|
written by Brian Place
produced by Brian Place & Katerie Prior
Issue #13: September, 2005
Contents:
-
-
-
-
-
-
Fun & Cool on the Web
• The Computing Revolution (online exhibit at the Boston Museum of Science)
• WebZen
• Troubleshooting your iPod
• MAKE Magazine: Wolfgang Puck Self-heating Can Hacking
• Flip Flop Flyin' Minipops
• "You've got to find what you love" - Steve Jobs' 2005 Stanford
commencement address
-
Welcome Back to the BDPNetworks Newsletter!
This Issue: Can You Trust E-mail At All?
Hot on the heels of last issue’s mega-article about protecting your
PC from viruses, spyware & other threats, here’s an article about
e-mail: Is it secure? Can you trust it? And how do you get Outlook to send
an attached document with minimal fuss?
News
Three Kings: Companies to Watch
I really enjoy watching this industry—there’s always
a lot going on. Here are three companies doing things nobody else has really
managed to get right and they’re all making big waves. You’ll
definitely want to pay close attention to these players over the next few
years.
Fun & Cool on the Web
How do you repair an iPod? Want to hack a self-heating coffee can? How
about reading about what Steve Jobs had to say to the 2005 graduating
class at Stanford University? Or do you just want to waste some time?
It’s all right here…
Have A Question? It Might Be Worth $30
We’ll soon be starting a Q&A column based on reader questions.
If you have a question about business computing (home computing is okay
as well), please email it to me and it may appear in an upcoming issue.
When you send in questions, please let me know that I have your permission
to use your question in the newsletter by including your name. If I use
your question in a newsletter, you'll receive a $30 gift certificate to
a major online electronic retailer!
And now, without further ado, on with the show...
SECURITY DETAIL: E-MAIL
IS NOT SAFE!
Nearly a decade ago, e-mail burst into the business world as an essential
communications tool. Users could email documents, presentations, spreadsheets,
photos, and other files with ease. Unfortunately, virus writers, malicious
types, and even software developers have made it harder to use or trust
email effectively. In this month's Security Detail, I want to talk a
little about e-mail. Can you trust e-mail for critical information transactions?
OUTLOOK’S
ATTACHMENT PROBLEM
Many security experts are now telling people to "never open attachments." Naturally,
this helps stem the tide of the recent Windows viruses and worms spread
by masquerading as Office documents. Unfortunately, this advice also
defeats one of the main purposes of e-mail—the easy transfer of
documents in electronic form.
When Microsoft first developed Outlook, the developers included a
number of features, such as attachment automation, that make the application
easy to program. Over the first few generations of Outlook, however,
its developers rarely focused on security, which eventually caused
the rise of viruses, worms, and other problems. With so many companies
using Outlook, and virus and worm writers waiting to exploit the
next loophole, even people using other e-mail programs have had to
suffer the consequences.
Microsoft has tried to deal with the security
problem in a number of ways; they've restricted the ability of small
external programs to access functions in Outlook. They've also released
service packs & patches that further
restrict the ability of Outlook to open attachments of certain
file types, such as .DOC (Word Documents), .XLS (Excel Spreadsheets) and
.PPT (PowerPoint Presentations). This helps prevent worms from hijacking
your address book or infecting your system with other problems--but doesn't
exactly help you get any work done. Of course, this feature wasn’t
created for Outlook users’ benefit – Microsoft was simply
covering their hide.
(If this feature drives you nuts like it does me,
scroll down to the bottom of this article and read “Bypassing Outlook’s
Built-in Attachment Protection”)
SPOOFING & PHISHING
Because e-mail is not a secure system (and requires no proof of identity
from a sender) this has opened the door to spoofing & phishing.
Phishing
generally happens when an e-mail purports to be from a major online
service, such as eBay or Paypal, asking you to update your account
information. Often there is a link to a website included there that
will "take
you directly to your account management screen." Don't do it!
These e-mails are often fraudulent & take you to a faked website
that tries to capture your personal financial information.
Spoofed e-mails look like they're from someone you know, but often
contain viruses or worms. Again, e-mail as a whole does not provide
for a way to prove the identity of the sender, so while it may appear
that your best friend has just sent you a virus chances are they know
nothing of this (and often their computer or e-mail server was never
even involved in the transaction.)
COMMON SENSE PROTECTION
It's important to remember some ground rules about e-mail in general:
basically, you can't trust it. It's not reliable, nor is it secure.
There are currently only two ways to verify you received a legitimate
message from a sender--1) call them and ask if they sent it (literally!)
or 2) use a "digital
signature" such as provided by software like PGP. That's
it--there is no other way to prove conclusively that a message
was really sent by a recipient, so be very careful when opening
attachments!
You
can protect you and your company by following a few general guidelines.
NEVER
OPEN SUSPICIOUS ATTACHMENTS!
It's good to get into the habit of ONLY opening attachments when you
are expecting them. Don't blindly open a document unless you have
already conversed with the sender & are anticipating that file. Otherwise
you run the risk of unleashing a new and exciting form of computer
virus on your system.
NEVER CLICK ON A LINK IN AN E-MAIL MESSAGE WHICH
ASKS YOU TO UPDATE YOUR FINANCIAL INFORMATION!
If you receive e-mails that you suspect are "phishy," you
should go directly to the website in question (by typing the address
directly into your web browser, such as www.ebay.com or www.paypal.com)
to verify the situation.
Similarly, if you receive suspicious attachments
from a friend or "Network
Support," do not open them!
Ebay, by the way, has recently adopted
a policy of only sending you information about your account via their
website: you must log into their website and check “My Messages” for
information about your account. They will no longer send e-mails to
your regular e-mail address, so it’s
a good bet that any e-mails you receive from eBay in your regular mailbox
are faked.
EDUCATING COMPUTER USERS IN A COMPANY
Many companies are now taking the time to educate their own
users about e-mail. If you work in a larger company, you might consider
sending something like this to the entire staff:
=====
Hello everyone, I just wanted to bring some things regarding e-mail
to your attention. Treat all e-mail attachments
as unsafe. Even
if an attachment comes from someone you know or someone who is in the
office, it could always potentially be a computer virus, trojan
or worm. E-mail is not secure, nor is it ever
guaranteed to be 100% reliable. There’s no way
to guarantee a message actually was sent from the person listed
on the “From:” field.
The only situation where you can most likely trust an attachment
if is you are expecting a file from someone. Otherwise, it pays to
be very cautious. We have several levels of virus protection running
that will prevent most viruses from gaining traction; however, these
may not prevent new fast- spreading viruses from being caught. Very
new worms could spread so quickly that our anti-virus software would
be powerless against them because it simply doesn’t recognize
them yet. So again, it pays to be skeptical.
Thanks for your assistance with this.
Sincerely,
John Doe
ACCEPTABLE USE POLICY
It might be good to include expectations of e-mail
in a company-wide Acceptable Use Policy (AUP) as well. (I will talk more
about the Acceptable Use Policy in a future issue; it is important even
for the smallest companies.)
CONCLUSION
It's a war out there and unfortunately the bad guys seem to be winning.
But with these tips you should be able to hold your own ground.
BYPASS OUTLOOK'S BUILT-IN ATTACHMENT PROTECTION
Pssst – So you’ve read the rest of this article and still want
to bypass a major security feature? OK - Outlooks attachment protection
is “helpful” but it does tend to make transferring certain
files very difficult. The secret to bypassing Outlook’s new security
feature is to zip your files before sending. Under Windows XP, this is
extremely easy--put them into a folder on your desktop. Right-click the
folder and "Add to compressed file." Drag the compressed file
into your Outlook message & send. Under Windows 2000, you'll probably
want to use a third-party program such as WinZip to accomplish this same
task.
Microsoft has created a way for you to disable this
safety feature. This will allow you to send these files to other users
but does not guarantee they'll be able to open them-- they may have the
same problem on their end. Remember that disabling this feature means
you will be able to open attachments from spammers & phishers that
may LOOK like they're coming from valid sources--so be careful!
You can
learn more about disabling this safety feature at this link:
Additionally, Microsoft
Exchange Server 2003 has an additional level of attachment restriction
built-in: e-mail will be stripped of these “suspicious” attachments
before it even enters Outlook. If you need to disable this, please
give us a call.
What Can We Do For You?: Information about BDPNetworks
BDPNetworks, LLC is owned and operated by Brian Place. Since 2001, BDPNetworks
has helped increase the productivity of small businesses in Seattle, WA
and the surrounding areas by providing outsourced, managed network support
and other computer consulting services. With over 20 years of combined
professional experience in this field, we know how to keep your network
running smoothly so you can concentrate on your business.
As a Managed Service Provider (MSP), we set up, secure, and maintain computer
networks for small businesses around the Seattle area. Our Maintenance & Support
Plan contracts specify an unlimited labor scope for practically everything
that needs to be managed on a business computer network--including security,
helpdesk, backups, virus protection, documentation, and disaster recovery--all
for a low, fixed monthly fee. We have accumulated a lot of experience providing
these services to other companies, so we'd love to show you how we can
dramatically boost productivity & cut costs in your own organization. If
you would like more information on this, please contact us via the website.
Do you know of an organization that could benefit from the services of
BDPNetworks? Then ask about our referral program! New clients receive
a free onsite consultation.
Past Articles: Revisited
In case you missed them, here's a quick rundown of some useful articles
we've published in other issues of the BDPNetworks newsletter:
VIGILANCE
PREVENTS FUTURE SABOTAGE: Protect Your Windows PC
Keep your Windows-based PC free from viruses, spyware and other security & privacy
threats.
Our Tools: RequestTracker
Get the most out of our e-mail-based helpdesk ticketing system.
Phishing: Email Scams Take People Hook, Line, and Sinker
eBay and Paypal scams are rampant--what is phishing, and how can you recognize
it?
How to Buy a Business Desktop PC
Thousands of different computer systems are on the market. Here’s
what you need to know before you buy.
Planned Obsolescence: How long should you hold onto a computer?
Most computers are designed with planned obsolescence in mind. Learn how
to plan for obsolescence.
INDUSTRY CATCHUP: Three Kings – The Companies to
Watch
Things are hectic (as always) in the computer industry—and it’s
fascinating to watch. New killer applications & technologies are quickly
turned into commodities as companies jockey in and out of position trying
to dominate different markets. Microsoft, king throughout the nineties
of almost anything having to do with business computing, has been losing
ground to other companies in some really interesting areas. Here are a
few of them…
(Full disclosure – I own no stock in any of these companies nor
have I ever worked for any of them.)
APPLE - KING OF CONTENT DELIVERY
I'm personally a big fan of what Steve Jobs has been able to do with Apple
since his return five years ago; he has completely turned the company around
and made it a force to be reckoned with. I first reported some interesting
things that Apple was up in the January, 2002 newsletter (issue #5). But
Apple's products had limited interest to most of our business computing
customers, so I mentioned them only in passing.
Fast forward to 2005 - and you see Apple's influence everywhere. They
dominate sales of portable digital music players with the iPod. Their computer
designs continue to lead the industry--with lots of PC-based knock offs
that look surprisingly similar. Their operating system (Mac OS X Tiger
- 10.4) is at least three to four years ahead of Microsoft's Windows-based
systems in functionality & performance. And they’ve built a hugely
successful digital media distribution empire with the iTunes Music Store
which could ultimately be THE way most people get their music & movies
in a few years.
The iTunes Music Store has recently surpassed 500,000,000 downloads--each
one is a single song that is downloaded to a Windows or Macintosh-based
computer, then optionally transferred to a portable music player such as
an iPod. With a recent release, Apple has quietly built the ability to
download short movie clips into the iTunes Music Store. Of course, these
clips are generally just promos for movies - but it has led to rampant
speculation that Apple is planning their next move--distribution of full-length
movies across the Internet. Whether you would purchase them outright or
subscribe to them like a rental service (like Blockbuster or Netflix) remains
to be seen--but we could even see Apple-branded media "appliances" within
the next year or two that plug directly into your TV. And they'll probably
look a lot like the Mac Mini...
It is quickly becoming clear that distributing movies via physical pieces
of media (CDs, DVDs, etc.) will go away over the next decade or so. This
is truly innovative, revolutionary stuff for these industries—and
will ultimately cut a lot of the “middle men” out of media
distribution while decreasing prices and dramatically increasing selection
for consumers.
Apple has a beautiful & well-designed website—check it out if
you haven’t seen it before:
http://www.apple.com
GOOGLE - KING OF SEARCHING
Google rules search. The word "Google" even showed up in some
dictionaries this year. They rule search because they understand it in
a way that other companies, like Microsoft, never can despite how much
money they throw at the subject. Google's stock continues to soar--and
their employees are actually encouraged to spend 20% of their time on other
pet projects! At other companies (such as Microsoft), initiatives tend
to come from the top & work their way down. At Google, individual employees
are empowered to come up with brand new products & services. If they're
good, and they work, they float to the surface. It's a simple concept that
really works well for them.
Lately Google has been very busy pushing out into other services--and
much of what they've delivered is outstanding. Here's a quick rundown of
tools you should take a look at:
Google Talk (High quality voice calls anywhere in the world)
http://talk.google.com
Google Earth (Also purchased by Google and now FREE! “A 3D Interface
to the Planet” and truly one of the coolest things you can do with
a computer)
http://earth.google.com
Picasa (Purchased by Google – excellent, free image organizer)
http://picasa.google.com
Google has also been getting a lot of press lately for the techniques
they employ in delivering their services to the world. Traditionally a
program as feature-rich such as Gmail (Google Mail) would need to be delivered
as a separate application you install on your computer that would connect
to a server at Google. Google has managed to implement a high-level of
functionality by using industry standard web browser programming methods—making
Gmail seem like a “local” program along the lines of Outlook
and less like a “web” program like Hotmail or Yahoo Mail.
This new programming methodology—delivering very responsive & feature-rich
programs through a web browser to anyone on any operating system has the
potential to drastically change how programs are produced & delivered.
And it’s clear now that Microsoft isn’t the one leading this
movement…
NOVELL – KING
OF LINUX?
People probably wonder why I still discuss Novell from time to time—and
it’s because they’re still fascinating to me. They’ve
always been an engineering-driven (not marketing-driven) company and their
products (generally) show this.
Linux is extremely hot right now – it’s an alternative to
Windows that is more stable, more efficient and arguably more secure than
Windows. And it’s free! But most people in a business environment
want a reputable company to back it up and provide support—so Novell
saw this opportunity a few years back and seized it.
Novell purchased German Linux distributor SuSE several years ago; many
lauded this as a great move for both companies but some were concerned
because Novell often fumbles on marketing efforts despite how good their
products are.
Now, they seem to be doing things correctly again. Novell still has a
loyal installed base of their legacy Netware flagship enterprise operating
system so they have been providing software & tools needed to migrate
this to their new Linux-based systems in the form of Open Enterprise Server.
Novell continues to sell new versions of GroupWise--one of the best alternatives
to Microsoft Exchange in the industry--and has expanded both the client & server
bases to run on Linux, Unix, Windows, Netware and even offers a Macintosh
OS X GroupWise client.
Novell also continues to make some of the most exceptional management
tools available in the form of ZenWorks, recently revved to version 7.
These tools have been extended to completely manage Linux servers & workstations,
and can even manage occasionally-online PDAs such as Palm-based & Windows
CE-based systems.
But the most interesting development is probably Novell's release of a
new bundled Linux desktop operating system squarely targeted at replacing
most of the installed based of Windows PCs out there. Most people use a
few major applications under Windows in a business environment: E-mail,
a web browser, a word processor, a spreadsheet, and occasionally they might
use some presentation software. Novell's new Novell Linux Desktop has all
of this built-in - for a very attractive price - and is super-easy to install,
yet requires fewer resources than Windows XP. So if you need to keep a
PC around for basic office tasks, you might be able to repurpose an older
Pentium II-based system; Novell Linux Desktop will run surprisingly well
on this system and it's easy to integrate these into your existing Windows-based
network.
Contrasted with the upcoming Microsoft Windows Vista with its hefty hardware
requirements (and very belated delivery) Novell Linux Desktop has a chance
to make some serious inroads into larger business organizations over
the next few years.
BUT WILL THEY BE KINGS FOR LONG?
This industry moves like lightning—there’s never a guarantee
that you’ll be on top forever. Nothing stands still. Just because
these three companies have built momentum doesn’t mean someone else
won’t come along tomorrow with a killer product that people love.
Time will only tell how long these companies will keep their crowns. Don’t
blink!
Fun & Cool on the Web
The Boston Museum of Science: The Computing Revolution
An online exhibit of different computer-related topics.
WebZen
A large number of unique high-quality games (with a Japanese twist) you
can play in your web browser. Updated frequently.
Troubleshooting your iPod
The iPod is great and everyone has one--but even it needs tech support
once in a while:
MAKE Magazine: Wolfgang Puck Self-heating Can Hacking
MAKE Magazine is a new magazine that teaches people how to "hack" lots
of things in their daily lives to better suit their needs (or just to see
how they work). Wolfgang Puck recently released a self-heating coffee
beverage in a high-tech can--MAKE had to dissect it to figure out how it
worked:
Flip Flop Flyin' Minipops
Tiny (called pixel art) caricatures of celebrities.
"You've got to find what you love"
Apple/Pixar CEO Steve Jobs' commencement address delivered to the 2005
graduating class at Stanford University
©2005 Brian Place for BDP Networks, LLC.
All Rights Reserved.
Content composed and edited by Brian Place. Additional content & editing
by Katerie Prior of The Writer's Confidant, http://www.writers-confidant.com.
Feel free to forward a copy of this to whomever you wish, but please
leave the contents intact.
If you would like to subscribe or unsubscribe to this newsletter, please
send a blank message to newsletter-subscribe@lists.bdpnetworks.com or
newsletter-unsubscribe@lists.bdpnetworks.com.
Alternatively, you can visit this location to subscribe, unsubscribe or
edit your subscription information:
Questions, comments, or concerns may be directed to newsletter@BDPNetworks.com.
Thank you for reading!
INFORMATION PROVIDED IN THIS DOCUMENT IS PROVIDED "AS IS" WITHOUT
WARRANTY OF ANY KIND, EITHER EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED
TO THE IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR
PURPOSE AND FREEDOM FROM INFRINGEMENT.
|
