NSA Recommendations for Computer Security
The National Security Agency (NSA)—also known as the "No Such Agency" because of its secrecy—knows a thing or two about cyber security. The agency has some down-to-earth recommendations for how you can avoid having your information, identity, and bank account stolen.
The full PDF article (7 pages) is on the NSA website but I thought that it might be worthwhile to condense the information a bit and possibly to dispel some myths about security along the way.
You may think that as long as you have a secure password everything is fine. Actually, that should be "secure passwords" (plural) because it's risky to use the same password for multiple accounts. For trivial accounts (reading newspapers, for example) a single password will do but you don't want the password you use for your bank account to look anything like that password. Crooks don't need to guess your password if they can convince you to give it to them (phishing) or if they manage to direct you to a poisoned website that installs a keylogger on your computer and then forwards user names and passwords to them.
Computer security software is important, of course, but you can't depend entirely on it, either. Instead of averting disaster by allowing protective software to blunt an attack, it's better to avoid the attack entirely by staying away from bad websites. That means typing URLs carefully, not following unknown links even when they appear to come from someone you know, and using a more secure Nameserver than the one your Internet service provider maintains. (My recommendation for your nameserver is OpenDNS.)
The NSA recommendations are in 5 broad categories: Host Computers (Windows), Host Computers (Mac), Network Operations, Internet Behavior and Operational Security, and Enhanced Protections. Although I strongly recommend that you download the document from the NSA and review your own operations using it as a checklist, here are the recommendations that I consider to be the most important ones:
- Windows: Upgrade to Windows 7 and Office 2007 or Office 2010
If you're still using Windows XP, no matter how good you think it is, you're vulnerable. The 64-bit version of the operating system has some additional security capabilities so choosing 64-bit hardware is a wise investment. Likewise for Office. Early versions (2000, XP, and 2003) all have serious security concerns, even when fully patched. - Macintosh: Upgrade to Office 2008 or Office 2011
The same reasons apply here as apply to the Office suite for Windows computers. - Windows: Install a Comprehensive Security Suite
Natch. For the past 3 years I've used Norton Internet Security because Symantec software engineers seem to have solved the speed issues that Norton applications were known to have and the overall protections are good. No security suite will catch everything. - All Operating Systems: Don't use the Administrator Account for Daily Activities
Just as Linux users are taught never to run as "root", Windows users should never use the Administrator account except for tasks that need to be performed by the Administrator and this account should have a strong password. The NSA also recommends setting most accounts to be Standard User accounts and not to allow any regular users to be part of the Administrator's group. As good as this suggestion is, I have trouble implementing it myself. - Windows: Make Sure Your Browser and PDF Reader Provide Sandbox Capabilities
What this means is that executables must operate in a safe environment and that any code delivered to your computer by a website or a PDF document will be maintained in a secure partition for inspection. - All Operating Systems: Keep Software Up to Date
Many operating systems and applications can automatically update themselves so that your computer always has the most current security patches in place. I still like to maintain a bit of control over this process and set most operating systems and other updates to download and then notify me. I almost always install them immediately but if I'm in the middle of an important task, I may want to wait until that task is complete. - All Operating Systems: Encrypt Laptop Hard Drives
Laptops are attractive to thieves and they're easy to steal. If the hard drive is encrypted, you'll lose only the computer (which, presumably, you have insured) while the data on the computer remains safe. Windows and Linux machines can use TrueCrypt while Mac users should enable File Vault, which is included with the operating system. - Apple Ipad: Protect the Data
These devices are also attractive targets. If you have an Ipad, enable Data Protection. - Home Networks: Do Not Allow Open Access
It used to be common to see open Wi-Fi connections in suburban neighborhoods but now it's much less common. When you're setting up a home wireless network be sure to enable WPA2 and not the much weaker WEP. Then, create an SSID that doesn't provide any clue about your identity and make sure your passphrase is strong and not something that anyone can guess. Don't turn on remote administration. Anyone who makes changes to your network should be sitting in front of the router.
Those are the nine most critical points in the paper but I haven't covered any of the Behavioral or Advanced methods. If you travel or if you exchange data between your home and office computers, you should read those sections. No security system is foolproof but if you make your hardware, your applications, and your passwords harder than average to abuse, most crooks will look for easier targets.
It's All Relative
How much of a risk can you afford? If you store no information that needs to be secure on your computer, then security doesn't matter. If you store information that needs to be secure but the computer isn't connected to the Internet, then security doesn't matter. If you have installed strong, secure, up-to-date protective software and you're constantly on guard to avoid phishing and fraudulent websites, security isn't as much of a concern as it might otherwise be.
The crooks are always looking for new ways to steal your data, your identity, and your money. Every new iteration of hardware, operating systems, and software take into account the new threats.
Windows XP with IE6 and Word 2003 isn't exactly the equivalent of a 1984 Yugo automobile. A system such as that might reasonably be compared to a 1980 AMC Pacer. Chances are that you'll get where you're going but you probably won't enjoy the ride.
Five Minutes After I Bought an Android Tablet ...
... Eweek magazine wrote an article that said it's stupid to buy an Android tablet because Android "will lose the tablet race." And they go on to provide 10 reasons why I was stupid to buy an Android tablet. Stupid? Yes, let me count the ways. And then I'll let you know what I think of the tablet now that I've used it for a few weeks.
Why am I stupid? Here's what Eweek has to say.
- Security will be a problem.
Eweek says that both Apple and Microsoft's Windows 8 tablets will offer better security. Probably true. Apple's security has always been good and Windows 8 builds on Windows 7. Good call, Eweek - Ipad is King and Will Remain So.
Two terms are unwise: Always and Never. The Ipad has lots of fans but prices are a factor for some of us. When I was looking for a tablet, I found that I could pay an extra $400 and buy an Ipad or save $400 and buy an Asus. - IOS is more usable.
Really? - Windows 8 Has the Same Strategy.
Yeah, this is probably true and I think that the Windows 8 tablets will be exactly what a lot of people want and need. Whether this indicates a problem for Apple or a problem for Android is still open to question. - Vendors Are Lining Up for Windows 8.
Well, yeah. And so ...? HP, Dell and Asus will make Windows 8 tablets. Does that mean that companies such as Asus will stop manufacturing Android devices? I don't think so. - Look at the Sales (which Eweek apparently didn't).
Android activations are running around half a million per day but Eweek says "vendors are starting to assume their places behind Apple. However, Android sales are tiny, compared with Apple’s." How many machines does Apple sell every day? Hint: it's not half a million. - Smartphone Success Means Nothing.
Somebody really believes this? Apparently some editor at Eweek does: "Just because Android is successful in the smartphone space, doesn’t mean that it will have a strong showing in the tablet market." - Consumer Confusion.
"Google has made the poor decision to offer several different versions of its Android operating system." Hmmm. Yes, this is called upgrading. I guess Microsoft should have stopped at the first version of Windows instead of offering Windows 2, Window 3, Windows 9x, Windows Me (well, it would have been better if they hadn't proffered that one), Windows 2000, Windows XP, Windows Vista (yeah, that was another bad choice), Windows 7, and Windows 8. Did somebody at Eweek really think this was a good reason for consumers to avoid Android? - Tablets are Boring.
Really? I must have an uncommonly high threshold for boredom, then. - Google Seems Apathetic.
Now you're reaching. Time to sit down and be quiet.
2012: The Year of the Tablet
On the final program of 2011, I said that 2012 would be the year of the tablet. Here's why I think so:
- Use a tablet for 10 minutes and you'll be sold.
Tablets will never replace desktop computers and they probably won't replace notebook computers. Tablets present a totally new paradigm and make possible actions that previously were not possible. I can't easily create a website, edit a photograph, or create a video on a tablet but I can pick up a tablet, tap the power switch, and be reading a newspaper in less than 5 seconds. - You're going to start seeing tablets everywhere.
Attend just about any meeting at any company and you'll probably see at least one tablet. Companies that offer Wi-Fi access to their corporate LAN (and that's most smart companies) will drive this trend. Here's the typical story line: One person buys a tablet and everyone else makes fun of that person. The person with the tablet is able to leverage it to accomplish tasks that others can't. The others then purchase tablets. - Computer manufacturers are on board.
It's no longer just the Apple Ipad. Now Amazon has the low-cost Fire and I would expect at least one (and maybe two) new models from Amazon this year—models that offer more high-end options. Google's efforts to promote Android for phones and for tablets have brought Asus, Sony, Acer, Samsung, Toshiba, T-Mobile, Lenovo, HTC, and possibly some manufacturers I've missed on board. And this year Microsoft will ship Windows 8 and Windows will suddenly become an operating system for tablets. So far we know that Acer, Samsung, Lenovo, and Dell will make Windows 8 tablets. I can't imagine that Asus, Sony, and Toshiba will stay on the sidelines.
And What Do I Think So Far?
Nothing is ever perfect and I've found things to complain about but overall I'm finding that the tablet computer I own is useful and I'm glad that I purchased it.
It's an Asus Transformer TF101 running Android 3.2 on an Nvidia Tegra 2 processor with 1GB of RAM and 32GB of storage. It has front and back cameras, a 10.1" LED screen with 1280x800 resolution, stereo speakers, a micro SD card reader, and an HDMI interface. Here's what I've found, good and bad, so far.
- It's heavier than I thought. 680 grams is nearly a pound and a half. That's heavier than a book and holding the tablet in landscape mode while in bed isn't comfortable. (Yes, I am a wimp.)
- Documentation is omitted. There's a leaflet in the package. I could use the Transformer to visit the Asus website, where I found an instruction manual in English but I couldn't download it to the Transformer. I downloaded it to a desktop computer and e-mailed it to my Gmail account. Then I saved the file to the tablet. Silly!
- Support doesn't exist. The Asus website offers the ability to troubleshoot any problems you encounter but if you're unable to resolve the problem via the website's functions, there's no option to contact support.
- The camera is crap. I didn't plan to use the camera so the fact that it can produce only low-contrast, out-of-focus images doesn't really bother me but it might be a concern to someone who was counting on being able to use the included "5 Mpxl" camera at least for the occasional snapshot. No image created by this "camera" will be even remotely usable by anyone with vision better than about 20/300.
- Thousands of apps are available for download. Some are free or ad supported. Others cost a dollar or two. Needless to say, the quality is a bit uneven. Some of the apps are astoundingly good and others are astoundingly bad.
- Angry Birds is silly but fun. I could see some use for this in an algebra class because it's all about angles and trajectories. There's even a bit of logic built in.
- Having dozens of newspapers available for review (along with CNN, CBS, Al Jazeera, and even Fox) is helpful.
- With the Kindle application, tablets are able to do everything your Kindle can do and a lot that the Kindle can't.
On Boxing Day, I had an appointment to have some scheduled maintenance done on the car. When I arrived at the dealership (5:45 am) they weren't open yet. Traffic was a bit lighter than expected and every traffic light turned green as I approached it so the trip took less time than expected. No problem. I pulled out the tablet and started reading newspapers because the dealership has a free, open Wi-Fi service. When the dealership opened at 6, I went to the waiting area and continued reading. In the next hour, I had looked through Slate, the Los Angeles Times, the Chicago Tribune, the Toronto Star, and a couple of tech publications.
Instead of spending an hour sitting comatose in front of the TV screen (fortunately none of the other early morning patrons felt inclined to turn the set on) I was able to do the same thing I might have been doing had I been at home on a vacation day. (And, yes, after many years of getting up at 4am, arising at 5 almost seems like sleeping in. Almost. And also yes, occasionally on a holiday I do sleep in until 9 or 10.)
The Transformer has a slot for a Micro XD memory card and I bought a SanDisk 16GB Micro SDHC Flash Card with an adapter that converts it to a format that will work in a card reader I own ($16, shipping included, from Newegg). I use this to hold music files that the tablet can play with its built-in audio software.
An MP3 player is far more useful if you plan to use it at the gym but having a few thousand of my favorite selections on the tablet is handy when I'm using the tablet for something and would like to listen to music. With the price of hard drives rising because of the flooding in Thailand and the price of solid state memory continuing to drop, one might conclude that solid-state drives will soon match mechanical drives in price.
That's unlikely in the near term but still the thought of $1 per gigabyte for solid state memory is enough to give somebody like me who remembers the days of several hundred dollars for just a few kilobytes of memory a reason to stop and think about how much this amount of memory would have cost just 30 years ago and how large it would be. Hint: It would be a lot larger than a thumbnail.
Say Goodbye to the Notebook and the Desktop?
Nope. Tablets are by far the most usable handheld devices yet but I wouldn't want to use one to edit video or audio, to develop a website, to do any serious database work, or to edit a manuscript. Tablets are handy when it comes to providing quick, easy, and portable access to data. They are far less capable for tasks that require a lot of interaction with the device. They also simply don't have the power needed for many of the tasks I listed. Not yet, anyway, but I'm being careful not to say that the time won't come.
Oh ... And Then ...
Immediately after the New Year, Eweek seemed to shift gears: "Google's Android operating system may command 50 percent of the worldwide smartphone market share, but it's found a tougher go of it in the tablet space created and carved out by Apple and its Ipad, which has sold over 32 million units to date. Android has 10 percent to 20 percent of the tablet market combined, depending on which analyst firm you choose to believe." So maybe my choice wasn't really quite as stupid as I was led to believe.
The article noted reports by various research agencies that suggest Android's numbers will improve as the underlying operating system improves. "[I]t's hard to find people who find Honeycomb tablets as polished as the hallowed iPad," the article continues noting that "there are a number of nice Android slates in the market."
The article then shows off some of those, including one by Asus—the Eee Transformer Prime, which is a step above the tablet I own but otherwise looks identical.
Paying for Journalism
Why do we need journalists? Do we need journalists? That second question may be the more important of the two. If you know anyone who has lived in a place where "the news" is entirely controlled by the state, you wouldn't ask the second question and you would know the answer to the first. A surprising number of people feel that journalists are, if not actively harmful, at least irrelevant in this Internet age.
More people receive their news from the Internet than from radio. More people receive their news from the Internet than from television. More people receive their news from the Internet than from newspapers. Drive down just about any street in any city on any morning and you'll see only a few homes where newspapers have been delivered.
The Internet has decimated (in the true meaning of the word) income from auto dealers. The Internet has virtually eliminated want ads. Both of these were once mainstays of newspaper income.
Newspapers have been forced to reduce the size of what's called the "news hole", the non-ad components. Newspapers have laid off reporters and photographers. Despite all this, newspaper reporters still manage to find and report a lot of news and many newspapers place their stories online for free.
Some newspapers have had limited success with what are derisively called "pay walls" but most papers, particularly those in small towns, haven't been able to make pay walls work. People expect everything on the Internet to be free. The Wall Street Journal and the New York Times might be able to charge for content but the number of site visitors will drop dramatically.
Reporters can't work for free, even though some of them would if they were independently wealthy. So I've been thinking about a system that would allow journalists to be paid without forcing subscribers to pay $25 or $50 or $100 per year for each subscription.
The problem now is that only a few people pay.
But consider the cable-television model: Although you may watch only half a dozen of the 500 channels you have access to, you pay for all of them. What if newspapers came up with a similar process by which all Internet users automatically had access to all news providers? The Internet service providers could charge all users $10 per month and the funds could then be divided among the news organization based on the amount of traffic they generate?
People might be willing to pay extra for premium publications (New York Times, Wall Street Journal) and nothing within the consortium arrangement would prohibit a news organization from requiring an additional payment for select areas of the publication. This arrangement would simply provide a base that news organizations could use to pay some of their operating costs.
Journalists and journalism are valuable. I hope that we don't have to discover that fact the hard way.
Short Circuits
Can "PARC" and "Profitable" Occur in the Same Sentence?
In the final (unintended) program of 2011, I reported the death of the founder of the Xerox Palo Alto Research Center (PARC), the organization that invented most of what is today's personal computing even though Xerox allowed the inventions to languish until some other company (Apple, Microsoft) noticed them and made billions. In 2002, Xerox spun off the business unit as "PARC" and gave it a mandate to become profitable.
Research scientists are not venture capitalists and it's taken PARC several years to work out the process of licensing its own inventions, finding business partners to pay for basic research, and acquiring patents that can be licensed to others. But its done a better job in the past 10 years than Xerox managed to do in the previous 30.
The term for this new concept is "open innovation" and PARC clients now include not only Xerox but a host of other companies—Fujitusu, Microsoft, Motorola, NEC, Oracle, and Samsung just to name a few. There are also some partnerships with government agencies and PARC is filing about 150 patent applications a year.
PARC continues to be a relatively small company (just 250 people) who are interested, as always, by the concept of inventing the future. Freed from the total control of a dinosaur, it has even become profitable.
It's too bad that Xerox didn't figure this out earlier but knowing the way large corporations work, a committee probably had to be formed to study the feasibility of forming a committee to study the question of giving PARC some level of autonomy. After 5 years of exhaustive study, the results would need to be turned over to the legal department and the marketing department, each of which would have to establish work groups to study the various long-term and short-term implications of making any change, no matter how small. (In honesty, that last bit is entirely a figment of my imagination; then again, it may not be far off the mark.)
Verizon and the Terrible, Horrible, No Good, Very Bad Day
The CEO of Verizon may have to forego buying a new yacht this year. The company, apparently noticing the figurative band of axe-wielding customers approaching the front door, has abandoned the proposed $2 fee that would have applied to some of its customers.
This is known as "gotcha capitalism". Companies advertise one price but by the time they finish piling on all of the additional fees, the final price has escalated by a quarter or a third.
In Verizon's case, the company said it would start charging customers $2 if they paid their bills by credit card. The amount of hatred expressed for Verizon on Twitter, Facebook, and other social media was so extreme that the company backed off just one day later.
The $2 fee, which was supposed to go into effect in mid January, "was designed to improve the efficiency of those transactions," according to a statement by Verizon. If by "efficiency" the company was referring to the ability to extract money from customers, the statement is correct. Otherwise, not so much.
ConsumerWorld.org, a site created by Edgar Dworsky, shows that Dworsky understands what Verizon and its marketing department don't. "I just think people are sick of being nickel-and-dimed by big companies," said Dworsky. Many years ago when I studied public relations in college, I was told that the public relations vice president should serve as the company's conscience. Either that lesson has been abandoned or the other managers at Verizon overruled the PR vice president's recommendations.
Besides the response from Verizon's public, the Federal Communications Commission also indicated that it planned to investigate.
Netflix Streams, Stock Soars
There's been so much bad news about Netflix over the past several months that it feels good to have something positive to say. Netflix is reporting that its streaming-video customers watched more than 2 billion hours of content in October, November, and December. In addition to that, the company's stock is up by more than 10%.
Netflix CEO Reed Hastings says the company has about 20 million customers who subscribe to the streaming service. The customers live in 45 countries.
Netflix is on the verge of offering its own original programming and that may have caught the attention of HBO, which has announced that it will no longer sell DVDs to Netflix.
The first original Netflix program will be "Lilyhammer". The program will star Steven Van Zandt as a New York gangster. Previously Van Zandt acted in the "Sopranos" series. The first episode of Lilyhammer is scheduled for February 6.
If the Netflix streaming service could be considered a "network", it would have more viewers than any cable network—and that includes the big ones such as Fox and CNN.
Customer dissatisfaction with a new pricing scheme that dramatically increased prices led nearly 1 million people to cancel accounts and Netflix stock lost nearly 80% of its value. Instead of $300 per share, the stock dropped to about $63. As of this week, it's back to about $80.
The author's image: It's that photo over at the right. This explains why TechByter Worldwide was never on television, doesn't it?
