Tuesday, July 29, 2008

Satellite Radio Merger Approved

The proposed merger between Sirius and XM, the two competing satellite radio services, has been approved by the Federal Communications Commission. Over 17 months ago, when the proposed merger was first proposed, it was predicted that the FCC would never approve this merger because of its obvious monopoly considerations. But, the two companies made several proposals that made the merger more palatable to government officials. The vote was 3-2 and was split along party lines with the Democrats in opposition.

Among the concessions made by the two companies was a 3 year price freeze, the creation of over 20 new channels dedicated to non-commercial and minority interests and a la carte pricing that will happen within three months of the final merger.

The two companies are also proposing a 50 channel a la carte package that will sell for $6.95 a month. This would work for me, and frankly, I would be pressed to find that many channels that have music, news, and sports that I would find interesting. But there are enough really good channels that make this a very viable option for me.

The a la carte packages will require a new type of receiver that is not yet on the market, so if these packages sound interesting to you, hold off for little while

The merger was rigorously opposed by the National Association of Broadcasters who fear it will hurt terrestrial radio stations, both AM and FM. The truth is that these stations are already in serious trouble. They have been hurt by the Internet, iPod-type devices, and the fact that most independent radio stations have been bought out by major broadcasting giants like Clear Channel and others. Their programming has become just plain boring and not worth listening to. Just turn on your radio and you will see what I mean. There are far more interesting radio stations on the Net and on both Sirius and XM.

As part of of my satellite TV packages, I have experienced both XM and Sirius. There is no doubt in my mind that XM offers a superior product, less talk and more music and information. Also, audiophile journalists report that XM's sound quality is definitely superior and I agree.

Stay tuned for more info.

Thursday, July 24, 2008

Best of the DNS

Today, as promised, I want to tell you about changing the DNS server that your computer uses on the Internet. I will give you the Web site where the fastest, safest and and most secure DNS can be accessed and used by you...for free.

But, first, an important update on yesterday's blog. As I said, it wouldn't be long before hackers try to exploit the current flaw in DNS on servers that have not upgraded. Well, I was right...and my prediction took less than 24 hours. InfoWorld is reporting that a new attack code has been released into the wild that will allow hackers to hijack (or poison, as it is now being called) unpatched DNS servers...and from what I have been able to find out, the large majority of DNS servers in the world have not been patched. Even some of the largest Internet providers in the US have not updated their servers. Unbelievable.

Internet security experts warn that this code may give criminals a way to launch almost undetectable phishing attacks against Internet users whose service providers have not installed the latest DNS server patches. Attackers could also use the code to silently redirect users to fake software update servers in order to install malicious software on their computers...and you won't even know it.

I urge you, as soon as possible to go to the Web site I gave you yesterday, http://www.doxpara.com to see if your DNS server is safe. All it takes is the click of one button and you will find out almost immediately. If you get a bad report (or even a good one), I want you to think strongly about changing your DNS server immediately to one that will be much better...and I can tell you that this company's DNS servers were patched almost immediately.

The Web site where I want you to go is http://www.opendns.com/. This company has been around for a while and has been touted by Internet journalists and security experts as being the best. OpenDNS is easy to set up and will allow you not only replace the DNS server you are now using, but actually add additional levels of security to block phishing sites, pornographic sites, adult-related sites, video sharing sites, and even social networking sites. This means that parents can have much more control on their children's Web browsing...and the kids won't even know what you have done.

There are multiple levels of security and site blocking so you can set the level to suit your situation. You can also get statistics on your family's Web Browsing habits, set up shortcuts so you don't have to type in long web addresses, block specific Web sites, and even allow certain Web sites that might be blocked by the filtering. There are other features to numerous to name here, but you get the idea.

Set up is simple and takes only a couple of minutes. Click on the "Get Started" button on the home page and it will walk you through setting it up for your computer or even your specific router. It could not be easier. Then, you can start customizing your setup to suit your needs. Because it is probably the most up-to-date DNS server out there for blocking bad sites (especially phishing), everyone should be using it.

Now that you have finished reading my blog, get over to doxpara.com NOW!!!

Wednesday, July 23, 2008

Hijacking Your DNS

A woman called me recently to inquire about some of my photographic services. We talked for a while and I directed her to my Web site. While we were st ill on the phone, she tried to go there but got something else...an advertising page with me and other area photographers listed. That wasn't right, so she tried again and got another advertising page, but I wasn't on that page at all.

After some additional conversation and finding out that her son was using the computer to download music files from illegal sites, I was pretty sure that her computer was infected with a great deal of malware, one or more of which changed her DNS settings to take her to another DNS server.

Just to remind you, a DNS server (DNS stands for Directory of Names Services) is where you are first taken when you type in a Web site address, like www.corkrum.com. The DNS server then finds the IP address for that particular Web site then forwards your request to it. It's a translator of sorts so you don't have to remember those long IP address numbers.

DNS servers are located all around the world. When you signed up with your ISP, you were given a DNS address that is entered into either your computer or in your router. Usually, it is the DNS server used by your ISP. Most people have never changed their DNS settings, although they can. But there is some spyware, viruses, and worms that will change your DNS settings without your knowledge. This new DNS server that you are unknowingly using will take you anywhere it wants to to accomplish its ends...including fake Web sites designed to steal your personal information.

That is what probably happened to my potential customer...another reason why you need to have your computer protected with anti-spyware and anti-virus software designed to stop anyone who tries to hijack your computer. Also, a little common sense is needed, such as not clicking on links in your e-mail, even if it is from a friend.

But, there is another story about DNS hijacking that has made the tech news headlines quite recently. A well known expert in Internet security, Dan Kaminsky, discovered a huge security flaw in the current 20-year-old DNS system. Because of the possible ramifications of such a discovery, this flaw was kept under extremely tight security wraps until it could be fixed. Dan wrote a fix for it, then sent it out secretly to every DNS hosting service.

The problem is that not all DNS hosts have run the update. And, of course, now it is no longer a secret so some bad guys may be writing malware to hijack unpatched DNS servers. You have no control over this process as the DNS server itself would be hijacked, not your computer.

Fortunately, Kaminski has a Web site where you can check to see if your particular DNS server has been fixed. Just go over to http://www.doxpara.com and you can just click a button to see if your DNS server is safe. You can also read Kaminski's blog to read more about his research, although he will not reveal the technical details until July 24th at a major tech conference.

In my next blog, I will talk about an alternate DNS site you should be using for even greater security that will stop you from going to phishing sites, pornography sites and other bad places. Stay tuned.

Wednesday, July 16, 2008

Do You Trust Your ISP?

There is a scary new trend occurring in the Internet world. Some Internet Service Providers, trying to increase their bottom line revenues, are allowing third party companies to install hardware in their facilities that track user's Internet habits. Another word for this would be spying. These companies track your web page habits, search terms, and even your e-mail's looking for key words that allow them to classify you in one of their one-thousand categories. Cookies identifying you are then put on your computer without your knowledge. Then, as you browse the Net, you are targeted for advertisements based on the cookies on your computer. For this, your local ISP gets a commission.

The two biggest companies that are doing this are NebuAd and Phorm. Other companies that are doing this are Front Porch, Adzilla, and Project Rialto. Phorm's use in Britain has caused a firestorm of criticism as some of Britain's largest ISP's use them. Their method of tracking you is insidious as they redirect you to fake Web sites that makes your browser think it is the real web site. Then you get a first party cookie on you computer before you get to the real Web site you requested.

These companies are deploying their equipment to ISP's all over the US, but to whom is a mystery as they refuse to release their customer lists. Charter Communications, CenturyTel, and Wide Open West did have plans to implement these systems, but have backed off recently as this form of spying has now come under Congressional scrutiny. One senator has called it nothing less than illegal wire tapping. Its like having someone standing over your shoulder when you are using your computer and taking copious notes about what you are doing...then selling that info.

The Senate has held hearings to investigate this new intrusive way of spying on you. It turns out that a series of federal laws written back in the 1980s provide some protection for us. Some of those laws restrict deep packet inspection by any broadband provider; the Cable TV Privacy Act singles out cable providers for the most extensive opt-in regulations, meaning they must notify their customers first and let them opt in to be tracked. But today, they are using opt-out tactics meaning the customer has to contact the ISP and tell them they don't want to be tracked.

For their part, these spying companies insist they are not violating any laws...in fact, they say they are providing a useful service so users can get advertisements that fit their lifestyle. NebuAd says that it does not collect or use personally identifiable information and does not store raw data linked to "identifiable individuals." Rather, it says, it creates and continually updates anonymized profiles with information "about the user's level of qualification" for certain types of ad. But, who is to stop them from taking the next step, which is to attach your name to their collected data?

The bottom line is that your ISP, which handles everything you do on the Web, may or may not be allowing third parties to spy on you without your knowledge. To my way of thinking, this is a clear betrayal of trust and violates your right of privacy. Laws should be passed to prevent this.

Until this happens, is there a way to thwart this type of spying? You bet there is! All you need to do is encrypt your Web surfing before it leaves your computer. This is done by installing a special program that encrypts your data, then sends it to a specified proxy server, which then un-encrypts it and sends your request to its final destination. The web page you request is then sent back to you via the same proxy server that encrypts it and sends it to your computer. The data that flows through your ISP is encrypted and can't be tracked or used by anyone except you.

This type of technology does exist and if you use a laptop on public Wi-Fi networks, you should be using it anyway to prevent hijacking of your personal information. I have been experimenting with some of this software while on the road this summer and will shortly write a blog on my results. Until then, just be aware that this new type of spying is happening.

Thursday, July 10, 2008

Those Damnable 3rd Party Cookies

One of the new features of Firefox V3 is its ability to reject any 3rd party cookies that some Web sites may try to place on your computer. To be truthful, this feature is not new as it was in Firefox V1.5, but then was removed in Firefox V2. Now it is back and better than ever.

A third party cookie is one that comes from some party other than than the Web page you are currently visiting. As an example, you go to a Yahoo page, for instance, and Yahoo puts a cookie in your computer to help identify you when you return to their site. This can be very handy. But, on the Yahoo page is an ad for some company and it also tries to put a cookie on your page to help track your buying habits. This would be a third party cookie.

Much of the spyware and adware that shows up on your computer when you do a spyware scan come from third party cookies. The ability to reject these cookies is an important part of your safe browsing experience. It was great to see that the feature to reject these cookies is back in Firefox. The problem is that this feature is turned off when you install Firefox 3.0. To turn it on, you need to click on "Tools," then "Options." Then click on the "Privacy" icon and you will see the "Cookies" options. Just uncheck the "Accept third-party cookies" and you are protected. That's it.

Now, every once in a while, you may need to accept a third-party cookie. For instance, Firefox add-on's Foxmarks and Google Reader will not work unless you enable third party cookies. Here is how to handle this situation: In the above mentioned section on cookies, you will see a button titled "Exceptions." Click on that button then enter the Web address of the cookies you wish to accept. For instance, for Foxmarks, you would enter "Foxmarks.com". Then click on the "Accept" button and close the window. That's it.

I strongly recommend that if you are a Firefox user that you do this today. It will really cut down those adware and spyware cookies.

Wednesday, July 02, 2008

Corporate Updates in the Tech World

Once again, sorry for my lack of blogs lately, but I am on the road a great deal these days, mostly without Internet access. Tomorrow I am off for Whitefish, Mt. for another show and won't be back till next week. I am hoping to get into Glacier National Park for some photo activity as it is only a few miles from Whitefish.

I seldom write about the comings and goings of tech businesses, but there is so much going on right now that I thought I would pass along some of the more interesting tidbits. Thanks to CNet and ZDNet for their help in preparing these stories.

Justice Dept Investigating Google/Yahoo Partnership

The U.S. Department of Justice plans to gather information from third parties in a probe of the advertising deal struck last month between Google and Yahoo, according to sources familiar with these types of investigations. Yahoo announced the nonexclusive partnership in June under which rival Google would supply it with some search ads, a move that could increase Yahoo search revenue but that also gives Google even more power in the market. The partnership idea came to light during Microsoft's attempt to acquire Yahoo (see below), which put more pressure on the Internet company to improve its financial results.

Microsoft to Go After Yahoo Again?

The Wall Street Journal is reporting that Microsoft has been looking for partners in recent days that would help it make a new bid for Yahoo's search business. This would be Microsoft's third attempt to acquire Yahoo. A couple of months ago, Microsoft pulled out of negotiations after Yahoo would not lower their asking price, a price that Microsoft said was way too much. Then Microsoft went after Yahoo again a month or so again, not to buy the whole company but only parts of it. This time, Yahoo pulled out after making the above-mentioned deal with Google.

All this has caused huge turmoil at Yahoo, which is not in very good financial shape. Investor Carl Icahn is waging a huge proxy fight to take over Yahoo and dump its current president and board of directors, whom he accuses of bad management. Microsoft has reportedly met with Icahn recently. Even more pressure is being applied by the stock market as Yahoo share prices have dropped below $20. Microsoft had offered $32 per share when they pulled out (Yahoo wanted $37 a share). They might wind up getting it much cheaper than was originally proposed. Microsoft is trying to increase its Web business as they recognize that their current business model is out-of-date and needs to be more Web-centric.

Blockbuster/Circuit City Deal is Dead

Movie-rental chain Blockbuster has announced that it has withdrawn its $1 billion bid for consumer electronics chain Circuit City. The reason given was unfavorable "market conditions." The original deal was was thought of as one company in trouble trying to buy another company, also in trouble. Blockbuster shares jumped nearly 12 percent, while Circuit City fell 14 percent in after-hours trading following the announcement. I think that says it all. Both companies have struggled in the past year...Circuit City posted a $200 million loss near the end of 2007, and Blockbuster has been fending off Netflix's success in online video rentals, as well as the growing threat of digital movie downloads.

Circuit City to Sell Office Subscription

Microsoft has announced that Circuit City will be the first to offer a new Microsoft Office subscription service, dubbed Equipt. This service bundles a subscription version of Office Home and Student with Microsoft's OneCare antivirus product for $69 a year--just $20 more than the suggested price of OneCare alone. Microsoft is trying to tap into the fact that while many people would rather find a copy of Office that they don't have to pay for (either an older version or a pirated copy) they are willing to pay for security software. This Office version contains Microsoft Excel, Powerpoint, Word, and OneNote (no Outlook, however). Its regular purchase price runs from $100 to $165 on the Web.