Horse Sense #103

The Silly Season

 

 In this issue of Horse Sense:
-News You Can Use
-Keep Your Software Up To Date!
-Sold State Drives Break Through "Magic" Price Barrier
-Get Ready for the Silly (Election) Season

 



News You Can Use

 
Mobile and fixed Internet traffic will grow dramatically over the next few years.  Are you ready for it?

 
Your next company may be playing games and it might be good for you and for them.

 
If you buy a Windows 7 based PC today, you should be able to get Windows 8 for $15 when it comes out (promotion runs 6/2/12 to 1/31/13). <http://www.windowsupgradeoffer.com>

 
A computer notebook is stolen every 53 seconds. 12,000 a week are stolen from US airports.  Notebook theft is also a leading contributor to identity theft.  Intel has new technology that helps alleviate the information theft problem by using a poison pill to lock down the notebook before it can even boot.  Absolute Software Computrace can track and locate lost or stolen notebooks. You can even set up a "fence" where if a laptop leaves a specific area, it either yells for help or implements the Intel poison pill feature. Computrace also has an insurance policy if you cannot recover your laptop.  You can also secure your laptop with encryption either through hardware in the laptop or on the disk or via software.  This keeps anyone from accessing your data unless they can supply the password.




 
Keep Your Software Up To Date!



 
My favorite tools for keeping software up to date are:

 
(1)  <http://WindowsUpdate.Microsoft.com>  Use this link or the tools in your operating system and choose to have it update all your Microsoft applications as well.  Pick the "custom" button if you are updating Windows XP and you can update some hardware drivers as well.  You can turn off updating Silverlight, Windows Messenger, and Windows Live applications if you do not use them (many do not).
 
(2)  <http://www.Filehippo.com>  This is a good site for downloading all sorts of freeware and shareware applications and the tool they allow you to download in the upper right hand corner of the main page (FileHippo Update Checker) is very quick and easy.  Again, you can ignore Windows Messenger and other suggestions for programs you do not use.  I would also ignore any beta recommendations.

(3)  <http://sourceforge.net/projects/appupdater/>  AppUpdater is similar to FileHippo, but can cover other programs and is not quite as user friendly.

(4)  <http://www.driveragent.com/>  DriverAgent offers free scans, but the links do not work unless you have the inexpensive paid version, though you can look for those downloads yourself for free.  This site is great for updating hardware drivers.

(5) <http://ninite.com/>  Ninite has free and paid versions.  Ninite is a really good way to set up a new PC with the freeware and shareware you want.  Afterwards, you can to check for and update that software easily.  The corporate versions allow you to maintain fleets of PCs and keep them updated.

(6)  <http://secunia.com/resources/product_sheets/>  Secunia Personal Software Inspector is free for home users and looks for issues in your personal security.  Unfortunately, you have to be a little savvy to use this tool.

(7)  <http://www.belarc.com/free_download.html>  The free Belarc Advisor is an excellent way to inventory what is on your machine and extracts installation keys for use later.  This tool gives a lot of data that will overwhelm many.

 
We have many other products, both free and paid, that my clients find useful.  Call us to discuss your needs.




 
Solid State Drives Break Through "Magic" Price Barrier


 
You can now buy solid state drives (SSDs) for less than $1 per gigabyte.  Besides reaching low price points, manufacturers are starting to ship SSDs that can sustain a massive number of write cycles and maintain top speeds while doing so.  These drives will be extremely useful in high performance server applications.  SSDs are a requirement for all high end ultra thin notebooks and tablets.  Expect to see SSDs displace hard drives for both high and low end computing needs.

 
Most people are not aware that they are already using solid state storage.  Usually this storage pales in performance when placed against a true SSD.  Still, the "instant" on and random access capabilities built into cell phones, children's games, tablets, cameras, and portable music players should give you some ideas of how an SSD might behave in a PC.  Blazingly fast and "instant" on are two capabilities most clients cannot do without, though SSDs are also more reliable, resistant to shock, and usually consume less power.




 
Get Ready for the Silly (Election) Season

 
If you have not seen the e mails, you soon will.  They may look like they are from a reliable source.  Lots of spam and malware attacks depend on the recipient believing it comes from a trustworthy source. The mail may be from a military figure, a religious organization, or even the FBI.  It may be forwarded to you by a friend you trust.  In any case, you can expect to see lots of unsolicited political e mail in your mailbox soon and there is a good chance a lot of it will be complete nonsense.  Political groups love e mail because it is an extremely inexpensive way to get their message out to millions of people.

 
I am a computer security professional and sell lots of computer security products.  None of them are designed to stop political e mails.  In fact, most spam laws and telephone marketing laws have specific exemptions for politically motivated contacts.  The only thing that can stop political e mail proliferation is a critical reader (you).

 
Although political e mails alone may be bad enough, untrue political e mails are worse.  If it sounds really juicy, gets your ire up, or is something they ask you to forward to others like a chain e mail (obvious sign of a productivity waster), turn your bullshit meter on high and either avoid sending it on or check it out thoroughly at reputable urban legend debunking sites like Snopes.com (my favorite) or ubanlegends.About.com or other urban legend site.  Do not assume that an e mail is true if you cannot find it on Snopes.com.  Remember, it is often harder to prove something is true than that it is not in the realm of politics.  The Obama Administration and Obama in particular are very common targets of this type of e mail and you can only expect the disinformation machines to spew more nonsense as the election approaches.  During the previous election, George W. Bush was a big target.  Everybody loves to hate the "man" and wants to tear down celebrities.  If you are really shocked, then there is a good shot the e mail is bogus.  Think about it, most people do fairly boring things most of the time.

 
These politically motivated e mails are like a fake virus alert.  They scare the hell out of everyone and cause resources to be expended that do not need to be.  Verifying the information contained in an e mail can take a lot of time that might better be spent elsewhere.  The computer security term for this is scare mail.  It used to be limited to fake virus warnings, but their success has spawned imitators.  Scare mail is often used to energize a political base against something.  False information chews up a lot of people's time and energy.  Conspiracy, "startling revelation" and hidden secret e mails destroy real productivity.  Trust me, incompetence is easier than conspiracy and incompetence is not all bad.  My six year old knows I am incompetent at child rearing.  I have an excuse.  It is my first time.  I still got a Father's Day card.  People make mistakes.  They usually do not trumpet them.  That does not mean that they are conspiring against everyone, that a revelation of something they have done should be startling or even relevant, or that it is secret or even true.  So even if there is a small amount of truth in a political e mail, the emphasis and slant of an e mail trashing someone is almost certainly suspect.

 
If in doubt, keep that e mail to yourself.  If you forward it on, you risk others knowing that you have been duped.  It is the e mail version of the old line, "Better to have people think you are foolish than to open your mouth and remove all doubt."  That said, do not be too chagrined at falling victim to a ploy like this.  They are designed to take advantage of you and even the most skeptical and brilliant people can be fooled.  That is why computer security is so hard.

 
Employers should severely limit political expression in e mail coming from work addresses.  True or not, they are productivity wasters and you risk offending someone you do not need to with a political e mail.  Even worse is sending on something untrue.  If someone in your organization does that, they show that they not only have a political bent, but that they can be fooled relatively easily.  That can undermine the trust your clients and business associates afford you.  The default policy of a business should be outbound political e mails of any kind are off limits unless specifically authorized.

 
Political e mails may not mention a particular candidate or party, but are political nonetheless and should not be recirculated.  We have lots of persistent stories that have been settled conclusively.  Washington did not cut down the cherry tree.  Lincoln did lie at least once. "Under God" got added to the Pledge of Allegiance and then removed.  Not all money had "in God We Trust."  The Declaration of Independence was never a legal document.  Our servicemen are not about to provide you with tons of gold bullion or access to millions of dollars from raided palaces in Iraq and Afghanistan.  And so forth.

 
Unfortunately, people tend to believe what they read, especially if it comes from a "reputable" source.  Debunking something might be difficult and a juicy rumor is often too delicious to keep to oneself.  These political time wastrels and hacktivists count on your gullibility.  Do not let them get the best of you.

 
Of course, if they do get the best of you, admit it to everyone you told to earn back your credibility and turn your bullshit filter on a little higher.

 
Any computer security practitioner will tell you that user skepticism, vigilance, and training are more important than any software or procedure available.  Unfortunately, security is very often reactive. Wisdom is the cruelest teacher because the exam comes before the learning.  We will likely get burned before we take some precautions seriously.  Remember, paranoids have real enemies too!


©2012 Tony Stirk, Iron Horse tstirk@ih-online.com