Online Protection

2008-02-23T07:23:00.000-08:00

Never say security, which will be valid for a day only

There are too many clever guys, either good or bad. Just read "Researchers Find Way to Steal Encrypted Data" and it seems that more will come.

Technology has created a way to terminate previous technology, so another challenge for some to move forward. This is kind of evolution. We may need to know when will we have the technique to keep our data safe forever.

That is why I always tell my clients not to be fooled by those security protection. It is always the owner of the data to work it out. Why put the data online to face such threat? If one goes for business trip but cannot remember the needed information, then one should not be the right one to do the job. To risk the company because of such case is something management should not do. If information is needed suddenly, it is simple to have some one back in office to deliver by email. At least, the risk is just for that document only, not the full documents of the company.

Wireless connection is said to be safe. Forget it. That is just another simple way for hackers only.

2007-11-29T02:30:00.000-08:00

Is resignation or dismissal a solution for lost of your personal data?

Data loss seems to be a normal event now. Either a commercial body, or a process center, or the government department, it happens and happens again and again.

The recent case, "HMRC loses records on 25 million people in the post", let me think about whether someone resigns or be dismissed would be a solution. Will any one, affected or suffered, be comfortable about this outcome? I believe that everyone would prefer not to face such situation. Why those people fail to do thing right? The duty should be to safeguard other's data and not just to resign.

Some years ago in Hong Kong, some managers of SMEs already have to handle shipping documents by themselves. That was because messengers might lose these important documents due to their carelessness. This is a sad thing to say, management would not be effective unless all members from high to low would abide to their duties. The only factor is human. It seems that the original management was based on some type of human in the old days. Now, we have new breed of human, who would not care about duty, who count how much he/she get etc.

Of course, there is no way to avoid giving out our personal data. We have to face government, medication, insurance, banking etc. and we cannot say no. So, we must be prepared since we shall not be safe forever.

2007-10-05T04:24:00.000-07:00

Is encryption the savior of data loss?

The loss of data, either by hacking or by the loss of a notebook, is so common today that we become so helpless because our privacy information must be handed over to governments, banks, chain stores etc.

Basing on the essay, "Full-Disk Encryption Is Partial Protection, Analysts Say", it seems that if those companies etc. will follow the guidance, we are safe even if our data would be taken by some bad guys.

I have checked about hacking, PC forensic, encryption for sometimes. What I know is that there is nothing safe. It depends on the skill of the bad guys and unfortunately most bad guys are experts. Certainly, encrypted data is better than without, at least, not easy to crack by anyone.

The simple truth is that if we are not the target, we are safe.

2007-07-19T08:06:00.000-07:00

Can encryption protect all sensitive data?

Due to the frequent loss of data not only from our online PC, also from government, organization etc., there are numerous advice that we have to use encryption to protect our data.

I am also working on encryption for my clients for a number of years. Frankly speaking, I am still not confident that protection is true.

First, if we use encryption for our data, that means there is a decryption tool in our PC for us to work with the data. Will hacker just take the data files and not the decryption tool? Can we suppose that hackers did not know that our data is encrypted?

Second, it is certain that no program of any level can be protected again reverse engineering. That is, the encryption method cannot be protected. Once a hacker found out the encryption method, the encrypted data would be at risk.

Last, I still wonder why so few people have that knowledge that a cracking method called Rainbow, can decrypt any know encryption method no matter how long the key is. Some still assume that hackers would need a giant computer and work for a year to decrypt. In simple words, they thought that hackers are stupid as them.

I have thought of putting the program in a removable media like CD, USB disk etc. But it may not be accepted by users for such trouble. No one would care without suffering experience. By doing so may let my clients turn away from me.

There is a fact; hackers will not spend time on everything. It is their cost. They may prefer to get the credit card information from clearing centers, banks etc. instead of picking one by one from individual.

Until now, the best way is to have the data files stored away from networks.

2007-04-11T02:19:00.000-07:00

Free anti-rootkit offered by AVG

If you have not read any information about rootkit, it is better to check Rootkit From Wikipedia, the free encyclopedia.

You can download AVG Anti-Rootkit Free.

It is easy and fast to install. After installation, you have to reboot the computer. It is better to run it instantly.

Whether we have to buy the premium version depends on individual situation.

Although there are some sayings about the death of Internet, yet it is not possible for us to live without Internet. Communication and information have become a vital part of our daily work and personal lives. Therefore, it would be better to keep our computer as secured as possible.

Some may feel helpless when there are so many cases of personal data loss by famous retailers etc. The worst thing may be if loss was due to our carelessness.

I am upgrading my USC Password Security System to Light Version 2.7 for better performance. This is used by me daily for various activities including my bank accounts. That would protect my passwords from keylogging threats etc.

If you need to protect your passwords, I do recommend you to check it.

2007-03-22T01:36:00.000-07:00

The simple truth is there is nothing called data protection

With another case, "Stolen TJX Data Used in $8M Scheme Before Breach Discovery", it is simple to know that it is almost impossible to protect our sensitive data, unless we would give up the best thing of modern time and live in the old way, paying cash and never let anyone, perhaps, including the govenment takes our identities.

Of course, we cannot. We need to show the personal data to the government, to our dentists, to our doctors, to air lines etc. I do believe that all parties including their executives/leaders would never intend to have any problem with our data. But no one can guarantee that there were no identity thieves, inside or outside. Anyone who is good in history might turn out bad by many reasons.

I think that the only way to protect all of us is to have serious punishment so that no one would dare to risk. Just like the old days, death penalty was the only way to keep peace. With the kind of forgiveness in mind to govern our world, there is no way to protect any lawful citizen.

In a way, I do feel that law makers were preserving the escape for themselves instead. Just like some countries where men used to rape and punish women for all reasons, there was no law to punish men at all.

As I have mentioned, the lack of updated knowledge is the major problem we face today. Any law-maker without the ability to protect us must not be elected anymore.

2007-03-05T23:56:00.000-08:00

It is better than black gold!

Every one of us must have received SPAM, some even sick of this problem and some might try to get rid of them.

From "Sheriff awards damages of £750 for single spam email", it is so attractive that I may get a fortune because on average I have over ten SPAM daily. Just think about £7500 daily income, no one would object to this solution. Of course, this may not be applied to everyone everywhere yet.

There had been numerous arguments about SPAM and most government would not dare to have laws or penalty or such kind of compensation. Certainly, the definition of SPAM is the major factor. What is SPAM? Is any email sent to someone without previous permission be taken as SPAM? Can we classify them, or have legal SPAM if they are sent by government departments, election candidates or non-commercial organizations?

For case like SPAM, the best solution is to have all judges of the world follow the example this time, making SPAMMERs to pay £750 for each email per receiver. If not, then the only way is to suppress them by another means. Do not count on your government or law-makers to do anything. They would never be able to solve this type of problem.

By going into the Internet age, we shall face more proofs that our law making or enforcement bodies are so weak and ignorant. Next time, do not vote for those who know nothing about new technologies. We do need government officials from the top and all law-makers to have education or training that is suitable for the modern time.

2007-01-29T01:07:00.000-08:00

The simple way to protect us is in the hands of ISPs

After reading "Harnessing the Web to Sell Online Security", I suddenly realize that many ISPs have offered virus protection services as a kind of added service, sometimes free of charge.

No matter it was a mistake or omission or kind of ignorance, the Internet has been built without putting the responsibility of safety to any parties.

In fact, all virus, scam and spam must be sent from somewhere through an ISP, just criminals must take the traffic to perform their sin. Policemen may block the road before or after to get the bad guys. With the knowledge and technique today, it would not be impossible for that ISP to scan the virus, scam or spam. Of course, I do not mean that ISP needs to act alone. The law enforcement or related organizations can support the ISP for the safety of everyone online.

It may be easier to say than done and I do not expect all ISPs to stop the online problems. But, at least, when cases turned out, it will be possible to find the sources or the IP addresses. Therefore, we just need an international law or rule to penalize the subscriber or ISP. The best way is to let them take responsibilities for all or a major part of the loss that occurred.

Just like any mishaps, we have to find the originating source and to perform protection at the very front instead of working hard to recover.

Remember that without such move, no matter how many times we install upgraded protection, the threat remains.

Even when such action concerns regional protection or political conflicts among countries, the simple way is to shut off that ISP or region or even the country if they refuse to co-operate.

Websites can be located anywhere; yet going online must be relied on domestic ISP. The source is obvious and I believe that taking up such action is not impossible. Nowadays, most governments are looking for a way to protect their online nationals. Perhaps it is the right time to get something done at the right spot with a proper and forceful way for a better future.

2006-12-18T01:21:00.000-08:00

The sad truth is that our personal data would be stolen or loss, now or in the future

Most of us who still remain safe would face data theft to-morrow or sometimes later. If we check An Ominous Milestone: 100 Million Data Leaks, then it is certain that anywhere we had been, school, college, even medical or dentist unit, our personal data would be transferred to criminals in the future.

Perhaps we have hoped that the education sector will teach new talents to save us. How could we expect any good thing from them if their units were so careless and helpless and without abilities to protect their own data?

As I have said, if the problem is due to our own fault, we should be shameful. If the case was out of our own control, we might hurt but remained release because that was the failure of the authorities instead.

What we can do? Take this issue into our demand for the next election of any leaders from president of the country to any organization. If these leaders fail to protect our personal data, then the term leader would need a re-definition. It had been started in ancient time that leaders must be capable to protect the followers, not any one that care about their own goals, their own favor or their own business.

2006-11-28T00:51:00.000-08:00

Youtube, new bottle, old wine

When I read news about the sales of youtube.com, I have no time and interest to see it, until a few days ago.

Of course, the content on the front page changes daily. But what I saw that day contained some video taken secretly in the beach. That is, women in bikini. I got previews only because I have not subscribed. Perhaps if I paid, I might see topless women sun-bathing or taking off their bikini. This might entice me to pay, tens of years ago.

Yes, most human have voyeurism with different levels. Please do not argue about this. The only difference is the chosen topic among us. Otherwise paparazzi will have not job. Some newspapers and magazines may not have large audience.

There is nothing new at all. When we were young, we must be excited by peeping at any thing that would interest us. When we grow up, such interest would be diminished, certainly not completely ended. At least, we may consider whether that is worth for us to spend time and money.

If youtube would have success, that means either most young ones have been attracted to join, or there are many old guys still young in their brains.

I never object to individual interest so long as the action is legal and without harm to others. What I do not like is taking this site as something modern, something high tech and something creative.

There is nothing new, after we have cloth on our bodies. There is nothing modern, except that we are looking at the monitor instead of key holes. There is nothing creative, other than making an old trick a new face.

2006-11-17T02:43:00.000-08:00

Perhaps we have to stay away from any transaction with wireless.

We may not know that our sensitive information can be stolen or given to anyone with a MP3. Just read "Man used MP3 player to hack cash machines" and how lucky some of us were because such case had been discovered by accident. For us who have made purchase at any place that employed wireless, it is better to do something.

Sometime ago, we have talked about the problem of Internet. Those creators failed to realize that someone would use different way to perform crime online. Now, before testing for security, they rushed to put us in danger again. Of course, they got business and profit. They need not to suffer anything because there is no rule to have them responsible for such loss.

It seems that we are in need of some regulations so that suppliers must be responsible for any security problem. In fact, I believe that man might not need any effort at all.

It is a shame for the IT industry.

2006-10-31T02:27:00.000-08:00

Firewall may not be a wall anymore

According to New Windows attack can kill firewall, this may be the greatest threat to our computers. That is to say, we lost in the battle and we cannot rely on those experts who succeeded to charge us only.

We may not know whether this is the problem of the firewall or the Windows XP, but we must know that we have to do something to avoid being hurt again with this new threat.

Someone had asked me what was the best way to avoid virus. I suggested having a single computer for online purpose without any data and without links to other computers. If anything happened, just to clear this computer and re-install the Windows. It seems that we have to go this way in the coming future.

2006-10-18T07:32:00.000-07:00

It may be the time to say "no expert can save you, unless you take care of your PC"

If you have read "Is the Botnet Battle Already Lost? ", you may have to check many things with your PC.

The price of going online is to learn the new way for safety. Some years ago, I did not think that I needed Firewall besides anti-virus.

It happened about one month ago when my PC was infected by a virus made in China. May be it is not virus; may be it is not a single one too. But the infection traveled to all PCs and notebooks through the Intranet. Of course, it took me more than ten days to clear all PCs and notebooks with busy works from formatting to re-installation of Windows. Then I have to get a firewall for the major PC.

With firewall, anti-virus and anti-spy running, I have to adapt to the new slow speed of browsing and all intranet operations. Sometimes, I have to use one PC and two notebooks simultaneously so that I shall not waste my time waiting for any operation.

That is the way to keep safe and perhaps some minutes a day would be better than two weeks' time to save the computers and the risk of losing important data.

I am confident that I can adapt this new way since the same type of change had happened two or three times for the past twenty years.

2006-09-13T03:59:00.000-07:00

USC Password Security Storage System Light Version 2.6 is the right solution.

Since we are advised not to use the same password for different applications, many would face the difficulty to remember them. From the "Password-Plagued Workers Burden Help Desks",
.....
More than half (56 percent) of respondents said having a "master password" that replaced all other passwords would be "extremely helpful." .....

That is what my Password system is designed for. With a maximum of 999 encrypted passwords and user chosen numkey and the function to copy Login and password to clipboard, users of my system should have no trouble like those others.

I still decide to keep the price of US$ 1, although some advised me that I should raise the price to gain buyers' confidence. Perhaps I have to change my mind in the coming future.

2006-09-12T18:15:00.000-07:00

The challenge to go online safely becomes greater.

We have faced with virus, adware, spyware etc. for some years. Most of us would take care to look for any sign of danger, yet, the bad guys are using all means to get their jobs done.

"Malware Hides Behind Legitimate Companies" stated the latest situation that many of us might not be aware of.

The same problem happened to me recently. After visiting an official site in China and searching for something, my computer was infected with a new and powerful virus that was not able to clear with anti-virus tool. With numerous trials failed, I have to install the Windows again.

A simple truth today is that all computer users must get prepared to re-install Windows because no matter how careful we are, there is always a chance to be hurt by new virus etc. Each time, they are more powerful and it is certain that they know what protection we have.

2006-09-05T03:01:00.000-07:00

Spam is something we have to live with.

The problem about spam has been with us for years. There were many reports saying that millions or even billions dollars were lost due to spam. Some even tried to find a way to stop spam. The costing included the time of workers reading spam. Well, human is not robot and I do not think anyone can work non-stop for the entire working hours. If there were no spams, one might have something else to relax.

Of course, it is the most efficient and economic way to promote commercial or political cases. Spam does not consume any substantial materials exceed the bandwidth and perhaps the need to build more wires. No matter how, spam is environmental friendlier than any other means.

The latest information, "New twist as spammers offer to help companies cheat the stock market" indicates that spam is now employed by finance sector or perhaps criminals now move to the stock business. Some may agree with me that the only difference between fraud and stock is the commodity only. Both are the 'small fishes eaten by bigger fishes'.

May be a new name is needed for spam so that the same skill and action can be formally taken as part of the marketing and investment technique. Alternatively, we can have a certification for those who want to use email or spam to promote anything that cannot be taken as illegal.

2006-08-23T03:06:00.000-07:00

Rootkit threat is now widely aware

I have talked about rootkit problem sometime ago. Recently, according to "Over 50 percent of business users say rootkits are a problem", it seems that many users are now aware of this problem.

Anyone who would like to protect against Rootkit threat can get the free Sophos Anti-Rootkit.

Remember that the rootkit threat is about keylogging. That means any input from the keyboard may be stolen. If you have password accounts, it is better to consider buying my USC Password Security Storage System Light Version 2.6 to protect all your online accounts.

2006-07-29T03:00:00.000-07:00

There should never be short of victims

It seems that the online criminals could succeed by getting personal information or doing harm to individuals because we have weakness.

The famous Nigeria Scam is based on our greediness. The spyware is based on our sexual desire. Check the two cases:

Victoria's secret spyware attack steals hearts, usernames and passwords

"My best photo ever!" Trojan horse spammed out via email

I am sure that victims must be male instead of female for these cases.

It depends on our experience to judge whether such email message could fool us. During the first few years online, one might find these interesting and never worry to click the link. But, with years of experience including bad cases, one should have the knowledge to question why receiving such email.

Do not risk yourself because you have firewall etc. Online criminals are always ahead of any protection methods.

2006-06-29T19:35:00.000-07:00

With your great skill, can you give us a replacement for Windows instead?

Refer "'Blue Pill' Prototype Creates 100% Undetectable Malware".

We don't care if you hate Microsoft. If you really hate Windows and try to force us not to use it, then we are ready to wait for you to give us a better platform. We use Windows because there is nothing better than it does, not because we love Microsoft or Bill Gates.

Ever since the success of Windows, we never have a day free of such threat. These guys forgot that they were hurting all of us. I do admire that they had that level of skill but I do hope that they could do something good. Perhaps they are lack of the good technique, just like criminals who were clever but only limited to doing bad things.

If they were really so, then all media must not report what they said and let them disappeared from our world. Perhaps it is the media that gave them a way to show off their skill.

As users, we shall soon get tired for fighting a war without end. Moreover, we are the consumers only.

I am certain that media would continue to report such things and these clever troublemakers would continue to threaten us. That is one way that Microsoft should work for, make a Windows that can install itself from a protected source every time we boot.

2006-06-27T21:48:00.000-07:00

Sophisticated criminals plus stock shark = financial catastrophe

We have been warned that criminals have equipped with sophisticated techniques. The worst thing is that we already have criminal style stock shark with name like hedge fund etc. which grasped the money of helpless small investors legally.

With the latest information,"Cosmetics company's stock price rises sharply following spam campaign", it seems that either both legal and illegal criminals had started to co-operate or the illegal criminals have adapted the legal technique or the legal criminals started to employ the illegal way.

The law that supposed to protect us is always lagged behind the modern times. With Internet, the gap is greater and it takes a long time to come up with any means to fight against that kind of crime some years ago. Oh, we must remember that law can deal with crimes that happened and not to prevent. That means no protection f0r those who suffered.

One little thing that we might be happy with is that such sophisticated criminals are giving up their guns, so it would be safe for our bodies provided that we would not be mad when our money are gone in a short time.

Well, that means we need to learn how to protect us unless we decide to withdraw from the modern lives.

That is the reason that we have to get the latest information to stay ahead of risks.

2006-06-24T02:04:00.000-07:00

They are in need of a body embedded computer and a brain-installed hard disk.

It may be ridiculous to know that people who supposed to look after privacy and identity protection had been so careless, check: "FTC Laptops Stolen, 110 People at Risk of ID Theft".

We may need to build a computer that embedded in bodies and hard disk installed in the brain to avoid such cases. Remember that a guy had done so for mobile equipment put into his fingers. That is a good idea. Smaller notebook would not help because that will be easier to lose or slip away in any movement.

Of course, we might have lost a mobile, a notebook etc. either stolen or lost due to carelessness. But that was before when personal data had not been used by criminals. Nowadays, we have to take care of such things because we read news about stolen data almost every week for these years.

May be it is because the data is nothing about oneself, so it is not needed to take extra care.

We may need a law to guard against holding other's personal data which is digital asset today.

2006-06-22T01:53:00.000-07:00

A new type of insurance is needed, against the carelessness of Insurance company.

We use to believe that insured is secured and protected us against loss. Now, some of our personal data had been stolen, nearly a million in total. Check: AIG Confirms Customer Data Breach.

Some may wonder why? Well, that means every corporation, big one too, is never care about our personal data. Since personal data had not been a treasure before, so we had been peaceful for years. Now, with the modernization of criminals, as mentioned, it is a best way to rob without a gun.

Can we be safe? No, if we are still not yet hurt, it is because we are lucky or not rich enough to attract the criminals.

Perhaps we can say, if these corporations cannot protect our personal data, they might care about our money only, never our protection. So why should we rely on their services?

More and more cases also tell us that such big corporations have no practical management at all. Perhaps their CEOs were too busy to get the highest options and benefit, if not cooking their books. Check: Altera to restate 10 years of earnings and may worry whether such problem would exist in other corporations too.

2006-06-20T03:30:00.000-07:00

Next thing to come, a trophy for the best hacker.

We may be astonished to see, "UK's first computer hacking degree launched". Of course, it is said that the training is for security instead.

In fact, I have been told that there were training in college for hacking a long time ago. Just like re-engineering, such topics are quite challenging for professors.

There is no way to guarantee the behavior of graduates; especially they may turn to hackers after a couple years.

Without such academic involvement, we already have to work daily to keep safe. I believe that our trouble may not get worse if we continue to maintain a good defense.

Let every one knows more about hacking may not be a bad thing. At least, more people will aware of such danger. Hacking may not be the ultimate killer; carelessness about others' data should be more damaging than any other things.

2006-05-30T19:43:00.000-07:00

Keeping the credit card data with USC Password Security Storage System Light Version

The USC Password Security Storage System Light Version is designed for passwords. As mentioned, I use the same version for a long time to see if there is any problem myself.

Recently, when I have to renew one Domain Name, I have to input the credit card data. Since the Keylogger is a threat today, I dare not to input such sensitive data through the keyboard.

So I use the Adaware SE to clear the spyware first. Then turn off the router and input the password data with the USC Password Security Storage System Light Version.

I use the fields as follow:

Website --- VISA
Login --- the card number
Pass --- the control code

With such records input, I can renew the Domain Name without inputting credit card data through the keyboard.

2006-05-22T21:20:00.000-07:00

Without users' comment, nothing will be perfect

About the USC Password Security Storage System Light Version 2.5, I have used it daily and yet I must admit that I overlooked an important point.

Fortunately, a client told me that he preferred to hide the login and password during browsing with the program. That means the procedures of CHECK, SHOW and INTERNET must be changed to meet such demand.

After testing for amendment, it seems that the new procedures offer a better way for users to browse the Internet without any threat online, being picked up by passerby or keylogger.

I really appreciate such comment and I do believe that without others' suggestion, there is no way to build any perfect products.

The follow up is to upgrade the Version 2.5 to Version 2.6 and free upgrade must be delivered to all clients. That will be done within this week.

If you are one of my clients, do give me your comment. I have said that although this program is in the One Dollar Software House, that is, sold for one US Dollar only, there is no reason not to make these programs perfect.

2006-05-19T07:34:00.000-07:00

We may have less spams for a while

It is good to know that "Zombie king suspect alleged to have sent 18 million spams per day".

Ever since I started online, I have experienced with hundreds of spam daily. Of course, for some months, the number fell to less than fifty. This would take a few minutes for me to clear them from my mailbox. One friend had said that spams cost him a few hours daily. My response was that he must had read those porno instead of deleting them instantly. With experience, we just look at the title or the sender to confirm whether to delete it. Spending time to read the whole email is just an excuse to see if there is any porno image only.

Marketing by email is the best method. Certainly, we cannot have a method to stop bad guys taking the same way. I do enjoy reading marketing emails. It is part of the information to know new things.

This is a personal choice. For me, I never use filters and I do like to read scam emails. Unfortunately, they are not so creative as before.

One thing is certain, there is no way to stop spams. Just to keep them down to a lower number will be good enough for most of us.

2006-05-10T04:32:00.000-07:00

A suggestion to fight against virus and spyware

There are many reports and estimation about the trouble and loss due to virus and spyware. I do believe that some of these estimations are exaggerated. Of course, such problem has hurt the joy of going online and forced down the efficiency of working.

It is glad to find that legal system starts to punish those bad guys. However, after reading "Two years after author's arrest, Netsky worm still tops virus chart", it is certain that the damage is far exceed any such punishment could match.

Let's discuss the concept of punishment. It is certain that all punishment is not a kind of revenge. That had been employed in the old days. Besides repaying by losing one's freedom for what has been done, punishment serves as a warning to all others. Warning must be enforced, otherwise we shall continue to have such crimes in the future.

Most crimes ended with someone being hurt or even dead. The different levels of punishment have taken it into account. Death or life sentence is the highest punishment. Cases closed.

Virus and spyware are not traditional crimes; no one will be hurt physically. However, the damage will be continued even the author had been jailed or barred from any computers.
Sentence for a number of years cannot stop the damage, especially there are copycats and a few bad guys can continue to modify the codes and extending the threat to everyone for many years, if not forever.

Furthermore, with legal action comes to an end after verdict, there will be no more protection for all of us from the relevant virus etc. In other words, the legal system has failed to terminate the damage of such crime. If we shall have a hundred bad guys producing such virus, after they had been jailed and released some years after, we may have to face the hundred viruses for the rest of our lives. It would be unfair for all of us.

Therefore, I suggest that we have to change the punishment. Anyone who produces a virus should have the responsibility to clear it from the world. That means he/she has to spend whatever time is required to clear the virus until we have the report that their viruses are disappeared. The prison has to provide a room with Internet connection, they have to use their own computers and pay the accommodation too.

Since we already have a number of reports for active viruses, it is easy to select a few as watch lists. There will not be any cost at all.

How about the same virus disappeared for a short period before coming back? It depends on the law. If the punishment is effective whenever the virus exists, there is no need to go through any process again. That means if the same virus appears again, the guy will have to continue to work in jail again.

Due to the internationalization of such type of crime, it will be good for every country to act together. The punishment can be performed anywhere in the world. So the guy can choose where to serve his/her punishment, provided that he/she paid for the travelling.
Remember that such guys have good talent, it would be a waste to lock them up without application of their skill. We do not need to tell them what to do, they should know better than we do.

Whether my suggestion can be enforced remains unknown. It would be good to find a better way to deal with this type of crimes because Internet connection will continue forever.

(The original essay is published in my site, www.uscforesight.com/2006002ENG.htm, for Chinese Traditional Characters, cnt.uscforesight.com/2006002.htm and for Chinese Simplied Characters, cns.uscforesight.com/2006002CS.htm)

2006-05-05T06:41:00.000-07:00

The best encryption or any great effort would fail to protect if your computer has keylogging spyware.

Encryption is not applied by users. It is the e-business website's tool to protect online customers.

Recently, someone raised the question "Is encryption really crackable?" in a blog. If you want to know about encryption, it will be good to read the various posting. Among the messages, "However if the PC has a keylogger, or a hidden partition wher all your plaintext is copied to, NO encryption will protect you." posted by michael_orton is a good reminder to users.

My friends always said that I might be too fast ahead of them because I always worked on something that they had not yet aware of. It sounds great. No, I think that the problem is most of them relied on their chosen channel of information and had not spent time to see by themselves.

When I first heard of Keylogging, I immediately rushed to get information so that I could understand what it was and how to avoid this threat.

For the time being, I believe that the keyboard cannot be replaced by any other ways because other method would be the same as input from keyboard for the processor. Therefore, keylogging spyware can catch all such type of input.

Of course, we may hope that Intel and Microsoft will come out with a technique to overcome this type of problem. However, even if that would be happened, it might not be any time soon. We are still in danger because our computer may be invaded by keylogging spyware before or in the coming future.

2006-05-01T05:19:00.000-07:00

A new online business: seeking ransom openly

It looks like a legal business, give ransom to save your computer, any problem email for help.

Check "Ransom Trojan horse demands money with menaces" for details.

No matter how insane this guy be, we have to know that such type of crime will be continued and perhaps it would evolve to team works. One will be in charge of spreading the specific virus. The next one will be in charge of urging for ransom. The third one will be in charge of assisting victims to recover the computers. All of them are in different countries with no law against each part of deal.

2006-04-27T20:12:00.000-07:00

Final decision about USC Password Security Storage System Light Version 2.5

With consideration about the protection for our clients, I finally decide not to prepare the Free Trial Program for this version.

USC Password Security Storage System Light Version 2.5 has been completed. The major upgrading is a method to avoid the risk of keylogging spyware. With this added function, I believe that our clients would have the best protection for their passwords.

Although many suppliers including Intel, Microsoft etc. are working for a way to protect users, yet it may not be happened soon. In fact, we may not be sure whether such type of coming systems cannot be cracked.

It would be better to have everything done to avoid unnecessary risk.

I have tested the new version (2.5) for over one month with daily use to browse various sites including online bank accounts. As said, I also use the keylogging program to check if there is any chance of leaking the data. Everything is fine.

Of course, it is possible that someone will find a way to crack whatever we have done. Therefore, my work must be continued to protect our clients.

2006-04-23T01:39:00.000-07:00

We can protect those who have the will to protect themselves.

There is unlimited number of ready victims for online criminals. If this is true, then we may have online crimes forever, no matter how good software developers can do.

Just see "Easter eggs bypass security", many people would sacrifice their important identities just for a chance to get an Easter egg. Greedy is always the major cause to become a victim.

If online criminals will use such sophisticated method, there will be numerous cases for legal bodies to handle.

Can education or greater effort to let everyone know about this type of fraud be helpful? Can we think twice before giving away our personal data? Is greedy something that we cannot restrain?

Perhaps old tricks would be useful forever because we have the greedy DNA that govern all generations.

2006-03-18T18:59:00.000-08:00

Rootkit + keylogging is not to be ignored

I have mentioned several times that the threat of rootkit and keylogging would be something for this year.

Again, from the report, "Hacking Made Easy" of the Washingtonpost.com indicates how serious this problem would be.

That is the reason for me to ask users of USC Password Security Storage System Light Version 2.0 use a specific webpage to avoid keyboard input. The version 2.5 is now in the final test stage and will be released within a week. The major change is to have the function embedded with the program so that users can manage the input easily and without the keylogger risk.

It may be difficult for us to detect if there is any rootkit type spyware. As pointed out in the report, it is an international organization and not individual that threatened the safety of our passwords.

2006-03-11T07:40:00.000-08:00

Can personal information be protected?

After visiting my dentist last week, I suddenly realized that personal information would be difficult to protect. The reason is simple; my dentist has my name, birthday, telephone number, address and Identity Card number. That means if someone can access my dentist's computer, the personal information of all his patients would be at risk.

I believe that it is a common practice for medical records etc. to have full information of patients. It is easy to know why such data is for our own good.

If someone uses my name, address, birthday, telephone number and Indentity Card number to apply for credit card, bank loan etc., will banks accept that? Of course, we may say the banks must check the person and have some procedure to confirm. In Hong Kong, even if I apply in person, the bank will not give me my credit card or anything. Instead, a confirmation by telephone and advice will be sent to my address for me to pick up the credit card etc. again in person and with Identity card.

Yes, it seems quite troublesome and some may demand the bank to simplify such procedure. Well, without such procedure, we are at risk. Remember that we cannot avoid to give personal information to our doctors, dentists etc. I accept such type of procedure.

The only thing that we must not give out is our passwords.

2006-02-28T06:40:00.000-08:00

There is no way to protect our sensitive data if we are customers of such financial corporations.

By reading various information of this month (Feb. 2006), I have found one that should be read by all. It is "Proof: Employees don't care about security" by silicon.com.

The first sentence is "An experiment carried out within London's square mile has revealed that employees in some of the City's best known financial services companies don't care about basic security policy."

Of course, we would avoid any financial activities with places like Nigeria. But who will think of a city like London that had such level of security. Let's not blame London alone. If similar work will be arranged for other famous cities, I do believe that the result will be the same.

In fact, when I visited my dentist last week, I found that all my personal information have been input to the PC. That means, hackers may be able to steal my personal information from the dentist's PC. Fortunately, I am in Hong Kong where every important things including opening a bank account or applying a credit card would require the presentation of Indentity Card. Of course, criminals can make a fake ID card and with the photo of their faces and my personal data. It may not be easy to operate with my address and telephone because the bank will send to the address and call the telephone number to confirm.

So we must not complain about the security procedure and remember that any easier or faster operations will not be good for us today.

2006-02-27T02:35:00.000-08:00

Another news to proof my worry about keylogger.

I have just posted yesterday about the keylogging problem and my intention to upgrade the USC Password Security System Light, today, there is news, Cyberthieves Silently Copy as You Type, about the growning threat of this type of cybercrime.

It is certain that this problem will be a worldwide event this year.

Anyone who would go online must start to check and arrange protection immediately.

For the time being, you can refer to Avoid Keylogger with UPSSL Version 2.0, the suggestion can be used with your online with or without my system.

2006-02-26T06:53:00.000-08:00

The threat of Keylogger is not to be ignored.

Although many Internet users are not aware of the threat, yet it is possible that Keylogging + rootkit may be the popular tool for online crime.

I have prepared a special web page for the users of my USC Password Security Storage System Light Version 2.0, it is just for instant assistance only.

So, I am working on the next Version 2.5 so those users can avoid keylogger from the very beginning.

Remember that there is no bulletproof way to detect or to get rid of rootkit invasion. If we do not take care of our passwords, we may face lots of trouble in the coming future.

2006-02-11T01:51:00.000-08:00

Another TRUE one dollar software product

If you search for One Dollar Software in Google, we may find many of them. Besides our One Dollar Software House, you may not find any other.

From information, One Dollar Encyclopedia based on Wikipedia, Thejesh GN picks up information from wikipedia.com, applies index for article header and burns on a CD selling for one US dollar (in India).

I am happy that someone else would decide a way to distribute valuable information for a very small amount. Yes, I always feel that by offering free is not good for the new generation.

Now, those service providers are trying to charge spams as well as emails. If this really happened, the total cost for the good, bad and urgy would be loaded directly or indirectly to all online users.

2006-02-05T00:48:00.000-08:00

Just pay your postage and your spam will not be spam

We know that if we receive emails from someone we do not know, these are spams. Unless we have agreed or requested to receive, even those emails were from famous corporations are not welcomed.

Yet, it seems that SPAM may be email without postage according to the latest info "Postage Is Due for Companies Sending E-Mail".

Spam takes free ride on the Internet, we hate them because most are annoying and repeatedly selling Vigra, porn etc. ISP hates them because they had not paid the postage. Hackers love them because that was the best way to send virus, spyware etc.

Most ISPs offer us filtering without additional charge and we thank them and feel happy for some days.

Now, ISPs want to earn some dollars from spam at our cost. Yes, this time, they said with payment the senders' identification can be verified. In other words, paid spam is not spam. The filter for users will filter out those who had not paid. How nice is this service.

It may happen soon that we can pay to have next level of filter. The higher we pay the less paid spam we shall receive.

I may be right not to ask for such filter and get used to delete spams as fast as possible. It costs me a few minutes only. For readers of my blog, remember to fight evil with your own effort. Never rely on others because you either pay the devils or the devil hunters and the final outcome is that you are always the loser.

2006-01-23T06:33:00.000-08:00

It is astonishing to find that USA remains the No.1 for SPAM

According to "Sophos reveals latest "dirty dozen" spam-relaying countries", the percentage of spam from USA remains the number one.

With so much works done in the past two years or so, I expect that spam centers would move to China etc. Of course, China ranked number two in the list and may move to number one later.

I may be lucky that for over ten years without great trouble with spam. There were over one hundred spam emails in some days. Recently, it is much less for an average below twenty. It takes just a few minutes to clear them. With experience, it is quite easy to recognise those old spam emails and would not need to check any further. I have mentioned earlier that I always check for new ideas from spam, yet I am disappointed for a few months because there was nothing creative anymore.

I think that spammers have exhausted with new ideas. We may question the success rate of employing spammers for marketing.

2006-01-18T18:01:00.000-08:00

Online fraud threatens online investment

There is protection for credit card with maximum US 50 consumer liability. Of course, no one likes to have loss of US 50. But it is important to avoid losing even more.

With Internet, many have use online investment that may involve much greater amount. From the news, "E*Trade Offers to Reimburse Any Victims of Online Fraud", this will let E*Trade account holders a great relieve.

It is also mentioned, '...data thieves have been able to gain access to an investor's system by installing software that tracks the keystrokes when an investor logs into a brokerage account...'.

This also confirms our suggestion Avoid Keylogger with UPSSL Version 2.0, for the users of our USC Password Security System Light Version, to avoid such type of threat. Remember that data thieves may use the rootkit that we have no way to clear.

We need to note that even though E*Trade has promised to reimburse any loss, yet it does not mean that problem would be solved within a short time. The victim's online investment may not be functioning normally for a few days. So the loss is not just the stolen amount. That means even with the reimbursing promise, one must be careful for his/her own online activities.

2005-12-30T00:25:00.000-08:00

Who can we trust?

The news (Dec. 20, 2005) about ABN Amro eyes electronic data transfers after tape loss incident said that "a tape containing information on 2M customers was lost for a month" and "On Friday, ABN Amro told customers that the tape was lost while being transported by DHL Worldwide Express delivery service from a data center run by a subsidiary of LaSalle Bank Corp. in Chicago to an Experian Information Solutions Inc. credit bureau facility in Allen, Texas."

Another incidence, Backup Tapes Missing from Marriott Timeshare Business, if you are one of the Marriott Vacation Club International members etc., your information may be stolen.

The worst thing is that such information might not been encrypted. We may wonder why a big corporation would treat sensitive information in such a way. In other words, no matter how careful we are, if we have to hand over information to a bank, a hotel, a charity body or a security specialized company, we are at risk. That is nothing about online. In fact, the lost of credit card information with online cases had been much lower than conventional means.

No wonder some said that criminals did not need any guns, just send someone to work in transportation companies and there will be a lot of treasure because there are many such careless corporations.

2005-12-27T19:45:00.000-08:00

Shall we have a better Internet?

From the article, The Internet Is Broken, David D. Clark has excellent suggestion for a better Internet. Whether this suggestion may lead us to a better future remains unknown.

I am afraid that such revolution would not be happened due to the requirement for all ISPs etc. to invest huge amount to meet the ideal conditions. Furthermore, hackers are like virus. They evolve fast.

Some times ago, someone asked me what was the best way to protect the computer. 'Stay away from any network' was my answer. We can take another example. Can we avoid traffic accidence? Even if we were not on the road, we might face traffic accidence if our home or office would be next to any road. The only way is to live in remote area without roads. Can we?

It is good to have the top-level specialists, computer manufacturers and software houses working to fight against hackers. We do hope for a better protection. But, in reality, we need to find our own way to stay out of trouble.

2005-12-23T07:25:00.000-08:00

Online criminals must be homeless

This is the time to think about Christmas and New Year. So are those online criminals, but not for peace. According to Businesses brace themselves against Bagle barrage, many emails with the subject lines like "New Year's", "New Year's Day", "Happy New Year" and "We congratulate happy New Year" are with attached viral file.

We may assume that these online criminals are homeless or without families, therefore they have no peace, no holiday and nothing to enjoy. Poor guys.

If they have employers, then they are the best workers.

That means we must maintain the same defense every day of the year.

The most dangerous thing is the assumption of safety. Basing on what happened lately, we must understand that firewall, software etc. cannot have hundred percent protection. Good practice is the last part we should not forget.

2005-12-21T01:19:00.000-08:00

Security = hacked

It is frightening to know that a leading security software company has been hacked and sensitive data of customers were stolen. See: Hackers Break Into Computer-Security Firm's Customer Database.

Until now, we can say there is no way to fight hackers unless we stay off line. We cannot avoid the online; we need to be online.

I have said that the best way is to have all sensitive data encrypted, not with common technique that hackers know better than we do, but with unique encryption. I feel happy for the users of my USC Password Security Storage System Light Version 2.0. Of course, this is for the passwords only.

Remember the case about rootkit in my last blog. It is something important from now on. That is why I have suggestion for the users to avoid entering the numkey from the keyboard. In fact, all sensitive data must use copy and paste.

Even with firewall and antispy program, we are still in danger next year.

2005-12-14T18:58:00.000-08:00

Rootkit threat may make all of us busy in the coming days

After going through the information about rootkit attack and the available scanning for this problem, it seems that the only way to get rid of those spyware with rootkit is to reinstall the Windows.

It is possible that if there is any solution from Intel, the contribution will be for new CPU. All existing PC may not enjoy such protection.

In other words, we have to face the threat by us. If all spyware etc. will take the rootkit, then all existing protection methods may be useless. The only thing I do not find is the firewall. Whether it can stop the data theft remains to be checked.

I think that for corporations with a team of security specialists, they may not be in danger. But for most of us, it is not an easy task to protect.

By reviewing my suggestion, Avoid Keylogger with UPSSL Version 2.0, it seems that this is the only way to protect our online accounts. I have started to work according to this suggestion for online activities. It is not difficult, yet I shall look for improvement of this practice so that all users can perform daily online work easily and be protected.

2005-12-13T04:01:00.000-08:00

Can Intel save us from rootkit attack?

It has been confirmed recently that there was sharp rise for spyware etc. to make use of rootkit to hide away from scanning and uninstallation. Check: Where are Rootkits Coming From?

This is called a sophisticated technique. Of course, for the first one to use it. There are many copy-cats and some were happy to share destructive technique with others. By this way, we may have all spyware making use of various types of rootkit.

Now, it is said that Intel has started their work to fight against this new threat. Check: Intel Researchers Sneak Up on Rootkits. I do believe that when top level IT corporations are angered by the villains, there will be a great chance of wiping them out. At least, we shall have a higher protection.

However, the armor is not yet available. We shall face serious threat for some more days.

For the users of USC Password Security System Light Version 2.0, there is a suggestion to avoid the keylogging, check: Avoid Keylogger with UPSSL Version 2.0. This is the extension of the use of copy/paste through clipboard so that even the numkey will be protected.

It seems that there is no better solution. As mentioned in last blog, I have continued to check with keylogger for a few days to be sure about the suggestion.

If you prefer other way, then the best you can do is to have an off-line computer to mark down all sensitive data, saved them in files on diskette or any other media. Then work with the online by the same way as my suggestion, copy and paste.

Before Intel or other has come up with effective solution, we have to keep ourselves safe until that day. Yet, I believe that if we can accustom the online operation with some software like the Password Security System Light Version 2.0, and follow the suggested way of inputing numkey, login and password, we shall be free from this threat.

2005-12-09T22:33:00.000-08:00

Keylogger - from good to evil

Keylogger is used sometimes ago for parents to watch the online behavior of the children or for the office to monitor the staff.

The problem is this technique will record everything input from the keyboard. In other words, our online login and password are recorded too.

Therefore it is a ready tool for spyware.

My USC Password Security Storage System Light version 2.0 provides users to use copy and paste for their login and password. This is a good way because Keylogger cannot record the login and password that move through the clipboard.

Can users avoid the Keylogger? It depends on individual case. Of course, no one can be certain if a Keylogging spyware has just invaded.

If users really have Keylogger slipped into the PC, there is a danger when they input the data in all password programs including mine.

After going through testing, I am working for the fast solution and shall be posted online in my site, www.uscforesight.com, on/before Dec. 11, 2005.

2005-12-04T03:30:00.000-08:00

New problems are never far away: Spear Phishing and Foxy

A new member has been added to phishing, spear phishing. It is a highly sophisticate tactic to disguise as someone we trust, and infect our computer. One thing we may not need to worry is that this type of attack is for targeted person or corporation to steal their sensitive information. It is said that about 18 months ago, a professor and writer discovered that some of his unpublished works had been posted by other people. Later, the official found that a lot of corporations including military related organisation were included.
Of course, we never know whether we would be the target because we never know about their intension.

In fact, the case is not difficult to understand. Once they got the email address data from any PC, all information would be in hand. Furthermore, they have the technique to send email through any hosting server. The hosting service for one of my site has to shut down the email function that used to notify site owner of any updated information etc. Announced reason was someone had taken this function to send spams.

As we always know, P2P will not go away so easily. There is a new P2P program called Foxy starting to prosper in China. It is said that hundred thousands had been downloaded within a month. With the huge number of online population and the general public's negligence of copyright in China, it is very soon to reach over millions.

2005-12-01T05:50:00.000-08:00

USC Password Security Storage System Light version 2.0

Besides what I have mentioned about those problems found from user's experience myself, the function keys are used so that going online with this password program will be much faster.

The Website/reference is changed to 90 characters because it is seldom to have URL with more then 90 in length and it is better for displaying.

The login name is changed from 16 to 50 and accepts single byte signs so that email addresses can be input.

The password remains with 16 characters and also accepts single byte signs in case users have strong password.

Space is not accepted and it is certain that space would not be allowed as URL and password.

After CHECK - INTERNET, users can choose automatically calling IE with the chosen website by clicking on the button or F2.

Upward arrow for next website, downward arrow for previous website, button NEXT or F1 to input another choice etc.

Anyone has interest can visit www.uscforesight.com/DSUPSL.htm.

2005-11-27T19:00:00.000-08:00

Password Security for easy browsing new version is coming

I have mentioned on Nov. 25, 2005 that I have found problem after using this program as user. This has bothered me ever since. Therefore I have started to work for the new version so that email addresses can be used as login with those signs and greater length.

Now it is almost done and entering the final stage.

USC Password Security Storage System Light new version 2.0 will be released soon.

Due to encryption application, this new version will not access the data of version 1.0 or 1.1. If you have bought the older version, there will be a tool to move the data from version 1.0/1.1 to version 2.0.

For those who do no know about this program, here is a summary:

This program is one of the product in One Dollar Software House of www.uscforesight.com.

It is designed for users to keep the online accounts with website, login name and password.

For security, we have to use strong passwords and may have to change them periodically. So it may not be easy to remember.

With this program, all such sensitive data are kept in special encrypted form with no cracking tool available.

In order for users to browse easily, the version 1.1 had a function INTERNET for copying the login name and password to the clipboard with a click and press Ctrl-V (or edit-paste) for the required fields. If one uses IE, then clicking the website will automatically start the IE.

Just mentioned in last blog, I am using it myself daily for finding any upgrading or adjustments with a user perspective. Of course, I welcome any comment from all users.

2005-11-25T05:04:00.000-08:00

Developer vs User

As mentioned earlier, I am using the USC Password Security Storage System Light Version 1.1 myself for daily Internet browsing.

Although this program is made by me, yet there is a difference between developing and using software. No matter how many tests had done, they were carried out with a developer's concept. As user, I can find much more about the other side.

The login has been fixed for alphabet and numeric. Recently, I have some accounts that took the email as login. For all email address, there is 'at' sign and the total length is more than 16.

Therefore, I am going to build the next version to meet this case. For those who have bought the program, there will be a free upgrade and special arrangement to move the previous data to the new format.

I believe that we shall face various changes with the Internet. So keeping on as user is an important thing for a developer.

If you get the free trial from download.com, I am glad to have your comment.

2005-11-22T04:27:00.000-08:00

Who will kill the Internet, those famous websites.

I always say that being famous and trustful, one must not play tricks, not to say bad things.

EasyWatch, part of Stelios Haji-Ioannou's easyGroup empire, is accused by Richemont (owner of Cartier brand) to use Portofino to confuse buyers. Portofino is also a trademark of some products of Richemont. Of course, there are argument about the name Portofino.

But it is reported that EasyWatch has recently changed the Portofino Sky to Imperia Sky and Portofino Bubbles to Imperia Bubbles. If there is nothing wrong, why EasyWatch has to give up the Portofino?

Check this news from out-law.com: Stelios accused of selling fake watches

Match.com is the famous online matchmaker. However, some customers filed to court about false romantic emails made by employees of Match.com to entice them to renew their subscriptions.

Check this news from out-law.com: Match.com accused of faking romance

If such website would do something like that, all netizen would not trust any website in the future. Although we enjoy the freedom of online, yet there must be something to stop these hypocrites. They are even worse than any hackers.

2005-11-17T18:33:00.000-08:00

A new column about website in Internet

There are many, perhaps too many, information about website development.

If someone who is new to this field or has not follow the Internet development earlier, it is really difficult to catch up or to organize any planning.

Although there are many consultants, my company has this service too, yet it is not easy to choose or decide to look for one without some knowledge.

Therefore, I decided to build a new column offering knowledge, reference and information so that visitors can have the most important elements without signing up or paying anything.

As most know, the Internet has flattened the difference between large corporations and SMEs. This is true for the appearance online only except in the early days of ebusiness. In fact, the later to join the online world, the harder one would face for survival, not to say success.

However, in business, there is always exception. We cannot rule out that someone with the right idea at the right time can win over well-established dominant giants. For many, the target may be a moderate reward to establish a foothold online only.

Going online is almost a necessity. Keeping online is part of the business now and in the future.

2005-11-14T04:42:00.000-08:00

Why login is shown with all numkey in USC Password Security Storage System ?

For those who are going to try the trial version of USC Password Security Storage System Light Version 1.1, one thing I need to clarify.

The login and password are encrypted. But when user want to check the data, even a wrong numkey is input, the login comes out correctly. That is not a bug; that is what it should be.

Remember that most logins are either our names or abbreviation of them. It is easy to find which one is right. So if someone uses this program in user's PC and tries with several numkey, he/she can judge from the login whether the password is the right one. In other words, if login and password are encrypted together, we are risking against the luck of the bad guy.

With this arrangement, there is no way to find which password is correct, unless the password is too weak.

Then there is another question. Can one input password with tens to hundred trials? If any bank or any password-protected websites would allow such operations, then we do not need to protect our password because our accounts are easily accessed by any hackers.

As always advised, change the password once every six months. Of course, it is better to use a program to encrypt the password to avoid leaking by any unexpected way.

2005-11-14T03:47:00.000-08:00

Why free upgrade is needed?

Some years ago, when Microsoft Windows 95 replaced Windows 3.1, some friends complaint about such change, saying they had to learn everything ago.

Every program has deflects and usually cannot be found with thousands tests. Requirements are changing continuously and no matter how perfect a program were, it cannot satisfy the demand sometime after.

Just like the small programs that I produced for selling in the One Dollar Software House. In fact I have tested them and asked some people to test too. Before releasing, there has been some adjustment upon suggestions.

Take the example of the recently upgraded USC Password Security Storage System Light Version 1.1. With the new function for users to browse online so that with a click for copying to and paste from clipboard with Ctrl-V for login and password, repeat testing gave satisfactory result.

In order to investigate further, I have decided to use it daily myself. After a few days, I found that there would be something to fine-tune for better performance. Of course, as experience told me, it will be better to wait and continue the test for some more days so that I can see whether another upgrading should be done.

No matter the size of software house, no matter how many developers involved, the result is the same. You need to have new versions either to correct some bugs or to add functions for better performance etc.

I just feel lucky that those small programs are supplied in electronic formats so that any free upgrade would not have to waste any materials.

2005-11-13T00:14:00.000-08:00

Will someone go to Google and search for Google?

Recently, I decided to have a section about Internet in my site, www.uscforesight.com. This is for those who need concise information about ebusiness.

When checking the search activitities for the article "Review of onlines search Nov 2005", according to the statistics for Sep. 2005, there are 33 millions search for Google and 17 millions search for Yahoo.

Remember that Google and Yahoo together occupy over 60% of online search. That means it is possible that many have searched Google in Google and Yahoo in Yahoo.

Will anyone forget the domain of Google and Yahoo? When we do not know about the website, we simple type www. then the name and follow by .com. This is the usual practice. Except for some less known site that we may have to search the name instead.

We may have doubt about the statistic. But I have checked again and believe that even the figure might not be accurate and we base on 50%, the total is still 15 millions and 8.5 millions.

This is another topic that may be great to research in the future about such behavior.

2005-11-07T23:46:00.000-08:00

Online investors must protect their passwords as part of their investment

There is a report: Hackers emptying online accounts (refer: http://money.cnn.com/2005/11/07/technology/personaltech/hackers/index.htm

It said that about 20 million USD has been stolen from online brokerage accounts in 2004 due to hackers getting the passwords from investors' home PC. With over 80% users will keep their personal data including password in the home PC, this type of crime will increase.

With a few dollars, even as low as USD one in my One Dollar Software House, can offer certain level of protection. In view of the present situation, I do believe that my custom produced version is a necessity, especially when users are handling their investment online.

As everyone knows, every encryption can be cracked and every program can be re-engineered. By employing a single strong protection is not safe today. We must have a well-structured arrangement to avoid such kind of loss. Without proper protection, investment would be easily turned into total loss.

Those investors who suffered loss in this case may not be hurt seriously, as they might not put everything in one online investment account. But if we count on the cost of providing protection with the stolen amount of money, it seems that they have made a very wrong decision or failed to take care of their sensitive information until it was too late.

There is something I learnt that if you lost for the first time, then it should not be your fault. But if the same thing happened again, then you should blame no one but yourself. That means before going on the online investment, investors must do something right to avoid this sad thing to happen again.

2005-11-06T05:51:00.000-08:00

October has the highest record of virus increase.

It is astonishing to find that there were total of 112,142 viruses last month, with the highest increase number of 1,685 over September 2005 according to Sophos. Check: http://www.sophos.com/pressoffice/news/articles/2005/11/pr_uk_toptenoct05.html.

Throughout the month, I have not any problem with email or browsing websites. Am I lucky?

In fact, for the previous months, I had been troubled by the 3721 malware problem. Although it was not a virus, yet it disturbed my daily work, making every operation difficult to perform.

During that period, all my friends did not have same incidence and seeking advice from others was hard because it seemed that I was the only one that hurt.The burden was to search for suitable solution. It took many steps and many hours across almost two months before getting it off.

I cannot recall exactly how my computers (PC and notebook) were infected. This is an example of how fragile we are. Now I have Adaware SE and AntiSpyware with all my computers. Though the 3721 problem had been solved, I still scan the computer with either one or both in sequence occasionally and maintain the same practice of watching the performance of the computer.

One thing is good about virus or adware. They force us to take extra precaution with our computers and refresh our good practice that may drop after a period of peaceful time.

As long as we need to get online, even if some bad guys have been caught, we can never be safe. Last month is lucky for me and I have to remind myself that luck may not be with me for this month or the next.

2005-10-30T01:53:00.000-08:00

As IT developer, it is certainly a sad thing to see that there had been so many victims due to the security problem of going online.

Online has become part of our lives, I have started reading, researching through websites for years. It is said that many were afraid and tried not to go online to avoid trouble.

Of course, as proved by cases, the danger is not only online but within our surroundings. Credit card data might be stolen by bad staff of a shop. Personal information might be stolen by people around us.

That is the reason for me to start working for protection related applications in my One Dollar Software House. Yes, it is sold for one US Dollar only.

The first Password Security Light Version works fine to keep passwords in unique encryption, but users require the efficiency to go online with these passwords etc.

Therefore, I upgraded it with function that users can browse sites and applying login and password with a few clicks.

Those who need to visit password protected online accounts daily or weekly, please visit www.uscforesight.com/DSUPSL.htm for details and information.

Furthermore, the trial version of this upgraded version will be available on/about Nov. 1, 2005 from Download.com.