A Web Browser is a computer application that allows you to read web pages. The Internet Explorer (IE) is Microsoft's web browser.
Microsoft has embedded IE into their Windows operating system. An operating system (OS) is the core system that lets you interact with the computer. Windows XP is an operating system, as is Linux, Apple Mac OS X, and others. Microsoft decided that the internet was so important that it linked the IE web browser into Windows. This was a controversial move when it happened, but that is what happened. The result is that many web site designers designed their web sites to work well with the Microsoft IE browser. Some (but thankfully not all) will only work with IE.
Therefore, you need to have IE installed and regularly updated if you plan to use the web. The current version is version 6.0 with a large number of security patches added to it.
IE is the de facto standard for browsers because Windows is the de facto standard for operating systems -- almost everyone has IE, and no one can get rid of it. However, it is good software. You could go on your merry way and use IE and be happy, as long as you update it diligently.
But, you are not limited to using IE.
A few months ago, the Mozilla project released Firefox 1.0. Since I tried it, I use it for all my web browsing except where I must use Internet Explorer.
Why?
It is fast.
It is written with security in mind -- no "pop-up" ads unless you want them. Easy to manage security settings.
It allows "tabs" for browsing, in which you can open several web sites and easily move from one to the other by clicking on its tab.
It allows for better organized bookmarks of your favorite sites, and "smart bookmarks" for bookmarking and automatically updating your news feeds.
It has a clean design. It is easy to use.
It does not have the vulnerabilities IE has to viruses, if only because an army of hackers are more focused on IE.
Check it out. Highly recommended.
Saturday, February 19, 2005
Web Browsers
If you need to find out anything, "Google" it.
Internet search engines are amazing in general. A "search engine" is a system that opens as many web pages as it can, and logs and indexes what it finds, allowing people to find web sites. And then, they do it again, and again, because web pages come and go, and get updated, or go away.
Of the search engines out there, Google (www.google.com) is, to my mind, the best. They provide an index of what is out there, and they also "rank" the importance each page they search by seeing if other sites refer to it. It is called "PageRank" and is explained at their site.
The bottom line is that while it does not cover the total vastness of the internet, Google will find you information on anything you would ever want to know.
You can also "Google" people -- try yourself! You can look for old friends, colleagues, school mates, future bosses. It is interesting what you can find -- sometimes scary.
Google has this so taped that it is now bordering on a generic term -- like Xerox or Kleenex.
Highly recommended.
Tuesday, February 15, 2005
E-mail Hoaxes Redux
Just a note on how long some of these e-mail hoaxes stay alive. A close aquaintance forwarded an alarming e-mail that turns out was a hoax. The hoax started in 1995 -- ten years ago. Some things never die!
Wednesday, February 09, 2005
Scams and Hoaxes
I really don't want this blog to be about internet security, it's just that right now, it is a big issue. There are a lot of criminals out there trolling for the technically unwary. They have no shame.
I received this e-mail last week:
===============================
Subject: I AM A VICTIM.
DEAR PATTERSON,
I write you this mail with sorrow and tears in my eyes. I do not mean to bother you with my problems but I am most disturbed and I have no other choice than to look for help from some one who is compassionate and have the milk of human kindness. I am not also writing to demand for any thing materialistic in whatever form from you, but I am writing to present to you a business proposition, which you shall profit from only if you decide to help me. I am wife to Mr.Samuel Ashaun,a Ghanian and a very successful international businessman, philanthropic, politician and a community deveoper. My late husband was an importer of certain commodities of which he alone has the sole patent right to bring into
Thank you.
Yours truly,
Mrs.Grace Ashaun.
=====================Heart-wrenching, no? The Tsunami barely has a chance to dry, and we get this. This is a scam. This letter is akin to those letters from "barristers" in Nigeria trying to locate "next of kin" to people who died in a car accident leaving millions to be split with -- well, you.
I am posting this as an example of these things -- they are all over the place. Do not take the hook. Any time you get an e-mailed plea for help, usually because of some truly horrific and sad thing, and which promises you a cut of millions of dollars, realize it is a fraud.
Similarly, any time you get alarming messages from your bank via e-mail, realize that it is not your bank, really, but someone trying to scam you. I mentioned this before, but these are truly alarming, and the warning bears repeating.
Other types of bogus e-mails include hoaxes -- someone sends an alarming message saying, for example, that there is this truly horrific e-mail virus that is being spread that can't be detected by anti-virus software, and that you should delete such-and-such files, and forward the alarming message to all of your friends and family.
Another hoax is an alarming e-mail about some social injustice and that we need to bombard someone's e-mail address with protests about how rotten this injustice is. Usually, the injustice is not real, or is disrelated to the person being emailed. The person being bombed by e-mail is probably the ex-girlfriend who dumped the loser that started the hoax.
The common denominator to these is "alarming e-mails." When you get an alarming e-mail, one that seems odd or hard to imagine or improbably profitable, it is virtually always a fraud or scam.
Caveat surfer - Let the web surfer (and e-mailer) beware!
Tuesday, February 08, 2005
Google Maps Beta
Google has a new web map system, rivaling Mapquest, etc. Very, very cool stuff. Rather than listen to me talk about it, give it a try.
Monday, February 07, 2005
Phishing and a New Risk
You need to be careful when using the internet. There is yet another problem that has reared its ugly head, because we are "not there yet."
Slashdot.org is a highly, highly technical website. Their motto is "News for Nerds. Stuff that Matters." That should be a clue that unless you are truly a nerd or have nerdish tendencies, you need to stay away. However, in an article today on slashdot.org, yet another exploit has been unearthed. Hackers can now create fake web addresses using an alternate code. This code looks like a normal address, but is actually referring to something else. The article uses Paypal as an example. The code "p& #1072;ypal.com" in this "Punycode" International Domain Name format is not the same as "paypal.com" in the normal code (UTF 8, or Unicode Transformation Format). This code "Punycode" form is shown on the screen normally, i.e., as "paypal.com", but goes to an entirely different place.
Blah, blah, blah, you say? Well, yes, except that if a hacker can create a normal-looking web link to a fake Citicorp or Bank of America web site, then you are at serious risk. It enables "phishing", the practice by hackers of trying to fool you into giving them your passwords and other private information. They can make the fake site look just like the original, except that they are stealing from you.
What can you do? Basically, phishing is really a risk for dealing with financial web sites, or internet provider web sites. So, when you are going to your bank or ISP (Internet Service Provider) websites, type the address directly into your browser. Don't go there via a link in an email message, or a link on a web site.
And, as always, treat the internet with respect. Realize that the moment you connect to the 'net, you are strolling on the wrong side of the tracks.
Resources -- Gibson Research
Steve Gibson of Gibson Research's web site is a fount of information. He is technical, but thorough. "Shields Up" is his firewall tester -- he probes your computer (with your permission, of course), and then scares the heck out of you with what he finds. You will "get religion" when you use this.
This is a good reference.
Tuesday, February 01, 2005
E-mail Spoofing
E-Mail is a very untrustworthy medium for communications. There is no real security on it -- anyone can send a message and have it say it is from anyone else, like "gwbush@whitehouse.gov", for example. This is called "E-Mail Address Spoofing."
In your email program, you can say what your name is, what your e-mail address is, and the e-mail address that the reply to the e-mail goes to ("Reply-to" address). You can put there whatever you want.
I used one of my email accounts to show you how it works. I set up the e-mail account to say that I am "Sam Spade," and my e-mail address is "spade@privateeye.com", and the organization I represented is "Sam Spade, Private Eye." Then, I sent an e-mail to the "AskUncleMark" e-mail address at gmail.com. Here is what I got:
=======================
=======================
Hey, will you look at that! Sam Spade sent me an e-mail! Easy as that. Anyone can do it.
Each e-mail has "e-mail headers" that contain information about the e-mail. There is nothing in the e-mail headers that indicate my real e-mail address. Who I say I am is totally disconnected with my real e-mail address. Everything says I am Sam Spade from "Sam Spade, Private Eye." The only clue there is that all is not as it seems is that the message was received from "earthlink.net" instead of "privateeye.com" and you can see my internet address. You have to look hard to see it.
In real-world terms, it is like putting the wrong return address on a letter. You have no idea who really sent it.
Scammers and virus-writers take advantage of this weakness.
Scammers say that they are e-mailing you from your bank, and ask you to "fix a problem with your accounts," and redirect you to an official looking, but fake, web site that captures your login ID and password. They then have access to your real account. This is call "phishing" and is rampant.
Virus writers use email to spread their virus via email, by sending the virus to people in your address book, with spoofed from-lines taken from other people in your address book. So, if you have "Joe" and "Mary" in your address book, the virus will send the virus, using your account, to "Mary" with "Joe" in the from line, and vice-versa. This makes it virtually impossible to trace where the virus really came from, and jeopardizes the relationship between Mary and Joe.
Because of this, here are some guidelines when working with e-mail:
1. Never assume that the e-mail is really from who it says it is from. Be skeptical.
2. If a strange message is apparently from one of your friends, realize that they probably didn't send it. It is probably a virus-sent message.
3. Always, always, always assume that an e-mail asking for any login IDs, passwords, account PINs, or personal information is fake. If a bank has a problem with your accounts, they will either call you, or send you a real letter, or both. They will not e-mail you. Even if they do e-mail you, don't e-mail them back, call them, if you think there might be a problem.