It’s a hit! Two quick things. A reminder about the Internet Archive

and an easy fix to a perplexing Firefox issue.

Yesterday I told you about the Internet Archive. Based on the
emails that are coming in it is quite popular.

If you visited the Archive or used the WayBack Machine why not
share what you found by commenting below.

The second item involves the Mozilla Firefox web browser and the
AVG anti-virus product. Three people who call me for help were
having problems launching Firefox. They would launch Firefox and it
would promptly crash without starting.

After talking to all three it turned out they had all installed AVG
recently. After the install of AVG Firefox no longer launched.

It turns out that AVG is using some called it calls “AVG Safe
Search”. Basically AVG adds a button to your Internet search
results telling you if the site is safe or not. I noticed this Safe
Search while trying to fix my Dad’s machine. We looked in the AVG
preferences, turned of the Safe Search feature and Firefox started
right up like it always did.

If you are having a problem launching Firefox and you use AVG try
disabling the Safe Search. It was the solution for all three of the
people calling me for help.

Have you run into this issue? Leave a comment below and let us
know your experience.

It’s scary. Here you are just looking for information on the Internet and the next thing you know your computer is infected with something nasty. Even worse maybe your computer has become a Zombie on a Botnet. You install programs to combat this and they slow you down even more. What can you do?

First take the obvious steps:

* Keep your virus scanner and operating system up to date.
* Run a firewall.
* Don’t open email attachments unless you were expecting them.
* Scan all email attachments for viruses before you open them.

This week I ran across a couple of people infected with a recent Internet worm called Win32/Conficker. It was surprising because the group we are in is technically savvy. They had the worm and were having trouble getting rid of it. This particular worm targets Microsoft Windows. Microsoft has a good page on how to deal with the worm and what to look for if you think you have it.

The most visible and obvious symptom of the worm is your web browser will not take you to the website you think it should. More specifically you won’t be able to access secure sites like anti-virus updates. You will type in the right address but find yourself somewhere else.

Here is a link to the Microsoft page about the worm. It has links to the software updates you need to protect yourself or someone you know.

http://www.microsoft.com/security/portal/Entry.aspx? Name=Win32/Conficker

If you’ve had experience with this worm or other bad stuff then click this link now and post your comments on the blog:

http://www.tnpcnewsletter.com/blog/

Stay safe out there!

It’s scary how easy is to be snared in an email “phishing” attempt. I have told you how to avoid phishing attempts several times in the past. Now get this – I almost fell for one of these scams just last week.

The particular email that arrived in my inbox claimed to be from PayPal. The subject was “Restore Your Account Access.” Normally I just delete these and go on. This time was different. My PayPal account had been restricted. I was eagerly waiting on a reply from PayPal that access had been restored.

When I saw the email I almost clicked the link. Almost. It is easy to see how people fall for these phishing attempts. What caught my eye and kept me from clicking?

First I took my own advice and just logged directly into my PayPal account. The account was still restricted and there was no new information to be seen.

Second was the very handy “Display Mail User Agent” Extension inside Mozilla Thunderbird. I use Thunderbird for my email and have several extensions installed. This particular extension does one thing – it shows an icon telling you which Mail User Agent (MUA) or email client was used to create the email. In this case it said the email was created in Microsoft Outlook.

None of my official email from PayPal has been written in Outlook. That should have been my first clue. Here is a picture of the false PayPal email along with icon from “Display Mail User Agent”:

This experience brought to mind a local news story from last year. It seems a lady had her eBay account hacked. She was adamant that she never shared her account details with anyone. Then she showed how she only clicks on links in emails from eBay. Obviously she was caught in a phishing scam and didn’t realize it.

What happened with my PayPal account? They restored access the very next day.

You can read a previous article on phishing and how to avoid getting taken here:

http://www.tnpcnewsletter.com/blog/2007/01/10/safer-email-tips/

Be careful out there.

~ Dan

–
© 2007 Dan Butler

Dan Butler is the Editor-in-Chief of TNPCNewsletter.com and the
author of the amazing new book that shows you how to save your
identity, get your email read, and put more time into the things
you really enjoy…

Over the years I have highly recommended the Pegasus email client. I still do if you are an advanced user.

David Harris the creator of Pegasus sent this email that talks about Norton Antivirus flagging Pegasus as a Trojan. It is not. If you use Pegasus and Norton read this note carefully and protect yourself.

The Pegasus Mail web site is:

http://www.pmail.com/

Since a signature update on May 15, Norton Antivirus has begun detecting the Pegasus Mail executable program, WINPM-32.EXE as a trojan horse called “Trojan.Dropper”. The first symptom most people will have of this problem is the deletion of WINPM-32.EXE during a system scan.

Firstly, we wish to stress that there is no trojan horse in Pegasus Mail: the Norton Antivirus program is producing a “false positive” – an incorrect analysis based on poor or erroneous signature information.

Secondly, you will not be able to recover from this problem without first amending your Norton Antivirus installation, since it will automatically delete any attempt to download or reinstall the Pegasus Mail program.

There is a comprehensive thread describing this problem and offering some short-term workarounds on our community web site, here:

http://community.pmail.com/forums/thread/659.aspx

It is our belief that you will get very little technical assistance from Symantec on this issue, but we urge you to try anyway if you encounter this problem. We have instructed our lawyers to send urgent messages to Symantec in an attempt to get this resolved as quickly as possible, but once again, current experiences are not giving us much faith in their responsiveness or sense of moral responsibility.

IMPORTANT: if you suffer from this problem and attempt to reinstall Pegasus Mail (assuming you use one of the workarounds to prevent NAV from deleting it as you do so), you MUST use the “Upgrade” option in the installer in order to retain access to your existing settings and data.

– David Harris –

TNPC Newsletter
by Dan Butler

17 May 2007

Last issue we talked about routers in general and default
passwords in particular. The advice to change your default
password carries over to everything you do. Bank accounts,
online accounts, email accounts, your ISP account and many more.
Always change the default password in any account. You should
also consider your PIN numbers as passwords and change those
defaults.

People have been asking me how secure credit and account
information is online. I still feel that online data is in
general more secure than offline data. Why? It is a numbers
game. How many people online know how to steal your data? A
bunch. How many people offline know how to steal your data? Many
many more.

The difference is volume. An online theft can contains thousands
of accounts at once.

The other major difference is how the stolen data is used.

When your card information is stolen offline it has a higher
chance of being used. Since you will not hear about the “major
security breach” it can be more difficult to figure out where
and when your data was stolen.

I posted three security and privacy related items on the blog
recently. One shows you a graph of the major breaches and number
of compromised accounts. Very interesting. Second some
observations on new laws in Florida concerning selling used
music CD’s. The third talks about the TSA laptop theft. Stop by
and share your comments:

http://www.tnpcnewsletter.com/blog/category/technology/privacysecurity/

This issue Al Gordon reminds me of an article he wrote on how to
secure your wireless network. It complements the article from
last issue. That article is reprinted below.

Next I mentioned a book review last issue and the review never
made it! Oops. That is below also.

Watch for an email soon with details on the Identity Theft
conference call. We will answer your questions in detail and
help you lay a foundation to protect your identity online and
off. The call will be free.

Thank you for reading.

~ Dan

+++————– Visit Our Sponsor ————————–+++

Tired of fighting identity thieves? Tired of all that junk in
your email box? Want to have your messages seen by the people
that matter? “Tame Your Email” reveals the secrets to taking
control of your inbox while leaving the thieves and spammers
out of sight and out of mind.
http://www.TameYourEmail.com/

+++———————————————————–+++

Note: Al gets a little technical in this article. Don’t worry it
isn’t that bad and he does talk about some things you need to
know if you have a wireless Internet connection. – Dan

*Fighting Wireless Traffic Congestion (by Al Gordon)*

It probably wouldn’t surprise you to hear that there was traffic
congestion in your neighborhood, or that you had nosey or
freeloading neighbors. It might be a little surprising to learn
that this was happening with your wireless computer network.

Wireless wonders are proliferating in the home and office like a
herd of silicon-based bunnies. Cordless telephones. Wireless
intercoms and baby monitors. Cordless headphones. Wireless
keyboards and mice. Cordless weather centers. Wireless doorbells.
For more details and photos, please see my supplemental page:
http://www.tnpcnewsletter.com/al/wireless02.html

On top of which comes the spectacular growth of wireless computer
networking. Like so much in the realm of technology, wireless
started out as a rare and expensive product and quickly became
cheap and widespread. So prevalent, in fact, that the market
already is moving from its initial technology (called “802.11b”)
to a newer version (“802.11g”) that is about five times faster.
(There also are “802.11a” products aimed mainly at corporate
users.)

All of these cordless and wireless devices are basically little
two-way radios. Problem #1 is that many of them are occupying the
same set of radio frequencies and interfering with each other.
Problem #2 is that, as with all radio transmissions, anyone with
the right electronic equipment can pick up the signal.

Eric Deming, a Belkin Corporation product manager responsible for
their networking products, says that wireless traffic congestion
“is a problem we see coming, especially from cordless phones.”
Whatever device “has the stronger signal will drown out” other
equipment, he said.

I found this out myself while testing networking products and
experiencing connection problems. A check with wireless
monitoring software disclosed to my astonishment that at various
times of the day, I was picking up more than a dozen other
networks in my condominium building. And some of them had signals
almost as strong as my network’s. Two years ago, I had the
airwaves almost all to myself.

What do you do to deal with the traffic?

The first step, say the experts, is to find the best possible
location for your primary wireless transmitter, called an “access
point.” Most consumers use a “wireless router,” in which the
access point is built into a network “router,” a device that
manages traffic on your network. The access point should be in a
place that’s central to where you will be working, but as far
away as possible from sources of interference. In a home, that
mainly means cordless phones and also microwave ovens.

The next step is to actually read the instructions for your
access point/router and learn how you change its settings. For
virtually all consumer equipment this is done by using your
Internet browser to connect to a control panel built into the
access point. When you get there, you will see that device can be
set to various channels, 1-11. By default, most are set to 6 or
11. So you want to put your access point on another channel – #1
is best, because it has no signal overlap with 6 or 11.

If all that fails, you can add more access points or high-
sensitivity antennas to your network to boost signal strength.
But try the placement and channel-changing techniques first
before you spend the money on additional equipment.

Once you have learned how to change your wireless settings to
improve performance, you want to move on to deal with snoopers
and freeloaders. Another thing that shocked me when I detected
those dozen other nearby networks was that two-thirds of them
were totally unsecured — no encryption (encoding of your
transmissions), not even a change in the factory-provided network
name (called a “SSID,” it usually is initially set to the
manufacturer’s name). You want to change the network name to
something that will let you distinguish it from the others, and
you want to turn on data encryption.

Without encryption, anyone can intercept your data. More
important — because it happens more frequently — anyone can use
your network to get Internet access. Were I less scrupulous, I
could be using one of those other networks in my building instead
of paying a service provider. So unless you have some burning
desire to provide free Internet service for your neighborhood,
secure your system.

(c) Al Gordon.
In addition to his computer interests, Al Gordon is a principal
in the Boston-area strategic consulting firm, Mary Fifield
Associates, www.maryfifieldassociates.com.

+++————– Visit Our Sponsor ————————–+++

Do you have a book inside of you? Ever wanted to share your hobby
with others? Turn your passion into reality. Dan Butler’s latest
book shows you how to quickly and easily get started and have
fun in the process. No fluff or big promises. Take a look here:

http://www.tnpcnewsletter.com/p/quickbiz/

+++———————————————————–+++

*How to Lie with Statistics by Darrell Huff*

Originally printed in 1954 and now into its umpteen jillionth
printing, this timeless classic was reminded to us by TNPCer
Mike L. Mark Twain once said there are “lies,” “damned lies,” and
“statistics.” This is the book that lays out how facts with
figures can be used to pull the wool over your eyes and “prove”
a totally biased point. Faster than a crooked roulette wheel
Huff points out ways to warp the sample study, trick with the
tabulation method, or intrigue with the interview technique. If
you ever thought that statistics were being used to prove up is
really down (and with elections gearing up here in the USA who
hasn’t?) you’ll get a lot out of this book.

Check it out here:

http://www.amazon.com/exec/obidos/ASIN/0393310728/tnpcnewsletter?tag=tnpcnewsletter

+++————- Recommended Resources ———————–+++

My favorite way to look up personal information about myself and
others. I have used it for years. Before you click – know that
the promotional information has a bit more hype than I like.
Get past that and you will find a useful service.
http://zcat.com/qpp/x.php?adminid=8&tid=9

BANABU is 11 simple principles you can start using immediately
and easily share with others. I started applying these
principles earlier this year with myself and my family. We’ve
really enjoyed this and think you will to. Highly recommended.
Find out what BANABU stands for and discover more here:
http://zcat.com/qpp/x.php?adminid=8&tid=35

+++———————————————————–+++

Copyright 2007 Dan Butler
All Rights Reserved.
ISSN: 1522-4422

* We never rent, sell, or trade our email list with others. Your
information is safe.

Here is some interesting data on what is happening to your private information. etiolated.org shows graphs and other statistical data on security breaches. You will find it interesting.

http://www.etiolated.org/