archive-com.com » COM » S » SHERYLCANTER.COM

Total: 209

Choose link from "Titles, links and description words view":

Or switch to "Titles and links view".
  • Sheryl Canter's Articles
    of aggregators don t have to take sides they generally support both approaches But content providers must make a choice The dispute centers on how complicated and ugly RDF XML really is and how important are the benefits it brings Both versions of RSS are based on XML In fact RSS is the most popular application of XML today But the spec produced by the nonprofit RSS DEV Working Group uses RDF XML while the commercial UserLand implementation sacrifices the advantages of RDF for a simpler syntax The RDF compliant spec is called RSS 1 0 and the non RDF spec is called RSS 2 0 to the fury of the RSS 1 0 camp But RSS 2 0 is not an improvement over 1 0 it s a completely different spec A third syndication specification variously called Echo Pie or Atom has recently garnered much attention Atom s design goal is to combine the best aspects of the two RSS specs as well as resolve some of the difficulties in adapting a news syndication spec for use with blogs Although it s too soon to know for sure Atom may be the winner in the end Humans Versus Machines RDF XML is machine readable but it s not very readable for humans How ugly is it Opinions vary People who know RDF XML well tend to think it s not so bad but it doesn t make a good first impression Most people who use RDF XML argue that human readability doesn t matter Virtually no one hand codes RSS Bloggers use tools such as Radio UserLand and Moveable Type and large companies use custom scripts designed for use with their content management systems If humans don t write it or read it does its ugliness really matter The

    Original URL path: http://sherylcanter.com/articles/pcmag_20031001_RSS.php (2016-04-24)
    Open archived version from archive


  • Sheryl Canter's Articles
    the data is still there The next time you save a file these clusters may be used to store the new data overwriting the old data Until this happens however the data remains fully intact You can retrieve it using a utility that bypasses the OS and reads the hard drive directly We looked at four such utilities in our recent roundup of data recovery tools We awarded Editors Choice to Kroll Ontrack s EasyRecovery Lite 6 0 www ontrack com If you want to recover a crucial file that you ve accidentally deleted you must be careful not to overwrite it Stop using your computer immediately and do not save anything to disk Do not even install a recovery program because anything written to the hard drive may use the clusters of the file you want to restore If the recovery program isn t already installed run it from a floppy disk When Data Is Overwritten Once you overwrite a file s data you can no longer access it through software But that doesn t mean the data is irrecoverable There are two ways that overwritten data on a hard drive can still be read When a read write head writes a bit to a disk it applies just enough signal strength to set the bit but not so much that adjoining areas are affected Because the signal isn t strong enough to saturate the media the absolute signal strength is affected by the data previously stored in that location When a 0 bit is overwritten with a 1 the signal strength is weaker than it would be if the previous value were a 1 Specialized hardware can detect the exact signal strength By subtracting a perfect version of the signal you can obtain a ghost of the previous data This process can be repeated up to seven times so to guarantee the elimination of ghost images data must be overwritten more than seven times each time with random data The second data recovery technique takes advantage of the read write head not being positioned in exactly the same place for each write operation This allows experts to detect the previous setting around the edges of the track called shadow data Repeatedly overwriting data also tends to overwrite these border areas Data Destruction Knowing that your data can be recovered is comforting Unless you really wanted it gone for good The U S Department of Defense s standard for sanitizing hard drives is detailed in the National Industrial Security Program Operating Manual also called DOD 5220 22 M http www dss mil isec nispom 0195 htm The manual calls for overwriting data three times first with a single 8 bit character then with the character s complement 0s for 1s and vice versa and finally with random characters This method is not approved for sanitizing media that contains top secret information however Such disks must either be degaussed demagnetized or physically destroyed For most people however the overwriting method

    Original URL path: http://sherylcanter.com/articles/pcmag_20031001_DataRecovery.php (2016-04-24)
    Open archived version from archive

  • Sheryl Canter's Articles
    dedicated investigator can obtain your name address and phone number Also these messages aren t encrypted and can be read as they leave your computer Anonymous remailers hide your IP address by removing header information In its simplest form a remailer server acts as an intermediary You send your message to the remailer the remailer strips off the header and then forwards your message to its destination The receiver sees the remailer s IP address rather than yours This strategy was used by anon penet fi a widely used anonymous remailer that operated out of Finland from 1993 to 1996 The problems encountered by anon penet fi demonstrate the weakness in this approach The Finnish police forced the owner Johan Julf Helsingius to reveal the identities of individuals accused of copyright violation and other crimes Helsingius finally closed down the service because of massive abuse by spammers The W3 Anonymous Remailer is a free easy to use service that hides your identity Servers such as these are termed pseudonymous remailers because their anonymity depends on the willingness and ability of the server administrator to keep the identities of its users confidential Another now defunct pseudonymous server at alpha c2 org offered security enhancing features such as support for encryption chained remailing and reply blocks a technique that lets people respond to you without learning your identity Truly anonymous remailers don t offer any way to reply to the sender There are two main types Cypherpunk Type I and Mixmaster Type II These are harder to use than pseudonymous remailers but they re more secure You need to learn how to use PGP encryption build the message and set up the chain of remailers through which your message is transmitted Cypherpunk messages can be created in Notepad but Mixmaster messages require

    Original URL path: http://sherylcanter.com/articles/pcmag_20030916_Remailers.php (2016-04-24)
    Open archived version from archive

  • Sheryl Canter's Articles
    computer s boot sector Today most programs are distributed on read only CDs and virus checkers can protect your PC s boot sector A Trojan horse is a destructive program that disguises itself as something else Unlike viruses and worms Trojan horses don t replicate themselves they just do bad things when you run them In the 1980s they were often distributed as appealing sounding games but today a classic Trojan is rarely seen More commonly you ll see blended threats distributed as e mail attachments whose payloads are worms or viruses You should never double click on an executable e mail attachment even when you recognize the sender Executable attachments have the file extensions com exe or vbs A worm can copy itself to other machines without human interaction It does this via network security holes For example a worm can be implemented as a script embedded in HTML e mail You don t have to double click an attachment to get infected you just have to view the message in an HTML enabled e mail client Until recently you couldn t turn off HTML e mail in Outlook Express But if you re running Version 6 Service Pack 1 or later select Tools Options go to the Read tab and check the box labeled Read all messages in plain text Beyond Virus Checkers Even with heuristic scanning a method for detecting viruses with unknown signatures virus checkers are basically reactive Of course you should install a virus checker and update its engine and virus definitions regularly but don t stop there You should also follow the five suggestions listed here 1 Installing operating system patches is time consuming but worthwhile Select Windows Update in your Start menu or go to http windowsupdate microsoft com and click on the

    Original URL path: http://sherylcanter.com/articles/pcmag_20030819_VirusImmunity.php (2016-04-24)
    Open archived version from archive

  • Sheryl Canter's Articles
    using the right click menu the alternate image is captured instead Remember however that JavaScript support is not available in all browsers and can be disabled You can also hide your image beneath a transparent GIF that is positioned via an embedded style sheet or a table Right clicking saves the transparent GIF rather than the visible image Give the image a misleading name so your visitors are not immediately clued to the trick If you re lucky the image thief will leave your site before noticing the switch If he s knowledgeable however he can obtain the real filename by looking at the source code for your page You can also inconvenience thieves by chopping an image into pieces before uploading Unfortunately this is inconvenient for the coder as well as the thief Webmasters commonly store images for a site in a subdirectory called images If a directory doesn t contain an index file then accessing the directory in the browser pulls up a directory tree with filenames in this case the names of all your images An easy way to prevent this is to put a file named Index htm in the images directory with a notice that all images on the site are copyrighted Or if your server is running Apache create a file with the name htaccess and put in the line IndexIgnore Upload this file in ASCII mode to your images directory and no file list will be displayed when users navigate to it Metatags can help you prevent browsers and search engines from caching or archiving the files on your site The following code prevents Google from archiving your files meta name robots content noarchive noindex nofollow noimageindex noimageclick For browsers that support HTTP 1 1 this tag prevents caching meta http equiv cache

    Original URL path: http://sherylcanter.com/articles/pcmag_20030630_WebImages.php (2016-04-24)
    Open archived version from archive

  • Sheryl Canter's Articles
    on the e mail client For Outlook Express right click on the message choose Properties click on the Details tab and then click on the Message Source button To learn how to view full headers with other e mail clients visit spamcop net fom serve cache 19 html Figure 1 shows the full header for an unforged e mail message The highlighted sections are the most difficult to forge They contain the clues to the source of the message The Received block and the Message ID are the most difficult lines to forge because they are added after a spam message leaves the offender s computer These sections contain the clues to the message s source On an unforged message the Message ID line is added by the mail server that sends out the message It usually ends with and the domain of the sender In this example the sender is Permutat aol com and the Message ID ends with aol com When the domain names in these two fields don t match it s a sign that the sender is trying to remain anonymous The Received block is the most revealing portion of the header Most messages pass through at least three computers before arriving at the recipient s machine the sender s computer the sending mail server and the recipient s mail server from which the recipient retrieves the message With more complicated setups those with firewalls for example the message will pass through even more stops Every machine the message passes through adds a Received line The lines are added from bottom to top so the top most line is the last stop the message made Because the Received lines reveal exactly where a message has been spammers sometimes try to confuse matters by adding fake Received lines to their messages Any forged Received lines appear at the bottom of the list Decoding the Received Block The server name in the from clause of the Received line can be forged easily but receiving mail servers can check the true identity through reverse DNS which shows the sending server s IP address The IP address results appear in parentheses after the server name entered by the sender which with spam is almost always forged You can look up the IP address of the named server more on this later to see whether the data in the header is accurate or forged Read the Received block from the bottom up until you find the injection point the last forged line which is where a message enters the Internet stream This is generally the last line where the IP address doesn t match the server name Most of the lines below the injection point are forgeries although sometimes the line just below the injection point reveals the spammer s dial up ISP To find the domain name associated with the IP address you ll need a whois utility Note that there are three whois databases to check each for a

    Original URL path: http://sherylcanter.com/articles/pcmag_20030408_StopSpam.php (2016-04-24)
    Open archived version from archive

  • Sheryl Canter's Articles
    addresses as it goes Site owners can protect themselves from spambots by redirecting them to a page that s free of e mail addresses For details see www turnstep com spambot Chat rooms are paradises for spammers who use specialized harvester programs for AOL chat rooms and profile lists AOL names are considered desirable because the service appeals to Internet newcomers who are more likely to respond to spam and less likely to have antispam solutions in place For harvesting e mail addresses of more sophisticated users spammers scour public lists of domain registrations Browsers can also be tricked into revealing your e mail address as you surf JavaScripts can instruct your browser to send e mail with your address to a specified location Some browsers give your address to every site you visit To see whether yours does go to www privacy net analyze Once a spammer has a list of addresses the next challenge is to send lots of e mail to all those addresses The problem is twofold The spammer has to find an SMTP server that can handle the mail and hide his identity to avoid repercussions Spam is prohibited by virtually all ISPs and spammers will lose their accounts if they re caught Hiding your identity by falsifying header information is illegal in many states and several federal laws are being considered to make it illegal nationwide see www spamlaws com for details But identity hiding is nevertheless supported by many bulk e mail programs Using others mail servers without permission will also be illegal if Congress passes the Can Spam Act but spammers can currently buy programs that search the Internet for open relays or buy lists of open relay IP addresses Open relays are unprotected servers that send out e mail from any

    Original URL path: http://sherylcanter.com/articles/pcmag_20030225_Spammers.php (2016-04-24)
    Open archived version from archive

  • Sheryl Canter's Articles
    legal ramifications of electronic signatures with some specific recommendations for implementation The document titled Digital Signature Guidelines is available at www abanet org scitech ec isc dsgfree html The treatise starts with an analysis of the functional characteristics of a traditional signature and then looks at how to implement these same characteristics electronically In legal terms a signature serves four general purposes evidence ceremony approval and efficiency A signature s uniqueness is evidence that a particular individual was the signer The act of signing a document the ceremony calls the signer s attention to the legal significance of the act you can t sign something by accident or by default by not taking an action The signature itself indicates the signer s endorsement or approval of the information in the document a contract or a check for example Finally a signature indicates that the signer has fully reviewed and accepted the facts and they can be taken at face value This allows efficient handling and transfer of the document Electronic signatures should accomplish these same goals In fact electronic signatures have the capacity to surpass wet ink signatures With biometric techniques such as dynamic signature recognition forgeries become virtually impossible The use of a Digest a value that works like a checksum and is calculated from the contents of an entire document can ensure that a legal paper remains unaltered once signed The digest takes up much less space than the complete document but even the smallest change in the document will result in a change in the digest E Sign does not however require that electronic signatures meet these standards except in the case of transferable records loans secured by real property If you are obtaining a mortgage electronically the signature must be demonstrably unique to the signer in the control of the signer and attached to the document in such a way that changes to the document after signing are clearly evident For electronic records that don t involve transferable real property there are no such requirements The law also fails to require electronic signatures to protect against fraud Virtually all the products available today do use technologies that provide security and safety but companies doing business electronically may choose not to use such precautions A consumer has no assurance that the electronic signature system used by a company meets even minimal standards for protection against fraud Should fraud occur the consumer will find no protection under the law The burden to prove the deception lies with the customer and there are no limits on liability Contrast this with the law governing credit cards Disputed charges are immediately removed from the purchaser s bill pending investigation by the credit card issuer And the cap on consumer liability for charges to a stolen card is 50 if the cardholder reports the theft Digital Signatures E Sign was not the first law passed that allowed electronic signatures At the time E Sign was enacted 46 states and numerous foreign countries

    Original URL path: http://sherylcanter.com/articles/pcmag_20010102_eSignatures.php (2016-04-24)
    Open archived version from archive



  •