Thursday, May 31, 2007

Why Form Fillers Suck

Google Toolbar. Yahoo Toolbar. Opera Browser. What do they all have in common? No, not the fact that they are all seriously overrated. Besides that.

They all have so-called "Form Fillers," a terrible technology that should have been rejected long ago by the security community. It presents several risks in its use. Not only that, but I don't know of anyone who actually uses these things anyway.

The first problem is that of ID theft through a poisoned website. You visit a site, and it has some fields on it. As soon as the page has loaded, BOOM! Your personal information is entered. Spiffy! But wait. Now the page is doing something. It is sending your personal information back to its server, and you don't even know what this website is!

That reason is why most Form Fillers don't do auto-entering: they rely on the user to click a toolbar button to activate it instead. But this presents a new problem: any program can look at the data that has been entered into the Form Filler without permission and steal the data. Unless the Form Filler stores the info in encrypted format (which can still be broken), you are basically writing all your personal information on a 3x5 card, making 100,000 copies, and taping them all to helium balloons and letting the wind carry them away.

That's why Form Fillers suck.

Disagree with me? Do you use this technology all the time, or do you know something I don't? I would love to hear it. Just click the link below and send me a comment.



Labels: , , , , ,

Thursday, May 24, 2007

How to Get Past Any Censorware

This is not an opinion article, so I will not be delving into the reasons why I oppose censorware (applications that block certain web content). There are plenty of other places to do that.

This is, however, my attempt to get blocked by every censorware program that exists. To do so, I will be explaining in detail how to get past every single web filter ever made.

Step 1: Download this FREE spyware
That's right, we are going to steal your administrator's password and use it to shut down the censorware. To do so, we will be using a free application that is classified as a Keylogger. This means that it monitors the keyboard and records every keypress for later viewing by the spy (in this case you). You can download this free no-nonsense keylogger that doesn't run out (it ain't a trial, it's the full thing) that can hide itself from Windows, logs specific application activity, and uses a hotkey that you specify to unhide it. Click here to download. (A remote proxy is used for security.)

Step 2: Install Perfect Keylogger Lite
Next install the keylogger to a non-suspicious location (don't use C:\Program Files\Perfect Keylogger Lite\). A personal file folder works best (something like C:\Dan\Pictures\PKL\).

Step 3: Set Up The Options
Next, set up the options in PKL: Tell it to run when Windows starts, but start up in Hidden Mode. Set a hotkey for revealing PKL by clicking in the text box that reads "None" and then pressing a series of keys (like Shift-Ctrl-F4). Set a password so only you can open the log. Additional settings are up to you. You may want to tell it to only monitor keypresses in censorware applications by putting "NetNanny" in as a keyword.

Step 4: The Trap
Now you must wait until your administrator comes along to check the censorware and make sure it is working. Alternatively (to speed up the process) you may ask them to add a blocked site to the whitelist, just to get them to enter the password.

Step 5: Check the Log
Tada! You have now learned how to fight fire with fire. Open the log and there it is, your precious password. You may use this to alter the settings of the censorware, shut it down entirely, or even uninstall it from the system!

Hey, I ain't no criminal. I'm just sick of this. Every time my admin changes the password, I know wat it is within two days. It never fails.

Labels: , ,

Wednesday, May 23, 2007

Translation Showdown

Alright, I'm sick of it. People on one side saying "Google Translate rules!" while others say "AltaVista's Babel Fish is better!" I decided to have a less-than-scientific contest to see which service actually performed better.

To do so, I ran a paragraph of correct spelling and grammar through each translator's English-to-Spanish translation, then ran the resulting Spanish text through their Spanish-to-English translators. The results are below.

Here is the original English text I used:
This is a test of a few different language translators. We are placing a block of text in each one, converting it from Spanish to English, then back. If it is very similar, the translation service has been successful.
Here are the results from AltaVista's Babel Fish translator:
This one is a test of some diverse translators of the language. We are putting a block of the text in each, turning it of Spanish to the English, then behind. If he is very similar, the service of translation has been guessed right.
Here is the resulting text from Google Translate:
This one is a test of some diverse translators of the language. We are putting a block of the text in each one, turning it of Spanish to the English, then behind. If he is very similar, the service of translation has been guessed right.
Amazing? I think so. The text is identical, except for one word: the word "one" before the comma in the second sentence (that word may be included or left out depending on personal preference). What does this mean? It means that the translation engines are nearly identical in every way, and that it really doesn't matter which one you use.

So there!

Labels: , , , ,

Monday, May 21, 2007

What Hit Counters are Really For

Lots of webmasters claim that a hit counter's purpose is to let them see how much traffic they're getting. This ain't exactly so. There are plenty of ways to do that without using a hit counter. The real reason people use hit counters is not so they can see how much traffic they get, but rather so everyone else can see how much traffic they get.

So really, hit counters are for showing off traffic.

That said, there are a few nice stat services available. I'm going to look at two of them, StatCounter and Google Analytics.

StatCounter

This is a nice stat service, but gross graphical interfaces make it look less than professional. All the standard services are offered and nothing more (this includes IP addresses, locations, ISPs, browser versions, OS versions, screen resolutions, etc.)

Google Analytics

Aha! Google strikes gold with this one. Everything StatCounter offers is available here, plus lots of cool things like seeing what keywords people searched for to find your site, and plotting hits on a map. Unfortunately, no hit counter code is available.

Labels: , , ,

Thursday, May 17, 2007

Meebo Adds Rooms

Meebo has recently released an updated version of its excellent web-based IM service (which includes support for AIM, ICQ, MSN, Y!, GTalk, and Jabber). The new version has one main new feature called Meebo Rooms. Any user can create or join a Room and chat with other users. These rooms can also be embedded in a flash application on any website.

One really cool feature is the use of Snap.com's previews (also used on this site) to display a website who's link has been posted to the room to the other users without having to actually open it. Cool!

Try out the new features and join the TechTrek room below:

http://www.meebo.com/rooms




AJAX Site of the Week: Meebo, obviously!

Labels: , , , , , , , ,

Monday, May 14, 2007

Music Sharing: Convenience or Corruption?

The music industry seems bent on vehemently accusing the file-sharing community of being thieves and corrupt criminals. Every time they release some new DRM or a statement about file-sharing they refer to the file-sharing community as "music thieves" or some equally toxic term.

What they are failing to realize is that their attitude towards their customers is exactly what drives people to share music. I know because it has happened to me: the music industry has alienated me, and I have found a way to deal with it. It may be illegal, but to paraphrase our founding fathers, nobody should put up with a broken and failing system.

Obviously, a few things need to change before the file-sharing community can be convinced to give the music industry another chance.
  1. Single song purchases. Customers should be able to only buy one song at a time, instead of being forced to buy 11 songs they don't want for the one song they do. This not only helps customers, it forces artists to make better songs, because they can no longer float on their one good song per album: all the songs have to be good.
  2. mp3 downloads. This is a no-brainer. Everyone should be able to get their songs in mp3 format, instead of buying a CD and needing the technical know-how to "rip" the songs off the CD and convert into a format their music players can use.
  3. No DRM or other restrictions. Customers should be able to do what they want with their purchases. Remember when the movie industry thought that the VCR would wreck their business? That's what the music cartels think about mp3's. What they should realize is that if they want to discourage illegal activities, they should make it easier and more convenient to purchase the songs than to copy and share them. Duh.
There have also been a few neat ideas placed forward, and actually used in some cases as well.
  1. Popularity determines price. What this means is, the more people download a song, the more it costs. This not only encourages artists to make better songs, it also encourages customers to branch out, exploring music they otherwise may not have listened to.
  2. Be a mirror, get a discount. It works like this: a customer decides to mirror the songs they have already bought, enabling other customers to ge faster more responsive downloads. In return, the customer gets discounts on future music purchases.
Believe it or not, some music services have actually done some of these things.
  1. Napster. They've got the mp3 downloads, but you have to subscribe, and songs only work on some devices. When your subscription runs out, so does your music.
  2. iTunes. mp3 single-song purchases, but they're loaded with DRM, and won't play on anything but an iPod. This is starting to change, however.
  3. Ares. Ah, the king of file-sharing applications. mp3's, single-song downloads, and no DRM. That's what I'm talking about.
So what do you think? Are music sharing enthusiasts just a bunch of career criminals who have no moral standards, or does the music industry need to step back and assess its policies? Comment below and make your voice heard!

Labels: , , , , , , ,

Tuesday, May 08, 2007

Canning Spam

Spam: it's one of the nastiest and most annoying problems in the information age. Forget junk mail and telemarketers: spammers can cram your inbox with junk without doing so much as clicking a few buttons. In this article I will talk a little about what's being done now, and what you can do to fend off spam.

CANSPAM
It's a piece of legislation intended to stop (or at least curb) the flow of spam. Has it worked? Nope. In fact, the levels of (now illegal) spam have only increased, at an exponential rate, since CANSPAM was passed. We shouldn't be surprised. These are the same folks who don't give a dingo's kidneys if your phone number is on the "do not call" list. These people are the evil greedy money-grubbing monsters we know as "marketers." Laws can't stop them. Cages can't hold them. But fortunately, there are a few things you can do to ward them off.

1. Get Gmail
The most effective anti-spam tool is Gmail. It's true. Of all webmail services available, Gmail has the highest rating for getting rid of spam and keeping the real mail. On top of that, Gmail makes it very difficult for spammers to use Gmail. There are also some tips and tricks that only Gmail offers (we'll point these out a little later).

2. Don't Publish your Email Address
It seems like it can't hurt to post your email address to a chat room or a website. Beware! Spambots, programs that crawl the web and chat protocols searching for email addresses, will find it and sign it up for spamlists. Sometimes these lists of email addresses are even sold to marketers. The trick? Post your email address like this: cubex.de(at)gmail.com, or see the next tip.

3. Embed your Email Address in an Image
The next way to avoid spammers getting a hold of your address is to embed it in an image, like this:

Now only real people can email you, because computer programs are really bad at reading text from images. Get your own here.

4. Gmail Tip: Filter it Out
In Gmail you can make custom addresses for different uses, and have them all come to the same account. For example, I can have each of these email addresses:
cubex.de+techtrek(at)gmail.com
cubex.de+spam(at)gmail.com
cubex.de+box(at)gmail.com
all come to this inbox:
cubex.de(at)gmail.com
Just use your normal email address, add a "+" and a keyword (like "techtrek"), and you may then make a filter in Gmail so that if you start receiving spam to that address, it can just get flushed.

5. Thunderbird
Don't use webmail? No problem. Mozilla's email client, companion to the award winning Firefox web browser, has excellent spam filtering capabilities which are constantly learning and improving with every email you get.

6. Spamato
This easy to use spam filter installs easily, and is totally free. It even won an award from PC World magazine.

7. Disposable Email Addresses
Ever wanted to make a temporary email address, get a confirmation email from a service you signed up for, and then forget about the address? Unfortunately this means you have to sign up for an email address every time, right? Not necessarily. Now you can create a disposable email address easily using dodgeit, which makes it easy to get and forget an email address. Was it blocked by a clever signup service? Try using spambob instead.

8. Spampoison
Remember how we talked about spambots in #2? Webmasters can feed these mindless machines millions of fake email addresses that make the compiled address lists useless. To find out how to add this functionality to your website or blog in minutes, visit Spampoison.

These tips are all good, but the spammers still make money off their trade. If they didn't, they'd be out of business. This means no more spam, no more filters, nothing. This means there is a simple way everyone can help to fight spam: ignore it. Opening it or worse, clicking a link inside it, only proves to the spammers that someone out there can be fooled, and they will keep at it. So the best way to stop spam is:

IGNORE IT, AND IT WILL GO AWAY.

Labels: , , , , , ,