My New Life- As A Professional Wirter...

I wrote this a few days ago and didn't get a chance to finish the post or publish it:

Wow... Not in my wildest dreams did I ever think this would happen. I started out on a no name site ghost writing articles for pennies. Now, ever since registering at Odesk things are really taking off for me.

I think I will finish what I was trying to say, as the news just keeps getting better and better. For example, what I was referencing to above was a job that I managed to secure from ODesk.com. It is a freelance site where you fill out your profile, take some tests, post your resume and bid for different jobs. I did all that and I also bid on a few jobs. Of course, I got rejected for the first three of them, but then, one night while I was reading my job opening alert email,(this was honestly the first time I ever really read the alert email) as I had been rejected a few times, I was becoming very discouraged about the site but I stumbled across this posting: "Technology Blog Writer, Youserbase," and I applied for the job. I honestly didn't think that I would get it. I mean I was up against so many more qualified people and I was only a "newbie". But I went for it anyway. It looked to be right up my alley.

And to my surprise, I was invited to an interview. Me, the newbie was invited to an interview.

Ok, soi I know that I am a geat writer. but did anyone else think so? Apparently so. With just one sample of my writing submitted, and one intrview, I got that job. Now I am writing daily for the #1 Consumer Electronic Wiki In Europe. It's Called Youserbase.org. It really is a great site, and it is edited by real people and maintained by a great guy named Hendrik Hartz, my boss.

And if That Wasn't Enough...

I was invited to another interview a few days later for a different type of blog altogether! And again, after just one submission of a writing sample and one formal interview, I got that job too. This one is for a ating site, and as soon as I have a link to post, I will.

The Icing On the Cake

Not Only did I land two jobs from ODesk.com, I have also been published by a few other sites for various articles I have been writing over the past few weeks. I will be honest with all of you. Never in my wildest dreams did I ever think I had what it took to be a professional writer. But as it turns out, I apparently i do! So do me a favor and help out a budding Freelance Writing career that really has a chance at making the big time... Click on the article links on the right and pass them around to all your friends. The more page views the better.

All I Want Is A Little Honesty-Please

And if you really like one of the articles, rate it or leave a comment. And if you really don't like an article, tell me that too. I want real feedback. Not just a little bit of niceness because you are my friend. A true friend is honest. And that is what I want from all of you who take the time to read my blog. Honesty. Thank you all, because without any of you, I would never have had the courage to do what I am doing now. especially you, Thomas Torpey, I love you very much and without your endless pushing and nonstop believing in me, this never would've taken off the way it did. Thank you again... And as I say in my other blog...KEEP DREAMING!

Is Yahoo Betraying The United States Of America?

Just To Lift The Ban On Them In Iran?

It has been reported by The ZDNet.com's Richard Koman, in its section called ZDNet Government, that Yahoo has allegedly sold over 200,000 names and email addresses to the Iranian Government. And they further report that:

Yahoo collaborated with the Iranian regime during the election protests, providing to the authorities the names and emails of some 200,000 Iranian Yahoo users, according to a post on the Iranian Students Solidarity (Farsi) blog. My sources indicate the information comes from a group of resisters who have infiltrated the administration and are leaking out important information.

This is coming from a translated portion of a post on Iranian Students Solidarity. And they are also saying that:

Yahoo representatives met with Iranian Internet authorities after Google and Yahoo were shut down during the protests and agreed to provide the names of Yahoo subscribers who also have blogs in exchange for the government lifting the blocks on Yahoo.

(for a look at the original article and translated document, please visit the page @ ZDNet.com Government's page)

Now you have got to be kidding me!!

For a stack of cash, Yahoo has given up a piece of the Iranian Freedom that they fought so very hard for. I think yahoo should be banned at all costs. There is no excuse for behavior such as this. It is reprehensible!

How long do you think it will be until Yahoo does it to us? The Citizens of the USA?

So I Propose The Following

Every person in the United States of America who values their FREEDOM and PRIVACY MUST BOYCOTT ALL OF YAHOO!!

This means everything! How are we, as citizens of the United States of America supposed to live our day to day lives knowing that a company is willing to sell out their subscribers just for a piece of the action? I mean you sure as Hell Don't see Google doing this!! They were banned too!!

BOYCOTT YAHOO!!! Show Yahoo that what they have done is unforgivable!!

Attention all Windows Vista and Windows Server 2008 Users!

An Exploit Code Has Been Released To The Public!
And Microsoft Has Yet To Respond!

What Is The Problem?

An SMBv2 vulnerability, which has just been made public yesterday, was kept private until now. And apparently for good reason. This "new" exploit is not new at all. Microsoft has known about it for over a week and have done nothing to fix the problem.

What is SMBv2?

SMBv2 was created and released by Stephen fewer at Harmony Security. It is a hole, or code vulnerability which will allow attackers to install malware, Trojans, or open any backdoor they want. This hole was first announced to Microsoft as a non-critical DDoS attack, which then spawned a worm and the exploit code that was released yesterday. This vulnerability affects every version of Windows Vista with SP1 and SP2, including the Ultimate and Business Editions, which are the most popular with professionals and small business owners, and Windows Server 2008 with SP1.

And The Next Microsoft Patch Release Date Isn't For Another Two Weeks!

The Last release date was YESTERDAY, September 29th and Microsoft did nothing! So While Microsoft is STILL doing nothing to fix the exploit, even though they have known about it since September 17th, what are you, the one with the possibly vulnerable system, supposed to do? Just sit and wait until Microsoft issues a patch? All the while hoping and praying that your home system or, the Gods forgive me for saying this, your business doesn't get hit? Well that is what potential attackers are hoping for. They are praying that this has been so hushed that you will do absolutely nothing to ward off the problem before it's too late. That is why you need to take action NOW!

So How Do I Defend My System NOW?

Well, according to ZDnet.com, you should impliment the "one click "fix it". This should allow any user of teh Vista and Server systems to fend off pending attacks. You can find more information on this fix HERE. Also, you could always upgrade to the new Windows 7, but that will have to wait for another post on another day... Check back in a few days, as I managed to get a free copy of Windows 7 professional because of my being a student at Kaplan University, complements of the MSDN, and I will be installing it in a virtual machine, essentially running a few different operating systems in one. I will tell you all about it in my next post! Stay Tuned!

Flash Cookies: How To Get Rid Of Them...

And How To Prevent Them In The First Place

So, like I stated in my last post, you thought deleted all of your cookies right? So very, very wrong. While you may have gone in and manually deleted your browser's history and cookies and the like, some still remain. Possibly even hundreds.

Local Shared Objects

or Flash Cookies, as they are becoming lovingly known, are becoming more and more of a problem lately. Since they do not appear in the browser's private cookie stash, finding them can be a tedious task in itself.

So Where can You Find Them You Ask?

Well, I have come to find that on most hard drives they are located in the Flash Player directory within the Documents & Settings folder on the main hard drive. Since they are a part of the Flash Player plug-in, they get stored with the rest of the Flash Player settings. So wherever you may have your Flash Player installed, that is most likely where you will find these annoying little things.

What Was That You Wanted To Know? How Do You Get Rid Of Them?

Step One

Well the first thing you have to do is go to the Adobe Flash Player Site, access the Settings Manager by clicking the link on the left that says "Flash Player 10 Help (HTML)" and select the link on the left for the Website Privacy Settings. Once the page reloads, it will give a list of all of the web sites you have visited in the past that have placed a cookie somewhere on your hard drive. You can choose form the list which cookies to delete or delete them all (which I highly recommend, I will explain why further along). Next, you will need to click on the link for the Website Storage Settings and do the same thing.

Step Two

Keeping the Adobe Flash Player page open (you will need it again in a few minutes), go to the directory where you have your flash player installed. Here is a list of areas for the different operating systems, as they all have different directories in which they can be found: * Windows: LSO files are stored typically with a “.SOL” extension, within each user’s Application Data directory, under Macromedia\FlashPlayer\#SharedObjects. * Mac OS X: For Web sites , ~/Library/Preferences/Macromedia/FlashPlayer. For AIR Applications, ~/Library/Preferences/[package name (ID)of your app] and ~/Library/Preferences/Macromedia/FlashPlayer/macromedia.com/Support/flashplayer/sys * GNU-Linux: ~/.macromedia

Step Three

Once you have deleted the cookies form the directories on your hard drive, you can then go back to the Adobe page and continue with tweaking the settings so that flash cookies are no longer stored on your system in the first place. To do this, once you are back on the Adobe site, click on the links Global Privacy, Global Storage and Global settings panels one by one and on each one, click the option for "deny all." This will prevent any and all flash cookies to be stored on your hard drive, unless you give specific permission for a site to do so. The only difference these links is that on the Global Storage page, you have the option of allotting a certain amount of space on the hard drive to store the cookies. I recommend that you set this to zero. Otherwise you might just happen to store a cookie that can re-spawn itself. That is even though you might delete it, it can re-implant itself in the directory if you revisit the site you originally got it from.

So Will This Stop All Cookies?

While taking these actions may not stop all cookies from implanting themselves, it will certainly slow down a bit. The only way to really keep your computer secure is to be extra vigilant when it comes to privacy.

Almost like you are just a little paranoid about it... But then again, aren't we all?

So You Thought You Had Deleted Your Cookies...Right?

COOKIES…Everyone knows about them.

Everyone knows what cookies are, right? And you thought you deleted all of your cookies, right? You thought that going in and manually deleting them would do the trick. And for all of you Firefox users, there is even an extension that allows you to close the current page and delete cookies on a simple right click, right? Wrong.

WHAT DO YOU MEAN WRONG?

What I bet you didn’t know is that there is another type of cookie that all the big name companies are using to track you. And these cookies don’t get deleted when cleaning the browser’s cache. Even going in and deleting them one by one won’t get rid of these cookies.

WHAT ARE THESE COOKIES?

The cookies I am talking about are called Local Shared Objects, or “Flash Cookies.” Flash cookies are just like normal cookies, but can hold much more data than a regular cookie, up to 100 kb as opposed to 4 kb with a normal cookie. These cookies are usually used to store data when using flash with online movies and games to save a player’s progress or what color settings they prefer, etc.

SO WHAT IS THE BIG DEAL? It’s just a cookie right?

Wrong. It is an invasion of privacy. Because it is a flash cookie, it is not recognized as a cookie and is not deleted with the rest of them. And they can be hard to find, even if you know where to look for them. And the worst part is that even after they are deleted, the site that placed the cookie on your browser can restore it because the site itself retains the cookie information. And most sites that use these types of cookies DO NOT MENTION IT IN THEIR PRIVACY POLICY!

So What To Do About It?

Check back here tomorrow for what to do about these cookies, and how to protect yourself from the damage that they may cause.

WPA TKIP WI-FI ENCRYPTION CRACKED...AGAIN!!

Does your business or home use WPA TKIP WI-FI Encryption? If it does you must read this.

It has been recently reported that the WI-Fi Protected Access, or WPA type of encryption has been cracked for the second time in as many years. Most businesses have switched over to the WPA style of WI-Fi encryption ever since the WEP (Wired Equivalent Privacy) System was made "...effectively pointless within a few years of its introduction in 1997," as reported by TechSpot.com/news. The WPA system uses a Temporal Key Integrity Protocol and has become the standard in Wi-Fi network security.

In The Beginning...

The first attack in 2008, commonly known as the "Becks-Tews" attack, was researched and orchestrated by Martin Beck and Erik Tews. It worked by intercepting short packets, reading and falsifying the information. This attack had it's limitations. Though the targets were the same WPA TKIP encryption system as the new attack, it needed the support of 802.11e QOS and it would take between 12-15 minutes to execute the attack but by then most users would become aware that the attack was taking place.

Here in the Future...

A duo of Japanese researchers have executed an attack built on the same principles as the Berk-Tews attack, and targets the same WPA system but now can do so in 60 seconds. That's only one minute until your business's precious security information can be intercepted, read and falsified. This new attack works in the same way as the 2008 attack, but the researchers have found a mathematical formula to hack in much quicker. They are "lovingly" calling this attack the "Man in the middle" attack and promise that WPA2 is next. It has also been suggested that the attacks do not threaten the overall encryption of the wireless stream.

But do you really want to take that chance?

And Let The Games Begin...Again!!

I am happy to report that my second term at Kaplan University has (finally) begun this past Wednesday the 26th. The last day of my first term was on August 9th. And let me tell you something. I never in this world ever thought that I would actually be happy, no make that ECSTATIC, to be back in school. This comes form a woman who, in her childhood and teen-aged years, hated everything about school. I would do anything to get out of going. And it was a little too easy to do. I went to a very large high school on Long Island in NY for my first two years, and the late and absent policies were very easy to get around. That was until I finally got caught and sent to an "alternative" school. Most parents and students alike I think will agree with me when I say that this alternative school was a vacation at the very least! Monday through Thursday from 5PM till 8PM. No labs, no P.E.. What more could any student ask for?

Then after two years of this school and getting into the usual headstrong teen-age "phases", I had tried to commit suicide. I was always really messed up. It wasn't my parents fault at all (I know they are probably reading this, so I want to make this absolutely clear - Mom, It was NOT YOUR FAULT!). After this episode Mom had moved us away from the chaos, a new town, a new life. Or so we thought. After about two months, just enough to get us settled, I made some new "friends". It was all downhill from there. I will save you all form most of the gory details, but in the end I wound up getting pregnant and dropping out.

Fast forward two years. I had moved to Florida in 1997 with my then husband and our daughter. I was pregnant again and had decided to get my GED. Probably one of the best decisions I had made at the time. The other one being separating form my abusive (now ex) husband (that is another story for another day). That was the last time I had been in school or anything school-like for 12 years.

So here I am. I finally decided to go back to school. How it happened was pretty miraculous in itself. I think that is a story for another day as well (don't worry, I will definitely write about all of that soon). I enrolled in Kaplan University's KU Campus, an online program, and it has got to be THE best decision I have made so far (well, that and moving in with my fiancee almost two years ago). I am really enjoying it. I am studying for my Associate in Science degree in Computer IT with emphasis in Web Design. I was studying programming when I started, but Visual Basic Kicked my ass, so I decided to switch this term to the Web Design program. Honestly, I think Visual Basic is a demon that must be excised.

So last term I took Academic Strategies for the IT Professional and Visual Basic (the DEVIL) and this term I am taking English Comp I and Web Development, which is basically just a class to learn Adobe Dreamweaver CS4. I must say that I am loving the web design and development aspect of things. The intro class I took, which I had won a scholarship for, was the Intro to Web Design, and I passed with a 4.0. I seem to be able to grasp HTML and the like pretty quickly and easily. VB was a nightmare and I barely passed by the skin of my teeth.

Ok, so enough of my ranting. I am really enjoying this class and the school and I can't imagine anything else I would rather do with my time and money right now. So wish me luck, and I will keep you all posted on my progress!

And like I always say in my other blog...
KEEP DREAMING!

UPDATE!! I almost forgot to mention... I met the most wonderful Admissions advisor at Kaplan, and her name is Nancy Ziv-Rothman...and she has helped me get through some things that I am not too sure I would've been able to otherwise... So Thank you Nancy, for all that you do!

Why Are Botnets So Important?

The Botnet and What It Is And Does

What used to be a meaningful piece of software allowing the legitimate sharing of program processing amongst a network of business PC's has now been turned into one of the most exploited and maliciously used pieces of software in the history of the internet.

The Botnet is now being used easily and maliciously for many things including the creation or misuse of SMTP mail relays for spamming (a SPAMbot), spamdexing (the practic of dishonestly manipulating search engines), click fraud, theft of sensitive information like application serial ID's, login ID's and passwords, and financial information like credit card numbers. But the most recent and problematic attacks have been the Denial of Service attacks on Twitter, Google, Facebook and Live Journal, just to name a few. They have been said to be "Massive and sustained (DDOS) attacks...and they are not finished yet!" stated a Security expert from Symantec's Security Technology Response Group.

The twitter attacks were one of the easiest to implement.

A trojan horse called Downloader.Sninfs was using Twitter's @update account to deliver commands to infected PC's. It posted links for web updates just like any account holder would. Then the unsuspecting users clicked on the links and received and spread the commands. After enough people did this, it created the DDOS attack in which we are all familiar with. The account on Twitter has since been disabled and is under investigation.

The botnet works by installing malicious software through what is known as "drive by downloads". These are downloads in which the user has authorized the download without fully understanding the consequences, or maybe unknowingly downloads a virus that is tacked on to an Active X control. The botnet's originator, or "Bot Herder", can then remotely compromise your PC and the network it is on rendering it a zombie.

The scariest thing about a botnet is that you most likely won't even know that you are infected unless you know what you are looking for! This is because most PC's involved in a botnet work normally. They hide their code within legitimate applications and email, and you are spreading them unknowingly but willingly. So what are you supposed to do about it? Tune in next time for solutions and tips and tricks for sniffing out a botnet and removing it from your machine...

Isn't it time to take back your PC?

WINS Security Vulnerability

WHAT IS WINS?

The Windows Internet Name Service, or WINS is Microsoft's answer to the question that no one ever asked. No really, WINS is the core service which translates the names of computers into their numeric IP addresses. This is a necessary service for one computer to be able to talk to another.

WHAT IS THE WINS VULNERABILITY?

The vulnerability found within the WINS service has been classified as critical, and can "...allow remote code execution if a user has received a specially crafted WINS replication packet on a affected system running the WINS service...", states a representative from Microsoft. The replication packet allows the attackers to write arbitrary memory locations and execute the arbitrary code via a modified pointer within the packet sent to TCP Port 42. This attack has been found to be coming form China, and is targeting no less than 70,000 IP addresses daily.

WHAT THIS MEANS TO YOU, THE SMALL BUSINESS OWNER?

What this means is that if you or a member of your team have manually installed this particular WINS component, you WILL be affected. A representative of Shavlik Technologies says that this "...is an unauthenticated server-side attack. The bad guy simply points and shoots some packets at the WINS server and they can execute code of their choice on that server." This could mean that anyone can gain access to all of your sensitive information remotely.
And you would never know!