Monthly Archives: January 2010

Useful Tips

Posted on 2010-01-25 | Comments Off on Useful Tips

If you use Office software for your job, chances are you would like to get more proficient with these tools. Many Office products are so complex these days that it can be difficult to resolve nagging problems or know where to look. I get some of my information from a couple of weekly e-mails, WordTips and ExcelTips. These free weekly newsletters are just what the name implies, a collection of useful tips that just might help you to tame the beast.

Comments Off on Useful Tips

Posted in How-to

Tagged ,

Adobe: A Security Risk

Posted on 2010-01-22 | Comments Off on Adobe: A Security Risk

Most of us know that operating systems have security issues. Microsoft is best known for this, and issues patches every month on “Patch Tuesday” (the second Tuesday of each month). But Microsoft is not the only one with issues. Viruses and trojans targeting Macintosh computers are becoming more common, and my Linux boxes get security updates regularly. We also know that browsers are a source of security vulnerabilities. Just a few days ago a problem in Internet Explorer seems to have created the opening used to hack Google’s servers in China, but again, I get regular security fixes to my Firefox installations as well.

What you may not have thought about are the vulnerabilities created by the other programs you run, and in this case we have several that come from Adobe. This company has created two file types that are essentially ubiquitous on the Internet: Adobe Flash (this runs all of those YouTube videos, and most video on the Internet), and Adobe Acrobat (PDF files, which are very popular for distributing all kinds of print content). And with these file types, Adobe has created serious problems for users.

Adobe Flash

The problem with Flash is that Adobe essentially re-introduced cookies in a way in that most people did not expect, and were probably not aware of. How big a problem this is depends on your views regarding cookies. I think they are mostly benign, but there are exceptions. I personally do not allow what are called “third-party” cookies. If I visit Google, for instance, I am recognized because of a cookie on my computer that tells Google it is me, and all of my settings and personalizations are preserved for me. I like that. What I do not want is Google giving my information to another company, like DoubleClick (actually, this is owned by Google, but I still don’t like them). DoubleClick would love to track what I do on all other Web sites so they build a profile and send me ads. I set Firefox to reject that. But now it turns out that Adobe Flash, which is used in a lot of Web sites, is creating its own cookies to track what I do. It is even possible for Adobe Flash to create browser cookies, even to re-instate browser cookies I had previously deleted (called respawning). You can read some details in this story from Wired.

So, what can you do? If you want to stop Flash from setting cookies at all, you have to do it indirectly. Adobe apparently never considered this from a security perspective, and so you do not have the options in Flash that you have in most browsers to control this. You can do one or both of two things: 1) Delete all existing cookies: and 2) Stop new ones from being created.

To delete existing cookies, you need to remove all of the *.LSO files on your computer. LSO stands for Local Shared Objects, and this is the equivalent of a cookie. Use whatever search methods your operating system offers, and delete these files. Another way (for Firefox users) is to install the add on BetterPrivacy. This gives you a bunch of options, such as clearing all Flash cookies when the browser shuts down, or when it starts up, and also adds an option to clear all Flash cookies to the dialog for clearing your browsing history. If you use Firefox and want privacy, this add on is very valuable.

In addition to deleting cookies, you can prevent them from ever being stored, but the method is a bit weird. You need to adjust the settings of your Flash player through Adobe’s web site. Go to the Settings Manager, and select Global Storage Settings. Note that it is not the Privacy settings you want here, it is the Storage settings. In the window it brings up, set your storage to None (all the way to the left), and place a check mark in Never Ask Again, and remove the check mark for Allow third-party Flash content to store data on your computer. Note that this may cause some sites to stop working, and it may turn out to be sites you need to work with. In that case, allow third-party Flash content again, and take out the check mark for Never Ask Again. If you leave the storage set to None, it will have to ask you each time if it can have permission to store a cookie.

Adobe Acrobat (PDF)

The problem here is that someone at Adobe had the bright idea that PDF files ought to able to run Javascript. Now, from a security perspective you can argue that browsers should not be allowed to run Javascript. It is one big huge security vulnerability waiting to bite you, and if you are not careful about controlling it, it will eventually get you. But because virtually all of the major sites use it, you often feel like you have no choice. Still, there is an excellent add-on for Firefox and other Mozilla-based browsers called NoScript that gives you pretty good control. In a PDF file, I can only assume that insanity has taken hold at Adobe to add Javascript capability. (Either that, or a pact with Satan. You make the call.) This is just horrible. But what can you do?

Fortunately, this is pretty simple. Open your Acrobat Reader, go to Edit –> Preferences –> Javascript, and remove the checkmark in Enable Acrobat Javascript. This is easy to do, but you want to make sure you do it. There are already exploits in the wild that take advantage of this gaping security hole, and you want to be protected. There is no good reason at all to have Javascript in a PDF document. PDF was created for one reason: To have control over the page layout of documents that are electronically distributed. And Javascript is completely unnecessary for that.

Comments Off on Adobe: A Security Risk

Posted in News

Tagged

Is Office Software Obsolete?

Posted on 2010-01-01 | Comments Off on Is Office Software Obsolete?

One of the audio podcasts I listen to is This Week In Google, which despite the name actually covers everything cloud-related, not just Google. It is a very interesting podcast, with Gina Trapani, Jeff Jarvis, and Leo Laporte. In this particular episode, Leo asked the others what they used for most of their writing. In each case, it was some kind of online application, not a conventional word processor like Microsoft Word, WordPerfect, or OpenOffice.org Writer. Jeff Jarvis did allow that he had to use Microsoft word when he wrote the book, but he did phrase it as he “had to use it.” It really did sound as if he would have preferred to use something else. Gina Trapani is writing a book right now, on Google Wave, and is doing it all in a wiki that is open to others.

I think that for some things there is no real replacement for the power of a desktop program. As I mentioned in a previous post, I had a contract once at a large legal practice, and I can assure you that lawyers will not be using Google Docs any time soon to write their legal papers. And there are very real questions about security if your documents are online. Plus, you have to consider that having things online can present problems if anything happens to your Internet access or the remote servers. You would be cut off from access to your files.

A lot of pundits have taken these objections as evidence that online software will “never” replace desktop programs. I am not sure. I think there are other facts that these pundits overlook. The first is that online software will continue to be developed. The feature list of desktop software is so rich now that there really isn’t a lot left for them to do. The major new feature of Office 2007, for example, was the Ribbon, and that has received more criticism than praise as far as I can tell. The other major change is in file formats, which is not something most users care about at all. So I think online software can catch up by virtue of the fact that desktop software is pretty much at a dead end.

The second point that we need to consider is how technology will change in the next few years. Most folks have heard about Moore’s Law, which is about how processors will double in capability every 18 months or so. In fact, this type of exponential growth is not restricted to just processors. All technology is growing exponentially. Each new generation of wireless is approximately 10 times faster than the previous generation. Broadband speeds are growing, and so on. Technical barriers to “cloud” software that we see today we possibly won’t see in 2-3 years as the technology improves.

The final point to consider is that these changes often happen rather quickly when a tipping point is reached. There is a technical term, hysteresis, which we could use here. What this means is that a smooth change in the technical and economic parameters can appear to have no effect for a period of time, and then in a fairly short time frame everything changes. I suspect the change from desktop office software to online “cloud” equivalents will probably display this type of behavior. Clearly the online software has an economic advantage, since most of it is free. And online does have advantages in a world where increasingly people want to have access to all of their data all of the time, no matter where they are. We may well see a sudden shift when everything lines up to make the online applications preferable.

One last point is that this will not mean that desktop office software disappears, only that it will not be the dominant way documents, spreadsheets, and presentations are created.

Comments Off on Is Office Software Obsolete?

Posted in Editorial

Tagged