WTVN Radio • Columbus, Ohio • Sunday morning from 8 until 9

Random thought:

Give me back my mailbox!

Spam is out of control. I do a fairly good job of protecting my e-mail addresses, but even protected addresses can fall into the hands of spammers. When that has happened in the past, there's been only one solution: stop using the address, create a new address, and notify everyone who should have the address.

That's a spectacular pain, for me and for eveyone I correspond with.

When "wtvn@blinn.com" fell into the wrong hands, I thought about changing the address. But I like that address; it's the one I use for Technology Corner on WTVN. It's on my website and business cards. It's my address, after all, not a spammer's!

About that time, I heard about a service called GoodbyeSpam and signed up for a trial account. That was about a week ago. The service doesn't provide perfect protection, but it's a massive improvement over anything I've seen before because it allows the user to whitelist (always allow) or blacklist (always block) individual addresses, subdomains, and domains. It also allows the user to pass or block messages with specific words in the header, the subject, or the body of the message.

To start, you feed the service all of the e-mail addresses in your address book so that the people you correspond with regularly won't see any change. When a new correspondent writes to you, GoodbyeSpam sends a challenge that asks the sender to click a link. Since spammers often use stolen accounts and bogus return addresses, they never see the challenge; you never see their message.

	Here's my inbox status. Note that there are 2 legitimate messages, 4 suspects, and 7 spams that have already been deleted.
	At the time I captured this image, I had 400+ approved addresses, and 30+ approved domains. Messages from these people or domains will not be delayed.
	Here's a list of some of the domains I've blacklisted. Not all of these are spammers, but they are all used by spammers. If I receive only spam from a domain, I blacklist it.
	I know that airline tickets aren't free. I'm not interested in human growth hormone. Nothing is 100% free. And any message that contains "$$$$$" is sure to be spam.

Incoming messages that GoodbyeSpam can't definitively allow or reject are placed in quarantine. You can examine these messages and approve or reject them. After a few days, you'll see fewer messages in quarantine and a sharp reduction in spam. I've decided to keep using and GoodbyeSpam has even allowed me to resurrect the master address for my Roadrunner account ( ).

But I still take precautions with my address when I post in on the Technology Corner website. All it takes is a little Javascript to make an address that - to a human - looks and acts like an e-mail address invisible to a spambot. I described this process last week.

More defense

I have a lot of e-mail addresses - about 70 at last count. Most of them are just "forwarders". When a message arrives for bogus.address@blinn.com, it is forwarded to my collector address. In place of "bogus.address" I use something that will identify the address as being associated with a company or service.

Let's say I sign up for the "SmithJones" company's e-mail newsletter. Instead of giving the company my real address, I would give them "smithjones@blinn.com". All messages to that address will be forwarded to my collector account and I'll see them as I would any other message.

But if the SmithJones company turns out to be an unscrupulous spammer, I'll know about it right away. The instant I see spam addressed to "smithjones@blinn.com" I'll know that the company sold my name. I can then kill the address (no more spam) and tell SmithJones that I don't want to deal with them.

If you don't have your own domain, you can use a modified version of this strategy by giving your real address only to those you know will treat it with respect and then using a throwaway address (from Hotmail, Yahoo, or a similar service) when you sign up for products and services on the Web.

TurboTax: Friend or Foe?

Normally I say something about TurboTax in January or early February because, while there are competing tax programs, none of them ever seems to do quite as good a job as Intuit's Turbo Tax. This year, there's been a controversy surrounding the program. TurboTax has been called "spyware" and worse. I've held off talking about it until now.

Is Turbo Tax "spyware"?

In a word, no. The company tried out a copy protection scheme this year and it's one that made a number of people unhappy. When the installer writes TurboTax to your computer's disk drive and registers itself, it also writes about 1MB of information to "track 0". That's an area of the disk that I'd prefer applications not tamper with, but what Intuit did was safe.

What the copy proteciton softwate does is keep TurboTax from printing if it's installed on another computer. Sometimes groups of people buy one copy of the program and pass it around. That's a violation of the program's license and it's what Intuit was trying to solve. Users could actually still do this, but all tax returns created with the single copy of TurboTax would have to be printed from the computer where the program was first installed.

Intuit says that things will be different next year. For one thing, the company will probably be more "up front" about what it's doing. The fact that people discovered information had been written to a "hidden" part of their computer's disk drive convinced some people that Intuit was spying on them. These are probably the same folks who check under the bed each night to be sure there isn't an FBI informant there.

Intuit used an application from Macrovision, a company that makes copy protection for DVD discs. That led some people to think that the application would disable CD-rewritable drives. Despite numerous claims that this happened, nobody I know has been able to find a CD-rewritable drive that has actually been disabled by the software. In other words, it's a myth.

Earlier, I said TurboTax isn't spyware, and it's not. It doesn't collect information about the user. Activation involves creating a "hash" of information about the computer (type of disk drive, type of processor, amount of memory) and generating an ID number from that. The ID number activates TurboTax, but doesn't identify the computer or the computer user to Intuit.

So it's legal. It's not spyware. But is it smart?

The problem with any copy protection scheme is that it tends to create problems for users who buy the program, but creates no roadblock at all for pirates who buy one copy, reverse engineer the copy protection scheme to disable it, and then sell copies for $5.

Intuit says more than 3.5 million people have activated the product this year and that sales, while off slightly, haven't been greatly affected by the controversy. I think the copy protection -- at least this particular kind of copy protection -- is a mistake. It's the kind of mistake a company like Intuit can survive. But it's not something to be repeated.

So how well does it work?

I didn't actually use it this year. With a daughter heading off to college in the fall, I needed some answers quickly. And I wanted to be absolutely certain the answers were right. This year I used the service of a CPA. And -- as easy as TurboTax is to use -- sending the papers to a CPA is even easier.

When my review copy arrived, I handed it to my older daughter who installed it and completed her tax return in a single evening. Her review? "I like this tax program. It's very user friendly."

You can't ask for much more than that.

For more information on TurboTax, see http://www.turbotax.com/ (you can also complete a return on-line). And for more about the copy protection issue, see http://www.intuit.com/company/press_releases/2002/09-05.html.

Nerdly News

Will your next computer come from China?

The Legend Group manufactures personal computers in China. It's a large and growing market, but Legend is looking for more. The US and Europe figure in the company's marketing plans.

Currently Legend's sales outside China account for less than 10% of it gross, but the goal is to increase that to 25% or more by 2006. You'll soon start seeing and reading "awareness" ads. These are messages not specifically designed to sell a product but to make consumers aware of the brand.

Chinese goods are often seen as low-price, low-quality goods -- much the way products from Japan were seen in the 1950s. Legend's goal is to avoid that image. The Chinese domestic market, while large, is hampered by low wages. A typical urban family must often save for 2 or 3 years to accumulate enough money to buy even a modest desktop system.

Legend has nearly 30% of the domestic computer market in China, but hasn't done well in Hong Kong where western computers are available at discount prices. Some US computer industry experts suggest that the company will have a hard time making inroads into the US market. They say Legend might do better to court potential buyers in emerging markets.

Many motherboards and other components are already made in China and the Legend name is familiar to people who assemble their own computers. Legend was actually a government operation that was set up in 1984. The company was partially privatized in 1994, but the Chinese government owns still owns a controlling interest in Legend's parent company and that company owns a controlling interest in Legend.

Find out more: http://www.legend.com/ (click the "English" page)

Lovegate worm

WORM-LOVGATE.C may be coming your way. As the name suggests, it's a worm and it installs a backdoor program that could give attackers access to your PC.

In addition to spreading itself via e-mail, WORM-LOVGATE.C copies itself into network shared folders and subfolders. Then it opens port 10168 to give remote users to access to the system. Once it accomplishes that, it sends e-mail to notify the writer.

The worm spreads by finding an Outlook message and replying to it. Let's say I'm using Outlook (no chance of that!) and Joel has sent me a message. The Lovegate worm would reply to Joel's message with a message that says, "I'll try to reply as soon as possible. Take a look to the attachment and send me your opinion!" When Joel opens the attachment, he activates the worm.

The worm affects users of Microsoft Outlook and Outlook Express. Do you need more reasons not to use Outlook or Outlook Express? Why is Outlook the "standard" e-mail client for so many corporations. Are they really clueless? (Yes, that was a rhetorical question.)

Let us know what you think about this program! Write to:
Bill Blinn --
(wtvn@blinn.com still works)
Joe Bradley --

Joe
(Photo by Sally)

Bill
(Photo by Scampi)

Privacy Guarantee:

I HATE SPAM and will not sell, rent, loan, auction, trade, or do anything else with your e-mail address. Period.

As if you didn't already get enough weather on the radio!

If you do not see a Weather Underground banner above and you use ad-blocking software, please set your application to allow images from "www.wunderground.com" to appear.

Annoying legal disclaimer
My attorney says I really need to say this: The Technology Corner website is for informational purposes only. Neither Joe nor I assume any responsibility for its accuracy, although we do our best. The information is subject to change without notice. Any actions you take based on information from the radio program or from this website are entirely at your own risk. Products and services are mentioned for informational purposes only and their various trademarks and service marks are the property of their respective owners. Technology Corner cannot provide technical support for products or services mentioned on the air or on the website.