CTPC User Group

 

  1. Preview of the Next CTPC Meeting
  2. Home Networks - Dick Maybach
  3. The Tip Corner – Bill Sheff
  4. How to Write, Publish and Promote Your Book for Free Using Technology - Bohdan O. Szuprowicz
  5. Some Thoughts on Windows 8 - Tom Kuklinski
  6. Phishing (Identity Theft) Now Considered as the #1 Web Threat - Ira Wilsker
  7. What to do if you think your email has been hacked - John King
  8. Windows Secrets Newsletter - A Great Resource - and Free Content
  9. Alternative Streaming Video Sources - Ira Wilsker
 

Preview of the Next CTPC Meeting - Tuesday, January 28, 2014 - 6:30 p.m.

Something New


As you may know, Ben Wilson has stepped down as our Program Chairman. For the past several years Ben has kept us informed about a variety of topics involving computers and technology. We've learned about how technology is being used for medical records, law enforcement and dentistry. We've attended field trips to a recording studio, a printer cartridge recycling business and the opening of a Microsoft retail store. Ben has spent tireless hours researching topics, booking presenters and following through at the meetings. We've been informed and entertained by his programs month after month and for that we are extremely grateful.

But perhaps we've grown a bit lazy! This month I'd like to suggest we try something different.

The original mission of CTPC was to help each other with computer issues. In the 1980s computer stores wanted to sell you a PC but didn't much care what you did with it. There was no Internet and no Google – information was hard to come by. Today we can quickly find answers to individual hardware and software problems but I think we can still help each other in other ways. There’s so much information out there that often we need help cutting through the clutter.

So instead of passively listening to a formal presentation let’s try holding a round table discussion. (OK, we don't have a round table but no matter.) If we pick a topic and each of us does a little research beforehand we could have an interesting participatory event.

To test this idea, here’s a topic that’s been all over the news lately: Target's credit card breach. The credit card providers are already taking steps to improve security. “Smart Cards” are being rolled out by U.S. banks (I have one issued by Citibank) but it will take a couple of years for merchants to invest in the infrastructure necessary to take advantage of these chip-embedded cards.

How do Smart Cards work? Where does the United States rank in the deployment of this technology? What about the impending use of cell phones as "digital wallets?" Will we even need to carry credit cards in the not-too-distant future? There’s plenty of food for thought.

A quick Google search will turn lots of information about credit card security. Perhaps we could each do some reading and then share what we've learned at the meeting. Maybe you've had a personal experience with credit card fraud that you’d like to recount.

I know this involves a bit of work but it could be rewarding. And remember, compared to the job of Program Chairman, it's a piece of cake!

Note that meetings are held at the Silver Star diner in Norwalk (directions here). We also invite you to remain after the meeting for some socializing and to have pizza, salad and the beverage of your choice. Cost is shared and is normally less than $14/person. The Silver Star allows us to use their facility at no charge and we think they deserve some benefit for their generosity.

Walt Graham, CTPC President

Top of Page


Dick Maybach, Member, Brookdale Computer Users’ Group, NJ, July 2013 issue, BUG Bytes, www.bcug.com, n2nd (at) charter.net

Home Networks

Learning about networks, especially the Internet, can easily become mind-numbing, largely because the field is so full of jargon and acronyms. While it isn't possible to escape this morass completely, we can make it somewhat more manageable by approaching the topic in two stages: (1) a single computer connected to the Internet and (2) a home network connected to the Internet.

Every device connected to the Internet, no matter its location in the world, has a unique Internet Protocol (IP) Address. This is usually written as four three-digit numbers separated by periods, where the value of each number varies from 0 to 255. Although we usually think of a site's address as being its Uniform Resource Locator (URL), this is just a convenient representation. When you send a message to a URL, your computer uses a Domain Name System (DNS), usually a service provided by your Internet Service Provider (ISP), to find the associated IP address. For example, www.google.com is assigned the IP address 74.125.140.105. You, of course, must have your own IP address so that you can receive data. (You can find it by browsing the site http://whatismyipaddress.com/.) Your ISP assigns an IP address to your computer when you connect it to the Internet using a Dynamic Host Configuration Protocol (DHCP) service. This means that your ISP must own enough IP addresses to supply a unique one to each user, and normally each home users has only one. If you have only one computer and you plug it directly into the ISP's modem, this is sufficient.

Before introducing any more complexity, let's see what we can learn about our Internet connection. Use an Ethernet cable to connect your PC directly to the Wide Area Network (WAN) modem provided by your ISP. You will have to reboot your PC and probably the WAN modem to establish an Internet connection. If you use Windows, navigate through All Programs and Accessories to Command Prompt and type “ipconfig /all”. (The equivalent Linux and OS-X command is “ifconfig” or “ip”.) There are graphical programs that show the same information, but ipconfig puts it all on one screen. (The screenshot shows only the first portion the command's output.)

screen shot #1
Fortunately, not all of the displayed data is important, but note the following items.

If ever you lose your Internet access, a good first step would be to repeat the above procedure to see whether the problem is in your home network or within your ISP.

However, many of us want to connect several devices to the Internet. How can we do this with only one IP address? There are blocks of IP addresses which never appear on the Internet, but are reserved for local use. The devices on most home networks use the addresses 192.168.1.x, where where x varies from 0 to 255. (The 1 in the third group could be replaced with any number from 0 to 255.) If your network is using the 192.168.1.x plan, it knows that any IP address in this range belongs to a local device and any IP address outside this range resides on the Internet. To make use of this, we purchase a router and connect our local network devices to it. It has a separate connector for a cable to our ISP's modem. The router, as its name suggests, directs any local messages to internal addresses and sends all others to the ISP, but first it changes their return address to the IP address the ISP has assigned. But this means that all incoming messages have the same IP address; how does the router get them to the correct local device? Each message has not only an IP address, but also a 16-bit port number, and the router changes the port numbers of the return addresses of outgoing messages. It keeps track of these and when an incoming message appears, changes its address to the appropriate local device and restores the original port number. This process is called Network Address Translation (NAT).

screen shot #2
In the figure, our PC generates a message (1) to Google at 74.125.140.105 using Port 80. (It probably consulted an NDS to obtain Google's IP address.) In this case, the ISP has assigned us the IP address 66.169.54.135, and the router changes the return address to this (2) and changes the port to 637. When Google replies (3) to the only address and port it knows, the router consults its records and sees (4) that messages from Google to port 637 should be routed to local IP address 192.168.1.17 and Port 80. Your neighbor may also be using 192.169.1.17 as the local IP address for one of her PCs, but since her Internet IP address is not 66.169.54.135, she won't get your messages from Google.

If your home network includes a router, you should now reconnect it to the WAN modem and restore the original network connection for your PC. Again, use ipconfig /all (or ifconfig, as appropriate) and compare the results with those you obtained with the PC connected directly to the WAN modem. Again, the screenshot shows only the first portion of ipconfig's output.

screen shot #3
Note the changes. (Ignore the change of Host Name and physical address; this is for a different PC.) Zenmap (http://nmap.org/zenmap/), available for Linux, OS X, and Windows, is a very valuable tool for exploring your local network. Pay special attention in the following discussion of how you can limit its probes to your local network, as its activities can look like you are trying to hack any computer it probes. Some system administrators are quite sensitive to these, and using them could result in unpleasant conversations with your ISP or legal authorities. The screenshot shows the results of a simple ping scan of my local network. Note that the target was 192.168.1.0/24. My network uses the addresses 192.168.1.x, where x varies from 0 to 255. Each field in the IP address is actually an 8-bit number, and the /24 tells Zenmap that it should not change the first three fields. (Three fields times 8 bits equals 24.) Thus it probes all the addresses from 192.168.1.0 through 192.168.1.255. If we had specified 192.168.0.0/16, Zenmap would have probed 192.168.0.0 through 192.168.255.255, and while this wouldn't probe outside your local network, it could take a long time. The result is shown below.

screen shot #4
Seven devices are operating; since the first three fields of their IP addresses are the same, I'll designate them by only the last field. Our router is located at 1; 5 is a PC with an Asustek motherboard; 17 is a Windows 7 PC, 100 is the Ethernet adapter and 101 the wireless card of my desktop PC; 253 is a wireless access point; and 254 a network switch. A ping scan is quite simple; we are just looking for an answer from each address. We can learn much more by performing an intense scan, which takes several minutes, compared to the few seconds for a ping scan, and the results fill several screens. Fortunately, Zenmap can summarize its results graphically.

screen shot #5
Circles indicate computers, and squares indicate routers. The colors and sizes of the nodes indicate how many ports are open; a greater number of open ports implies a greater vulnerability to outside hacking. (Green is good, yellow less so, and red could be something to be concerned about.) The thickness of the line to localhost indicates the round-trip delay; thick means slow. (I made this probe from the PC with addresses 100 and 101, so delays can't be measured here.) The square yellow icon is a padlock indicating that some of the ports are filtered, which lessens the vulnerability to hacking. Finally, the square blue icon indicates a wireless access point. (Clearly, the detection isn't perfect, because 253 is also a WAP.)

The host details tab shows what Zenmap has found about a particular computer.

screen shot #6
In this case (the WAP), the operating system is Linux and the one open port is 80.

Zenmap can also show you the route your data takes as it travels to its final destination. For example, let's again use www.google.com at 74.125.140.105. We enter this into the target box and select Quick traceroute as the scan. The screenshots show both the text and graphic results.

screen shot #7
In this case, our test message made 16 hops on its way to Google, although other tests would provide slightly different results. You can also view these results graphically, but I find the text output easier to understand and to be more complete. There are other network tools, but Zenmap is included in the Parted Image toolkit (discussed in my April 2012 article, available at http://www.bcug.com.), which I always have it with me. There is extensive documentation for this useful program on the Zenmap Web site, accessible through the Help menu button visible in the screen-shots.

Taking a few minutes to explore your home network will remove much of its mystery and could prove valuable in solving future problems.

Top of Page


Bill Sheff, Novice SIG Coordinator, Lehigh Valley Computer Group, PA, July 2013 issue, The LVCG Journal, www.lvcg.org, nsheff (at) aol.com

The Tip Corner

The Tip Corner – Bill Sheff, Novice SIG Coordinator, Lehigh Valley Computer Group, PA, July 2013 issue, The LVCG Journal, www.lvcg.org, nsheff (at) aol.com Custom Installs
Remember the good old days when you loaded a new program by just clicking the recommended button? Don’t do that anymore. When you are going to install a new program, or even an update, do not use the “normal” install. Always use the custom install button. Why? Let me tell you. Today they are figuring out how to cram more and more advertisements onto a screen, and within a program. When you click on the normal install button you will end up with extra tool bars and all sorts of other programs (search engines are one of them). By clicking on the custom button you will have the ability to unclick or decline to add the extra add-ons that lie beneath the recommended settings. So if you are wondering how all those extra tool bars and other pop-ups are appearing, installing the recommended settings is one of the reasons.

Digital Assets
If you have information stored on line such as in YouTube, Gmail or even Picassa there is now a way to make sure it goes where you want it to go after you die. It is Google’s Inactive Account Manager. This feature allows you to give your consent to transfer data such as stored emails, family photos, etc. to your executor or other designee. You should authorize your executor to work with such services as Facebook and Yahoo to transfer your stored information. Additionally, you can encrypt your passwords in programs such as Legacy Locker and Planned Departure, but you will still need someone to ensure your assets go to the right place.

Flickr Improvements
Flickr, the online photo sharer run by Yahoo has some new improvements. Here are some of what they are offering:

You can share photos with friends by sending them to your Flickr page, share photos on social media sites by clicking Share or sending direct links to your images via the “Grab The Link” function. You can download this program at Flickr.com.

Menu Folder
Here are a couple of ways to add the Tool Bar (File, Edit, View, etc.) on top. In Vista and Win7 the top menu is disabled by default, but if you like it here is how to get them back. For a temporary fix, from within a folder just press the Alt key. Press Alt key again and it is gone. Temporarily is fine, but for a more permanent fix just open a windows folder (Start>Documents>AnyFolder), left-click on Organize. On the drop-down menu, left-click on Layout. A new menu will pop up. Move your Cursor to Menu Bar (it’s at the top of the menu) and left-click to put a check by it. The menu bar pops up.

To disable the menu bar just do the reverse and when you click on Menu Bar it will remove the check mark.

And finally, just go to Control Panel> Folder Options > View. Then under Advanced Settings > Files and Folders> find “Always show menus”, and click on that. Again to reverse that do the same instructions and unclick the :Always show menus.”

Hard Drive Full
If your PC tells you your hard drive is almost full what can you do? A full hard drive can create a slow computer and ultimately a possible hard drive failure. You always have to have extra space on your hard drive for your operating system to temporarily move files around, use the hard drive as a memory cache and just to have some breathing room of about ten to fifteen percent. But sometimes a hard drive full indicator means something else. So here are three scenarios to review.

Number one is it is just too full. You can use clean-up, which can remove some unnecessary files, but usually this is not too significant. So, make sure your recycle bin is empty. Also, if you are doing backups on the same drive, that would create a full drive. Another option would be to get an external drive and put all your personal data such as pictures and documents onto it. This should free up quite a bit of storage.

Number two is that you’ve got a virus. Run a good anti-virus software to try and remove it. One variation fills up your hard drive as fast as you can empty it. A word of caution. If you get a pop-up that says “Your computer has a virus! Click here to fix it.” DON”T! This usually will install a program on your computer. It might be just a commercial, or it could be a virus. Use your tried and true virus checker.

Finally, it could be that your hard drive is failing Average life for a hard drive these days is seven, eight or even ten years. When a hard drive starts failing, it can throw off all kinds of incorrect and erroneous messages, including telling you it’s full when it’s not. One clue to this is if your computer wants to do a disk check every time that you boot up. If that’s the case, then you probably have multiple failed sectors on your disk and it’s time to replace it. If it’s more than five years old, and nothing above works for you, you may consider replacing it anyway. In all of these situations backing up to an external drive might keep you from losing data. Drives are cheap. Pictures, programs and other data are irreplaceable. Okay, so here are some programs that will help you analyze your hard drive, thanks to HowToGeek.com (10 BEST FREE TOOLS TO ANALYZE HARD DRIVE SPACE ON YOUR WIN PC – TREEMAP HD - http://www.howtogeek.com/113012/10-best-free-tools-to-analyze-hard-drivespace-on-your-windows-pc/). (We will give these to Bill Armstrong to see if we can put them on our site)

SpaceSniffer
SpaceSniffer is a portable, freeware program that helps you understand the structure of the folders and files on your hard drives. The Treemap visualization layout used by SpaceSniffer helps you to immediately visualize where big folders and files are placed on your devices. The area of each rectangle is proportional to that file’s size. You can double-click on any item to see more detail. If you’re searching for specific file types, such as all .jpg files, or for files older than a year, or any other condition, use the Filter field to limit the results to only those files. For help with how to use the filtering feature, select Filtering help from the Help menu.

WinDirStat
When WinDirStat starts, it reads the whole directory tree once and presents it in three useful views. The directory list, which resembles the tree view in Windows Explorer, displays on the upper left and is sorted by file/subtree size. The extension list is a legend that displays on the upper right and shows statistics about the different files types. The treemap takes up the bottom of the WinDirStat window. Each colored rectangle represents a file or directory, and the rectangles are nested, representing subdirectories and files within the directories. The area of each rectangle is proportional to the size of the files or subtrees. The colors of the rectangles for files indicate the file extensions that correspond to the extension list.

TreeSize Free
TreeSize Free allows you to start the program normally or from the context menu for a folder or a drive. It shows you the size of the selected folder, including its subfolders. The tree is like Windows Explorer in that you can expand every subfolder within the selected folder or drive and drill down to the file level. The results are visible as TreeSize Free scans the selected folder or drive. You can download TreeSize Free as a portable program or as an installable file. To get the option on the context menu, you must download the installable file and install the program.

Disktective
Disktective is a free, portable utility that reports the real size of your directories and the distribution of the subdirectories and files inside them. You are asked to select a directory or drive when Disktective opens. The selected folder or drive is analyzed and a tree view displays on the left side of the window and a pie chart with percentages displays on the right. Because Disktective doesn’t need to be installed, you can take it with you on a USB flash drive to analyze the flash drive or any Windows computer you come across.

DiskSavvy
DiskSavvy is a fast, easy-to-use disk space analyzer that allows you to analyze disk usage for your hard disks, network share drives, and NAS storage devices. The main window shows you the percentage of disk space used by each directory and file. You can also easily view pie charts or bar charts showing the results in graphical format. DiskSavvy is available as a freeware version, a Pro version, and an Ultimate version, each successive version providing additional features. The freeware version allows for a maximum number of files of 500,000 and a maximum storage capacity of 2 TB. It has support for long filenames, Unicode filenames, and UNC network path names and allows you to copy, move, and delete files directly within the program.

JDiskReport
JDiskReport is another free tool that presents an analysis of the selected folder or drive as a pie chart, ring chart, bar chart, or in a detailed table. Click the Scan a file tree button (magnifying glass) on the toolbar to select a drive or folder and start the scan. The Folders tree view in the left pane presents a Windows Explorer-like tree allowing you to easily access all the subfolders in the selected folder or drive. Multiple tabs at the top of the right pane provide different ways to view the results of the scan. Each tab also has options at the bottom for additional different views. There are buttons on the toolbar that allow you to sort by size or name and to show the file size or number of files on the selected tab as appropriate.

GetFoldersize
For each folder in the selected folder or drive, GetFoldersize displays the total size for all the files in that folder or drive and the number of files and subfolders within the folder or drive. You can use GetFoldersize to scan an unlimited number of files and folders on internal and external hard drives, CDs and DVDs, and network share drives. It supports long file and folder names and Unicode characters and the ability to display the file size in bytes, kilobytes, megabytes, and gigabytes. GetFoldersize allows you to print the folder tree and to save the folder tree and information to a text file. GetFoldersize is available in a portable version, so you can carry it around with you on a USB flash drive or other external drive. However, if you install GetFoldersize, an option is added to the context menu in Windows Explorer allowing you to start GetFoldersize and scan a folder by right clicking it.

RidNacs
RidNacs is a fast disk space analyzer that scans local drives, network drives, or a single directory and shows the results in a tree view with a bar chart displaying percentages. You can save the results of the scan in multiple formats (.txt, .csv, .html, or .xml). Files can be opened and deleted directly within RidNacs. During installation, you can choose to add an option to the Windows Explorer context menu that allows you to right-click on a folder or drive, open RidNacs, and start a scan on the selected folder or drive immediately. When you scan a folder, it’s added to the list of Favorites under a list of available drives on your computer. You can also change the look of the bars on the bar chart with skins.

Scanner
Scanner uses an extended pie chart with concentric rings to display the usage of the space on your hard drive, external drive, network drive, etc. The outer segments of the rings represent deeper directory levels. Moving your mouse over a segment of the chart displays the full path at the top of the window and the size of the directory and the number of files in the directory below the path. Right -clicking on a segment provides additional options. The Zoom option allows you to zoom into the selected directory and is also available by clicking on the segment. You can also Open, Recycle (delete by moving to the Recycle Bin), and Remove and file or directory directly within Scanner.

Scanner comes with two .reg files that allow you to add Scanner to the Windows Explorer context menu and remove it again. It is a portable program and comes with two text files (one of them in English) that describes the usage of the program.

Free Disk Analyzer
Free Disk Analyzer displays a tree of all your drives on the left like Windows Explorer, allowing you to drill down to deeper folders and files. The right side of the window displays all the subfolders and files in the currently selected folder or drive, the size and the percentage of disk space each subfolder and file uses. Free Disk Analyzer also displays your disk usage as a pie chart at the bottom of the right side of the window. Tabs at the bottom of the right side of the window allow you to view the contents of the selected folder or drive or view the largest files or largest folders. Click the column headings to sort by different criteria. You can also manage your files directly within the program and view, open, delete, copy, and move files the same as you would in Windows Explorer.

Finally, for additional ideas on how to regain hard disk space in Windows 7, see the HowToGeek article by Lori Kaufman about simple tips to reduce disk usage.

Top of Page


Bohdan O. Szuprowicz, Member, Sarasota PC Users Group, FL, July 2013 issue, PC Monitor, www.spcug.org, editor (at) spcug.org

How to Write, Publish and Promote Your Book for Free Using Technology

Millions of people all over the world want to write and publish a memoir, a novel, or share their grandmother’s favorite recipes. They spend months and years chasing agents and publishers only to face endless rejections.

But times have changed. The latest technologies make it possible for anyone who can get on the Internet to become an author, publisher, and promoter of anything he wants to write, whenever he wants to do it, and all without spending any money in doing so.

All you have to do is write your stuff, edit it, and follow instructions of various services to format your text, design a cover, price the book, select a publicity program, and boast about your achievement to book review editors, on Facebook, Twitter or your own E-mailing lists.

Yes, all those functions are being offered to would-be authors at a price by masses of editors, agents, consultants and promoters. They took the trouble of reading the instructions and now they try to cash in on it. You do not need them if you follow the instructions yourself.

The simplest way to start is to go to Amazon’s website, which is the largest online seller of books. You are looking for Kindle Direct Publishing (KDP) which will provide you with a free instruction booklet how to format your manuscript in Microsoft Word for publication by Amazon as a digital book. So you just write your book in Word and follow simple instructions about spacing, page ends, chapters etc. Once your manuscript is finished you follow the instructions how to publish it on Kindle and that’s all there is to it.

You also set the price that you may vary at will as time progresses. Amazon sells your book and you get a royalty of 35% to 70% depending on arrangements.

There are close to 2 million titles on Amazon so it’s important that your book has a cover that is distinctive and attractive to readers. You can design your own cover using Picasa collage functions which is also free. It offers hundreds of fonts and colors and you can include any photographs or images you like. The important thing to remember is the fact that on the screen of a tablet or an E-reader these covers are thumbnail-size. As a result you should make sure that the size of title lettering and colors are contrasting and show up clearly in black & white on many E-reader devices.

Once your book is on Kindle you want to let the world know that it has been published and where to find it. If you stick to digital publishing there is no problem of distribution or costs of sending the book by mail. It is delivered via the Internet to the buyer who can read it on about a dozen devices such as E-readers, iPads, PC’s, iPhones, and various smart phones.

There are several publicity websites that can be used to announce the publication of your book. Most offer a basic free service as well as paid versions depending on distribution requirements. Once you follow instructions of a press release site you can also include the image of your book cover and send the whole package to book review editors, TV or radio talk show producers, and your personal E-mail lists completely free of charge.

Better still, the URL’s of such press releases can be copied and simply pasted into other messages you are sending out. PRLOG is such a service used by the author and examples can found at http://www.prlog.org

Twitter and Facebook are the two most popular social media services that you can use freely to promote your book. Although Twitter allows only 140 characters per twit, you can easily include the URL of your press release and also another link to an image, which may be a Picasa collage of your book cover, prices and reviews, as well as author biography and a photograph of yourself with your pet alligator. You can also use the Twitter search window to send such promo packages to selected recipients like your preferred talk show hosts, and book review editors, many of whom maintain distinct Twitter accounts.

Similarly, Facebook can be used to introduce your memoirs or novel with all the publicity materials to your friends and family. Other social media like LinkedIn, Pinterest and such, can also be used in providing free publicity for your book depending on type of audience you are seeking.

In short, the technology is here to be used and most of it is free. What it means is that anyone can become a published author literally overnight.

Top of Page


Tom Kuklinski, President, Computer Users of Erie, PA, July 2013 issue, Horizons, www.cuerie.com, tkuklinski@gmail.com

Some Thoughts on Windows 8

It now has been over half a year since Microsoft released Windows 8. The operating system is actually off to a good start in terms of licenses sold. Microsoft claims over 100 million sold so far. That is not bad. In fact, that is really great. That is about what Windows 7 sold in its first six months.

What really is interesting is the lack of PC sales. Worldwide sales were down 14%. The last quarter was the worst ever for PC sales. The trend is not expected to stop.

This is causing many people in the industry to point fingers at each other. Some of the manufacturers are saying it is because people do not like Windows 8. Some are saying that consumers are not buying laptops or desktops because they are buying tablet computers instead.

To me, what is interesting is how the industry does not recognize what it created. When you look around, many sectors of industry have been affected by the 'computer'. Where is the typewriter these days? It has been replaced. Where is the encyclopedia salesman? Yes, the internet has dissolved that position. These are paradigm shifts that were caused by the introduction of computers. These shifts are occurring now with computers itself.

Room size computers have been replaced by Desktop computers. Desktops have been replaced by laptops. Laptops are being replaced by Tablet computers. And someday, Tablet computers will be replaced by something not yet invented. That is the way it goes. Simple!

Windows 8 was introduced to be the future of computers. It was to work for desktops, laptops, tablets and phones. Microsoft developed an operating system that would cover all bases and remain consistent from one device to the other. The user would not have to stress about learning a new operating system when using these different computers. Sounds like a grand plan.

So why is Windows getting so much bad press?

Let’s take a look at this for one moment.

Inside of Windows 8 is the best operating system that Microsoft has developed. It really works well. It is compatible with much of the world. When you look deeper inside its 'apps', you will find everything you are used to with previous versions of Windows. I do recommend Windows 8.

What we have is a conundrum. When you go to buy a PC computer what do you see that is being offered for sale?

Nothing attractive. The desktop looks about the same as it did twenty years ago. The 'all in one' computers are underpowered and high priced. This means it is already outdated. The laptops look basically the same as they did twenty years ago also. As you know, Windows XP, Vista and 7 look about the same. This look has been around for over twenty years. People do not like change.

Put the pieces of the puzzle together and you will better understand why Windows 8 is getting a bad rap. Microsoft is a software company and not a hardware company. Just a few years ago, Steve Ballmer said there is no market for tablet computers. He was contented with the same and felt you should be also. For twenty years Microsoft has enjoyed it lofty place as the largest software company in the world. And for twenty years it has re-branded and resold basically the same product. HP, Dell, Asus, Acer and Lenovo are hardware companies and not software. HP and Dell have done the same. The mouse is still the same three button device from twenty years ago. We still have ports on computers that are outdated and seldom used. These companies simply resold the same product from twenty years ago.

A company called Apple took a bold chance and introduced the iPad. It was completely different than anything being offered at the time. People loved it and bought them by the millions. It became an instant success. This is an anomaly.

For once in twenty years, Microsoft and the hardware companies now had to play catch up with Apple.

The hardware companies still sat on their laurels. Microsoft, on the other hand, went to work. In just a little over a year developed Windows 8. They did not copy what Apple had done. Because it now was their own product and not a copycat of Apple, people perceive it as different. People do not like change. Windows 8 looks different. Therefore people do not like Windows 8.

This is really too bad. Windows 8 is an enjoyable operating system. It offers everything that previous versions of Windows offered. It is rock solid and very compatible. In any case, Microsoft is not going to issue a recall. Windows 8 will be around for a long time. So to take a quote from a Star Trek show, “Resistance is Futile.”

Top of Page


Ira Wilsker - Ira hosts “My Computer Show” a call-in tech support show on KLVI radio, 560AM, from 4-5 p.m. Mondays, Pacific time. The show streams live over the net at KLVI.com and on the free iHeartRadio app. His call-in number is 800-330-5584.

Phishing (Identity Theft) Now Considered as the #1 Web Threat

WEBSITES and SOURCES:
http://hosteddocs.ittoolbox.com/Phishing_and_Web_Security_WP_Mar13.pdf
http://resources.idgenterprise.com/original/AST-0102181_EECDatasheet_from_KnowBe4.pdf
https://en.wikipedia.org/wiki/Phishing
http://www.consumer.ftc.gov/features/feature-0014-identity-theft
https://www.annualcreditreport.com

In several past columns, I have warned readers about the various methods and techniques that cyber crooks use in order to steal their identities. According to Wikipedia (en.wikipedia.org/wiki/Phishing), "Phishing is the act of attempting to acquire information such as usernames, passwords, and credit card details (and sometimes, indirectly, money) by masquerading as a trustworthy entity in an electronic communication." While phishing has been around for several years, it has now become the major method of online identity theft; according to the cyber security service Webroot, "Phishing 2.0" (the latest iteration of this type of phishing) is currently the #1 web threat facing computer users.

In the past, it was thought that only inexperienced and unknowing computer users were vulnerable to the original "Phishing 1.0" level of phishing attacks, as these unfortunate users would blindly click on any links in an email, and give personal and credit card information to all who asked. In order to protect these highly vulnerable individuals, as well as other more experienced users, the computing industry has upgraded web browsers and security software with the capability to detect most phishing attempts, and alert the user of the risk, or otherwise stop the phishing attempt in its tracks. Not to be impeded by the security improvements incorporated into newer browsers and security suites, and losing a major source of substantial but illicit revenue, the cyber crooks who profit handsomely by stealing the identities of others have created new and improved Phishing methods referred to by the security industry as "Phishing 2.0." According to Webroot, in discussing Phishing 2.0, "(Phishing 2.0 is) ... a new generation of sophisticated phishing attacks now target(ing) businesses. These phish evade traditional antivirus and anti-phishing products. Using targeted information - often gathered from social media sites - they fool even security-savvy employees into divulging sensitive information or visiting websites that infect machines with dangerous malware."

One very recent example of such a phishing expedition has been the recent deluge of emails directed against the faculty and staff of Lamar University, simultaneously directed at both their official ".edu" email addresses and their private email addresses. These multiple emails addressed to many of the employees are an apparent attempt to eventually bypass the security systems that are already in place; it does not really matter how good the university or corporate firewall or protective software, as many of the employees are also receiving redundant Phishing 2.0 emails at home, where the security may be likely to be weaker (or non-existent) than the professional security systems employed by the organizations. While the sophistication of the Phishing 2.0 attacks are intended to penetrate most common security methods, the simpler Phishing 1.0 still can wreak havoc on individuals and their employers.

Over the past few days, I have been made aware of multiple university employees, as well as employees of some of the other nearby colleges, receiving the following email at both their work and home email accounts; this email arrived numerous times over a two-day period at my home and work email addresses, as well as many of my acquaintances, both Lamar University faculty and staff and the faculty and staff of the other local lower division colleges:

From: Lamar Help Desk
To: Recipients
Sent: Thursday, November 21, 2013 2:20 AM
Subject: Mailbox Re-Validation

Your Lamar Password will expire in two (2) Days, click the link below to validate your e-mail http://lamar(xxxxxxx).eu.pn/login.php

Thanks
Lamar Help Desk

Knowing that a percentage of recipients will always click on email links, it is inevitable that some users will be duped into doing that. At first glance, this email appears to be legitimate, unless the targeted victim looks closer at it. The item that attracted my primary attention is that I do not have a "lamar.edu" email address, as I teach at one of the other local colleges, but my wife, who does have a "lamar.edu" email address also received multiple copies of this Phishing email; I had also received inquiries for other college faculty and staff who received this email.

While the simple header on this email appears to indicate that it is from the "Lamar Help Desk", notice that the word "helpdisk" is misspelled, with the suffix being "disk" rather than the correct "desk". The web link included in the email would also raise suspicion as to the real destination of the reply. While the beginning of the web address (URL) clearly says "lamar", there is a three word suffix (which I purposely redacted) creating a compound word after the prefix "lamar". Generally, the abbreviation ".eu" might indicate Europe, but this website actually has an upper level domain of ".pn" indicating that it is registered in the Pitcairn Islands. For those who may recognize the Pitcairn Islands in a historical context, these southern hemisphere, western Pacific islands are the home of the descendents of the mutineers of the famous British ship "The Bounty". I really do not see a Texas university having a major help desk located there. Examining the full headers of the phishing email, it appears to have originated on a server at the University of California - San Diego (UCSD), and been questioned by an IronPort spam filter, but still was delivered to many of its intended recipients. Many of these phishing emails also were not stopped by the generally very good spam filters utilized by several of the popular webmail providers, such as Gmail and Yahoo mail. It is possible that a hijacked account at UCSD was "milked" for information, providing the cyber crook with a list of attractive target ".edu" domains; it is also quite possible that the hijacked account at UCSD became a "zombie", unknowingly sending out spam emails at the request of a "Zombie Master" who may control thousands of compromised computers.

I also performed a basic digital trace of the link on the email, and found that the server that it is using is actually located in Kiel, Schleswig-Holstein, Germany. The registered owner of the server has a Russian sounding name, probably a pseudonym. Only generic information about the webhost was available, rather than the more common detailed contact information (also often bogus) of the actual website owner.

Using a "sandbox" on my computer (a virtual machine where nothing can get out and threaten my home computer), I tried to access the phishers' website, but was blocked by my memory resident security suite; even though I was likely safe, I decided not to continue to load the bogus website. Based on prior experience, the website would likely appear to be a legitimate Lamar University website where users would be asked to enter their username, old password, and new password. Since this is a bogus website, the new password would likely not be implemented, but either of two events will be likely to occur, both leading to the same nefarious results. The cyber crooks c ould either use the current username and password entered by the victim, or can change the password to one unknown to the legitimate user, preventing his access to any Lamar University system. This username and password is the necessary first step to logon to any computer at the university, allowing for email access as well as access to other data components at the university. Since the cyber crook now has an apparently legitimate Lamar University username and password, the email system now becomes available to the crook, as well as access to any accessible network drives. The amount of valuable data that can be stolen is immeasurable. The entire email history of the individual can now be downloaded, giving the crook information about students, family, and any other content, including passwords to external web services. It would be quick and easy for the crook to determine external web accounts that are connected to the now stolen Lamar.edu email accounts, go to those websites, click on the "forgot password" links, and have the external password or a reset link sent to the purloined email box. Not just would this process continue until the legitimate user contacts the real helpdesk and resets his password, but the identity theft will likely continue, until the legitimate user also changes any other external passwords linked to that compromised account.

This might just seem like a local issue, but Lamar, like most other universities, has faculty and staff engaged in research, such that the theft of the research (intellectual property theft) could result in financial loss, loss of a competitive advantage, and even a threat to national security, all because an employee clicked on an email link and thought that he was resetting an expiring password.

If anyone has ever clicked on this or the millions of similar emails asking for passwords, usernames, or credit card number confirmation, or responded to phone calls or text messages informing the victim that his debit card number and PIN needs to be confirmed in order to reactivate the card, that person is likely to be the victim of identity theft. While Phishing 2.0 is primarily intended to steal information from businesses and other organizations, the crude technology of the archaic, simple, but still effective Phishing 1.0 will still snare plenty of prey. In addition to the immediate changing of passwords (after scanning and removing any malware that may have been planted by the cyber crooks), it will likely be necessary to change other passwords, check credit bureau reports (totally free from www.annualcreditreport.com) and challenge any questionable postings. Complete information on dealing with identity theft can be found on the Federal Trade Commission website at www.consumer.ftc.gov/features/feature-0014-identity-theft.

Play it safe; be suspicious, adopt a policy of never clicking on links in emails, social networking sites, or instant messages (text messages). If, for example, you get an email apparently from your bank or a major retailer asking you to click on a link to verify information or sign up for something, do not perform that task by clicking on the link, but instead going directly to the known website of the source.

Be careful of what you click on; the results may be devastating.

Graphic #1

Graphic #2

Graphic #3

Graphic #4

Top of Page


John King, Contributing Editor, Golden Gate Computer Society, July 2013 issue, GGCS Newsletter, www.ggcs.org, editor (at) ggcs.org

What to do if you think your email has been hacked

The first thing to do if you worry about email hacking is to change your email account password to something more complex than 123456. For best security, use a password such as Q*93im#&qrR-57$. You’ll never remember it and won’t have any more email problems [insert snicker].

My Hotmail account was hacked a while ago. A human hacker or automated bot was indeed sending spam from my account on Hotmail. My local computer wasn’t involved. Everything was happening on the Hotmail computers.

Spammers like to use other people’s email accounts to send spam because it’s free and makes the spam harder to block. After I changed my weak Hotmail password to a stronger one, the spammer/bot couldn’t access my account; and the problem ended.

Alternatively, a spammer may be simply spoofing the return address of the spam using your email address to make the message less likely to be blocked. There’s nothing that you can do to stop that. You could stop using that email address, but the spammer can keep using it as the return address anyway.

Fortunately, spam with your spoofed return address usually stops in a few days or weeks at the most. The spammer probably found your address without hacking your account, for example, from the address book of a friend, an intercepted email, etc. Nonetheless, changing your email password is still a good idea.

If your email is a POP account, as opposed to a web mail account such as Hotmail or Gmail, the odds are higher that your computer has been hacked, which is a much larger problem. The best solution is to restore a backup system image made well before the hacking was suspected. The chance that you have a backup image to restore is as likely as the intruder putting money into your bank account, but this instance is when you want backups. Lacking a backup, you can thoroughly scan your system with several antimalware products in addition to your normal antivirus product.

Again, you should change the passwords for your Internet Service Provider, router, and email, and be sure that your Wi-Fi network is protected with the highest level of security possible. People often hate passwords on computers; but if any computer on the network was hacked, all computers on the network should have logon passwords. Fortunately, protecting the network is enough in most cases.

Personally, I’d suggest you change your email password, scan your computer with your up-to-date antivirus software, and wait to see what happens. If possible, do not do any online shopping or banking until some time has passed to confirm that only your email was hacked. Also watch for any suspicious activity on credit card and bank accounts.

Top of Page


 

Windows Secrets Newsletter - A Great Resource

Windows Secrets I suggest all CTPC members check out the issue of Windows Secrets at http://windowssecrets.com/newsletter/the-best-of-langalist-plus-from-2013. Fred Langa’s best discussions from 2013 (which are normally in the paid edition) are included in this free issue. Topics include, among others:

Mike Alcorn, CTPC Newsletter Editor

Top of Page


Ira Wilsker - Ira hosts “My Computer Show” a call-in tech support show on KLVI radio, 560AM, from 4-5 p.m. Mondays, Pacific time. The show streams live over the net at KLVI.com and on the free iHeartRadio app. His call-in number is 800-330-5584.

Alternative Streaming Video Sources

WEBSITES:
http://www.targetticket.com/home/premium
http://www.hulu.com/
http://www.hulu.com/plus
http://netflix.com
http://www.amazon.com/Instant-Video/b?ie=UTF8&node=2858778011
http://www.walmart.com/cp/Video-On-Demand-by-VUDU/1084447
http://www.vudu.com
http://www.youtube.com/movies
http://www.youtube.com/user/movies/videos?flow=grid&view=26  (FREE MOVIES)
http://www.google.com/tv
http://www.apple.com/itunes/charts/movies

Isn't rapidly evolving technology wonderful? While we can still watch a handful of free TV channels over the air with a simple antenna, relatively few people still do. Stores that rent DVDs still exist in relatively small numbers compared to just a few years ago, and VHS rentals have just about gone the way of the dinosaur. There are still thousands of limited selection kiosk type vending machine video rental boxes, typically adjacent to supermarkets, convenience stores, and fast food restaurants, but they still require time and mileage to rent and return videos. Most cable and satellite TV providers offer some form of video streaming on demand at varying prices, but they are now facing significant competition from alternative streaming video services that send TV and movies over the internet directly to the consumer.

On a recent visit to see my grandkids in Georgia, my daughter had full length movies from Netflix streaming on her internet connected flat screen TV in her living room; my three year old granddaughter had an inexpensive Android tablet connected to the home Wi-Fi, and expertly manipulated the screen selecting movies and cartoons on the child-safe "Kids Netflix". For the few who may be totally unaware, Netflix (netflix.com) is currently the industry leader in streaming movies and TV to computers, smart devices (phones and tablets), TVs, and other network connected devices. According to the Netflix website, "For only $7.99 a month, you get unlimited movies & TV episodes instantly over the Internet to your TV or computer. There are no commercials, and you can pause, rewind, fast forward or rewatch as often as you like. It's really that easy!" As of June 30, 2013, Netflix had 29.8 million subscribers to its streaming service in the U.S. (an increase of 633,000 in the second quarter of 2013), and another 7.75 million outside the U.S. While originally an online DVD rental company, Netflix has seen dramatic decreases in its DVD members as they mostly switch to streaming videos and TV; as of June 30, Netflix was down to 7.51 million DVD subscribers, a loss of 475,000 subscribers in the same quarter

(Source: www.news.yahoo.com/numbers-netflix-subscribers-205626746.html.)

While Netflix is the premier streaming video provider, it is by no means the only provider, as other powerhouses including Amazon, Google's YouTube, Google TV, Walmart, hulu, VUDU, iTunes, and now Target join the fray. Amazon claims to have, "Over 150,000 top movies and TV shows to rent or buy, including thousands available to Amazon Prime members at no additional cost." While most of the 150,000 movies and TV shows are available for streaming at modest prices, Amazon offers a $79 per year "Prime" account which includes the streaming of over 15,000 full length movies and 3100 TV shows at no additional charge. The $79 annual fee for Amazon prime also includes several non-video related services including thousands of "free" Kindle books to "borrow", and free second day shipping of Amazon products with no minimums.

For the past few years, Google has been quietly offering both free and nominally priced full length movies and TV episodes over its extremely popular YouTube service. As Google expands its "Google TV" (google.com/tv) offerings, there is much buzz in the media that Google TV will incorporate the paid YouTube movies, as well as other content into its streaming TV service. According to Google, "As well as making it easier to find stuff to watch from your existing TV service, Google TV enhances the TV you’re used to with over 100,000 movies and TV episodes on demand, thousands of YouTube channels, apps, & more content coming all the time." At present Google TV requires a fast broadband internet connection along with a compatible connected TV or a converter box, several of which are available from a variety of manufacturers, ranging from the tiny $35 Google Chromecast HDMI Streaming Media Player, to a variety of more powerful and sophisticated devices that are mostly in the $75 - $150 range.

Hulu has been around for several years, initially offering thousands of free commercially sponsored TV episodes (still available), and is now offering its $7.99 per month Hulu Plus service as a direct competitor to Netflix, with a heavy emphasis on TV shows. Hulu Plus (hulu.com/plus) can stream directly to almost all smart devices, including phones and tablets, as well as almost any internet connected or networked HDTV, most modern game consoles, Kindle, Nook, Nintendo, computers, and other streaming media devices.

In recent days, the Target department store chain announced the limited "beta" (pre-release) availability of "Target Ticket" (targetticket.com). While still in its early stages, and not yet available to the public, it is currently only available to employees and customers who are part of the store’s REDCard program. Target Ticket has, " ... instant access to 15,000 titles, new releases, classic movies and next-day TV, there’s always something new to watch and love." Target Ticket allows the user to, " ... stream or download movies and shows in your library for playback on your PC, Mac, iOS, & Android products." Members will be able to purchase or rent digital content that can be viewed on smart phones, tablets, TVs, Blu-ray players, and game consoles. At present, Target Ticket offers network TV content from ABC, AMC, CBS, CW, Fox, FX, HBO, The WB, NBC, Showtime, Starz, and USA. As a bonus, Target Ticket will allow users to access some of the newer DVDs before their official release date. Being a commercial service, new movies will be available for purchase, projected to be in the $12 - $15 range, with movie rentals around $4. TV episodes can be rented for about $3, with entire seasons available for purchase after the end of a season at around $35.

Walmart has also joined the streaming media craze by partnering with the established streaming provider VUDU (walmart.com/cp/Video-On-Demand-by-VUDU/1084447). With this partnership (or a personal membership directly with vudu.com), members can rent or purchase the latest videos for immediate streaming that can be viewed on a variety of devices including iPad, PlayStation 3, computers, VUDU-enabled TVs, and compatible Blu-ray disc players. VUDU claims to offer the largest library of HD movies where the users only pay for what they watch, with no subscription or late fees. In its partnership with VUDU, Walmart is selling VUDU enabled TVs and Blue-ray players from Mitsubishi, Vizio, LG, Magnavox, Philips, Samsung, and Sony. Walmart also offers specials and deals on VUDU movies, including a "99-cent Movie of the Day" over a thousand $2 - two day rentals. Obviously going after industry leader Netflix, VUDU claims to offer most major studio, newly released DVDs to its customers long before they are available to Netflix' streaming customers. Specifically, VUDU claims that "Almost all of our movies are available the same day they come out on DVD and Blu-ray" compared to Netflix' 28 day delay on physical DVDs mailed to rental subscribers, and up to seven years after release to be streamed on Netflix!

Apple is also offering streaming TV and movies through iTunes (apple.com/itunes/charts/movies). iTunes members can purchase or rent TV shows and movies thru their existing iTunes account and stream them to TV, a computer, iPod, or iPhone. Apple also offers a $100 hardware device, Apple TV, which allows streaming and downloaded content from iTunes, Netflix, Vimeo, and other sources to be played in 1080p HD on most HD TVs. The Apple TV device can also stream video and games from Apple (iOS) devices, PCs and Macs to TVs. The Apple TV device has HDMI and digital optical output, and can be connected to home networks running 802.11n (also called wireless-N or WiFi-N) or with a traditional Ethernet cable.

With these reasonably priced alternatives to the more traditional sources of electronic entertainment, consumers have some excellent choices. Some (VUDU, Walmart, iTunes, YouTube) offer free membership, where the user only pays for downloaded content, while others such as Netflix and Hulu Plus offer a flat rate of $7.99 per month, with Amazon Prime available at $79 per year. With choices like these, anyone with a decent broadband connection has quite a bit to choose from.

Graphic #1

Graphic #2

Graphic #3

Graphic #4

Graphic #5

Graphic #6

Graphic #7

Graphic #8

Graphic #9

Graphic #10

Graphic #11

Graphic #12

Graphic #13

Graphic #14

Graphic #15

Top of Page