Working in the Cloud

Memory sticks are great.  You can now carry 64 gigabytes in your pocket, in a space very similar to your thumb.  Your thumb doesn’t take up much room, does it?

Now, some may say that there is no need for flash, hard drives are large and reliable nowdays.  But everyone (a hasty generality but admittedly accurate) everyone has more than one computer.  People have a computer at work, and a computer at home, and maybe a laptop or a netbook or two.  There is a large need to have access to all your “stuff” on all your computers all the time.  That’s why flash is nice.

Flash memory has definitely come a long way, but even THAT is limited.

Why is flash memory limited?  8, 16, 32 and 64 gigs is quite a lot of space, after all.

YOU HAVE TO REMEMBER IT!  Also, I have actually seen a flash drive die, not mine though.  I’ve had flash drives (2 within a week) remain in my pockets and get washed.  (and survive)

No, flash is great but you have to remember to take it with you, and you have to take it out of your pocket, and you have to put it into a USB port.  Then, in the case of a laptop, you have this cantilever protruding out of the side of your chassis asking to get bent over.

No, there must be a better way.

The cloud.  A cloud doesn’t weigh anything.  It’s always there.  Hmmmm…. What am I getting at?

Here’s a recipe:

Google Docs

gmail

DropBox

Portable Apps (search for more too!)

xmarks

Use google docs.  You can UL documents you already have, make new, etc.  It’s good enough because REAL BUSINESSES use google docs company-wide.

Use Gmail, that goes without saying.  Get your email from anywhere and don’t worry about losing it if your computer crashes.  You can use gmail to check other accounts you own, and send-as your other email identities.

Install Dropbox on every computer you own or use.  It creates a folder on your computer and anything you put into your dropbox under your dropbox login is “immediately” synchronized to all of your other dropbox installations.  2 GB free.  I’m not affiliated with dropbox.

Download the portable apps you need.  I recommend the portable firefox first and foremost.  Use the Xmarks.

Put all of your portable apps in your dropbox.

Now, wherever you are (As long as you have internet) you have all your stuff,  and you don’t have to remember anything.

It’s nice to have ONE browser that is configured the way YOU want.  You could conceivably have more than one, they are self-contained in a folder.  One work browser and one play browser.

Think about it.  Simplify.

Modify Your Hosts File to Block Malware

Modify Your Hosts File to Block Malware |

Modify Your Hosts File to Block Malware

by Dave on July 1, 2008

malwareMalware is a huge problem.

By now, most of us know what spyware is and what it can do to your computer. If your PC is connected to the Internet, chances are you have some form of spyware. It attaches to your PC as you casually roam websites or download files. But you can be proactive and block some of the known malware websites by altering your hosts file in Windows.

Your computer uses the hosts file to help speed up domain name resolution. Before your computer goes out on the Internet to resolve an IP address to a website name, it checks the hosts file to see if there is already an entry there. If there is, it doesn’t need to go out to the DNS server and resolve the address. In theory, this helps to speed up web browsing. But you can also manipulate the hosts file to block known bad sites by pointing the domain name to a different IP address, such as your local machine 127.0.0.1.

For example, let’s say site abcdefg.com is a known malware site and it has an ip address of 68.23.5.x. We can go into our hosts file and say that 127.0.0.1 is the IP address of abcdefg.com. So when you type that name into your web browser, nothing happens because your browser thinks the IP address for abcdefg.com is your PC.

So how do you motify the hosts file? There are several ways. You can use a program such as Spybot Search and Destroy, which has a Immunize feature that modifies your hosts files when you initiate that feature. Or you can do it manually by obtaining hosts files from sites that frequently update them. One such site is SomeoneWhoCares.org. You’ll notice it is a massive file of known bad websites. Highlight and copy the entire document–credits and all.

Different Operating Systems store this file in different locations:

For Windows 9x and ME: “C:\Windows\hosts”
For NT, Win2K and XP and Vista: “C:\windows\system32\drivers\etc\hosts”
Linux: “/etc/hosts”.

You can open the file with Wordpad, but be sure to keep the name as hosts and do not add an extension, such as hosts.txt or hosts.doc.

Being proactive is necessary to thwart malware or at least slow it down. Since new sites crop up daily, updating your hosts file frequently is necessary. Finding an automatic solution like Spybot is recommended, but you can manage this task yourself if you remember to do it on a consistent basis.

Submitting your website to google

Do NOT Submit Your Website To Google!

Do NOT Submit Your Website To Google!
February 28th, 2009 | by Court | Published in SEO | 72 Comments

Some people believe that submitting their website to Google is a good way to get Goog to include their site in the search results. Amazingly, there are still people making money out there by charging for their ’submit website to Google’ services. This honestly blows my mind and shows me that people are just taking the word of others instead of testing things themselves.

I have tested Google’s tool that allows you to submit your website several times and can tell you that using it is probably the worst thing you can do. The last time I tested it I had to wait six full weeks before Google including my site in the SERPs (Search Engine Results Pages) and the site took more work than usual to rank. That doesn’t really ‘make sense’ and I’ll admit that but once you have started a few hundred sites you start to get a feel for how things should happen and that site did not act right for a while.

The Proper Way To ‘Submit’ A Website To Google

I know that I’ve talked about this briefly in posts before, but I wanted to lay this out in a post of its own just to be 100% clear. The best way to get your site into Google is by linking to it from a site that has decent PageRank.

If you don’t know what I’m talking about, that’s perfectly ok. If you can follow these simple instructions you’ll get into Google within a week and often within 24 hours. Here’s the step-by-step:

1. Write a 300 word article about something related to your website.
2. Submit that article to EzineArticles.com (PageRank 6) or GoArticles.com (also a PageRank 6).
3. Make sure when you fill out the about the author box you link back to your site.
4. For maximum effectiveness, submit one article to EzineArticles.com, and another entirely different article to GoArticles.com.

If you go through that simple process, Google will follow your links from those sites to your site and will ‘index’ it, which means they will then include it in the SERPs.

Guys every time I do it this way it works. Some of you may think that this doesn’t really make sense, in fact whenever I have mentioned this in the past I always get people asking me why Google would have a submission utility if it didn’t work well. I don’t know and I don’t care. I don’t spend my time trying to figure out why Google does what they do. I spend it figuring what they do, end of story. This lesson will help you to get into Google more effectively and by all means, don’t take my word for it, test it out yourself.

All you have to do to test this out is set up two sites in the same niche. Submit one to Google and link to the other one from Ezine and GoArticles. I can all but guarantee that the second option will give you the best results and if you’ll follow it, you’ll always be able to get into Google..

My Theory For Why Google Does This

In my opinion, Google knows that they should be able to find legit sites by following links. If a truly great site is launched, someone will be linking to it from somewhere. If this doesn’t happen, Google probably assumes that the site is going to be of lesser quality. The best sites ALWAYS get linked to because people like them. If you don’t get linked to and have to rely on their submission service, I think that tells Google that your site is small time.

Getting Your Site To RANK Well In Google

I would imagine that if you’re trying to learn how to submit your site to Google, you would probably like to get some traffic from them. The fact that you’re in Google doesn’t necessarily mean that you’re going to get any traffic but if you know what you’re doing Google can be a huge traffic source.

I saw this phishing email come through the office the other day.

Botnet Unleashes Variety Of New Phishing Attacks – DarkReading

Botnet Unleashes Variety Of New Phishing Attacks
Attackers use phony messages of system upgrades, Outlook updates, and Microsoft Conficker ‘cleanup tool’ to spread malware

Oct 19, 2009 | 05:31 PM
By Kelly Jackson Higgins
DarkReading

The massive Zbot botnet that spreads the treacherous Zeus banking Trojan has been launching a wave of relatively convincing phishing attacks during the past few days — the most recent of which is a phony warning of a mass Conficker infection from Microsoft that comes with a free “cleanup tool.”

The wave of attacks began early last week targeting corporations in the form of email messages that alerted victims of a “system upgrade.” Email is accompanied by poisoned attachments and links; in some cases it poses as a message from victims’ IT departments, including their actual email domains, and alerts them about a “security upgrade” to their email accounts. The message then refers victims to a link to reset their mailbox accounts, and the link takes them to a site that looks a lot like an Outlook Web Access (OWA) page (PDF), but instead infects them with the Zeus Trojan.

Today, researchers at F-Secure spotted the botnet spamming out malware-laden email that tries to trick recipients with a convincing lure messages that says, “On October 22, 2009 server upgrade will take place.”

“What we’re seeing is an evolving campaign of different lures to see which one works,” says Richard Wang, manager of Sophos Labs in the U.S.

The Zbot botnet, which is made up of 3.6 million PCs in the U.S., or 1 percent of all PCs in the country, according to data from Damballa, spreads the deadly Zeus Trojan. Zeus, which steals users’ online financial credentials, represents 44 percent of all financial malware infections today, according to Trusteer.

The Shadowserver Foundation has seen multiple versions of Zeus-related attacks lately, including the Conficker “cleanup utility” that poses as an email from Microsoft, according to Andre DiMino, director of Shadowserver. And the targeted Outlook attacks use real domains: “What is also interesting about the recent campaign is that the email comes from the targeted user’s own domain with an ‘administrator’ prefix. The link is disguised to look like it’s from an update server on the local domain, but instead points to the malicious location,” DiMino says.

Amit Klein, CTO at Trusteer, says the Conficker phishing email was pushing fake antivirus software and, in some cases, also contains Zeus, so he’s not convinced that attack is necessarily coming from the same gang behind the Outlook and other phishing campaigns. “I really don’t know” if it’s the same Zbot botnet behind those two attacks, he says. “But if it’s spreading the same malware with a similar concept [of a phishing attack], it does raise suspicion that the two events were by the same gang, or it could be a copycat.”

The Outlook attack was the first large-scale Zeus attack against the corporate world, he says, which signals a new strategy for Zbot. “Shifting its focus there makes a lot of sense for financial malware because the typical credentials you can steal from the corporate world are worth a lot more money than credit cards and accounts in the consumer world. To own the company’s accountant or finance department’s bank account credentials would be a lot more profitable,” Klein says.

Zeus traditionally has been one of the more difficult malware variants for some antivirus programs to detect: According to recent data from Trusteer, Zeus is detected only 23 percent of the time by up-to-date antivirus applications. It’s also hard to kill because it hides itself so well in the operating system.

Trusteer’s Klein says this new wave of phishing attacks from Zbot is just the beginning. “These are new flavors, and we’re going to see a lot more of these in the future,” he says. “This has proved to be highly effective.”

Embarq / Centurylink Social Engineering and security???

So, I was at a clients location a month or two ago and needed to get their static IP address, gateway, DNS, etc.  Their modem and router were reset by good-intentioned employees.

So I call Embarq from the customer’s line and ask for that info, but they needed some security authentication to get that.  Bravo, that’s good, but of course it’s inconvenient for ME.  They asked to talk to an authorized person on the account.  Well, he’s not there, of course.  So, they need the EIN of the business and the name of the business.  There’s a permit on the wall, but that EIN and business name were NOT the EIN on record.  Hmmm….

It came down to it that I was talking to a person who said she could not GIVE me the IP’s, but I asked whether she could confirm if the IP I had was correct.  She could.

After a few minutes of an absurd guessing game, a local embarq tech I had called a half hour ago called me back and gave me the info.  Clickety click and they were up and running.

Fast forward to today.  I called embarq from MY office on MY line to confirm if an order for a static IP was being fulfilled today on a customer’s account.  Not only did the people confirm that the static IP was taking effect today, they were more than happy to provide me with all relevant IP’s to set up the router.

What’s the difference?

Was it because I let them know I was checking up on an order and there WAS an order?  Would this not have happened if there wasn’t an order?

Triple Monitors, one laptop

This is my nifty HP Quad Core laptop, and there are 2 monitors attached to it.  How did I do that?  One is using the built in VGA port, and one is using a USB-VGA adapter I won as a door prize at the Global/Systemax Fall Symposium.  Video bandwidth is slightly limited when doing full screen streaming video but it does just fine.

Greatly improve the speed of Firefox 3

Greatly improve the speed of Firefox 3 | Tips4Linux.com

September 29th, 2009 by T4L

We all know Firefox is a memory hog. To speed things up greatly, do the following:

1. Open Firefox and in the address bar type about:config.
2. Click on “I’ll be careful, I promise“
3. Use the search bar above to look for network.http.pipelining and double click on it to set it’s value to True.
4. Create a new boolean value named network.http.pipelining.firstrequest and set that to True, as well.
5. Find network.http.pipelining.maxrequests, double click on it, and change its value to 8.
6. Look for network.http.proxy.pipelining and set it to True.
7. Create two new integers named nglayout.initialpaint.delay and content.notify.interval, set them to 0.
8. Restart your browser.

All done. You should feel the browser is 5x more responsive than before while navigating websites.

This might be a problem

Windows 95 and norton 2001… Hmmm…

click for larger view.

Slowest computer in the world. Vista on 256 megs

Click on image for larger view

This is no photoshop.  I didn’t even know vista would INSTALL on 256 megs.  This was a toshiba.  Did someone steal 256 megs out of it?  Either way it was amazingly slow, it took literally 5 minutes to GET this screen cap.

I’ve got a quad core laptop with 6 gigs of ram, and vista is fine.  There’s no issue with vista when there’s enough hardware.  It’s actually NICE.  The thing is a train-wreck on low end hardware.

Which Botnet Is Worst?

Which Botnet Is Worst? Report Offers New Perspective On Spam Growth – botnets/Security – DarkReading

Which Botnet Is Worst? Report Offers New Perspective On Spam Growth
Rustock might be biggest, but Grum is worst offender, MessageLabs study says

Sep 30, 2009 | 06:09 PM
By Tim Wilson
DarkReading

In the early days of botnets, size was the main measure of the threat. But as the malicious networks become more sophisticated, researchers say, the biggest networks aren’t always the worst offenders.

In a new report (PDF) issued yesterday, researchers at Symantec’s MessageLabs unit offered a detailed analysis of the size and output of current botnets, including venerable spam carriers, such as Rustock, as well as emerging offenders, such as Grum and Maazben. One of the report’s conclusions: Size doesn’t always matter.

Rustock, for example, is still the largest of the botnets, with an estimated size of between 1.3 million and 1.9 million nodes. Cutwail is next in size, with an estimated 1 million to 1.5 million bots.

But neither of these two botnets is the largest proliferator of spam, according to Paul Wood, senior analyst at MessageLabs and one of the authors of the report. That title goes to a rapidly emerging botnet called Grum, which delivered an average of 39.9 billion spam messages per day last quarter — more than 23 percent of all the spam on the Internet.

“Despite the fact that it’s half the size of Rustock, Grum is generating much more spam,” Wood says. “It’s getting each bot to do a lot more work.”

Bobax, a botnet that has been around for more than two years, is also becoming more efficient, generating more than 27 billion messages per day and 15.2 percent of all Internet spam, the report says. That means each Bobax node generates more than 1,400 spam messages per minute.

Botnet operators have discovered that many ISPs don’t immediately recognize the huge output of individual bots because each bot’s performance is affected only on the upload, not on the download, Wood says. “Your computer might be a bot, but it might not affect your download performance very much,” he observes. “It’s only when users try to upload something and experience a performance problem that the ISP gets a complaint.”

As they become more sophisticated, botnet operators are finding ways to make their infrastructures more efficient, Wood says. A new botnet, Maazben, accounted for only 0.5 percent of Internet spam 30 days ago, but now is generating 4.5 percent — about 2.4 billion messages a day — at its peak. As with Bobax, each Maazben bot is highly productive, pushing out nearly 1,300 spam messages per minute.

The operators of Rustock also are becoming more calculated in their approach, Wood says, but in a different way. For years, the botnet generated huge spikes of spam “every fortnight or so,” and then would go quiet for long periods, he says. Now Rustock is becoming more regular in its activity, outputting large batches of spam from 3 a.m. to 7 a.m. (U.S. Eastern time) each day, and then going silent after 7 p.m.

“We don’t know why it’s operating on this schedule, but there’s clearly some automation going on there,” Wood says. “Is there some sort of maintenance period? Is it doing something else during that time? It’s hard to tell. But clearly, with its size Rustock is capable of much greater activity.”

No matter what their size or how efficiently they operate, botnets clearly are at the heart of the spam problem, MessageLabs says. According to the report, botnets generated an average of more than 150 billion messages per day last quarter — nearly 88 percent of all the spam on the Internet.

“The takedown of ISPs like McColo definitely helped, but it doesn’t solve the problem,” Wood says. “Already we see botnet operators spreading traffic across multiple ISPs, effectively giving themselves better backup than some enterprises have.”