Jan 31, 2008

What Web 2.0 Websites To Stay Away From

As a blogger you are always looking for new ways, and new places to promote your content, and draw in more readers and RSS subscribers. I find lots of articles on where to go to both find great content, and to submit my posts. I have even written about it myself.

You don't often see articles on sites to stay away from, so I thought I would drop my two cents on a couple of sites that are pretty much a waste of time.

The first one I will mention is Mixx. It is a new site that is supposed to be a digg killer. I have to admit that this site is really nice looking, but if you submit a post to it, don't expect any traffic. I have submitted over a dozen articles to Mixx, and have not seen one hit from them. The law of averages says that I should at least get one or two hits from them after submitting a few articles, but no, nothing. So if you are a blogger, and are submitting articles to them stop wasting your time.

plime sucks ballsThe other site I will mention is Plime. When I first saw these guys a few months ago I loved them. I got a lot of hits from Plime for a while, but then something happened. They developed a policy that you cannot submit your own stuff, and they do not like submissions from blogs in general. I stopped submitting to them for a long time, then about a month ago I started again. Now they have administrators actively policing all submissions, and will either change the URL of your submission, or they will vote it down so far that nobody will see it. There is one particular moderator that really pissed me off yesterday (2manyusernames). I submitted a post, and not only did he vote it down below the viability level, but he edited the post and inserted all of my personal contact information he received from doing a domain whois lookup, then tagged the post as spam. Not cool at all.

I did a whois lookup on them and checked their registered address through Google, and some other tools. It turned out to be a false address. I reported the invalid whois to GoDaddy who made them update it. Now if you Whois them, they have since re-registered through Domains By Proxy which is what a lot of shady websites do when they don't want you to be able to track them down.

The big legal issue here with 2Manyusernames posting my information like that is a clear violation of Godaddy's whois use policy which states:

By submitting a whois query, you agree that you will use this data only for lawful purposes and that, under no circumstances will you use this data to: (1) enable high volume, automated, electronic processes that stress or load this whois database system providing you this information; or (2) allow, enable, or otherwise support the transmission of mass unsolicited, commercial advertising or solicitations via direct mail, electronic mail, or by telephone. The compilation, repackaging, dissemination or other use of this data is expressly prohibited without prior written consent from us.

By them posting my information on their site, it leaves me vulnerable to spam and other unwanted nastiness. If you post an email address, such as dba@plime.com, or registrar@worth1000.com, or domainsalsa@worth1000.com, there are spam cultivators that scour the net for email addresses to spam. Not to mention, he posted my personal telephone number, so I am sure I will now get a 100 extra phone solicitors bothering me during dinner.

For you jokers who will now run out and WHOIS me, let me save you some time: (Bauer-Power.net WHOIS). I updated my registration info in case something like this happens again. I didn't take the chicken shit route and do the domains by proxy thing, but now I won't be getting emails about viagra, and phone calls to switch my long distance carrier.

After some investigating, I found that they didn't update the Whois info for their DNS servers, which are registered to their parent domain, worth1000.com. In case you are curious, here is that whois info:

Muchnick, Avi domainsalsa@worth1000.com
Worth1000, LLC
1135 Railroad Ave Suite 203 Hewlett New York,11557
United States
Tel. +516.6209046
[EDIT 2/1/08] So I Checked out the above address on Google Satellite, and this appears to be phony too. Here is a satellite picture that looks like it is in an old school bus depot:


Anyway, I can spend all day bitching about Plime's shady conduct. To end on a lighter note, here are some sites that are good for traffic, and don't mind you submitting your own stuff, and even if they did they certainly wouldn't plaster your personal info on their pages:
  1. Digg
  2. Shoutwire
  3. Propeller
  4. BloggingZoom
  5. Post On Fire
  6. Reddit
Do you have any other sites you like to visit that bring you traffic? Have any other sites people should stay away from? Hit me up in the comments.

Jan 30, 2008

Password Crackers

I have been getting a lot of hits from Google searchers looking for ways to crack passwords for many different things, mainly people’s online e-mail, though I’m sure they were looking to crack other things as well. I mean, lets face it, people are lazy and I will go out on a limb here and say that 90% of people use one password for everything. If you find their password for one thing, there is a greater possibility that they will use it for everything from online banking, to Paypal, to MySpace. The trick is to find that one password.

I wrote before about using a Keylogger to secretly find a password, but what if you don’t have time to wait for them to get on the computer and type away so you can read the log later? What if you need to gain access now? That is where you need to find a different method. Here is a list of password attacking programs that I picked up from SecurityForest.com:

leet, l337, 1337Please remember, that use of these items may be illegal to use in some states and in some countries, please check your local laws before using any of these programs. I cannot be held responsible for someone’s misuse of these programs!

John the Ripper (Windows, Linux, BSD): John the Ripper is a fast password cracker, currently available for many flavors of Unix (11 are officially supported, not counting different architectures), DOS, Win32, BeOS, and OpenVMS. Its primary purpose is to detect weak Unix passwords. It supports several crypt(3) password hash types which are most commonly found on various Unix flavors, as well as Kerberos AFS and Windows NT/2000/XP LM hashes. Several other hash types are added with contributed patches.

L0phtcrack (Windows): L0phtCrack attempts to crack Windows passwords from hashes which it can obtain (given proper access) from stand-alone Windows NT/2000 workstations, networked servers, primary domain controllers, or Active Directory. In some cases it can sniff the hashes off the wire. It also has numerous methods of generating password guesses (dictionary, brute force, etc).

Lepton’s Crack (Windows, Linux): It can perform a dictionary-based (wordlist) attack, as well as a brute-force (incremental) password scan, including enumeration of a regular expression (useful if you know something about the password). Currently the formats supported are: standard MD4 hash, standard MD5 hash, NT MD4/Unicode, Lotus Domino HTTP password (R4), SHA-1 and
LM (LAN Manager).

Cain and Abel (Windows): Cain & Abel is a free password recovery tool for Microsoft Operating Systems. It allows easy recovery of various kind of passwords by sniffing the network, cracking encrypted passwords using Dictionary & Brute-Force attacks, decoding scrambled passwords, revealing password boxes, uncovering cached passwords and analyzing routing protocols. It is also a great tool for arp spoofing and MITM attacks. Source code is not provided.

Creddump (Windows): The program follows the same methodology used by Todd Sabin in his PWDUMP2 program to decrypt credential files. It uses the "DLL injection" technique to run a thread in the same security context of the Local Security Authority Subsystem process. The thread's executable code must first be copied to the address space of LSASS process and this requires an account with the SeDebugPrivilege user right. By default only Administrators have this right. Once injected and executed, the thread will run with the same access privileges of the Local Security Authority Subsystem and will use the native undocumented LsaICryptUnprotectData API from LSASRV.DLL to decrypt the credentials file. The thread stores the output of this API in a temporary file named cred.txt located in the same directory of the program. Finally, user's credentials are dumped and put ont the screen. Credential Manager can store various kind of passwords, they can be saved as MultiByte or WideChar strings, security BLOBS and certificates too. The choice of the final encryption method is left to the user. The program will try to recognize plaintext passwords stored as MultiByte strings or WideChar strings, and will also decode Passport and Standard (no entropy) credential BLOBS originally stored using the CryptProtectData API.

Brutus (Windows): This Windows-only cracker bangs against network services of remote systems trying to guess passwords by using a dictionary and permutations thereof. It supports HTTP, POP3, FTP, SMB, TELNET, IMAP, NTP, and more. No source code is available. UNIX users should take a look at THC-Hydra.

THC-Hydra (Windows, Linux, BSD): This tool allows for rapid dictionary attacks against network login systems, including FTP, POP3, IMAP, Netbios, Telnet, HTTP Auth, LDAP NNTP, VNC, ICQ, Socks5, PCNFS, and more. It includes SSL support and is apparently now part of Nessus. Like Amap, this release is from the fine folks at THC.

Crack 5.0a (Linux, BSD): Crack is a password cracking program that is designed to quickly locate insecurities in Unix (or other) password files by scanning the contents of a password file, looking for users who have misguidedly chosen a weak login password. Crack v5.0 is a relatively smart program, and is pre-programmed to expect a variety of crypt() algorithms to be available for cracking in any particular environment.

VNCPwdump (Windows): VNCPwdump can be used to dump and decrypt the registry key containing the encrypted VNC password in a few different ways. It supports dumping and decrypting the password by: 1) Dumping the current users registry key. 2) Retrieving it from a NTUSER.DAT file. 3) Decrypting a command line supplied encrypted password. 4) Injecting the VNC process and dumping the owners password.

Ophcrack (Linux, windows): Ophcrack is a Windows password cracker based on a time-memory trade-off using rainbow tables. This is a new variant of Hellman's original trade-off, with better performance.

RainbowCrack (Linux, windows): In short, the RainbowCrack tool is a hash cracker. While a traditional brute force cracker try all possible plaintexts one by one in cracking time, RainbowCrack works in another way. It precompute all possible plaintext - ciphertext pairs in advance and store them in the file so called "rainbow table". It may take a long time to precompute the tables, but once the one time precomputation is finished, you will always be able to crack the ciphertext covered by the rainbow tables in seconds. (MD5,LM,SHA-1)

Cachedump (Windows): CacheDump will create a CacheDump NT Service to get SYSTEM right and make his stuff on the registry. Then, it will retrieve the LSA Cipher Key to decrypt (rc4/hmac_md5 GloubiBoulga) cache entries values. A John The Ripper module has been developed to attack the hashed values that are retrieved ( timing equivalent to MD4( MD4( password|U(username) ) ).

Mdcrack (Windows): MDcrack is primarily a fast cracker for (raw) MD5 and MD4 hashes, but it also supports NTLM hashes (case sensitive, MD4-based) that are actually used by Windows NT/2000/XP. It's rather dumb in which candidate passwords it tries and it doesn't support loading of entire password files, so its practical use is limited. However, it demonstrates how it's possible to compute the hashes at a very fast rate.

Don't Forget your Bauer-Power Gear!

Jan 29, 2008

Another Good Free Anti Virus Program

I am always in the market for a good free anti virus program. One of the main reasons for this is I get a lot of requests from friends and family members to take a look at their computer that is riddled with malware, and slower than molasses.

One of the first things I check is their anti virus. Yup, just as I suspected. The virus definitions are two years old, and they never extended their license. This is the perfect case to provide them with a free solution that they don't have to think about.

Some people have their favorites, but I personally like choice, and I like to give people choices. I have recommended several free anti virus programs in the past including AVG, Avast, ClamWin and Comodo. All of them are good. Depending on the user's level of techno savvyness, you may want to give them something they don't have to think about too hard.

This other good AV program is called PC Tools Free Anti Virus. Here are some of the program high lights from the vendor's website:

  • pc tools free anti virusProtects your PC as you are working, surfing and playing
  • Detects, quarantines, disinfects and destroys Viruses, Trojans and Worms
  • IntelliGuard™ protects your computer against threats in real-time
  • Automatically checks for frequent updates against the latest threats
  • Best of all it's FREE. No catches, limitations or time-limits.
Pretty standard stuff if you ask me, and the interface is really easy to use and figure out. Even your grandma can figure it out...Okay, maybe thats pushing it. But hey, Download.com gives this AV 4 out of 5 stars which isn't bad. It's certainly good enough to replace the expired anti virus on your friend's machine.

Jan 28, 2008

Don't Be Crashing No Servers!

I have been in the I.T. field for the last 3 years. Sure it hasn't been very long, but in that time I have seen and heard a lot of things. I have heard a number of stories of disgruntled employees wiping out months of data when they quit. I have heard of database administrators, and systems administrators leaving back doors into the company and causing hundreds of thousands of dollars worth of lost data. I have been disgruntled a time or two and felt like perhaps doing the same thing as well (but I do have some self control).

hacker in jailWell apparently a 51 year old systems administrator in New Jersey was disgruntled enough to write a script that was supposed to wipe out a major medical database. This loser of a sys admin's name is Andy Lin (His full name is Yung-Hsun Lin). The reason Mr. Lin wrote the code was because his company, Medco Health Solutions, was planning on laying off four systems administrators. He planted the code on one of their major database servers as a preemptive measure in case he was one chosen to be laid off. It turned out that he wasn't one that did get laid off, but he decided to let the code go anyway.

The problem was he sucks as a script writer, because the code didn't work. I guess no one told him that maybe he should test it first. He was caught by another systems administrator on his team, and the rest is history.

He was just sentenced this week to 30 months in jail, and has to pay Medco $81,200 in restitution.

If you are a systems administrator, and are feeling just a little unappreciated, don't go the route of Mr. Lin. The trouble you will get in will not only be monetary, but it also prove to be a real pain in the ass... Literally. (Jail, get it?)

Jan 25, 2008

Pimp Out Your Linux System With Free Stickers

I am a big fan of Linux and open source in general. I love the idea of free software that is community supported. There just is a great sense of freedom in using free to use, and free to customize software. Not to mention it really lets me get my geek on, and I like that!

Now do you want to know what I hate? I hate having to spend hundreds of dollars on a computer, then on top of that giving Microsoft free advertising by having their sticker on my machine. Screw that! What if I don't have a crappy Windows system on my machine? What if I am running Ubuntu, Gentoo, Fedora or any one of my other favorite Linux systems? Why would I have a Windows sticker on my box then?

gnu software sticker bookNow you can pimp out your open source badness machine with free stickers that you can download and print yourself. There are literally hundreds of stickers in the two volumes that I am about to give you. They include stickers for just plain Linux, then it spreads out to distribution specific like Ubuntu, Gentoo and the like. They even have stickers for your favorite applications.

You can download both volumes in one complete zip file here (Gnu Software Sticker Book)

Once you download them, I recommend buying some sticker paper from Office Depot, Staples, Quill, Office Max, or whoever you prefer, and print them out. carefully cut out your design and voilla! Instant geeky goodness! Or you just be cheap like me, print them out on regular paper and tape them on your machine.

[EDIT]- If you want to be lazy, I will print out a free "Powered By Ubuntu" sticker for you on self adhesive sticker paper. Check out my offer here: (Free Powered By Ubuntu Sticker Offer)

Jan 24, 2008

Software Every Systems Administrator Needs

My buddy Jason whom I met in college, and I got hired on at my day job, takes an interest in playing with cool free software that he finds online like me. I asked him to do some guest posts, but he said he doesn't like to write. So I will have to write about this tool that he showed me, which I think is now one of my favorite applications because it does so friggin' much!

This software is called Net Tools, and is a systems administrators dream! It has over 175 built in tools for it which I will list in just a second or two. First I want to give an explanation of what Net Tools is. This is from the website:

Net Tools is a comprehensive set of host monitoring, network scanning, security, administration tools and much more, all with a highly intuitive user interface. It's an ideal tool for those who work in the network security, administration, training, internet forensics or law enforcement internet crimes fields. Net Tools is mainly written in Microsoft Visual Basic 6, Visual C++, Visual C# and Visual Studio .NET.

Not enough info for you? Here is the list of tools it provides:

  1. network tools free software IP Address Scanner
  2. IP Calculator
  3. IP Converter
  4. Port Listener
  5. Port Scanner
  6. Ping
  7. NetStat
  8. Trace Route
  9. TCP/IP Configuration
  10. Online - Offline Checker
  11. Resolve Host & IP
  12. Time Sync
  13. Whois & MX Lookup
  14. Connectr
  15. Connection Analysator and protector
  16. Net Sender
  17. E-mail seeker
  18. Net Pager
  19. Active and Passive port scanner
  20. Spoofer
  21. Hack Trapper
  22. HTTP flooder (DoS)
  23. Mass Website Visiter
  24. Advanced Port Scanner
  25. Trojan Hunter (Multi IP)
  26. Port Connecter Tool
  27. Advanced Spoofer
  28. Advanced Anonymous E-mailer
  29. Simple Anonymous E-mailer
  30. Anonymous E-mailer with Attachment Support
  31. Mass E-mailer
  32. E-mail Bomber
  33. E-mail Spoofer
  34. Simple Port Scanner (fast)
  35. Advanced Netstat Monitoring
  36. X Pinger
  37. Web Page Scanner
  38. Fast Port Scanner
  39. Deep Port Scanner
  40. Fastest Host Scanner (UDP)
  41. Get Header
  42. Open Port Scanner
  43. Multi Port Scanner
  44. HTTP scanner (Open port 80 subnet scanner)
  45. Multi Ping for Cisco Routers
  46. TCP Packet Sniffer
  47. UDP flooder
  48. Resolve and Ping
  49. Multi IP ping
  50. File Dependency Sniffer
  51. EXE-joiner (bind files
  52. Encrypter
  53. Advanced Encryption
  54. File Difference Engine
  55. File Comparasion
  56. Mass File Renamer
  57. Add Bytes to EXE
  58. Variable Encryption
  59. Simple File Encryption
  60. ASCII to Binary (and Binary to ASCII)
  61. Enigma
  62. Password Unmasker
  63. Credit Card Number Validate and Generate
  64. Create Local HTTP Server
  65. eXtreme UDP Flooder
  66. Web Server Scanner
  67. Force Reboot
  68. Webpage Info Seeker
  69. Bouncer
  70. Advanced Packet Sniffer
  71. IRC server creater
  72. Connection Tester
  73. Fake Mail Sender
  74. Bandwidth Monitor
  75. Remote Desktop Protocol Scanner
  76. MX Query
  77. Messenger Packet Sniffer
  78. API Spy
  79. DHCP Restart
  80. File Merger
  81. E-mail Extractor (crawler / harvester bot)
  82. Open FTP Scanner
  83. Advanced System Locker
  84. Advanced System Information
  85. CPU Monitor
  86. Windows Startup Manager
  87. Process Checker
  88. IP String Collecter
  89. Mass Auto-Emailer (Database mailer; Spammer
  90. Central Server (Base Server; Echo Server; Time Server; Telnet Server; HTTP Server; FTP Server)
  91. Fishing Port Scanner (with named ports
  92. Mouse Record / Play Automation (Macro Tool
  93. Internet / LAN Messenger Chat (Server + Client)
  94. Timer Shutdown/Restart/Log Off/Hibernate/Suspend/ Control
  95. Hash MD Checker
  96. Port Connect - Listen tool
  97. Internet MAC Address Scanner (Multiple IP)
  98. Connection Manager / Monitor
  99. Direct Peer Connecter (Send/Receive files + chat)
  100. Force Application Termination (against Viruses and Spyware)
  101. Easy and Fast Screenshot Maker (also Web Hex Color Picker)
  102. COM Detect and Test
  103. Create Virtual Drives
  104. URL Encoder
  105. WEP/WPA Key Generator
  106. Sniffer.NET
  107. File Shredder
  108. Local Access Enumerater
  109. Steganographer (Art of hiding secret data in pictures)
  110. Subnet Calculater
  111. Domain to IP (DNS)
  112. Get SNMP Variables
  113. Internet Explorer Password Revealer
  114. Advanced Multi Port Scanner
  115. Port Identification List (+port scanner)
  116. Get Quick Net Info
  117. Get Remote MAC Address
  118. Share Add
  119. Net Wanderer
  120. WhoIs Console
  121. Cookies Analyser
  122. Hide Secret Data In Files
  123. Packet Generator
  124. Secure File Splitting
  125. My File Protection (Password Protect Files, File Injections)
  126. Dynamic Switch Port Mapper
  127. Internet Logger (Log URL)
  128. Get Whois Servers
  129. File Split&Merge
  130. Hide Drive
  131. Extract E-mails from Documents
  132. Net Tools Mini (Client/Server, Scan, ICMP, Net Statistics, Interactive, Raw Packets, DNS, Whois, ARP, Computer's IP, Wake On LAN)
  133. Hook Spy
  134. Software Uninstaller
  135. Tweak & Clean XP
  136. Steganographic Random Byte Encryption
  137. NetTools Notepad (encrypt your sensitive data)
  138. File Encrypter/Decrypter
  139. Quick Proxy Server
  140. Connection Redirector (HTTP, IRC, ... All protocols supported)
  141. Local E-mail Extractor
  142. Recursive E-mail Extractor
  143. Outlook Express E-mail Extractor
  144. Telnet Client
  145. Fast Ip Catcher
  146. Monitor Host IP
  147. FreeMAC (MAC Address Editor
  148. QuickFTP Server (+user accounts support)
  149. NetTools Macro Recorder/Player (Keybord and Mouse Hook)
  150. Network Protocol Analyzer
  151. Steganographic Tools (Picture, Sounds, ZIP Compression and Misc Methods)
  152. WebMirror (Website Ripper
  153. GeoLocate IP
  154. Google PageRank Calculator
  155. Google Link Crawler (Web Result Grabber)
  156. Network Adapter Binder
  157. Remote LAN PC Lister
  158. Fast Sinusoidal Encryption
  159. Software Scanner
  160. Fast FTP Client
  161. Network Traffic Analysis
  162. Network Traffic Visualiser
  163. Internet Protocol Scanner
  164. Net Meter (Bandwidth Traffic Meter)
  165. Net Configuration Switcher
  166. Advanced System Hardware Info
  167. Live System Information
  168. Network Profiler
  169. Network Browser
  170. Quick Website Maker and Web Gallery Creator
  171. Remote PC Shutdown
  172. Serial Port Terminal
  173. Standard Encryptor
  174. Tray Minimizer
  175. Extra Tools (nmap console & win version)

That is only a partial list of stuff too! Like I said, this is probably one of the most useful pieces of free software I have seen out there. If you work in the IT field, you definitely need to take a look at this.

Do you have any all-in-one tools you use all the time? Let me know in the comments!

Jan 23, 2008

No Tech Hacking or Every Day Security

When you think of a hacker you think of some really smart, super genius outcast type individual probably between 17 and 25 years old living in his grandma's basement "cyber cracking" his way into peoples bank accounts, or capturing credit card numbers. That is certainly what Hollywood would have you think. Actually, sometimes it is true I have to admit.

More often than not though, a hacker doesn't always have to use their cyber hazard skills to get the information they need. Sometimes all they need is to do a little dumpster diving, or some social engineering to accomplish their goals. Sometimes they don't even need that. Sometimes all they need is to take a stroll through a parking lot. Or maybe you just need to watch employees come and go from a building on their lunch breaks. You know, some secret agent stuff.

hackersAt last year's DefCon which is one of, if not the biggest hacker conventions in North America, one of the keynote speakers, Johnny Long gave a presentation on the art of no-tech hacking. You may know Johnny better for his books on Google hacking.

Well, here for your viewing enjoyment, is his speech at DefCon explaining all the little no-tech ways you can find out all sorts of information about people. His intro is a little long, so just bear through it:

The next time you are out in public take a look around and start asking yourself, "What does a hacker see?" You may be surprised at all the information you will find.

Jan 21, 2008

More With The Blackberry Upgrade

Happy Martin Luther King Day everyone, if you have the day off you are lucky, and I hope yo are having a great three day weekend. If you have to work like me, then I am sorry. What can you do right?

Well if you have been reading recently, I asked all of you guys for advice in creating a test environment for upgrading from Blackberry Enterprise Server 4.0 to 4.1. I am sorry to say that you guys were no help at all. I did have one comment on it, but it was a sales pitch for Blackberry Hosting services which is not an option here so I deleted it. I'll tell you what I found out on my own though.

blackberry pearlFor this upgrade you pretty much have three ways of doing it. One is you backup your database, then upgrade and hope for the best. For 98% of you this is fine. The upgrade is supposed to be a fairly smooth one. I have some friends at another company that did this and it worked for them.

The second option which we are going to do is use a cut over process. You build a second almost identical server. You backup your database from the original, restore it on the new, then you shut off services on the old server and turn services on the new server. Once services are on the new server you upgrade the new server. This way is good because if there is a problem with the upgrade you can go back to the old server and resend service books.

The last option which we were going to do is called the phased migration process. This is really the optimal way of doing it because you can slowly migrate users a little at a time and monitor everything in case of problems. If there are issues it only affects the small group, and not everybody, and you can always migrate them back if there are problems. The reason we didn't go for this is because to do this you need to purchase a $1000 migration kit due to the need for additional SRP credentials.

I should be doing this upgrade Friday. I will let you all know how it goes.

Jan 20, 2008

How To Take Care Of Your Computer Hard Drive To Prevent A Crash

The computer has become one of the most important tools in our daily lives. In fact, there are so many people all over the globe who simply can't live without this technology. These people usually work and communicate through their compute that when their personal computer would malfunction, it would seem like the world have caved in on them.

Technically, all computer hard drives would eventually fail us. These are just hardware that could weaken with age, constant use, mishandling and worst of all, the intrusion of computer viruses that have the power to wreck havoc on our computer systems. However, the good news is that we can actually prevent our hard drive from crashing down sooner than they should. Of course these ways and means of preventing hard crashes is not foul proof as there are always some factors, which we cannot seem to control at all. However, let us look at the bright side of things.

computer crashAs for viruses that are often deadly when they latch into our system, one can install effective anti virus software that detects the virus as it try to enter into our system. We can install firewalls to create a barrier and prevent intruders from entering into our systems. If we can keep out the viruses from our hard drives, our files will be safe.

Now, viruses are not the only threats to our hard drives. Overheating could also cause our hard drives to malfunction and damage our files. Although in the past, over heating of the hard drive may not be very noticeable as our computers are still using lower speed, the new models of computers are processing data at very high speed that overheating of the drives in now becoming a threat.

Although our present day computers are equipped with built in fans and cooling system, the speed at which our present day computer process data could raise the temperature in the hard drive to about 70 degrees F. Such temperatures could cause computer crashes as some of the parts of the computer would melt under the heat. The bad news about this situation is that is would be very difficult, in fact it is nearly impossible to recover data in hard drives that crash down due to extreme heat.

To prevent your computer from over heating, you should make sure that the cooling system thereof is functioning properly. Make sure after you use your computer for sometime, you will allow the hard drives to cool off. It would also be a good idea to provide additional ventilation to your computer if you are going to use it for a prolonged period of time in a single setting. You may also get one of those monitoring software tools to alert you in case your computer have reached a critical level of heat.

By Gregg Hall

Gregg Hall is an author living in Navarre Beach, Florida. Find more about this as well as a hard drive data recovery at Internet Computer Repair. Article Source: Keyword Articles.

How to Manually Update any FireFox Extension XPI File

OpenSource is perhaps one of the greatest things about the web. Using OpenSource programs, however, can sometimes be frustrating because when some programs are updated, others are not. Usually, you will have to either wait for updates of your non-workable programs or delay the updating of other programs to retain functionality. With FireFox extensions, however, you can usually update yourself. Let me tell you how.

  1. Download the extension you want to update to your hard drive.

  2. Rename the extension from *.xpi to *.zip

  3. Open the file with your .zip application.

  4. Open "install.rdf" with your favorite text editor.

  5. Change the "maxVersion" setting as in the following example: REPLACE maxVersion=1.0+ WITH maxVersion=1.5.*

  6. Replace the "install.rdf" file with the one you just edited.

  7. Rename the extension from *.zip to *.xpi

  8. Install your updated extension.

girl firefox logoCongratulations! You just updated your extension, which in most cases will work with the higher version. It is that easy.

By now, you have figured out (correctly) that an XPI file is just a modified ZIP file. It is not exactly the same, however. You will notice that this does not work if you create an entirely new zip file. You must edit the original one. In addition, you will also notice that the file "install.rdf" is actually an XML file, which also makes sense. Many OpenSource applications put installation settings and other important instructions in XML files.

Without a doubt, the best way to learn about how things work on the web is to jump in and do things yourself. Updating your non-workable FireFox extension is a great example.

By David Picella

David Picella is a Family Nurse Practitioner and PhD Student at UW Milwaukee who studies women's health issues and NaProTechnology. He also writes computer technical articles. You can find additional technical resources for this article in the technology section at: http://www.majella.us

Jan 19, 2008

Copying DVDs Is As Easy As Pie

Often, dvds are expensive and need to be backed up. However, a lot of people misuse this and using software technology, rip off and copy dvds to share among friends. The worst part is that people do not stop there either. Some even go and put it up on the Internet for others to download and copy. This is against the law. The biggest concern today is how to stop piracy. Although no foolproof method has emerged, companies are trying their best to copy protect as much of their media as possible. This makes it hard for the serious consumers to copy and backup their dvds.

DVD disks are encrypted with something called the Content Scrambling System (CSS). The DVD player decrypts the data on the fly as it's reading the disk. People who want to make a DVD player have to get an expensive license to this secret encryption algorithm from the DVD Copy Control Authority (simply "Copy Control"). Each applicant gets his or her own secret key with which to unscramble the DVD so it can be played. And if one of those keys were to fall into the "wrong hands," then future DVD disks could be made so that key wouldn't work on them anymore.

Even with all of these precautions there is still tons of DVD copying going on today. How? When the DVD first came out, no unscrambler or player was built for linux so the Linux community made their own program to descramble the code. This made Copy Control go mad. They took the programmer and lots of people to task but this did not help. The cat was out of the bag and there it would stay.

Why should people copy in the first place? If people got good and low cost services from the Internet, then they wouldn't copy dvds for reselling and copying. Making pirated home dvds is not very cheap and hence a possible solution to the problem could be that movies should be put online at a low cost and old episodes should be stored for viewing at a yearly cost.

Instead of thinking about this, the DVD copy control has declared a war on all its users. This simply makes people more and more irritated by which they bring out copied dvds. For example, before even DVD uncoding software was made by linux programmers, pirated dvds were shipped from Hong Kong at a very low price.

Now an important question has come up. How safe is it to link to information in cyberspace really? The DVD copy control association has gone ahead and sued 72 people in the US for posting the keys to descrambling. As I said earlier, this is the code the linux community developed to unscramble and read dvds. Is it right? Who can say? Is it fair to blame everybody who links to it? Time will tell. It is however not fair to use old laws to judge cases involving new technology and even newer products.

By: Sandra Stammberger

S. Stammberger was the editor of Copy Software Tools (http://www.copysoftwaretools.info) which doesn't appear to be online anymore. To find out how to copy dvds, vhs, and cds the easy way, read my post on RipIt4Me free DVD Ripper.

Article Source: Keyword Articles

Jan 18, 2008

Are Hard Disks Going To Be Obsolete in a Few Years From Now?

Hard drives have ruled the roost in the world of computers and laptops for the last few decades. They enjoy complete dominance as primary data storage devices and have now even begun to be used in such consumer electronics devices as DVD players and mobile phones.

There has been no technology until now that was able to come close to hard drives in terms of data storage capacity, reliability, functionality and cost. The commonly available hard drives have capacities of 80 GB, 120 GB and 160 GB. This is a huge amount of storage space available to a typical computer user. Hard drives are also quite cost-effective and easily affordable by anyone.

Burning hard DriveHowever, they have some drawbacks. The drives are based on decades-old technology and their basic design has remained more or less the same over the years. They are notorious for crashing unexpectedly, leaving the users staring at the prospects of total data loss. Also, hard drives are mechanical and have many moving parts which undergo tremendous wear and tear in the space of just a couple of years. There is an entire range of data-recovery companies which today caters exclusively to recovering data from crashed or damaged hard drives! It seems, though, that things are finally going to change in the near future.

Over the last three or four years, an entire new data storage industry of ssolid-state device (SSDs) has emerged that has begun to look like a serious threat to the market dominance of the tried and trusted hard-disk technology. The flash-based drives and data storage media have steadily gained in popularity with computer users.

SSDs have always been the storage devices of choice for use in digital cameras. Commonly available flash-based memory cards come in capacities of 1 GB to 5 GB and can store thousands of high-resolution pictures. SSD storage media is also being used in mobile phones to store pictures taken from built-in cameras as well as for holding hundreds of songs that a user can listen to anytime.

Large Flash DriveSSDs have many advantages over hard disks for storing digital data. For one, they are very small, no larger than your thumb, and weigh very less. This considerably reduces the weight of digital cameras, laptops and mobile phones which a typical user has to carry with him in person.

Additionally, SSDs have no moving parts. Thus, there is no question of wear and tear or generating heat through friction. There is no maintenance cost involved with SSDs because there are no mechanical components which may go bad or need replacement over time.

Another benefit of these SSDs is that they hardly use any electricity to store or access data. There are no platters to be spun around by a spindle motor like in a hard drive and there is no elaborate circuitry that may get fried or corrupted. It is simply one single piece of solid state memory with a tough plastic coating. This energy-saving feature of SSDs is a boon for laptops which currently have to expend a large amount of battery power in operating their hard disks on which reside all data, software and operating system.

Flash-based SSDs have long been used in computers and laptops in the shape of tiny USB Flash drives for storing and transporting digital data. These drives have had a couple of drawbacks – price and capacity -- that until now prevented their large-scale use in computers as primary storage media. However, recent developments have given a major boost to the potential of flash-based drives as an alternative to hard disks.

Early this year, SanDisk corporation launched a new 32-GB solid-state drive for use in computers and laptops. It is unbelievably fast, boasting of a data-access speed that is 100 times faster than a hard drive. One can only imagine the speed at which it will allow a computer to boot up as well as load software! If this is the shape of things to come, then, indeed, it seems that the mechanical hard drives are going to be an endangered species in the next six or seven years.

The only problem with SSDs is their price, which is exorbitant compared to the storage capacity that hard drives can offer for the same amount of money. However, it is still early days. As the technology matures and scale of production increases manifold, it is only a matter of time before flash-based drives become as high capacity and inexpensive as hard drives.

When that happens, there will be a paradigm shift overnight and large-capacity flash-based drives will take the place of hard drives as the primary storage media of computers and laptops. The hard drives would then become obsolete and go the way of floppy drives – consigned to the history bin of the information technology industry.

By James Walsh

James Walsh is a freelance writer and copy editor. If you are concerned about data loss and would like more information on Data Recovery see http://www.fields-data-recovery.co.uk

How Much Ram is in Your Box?

I have just completed another poll. Sorry I didn't have this one open as long as I normally do, but that did not stop a bunch of you from answering. The poll asked you Bauer-Power readers how much RAM you guys had in your computer. The poll is closed, and the results are in. The numbers make me just so damned proud!

Almost half of you answered that you have 2GB of RAM in your box! That is great. I personally don't like anything less than 2GB myself. 23% of you even answered that you had more than 2GB. Unless you are a gamer, or you are running a server more than 2GB may be a little over kill, but still very cool.

Here is a chart with a break down on the numbers:

how much ram is in your computer, good amount of ram in your computer

For those of you still sporting 256MB that is just sad! Seriously, you need to add more ram, or get a newer machine with more RAM. Are you wondering why it is so slow with all the newer applications? Stop wondering!

Don't forget to checkout my newest poll on the right. I want to know what kind of power supply you are packing! This is inspired by my new 800 watt beauty I got in the mail today from NewEgg.com because my 650 watt one just gave out on me Wednesday. You have plenty of time to answwer this time, so let me know what you've got!

Jan 17, 2008

Some Things To Know About Digg's Shout Feature

I have a lot of friends on digg. Sure some of you may have way more than me, and if so that is great. The purpose of this post isn't to measure who has more friends. This isn't MySpace after all.

One thing about having a lot of friends on digg is it give you the ability to get the items you are submitting in front of more eyes, and in doing so you get more diggs. If you have a lot of friends and they all digg your submission it can give it the momentum it needs to get to the front page.

The best way of letting your friends know about your new submissions is the digg shout it feature. It allows you to post something new, then tell your friends about it and ask them to digg it for you if they like it. The problem with it is that it can be abused. To combat what digg has deemed "shout spam" digg put some limitations on the shout feature. These limitations are something you need to know.

  • The first thing you should know is that you are limited to 20 shouts at one time. Have you wondered why you have 300 friends, but the "shout to all" button never works? That is because you can only shout in 20 person bursts.

  • The second thing you should know is you can only shout to a maximum of 60 people before you get the error message telling you to slow down. Now this maximum is not set on a per day basis. You just have to wait an hour or so before sending more shouts out. Make sure you keep track of who you send shouts too because I hate duplicates!

  • The last thing I wanted to make sure everyone knows is that the shout button IS NOT BROKEN! What I mean by that is when you select 20 of your friends to shout to, and you type in your little, "digg me" message then hit shout it takes sometimes 30 or 40 seconds to send it. Sure digg needs to do something to fix it, but it is not broken per se. Patience is key! I just spent all morning catching up on shouts and I am sure half of them were duplicates because people were getting impatient so they hit the send button a couple of times. JUST HIT IT ONCE!

I am sure there are more things to know about the shout feature. If you know of any more limitations, or tips people should know that I missed please hit me up in the comments.

Jan 16, 2008

Mac, PC...and Linux?

I have posted about the Mac vs PC ads on tv in the past. I love them, they are so funny. I am certainly not a Mac guy, so it isn't about Mac fanboy love, they are just a kick in the pants.

I found this video on Youtube that spoofs not only Mac and PC, but they throw Linux into the mix. The guys that made this certainly got Linux nailed down. Check it out:

There are a whole series of these on Youtube. Just do a search for mac vs pc spoof and you will find a bunch of these.

How To Save Extraordinary Amounts Of Money On Ink

Please read this article it could save hundreds or even thousands of dollars on ink cartridges. I've been in the cartridge refill business for 6 years now and there's one thing that I have learned. There is a lot of BS going around about ink cartridges. I'm here to set you straight and save you plenty on ink.

Of coarse the manufacturers will try to force you to buy their cartridges and that's understandable because of the very high markup on ink cartridges. They will try to make you think that compatible or refilled cartridges will damage your printer. Lets look at it this way if you used 5 compatibles you would save enough to buy that $99.00 printer. So what are you afraid of?

Now let me tell you I have customers bringing their printers to my shop all the time. The fact is print heads clog up just as often with originals as they do with compatibles. There is no magic in original cartridges, although billions in advertising has brought the manufacturers to almost the level of gods in some people's minds. In fact some of the newer color cartridges with the pigmented ink are the worst of all. After the ink dries it's almost impossible to dissolve even with their cleaner.

One of my customers bought a printer on Ebay and it was promptly shipped out and arrived 3 days later. But the sender had removed the cartridges and put them in plastic bags. This is not the thing to do! The heads were so dried out that that manufacturers own cleaner wouldn't unclog it. This was with original manufacturers cartridges. If you ship a printer be sure and leave the cartridges in it.

With spectrometers and other equipment ink manufacturers can very closely determine what is in ink and duplicate it. You know scientists can tell the composition of stars billions of miles away, do you think it's a problem to tell what in ink?

I had a customer come in one day and he had on of those expensive printers that take 6 cartridges. He said well I'll try just 2 to see how they work. He didn't sound very convinced. He came in a few days later and said I couldn't hardly believe it If anything the pictures look even better.

What happens is that when a printer clogs up it is immediately blamed on the ink compatible or refilled cartridge. When the problem is that the printer hasn't been used often enough. Another thing that happens is that printers have a parked position where the print head sometimes drip some ink. This area usually on the extreme right of the printer is always black with ink and most people don't even notice it. But after getting a cartridge refilled or using a compatible they go looking for ink and then they spot this ink and say your cartridges is leaking all over the place. They have heard that refills leak. Properly filled cartridges do not leak

What basally causes clogs is the printer isn't used often enough. I recommend printing a page every day or two. I see some manufacturers recommend printing at least every two-week but I have found this isn't nearly often enough. I have seen on the Internet a free utility made for this that automatically prints a page a day. Maybe you can find it. . On refills if the empties have been sitting around for weeks or months there may be a problem with clogs. The fillers may have powerful equipment to clean cartridges but dried up ink inside the cartridge can break loose later causing a clog.

At my business we basally fill the customers own cartridge. So if the customer brings it to us in a reasonable length of time there is no problem. However after years of trying to educate people it still happens that some still let them set around for months before getting them filled.

So after all this how much can I save? If you can use compatible cartridges you can get good American made cartridges at a savings of 70% or more. Now that's like buying gas at 75 cents a gallon, now that what I call a savings. If compatible cartridges aren't available for your printer you must use refills and can save 25 to 40%. In another article what's The Best Printer and Why I explain the difference between these types of printers.

Money gets tighter and tighter for many people. It makes sense to save money where you can. Some schools and other large users could be saving thousands and the taxpayer is paying the bill. You can also do refills yourself but some of the newer cartridges are difficult. I will have an article on this later. I'm for the little man. I see on some forums people recommending that you use originals only. I can only say I think they are repeating what they have heard from others. I doubt that they really know much about the subject. If you use refills and let your empties set around for months before refilling

By Richard Sherland

About the author: Richard Sherland has been in the cartridge refill business for six years.He is affiliated with Global Ink a factory printer cartridge and computer accessories manufacturer he also has an ezineFree information on many subjects

Article Source: Keyword Articles

Jan 15, 2008

Just How Secure Is Your WPA Encrypted Wireless Network?

We all know how crappy WEP is. It has been proven time and time again that it can be broken. I have even done posts on cracking WEP. What about WPA? WPA is supposed to be pretty secure right?

One of my favorite tech sites on the interweb, Hak.5 (http://www.hak5.org) decided to put their own WPA access point to the test just to see how secure it really was. They used the eeePC, Backtrack 3, and Aircrack-ng to see if they could Hack their AP. Want to know if they did it or not? Watch their video:

If you want to watch this full episode, you can catch it on Youtube here (Hak.5 Youtube) or you can download it directly from their website. (http://www.hak5.org)

So what's the moral of the story boys and girls? Strong passwords!

If you have a wireless access point, make sure you have a complicated enough password so that it will be virtually impossible, or take an un-godly amount of time to guess. You want to make your network harder to hack than the next guy's. Nine times out of ten, the average hacker will go for the easier target. Don't let your access point be the easy hack!

Jan 14, 2008

Make Windows XP Look Like Fedora Linux!

Every now and again I post software to transform your boring Windows box and make it look like something cooler. A few months ago I wrote about the Vista Transformation pack for those of you not willing to endure the pain of Vista, but still want the prettiness of it. Not too long after that I wrote about a tool bar to make your Windows XP box look more like MAC OSX, and somewhere in the comments somebody mentioned yet another method.

What about you Linux fans? Do you have all things linux at home, but at your day job you are forced into a world of Windows? Would you like to take some of your dignity back? If so, I have something cool for you.

It is the Fedora Transformation Pack for Windows XP. It is a skin that makes Windows look a lot like Fedora Linux. You can impress your friends, and show your ultimate geekyness by making Windows XP look like Linux.

I read a while back about some other packs like this, including one for Ubuntu. I will try to track it down and write about that at a later time. Until then, enjoy your new Fedora look!

Jan 13, 2008

Checking CD or DVD Images: Virtual Disk Drive

There have been plenty of times when burning disks that I have incidentally made a few extra coasters. It is inevitable really. Most often, the problem is with the media. If you buy cheap disks you get a lot of bad burns. This can be fixed sometimes by burning the disk at a slower speed, or by making sure the disk is cleaned first.

What if you have a bad disk image though? What if there is a problem with the burning utility you are using and it somehow corrupts the data when creating the disk image (Even if you burn straight to disk the burning utility first creates a disk image in a temporary folder before actually writing). If the data is bad, the burn will be bad. It is that simple.

In order to prevent bad burns, you have to have a way to check the image. The way I do it, is by using a virtual disk drive. There are a few out there, but my all time favorite is Daemon Tools. Daemon Tools lets you mount the disk image and browse the files, or if it is a movie disk, you can play it on your software DVD player just like you would if you slipped a DVD in the drive. You can ensure your data's integrity before you waste money creating coasters.

Another good use for it, as I mentioned above, is for playing video's without the media. If you backup a movie to your laptop hard drive using something like RipIt4Me, you can bring a movie with you on a business trip without having to carry extra disks. It's all about convenience, and Daemon Tools brings that convenience to you for free.

So whether you need to check your data before burning, or you just want to limit the amount of DVD's and CD's you have to carry with you, you should take a gander at Daemon Tools.

Jan 12, 2008

Open Source E-mail Encryption

"...Perhaps you think your email is legitimate enough that encryption is unwarranted. If you really are a law-abiding citizen with nothing to hide, then why don't you always send your paper mail on postcards? Why not submit to drug testing on demand? Why require a warrant for police searches of your house? Are you trying to hide something? If you hide your mail inside envelopes, does that mean you must be a subversive or a drug dealer, or maybe a paranoid nut?..."
-Philip Zimmerman, Creator of PGP

Of course it doesn't, it simply means you value your privacy.

PGP, or more specifically OpenPGP is a great, and more importantly FREE method of securing your data and your e-mails. You don't want "The Man" reading your e-mails, and neither do I.

There are many PGP and OpenPGP programs out there, but the one that is the most versatile that I have seen is called GnuPG. It comes in some form for every operating system. It comes standard with Ubuntu Linux, and there are versions for Windows and MAC.

If you are a fan of Mozilla Firefox, and Thunderbird like I am, then you will be happy to know that there are GnuPG plugins for both of them. Enigmail for Thunderbird, and FireGPG for Firefox. Of course you have to have GnuPG installed for the plugins to work.

If you have any doubts on the strength of the encryption, it uses PKI and the encryption keys can go up to 4096 bits, which is so strong that if you take all of the computing power on the planet it would still take something ridiculous like 10 billion years to crack (Give or take). I also found a quaint little article here about how the FBI has problems cracking PGP.

"So ya ya ya, yackity smackity... where do I download this fantastic software?"

I thought you would never ask. You can download it from the following sites:





Nominate Bauer-Power For A Bloggie

It's that time of year again. Time to vote for your favorite blogs of 2007 and I am asking all of you loyal Bauer-Power readers to nominate Bauer-Power for a 2008 Bloggie. You better hurry up though because nominations will only be accepted until January 11th at 10:00PM Eastern.

Here are is how it works according to the Bloggie website:

From now until 10:00 PM Eastern Standard Time (GMT-5) on Friday, January 11, 2008, anyone can nominate their favorite weblogs.

That Sunday, January 13, three panels of 50 voters will receive an e-mail. It will list the weblogs that have received the most nominations in ten categories. They will have until 10:00 PM EST on Friday, January 18 to privately submit their five favorites (six for Weblog of the Year) for each category. The five (or six for Weblog of the Year) receiving the most votes will become finalists. I (Nikolai Nolan) will only vote for the panel in the case of a tie for fifth place. This panel is on an opt-in policy; there is a checkbox on this form for it.

On Tuesday, January 22, the finalists will be announced and voting will be open again to choose the winners.

Voting will close at 10:00 PM EST on Thursday, January 31. The winners will be posted sometime between Sunday, March 9 and Tuesday, March 11.

Please feel free to nominate Bauer-Power for any categories you think suits us! To nominate Bauer-Power Click Here:(Nominate Bauer-Power) scroll to the bottom and fill out the forms! You must nominate three weblogs or they will not take your submission. If Bauer-Power is the only blog you know about here are some of my favorite blogs, and perhaps you can nominate them with mine:

Thanks in advance for your support!

Twitter Delicious Facebook Digg Stumbleupon Favorites More

Design by Free WordPress Themes | Bloggerized by Lasantha - Premium Blogger Themes | stopping spam