Tech

I can’t say for sure if I had anything to do with it, but I’ve been trying to drum up awareness of Google’s intent to build experimental fiber networks in one or more comunities for about 3 weeks now (see Genesee County Should Host Google’s Experimental Broadband Network and it’s follow-up).  While I never received any replies, I see that there has been an announcement that we’re finally throwing our hat into the ring.

The Mayor of Topeka, Kansas has temporarily renamed his city “Google, the Fiber Optics Capitol.”  Duluth, Minnesota’s mayor jumped into Lake Superior.  Other cities have facebook pages.  All to drum up awareness and community support for their efforts to get Google’s attention.

So far Genesee County hasn’t announced any publicity stunts, but hopefully with the mayor, the board of commissioners, and “several institutions or municipalities, including Genesee County government,” we’re putting together an attractive proposal.  Lord knows we can use the positive impact Google could make on our community.

Fake anti-virus programs, rogue security software, extortion-ware – whatever you want to call it, this kind of malware is still prevalent.  They usually start with some pop-up message warning you that your system is infected and offering some free download to clean your computer.  Generally, no matter what you choose, if you click on it at all, it installs a worm or virus.  After that, this malicious software will peform a fake scan, and report all sorts of nasty infections, none of which your PC will actually have.  The program will try to convince you to pay for an “upgrade” which will clean all these reported nasties out.  From beginning to end, the whole ordeal is a scam designed to steal your money.

I’ve put together a short guide, showing how to spot and avoid these scams, links to ways to remove them, and where to report them if you become a victim.  Please check out How to Protect Yourself Against Scareware, on Associated Content.   For more in-depth analysis of scareware, see this article from Viruslist.

Astroturfing is the practice of creating fake grass-roots organizations to sway public opinion.  According to freepress.net, “Astroturf groups fighting media reform manufacture the impression of public opposition to issues like Net Neutrality to sway policy makers and the media. What these groups won’t tell you is that they’re bought and paid for by the phone and cable industry.”

One recent example of astroturfing cited in Wikipedia includes several self-proclaimed seniors groups, whose biggest contributor is the pharmaceutical industry.  Another is the “Save Our Species Alliance”, which calls itself a grass-roots organization but is actually a front group for wealthy cattle and timber interests.

For the past several years, the telecommunications and media giants have engaged in some pretty shady practices, including astroturfing, in order to obfuscate the so-called Net Neutrality, or Internet Neutrality debate.  Click on the interactive control to the right of the text (couresy of freepress.org) to learn more about how much these companies are spending in order to convince the public and our lawmakers that net neutrality is a bad thing.

Last week I mentioned that I was trying to raise awareness in Genesee County of Google’s interest in building a high-speed fiber network.  I had sent out several emails, mostly to members of the Genesee Regional Chamber of Commerce (GRCC) and the Genesee FreeNet.  Not having received any responses as yet, today I placed a call to Keith Edwards, Senior Development Director of Economic Development of the GRCC.  Mr. Edwards informed me that they are indeed aware of Google’s intent, and were planning on meeting Monday to discuss this.  Apparently he did not receive my email, but said someone in their IT department had brought it to their attention.

Hopefully we’ll see something come of this.  Maybe I’ll call him back after Monday to see how things are going.

Google is seeking one or more communities in which to develop an experimental broadband high-speed fiber network. Google is interested in hearing from state, county, and municipal agencies in order to determine where to develop this network.  I’ve been trying to raise community awareness of this for several days.  So far, I don’t think I’m getting through to anybody.

Below is a copy of an email I’ve been sending to community leaders.  On February 16th I sent it to the Michigan Works Association, The Genesee County Board of Commissioners, the Genesee FreeNet, and the Economic Development arm of the Genesee Regional Chamber of Commerce.  I also placed a call to the Genesee FreeNet (of which I’m a charter member) to make sure they got the email.

The message to the Regional Chamber of Commerce was to a generic office email address, and it bounced as undeliverable.  So the next day I sent the same email to various office-holders of that organization, including the CEO and 3 vice presidents of economic development.

At the time of this writing (evening of February 19th) I have received no reply.  I intend to send out more emails, and to follow some of these up with phone calls.

The letter:

Greetings from a hopeful Genesee County citizen. This email is meant to bring awareness to the fact that Google is seeking one or more communities in which to develop an experimental broadband high-speed fiber network. Google is interested in hearing from state, county, and municipal agencies in order to determine where to develop this network.

I believe Genesee County is the ideal place for Google to build out this infrastructure. Not only do we have the talent and drive to help Google achieve its goals, but we understand the economic and cultural importance of a connected community. For example, we founded the Genesee FreeNet over 15 years ago, and it still exists because of the knowledge and generosity of its volunteers and members.

I know there have been efforts by insightful groups of people to develop community-wide broadband access in the past. Perhaps this initiative from Google can serve as a springboard toward realizing that worthy goal.  Time is unfortunately short. Google is asking for input between now and March 26th before making its decision. Please visit the site, watch the short video and read the introduction Google has prepared. We then need to bring to bear all powers of persuasion possible, to convince Google of the wisdom of investing in Genesee County.

Google Fiber for Communities:

http://www.google.com/appserve/fiberrfi

–
Joe Poniatowski
Charter Member, Genesee FreeNet

If you can think of anyone else who can help make Genesee County the site of an exciting new model of high-speed interconnectivity, either pass this information on to them or send me their contact information and I’ll do it.

Encrypting with TrueCrypt

In an earlier post I wrote about some of the free encryption options for PC users.  One of the products I talked about was TrueCrypt, and others agree with me that it is a good option for data encryption.  I decided to take it a step further, and wrote a How-To article using TrueCrypt.  It’s a pretty detailed beginner’s guide to creating encrypted volumes on a Windows PC.  Performing the same operations in Linux wouldn’t be that different, since the interfaces are very similar.

Free Virtualization Options

One of my Suite101 articles covers the Benefits of Virtualization on PCs.  The benefits are summarized here:

• Run Alternative Operating Systems
• Safer Internet Browsing and Banking
• Software Testing on VMs
• Customized VMs for Multiple Users
• Snapshots for Easy Backup and Restore

Again deciding that an easy to follow beginner’s guide was warranted, I wrote a Tutorial for getting Linux running in a Virtual Machine on Windows, using VirtualBox.

Encryption and Virtualization for Configuration Management

Both of these technologies can play an important role in config management.  Configuration files containing server information, passwords, etc. are often necessary in the deployment of applications.  Leaving them in plain-text is an invitation for disaster.  Sooner or later, someone who shouldn’t will see the information and gain unauthorized access.  This doesn’t even have to be someone with malicious intent in order to be dangerous.  Some of the worst mis-haps in the tech industry have been caused by well-meaning employees who had more access than their role and expertise warranted.

Virtualization too has it’s advantages for a configuration manager.  If you can create VMs to represent the target servers and workstations, then you can develop, test, and tweak your deployment methods – particularly with respect to automation – without risking any real environment.

These ideas and articles just scratch the surface of the usefulness of encryption and virtualization.  The latter, especially, has a lot to offer in the workplace, including disaster recovery, remote control, backup and restore, etc.   Both technologies can increase the security and reliability of configuration management practices.

One common objection people cite when discussing a switch from Windows to GNU/Linux (or FreeBSD, OpenBSD, etc.) is the fact that none of their programs work there. They’ve been led to believe that the programs they’re using are the only ones they can use, usually because of a work or school requirement.  Sometimes, they just don’t want to have to learn to use new software.  The fact is, most of the free software available for Linux also runs on Windows.  Another point is the fact that most of the productivity / office software available for free can import and export files usable by Microsoft Office, or offer even higher degrees of compatibility.

To ease the transition from Windows to Linux, users can start implementing the open-source alternatives to commercial software while staying within the Windows operating system.  As they master each piece of software, they can adopt the next one, until they’ve completely weaned themselves from the commercial variants. [click to continue...]

I previously reported that I had become a contributing writer on Suite 101. For my first article, I decided to summarize some of the Best Free Encryption options available for computer users.  I covered the pros and cons of Encrypting File System (EFS), TrueCrypt, and GnuPG.  Here’s the quick rundown:

• EFS: OK for Windows users who aren’t using a home / basic edition of Windows.  Can’t encrypt on removable devices.
• TrueCrypt: Good for encrypting not only sections of the hard drive (or entire partitions), but also removable media like thumb drives, CDs, etc.  Encrypted emails possible, but not ideal.
• GnuPG: Best for end-to-end encryption of data at rest and in transit (via email or IM).  Most complex to set up, but messages can only be decrypted and read by the intended recipient.

For download links and full details, please check out the entire article.

What is hosted email security?

Hosted (outsourced) email security is a service offered by 3rd party providers which handles the scanning of inbound (and sometimes outbound) email messages. Following the trend toward SaaS (Software as a Service), or “Cloud Computing” as it is becoming known, hosted email services handle such things as spam filtering, virus and other crimeware removal, phishing protection, etc.

Recent Growth and Projections

The last several months have seen spending on outsourced email hosting and security grow at the substantial rate, primarily among small to medium sized businesses. The growth rate within larger corporations (greater than 2500 users) is smaller but also increasing measurably. According to IDC, The Radicati Group, and other analysts, these growth rates should continue to accelerate over the next few years, exceeding an estimated $2 billion by 2012. This represents a 40% growth in the number of seats over today’s figures.

Already, about 5% of SMB users are utilizing hosted email security solutions, a figure expected to grow to 9% over the next few years.

Advantages to SMBs – Reasons for Growth

A variety of reasons are cited by researchers and subscribers for outsourcing email security, but the main ones are:

• Lower Network Resource Requirements: Spam entering a company’s network incurs bandwidth and storage costs, even if it’s caught in spam filters. Outsourced spam filtering solutions only allow legitimate email to enter the network.
• Fewer Maintenance Costs: The costs of acquiring, configuring, and keeping spam filters up to date can be extensive for in-house solutions, especially when you include the cost of the admin’s time.
• Malware Protection: While an outsourced solution shouldn’t replace in-house virus scanners, keeping up with the latest threats becomes the burden of the solution provider for email. These companies often employ up-to-the-minute malware updates and multiple scanning engines.
• Business Continuity: Should a company’s own network fail or become compromised, the external service provider can queue their mail for a period of time, until their Disaster Recovery Plan is executed (you do have a DR Plan, right?).

Reservations

Not everyone is jumping on the bandwagon. The biggest concern expressed by potential customers is the perceived security and reliability of the service providers’ network. However, research done by NetworkWold indicates that many of these providers maintain infrastructures more robust and secure than that of most of the enterprises they serve. Another issue is the concern for the safety of confidential information being in the hands of an external agency, which is why most subscribers only use these services for inbound email, even though some providers offer outbound filtering as well.

Outlook

As IT departments strive to cut costs while maintaining service levels, more will be looking at the ROI offered by outsourced security solutions.

Legendary writer and author Jerry Pournelle sent me an email! OK, so I’m a subscriber on his website and he sent it out to everybody, but still, I thought it was cool. The message was a warning about the fact that malicious hackers had compromised the online job boards and were selling their services to spammers and scam artists. Monster.com, hotjobs.com, and other mainstream job boards are affected. You can get the details here.

I became a fan of Jerry’s writing in the ’80s when he was a columnist for BYTE Magazine. This was back when magazines printed a lot of useful technical information, hacks, program listings, and electronics projects. A fellow programmer was a subscriber, and introduced me to the magazine, and particularly “Chaos Manor,” Jerry’s column. When BYTE was sold to another publisher, it’s format turned more to product reviews and coverage of the IT business industry. In other words, it became geared more for managers with IT budgets and less for programmers, hobbyists, and end users. Not long after that the magazine ceased publication altogether.

I missed Jerry’s anecdotal accounts of his struggles with technology. He did product reviews too, but always from the first-person perspective of a non-technical person (an author) actually trying to implement, rather than just cover, the products. His often humorous tales were always informative and entertaining. I was delighted when I discovered a year or so ago that Jerry was still writing his Chaos Manor Reviews, as well as Other Musings. I should have known that his talent and desire (need?) for self-expression would have steered him toward the online publishing world, and was chagrined that I hadn’t thought to search on his name sooner.

My home server, which acts as a development web server as well as a file and print server for the numerous PCs around my household, was running on SUSE Linux 10.0. This version of SUSE was the only one of its kind, before Novel re-branded the free version of the OS as OpenSUSE. It was getting increasingly difficult for me to get the updates for SUSE Linux 10.0, so I figured it was time to upgrade to something a little newer. Of course I was planning on loading OpenSUSE 10.3, the current stable release.

Looking for ultra-light linux for kids’ PC

About this time my kids’ old Window 98 PC seemed to be grinding down to a halt as they tried to get it to do more – IM, online games, etc. I tried a couple of small linux loads known for good performance on old hardware, like Puppy Linux and Damn Small Linux (DSL). While both of these are great distros, on this hardware Puppy Linux bogged down with too little memory, and DSL had problems with the USB wireless network adapter on that PC. I even put in an old 16 bit Intel NIC and spent a couple of evenings fishing CAT-5 cable through the attic and wall, but still had some problems with DSL recognizing it.

Someone Mentioned FreeBSD

On some forum (can’t recall where), someone mentioned FreeBSD as a viable option for old, slow hardware, so I decided to try it out on the kids’ PC. After some tweaking of the device hints to get it to use the old NIC, it worked great. Performance is acceptable for the hardware (300 mhz Pentium II), and it runs most Linux software in addition to native FreeBSD code. After some more online research about the relative strengths and weaknesses of FreeBSD vs. other BSDs vs. Linux, I decided to reload the server with FreeBSD. This server is built on a DELL Dimensions platform, with a 2 Gigahertz Intel processor and 256 Meg of memory. It has 2 internal hard drives, a 30 Gig Maxtor 6E030L0, and a 160 Gig Seagate ST3160215A (which came out of a failed external USB SimTech drive.

The Plan

Since the Seagate had a lot of unused space, I wanted to use part of it to back up stuff I wanted to save, but I also knew I would need some of it free for the FreeBSD installation. The trouble is, it was formatted as a ReiserFS file system, which FreeBSD can read but not write to. So the plan included steps to shrink that file system and leave enough unallocated space for FreeBSD to create usable storage. So the steps in general were:

1. Estimate space required to backup user data and development work.
2. Shrink the ReiserFS file system to create unallocated space on the disk, but leave enough on ReiserFS to accommodate the backup.
3. Change the partition sizes on the disk (shrinking the file system does not affect the underlying partition size).
4. Backup desired files.
5. Download FreeBSD and create installation CDs.
6. Install
7. Restore files and configure applications (samba, cups, apache, quanta Plus, etc.)

Next: Part 1 (coming soon): Using resize_reiserfs and cfdisk.

Several months ago I wrote an article for a Helium Marketplace publisher.  My submission was not selected, but I find that it is one of my more popular articles on Helium (definitely in the top 3), so I thought I’d share it here.  Please read How to find out what’s running on your PC (and why this is important).  Let me know how you like it.

The other night I spent about 2 1/2 hours at the house of a friend, trying to free his PC of some particularly nasty malware, SpyGuarder and Vista AntiVirus 2008. Both are classified as rogue anti-spyware programs. This type of malware attempts to trick you into buying their full versions by running free scans with a trial version, and showing you all sorts of viruses, trojans, keyloggers, etc. with which your system is supposedly infected. They then offer to remove all these infections if you’ll just click the link and upgrade to the full version of their program, which of course, costs money. There are a number of problems with both these programs.

1. Your system doesn’t really have the infections these programs claim. Or to be more accurate, they have no way of knowing one way or another, since the so-called “scans” they do are completely fake. Nor could they remove the infections if you did have them, since they do not actually fight spyware or viruses, but are likely to install some of their own. Of course, if you elect to do this, future scans will say that your system is now clean.
2. These programs are obnoxiously persistent. Any attempts to cancel the scans, close the windows, or kill the processes just result in another process being launched.
3. These programs prevent legitimate anti-spyware programs from installing and running. Generally, when trying to clean spyware out of a system, one of the first things I do is install and run Adaware from lavasoft. Vista AntiVirus 2008 would not let me install it, popping up a fake system message saying basically that the Administrator for the PC has configured it to disallow “installations of this type.” Spybot Search & Destroy did work, but did not remove the two nasties I was dealing with. SpyGuarder similarly prevents the task manager from launching, claiming that “Task Manager has been disbled by your Administrator.”
4. The presence of either of these programs indicates that you may have the zlob or other dangerous trojans.

No doubt some of you would have advised me to run various legitimate anti-malware applications like SpyHunter, which can apparently automate the removal of SpyGuarder and Vista AntiVirus 2008. Pride and miserliness made me opt to do it by hand, which I did with the help of instructions found here and here.

Vista AntiVirus 2008 has several other identities, all which do the same bad things to your system, such as Windows Antivirus 2008, Windows AntiVirus Pro, etc. These, as well as SpyGuarder, are advertised on professional-looking web sites, and give the appearance of being the most advanced anti-malware products on the market. Do not be fooled, do not install either of these products – the commercial or the free versions – on your computer under any circumstances. If you find you have been infected with either of these anyway (it’s possible to pick them up via “drive-by” infection), take steps to remove them immediately.

Added 7/1/2008: I had to go back and remove yet another fake security program. His commercial virus protection had long since expired, so I installed AVG Free, which found and removed about a dozen viruses and trojans, but then his desktop and taskbar disappeared. After searching around on the internet, I found that Malwarebyte’s RogueRemover Free is a great free tool which completely fixed the desktop problems and removed some additional adware / spyware. It will definitely be joining Adaware and Spybot Search & Destroy in my arsenal.

Anyone who’s used a personal computer for more than a week or two has undoubtedly noticed a gradual decrease in performance. There can be a number of causes for this, and a number of steps you can take to recover this lost performance. There are also a few preventative measures that can help keep your computer running at top efficiency.

Spyware and Adware – sources and removal
Spyware and Adware are two types of malicious software (AKA malware) that infect PCs. Spyware collects information about a user’s surfing habits, purchasing preferences, etc. and sends it to marketing agencies. Adware presents unwanted advertisements to the user. The source of infection can be email attachments or files downloaded from the internet disguised as or embedded within useful software. Some adware and spyware can also be picked up simply by surfing to certain websites.
Removal is usually accomplished with the aid of utilities written for this purpose. Spybot Search & Destroy and Adaware are two long-standing products which offer free versions for personal, home use. Some objects embed themselves so deeply within the operating system that free tools cannot completely remove them. For those, or if you’re running in a corporate environment and want continuous updates and real-time protection, consider a commercial offering.

Unnecessary Services and Processes
The default installation of Windows(c) configures a number of services that run automatically whenever the system is booted, many of which are never needed by the majority of users. Stopping these processes and preventing them from running can free up significant memory and CPU utilization. There are utilities that can make the job of identifying and disabling unnecessary processes easier. Some of this can be accomplished using Windows’ services interface. Getting to this interface differs between versions of Windows, but it will be similar to this: Start->Control Panel->Administrative Tools->Services. Here you will see the list of installed services. For each one you don’t want to run automatically every time you boot up, right-click on the name and select ‘Properties.’ In the dialog box, set the Startup Type to ‘manual.’ If you’re sure you never want the service to run (for example, if you suspect it is some kind of malware), set it to ‘disabled.’ You can always change it back to ‘automatic’ if you experience problems. Once you’ve finished setting the startup type on any services you’ve modified, you should reboot your computer. Simply stopping a service does not always completely free up resources that may have been reserved. The following are some services that are rarely needed by most users: Messenger Service (has nothing to do with instant messenger (IM) software), Remote Registry Service (do you ever need to edit your registry from a remote location?), Error Reporting Service (pops up the annoying “notify Microsoft about this bug” every time something crashes), Alerter (no need for this), Fast User Switching Compatibility (even with this disabled, you can still log off and log back on as someone else), Telnet (if you must enable a command-line log on from a remote location, use a secure shell (SSH) service instead).
There are other services which you may be able to disable, and there are other (non-service) processes that may be started by Windows. You can see which processes are running on your system by running the task manager (Ctrl-Alt-Del -> Task Manager) and selecting the Processes tab. These are started from registry entries, items in the Startup folder, and a number of other sources. With the task manager you can kill any of these processes (if you know which ones should be killed), but unless you find out where they’re coming from and remove the source, they will automatically restart. All these processes (including the services) can be managed with a program called Wintask 5 (liutilities.com). This tool gives you access to one of the most complete process libraries available, with the ability to identify, remove, or block undesirable processes. It costs about $30.00, but a free trial can be downloaded from the company’s website.

Optimize the Hard Drive(s)
Most people realize that they have to defragment their Hard Drives periodically or disk performance will suffer. Windows’ built-in defragmenter does an adequate job of defragmenting most files, but it has it’s limitations. Certain system files (including the registry) won’t be defragmented. Also, with this utility running, you can’t use your system for anything else. This program is actually a ‘light’ version of Diskeeper (diskeeper.com), which also comes in commercial flavors starting at about $30.00. For that price you get more efficient and complete defragmentation which can work in real-time, utilizing unused CPU cycles (so it doesn’t slow your system down).

Clean the Registry
The last thing I generally do when optimizing a system is to clean / optimize the registry. This removes references to obsolete objects and redundant entries, and repairs broken links. Again, this is accomplished with a utility. Remember to back up the registry first by using the File->Export menu option in the registry editor (regedit). The best type of utility for cleaning the registry is one that can defragment as well as clean it, something like RegistryBooster 2 (liutilities.com).
All of these optimization steps either require a utility or can be made easier with one. You can acquire free utilities or commercial variants. If you’re going to consider commercial software, you can save money by buying a suite. You can usually pick up a package deal for significantly less than the cost of individual components. Some, like PowerSuite from UniBlue, will also analyze and set the optimum parameters for your systems memory, CPU, and network configurations. Note that Powersuite includes a task manager, spyware removal and protection, and the RegistryBooster 2 registry cleaner, but alas, it does not include disk optimization.