Test Driving Google’s New Public DNS
Posted by Brad Rowley in Google on December 7th, 2009
Google introduced its Public DNS earlier this month. I can’t say there was a lot of fanfare over the new offering, but it does appear that people have been polarized in their opinions. Some believe it will add speed and security to browsing, others see privacy issues and yet other just see Big Brother around every corner. As with any new technological innovation, especially those introduced by über-tech companies like Google and Microsoft, there is a lot of FUD out there right now.
I have switched over my main desktop computer and my netbook to this public DNS server. My impressions (purely qualitative… not very scientific) are that this DNS is somewhat faster that using my ISP’s DNS server. This only stands to reason, as Google DNS does caching and prefetching of lookups. Typical DNS resolution involves, to some degree, searching from a top level domain (e.g. .com, .ca) and then working down until an authoritative resolution can be made.
Even though this does appear to be fast (to me anyway) I’m not ready to switch over some devices, like my Vonage VOIP adapter.
Learn more about Google’s Public DNS by visiting one of these sites (FUD free!)
- Introduction to Google’s Public DNS at Google Code
- Hands On with Google’s Public DNS at PC Mag
There’s also a response from Google’s only competitor in this space, OpenDNS.
Check them both out, give it a try and decide for yourself!
Customizing a Databound RadioButtonList
Posted by Brad Rowley in ASP.NET, VB.NET on December 1st, 2009
Working with radio buttons in ASP.Net is usually pretty easy… but what do you do if you need to retrieve your selections from a database and conditionally format them? You have a couple of choices: Read the rest of this entry »
eBay Vehicle Protection Scam
Posted by Brad Rowley in Security on September 13th, 2009
I have been using the Internet since the early 90s, so I consider myself quite savvy when it comes to spotting online scams.
While scams like the Nigerian advance-fee fraud are fairly easy to spot and avoid, more advanced techniques like phishing are starting to snare more and more people.
I ran across a new method using real web sites to entice people in to visiting bogus ones. While searching on buysell.com, I found a nice little motorhome at a really good price. As the seller had not posted a phone number, I sent an email through the web site. The seller sent an email back, indicating that she was a divorced woman with no license, who was therefore trying to quickly rid herself of the vehicle. She stated that we would use eBay’s Vehicle Protection Plan to perform the transaction. The text of the email is shown below:
Hi,
Thanks for being interested in buying my motorhome!It`s in perfect condition,no scratches,damages and never been involved in any accidents.It has only 80000 km and the price is $2,700 CAD.It has a clear title and free of any liens or loans.Because of my divorce settlement,i own this motorhome and as a woman without driver`s license i don`t need it so i`m trying to get rid of it as soon as possible(that`s why i`m selling it so cheap).We will use eBay`s Vehicle Purchase Protection plan for our both safety,i want only legit transactions.Let me know where are you located and any other details you need about it.
Have a great day!
This is when the alarm bells started to go off. I could understand using this protection plan if you were purchasing through eBay, but this was a local sale. The email also had the hallmarks of scammers; poor grammar and punctuation. So, armed with a feeling in my gut and Google in my browser, I started to do some research.
It would seem that scammers use a legitimate site to display deals that are too good to be true. When the would-be purchaser contacts the “seller”, he/she is directed to use eBay’s Vehicle Purchase Protection. Should the deal progress any further, the purchaser is directed to a site where financial information can be fished, or worse; the buyer is fooled into sending the cash via Western Union or similar agencies, which usually results in an untraceable transaction. eBay, Craigslist and others don’t use Western Union because it is easy for scammers to use it for fraudulent purposes.
So, keep these simple rules in mind when purchasing online:
- If the deal is too good to be true, it usually is
- Only use traceable payment methods like Paypal
- Pay attention to grammar and punctuation
- Private sales should only be conducted in person or a known legitimate site
- Locally-based ads should include a phone number
To learn more about this type of scam, visit the following sites:
Windows Live Messenger Crashes; Possible Fix
Posted by Brad Rowley in Software, Windows Live on April 7th, 2009
I have the latest build of Windows Live Messenger installed on both my desktop (running Vista) and my ASUS eeePC 900HA (XP). Both crash whenever I try to use the Win-E key combination. At my wit’s end, I Googled for hours on end trying to find a fix.
I ran across a forum thread at Adobe that talks about Vista and Flash being the root cause of the crashes. Hmmm, interesting.
I have been testing a couple of Twitter apps that were built using Adobe’s AIR. (AIR is a cross-platform software runtime that lets developers build rich Internet apps.) Reading the thread got me thinking that maybe it wasn’t Flash et al, but AIR alone. I broke out my eeePC, uninstalled AIR and any AIR apps I had installed… no more Windows Live Messenger crash. I will have to test this out on my Vista desktop when I get home, and post my findings.
Update: April 8, 2009 @ 10:05 AM: Well, no joy on the Vista box. Even after removing AIR and rebooting WLM is still crashing on Vista. Damn Flash dependancy! Back to Googling.
Another Day, Another Opinion on IE8
Posted by Brad Rowley in Microsoft, Security on March 25th, 2009
There seems to be a lot of disagreement over whether or not Internet Explorer 8 is a secure browser or not. Pwn2Own claims the browser was exploited during their annual competition; the Internet Storm Center says it probably would have withstood the exploit had the “Official” release been used. Read the rest of this entry »
IE8, FF Pwned at Pwn2Own
Posted by Brad Rowley in Google, Microsoft, Security, Software on March 20th, 2009
Mere days after the release of Microsoft’s latest browser (Internet Explorer 8), contestants at Pwn2Own tried to “pwn” browsers on several platforms. Day one saw IE8, Firefox and Safari exploited. Day two was uneventful, with no exploits of mobile platforms.
The only browser not exploited (so far) is Google’s Chrome. So, without any futher ado…
Update: March 20, 2009
It looks like the version of IE8 used at Pwn2Own may have not been the final release version. Microsoft has stated on their Security Research and Defense blog that “the final release of Internet Explorer 8 on Windows Vista blocks the .NET DEP+ASLR bypass mechanism from malicious websites on the Internet”. If I am understanding things correctly, the combination of the final release IE8 and Vista is quite secure. The Internet Storm Center questions whether IE8 would have been exploited had the competition been held a day later and the “Official” release been available.
Check out the links and decide for yourself if you’re going to install IE8.
More Info on Conficker.C
Posted by Brad Rowley in Alerts, Security on March 20th, 2009
Head on over to the SRI International web site to read a general technical analysis of the Conficker worm, or read the detailed analysis of Conficker.C. Both documents are very informative reading. I was quite surprised to find that Conficker uses a sophisticated peer-to-peer communication scheme and, in newer revisions, very new cutting edge encryption algorithms developed at MIT.
Remember, always keep your firewall and antivirus software running and up-to-date. Conficker.C has great potential to do lots of damage and to spread quickly.
Configuring Your Wireless Router
Posted by Brad Rowley in Security on March 13th, 2009
Given the rise of nasty worms like Win32/Conficker.C, co-workers have asked me about securing the home network. Having a working and up-to-date virus scanner and firewall are important; people tend to forget about securing their wireless router. Here then is a list of steps you can take to lock down your router and reduce your “attack surface”.
Read the rest of this entry »
Alert: Conficker.C Worm
Posted by Brad Rowley in Alerts, Security on March 13th, 2009
A new worm is set to trigger on April 1st of this year. Win32/Conficker.C is a worm capable of blocking security related websites, terminating system security services and downloading component files using time-based generated URLs.
It does appear that this worm also uses a form of DLL injection, which will make it difficult to remove. Matters are further complicated by the fact that the worm monitors and terminates many popular antivirus/process tools.
Make sure you have updated your antivirus and firewall software for this threat. It has the potential to be a bad one!
More OpenID news
Posted by Brad Rowley in Google, Microsoft, Trends on March 12th, 2009
Fresh on the heels of my earlier post…
Microsoft has a Community Technology Preview (CTP) of the OpenID Window Live Provider that allows you to associate an OpenID alias with your Windows Live login. With Google and Microsoft both heavily supporting OpenID, the reality of having a single signon for all your web accounts is getting closer to reality.
For more information, check out the news releases at OpenID and the Window Live ID blog.