HOSTS file.

Whenever I am asked to work on a PC, the first thing I do – every time – is install a HOSTS file. It’s one of the simplest security measures you can take – just a text file in a folder – and the least well known. Everybody knows about virus scanners, many users know about malware scanners, but very few people know about the HOSTS file.

So let’s start with what a HOSTS file is.

You may already know what a DNS is: for our purposes here, it’s a map that points a domain name to the address of a computer somewhere on the internet. For instance, “google.com” maps to 173.194.64.104. That number, or “i.p. address”, refers to a specific end-point, or node, on the internet. Tables of DNS records are stored on special servers, so when you type “google.com” in your browser, a request is sent out, the i.p.address is returned, the connection is made, and the computer Out There and your computer Right Here begin sharing information, in this example, a web page.

The HOSTS file is the first stop on your browser’s trip. You’ve got one on your computer now: if you have a Windows PC, go to c:\windows\system32\drivers\etc. Open the file in Notepad. What you’ll see – after all the #comments at the beginning – is an i.p.address and domain name, probably this:

127.0.0.1     localhost

Another way that us computer guys say 127.0.0.1 is “home”. (It also goes by the term, “loopback.”)

In short, it’s the i.p.address that your computer uses internally to refer to itself. Your computer’s way of saying, “me.”

What this means is that if you type “http://localhost” into your browser’s address bar, your browser looks to the local computer for that content. (Unless you have a web server installed, it won’t find anything, but you’re welcome to try.)

Here’s the important part:

Because you provided an i.p.address for the domain, the browser stops looking. It doesn’t go to the internet for the content because the HOSTS file says it’s local. Because there’s nothing there, the request dies.

So?

Let’s pretend, instead of an innocent internet user, you’re a piece of malware, and you need to send the information you’ve collected back to the lair of the evil mastermind. You’re programmed to look for myEvilOverlord.com, which is, unfortunately for you, an entry in our hosts file. You can’t phone home.

Let’s pretend, instead of a piece of malware, you’re a browser add-on, and your job is to pop open advertising windows. You do this by connecting to the server of your Evil Mastermind to determine which gambling or porn sites you’re supposed to load. Unfortunately, again for you, myEvilOverlord.com is blocked. No windows open because you can’t get your instructions and if you do open any, they will be blank.

Isn’t that awesome?

So, that’s all?

That’s all? We’ve blocked malware from transmitting your credit card number and prevented your mother-in-law – who’s checking her email while you’re fixing yourself a stiff drink – from getting a dozen pop-ups for Asian scat and bondage porn, and you say, “that’s all?”

No, as it happens, that’s not all.

You can be a jerk about it.

Go to one of your co-worker’s PCs and put this entry into the HOSTS file:

127.0.0.1     www.facebook.com

I’m sure you could find an interesting i.p.address to plug in. You can repoint a website to ANY i.p.address, though you should note that just because you type in the i.p.address of some objectionable site, doesn’t mean that the site will load. Many times, the domain and the i.p.address are linked on the host: you’ll connect to the server, but it won’t show you anything worthwhile. Might be fun to experiment, though.

But seriously…

Your browsing experience will be, just generally, different. Cleaner for one. Take this LiveJournal blog, for instance:

Those ugly purple blocks are ads. This poor user is browsing the internet without a HOSTS file. Tsk tsk tsk.

This is the same blog, viewed on a PC with a HOSTS file. Look ma, no ads!

Now, there are two warnings I need to offer here.

First, you won’t see ads and much content in the margins of your browsing experience, so you might forward a web page you think is hysterical and get an angry email from your best friend complaining about the porn ads on the page. (Use that as an opportunity to set her up with a HOSTS file.)

Two, many websites track button clicks through ad hosting/tracking services that a full HOSTS file blocks, and if that’s the case you’ll get on the site but won’t be able to navigate. HowStuffWorks.com is that way: if I want to browse the site, I have to disable my HOSTS file. The “sponsored” links in yellow at the top of your Google search? Blocked.

Those are minor issues, though. It’s very worth it for better, faster, and most importantly, safer browsing.

OK, so where do I get one?

Here.

First Wedding Video

Several weeks ago I videotaped a wedding. My friend Lezlie referred the couple to me, and I accepted. I’ve always said no to that sort of thing because I’ve heard horror stories about bridezillas, but even moreso because it matters: I don’t want to be the guy that people point at and say, “That’s him…that’s the man that fucked up the record of the most important day of my life.”

There is a man named Mark with whom I have kept a casual friendship for a few years. My brother knows him: they both work for Entercom Radio/Media. We’ve met once in person, and stayed in touch through Facebook, and I knew through that venue that he’d recently purchased a set of studio lights. I sent him a message, asking if that was true. He wrote back, “Yes, why?”

I don’t know why I did it, but it was an inspired choice to contact him. My initial thought was to just ask if I could rent his lights. The question was typed and sent before my brain registered the action: “Want to help me shoot a wedding?”

I didn’t even know he had a video camera – as it turns out he has two. Between the two of us, we ended up with four cameras to shoot the wedding: bride-cam (static), groom-cam (static), Mark-cam (mobile), Me-cam (mobile). The plan ended up being to let the two front cameras capture the entire service from different angles at a fixed point of view; that would be the foundation. Then, Mark and I with our two cameras moved from place to place, capturing whatever looked interesting: reaction shots from the congregation; the ring bearer (cute but precocious kid) handing the ring to the best man; the scripture readings; things like that.

A year ago, I might have called a couple of old friends to help me with this, and I would have been nervous the entire time, wondering if they were capturing what I needed. They’re really good behind a camera, if they have very strong direction, but if you just point them in a direction and push to get them started, they will eventually wander. Their idea of “good enough” is nowhere near mine.

I finally saw his footage after finally getting a card reader and downloading it, and my impression from watching him at the service was correct: he paid attention – very close attention – and captured everything I needed him to. It was like dancing: we each just moved with the “music” of the service and reception in a loose step, me leading, him following from across the room. He even caught some moments I didn’t expect, but were absolutely beautiful choices: a close-up of the organist’s hands for instance.

The groom said to us at the reception: “Man, you guys were everywhere and nowhere.” That was the best compliment he could have given us. The priest even thanked us for our discretion at staying unobtrusive.

I learned through this process that Adobe Premiere has a multi-camera feature, where it will place four separate tracks of video into an interface where you can watch them simultaneously and pick and choose your shots on the fly. It saved me hours of time I’m sure.

I’ve nearly done editing. The finished product looks amazing.

Sending credit card information by email

There’s a lot of discussion on the web on this subject. Most writers recoil in horror from the very thought with the attitude of, “Better to be paranoid than sorry.”

Yeah, I can see it, but only to a point.

Let’s pretend that I’m going to send my credit card info in not one, but three emails: the first email gets the first half, second email the second half, and the third gets the CCV number. In each email I’m going to place the numbers inside blocks of random text. I will assume that the merchant I’m contacting already has my billing address.

I contend that this as safe as sending all that information in a webpage form over an SSL connection.

Let’s examine some points.

According to Verisign in a document published in 2005, approximately 2.25 billion emails are sent per day. Since that document doesn’t track domains such as .edu, we can assume that the number is much, MUCH higher. Let’s say, conservatively, 5 billion. That was six years ago. Assuming a growth rate of 10% (a ridiculously low number), we land on approximately 8.9 billion emails. Each. Day. It is safe to assume that number is much higher.

Let’s say there are one million hackers in the world whose sole purpose in life is to watch emails for credit card numbers. Each hacker gets 8900 emails to deal with: with 86,400 seconds in a day, he has about 9 seconds to process each one. Any good programmer can write a program to do this automatically. We’re not done, yet, though.

Now, the average email takes an average of ten to fourteen steps through various servers before it lands in your inbox. It is extremely rare for two consecutive emails to take the same path. Thus, our hacker will in all likelyhood, not see all three of the emails. That’s okay, though, because some other hacker has the other missing pieces.

Maybe. And even if so, which one (or two) of the million hackers has the other pieces?

Can you see how hopelessly complex this problem is? Working on the theory of diminishing returns, the amount of effort required to harvest one credit card number this way just isn’t worth the effort.

Now, another scenario:

Tonight, I will go out to dinner with my family. When the meal is done, I will hand my credit card to the waiter. He or she will disappear with my card for as long as ten minutes. During that time, that card is out of my control: the waiter can do whatever he or she wants with it. If I’m not otherwise careful online, Facebook or some blog somewhere will divulge my home address – all the information anyone would ever need to steal my identity.

I do this at least once a week without a second thought.

One wonders if the paranoia isn’t a little misplaced.

 

Windows 7: What a disappointment.

So, I got a new computer. The old one, a 6 year old custom built Asus/AMD finally is starting to show its age, and when the power supply gave up I figured it was a good time to get a new system. I called my local computer store, explained what I wanted and signed the work order. It’s a graybox i7 with 12gb ram. Very fast, very slick.

The big question was the OS: Windows XP 64bit or Windows 7 64bit. I’ve used Windows 7 on a virtual machine on my old XP box and really like it (even without the Aero interface, which the old machine wasn’t powerful enough to support.) So I booted up the virtual machine and installed all my work-a-day apps on it: Cakewalk Sonar, Adobe Premiere and FXHome  VisionLab Studio being the really important ones. Each ran – though the FXHome product has to be run in XP Mode – and so I fired off an email: proceed with Windows 7.

I have since discovered what a mistake that was. Granted I should have done more thorough testing: I only started each package to see if it would run without error, which each did. Now, having done some additional research trying without success to work on a project, I’ve found the following things:

Recording “Stereo Mix” (a.k.a. “What U Hear”) off your sound card isn’t simple any more. On my new PC, it’s simply not an option. A Google search for a fix showed me that many others have had the same problem. The recurring theme was, “It worked fine in XP, but when I upgraded to 7 (or Vista), it didn’t work any more.” Many solutions were tossed out, like upgrading/reinstalling sound card drivers, right-clicking in device properties and checking “show disabled”, none of which worked for me, although I could be forgiven for asking

Why the hell should that even be necessary?

Sorry, I’m a little miffed. Seems to me that for content producers like me and others, this task should be a fundamental assumption so why should we have to work so hard to do it after “UP”grading? Microsoft in bed with RIAA..?

Ya think?

Yes, I can use the stereo mix to record stuff off YouTube…yes, that’s a violation of copyright…yes yes yes yes friggin’ yes. However, there are plenty of legitimate reasons to record the Stereo mix – not the least of which is a mix-down of audio tracks and MIDI-controlled audio output from my keyboard, something I do ALL THE TIME.

Or at least, I used to.

In XP.

Yeah, okay, now that we’re here, there’s MIDI. Same issues: worked fine in XP, doesn’t work now. Even the company that built my PC knew that 7 doesn’t support legacy MIDI interfaces, though they let me choose 7 anyway.

Which is why I’m miffed. No, not miffed. Pissed off.

I’m a user. I don’t build PCs for my living. According to what I’ve read this morning, audio/MIDI issues like the ones I’m facing now were introduced with Vista, so given that track record, my PC builder – who knows me and what I do – should have known about these issues and recommended – no, insisted on – Windows XP.

That I am discovering this now, mid-project, that I will have to take two hours out of my day to take the PC back and have it fixed (twice, if I have to drop it off and then go back), that I will have to reinstall all of my applications, another four hours gone: for all these reasons, I’m pissed off.

 

Installing software

My partner at work is one of those people who installs every upgrade and always accepts the default installation for any new software. Now, if you read that and thought, “Wow, what an idiot,” then I’m preaching to the choir: go to the Fellowship Hall, grab a cup of coffee and a serving of pie and wait for me, I’ll be there in a minute.

If you read that and thought, “What’s wrong with that?” read on. This article is for you. I’ve got pie waiting so I’ll be as brief as possible.

Remember those days way back when, when software came on CDs, and what it said on the package is what you were installing and that was it?

Now, all the software you could ever want to do just about any task that software can do is just a download and a few mouse clicks away. That’s a mixed blessing, as it happens, and this is the most important part:

Most software comes bundled with other stuff, and if you accept the default install, you’re getting it all whether you like it or not.

It used to be that the bundled software was innocuous, nothing to worry about. Most often, now, it’s yet another browser toolbar you don’t need or want. (Most open source software published under Gnu licensing rules is bundle-free.) Install enough stuff, and your browser will start to look like the picture.

Is that what you want?

Even software I would usually trust right out of the gate, like the anti-virus I just installed this morning, AVG, had the Ask.com toolbar bundled with it.

Remember this one thing, if nothing else: there is no browser toolbar that you need. All “helpers” just provide functions that are readily available in most browsers anyway, slow down your browsing experience, and, usually, report your browsing habits back to the owner, who then sells that information to marketers.

Really, is that what you want?

Here are my hard and fast rules on installing software:

Never, ever, EVER accept the default installation. Always select the “Custom” install.

Never, ever, EVER install any software except the stuff I specifically downloaded and want

It’s so simple, isn’t it? When faced with the choice of “Simple” (or “Quick”) and “Custom”, always choose “Custom.” Do this, and your PC will be cleaner, faster, and your browser window will always be user-friendly.