ksurl – make yourself at home, take whatever you want…

SubterfugeThe other day I invited some friends round. I cooked them a nice meal and we enjoyed drinks and a movie, then as the hour became late we said our goodbyes promising to catch up again soon. I didn’t realize quite how soon though…  The following day I was working at home as I usually do, when I heard a noise downstairs. On investigating I found that my new friends had let themselves in, were helping themselves to my snacks and were watching a movie on my TV, using my electricity and generally making themselves at home.

Now you might think this is a bit off. It’s one thing to invite your friends round when you’re ready to entertain and give your house over to them, but it’s another thing entirely if they abuse that trust and without so much as a “Please may I…” they just do as they please with your place. Well if like me you’ve tried Google Chrome, then you’ve got these same friends as well!

You see a while ago I installed Google Chrome after reading how quick it is, and how it makes Firefox (my current browser of choice) look Google Chromelike some lardy pizza shop owner. Indeed Chrome does feel quite sprightly, and I must say I do like the Speed Dial extension, which looks far superior to its Firefox counterpart. However what I didn’t realize when I installed Chrome, and which is probably buried in the small print somewhere, is that Chrome will run a process on my Mac even when Chrome itself isn’t even running. It’s called KSURL and at least four times a day it will attempt to call home, presumably to see if there’s a new version of Chrome or some other Google component that needs updating.

In fact, had it not been for Little Snitch blowing the whistle on ksurl, I would never even have known that it was running and helping itself to my Mac’s CPU and memory resources. You see up popped a warning that process ‘ksurl’ was trying to connect to a Google web address (cache.pack.google.com), but looking in Activity Monitor there was nothing, not even when I chose to view all processes rather than just my own. So, even though Chrome isn’t even running, some process has been spawned by installing Chrome, that periodically runs and calls home to see if there’s an update. Ok, the resources used by this process are probably tiny, but that’s not the point. It’s the fact that the authors of Google Chrome decided to let it behave like this – basically to run on your Mac without your knowledge or permission.

Little SnitchNow I’ve got quite a few applications on my Mac that check for updates and the accepted way seems to be a preferences setting that says ‘Automatically check for updates on start-up, or daily, or whatever’. Basically when you run the app then with your permission the first thing it does is to check to see if there’s a newer version of itself. Why isn’t that good enough for Google Chrome? Why do they have to be sneaky about it? Sure there’s a, ‘Update now’ button on the About Chrome dialogue, but if Chrome is constantly checking for updates in the background, then what’s the point? Imagine if every single app you installed on your Mac took the same approach – you could have potentially hundreds of background processes always running, always calling home, always consuming your precious resources.

Now it just remains for me to find the process that triggers these ‘ksurl’ warnings in Little Snitch, so that I can kill it off.

Advertisements

Webroot SpySweeper – The curse of the automated renewal

PLEASE NOTE – This is a personal blog and the article below is just a summary of my experiences when I tried to cancel my subscription. I have seen more and more comments coming through for approval, posted by people requesting cancellation of a Webroot subscription is cancelled. Unfortunately I can’t help with that as I have no connection with the Webroot company and/or their products. If you want to cancel your Webroot subscription, you should contact Webroot direct either by phone or by email. Good Luck.
Great software. Not so great service.

Great software. Not quite so great service.

For many years as a Windows PC user, I used various bits of security software. One such product was Webroot SpySweeper and I have to say that it worked very well and generally got good reviews for its performance. However, on switching to the Mac I naturally no longer had a need for it and you’d think that would be the end of the story, but unfortunately it wasn’t.

The problem is that when you buy Webroot SpySweeper and give them your credit card details, they put you on an automatic renewal system. This was not a choice, it was something that was done automatically and while companies will argue that this is convenient for their customers, it’s an approach that I happen to dislike for reasons that will become obvious. So, in early February I received an automated email from Webroot informing me that my subscription to SpySweeper will be automatically renewed

“This email is to remind you that your subscription with   will automatically renew soon.  If you would like to cancel your subscription, please visit the link below:
http://www.findmyorder.com

Please note: This email message was sent from a notification-only address that cannot accept incoming email. Please do not reply to this message.

Sincerely,
Webroot Software, Inc. Customer Service
http://www.findmyorder.com”

As to be expected I followed the link to http://www.findmyorder.com, logged in and started searching for the ‘Cancel my subscription’ link. Nothing. Nowhere was there a link, button or anything else to take you to somewhere you could easily cancel an automated renewal. There seemed to be nothing else to do but to use their online email form to contact Sales and request that my renewal be cancelled. That’s where I hit the next problem – I filled in the form on their website, gave them all my details, email address etc., and clicked on the submit button. A few minutes later I got an email telling me that postmaster@webroot.com couldn’t deliver the message. For some reason they’d coded their online email form to generate an email and send it to an undeliverable address!

This is an automatically generated Delivery Status Notification.

Delivery to the following recipients failed.

noreply@webroot.com

Reporting-MTA: dns;WEBROOTGATE1.boulder.webroot.com
Received-From-MTA: dns;sv4-mta-51a.us.emailfiltering.com
Arrival-Date: Tue, 12 Feb 2009 05:52:17 -0700

Final-Recipient: rfc822;noreply@webroot.com
Action: failed
Status: 5.7.1
X-Display-Name: Sales Help

Hang on a minute. I’m sending them an email using their own online form on their own website… and it doesn’t work? Thinking it might be a glitch in the system I waited a while and tried again. Same result. Ok, so you can’t use that option to cancel your renewal. Next step – try raising a helpdesk ticket using their online support feature. That way I’d get a helpdesk ticket reference and I could track it. So off I went and filled in a helpdesk request, got everything logged and got my helpdesk ticket number. Great, I even got an automated response saying:

Your question has been received. You should expect a response from us within 24 hours.

24 hours later? Nothing. 48 hours later? Nothing. 72 hours later I got fed up and added a comment to the ticket asking them to reply. I waited another 48 hours. Still nothing. Finally, with the renewal date looming I figured there was no alternative but to call them. I found a UK telephone number for the company and then spent more of my time and money telephoning them to cancel this automated renewal. The phone call was short and sweet but the message got through and the person at the other end of the phone assured me that my subscription would be cancelled, and indeed a while later I received an email confirming it.

But then yesterday I received another email from Webroot…

Automatic Renewal Cancellation

We recently notified you that your Webroot security software would be automatically renewed. However, we are having a temporary error with our automatic renewal system.

Your Webroot software will NOT be renewed automatically.

Renew your subscription today.

Please visit http://support-uk.webroot.com or call Customer Support at +44 (0) 845 0822 498. We have extended your subscription for 30 days to ensure you have plenty of time to complete your renewal.

We apologize for any inconvenience this may have caused.

Thank you for being a valued Webroot customer!

Sincerely,
Webroot Customer Support

Maybe the temporary error was that I didn’t actually want to renew! I am now nervously watching my credit card statements in the hopes that a charge to Webroot doesn’t magically appear.

My advice to anyone who is a Webroot customer and who wants to cancel this automated renewal scheme they operate, is to telephone them, get the person’s name and get them to confirm in writing that they’ve cancelled the renewal. Then watch your credit card statement just to make sure.

And my advice to Webroot? Well thanks for a great product, but I think you need to fix a few problems with your website and to make the option to cancel more obvious and more straightforward. There was a time when I would have recommended Webroot SpySweeper to Windows users without any hesitation. Maybe now I’m not so sure.

OpenDNS, a free and useful layer of defence for your Mac

Many people switch to Macs simply because they’re fed up with the constant fight against viruses, trojans, spyware and the like on their Windows PC, and it’s fair to say that as a general rule Macs aren’t yet the victims of such attacks (notwithstanding recent reports of trojan infected pirate copies of Adobe CS4 and iWork ’09). However, more and more computer criminals are switching to different ways to try and part hapless users from their money, or at least their data and ‘phishing’ scams are proliferating everywhere.

Add to this the increasing amount of stuff on the internet you’d like to avoid, or perhaps protect your kids from, and you start to feel that a little help in this department might not go amiss. Ok, now here’s a quick techie lesson – the whole ‘internet access’ thing revolves around something called DNS (Domain Naming System) and it’s basically some behind the scenes trickery that translates web addresses that you and I can understand (and even remember) into the strings of numbers that computers use to find each other. So, you type in http://www.microsoft.com and DNS translates that into something like 123.456.789.012. Doesn’t matter what web address you enter, DNS will translate it (if it exists) and you’ll get your web page. Now the important thing here is – DNS isn’t fussy. It doesn’t care if you have young children in the house, it doesn’t care if some crook sets up a spoof website to trick you out of your ATM card PIN number, it just lets you see the web – warts and all!

OpenDNS

OpenDNS

So it stands to reason that if this DNS service is helping you get these web pages, then it could also help you by filtering out web pages that you don’t really want to see. Now there are various ways to do this, but by far the easiest way is to use a DNS service that already knows about all sorts of web pages that people might want to avoid. Enter OpenDNS. It’s a free service that already knows about tens of thousands of web sites and has categorized them into ones that are ‘safe’ or are associated with the not so nice side of the web, like… phishing sites, sites loaded with trojans and other malware, pornography sites, the list goes on. The principle is that you use OpenDNS and you tell it what categories of things you want to avoid. It then makes sure that if you deliberately or even unintentionally enter a web address that falls into one of your chosen categories, it politely blocks the request and lets you know. Result – you don’t stumble upon something you’d rather not see.

So how do you get your Mac to use OpenDNS rather than your ISP’s own DNS? Well there are two ways – you either tell your Mac to use OpenDNS (in which case it’s only the Mac you configure that’s protected), or better still, you tell your router to use OpenDNS. If you choose the router option, then every Mac (or PC or even Linux machine) can be protected in one go. Here’s how to set up the two options in a little more detail:

Configuring your Airport Extreme Base Station to use OpenDNS

  1. Go to your Utilities folder and launch the Airport utility.
  2. You’ll be greeted with an initial screen showing you your Airport Base Station (or a list if you’ve got more than one).
  3. Select your Airort device and click on the Manual Setup button.
  4. Click on the Internet tab.
  5. In the two boxes to the right of where it says DNS server(s) make a note of any values currently shown (just in case it doesn’t work).
  6. Now enter the following values in those two boxes. Enter 208.67.222.222 in the first box, and 208.67.220.220 in the second box.
  7. Finally click on the Update button and once the Airport has restarted itself you’re done.

Note, take no notice of the other settings you see on my Airport Extreme configuration screen, I’m currently using mine in ‘Bridge’ mode so my other settings may well be very different to yours.

Configuring an individual Mac to use OpenDNS

  1. Go to System Preferences and click on Network.
  2. Now choose the network interface that you use to connect to the web. This might be either a wired ethernet connection called something like ‘Ethernet 1’ or a wireless connection called ‘Airport’.
  3. If there’s already a value in the box next to where it says DNS Server, make a note of it, then delete it.
  4. Now click on the Advanced button and then choose the DNS tab.
  5. Under the large white box below the label DNS servers, click on the ‘+‘ sign and enter 208.67.222.222 then hit Enter.
  6. Click the ‘+’ sign again and enter the second DNS server address as 208.67.220.220 and hit Enter again.
  7. Finally click on the Apply button and close your System Preferences.

Don’t worry if all this sounds a bit daunting or if you’ve got a different router. The principles are the same and the OpenDNS web site has examples of how to change the DNS settings for a wide variety of routers.

Airport OpenDNS settings

Airport OpenDNS settings

Now you’ve configured your router or your Mac to use OpenDNS, the only task that remains is to tell OpenDNS what sort of websites you’d like filtered out. For this you go to the OpenDNS website and you’ll need to create a free account. Having done that, you log in to the OpenDNS website and choose Dashboard and then Settings. On the settings screen it is all pretty intuitive. You can chose from various pre-configured settings (High, Moderate, Low, etc.) or you can create your own custom settings and choose to block certain categories of website, or even individual websites. Once done, just save your settings.

Individual Mac OpenDNS settings

Individual Mac OpenDNS settings

Now you’ve set up your Mac or router to use OpenDNS, and you’ve told OpenDNS what you don’t want to see, but there’s

one final piece in the jigsaw puzzle. If you don’t have a static IP address, then how does OpenDNS know where you are and how to apply your settings to you? Well you could just log in to the OpenDNS website when you start your Mac but that would be a bit of a pain. Why not run a little utility that does it all for you? I use a free utility called OpenDNS Updater and I put it in my Login Items so that it launches every time I switch on my Mac. Just give it your login details for OpenDNS and it does the rest.

At this point you’re probably thinking his sounds too good to be true and that there’s got to be a catch. Well no, there isn’t. Does it slow down access to the web? No, not as far as I can see. What about cost – is OpenDNS really free? Well the free home service is paid for by sponsored links, but you’ll only ever see them if you enter a non-existent web address and then all you see is an OpenDNS page telling you the website doesn’t exist rather than a default page telling you the same thing.

The only time you'll ever see sponsored links is if you enter a non-existent web address

The only time you'll ever see sponsored links is if you enter a non-existent web address

So there you have it. It’s safe, it’s free, it’s unobtrusive and it works with Macs, Windows PCs and even Linux PCs, so here’s to safer surfing!

A secure document library for your Mac (part 1)

I spend plenty of time futzing* around on the Mac listening to music, watching movies and surfing the web so it’s quite rewarding when I really put it to good use. Shrinking the mountain of old paperwork that filled dozens of A4 ring binders in my study bookcase was one such project, and I now have an online, searchable and secure archive of all my old documents.

My list of ingredients for this little project were:

  • An Apple Mac (running Leopard OS X)
  • A Fujitsu ScanSnap S300M (or a flatbed scanner if you’re patient)
  • TrueCrypt (optional – I ended up using the Disk Utility built in to Leopard)
  • DevonThink Pro (optional – you can just as easily use folders and Finder if you want to)
  • Fellowes P-58Cs shredder (any good cross-cut shredder will do)

The first thing I did was to scan all my old documents using the ScanSnap scanner. While other scanners will do, flatbed scanners are notoriously slow and cumbersome given that the ScanSnap S300M can scan both sides of a sheet of paper in around five or six seconds, and can take 10 sheets of paper at a time. I wrote a little article about the ScanSnap S300M which you can find here, and if you’ve got the budget it’s bigger brother, the S510M can take up to 50 sheets at a time. The time consuming bit when you’re scanning is to give the scanned documents a sensible name. I opted for keeping it simple, sticking to a name and date wherever possible, so for example a copy of the order sheet that Amazon sent out with an item I ordered on December 3rd 2008 got named “Amazon Slip – 2008.12.03”. Generally if I’m looking for something then I’ll at least know the company or person involved and roughly the date it happened, well to within a year or so!

Fellowes P-58Cs Shredder

Fellowes P-58Cs Shredder

So the upshot of this is that after a few days casual scanning and labelling, I had a folder structure on one of my hard disks consisting of folders labelled according to subject, e.g. Amazon, Apple, etc. So far so good, all my old paperwork is now safely on disk, and indexed by Spotlight. Next job – security!

It’s all very well scanning old credit card and bank statements, but what if someone were to break in and steal your Mac while you’re out?! Not only have they pinched your pride and joy, they’ve got a load of your financial details to start making mayhem with your credit rating. Originally I tackled this problem by encrypting individual files using GoSecure. Great drag & drop utility – virtually unbreakable AES-256 bit encryption, but with hundreds of files needing to be secured it quickly became very laborious to encrypt each one by hand. More to the point, every time I wanted to look at one of these documents I had to decrypt it manually then re-encrypt it afterwards. The solution? Store all your scanned files using an encrypted disk image – basically a secure encrypted area that looks like a regular disk while you’re using it. Think of it like a little CD or DVD disk or even a miniature hard disk hidden away inside your Mac. Now I could have used OS X’s FileVault feature to secure an entire hard disk, and if you are happy doing that then it’s the way to go. However, some people think it’s overkill, and it still leaves the issue of how to secure your backups as well. More flexible options include things like the excellent (and free) TrueCrypt utility or Leopard’s very own Disk Utility, which is what I ended up using.

So, I have a bunch of scanned documents that amount to around 1.5Gb of data, and it’s likely that I’ll add to this over the coming years. What’s needed is an encrypted area big enough to allow growth, so let’s say capable of holding up to 2.6Gb? Now while TrueCrypt has lots of bells and whistles, I opted to use Disk Utility as it’s already part of Leopard OS X and it’s really easy to use, and this is what you do:

  1. Go to your Utilities folder and launch Disk Image.
  2. From the File menu, choose New then Blank Disk Image.
  3. Choose a location where you want to store your disk image. I put mine in a separate little disk partition I’ve got, but your Documents folder is as good a place as any.
  4. Give your disk image a name in the ‘Save As‘ box, and give it the same name in the ‘Volume Name‘ box too.
  5. Choose a size for your disk image, remembering that you should allow space to add more files to it in the future. I chose 2.6Gb for my 1.5Gb of files, but you can choose any custom size you like.
  6. Choose a disk format – Mac OS Extended is good for performance and Time Machine compatibility if you’re backing up the whole disk image as just one file.
  7. Encryption – now here’s where Mac OS X does the clever stuff. The default will be ‘none’ but seeing as the idea is to make it secure, choose 128-bit AES or if you’ve got a reasonably fast Mac, go the whole hog and use 256-bit AES. All the encryption will be handled on the fly by OS X when you’re using the disk – you won’t feel a thing!
  8. For the Partitions option you can choose ‘no partition map‘ and for the Image format choose ‘sparse bundle disk image‘. Sparse bundle is good as it allows your disk image to grow and shrink as required.
  9. Click the OK button and Disk Utility will get to work creating your disk image.
  10. After a few seconds you’ll see a prompt asking you for a password for your encrypted disk image. Helpfully the window will show you how good your password is – I’d recommend choosing something with a rating of ‘Good‘ or better.
  11. You’ll also need to decide if you want to store your password in your Keychain. Now while it might sound like a good idea to tick the box, you need to think about what that means. I chose not to store the password in the keychain, and I think that’s a safer setting especially for laptop users. If you do store the password in your keychain then basically if someone manages to log into your Mac, they won’t get prompted for your password when they open your disk image – now is that something you want? Depends on how strong your login password is perhaps. So my recommendation is – make the password ‘Good’ or better, do not store it in your keychain, and choose a different password to your login password.

Now that you’ve created your secure disk image, it’s very easy to mount it and start using it like a real disk. Just open Finder and go to where you created the disk image. You’ll see a ‘.dmg‘ file with the name you chose in Disk Utility, just double-click on it and you’ll be prompted for your password. That done, you have a new ‘disk’ that you can use like any other hard disk, CD, DVD etc. under OS X. At this point you’d move your scanned documents to your new secure disk area. What’s more, when you’re done you can eject the disk image if you like and your documents are safe from prying eyes until you mount the disk image again. Reboot you Mac and your scanned documents are still safely locked away until you decide to open the disk image using your password.

Disk Utility

Disk Utility

I went a step further and decided to try out DevonThink Pro for managing my library of scanned documents. There are benefits and disadvantages to using a tool like DevonThink rather than natively storing the documents and using Finder so it’s a matter of choice and I’ll cover DevonThink Pro in a separate article.

Well that’s about it – the only thing left to do is to decide on a sensible backup strategy for your encrypted disk image. As the disk image itself is a single .dmg file, it’s relatively easy to back it up and if it’s small enough you can back it up to online services like Mozy or even iDisk, after all it’s already encrypted so it’ll be pretty safe wherever you put it.

Oh and last but not least, you can now have fun shredding all your old scanned documents and putting the space you’ve gained to good use!

*In case you wondered what futzing is, the dictionary definition is: To waste time or effort on frivolities; fool. See, told you Macs are fun.