It's the Worst Virus Ever!!!! (from an e-mail warning)
How often do you receive a message like this? "If you open a message with an attachment called 'foo.mp4', your hard drive will be erased and your computer will be vaporized!!! This has been confirmed by Microsoft and Snopes and MSNBC, so I know it's true!!! Please forward this message to everyone you know!!!" What do you do with a message like that? Whatever you do, please don't forward it.
Messages like these seemed to have died out, but I've noticed a resurgence that started in the fourth quarter of 2010. You might ask, Isn't a bogus warning better than a computer virus? That's the wrong question. It's like asking whether being gored by a wild boar is better than a collision with a transit bus. There's no relationship.
Bogus warnings that are forwarded indiscriminately are bonanzas for fraudsters. Because people are people, a certain number of mistakes will lead to the compromise of some number of computers. Compromised computers will yield e-mail addresses and a message that has been forwarded many times has almost certainly collected dozens, if not hundreds, of e-mail addresses. So besides needlessly raising the fear level among computer users, these fake alarms actually play into the hands of the bad guys.
I learned not to open unexpected attachments early when I fell for the first mass-distributed computer worm (ILOVEYOU, May 4, 2000). Although my computer was on a LAN, I recognized the problem and disconnected the network cable fast enough that the infection was limited to my computer. Even then I should have known better and I've never been victimized in the nearly 11 years since even though I've received plenty of messages that contained infected attachments.
A good antivirus application and Postini inspection ahead of my computer's e-mail in-box have reduced the number of virus-laden messages that reach my computer to near zero but even if these protections had been absent, there has been no threat in the past 11 years that would have infected my computer. Protecting yourself and your computer isn't a question of being a high-tech genius; all it requires is a bit of common sense and logic.
Most messages with links to phishing sites, worm or virus attachments, or other threats might as well have Don't Open Me in 96-point red type, highlighted in yellow. They are that obvious most of the time.
Tell-Tale Signs
Fraudulent (phishing) messages have certain characteristics that make them easy to spot.
- If the message is "from" you, delete it unless you've sent a message to yourself.
- Don't depend on the "from" address. It's easy for anyone who has just a tiny bit of technological know-how to create a message that appears to have come from anyone.
- Don't depend on the presence of corporate graphics. Just because the message contains a Bank of America logo or a PayPal logo doesn't mean that's where the message came from.
- If a message threatens loss of account privileges or says that you made a purchase that you didn't make, it is probably a hoax. If you're uncertain, use your telephone to contact the financial institution, Internet service provider, or store. Do not use any link on the e-mail or any phone number provided by the e-mail.
- If the message asks you to "confirm" any information that the store or financial institution should already have, the message is phony. No bank will ever send a message that asks you to fill out a form that confirms your account number, security question, social security number, address, phone number, PIN, or anything else. Period.
- If the message claims that you ordered something but provides a link that you can click just in case you didn't really place the order and want to cancel it, the message is a clearly bait.
But rather than trying to think of all the possible indications that a message is bad, it's easier to look for clear indications that the message is valid.
When you receive a message with either a link that the sender asks you to follow or an attachment the sender wants you to open, ask yourself a few questions.
The following list of questions may appear intimidating but you can perform most of the tests in about the same amount of time it takes to look both ways before crossing a street. In other words, it takes far longer to explain the tests than it does to actually do the tests.
- Is this message from someone I know? (If yes, proceed.)
- Is this message from someone who routinely sends me messages? (If yes, proceed.) If you are an entry-level employee, the CEO may not be in the habit of send messages that are personally addressed to you.
- Does the message read the way a message from the sender would read? (If the message seems to be in character, proceed.) If the sender is someone who has an advanced degree and who is generally careful about spelling and punctuation, Hay, dood, this is 4U may indicate that the message is from someone else.
- Are you expecting a message with an attachment or a link from this sender? Did you ask the sender to send a copy of a business proposal? Does the sender usually send you links to websites? (If so, proceed.)
- For links: Is there a clear explanation from the sender to explain what the link is? (If so, proceed.)
- For links: Does the link go where it claims to go? (If the words and the link match, proceed.) Hovering the mouse over the link will display, somewhere on the screen, the actual link target. A link that claims to take you to "example.com" might actually direct you to "give.u.virus.com".
- For links: Does the link make sense? (If so, proceed.) A link to "www.heave.to/support.harvard.edu" will not take you to Harvard University; instead, it will take you to "heave.to" and open a file in a directory "support.hardard.edu". I don't know whether "heave.to" exists but, if it does, it would be registered to the Kingdom of Tonga, an archipelago in the South Pacific Ocean.
- For links: Is the target site safe? (If it seems safe, proceed.) Well known sites (Microsoft, Google, Yahoo, and the like) are generally safe. If you know a site (techbyter.com, for example), you can reasonably consider it to be safe. If it's a domain you've never heard of, it doesn't hurt to perform a Google search on the domain name to see what others have to say about it.
- Final test for links: If you have any concern about the link, contact the sender to ask about it. In most cases, this won't be necessary because the preponderance of evidence from the test will be either positive or negative.
- For attached files: Is this the kind of file you would expect from the sender? Is it named appropriately? (If the file seems reasonable, continue.) An MP4 file from somebody who has never sent you an MP4 file would be suspicious.
- For attached files: Some e-mail applications allow you to open a file by double-clicking it. Instead, save the file to your computer and then run a virus scan on it. (If the file passes the test, proceed.)
- For attached files: A test by an antivirus program isn't conclusive. A false result simply means that the test didn't find anything; somebody has to be the first one to encounter a new threat and it might be you. So if anything has raised any concerns, contact the sender before you do anything with the file.
So the primary point is, and I know I've said this before: Never implicitly trust any message. Anything that arrives via e-mail should automatically be suspect.
Sharing Video is Easier than Ever
Next week I'll tell you about some reasonably priced digital cameras. These days a digital camera offers more than just the ability to take still images. Many cameras include a video function. If you use that function, you may want to share the resulting video. It's easy. (Warning: This story involves cats.)
YouTube is what most people think about when it comes to sharing video clips, but there are others. One of the cats who shares our space likes to sit in the bathtub and drink water from the spigot. I captured this event on video, added some music, and posted it to Shutterfly. Let me know what you think of Phoebe.
I could just as easily have uploaded the file to YouTube, Vimeo (which I've used before), PhotoBucket, or to numerous other sharing sites.
Wikipedia lists 60 websites that allow users to share videos, and that's just the "clean" sites. There's no mention of user-created porn sites.
Sites such as Vimeo even have tutorials that explain the video basics so that you'll post a file that works for other viewers. Lots of digital video cameras exist now and many digital cameras, even low-priced consumer cameras, include the ability to create videos.
This Changes Everything
These sites change the way we view media. They also change the media we view. Even if you're an amateur with a basic digital camera that can capture video, you can share your vision with thousands of viewers.
The Vimeo Video School covers the basics that every video producer, amateur or professional, should know. Vimeo starts by saying "Choosing a camera is the first step on your way to making videos that you can share on Vimeo. There are a lot of options to choose from including camcorders, simple point-and-shoot cameras, and nowadays cellphones with built in video cameras. Where do you even start?"
Seriously.
Follow the link. Watch for Andrea. The free tutorials from Vimeo are among the best examples I've ever encountered when it comes to explaining video to people who have no idea what what a time code is, why video has 29.97 frames per second instead of 30, or why cross-fades are almost always better than fancy transition effects.
Later the Vimeo Basics program says "Editing video clips together can be really fun, especially once you master a few basic features in your editing program. With a bit of patience and experimentation you'll be producing smoothly edited videos in no time." This is absolutely true and the Vimeo program discussed editing with both Mac and Windows computers. Whether you have a PC or a Mac, you have a basic video editor. If you want to do something more involved, you'll need a more advanced application.
The Phoebe the Water Cat video was created with an inexpensive point-and-shoot camera and edited in Adobe Premiere Elements.
Buggy Whips, Watch Springs, Slide Rules, and Film
Nothing lasts forever. Western Union's owners, for example, famously thought that the telephone was a passing fad. Eastman Kodak (the film company) recognized early on the threat that digital photography posed and attempted to reposition itself as the picture company. That's largely been unsuccessful because many people no longer make prints. Instead, we share photos online or by e-mail. Even the technology behind the big change is changing fast.
In the 1990s, one of the largest computer shows in the world was PC Expo at the Javits Convention Center in New York City. The bursting of the Internet bubble and numerous other factors combined to terminate the show. In its heyday, it completely filled all rooms on all levels at Javits and effectively sucked all taxis in Manhattan to 11th Avenue.
Jacob K. Javits Convention Center fills the blocks between 34th and 38th streets, 11th Avenue and the Hudson River. Built in 1986, it was named for United States Senator Jacob K. Javits, who died that year. So effectively it's 4 city blocks under roof. Most of the building is 2 stories tall and a central section is 3 stories. PC Expo literally filled it all.
In June of 1999, I took the first digital camera I had purchased with me to New York for PC Expo. Because I had been shown an application that could magically stitch together a panorama from a series of individual photos (list price several hundred dollars), I clicked several pictures of Javits. The software worked, but only if the images had been produced carefully by mounting the camera on a tripod. For my handheld images, the resulting panorama was a complete failure.
Fast-forward to December 2010. I was looking through some old images and found my putative panorama. Would modern software be able to do a better job with my 5 pictures?
I asked Adobe Photoshop CS5 to create a panorama.
To create the panorama, Photoshop combined the 5 images, aligned the images, and then created transparency masks for each image. Here are images 1, 3, and 5.
And this is the result following the use of Adobe's content-aware fill and the application of some lens corrections. If you look at the full-size image, you'll see a few small rough spots, but the result clearly shows how far the technology has advanced in the past 11 years.
As for film, consider the Eastman Kodak Company as a good indicator of film's health generally. In January 2009, Kodak posted a $137 million fourth-quarter loss and began the process of eliminating more than 4 thousand jobs. At the end of 2010, Standard and Poor's dropped the company from its S&P 500 listing.
Buggy whips, watch springs, slide rules, and PC Expo are gone. Film is fighting what would appear to be a losing battle. But digital photography and the software associated with it is going strong.
Short Circuits
At Last! Competition for AT&T!
Since the Iphone's beginning it's been an AT&T device in the United States, but now (finally) it's possible to use the device on another network. Analysts suggest that the addition of Verizon could double Apple's market penetration with the Iphone.
For corporate America, there's still a problem. The Iphone doesn't work well with Microsoft Exchange servers, although Apple has made some changes to make the systems more compatible.
The Verizon version of the Iphone goes beyond AT&T's version by offering the ability to be a portable Wi-Fi hot spot that can connect up to 5 devices to Verizon's 3G network. AT&T's network is 4G. Other smart phones have the feature, too, but usually charge an additional fee for it. Verizon (for now) won't. Don't expect that to last.
The biggest competition the Iphone faces now is the Android phone and those who like to have control of the devices they own often choose Android models because of Apple's restrictive mentality. Apple wants to maintain total control of its devices and this explains why every time Apple updates its Itunes software my Ipods cause Itunes to crash for several weeks.
Maybe Apple needs to take a slightly less restrictive approach.
The primary target for smartphone apps is still the Iphone, but the Android market is growing and becoming more attractive to developers. Today the Android has about 80 thousand apps to the Iphone's quarter-million apps. But there's also a lot of duplication.
Court: Twitter Ordered to Give User IDs to Investigators
The US Department of Justice wants information about Twitter posts made by rop_g, ioerror, birgittaj, Julian Assange, Bradley Manning, Rop Gonggrijp, and Birgitta Jonsdottir between November 1, 2009, and the present. These are people the DOJ believes may have been involved in the latest Wikileaks leak.
All of the IDs are alleged to be associated with Julian Assange, the persona non grata at the US State Department.
Three of those listed were involved with releasing video that showed a US military helicopter firing missiles in an attack that killed Reuters journalists in Iraq.
The Department of Justice demands that Twitter hand over the users' names, their credit card numbers, addresses, and other information such as the "connection records" that would show when the users had logged in and how long they were on line.
Twitter has advised the users that their information has been subpoenaed. A federal judge released the information publicly in early January after Twitter asked that it be permitted to notify the targets of the federal investigation that they were being investigated.
If you follow the saga of the Blinn family cats, Jeremiah Cheeseburger went to sleep for the final time this week. He will be missed.
His story. More photos on Facebook.
One thing I've learned about myself is that when I'm stressed or distressed, writing helps. If Facebook is good for nothing else, it's an outlet for my thoughts and those who find some resonance in what I've written can respond immediately.