Column: An end to spam?

By jeremy | November 24, 2011

Loose Wire — Exorcism for Spam: A theory devised by an English vicar and adopted by smart anti-spammers is your best bet for keeping spam out of your inbox

By Jeremy Wagstaff

A milestone, of sorts, was passed last month. According to MessageLabs, a United States-based company that studies these things, the Internet for the first time handled more spam e-mail messages than normal e-mails. In other words, for every legitimate e-mail sent, there was at least one spam, or unsolicited junk e-mail, sent. Compare that with a year ago when the ratio was about one spam for every 20 e-mails. A year before that? One in 1,500. Spam was never pretty, but it’s getting ugly, and something has to give. But what?

Spam is a business, and understanding that is halfway to embracing a solution that works. Why, for example, does MessageLabs spend so much time counting spam? Because it sells services and software that help companies avoid it. In fact, spam is, I suspect, much more profitable for the folk who clean it up than the guys who put it out. Think about it: It costs a spammer very little to send one e-mail, and only one in 10 million to generate a sale to stay in business, but God knows how much in lost man-hours for you or I to receive it, open it, read it, feel slightly nauseous, discard it and then wander over to the water cooler to complain to colleagues about it. There are conflicts of interest here that make me slightly uncomfortable advising you to buy products to keep out what shouldn’t be in your inbox anyway.

So here’s my solution: It’s simple, costs you nothing and will improve as you get more spam. Most anti-spam software looks for things it recognizes as spam-like: words like “Viagra,” for example, and filters it out. But this isn’t always that effective — replace “i” with “1” and you have v1agra, or add some invisible formatting code in the middle of the word, so the word looks the same to a reader, but different to a spam filter. So as spammers get more cunning, filters have to get smarter. This is why using logic, rather than keywords, makes sense. Enter an 18th-century vicar called Thomas Bayes from the English town of Tunbridge Wells. He devised a probability theory that has become a useful tool in gauging whether e-mail is spam or not.

Briefly, Bayesian filters look at the content of e-mail (including the headers, in most cases, and the hidden code in e-mails, called HTML, that organizes fonts, colours and pictures), slices it into bits — words and chunks of code — and judges the probability of each bit being evidence of spam. It will then scrutinize the 15 most interesting bits and add up their probabilities (0.99, for example, meaning 99% likely it’s spam) and then cast judgment on the e-mail. The more you prod it along — yes, this one is spam; no, this one looks like spam but is actually my Auntie Edith suggesting I have plastic surgery — the better it gets. And of course the more e-mail you get, the more it has to play with. Bayesian filters don’t just look for matches, they look for patterns of behaviour that give spam away.

For starters, try POPFile which will work on most operating systems and with most e-mail programs. If you’re squeamish about manual tweaking, check out Spammunition for Outlook or SpamBully for Outlook or Outlook Express ($30 from www.spambully.com).

On top of that, try a trick of my own: Ask colleagues or friends to assign agreed tags to subject lines and set up your e-mail program to recognize those tags and filter them into special folders. [Meet] for example, could be used to relate to meetings, [Budget] for stuff related to how much money you plan to waste that year and [Fire] for e-mails alerting staff they’re being downsized. Such e-mails would then leap past any filters and be easy to search for. Spam’s not going to go away soon, but with good filters you need never see it in your inbox again. Or go to the water cooler.

Column: spyware

By jeremy | November 24, 2011

0 Comment

Loose Wire — On-Line Ad Attack: It’s Pop-Up Hell: If ads keep creeping across your screen, you may be a victim of spyware — software that monitors your our surfing habits; It’s time to get rid of the invaders

By Jeremy Wagstaff

Imagine you’re window-shopping in the mall when you notice a guy following you. Suddenly he steps in front of you, smiles knowingly and holds up a billboard advertising a new cream to remove unsightly back hair. How, exactly, would you feel about this: (a) Happy to encounter a fresh face amid the urban alienation that is the mall? (b) Disgusted that advertising has become so blatant, and make a mental note to write to your congressman/member of parliament/yoga teacher on the matter? Or (c) Somewhat freaked out that, given it’s deep midwinter and you’re wearing a North Face puffa jacket with the hood up, this person knows you have Follicularly Unusual Reverse Issues (known by its medical acronym, Furi)?

If you answered (a), then good luck to you. Not sure you need the sort of help I offer in this column. If you answered (b) or (c), then you’ll be pleased to know that while that kind of thing doesn’t happen very often in the shopping mall, it happens on-line. A lot. The only problem is that, unlike at the mall, you can’t call a policeman and have Placard Guy arrested.

Welcome to the wacky world of “behavioural marketing.” Enter, stage left, a United States-based company called The Gator Corporation. Enter, stage right, a student at Harvard Law School’s Berkman Centre for Internet and Society called Ben Edelman, one of the few people who have spent time trying to figure out how software from companies like Gator works.

What happens, Edelman reckons, is this: Gator presents itself as an innocent, free, program that helps you fill in on-line forms, remembering your passwords. You, the innocent surfer, download it and pretty soon you’re starting to get ads appearing over your browser window. Some pop up over what you’re reading, some appear behind it. Some slide across the screen. You, being innocent and unsuspecting, figure they are from the site you happen to be visiting. Later, you notice eerily relevant ads appearing where they shouldn’t be: an ad for a rival shipping company when you’re visiting DHL, say. Or a loan offer when you’re checking your bank account. This is the guy with the personalized billboard stalking you; this is behavioural marketing.

How can a piece of software that’s supposed to be helping you store personal information suddenly seem to know what you’re looking for on-line? The answer’s not a simple one, and it tells us something about how unregulated, and potentially hazardous, the Internet frontier is. Ben Edelman’s research tells us this: Gator software, once installed, will transmit your browsing habits — which Web sites you visit, how long you stay there, a unique ID number Gator has assigned you, and, for good measure, your zip code — back to Gator HQ. Based on that information, Gator HQ will transmit packages of targeted ads to your computer, which will then pop up miraculously as you browse the Internet.

Needless to say, a lot of companies are not too happy about this. How would you feel if your carefully designed site was suddenly being blotted out by someone else’s ads, especially if they were from a rival? Quite a few have launched legal challenges, including Dow Jones (the publisher of this magazine), which last year joined a group of 10 Web-site publishers in claiming that Gator’s pop-up ads violated copyright and trademark laws and allowed Gator to profit unjustly. This and most other cases have been settled before going to court, and their settlements have remained confidential.

What irks me is not that this software prevents companies from displaying what they want to on a screen (unless it happens to be over this column), but that it abuses the trust of casual Internet users. While Gator acknowledges it’s on your computer, it misleads you about what it’s really doing there. And plenty more such software — labelled “spyware,” for good reason — doesn’t even tell you that. And they’re a nightmare to get rid of: Uninstalling Gator normally, Edelman says, won’t necessarily remove it entirely, meaning it is still communicating with Gator HQ. What’s worse is what we don’t know: Gator says on its Web site that data it collects is not used to profile individual customers and declined to comment for this article, but in a recent interview with on-line tech magazine CNET, Gator’s senior vice-president for marketing, Scott Eagle, said of Edelman’s research: “Eighty percent of the magic is what he’ll never see. He’s only touching a part of the elephant”. Oddly, I don’t find that reassuring. As Edelman says of Gator: “From the design of the system, it could be tracking users’ behaviour in incredible detail.”

So what’s the solution? The simple answer is to banish all spyware. It slows things down, spits out information you should keep to yourself, and it fires back ads you could do without. Ad-aware from Lavasoft (www.lavasoftusa.com/software/adaware) does a great job of finding spyware on your PC and removing it safely. Be wary of free software offers, especially file-sharing services, screen savers, browser utilities, and “shopping assistants” (software that checks out prices for you), and, if you can’t be bothered to read all the legalspeak in user agreements, don’t install the software. And good luck with the back hair.

Here are some more tips to help you avoid spyware. If you need help storing passwords and personal details so you can access them on-line easily, try Siber Systems RoboForm software, which does everything that Gator does without the sneaky bits. Most browsers these days have features that do a lot of this, too: The latest version of Opera has a “wand” function that handles all your passwords, and has long sported a feature that can prepare your personal information (first name, gender, zip code) so you don’t have to type it in every time you visit a site that needs it.

For blocking pop-ups, try PopUpCop ($20 from www.popupcop.com), designed by a guy called Peter Eden who seems to take the whole thing very seriously (thankfully). Another spyware detection tool if you don’t like Ad-Aware: Patrick Kolla’s Spybot Search and Destroy (to be found at http://security.kolla.de/), which is both free and highly regarded.

To read more of Ben Edelman’s work on Gator, check out his Web site: http://cyber.law.harvard.edu/ people/edelman/ads/gator/. Still not enough? Check out ScumWare (www.scumware.com), which promises “the latest information on the lowest forms of Internet-traffic hijacking.”

Column: Under the Wire

By jeremy | November 24, 2011

0 Comment

UNDER THE WIRE

The Latest Software and Hardware Upgrades, Plug-Ins and Add-Ons

History Scanned

The past is being digitized — fast. The ProQuest Historical Newspapers program has just finished scanning more than a century of copies of The Washington Post to its existing database. The database includes each page from every issue, in PDF files, from 1877-1987. The program has already done The New York Times (1851-1999), The Wall Street Journal (1889-1985) and The Christian Science Monitor (1908-1990).

Cellphone with Character

Somewhat belatedly, Nokia is getting into the handwriting phone thing, aiming itself squarely at the huge Chinese market. On May 20, it unveiled the 6108, created in the firm’s product-design centre in Beijing. The keypad flips open to reveal a small area on which Chinese words can be handwritten with a stylus. A character-recognition engine will convert the scrawls into text, which can then be sent as a message. The phone will be available in the third quarter.

Security Compromised

A new survey reckons “security breaches across the Asia-Pacific region have reached epidemic levels.” In a report released last week, Evans Data Corp. said that 75% of developers reported at least one security breach — basically any kind of successful attack on their computer systems — in the past year. China is worst off, from 59% of developers reporting at least one security breach last year to 84% this year. It doesn’t help that most of the software is compromised: Tech consultant Gartner has recommended its clients drop Passport, the Microsoft service that allows users to store all their passwords, account details and other valuable stuff on-line, saying Passport identities could be easily compromised. This follows a flaw revealed earlier this month by Microsoft after an independent researcher in Pakistan noticed he could get access to any of the more than 200 million Passport accounts used to authenticate e-mail, e-commerce and other transactions. Microsoft says it has resolved the problem and does not know of any accounts that were breached. Gartner’s not impressed: “Microsoft failed to thoroughly test Passport’s security architecture, and this flaw — uncovered more than six months after Microsoft added the vulnerable feature to the system — raises serious doubts about the reliability of every Passport identity issued to date.”

Son of Napster

Apple’s apparent success with iTunes seems to have prodded some action in the on-line music market. Roxio, maker of CD recording software among other things, said last week it would buy PressPlay from Universal Music and Sony Music Entertainment for about $40 million in cash and rename the whole caboodle Napster, which it earlier bought for $5.3 million. Pressplay offers radio stations and unlimited tethered downloads for $9.95 a month in addition to song downloads that allow for CD burning. My tuppennies? None of this will work unless companies put no restrictions on the files downloaded. Emusic does it that way and it’s why a lot of people keep coming back.

Column: USB and the CIA

By jeremy | November 24, 2011

1 Comment

Loose Wire — How to Steal CIA Secrets: It’s as easy as USB; Universal Serial Bus drives are getting small enough to hide in coffee mugs, and you can attach them to most computers and all sorts of other gadgets

By Jeremy Wagstaff

I got some flak last time I was rude about how implausible technology is in Hollywood movies, even supposedly authentic fare such as Minority Report, The Bourne Identity and Mary Poppins. One comment was “grab a beer and chill out, dude, it’s only a movie,” though that doesn’t count because it was from my mother.

But I can’t help venting my spleen, if that’s what you do with spleen, after watching The Recruit with Al Pacino and Colin Farrell. It’s a thriller revolving around a recruit (no, really) to the Central Intelligence Agency trying to smuggle a top secret program out of CIA headquarters at Langley. There are some neat gadgets in there, such as biodegradable bugs and a program that hijacks nearby television screens. But the premise is that it’s well nigh impossible to steal data from the CIA since none of its computers have floppy drives, printers or (presumably, if we’re going to get finicky) infrared ports or Bluetooth dongles. In short, how do you transfer data if you can’t download it? I wanted to shout out suggestions but my friends, alerted by previous visits to the cinema, had gagged me beforehand.

Anyway, not a bad idea and not a bad movie. Except (skip the rest of this paragraph if you intend to watch the movie) someone succeeds in downloading the top secret program by plugging a USB drive into a USB socket on a CIA computer (USB is a commonly used port that allows users to connect gadgets to their computer). She then hides the said drive — about the size of a lighter — in her aluminium coffee mug. I mean, duh! I can’t believe they have USB sockets in Langley and that the X-ray machine confuses a gadget for coffee dregs. Tsk.

Anyway, it made me realize that Hollywood really, really needs my help in making their scripts believable. So here are some ideas for future movies, all involving existing USB gadgets:

— Our hero penetrates high-security installation, wanders nonchalantly up to floppy-less computer, and accesses USB port (inexplicably left on computer despite it being responsible for massive security breach as revealed in The Recruit). Uncoils USB cable from watch strap, plugs into USB port, downloads data into USB watch from German company LAKS (between $40 and $95 from www.laks.com).

— Our hero wanders nonchalantly up to floppy-less computer, plugs USB drive into USB port (amazingly still there despite aforementioned movie and pioneering column from tech writer), and accesses own e-mail via newly released PocoMail PE ($40 from www.pocomailpe.com). Okay, this doesn’t sound that wild, but it’s a great plot twist if you’re using someone else’s computer and they don’t have an e-mail program you need, or, in the case of our hero, you don’t want to leave any trace of yourself (say at an Internet cafe or a public library).

— Our hero has made off with the data on a USB drive. But he’s caught by the bad guys. Being avid readers of this column, they know what to look for and quickly locate the USB drive. But our hero’s drive is a bit different: Made by Singapore’s Trek 2000 International (www.thumbdrive.com), his ThumbDrive Touch has a silver pad that requires the user’s thumbprint before data can be accessed. Unfortunately for our hero, but great for a plot twist, the baddies simply cut off his thumb and plonk it on the biometric pad.

— Armed with a $100 MP306 USB drive from Azio Technologies (www. azio-tech.com/azi0-root/products/MP 306.asp), our hero fails to access the CIA computer because his nemesis has installed a SecuriKey Computer Protection System, Personal Edition ($130 from Griffin Technologies at http://securikey.com/personal/). This looks just like a USB drive but in fact works like a key: If it’s not plugged into the computer, then the computer locks up. Confounded, our hero sucks his remaining thumb and admires the silver metal mini-briefcase that the SecuriKey dongle comes in. Resigned, our hero reaches for his Azio USB drive, dons earphones, kicks back and listens to MP3 music files stored on the drive. Fiddling with the built-in equalizer for improved playback quality, he hears footsteps and quickly switches the USB drive to recorder mode to eavesdrop on two CIA officers passing by, griping about their canteen lunch.

Okay, so not all these plots will win prizes. But one thing I’m willing to bet my DVD collection on: USB drives will replace floppy drives, those flat disks of old, as PC manufacturers add USB ports to new models and remove external disk drives. Prices will drop further, meaning gadgets smaller than lighters will carry gigabytes of data for peanuts. Already you can buy a 1 gigabyte model for $300: Expect to pay half that in a year or less. They will be so cheap people will give them away: Visitors to a recent launch in Britain of Microsoft’s Windows Server 2003 were given freebie press bags with 32-megabyte USB drives inside.

In future, folk will carry around all their programs and data aboard one dongle and run it from any computer they come across, effectively personalizing the computer for however long they’re sitting at it, but without leaving any trace. Wait for the futuristic movie where everyone’s life is stored on a USB drive and every computer in the world is for public consumption. Interested? Call my agent.

Column: the paper mountain

By jeremy | November 24, 2011

0 Comment

Loose Wire — Conquer That Paper Mountain: It’s time to get organized; Here’s some software to help you scan and locate photos and documents; But perhaps you shouldn’t ditch the filing cabinet just yet

By Jeremy Wagstaff

I’m a little suspicious of programs that, adorned with images of bits of paper and photos disappearing into a smiling computer monitor, promise to give order to the junk that is my life. The paperless office never happened — we still make printouts because it’s so easy — and while everyone seems to be photographing digitally these days, that doesn’t sort out our cupboards full of snaps. And even if this stuff does find its way onto your computer, chances are it’s all over the place, in subfolders with obscure names. A sort of digital chaos, really.

I don’t promise an end to all that. And the programs I’m about to tout are not really a new idea, but they both do a better job than their predecessors of helping you to get organized, whether you’re trying to sift through documents already on your computer, or get a handle on your photos.

First off, Scansoft’s PaperPort (deluxe version, $100 from www.scansoft.com/paperport/). Into its ninth version, it’s a lot more sophisticated than its forbears. PaperPort and its competitors allow you to scan documents into the computer, and then let you organize and view those documents into folders of your choosing. You can then convert them to digital text, a process called OCR or Optical Character Recognition, which in turn allows you to move chunks of the original document into a word-processing file. In theory it’s a great way to get rid of paper clutter on your desk, helping you to find those documents — or parts of them — easily, or to convert them to something you can use in your spreadsheet, document or whatever. In practice, it’s too much of a fiddle. Most folk find it easier to locate the hard copy of a document (behind the bookcase, next to the dead cockroach) than the soft one (What name did I give it? What keyword should I use to find it?), so they just buy another filing cabinet.

PaperPort hasn’t resolved the riddle of why we can always locate something under a messy pile of papers, but never after we’ve cleaned up, but it’s a few steps closer to making it easier to handle documents on your PC. First, you can scan them in a format called PDF, short for Adobe’s Portable Document Format, a widely used standard for viewing documents. By working within this standard — rather than PaperPort’s proprietary standard — everything you scan in PaperPort can be accessed and handled by other programs, or by folk who don’t use PaperPort. Common sense, I know, and they’ve got there at last. Another common-sense feature is a search function that allows you to search through an index of documents, whatever format they’re in, within PaperPort.

For a long time I’ve used PaperMaster, now owned by J2Global, the Internet-faxing company, which promises to have an updated version available later this year. PaperMaster does pretty much what PaperPort does, but it’s been doing it a lot longer and it actually looks like a filing cabinet, which I find reassuring. But it doesn’t work well with Windows XP, and is looking somewhat dated. Most importantly, it won’t save your scans in a file format recognized by anyone else on this planet. What’s more, it sometimes loses whole drawers of documents, which kind of defeats the object of the exercise.

So check out PaperPort. It will handle photos too, but if you’ve got a lot of them, I’d suggest Adobe’s new Photoshop Album ($50 from www.adobe.com/products/photoshopalbum/). Album is elbowing for space among a lot of similar products vying for the burgeoning home-photo market, but it has features and a very intuitive interface that I suspect will put it ahead of the pack.

Basically, it can collate pictures from more or less any source — scanning, digital images on your hard drive, on a digital camera, on a CD-ROM — and give you the tools to touch them up, label them, order them around and generally beat them into submission. You can create the usual things with them — albums, video disks, printouts, slide shows and whatnot — all in as tasteful a way as you can expect from a homespun photo album. I particularly liked the way you could tag photos more than once so, say, a picture of your Uncle Charlie doing the gardening in his pantomime costume could be categorized both under Family and Environmental Pollution Hazard. All in all, a smart program, and not badly priced.

Gripes? They’re a bit stingy on the tools they provide to touch up photos, so all the facial blemishes of my adolescent years are still there if you look closely.

These programs won’t change our lives. They may only make a dent in a filing cabinet and photo drawer. But they’re good enough for what they try to do, which is to lend a little order to our pre-paperless lives.