billso.com

I see more white and silver laptops than black models when I walk around campus and the shopping mall these days. Colored laptops might look nice in the home, but do people really want to live with one color choice for 2 or more years?

If you don’t like the stock color of your device, Colorware will sell you a custom painted Blackberry, iPhone, iPod, game console or laptop. They’ll also paint your equipment. Their process takes a few days, and you have to wait for the mail or FedEx, though.

It’s easy to wrap a laptop in decals. Students and programmers like to do this, because it’s a great way to personalize a computer. The decals also help the user identify their computer easily.

But I’m not sure I’d go to a job interview with a laptop covered in bumper stickers, unless I knew the client well enough. An accountant might not visit carry a bright purple computer with Astroturf on the lid to a major client meeting.

Erica DeWolff has posted a nice article about this issue at Professionalism and computer color: What do you think? The comments on that article are fun to read.

Skinit.com, schtickers.com, skinvo.net and other companies sell a variety of large, colorful stickers that are custom cut each model’s dimensions - and some companies will let you design your own laptop skin.

From ComputerWorld: IBM security researchers claim that hackers are hiding or masking almost all of their Web attacks. JavaScript is still the tool of choice for infiltrating Web browsers. Most users shouldn’t turn off JavaScript, especially students who use tools like webmail, WebCT and TurnItIn.com. So we rely on antivirus and Internet security software that runs on the client-side to screen out these attacks before they can be executed.

Hackers have added more tricks to their toolboxes, because the potential payoff for evading security software and infecting computers can be huge. Encryption is one such tool - hackers often encrypt their programming code so that software cannot easily identify the attack.

As IBM researcher Kris Lamb states, hackers have stopped targeting the operating system and have moved to a higher level of the application stack that runs on almost any desktop and laptop computer that connects to the Internet - the web browser.

So we come back to good old common sense as the user’s best defense against computer attacks.

1. Hover your mouse over a web link and inspect the URL before clicking.
2. Don’t click URLs in email messages if the links look suspicious.
3. Find, install and use good security software. I recommend the free version of Avast for Windows users who need to protect their residential computers.
4. If you’re not using your computer at home, turn it off. You’ll burn less energy, and hackers cannot access your computer if it’s not running.

See my earlier posts on security software and attacks from 10 June 2007, 13 August 2006 and 27 November 2005 for more information.

The Washington Post reported yesterday on allegations that US Customs agents have inspected and confiscated laptop computers, iPods, and mobile phones during passenger inspections. Passengers claim they were asked to provide passwords and open files. In some cases, mobile phones were inspected and returned with purged call logs. One person claims their laptop has been held for an over a year.

According to this article, the Electronic Frontier Foundation and the Asian Law Caucus have filed a civil lawsuit against the Federal Government, based on 20 complaints from Northern California residents. The goal is disclosure of the US government’s boder search policies. One sourse of concern is an apparent pattern of racial profiling, in which agents targeted Asian and Muslim passengers.

The US Department of Justice asserts that electronic equipment falls into the same category as a briefcase, and may be searched and confiscated for inspection.

However, the scenarios described in this article sound more like coercion or out-and-out robbery.

Of course, many corporate travelers have confidential or private information on their computers and phones. The Post article cites a Canadian law firm that sends corporate travelers headed to the United States with “empty hard drives”. There’s an operating system and a web browser on the laptop, of course, but employees access their email and documents through a secure Internet connection such as a virtual private network (VPN). This helps keep confidential data off the drive, as the law firm fears discovery by search more than a hacked Internet connection.

BoingBoing and the Consumerist each had articles about the Post report, although both blogs misidentified US Customs as the TSA.

Sadly, the activities alleged in this lawsuit do not surprise me. BusinessWeek recently reported on Indian IT outsourcing firms that have systematically underpaid IT workers who were brought to the United States on H1-B visas. These workers make tempting targets, as their outsourcing companies can send the workers back home for any reason. By the time some workers determined they would never get their back-pay, they were no longer in the US. It seems that only a few lawyers or client companies will step in to help these guest workers.

I mentioned OpenDNS on 3 September and 13 July of 2007. This is a free service that looks up domain names. Domain names represent the numeric IP (Internet Protocol) addresses that are used on every server. The Domain Name System (DNS) is highly distributed, and a good target for all sorts of legal and illegal opportunities.

OpenDNS is much faster than the domain name servers I’ve used at other ISPs. Every ISP has to provide DNS services to subscribers. The DNS servers are an important part of maintaining a fast connection, but some ISPs just do not manage their DNS servers well.

OpenDNS a great way to speed up an Internet connection, especially for residential and WiFi users, by outsourcing every domain name lookup request to a dedicated set of very fast servers in North America and Europe.

It’s hard to beat secure, fast and free.

OpenDNS also includes some nice security features. The service will block phishing and adult web sites, using a constantly updated list of known servers. This is a more elegant solution that proprietary security software that usually slows down a Windows or Mac computer.

Late last year, OpenDNS asked users to recommend the service to schools and universities. A recent article in THE Journal reports that over 10,000 educational organizations have adopted OpenDNS services.

Crackers have started to attack domain name servers, inserting false domain name entries that redirect users from well-known sites to forgeries. Schools and educational institutions are an attractive target for these attacks, as their IT security is sometimes less than adequate. In the past, school email servers have been a primary target for botnets. Hackers break into these servers, which can then be used to send spam. The legitimate users of these servers may not realize their email system has been compromised until their ISP cuts off their email access.

Installing OpenDNS on a personal computer is easy to do. I would not recommend that employees do this on their company computer without the support of their IT department, as some companies maintain specific entries in their own domain name servers.