Thursday, 24 February 2011

"I'll send you the password via email..."

It's 4.55 p.m. on a wet and windy Friday night, somewhere in the great metropolis, and you're coming to the end of a long working week. In just 5 minutes time, you'll be going home, ready to enjoy the promise of a weekend you have been planning for months. The hotel room is booked, the kids have been shipped off to your sister-in-law, and the wife has been out shopping today at that new Ann Summers shop in the high street - life really is good.

Just as you're about to go home, the phone rings. It rings in that particular way that it does when it's Dave - good old Dave in Accounts. Dave who got you into trouble last week for sending you that link that was so "Not Safe For Work", and which took Brian in I.T. 3 days to repair the aftermath of...

"I need the password for the Director's pension file..."

Why NOW?! All you can think about is what colour undies may be waiting for you tonight...

"I'll send you the password by email" you hear yourself say. As you're about the press the send button, out of the corner of your eye you can see Brian from I.T., wielding a baseball bat, and wearing a malicious grin...

Now that I have your attention, as I gently fondle my very own baseball bat, I think the time has come to tell you the truth.

Email is not secure.

There - I've said it. I know you use it every day, and I know you can't live without it, but it is not safe. When you send an email, it travels in a plain text format - that is, it is completely readable by anyone. This is necessary because email has to travel between varying systems, that utilize varying technologies - it simply can't travel any other way, and by default, when we send an email, it travels in plain text. Therefore, sending a password by email is like you throwing your front door key into a crowd whilst shouting "that's for number 29 folks - help yourselves!"

So, how do we send a password (or a document) safely via email, if we have no other choice? Well, we disguise it, by using encryption. Encryption is a method where we turn some piece of data into something unrecognizable, and then change it back again later on. Encryption options depend upon the type of email client you are using, so I can't really give specifics, but google is your friend - just look up email encryption options for your email client, most are based on some sort of PGP Public / Private Key encryption or Digital ID's.

Failing that, create a document, place the password in the document, and use an archiving solution like Winzip, WinRAR or 7Zip to generate a password protected archive containing the document, which you can then send in an email. Then just phone up the person and give them the password to the archive.

That's all 'till next time folks. Remember, stay safe - or me and "my little friend" may have to have a word with you... ;)

Tuesday, 22 February 2011


Just found this on Mike Lynch's Blog - Just goes to prove that computer manufacturers (sometimes) have a sense of humour too...

Monday, 21 February 2011

"Downloading music isn't illegal, is it?"

Do you remember the 80's? The smell of vinyl, the lure of cover art, the art of noise? Less than £1 a single, and £5 for a LP? I'm sure you do, and that you've just floated back on a wave of nostalgia (hopefully not shouting "WIILLSONNNN!")... Do you remember the kick up that was made about taping music on cassette? "IT'S PIRACY!" they screamed, and oh, how we laughed, 'cos we knew better...

Times have changed. The digital era is here, and music is available anyway you want it - CD, DVD, direct download to your IPod, and it's all free...

Of course, it isn't. Times have changed, but the music business hasn't. The record companies and the artists still want to make money, so they charge for their music - the only fair way to do it. You go and by the CD - that's fine, because you're paying for the privilege of listening. You RIP that CD to your IPod - that's fine (I think), because you've paid for the original. You give the ripped files to someone else - now the problems start, because that's illegal.

Downloading music is fine - provided you have either a) paid for it or b) the artist says it's free to download. Everything else is piracy - period. No ifs or buts. Download music illegally and you may as well steal a copy from a store, because that's what you're doing - stealing.

By the way, this argument also covers Software for your computer - unless it says it's free in the license agreement, you gotta pay for it somehow pal...

Bottom line - if you like the music, go and BUY it. If you don't your favourite band may not be here for long...

Friday, 18 February 2011

"I need Office / Photoshop to..."

I'm a computer nerd, and I'm over 40, with numerous offspring. That means I have one thing missing from my life....CASH! How many of you have come home from a hard days graft, only to have said offspring corner you in a manor not unlike that of the S.A.S on an embassy mission, brandishing requests for moolah faster than a Heckler & Koch MP5 machine pistol? Go on, raise your hands (those that are able too)...

We're over 40, and we're skint. So WHY OH WHY do we have to keep hearing this question?

"I've got a word document - I need Microsoft Word to open that - how much is it to buy - have you got a copy?" or "I've got a photograph to edit - I need Photoshop to edit it - how much is it, or have you got a copy I can borrow?"

Let's get one thing straight from the off. Yes, Microsoft created "Word", and Adobe currently own "Photoshop" and yes, they are good products - but you don't actually need them to open word documents, or photos - they are just the most popular programs used for word processing / graphics, mainly because they are used in business, where money is not really an object. They have become what's known as "the industry standard", which is company speak for "it works for us", and the file formats they use, are also the most commonly used.

But (and it's a very big but), there are other programs out there that we can use to edit word documents, or excel spreadsheets, or photographs, or anything you like - you just have to know where to find them. I'm going to introduce you to a new phrase, and that phrase is...

Open Source

Open Source is more of a movement, than a phrase. It's a philosophy for software creation. In short, it means that anyone can modify an existing Open Source program, provided the modifications (and the source code that has been changed) is made freely available, for nothing. Open Source is powerful, because it puts the power of software back into the hands of the users. You need something done - someone somewhere has probably already created that will do it for you, for nothing. Open Source has even given birth to Operating Systems, such as Linux! Open Source has lot's of success stories, and I'm going to introduce you to two of them.

LibreOffice is an Open Source competitor to Microsoft Office. It can create, edit and save office documents in many formats (including Microsoft Office) and even looks and feels the same to use, but it's completely free. My kids have used it for homework, and I've used it for business - why pay for Microsoft Office, when this exists?

The second success story is GIMP. GIMP stands for Gnu Image Manipulation Program, and is the nearest thing available to Photoshop that is free. It can manipulate photos, create stunning artwork, and 9 times out of 10, it can do everything photoshop can, for everyone up to the level of professional artists. I use it all of the time, in fact, the cartoons featured in this blog were adjusted by GIMP.

Do you (and your pocket) a favour. Before you get suckered into the big boys, look into Open Source alternatives - you won't be disappointed, and you'll save a ton. Right, time to open my copy of GIMP and create my next masterpiece - mega stardom, here I come...

Monday, 14 February 2011

"I went on this great site last night... and now I've got a virus/trojan!"

It's late at night. Creeping downstairs (so as not to disturb the wife), you slink into the living room, intent solely on your goal - a bit of late night surfing. Time to go on those sites that you know you shouldn't - like that one that Dave in Accounts sent you the link for. Surreptitiously, you enter in the website address, and click the enter key...

... Only to find that your computer has now spawned more windows than Everest, and is intent on letting the whole world know that you went on sheepsh* - oh, and is that the sound of your beloved's sweet footfall on the stairs on her way to investigate what the scream of "NOOOOOOH!" was all about...

OK - for our third (and final) part of this article, were going to look at what to do if you suspect you have a virus or Trojan. The first question I'm often asked is "what's the difference?". Well, a virus is a program that is intent on replicating itself to other computers without the user's knowledge, in a similar way that a real virus infects your body, and passes itself on to the next person (like the flu). A Trojan (named after the famous wooden horse of Troy) is a virus that wants to do more than just replicate - it wants control of your computer for it's author's use, and by it's definition, a Trojan is more serious.

The first thing to do is to ascertain if your computer is infected. The best way to do this is also the best way to fix it, and by that, I mean "scan your computer for viruses". If you haven't already done so, install a anti-virus solution like AVG, and run a full scan for viruses. Once the scan has finished, you'll have the option of either quarantining the viruses found, or removing them from your computer - either is an acceptable solution.

Now that you've installed / run your anti-virus solution, make sure you keep it up to date by downloading the latest virus signatures - if you don't do this on a regular basis, all the hard work you just did will be undone very quickly, so check your anti-virus's documentation on how to keep up to date.

The next thing is to search your computer for Adware - these are programs that are not technically Trojans, but are the next best things - programs that want you to buy a product, by hijacking your PC and pointing you to the authors website. Because Adware is specialized, you'll need a specialized tool to deal with it - my favourite is SpyBot S&D, because it's thorough, and it works. Install it, update it, and run a full scan, then fix any errors it finds.

9 times out of 10 the above methods should sort you out. If they don't try looking at - here you'll find lot's of useful information on viruses, Trojans, and other annoying PC specific problems that may be affecting you.

Right, I'm now off to disinfect my computer - with a blow-torch. You can't be too careful you know...

Thursday, 3 February 2011

Safe browsing - it's like safe sex really...

As I don my White Coat for the second part of this subject, I liken myself to a sexual health worker (the white coat has a multitude of uses), trying to prevent the spread of STDs in a sexually permissive teenage society - it doesn't matter how many times you repeat the "Safe Browsing" message - some are still going to ignore you. However, we must try, so bend over dear reader...

Safe browsing of the Internet relies on several things:
  • Keep your browser up to date
  • Keep your computer up to date
  • Consider a different browser
  • Keep your anti-virus up to date
  • Use a firewall
  • Configure your browser properly
  • Configure your computer properly
  • Show restraint
The first two are no-brainers. Always try and keep your computer up to date with the latest patches, and do the same with your browser. For Windows, this usually means running Windows Update either automatically, or frequently. I'm not kidding when I say that new flaws in Windows are being found every day - for goodness sake, Microsoft even have an official day of the month - Patch Tuesday - where they release fixes for discovered vulnerabilities.

Internet Explorer is not the only browser out there. Many years ago, when Windows (and the Internet) were young, a browser software battle was fought, and Internet Explorer was the winner - not because it was the best, but because it was bundled with Windows, and because Windows had the biggest market share of computer operating systems. The problem however, is that Microsoft, in their infinite wisdom, choose to tie in the browser with the operating system, to the point where it had a dangerously high level of access to your computer - a situation that still exists. If you want safer browsing, one of the best ways is to change your browser to another, and for that, I recommend Mozilla Firefox. Not only is it quick, it is (by definition) safer (it's not tied to the operating system), and there are add-ons that actually make it even safer - it's NoScript add on for example, lets you control which scripts are allowed to run on your browser (stopping unallowed scripts is one of the best preventative measures for safe browsing I have ever seen).

Antivirus is not an option anymore - it's a requirement for Windows, to the point where Windows itself will let you know if you have no antivirus present (look out for a red circle with a cross in your system tray - dead give away). You don't have to spend a fortune though - most new computers come with Norton or McAfee pre-installed, which does cost, but you can uninstall these and use a free antivirus solution, such as AVG or Avast.

Using a firewall is a must. For those of you who don't know, a firewall protects your computer from being attacked directly by other computers. If you use a Router to access the Internet, rather than a ADSL modem, chances are you are already behind a firewall - check your router documentation. If not, it's a good idea to use at least the built in Windows Firewall, or if not, a separate solution like ZoneAlarm

Configuring your browser properly is just a case of making sure it can't do anything you don't want it too. That means...
  • Not allowing pop-up windows
  • Not installing unnecessary browser add-ons (such as search toolbars)
  • Making sure the security options are not too lax
Most browsers these days have default settings that are quite good - again, look into the documentation for your browser for help if you think you may be at risk.

The hardest thing though to implement, is the last - showing restraint. Simply put, it means this...
  • Just because you can do something, doesn't mean you should.
This is rule of thumb #2, and it's a doozy. In short, as a user, you can go anywhere you want, install anything you want - but should you? That new file-sharing bit torrent client looks great... but do I really need it? What if it contains a virus? Ooh, Dave in accounts says that new site - "latinosheepsh*" is fab - but what if it's a malicious website (come to think of it, what is Dave thinking about)... You get the idea. In the war against the Internet sharks, common sense is your greatest weapon.

In part 3, we'll discuss what to do if you think you have a trojan/virus. For now, I'm off for a scrub and hosedown...