Facebook is popular, and therefore since it is so popular that is where the scammers and the virus creators go.  The most current scam is that of a spider.  In reality it is a survey that in which the scammer earns money for each survey taken.   For more details about the spider scam read the Sophos blog.

So how do you know if its a virus or something for real.   Keep these points in mind:

• If  the link/video seems over the top, it is probably a virus or a scam.

• If it appears to be a video,  head over to YouTube and search for the video itself.  If you can’t find it, chances are its a scam or a virus.

• If the person posted the same link twice, chances are its a virus or a scam.   If the video/application/or link fails to work, some individuals will try the link again believing they didn’t do something correctly.  In reality when they go back it shares on their wall again.

• If you see some texts like ‘Jaa” which makes no sense to most English speaking people, its a virus/scam.

• If  you are unsure, contact the person that posted the link and ask them directly if it is for real or hoax.    This will accomplish two things, one you can confirm it is real or not, and if it is not, you can let them know they need to remove it.

To remove a a post simply holding your mouse over the post and clicking the X in the right hand corner (as displayed below).

I would recommend that everyone like Sophos on Facebook for the latest security issues.  The Facebook scams and viruses will continue to populate Facebook and its up to each person to think twice before clicking that link.
Photo Provided by:  jepoirrier on flicker<

I’ve been using SafeSync for a while now, (see previous post), and have finally decided to move on.   SafeSync has a great potential but consistently has performance issues, both at the computer level and the server level.

For example to move 35MB to Trend Micro’s SafeSync servers, it took 9:00 minutes.   Compare that to CrashPlan,  it only took 0:20 minutes to backup the exact same data. That is right only 20 seconds.  My friend Eric Brown (ericbrown.com) introduced me to CrashPlan.

I also noticed TrendMicro has eliminated their unlimited plan for  SafeSync and now have 20GB,  50GB, 100 GB plans.  I was lucky enough to sign up for the SafeSync Unlimited Plan when it was first launched at a great price.   For the cost of what they are charging with the performance and the amount of space there are plenty of other options.   I was hoping at some point performance would improve but it hasn’t.    When TrendMicro purchased Humyo they were in a rush to release the product and that is evident from the poor support, and poor performance.    Level I support appears to have no training and the product and they have to go back and forth to the Level II.  Having been involved in several mergers and acquisitions I understand the need to turn the  acquired asset around to recover the outlay, but at what expense.  TrendMicro had a great opportunity to improve the product, and increase acceptability leveraging Trend Micro’s established brand and a great price plan.   That hasn’t happened and I wonder how may others will leave the product.    There are plenty of other options in play, from CrashPlan for pure backups, to DropBox and Sugarsync for backups and sharing of files.

I’ll retain the account for now and check back every so often to see if there are any improvements, but can you really trust your backups to a unrelaible product.  I can’t. Can you?

In the coming weeks I’ll write more about CrashPlan and the different options available.

I’d like to end this by saying thanks to Eric for introducing me to what appears to be a great product.  You should also check out Eric’s site.  Stop by and say hi.

Photo Courtesy of leo.prie.to on flicker.

I added a new link to my Favorite Links Section, CCleaner.

According to Piriform website:

CCleaner is the number-one tool for cleaning your Windows PC. It protects your privacy online and makes your computer faster and more secure. Easy to use and a small, fast download.

I’ve been using CCleaner now for almost a year and it does a great job.  First time I ran the application after using the standard Windows cleaning program, I was able to eliminate another 500MB of temporary or unnecessary files.

The application cleans internet files, system files and application files that are no longer needed.   The application has the ability to do a secure wipe  which is useful if you decide to sell your pc or donate it.     CCleaner also has the ability to clean the Windows Registry from entries that are not completely removed when software is uninstalled.   Note: Before you clean the registry CCleaner recommends that you save a backup of the registry.  Always  create the backup in case an issue occurs after the cleaning.

The program is a small download that is updated on a regular basis.   I highly recommend this application.

You can view all the features of CCleaner here.   If you have any questions about the application please let me know.

It appears that LastPass might be the next victim of a data breach.     Earlier today on the Lastpass Blog it was noted that some network anomalies were noticed that could not be explained.  Lastpass Management prepared for the worst and put a plan into action.  Although they did have a plan the systems on hand could not execute that plan, i.e. requiring everyone to change their passwords.    When users go to the site they see the following:

As explained in the blog post:

Update 2, 2:15pm EST:

Record traffic, plus a rush of people to make password changes is more than we can currently handle.

We’re switching tactics — if you’ve made the password change already we’ll handle you normally.
If you haven’t the vast majority of you will be logged in using ‘offline’ mode so you can still use LastPass like normal and get back to your day, only syncing of new password should suffer (and you’ll see the bar).

As load lowers we’ll increase the percentage of people being sent through email validation / password changing.

For people experience problems please email us at support@lastpass.com — we have seen a few reports of bogus data post change, we think this is due to you downloading a stale copy and if you go to LastPass Icon -> Clear Local Cache and try again it should work.

You can access your data via LastPass in offline mode or by downloading LastPass Pocket : https://lastpass.com/misc_download.php (choose your OS).

—

There have been updates since this was posted and their CEO, Joe Siegris, provided an exclusive Interview to PC World.

Lastpass has done some things right and some things need improving, of course it is always easier to say this should have been done after the fact.

So, lets start with what can be done better next time:

• Whatever your plan is make sure the systems in place have the capacity to handle the load.
• Document the plan so there is no guessing, and tactics will not have to be changed midstream.
• Although communication has been very transparent some of the lingo on the site updates may confuse your everyday user.

…the server salt and their salted password hashes from the database.

I have personally enjoyed the reading the technical discussion of the updates but for the joe user who surfs the web, sends email and orders from amazon, this maybe a little over their head.  Perhaps providing technical details in a seperate area, that way the everyday user can read the updates and udnerstand how it applies to them, then link off to the technical stuff.

• Require everyone to have a strong master password.  I know people in general hate strong passwords because they can be difficult to remember but this is the password of all passwords.

Now, lets look at the postivies:

• Communication has been very good, and transparent as possible.   Users were notified of the issue as quickly as possible instead of waiting a week or more.
• The staff reviews the logs in a timely manner and knows their environment.   How many companies actually review their logs daily and see something is off but can’t explain it immediately.  I know some companies do, but I imagine a majority of small to medium size businesses don’t.   Does your company?
• Deploying extra security measures:

We’re also taking this as an opportunity to roll out something we’ve been planning for a while: PBKDF2 using SHA-256 on the server with a 256-bit salt utilizing 100,000 rounds. We’ll be rolling out a second implementation of it with the client too. In more basic terms, this further mitigates the risk if we ever see something suspicious like this in the future. As we continue to grow we’ll continue to find ways to reduce how large a target we are.

• Quick action:  They responded to the situation as quickly as possible and didn’t discuss it for days.   In a security breach situation quick action is a must, better to over react like they may have, then not to act at all.

Most people always want the best security possible, however, they do not want to be inconvenienced  by it.   The fact is  a little inconvenience now may save you from a weeks of inconvenience later if your data is breaced.

I look forward to reading about the details as the situation continues .  Was it really a breach, or was it a hiccup.  Only time will tell.

Is the cloud ready  for the repeated attacks?  Is the public ready?  - Let me know your thoughts on these questions and on Lastpass.

As some of you all know, one of my favorite all time apps is Evernote (see my previous post).

Evernote just recently released some new updates that I find very exciting,  most importantly the individual note sharing.  Previously in order to share anything you had to share an entire notebook within Evernote.  This was not ideal if you only needed to share only one note.

From the Evernote Blog:

Today, Evernote for Windows got its most significant update in months. The big news is sharing. For the first time, Windows users will be able to take selected portions of their Evernote memories and share them with friends, colleagues and classmates–all without ever leaving the application. That’s not all. We’ve also added a number of other much-requested features and improvements. Let’s take a closer look.

…

Quick note sharing
Now you can quickly share a single note with friends and family using Facebook, Twitter, email, and more. We’ve added a Share button into the menu bar. Click the button and select a sharing option.

Now this gives the ability to share individual notes on social media sites, like Facebook, Twitter, LinkedIn and the like.  The feature works well and I have already used it a couple of times.

Now if you want to see what exactly a shared note looks like click here.   I have shared this same post from my Evernote account.

The ways this feature can be used is only limited by your imagination.  If you have not tried out Evernote, give it a shot and let me know what you think.  If you have any question also feel free to contact me and I’ll try to help.

I believe one of the most difficult plans that must be made is a strategic plan.  Do you (yes I said you) or your organization have a strategic plan?  If not, why not?

In order to have a plan, the process, requires you to identify your goals and vision in the long term.  Where do you want to be three or five years from now?  Are you too focused on the daily tasks of your personal life or your operational plan of your business?

Keith Ferrazzi says:

It is essential to develop a strategic plan for our lives.  What do we want to achieve in 30 days? 3 years? Long term? (We must know where we’re going before we can map out a route to get there.)

The same holds true for your organization, whether it is a small business, large business or department (for example IT) within a business.

Carter McNamara gives a great explanation of what a strategic plan is:

Simply put, strategic planning determines where an organization is going over the next year or more, how it’s going to get there and how it’ll know if it got there or not.  The focus of a strategic plan is usually on the entire organization, while the focus of a business plan is usually on a particular product, service or program.

Although this is a very simplistic approach to creating a plan, you should at a minimum:

1. Identify for your long-term vision/mission.
2. Identify what it is going to take to achieve that mission/vision (goals).  Make sure the goals are obtainable.
3. Identify what tasks and timelines are required to achieve those goals.
4. Execute the plan.

While executing the plan, keep track of where you are.  Celebrate the wins and the accomplishments.  If any of the tasks are not successful determine why and your next course of action to achieve those goals.

Depending on the size of the organization this could be a long term project but necessary.  For you personally it could take a long weekend or even longer depending how complex you want to make it.  Without a plan, you may drop the ball and end up in chaos (repeating the same thing repeatedly and getting nowhere).

For businesses, I really enjoyed the posts Carter McNamara provides on his blog.  I ran across his site while reading about strategic planning.  For your personal goals and vision, I recommend reading Keith Ferrazzi’s blog in particular this article.

Now go plan and execute that plan.

Photo Credit: jscreationzs

I just received the email from Best Buy.  It appears Best Buy was included in the security breach as well.  As noted in the email remain alert on unusual or suspicious emails.

iew:  Mobile |  Web MYRZ.COM BESTBUY.COM

Dear Valued Best Buy Customer,  On March 31, we were informed by Epsilon, a company we use to send emails to our customers, that files containing the email addresses of some Best Buy customers were accessed without authorization. We have been assured by Epsilon that the only information that may have been obtained was your email address and that the accessed files did not include any other information. A rigorous assessment by Epsilon determined that no other information is at risk. We are actively investigating to confirm this. For your security, however, we wanted to call this matter to your attention. We ask that you remain alert to any unusual or suspicious emails. As our experts at Geek Squad would tell you, be very cautious when opening links or attachments from unknown senders. In keeping with best industry security practices, Best Buy will never ask you to provide or confirm any information, including credit card numbers, unless you are on our secure e-commerce site,www.bestbuy.com. If you receive an email asking for personal information, delete it. It did not come from Best Buy. Our service provider has reported this incident to the appropriate authorities. We regret this has taken place and for any inconvenience this may have caused you. We take your privacy very seriously, and we will continue to work diligently to protect your personal information. For more information on keeping your data safe, please visit: http://www.geeksquad.com/do-it-yourself/tech-tip/six-steps-to-keeping-your-data-safe.aspx. Sincerely, Barry Judge Executive Vice President & Chief Marketing Officer Best Buy

People will often ask me, why do I volunteer for Chamberlain Performing Arts, especially since my daughter no longer dances?

Let me share this quick story with you…

This past weekend I attended the Chamberlain Performing Arts Dance-a-thon.  The dance-a-thon was described as:

Dance Through the Decades Dance-a-thon. A night of family fun awaits you at Chamberlain School of Performing Arts. Join us as we dance through the decades with music and dance steps from the 50’s to the 2000’s.

It was a great event coordinated by the staff of CPA, but more importantly, it included the company members that the organization supports.   All of the company members  enjoyed the music and the dancing,  all while earning money for their organization.    At the end of the evening,  all of the company members gathered into one of the dance studios, along with parents, volunteers and staff  for a small live auction.    The main item of the evening to be auctioned off was:

… a one of a kind, handmade Company quilt featuring artwork from the productions of the 2009/2010 Season.

The bidding for the quilt went back and forth for several rounds until then end when Kathy Chamberlain (founder) won with the highest bid.   After the bidding was over, she announced that she purchased the quilt on behalf of the families of Chamberlain Performing Arts,  for one of the company members who is currently in rehab because of suffering from a childhood stroke and unable to dance.

Kathy Chamberlain is an amazing person with a kind heart, who can do miracles with kids.   Working with Kathy and supporting the organization  that she founded is just one of the many reasons I volunteer for Chamberlain Performing Arts.

I  just completed my second class for my PMP Certification.  I took an online class sponsored by my alma mater, the University of North Texas.  The class is actually conducted by a company called ed2go.com that provides classes on a variety of subjects at extremely affordable prices.  Ed2go.com classes are in four main categories, Career and Professional, Computers and Technology, Writing and Publishing, and Personal Development.

Each course has two classes a week in which the instructor provides a written lecture.  After the lecture an assignment and sometimes a quiz is provided.   At the end of the class, a final exam is given and credit is received after the exam is taken.  Communication with the instructor and the rest of the class is available via a message board for the class.  Depending on the class sometimes, there is more discussion than other times.

If you are person seeking to expand their knowledge I would check this company out, register for a class and let know what you think.

“What we’ve got here is failure to communicate.” – Cool Hand Luke

Strother Martin in Cool Hand Luke

I have been working with Trend Micro now for over two weeks trying to get their SafeSync product to work.  This past weekend I ran into a new issue.  I called the support desk to report a “new” issue.  I spoke with the first line support rep.  The person asked for my email address to log the ticket.  I said jeff.cox at jeffpcox.com.   The rep didn’t understand it so I repeated myself saying  j-e-f-f-.-c-o-x-at-j-e-f-f-p-c-o-x-.com.  The support person repeated it and still had it incorrect.  The next attempt he had everything correct but kept saying .NET.  After two more tries, I ask to speak to someone else.   Instead of placing me on hold, he hangs up on me.

I called back and went through the same process again.  The support rep did find my account, however he was not listening either.  I had to say multiple times this was a “new” issue.   The rep kept reading me the status of my existing case trying to get me off the phone.  After four attempts of trying to explain this is a “new” issue, I asked for a manger.

I explained the previous two interactions with the manager and he took the notes and informed me the servers were down.  Now the first part of the phone call took thirty minutes.  Is this necessary to have taken 30 minutes of a customer’s time when a simple, “the system was down and we are working on it” statement could have been said.

The following day I attempted to use the SafeSync service again, and it appeared to be working, then stopped.  So I contacted support and I just asked, are the servers still down?  The support rep stated no the servers are up.  We spent another 45 minutes on the phone trying to resolve the issue.  Finally he contacted someone on level two and found out, there servers were still down.  I inquired how much longer this would take and he said he did not know but he would or someone would contact me as soon as the servers were available.

After several hours the servers appeared to be  functioning again and the product began working, however I never did receive that phone call or e-mail.

Now I know this is typical of a support group.  However, in my opinion Trend Micro is a good company with excellent products.  With the acquisition of humyo.com now SafeSync, I wonder if they rushed this product out before it was ready.  With this ultimate failure of communication, do I really want to trust them as my backup provider for my data?  Unfortunately, this seems to be the norm for this product and I am disappointed.  SafeSync has the great potential but am I willing to risk losing my data with SafeSync?

I can understand software having an issue, or servers having issues, but combine those issues with communication failures you will have a disaster.  Clear communication must happen within an organization before it can happen outside of an organization.   Without clear communication, you will lose customers.