Wow, it’s been a busy month! With all that’s been happening, I have neglected my blog as usual… So here are several interesting tid-bits I’ve run across this last month and haven’t had the chance to share. We’ve got info on deconstructing a botnet, security tips for the not-so-tech-savvy, and have you heard about the Optimus keyboard? Info about the official public launch of SSA Host and also, wireless internet nodes and how you can help get more of them…

As for what’s been keeping me busy… many things, but the most important one is the official public opening of SSA Host, my web hosting service. As of December, it will have been a year and a half since I started – but also my 6th year of offering hosting services to clients (previously on a consulting basis to limited clientele) Look for a press release around the first week of December!

So, first of all – I remembered reading something on Slashdot a while back about deconstructing a botnet. I went back and found the article and it’s a pretty interesting read. It’s an eWeek article about the recent surge in email spam and how it’s the reult of “tens of thousands” of computers that have been hijacked. It goes on to describe how this one particular trojan comes with its own virus scanner that removes other competing malware and adds the infected computer to a peer-to-peer network which is controlled by a single server. Should that server be taken down, all of the machines on the network can easily be redirected to a new one via the peer-to-peer network. As if this wasn’t bad enough, they’re also stealing email addresses by breaking into site databases to collect potential recipients for their spam.

This got me to thinking… with more than half of the infected computers in this 70,000+ botnet – what do people need to do and learn to protect themselves? Most security sutes offer a slew of suggestions – including installing and keeping up-to-date a good set of anti-virus/spyware/spam/adware software(s) along with using a personal firewall. Furthermore, not clicking on links, especially from emails, verifying security certificates, and that you are on a secure site (https) keeping up-to-date with software and OS updates and patches, etc. Change your passwords regularly, use strong passwords and not repeating ones.

All of this makes sense, and can be fairly easily done by a computer savvy person. But what about someone who isn’t so computer smart? Lets face it, 95% of people out there who claim they “know how to use a computer” are relating it to operating a microwave. Yes, they can turn it on, they can get online, they created their own Hotmail or Yahoo! address and know how to chat/email/share pictures, etc. but that’s about it. What we’re asking them to do to protect themselves and others while online is like asking them to service their appliance to ensure it’s not leaking microwave radiation.

Even more dangerous are the ones who admit they don’t know how to use a computer – if they aren’t confident in their knowledge, you can be assured the thought of protecting their security (muchless the security of others on the internet) hasn’t even crossed their mind as they are more worried about remembering how to get online in the first place. How do you expect them to reckognize the difference in a legitimate email from their bank and a phishing attempt to collect their SSN or other private info?

So, on to happier things…rumor has is that the optimus keyboard will be released soon… It’s a revolutionary new keyboard design which impliments a stand-alone display on each key allowing you to customize the look of each key. You can already get a 3-key mini version now.

I was looking over the Free Geek website when I saw their internet access page. I know there are several organizations out there trying to organize community supported wireless internet access… but for some reason, it hit me today: If generally tech-savvy people such as myself would begin offering our services for free to setup and maintain an access point for a place of business as long as they pay for the internet access – we could bring wifi to a lot more places. It would take about an hour of time a month per location, possibly less once a site is setup and would relieve the stress of the business owner from dealing with the technical aspect of it. (Which is probably the main reason s/he never did it in the first place)

The thing is, you have to go in from the beginning with the understanding that you will be responsible for the network – perhaps a small written contract to the same. There should be at least an understanding that the shop owner is to rely on you to support it. This prevents him from worrying about what will happen if it has problems, and will prevent you from getting into a situation where an outsifer has come in to fix something, and messed up your setup.

The reason I bring this point up is from personal experience – a “friend” got me involved in a new cafe opening that wanted to offer wireless internet access. I helped configure the network, designed a firewall to segment his network in to 3 seperate ones for security reasons… (Cash registers and server, free internet kiosk systems, and public wifi network)

Everytime they had a problem, someone would try “fixing it” and when they ended up messing it up beyond their repair (or after tearing apart the network without realizing it was just their internet connection that went down) they would call me blaming me for a faulty firewall setup or some other issue. Half of the time, when I was on-site trying to repair it or make the changes they asked for it was like pulling teeth to get access to what I needed or to be allowed to the back room to reboot or configure something.

This is why I say to make sure there is an understanding at least with the business owner – They pay the $20/month for the DSL and the upfront hardware costs (Wireless router, and any kiosk computer systems they want to use) and you will maintain the network and any software on the kiosks – this way you can easily put a locked down install of linux, use a livecd or open source kiosk software to ease of managment and repair should someone mess it up.

You could even tack-on some sort of maintenance fee, or yearly retainer for your support and managment of their network, entirely up to you and what you feel the business owner is willing to do. But offering an hour of your time a month (which you can use an an excuse to get out to a wifi cafe and relax for a while on the weekend) should be worth it to know you’ve added another wireless node for public use.