Are you at risk to Flashback?

Recently a new malware virus for the Mac OS called Flashback got a lot of attention when antivirus company Dr Web published that 600,000 Mac’s are infected. This is a substantial number of Mac users and deserves more attention than most publications are giving it. The reason that Flashback is such a large threat is that it can infect your computer without you having to enter your admin password. However you can protect yourself fairly easily from this virus as it is taking advantage of a vulnerability in Java which in many cases isn’t even on your Mac OS and if you use the Google Chrome browser is highly restricted from causing any issues.

Macworld.com wrote up a very interesting piece which I recommend you read. This part was the first thing you should go through:

Am I at risk?
You are at risk if you meet four criteria:

1. You have Java installed on your Mac. One way to find out: Open Terminal and type java -version at the prompt. If you do have Java installed, you’ll get a version number. It is installed by default on OS X 10.6 Snow Leopard, but not by OS X 10.7 Lion. (But is installed the first time you need to run it, which means most Macs likely have it).

2. You do not have the Java for OS X Lion 2012-001 (if you’re running OS X Lion) or Java for Mac OS X 10.6 Update 7 installed (if you’re running Snow Leopard) or you were infected before either of them was installed. Both of those updates install Java version 1.6.0_31; running that java -version command above will tell you if that’s what you’ve got.

3. You allow Java applets to display in your browser. In Safari, go to Preferences > Security > Web Content and see if the Enable Java option is checked. You can turn that option off by unchecking it.

4. You do not have certain security tools installed on your Mac that Flashback checks for, including Little Snitch, Xcode, and a few anti-malware tools.

Antivirus vendors do not appear to have detected this particular version of Flashback for a few days after it appeared in the wild, though some vendors—including Intego—protected users with updates in late March. Malware often shares bits of code from earlier versions that may be detectable by antivirus products before those products have been specifically updated to catch newer versions, but such protection is hit-or-miss. (via Macworld)

Summary:

  • If you use Chrome you are safe from this virus.
  • If you have Lion you are safe from this virus.
  • If you use Safari be sure to disable Java.
  • Disable Java and do not allow Java applets to run from any website in your browser.
  • If you develop websites stop using Java
  • Do not let your web browser store your passwords as they generally are not encrypted and open you up to the underlying piracy problem that Flashback and viruses like it exploit.

Are you ready for mobile visits?

Welcome to 2012, is your Web site ready for mobile devices? If it isnt you are already losing business. You know all that noise about iPhones and Apple being the largest company? The people buying those devices are your customers, and they are coming to your Web site right now. Have you taken a look at what your Web site looks like on an iPhone? Go ahead, take a minute and check it out.

If you are still reading this I bet that your Web site looks the same on an iPhone as it does on a computer. Which means it looks really small and its really hard to navigate and read anything.

You need to get your Web site mobile optimized. The fastest way to do this is by using WordPress with a plugin called WPTouch Pro:Learn more about WPtouch Pro »

With WPTouch Pro your worpdress Web site becomes aware when someone visits on an iPhone or any mobile device and displays a mobile optimized version. In my opinion this is going to be the most important thing you do online this year.

If you need help installing and setting up WPTouch Pro feel free to contact me at 602-380-2692 or roger@rogerwilliamsmedia.com.

Have a great day!

site:daringfireball.net google at DuckDuckGo

site:daringfireball.net google

via site:daringfireball.net google at DuckDuckGo.

Last night I upgraded to the Lion version of Apple Inc’s operating system. for shits and giggles i searched around for what to do first after installing the system and since daringfireball.net is a fanboy i figured he would have some good stuff to read about.

So in Chrome I entered “daringfireball.net lion” which will do a search of that domain for pages talking about ‘lion’. To my surprise it brought up duckduckgo.com which is a search engine I have never heard of.

At first I was worried something was wrong with Chrome but now I see that DuckDuckGo.com has been integrated into DaringFireball.net’s site. Given Gruber’s growing criticism of Google I see the political aspects of making this decision. I wonder if there is any compensation involved as well?

There are currently no posts on the Fireball about duckduckgo:
http://duckduckgo.com/?q=site%3Adaringfireball.net+duckduckgo

Are you Disaster Proof? Backups and Bootable Copies

As a Internet Marketer my life revolves around my computers. I do pretty much everything except cash checks through them (hopefully that will change soon as well) so its pretty critical that they are always working well and that just in case I have a backup.

Lets be very clear here: I have never had a really good backup plan in place. Up till just a few months ago I was in a situation where if my main laptop harddrive failed I would be out of business and probably in big trouble with my clients. As I have gained more clients I realized that a lot of information on my hard drives is very critical to my ability to make an income. After reading John Gruber of Daring Fireball’s experience with a hard drive failure I decided to create a back up system.

First of all I bought a really big 2TB external drive from Amazon by Western Digital. (You can now, just 4 months later, get a 3TB drive for what I got my 2TB drive for.) Then I decided I would use a 2 system setup for ensuring I was covered from almost any kind of issue:
#1 I setup Time Machine to a 1.7 TB partition on the external drive. Since Time Machine does hourly backups and eventually uses all the space it is given this part gives me iterative backups going back many months. This means that I have access to really old versions of documents that I may have since deleted on purpose but can still go back and access. With Time Machine I can backup not only my laptop hard drive but also my other external hard drives where I store music and movie files for performance and archival purposes.
#2 I setup SuperDuper to a 300GB partition on the Western Digital because my laptop drives total space is 250GB. I will let SuperDuper explain what it is that they do:

Our tagline, Heroic System Recovery for Mere Mortals, tries to sum up the whole idea: SuperDuper! is designed to provide excellent failover support for the all-too-common case where things fail in a pretty catastrophic way, such as when a drive fails, or your system becomes unbootable. We do this by quickly and efficiently creating a fully bootable copy of your source drive. Perhaps more importantly, recovery is near immediate, even if the original drive is completely unusable, because you can start up from your backup and continue working.

via Shirt Pocket Watch – Time’s Arrow Redux.

#3 I have a Dropbox account where I put all my work files and folders. This gives me automatic backups to Dropbox’s remote servers so even if I havent run a backup in a while I can always access the files there. Dropbox also has a ton of useful features beyond backups and its Free to use. I have a 50GB account with them as I work with large image files, this costs me $10 per month.

This means that I now have interative backups in case I need to access an old file and I have a bootable copy of my laptop drive. Time Machine covers me in case I save the wrong version, accidentally delete, or otherwise lose a file I need to have. SuperDuper covers me in case there is a catastrophic failure of my laptop drive and I can immediately restore and get back to work.

The next step will be getting another harddrive which gets a monthly backup and storing that offsite somewhere. The reality is that my career is based on these really technical and fragile devices so I need to be as proactive about protecting the data they contain as possible.

Here is a great wikipedia page on Hard Drives with a nice rundown of how quickly the technology has advanced:

  • Driven by areal density doubling every two to four years since their invention, HDDs have changed in many ways, a few highlights include:
  • Capacity per HDD increasing from 3.75 megabytes to greater than 1 terabyte, a greater than 270-thousand-to-1 improvement.
  • Size of HDD decreasing from 87.9 cubic feet (a double wide refrigerator) to 0.002 cubic feet (2½-inch form factor, a pack of cards), a greater than 44-thousand-to-1 improvement.
  • Price decreasing from about $15,000 per megabyte to less than $0.0001 per megabyte ($100/1 terabyte), a greater than 150-million-to-1 improvement.[5]
  • Average access time decreasing from greater than 0.1 second to a few thousandths of a second, a greater than 40-to-1 improvement.
  • Market application expanding from general purpose computers to most computing applications including consumer applications.

via Hard disk drive – Wikipedia, the free encyclopedia.

What is your backup plan?

Be Wary of FREE

Free isnt always Free
Trust Us
I like free things just like anyone else, but in my 34 years of living on this planet I have learned that with Free there is always a cost. Anytime a business offers something for free there should be a financial incentive for them to do so. A Lawyer offers a free consultation knowing that a percentage of those consults will become customers. A car wash offers free gas with purchase because they have offset the costs.

Be Aware

These are obvious examples of where the business is incentivising potential customers with a Free offer so that they can grow their business. Other times it can be more subversive and more difficult to identify where the business is getting a benefit.
This morning as I perused the daily deluge of email newsletters for online advertising I saw this “New [PPC Management Company] tool to map keywords for performance”. The article talks about Wordstream’s new service which analyses your Adwords account and tells you all sorts of neat things about it. Seeing as how I like Free and also have many AdWords accounts that can always use more analysis I went to the [PPC Management Company] site to learn more.

The first question in my head is: “How will [PPC Management Company] be able to see what is happening in my Adwords account?” This was quickly answered when they asked for my Adwords username and password. Naturally I am not going to be giving that info over to anyone without some type of contract in place to keep them from going to town on my account and credit cards. In order to get the Free analysis you have to give them the keys to your business. Big red flag moment.

Lesson?

The lesson learned here is to always be interested in Free offers but be just as wary of what you have to give up. In this case while you might get a free analysis of your PPC campaign you are also completely opening up your business to severe damages. If you need analysis of your business I suggest talking with a person rather than blindly handing over the keys and hoping for the best.

Footnote

As a footnote here the WordStream page that asks for your very sensitive Adwords account information is not even HTTPS. This means that you are sending a 3rd party access to your Adwords account with zero encryption so anyone who wants to watch the packets from this page can also gain access to your Adwords account.

Since [PPC Management Company] is an Adwords certified partner, as indicated all over their website, I would think that Google would have a problem with this practice. What do you think about Free offers like this one?