It was completely without warning. Apparently, there was a large outbound e-mail sent, that triggered some (spam/virus) alarm within Comcast's network management systems. Either way - whether the traffic was actually nefarious or non-threatening, which Comcast could not possibly know - why not alert the customer? The customer needs to take action to take care of a virus problem, or they now need to change their port to get mail to send.


2. There was no intelligence. We manage routers (not expensive ones, even) that know how much bandwidth goes through certain ports, and when to be concerned and possibly temporarily disable connection to/from certain IPs. If someone creates a virus that does something simple like ping the heck out of our IP, the firewall will sense X packets on port Y within Z seconds, and will put that IP in temporary quarantine. I think it's typically either 10 or 30 minutes of no traffic to/from that address. It would have been appropriate in a case like this, because if the traffic was bad-intentioned (spam, etc.) it would have continually retried its action and a more pemanent escalation could have been enacted. Since this was a one-time big e-mail, there's no way a sophisticated network like Comcast's should have been so touchy about it and taken such permanent action.


3. Comcast staff denied it as even a possibility. I had not heard about it before, but looking around the internet, there are posts galore, dating back as far as 2004, documenting this exact issue with Comcat's network. So, their staff either knew and denied it (lied) or they just don't know their network very well. After the third call (and the third hour on hold), they finally "noticed" that they did indeed have a block in place on port 25 for this customer.


4. It wasn't immediately corrected. Their admission happened on a call last week, and I don't believe they have yet figured a fix or attempted a follow-up call to provide an update on what's happening (stay tuned for updates).

I grasp the fact that most spammers and virus-disseminators operate on port 25, but I totally disagree with something as stupid as just blocking a port and telling the customer (as Comcast did here) to "use another port." In our case, since our customer's mail service is through a third party, switching to another port did not work because the server is not answering on that port.

Also, how long before the spammers start sending on port 26 or 587 or whatever other port they move us to? Let's get intelligent and understand the "profile" of nasty traffic, and block that. Spammers can always change ports, but it's much more challenging to force them to vary the profile of their traffic (timing and IPs involved in their attacks).

Comcast is definitely disappointing in this episode. They could choose to take the route that's technically more difficult but more customer-freindly . . . but instead they chose to hit the problem with the biggest mallet they could and let the customers sort things out or call with issues. I don't see how that makes business sense at all.

Soon to be Managing Macs, and More!

I'm very excited to see the news from our managed services software provider Kaseya. As some know, Kaseya is one of the pieces of software that we use to provide our Managed IT service (shameless plug).

The new release allows us to run scripts on, and remotely control Mac machines. We already support a number of Mac machines in Windows networks, but we've never really gone so far as to load any remote access software. This is a huge improvement, and I'm sure one that Kaseya went through great efforts to effect.

The vPro improvement is cool as well, as it will allow us to be a little "greener." Users will be able to shut down their computers rather than leaving them running, and we'll be able to run a script to wake the machines up, perform updates and other scripts, and shut the computer down - all remotely. Of course, the machines need to have the right hardware, but that will be coming as the workstations turn over in the coming months and years.

The article's dead-on that it is by far Kaseya's biggest enhancement ever, and I couldn't be happier to have chosen such a best-in-breed technology to build our business upon.

RealPlayer: Just Avoid It!

I've thought this for a long time now, but this press release from stopbadware.org makes it official: RealPlayer is badware.

I've always thought it was an annoying piece of software, so much so that I - despite my enjoyment of viral web videos - have refused to watch many web videos if the only choice was to download RealPlayer and watch in that format. I've kept it off any of my personal computers for at least 3-4 years now.

Foxtrot builds and sells >200 computers per year, and this is a good example of the kind of software that we *won't* load exactly because of what the press release states: too many strings attached.

Do-it-yourself Wiki: Not just for encyclopedias

Wikipedia is just the latest example of a free online resource putting well-established old economy businesses out of business (Britannica, MS Encarta, etc.).

But, did you know you can create your own wiki for personal or business use? As one might imagine, Foxtrot has a lot of customer-specific data to store and retrieve. So, we have a wiki appliance by MindTouch (actually we used to build their appliances when they still sold hardware). It's served on the web, but secured only for our internal users. All we need is a web connection, and we have any customer's vital info at our fingertips. Settings, special customer-specific processes, user information, and more are all stored on our wiki.

Custom wikis can either be private to select users like Foxtrot's, or public and open for all to contribute. Here are a few good free wiki sites:

• wikia
• wik.is (MindTouch's free hosted offering)
• pbwiki (one of the originals)
• viawiki (a joint effort of MindTouch and MN-based ISP Visi)
• opengarden (where you can download MindTouch's wiki software and host/run your own wiki)

Wikis are great for secure, online group collaboration, as anyone with access can post anything - start a new page, add ideas to existing content, etc.

Members can subscribe to pages, so they see any edits or additions to that topic.

The interface is almost entirely wysiwyg (what you see is what you get - type away, and save when you're done), so no special programming skills are required.

Files and documents can be uploaded, downloaded and modified. Most wikis even provide an archive feature so you can view previous version of each document and roll back to a previous version if the latest one is not right.

Some of the newer wikis can even link and/or embed videos, maps, etc. Combine data from two or more disperate sources to create interesting mashups.

If you have a situation where you want to put information on the web for your internal reference, or for collaboration, wiki technology is something to think seriously about.

8 Steps for Building an Online Business

Just a quick post with a link to a super article about building an online business.

The author, Derek Gehl, is a guy whose newsletter I've subscribed to. There are lots of ersatz "Internet pros" out there, but Mr. Gehl packs so much valuable insight it's pretty clear that he's a the real deal. Check out his official site at: http://www.marketingtips.com/.

Tech Tip: Default Office 2007 to Save in Office 2003 Format

Office 2003 had a great run (a very valuable upgrade from XP), but Microsoft is forcing all new purchasers to buy Office 2007.

Not everyone has Office 2007 yet, so for some people saving back into older versions of Office makes most sense. There's also the option of having the 2003 users download the Compatibility Pack. To default your Office 2007 app to save back to 2003 format by default (on every document, without prompting):

1) Click the Office Icon (upper-left corner of screen) and click on the box where it says Word Options (or Excel Options, or whatever app your're in).

2) When the new box opens, select Save on the left-hand side.

3) Once that box opens, the first option is Save Files in This Format. Click the dropdown, and select whichever format you want to default to (Office 2003, etc.).

4) Make sure to click OK to save your changes. When the rest your colleagues catch up and you want to save in 2007 format, simple do the same steps and select Office 2007 format (the first option in the dropdown).

People are always wondering what's in each version of Office, how much they cost, etc. I put up a page with a matrix of applications included in the various Office suites, and the prices for the versions that we sell the most of.

Time for a RAM Upgrade? Probably

"My computer is really slow lately." This is probably the one issue I hear more often than anything else. Computer slowness is attributable to many factors, of course, but the first piece of info I collect is always: "How much RAM does the system have?" It's for sure the easiest hardware upgrade that users can do to noticeably improve the performance of any computer.

Lately, a few forces have come together to make this a very good time for adding RAM:

1. Most RAM is dirt-cheap right now. We're upgrading a bunch of Sony laptops (1-2 years old) from 512MB to 2GB of RAM for a customer, and it's costing them less than $85 per system for the parts (the labor's free for them, since they're a Managed IT customer). These same sticks of RAM would have cost $200-$250 just a year or so ago.
2. Are you on Vista yet? We're not really recommending "the leap" due to lingering compatibility issues (which is another blog post in itself), but that said I have it running on a laptop of mine. I just upgraded the RA M from 1GB to 2GB, and my experience with the thing has gone from about a 5-out-of-10, to an 8 or 9. I seriously think it's the fastest web-surfing computer I have, including desktops and even a Linux workstation.
3. Even if you're not yet running Vista, you might have Office 2007. With its highly-interactive interface (full top-of-screen toolbar changeouts instead of dropdown menu-driven functions), Office 2007 is an app that will benefit from more RAM. Same with the newer versions of any Adobe product. If you're using Illustrator, Photoshop or even Acrobat Standard/Pro without having at least 1GB of RAM, you're probably wasting valuable time waiting for your computer.

Strike while the iron is hot right now, because it won't stay that way. As your computer ages and the RAM spec goes out of date, less of that RAM is manufactured and it becomes more expensive to make, and for distribution to stock. For example, RAM for computers from 2005 (usually single-DDR) or earlier is a bit more expensive than newer computers' RAM. That's the bad news; the even worse news is that it'll only get more expensive as less and less of that RAM is produced.

Not sure what RAM to get? E-mail pete@foxtrotsystems.com with your computer make and model (with full computer part number, if possible) and we will get you the guaranteed-compatible RAM for your system.