Thursday, February 28, 2008

Don't Panic

A couple of weeks ago, I talked a little about how spammers use your own e-mail addresses as a way to trick spam filters. And though it was implied, I forgot to talk about one more issue that this creates: the fake bounce messages.

Many years ago, when the Internet was made up of nothing but nice people, the idea of spam and viruses were never a consideration. And the network was not always reliable. E-mail addresses changed or there were problems. Someone got the idea that one solution would be the equivalent of a "return-to-sender" in postal mail. So they set up the bounce message. It would tell the sender that the message didn't reach a recipient, and give a reason (no such address, mailbox full, etc.). This was useful for troubleshooting and as general information.

But viruses and later spammers eventually learned to "spoof" an e-mail address. This means to put a fake e-mail in the "From:" field of a message. This is usually chosen at random from the list of addresses to be spammed. The result is that you can get a bounce message saying the message is undeliverable -- even when you haven't sent a message.

This doesn't mean you have a virus. It's just that your e-mail address won the (un)lucky drawing. You can safely ignore the message. You may get several of them for a few days and then not see any more.

There's no real prevention. The reduce these (and for other reasons -- spammers use the bounce messages to determine what e-mails addresses are good ones), most system administrators turn off this feature. But there are always a few who don't bother or who aren't up to date with best practices, so the messages will be with us for a long time. Just delete the message and move on.

Wednesday, February 20, 2008

Essential Freeware: CCleaner

Someone left a message in the comments of the blog recommending I talk about Ccleaner. Since I've always looking for topics, that seemed as good a one as any.

Ccleaner (originally called Crap Cleaner) is a utility that cleans up unnecessary files from your computer. This includes temporary Internet files, cookies, files in the recycle bin, and some unnecessary registry items. It will do a scan of your hard drive for the files and let you specify which ones you want to delete.

Note: Be careful when deleting registry entries. While I've never have had any problems deleting the software's suggestions, there is some potential that it could cause them.

Ccleaner is a nice way to make sure your hard drive isn't bogged down with useless items.

Tuesday, February 19, 2008

Essential Freeware: Ad-Aware

Not so long ago, when we mentioned "spyware" to students, they didn't know what you meant. Now, they do -- it's software that takes over your computer, usually changing your home page of adding popups.

Ad-Aware is software to help fix that. It scans your computer and fixes and spyware problems you might have. It's an essential cleaning tool.

Ad-Aware is made by Lavasoft and comes in both a free and paid version. Obviously, I'm partial to the free one. It does a nice job of cleaning the computer. You can download it from Download.com. Download the file, update it, and run the scan.

The program lists both critical and non-critical spyware that it finds on your computer. Its defintion of spyware is pretty restrictive, so it catches a lot of things. If you run a scan, the most common thing you'll find will be tracking cookies. Those are a minor threat (and Ad-Aware identifies them as such). What that means is that a website is keeping track of your browsing. While there are privacy concerns, they will not affect how your computer operates.

If you run an Ad-Aware scan weekly, it'll go far to prevent spyware problems. In addition, the software can fix things if you're infected with spyware.

Thursday, February 14, 2008

Snopes is Your Friend.

I mentioned Snopes earlier this week, and figured it needed some explanation.

Snopes has been around for at least ten years, and is a repository of urban legends run by Barbara and David Mikkelson. Every day (sometimes more often), the investigate reports of rumors and stories and try to determine their truthfulness. This isn't just an Internet search; they try to track down the people involved and interview them about the legend. The result is a definitive answer as to the truth of legends like "David Rice Atchinson was president of the US for one day"(he wasn't) or "Walt Disney's body was put into cryogenic storage" (of course not).

How does this fit in with computers? Well, there are many computing urban legends, about Computer Viruses, the Internet, and messages forwarded to your inbox. It's worthwhile checking out Snopes whenever you get any warning about computing issues that doesn't come from I&TS or directly from some other computer experts.

Wednesday, February 13, 2008

When to contact I&TS

First of all, I&TS does not repair student computers. There are potential warantee issues, plus the fact that we don't have the staff to offer the service.But, when it comes to viruses and spyware, there are gray areas. I&TS can be involved to various degrees, depending on the issue.

But how do you know it's a virus or spyware? Here are some tips:

It is a virus if
  • I&TS has shut off your Internet connection.

In this case, and this case only, I&TS may want to double check that your computer is clean before allowing you on the network.

It is spyware if

  • You get popups that display even when you aren't browsing the web.
  • You can't reach certain websites.
  • Your home page has changed and won't change back to the right one.

If you have these symptoms, you can contact the Call Center at x2573 for advice on how to fix it. I&TS will not look at your computer, but we will give you advice on how to fix the problem yourself.

It's not a virus or spyware if

  • You cannot reach your desktop.
  • The hard drive is making unusual noise.
  • There are problems with peripheral devices like flash drives, printers, etc.
  • There is a problem with the monitor display

If your problem is of this nature, you should contact your computer manufacturer.

Tuesday, February 12, 2008

IM the Helpdesk

In order to add new ways to contact I&TS, we have added Instant Messaging to contact us.

If you have AIM, you can contact I&TS by sending a message to ccsiena200809. Consultants will be on duty during regular helpdesk hours -- 8:00 am to 5:00 pm weekdays.

Please note that this should be used for issues that pertain to Siena computing such as viruses, spypware, how to use Siena systems and software, phone issues, etc.

Monday, February 11, 2008

Hoax

I got my first question about a virus hoax this year today. That's progress.

What is a virus hoax? It's an e-mail message warning you of a virus. The first sign of one, is this warning:



PLEASE FORWARD THIS WARNING AMONG FRIENDS, FAMILY AND CONTACTS

That's the entire point of the hoax: to get you to e-mail the message to everyone you know.

Luckily, here at Siena, most faculty know not to do this, or at least to contact I&TS first. But students sometimes get caught.

It's a nice exercise in social engineering, of course. That's the term for fooling people into doing what you want them to do. This is harmless (other than causing needless anxiety), but other forms of social engineering are used to steal passwords and other security information.

It used to be you could plan for these every October. In September, thousands of Freshmen across the US got their first e-mail accounts, and by October, they learned how to FWD:FWD:FWD:FWD mail. Now it's less predictable and can happen at any time.

The messages can take many forms, but, oddly enough, they all contain this paragraph:

This is the worst virus announced by XXXX. It has been classified by Microsoft as the most destructive virus ever. This virus was discovered by McAfee yesterday, and there is no repair yet for this kind of virus. This virus simply destroys the Zero Sector of the Hard Disc, where the vital information is kept.



I've been seeing these for over ten years, and 85% of them have some variation of this. The name of who announces it, who classifies it, and who discovers it varies, but the "Zero Sector of the Hard Disc" is almost a constant.

But that doesn't mean it doesn't change. The subject line varies, with new variants every few months. But lately, they've been adding this line:


checked snopes.com, and it is for real!! http://www.snopes.com/computer/virus/postcard.asp



Snopes is a site that debunks urban legends and hoaxes, and is a good way to check if a message is real or not. But the link given goes to a different message, one about a real virus. If you click on it and read it, you'll see it has nothing to do with what is in the warning e-mail (No "Zero Sector on the Hard Drive"). The sender is betting that you won't click on the link, and if you do click on it, you won't read the message to see that the link has nothing to do with the warning.

Until the Gullibility Virus is eradicated, virus hoaxes are going to show up from time to time. If you get one, search for the subject line in Google and you'll usually see it's just a trick.

Friday, February 8, 2008

Cache and Carry

When web browsers were first developed, the Internet was slow. And slow Internet caused problems displaying pages and graphics. So web browsers created cache files.

The idea was simple. If you went to a website, the site was saved on your hard drive. If you went there again, your browser would check to see if the site had been updated. If it had, it downloaded the new page. But if the site has remained the same, it displayed the cached version. This loaded faster since the page didn't have to be downloaded.

Nowadays, this caching isn't really an issue for most users, especially since pages have dynamic content and change much more often then they did in the early days. But the cache remains, taking up space on your hard drive. It's always a good idea to clear it. Each browser has a different method.
  • Internet Explorer. MSIC doesn't have cache files -- it has "Temporary Internet Files" Microsoft has a propensity for renaming things that already have perfectly good names. You clear your Temporary Internet files by clicking on "Tools," and "Internet Options." In MSIE 7, look for a section that says "Browsing History" and click on "Delete." There are several options. Most are fine to delete except for "cookies." Not that deleting cookies are a problem, but sometimes the data is used for logins and such; if deleted, you may have to log on to sites that kept your login data for cookies. Your call.
  • Firefox. Click on "Tools," "Options," and "Advanced." There is a "Clear Cache" button.

You should clear your cache from time to time just as basic maintenance. Also, it can be a place where spyware hides, so clearing it can occasionally help in that respect.

Thursday, February 7, 2008

Power has returned

It didn't affect I&TS services much, though Blackboard (not run by I&TS was down). Things should be back on line soon, if not already.

Power Outage

There was a power outage on campus that affected the Standish Library and some of the residence halls. This may cause problems with some computing services. Once power is restored, we will boot up any systems that may have been affected.

The Great Profile

Faculty and staff on the I&TS network may occasionally get a message that they have exceeded their profile storage space and they can't log off the computer.

We try to have generous limits on the profile size. However, sometimes software puts data in the profile -- often temporary files that can go elsewhere (peeve) -- that fills up the space quickly. This also occurs at Siena if you download pictures into your profile instead of elsewhere.

To avoid downloading the pictures, save them in the "username pictures" folder in your "My Documents." If you see a folder called "My Pictures" without your username, switch -- this is the one in the profile.

Some software also causes problems with the profile. The most egregious offender is Google Earth. One Google Earth session can seriously mess up your profile as it saves temp files there. However, there is a way to use Google Earth without having a problem. I&TS has developed a file that will clean out your profile when you exit Google Earth, avoiding the issue. If you want to use Google Earth, let us know and we can install it.

You can also clean your profile yourself. Instructions are at the http://www.siena.edu/sienatech web page. Here's a direct link.

Wednesday, February 6, 2008

Citrix on a Mac

Good news for Mac users: Citrix has just released a new client for the Mac that makes using Citrix much easier.

Citrix is a form of virtual computing, where you can run programs remotely. For instance, we have some databases in the library that are open to the Siena community. Instead of having to go down to the library, you can research them from your computer. There's also software (like SPSS) that can be accessed.

This works on the Macintosh, even if they are Windows programs. Since your computer is only a terminal in a Citrix session, the Operating System makes no difference.

The new software can be found on the Citrix site. Once you install and configure it, you can log on the Citrix, and click on any program you see to run it. It will ask to open the program in the Citrix client; once you choose "yes," then the program will run.

Files will be saved in your network "My Documents" folder, and can be downloaded or worked on again through Citrix.

Tuesday, February 5, 2008

Software Graveyard: Harvard Graphics & Zenographics Mirage

As is obvious, PowerPoint is the undisputed king of presentation software (OpenOffice's Impress is trying, and Google is getting into the act with Google Presentations, but they are currently still only minor pretenders to the throne). But before PowerPoint, there was Harvard Presenatation Graphics.

Actually, there still is. But you don't hear about how someone is going to do a Harvard Graphics presentation. Still Harvard was the first. Before Windows came out, it was the software you used to create a presentation. Similar in design to PowerPoint (though I don't recall if it had the outline feature), it let you create presentations even before there was a good way to present them. But it remained the leader until Microsoft bundled PowerPoint with Office. Few people were willing to buy a stand-alone program for the one or two presentations they made a year, but if it was part of the Office Suite, anyway, you had it and learned to use it. Harvard Graphics just faded and was forgotten.

I doubt anyone remembers Zenographics Mirage; I only know about it because I used it for several years to create slides (the type you projected in a Kodak Carousel). I worked at a graphic design firm, and created what would now be PowerPoint slides for presentations (GE was our biggest customer). Mirage (and its graphic entry software, Ego) used a digitizer to trace images. I would put them onto the digitizer board and touch it with a pen to indicate the image. Mirage/Ego was not good with curves at all (It took me weeks to get a decent version of the GE logo* when they changed it**)

But Mirage was difficult for the average user to use, and you had to create each slide individually. Even such things as aligning text was a chore. It probably was never going to be popular software, but it did the job in the days before more advanced software was developed.

*Known in Schenectady and "the meatball." There was also the "flying meatball" with the words General Electric and the logo in the middle.

**The logo was changed in the late 70s. No one outside of GE ever noticed the changes.


Monday, February 4, 2008

"You" isn't you.

We've been getting a few questions lately about our spam filters. We use Postini to filter out spam, and it does a pretty good job.

But no spam filter is perfect. The more restrictive it is, the more likely it will block a message you want to recieve. I noticed this recently with my Yahoo e-mail: it had taken it on its own to block mail from a bunch of senders I wanted to allow. Luckly, you can just specify the message as not spam and then Yahoo will let it through.

So Postini, like all spam filters, has a procedure to notify you of messages blocked by your spam filter. And each day, Siena e-mail users get an e-mail listing what has been blocked.

If you go down the list, there's a good chance you'll see an e-mail "from" your own e-mail address. We've been getting calls about people who are worried that this might mean their accont has been compromised.

Well, fear not. It is trivial to fake an e-mail address. Back when I was using Netscape mail, you could put anything you want in the "from:" field*. This has become more difficult for the average user, but if you're sending spam, it's ridiculously easy.

Think of the "From:" on an e-mail as the return address on an envelope. There's no way to prevent someone from using your real address, even if you haven't sent the letter.

So why use your e-mail address for spam? There are two general reasons:

  1. Many people put their own e-mail on a whitelist, so that if they e-mail themselves (say, a copy of an e-mail or as a way to transfer files), it will bypass the spam filters. Note, "bypass the spam filters." That phrase attracts spammers like garbage attracts cockroaches. So they develop software to match the "From:" field to the "To:" field. (Postini doesn't consider the "From:" field when scanning e-mail.)
  2. Some spam chooses an e-mail address at random from the list of addressees to make it harder to trace. If it's yours, then you're the lucky one (you'll also get messages that your e-mail cannot be delivered).

So, what do you do? Nothing. It would be impossible to track down who actually sent the message (at least, impossible without getting law enforcement authorities with the right to subpoena involved). The fact that your name is being used is just luck of the draw, and doesn't mean there's anything wrong with your computer or that your e-mail account has been hacked. It can be safely ignored; just delete the message and don't think about it.

*Much of the early software for the Internet was based on the idea that "We're all good people and will play nice," so security wasn't even considered.