Loading....

LogMeIn Is Getting EXPENSIVE!!!

LogMeIn

[hr]

[info_box style=”notice”]TL;DR — We recommend SplashTop.[/info_box]

[hr]

I used to be able to justify the cost of LogMeIn to our clients.  The benefits and convenience of being able to access your store computers from home are tremendous.

When LogMeIn went from free to roughly $100 per year, it was still a justifiable expense.  This year though, it’s gotten out of control.  Take a look at the pricing increase between 2014 and 2017:

[hr]

LogMeIn Pricing Increase
LogMeIn Pricing Increase

[hr]

$600 for LogMeIn’s “5-pack” subscription.  While I feel ease-of-use, as well as security are key benefits, these benefits can be found elsewhere.

As of now, The Computer Peeps officially recommend SplashTop to our clients.  For $16.99 per year, our clients can easily and securely access their store computers from home.  Simply install the SplashTop Streamer app on your store computer(s), then install the SplashTop Personal app on your home computer(s).  There are also apps for Android (free), iPhone ($2.99), and iPad ($6.99).

Peeps’ Email Tester Utility

Peeps' Email Tester

What Is This?

This is a utility that lets you easily test and verify if your email settings are working properly.

[hr]

Peeps' Email Tester
Peeps’ Email Tester

[hr]

Who Wrote This App?

Dean @ The Computer Peeps wrote this.  🙂  It took about a day, much of that spent watching tutorials, reading, understanding, and practicing.  This app is written in Visual Basic using Visual Studio 2010.  It is compatible with Windows XP on up.

Why Did You Make This App?

One of the most common issues store owners encounter, is whether or not their email settings are correct.  Many of the major consignment programs have had and continue to have problems sending emails.  We frequently help store owners who have been told it’s them, it’s their settings, it’s their email provider, etc.  Basically, everything but the consignment software.

So this utility lets a store owner easily prove if their email settings work properly and if they can send email from their current location.

Also, two of the  major consignment software vendors avoided adding support for secure email servers for years.  It took one line of code to enable SSL:

[hr]

Enabling SSL
Enabling SSL | Click to Enlarge

[hr]

Now, the vendors might cry and moan about a variety of things – e.g. “You just copied and pasted this code!” or “You don’t know what it’s like to have to update existing code!”  This application was written from scratch, by hand — not copied and pasted.  Did I have to watch a few videos and practice a few times to grasp everything?  Yep, but guess what — I’m not a programmer who you paid $1,200 to for professional software.  I’m just a person who knows how lazy cheap programmers the consignment software vendors can be.  Their customers should know that no, it doesn’t take days or weeks to write code that can send email using SSL/TLS.  The people in a position to know this — i.e. the vendors — have a responsibility to know about these things ahead of time and to be proactive vs. ignoring things until finally, hundreds of users are affected.

How Much Does It Cost?

It’s free!  Nada, nunca, nothing.  🙂  To obtain a copy of this utility, give us a buzz @ (888) 374-5422 or send us a message through our Contact Us form.  This utility requires no installation and runs from wherever you download it to.

Notable Mentions

  • This utility utilizes SSL/TLS, when a secure port is specified.
  • This utility requires no installation – i.e. it’s portable.

 

How Can Pushbullet Benefit Consignment and Resale Store Owners?

Pushbullet

What the Heck Is Pushbullet?

Pushbullet is free software which you install on your mobile devices, desktops, and/or as a plugin in your web browser.  You can even access Pusbullet online without installing any software.

Once installed, Pushbullet lets you “push” things from one device to another, or one device to ALL devices.  You can also send and receive SMS messages from your computer, without ever having to touch your phone.  🙂

[hr]

How Do I Sign-up for Pushbullet?

Visit https://www.pushbullet.com/.  You don’t even need to create an account.  You can securely sign-in using your Facebook or Google account.  Dead-simple.

[hr]

What Can I Push?

Text, pictures, and links.  As mentioned above, you can also send and receive SMS messages from your computer.

Pushbullet also has Channels you can subscribe to, to receive alerts from your favorite companies.  See The Computer Peeps’ Pushbullet channel below.  🙂

[hr]

How Can I Use This In My Consignment Shop?

Maybe it’s just a message.  Let’s say, you’re at home and you remember, “Crap!  We didn’t put up our sale signage!”  You could simply push a quick pop-up to all of the computers at your store, to let your employees know they need to get the signage up before the store opens.

[hr]

[hr]

Or maybe an employee is at an in-home buyout and has a question about a set of items.  Instead of texting you and you possibly missing the text, they can push the picture with a note to all of the computers at the store.  You’d see the pop-up no matter which computer you’re at or which device you’re using.  🙂

Pushbullet also mirrors your mobile devices notifications, so if anything happens on your phone – e.g. new voice mail, a notification from a specific app, etc. it’s immediately mirrored to your computers:

[hr]

Pusbullet Notification Mirroring
Pusbullet Notification Mirroring

[hr]

Who the Heck Develops Pushbullet?

A team of developers who are transparent with their product/service and who actively participate in community feedback for both feature requests, as well as bugs.  Something the major consigment software vendors could definitely learn from.

[hr]

Is Pushbullet Secure?

As with any 3rd party service that interconnects devices through the Web, security is a concern.  Pushbullet recently added end-to-end encryption.  This says a LOT about the company and its developers, considering the consignment software vendors sell their software for $1,000+ and they don’t even encrypt your (and your consignors’ + customers’) data as they upload it from your computer to the Web.  🙁

If you utilize Pushbullet for sending and receiving texts, any images you send are hosted on their servers.  Users have raised concerns about both privacy, as well as accessibility.  Pushbullet utilizes obfuscation to make ‘guessing’ image names virtually impossible.

Just remember, your Facebook and Google images are also 100% public, so if someone knows the URL, any of your private images are 100% available to the public.

[hr]

Pushbullet Channels

Pushbullet lets you ‘subscribe’ to Channels.  So you can subscribe to a Channel and as soon as the Channel posts a new message, blog entry, etc. you’ll be instantly notified on all of your devices!

[hr]

Peeps' Pushbullet Channel Notification
Peeps’ Pushbullet Channel Notification

[hr]

The Computer Peeps have already established a Pushbullet channel for store owners, so if you’d like to be notified the instant The Computer Peeps post a new blog article, you can subscribe by clicking the following button:

[hr]

The Computer Peeps' Pushbullet Channel[hr]

As always, if you have any questions or if you’d like to know how Pushbullet can help your consignment or resale store, feel free to comment below, send us a message on our Contact Us page, or give us a buzz toll-free @ (888) 374-5422.

Heading To Scottsdale for the NARTS Conference? Keep Your Connection Secure With Private Internet Access

Private Internet Access - How It Works

Are you heading to the NARTS conference in Scottsdale, AZ this year?  If so, how you connect to the Internet while you travel, is something you should be aware of – i.e. your connection is likely not secure.

First and foremost, if you connect to a public/free WiFi hotspot, you need to know that all of your network traffic can be captured.  There are a variety of things an attacker can do, when he or she has control of your network traffic:

[checklist]

  • Trick you into visiting fake, malicious sites.
  • Collect your sensitive passwords.
  • Collect credit card information.

[/checklist]

Even if you’re not on a public WiFi connection, your ISP or whoever manages the connection, can see any website you visit.

If you’re connecting to a network that is not your home or business network, or if you don’t want your browsing activity to be viewable by your ISP, we recommend utilizing a VPN (Virtual Private Network).

What the heck is a VPN?  A VPN creates a secure, virtual ‘tunnel’ across the Internet, through which your network is transmitted.  This prevents malicious attackers from seeing your network traffic as you connect to the Internet and other networks.

Which VPN do you recommend?

There are a variety of VPN options out there and a variety of situations to consider, but for a simple, easy, secure connection, we typically recommend Private Internet Access.

They have a great video that explains exactly what Private Internet Access does to keep you protected:

[hr]

[hr]

Private Internet Access or PIA, is available for the following platforms:

[checklist]

  • Windows
  • Mac OS X
  • Android
  • iOS

[/checklist]

PIA is dead-simple to use – just click Connect… that’s it…

[hr]

Private Internet Access

[hr]

PIA alone, is not enough to keep a device secure, but it does provide you with a secure connection when you have to connect to public networks.

What are some other security tips you recommend?

[checklist]

  • Prey – Locate your laptop, computers, phones, and tablets if they’re lost or stolen.
  • Device/Disk Encryption – If someone gets your laptop — it doesn’t matter if it’s a Mac or PC — all of your files, are fully accessible.  It means absolutely nothing if you have a password — all of your files can be viewed and copied directly from your hard drive.  There are a variety of disk encryption options out there and we could dedicate a post to just this topic.  Newer versions of Android and iOS are encrypted by default.  Many mobile OSes allow you to enable encryption, if it’s not enabled by default.  There are also 3rd-party encryption programs, such as the final build of TrueCrypt.
  • Antivirus – I don’t care if you’re running Windows or Mac OS X, you should be running antivirus, period.  If someone tells you otherwise, they’re being cocky and they likely are not personally responsible for your computer’s security.  Not just any antivirus either.  Stick with one of the top-performing antivirus solutions — we typically recommend ESET NOD32 Antivirus.  Whatever you do, do NOT use Microsoft Security Essentials.  It does not work and anyone who recommends it, well, they should stop doing that – they’re 100% incorrect.
  • Do Not Use Internet Explorer or Safari – Our first recommendation, is Firefox.  Some people have been falsely told that “Chrome is the best, install it and you’re secure!”  We hope to dissipate that notion.  Chrome is definitely a better alternative to Internet Explorer and Safari, however, simply switching to either Chrome, or Firefox, is not enough.  You need to be concerned with ad-blocking, Javascript blocking, and malicious changes to your browser, as well as click-jacking.  This is why so many Mac users are getting their browser nailed with malware.  Instead of letting a website just run whatever it wants in the background (and no, this isn’t stuff you have to enter a password for), you should stop all websites from running anything and only allow websites you truly trust.  Right now, you’re letting any website you click, run wild.  It’s much better to take the option of NO website can run wild, except for the ones you explicitly trust.  This is why we typically recommend Firefox, as the NoScript + uBlock/AdBlock Plus/AdBlock Edge + Public Fox combo is hands-down, the most effective Web Browser configuration @ preventing unwanted downloads or changes in/to the browser itself.
  • Do Not Login As Admin/Root – Whether it’s a Mac or PC, it is better to log in as a ‘restricted’ account, instead of a user that has full access to do anything to your system.

[/checklist]

As always, if you have any questions, don’t hesitate to call us @ (888) 374-5422.

[hr]

Featured Image Source: Private Internet Access

Free Hard Disk Health Monitoring Software

Acronis Drive Monitor

Why is hard disk health important?  Your hard disk is an integral part of your computer.  It’s where your operating system resides — e.g. Windows — as well as your programs and files — e.g. your consignment software, your consignor/inventory database, etc.  Your backups might also be stored on a hard disk, albeit external.

Hard disk health can be tested and monitored.  Acronis Drive Monitor is free hard disk health monitoring software from trusted backup software developer, Acronis.

[hr]

Acronis Drive Monitor

[hr]

With ADM, you can configure email alerts when your hard disk’s health declines, if it reports errors, or overheats.

[hr]

Acronis Drive Monitor Notification Options

[hr]

CrystalDiskInfo is another free utility, which can be utilized to test your hard disk’s health.

We wanted consignment and resale storeowners to know they can be in a more-proactive position, by actively monitoring the health of their hard disk(s).  By monitoring hard disk health, you can minimize down-time and be proactively alerted to potentially catastrophic issues.

AOL Data Breach, User Data Stolen

AOL Logo

AOL is reporting a massive data breach which affects a “significant amount of users”.  AOL is recommending users change their passwords immediately.

According to AOL’s Security Team:

This information included AOL users’ email addresses, postal addresses, address book contact information, encrypted passwords and encrypted answers to security questions that we ask when a user resets his or her password, as well as certain employee information. We believe that spammers have used this contact information to send spoofed emails that appeared to come from roughly 2% of our email accounts.

If you utilize AOL for your consignment software’s email functionality, or for your personal email, please be sure to change your password right away.

LogMeIn Free No Longer Available

LogMeIn Free Discontinued

LogMeIn develops remote access software.  They have traditionally provided a free version of their product — LogMeIn Free.  As of January 21, 2014 though, LogMeIn Free is no longer available.

According to a post on LogMeIn’s blog:

After ten years, LogMeIn’s free remote access product, LogMeIn Free, is going away.  We will be unifying our portfolio of free and premium remote access products into a single offering.  This product will be a paid-only offering…

We still feel LogMeIn is a great solution for clients who need to connect to their store computers (or home computers) while away.  LogMeIn’s current pricing covers 2 computers for $49 per year.  If you only utilize LogMeIn once or twice to check on something while at home, it’s worth not having to drive to the store at night.  🙂

As always, if anyone has any questions, just let us know!

SourceForge Injecting Malware In To Software Installers

SourceForge Malware

A popular and long-standing software download site, SourceForge, is injecting malware in to its software installers.  If you go to Google and search for ‘free whatever software’, chances are you’ll stumble upon SourceForge.

For example, if you attempt to download a popular FTP program, FileZilla, you will not be receiving an installer for just FileZilla.  Instead, you’ll find an installer loaded up with adware and malware.

If you’re utilizing ESET Nod32 Antivirus, it detects the installer’s injected payload:

[hr]

ESET Detecting PUP on SourceForge
ESET Detecting PUP on SourceForge

[hr]

So it looks like SourceForge has gone the same route as CNET.  I have personally avoided both sites for years and if you’re looking for installers for common programs, Ninite is a legitimate solution.

Antivirus Alone Isn’t Enough

Securing consignment systems involves more than just installing free antivirus software and hoping all goes well.  Antivirus alone isn’t enough when it comes to securing or ‘hardening’ a consignment system.  For this first and most-basic layer of protection, we recommend ESET Nod32 Antivirus.

Don’t just download and install Nod32 and think all is well, oh no.  Please take the time to configure ESET, from logging of all objects, to storing logs for 365 days; to enabling the appropriate modules, to password protecting settings.

Configure ESET As Per the PCI DSS

You can’t stop at just antivirus.

The user you log in to Windows as should not be an Administrator.  Configure a restricted account and appropriately configure your Windows NTFS Permissions to allow your consignment software and other applications to run.  Harden your operating system – e.g. disable hidden admin shares, configure Group Policy, etc.

That’s still not enough.

We recommend utilizing Firefox, not Chrome or Internet Explorer.  Chrome relies on Internet Explorer’s settings, so if those settings are ever targeted and compromised, Chrome is also infected.  For Firefox, implement the following add-ons: NoScript, AdBlock, and Public Fox.  The final of those, providing you with a way to password protect your settings, block downloads, and prevent browsing history from being cleared.

Implement the built-in web filtering + monitoring service within Windows known as Parental Controls.  This involves installing the Family Safety pack and registering for a Windows Live account.  Once implemented, you can view all web activity, block sites, and prevent malicious content from being accessed.

That’s still not enough though.

Implement a new set of DNS servers at your Internet gateway.  Comodo is a bit strict, but for a consignment store actively browsing the Internet, strict is good.  OpenDNS is also great for catching malicious domains and content.

It can keep going from there too.  If you have Adobe Reader, Adobe Flash, Java, etc. installed, Patch Management really is the only way to keep those programs updated 24 hours a day.

The point is, antivirus alone simply isn’t enough.

[hr size=’big’]

Here’s a handy checklist for consignment store owners:

[checklist]

  • Utilize ESET Nod32 Antivirus + configure as per the PCI DSS.
  • Do not log in to Windows as an Administrator
  • Further secure the operating system via Group Policy
  • Implement Microsoft’s web filtering/monitoring via Parental Controls
  • Utilize Firefox.  Install NoScript, AdBlock Plus, and Public Fox.  Password protect Firefox via Public Fox
  • Implement secure DNS servers, such as Comodo or OpenDNS

[/checklist]

Internet Explorer 10 Update Failing

IE Fail

This week’s Internet Explorer 10 update (KB2828223) has been failing left and right…

[hr]

IE 10 Update Failing
Click to Enlarge

[hr]

The subsequent result is Windows failing to start in Normal Mode upon reboot.  Forcing the system off and potentially booting the system into Safe Mode, is required in order to overcome the “stuck” system.  Upon a subsequent reboot, the system shows it is “failing” the update and rolling it back…

[hr]

Failure Configuring IE 10

[hr]

For clients on our System Monitoring service, we’ve disabled the IE10 update across the board and will manually address any installation issues.

We tracked 31 IE10 update failures this week…

[hr]

IE 10 Failures[hr]

If you do not have Patch Management in place, be sure to keep up to date with the weekly set of Patches coming from Microsoft.  These are released every Tuesday and in days prior, Microsoft releases the official announcement for each update.  This gives you the chance to manually test updates on one system, before rolling-out updates across each of your systems.

If you come in and find your computer “spinning its wheels” in the morning, we recommend giving it at least 15 minutes to ensure it truly is stuck.  If the system is unable to start Windows, the only option is to power-off the computer.  Let it ‘rest’ for a minute, then power-on the system again.  If the system is able to either recover and reprocess the update OR if it’s able to properly “fail” the update and rollback the system, then you should be able to proceed into Normal Mode.  If the system cannot recover, booting into Safe Mode With Networking is most-likely the next step.

As always, if you have any questions, let us know!

Back To Top