Safe Computing on a Budget, Part 2: Know what you download

In the previous post, we changed our browser to Google Chrome. This will help prevent a lot of the slowness and security exploits in other more popular browsers. Today, we're going to discuss knowing what you're downloading, which seems like common sense but can be hard to verify if you're a computer novice or you find yourself downloading certain types of files often.

Know Your Source

Don't download everything. It's not always necessary to do so. but when you do, make sure where you're getting the file is legitimate. How do you do this in a vast sea of web sites? Despite the immense number of sites available, very few actually host files. Downloads can take up server space that site owners typically have to pay for, so they choose to host their files in the same place as everybody else. This equates to a finite but still large number of legitimate sites.

The best way to know where you're getting your file from is to look at the bottom of the screen when you move your mouse over a link or button:

The address to the next place you will go to get the file is listed here. It can seem arbitrary, but the main part you need to look at is the address of the web site, which is the first part of the link (everything before the ".com" or ".org" or whatever) called the domain. You can actually open a second window and open this first part of the address to see where it goes. Does it go to a place you recognize?

It complicates things when a web site owner uses multiple addresses for different functions, like CNET using dw.com.com for its download pages and files. This server, if you went to it directly, shows nothing. It would look to a novice like it's something bad, but it is used by a reputable company. The second thing you might want to do is check the owner of the site by using "WHOIS" search.

Who.is is my favorite of these types of search sites but you can use most services you see when searching "whois" in Google. The function here is to see who owns the domain. Because one business can own another, you are looking for something that identifies the web site as owned by someone you expect it to be owned by.

In this example, we see that the owner of dw.com.com is CBS Interactive, Inc, which is somewhat arbitrary to someone who doesn't know who CBS Interactive is. However, we do see that the person to contact has a CNET address, so it should be legitimate (most hackers and scum won't ask you to send inquiries to a major company, because having that information on WHOIS means that company may have some legal control over its ownership).

You can do this your first time, and as long as you're going to the same place each time, you shouldn't have to go back and check WHOIS each time. If the domain was "dw.com.ru", which would be a Russian domain, or "dw.com.co.uk", which would be a British domain, you can decide if you should really be going out of the country for your file and act accordingly. The WHOIS should show the same information if owned by the same company. If it shows some random person with contact info that does not seem legitimate, be cautioned when going there.

Know the Sender

Email is not as common to contain viruses because less people use software like Microsoft Outlook for their email. Attachments in places like Yahoo! Mail or Gmail are often scanned by the provider, and many harmful extensions (detailed below) are denied being downloadable so their clients are not infected. However, some viruses still get through.

Don't open attachments from people you don't know, and verify that people you do know actually purposely sent you any attachment you didn't ask for. Some attachments are sent automatically or have been spoofed by a sender to look like your friend when it was really sent by someone else. And don't use "Reply" to ask a sender to verify themselves, as emails can reply to a different email address. Always type a new email with the original sender's email address.

Instant messaging is also potentially unsafe if a friend sends you a file. Don't open anything sent by a stranger; don't even accept the file transfer.

Know Your File Type

There are tons of types of files, PCs determining the type of file by the extension used (the letters after the dot in the file name, like ".exe"). Viruses are not present in many types of files because they are not "executable", meaning they don't create commands that the computer must follow to use the file. Items with extensions like .jpg, .png, .mp3 and some other media files are not likely or sometimes impossible to carry a virus.

Fileinfo.com discusses common file types and their uses. Use it as a reference to find the kinds of files you want, and know if the file you're downloading has the right extension.

However, the reality of the internet is that it always changes. And the internet community has seen viruses hide in all sorts of files, and new viruses are created everyday.

Treat all files the same is my motto. I scan everything I download from any source I don't know intimately, or at least have an active virus scan that can catch things before I open them. This is especially true for any .exe, .zip, .rar, .pdf, .epub, .mobi, .msi or .7z files that are common to include viruses if not from a well-verified source.

Know that double extensions,which can look like .exe.vbs or .jpg.c, are likely to be a virus in disguise. Hackers expect novices to not notice the extra letters, figuring it's some sort of enhanced version of a file type they know. Unless you know for sure the file should have a double extension like this, don't open it, and delete it immediately.

P2P and Torrents Are Plagued

Anyone who has used ThePirateBay.se or other torrenting sites, or used a peer to peer (P2P) networking software to download files from other people will have heard of or have experienced a virus being carried by the files shared. It doesn't seem illogical to assume when you're doing something illegal you will probably run into other criminals who want to mess with you. You also can't trust someone else's computer to be virus free if they're not a corporate server or a high-level tech geek.

Assume everything you download from torrents is potentially infected with viruses, whether you're pirating movies or finding legal free stuff from collections shared by others. Scan everything, verify all files, and don't download anything you don't know how to open. Don't even trust common safe file types like .jpg.

Torrent sites like ThePirateBay.se also have comments posted by other users. It is important to read these comments before downloading anything from a torrent because they will tell you if someone else caught a virus or if it's not the real thing. Communities like this try to tell each other when to beware. If you are active in these communities, give feedback when you can.

Please note: Pirating songs, movies, software or other copyrighted or patented material is illegal and you can be fined or jailed for engaging in communities that traffic this kind of contraband. These are considered black markets, and on top of virus possibilities you should consider the legal ramifications of your actions before choosing to download something that you don't own.

Use Common Sense!

You get an email from a friend that has some kind of general note in it like "This is so funny I almost died laughing" and that's it, but it has a file you have to download to view. Is something so funny you risk infecting your computer and losing your data? Or could you let your friend know you aren't opening that stuff unless they give you more details about what they're going to see, and add something that verifies it's really from them? Common internet courtesy for emails, file sharing and the like is to make sure there's a way you know who it's coming from and what's in the file. If you don't, you might as well delete the email or pass up the file sharing link until you can.

Only download stuff if you know it's really what you want. One of the most common mistakes made by people who constantly get viruses is to download items that say they're something the person really wants, like a cute game or, inevitably, porn, but the file they download uses those popular past times to lower the person's sense of security so they won't scan it beforehand and make sure it's safe.

And speaking of porn, for the sake of your security and family sanctity, find a better use of your friggin' time! Porn really isn't that exciting. Half of it is hilarious, and the other half is gross. But most video and photo downloads that are freely distributed have a higher potential than any other kind of software to contain something harmful, annoying, destructive or curious about your personal data. I have fixed more computers damaged by people who got porn viruses than any other kind of infection. You really want to see people having sex? Get a subscription to a porn site or go to your local smut shack and buy a DVD.

Now that we've covered that...

In the next installment, we will discuss virus software and what I suggest to use to scan and protect your system.

Apple products are less likely to have viruses. Is tax time the right time to switch?

Have questions or concerns I haven't covered yet? Ask in the comments below!

Safe Computing on a Budget, Part 1: Get a new browser

The top question I get involving computers is how to avoid viruses. I've had a computer in the house since 1994, been online since 1995, designing web sites since 1996 and had almost no viruses in that timeframe. What? Wait... did I just write that correctly? Almost no viruses? Well, I can't say never, but they've been few and far between. Never had my identity stolen, never had my computer hacked into. And I am not running state-of-the-art computer software by any means.

(Please note, this is not a challenge to would-be hackers. I know I'm mainly just lucky. The end.)

One of the reasons I keep relatively virus free is because I take a step-by-step approach to using the internet. And I have several free tools that, along with good practices, keep me relatively virus free.

Keep in mind I have found viruses on files I've downloaded. No one can say that they did something to avoid downloading viruses. Even CNET's Download.com, one of the longest-running free software servers in the internet, has let some slip by in uploads that had new viruses their own software couldn't detect. It happens. But there is a difference between "downloading" a virus and "getting infected by"a virus.

In this multi-post series I will outline my setup, and I suggest trying this to reduce your risk of infection. Please note I spend no money on these items at all, but some have a paid version that does have some nifty upgrades you could look into if you are so inclined.

First line of defense: Google Chrome

They like to claim otherwise, but both Internet Explorer and Firefox have exploits and functionality deficits that make them more susceptible to attacks from rogue web sites and overall slower to respond. Here's how it usually works in terms of getting a virus from just looking at a web site:

1. You click on a link or type in a web site.
2. That web site is run by a "black hat", or computer hacker that distributes harmful viruses. Sometimes you can tell by the way the link is read like "http://www.yahoo.nwp1.com/, which kinda looks like yahoo.com but is obviously different). But sometimes the web site is legitimate and has itself been hacked by this distributor of evil.
3. The web site looks for a way to save a file on your computer, which is the only way it can get in. Unless you download it yourself on purpose, files saved to a computer are limited to image files (most of which cannot contain viruses), text and "plugins" such as Flash, Java or otherwise that run multimedia content or provide specific computing functions.
4. The hacker will usually hide the virus in a plugin, which is used by the browser (IE, Firefox, Chrome, Opera, Safari, etc) by downloading a file into a temporary part of your hard drive to help speed up the use of the media.
5. Once the file is saved, it uses how the browser opens the file to launch the virus and start the infection.

This seems like a long process, but it can happen in a matter of seconds. To their credit, browser developers have secured their browser software to prevent these kind of exploits, but there are specific functions of ActiveX, a plugin specifically used on Internet Explorer, that allow functions that can seriously compromise your security, usability and functionality of your computer.

One of the first things I did after I heard that there were other browsers out there was to switch from IE to Firefox. I used that for a long time, and in designing web sites I made sure Firefox users could see my web sites clearly. However, it also had the ability to install browser bars and other plugins that, as well, had exploits hidden in them. It also uses a lot of memory and has processing bottlenecks that cause it to run a lot slower than other browsers. I have admittedly not used it much, but my wife does still, and has had to shut down Firefox so she can run things like media streams without issues.

One of the most common source of viruses today is browser bars, those add-ons that give you a bar at the top of your browser that searches for you, gives you smiley faces in your emails or claims to give you faster browsing speed. These things are not only crapware but potential security risks because they load every time you load your browser. IE and Firefox are notorious for people purposely or accidentally installing browser bars that either stop their internet browsing cold or cause other infections on their computer.

Google Chrome has been historically very clean, a side effect of being based on Apple Safari and its simple yet secure structure. More recently they have allowed the use of "extensions" that give it more functionality, and that can sometimes also be a source of break-ins. So just keep Chrome the way it is and you shouldn't have much to worry about. Chrome even links up with major security indexes and warns you if you're going to a site that has been reported as harmful or dangerous.

Opera, which is another browser software with a smaller following, has also been quite secure but has historically had functionality issues with some web sites. The problem with Opera is that many designers of web sites do not test their site in that browser, which can cause unwanted display problems like images being in the wrong place or text being the wrong size. Many sites suggest using IE or Firefox because of their high level of adoption among internet users. Chrome, the basis of Google's new Chromebooks, is well tested and compatible with almost all web sites. However, I use Opera Mobile on my phone as a much better alternative to Android's built-in browser.

Ultimately the use of these browsers is up to you as to which one will feel most comfortable and do what you want it to do. I just urge you to stay away from Internet Explorer.

Changing your browser is not, in itself, going to keep you from contracting viruses. In my next post, we discuss the reason even Chrome extensions are sometimes bad and what is even more important that finding the right browser: knowing what you're downloading!

While you're at it, check out this good starter laptop for any age of student!

Hack All The Things: Kid-friendly music from Pandora

Morgan gets way to much attention on this blog. I want some attention too. I'm going to start posting some good family hacks for us low income families who are trying to make it and still want to be tech-capable or need to fix something quick.

First hack: Kid Friendly Music Time
Needed: Pandora and Pandora-capable devices
Also Featuring: K9 Web Protection

I don't like paying for music when I'm a broke dad. It makes me feel like I am spending money on a past time for their ears rather than food for their mouths. But I don't like the radio. There are too many mixed content bags on broadcast radio where you could be listening to a perfectly kid-friendly song then get something like Katy Perry's "Last Friday Night". No one wants a 4-year-old asking, "What's a mhuna-mhuna (ménage à trois)?"

Here comes Pandora! I have offered to have a computer in each of the kids' rooms equipped with K9 Web Protection so I can block everything but what I want them to see online. I can also stop the internet entirely after 8pm so they have to go to bed or suffer boredom. I setup Alayna's email address with Pandora, and set the Explicit Content Filter to "No" (Settings > Account > Explicit content filter) with only my email address able to remove it. Now whenever she goes into a Pandora-enabled app (Pandora.com, Pandora on Android, etc), she cannot receive explicit content. Beyond that, I told her I will remove any radio stations I deem inappropriate and she will be grounded anytime I find one. I have also agreed with her and Aiden that no radio stations are added without my knowledge. If it becomes a problem, I have another hack that can prevent them from changing anything on Pandora.com when they're on the site (sometime I'll show you how to do that).

My fav stations for the kids right now are:

• They Might Be Giants (Children's)
• Laurie Berkner
• The Aquabats (Children's)
• Caravan Palace
• Beats Antique
• Flogging Molly
• Children's Indie (Genre)
• Children's Folk (Genre)
• Family Folk Songs (Genre)

There are plenty of others. You'll have to find the ones you feel are appropriate. Remember that the explicit content filter will not go through a song and deem it unsuitable if it has questionable subject matter, such as kissing same sexes or smoking and drinking. It leaves out swear words or removes songs flagged as explicit, which is not always the same as your own definition of "explicit".

For rooms without a computer, use the Pandora Android or iPad app on your phone or tablet. You can also use a streaming media player, like the Netgear NEO TV Streaming Player:

These boxes replace your cable or satellite box, or complement it, depending on what you like to watch. This is also a great streaming source for Netflix, Hulu Plus and YouTube, but the main function here is Pandora Radio. Roku was one of the first to make a commercial streaming player to rival cable/satellite television. I often recommend Roku streaming players over other brands.

You can even get Pandora in your car to provide family friendly audio entertainment on long drives. With four rambunctious kids, I expect at some point to get a deck that streams Pandora myself. But instead of spending $100+ on a car audio deck to play Pandora, why not use your iPhone or Android smartphone powered by the Pandora app and use an FM transmitter to send Pandora audio straight to your radio in your car, regardless of brand or connections?

Connect this to the headphone jack on your phone and use the MP3s you load onto it or Pandora to keep the kids interested in something other than fighting with each other all the way to grandma's.

It's this kind of stuff that keeps us sane. It does not have to cost a whole lot either; often you can use what you already have if you don't need radio coming through your car and TV speakers. It's just another way to tailor the audio in your life to your kids (or you and the spouse when you're having "time alone"). Don't spend your money on MP3s or CDs unless you want to listen to specific bands on demand, which is the only limitation of Pandora. Save that money for the mouths in your house.

Joe's Wish List: A better Acer tablet

I lied about the Acer Iconia in the last post. OMG, this is the tablet I want for the family. We could do so much with this. Pair this with the little 19" LCD TV we got for free from the neighbor (I will miss that lady when she moves next month), and you have a great little mobile media center for the house. How to pair it? An HDMI cable playing 1080p video to the TV. I could use it on the 42" LG TV we have I guess, but I'm already running my laptop through that for... um, "saved" movies... in full HD.

Geek bloggers unite!

Joe's Wish List: Graphics Tablet

Other than a replacement for the beat-up clunker of an Escort I'm driving now, I think this will be my one buy for myself this year with taxes. I had some other ideas, such as an Acer Iconia tablet or a new sound system in the new vehicle, but I have gone long enough, about 4 years, without my graphics tablet.

This one looks pretty capable. Adesso is the one who bought the company who made my last graphics tablet. They sell a 12x9 pad that is the exact same one I had before, but I didn't like it being so big. This being a widescreen version is perfect, and it's mid-priced so I am hoping it will not be so cheap as the last one.

But, of course, it's on a wish list, not on a grocery list, so let's hope we can work it out so you guys can get some decent digital art on this blog, and my Tumblr feed.

It was God's will....

I think those are the 4 worst words you can say to anyone who is grieving the loss of a loved one. I believe in God. I believe in a loving God, not a God who punishes by taking lives. I believe that as human beings, children of God, our lives are full of choices. Some are small: what to have for breakfast, whether to wear the blue or red shirt, etc. And some are huge.

Any of those choices, large or small, can result in life altering consequences. Maybe for breakfast you chose to have eggs rather than cereal so it takes you 5 minutes longer to prepare and because of that you miss a huge accident on the freeway. If you had chosen cereal, you would have been right there at that time. Maybe you didn't put your seat belt on right away and drove off, only to be involved in a serious accident a block from home.

Choices...

And some things just happen. This is where I waiver in my faith. Little Leila Grace and anencephaly. It just happened. Was it God's will? I don't believe it was God's will to take that baby, it was one of those things that happen without reason.

The loss of Emilee, was it God's will? I 100% do not believe so.

I believe that we are given the freedom of choice. Each choice we make, each action we take, has a consequence; some are good and some are bad. Today the pastor presiding over Emilee's service make a statement that moved me, and made me think of God's will. I can't recall his words exactly, but it was about how Emilee made a choice, and while God didn't condone that choice, he wept while she was making it. He also said that he believed Emilee was in heaven with her sweet Leila Grace, with her parents, and with all those who have passed before her.

I know I will someday see Emilee again. I know that God loves her. My heart will always grieve for her. For now, I continue to pray for her son, Dallas, her fiance, Will, and his two boys.

Suicide

Wow, nearly 1200 views of my blog about Emilee, and comments from strangers. That's pretty impressive seeing as none of my previous blogs managed to rake in no more than 50 or so views each.

Thank you all for sharing the blog, and for supporting Emilee's son, friends, and family.

It's times like this, when it's quiet, and all I can hear are my thoughts that it's the hardest. Those little "what ifs" that pop up in your head, the "if onlys" that scream through your mind. The terrible ache in your heart that can't be stopped. In my mind I know I did all that I could, but my heart... My heart says maybe I could have helped save her if I had reached out one more time. Just once more. Who knows? I think that's the worst part, the wondering of what I could have done differently.

Those of you who've heard about Emilee and judged her as a coward, or selfish, or thoughtless of her son, PLEASE do not judge 25 years of her life based on one final choice. You haven't lived her life, experienced her experiences, or suffered her loss and pain. No one is in a position to judge her. She was an amazing person, who suffered a lot of loss and pain in her 25 years.

Depression is real. It is life altering. It is beyond painful. Calling someone a coward when the depression wins isn't helpful. It makes the problem worse. How is someone suffering from depression so badly they would consider suicide supposed to feel when they hear, or read, those words? Do you think they'll reach out for help knowing you think them a coward?

I believe that Emilee is in heaven, with her sweet daughter Leila Grace, her parents and all of her loved ones who passed before her. I know that her heart is free of pain. I only hope that her son can someday understand that it wasn't about him. His mother loved him more than anything in this world. From the day she learned he was growing in her body her heart was his.

So please, please don't judge Emilee. Please don't judge her life based on one moment of utter weakness and pain.

RIP Emilee Granatowski

I still don't have many details, just that my friend took her own life. She was over the moon excited to find out she was expecting, in October she found out her baby was a girl. Just a few days later she received the devastating news that regardless of when she delivered her sweet baby wouldn't survive outside the womb. Her daughter, whom she lovingly named Leila Grace, was diagnosed with a rare neural defect called anencephaly. Most babies with anencephaly live only a  few short minutes, some may even live hours or possibly even days. Very rarely they may live weeks or even months. None have ever lived to see their first birthday. In November Emilee delivered her sweet angel, who passed on just moments after making her entrance into this world.

Emilee was an amazing person, she had over come so much loss and adversity in her life. Her mom passed when she was 9, her dad passed when she was 16, her only sibling lived across the country. Emilee had a wonderful son, Dallas, who is just 5 days younger than my daughter Brooklyn. We originally met on myspace of all places. We were in a group for mommies due in December 2006. We shared our hopes and dreams for our little ones, the ups and downs of pregnancy. Shortly after the births of our children we decided to meet in real life. That was the beginning of a beautiful friendship. She helped me through my post partum depression, offering a shoulder to lean on or cry on, a friend to call, anything I needed. I only wish I could have been given the chance to do the same for her in her biggest moment of need.

Over the last 2 years, as life changed for both of us, we didn't talk as much off of the internet, we didn't see each other as much. I'll always regret that. I don't think that had I reached out more I could have saved her or prevented this. I'll always wish that I had, but in my mind I know, no one had control over Emilee's actions. I tried reaching out several times after the birth of Leila, I mentioned to my husband,  to my mom, and to friends how worried I was about Emilee. The one time I mentioned it to Emilee she said she was getting help. I just wish I had kept mentioning it to her.

Part of me is heart broken. My heart aches, it's shattered. 25 years old, and gone forever. A poor sweet 6 year old boy will grow up without his mother. The other part of me is angry, so very angry. She KNEW what it was like to grow up without a mother! She had an amazing little boy who needed her. A fiance who loved her. So many friends who would have done anything to help her. I can't even put into words how angry I am. I would have done anything to help her, ANYTHING. I don't know the pain of losing a child, and I pray, with all of my heart and soul, that I never do.

I am crushed, beyond words. This is a loss that will forever change me. Emilee, I will forever be grateful for the time we had together, for the friendship we shared. Not a day will go by that I wont think of you, that I wont miss you. I hope you are at peace, with your lovely daughter and amazing parents. I love you.

Friends and family, anyone who reads this blog: Please, if you ever feel as if life has gotten to be too much, as if you can't go on, please, I beg you, reach out to someone, anyone.