Awesome Smartphone Deal

If you are thinking of upgrading your smartphone, or buying a new one, Walmart has an awesome promo going until December 3rd.  Not only are they selling phones from all the major carriers at a great discount, they are giving a way a $100 Walmart gift card on many of the phones, with a two year committment.  This means you can get a premium phone for free, or even be paid for it!  Check it out!

Live Every Day to Lift Up Others

This morning as I read these verses that Paul wrote to the church of the Thessalonians:

You are witnesses, and God also, how devoutly and justly and blamelessly we behaved ourselves among you who believe; as you know how we exhorted and comforted, and charged [implored] every one of you, as a father does his own children, that you would walk worthy of God who calls you into His own kingdom and glory.
1 Thessalonians 2:10-12

I thought of how Paul lifted up every group of believers he came in contact with: Comforting, imploring, exhorting… how he lived devoutly, justly, blamelessly…  Our “job” as believers is to live every day this way, and to treat other believers (family, friends, co-workers, clients, fellow students, teachers, etc.) that we come in contact with exactly as did Paul.  This is true no matter how “mature” we may or may not be in the Lord.  We are to do these things to the ability that the Lord has given us.

The enemy will be sure to remind us of our own sins and failures – not only old ones from the past but our present failures as well.  He wants us to feel condemned that we cannot follow the example of Paul, so that we don’t even try. The enemy makes us think the Lord can’t possibly use US – that we aren’t good enough. The Lord is reminding me to that when the enemy knocks at the door of our mind we should remember our Lord’s words: There is NO condemnation in Christ!  We must tattoo this on the walls of our brains, and bring it to remembrance often.

We are to resist sin with every fiber of our bodies.  Resist the devil and he will flee!  But when we do fail, as we all so often do, we know that there is no condemnation in Christ!  As believers, Christ does NOT come before the God the Father to accuse, rather he stands in the gap and is the covering for us, our protector, our kinsman redeemer.  O how glorious is He!

 Thank you Jesus!!!!

Why I don’t call Microsoft Support for Windows Desktop Issues

There have been discussion ion a number of online forums recently about why people don’t call Microsoft more frequently.  I thought I’d put my own two cents into the discussion.  Note that this is not a rant against Microsoft in general.  I have used Microsoft products for over 25 years (does anyone remember DOS v2.1?), and am a Microsoft Partner. I use, and love, many Microsoft products.  However I do not have blinders, and believe that when there is a problem we need to be forthcoming with it so a vendor knows they need to make changes.

As a practice I do everything possible to avoid calling Microsoft.  I work with small businesses and small local government organizations that do not have support contracts with Microsoft.  The frequency of desktop issues that would require a specific client to contact Microsoft support vs finding answers on the web is very low and cannot justify purchasing a support agreement.  Even though I am a Microsoft partner, I cannot justify the purchase of SA by my clients, as it is way too expensive and most upgrade operating systems when they purchase new hardware, which comes with OEM licensed Windows.  Individual support incidents are also way too expensive.  It costs my clients less to pay me to figure out the problem, or even to reinstall Windows, than it does to call Microsoft.  

Over the past 25 years when I have contacted Microsoft it takes way too long for a resolution – between hold times, waiting on call backs, fighting to get past the first (and sometimes second) level of support, language barriers because support is outsourced overseas, … calling Microsoft support is usually an exercise in frustration and cost the client a fortune because I have to charge them for all of my time. 

 As a result, I use the tools I have – Google, forums, Twitter, etc.

Microsoft recently released Service Pack 1 for Windows 7, which I would say is the MOST problematic service pack that I have ever seen come out of Microsoft.  It is a disaster!

I have read forums where Microsoft employees rant that service packs should not be applied without testing in the environment, etc.  I agree with this, in principle. However in the real world this is not really an option.  Large corporations may have the resources to do this, but small businesses simply do not.  The majority of small companies have NO internal IT support and contract out for this support.  It is usually reactionary. 

Small businesses do not pay a consultant to test service packs, and even if they did the test would be too limited in scope.  The reality is that if these updates are not set to install automatically they will never be installed at all, resulting in missing security patches, and even bigger problems. Perhaps not the way it should be, but it is reality in these environments and is not going to change.

Therefore, Microsoft MUST take this into account when releasing service packs.  It was irresponsible for Microsoft to push Service Pack 1 for Windows 7 out via Windows Update.  I found online where the C34 failed installation was known about and discussed online at least as far back as February 24th, yet Microsoft still pushed out the service pack the week of March 7th.  It boggles my mind why Microsoft would not delay the release until these issues were fixed.  From the online discussions of this issue back in February this was CLEARLY a MAJOR problem.  It was NOT an isolated issue.  The typical response from my clients was “Can we get Microsoft to reimburse us for our costs in fixing this?”.  I don’t blame them for feeling this way and wish it were possible to do so.  Unfortunately, Microsofts response is always “So sorry, you have to pay to fix our mistake!”. 

These are the times when I wish I was in another line of work!

TripAdvisor.com Member Email List Stolen

Click the image to see full size.

I received an email today from tripadvisor.com notifying me that a portion of their email list was stolen by an “unauthorized third party”.  They state that they have confirmed the source of the vulnerability and have shut it down, and are pursuing matters with the legal authorities.

According to TripAdvisor.com, no passwords or credit card information was compromised, so the worst that is likely to happen is an increase in spam to the affected users.

TripAdvisor.com has posted additional information on their website at: http://www.tripadvisor.com/vpages/more_information.html .

The purpose of letting you know about this breach of security is not to pick on TripAdvisor.com.  The truth of the matter is that this is happening all the time.  Many websites and networks have not been properly secured, nor are they kept current with security operating system and application security patches.  Enterprises are not keeping their firewall firmware up to date, nor are they upgrading their desktop and server based malware protection on a regular basis.

Security is a shared responsibility. Everyone, including business owners and managers, IT staff, outsourced IT providers and hosts, employees, and other users have a part to play in  this.

 

”Japanese Tsunami RAW Tidal Wave Footage!” Fake Facebook Pages

Security Alert:  There is a link actively circulating on FaceBook enticing visitors to click on a video of the Japanese tidal wave. 

Please review the information below and avoid following this link.  At the moment it appears to attempt to collect phone numbers (no doubt to add to some scammers marketing strategy). However, it could easily be modified to try to implant malicious software on your computer.  It also adds you to the FaceBook “Like” for the page in an attempt to convince others to visit this page.

Credit goes to Trend Micro’s Twitter feed for alerting me to this security issue. The following information was cut and pasted from their blog.

 #     #     #     #     #     #     #

”Japanese Tsunami RAW Tidal Wave Footage!” Facebook Pages
Analysis by Karla Agregado and Michael Cabel, update as of March 13, 2011, 4:26 AM Pacific Time

Cybercriminals launched Facebook pages claiming to contain Japanese tsunami videos to lure users to the malicious site hxxp://www.{BLOCKED}u.fr/view.php?vid=Le-plus-gros-Tsunami-du-Japon-depuis-20-ans.

The Facebook page title is “Japanese Tsunami RAW Tidal Wave Footage!” and a script on that page leads users to a fake video page where the video is actually a clickable image. Clicking the image eventually leads users to a page asking for the user’s mobile phone number. The script also triggers an automatic “Like” and displays the link on the victim’s wall.

Trend Micro detects the script that leads to the fake video page as HTML_FBJACK.A. Users are protected from this threat via the Smart Protection Network that blocks the malicious URL to prevent users from executing the malware.

Beware of Twitter Scams Related to Japan’s Disaster

PLEASE beware of Twitter scams asking for donations to Japan relief funds.

Most of these are scams, but you probably have no good way of knowing if they are legit or not. Every time there is a disaster of some sort, the scammers immediately start sending these messages out.  They even put up legitimate looking websites to take your money!

We all have compassion for the people of Japan at this time. My heart and prayers go out to them.  I don’t want to discourage donations, as it looks like the relief organizations will be on the ground for years to come – some are still working in areas affected by Katrina over five years later!

If you want to give money, my advice is to only give to known organizations, over the phone or on websites that you KNOW are legit.  Two that I would recommend are the Red Cross in Japan, and Samaritan’s Purse.  Both are excellent organizations that are already on the ground in the affected areas.

Kudos to Google for creating a website specifically to help in this time of need.  They have links for giving, and are hosting applications to facilitate contact with your loved ones and friends, as well as links to official government and utility websites, public transit information, electricity blackout schedules, etc.  Check it out: http://www.google.com/crisisresponse/japanquake2011.html .

How to Protect Yourself from Dangerous Web Pages & Web Sites

Many of the latest virus, spyware, phishing, and general malware threats are spread via web pages that have been compromised by cyber-crimminals that desire to take advantage of user’s inherent trust in the results provided by search engines such as Google, MSN, Yahoo, etc. Trend Micro has released a new version of its TrendProtect Internet Explorer plug-in to keep you safe while browsing the Internet.  This particular feature, called TrendProtect™, is free and can be installed on any computer at no cost to the user.  I encourage you to download and install this software on your home or business computer (but check with your employer’s IT support personnel first!) that may not have this protection. You may find it here:    http://www.trendsecure.com/portal/en-US/tools/security_tools/trendprotect/download

TrendProtect is a FREE browser plug-in that helps you avoid Web pages with unwanted content and hidden threats. TrendProtect rates the current page and pages listed in Google, MSN, and Yahoo search results. You can use the rating to decide if you want to visit or avoid a given Web page. To rate Web pages, TrendProtect refers to an extensive database that covers the following information for billions of Web pages:

• Content category
• Phishing scam detection
• Site reputation
• Page reputation

TrendProtect allows you to avoid sources of infection. If you inadvertently open a Web site rated unsafe by TrendProtect, scan your computer immediately for viruses! You can use the free “House Call” scanner found here: http://housecall.trendmicro.com/.

When you search using Google, MSN, and Yahoo, you may notice that some search results are marked with check-marks, question marks, or red X’s, and that the main title line of the search result is shaded (green, red, or grey), and that these shades correspond to the colors of the checks, question marks, and X’s.  These colors and symbols all refer to the page rating provided by Trend Micro.

A simple explanation of these designations follows:

A green check and blue shading indicates that the page is classed as “safe” by Trend Micro.  If you hover your mouse over the green check, you will see a pop-up that indicates this.

A red X and red shading indicates that the page has been rated as dangerous, due to a known security issue on the page or website.  It is NOT recommended that you visit that site!  Hovering over the red X will pop-up a note indicating this.

A grey question mark and grey shading indicates that the page or website has not yet been rated by Trend Micro, and the safety of the page has not been determined.

A combination of the proper security tools along with safe web browsing habits will go a long way toward protecting the security of your computer, data, and personal identity. I encourage you to take advantage of this free tool.

Feel free to contact me if you are concerned about the security of your business computers, servers, network, and data.  We specialize in helping small businesses with all of their techology needs. We manage technology so you can manage your business!

Is Your Cell Phone Secure?

As if we didn’t have enough problems, now we have to worry about cell phone security!

 

Security experts have been warning for years that the next frontier for electronic criminals would be smartphones.  Although “in the wild” exploits were seen as far back as 2006, this has not been common… Until now!

Just this morning I received notices of active malware for phones based on the Apple, BlackBerry, Android, Windows Mobile, and Symbian platforms.  No phone, particularly smartphones, are safe!  According to Gartner, mobile device sales increased by 31.8 percent in 2010 from 2009, while smartphone sales ROCKETED by 72.1 percent!

The use of web-based applications on cell phones is skyrocketing as well now that carriers have completed their 3G rollouts and are working on expanding their  4G networks. The broadband Internet speeds available to phones make web-applications useful on your phone. This represents a virtually untapped market for cyber criminals! In addition, don’t forget that the iPad and iTouch, as well as other non-phone mobile devices, all run apps and have high speed Internet connections.  These too are, or soon will be, targets for the bad guys!

Threats range from bots that use your phone to send out email and SMS (text message) spam, to password theft aimed at stealing your online banking data.  In other words, the same threats that we have been worried about on our PCs for years!  Many phones are now used to access corporate email and even applications residing inside corporate networks. Your company’s network administrators have reason to lose sleep at night.

The threat is real and growing rapidly. What should be done about it?  I believe that we all have a part to play:

• Cell phone manufacturers need to include more robust hardware based security features in mobile devices, as a standard feature.
• Cell phone operating system and software developers need to take extra care to include better security features (and TEST them!) in their OS’s and apps.
• Cell phone carriers need to build security into their networks.
• Corporate IT as well as end-users need to make security a priority.  On the corporate side, employee policies for mobile device use must be updated, and IT departments must deploy robust security infrastructures for mobile devices.
• Security vendors (anti-virus, anti-spam, anti-spyware, etc.) must produce full featured, manageable, and robust security applications for mobile devices.  Due to the vast range of platforms that are out there this will be a challenge – but it MUST be done!
• Finally, end-users must accept responsibility for security on their mobile devices, both in how they use them and what apps they install.

As the trusted advisor to my small business clients in all things IT related, I will be developing a set of recommendations.  This is a rapidly evolving threat, so stay tuned for more information!

Facebook Prepares to Release Users Phone Numbers and Addresses

CRITICAL FACEBOOK UPDATE

According to a news article posted on Yahoo News yesterday (3/1/2011), Facebook is preparing to give out its user’s addresses and telephone numbers to third parties. This potentially includes cell phone numbers!

http://news.yahoo.com/s/yblog_thelookout/20110301/ts_yblog_thelookout/facebook-will-soon-share-users-phone-numbers-and-addresses-with-3rd-parties

I believe that this topic should be important to all of us. Please read it, and distribute it as you see fit. Send it to your kids! If you do forward this blog post, please include the date (March 2, 2011), so that recipients will know if it is current or not. This is not intended to be a negative rant toward Facebook, but merely a way of educating those that I care about regarding something important.

Facebook is the most visited website on the planet, and has access to incredible amounts of personal information related to its users.

Consider these statistics from Facebook

http://www.facebook.com/press/info.php?statistics

• Facebook has more than a half BILLION active users.
• 50% of active users log onto Facebook in any given day.
• The average user has 130 friends.
• People spend over 700 BILLION minutes per month on Facebook.
• There are over 900 MILLION objects that people interact with (pages, groups, events, community pages).
• The average user creates 90 pieces of content each month.
• Facebook users install 20 million applications every day.
• More than 250 million people interact with Facebook every month on external websites.
• An average of 10,000 new websites integrate with Facebook EVERY DAY.
• More than 2.5 million websites have integrated with Facebook, including over 80 of the top US websites and half of the top global websites.
• Over 200 million active users access Facebook through their mobile devices.

It is a given that Facebook tracks every single one of these activities. After all, Facebook’s greatest financial asset is the user data that it holds. They have far more information about each of us than our government ever thought about collecting, and they have data mining technology that enables them to slice and dice it and pull out any information they (or their customers) desire.

My advice to ALL Facebook users is simple:

• Check your Facebook privacy settings on a monthly basis. Facebook is constantly revising these, and they often “reset” privacy settings when they update. Even though you think certain information is hidden, it may no longer be so!
• Either leave your address, phone numbers, etc. out of your profile, or set them to something bogus such as 123 Main Street, Anytown, NY, 12345, 555-555-5555. I reviewed my own settings even while writing this, and made sure I was following my own advice.
• Never, ever, EVER post information ANYWHERE in Facebook that you do not want EVERYONE to be able to see. This includes friends, family, employers, potential employers, news media, government agencies, people from former relationships, etc. Facebook has become the standard source for information about what a person is REALLY like. A very large percentage of human resource departments will search out Facebook postings for employees and potential employees. What will they find? Would you want your Facebook postings broadcast on the radio, and the photos shown on network television?
• Just because you think something is “private”, or “friends only”, do not assume so. As noted above, security settings are constantly changing. What was private may no longer be so. In addition, it is difficult to know what is private and what isn’t, and it is impossible to know who Facebook will sell your information to.
• When posting on Facebook keep in mind that what you post is, permanent. Even if you remove it, it could still be shown on affiliate sites, cached on multiple webservers, etc. Those embarrassing photos of you at a Christmas party may show up years later, at the worst possible moment!
• If you use Facebook for both personal and professional purposes consider setting up two separate Facebook accounts, with separate email addresses. Do not add your professional and business contacts as friends on your personal account, and do not add your personal friends on your professional account.
• Because it is so important, I’ll repeat this one: Never, ever, EVER post information ANYWHERE in Facebook that you do not want EVERYONE to be able to see. As Facebook Vice President Elliot Schrage stated during an interview last year, “If you don’t want Facebook to share your personal information, don’t share your personal information with Facebook.” That pretty much sums it up!

The advice above is directed at Facebook, but in reality it should apply to every website that you use. A good example of this is Twitter, where users have the habit of posting everything without giving it a second thought. It is my sincere desire that by following the simple guidelines above you will be able to enjoy Facebook, share with friends, and still keep personal information personal.

Ted Miller

View from Grassy Mountain, Lows Lake NY

View from Grassy Mountain overlooking the middle part of Lows Lake. We paddled up the Bog river in September 2010 and camped at the entrance to Grassy Pond.  In the morning we bushwacked our way up the mountain to take in this view. It was amazing!  There isn’t really a trail there, you just have to make your own way up.

Lows Lake, Adirondack Park, NY

 

Looking toward the western end of Lows Lake and down the Bog River from Grassy Mountain. The view was outstanding. I’m not sure if we could see all the way to the high peaks, but I’m thinking those must be close to the High Peaks area.

Lows Lake, Adirondack Park, NY

Not really any trail. We bushwacked our way up. We did follow a trail marked with ribbon on the way back down, but it was mostly through a path where there was a lot of water running over the rocks and very slippery.  Our bushwack trail was better!