Cheap Software: Windows XP for 90% off?
If you're like me, you probably receive several dozen messages per week offering Microsoft, Adobe, Corel, and Macromedia software at 90% off. Wow! What a deal! What a steal! Let's get in line to buy!
It's a steal all right, but what will be stolen is your credit card information and your identify. If you're really lucky, all that will be stolen is your cash. Let's take a look at one of these offers. This one arrived with a subject line that suggested my order (placed with a credit card) had not been accepted. (What order? What credit card?)
Assuming that I'd forget all about that, the spammer offered me his wares.
So I can get Office XP Professional for $100 instead of $580? Logic check time. Do you think Microsoft sells this application to dealers for less than $100? If you said, "No," you're right. Not even the "OEM" version.
Then there's the illiterate headline with "it's" (contraction of "it is" where the writer wanted a possessive) and the "plural" of "extra" created by adding "apostrophe s". Idiots generally don't stay in business too long and these people strike me as idiots.
Who are they?
Well, a quick check of the domain name (fastoem.info) tells me that it's registered to an "Eva Patterson" who has a business called "555" that's located at "123 Bdf Street" – can you say "No such address"? – in New York (state "MATT") but in the country of "RU" (Russia).
That sure gives me a lot of confidence! The "Russian Mafia" runs most of these sites to collect credit card information, names, addresses, and the other information they need to steal identifies.
Police "bunko" squads often say that there are no "innocent" victims of fraud. When you try to get something for nothing, you often get a lot of nothing in return for a lot.
So we've determined that the organization that wants to sell you cheap software is in Russia. Where is the website? It doesn't take a genius to figure that out.
The website "fastoem.info" is hosted in Uruguay. Uraguay is, of course, well known as one of the world's prime locations for software manufacturers, isn't it!
So, as far as I'm concerned, if you lose your credit card number, your identity, and a fair amount of cash to one of these creeps, you got exactly what you deserved.
Does Windows XP SP2
spell the death of shareware and freeware?
That's a question Julian Moss was asking in August. Moss is technical director of Tech-Pro Limited in England and is the contributor of PC Advisor magazine's monthly Helpline PC troubleshooting column.
Moss notes that after installing SP2, users who download and install any Tech-Pro applications - or those of thousands of other developers - will see a security warning that says: "The publisher could not be verified. Are you sure you want to run this software?" The warning then explains: "This file does not have a digital signature that verifies its publisher. You should only run software from publishers you trust." It's quite likely that many potential customers, especially those who have had a bad experience with malware, will be put off trying the software right from the start.
According to Moss, no-one can argue with the advice to only run software from publishers you can trust, but the implication that you can trust software that is digitally signed is another matter. A digital signature proves only who the publisher is, not that the software doesn't contain a virus or adware or do anything else undesirable. Good point. Moss says that a much more effective assessment of a product's trustworthiness can be made by looking at the vendor's website and searching to see what others have said about the software in online forums and reviews on download sites.
What does a digital signature prove? It proves that the software provider could afford to pay for a digital signature. The cost is negligible if you're Microsoft -- but if you're a small shareware vendor who makes no more than a few hundred dollars a month from program sales or a freeware developer who makes nothing from the application you provide, you may not want to buy a digital signature.
Moss says that it's in everyone's interests that Windows users become more security conscious. But by suggesting that any application created by a developer who can't afford a digital certificate should not be trusted, Microsoft could kill off genuine freeware and a lot of shareware at a stroke. "The conspiracy theorists can draw their own conclusions from this," he says. "I'm all in favor of security, but suggesting that only applications from companies that can afford the price of a digital certificate can be trusted is not the way to achieve it."
This is a typical heavy-handed Microsoft solution to a problem. Remember a few years ago when Microsoft finally realized that some e-mail attachments could be dangerous and unilaterally made all attachments unavailable to users of Outlook? This kind of broad-brush approach to security is dumb, but typical of the way Microsoft does things. So ...
How likely is this scenario?
Moss has a good point, but I have to ask the questions "Who buys shareware?" and "Who uses freeware?" In large measure, people who try shareware and freeware are the very people who will understand the pointlessness of digital signatures. These are people who do what Moss suggests. When they hear about a shareware or freeware program that might solve a problem for them, they go to the provider's website. Then they go to the Web in general and investigate the application and the author.
Only then do they download the application, read any documentation provided with it, and install the program.
In other words, the people who would be flummoxed by the absence of a digital signature probably wouldn't download applications like these in the first place.
I know that I'll continue to cover the shareware and freeware markets. When I recommend an application, you shouldn't necessarily take my word for it. Visit the website. Use the various search engines to confirm what I'm saying. Wait to download an application until you've vetted the provider.
But don't give up on shareware or freeware because of nonsense warnings from Microsoft.
Random scanner thought
Back in Windows 9x days, I bought an Epson scanner. It was a wonderful machine. When Windows 2000 arrived, there was no driver for the scanner, so I sold it and bought an HP 6300C. The HP was an OK scanner, but I felt that the Epson I'd sold was better than the HP I'd bought.
Eventually I bought another Epson for use at home, unplugged the HP, and it sat on the floor for a year or so. I decided recently that I'd like to have a scanner at the office, so I took the HP in. It's OK for occasional jobs.
Then somebody asked if I had a document feeder. The HP 6300 has a document feeder, but I hadn't installed the software, so I went to HP's website to look for the appropriate software. The scanner has only its model number (HP 7670A) printed on it and I'd forgotten what HP really called it. Note how little the number printed on the bottom of the scanner resembles "6300C". When I searched the HP website for 7670A, I got a "Sorry, moron!" message.
Fortunately, HP has no scanners in the "76xx" model line because that's what I was looking for and could easily have downloaded something completely useless. Eventually I figured out how to have Windows XP tell me what kind of scanner was attached, but I have to wonder why any company in its right mind would assign model 6300C to a device with a model number of 7670A.
Of course, this is today's HP ... and that might explain a lot.
Safer driving with a computer?
Modern cars have lots of computers inside. A computer runs your car's engine, the brakes, and even the radio. Now Daimler Chrysler has an idea that might produce better, safer drivers. That, at least, is the objective of RoadReadyTeens.org.
Chrysler is partnering with America Online to teach better driving skills through instant messaging.
Chrysler recently released its Road Ready StreetWise online teen driving video game on AOL's Instant Messenger service. The intent is to teach driver safety to teens in what Chrysler calls a "fun and challenging game."
That's an honorable goal because traffic crashes are the #1 killer of teens. The new Road Ready StreetWise AIM game offers "a cutting-edge way to reach and teach teens," according to Chrysler Jeep vice president Jeff Bell. In addition to being challenging and fun, the game is "a powerful tool to raise awareness of the responsibilities of driving."
The game takes teens on a nighttime driving mission where distractions in the vehicle and hazards on the road challenge the driver's senses and reaction times. During game play, challengers can send their competitors added distractions to make the game even more challenging. StreetWise shows teens that distractions like multiple passengers in the vehicle and risks like driving in adverse weather conditions are difficult to master as new drivers.
WildTangent created StreetWise. The free game will be available on AIM Games through the end of the year and a longer version can be played at no cost at www.roadreadyteens.org.
Nerdly News
Too much security?
Security is a good thing, but can you have too much of a good thing? Yes, says an article in PC World. "It may be helpful to look at what is not needed."
For example, you don't need personal digital signatures, because in most cases, an electronic signature will be enough and in terms of biometrics, you won't need that unless your company is using airplane pilots or has high level executives who won't or can't remember passwords.
Has your IT manager written a 500-page report on security policies? Bad idea. "You do need security policies, but not ones so large that no one reads them. It is also important to have a business continuity plan. We got a lot of calls when the hurricanes came through Florida, but for the most part, that was a little too late."
As with most things, common sense seems to be what's missing. The article suggests that IT managers identify systems that work and the adopt them. "A company should demand proof that a software product it buys is safe and make sure that the vendor has reviewed the code of the software with security in mind."
See the full article.
Script kiddie gets a real job
Write a virus and get a job with a "computer security" firm. What's wrong with this picture? Instead of spending some time in jail, the scrip kiddie who wrote the Sasser worm has a job. Securepoint said its decision to employ Sven Jaschan offered the German teen a "second chance".
Why does the little creep deserve a second chance? That's more than he gave his victims. Securepoint says employing the script kiddie will give them "insider knowledge". If the antivirus companies are so stupid that they need help from script kiddies, we're all in trouble.
Any moron can put together a virus with readily available code that they can find on the Internet. What antivirus companies need is intelligence not copy-cats, and that's all script kiddies are.
Enough people are concerned about the cozy relationship that exists between antivirus companies and the people who write viruses. The decision by Securepoint to hire a virus writer doesn't allay concerns. Some observers (and I'm in the group) feel that anti-virus companies could do more to stop the spread of viruses and worms, but that doing so would cut into their sales.
The author of the Sasser and Netsky worms caused millions of dollars worth of damage.
Let us know what you think about this program! Write to:
Bill Blinn --
(wtvn@blinn.com still works)
Joe Bradley -- |
