I just fixed your computer.

Posted July 21, 2013 by mapsedge
Categories: Business, How-To

Hello.

I just spent about six hours fixing your computer. It was infected with several viruses, about two dozen bits of malware, and more than one thousand individual malicious registry keys, cookies, and Internet Explorer add-ons.  No, I’m not exaggerating.

As a part of this process, I did the following things:

1. I ran no fewer than five different virus and malware scanners. Each one found different infections.

2. I installed WinPatrol, SuperAntiSpyware, and Microsoft Security Essentials, each of which will monitor your PC and help to prevent future infections.

3. I installed a HOSTS file, to prevent any malicious connections.

4. I installed Google Chrome and made it the default browser. I also set the homepage to this blog entry, so you could see what I did.

Now, to prevent this from ever happening again, I have some advice to offer:

1. Stop downloading stuff.

If a program pops up offering to fix your PC, never ever click “Yes”. You had at least two of these installed. Often as not, these are themselves viruses by definition, and they’re hard as hell to get rid of. If you didn’t specifically go looking for it, do not install it!

If you see an offer for software that will make your internet experience better, don’t install it. It’s lying.

If you see a new toolbar, don’t install it. It won’t help you.

See a new search utility? Don’t install it. It’s just running google in the background anyway.

Seeing a pattern? Stop downloading stuff.

2. Use Google Chrome to browse the web. Stop using Internet Explorer right now. Here’s why.

3. Never play games or accept app invitations on Facebook. At least two of the infections on your PC were related to a Facebook app. No kidding, Facebook is not your friend. You’ve got better things to be doing with your time anyway.

Summary

Viruses and malware don’t just happen. They’re like vampires: you have to invite them in. Every virus I cleaned today was the result of a browser helper, toolbar, search utility, web helper, or Facebook app that you installed by downloading something.

Stop downloading stuff. Really.

Advertisements

HOSTS file.

Posted November 17, 2011 by mapsedge
Categories: Biography-History

Whenever I am asked to work on a PC, the first thing I do – every time – is install a HOSTS file. It’s one of the simplest security measures you can take – just a text file in a folder – and the least well known. Everybody knows about virus scanners, many users know about malware scanners, but very few people know about the HOSTS file.

So let’s start with what a HOSTS file is.

You may already know what a DNS is: for our purposes here, it’s a map that points a domain name to the address of a computer somewhere on the internet. For instance, “google.com” maps to 173.194.64.104. That number, or “i.p. address”, refers to a specific end-point, or node, on the internet. Tables of DNS records are stored on special servers, so when you type “google.com” in your browser, a request is sent out, the i.p.address is returned, the connection is made, and the computer Out There and your computer Right Here begin sharing information, in this example, a web page.

The HOSTS file is the first stop on your browser’s trip. You’ve got one on your computer now: if you have a Windows PC, go to c:\windows\system32\drivers\etc. Open the file in Notepad. What you’ll see – after all the #comments at the beginning – is an i.p.address and domain name, probably this:

127.0.0.1     localhost

Another way that us computer guys say 127.0.0.1 is “home”. (It also goes by the term, “loopback.”)

In short, it’s the i.p.address that your computer uses internally to refer to itself. Your computer’s way of saying, “me.”

What this means is that if you type http://localhost into your browser’s address bar, your browser looks to the local computer for that content. (Unless you have a web server installed, it won’t find anything, but you’re welcome to try.)

Here’s the important part:

Because you provided an i.p.address for the domain, the browser stops looking. It doesn’t go to the internet for the content because the HOSTS file says it’s local. Because there’s nothing there, the request dies.

So?

Let’s pretend, instead of an innocent internet user, you’re a piece of malware, and you need to send the information you’ve collected back to the lair of the evil mastermind. You’re programmed to look for myEvilOverlord.com, which is, unfortunately for you, an entry in our hosts file. You can’t phone home.

Let’s pretend, instead of a piece of malware, you’re a browser add-on, and your job is to pop open advertising windows. You do this by connecting to the server of your Evil Mastermind to determine which gambling or porn sites you’re supposed to load. Unfortunately, again for you, myEvilOverlord.com is blocked. No windows open because you can’t get your instructions and if you do open any, they will be blank.

Isn’t that awesome?

So, that’s all?

That’s all? We’ve blocked malware from transmitting your credit card number and prevented your mother-in-law – who’s checking her email while you’re fixing yourself a stiff drink – from getting a dozen pop-ups for Asian scat and bondage porn, and you say, “that’s all?”

No, as it happens, that’s not all.

You can be a jerk about it.

Go to one of your co-worker’s PCs and put this entry into the HOSTS file:

127.0.0.1     www.facebook.com

I’m sure you could find an interesting i.p.address to plug in. You can repoint a website to ANY i.p.address, though you should note that just because you type in the i.p.address of some objectionable site, doesn’t mean that the site will load. Many times, the domain and the i.p.address are linked on the host: you’ll connect to the server, but it won’t show you anything worthwhile. Might be fun to experiment, though.

But seriously…

Your browsing experience will be, just generally, different. Cleaner for one. Take this LiveJournal blog, for instance:

Those ugly purple blocks are ads. This poor user is browsing the internet without a HOSTS file. Tsk tsk tsk.
This is the same blog, viewed on a PC with a HOSTS file. Look ma, no ads!

Now, there are two warnings I need to offer here.

First, you won’t see ads and much content in the margins of your browsing experience, so you might forward a web page you think is hysterical and get an angry email from your best friend complaining about the porn ads on the page. (Use that as an opportunity to set her up with a HOSTS file.)

Two, many websites track button clicks through ad hosting/tracking services that a full HOSTS file blocks, and if that’s the case you’ll get on the site but won’t be able to navigate. HowStuffWorks.com is that way: if I want to browse the site, I have to disable my HOSTS file. The “sponsored” links in yellow at the top of your Google search? Blocked.

Those are minor issues, though. It’s very worth it for better, faster, and most importantly, safer browsing.

OK, so where do I get one?

Here.

First Wedding Video

Posted November 6, 2011 by mapsedge
Categories: Interesting Stuff, Software, Technique

Tags:

Several weeks ago I videotaped a wedding. My friend Lezlie referred the couple to me, and I accepted. I’ve always said no to that sort of thing because I’ve heard horror stories about bridezillas, but even moreso because it matters: I don’t want to be the guy that people point at and say, “That’s him…that’s the man that fucked up the record of the most important day of my life.”

There is a man named Mark with whom I have kept a casual friendship for a few years. My brother knows him: they both work for Entercom Radio/Media. We’ve met once in person, and stayed in touch through Facebook, and I knew through that venue that he’d recently purchased a set of studio lights. I sent him a message, asking if that was true. He wrote back, “Yes, why?”

I don’t know why I did it, but it was an inspired choice to contact him. My initial thought was to just ask if I could rent his lights. The question was typed and sent before my brain registered the action: “Want to help me shoot a wedding?”

I didn’t even know he had a video camera – as it turns out he has two. Between the two of us, we ended up with four cameras to shoot the wedding: bride-cam (static), groom-cam (static), Mark-cam (mobile), Me-cam (mobile). The plan ended up being to let the two front cameras capture the entire service from different angles at a fixed point of view; that would be the foundation. Then, Mark and I with our two cameras moved from place to place, capturing whatever looked interesting: reaction shots from the congregation; the ring bearer (cute but precocious kid) handing the ring to the best man; the scripture readings; things like that.

A year ago, I might have called a couple of old friends to help me with this, and I would have been nervous the entire time, wondering if they were capturing what I needed. They’re really good behind a camera, if they have very strong direction, but if you just point them in a direction and push to get them started, they will eventually wander. Their idea of “good enough” is nowhere near mine.

I finally saw his footage after finally getting a card reader and downloading it, and my impression from watching him at the service was correct: he paid attention – very close attention – and captured everything I needed him to. It was like dancing: we each just moved with the “music” of the service and reception in a loose step, me leading, him following from across the room. He even caught some moments I didn’t expect, but were absolutely beautiful choices: a close-up of the organist’s hands for instance.

Adobe Premiere Multi-Camera Monitor

The groom said to us at the reception: “Man, you guys were everywhere and nowhere.” That was the best compliment he could have given us. The priest even thanked us for our discretion at staying unobtrusive.

I learned through this process that Adobe Premiere has a multi-camera feature, where it will place four separate tracks of video into an interface where you can watch them simultaneously and pick and choose your shots on the fly. It saved me hours of time I’m sure.

I’ve nearly done editing. The finished product looks amazing.

Sending credit card information by email

Posted April 7, 2011 by mapsedge
Categories: Biography-History

There’s a lot of discussion on the web on this subject. Most writers recoil in horror from the very thought with the attitude of, “Better to be paranoid than sorry.”

Yeah, I can see it, but only to a point.

Let’s pretend that I’m going to send my credit card info in not one, but three emails: the first email gets the first half, second email the second half, and the third gets the CCV number. In each email I’m going to place the numbers inside blocks of random text. I will assume that the merchant I’m contacting already has my billing address.

I contend that this as safe as sending all that information in a webpage form over an SSL connection.

Let’s examine some points.

According to Verisign in a document published in 2005, approximately 2.25 billion emails are sent per day. Since that document doesn’t track domains such as .edu, we can assume that the number is much, MUCH higher. Let’s say, conservatively, 5 billion. That was six years ago. Assuming a growth rate of 10% (a ridiculously low number), we land on approximately 8.9 billion emails. Each. Day. It is safe to assume that number is much higher.

Let’s say there are one million hackers in the world whose sole purpose in life is to watch emails for credit card numbers. Each hacker gets 8900 emails to deal with: with 86,400 seconds in a day, he has about 9 seconds to process each one. Any good programmer can write a program to do this automatically. We’re not done, yet, though.

Now, the average email takes an average of ten to fourteen steps through various servers before it lands in your inbox. It is extremely rare for two consecutive emails to take the same path. Thus, our hacker will in all likelyhood, not see all three of the emails. That’s okay, though, because some other hacker has the other missing pieces.

Maybe. And even if so, which one (or two) of the million hackers has the other pieces?

Can you see how hopelessly complex this problem is? Working on the theory of diminishing returns, the amount of effort required to harvest one credit card number this way just isn’t worth the effort.

Now, another scenario:

Tonight, I will go out to dinner with my family. When the meal is done, I will hand my credit card to the waiter. He or she will disappear with my card for as long as ten minutes. During that time, that card is out of my control: the waiter can do whatever he or she wants with it. If I’m not otherwise careful online, Facebook or some blog somewhere will divulge my home address – all the information anyone would ever need to steal my identity.

I do this at least once a week without a second thought.

One wonders if the paranoia isn’t a little misplaced.

 

Windows 7: What a disappointment.

Posted November 14, 2010 by mapsedge
Categories: Hardware, Software

So, I got a new computer. The old one, a 6 year old custom built Asus/AMD finally is starting to show its age, and when the power supply gave up I figured it was a good time to get a new system. I called my local computer store, explained what I wanted and signed the work order. It’s a graybox i7 with 12gb ram. Very fast, very slick.

The big question was the OS: Windows XP 64bit or Windows 7 64bit. I’ve used Windows 7 on a virtual machine on my old XP box and really like it (even without the Aero interface, which the old machine wasn’t powerful enough to support.) So I booted up the virtual machine and installed all my work-a-day apps on it: Cakewalk SonarAdobe Premiere and FXHome  VisionLab Studio being the really important ones. Each ran – though the FXHome product has to be run in XP Mode – and so I fired off an email: proceed with Windows 7.

I have since discovered what a mistake that was. Granted I should have done more thorough testing: I only started each package to see if it would run without error, which each did. Now, having done some additional research trying without success to work on a project, I’ve found the following things:

Recording “Stereo Mix” (a.k.a. “What U Hear”) off your sound card isn’t simple any more. On my new PC, it’s simply not an option. A Google search for a fix showed me that many others have had the same problem. The recurring theme was, “It worked fine in XP, but when I upgraded to 7 (or Vista), it didn’t work any more.” Many solutions were tossed out, like upgrading/reinstalling sound card drivers, right-clicking in device properties and checking “show disabled”, none of which worked for me, although I could be forgiven for asking

Why the hell should that even be necessary?

Sorry, I’m a little miffed. Seems to me that for content producers like me and others, this task should be a fundamental assumption so why should we have to work so hard to do it after “UP”grading? Microsoft in bed with RIAA..?

Ya think?

Yes, I can use the stereo mix to record stuff off YouTube…yes, that’s a violation of copyright…yes yes yes yes friggin’ yes. However, there are plenty of legitimate reasons to record the Stereo mix – not the least of which is a mix-down of audio tracks and MIDI-controlled audio output from my keyboard, something I do ALL THE TIME.

Or at least, I used to.

In XP.

Yeah, okay, now that we’re here, there’s MIDI. Same issues: worked fine in XP, doesn’t work now. Even the company that built my PC knew that 7 doesn’t support legacy MIDI interfaces, though they let me choose 7 anyway.

Which is why I’m miffed. No, not miffed. Pissed off.

I’m a user. I don’t build PCs for my living. According to what I’ve read this morning, audio/MIDI issues like the ones I’m facing now were introduced with Vista, so given that track record, my PC builder – who knows me and what I do – should have known about these issues and recommended – no, insisted on – Windows XP.

That I am discovering this now, mid-project, that I will have to take two hours out of my day to take the PC back and have it fixed (twice, if I have to drop it off and then go back), that I will have to reinstall all of my applications, another four hours gone: for all these reasons, I’m pissed off.

 

Installing software

Posted July 22, 2010 by mapsedge
Categories: Biography-History

My partner at work is one of those people who installs every upgrade and always accepts the default installation for any new software. Now, if you read that and thought, “Wow, what an idiot,” then I’m preaching to the choir: go to the Fellowship Hall, grab a cup of coffee and a serving of pie and wait for me, I’ll be there in a minute.

If you read that and thought, “What’s wrong with that?” read on. This article is for you. I’ve got pie waiting so I’ll be as brief as possible.

Remember those days way back when, when software came on CDs, and what it said on the package is what you were installing and that was it?

Now, all the software you could ever want to do just about any task that software can do is just a download and a few mouse clicks away. That’s a mixed blessing, as it happens, and this is the most important part:

Most software comes bundled with other stuff, and if you accept the default install, you’re getting it all whether you like it or not.

It used to be that the bundled software was innocuous, nothing to worry about. Most often, now, it’s yet another browser toolbar you don’t need or want. (Most open source software published under Gnu licensing rules is bundle-free.) Install enough stuff, and your browser will start to look like the picture.

Is that what you want?

Even software I would usually trust right out of the gate, like the anti-virus I just installed this morning, AVG, had the Ask.com toolbar bundled with it.

Remember this one thing, if nothing else: there is no browser toolbar that you need. All “helpers” just provide functions that are readily available in most browsers anyway, slow down your browsing experience, and, usually, report your browsing habits back to the owner, who then sells that information to marketers.

Really, is that what you want?

Here are my hard and fast rules on installing software:

Never, ever, EVER accept the default installation. Always select the “Custom” install.

Never, ever, EVER install any software except the stuff I specifically downloaded and want

It’s so simple, isn’t it? When faced with the choice of “Simple” (or “Quick”) and “Custom”, always choose “Custom.” Do this, and your PC will be cleaner, faster, and your browser window will always be user-friendly.

Creating a Google-Friendly Website

Posted June 23, 2010 by mapsedge
Categories: Business, How-To

Creating a Google-Friendly Website:

As I do this for a living, I thought I’d offer a simple list for anyone who could derive some benefit from the advice.

Disclaimer: the advice I offer here is based upon a great deal of research and personal and professional experience, but lest you misunderstand my intentions, I’m not inviting debate. There are a great many opinions about how Google works since no one outside the company actually knows, and thus you may feel inclined to disagree with my recommendations. Be my guest.  You have a blog of your own, I’m sure.

Late edit: there are some clarifications inline.

Let us begin.

For the record, merely having many visitors to your website isn’t going to help your rankings. Google can’t read your visitor count – nor would you want them to.

To increase your Google ranking, your site needs two things: relevance and importance. In this article I will detail how to achieve both in the eyes of Google.

Step One: decide how you want people to find your site. In other words: if you make flowerpots and want your business to come from Kansas City, then you want people searching on the words “flowerpot” and “kansas city” to find you. If you want flowers in there, too, add “flowers” to your list. People searching for “flowerpot kansas” will also find you.

Note: “flowers” is not the same as “flower”. Google search results will eventually connect those dots, but it will only be after the “flowers” entries are exhausted and so won’t help you. Same goes for “flowerpot” and “flower”. Google doesn’t search in words; not, at least, for results it returns on the first page.

Step Two: make sure your key words are in your TITLE, DESCRIPTION, and CONTENT. Of the three, the last is the most important.

TITLE: A “meta” tag that lives in the head section of your webpage HTML markup.  It appears as the text in the bar at the top of your browser, which is also used when someone bookmarks your page. In our example, the title of the homepage should read something like, “Marvin’s Garden, Flowerpots, Kansas City Missouri. Flowerpots, Flowers, Floral”.

DESCRIPTION: A “meta” tag that lives in the head section of your webpage HTML markup.  It is not visible to the end user: it describes your page in human readable terms. Google displays the description, if there is one, just below the title of the page in search results. It should also include your key words. Something like:

“Marvin’s Garden is a full service nursery in Kansas City, Missouri. We feature flowers, flowerpots, floral and garden supplies for the amateur and professional gardener. Spring flowers are in bloom, so brighten your home and garden today. We have sales going on right now on flower and vegetable seeds.”

In that description I’ve done several things: I’ve gotten my primary key words in there; I’ve added a few more to broaden my prospects; I’ve managed to put each key word in at least once, sometimes twice, and with variations; it’s gramatically correct and reads like normal text; and I’ve added a call to action to the potential customer.

CONTENT: Not a “meta” tag: this is the most important element of the three: the stuff on the pages that people read. Google rates pages based on relevance to the search terms, and it counts relevance by “key word density”, in other words, the number of times a search term appears in textual content on a given page.

The trick is to not over-do. If you write a paragraph where more than, say, 10% of the words are the same search terms over and over:

“We’ve got flowerpots, and pots of flowers, and more flowerpots, with clay flowerpots, and plastic flowerpots, and even metal flowerpots…”

Google will reject that content as being spammy and penalize your site with a lower ranking. The content can read like sales copy, that’s fine, but it must also be reasonable.

KEYWORDS. There’s a reason I haven’t addressed this, the most popular of methods to drive search traffic. The “keywords” META tag is in the same class as the TITLE and DESCRIPTION tags, with one notable exception: GOOGLE DOESN’T USE THE KEYWORD TAG AND NEVER HAS. Neither does MSN. Yahoo! does, but exactly how is hard to determine. Go ahead and fill the KEYWORD tag, it won’t hurt, but don’t count on it.

If you have a retail site where adding content is tough in context, here’s what you do: add links to your homepage to other pages on your site that have that content. When I had Seamlyne.com, I moved my ranking from the middle of page 2 to the first or second link on the first page with one simple change: I added two links to the homepage, an FAQ and a “Fun with Tights” page. On each page, I made sure my key words (tights, codpiece, renaissance) were used at least twice. I also added “news” to the homepage that changed every other week or so.

So, now we have a handle on relevance in Google: if your site is relevant for a key word, that key word will be in the content about 10% of the words. The content will change every so often, so Google assumes the site is active.

Now, to increase your site’s importance, you need back links, which is to say, links to your site from other sites. Set up reciprocal links with like-minded webmasters.

I never back-linked any other site on Seamlyne, especially for other retailers. Once a customer is on my site why make it easy to leave? That’s what my Seamlyne teaching site was for: that sucker was back-linked on at least a dozen sites, and it, in turn, linked to the retail site. I would write articles in Google groups, and make sure to reference the website.

On the subject of Flash:

Don’t create your entire website in Flash. Just don’t. Google can’t read it except under special circumstances, and if your viewers have Flash turned off (I frequently disable it for speed of browsing), they won’t be able to see your site.

Flash is best used for elements on your website – animated headers and such – to make the page interesting, but it should never, EVER, EVER be the whole site.

If you must create a Flash website, you should also create a traditional HTML version and link to using text from your homepage. You must give Google something to follow. Even the Flash official website doesn’t use Flash. That should tell you something.

By the way, all of this applies for websites comprised entirely of images. Just re-read the last section and substitute “images” for “Flash”, and you’ll get the point.

So, how do I know what my site looks like to Google and other search engines?

Easy. Go here: YellowPipe Lynx Viewer

Enter your URL. You will be presented with a version of your website as a browser called “Lynx” views it: all text based, no images, no multimedia. This is by and large what Google sees.

If you’d like to have Lynx on your Windows PC, the best version you can download is here. It’s the Japanese SourceForge site, but the default language for the package is English.

Some random bullets:

Write articles in flowerpot related groups on Google groups, and link back to your website. Better yet, link back to a page on your website where you write in some detail about your article’s topic.

Start a blog on WordPress or Blogspot about flowerpots, and link back to your website. Better yet, link back to a page on your website where you write in some detail about your blog post’s topic.

Finally, stop using “click here” as an enticement to click. Instead of:

To learn more about flowerpots, click here

try

Kansas City gardeners love our flowerpots

Extra credit if you can now tell why that’s better 🙂