Ask DACS
October 2012

Moderated and reported by Jim Scheef

Ask DACS is a Question and Answer session before the main presentation at the monthly General Meeting. We solicit questions from the floor and then answers from other audience members. My role as moderator is to try to guide the discussion to a likely solution to the problem.

Q – I'm planning to upgrade from my Macintosh Power-PC to an Intel-based Mac. The model I've chosen has two processor options: The Intel Core i5 and the Core i7. What's the difference and which should I get?
A - The discussion at the meeting was basically correct in that the i7 is Intel's high-performance chip while the i5 is aimed at the middle of the road market. Intel's entry-level chip is the Core i3. What I said at the meeting, "the more 'i's the better" is true for the performance of this particular choice of Macintosh system options. The more I read about the new Intel processors, the more my eyes glaze over and I start looking for a wall on which to bang my head. For more information about the processors, I refer the reader to articles on a couple of blogs; just be aware that there are many more such sources.
TechHive: "Intel's New Core i7 and Core i5 Processors Explained" (tinyurl.com/8nscdmr)
Bright Hub: "Core i5 vs. Core i7: What's the Difference?" (tinyurl.com/yjx78od)
Bright Hub: "Core i3 vs i5 vs i7: A Summary of Intel's Processors" (tinyurl.com/35vx8rs)
To answer the last part of the question, one member suggested choosing the Core i5 and saving the money. The performance improvement from an older PowerPC Mac will be so great that the extra expense is a waste.

Q – Lately, Firefox 15 appears to stall on my PC running Windows XP. The processor is maxed out on something called a "plugin container". What is this and do I need it? This happens on sites like the New York Times.
A - From the discussion: a "plugin container" is how Firefox isolates plug-ins like Flash and Acrobat from the rest of the computer. While a help in both security and reliability, it is not fool-proof. Because of this, it is important to keep all such ad-ons up to date with the latest version. One member suggested that the computer in question may have an older version of Flash that was causing the problem. If you have not updated Adobe Flash in several months, my suggestion is to uninstall it completely (using Add/Remove Programs in XP) and then installing the latest version direct from the Adobe website (adobe.com). As people added comments, it seems that Adobe lives by its own rules, so updates are best done with other programs closed. Note that newer versions of Flash have an applet installed in Control Panel.
D - In a follow-up, the discussion turned to Java. The consensus was that most people need only the Java runtime engine. This is what allows your computer to run programs written in the Java programming language. Like other things on your computer, the Java runtime should be kept up to date. The Java Developers Kit is needed only if you are writing programs in Java so most people do not need the Developers Kit. Richard Corzo, our Apple SIG leader, noted that the latest version of the Mac OS does not include Java as part of the default installation. This should not be interpreted as a condemnation of Java by Apple, but rather an attempt to ensure that when you install Java on your Mac, that you install the very latest version.

Q - If you install add-ons in Firefox, do the add-ons track what you do on the Internet?
A - The add-ons or extensions available on the Mozilla website are written by independent programmers and each add-on does what it was programmed to do. When you install an add-on you are trusting that the add-on does what it says in the description and nothing more. If you are unsure about an add-on, read the reviews shown below the description and judge for yourself. Certainly it is possible to write an add-on that could send information back to a tracking database or even do malicious things. I'm probably only a little more paranoid than average and I have fourteen Firefox add-ons installed on my main computer. These range from the indispensible PlainOldFavorites to NoScript, AdBlock Plus, and the Yahoo Toolbar. Most add-ons are very small programs that manipulate what Firefox calls "chrome", the settings and outer "trim" of the browser. Toolbars are another matter as they are more significant programs that have complete access to your browsing activity. This is why every search engine tries so hard to get its toolbar installed in your browser. Yahoo is the least overt in this effort which may be why I like it best.
As the discussion continued, a visitor commented that your ISP keeps a record of every website you visit and the addressees of every email you send. This is required by the renewal of the Patriot Act (fact checking is encouraged here). I believe they are required to retain this for some limited period of time in case it is requested by a law enforcement agency. Anonymity on the Internet is a thing of the past. Even back in the days of dial-up Internet connections, your account was always traceable to your credit card. Next discussion turned to what information a website can collect about visitors. At a minimum, the site knows every page you request, your IP address and any information disclosed by your browser. Normally this includes the type of browser and version number, and basic information like the version of your computer's operating system. But can the website identify you by your name? As usual, there was much good discussion. Certainly your ISP knows the billing name associated with your IP address, even if your address is dynamic and changes from time to time. Assuming you have not registered with the website, giving them your name, the website can possibly infer a lot about who from what you do on the website.
Another member described a process whereby your machine can be "fingerprinted" so that it can be identified. How this can be done would be a topic for another discussion. Certainly the MAC (media access control) address that is burned into every Ethernet adapter, whether wired or wireless, is a unique identifying "mark" for your computer but I must add that even this can be spoofed.
At the most basic level are the cookies that website place on your computer to store information. Companies like DoubleClick (owned by Google) place cookies that can be read on many websites and over time can be used to track your habits on the Internet. Enabling the "Do not track" setting in your browser is a signal to such companies to "not do that". Some browsers have an "anonymous mode" that discards any cookies and browsing history at the end of a browsing session.
There are proxy servers on the Internet that can hide or obscure your IP address from the websites you visit. They do this by becoming a "man in the middle" who receives web requests from your computer. Then they pass them on to the website as if coming from the proxy. Thus, the website sees only the proxy's IP address rather than yours. Looking at the other end, your computer and all the routers between you and the proxy, see only the proxies IP address rather than that of the destination website. The proxy can be located anywhere in the world.These servers can act as a gateway for people in restricted countries like China, Saudi Arabia, and Iran to reach sites that are otherwise blocked by their governments. The Wikipedia article is at wikipedia.org/wiki/Proxy_servers.
A member described how when he visited eBay, a message came up about how he was using a different computer and that he must validate his identity on that computer. This is similar to the 2-factor identification procedures used by many banks use when you sign into their banking site. Once you have validated your identity, the site places a special cookie that identifies the computer as authorized for access to your bank accounts. I've seen a new feature on eBay that ties your PayPal account directly to your eBay account. Once this is done, your PayPal account is only as secure as your eBay password. If your bank requests special confirmation every time you want to do your banking, then the cookie that identifies your computer is being lost between sessions.

Q - Is anyone using VMware ESX or Microsoft Hyper-V at home?
A - These are two competing enterprise-level hypervisor technologies. Each runs at the very lowest level on a server and then runs one or more "guest" operating systems on a single computer. The guests are called "virtual machines" (VM) because the hypervisor creates a virtual hardware environment for each of the guests. Several members indicated that they use versions of this technology on their PCs to run copies of Windows to test software. Gamers use VMs to run older versions of Windows or even DOS so they can play games that won't run on Vista or Win7. The "XP Mode", available with some editions of Win7, is a VM that runs a full instance of Windows XP.
At the enterprise level, VMs allow a company (or the occasional individual) to combine several servers onto one physical machine that hopefully costs less to buy and maintain. I'm presently migrating two physical machines I've had for several years to a single new machine that will eventually host five virtual machines. Believe it or not, this will actually simplify my network.

Q - I heard on the news today that China had hacked into the White House. How could this happen?
A - News reports on various websites reported that the White House had confirmed a spear phishing attack.
From the Huffington Post:
"Hackers breached an unclassified computer network used by the White House, but did not appear to have stolen any data, a White House official said Monday.
The hackers breached the network by using a technique known as spear phishing, in which they target victims who have access to sensitive computer networks by sending personalized emails that appear to come from trusted sources. Once the victims click on the bogus attachment or link, the hackers can install malicious software on the PCs to spy on users and steal data."
The article went on to say the attack was identified and stopped before serious damage could occur (tinyurl.com/8s775jr). Note that such an attack will work just as well on us "real people". Some time back, I reported that I had almost fallen for a phishing email designed to look like it came from my bank. I was particularly vulnerable after visiting the bank's credit card site.

Q - Does anyone have knowledge of National Semiconductor here in Danbury?
A - I had a friend who worked at Nat Semi in the mid 1970's. The Wikipedia article is wikipedia.org/wiki/National_Semiconductor. From the article: The company was founded here in Danbury by Dr. Bernard J Rothlein on May 27, 1959, when he and seven colleagues had left their employment at the semiconductor division of Sperry Rand Corporation. The Danbury facilities closed in 1989. I believe the facilities were later occupied by Branson Ultrasonics Corporation, another technology company founded here in Danbury.

[Disclaimer: Ask DACS questions come from members by email or from the audience attending the general meeting. Answers are suggestions offered by meeting attendees and represent a consensus of those responding. DACS offers no warranty as to the correctness of the answers and anyone following these suggestions or answers
does so at their own risk. In other words, we could be totally wrong!

.

Questions for the upcoming meeting can be emailed to askdacs@dacs.org.

Disclaimer: Ask DACS questions come from members by email or from the audience attending the general meeting. Answers are suggestions offered by meeting attendees and represent a consensus of those responding. DACS offers no warranty as to the correctness of the answers and anyone following these suggestions or answers does so at their own risk. In other words, we could be totally wrong!