TrueCrypt provides free, fast and secure encryption

An interesting fact about notebook computers is that they’re called notebooks instead of laptops because the term laptop implies that you can use it on your lap, blocking the ventilation ports and causing the unit to overheat. The industry initiated the switch to the term notebook several years ago not because of a change in size so much as a change in usage patterns. More and more people were buying these notebooks and more and more notebooks were getting faster and hotter. My roommate, my girlfriend and I were watching TV the other night and I noticed that there were four notebooks for the three of us. I’ve seen many people lean back in a recliner using a notebook perched on their laps, thinking to myself that the heat was probably bad on the notebooks and bad on the people.

In any case, as the notebook becomes more prevalent as a part of pop culture and less a rare business expense to be treated like a prized possession, we need to consider the security ramifications in a business context. Now my personal notebook has nothing on it about which I would be concerned should it be stolen or misplaced. Everything is backed up using Carbonite, and while the contents are immensely valuable to me, they probably wouldn’t be very valuable to someone else.

My business notebook, however, is a different story. While I try to make sure that everything is stored on our servers, sometimes important files are copied to it while I’m working on them, and I don’t always do the best job of making sure those files are moved back when I’m finished. I know for certain that I work with others who are even less careful about storing important documents on their notebooks. Enter TrueCrypt.

TrueCrypt is a free and open source industrial strength on-the-fly encryption system. TrueCrypt is so good and so robust that I’m not aware of a commercial solution that is its equal.

TrueCrypt allows for several types of encryption to be used several different ways. The encryption algorithms provided are AES-256, Serpent and Twofish. All that you need to know is that AES, or Rijndael,  is government-level encryption that won’t be broken any time soon.

TrueCrypt allows you to create an encrypted volume, which is essentially a large, single file that can be mounted as a drive. You access the drive like a USB key or another hard drive on your computer, copying files to and from it or working directly on files stored there. When you try to mount the volume, you’re prompted for your password. If it’s correct, the new drive appears.

Another encryption option offered by TrueCrypt, and in my mind the much more important and valuable option, is full drive encryption. With this option, you can completely encrypt an entire drive such as your USB key, an external hard drive, or – most importantly – your main hard drive on your computer.

Full system drive encryption requires you to enter your password on boot. TrueCrypt prefers passwords greater than 20 characters in length, so you can rest assured knowing that nobody will be able to brute-force your password any time soon. If your computer is lost or stolen, you know that nobody will be able to get to any of the information stored on the computer.

The next logical question relates to how TrueCrypt works without slowing down the computer’s normal function. Because TrueCrypt completely encrypts every byte in every sector of your hard drive, Windows and any other file utility can’t read it. If you enter the correct password, TrueCrypt loads its special driver into memory that is allegedly faster (PDF) than the stock Windows drivers.

The first thing I do when I prep a new notebook is load TrueCrypt and enable full disk encryption. It’s very careful, forcing you to burn a recovery CD and allowing you to pause and resume the encryption process at your discretion, so it’s very easy to use without fear of messing up your computer.

There are many more options and features offered by TrueCrypt. The best encryption is open encryption, which means that if you keep something secure by making it a secret, as soon as that secret gets out nothing is secure anymore. The beauty of TrueCrypt is that everything about it is open source, meaning that anyone can verify that it works and works well to protect everything in every situation. It’s great for notebooks, but should also be installed on desktops and severs that may contain sensitive data. Entering a password on boot is a small price to pay for piece of mind.

TrueCrypt is free and open source and it works on Windows, Mac and Linux. It makes your computer faster, it makes you feel safer and should be an integral part of your business practice to ensure that if your notebook or desktop computer does fall into the wrong hands it won’t be anything other than a paperweight.

Posted in software | Tagged , , , |

Auction Podcast Episode 8 – Google AdWords and DNS

You’re listening to the AuctioneerTech Auction Podcast
auctioneertech.com – Technology, auctions and auctioneers – auction tech for the auction industry

Hello and welcome to the eighth episode of the AuctioneerTech Auction Podcast for the week of 20 October, 2008. In this episode, we’re going to cover two recent topics from auctioneertech.com, DNS and Google AdWords.

Over the last several months, there have been many security bulletins about the vulnerabilities found in one of the fundamental technologies that makes the web work called DNS. DNS stands for domain name system. It’s a fairly complex system, but abstractly it’s fairly simple.

Every device on the Internet is accessed by Internet protocol, or IP address, which is a dotted quad, or sequence of four numbers separated by periods like 208.67.222.222. We remember websites and services and companies by their website domain names. I’ll bet you can name the websites for Google, Amazon, eBay and AuctioneerTech off of the top of your head, but I’ll bet you don’t know what the IP addresses of the servers are that your computer talks to when you visit those sites.

DNS exists to convert the domain names, like auctioneertech.com, into IP addresses, like 67.210.98.40. It’s like a phone book. You know the name, you need the number.

When you type the website www.auctioneertech.com into your browser, you computer first checks its cache memory to see if it has visited the site before. If it has, it further examines the record to see if that record is still valid. If it’s valid, it directs your browser to the computer at 67.210.98.40. If the TTL, or time to live, on that record has expired, the computer recognizes that the information is too old to be valid so it contacts a DNS server to find out the correct IP address of the domain. The DNS server is usually owned by your Internet service provider, or ISP.

Your ISP’s DNS server has a bunch of address records in its memory, each record with its own TTL or time until that record expires. Each time a subscriber requests a site it doesn’t have, it gets it and adds it to memory so it doesn’t have to get the same record again before the record expires.

The problem that’s been in the news recently relates to what is called DNS poisoning. Essentially, it’s possible to intercept the requests made by the DNS server for a domain name’s IP address and reply to them with incorrect addresses. For example, when the record for PayPal expires and the DNS server goes to update that record, a malicious person could catch that request and reply with an IP address for his server, causing the DNS server to tell the requesting subscriber that the IP address to PayPal is a malicious computer rather than the PayPal server. Now that malicious computer would serve a website that looks just like PayPal and have paypal.com in the browser address bar and the subscriber could be tricked into entering his username and password, providing access to his bank account to the malicious person. This attack is not Paypal’s fault, it’s the fault of the original DNS technology which was far too trusting.

Recently, patches and updates have been made to many DNS servers from many different ISPs. The problem is that you may not know if your provider has updated its servers. There is a test located at DoxPara, a link to which is posted on the transcript to this podcast, to tell if your DNS is vulnerable to the latest attacks, but by far the better choice in my opinion is to use a free service called OpenDNS.

OpenDNS makes Internet faster, safer

OpenDNS makes Internet faster, safer

OpenDNS is a distributed network of free DNS servers that are faster and more secure than your ISP’s DNS server. Because they have so many users, the odds of them having the website you’re looking for are much higher, allowing them to return the IP address immediately rather than to have to look it up. They’re on top of their game, which means you can always trust that they’re running the latest updates and patches.

They have a fantastic control panel which not only provides statistics showing total requests, unique domains, unique IPs and more, they will allow you to block categories of websites or specific domains or IP addresses. You can block dating sites, gambling sites, auction sites, adult sites, gaming sites, religious sites, blogs – the list goes on. If you’re an auctioneer, you probably want to allow auction sites but block adult sites. If you’re a school, you probably want to block dating sites and religious sites as well. OpenDNS lets you block these categories and more. I have music sites blocked, but my staff likes to listen to Pandora Internet radio, so I can block the music category but specifically allow Pandora.

OpenDNS automatically blocks known phishing sites, which means that if you try to visit a site that is known to be malicious or to try to extract personal information from you, it will block it until you specifically allow that site in the OpenDNS control panel.

If you manage a network, simply enter the free OpenDNS server addresses in the configuration of your router and rest assured knowing that your router will cause all the computers on your network to go through the OpenDNS servers. If you manage multiple networks, the OpenDNS control panel will allow you to block and allow specific website categories for each network or all at once. If you have a notebook computer and are accessing the Internet at a wireless hotspot, you can use the OpenDNS servers specifically on your notebook to ensure that you’re really going to the sites you wanted to go to rather than hoping that the DNS servers used by the hotspot are not vulnerable or already poisoned.

One final feature is intelligent redirection. If you type example.cm on a normal DNS server, it will take you to either a page not found 404 error or a scam site or ad site hosted by a domain squatter. Type example.cm on a computer using OpenDNS and it will recognize that you probably meant example.com and correctly take you to the site you meant to visit.

How can OpenDNS provide such a fantastic service for free? When you enter a site like example.cm and it doesn’t have a good guess as to what you really meant, it will display a page of Google-powered search results as if you entered that website into the search bar rather than the address bar. OpenDNS takes a percentage of the ad revenue generated if you end up clicking on one of the sponsored links. You can customize the logo using the OpenDNS control panel so it looks like search results from your company, which is a particularly nice feature if you manage a network. The address bar search is so nice that I’ve found myself getting lazy and entering everything in the address bar because I know that OpenDNS will cover for me and convert the malformed website address into a search query.

With all the baddies on the Interwebs, OpenDNS provides peace of mind that when you type an Internet address in the browser’s address bar you’ll end up where you wanted. It provides an increase in browsing speed which translates to an increase in productivity. It makes you safe and boosts your bottom line. And it’s absolutely free. For instructions to start using OpenDNS, visit www.opendns.com.

Now, a question was posted on the page for last week’s podcast by Joe Abal from Florida who asked if I thought Google’s AdWords is a profitable marketing tool. The short answer is yes, but I thought it would be good to discuss what AdWords is and in what context it works best for auctioneers.

Google AdWords logo

Google AdWords logo

Google is a mammoth company, slowly weaving its way into every corner of the Internet by offering free services that are better than the competing for-pay services. The development of these free services is not cheap, especially when Google allegedly requires only 80% of their employees’ attention through their Innovation time off program which encourages each Googler to spend one day a week on projects that interest him or her.

Google makes the vast majority of its money through advertising. Google owns advertising on the Internet, and one of the most prominent advertising services it offers is AdWords.

When you search Google, there are two kinds of results returned. The organic results are those listed on the left while the paid ads, or sponsored links, are listed in a block on the right and sometimes above the organic results on the left.

Eyetools Google search heatmap

Eyetools eye tracking map of Google search results

When test subjects perform searches and their eyes are tracked, the results are pretty clear that the vast majority of the time the subjects look first at the top of the organic results list. There is a very intriguing study from a company called Eyetools showing this concept, and a link to that study is posted in the transcript for this episode. These data confirm that it’s much more valuable to have a high organic ranking than to rely on paid ads.

The problem is that you can’t strong-arm your way into ranking high on an organic search, especially if that search is fairly common. A modern-day snake oil industry has built itself around SEO, or search engine optimization, but the fact is that auctioneers seldom have the time to wait for the tweaking and testing involved in a targeted campaign to rank higher for queries relating to items in an auction.

Google AdWords allows you to buy placement of links on Google search results and on websites using Google’s AdSense product which lets site owners display relevant links and get a portion of the proceeds. AdWords customers are charged based solely on how many users click on the ads. Your ad may be displayed thousands of times, but if nobody clicks on it you’re not going to be charged anything.

For customers, AdWords is an auction requiring three pieces of information. You tell it which keyword you want, how much you’re willing to pay for each click, and how much you’re willing to spend per day. AdWords will display the ads with the highest price first until that customer’s per day limit is met, at which point it will no longer display the highest priced ads, displaying instead those of lesser value. You also have the ability to target specific locations, so an ad can run in Kansas and not in Minnesota, for example.

Let’s say you want everyone in North Carolina searching for auction to be shown a link to your website. AdWords displays about eight sponsored listings per search, so you have to outbid all but seven other AdWords customers. With competition from eBay and Overstock.com, two large companies among many with a vested interest in the term auction, a campaign for such a generic term can be quite costly.

Take the keyword phrase combine auction. Because there are fewer companies targeting that search phrase, it’s going to be cheaper and easier as an advertiser to put that link in front of people searching for that phrase. The downside is that there are many fewer people searching for combine auction rather than auto auction or just auction.

AdWords shines when we try to advertise niche merchandise, and organic returns are more valuable for institutional marketing. It’s far better for a weekly auto auction to work to build a frequently-updated website to rank higher for organic returns for auto auction and to use AdWords to quickly advertise antique or unique automobiles as they come in using AdWords to target those people interested in such vehicles.

We auctioneers have fairly unique needs. We usually have a short time to market specific items. If we had an abundance of time, we could build a website for each item and build the ranking over time. Most times, however, we have a marketing window of a week or two, and AdWords gives us the ability to provide exposure of the specific items we have to specific demographics interested in those items.

That’s it for episode eight. I have three guests who have accepted my invitation to participate in interviews over the next several weeks. If you’ve enjoyed this podcast, help promote it by telling your friends or auctioneers you may know or writing a review on iTunes.

You’ve been listening to the Auction Podcast from AuctioneerTech. If you have suggestions, questions or comments, or are interested in being a guest, please let me know by going to www.auctioneertech.com/feedback and leaving a message. You can also post public comments about this or any other episode, as well as find show transcripts, on the auction podcast page of auctioneertech.com.

Thank you for listening. Now go sell something.

Posted in Podcasts | Tagged , , |

Google AdWords provides targeted audience exposure

Google AdWords logo

Google AdWords logo

Google is a mammoth company, slowly weaving its way into every corner of the Internet by offering free services that are better than the competing for-pay services. The development of these free services is not cheap, especially when Google allegedly requires only 80% of their employees’ attention through their Innovation time off program which encourages each Googler to spend one day a week on projects that interest him or her.

Google makes the vast majority of its money through advertising. Google owns advertising on the Internet, and one of the most prominent advertising services it offers is AdWords.

When you search Google, there are two kinds of results returned. The organic results are those listed on the left while the paid ads, or sponsored links, are listed in a block on the right and sometimes above the organic results on the left.

Eyetools Google search heatmap

Eyetools eye tracking map of Google search results

When test subjects perform searches and their eyes are tracked, the results are pretty clear that the vast majority of the time the subjects look first at the top of the organic results list. These data confirm that it’s much more valuable to have a high organic ranking than to rely on paid ads.

The problem is that you can’t strong-arm your way to ranking high on an organic search, especially if that search is fairly common. A modern-day snake oil industry has built itself around SEO, or search engine optimization, but the fact is that auctioneers seldom have the time to wait for the tweaking and testing involved in a targeted campaign to rank higher for queries relating to items in an auction.

Google AdWords allows you to buy placement of links on Google search results and on websites using Google’s AdSense product which lets site owners display relevant links and get a portion of the proceeds. AdWords customers are charged based solely on how many users click on the ads. Your ad may be displayed thousands of times, but if nobody clicks on it you’re not charged anything.

For customers, AdWords is an auction requiring three pieces of information. You tell it which keyword you want, how much you’re willing to pay for each click, and how much you’re willing to spend per day. AdWords will display the ads with the highest price first until the customer’s per day limit is met, at which point it will no longer display the highest priced ads, displaying instead those of lesser value. You also have the ability to target specific locations, so an ad can run in Kansas and not in Minnesota, for example.

Let’s say you want everyone in North Carolina searching for auction to be shown a link to your website. AdWords displays about eight sponsored listings per search, so you have to outbid all but seven other AdWords customers. With competition from eBay and Overstock.com, two large companies among many with a vested interest in the term auction, a campaign for such a generic term can be quite costly.

Take the keyword phrase combine auction. Because there are fewer companies targeting that search phrase, it’s going to be cheaper and easier as an advertiser to put that link in front of people searching for that phrase. The downside is that there are many fewer people searching for combine auction rather than auto auction or just auction.

AdWords shines when we try to advertise niche merchandise, and organic returns are more valuable for institutional marketing. It’s far better for a weekly auto auction to work to build a frequently-updated website to rank higher for organic returns for auto auction and to use AdWords to quickly advertise antique or unique automobiles as they come in using AdWords to target those people interested in such vehicles.

We auctioneers have fairly unique needs. We usually have a short time to market specific items. If we had an abundance of time, we could build a website for each item and build the ranking over time. Most times, however, we have a marketing window of a week or two, and AdWords gives us the ability to provide exposure of the specific items we have to specific demographics interested in those items.

Posted in advertising, services | Tagged , , |

New resources list aggregates auction products and services

It’s time for a little housekeeping. In case you didn’t notice, the new resources page was published a few days ago. Its goal is to list various offerings from various companies and vendors serving the auction industry. If you don’t see a product listed, it’s due to an oversight and not an agenda. If you see an incorrect listing, please let us know. Help build the list by submitting the software and services you use on the feedback page.

Posted in community, services, software | Tagged , , |

OpenDNS makes Internet faster, safer and cleaner

DNS resolving from program to OS-resolver to I...

Image via Wikipedia

Over the last several months, there have been many security bulletins about the vulnerabilities found in one of the fundamental technologies that makes the web work called DNS. DNS stands for domain name system. It’s a fairly complex system, but abstractly it’s fairly simple.

Every device on the Internet is accessed by Internet protocol (IP) address, which is a dotted quad like 208.67.222.222. We remember websites and services and companies by their website domain names. I’ll bet you can name the websites for Google, Amazon, eBay and AuctioneerTech off of the top of your head, but I’ll bet you don’t know what the IP addresses of the servers are that your computer talks to when you visit those sites.

DNS exists to convert the domain names, like auctioneertech.com, into IP addresses, like 67.210.98.40. It’s like a phone book. You know the name, you need the number.

When you type the website www.auctioneertech.com into your browser, you computer first checks its cache memory to see if it has visited that site before. If it has, it further examines the record to see if that record is still valid. If it’s valid, it directs your browser to the computer at 67.210.98.40. If the TTL, or time to live, on that record has expired, the computer recognizes that the information is too old to be valid so it contacts a DNS server to find out the correct IP address of the domain. The DNS server is usually owned by your Internet service provider.

Your ISP’s DNS server has a bunch of address records in its memory, each record with its own TTL or time until expiration. Each time a subscriber requests a site it doesn’t have, it gets it and adds it to memory so it doesn’t have to get the same record again before the record expires.

The problem that’s been in the news recently relates to what is called DNS poisoning. Essentially, it’s possible to intercept the requests made by the DNS server for a domain name’s IP address and reply to them with incorrect IP addresses. For example, when the record for PayPal expires and the DNS server goes to update the record, a malicious person could catch that request and reply with an IP address for his server, causing the DNS server to tell the requesting subscriber that the IP address to PayPal is a malicious computer rather than the PayPal server. That malicious computer could serve a website that looks just like PayPal and have paypal.com in the browser address bar and the subscriber could be tricked into entering his username and password, providing access to his bank account to the malicious person. This attack is not Paypal’s fault, it’s the fault of the original DNS technology which was far too trusting.

Recently, patches and updates have been made to many DNS servers from many different ISPs. The problem is that you may not know if your provider has updated its servers. There is a test located at DoxPara to tell if your DNS is vulnerable to the latest attacks, but the far better choice in my opinion is to use OpenDNS.

OpenDNS makes Internet faster, safer

OpenDNS makes Internet faster, safer

OpenDNS is a distributed network of free DNS servers that are faster and more secure than your ISP’s DNS server. Because they have so many users, the odds of them having the website you’re looking for are much higher, allowing them to return the IP address immediately rather than having to look it up. They’re on top of their game, which means you can always trust that they’re running the latest updates and patches.

They have a fantastic control panel which not only provides statistics showing total requests, unique domains, unique IPs and more, they will allow you to block categories of websites or specific domains or IP addresses. You can block dating sites, gambling sites, auction sites, adult sites, gaming sites, religious sites, blogs – the list goes on. If you’re an auctioneer, you probably want to allow auction sites but block adult sites. If you’re a school, you probably want to block dating sites and religious sites as well. OpenDNS lets you block these categories and more. I have music sites blocked, but my staff likes to listen to Pandora Internet radio, so I can block the music category but specifically allow Pandora.

OpenDNS automatically blocks known phishing sites, which means that if you try to visit a site that is known to be malicious or to try to extract personal information from you, it will block it until you specifically allow that site in the OpenDNS control panel.

If you manage a network, simply enter the free OpenDNS server addresses in the configuration of your router and rest assured knowing that your router will cause all the computers on your network to go through the OpenDNS servers. If you manage multiple networks, the OpenDNS control panel will allow you to block and allow specific website categories for each network or all at once. If you have a notebook computer and are accessing the Internet at a wireless hotspot, you can use the OpenDNS servers specifically on your notebook to ensure that you’re really going to the sites you wanted to go to rather than hoping that the DNS servers used by the hotspot are not vulnerable or already poisoned.

One final feature is intelligent redirection. If you type example.cm on a normal DNS server, it will take you to either a page not found 404 error or a scam site or ad site hosted by a domain squatter. Type example.cm on a computer using OpenDNS and it will recognize that you probably meant example.com and correctly take you to the site you meant to visit.

How can OpenDNS provide such a fantastic service for free? When you enter a site like example.cm and it doesn’t have a good guess as to what you really meant, it will display a page of Google-powered search results as if you entered that website into the search bar rather than the address bar. OpenDNS takes a percentage of the ad revenue generated if you end up clicking on one of the sponsored links. You can customize the logo using the OpenDNS control panel so that it looks like search results from your company, which is a particularly nice feature if you manage a network. The address bar search is so nice that I’ve found myself getting lazy and entering everything in the address bar because I know that OpenDNS will cover for me and convert the malformed website address into a search query.

With all the baddies on the Interwebs, OpenDNS provides peace of mind that when you type an Internet address in the browser’s address bar you’ll end up where you wanted. It provides an increase in browsing speed which translates to an increase in productivity. It makes you safe and boosts your bottom line. And it’s absolutely free.

Start using OpenDNS today. You don’t even have to go to their website. Simply enter these two DNS server addresses into your router or the network properties of your computer.

208.67.222.222
208.67.220.220

If you entered those without verifying that they’re correct, shame on you. Trust no one when it comes to this kind of security, not even me. You can go to www.opendns.com and scroll to the bottom where the addresses are displayed to verify that they’re correct (which they are). Then you should enter the addresses in place of the DNS provided by your ISP to start using OpenDNS.

Posted in services | Tagged , , |