30 December, 2006

Hiding Content in an Image

Recently on two separate TV shows I saw an image file used to hide other data (one was text and one was another image). Wouldn't you know, I then ran across ZomgStuff and a post from UgLy NeRd, which has an article on how to hide a text file in a .jpg.

It is actually quite easy: use RAR to merge the two files, giving it a .jpg extension (copy /b secret.jpg + meeting.txt.rar lizard.jpg). When you want to retrieve the text, open the .jpg with WinRAR. Check the posting on ZombStuff to see a few screen shots.

AT&T Closer to Supporting Net Neutrality

For nearly a year, the FCC has not approved the AT&T / BellSouth merger -- more specifically commissioners Michael J. Copps and Jonathan S. Adelstein. In order to break the deadlock, AT&T has put forth provisions to make the merger look more favorable to consumers. This is the second set of conditions that AT&T has put forth in order to get the merger through -- the first being in October. The most exciting part of the provisions this time around is AT&T's partial support of Net Neutrality.

According to Nate Anderson of ArsTechnica, this provision means that all content of a particular type will receive equal bandwidth. What it does not provide is equal bandwidth across different content types. For example, AT&T could throttle back all VoIP, and give more bandwidth to video. The good news is that companies cannot pay AT&T money to deliver their content faster than another content provider.

Other provisions include returning 3,000 BellSouth outsourced jobs and low cost ($10) DSL for a minimum of 30 months.

Though not complete, I believe this a a great step for net neutrality.

28 December, 2006

Alt Key + Calculator Number = Symbol

I ran across this simple page from a link on Digg. It is shortcuts for symbols that you cannot normally type in directly. For example:
© = Alt + 0169
® = Alt + 0174

26 December, 2006

Activate Windows Vista for Free

Vista has not even been released to the consumers, and already there is a work-around to keep you from having to activate your copy. As you may recall, if you do not activate your copy of Vista within Microsoft's specified time, you will be reduced to an OS that lets you access the Internet for an hour at a time.

On December 20, 2006, KezNews posted an article on how to fool the activation clock, and therefore allowing you to run Vista without activation indefinitely. If that is not enough, KezNews has a synopsis of the eWeek article on how hackers can buy Vista exploits for $50,000.

I am not suggesting you steal or try to hack Vista; rather, I am suggesting you be careful in seriously consider before upgrading to Vista. With a completely new platform, Microsoft can claim that Vista is the most secure Windows platform ever (the same claim they made about XP), but the fact is, Microsoft has no idea how Vista will stand up to hackers -- only time will tell.

24 December, 2006

Santa Uses Science and Techhology to Deliver Presents to Millions of Homes

Most adults do not believe in Santa, because they do not understand how he can deliver presents to so many homes, all in one night. That's because most of us are not as smart as Santa and Dr. Larry Silverberg of North Carolina State University. Mick Kulikowski released an article earlier in the month, after speaking with Dr. Silverberg, that attempts to explain the science and technology behind Santa Claus' travels to the layman.
"...Santa has a personal pipeline to children’s thoughts – via a listening antenna that combines technologies currently used in cell phones and EKGs..."

Santa uses this information on his sleigh, so that he has up-to-the-minute information just before he builds a present for a child. Yes, Santa uses just-in-time manufacturing with nanotechnology to build the toys once he is in the home of each and every child. Of course that does not explain how Santa Claus can complete this all in a single night.

That fact is, Santa's knowledge of the space/time continuum and the theory of relativity is behind this trick. Santa is able to take months of his own time and hit every home in just hours. Just hours? NORAD has been tracking Santa each year now for more than 50 years, and Santa has successfully delivered gifts all around the world, all on Christmas Eve.

If you want to read and hear more about all the science and technology behind Santa's successful deliveries he makes each and every year, Dr. Silverberg has provided a more detailed Science of Santa on the North Carolina State University website.

Merry Christmas

23 December, 2006

Read Your WebMail with Thunderbird

The popular, safer alternative to the Outlook Express mail client Thunderbird, from the Mozilla folks, can be used for more than just POP3 / SMTP mail. If you did not know, Google provides POP3 access access, but all the other popular WebMail platforms do not. Lucky for us, Mozilla has developed Extensions to support the other popular WebMail formats from Yahoo to HotMail to AIM/AOL.

Mozilla has made it fairly easy to setup too. First, you download their base WebMail Extension, and then individual Extensions for only the services you have. After the Extensions are installed, you have a new option, WebMail, in the Add Account interface, which takes you through a Wizard to configure. That's it!.

I setup and tested both Yahoo and AIM/AOL. The only thing to watch for is that you enter your complete email address for the username (i.e. yourname@yourservice.com not yourname).

If you have not made the switch to Thunderbird yet, this is the time. In addition to the WebMail Extensions, you get a much safer environment (no Internet Explorer integration), and it doubles as an RSS reader.

21 December, 2006

Firefox Doesn't Work on Vista

The new release of Firefox, version 2.0.0.1, which was released December 19th, still has problems running on Vista. The biggest problem is that it cannot be set as the default browser. It almost seems as if Microsoft purposefully changed things to make it more difficult for Firefox. According to W3Schools, Firefox had nearly a 30% market share in November, number two after IE 6's 50% share.

20 December, 2006

Finally Updated to iTunes 7

You may recall that September 20th of this year, I suggested that you should not be the first to take new software updates -- let others see if there are problems. In this case, I was speaking of iTunes 7, as many people were having problems (and on Apple's Discussions forum) with the popular software. About a month ago, I finally installed iTunes 7 on the PC that I did not sync with.

The new software seemed to work well, but I had no reason to update my PC used to sync my 3rd generation iPod. Yesterday, I finally took the plunge -- 3 months after my warning. Everything seemed fine, the software loaded fine, my iPod seemed to sync okay too. This morning though, I found a problem -- I no longer had Podcasts listed as an option in the playlist. Fortunately I could scroll through recently added songs and find my podcasts.

Tonight I reconnected my iPod, found the Podcast tab on the iTunes sync screen, and specifically synced all podcasts. Now I do not know whether it was coincidental or a required step, but my Podcasts option in the playlist reappeared.

Am I happy with the new iTunes? Yes, I like it much better. Am I happy I waited? Definitely, having my favorite podcasts every day is more valuable than a new version of software. Next time software you use has an update available, wait and see if there are bugs to be worked out before updating your own version.

NOTE: If you are a Windows user, do not follow this rule -- you should immediately update Windows when Microsoft releases new patches; ideally your machine should be configured to do this automatically. The chance of being without your computer due to a rare problem with a patch update is better than compromising your machine and/or data to an unknown hacker.

17 December, 2006

Restrict Third-Party Cookies in Firefox

With the change to Firefox 2, restricting third-party cookies is no longer available through the Options dialog. The only option within the Options dialog is to either allow all cookies or no cookies. Fortunately you can still do this through About:Config. (If you are unfamiliar with About:Config, see my blog post on November 5, 2006.)

I recommend you disable third-party cookies to avoid companies, such as DoubleClick, from tracking your behavior across sites.

Open About:Config, and use the Filter dialog box and type network.cookie.cookieBehavior (it will be the second item once you have entered network.c). Double-click on network.cookie.cookieBehavior and change the value to 1. This will now permit only cookies from the same domain you are visiting to save cookies on your computer.

Here are all possible values:
  • 0 (default): Enable all cookies
  • 1: Allow cookies from originating server only
  • 2: Disable all cookies
  • 3: Use P3P policy to decide (see MozillaZine Knowledge Base, network.cookie.p3p)

Net Neutrality Explained

16 December, 2006

StopBadware.org

I ran across a site, StopBadware.org, led by Harvard Law School and Oxford University, with sponsorship from Google, Sun, and Lenovo, that is trying "to become a focal point for developing collaborative, community-minded approaches to stopping badware."

StopBadware.org "...shares information with the public in the form of reports, including in-depth and short form reports. The in-depth reports highlight particularly prominent or particularly bad applications, and shorter quick reports describe websites that host or distribute badware." StopBadware.org has a complete set of guidelines on what constitutes badware. Software and/or websites can be categorized as either badware or caution. From the guidelines, an application is badware in one of two cases:
  1. If the application acts deceptively or irreversibly.
  2. If the application engages in potentially objectionable behavior without:
    • First, prominently disclosing to the user that it will engage in such behavior, in clear and non-technical language, and
    • Then, obtaining the user's affirmative consent to that aspect of the application.
Interestingly enough, AOL version 9 is currently working to improve their product to keep themselves off of the badware list. In examining StopBadware.org's quick reports, most of the websites are either pornographic or free serial number related.

Check the badware site, and see if you currently have any badware. Check it again before downloading free applications and tools. And of course, stay away from questionable websites.

11 December, 2006

Safe Computing While Traveling

In speaking with an old friend today, I was reminded of how unsafe it can be to use an unprotected wireless connection, or even worse, an Internet cafe' PC. So when I got home, I researched some of the services and solutions that I have read and heard about.

First of all, you should always take caution when using an open network. This includes both wireless and wired (such as a hotel). The best way to do this is by setting up a Virtual Private Network (VPN) before doing anything else. If you are a business person, you may already have that capability through your company. If so, check with your IT department to find out what happens when you connect to non-work addresses. Typically it will skip the VPN and go directly to the site, saving company bandwidth, but putting you at risk. Note that there may be a way to change this setting.

Assuming you cannot get protected through your company network (or you do not want to), there are a couple other options. One option is to set up a VPN to your home PC. Using a service such as Himachi to set up a VPN, and then a version of VNC (RealVNC and TightVNC are two of several), you can connect to your home PC and safely surf. The other option is to use a 3rd party service.

I found two 3rd party VPN services, HotSpotVPN and WiTopia. HotSpotVPN is about $9 a month while WiTopia is $40 per year. There are free solutions too, but you might want to think twice before using a free service to protect your data. WiTopia also offers solutions to protect your wireless network at home -- there claim is that WAP is just not enough (you do use WAP, right?).

Perhaps you were considering an Internet cafe'. It just so happens that CNet had an article on a HotMail account that may have been compromised due to the user accessing it through an Internet cafe'. If this is your preferred computing platform while traveling, then I suggest you check out one of the Smart Drives from U3. With a Smart drive, you can boot a PC with the files that you carry on a USB flash drive, have it protect your data, and erase your activity upon completion. U3 does this with virtualization, as explained at Network World. Prices start at around $30.

So next time you travel, do not become the next victim -- prepare and protect yourself before you leave.

08 December, 2006

Security Flaw in Windows Media Player

As reported by IntelliAdmin.com and ComputerWorld, another security hole has been found in a Microsoft product -- this time it is Windows Media Player Versions 9 and 10. Specifically, the problem is with media files that have the .asx extension. By default when you click on this file type, Windows Media Player will launch -- a compromised file would allow hackers to gain control of your PC.

IntelliAdmin.com recommends that you remove the association for Windows Media Player to play .asx files. Microsoft recommend that you upgrade to Windows Media Player 11. Microsoft says Windows Media Player 11 will work on all versions of Windows XP that have Service Pack 2. I did find one mention of possible problems if you have Windows XP Media Center 2005.

If you are looking for a fix to versions 9 or 10, it does not look like Microsoft will have something by this Tuesday, the monthly patch release from Microsoft. So just as I indicated you will likely need to wait for January's patch release for a fix in Word, you will also have to wait for January for this fix.

07 December, 2006

Excel Quick Sum

I found an old trick in Excel the other day... if you highlight cells, the sum will appear in the status bar below. This works whether the cells are horizontal, vertical, or in a block. You can also select cells to sum from various parts of your spreadsheet by holding the Ctrl key down as you select each.

06 December, 2006

New Hole in Word

As reported by eWeek and ZDNet, there is a new problem with Word that could allow attackers to take control of your PC. Since there is no fix available yet, you should avoid opening any unknown Word files. I would expect that Microsoft would release a fix as soon as possible, but if they stick to their patch-Tuesday schedule, this may come to late to make the December release, forcing users to wait until January.

04 December, 2006

Reduce the Size of an Excel File

I have been working with an Excel file for about 18 months -- each month I link to a monthly Excel data file. This gives me data in one file that I can use to trend many different segments. I am not sure when, but this file had ballooned to over 3 MBs. Finally this month when I tried to upload it to our intranet, I received a file size limit exceeded message.

I searched and searched, and could not find any thing that would compress or clean up the file. Finally I went to Google and found a solution. The credit goes to OzGrid Business Applications. Here is a link to the entire article, and below is what I had done to reduce the file size.
  • The first thing of course is to make a backup... just in case
  • I then performed the following on each worksheet (only 2 in my case):
    • Select a cell and press F5
    • Click the Special... button
    • Click the Blanks radio button
    • Click OK
    • Select Edit | Clear | All
    • Manually go to the last row in the worksheet (do not use Edit menu shortcut)
    • Select the entire row
    • Press Ctrl + Shift + [down arrow]
    • Select Edit | Clear | All
    • Remember to repeat for each worksheet
  • Save
In my case, the file went from over 3 GBs to less than 200K. If this does not work for you, OzGrid does offer some other possible things to try.

03 December, 2006

Better Security May Not Be Better

There is an excellent article posted by the Electronic Frontier Foundation that describes how poorly implemented security is not better security. Trusted Computing: Promise and Risk by Seth Schoen reminds me a lot of DRM. The direction of two organizations, Microsoft Next-Generation Secure Computing Base or NGSCB and Trusted Computing Platform Alliance or TCPA, want to put restrictions in place that could force you to use certain software by certain manufacturers.

Of the fours security areas: (1) memory curtaining; (2) secure input and output; (3) sealed storage; and (4) remote attestation, remote attestation could be a problem. Developers could force you to use certain software in order to use their system. The author recommends adding an owner override to prevent problems.

Read the article yourself to learn more.