Triona's Tech Tips

eWeek recently shared the ten reasons they feel Microsoft must start thinking beyond Windows and Office, and one of the most important is cloud computing. With the success of services like Google Docs and the proliferation of smartphones and tablets, the relevance of traditional computer seems to be fading. Or is it?

In cloud computing, all programs and files reside “in the cloud,” or on the Internet. This means you don’t have to spend as much in hardware, because you don’t need the processing power of a traditional computer. The same data can be accessed from any device that can surf the Web. Even if, say, your smartphone dies, you can still reach your files with another device like an iPad or a netbook.

But there are disadvantages to cloud computing, as I mentioned in a previous Tech Tips article. You don’t know where your files live nor whether they’re secure, and if your Internet or cloud computing service goes down, you’re out of luck. Users of Microsoft’s Office Live discovered this to their dismay recently, when the service went down on two occasions (here and here). As I said before, I personally don’t want to lose access to basic word processing just because some server happens to fail.

For the moment, we’re seeing a mix of both approaches. Most small businesses are continuing to use traditional approaches while exploring new technologies, and I predict that’s going to continue for a while. We’re not quite at the point where people are willing to commit their computing world to the cloud, but we’d better get ready because our world is becoming more mobile, more social, and less private than ever before.

Subscribe free to Tech Tips and receive bonus tips, tricks and product reviews. Click here to subscribe or send email to techtips-request-at-guidryconsulting-dot-com, subject “subscribe”.

I’ve gotten an increasing number of reports from people who either received messages similar to the following, or discovered that such messages had been sent from their email accounts:

Subject: Hello

Dear friend,

i would like to introduce a good company who trades mainly in electronic products, They provide the best service to customers,they provide you with original products of good quality,and what is more,the price is a surprising happiness to you!

The web address: (removed for safety)

If you check online you’ll find reports of this coming from users of Hotmail, Gmail and other email services. There are variations in the scam. Some may cite a different web site, or may have a different subject or message in the email.

If you receive a message like this, the important thing is NOT to click on any links because it will infect your computer with viruses. The same goes for messages you may receive via instant messaging (IM), Facebook, Twitter, or other means. Inform the person who sent it to you by another means (like the good old fashioned telephone) to let them know they have been hijacked.

How can you tell if a message is real or not? If it seems generic, contains no subject or a bland subject like “hi” or “hello,” doesn’t mention you by name, contains spelling, grammar or punctuation errors, or has been sent en masse to a large number of people, those are indications it may be a scam. Ask yourself: Is this the sort of message I would expect this person to send?

If your account has been hijacked, it’s vital to change your password immediately. Here’s some information on how to create strong passwords:

• Triona’s Tech Tips: How To Create Secure Passwords

And here is some more information on what to do if your email account is hijacked:

• Triona’s Tech Tips: What To Do If Your Email Account Is Hijacked

Be sure to scan your computer with your security software. If you’re using free software you should consider purchasing a security software suite. You should also check your email signature and any autoresponders you may have set, as they may have been modified to send malicious links to your contacts. Inform your contacts that your account was hacked and that they should not respond to any scam messages they have received. And you should report the incident to your provider.

These hacks are becoming more and more prevalent. It is absolutely vital that you protect yourself by using strong passwords that are unique for every account, and that you stay vigilant about your computer’s security.

Subscribe free to Tech Tips and receive bonus tips, tricks and product reviews. Click here to subscribe or send email to techtips-request-at-guidryconsulting-dot-com, subject “subscribe”.

My column in today’s Northwest Herald talks about how a professional email address can boost your business. By professional I mean creating a custom domain name (the part after the @ symbol). Many people simply use the email address offered by their Internet providers (ending in @comcast.net or @aol.com), but why pass up the opportunity to get your business name in front of people? A custom address looks more professional and helps you advertise. Setting up your own domain name is inexpensive, and you don’t have to change the way you read your email. Plus, if you change email providers you don’t have to tell everyone; simply redirect your custom email to your new address. It’s like having a post office box that stays constant even if you move.

After choosing your domain name, you register it with a domain registrar. There are many out there, so check online reviews and ask your colleagues for recommendations. Some have better service and prices than others. Domains need to be renewed yearly, although you can sign up for multiple years in advance and often receive a discount. Stay on top of renewal. You don’t want a cybersquatter to yank your hard-earned domain out from under you. Next, you need to choose your new email address and point it to your existing one. It’s common to have an “info” address, like info@mycompanyname.com. You may also want to set up addresses for employees, but be sure to follow the same standard for everyone (e.g. firstname@mycompanyname.com, firstname.lastname@mycompanyname.com) or it may be confusing to potential customers.

Choosing the right name is probably the hardest part of the process. Since many domain names are taken, you want to choose a name that represents your business, but isn’t too long or too vague. Some of the common questions I get on choosing the right domain name are:

• Should I pick a .com domain or a .net domain?
  In general I recommend .com (unless you are an organization in which case .org would be appropriate). A lot of people don’t even look at the last part of the address, assuming it’s .com, so if yours is .net you’ll spend a lot of time reminding people. You can always hedge your bets and register both the .com and .net versions of your domain.
• What do I do if someone else has taken my company name as their domain?
  You probably don’t have much recourse, unless you happen to have the name trademarked (and even then it may be a struggle). Your best bet is to choose a different name. If all variations of your company’s name are taken you could try combining the name with what you sell: mycompanywidgets.com instead of mycompanyname.com. Or you could add the location: mycompanychicago.com.
• Can I use the same domain for my web site?
  Absolutely! In fact this is one of the nice things about having your own domain, it serves for both your web site and your email address. If you don’t have a web site yet, registering your domain reserves that name so you can use it down the road. When you’re ready all you have to do is point your domain to your web site host.
• Can I direct my info@mycompanyname.com address to more than one person?
  Yes. Follow your domain registrar’s instructions. Usually what you do is enter the email addresses with commas between them. Then messages to info@mycompanyname.com will automatically go to those addresses.

Subscribe free to Tech Tips and receive bonus tips, tricks and product reviews. Click here to subscribe or send email to techtips-request-at-guidryconsulting-dot-com, subject “subscribe”.

The FCC recently lost an important ruling on net neutrality. The case concerned Comcast’s throttling of high-traffic users, primarily those using the BitTorrent service to transfer large files. The ruling is a setback for the FCC’s goal of preventing Internet service providers from filtering or blocking Internet traffic or prioritizing some kinds of data over others.

On the surface the case seems relatively benign. After all, why shouldn’t an Internet provider like Comcast be able to prevent users from taking up the bulk of its bandwidth, or offer some premium services at faster rates than others? But net neutrality is important for anyone who runs a small business or uses a home computer.

Imagine you run Mom-N-Pop Widgets, and your biggest competitor is Real Big Widget Company. Without net neutrality, Real Big could use its real big budget and influence to prioritize its data traffic over yours. Your web site might load more slowly than Real Big’s, or might not be available at all to some visitors.

Or, imagine you are a home user trying to get information about a cause that interests you — let’s say breast cancer. But what if drug manufacturers pay your Internet provider so their content is prioritized? You would receive skewed results favoring the drug manufacturers’ solutions over other, perhaps lesser known but valuable options. In other words, whoever has the money will be able to pay to be seen, while smaller entities may be unable to compete.

How about censorship? The incident with Google in China shows how governments or other entities may try to assert control over the Internet. Net neutrality is about freedom of speech as well as fairness in business practices.

Previously, the FCC described the “Four Freedoms” upon which Internet communications law should be based. These were described by FCC Chairman Julius Genachowski in a speech last year:

Network operators cannot prevent users from accessing the lawful Internet content, applications, and services of their choice, nor can they prohibit users from attaching non-harmful devices to the network.

Genachowski added two more principles:

The fifth principle is one of non-discrimination — stating that broadband providers cannot discriminate against particular Internet content or applications.

The sixth principle is a transparency principle — stating that providers of broadband Internet access must be transparent about their network management practices.

If you read the speech you’ll find examples of how these principles have been violated in the past. Without codified rules preventing such abuse, the Internet would quickly devolve into a world of haves and have-nots, and the kind of innovation that resulted in eBay, FaceBook and Netscape could be curtailed.

Naturally, some Internet providers have criticized the FCC’s proposal, claiming such rules are not needed. But, as Genachowski states:

This is not about government regulation of the Internet. It’s about fair rules of the road for companies that control access to the Internet. We will do as much as we need to do, and no more, to ensure that the Internet remains an unfettered platform for competition, creativity, and entrepreneurial activity.

As a small business owner and a consumer, I want the Internet open and available to anyone regardless of how much clout or money they might have. The Internet is vital to global communications and the future of humanity. Let’s not see it reduced to a fraction of its potential.

Apparently the phishing scam that netted usernames and passwords for thousands of Hotmail accounts was wider than previously thought. The latest news indicates that Gmail, AOL, Comcast, and Yahoo! users, among others, may also be affected.

My advice to everyone is to make today Password Change Day. Get out there and change the passwords for all of your accounts. Use a combination of numbers, letters and symbols (where allowed) and be sure to use a different password on every system. Again, you can follow my password tip sheet (PDF) for guidelines on creating strong passwords.

I am often asked, “what does it matter?” accompanied by the protestation, “I don’t have anything important in my email anyway.” I would like to respond that you should care if:

• You want to avoid identity theft. Many people use the same password or set of passwords for all systems. If someone gains access to your email password, even an old one, they will try to use it to get into your other, juicier accounts, like your bank. And they will probably succeed.
• You hate viruses. Most viruses are distributed through compromised computers (called zombies).
• You hate spam. Most spam is sent from compromised computers. Your email address book is a gold mine for spammers because it’s a list of guaranteed good email addresses.
• You want your computer to work properly. Nothing slows a computer down like being zombied (see above).
• You don’t want someone else surfing the Internet on your dime. If you use an email account from your Internet provider, the same password is used both for email and to authenticate you to your provider’s network. If you use a common dictionary word without symbols as the password–shazam! instant access.
• You don’t want to go to jail for someone else’s crimes. Take the above scenario and imagine that the person who’s hijacked your Internet account is dealing in pirated software or child pornography. Unless you can prove it wasn’t you (and that may be difficult), you could be held liable. People committing crimes on the Internet use other people’s accounts for exactly this reason.

Although some people advocate that you not write your passwords down, I say it’s okay as long as you keep the written record somewhere secure, like a locked drawer or safe. (NOT on a sticky note on your monitor or under the keyboard, please!) Excel spreadsheets and other computerized means of tracking passwords are not good ideas, because the first thing a virus will do is check for convenient lists of the rest of your passwords. You might as well hand out your passwords on your business cards. And no, password-protecting the spreadsheet doesn’t work either; those are cake to crack. Properly encrypted password managers do work, but I favor the old-fashioned paper approach, as long as it’s kept out of sight.

It really isn’t that difficult to maintain different passwords on every system. I’ve done it for decades. If we would all follow the basic, simple practice of secure password management, we could cut down on the viruses, spam and other problems that plague us all.

You should also be aware of the kinds of scams that caused these breaches in the first place. Try the SonicWall Phishing Quiz to test your skills on identifying phishing attempts, when a hacker emulates the login page of a site to con you into entering your username and password.

Subscribe FREE to the email version of Tech Tips between now and October 14, 2009 and I’ll send your special gift: a tip sheet on Computer Housekeeping for PC and Mac.

I tweeted (e.g. posted on Twitter) about this also, but wanted to make sure all my Hotmail users know to change their passwords immediately following a breach that resulted in at least 10,000 usernames and passwords being distributed online. It’s likely this is just the tip of the iceberg, so protect yourself by changing your password to something with a mix of letters, numbers and symbols, that is NOT in use on any other system. (Yes, I know, it’s a pain. But what’s more of a pain, multiple distinct passwords or getting your account hijacked?)

You can also see my password tip sheet (PDF) for help on choosing strong passwords.

Subscribe FREE to the email version of Tech Tips between now and October 14, 2009 and I’ll send your special gift: a tip sheet on Computer Housekeeping for PC and Mac.

A recent incident involving Google’s Gmail service and a Wyoming bank highlights the risks of business email and cloud computing.

A Wyoming bank accidentally sent information about 1,300 of its customers to the wrong Gmail address. The bank later sued Google for information concerning this wrong recipient. Google, rightfully, refused, and that’s where it gets ugly, because Google also suspended the account in question (an act that was quickly recinded).

As pointed out by Jim Rapoza of eWeek, among others, this could happen to anybody. How many of us have gotten phishing emails claiming to be some bank or other? We delete them and go about our business, because most of them are spam. Apparently just the act of receiving an email not intended for us is enough to get our email accounts suspended without notice.

This is a good reason not to rely upon free email accounts like Gmail for business purposes. But even using a paid-for email host, such as the one offered by your Internet provider, is no guarantee this won’t happen to you. I recommend you set up a custom domain for yourself (like me at mybusiness dot com). Then, if you do lose access to your email host, be it outage or any other reason, you can quickly establish a new email account elsewhere and forward your custom address to it without having to inform all of your contacts of the new address. Otherwise you could wind up losing business and reputation.

This also highlights the risk of sending confidential data via email. No email is secure, and especially not business email being sent to a freebie account. Confidential data is best encrypted and either transmitted via secured connections, if you have that capability, or sent the old-fashioned way: on a disk. Less convenient, perhaps, but ask Rocky Mountain Bank of Wyoming if the negative publicity was worth saving a few hours of time.

Now, imagine you’re using cloud computing and ALL of your programs and data are on the Internet. Can you afford to lose access to them because of something beyond your control? Is it worth the tradeoff for convenience and a less expensive computer? I’m not sure it is.

Subscribe FREE to the email version of Tech Tips between now and October 14, 2009 and I’ll send your special gift: a tip sheet on Computer Housekeeping for PC and Mac.

If you have a site that is on GeoCities, now is the time to find another Web host. On October 26, 2009, Yahoo will shut down all GeoCities sites. Once one of the most popular destinations on the Web, GeoCities has faded in recent years and now contains many defunct pages. However, some GeoCities sites still contain valid information and/or are referenced elsewhere, so it’s a good idea to have the site owner move valid data elsewhere and update your links accordingly.

When’s the last time you had good service from a large-scale computer store or Internet provider? I’m beginning to wonder, because I’ve witnessed an increasing lack of quality from both.

There’s a particular reseller – I’ll call them Charlie’s Dynamite Wares – which used to be terrific. They stocked just about every part and had fantastic customer service. But slowly, the quality of service began to degrade. It started with a change in sales rep. My dynamite dude was promoted, and I ended up with some joe I’d never worked with before. The first few orders had tiny flaws, nothing major but not the usual top-notch service. But when minor errors became major hassles for my customers, I drew the line.

One client received three brand-new laptops, all with broken wireless out of the box. Another customer went through four print servers that wouldn’t work with his printer, despite our giving the sales rep the exact model. My own orders went wrong, too. I had to physically go to the store to look at one particular part to make sure it was correct – turns out it wasn’t, and I had to wait a half hour while they found the right one. Changing reps made no difference; the entire concept of customer service has been redefined.

So, too, with some Internet service providers. Sneaky fees, unreliable connections and nonexistent tech support equals unhappy customers. Worse, many people have no cost-effective alternatives for high-speed Internet.

Interestingly, it’s my home users and small businesses who are having the most trouble. The big companies, who pay extra for SLAs (service-level agreements), are still getting good service. It’s the little people left in the lurch, the ones who don’t have the cash for a dedicated rep or special support.

On the other hand, there’s my local mom-and-pop shop. The owners are friendly, knowledgeable, and quick to fix anything that goes awry. It doesn’t matter if the part I’m ordering is for a gigantic company or my neighbor’s grandma. Have these larger companies forgotten that all customers are worthy of quality service?