I got e-mail the other day from Turbotax saying someone had filed my taxes for me. Obviously a cause for concern, right? Here’s how I determined the message was fake in about three minutes. You can spot phishing e-mails with Outlook the same way.
Some people will tell you not to even open a message like this, but if you’re a computer professional, at some point someone is going to want you to prove the message was fake. I think this is something every e-mail administrator, desktop support professional, security professional, and frankly, every helpdesk professional ought to be able to do.
So here’s how you can get the proof. And generally speaking, Outlook 2010’s default configuration is paranoid enough that this procedure will be safe to do. If you want an extra layer of protection, make sure you have EMET installed and protecting Outlook.
If you have a side business, you need to offer customer service, but it’s also perfectly reasonable to not want your phone to ring at 3 a.m. You can fix that if you set up office hours in Google Voice.
Fortunately it’s easy to set up Google Voice to allow your phone to ring during office hours and go straight to voice mail after hours. And the nice thing is, Google Voice transcribes your messages. This makes it very easy to filter out people who are calling you trying to solicit your services at 25 cents on the dollar. I can’t say for certain that people are more likely to do that at off hours. But it’s certainly more annoying to get awakened at 3 a.m. by someone wanting to lowball you. And yes, I speak from experience.
Here’s how you do it if you don’t want to be disturbed at unreasonable hours.
I got the white screen of death last week, but it was odd—it only happened if I tried to edit posts that were in draft or scheduled status. Already-published content would edit fine. Here’s my experience fixing white screens in WordPress.
Clearing my cache helped temporarily, but the problem would come back as soon as I saved a post. I ended up doing two other things as well, and then the problem went away. I emptied my spam, which also greatly sped up the site, and I also deleted a mobile plugin that I was no longer using but was disabled. Disabled plugins can still affect behavior sometimes. Read more
Over the weekend I installed the All-in-One WP Security and Firewall plugin to fix another issue–more on that tomorrow–and I ended up breaking my site. Hopefully I fixed it to a better state than it started in.
The lesson, as with many security tools, is to proceed with caution.
I haven’t received a fake Windows tech support call in a very long time. A couple of the operations doing this have been shut down, but based on the continued popularity of the things I’ve written about them, I wonder if some people are still getting them.
That makes me reluctant to block them, just in case they call me again, but if you’re getting those calls and want them to stop, I can tell you how to do that.
As my longtime readers may know, back in the summer of 2013 Amazon cut off its affiliates program in Missouri. I’d been using the Amazon affiliates program for 12 or 13 years at the time. It didn’t make me rich, but it generally did a nice job of covering my day-to-day expenses of running the blog.
I’m going to do something most bloggers won’t do–I’m going to tell you what I make blogging. I don’t know what Amazon affiliates are and aren’t allowed to talk about, but Amazon has no control over me anymore, and Viglink doesn’t expressly prohibit such talk. So I’ll talk. Read more
I’ve been blogging for nearly 15 years, so I’ve seen my share of frustrations over the years. The toughest source of frustration for me to shake has been spam. I have actually had spambot traffic knock my site offline in the past–here’s what I did about that–so suffice it to say that if a computer can’t keep up with it, there’s no way a human can keep up with filtering the amount of spam even a moderately popular blog receives. I’ve used two plugins to augment WordPress’ built in antispam capabilities. Read more
A Dutch ISP that acts as a spam haven is DDOSing Spamhaus, and they’re using DNS to do it. The attack is using spoofed DNS queries to create, basically, a smurf-like attack. And the sheer volume of traffic is likely to affect the Internet as a whole.
That might explain why my recruiters were complaining that it was taking forever to look up job postings today. (Yes, I can publicly admit that I’m talking to recruiters. That’s another story.)
But basically, if you run a DNS server, you need to check your configuration to keep lowlives from using your DNS as a weapon. Here is a useful page for those of you running BIND, the one of the most popular DNS servers.
This was the most common type of attack in 2012; it looks like some people are trying to up the ante in 2013. We can make it stop, but every sysadmin running a DNS server is going to have to pitch in to help.
I found this chart earlier this week regarding SSD write endurance. Basically, it plots out how long an SSD would last if you set out to deliberately destroy it by writing to it continuously.
You could expect a mainstream 128-GB drive to last 4.7 years under those conditions, which is longer than a platter hard drive would last if subjected to the same kind of abuse. Other studies have similar results.
A long project can be paralyzing at times, making it hard to figure out where to start. A trick that I learned in model railroading is to just work on whatever small percentage of the project that bothers you the most. Then, when that’s done, cycle back, create another subproject that fixes whatever bugs you the most now, and keep making incremental improvements like that until you get where you want.
I’ve used the same trick on home improvement projects, and I applied it to this web site over the course of the last few weeks, doing a series of incremental improvements. It led places I didn’t expect it.