Backups aren’t expensive, but they are necessary

From Tech Republic Blogs

It’s Okay if your small business can’t afford a dedicated IT expert, but most small shops, without fail, make the same mistake — they don’t perform frequent and reliable backups. No one really takes responsibility for backing up data and it’s every soul for oneself.

You might think that the cost and labor are prohibitive, but that’s false economy. You can’t afford not to backup your data. Besides, it just isn’t true. If I told you that backing up data would require about five minutes per PC, would you be interested? You might be surprised just how easy it is to back up your data regularly (using Windows).

Backing up is a tedious chore, but it's important. There are various mechanisms to make it easier, but at the very least read this blog and follow it's advice.

Attack Code Released for New DNS Attack

From New York Times

Hackers have released software that exploits a recently disclosed flaw in the Domain Name System (DNS) software used to route messages between computers on the Internet.

The attack code was released Wednesday by developers of the Metasploit hacking toolkit.

Internet security experts warn that this code may give criminals a way to launch virtually undetectable phishing attacks against Internet users whose service providers have not installed the latest DNS server patches.

This attack causes user's computers to contact the incorrect servers for services. For instance, when you type in www.google.com, expecting to be routed to Google, you could end up at another site pretending to be Google. The same could happen for your bank or your email. And this will work even if you use a bookmark.

Sadly this cannot be fixed by you. Your network administrator or ISP needs to fix their systems. It's probably a good idea to ask them if they have done so.

AVG Link Scanner creates web traffic jam

From searched-designed-developed

AVG, once seen as one of the best free anti-virus software packages on the market is now a webmaster's nightmare. Some of you may be aware that the latest version of AVG (version 8) comes with a new feature called Link Scanner. Link Scanner pre-scans links on a web search results page to determine whether they are safe to visit. What seemed a good idea to start with soon turned into a fairly large issue.

Early on, we noticed problems with using the link scanner when our internet connection started to suffer noticeably. The link scanner on all machines in our office was causing considerable bandwidth usage and slowing our internet connection down. We were quick to turn this feature off. Little did we realise at that point another problem lurked around the corner which was to be a webmaster nightmare.

With an estimated 20 million users worldwide using AVG 8 and a possibly 50 million users still to upgrade, webmasters are faced with the giant problem of fake traffic. These pre-link checks are skewing web logs all over the world by creating traffic statistics that aren't real human traffic.

Thankfully AVG have seen the light and have provided an update that turns off the Link Scanner. For those of you who have not yet installed version 8.0 please do so. An up-to-date virus scanner is a useful tool.

Court orders YouTube to disclose users’ login, IP addresses

From JournalStar.com

Dismissing privacy objections, a federal judge overseeing a $1 billion copyright-infringement lawsuit against YouTube has ordered the popular online video-sharing service to disclose who watches which video clips and when.

Lawyers for Google Inc., which owns YouTube, said producing 12 terabytes of data — equivalent to the text of roughly 12 million books — would be expensive, time-consuming and a threat to users’ privacy.

The database includes information on when each video gets played, which can be used to determine how often a clip is viewed. Attached to each entry is each viewer’s unique login ID and the Internet Protocol, or IP, address for that viewer’s computer.

Stanton ruled last week that the plaintiffs had a legitimate need for the information and that the privacy concerns are speculative.

Privacy is a valid concern on the 'net. There are some who believe that if you have nothing to hide then it does not matter if your privacy is violated. Others say that one cannot tell how this data will be used and therefore one needs to be vigilant about privacy. Either way, this ruling is another step on the road to reducing anonymity on the 'net.

Survey: More than 10,000 laptops lost each week at airports

From Computer World

Keep laptops close at airports, because they have a startling tendency to disappear in the blink of an eye, according to a new survey.

Some of the largest and medium-size U.S. airports report close to 637,000 laptops lost each year, according to a Ponemon Institute survey released today. Laptops are most commonly lost at security checkpoints, according to the survey.

Close to 10,278 laptops are reported lost every week at 36 of the largest U.S. airports, and 65% of those laptops are not reclaimed, the survey said. Around 2,000 laptops are recorded lost at the medium-size airports, and 69% are not reclaimed. The institute conducted field surveys at 106 airports in 46 states and surveyed 864 business travelers.

Can you say lost data? Got a backup, huh? Well how about exposed data? That's right, your payroll information, or your customer database, or your latest product range could be on a lost or stolen laptop.

TrueCrypt 6.0: Better Software for the Paranoid

From ostatic

TrueCrypt can use a variety of algorithms for its encryption, including AES, TwoFish, Serpent, and combinations of these. The developers have been good about dropping support for algorithms that have been significantly weakened over the software's lifetime.

There are two significant upgrades in version 6.0. First, TrueCrypt now performs parallel encryption and decryption operations on multi-core systems, giving you a phenomenal speedup if you have more than one processor available. Second, it now has the ability to hide an entire operating system, so even if you're forced to reveal your pre-boot password to an adversary, you can give them one that boots into a plausible decoy operating system, with your hidden operating system remaining completely undetectable.

TrueCrypt isn't necessarily for people who have illegal secrets to hide. If you travel with your laptop, and it contains any sensitive information - from your address book to company records - serious encryption is your best protection in case of theft. Remembering a few passwords, and installing a well-tested open source package that uses them, is a small price to pay for peace of mind.

This is a tool with which everyone who uses any mobile storage device, including laptops, should become familiar. Given that so many laptops are lost each year it is incumbent upon IT departments to look closely at tools like this.