July « 2010 « WizGidget

July 28, 2010

Introduction to Facebook

Filed under: Belton Journal, Netiquette, Tips & Tricks — pmckinley @ 12:01 AM

Everybody’s talking about Facebook and Twitter these days. Both of them refer to what’s become known as “social media.” Wikipedia defines social media as: “a group of Internet-based applications… that allow the creation and exchange of user-generated content… a blending of technology and social interaction for the co-creation of value.” That’s a fancy way of saying they are means of communicating with friends, associates, and potentially customers and the public through the internet. Facebook and Twitter are two forms of social media, but there are many others, each with its own focus — for instance there’s LinkedIn and Plaxo for professionals, Classmates for keeping track of school friends, and many more.

Facebook is popular these days because it’s become somewhat the standard for keeping up with friends and associates. Facebook facilitates connecting with others because it allows your “friends” to see your list of friends. So for instance, if Mary has Jane in her friend list, and I’m friends with Mary, I can find Jane in Mary’s list of friends and invite her to become my “friend” in Facebook. Jane must accept the friend request to complete the connection. Facebook also has the ability to create photo albums, where you can upload whatever photos you want to share with your friends. Facebook also provides a means of posting whatever’s on your mind either in your “status” or in your “wall.” The “wall” is like having your own bulletin board where people can post and comment on posts. The “Wall” and the status are the ways of communicating with your friends — when they check Facebook they’ll see your status updates and wall postings.

There’s lots of other nifty “widgets” that go along with Facebook, for instance, there’s an application that keeps track of your friend’s birthdays. There’s also one that is an interactive farm simulation called “Farmville” that drives me nuts — and as you know I don’t have far to go. Several of my friends have drunk the Farmville coolaid. The problem with Farmville is that when they play Farmville, it posts things on their Facebook account that show up in the status updates. For instance, “Suzie found a little calf and need help feeding it” or “Jane completed her collection and wants to share a collectable with their friends”. The reason this drives me nuts is that I have enough on my plate already and don’t need to see the details of my friends’ game-playing. I want to know what’s significant in their lives; I’m just not convinced Farmville constitutes significance.

You can get a Facebook account for free by going to www.facebook.com, and signing up. I suggest using a throwaway email account (see the Can the Spam Part III article) for your facebook account. Also, I recommend that you immediately go through your privacy settings to make sure you’re not publishing stuff that should be private, like your birthdate — month and day are ok; year not so much.

I’ll cover Facebook privacy in a future article. Meantime you can see this and other articles at www.wizgidget.com.

Comments (1)

July 21, 2010

Gone Phishing

Filed under: Belton Journal, Danger! Danger!, Tips & Tricks, Warnings — pmckinley @ 12:00 AM

Phishing (pronounced “fishing”) is one of the more insidious cybercrimes going on today. Phishing is the process of fraudulently acquiring sensitive information such as account passwords, credit card information and the like by masquerading as your bank or other trusted organization, usually by email but also by instant message, phone or other means. Phishing attempts are usually “socially engineered” to get you to do what they’re wanting. They try to create fear in the victim, which leads them to take hasty action without closely examining the email. Phishing goes hand-in-hand with spam, because most of the phishing attempts are done through email, and they have to get your address from somewhere. The phishing attempts are often very well crafted, using graphics they’ve “borrowed” from legitimate websites or emails. People who fall victim to phishing attempts are then subject to identity theft, having their bank accounts drained or fraudulent credit card charges, or even having their accounts like AOL or Facebook used to perpetrate other crimes.

Fortunately it’s fairly easy to spot phishing attempts, especially in emails. The first clue is that often something looks fishy (pardon the pun) about the email. Words may be misspelled or the grammar may be poor — the people who are crafting the messages are often natives of foreign countries like Poland, Romania, Russia or China. Sometimes the name in the To: field may not be your name, or the To: field may be blank. Another clue is that there’s something wrong with the link in the message — it doesn’t match the text or the domain name isn’t quite right. Outlook users can check this by hovering the mouse pointer over the link in the message. Outlook will pop up a window that shows the actual location for the link. If the actual location doesn’t match, it’s a good bet that email is a phishing attempt. For example, the email might show www.wizgidget.com/articles, but the actual link that the popup window will show is www.wizgidget.com.abxrt.com.pl/articles — see the difference in the domain? The “.pl” in the domain name means it’s from Poland although there’s nothing keeping them from using .com domains. Sometimes the link will show text like “click here”, but the actual link in the popup will be an “IP” address like “http://173.201.16.100″. Don’t be fooled by domain names that have the legitimate name imbedded, like www.paypal.com.gotcha.pl!

You may remember the discussion of using “throwaway” email addresses in both the “Can the Spam” and “Free Email” series. This is another technique that is helpful in detecting phishing email. If I get an email that looks like it’s coming from Paypal, but it’s to an address that I used for an online electronics vendor, I know it’s not legit.

You can find more information online about phishing. Paypal has a lot of good information, go to www.paypal.com and look for the “Security Center” link at the top of the page. Also see the Wikipedia.org page on phishing. As always, this article is available online at wizgidget.com

Comments (0)

July 14, 2010

Dealing with Spam

Filed under: Belton Journal, Netiquette, Tips & Tricks — pmckinley @ 12:00 AM

We haven’t discussed spam in awhile, so maybe it’s a good time to revisit that topic. I described how I’ve cut my spam from a torrent to an occasional drip in the Can the Spam series. Even so, there’s a need for dealing with the occasional spam that gets through. As always, you can see this article and comment online at wizgidget.com

Many of the current computer security programs available today have spam filters. I use CA’s internet security suite which includes a spam filter in addition to the antivirus and antispyware features. I don’t use that one though, because I was already using an “open source” spam filter called “SpamBayes“. SpamBayes uses a “bayesian filter” where “bayesian” refers to statistical methods named after the Reverend Thomas Bayes (ca. 1702–1761). Most spam filters work similarly to SpamBayes in that they have to be “trained” to differentiate spam from good email. They do this by building a dictionary of words and phrases that have the “look and feel” of spam. The spam filter is trained by giving it a folder with good messages (usually your inbox) and another folder that contains confirmed spam. The more messages of each type, the better. Also, as life goes on and you mark messages as spam that the filter didn’t catch, it “learns” the new spam and gets better and better at catching the spam, and not catching good email.

There’s a couple things that are needed to make this all work well. One is that it does require diligence: it’s not a set-and-forget kind of thing. Spouse Ann used to have problems with the SpamBayes not working very well. The problem was that she was rather sporadic in her email habits — she tended to go through her email only once a week. Because the forms of incoming spam are always in a flux, that meant that the spam was changing faster than SpamBayes could learn it. It worked fine for me, but I was going through my email at least daily.

Another potential problem is using the spam filter to delete emails that aren’t really spam. Let’s say you subscribe to a newsletter, and then you decide you don’t want the newsletter anymore, so you start marking the newsletter as spam instead of doing the better thing and unsubscribing. Now the filter is being told lots of “normal” words and phrases are spam, which dilutes the real spam words and phrases. It makes it harder for the filter to reliably distinguish spam from good email. This can also cause problems for other people depending on your email provider. AOL, for instance, registers what emails its customers are marking as spam. If they see too many hits coming from a given internet address (like 173.201.16.100), they start blocking email originating from that server. Many websites are run on shared hosting servers that use a common address, so if one of them is blocked by AOL, then all of the sites on that server get blocked.

Comments (0)

July 7, 2010

Migrating to Win7 part II

Filed under: Belton Journal, Tips & Tricks — pmckinley @ 12:00 AM

Last week I introduced Microsoft’s new tool called “Windows Easy Transfer”. Apparently this tool was introduced in Windows Vista, but of course we managed to skip that beast. According to Wikipedia, this tool transfers files, email and contacts, user accounts, application configurations, and windows configuration settings stored in the registry, using either a special USB-to-USB bridge cable; removable storage such as a CD/DVD, thumbdrive or external hard drive, or over the network. Basically the tool copies all user data over from the old PC — but it does NOT copy programs and software. Programs and other software has to be installed fresh on the new PC, and preferably before the Easy Transfer tool is run.

Ann’s old PC had several hundred Gb of data that needed to be transferred, which made using a DVD impractical — it would require dozens of them. I have an external USB hard drive but it doesn’t have enough free space — I use it for backups of my laptop when I’m on the road consulting. Since I was going to network the new PC anyway, doing the transfer over the network was the obvious method. This method can also be used if you don’t have a home network by using a “crossover” network cable. A crossover cable would be cheaper than a USB bridge cable, although it does require setting up the network interface on the two PC’s so that they can “see” each other on the network.

Once the two PC’s are connected via the network, the Windows Easy Transfer tool is started on the new computer. Because it’s native to Win7 and not WinXP, it has to be copied to the WinXP computer. One of the choices from within the tool is to copy the tool to a shared network folder, so I picked a folder on the old PC where I normally keep copies of downloaded software. That made it easy to install the tool on the old PC.

On the new PC, the next task is to generate a unique key, which is effectively a password. Once the key is generated, I went to the old PC and ran the Easy Transfer tool. The tool then allowed me to choose how to copy the files (via usb cable, network or whatever), and prompted for the key. Once the two computers are connected and talking to each other, I chose what to transfer (everything, one user only, etc), specified to keep the original username, and let it go. An hour or two later (lots of data takes a long time to transfer over the network) the transfer was complete. I still went through and verified the email accounts were working, and that all the data was still there.

There are a number of tutorials online for the Windows Easy Transfer tool, which include screenshots of the steps along the way. If you were going to use this tool but consider yourself a “casual” (as opposed to expert) user I would recommend doing a search for “Windows Easy Transfer”.

Comments (0)