JiggletheCable.org

Save Disk Space in OS X: Monolingual

2010-03-11T10:34:00.002-06:00

I am always amazed at how much space the Multi-Lingual files take up when installing OS X (let's not mention the print drivers). So why should I be surprised when I save so much space using this application? It managed to trim off 2.3GB in just a few minutes. That's not a lot in this era of 500GB drives but every little bit helps. That's a whole movie burned to disk!

I know I should be ashamed for using the default install in the first place. Like everyone who gets a new MacBookPro I was a little eager to start using it. The last thing I wanted to do was wait for a new install. Now if it was a new Dell it would be a different story. I have no qualms about booting right from a DVD when a new Dell shows up.

http://monolingual.sourceforge.net/

Thanks Tyler!

Support Stories

2010-02-25T13:25:00.002-06:00

The Daily WTF often has some great stories. Here is one that I can really relate to. Back in the day, I fixed PCs and I remember actually fixing a down machine before discovering I was at the wrong location.

Here are 3 great stories of tech support nightmares.

Problematic Problem (from Ben)
Way back when, I was responsible for doing on-site support for a fairly complex ERP solution that our company sold. My support radius was 100 miles, which meant I was on the road a lot and traveled to places I wasn't all that familiar with. My trusty navigation aide was a compass and a Rand McNally map book. Fancy, online mapping services weren't around yet, let alone super-fancy GPS units.
One day, I was assigned to visit a customer on the far end of my region (99.9999999 miles), first thing in the morning. It meant that, not only would I need to battle rush-hour traffic through the city, but then drive another 60 miles once that cleared. I was not a fan of early mornings, and getting that client on that wintry day meant a 5:30A departure with a 2.5 hour commute.
That morning, traffic was even worse than I anticipated. And to make matters worse, I had a terrible time finding the place. Fortunately, a kind fellow at the gas station pointed me in the right direction, and I was able to ring the client from the nearest pay phone to let them know I was running behind.
When I arrived, everything seemed to be downhill from there. I went to the receptionist, tacked on my visitor badge, headed over to the server room, set my briefcase down, and got to work. Before I could even try logging in, someone walked up to me and said, "hey, I know this isn't really your thing, but I'm desperate, and reeeeaaaallly need some help getting this report for our PM meeting."
It certainly wasn't my thing, but given that I was 30 minutes late, a little goodwill towards helping a company executive could only help. So I followed her to her office and helped troubleshoot the problem. An hour-and-a-half later, we had the report running, no problem. She was thrilled, and I headed back to the server room.
For some reason, I couldn't log-in to the server console, but the generous IT guy helped me past that hurdle by logging in with his credentials. But then I had another problem: I couldn't access any of the servers listed on my sheet. In fact, I couldn't even find a server that looked anything like ours.
I called the IT guy over again and asked him where our ERP server was. He shot a confused look to me, and said that he's pretty sure they don't have an ERP server. I assured him that they did, so he went back and looked into things on his end. Thirty minutes later, he assured me that they absolutely, positively, definitely don't have an ERP server.
We were both utterly confused. And then something dawned on me, and I silently prayed it wasn't true. I pulled out my sheet, showed it to the IT guy, and pointed towards the customer address heading. "That's you guys, right?"
As it turned out, not so much. Our actual customer was down the street, in another un-marked office building.

Problem supply (from Brendan)
Working as a coder for a small company that operates worldwide, I was on the team that deployed a project to China. Now I realize that my English is far from perfect, but dealing with Chinese customers in English has been quite the experience. One day, four months after going live with the new system, I received this mail from our Chinese client:

From: Louis Chang
To: Brendan ******
Subject: Problem supply
_____________________________________________________

Hi Brendan,

Sorry disturbing you. There is a problem with supply programme on the
button. Please advice?

Regards,

Lou Chang

Ah, the lingo of the busisness... I can imagine that you'd have the faintest idea what he was talking about... but don't worry, neither did I. So I replied to him, hoping to get a better description of his issue:

From: Louis Chang
To: Brendan ******
Subject: RE: Problem supply
_____________________________________________________

Hi Lou,

Could you please state your problem more clearly?

Thanks,
Brendan

I didn't have to wait long for his clarification, as his problem seemed to be really urgent.

From: Louis Chang
To: Brendan ******
Subject: RE: Problem supply
_____________________________________________________

There is a problem
with supply
programme on
the button.
Please advice?

Yup. Much better. Thanks.

A Text-Destroying Problem (from Esko Tanakka)
Back in 1999, I was just beginning my career and worked at a small store that built and configured computers for the public. Occasionally, I'd have to answer customer calls and help people with general computing problems.
One day, a man called in and immediately started complaining about how we sell utter crap, that we should take responsibility for our problems, and that he was owed money back because of the problems we caused.
I begged him to calm down and explain specifically what was wrong. He told me that our computer is destroying his text, and that something had to be done. At first, I thought his files were disappearing, but after more investigation, I discovered what his actual problem was: typing text in Microsoft Word overwrote previous text.
I told him that he simply had the INSERT key on, but he insisted that he never pressed that key, and that pressing the key did nothing. Running out of phone-support options, I told him he’d need to bring in his computer. But first, I needed his warranty information.
Well, it turned out that he bought the computer seven years earlier, then had another company install Windows 95 and the Corel Office Suite. After hearing that, I told him that I obviously couldn't take the machine in. That just made him more angry, and he accused me of working for "Satan and his minions", and threw all sorts of other ridiculous insults at me. But then all of a sudden, he calmed down. Apparently, he actually tried pressing the INSERT key (as I asked him to do before), and his computer stopped destroying his text.

Using Route Tables on Windows

2010-02-02T20:27:00.003-06:00

I refer back to back to this article quite often so I thought it would be nice to post it here. It is written so that just about anyone can understand route tables.

Using Route Tables on Windows NT, 2000, and XP

Have you ever had a computer that didn't need to, or more over shouldn't talk to any other computer off campus? Well route rules are a way to accomplish this. Route rules are a common way of only allowing a computer to talk to certain known other hosts. Technically, route rules are a way of controlling your computers ability to talk to other computers outside of it's subnet (we'll get into that more later).

About Route Rules:

The internet is a big place. Most users of the internet (at least in work settings) do not access the. entire internet (say a site in Iceland or Botswana). This holds particularly true for servers, application workstation, and purpose built computers. These types of computers may access only campus, only your department, or only a few users. More importantly, there are no valid reasons that someone from outside the userbase should access them. These are the perfect systems for route rules. There are 4,294,967,296 IP addresses (and thus other possible computers) in the world, and if you only have 10 people that need to access your server you may as well keep the rest out.

For the purpose of this article we will address route rules as they pertain to Windows NT, Windows 2000, and Windows XP (Many other OS's support these in various forms). We will also assume that you have some understanding of how IP addresses, subnets and gateways work.

Route rules are often used for the following reasons

They are fairly simple to use if you understand how IP addresses work
They are quickly configurable and take effect immediately
They can allow you finer control over what other computers can access yours
They are commonly used in a "defense in depth" model as a final way of saying "none shall pass other than..."
They are similar to those used on Unix and Linux boxes so are pretty well understood and familiar to some

This can be a bit complicated as one needs to understand the basics of how IP addresses work. The basic principle is that you define each computer, or group of computers that you want your computer to be able to communicate with. Always keep in mind when using route rules that your computer will not be able to talk to anything that you haven't made a route rule for. So be sure to remember to add a route rule for things like the Microsoft Update Server or you won't be able to get patches.

In order to make "Static" route rules on your computer (i.e. ones that you set), you must first remove the "default gateway" from your network configuration tab. Remember what your gateway is for you will need it later when you add routes. The default gateway on a computer is used to allow it to talk to other computers off it's subnet. By default a windows computer has a route to every host in the world, which is great if you want to browse the web, and terrible if you want to keep out hackers and worms. Simply open your TCP/IP settings windows and remove everything from the gateway box.

Once you have removed your gateway (also known as the "default route") you will not be able to access anything that isn't on your subnet. Your subnet is the computers with an IP in the same range as yours. For example, 129.237.100.1 and 129.237.100.24 share the same IP Octets all the way down to their last octect (everything after the last dot), thus they are very likely on the same subnetwork.

This is important to know in that even once you have removed the default route (in this case your gateway from the TCP/IP settings menu), your computer will still be able to talk to everyone on your subnet. This is becase of a network technology called ARP.. which is a bit more than we'll cover here. Just know that you do not need a gateway to talk to those computers "near you" on the network (for instance those in your building or on the same floor as you) and thus route rules can't add or deny them access to your computer, they are simple talk (with or without a route)

Now that you have removed your gateway you can begin to add back routes to other computers (or groups of computers as you'll soon see). You do this by using the "route add" command.

route add -p 129.237.37.60 MASK 255.255.255.255 129.237.100.254

Lets pick appart the command above. The first part "route add" tells the route command that you want to add a route. The "-p" option tells route that you want it to be persistant. Persistant routes are written to the registry and thus will remain in place after a reboot (or anything else that turns off your network card). This is important because non-persistant routes will be removed at reboot. The next part of the command "129.237.37.60" is the IP address you would like to be able your computer to be able to talk to. In this case it is the IP address of the Windows Update Server we have here on campus (got to have those patches). The next part is a bit tricky, it is the MASK. A MASK is used, along with the IP address you specified in the first part, to make the rule. This is because a route rule can be used to add MANY computers, or just one. Basically, by saying "MASK 255.255.255.255" we have specified that we only want our computer to be able to talk to this one host. The final part of the rule is the gateway. This should be the same number that we removed from the TCP/IP menu. The gateway is the IP address of a device on the network that your computer talks to in order to find it's way to other computers. Think of it as the old style Telephone Operator sitting at a switchboard, without it, you can't talk to anyone too far away.

So in summary, we have told our computer that we want to add a persistant route, to 129.237.37.60 only and we told it to use the gateway in order to get there. Another rule that many people use is to group computers together and add them all at once.

route add -p 129.237.35.0 MASK 255.255.255.0 129.237.100.254

This rule is much like the first, except you'll notice that the IP address and MASK end in zeros. We have told our computer that we would like to add ALL computers in 129.237.35.x to our route list (and thus allowing communication with our computer). This is very handy and why the MASK portion of the command is so important. It says..

129.237.35.0

255.255.255.0

Only.Only.Only.Any

In other words, only allow computers that are in 129, AND only allow computers that are also in .237 AND only allow computers that are in .35, and allow ANY computer that meets all those criteria

Arguments & Examples:

route PRINT

Used to display a list of current routes. This is handy if you would like to debug a rule or to print out rules for documentation (used with a common pipe)

route ADD 129.237.0.0 MASK 255.255.0.0 129.237.100.254 destination^ ^mask ^gateway

Adds a route, this is where the real power comes in. For instance, this rule allows only hosts on campus to see or talk to your computer (you computer also can't see anything off the campus network)

route PRINT 129.237.*

Only prints out the rules that match argument (in this case all on campus routes)

route CHANGE 129.237.39.200 MASK 255.255.255.255 129.237.100.254

Used to change an existing route rule

route DELETE 129.237.39.200

Removes the route defined to this host

Google Toolbar Tracks Your Browsing, Even When Off

2010-01-27T09:24:00.001-06:00

Are we supposed to be surprised? Isn't this what it's designed to do?

Google Toolbar Tracks Your Browsing, Even When Off: "garg0yle writes 'Google's Toolbar is supposed to allow the user to disable it. However, it was discovered by a researcher that it was still sending information even when disabled. A patch is now available, and Google claims this was just a bug, not a feature.'

Microsoft "Zero-Day" Really a "180-Day"

2010-01-22T08:30:00.000-06:00

Doesn't this make it a "180-Day", since they have known about it since September? I never understand why they don't patch these things sooner. If they really knew about it, why the delay? Is there some kind of denial system deep in the bowels of the Microsoft machine?

Threat Level Report on Microsoft's Latest Zero-Day IE Vulnerability

GMail Enables HTTPS by Default

2010-01-13T09:44:00.005-06:00

I've always wondered why this wasn't the case to begin with...

To disable this feature, go to Gmail's settings page, select 'Don't always use https' and click on 'Save changes'. If you can't use Gmail offline when this feature is enabled, try this workaround.

Gmail's HTTPS Access Is Enabled by Default: "Unlike other popular webmail services, Gmail allows you to read your messages using a secure connection by visiting https://mail.google.com. In 2008, Gmail added an option that redirected you to the https version and now this option is enabled by default.

'Using https helps protect data from being snooped by third parties, such as in public wifi hotspots. We initially left the choice of using it up to you because there's a downside: https can make your mail slower since encrypted data doesn't travel across the web as quickly as unencrypted data. Over the last few months, we've been researching the security/latency tradeoff and decided that turning https on for everyone was the right thing to do,' explains Gmail's blog.

Even if this feature is restricted to Gmail, there's an interesting side-effect: if you open Google Calendar, Google Docs, Google Sites and Google Reader by clicking on Gmail's navigational links, you'll use the https versions of those services.

Microsoft Response to Holiday IIS Zero Day

2009-12-30T10:01:00.001-06:00

Here is the response from Microsoft. Looks like they are blaming it on configuration errors.

Results of Investigation into Holiday IIS Claim:

We’ve completed our investigation into the claims that came up over the holiday of a possible vulnerability in IIS and found that there is no vulnerability in IIS.

What we have seen is that there is an inconsistency in IIS 6 only in how it handles semicolons in URLs. It’s this inconsistency that the claims have focused on, saying this enables an attacker to bypass content filtering software to upload and execute code on an IIS server.

The key in this is the last point: for the scenario to work, the IIS server must already be configured to allow both “write” and “execute” privileges on the same directory. This is not the default configuration for IIS and is contrary to all of our published best practices. Quite simply, an IIS server configured in this manner is inherently vulnerable to attack.

However, customers who are using IIS 6.0 in the default configuration or following our recommended best practices don’t need to worry about this issue. If, however, you are running IIS in a configuration that allows both “write” and “execute” privileges on the same directory like this scenario requires, you should review our best practices and make changes to better secure your system from the threats that configuration can enable. Once again, here’s a list of best practices resources:

· IIS 6.0 Security Best Practices

· Securing Sites with Web Site Permissions

· IIS 6.0 Operations Guide

· Improving Web Application Security: Threats and Countermeasures

The IIS folks are evaluating a change to bring the behavior of IIS 6.0 in line with the other versions. In the meantime, they’ve put more information up about this on their weblog.

I hope this helps answer any questions.

Happy Holidays and Happy New Year.

Christopher

*This posting is provided 'AS IS' with no warranties, and confers no rights*

Possible IIS 6 0-day

2009-12-29T23:25:00.001-06:00

News from SANS

Microsoft responds to possible IIS 6 0-day, (Tue, Dec 29th): "Following up to recent diaries 7816 and 7810 and numerous other sources regarding a possible IIS&nbs ...(more)..."

Adobe Warns of Reader, Acrobat Attack

2009-12-15T10:38:00.002-06:00

Adobe Warns of Reader, Acrobat Attack: "itwbennett writes "Monday afternoon, Adobe 'received reports of a vulnerability in Adobe Reader and Acrobat 9.2 and earlier versions being exploited in the wild,' the company said in a post to the company's Product Security Incident Response Team blog. According to malware tracking group Shadowserver, the vulnerability is due to a bug in the way Reader processes JavaScript code. Several 'tests have confirmed this is a 0-day vulnerability affecting several versions of Adobe Acrobat [Reader] to include the most recent versions of 8.x and 9.x. We have not tested on 7.x, but it may also be vulnerable,' Shadowserver said in a post on its Web site. The group recommends that concerned users disable JavaScript within Adobe's software as a work-around for this problem. (This can be done by un-checking the 'Enable Acrobat JavaScript' in the Edit -> Preferences -> JavaScript window). 'This is legit and is very bad,' Shadowserver added."
Read more of this story at Slashdot.

Windows Share Refresher

2009-12-15T10:34:00.000-06:00

I had a rights issue at work recently and it made me read up on Windows rights.

Here is a nice refresher on best practices for Windows Share rights assignments. Believe it or not it's really pretty simple. I think the key is to remember that it's the sum of both the security (NTFS) rights and the share rights that matters. I had an issue with RDP rights vs. share rights that I had to iron out and this answered the question.

Just make sure to tighten up the inherited rights if you use his suggestion on giving Authenticated Users full access to the Share.

Launching a Virtualbox Guest from OS X as an App

2009-12-11T09:55:00.003-06:00

I've been using Virtualbox quite a bit lately now that I have my new MacBook Pro for work. I have the disk space and I need access to Windows for a variety of things.

Anyway, I quickly tired of opening the Virtualbox Application just to launch the machine I needed (it's nearly always the same one even though I have many). So, I poked around in Google and found this great bit of instruction from Mark Bockenstedt.

Basically, you just have to create a script in Script Editor and save it as an Application. Then change the icon (if you want) and drag it to the dock. Here is all the code for the script.

do shell script "vboxmanage startvm Ubuntu"

Very simple, very easy.

Microsoft Security Advisory (977544): Vulnerabilities in SMB Could Allow Denial of Service

2009-11-19T09:55:00.002-06:00

What a surprise... Ok, I was kinda surprised. I guess this is why we have firewalls.

Microsoft Security Advisory (977544): Vulnerabilities in SMB Could Allow Denial of Service: "Revision Note: V1.0 (November 13, 2009): Advisory published.Summary: Microsoft is investigating new public reports of a possible denial of service vulnerability in the Server Message Block (SMB) protocol. This vulnerability cannot be used to take control of or install malicious software on a user’s system. However, Microsoft is aware that detailed exploit code has been published for the vulnerability. Microsoft is not currently aware of active attacks that use this exploit code or of customer impact at this time. Microsoft is actively monitoring this situation to keep customers informed and to provide customer guidance as necessary."

Google Autocomplete

2009-11-13T11:15:00.002-06:00

Recently I started seeing a lot of these and it intrigued me. So I tried my own and discovered how easy (and addicting) it can be. I quickly discovered there is a blog dedicated to Google Autocompelete (AutocompleteMe.com).

Microsoft Steady State

2009-11-12T12:43:00.000-06:00

For years I have replied upon the Faronic's product, DeepFreeze, for supporting public computer labs. Recently I found Microsoft Steady State and it looks promising. One of the problems I recently ran into with DeepFreeze was the lack of interaction with the operating system. This can be good in some cases but bad in others. I am hoping that Microsoft has solved some of these issues Steady State seeing as they have pretty good access to the code. Hopefully I can post some results here when I get the chance.

Online Charts and Diagrams

2009-11-12T10:36:00.001-06:00

Lovely Charts is a great online resource for creating a number of quality online flowcharts, network diagrams and the like. The free account allows you to save one project on the site. You can still create new projects and save/export them as much as you like. You can only save one though. If you update your account (for a very reasonable fee) you can save many projects and edit them online.

It's a very useful tool for those of us who rarely dabble in the art of network diagrams and flowcharts but sometimes need a graphic to support an idea to upper management. Let's face it, Visio just isn't worth it and there are few substitutes. This is a great one.

Microsoft Security Tools

2009-11-10T15:23:00.003-06:00

My thoughts here exactly. I'll be the first to tell you that I dislike third party utilities. This article from LifeHacker really hits home for me (of course I primarily use a Mac but there are certainly Windows PCs in the house). With a little common sense I see no reason why people would need third party AV tools anymore. There was a time when you couldn't do without some type of AV software. But let's be honest, Windows has come a long way.

Malware Can Download Child Porn To Your Computer

2009-11-08T17:07:00.002-06:00

This is pretty scary stuff. I guess it's nothing we should be surprised about though.

Malware Can Download Child Porn To Your Computer: "2muchcoffeeman writes "The Associated Press tells the story of Michael Fiola, a former Massachusetts government employee who was arrested in 2007 after child porn was found on his state-issued laptop computer. He was eventually cleared of all charges after some digging by the defense found that the laptop was infected with malware that was 'programmed to visit as many as 40 child porn sites per minute — an inhuman feat. While Fiola and his wife were out to dinner one night, someone logged on to the computer and porn flowed in for an hour and a half. Prosecutors performed another test and confirmed the defense findings. The charge was dropped — 11 months after it was filed.' The article also discusses the technical aspects of how it could happen and about similar cases in the United Kingdom in 2003."

Home Wiring HowTo

2009-11-06T10:26:00.001-06:00

Here's a little help on the Home Wiring front. We recently moved into a new house and I've been meaning to run some cable over to the new TV cabinet. Now I have some encouragement.

You've ripped a movie on your laptop, and now want it on that fancy new home theater PC next to your TV. If you've got the time, wiring your house with Cat-5e cable could make transfer times a distant memory.

Instrucables user Rogue Agent gets into the nuts, bolts, studs, and boxes needed to wire a house with omni-present cable in a fairly professional manner. The tutorial is based on setting up an actual cable switching box on a server-type rack. For those who just need to run cable from one room to another, the tips on finding, mounting, and securing cable through the walls, without your home looking like the scene of a sledgehammer party, are just as helpful.

Have you taken the dive into home cable networking? What guides, tutorials, or tips do you wish you'd known from the start? Tell us, and share the links, in the comments.

How to Wire Your House With Cat-5 (or 6) For Ethernet Networking [Instructables]

Google Dashboard - For all your Google Settings

2009-11-05T11:46:00.002-06:00

I never really thought it was hard to manage this stuff before. Perhaps I will find something new. Still this is a great idea for heavy Google users.

Transparency, choice and control - now complete with a Dashboard!: "Posted by Alma Whitten, Software Engineer, Yariv Adan, Product Manager, and Marissa Mayer, VP of Search Products and User Experience

(Cross-posted from the Official Google Blog.)

Today, we are excited to announce the launch of Google Dashboard. Have you ever wondered what data is stored with your Google Account? The Google Dashboard offers a simple view into the data associated with your account — easily and concisely in one location.

Over the past 11 years, Google has focused on building innovative products for our users. Today, with hundreds of millions of people using those products around the world, we are very aware of the trust that you have placed in us, and our responsibility to protect your privacy and data. In the past, we've taken numerous steps in this area, investing in educating our users with our Privacy Center, making it easier to move data in and out of Google with our Data Liberation Front, and allowing you to control the ads you see with interest-based advertising. Transparency, choice and control have become a key part of Google's philosophy, and today, we're happy to announce that we're doing even more.

In an effort to provide you with greater transparency and control over their own data, we've built the Google Dashboard. Designed to be simple and useful, the Dashboard summarizes data for each product that you use (when signed in to your account) and provides you direct links to control your personal settings. Today, the Dashboard covers more than 20 products and services, including Gmail, Calendar, Docs, Web History, Orkut, YouTube, Picasa, Talk, Reader, Alerts, Latitude and many more. The scale and level of detail of the Dashboard is unprecedented, and we're delighted to be the first Internet company to offer this — and we hope it will become the standard. Watch this quick video to learn more and then try it out for yourself at www.google.com/dashboard.

New Blogger Template

2009-11-03T17:46:00.003-06:00

Well, I went to back up my blogger template the other day and ended up installing one of the default templates instead (stupid blogger interface). Anyway, here it is... I like the two right-side columns more. It isolates the articles on the left and allows for easier reading (not that anyone actually reads this blog).

Replacing CSPrint

2009-10-29T21:52:00.003-05:00

I will have the joy of replacing the aging CSPrint product over the next few months. I need to start tracking down some alternatives. While I am delighted to get rid of the ailing print charge-back software, I am not looking forward to the process. We have numerous printers used by many different departments. Coordinating things will not be easy.

CSPrint, a product of the CBORD Group, Inc., allows charging for printing using the Campus Card System also from CBORD. We have been using it for years but the company will no longer be supporting it (it hasn't been updated in years).

So I am off to search-engine-land to look at my choices. I know of the Papercut software and it looks promising. Hopefully something will be an easy learn fall right into place. If anyone has any suggestions, please let me know.

Gmail Security Tips

2009-10-29T21:50:00.003-05:00

Here are some great tips for Gmail account security from the GMail Blog. I think the last one is really important. There have been numerous cases in the media recently about free email accounts being compromised using "security questions". At the very least, make sure you have a reliable backup email account listed for password recovery.

Gmail account security tips: "Posted by Sarah Price, Online Operations Strategist

As part of National Cyber Security Awareness Month, we recently posted about how to pick a smart password. Having a strong password goes a long way in helping to protect your data, but there are a number of additional steps you can take to help you keep your Gmail account secure:

1. Remember to sign out. Especially when using a public computer, be careful to sign out of your Google account when you're finished. Just click the 'Sign out' link at the top right corner of your inbox. If you're using a public or shared computer and want to be extra thorough, you can also clear the browser's cache, cookies and history. Then, completely close the browser. On your personal computer, you can also lock your computer with a password-protected screensaver if you need to step away momentarily. Learn the best ways to lock your screen in Windows or in Mac OS X. Forgot to sign out? Open up a new Gmail session on another computer and use Gmail's remote sign out feature to close any sessions that might still be open elsewhere.

2. Be careful about sending certain sensitive information via email. Once you send an email, you're no longer in control of the information it contains. The recipients, if they so choose, could forward the email or post its contents in a public place. Even if you know and trust the people you're emailing, that information may become exposed if their accounts become compromised or they get a virus on their machines. As a rule of thumb, should you need to provide a credit card number or financial account number to respond to a message, provide it over the phone or in person — not over email. And never share your password with anyone. Google does not email you to ask you for your password, your social security number, or other personal information — so don't send it!

3. Enable 'Always use HTTPS.' Any time you visit a webpage, your computer needs to send and receive information across the Internet. HTTPS is used to encrypt data as it is transmitted between computers on the Internet, so look for the 'https' in the URL bar of your browser to indicate that the connection between your computer and Gmail's servers is encrypted. We use HTTPS on the Gmail login page, and you can choose to protect your entire Gmail session with HTTPS as well. HTTPS can make your mail slower, so we let you make the choice for yourself. Open Settings and choose 'Always use HTTPS' on the General tab if you want to turn it on.

4. Be wary of unexpected attachments.To help protect you from viruses and malware, Gmail automatically scans every attachment when it's delivered to you, and again each time you open a message. Attachments you send are also scanned. That said, no system is foolproof, so if you happen to get an email from a friend with an attachment you didn't expect, don't be afraid to ask the sender what it is before you decide whether to open it.

5. Make sure your account recovery information is up-to-date. Your account recovery information helps you regain access to your account if you ever forget your password, or if someone gains access to your account without your permission. We currently offer several paths to account recovery. Every Gmail user must select a security question and answer — be sure to choose a combination that is easy for you to remember, but hard for others to guess or come across by investigating. Don't choose a question like "What is my favorite color?" as others may easily guess the answer. We also encourage you to provide a secondary email address and/or a mobile phone number, so we can send you a link to reset your password if you lose access to your account.

The Risks and Rewards of Warmer Data Centers

2009-10-22T09:44:00.002-05:00

I've always wondered why it had to be sooo much cooler in there... What's the difference between keeping it at 68 degrees compared to 80? As long as things don't over-heat? I guess the colder it is, the more time you have when things start to fail?

The Risks and Rewards of Warmer Data Centers: "1sockchuck writes 'The risks and rewards of raising the temperature in the data center were debated last week in several new studies based on real-world testing in Silicon Valley facilities. The verdict: companies can indeed save big money on power costs by running warmer. Cisco Systems expects to save $2 million a year by raising the temperature in its San Jose research labs. But nudge the thermostat too high, and the energy savings can evaporate in a flurry of server fan activity. The new studies added some practical guidance on a trend that has become a hot topic as companies focus on rising power bills in the data center.

GMail Student Migration Glitch

2009-09-21T12:56:00.001-05:00

Not good for Google. Even a little bad publicity in this arena is enough to prevent people from going this route.

"Going Google" Exposes Students' Email: "A ReadWriteWeb piece up on the NY Times site explores the recent glitch during the move of a number of colleges onto Google's email service that allowed a number of students to see each others' inboxes for a period of more than three days. Google would not give exact numbers, but the article concludes that about 10 schools were affected. "While the glitch itself was minor and was fixed in a few days, the real concern — at least at Brown — was with how Google handled the situation. Without communicating to the internal IT department, Google shut down the affected accounts, a decision which led to a heated conversation between school officials and the Google account representative. In the end, only 22 out of the 200 students were affected, but the fix was not put into place until Tuesday. ... The students had access to each other's email accounts for three solid days... before the accounts were suspended by Google. Oddly enough, this situation seems to be acceptable [to Brown's IT manager, who] 'praised Google for its prompt response.' (We don't know about you, but if someone else could read our email for three days, we wouldn't exactly call that 'prompt.')"