Friday, September 6, 2013

Ctrl-Shift-P – your new best friend

Do you flip among reading webmail, social networking, gossip sites, research, and shopping or banking in the same browser? Do you realize that browsing history, search details, and even some logon information could leak from site-to-site?

Google – and, not to pick on just them, many other providers – encourages you to sign in to your account “for a fuller browsing experience” as soon as you open your browser. What they’re really wanting is to establish a relationship – ie: a cookie – with you so they can follow what you’re doing and suggest (sponsored) alternatives to your current choice. This tracking capability is not hidden, nefarious, or necessarily malicious. It’s designed into the Web and browsers as well as your user agreement, and can only be thwarted with obscure configurations in each browser’s profile.

I used to alleviate my concerns over this leakage by ensuring I closed all my browser sessions and reopened the browser before doing any financial transactions. One time I was trying to sign in to a major shopping site with a different profile than I usually used. No matter which of my usual tricks I used, it still insisted on pulling up my personal profile. Obviously they were tracking me with multiple cookies from multiple domains and I would have had to completely clear my history from that browser to get a fresh login. My only alternate option was to use a company computer from which no one had ever signed into that site.

Most modern browsers now offer some form of “private” or “incognito” browsing. A private session is a pristine instance of the browser with no history, no cookies, no remembered passwords. When you close the private instance of the browser (the entire window and all child windows – not just logging off the signin), it deletes all record of that session so the details can’t be tracked across other websites. The next time you open a private instance, you’re starting over again.

When private browsing was first introduced it closed or locked out your “regular” instances of that browser so you couldn’t do anything else while in it. Now it functions just like another browser window that you can switch back and forth between. Identify your private session by the notation in the title bar.

Caveats:

A private browser instance only protects you against successive session browser tracking, persistent cookies, and cross-site leakage. It doesn’t stop the web server from fingerprinting(1) your computer or any malware already installed on your computer or the server. All the cookies and history already in your system are still available to the browser – it just makes all cookies you get now “session” cookies. And, if you browse to any other sites in the same private instance, you might as well have used a default instance.

Private browsing is not a sandbox you can use with abandon; just a slight improvement over the wide open web. For better protection against tracking and leakage you need to use a pristine “computer” by booting to a live CD or a clean virtual machine. This works whether doing your banking or surfing to questionable websites – just be sure you reboot in between.

A private browser session is available from the main menu of most browsers. In Firefox and Internet Explorer, you can use the hotkey Ctrl-Shift-P. Chrome and Opera use Ctrl-Shift-N.

(1)      http://Panopticlick.eff.org

Creative Commons License. This work by Bill Barnes is licensed under a Creative Commons BY-NC-SA 3.0 US License. Permissions beyond the scope of this license may be available at http://zaitech.com/satellite/contacts.htm.
(c) 2013 Bill Barnes - Disclaimer - Home Page - Blogs Home

Friday, July 19, 2013

Microsoft abandons retail market

If you don’t follow technology at a certain level, you may have missed the news: Microsoft has told the consumer market to kiss off. That’s not exactly how they said it, but we know that old adage about actions and words.

First they took a page out of the cable TV industry and obfuscated their business pricing such that it is impossible to compare products and pricing. In fact, there is a certification just to support Microsoft licensing and most businesses that don’t shop at Best Buy hire a consultant to advise and manage their relationship. Then they introduced an all online version of their flagship product (yes, Office makes more money than Windows). The revolutionary (meaning Google’s only been doing it for half-a-decade) online and installable Office 365 is subscription only and starts at $9.99 per month. Forever.

That takes care of soaking or eliminating people who just want to write a letter. What about the people who make it possible for small business to run efficiently and economically?

Recently they announced that they are eliminating the primary program most people who support their products but don’t wear a Microsoft shirt use. TechNet is a subscription that gives one or more copies of just about every product that anyone who doesn’t have thousands of users across multiple sites could need – “for evaluation purposes only, not for use in production environments.” Depending on the promotion du jour, I gladly paid $150-$350 per year for the privilege to use 5% of what they offered me. Unfortunately, too many people were getting TechNet and sharing or selling the individual license keys.

My primary business is supporting people who use 1-10 computers. They don’t make their money with their computer; but do have to use their computer to make money. When your client consists of an accountant and her receptionist/account manager/billing clerk; you get calls to do everything from buying a printer cable to establishing a new office. This includes setting up and optimizing their email, preparing a customized mailing, or converting the contents of their client’s database to simplified spreadsheet.

Those tasks require Outlook, Word, Excel, and possibly more Office programs. I feel no guilt using my TechNet versions of these applications because I am supporting an office that paid the highest price for their own copies. I’ll tell you a secret, Microsoft. I could also complete these tasks using apps from Google or Open Office. Those cost me and my client – nothing. More significantly, they earn you nothing.

Microsoft; for every IT professional who gives you thousands of dollars a year to keep a certificate on their wall, there’s 5 or 10 or dozens more who support and promote your retail products. You just turned them into Google and Linux salespeople. Retail may not be the goose that lays golden eggs, but it is a cash cow that gives good milk year-after-year. When the time comes that all your money is from enterprise, it’s HP and Dell that tells them what to buy. Remember, they also sell tablets and laptops as well as management services. If you continue encroaching on their hardware and support businesses; they too may become Linux salespeople.

Creative Commons License. This work by Bill Barnes is licensed under a Creative Commons BY-NC-SA 3.0 US License. Permissions beyond the scope of this license may be available at http://zaitech.com/satellite/contacts.htm.
(c) 2013 Bill Barnes - Disclaimer - Home Page - Blogs Home
 

Tuesday, April 30, 2013

Some people don't count

Always check your coverage - ideally with a real device on the network - before you choose a cell carrier.


Pages