Bittorent Series Part 4 of 4: Make your own torrent

Creating your own torrent file and uploading it is a snap. In this final part of my torrent series I'll be walking you through the setup process of a publicly available torrent file anyone can download.

A great thing I've always loved about P2P file sharing is the active and necessary role people play to create an infrastructure of freely available content. No knowledge of how P2P works is necessary to benefit from its availability. By uploading your own torrents you take an active role in the free distribution of information. Torrents are not always comprised of pirated software and illegal movies. They can be custom compilations of your favorite freeware programs, a film you recently produced you'd like to distribute, or old books you recently converted to pdf's. Whatever it may be you can torrent just about anything. If your looking to upload an extremely popular torrent, a "public torrent" is ideal for you.

Step 1: Account Setup

First, you will need to create an account with a torrent search engine. In this tutorial were going to use Utorrent as our torrent client of choice, and btjunkie.org as our torrent search engine.

To do this, go to btjunkie.org and click the member link:




Next, click the sign up link:



You will be taken to the account creation page:



You will need a vaild email address for this. You will be sent an email verification. In that email, you will need to click the "verify account" link. Now your ready to begin uploading torrents.

Step 2: Creating your first torrent file

Before we move on, I'd like to take a second to explain how this next part works. If you already understand how torrent metadata works then skip this explanation. I'm going to refer back to my analogy I used in Part 2 where I associated computers and internet connections as businesses connected by roads and freeways. Think of a torrent file as an informational roadsign along one of these roadways. This sign will guide people to your store. When you create a "torrent" file, what your doing is setting up a roadsign that tells others several important pieces of information:

1) Where the computer or server containing the file is located.
2) Where the file is located on said computer or server.
3) What torrent tracking servers will be paying attention to this file.
4) Is this torrent private or is it public.

So again, a torrent is not the actual file you are sharing. It is a file containing the information a torrent client will need to locate desired data as it exists on one or multiple computers. In this case, since you are creating a torrent to share a file on your computer, you will be the sole owner of that file until another person completes a download of your file. They will then become a "seeder" of that file and begin uploading in the same way you are.

So lets begin shall we...

Open Utorrent, click the "File" menu, then click "Create New Torrent" from the drop down menu. You can also do this by using the hotkey "Ctrl + N" :




Don't be intimidated by the next window:



This is where we actually create our roadsign. Since we are creating a basic public torrent file we only need to follow 4 steps:



Step 1
Locate the file or folder you want to share with others by clicking the "add file" or "add directory" button. This can be a compressed archive like a zip file or rar file, program executable, movie, anything. I have a collection of great PC technician tools I'd like to share with others that I've compressed into a single rar file.

Step 2
This part can be a little tricky for some. We're going to add a tracker server address for your torrent. . A torrent server address looks like any other website address (http://blah.com:80) with a port number appended to it. I've included a short list of working torrent tracker addresses you can use to get you started. Simply copy and paste one or more of the addresses found below into the the step 2 box shown above. Be sure there is a space separating each address or utorrent will not recognize the address:

http://denis.stalker.h3q.com:6969/announce

http://tpb.tracker.prq.to/announce

http://tracker.prq.to/announce

http://tracker.torrent.to:2710/announce

http://tv.tracker.prq.to/announce

*SPEED BOOST TIP: If your downloading a torrent with a low amount of seeders you can add more by adding additional tracker addresses to the torrent file to give you a possible boost in speed. Simply right click on your download and go to properties. There you will find the tracker server list which you can modify by adding any number of tracker address.

Step 3
Ensure that the "Start Seeding" check box is filled. This will start seeding your torrent the moment it's created.

Step 4
Now your done. You can click "Create torrent" and save it as a descriptive file name that will help tell people what your torrent is. Since this is not the title people will see when they search for your torrent there's no need to include a large file name.

Step 3: Make your torrent available to others

Just a quick note. If you'd like to share your torrent with a small group of friends rather than make it available to anyone able to search btjunkie, you can email the torrent you just created to a friend. Once they receive the torrent they can begin downloading your file immediately. For those familiar with FTP services this feature could serve as an alternative in some situations.

Let's go back to btjunkie.org and login to your account by going to the members section then enter your username and password. Once logged in, the upload feature will be available to you:



Click upload and you will be taken to the upload page:




Step 1
Click browse and navigate to the torrent you just created.

Step 2
Create a label for your torrent that search engines will use to identify your torrent. It helps to make your description long containing keywords that may help your torrent show up in more searches. For example, I called my file "Great PC utilities Memtest 0&O defrag Anti-Malware". If someone searches for any of these terms my file will show up in their search.

Step 3
Select the Category you'd like your torrent to fall under. This helps users find your torrent easier when they refine a search to include a specific category.

Your almost done. Enter a Capcha then scroll dow and click the verification bubble, then hit upload. After the upload completes you should see something like this:



And thats it. After a few hours or so your search will eventually start showing up in btjunkie.org.

Conclusion
If you have read all 4 parts of my Bittorrent series, you should have a much better understanding for how torrents work and how to utilize them as a valuable resource. I recommend doing your own research on torrents since the topics I wasn't able to cover in this tutorial are NUMEROUS!
Torrents are merely the latest evolution in P2P file sharing. It's hard to say what direction the free distribution of information will take in the coming decade but its very exciting to know it can only get better from here. The file sharing provides some valuable tools for learning which no individual should be restricted from or hindered by.

Part 3 of 4: Hunting torrents

These days its fairly simple to find torrent files on the web. The growing availability of torrent search engines make it easy for anyone to find the latest movie releases and high priced computer software. Finding the correct torrent to download can sometimes be a mine field of follies. A search for a very popular torrent might yield dozens of results with the same heading. Among them usually 2 or 3 of these files you can be fairly certain will be free of virus's, work without a hitch, and finish quickly. In part 3 of my torrent series I'm going to cover some of the basics on finding and choosing torrents. I'll also introduce the topic of Private Torrent Trackers and why they are private and what you can gain by using them.


Step 1: File Size

For those new to torrents you really only need to be aware of 3 things. The relationship between seeders and leechers, a basic knowledge of file sizes, and process of elimination. Seeders and leechers serve as the foundation for why torrents work so well and why they are so controversial. If you need to know more about seeders and leechers click here.

For this how-to, I'm going to do a torrent search on btjunkie.org for Windows 7:



This is a nice result on my search. An easy way to eliminate what is NOT the torrent I'm looking for is to take a look at the file size. Since I know windows 7 is a large Operating System distributed on a DVD, I can instantly rule out files smaller than 2GB. The same process can be applied to Movies as well. But we will address that later.

Step 2: Seeders and Leechers...

I've read quite a few articles on what the ideal amount of seeders and leechers should be. Although some say it's debatable, you ideally want more seeders than leechers. If that is not an option, the closest you can get to a 1 to 1 ratio is usually best since this will give you a large pool of sources to download from without too much strain on each source. So lets apply this to our results. You can see the first result on the list has more seeds (sources) but significantly more people downloading it (leechers) the ratio here is about 1 to 1.3. The next one down is slightly more in our favor since there are more seeders than leechers here. Both offer good speeds and since a large amount of people are circulating this file, it must mean that this is a fully working copy of windows right?

Step 3: The all important comments section

When I click on the first file in my list, I get taken to the torrent details section:




At the top we see the torrent trackers hosting this file, the size of the file, the date added and so on. As I scroll down a bit I start to enter the all important comments section. This is where you can save yourself a lot of wasted time. By reading through the comments on this torrent



They didn't say some very good things about this file. By taking 15 seconds to read this section, I just saved myself an entire evening of disapointment not to mention a wasted DVD-R. READ THE COMMENTS OF YOUR TORRENTS. This is all important and very easy to do. Some torrents can also be password protected and a quick visit to this section may reveal the information you need to unlock your torrent.


Side Note
Now how does this apply to movies you ask. There are several types of movies you'll encounter in the torrent-verse. Workprints, screeners, dvd-rips, SVCD/VCD, and dvd-copy. Depending on how much time has gone by since the movie release, your movie will be in one or more of these formats. Before a movie goers have a chance to sit in a theater with a video camera, private showings for producers, film critics and big executives take place. Production companies will use what is known as A "workprint" or a digital cut of the movie to distribute for this purpose. You've probably seen this happen with movies like Wolverine: Origins where you were able to watch the movie start to finish even though it was clearly still in post production. Any time your watching a good quality movie before its been released in theaters your watching a workprint.

Workprints are torrents really worth hunting for. Workprints are not as common as Screeners but its worth the work if you find one since there is a clear difference in quality. The remaining formats I previously mentioned are good to familiarize yourself with. If your interested in more information on DVD-rips and VCD's I've provided some good resources below:


SmartRipper, a great freeware VOB file copier
A staple piece of software for DVD-rippers
Great guides for DVD-ripping
Not Freeware, Fully featured complete movie conversion suite that takes out all the guess work. I rarely recommend software you have to pay for but this tool really pays for itself in the amount of time you save.

Private Torrent Trackers: How they help, How they hurt

In the ol' days of file sharing, people would scour IRC, Bulletin Board Systems, and newsgroups to get their hands on the latest and greatest in pirated software even before there was such a thing as pirated software. On their dial-up connections, they spent thousands of hours downloading what would take us minutes to download now. Although the learning curve of finding these files has greatly diminished, avid and impatient file downloaders of the present take painstaking measures to be the first to find the latest leaked version of pirated software. They then make it their personal mission to distribute these files to the masses.


This may sound a bit shady, but believe it or not, there is a slew of Private torrent sites that allow you to browse through a collection of user posted torrents you may not find on larger torrent sites like thepiratebay.com and mininova. These Private trackers maintain a database of registered users and will require you to register an account with them before you can access their resources. There is also an even more elusive side to torrents that still uses the IRC format to communicate and send private torrent invites from their hosted trackers. This is an aspect of torrents I do not recommend beginners get involved in.

Pivate trackers exist is to allow the groups responsible for leaking or cracking files several layers of anonymity. By dispersing these files to a handful of cautious and experienced individuals, the direct link between the file and the distributor is broken. The file can then continue to be distributed by just about anyone that participates torrent file sharing. At this point, thousands of people are sharing the file and no one really knows where it really came from. Groups will often tag the file with their group name but their real identity and physical location remains unknown. This process is not a product of over zealous hackers indulging their ego, this is actually a necessary part of torrent sharing.

So if its necessary, how does it hurt the torrent process?
By segmenting torrents into private servers, similar torrent files exist on multiple servers. For instance, you may have 2 or more Windows 7 torrents that are essentially the same torrent in every way but tracked separately on private servers. By porting this collection of torrents over to a single torrent file with a complete list of trackers, you can eliminate superfluous files. This would basically allow a tracker to pool seeders and leechers that would otherwise exist separately on private servers to a single torrent. Torrent files with 0 seeders 0 leechers would diminish and your files would download faster. Basically, private servers, although necessary, are unfortunately inefficient and clutter the internet with extra stuff we don't need. But clutter is nothing new for the web now is it.

Part 2 of 4: Configuring Utorrent

In this post I'll be covering concepts of torrents and provide you with some useful tips on how to configure utorrent to help keep you under the radar while maximizing bandwidth.

When you first install utorrent you'll be asked to do a quick speed test and define the "port" you'd like utorrent to utilize. The window I'm talking about looks like this:




This area of Utorrent allows you to do two things. One, define and test your "port" which others with use to connect to you. And two, perform a speed test giving you valuable information you will need later in this tutorial.

Now some of you may be asking "what the heck is a port?". Well to put it the simply, think of your internet connection like a freeway, ports like a big valet parking lot, and your computer as a store where other computers pull up to your store. When you browse a web page or start a download, a car pulls up to your store. The valet attendant takes the drivers keys, makes a note of the car, and what stall it will be parked at. Then the driver and his passengers enter your store. When this lot fills up, your store becomes very cramped making it difficult for people to move around in. By telling Utorrent to use a certain number of ports, it makes the valet attendant's job much easier and keeps your store from getting to cramped for your customers. Simple right!

Step one: Determine Your Speed

Upon installing Utorrent you will be shown the window I previously mentioned. Otherwise you can access this window by opening Utorrent, and clicking Options >> Speed Guide.
Why is knowing your bandwidth so important you ask?
As a torrent user you face the balancing act of maintaining excellent speed without the over consumption of resources. If your a casual downloader of a few torrents a week, this part will not be so crucial for you. But if your consuming over 10gb of space a week you may want to take some time doing the math.

1) Take a second to open the Speed Guide in Utorrent and click on the "Run Speed Test at dslreports.com" button.

2) Once the web site opens, click the first test called "flash 8 plugin speed test".

3) Next your going to be shown a list of servers. Since we want to find out our maximum potential bandwidth we want to pick a location closest to us. Because, I am doing this test in Oakland, I'm going to select the Server in San Francisco to perform my bandwidth test:



When your test finishes, it will display your approximate download and upload speed. You'll want to write this down for later use. With this information we can move on to step 2.


Step 2: Configure port usage and bandwidth

In this step were going to tell Utorrent exactly how much of our available bandwidth we'd like to use and how many "parking spots" or ports it will use at any given time. I'd like you to pop into utorrrent's preferences menu:




Select Bandwidth from the left side of the window:



Questions you may be asking yourself at this point is "Won't reducing my download speed slow my torrents? What do I have to gain from reducing the speed?" Very valid questions.

The answer is simple: The combined speed at which all of your torrents are downloading will never reach the overall maximum bandwidth of your internet connection. Limiting Utorrent's bandwidth usage is important if you have 2 or more computers on your network. Moreover, if your using anything less than a cable internet connection, other applications that use an internet connection will become completely unresponsive. If your the only person on your network using a high speed internet connection and don't have a problem with dedicating all of your bandwidth to torrent downloads its your call.

So how do we determine what our optimal bandwidth usage should be?
Well, since our speed test result was in Kilobits and the setting we want to change in Utorrent is measured in Kilobytes, we need to convert kilobits to kilobytes. For more info on the relationship between kilobits and kilobytes pay a quick visit to this article @ speedguide :

A little bit of math is required for this

your download result from the speedtest / 8 = kbytes /sec

ex. My speedtest download result was 8017 Kbits /sec. I can round this off to 8000 Kbits /sec to simplify things, then divide it by 8 to get 1000 kbytes /sec.

My maximum bandwidth is roughly 1000 kbps.

A good download speed for Utorrent is about 75% to 85% of your maximum bandwidth. So, since 80% of 1000kbps is 800kbps I am going to use 800 for the setting here:



Ill rarely hit this limit but it can become important to set one when your downloading 5 or more torrents at once. *See bottom of this post for an advance tip on really opening up your bandwidth.

We can use the same process to determine our maximum Upload rate also. Using the "upload" results from your speed test, we can determine the ideal maximum upload speed the same way we determined our maximum download speed. After you have completed the conversion, plug in the number in the "Maximum Upload Rate" box.


Next, were going to tell Utorrent exactly how many ports to use for uploads and downloads.

A big problem I notice with torrent downloading is excessive port usage. This is where the relationship between ports and bandwidth becomes very clear. If you live in a house with many people on the internet at once, your roommates are probably getting down on you all the time about your downloading habits. The the internet slows to a crawl when your pulling torrents and they can't even access their email. You've tried time and time again to reduce your maximum bandwidth but still have trouble with this. Reducing your port usage in Utorrent can solve this problem once and for all. With the right amount of reduction you will never see the slightest bit of slow down for your torrent downloads and still allow for others on your network to browse the web uninterrupted.

Why does this happen you ask?
Well lets refer back to our parking lot / store analogy. Think of the internet as a collection of stores, and the roads linking those stores as internet connections. Regardless of how big of a freeway you have connecting your store with others, your valetparking lot can only take so many cars. When your parking lot fills up with cars, the parking attendant is going to get very confused and frustrated. Your router in this analogy is a combination of the vallet attendant and the parking lot and becomes a bottleneck when managing torrents. By limiting the amount of parking stalls Utorrent uses, you leave space for other stores (computers on your network) to use the same parking lot. Also relieving a great deal of stress on your parking attendant.

Now that you have a fair idea of how ports work lets play with this setting in Utorrent. To find the best amount of ports to use for your torrent downloads and uploads you'll have to rely on simple trial and error. A good starting point for port reduction is to set the "Global Maximum Number of Connections" setting to 70:




So now that we have gone over some really important topics and laid some good ground work to make utorrent more efficient, lets take a look at how we can make utorrent more secure.

ISP's, government organizations, and digital media corporations have been trying to find ways to regulate Peer-to-Peer filesharing for a long time now. Yet each time they find ways to profit from file sharing or prosecute participants of file sharing, programmers and hackers find new ways to keep information freely available to anyone willing to learn how to get it. Currently, torrents are being tracked and regulated in two ways:

1. ISP's monitoring torrent traffic and limit the amount of traffic of this type.
2. Organizations will create fake torrent seeders and lechers to dupe your torrent client into connecting to one of these servers. Once connected, a record of your IP address and your downloading is created.

There are solutions for both of these problems that will reduce the risk you take when downloading torrents. I say reduce because unfortunately nothing is full proof on the internet.

Step 2: Setting up your Security

Preventing your ISP from limiting your torrent traffic is as simple as clicking a check box in Utorrent. Open your Preferences menu and select Bittorrents from the list. Next, click the drop-down menu under Outgoing Protocol Encryption and select enabled:




Click apply then restart utorrent. Your outgoing traffic will be more difficult to detect by your ISP. .

Next, were going to setup what is known as an IPfilter. This step is optional since it also does not have any effect on your torrent speed and is a bit harder to do than previous topics. For a complete how to on setting up IPFiltering for Utorrent click here.

Basically, the IPfilter is a list of known server IP address's that pose as fake seeders and lechers. Utorrent will flag these IP address's as harmful and will refuse their connection attempts. The list is very extensive and contains tens of thousands of IPs. The list can also be updated. For those wondering if its worth the time spent to set this up, it really depends on the amount of torrents you download. I feel anyone willing to spend the time doing this will benefit from using an IPfilter but this step will have no affect on performance.

Last but not least if your running firewall software we need to make sure Utorrent is able to make connections unrestricted. Adding an exception will definitely have an affect on your torrent speed and will allow more seeders to give you the data you need to complete your download.

Allowing unrestricted interaction between utorrent and your internet connection will require a "firewall exception". By default, utorrent has a setting under Preferences >> Connection >> Add exception to windows firewall enabled by default. If you have windows firewall enabled, Utorrent will place an exception in windows firewall the moment its installed. Its best to refer to your firewall documentation to find out how to add an exception.

Many of the topics I have covered today can also be found at the utorrent connection setup page.

Advanced topic: Change the maximum TCP/IP Connections per port. Refer to this great how-to on opening up the maximum number of TCP/IP connections in windows.

Part 1 Cont: Mac Torrent Client

Sorry Mac users I assumed utorrent was great for both Mac and PC but it looks like the Mac version of utorrent left out a few things. There is however a freely available program called Transmission is just as small and feature rich as utorrent for Windows.

Transmission has a few nice pluses that the Mac version of utorrent lacks such as rss feed support and selective file downloading for multi-part torrent files.

You can find transmission here: http://www.transmissionbt.com/index.php

Bittorrent Series Part 1 of 4: Choosing the right torrent client

I'll be writing a four part series this week that will address our favorite source for everything digital. Torrents! If your not already familiar with what a torrents are and how they work click here!

Torrents are a bit of a gray area when it comes to the theft of intellectual property and without going into a heated debate, I will say that this series is for educational purposes and warn users that unauthorized downloading of licensed software can lead to criminal investigation and up to a $250,000 fine.

Many of you have used torrents for years now and have settled on a bittorrent client that you feel pretty comfortable with. Though at some point you may have asked yourself "why is my computer running so slow when I'm downloading, how can I prevent my torrents from messing with my roommates internet speed, and whats all this talk about my torrent downloading being monitored?"

Whether your plagued by these issues or not, we all face the tedious task of searching for a virus free legitimate file that will offer optimal download speeds. Ill be addressing this equally troubling issue later in part 3.

Part 1: Choosing the right torrent client

When choosing a bittorrent client I follow 3 basic criteria:

• Is it small and does it consume the least amount of resources.
• Can I configure my torrent port usage and download speed.
• Does it have an IP Filter.

Although the last two are very important, don't worry about what these mean for now. I'll be addressing those in part two: configuring torrent clients.

Utorrent is a great torrent client out of the bunch. I've used it for a couple years now and it fits my requirements perfectly. Unlike torrent client programs such as Vuze and Bitcomet, Utorrent is a tiny 283kbs to download and offers all the same features in a easy to navigate layout that doesn't bombard you with a huge amount of information unless you tell it to.

You can find Utorrent here: http://www.utorrent.com/

After you download utorrent, here are a few little extras to keep you busy:
http://btjunkie.org/: Great search engine for hard to find torrents
http://www.demonoid.com/: great way to discover torrent files you may have never thought of.
http://www.entertane.com/: all your favorite torrent search engines in one place.


In my next post Ill guide you through an easy to follow step by step process of how to configure Utorrent to share bandwidth with others on your network and still give you fast download speeds. I'll also explain the importance of IP filters and how literally thousands of corporations and organizations may be monitoring your torrent activity at any given moment.

Resizing images made easy

If your like me you end up with hundreds if not thousands of photos from a day of shooting and now face the tedious task of organizing, editing, and resizing your photos. While photo software suites help with performing batch resizing jobs you often need to pay an arm and a leg for quality software which often presents you with the tedious task of getting it to do what you want it to do.

If your looking for a quick way to resize a large amount of images to reduce the overall disk space your pictures are taking up you can use a great free utility called Mihov's Image resizer. This tool lets you resize .jpg, .gif, .bmp formats as well as perform several types of picture conversions.

You can download Mihov Image resizer @ http://www.imageresizer.com/

When you first install the program be sure to take a peek at the options section. There you can specify the way Mihov saves your new images either by appending a new file name or saving to a new folder.

There are also services such as Photobucket.com that let you upload your images an online account. This is a great way to store backups of your photos as well. You can also specify if you would like to have these images automatically resized upon upload.

How to create your own windows shortcut keys

There's an old saying I like to tell people when they start experiencing computer frustrations. Computers can improve efficiency by 300% but often create 100% more work. In other words, you can improve your work output tremendously but you might go a little crazy trying to get there.

A technique essential to maximizing your work efficiency in a Windows or Mac OS environment is the use of keyboard shortcuts. Quick keys are keyboard shortcuts you can use to perform a simple task like copying and pasting, or opening a program like your favorite internet browser.

Complete list of Windows shortcuts

Complete list of Mac OS X shortcuts

Today I'd like to teach you how you can set your own keyboard shortcuts for programs you'd like to access the quickest way possible at the touch of a finger.

I use spybot a lot to perform all sorts of maintenance behind the scenes. So for this example, I'm going to assign a keyboard shortcut to access spybot.


First, locate the icon of the program you want to assign the shortcut. In this case spybot



Next, open the properties window by right-clicking the icon and select properties.




Now, define your shortcut key by clicking in the shortcut key field, then hold the ctrl key and press the key that you would like to use as your shortcut.



I choose to assign the "0" key to this shortcut since I know 0 is not a key I already use. Now all I have to do to open spybot is press Ctrl + Alt + 0. You may find that assigning keys that are close to the Ctrl and Alt keys are more efficient since you can use one hand to open the shortcut. It's good practice to use keys you can remember easily such as Ctrl + Alt + P to open windows Paint.

Defraging your hard drive the right way

If you have ever owned a PC you know how essential it is to make defragmentation of your hard drive part of your monthly (or weekly) ritual. If not, a routinely scheduled defragmentation of your hard drive can do wonders for both the performance of your computer and the health of your hard drive. Defragging organizes the data on your hard drive and ultimately reduces the amount of work being done by mechanical parts within the drive.

Mac Users will be happy to know that OS X performs file defragmentation while your computer is idle. Very efficient. For many new PC owners, Windows Vista and Windows 7 now performs a scheduled defragmentation of your hard drive automatically.

Tech-Fu Tool: O&O Defrag is a great free tool I have found to be faster and more efficient than the default windows defragmentation utility. There are also some great additional features you can play with to further improve performance.

Click here to get your free version of O&O defrag professional.

This free version does require a valid email to receive your free user license. Once you register, you will be sent an email containing your free user license. Simply download and install O&O defrag professional then enter the information included in this email.

Enjoy!

Cookies that stick around even after you clean your temp folder.

Cookies are the most common way websites track you and often cause a good deal of clutter on your system. I always inform customers to perform a regular cleaning of cookies and temporary internet files in their browser. Find out more about how cookies work , and how to remove them.

Today I found a great article from a technology blog called Cybernews that informs people of a specific type of cookie that sticks around even after doing thorough cleaning of cookies. They're called flash-cookies. You may have heard the term "flash" mentioned before. Basically, anytime you see animated or interactive portion of a website, that's flash hard at work. Many of these sites use flash-cookies providing them a sure fire way to keep their cookies in your browser and track your browsing progress.

Great little tool for anonynimity against google.

I found a great little tool today that will help keep you anonymous on the web. If your a Firefox user your going to like this Firefox plug-in from security software developer Moxie Marlinspike. He's come up with a way to prevent google from tracking your internet statistics. His plug-in is called GoogleSharing. Not to be confused with "Google Sharing" which is a google product that allows you to share content with your gmail contacts.

What?! google tracks your every move!?
Google has long held the belief that to be an effective search engine it must track, catalog, and analyze every site you visit, terms you search for, and IP address's of your computer. All this information is used to track consumer and economic trends that aid hundreds of thousands if not millions of business's and corporations in market research. Here, see for your self with Google trends.

GoogleSharing
GoogleSharing is not a fully functioning proxy server(what is a proxy server?) but a proxy service specifically designed to reroute your web browser traffic interacting with google services to a GoogleSharing proxy server. Once there your personal information is stripped from your traffic and replaced with a GoogleSharing identity and sent off to google. If you'd like a full explanation of GoogleSharing please click here.

Downside
There is one downside that will eventually disappear as the plug-in undergoes more development. GoogleSharing is currently only available for Firefox: 3.0 – 3.5. This means if you have any other version of Firefox installed on your system you will not be able to use this plug-in.

A last attempt

The Scammer that tried to con me into cashing the checks he sent me made his final attempt today to solicit me. This is what he said:

Greetings to you,
I don't know what you are up to,with your sudden silence over the payment you received from our client,i mailed you several times but you never reply back,ifyou know that you are not ready to work you shouldn't have given down your details to the company and am sure you are aware of the fact that you can never abscond with the company's funds and if your intention is to made away with the company's fund,you will face the penalty and will be sue to court. So i will urge you to get back to me within 48 hours if only you don't want to face the penalty,your response is needed urgently concerning this payment and I need you to get back to me as soon as possible.I will await your urgent response within 48 hours or else your details will be forward to the FBI and I can bet it.

Can you believe this guy. I informed him that I have contacted several internet fraud Organizations, and Starlight Children's Foundation concerning his recent activity. But as you can see, the grammar inconsistencies and spelling errors were enough to know English was not this person's first language. A bit suspicious for a founder of a british charity.

Scammers are usually Cowards.
My first question to John Weston, Moderator for the internet fraud advisory group Data Wales, was whether or not these individuals are prone to tracking people down and harassing them physically. His answer was a resounding no. These scammers will try to remain as anonymous as possible. All interaction they have with the internet is done so at coffee shops and internet cafe's keeping their connection as "off-the-grid" as possible. Once they decide your no longer an easy target, they cut all contact and move on to the next person.

So you caught em with your awesome tech fu right?
Through the course of this encounter, the techniques I've used have not yielded enough information to track down this Scammer. In addition to email, I've also received text messages from a phoney number which I cannot trace or track.

Where is the justice then?
You can now see how these individuals have an easy time convincing others to unwittingly commit crime for them and remain annonymous enough to move to a new location and start over. Internet Fraud Organizations are unable to rely on the evidence collected from just one incident. Investigators will look for patterns amoungst multiple incidents and coordinate their efforts with other agentcies to determine the best course of action. The more incidents they have on record the closer they get to catching the culprit. Unfortunately, the damage these criminals leave behind cannot be undone.

Strength In Numbers.

RECAP:
So this week I've been dealing with a scammer posing as a representative of a charity asking me to cash checks I receive via FedEx. I am to send him the money via western union and Keep 10% for myself. I've gone over a few topics that can help you identify a scammer and some helpful resources on who to contact if you are a victim of internet fraud.

Finally. Getting results!
My work this week is starting to pay off. I contacted the moderator of an internet fraud Advisory group based in the UK. He gave me some insightful information and recommended that I do not cash any of these checks as it is undoubtedly part of a Nigerian Western Union scam. I have since sent him all of my email conversations and pictures of the fake checks I received. He will be posting this material on his web site and will be giving this material to the proper authorities.

I have also heard back from the Starlight Childrens Foundation. They have verified my findings with the following email:

Hi

I cannot verify the legitimacy of this job Im afraid. We have had quite a few of these emails and there are no jobs going at Starlight. Please ignore any emails that claim to be from Starlight UK. We don't advertise on Craiglist and any correspondence from ourselves would come from an email address ending @starlight.org.uk.

Apologies for any inconvenience caused and thank you for alerting us to this.

Kind Regards

Cara Williams

PA to Neil Swan, CE

Starlight Children's Foundation | Macmillan House | Paddington Station | London | W2 1HD

Unfortunate but True....
Its unfortunate that this scammer is dragging this charities good name through the mud. It also seems that I am not the only person the scammer has come in contact with. Unfortunately, it is likely that the scammer has already stolen thousands of dollars from legitimate business like the ones printed on the checks I received lately. These people now have the horrible task of spending months if not years fixing their credit with the US government. It takes a great deal of work to build a business from the ground up and tragically that means very little to scammers like this one.

How Can You Help?
The next time you encounter an internet scammer handing out promises of fast money, report it immediately to proper authorities. The best way to fight internet crime is prevention. Try to stop yourself from glancing over suspicious posts. Don't tell yourself "Disater avoided, no longer my problem". You can easily stop the REAL crimes happening on the internet with just a few minutes informing the right people.

I'd like to change gears for a moment.....
I stated yesterday that I would address a piece of malware called Malware Defense that has been circulating the internet lately. I've personally come in contact with this malware on several occasions and ended up saving my friends lots of headache and money not having to take their PC to a shop.

Malware, Spyware, Virus's whats the difference....
Malware is a general term for malicious software designed to damage or compromise the machine it installs itself on. Malware is a combination of Virus and spyware so no difference really. In my book a virus is a virus no matter how sophisticated.

So what does it do?
Malware Defense infects your computer by prompting you in one of several ways:

1)While browsing a web page you may get a window telling you that your computer is in danger and you should download System protection offered by "us". If you click anywhere in the window Malware Defense installs on your computer.

2)Another way Malware Defense tricks you is by posing as a windows security center window asking you to update your virus protection. Once you do Malware Defense installs itself.

3) Finally, the last way of infection is actually applicable to any virus, spyware, or malware. If you have downloaded a file, inserted a USB drive or other writable medium, and it contains a copy of the malware, it will automatically install on your system.

Once installed it will look something like this:



After running for a few days, Malware Defense will begin to delete your antivirus and spyware protection. If left unchecked Malware defense will damage a file called atapi.sys, a system file windows absolutely needs to run successfully. You will continually receive blue screen after blue screen when attempting to boot normally or in safe mode.

That sucks! How do I get rid of it?
I stated at the beginning of my blog THERE IS NO REPLACEMENT FOR A TRAINED TECHNICIAN. This tool Ill be discussing is effective at removing harmful software. However, if you do not have a technical background, I only recommend using the Techfu Technique! I mention.

Anyway...Removal.
I found a great site that includes a detailed description and tutorial about how to remove this virus in much the same way I did. DO NOT PERFORM AN UNINSTALL OF MALWARE DEFENSE. It will just make the problem worse.

In the tutorial they uses a free program called MalwareBytes Anti-Malware or MBAM to identify Malware Defense in several places your normal virus scanner would not. You can use malware bytes free of charge and it's very simple to navigate around in this program.

Tech Fu Technique! After downloading and installing this on your computer, a "once a week" scan with MBAM can prevent a good deal of harmful software from wreaking havoc on your computer. Very easy to start a scan. Just click the Button "perform full scan" and click "scan". It takes about 20min to an hour to complete depending on the speed of your computer and amount of files on your computer.

For those with a technical background MBAM does a complete Registry Scan in-addition to its file scan much like spybot. I've found MBAM's heuristics to be more effective than Spybot as it discovered a few pieces of Spyware and Malware Defense that Spybot did not. MBAM was also very effective at identifying and deleting the rootkits associated with Malware Defense which allow it to re-propagate itself once completely deleted from your system. I wouldn't go as far to say this is a replacement for spybot. But its a nice addition to the toolkit. Check this interesting article.

Thanks for reading!

Tracing their steps

So I'm spending most of my time today getting in touch with internet crime watch groups and investigators. The rest of my time was spent gathering facts about the organization and the person claiming to be with the company. My hunch at this point is either one of two things:

1. This person is using a perfectly legitimate company to act as a front for his operation.
2. This person is with the company and is working from the inside to launder and embezzle money.

The tech-fu technique!: Using email headers to track down the original sending location of an email.

If you ever have doubts about someone suspicious sending you emails claiming that they are in a specific country and you want to verify the emails are in fact originating from that country. Here is one technique anyone can do fairly easily that will help you verify if your sender is who they say they are.

An email header is a record of information contained in every email. With the information you access in an email header you can find out how long your email took to get to you, what services the email used to get to you, what networks it passed through, and where it originated. Be aware that spammers are well aware of email headers and will falsify them to mask their personal information. There are a few great tutorials on how to access an email header and interpret exactly what your reading. emailaddressmanager.com has some great tutorials and info on how to access an email header email and how to interpret the information your looking at. Be sure to check this out first and read up on the basics. Otherwise the rest of today's entry isn't going to make a lot of sense.

You will be happy to know that most email services on the web are great at protecting your location and personal information. It use to be fairly easy to get information about a sender based on their email address. Now, web based email like gmail, yahoo! mail, and hotmail will mask several key pieces of email header information that help keep your location anonymous and safe. Unfortunately, this is also true for fraudulent senders that wish to remain anonymous. In this situation, the best thing you can do is to look at the senders email address and compare it to the "message-ID" or "sent from" sections of an email header.

First, if someone is sending an email from say " sender@yahoo.com", and after examining the email header you find there are several areas in the email header that state the email is from "gmail.com", you can be sure this email has been falsified in someway and its best to not respond to it at all.
Secondly, take a look at the first header entry at the bottom of the list (remember, header information reads bottom to top. Last entry in the list is the original sending location.) and check for a a 4 digit number that looks something like this +0000 or this -0800. This is noting the "Email Time Zone Indicator". You can compare this 4 digit number to a list of time zones at sites like artistrelations.com or timeanddate.com.

You can take this information and use it to find out what country the senders email was sent from.

Well thats it for today. Tomorrow I'll have more on the scammer but I'm also going to talk about a piece of malware that has been circulating the internet for awhile now and has infected 3 friends' computers in as many weeks. Ill include some nice pieces of free software I've found you can use to get rid of all sorts of infections and keep your computer safe and some pretty basic things you can do to keep your computer squeaky clean.

Mission Statement: Tech Fu and You!

My blog will document my experiences of battling internet fraud, recovering from viral destruction, and debunking internet money making schemes, for the sole purpose of informing you how to get the most from the internet and and perhaps save you some money and headache. Through the course of my blogs I'm going to address some of the top threats circulating through the internet, and techniques you would normally have to pay for that can help protect your PC .
Just remember, there is no replacement for a skilled professional. If you are faced with a real threat of loss in data, identity, or money, Seek out the proper authorities and/or professionals in dealing with this matter.


First Fu 4 u:

Don't trust anything on the internet:

This will be a recurring theme in my blog as I cannot stress this enough. It may seem like common sense but more often than not this is the leading cause of computer crashes and fraud victimization. You guys are going to love this one.

So recently I replied to a job post on craigslist that read a little something like this:

StarLinks Children's Foundation would be very interested in offering you a part-time paying job in which you could earn about 1000 - 1500 USD per month. Before I go further, I would like to inform you of both the organization you would be working for and what you would be doing.


Our organization is a foundation which enhances social sensitivity to the problems of children, we help seriously ill children and their families cope with their pain, fear and isolation through entertainment, education and family activities. We lay special emphasis on children with heart problems we got professionals working with the children, who potentially form the first link of the intervention chain and also support humanitarian services on surgical issues.


When a child is diagnosed with a serious illness, the day-to-day joys of childhood take a back seat to the rigors of treatment and hospitalization. Starlight Children’s Foundation is dedicated to improving the quality of life for children with chronic and life-threatening illnesses and life-altering injuries by providing entertainment, education and family activities that help them cope with the pain, fear and isolation of prolonged illness.


We understand what families go through when a child is sick, and how important it is to find relief from constant worry and isolation. Our programs have been proven to distract children from their pain, help them better understand and manage their illnesses, and connect families with others facing similar challenges so that no one feels alone.


Presently, we operate basically on generous donations in cash and other items but mostly cash funds, however our donors are mostly by United States citizens, individual and co-operate organizations, they send us these payments from the United States, method of payments which these donors use in sending us donations includes checks and money order.

-------------------------------------------------------------

Seems nice enough. Not shady at all right?! heh..Since I replied to this add by supplying a copy of my resume they now have my residential address, contact phone and email. They sent me a list of responsibilities as well:

Job Specifics:
1. Collection of Donations / Payments
2. Cashing of Donations / Payments which might include bank certified checks or money orders
3. Deduction of commission 10% per donation/payment received
4. Sending cashed donation/payments to the institute following Our Instruction.
5. Keeping Record of each donation / payment received and sent
I will like to know if you are really interested in working for us and contribute positively to achieving one goal, which is helping these children and their families, and as you do so God would definately reward you.

Wow. Yea, totally not shady (sarcasm for those who dont know me). So I responded back with a few simple questions asking them to contact me and schedule a face to face interview. They responded by saying:

Hello Ryan

You have completed the employment form previously,

and we already gave it to a client so he can make out payment to you

on our behalf which should deliver to your door step today via fedex.

1) You would be collecting the donations via certified checks which would deliver to your door step via fedex.

2) Western Union or Money Gram, following our instructions.

3) Not for now,after you have worked for 3 months you would be invited on an all expensed paid trip to the organization.

I woke up this morning to a knock on my door from fed ex. I picked up the package left on my door step and saw a check for $1,070 dollars. This check was registered to the Bank of Marin under a business that is real and resides in California. This check was made payable to my name. But wait it gets weirder, in one of the emails they sent me a list of contact info:

Starlinks Children's Foundation
Macmillan House,
Paddington Station,
London W2 1HD
Reference No: - LSLCA/2031/ 8161/05
Charity Reg No. 296058

While looking at this email, a "contacts" instant message pops up from the founder of this charity. For those who either do not use gmail or have not used this feature, google created a great tool built-in in google web mail. Its a messaging client that allows you to see who amongst your email contacts is currently signed in to gmail. You can Instant Message contacts while signed in to your email and vice versa.
I start off by telling this person that this position is very suspicious and I would like to meet face to face or by phone. He responds with " This is "Mr,Blah" the founder of Sarlinks charity. His response sounded a little automated so I immediately stated that if you do not respond in 12 sec. with a statement that confirms I'm talking with a human being I'm ending this conversation. For all I know, he could be "back-dooring" into my email account so long as the conversation remained active. Unlikely but possible. I got another seemingly automated response and ended the conversation.

So, I went to a site where you can check for registered charities in the UK. Low and behold there it was lookin real as can be:





They're a charity located in London, England. Most scams concerning money are usually located outside of the US in places like South Africa and Taiwan where internet fraud regulation organizations are fewer or non-existent. The UK has seen its fair share of internet scams as of late so there are a few regulatory bodies like Data Wales and Met. Police UK that do help in the fight against internet scams.
I am still investigating this further and have contacted the internet crime complaint center or IC3 concerning this matter. Most people like you and me unfortunately don't get the immediate attention issues like this require. The IC3 handles thousands of claims every month so response time usually takes anywhere from 3 to 6 weeks. However, starting today I'm contacting the top 10 major e-fraud fighters around the world and inform them of my blog.

I am going to make a call to this charity tommorow and ask to speak with the founder personally.

Which brings me to my first Tech fu tool! Voice over IP services like Skype make great tools for making anonymous phone calls. I perfer to use skype pay account because of their flat rate and low one time monthly fee. You can register up to 3 phone numbers when you sign up for their pay service. Your registered number can originate from a list of 254 countries so long as you provide a valid address from that country. For instance, if your a resident of the US and you live in Seattle, Washington you can register a phone number in Boston Massachusetts. All your calls will be traced to a location in Boston somewhere (random number given for that area code). You can direct all your publicly given information to your skype account and keep your personal cell phone free of telemarketers. Then, in about a year, change your skype number. Sure beats having to deal with the Telephone Company.

The internet is a crazy place. Stay informed and browse safely!

-Ryan Yanagihara