Monday, June 27, 2005

Summer Jobs Mean Hidden Opportunities!!!

Well its summer time and your high school (or college) aged kids are getting jobs to earn a little spending money or help with college expenses. It probably doesn’t seem that long ago that the most important thing in their lives was getting their drivers license and that all important first date.

These are events that they (and you) will always remember (Fondly I hope.) as defining the beginning of their change from a child to an adult. These and other such events foreshadow the things to come in their life. College, marriage, that first good job, and of course kids are right around the corner most likely and it’s a busy and hopefully thoughtful time in a young person’s life.

What both you and that new worker are probably missing however is just how big an event that first job and the earned income it provides are to the total picture of your child’s future.

With that job comes a unique opportunity!!!

Silently, quietly, and never to come again has arrived the most opportune time in their life to start saving and planning for their future. It may have more potential for financial security later in life than a college degree or climbing the corporate ladder to a high paying job or profession.

What is this magic moment?

What has changed in their life that you and they may be missing?

What opportunity has occurred that will never happen again?

Well it’s the chance to start a ROTH IRA while they are young.

PLEASE, PLEASE….. DON’T LET THEM MISS THIS OPPORTUNITY.

Get them to set up a Roth IRA as soon as possible.

It’s never too early to start saving and starting a Roth IRA at young age is a guaranteed winner if it’s left alone to grow. Start a Roth by 20 and it has a chance to grow for 40 to 45 years tax free rather than the current average of 25 or 30 years that most retirement plans do.

Time not investing savvy or how much you save is the greatest asset that any investor has in their arsenal. It is the one asset that can’t be made up for as compounding interest requires TIME to work it’s miracle of tremendous growth. While bad returns on investments can be over come and savings amounts can be increased when opportunity allows only time allows compound interest to work it miracle and grow our savings to astronomical levels.

Believe me this is the stuff that investing dreams are made of. The difference those extra 10 to 15 years of growth makes is impossible to realize unless you play with the numbers. But it’s safe to say that on average it will probably DOUBLE and maybe TRIPLE the amount they have at retirement if allowed too.

Remember no less than Albert Einstein when referring to compound interest is quoted as saying:

"It is the greatest mathematical discovery of all time"

If Albert Einstein felt that compound interest was a greater discovery than his other findings like E=MC2 it shows just how powerful it can be for your child’s future financial security. Just think Einstein was saying that compound interest was more powerful than atomic energy and I can’t argue with him when you’re talking about investments.

In my next article we’ll look at the Roth IRA and why it’s one of the greatest investing programs that Congress has ever given us. I’ll cover both the basic rules governing Roth IRA’s and the cautions that you need to keep in mind.

Friday, June 24, 2005

Here’s additional Information on the Research Project Code Named Avalanche.

This original paper filed on Microsoft’s website explains the Avalanche project in detail and should help to put to rest the question of what Microsoft’s plans were and are for Avalanche.
http://research.microsoft.com/~pablo/avalanche.htm

You can also see eWeeks take on this issue of a conspiracy to damage BitTorrent. Check out this article by Steven J. Vaughan-Nichols at for his take on this issue.

http://www.eweek.com/article2/0,1759,1831018,00.asp?kc=EWRSS03129TX1K0000614

What Conspiracy against BitTorrent??

John Dvorak sure opened up a can of worms for me with his strongly worded story about his theory of a “Conspiracy” to ruin BitTorrent by the media and Microsoft. Since his article came out I’ve gotten more email about my article on this subject than I could have ever imagined. (You can read John’s article here if you haven’t read it yet to see what he has to say http://www.pcmag.com/article2/0,1759,1829684,00.asp .) Because of this article and the buzz it’s caused I felt that I should reply to John and the others that are pushing this conspiracy theory.

Come on John look around and see who’s writing these stories. It isn’t a bunch of fools that are writing about the Spyware/Adware problem with BitTorrent. Articles have been in every magazine and blog from eWeek to mine talking about the problem. Do you really think that I have any agenda with BitTorrent? I love and read your stories John but they aren’t always right especially when it comes to Microsoft and your conspiracy theories.

No one I know of is saying the problem is within BitTorrent itself but how it's being used by the Spyware/Adware distributors. BitTorrent is a great program and offers an answer to over loaded servers while providing secure data downloads without the possibility of tampering.

But that isn’t my concern!

The facts as I and others have stated them are as follows.

First Microsoft currently has no plans to challenge BitTorrent and all of the avalanche studies were just that studies. It seems that conspiracy theories are like gossip when it comes to Microsoft hard to stop and impossible to trace to their source. Microsoft is truly the company that people love to hate. Sometimes rightfully so but in this case John Microsoft is innocent and there is no conspiracy except in the mind of those who want to see one.

Microsoft has never had plans to release avalanche now or in the future. That’s right in documents on their web site from long before this argument took place. (Of course if they get enough buzz going on the subject that might change.) It was a research project in the beginning and it is still just a research project. Check it out yourself John if you doubt what I’m saying. Just search their information data base and see for yourself.

Second BitTorrent has definitely become a tool of choice to deliver Spyware/Adware programs and such to an unsuspecting public. I don't have to take someone else's word for this John as I have found Spyware/Adware floating around in BitTorrent downloads myself. When I scan my system before and after a BitTorrent download and find Spyware/Adware programs that weren't there before the download then they came in the BitTorrent download.

End of story!

So that’s the reason and the only reason I've quit using BitTorrent for the time being. Not because of some conspiracy, nor because I’ve bought into any false rumors or stories but because I, myself, found Spyware/Adware programs on my system that came in BitTorrent downloads.

And Third few if any Spyware/Adware detection programs are able to look into BitTorrent packets and see the signatures of any Spyware/Adware they may contain. Once the creodonts that produce Spyware/Adware programs found this out they realized that they had a great opportunity to use BitTorrent to distribute their cr*p. By their using a respected, popular program with good security features an unsuspecting public is allowing Spyware/Adware programs to be downloaded to their computers without even suspecting it.

That’s why I have recommended that people either stop using BitTorrent or use it with great care. I based my decision completely upon what I found was happening not on rumor or speculation. I’ve taken a great deal of flack on my article about BitTorrent after your article John but I stand by my statements in this article and in the original.

My advice to those people using p2p software is as it was before your article; Use BitTorrent if you feel you must use a p2p program. None but BitTorrent meets any standard of security that I trust as being very good. Just remember though that having a secure method of transmitting data that prevents tampering doesn't mean anything if the data is corrupted too begin with.

If you want to use BitTorrent or any other p2p program make a full Spyware/Adware scan before and after downloading anything. That will allow you to trace any problems you have back to the source. And while I have been accused of everything from being a co-conspirator with Microsoft (don’t I wish I was that close to Bill and the boys!!) to being a fool, I’m neither. I’m just an honest writer who feels that BitTorrent should be avoided like all of the other p2p programs as being too dangerous to use because of the Spyware/Adware risk.

So my decision to add BitTorrent to the list of programs that are just too much of a risk to use right now still stands. I download data using methods that allow for scanning for Spyware/Adware programs during the download process and thereby avoid the risk that I might not find them later.

So should YOU not use BitTorrent John?

I’ll leave that up to you and let you decide what risk is acceptable in your case.

Why? Because it is your business what you download to your computer.

Just don’t imply that I’m involved in any conspiracy with Microsoft or anyone else to stop you or anyone who wants too from using BitTorrent. I just prefer to stand on the side of security and safety and I feel that should I tell others of my concerns.
John I have too much at risk to take unnecessary chances and I’m too concerned with others not to express my fears to them! If that’s conspiracy then so be it but I call it being careful and avoiding unnecessary risk while meeting a public responsibility to help with safe computing.

Frank Woodman Jr

Tuesday, June 21, 2005

Flexible Spending Accounts are going to get better in 2005.

For a long time now flexible spending accounts (FSA’s) have helped taxpayers handle things like child care and medical expenses by allowing employees to pay such expenses with tax free dollars. That has made life a lot easer for many people and resulted in tax savings for a great many Americans. (Especially in the area of medical expenses since not many can take advantage of the Sch A medical deduction due to the high exclusion).

A participant in an FSA is currently able to set aside up to $5,000 toward child care and medical expenses and pay for these expenses out of their FSA account. The down side to this system though has always been that any money not spent within the calendar year it was saved was given back to the employer. So if you saved money to your FSA in 2004 you had to spend it in 2004 or you lost it. This use it or lose it rule in has always made figuring out what to withhold kind of tricky. Save too much and you loose it back to your boss with no benefit to you at all (ouch) save too little and you had to pay the expenses out of your after tax dollars (ouch again).

Well there’s good news for people who use flexible spending accounts regarding this matter.

The have loosened up what they call the grace period and made it a little farer as regards the time you have to spend the money. Beginning in 2005 and there after you will have up to March 15th of the year following the contribution to your FSA to use the money.

That extension of the grace period has only one down side. Your EMPLOYER not you must ask that it be extended as part of their plan provisions. I can’t imagine that any employer would not do so but some might. I suppose if they get back a lot of money because employees are withholding too much it might cost them but other wise it’s of no difference to them. But you do need to check with your benefits, payroll, or HR department, depending on who handles your FSA program, and see what you employer plans on doing.

If they don’t say that it’s in the works and will be available to you for 2005 do a little lobbying. It never hurts to put a little pressure on to be sure such things get done. Kind of like the Roth 401k program I spoke about a while back. Don’t forget to see if your employer is going to start it on Jan 1st as well. You can easily lobby for both changes at the same time since they are going to be administrated by the same department.

Monday, June 20, 2005

Watch Out for Changes to 529 Plans!!

While I’ve always liked and recommended the 529 College plans they may become a little less attractive after 2010. I don’t usually like to speculate on changes in tax law that are to take effect more than a year or two out since they have a bad habit of changing. But since 529 programs are long term commitments and require a lot of lead time to implement I will make an exception in this case. Besides I’ve got a feeling that this is one change that will take effect due to the need to balance the budget while not changing or increasing the taxes.

Currently all gains on 529 plans are tax exempt when use for College under a sunset provision passed as part of the tax reform bill of 2001. That prevision is due to expire at the end of 2010. At that time, unless the 2001 sunset provision is extended, the old rules pertaining to taxes on gains will be restored.

Those rules only allowed for tax exemption for gains in a 529 plan until you draw them out. Much like the rules for IRA’s and 401k plans you would be taxed on any gains as you take money out of the plan whither it’s used for college or not .

Does that mean that I don’t favor 529 programs any more? Not on your life. They still offer one of the best programs for college tuition savings available. Maybe not as attractive as before but good none the less.

So keep the 529 plan but don’t count on the gains being tax deferred even when used for college after 2010.

Sunday, June 19, 2005

In the Here We Go Again Department

Now it’s FDIC that’s got egg on its face over poor security. It seems that the security breach of its employee HR records is much worse than first though.

For those of you who haven’t been following the recent rash of security problems in detail I’m sure you missed the FDIC story that came out recently. Briefly it had to do with the loss of employee HR records which was first reported in March of this year (2005) and was though to affect only a small group of current and former employees. At that time the FDIC contacted both the FBI and the employees in question that their personal data had been compromised (stolen).

The employee information stolen included the name, date of birth, salary, Social Security number and other such information contained in their personal HR files. That’s a total breach of personal information for those involved. I can’t imagine anything else that an identity thief would need to ruin you life except maybe a high speed internet connection.

Well now it seems that upon further investigation that not just the few employees contacted back in March were affected but ALL I repeat ALL current and past employees have had their data “compromised” (stolen).

So here we have the agency that is in charge of insuring and protecting our banking system as well as overseeing and notifying banks about how to secure sensitive information having all of their employee HR records stolen.

Worse to me is that it took further investigation to figure out that all employees were affected. You would think that it would be evident when the whole security system was compromised and all of the HR records had been stolen. That wasn’t the case though so for many of those employees who had their data stolen they also lost the help of early notification. The time it took to find out their data was taken is in some ways even more unacceptable than the loss it’s self.

Could you imagine coming home to find your house broken into and not noticing that rather than a few items being taken that the whole house was empty? Well that’s just what the FDIC failed to notice. Everything was taken not just some HR records but all of the HR employee records had been taken.

Why does this not surprise me?

Well again any system is only as good as the people who use it and most government agencies today aren’t any better at security than the private sector.

If you don’t separate digital data across different data bases, encrypt those data bases, provide physical protection to paper records generated, and destroy any old paper copies of information you dispose of then you will at some point lose data to thieves.

That doesn’t take a genius to figure out and it shouldn’t be so hard to do for such a large government organization to understand and implement. But time and time again they fail at it and so does the private sector.

So remember to be vigilant, watch your credit information, and protect your personal data so that you don’t add to the already growing problem of data theft. Just because others are sloppy and risk your data doesn’t mean that you shouldn’t be careful and do a better job.

Saturday, June 18, 2005

Hackers Strike Again and 40M Americans Stand to Lose!!!

To see just how bad things are getting with the security of our personal information you only have to read about the most recent case of data lost by Tucson-based CardSystems Solutions Inc., a third-party processor of payment card data.

Somebody gained access to around 40 Million credit card numbers and the related security codes necessary to use them on line. Master card seems to be the biggest loser in the deal with some 13 to 14 million card numbers possibility compromised but all the major companies have been exposed.

Richard Smith at his website ComputerBytesMan.com described it as eligible for “the Guinness Book of World Records.” Wither that’s true or not CardSystems joined the ranks of Lexus, Bank of America Corp, ChoicePoint Inc., Reed and Elsevier, and Motorola as recent major companies having customer information compromised by their lack of security.

This is more than unacceptable it’s just stupid. As major company after major company commits the same childish security blunders you have to wonder why they can’t learn from the mistakes of others in this business. To keep repeating the same dump practices over and over again defies logic.

By their actions these companies are going to force government involvement and then they will all cry bloody murder. Well I can’t feel sorry for them but I know who will bear the cost of all of these new regulations.

You and I will pay for their stupidity. Both by the losses from the theft of the information and the cost to implement any new regulations required to protect us.

There is no good reason for these data bases not to be encrypted so as to be less venerable. It comes down to greed as the companies involved reduce costs by lowering their IT expenses. Encryption software isn’t expensive and using it would at least make the data basically unusable by the thieves.

This case is made so much worse because not just the credit card numbers but also the security numbers required to use them on line were kept TOGETHER in the same data base.

How stupid can you get???

Any first year computer student could come up with a way to store these numbers in a separate data base to make it harder to match up both the credit card number and the security number. If I were designing a system to store that kind of information I would keep the card holder name, the card number, and the security code each in a separate data base. That way if you didn’t know how to combine these separate files you would only have lists of names and numbers that would be worthless. If these separate data bases were also encrypted it would make it almost impossible to compromise this data.

So……… If I can figure that out then why can’t these so called experts?

When are these companies going to be called to task?

When are they going receive the fines and criminal punishment they deserve?

Only when the public wakes up and demands that the government give some teeth to legislation requiring the protection of personal information in the private sector. These large, many times unknown, companies have an obligation to protect the data they gather about us. They owe us at least a modest attempt at having security that is able to protect us and that isn’t happening right now.

Personally I would like to see fines and in cases of real mismanagement criminal punishment handed out. It’s time to put a stop to this and to do it NOW not later.

A good article on the case is also located on eWeek at this URL
http://www.eweek.com/article2/0,1759,1829378,00.asp?kc=EWRSS03129TX1K0000614

Intermix Media Settlement with New York

Check out this eWeek article about the recent settlement against Intermix Media that resulted in a fine and settlement of $7.5 million dollars. At least this company has been brought to justice and it should serve to warn other such companies that retribution may be at hand if you go around spreading Spyware/Adware. You can read the entire article at; http://www.eweek.com/article2/0,1759,1828397,00.asp Let’s hope this sends a loud and strong message to these guys. Stop spreading this filth or else pay the price!!!!

BitTorrent and its Spyware/Adware Problems

Well folks it’s finally became such a problem that it can’t be hidden or over looked any longer. BitTorrent (the darling of tech bandwidth sharing download programs) has become a major spreader of Spyware and Adware. What started as only a small problem has become a real river of filth and trash as BitTorrent becomes only the latest in a long line of p2p software download programs to be taken over by Spyware/Adware distributors.

Let me make one thing clear. BitTorrent isn’t to blame as it’s impossible to stop this stuff and I knew it was only a matter of time before it became a problem for BitTorrent. If you use ANY p2p program not just BitTorrent it’s only a matter of time before you become infected with one or all of the following; Spyware, Adware, a virus, or a Trojan. Let’s just say that BitTorrent took a little longer before it had the problem because of its high tech base.

I first noticed it back in October of last year (2004) when I found that a download of Linspire I had made using BitTorrent was infected with an Adware program (yes even Linux has this problem). It got me to checking into what was going on and what I found was discouraging to say the least. Most of the savvy users of BitTorrent I knew had discovered that it was now spreading more and more Spyware/Adware infected programs.

It’s too bad as I loved BitTorrent and used it quite often to download programs because of its easy handling of large downloads. Even with my high speed cable modem it made many downloads faster and easer by reducing the bandwidth problems for servers downloading large popular programs.

But that is over as I no longer use BitTorrent’s program anymore. The chance of infected downloads is just too great right now. So sadly I bid goodbye to a program that I used and loved. Does this mean that you shouldn’t use BitTorrent? Well I’ll leave that up to you but I don’t think that it’s a good idea if you’re concerned about security.

So a word to the wise avoid BitTorrent unless you have a good compelling reason to use it and be sure to scan and examine anything that you download or you will be opening the door to a lot of security issues.

For additional information about this problem check out this recent article from eWeek;

http://www.eweek.com/article2/0,1759,1828633,00.asp

Friday, June 17, 2005

A Timely Quote from Steve Job's Commencement Address

I received this quote in an email today and felt that I should share it with you. If you follow this advice your life will always be more successful and happier so take it to mind and use it today. You'll see the difference I promise.

Do you know who Steve Jobs is?

If you don't, his success story is legendary.

Put up for adoption at an early age, dropped out of college after 6 months, slept on friends floors, returned coke bottles for 5 cent deposits to buy food, then went on to start Apple Computers and Pixar Animation Studios.

Steve Jobs is one of the most successful entrepreneurs of our generation.

On June 12th 2005, Steve Jobs gave the commencement address at Stanford University and I want to share with you a few clips from his powerful speech.

From Steve Jobs commencement address:

"Sometimes life hits you in the head with a brick. Don't lose faith. I'm convinced that the only thing that kept me going was that I loved what I did. You've got to find what you love. And that is as true for your work as it is for your lovers. Your work is going to fill a large part of your life, and the only way to be truly satisfied is to do what you believe is great work. And the only way to do great work is to love what you do. If you haven't found it yet, keep looking. Don't settle. As with all matters of the heart, you'll know when you find it. And, like any great relationship, it just gets better and better as the years roll on. So keep looking until you find it. Don't settle.

"When I was 17, I read a quote that went something like: "If you live each day as if it was your last, someday you'll most certainly be right." It made an impression on me, and since then, for the past 33 years, I have looked in the mirror every morning and asked myself: "If today were the last day of my life, would I want to do what I am about to do today?" And whenever the answer has been "No" for too many days in a row, I know I need to change something."

"Remembering that I'll be dead soon is the most important tool I've ever encountered to help me make the big choices in life. Because almost everything all external expectations, all pride, all fear of embarrassment or failure these things just fall away in the face of death, leaving only what is truly important. Remembering that you are going to die is the best way I know to avoid the trap of thinking you have something to lose. You are already naked. There is no reason not to follow your heart."

"Your time is limited, so don't waste it living someone else's life. Don't be trapped by dogma - which is living with the results of other people's thinking. Don't let the noise of other's opinions drown out your own inner voice. And most important, have the courage to follow your heart and intuition. They somehow already know what you truly want to become. Everything else is secondary."

P.S. This quote is most timely with the recent death of Corey Rudl the internet marketer. He certainly followed it everyday he lived and I'm sure he went just the way he would have wanted. Doing what he loved both in his private life and in his business career. As always the good ones seem to go all too soon from our lives.

Take care and God Bless,
Frank Woodman Jr

On Google vs. MapQuest the Winner is???

Use this URL address;

http://hostingproject.info/Zilos/googlex/

It will take you to a great page where you can chose from all of Google’s web tools. On this page with a click on an icon you can jump to any Google service. It’s not a page that is hosted by Google but it should be as it makes getting around between all of the many Google web services so much easer.

It’s just much quicker than going to google.com and trying to get around.

Anyway go there and click on the map icon to check out the new Google map site. Google is giving all of the other map sites a real run for their money. MapQuest is going to have to work hard to hold on to number one.

Google’s maps and directions look nicer and you can have local search information shown right on a map. Do a search for “pizza parlor” and bingo the map shows flags of all of the pizza parlors that are close to the entered address. One thing for sure Google just doesn’t rest until it puts out a better product in what ever service they are providing.

P.S. Be sure you play with the satellite view feature in Google maps. It’s so cool the way you can jump from map view to satellite view with just a click on the control bar. You can even see your rout in map view or satellite view with just a click to toggle from one to the other. Using the satellite view can help to make the map more understandable and easer to follow.

Any way check it out and see what Google maps are all about if you haven’t already done so.

P.P.S It’s interesting to note that while Google has been busy pushing online map services up a notch both Microsoft and Yahoo have been busy pushing hard to move up a in the fight to dethrone Google as the number one search engine. Google needs to be looking over their shoulder and watching the competition.

Both MSN and Yahoo have undergone some real changes that will up the pressure on Google to add features to their search engine. If you haven’t tried them out recently it’s time you revisited both MSN and Yahoo and checked out their search features again.

You might be surprised to find that both offer some real interesting choices and that for some types of searches they may beat Google. (I never though I would ever say that as Google is something I use constantly!!)

Anyway it’s going to be an interesting year with all of the battles going on in the search engine arena. The winner is yet to be determined but Google still leads the pack as much by momentum as by anything else. Everybody else is playing catch up and Google certainly isn’t going to make it easy for them.

Sunday, June 05, 2005

Is There Any Hope for Computer Security or are We Doomed??

Part 1

This article is the first in a series of articles looking at where we stand with computer security today and what we need to be doing in the near future to address this problem. I’m going to look at computer security and present both my security concerns and some answers on how to achieve a reasonable level of security for your system.

The need for this series of articles became evident to me when I started to write the current security measures that I use to protect my computer systems while keeping my personal information and my client’s business data safe.

It soon became evident to me that what I was going to propose to the average computer user was going to seem to be way over the top. I felt that without some explanation most readers would feel that my suggestions were to expensive, require too many programs, and take more time than necessary. It’s my hope that with this series of articles I will show you why all of these measures are both prudent and necessary.

Here a Computer, There a Computer, Everywhere a Computer.

As a society of computer users we have come to depend on our computers for so many things that we’ve become trapped as innocent pawns in the consent and ever changing battle between the thieves, hackers, crackers, and spam ware artists vs. the computer security industry.

Computers are already in our phones, our cars, our TV’s, and surprisingly enough our refrigerators. They control our power girds, clean our water, handle our sewage and even diagnose our medical problems. We are facing a world in which computers are in everything we use and control most of what we do. So computer security will become even more important in the future than anyone can imagine.

That means that on the one hand we can’t exist with out using our computers for everything from our kid’s homework to our online banking. While on the other hand we live in constant fear that we are at risk for everything from identity theft to having our bank accounts cleaned out. It’s the preverbal being caught between a rock and a hard place.

The first thing to note is that currently we’re losing ground in this battle. If we all don’t take major steps to address the current security problems that exist email and many other features we’ve came to rely on are going to become unusable. Our data both business and personal must be protected from loss and misuse if our society is to realize the great promise of our technology. We must win this battle at any cost and we can’t afford to sit on the sideline and hope that things will work out. Like it or not we have been drafted and we’re all in the fight.

So what fuels this war of the geeks and the freaks?

The sad fact of the matter is that for most of the perpetrators it’s really only a game. They are just in it for bragging rights and to feed their massive egos. Like a video game the damage and destruction they cause is of no more concern to them than the vandal writing on a restroom wall. We saw a good example of this with the recent verbal baiting and taunting between virus writers. For this group there is hope that education can eventually help to reduce their numbers.

For the rest it’s just an easy and profitable form of theft. When you find a way to steal large sums of money with only a small chance of getting caught it’s certain to attract the attention of criminals and opportunists. Recent trends and schemes show that even organized crime is getting into the act. Lots of money to be made with little risk sure sounds like a criminals dream. The only thing that this group will understand is quick, harsh punishment but even that won’t completely prevent it.

But whither they are deceiving us with phfishing schemes, stealing our passwords and personal information with key loggers, or just destroying our hard drives with viruses it is becoming harder and harder to stay ahead of those who would attack our computer systems whatever their motivation.

We will only solve the computer security problem by education, legislation, and hard work.

First, we must join in the battle and through education and by staying constantly vigilant we can reduce the risk both to ourselves and everyone else.

Second, we must be willing to devote resources to solving the problem. Yes it does cost money and it will take time to keep our systems clean and protected. But it will be well worth it if we keep the free and open use of out computers without risking our safety and privacy.

Third we must recruit others to the fight. Far too many people feel that this is someone else’s problem. It’s not going to be the computer industry, nor is it going to be the government, but us as computer users that will solve this problem. Remember no legislation or magic software program will take the place education, vigilance, hard work, and common sense.

As the cartoon pogo (sorry if this dates me since it comes from the 60’s) said, “We have met the enemy and they are us!”

So What are the Major Risks to Our Computer Security?

Email and its lack of protection as both a source of Spam and Viruses.
Trojans and key loggers.
Spyware and Adware.
Bot systems and denial of service issues.
Staying alert since NEW risks are always being created.


So join me next in a detailed look at these risks and what we can do to reduce them.

Experts Warn of Growing Trojan Threat

Experts Warn of Growing Trojan Threat

Friday, June 03, 2005

Security Alert for Netscape 8

Just a quick alert to let you know that the much awaited release of Netscape’s browser (version 8) has some security issues you should be aware of. I mention this because I don’t want the quick patch release they made for other security issues to make you think that all is safe and sound with version 8.

It seems that the trusted site feature is currently allowing some sites that are known Spyware/Adware sites to download software to a user’s computer. Sites are supposed to be checked against a white list/ black list screening system to determine if they are trusted or not.

This scanning should be blocking questionable sites that are known to download Spyware/Adware from being able to download software to a user’s computer. For reasons that aren’t being made clear that isn’t happening.

EWEEK tested and found that the green "trustworthy" symbol was displayed on both hotbar.com’s home page and on ABetterInternet.com’s home page. I checked out the sites of Hotbar and ABetterInternet (two sites that are notorious for their Spyware.) for myself using Netscape 8 and found that both sites did receive the “green” or “trusted site” rating.

Worse still I then verified that both sites had successfully downloaded their nefarious software by scanning with spybot search and destroy and finding the software downloads in place and seemingly functional.

Not what I was hoping but my findings none the less.

In theory since these sites are listed on one of the lists that the trusted site scanning engine is supposed to use (Aluria's list of Spyware/Adware) and they both should have been blocked from making any software downloads and shown as none trusted sites. That certainly wasn’t what I experienced.

Netscape’s use of third party lists and rating systems is part of the problem. Several of the lists being used don’t address Spyware/Adware issues at all. Some are trade associations while others deal with business issues like privacy of customer information. These groups and organizations aren’t the ones to help with detecting Spyware/Adware sites. Netscape should be using only lists and organizations that are known and trusted as experts in the field of Spyware/Adware detection and prevention.

A good example is the use of TRUSTe. Their rating system and therefore the sites bearing their seal of approval don’t address the issue of software downloads, Spyware or other wise. This is according to no less than Fran Maier the executive director at TRUSTe. Their seal of approval only addresses the rated company’s privacy protection policy. Certainly something to know and be aware of but not something that pertains directly to the Spyware/Adware issue.

Anyway until Netscape gets things working as advertised with the trusted site rating system use caution and be sure you keep your Spyware/Adware scanners up to date. Remember safety lies in continuing to scan your computer system often no matter what browser you use.

It is unfortunate that this has to happen just when the Foxfire browsing engine (used in both the Netscape 8 and Foxfire browsers) has been gaining on IE mainly due to better security and more advanced features. But bear in mind that both Netscape 8 and Foxfire for that matter are very good browsers and are a step above IE in security with or without the trusted site feature.

Let’s hope that Netscape cleans up this problem soon like they did with the other security issues that were patched shortly after version 8 was released. We need to have a reliable and secure second choice in internet browsers.

Let’s hope that Netscape and Foxfire keep pushing Microsoft to improve IE or we’ll be stuck with poor security and no improvements in browsers for years to come. It is encouraging to see Microsoft rushing to release the next version of IE much sooner than was expected.

Thursday, June 02, 2005

The Truth about the NEWS and What it means.

I’m sitting here reading the newspaper and thinking about some of the recent events that have been in the local news. This has caused me to think about the truth of the “NEWS”. To ponder and think about the many things that make the “News” and the many things that aren't covered is to give though to the truth behind the “NEWS”.

I've always pointed out that it's not news that where I live 300,000 thousand people go home every night, go to bed, sleep undisturbed and get up the next day to do it all over again. When nothing happens to them that isn’t news and their stories aren’t considered as news worthy.

So the news isn’t about reality it’s about a unique and unusual musicale part of reality. It is a microscope seeking out the unusual and unique to show us what’s different and not what is normal or usual.

We don’t see a picture of the hundreds of houses in our neighborhood that are fine and ok we see the one that caught fire. We don’t hear about the hundreds of friendly dogs who play lovingly with their families we hear about the one that bites a kid. It's the three idiot gang members that shoot at each other that gets attention not the hundreds of good kids that go to school everyday and cause no trouble.

So we all need to remember that the news has always distorted and damaged the public’s perception of what's normal and expected. If the public doesn't learn to judge the news and rate it’s importance while remembering that then we will all forever live in fear of the wrong things being while being manipulated by who decides what is being shown and reported as “NEWS”.

Remember if its news it's because it is unique and seldom happens and if it was truly normal it wouldn't be covered or mentioned at all.

So don’t live in fear of the things they are telling us about on the “NEWS” and be on the lookout for the real dangers in your life. Trying to judge the importance of things by their real chance of happening and not some imagined danger to our safety is the real key to our security, piece of mind, and freedom.

Wednesday, June 01, 2005

Is it a Hoax, maybe a lie, or just a rumor?

Maybe you should find out first before you spread it around.

A friend recently forwarded me an e-mail about StarBucks and how they weren’t supporting out troops in the Middle East and should be boycotted. This is a person I’ve known since college and is a fine man in all regards. He’s that kind of friend that you know you could trust with anything and over the years I have found him to be beyond reproach. He’s someone who would never dream of spreading gossip or stories about someone even if he though they were true.

Yet here on the net he was only all to willing to press the forward button. So what makes such a person so eager to blindly forward an email without even a moment’s though or investigation? That is a question I wish I could answer but somehow I fear that I never will. It is possibility one of the great mysteries of the internet. Certainly not something we’ll answer here today but ……anyway.

I immediately went to StarBucks web site and found the information to refute the email I had received. It took less than 5 minutes to discover that this email was incorrect and should not be circulating. I took a moment and sent a reply to everyone on the mail list including the friend about what the facts were and where they could find out the information to verify what I had written.

I felt good knowing that I had helped to kill an untrue story.
But guess what I found the next morning in my email box. The same email sent by three other people I know. Again I sent them the email that I had sent the night before. But this story only shows how things on the net never die and that even people that I consider reasonable and caring people will forward almost anything they receive in an email without any checking or verifying.

Folks this is something that is against the whole concept of the web. The web is the one place in the world where an almost unlimited amount of information is available. That means correct information should rule but the sad truth is that too many people don’t check things out that they hear or see on the web. They just hit that forward button and keep the junk flowing.

So with the though that in mind that if people knew where to check things out maybe they would do it I am listing my favorite sites for checking out on rumors, stories, hoaxes, and such.

Please check with one or more of these sites BEFORE you send on junk you get in your email box.

http://www.snopes.com
http://urbanlegends.about.com
http://www.scambusters.org/legends.html
http://www.factcheck.org (political content)
http://www.breakthechain.org (chain letters)

Just remember this stuff is as bad as or worse than SPAM so keep that in mind when you consider forwarding anything.
MAKE TIME FOR SAVING THE TRUTH
OR THE LIES WILL END US ALL!!!!

What in the World is FACTA and Why Should I Care?

Starting last December major changes were made in the federal Fair Credit Reporting Act by the passage of FACTA. Since this law has taken effect it hasn’t gotten the attention that it deserves. That’s why I felt that I should discuss it here.

The Fair and Accurate Credit Transactions Act

FACTA for short strengthened the federal Fair Credit Reporting Act which has been in effect for several years. Now numerous rules and provisions are in effect that are going to mean lots of changes for Americans and how their personal data is protected by businesses, professionals, and others. These changes are going to be far reaching and for the most part positive.

While most of the bill and it changes are good for consumers (for a change) there are some parts that aren’t all they could have been. I think that the worst part is where the states are bared from passing any laws that are more restrictive than FACTA. That is another nail in the coffin of states rights on consumer issues. While I think that Federal laws in this area are going to be the best total solution to bring both protection and consistency that doesn’t mean that if the states want to address some of these areas with stronger legislation that a weaker Federal version should take precedence.

Any way the following changes have either take effect or will shortly take effect.

Federal rules and regulations either now or soon will require that credit card receipts and such data not be printed in full to prevent data theft. (Exceptions for hand written embossed receipts are allowed which is unfortunate.)

Businesses that handle medical, financial and other important data in printed form are required to shred documents before they throw them away.

Electronic data must be deleted by a secure method that makes recovery difficult to impossible.

A new alert called the “fraud alert” allows consumers to have credit agencies flag their accounts to alert potential creditors of possible fraud. Once a fraud alert is placed on an account a potential credit provider must call a phone number listed by the consumer to verify the transaction.

Military now have the “active duty” alert to flag their accounts while they are out of the country on active duty. Military personal have been prime targets for identity theft artists since they aren’t going to find out for sometime that their account had been compromised and they are out of the country and unable to actively pursue the matter.

Consumers will in many cases be able to obtain free credit reports after filing a fraud alert and or an active duty alert.

Victims of identity theft will now be able to obtain the records of the transactions or have them sent to any police or federal agency necessary. This goes a long way in helping them to recover from identity theft and restore their credit.

And the list goes on and on covering such things as your rights as a credit consumer, how to dispute inaccurate information, when a notice of negative information is required, how medical information is handled, your right to a free consumer credit report, and it even addresses regulation of agencies besides credit reporting agencies with the section dealing with what are called nationwide specialty consumer reporting agencies.

It is hard to believe that the same Congress and Senate passed both the new Bankruptcy bill with all of its negative impact and the FACTA with it positive protections against identity theft. Go figure sometimes even the Government can do something right!!

You may remember the story about how an unlimited number of monkeys typing away on an unlimited number of typewriters would finally be able to create a great work of literature. Well this bill proves that story has some element of truth. ;-)

Anyway this bill much too long to cover in its entirety here but to see a great review and study of the whole bill and its importance check out this site. It is definitely a bill that you should read and understand.

http://www.privacyrights.org/fs/fs6a-facta.htm

I will also be writing a short article about how this bill will affect you if you have a small business. These new requirements are going to require everything from shredding a lot more paper to having in place better electronic records management.

DON’T LET THIS FLY UNDER THE RADAR AND GET YOU IN TROUBLE.

These new rules require a careful study of your day to day business practices and should be the signal to study all aspects of customer privacy as practiced by your business. Wither your an accountant or an Avon lady you will come under these previsions and you need to be prepared or face strong fines and consequences.


(This site carries a lot of great information on many issues that deal with consumer rights and legislation. Bookmark it and check it out once in a while for lots of good reading.)