Honest Computer Help

Do you have a Gmail account? Then you'll want to know about gmail address variants.

cmuncy@gmail.com (Chris Muncy) — Tue, 16 Feb 2010 22:58:38 GMT

I got an unusual email today. instead of to jblow@gmail.com , it was sent to j.blow@gmail.com. The first clue to this was a little message that said: (Yes, this is you.) Learn more.

So clicking over to

Receiving someone else's mail

I was dumbfounded!

From the website:

There are three common reasons why Gmail users think they're receiving someone else's mail. Please select the description that matches your situation below.

Your address is similar but has more or fewer dots (.) or different capitalization.

Sometimes you may receive a message sent to an address that looks like yours but has a different number or arrangement of periods. While we know it might be unnerving if you think someone else's mail is being routed to your account, don't worry: both of these addresses are yours.

Gmail doesn't recognize dots as characters within usernames, you can add or remove the dots from a Gmail address without changing the actual destination address; they'll all go to your inbox, and only yours. In short:

homerjsimpson@gmail.com = hom.er.j.sim.ps.on@gmail.com
homerjsimpson@gmail.com = HOMERJSIMPSON@gmail.com
homerjsimpson@gmail.com = Homer.J.Simpson@gmail.com

All these addresses belong to the same person. You can see this if you try to sign in with your username, but adding or removing a dot from it. You'll still go to your account.

If you get mail that seems to be intended for someone else, it's likely that the sender entered the wrong address, just like if you've ever dialed a wrong phone number for someone. In these cases, we suggest contacting the original sender or website when possible to alert them to the mistake.

From Remote.org and Jochen Topf based on RFC 2821 and 2822, the period "." can be used with just a small limit of exceptions:

Allowed in email addresses. Often used for addresses with the format 'firstname.lastname@example.com'. There is one restriction however: Two dots next to each other or a dot at the beginning or end of the local part are not allowed by RFC2822. The reason is that in RFC2822 the dot is used as a separator for tokenizing the mail address. Dots at the named locations would mean an empty token, which is not allowed. Still, there are people who use it. Some MTAs accept it, some don't.

Now you know. If you have a gmail email address, you have more email addresses than you think pointing to the same basic mailbox.

What would happen if you were hit by a bus?

cmuncy@gmail.com (Chris Muncy) — Wed, 03 Feb 2010 15:17:31 GMT

Scenario: You are the only person in your IT department that knows all of the router logins and passwords, all the admin url's to your applications like Spiceworks, GFI Network Monitor, master code to the alarm system, administrator's password, well you get the idea.

It's all safely tucked away in your pc, your wallet, or even in your gray matter.

If that's the case, give yourself a big #FAIL. Information like this should not be only known by one person no matter how important you think you are.

Let's drop this down to a more personal level:

If you became incapacitated, would your spouse have all of the information to access bank accounts, retirement and health benefit accounts, voice mail password?

If not, it's time to make a "Hit By A Bus List"

This list would include but not limited to:

Email account logins
Bank and Investment logins
Password to personal computers
Voice mail passwords
Alarm Codes
eBay/PayPal information
Important phone numbers
People to contact
Online vendor logins and account info

For SysAdmins keep in mind the above plus:

Intranet URL's for applications
ALL passwords
List of favorites from your web browser that are relevant
Business/Vendor contacts
Tasks that are routinely done either manually or automatically.

You can see that these 2 list can overlap and are no where near complete.

In my past job, I had all of this on a cd that I updated every month and gave it to the Controller to put in the company safe in a tamper-proof envelope. At the end of the month, if information has changed, he would get the updated disk and I would destroy the old one. For the house, you do the same but keep it in a safe or safety deposit box.

Its little things like this that not everyone thinks about.

Do you have a need for OCR? (Optical Charactor Recognition)

cmuncy@gmail.com (Chris Muncy) — Thu, 28 Jan 2010 15:25:23 GMT

Every once in a while I come across a printed document that I would really like to scan into my computer for further use, saving, or editing. Well if you have Microsoft Office and the included Microsoft Office Document Imaging Tool you already have this capability.

MODI has built-in functionality to take a tif image, perform OCR on it, then output the results in to Microsoft Word for further editing.

Here are the steps to OCR a tif image:

Take a document, business receipt, packing list, fast food menu, or anything else that has type on it and scan it using your favorite scanning device. As a side note, a lot of graphics programs can take other file formats and convert them to tif images.
Save this scan in a known location as a tif file type.
Go to Programs -> Microsoft Office -> Microsoft Office Tools -> Microsoft Office Imaging Tool and open it up.
Once MODI is open, go to File -> Open -> and browse to the location where you saved your tif image.
Now that your tif image is open, go back up to Tools -> and select Recognize Text using OCR.
An option box will pop up asking you, if you have a multi page tif document, to scan just one page or the entire document.
Once that is complete, go back up to Tools and select Send Text to Word. This will open up Microsoft Word with a new document wit hthe recently OCR scanned results of your tif image.
From here you can save the text and/or do any editing that you see fit. One word of warning: Since OCR is only looking at text, it will loose essentially all formatting. So tabs and columns will not appear on the result as they were in the original scanned tif image.

Can Your Facebook Friends Sink Your Credit Score?

cmuncy@gmail.com (Chris Muncy) — Wed, 27 Jan 2010 02:14:14 GMT

Want more proof that there is a downside to social networking? Look no further than the latest nitwit banking industry scheme to determine your creditworthiness.

InternetEvolution.com blogger Rob Salkowitz recently posted an outstanding summary of the latest data-mining trend: using social networking data to assess credit risk.

If your Facebook friends are deadbeats, it might be harder for you to get a credit card or mortgage, according to a recent report on the banking industry site, CreditCards.com.

That’s right: Some banks are turning to social media analytics firms to help enhance their credit-check procedures by looking at an applicant’s profile, behavior, and associations on sites like Facebook, Twitter Inc. , and MySpace . The theory is that people run with folks who share their values and behavior -- birds of a feather, and all that. You might even say "guilt by association," but that would be unkind.

Salkowitz's source is a news article on CreditCards.com that provides a wealth of additional details. But here's the gist: "The presumption is that if those in your network are responsible cardholders, there is a better chance you will be, too.

"So, if a bank is on the fence about whether to extend you credit, you may become eligible if those in your network are good credit customers."

Lenders are eager to spin this insanity as a legitimate risk-assessment technique. Lending Club executive Rob Garcia, for example, says that a Facebook user whose home address does not match the address on an application "could be a red flag." He also asserts that people who have large networks "get funded two to three times faster than without."

I'm ready to throw a few red flags here myself. The most obvious snag concerns a lender's ability to prove that someone on a social networking site -- or that someone's friends -- are who they claim to be. Most of us know that a Web search on our names will turn up dozens or even hundreds of virtual doppelgangers; without a Social Security Number or other unique identification, how is it possible to tell any of them apart with certainty?

Sooner or later, somebody will realize they were denied credit based on another person's social networking data. Normally, I'm not a fan of rampant litigation, but in this case I can't wait to see a little carnage in the courts.

Let's also consider the fact that lenders want to position this as a "whitelist" technique that can only work to an applicant's advantage. Unfortunately, the data-mining techniques being used here are utterly opaque to consumers, as are lenders' policies regarding how, when, and why they consider this sort of information.

Soon, I'm sure we will see the usual bottom-feeding "credit repair experts" offering to build credit-friendly social networking profiles for a not-so-reasonable fee. The thing is, given the sort of information lenders are apparently mining from these sites, it just might work.

Many people already understand that their social networking activity can draw unwanted attention from employers. Make a joke about taking one bong hit too many last weekend, and you can wave goodbye to that big job interview.

When credit issuers start snooping around, however, it's a different matter entirely. This isn't a question of making common-sense decisions about what you post online. These companies are using actual social networking relationships to make business decisions.

As Rob Salkowitz points out, it is hard to see any way out of this dead-end except through regulation. In the meantime, if you use a social networking site, I suggest checking -- and rechecking -- your privacy settings.

Ultimately, however, the only way to opt out of this sort of buffoonery might be to "opt out" of certain social networking sites entirely.

Source: Matthew McKenzie @ Smart Biz Resource

Setting up Google Search Alerts

cmuncy@gmail.com (Chris Muncy) — Mon, 25 Jan 2010 16:35:53 GMT

(note - you will need a Google account or GMail account to use this feature)

Google Alerts are email updates of the latest relevant Google results (web, news, etc.) based on your choice of query or topic.

http://www.google.com/alerts.

It offers a lot of nifty uses:

* monitoring a developing news story
* keeping current on a competitor or industry
* getting the latest on a celebrity or event
* keeping tabs on your favorite sports teams

Once on the site you will see the following dialog box:

For this example, I want to check Craigslist for a hydraulic Press and have Google Alerts email me when any ad on Craigslist contain those 2 words.

So lets fill in the boxes:

In the first box I enter the words "hydraulic press" followed by the following: "site:houston.craigslist.org".

The phrase "site:houston.craigslist.org" tells Google that I only want to have Google search Craigslist for the 2 words "hydraulic press". If I wanted to check another web site, I would substitute a valid web site after the term "site:"

The "Comprehensive" type search will give you a lot of details.
"Once a Day" will send you an email once a day with your custom search results, if there are any.
"Email length" tells Google how many search results to email you.
"Deliver to" is where you want your search results emailed to.

After you click on "Create Alert", you will typically immediately get an email from Google with results based on their current search database. The following is a result from the above alert:

Google Web Alert for: hydraulic press site:http://houston.craigslist.org

Mills, Lathe, CNC's, Moving Shop
Hydraulic Press, Grinders a lot of tools, If you are needing machine tools to make money don't pass this up you may not kick yourself but the people you ...

Contents of small fitness center
FULL HYDRAULIC RESISTANCE CIRCUIT: Leg Press, 2 Ab/Back Machine, Inner/Outer Thigh, Squat, Overhead Press, Row Machine, Bicep/Tricep, Leg Extension, ...

To manage your alerts once you have created on, go to this link:
http://www.google.com/alerts/manage

Burn your Joomla! Blog feeds with Feedburner

gfeathers@tx-it.com (Gregory Feathers) — Wed, 20 Jan 2010 05:18:18 GMT

If you run a Joomla! website and use it as a blog you probably want to syndicate your article feeds to readers. Unfortunately the core Joomla! system doesn't give many options to how feeds are created. The easiest way to syndicate articles from different sections and catagories is to install the Ninja RSS Syndicator (Formally BCA RSS Syndicator) and burn your RSS feeds with Feedburner. Once you have your feed submitted to Feedburner there are some tricks to make your site function properly and grade correctly as a Blog with Website Grader.

Edit your .htaccess file to redirect the default Joomla! feed url's to FeedBurner:

RewriteEngine On

# Feedburner
RewriteCond %{QUERY_STRING} ^format=feed&type=rss$
RewriteRule ^index\.php$ http://feeds.feedburner.com/FEEDNAME [R=301,L]

Finally edit your Joomla! template and place the following code inside the head tag:

link href="http://feeds.feedburner.com/FEEDNAME" type="application/rss+xml" rel="alternate"

Make sure to replace FEEDNAME with the correct name for your feed.

There you go, your RSS feeds are burned and you can start publicizing your website's content through RSS.

Microsoft readies emergency IE patch to counter public exploits

cmuncy@gmail.com (Chris Muncy) — Tue, 19 Jan 2010 22:06:32 GMT

UPDATE: Here is the official confirmation from Microsoft that an out-of-band patch is coming. No official date yet.

Microsoft has started dropping broad hints that an emergency patch for Internet Explorer will be released very soon to counter targeted attacks and the publication of exploit code for a “browse and you’re owned” vulnerability in its flagship Web browser.

The out-of-band update will be released once the company is satisfied that it has been properly tested against all affected versions of Windows. This could happen as early as this weekend.

The decision to ship the IE patch outside of Microsoft’s scheduled Patch Tuesday releases follows the release of exploit code into the Metasploit attack tool.

The Metasploit code only works against Internet Explorer 6 but there are claims in the security research community that the vulnerability has been successfully exploited on IE7 (Windows Vista) as well as IE6 and on Windows XP.

Source: ZDnet

D-Link issues fixes for router vulnerabilities

cmuncy@gmail.com (Chris Muncy) — Tue, 19 Jan 2010 03:18:25 GMT

Taiwanese firm says flaw could allow hackers to access administrative settings

Router manufacturer D-Link Corp. today admitted that some of its routers have a vulnerability that could allow hackers access to a device's administrative settings. The Taipei, Taiwan-based form said that it has issued patches to fix the flaws.

According to a Jan. 9 blog post from SourceSec Security Research, some D-Link routers have an insecure implementation of the Home Network Administration Protocol (HNAP), which could allow an unauthorized person to change a router's settings.

SourceSec published a proof-of-concept software tool called HNAP0wn that would enable the hack -- a move that D-Link criticized.

"By publicizing their tool and giving specific instructions, the authors of the report have publicly outlined how the security can be breached, which could have had serious repercussions for our customers," D-Link said in a statement.

D-Link said it only appeared possible to hack the routers using the software tool and not just with stand-alone code.

D-Link and SourceSec differed over which models were vulnerable. SourceSec wrote that it suspected that all D-Link routers made since 2006 with HNAP support were affected, but they said they had not tested all of them.

D-Link said the models affected are the DIR-855 (version A2), DIR-655 (versions A1 to A4) and DIR-635 (version B). Three discontinued models -- DIR-615 (versions B1, B2 and B3), DIR-635 (version A) and DI-634M (version B1) -- are also affected.

The company said new firmware updates are being made available across its Web sites.

Source: ComputerWorld

Top 10 Color Laser Multifunction Printers

cmuncy@gmail.com (Chris Muncy) — Mon, 18 Jan 2010 15:59:54 GMT

These efficient workhorses combine color laser printing, scanning, copying, and, frequently, faxing. Ratings and rankings can change due to pricing and technology changes, so check back frequently for the latest info.

These small office all-in-ones from Brother, Canon, Dell, HP, Konica Minolta, Oki, and Xerox range in price from less than $500 to more than $1,200, depending on extra features such as larger input/output trays and duplexing. All handle printing, scanning, and copying in paper sizes up to 8.5 by 14 inches. Some offer fax and Wi-Fi connectivity. You'll find significant differences in print quality, especially for color graphics, and in printing speeds, which range from 8 to 22 or pages per minute for text. Finally, also be aware of toner costs; expensive toner can quickly turn a bargain price on its head.

Continue to article: Top 10 Color Laser Multifunction Printers

Source: InfoWorld

Processor Specifications in Plain English

mike.rigsby@gmail.com (Mike Rigsby) — Sun, 17 Jan 2010 03:09:55 GMT

I do a lot of answering questions concerning computers and computer hardware online and there is one question that has come up more than once. As such, I figured I would include it here in case any of our visitors have the same question.

The question concerns computer processors and what all those terms mean when you see a processor description. CPUs, or Central Processing Units, technically have 12 specifications, including things like Brand, Type, Series, Socket Type, etc. However, honestly, only 3 specifications really matter when it comes right down to it. They are, Frequency, L2/L3 Cache, and FSB, or Front-Side Bus.

Frequency: CPU frequency, or Clock Rate, is the rate that a processor cycles 'on and off' to process incoming requests. It is the biggest indicator of how fast a processor really is. The higher the frequency, the faster the processor processes.

L2/L3 Cache: L2/L3 Cache are memory locations built into the processor that it uses to store incoming requests until it has the chance to process them. This memory type is extremely fast, much faster than a computers RAM is. The larger the cache the better because it means that the processor does not have to go to the RAM as often to pull requests. The reason for the L2\L3 is because some processors have two such cache locations.

Front-Side Bus, or FSB: FSB is the 'bus' that carries the data from the CPU to the Northbridge chipset. The Northbridge controls the RAM and Video Card processing. So, essentially, the higher the FSB speed, the more bandwidth the system has to transport your requests out to the other components of the computer. These specifications are also per core. So, when you find a processor that is Dual-Core, or Quad-Core, etc, these specifications apply to each core individually.

Computer processors are extremely complex devices and the above descriptions are highly simplified. Entire books have been written concerning CPU specifications but hopefully this simplified explanation helps answer questions you may have had about what these terms mean.