7 or 8.1 to 10: Walk, Don’t Run
August 19th, 2015
If you own computers that are running Windows 7 SP1 or Windows 8.1, you are probably aware of the free upgrade to Windows 10 that Microsoft has been rolling out in recent weeks. It all started with a Windows Update that Microsoft released back in April, an “Optional Update” for Windows 7 and a “Recommended Update” for Windows 8.1. That update, as outlined in Knowledge Base Article # 3035583, was solely designed to install the “Get Windows 10” app on your computer, encouraging you to “reserve” your free copy of Windows 10 which would become available after July 29th. That sounded harmless enough, and almost like a “no brainer”, didn’t it?
If you are one of those people who never installs updates, you are certainly putting your computer and your personal data at tremendous risk by not doing so; however, in this instance, none of this will be of concern to you. If you have not seen the “Get Windows 10” icon in the task bar on your computer, simply do NOT install the update that references KB # 3035583.
There are a variety of reasons that some people may not want to immediately upgrade to the new operating system, preferring to upgrade on their own terms and timetable. What most people did not realize when they opted to reserve their copy of Windows 10 was that they would be triggering a 2.7 to 3GB download to take place in the background – potentially hogging bandwidth and slowing down your network performance – for each computer. If you have a cable modem, this should not be a problem, but for anybody with a limited bandwidth allotment or a slow Internet connection, a 2.7GB download could be problematic (and, potentially, a significant expense.) Both the download and the installation are very difficult to stop, but I will provide you with step-by-step instructions below .
With respect to the operating system itself, almost everybody knows that you never want to be among the first people to install new software any more than you want to be one of the first people to buy a new car model that has just rolled off of the assembly line for the first time. It is better to let other people play the role of guinea pigs and test dummies. In the case of Windows 10, released on schedule on July 29th after nearly a year of beta testing, there have already been 3 cumulative updates as of August 14th, all intended to resolve early problems. The cumulative updates combined OS updates and security patches, a recipe that can often lead to unexpected results. Some of the widely identified issues involve video streaming problems when using services like Netflix and YouTube, while other users have reportedly been trapped in reboot loops when installing the updates. A Google search for “problems with Windows 10 upgrade” at the time of this post produces 7,980,000 results.
Perhaps the biggest complaint about Windows 10 is its invasiveness. With the exception of enterprise editions of the software, updates under Windows 10 have all become mandatory, automatically installing whatever software Microsoft wants on your computer, whenever it wants. Independent software developers – much to Microsoft’s displeasure – are already issuing third-party patches that will prevent the automatic updates. More tech-savvy users can already find instructions online that will walk them through the process of disabling some of the more intrusive privacy concerns that are built into the default settings of Windows 10, including settings found in a total of 13 screens under the “Privacy” tab alone.
Microsoft is betting that the vast majority of users will never adjust those settings. To the contrary, my recommendation is that people wait until a wider range of third-party software becomes available that will automate and simplify the process of disabling the many very legitimate privacy concerns involving Windows 10. We all know that the vast majority of people will not take the time to go into settings to make changes – or are simply not comfortable or knowledgeable enough to do so themselves.
There is reason for concern that some of the “features” of Windows 10 are suspected to include a wide range of spyware. Perhaps the most innovative feature of Windows 10 is Cortana, the new conversational virtual assistant that is akin to Apple’s Siri. Cortana’s usefulness is built upon its access to such personal information as your location, calendar, contacts and such. Because Cortana is a conversational tool that has merely been made personalized, it is also constantly listening for your instructions. You may want to weigh the costs versus the usefulness.
People who have read the fine print in the EULA (end user licensing agreement) for Windows 10 find even more reason for concern, reporting that it allows Microsoft to scan your computer to disable any software that it feels is not properly licensed, including software used in various online and cross-device services such as Xbox Live. It also says that Microsoft “will access, disclose and preserve personal data”, including “the content of your emails, other private communications or files in private folders” and “may refer the matter to law enforcement.” The key operative word is not “may”, but “will”.
Just in case you now have second thoughts about installing Windows 10, and you have already “reserved” your copy thanks to unwittingly installing that update, here is how to stop the upgrade from downloading and installing … until you are absolutely sure that you are ready to do so.
First of all, start Windows Update. You may see that Windows 10 is already downloading. If you see a screen that says “Windows 10 is downloading!” and “Download – In progress”, click on the “View download progress” button. On the next screen, click on the “Stop download” button.
You may also see that Windows 10 has already fully downloaded and is ready to install. If so, do NOT click on the “Get started” button (unless you have decided that everything that I have written is nonsense.)
In either instance, click on the “View update history” link on the left of the Windows Update screen, then click on “Installed Updates”. You can use the search box in the upper right corner to look for kb3035583. Click on it in the search results, then choose “Yes” to remove it. You will need to restart your computer (which may take longer than usual.)
When your computer has restarted, go back into Windows Update, and you will see KB3035583 once again appearing as an optional or recommended update. To get Windows Update from nagging you endlessly to re-install the update, right click on it then select “Hide this update”. If Windows 10 has already finished downloading, right click on that as well, then select “Hide this update”. For the moment, you will have taken a few small steps toward maintaining a degree of control of your computer and your personal privacy.
###
Update: August 27, 2015
This morning, it appears that Microsoft will not allow a user to install important updates (in this case, an update to Windows Defender), unless you first allow it to download and install the Get Windows 10 app. The following screen shots show the endless loop that I just encountered when attempting to download and install the important update, without re-installing the update that I do not want.
Click on the “Show all available updates” link:
Check the “Important” update that you want to install, then click OK:
Back to where you started, with Microsoft attempting to force you to install the Get Windows 10 app:
I am sure that there will be more to come. In the meantime, shame on you, Microsoft!
###
Update: August 28, 2015
Here is how to solve the problem outlined above. Click on “Show all available updates”, click to see the Optional updates, then UNCHECK “Upgrade to Windows 10 Pro”.
This will allow you to download and install the updates that you want to install, without installing the Get Windows 10 App. You will probably have to do this every time you run Windows Update.
This post was written by Peter Pelland
Posted in Cyber Security |
Beware of Some of the Latest Scams
August 17th, 2015
I always try to do my best to warn readers to avoid getting entrapped by any of the wide range of scams that are prevalent today. We read about them in the newspaper and hear about them on the TV news, but most of us think that they could “never happen to me”, that they only victimize the elderly or people of lesser intelligence. Guess what? Scam operators are good at what they do, and they are getting better all the time.
The way that scams succeed is by being as believable as possible. People fall for the house rentals on Craigslist because the houses are actually there at the addresses listed. They are simply not available for rent, and they are not owned by the crooks who want to collect the first and last months’ rent and security deposits. As people become more aware of the scams, the scammers do a bit more research and become more creative in order to increase their odds of finding their mark.
419 Scams
I recently received a half dozen e-mails from a “woman” who expressed an interest in having a website built, a project that at first glance appeared to be a perfect fit for my company. One of “Jennifer’s” first questions was whether we accepted credit cards. (Had my answer been “no”, I am sure that would have been the end of the e-mails.) The scammer claimed to be based in South Carolina, had an established business importing specialty agricultural products from South America, had a “project consultant” who would be providing us with a logo and text, had a very generous budget, and was very anxious to get the project underway. What was vague was the actual identity of the business and her credentials, other than a fictitious business name.
When my searches for both “Jennifer Mark” and “DW Fresh” came up empty on Google, Manta, LinkedIn, and other online resources, I explained that we would need to review a full credit application and be paid a substantial deposit before any work could commence. Then came the kicker: The scammer offered to roughly double the required deposit, but needed me to do her a “favour” by paying her “project consultant” a $2,800.00 cash payment so that he would release the creative materials while she was “presently in the hospital for surgery”. In other words, I was supposed to accept a $6,500.00 deposit (most assuredly on a stolen credit card), then pay the scammer nearly half of that, with the funds gone from my account before the charge was declined due to the card being identified as stolen.
This type of advance fee fraud is what is generally referred to as a “419 scam”, based upon the section of the Nigerian penal code that addresses fraud schemes. It can involve letters, faxes or e-mails, and – as I have just demonstrated – it has gotten very creative, not necessarily involving extremely large sums of money or trips to Nigeria. What they all have in common is some sort of advance fee. If you run a campground, you could be contacted by somebody who wanted to reserve a block of 100 sites during your off season. That would be welcome income, but curb your excitement unless all of your questions are answered to your satisfaction and there is no suggestion of funds flowing in the opposite direction for any reason.
Officer Ray Fleck
Another scam that has been making the rounds lately has been a robocall from “Officer Ray Fleck”, allegedly working in the audit division of the Internal Revenue Service. I have received these calls. The caller, in a very brash and threatening voice, claims that the Internal Revenue Service is filing suit against you, and that it is imperative that you return the call to make a credit card payment that will satisfy your alleged tax obligations and prevent the filing of suit in your local court. Needless to say, the IRS does not employ a force of thugs who call citizens and demand their credit card numbers, but some people are easily intimidated, making this scam highly successful for its perpetrators.
Windows Service Center
Finally, the “Windows Service Center” scams are still alive and kicking. The callers – usually with heavy accents – claim that they are calling from Microsoft. They are hoping to reach people who have little technical experience and who are coincidentally experiencing some sort of problem with their computers. I received such a call from a person who identified himself as “Jim Sparkle”, and who said that he had been “monitoring my computer” and found that it had a “major problem”. He said that he was “doing his duty” because my computer was “ready to crash down at any time”.
What these scammers want is not only your credit card number but also remote access to your computer, allowing them to install spyware and steal sensitive information. They have various “service plans” that will solve your computer problems, of course suggesting the “lifetime” service plan which was, in my case, discounted to $299.00 and would cover any computer that I ever owned over the course of my lifetime. If you receive one of these calls and have some time to spare, act dumb, and string the caller along a bit (which can admittedly be a bit of fun). You will typically learn at the end of the call that people in other countries have an extensive vocabulary of English language profanities.
The point is that you need to remain vigilant and cautious whenever you are contacted under circumstances that just don’t feel quite right. If you receive an unsolicited contact by anybody who asks you for a credit card number, it is time to end the conversation and continue with business as usual. Scams will always be with us, but with a healthy dose of skepticism, you can prevent yourself from becoming a victim.
This post was written by Peter Pelland
Tags: 419 scams, Jim Sparkle, Nigerian scams, Officer Ray Fleck, online fraud, online scams, telemarketing fraud, telephone scams, Windows Service Center Posted in Cyber Security, Scams |
Domain Name Registration Pitfalls
August 11th, 2015
Recent events have encouraged me to revisit a topic that I first brought to the public’s attention back in 2010. There is quite an online industry involved with domain name registrations, the buying and selling of domain names, and the consequences that involve expirations. Generally speaking, the people involved in these practices spend very little money while in search of tremendously large profits.
About a month ago, one of our clients – a campground in Connecticut – asked me to check into the availability of a more desirable domain name to replace the domain name that they had been using (but that was actually under the control of another individual, with the strong potential for a future dispute.) When I checked the new domain name, I found that it was listed as “for sale” at a price of $500.00. My client authorized me to intervene on their behalf, willing to pay as much as $400.00. Over the next few weeks of shrewd negotiations, I suddenly found that the domain was released, and I immediately registered it on behalf of our client for our standard fee of $35.00 – not the $400.00 that they were willing to pay or the $500.00 that the alleged seller wanted. What happened?
Let me answer that question with another question. Have you ever received an e-mail from a company offering to sell you a “premium domain name” that is similar to your existing domain name? They contacted you because you were listed as a contact for your own domain name, and they were looking for a likely buyer who was willing to take the bait. I have had instances where I have received several consecutive offers from different companies, all offering to sell me the same domain name. The fact is that, in nearly every instance, none of these sellers actually owns the domain names that they are offering to sell. Sound confusing? Read on!
Protect your existing domain name.
First of all, protect your existing domain name from potential hijacking. Unless you are certain where your domain name is registered, know that it is locked to prevent transfer, and know its expiration/renewal date, do yourself a favor and perform a whois lookup. Go to http://whois.com/ and enter your domain name. Confirm that YOU are listed as the registrant and that the domain status includes the words “Transfer Prohibited”, “Update Prohibited” and “Delete Prohibited”. You might be surprised to find that your webmaster or hosting company is the actual registrant (owner) of your domain name – the scenario that our client faced and something that needs to be corrected immediately; that the e-mail address associated with your name is an old AOL e-mail address that you have not used in years; or that your domain is unlocked – which is roughly equivalent to the carelessness of leaving your parked car unlocked on the streets of a major city.
Whether you or your webmaster handle your domain name registration renewals, you will know if it has been allowed to expire because your website will suddenly become inaccessible. That in itself is not a reason to panic; however, you do not want to ever allow your domain name to go beyond the Redemption Grace Period (RGP) status as outlined in guidelines set forth by ICANN (the Internet Corporation for Assigned Names and Numbers). The guidelines (not rules) allow for a 30-day RGP term, after which your domain goes into “Pending Delete” status for an additional 5 days. At the end of those 5 days, it is purged from the registry database and becomes available for anybody to register. That could be anyone from a business with the same name in another state to one of your more vindictive competitors.
Unfortunately, some registrars add their own unique rules to the guidelines that have been put forth by ICANN. For example, GoDaddy will make you pay an $80.00 “redemption fee” on the 19th day. On the 26th day, they will enter your domain into a 10-day “Expired Domain Name Auction” and, if there are no bidders, will then enter it into an additional 5-day “Closeout Auction”, seeking every opportunity possible to profit from your oversight and increasing the likelihood that you will be unable to recover your domain name. Only if there are no bidders at this second auction will they release the domain.
Network Solutions has an even worse policy, stating that your domain name is subject to deletion at any time after it has been allowed to expire. They say that they “endeavor to provide a grace period that extends 35 days past the expiration date” but that the “grace period is not guaranteed and can change or be eliminated at any time without notice.” Network Solutions states that “a Redemption Grace Period (RGP) is not guaranteed and customers should renew their domain name registration services in advance of the domain name registration expiration date(s) to avoid deletion of domain name registration services.” Just when you thought that GoDaddy’s $80.00 redemption fee was outrageous, Network Solutions’ fee is far worse. Their policy continues, “If we decide to provide the redemption service to a customer, we charge a fee of $299.00 to redeem and renew a domain name registration during the RGP.”
The bottom line is that you should never allow your domain name to expire.
What happens when your domain is in this Redemption Grace Period? Basically, it enters a domain name limbo otherwise known as the domain name aftermarket, sort of like an enormous used car sales lot or automobile auction. What happens is that vultures appear out of nowhere. The practice is referred to by a number of names, with domain tasting and domain front running being the most common descriptions. Many registrars also encourage a process called “backordering” which allows interested buyers to move to the head of the line during the RGP. Some of these same registrars have also been known to provide information directly to these domain tasters, whenever somebody performs a whois lookup, checking on the availability of a domain name but then failing to register it immediately. Returning a few days later, you find that the domain name appears to have (not coincidentally) just been registered and is suddenly listed for sale at a very high price. The seller is hoping that you will still want the domain name and will be willing to submit to what is essentially highway robbery.
Typically, domain tasters work with a registrar that will even allow them a 5-day grace period to cancel out of the registration if you, the potential buyer, do not agree to pay their fee. However it is handled, these are people who are trying to sell you domain names that they usually do not even own, in many instances running auctions of their own, driving up the price if they find more than one interested potential buyer.
Knowledge is your best defense against fraud.
Understand that there are three basic components when you own a website: The site construction fee (usually the most expensive component, unless you have built a do-it-yourself site), the annual or monthly hosting fee, and the domain name registration fee. The domain name registration fee is by far the least expensive of those three components – unless and until you lose your domain name, when its recovery can be very, very costly. Our client was lucky in this instance, and I have successfully intervened in many similar circumstances, but nobody in business wants to rely simply upon luck. Follow the steps that I have outlined, and do everything necessary to prevent the loss of your domain name from ever occurring.
This post was written by Peter Pelland
Tags: Domain Name Registrations, GoDaddy, ICANN, Network Solutions, Redemption Grace Period, whois lookup Posted in Domain Name Registrations, Website Development |
Referring Sites Bark Up Some Traffic
August 4th, 2015
The challenge of any website is to convert traffic into buyers who take the site’s prescribed call to action. Whether it means putting an item into a shopping cart, signing an online petition to save the whales, making a charitable contribution, or reserving a campsite for the third weekend in August, if a site lacks traffic it has no chance of converting those numbers of visitors into buyers. Fortunately, there are many ways to drive traffic to your site.
Many businesses have become convinced in recent years that the key to traffic is strictly a matter of search engine optimization (SEO). In desperation and out of confusion, they fall prey to a host of companies (who often initiate contact through spam or from a telemarketing boiler room operation) offering so-called guaranteed search engine placement or keyword analysis services that usually run automated software. Some other companies act like they possess a uniquely secret talent, with one recently proclaiming itself to be the “official SEO company of the campground industry”. The claims can get pretty preposterous. I actually received a telemarketing call a while back from an outfit in India called “BS SEO”. The name says it all!
With the decreasing role of search engine traffic, the role of referring sites becomes ever more important. The cumulative impact from established referring sites is not only measured directly by the traffic that they generate but also from the listings and their positive influence upon search engine rankings. With that in mind, one of your goals should be to ensure that your website is listed in as many online resources that are relevant to your business as possible. More importantly, check to confirm that the listings and links to your website are correct and unbroken.
Where to List
The best way to start is to compile a list of resources where your business should already be listed as one of your benefits of membership. Never assume that these listings are correct and up-to-date. Check them individually, and you will often be surprised by outdated content that could be negatively impacting the effectiveness of your listing. Start this list with your membership listings on any local, regional, or state chambers of commerce and tourism boards to which you belong. Check for details like current e-mail addresses, as well as your correct Web address, ideally including a direct link to your website.
Next on the checklist for campgrounds and related businesses are the state, regional, and national associations where your business maintains membership. These include National ARVC’s Go Camping America website and your state association website. When checking listings recently on three of the largest campground state association websites in the United States, I was shocked by the number of broken website links that I encountered. Most of those were the result of programming errors within the sites, a few were the result of spelling errors, but others were the result of updated information that was never passed along to the association by the owners of the individual campgrounds.
There were also several instances of campgrounds that had lost the domain names that were listed, even though they had new websites built under new domain names. Rather than sending people to their new (and presumably improved) website, visitors encountered either a “404 file not found” error page or a page indicating that the old domain name was for sale – either way leading many people to conclude that the campground is out of business and permanently closed. In one or two other instances, I found campgrounds with new domain names and who had not lost control of their old domain names, but did not provide redirects from the old to the new.
I should also mention that I encountered many websites with e-mail addresses that were invalid, making any attempt to contact the businesses bounce faster than a basketball. I have also encountered phone numbers that go to voicemail but that are either not set up to accept voicemails or have mailboxes that are full. Why not just lock your doors and find another line of work?
Each of the state associations has a member services website, usually password-protected, where you can enter any listing information that may be incorrect, incomplete, or entirely missing. Check your listings, and get ensure that they are as complete, correct, and up-to-date as possible.
Those are some of the most obvious resources where your campground would expect to be listed. Next, it is time to get listed in any of a wide range of specialized directories that relate to your business. Be sure to include performers who are scheduled to appear at your park. Almost all of them have their own websites, where they list their upcoming performance schedules. Provide links to them on your website’s activities schedule, then insist that they provide reciprocal links to your site. Many fans of these performers follow their schedules and could become first-time guests at your park.
Dog-Friendly Online Directories
There are many websites that list campgrounds that cater to specific types of camping. Some, for example, list campgrounds with yurts. Others list campgrounds with free wi-fi service. Others list campgrounds that are pet-friendly, and I will concentrate on these. Pets are indisputably the new family members. If your park is pet-friendly, there are many online resources that will help you to spread the word. Some of these sites even offer free listings or free trials. To save you time in researching these resources, I have compiled a comprehensive list of sites that cater to pet-friendly travel. I have excluded any sites that appear to be down, list only hotels, or are tied into another paid service.
In each instance, I am listing the website’s URL, its number of yearly visitors (as shown at StatShow.com), its annual listing fee, and the cost per thousand yearly visitors. This last number is an apples-to-apples way of comparing the cost-effectiveness of each site.
Somebody searching for camping accommodations on one or more of these sites is an excellent prospect to become a guest at your campground, probably a camper who has not stayed at your park before and would be unlikely to choose your park without this referral “nudge”. Since most people probably refer to only one of these resources – rather than searching through multiple resources – listing your park on more than one site is probably going to significantly expand your reach.
Building your presence on referral sites is only one of many ways to attract new guests. Now that you have this information at your disposal, put it to use!
This post was written by Peter Pelland
Tags: dog-friendly, official SEO company of the campground industry, pet-friendly, referring sites, SEO Posted in Marketing Strategies, SEO & Organic Search, Site Submission Resources |
|