Life on the Road

No, I actually don’t mean “the root of the problem”!

The web address of this blog, as you’ve probably noticed, is the subdirectory /blog of my domain tiffanyblitz.com.

The root of the tiffanyblitz domain has actually hosted two websites already over its lifetime.

It began, a decade ago or so, as a website promoting my fitness modeling, personal training, fitness competition, and acting/modeling. Tiffany Blitz was my stage name, hence the domain name.

Anyhow, when we moved to Arizona (2004) that all came to a halt. And getting pregnant with Jewel was the end of it once and for all.

We repurposed the website as an access portal for our home-based business, and it served us faithfully in that capacity for another few years.

When we went on the road full-time in 2007, we started this blog to chronicle our adventures.

So, for some three years now, some people have been using this URL to access the blog. Some have bookmarked it. Some have made shortcuts to it. Some have included the link on their web page or blogroll.

Hence the question.

We are no longer involved with that home business venture, so the tiffanyblitz.com root domain is sitting around, empty.

A few options present themselves, and I really don’t know what would be the best way to go:

• Keep the blog at /blog, and forward the root domain to here as well. (This is what I’ve done currently, just because it was the easiest thing, and seemed better than leaving a blank, empty page there).
• Move this blog to the root directory, and put in forwarding from the /blog address. (Do I lose too much link love?)
• If I’m going to move it anyway, I could get it its own domain with a better name? I can still forward this address. (Ditto the worries about lost links. Is this any better/worse than moving within the domain here?)
• Or ??

I’d be very interested in your feedback on this issue!!

Well, the waiting has begun…

One of my local La Leche League leaders is married to a computer repair guy, so I packed all my woes in a bag and took it to her at our last meeting to pass along.

My external USB backup drive died. Yeah, at the same time as the computer it was backing up. Nice, eh?

Anyhow, he disassembled it and managed to get 50 gigs of data, which he thinks is everything (and sounds about right to me). Whew!

Now he’s working on the laptop. (Meanwhile I’m working on the desktop that used to live in Nick’s room!)

One thing he recommended that I haven’t ever thought about is cleaning out your computer regularly with compressed air. Dust, hair, etc. naturally build up over time, whichcan cause heat retention and degraded performance.

I guess my house-cleaning routine needs a tech task update!

So every few month take the can of compressed air, and make little sweeping blasts across the keyboard, and all the air vent areas. Don’t blow too long or hard in one place, or you can damage the fans inside.

Anyhow, aside from a good physical cleaning, he’s also “cleaning” the content. He agreed with my scans that said there were no viruses or other badies present, but he did find some remnants of earlier infections. Apparently they had been caught and removed, but left some artifacts. Eeew!

When he’s done with all that, he will back off all my content and reinstall the operating system so I can start fresh.

It’s taking a while to get the work done, since I’m on the “go easy on my wallet” program.

If he goes onsite, or does a rush job for someone, he has to sit there and not earn any other income while staring at the computer waiting for – for instance – a program to load, or a scan to complete. So he has to bill for all that time.

If, on the other hand, he can work on my computer between other tasks, he can spend five minutes getting a scan started, then turn his attention (and billing!) to another job. MUCH nicer for me, and well worth the delay.

All the same, I miss having all my files, bookmarks, etc. readily accessible. At least I have pretty much everything either on my Mozy online backup, or on a couple of CDs I burned before handing over my computer…

…And should it be?

This is not about governmental snooping, espionage, or anything that… well…  dramatic.

I’m just talking about the day-to-day interactions between people.

Forwarding jokes, warnings, cool photos, or political topics is by now an established part of our e-culture.

On the other hand, priests, psychologists, and bankers have a relationship with others that requires confidentiality.

Obviously, when Person C snoops in Person B’s email and posts things on the Internet, that’s wrong, but for a totally different reason.  That’s someone else’s email account, which C should not have accessed.

Then, there’s a big gulf in the middle of all of those…

If Person A sends an email to Person B, what is the expectation?  Is there a fixed standard, or does it depend – and if so, on what? 

• The person?  (Sender?  Receiver?)
• The material? 
• The context?
• The venue?

Is the email standard the same as our standard for a phone call?  A personal conversation?  A letter?

Let’s play What If…? and see which things strike us as “right” or “wrong,” or even “Wow, I never thought of that!” or “debatable”:

- If a cousin sends me news about her branch of the family, am I violating her privacy if I forward it to another interested cousin?  What if I post it here on my blog?  What if I send it to Oprah?  Does it matter if I forward the email (direct quote) or paraprase the content?  Does it matter whether they know each other (and if so, for better or worse?)?

- If I get a weird unsolicited solicitation in my email, am I violating their privacy if I send it to a friend and ask their opinion?  Does it matter if it was business or personal?  What if I post it on a scam warning forum?  On my blog?  Does it matter if I forward the email (direct quote) or paraprase the content?

- If a friend sends me a really mean, nasty email, ranting about something I allegedly did, am I violating her privacy if I send it to my sister to ask for her advice on responding?  Does it matter whether they know each other  (and if so, for better or worse?)?  What if I send it to three or four close friends, instead, asking for their help?  What if I post it on my blog?  What if I print it out as evidence for filing a restraining order?  Does it matter if I forward the email (direct quote) or paraprase the content?

- If a business client sends me a nasty email about an unfortunate problem with our transaction, am I violating their privacy if I send that to my sister to ask for her advice on responding?  Does it matter whether they know each other  (and if so, for better or worse?)?  What if I send it to a small business networking group, instead, asking for their help?  What if I post it on my blog (with or without naming names)?  Does it matter if I forward the email (direct quote) or paraprase the content?

From discussing this concept with people while working on this post (some weeks now), it seems clear that not everyone has the same standard.  Of course, not everyone has the same standards in general, so I suppose that should not be a surprise.

Here are some common threads to the opinions I’ve heard so far:

• Email is no more – and no less – “private” than any verbal conversation.  Thus if you tell a friend something in confidence, you and your friend have an understanding about it.  Gossips will be gossips, regardless.
• Email is no more – or less – “private” than any other written communication.  This is why people so often have ugly conversations in person or on the phone, but not in writing.  Anything written down lives on, and can become part of the public record.  You shouldn’t write it down if you don’t want people to know.
• It’s typically fine to ”ask others for advice”, as long as they don’t know the person in question.  It’s much easier for people to understand the problem if you just quote the email rather than trying to paraphrase the issue (and of course this applies doubly when the delivery is the issue, rather than “the issue”).  If people know each other, this is potentially invasive; but chances are, they live on opposite sides of the country and have no idea who that person is – they aren’t going to run into them in the grocery store and have to reconcile this embarassing thing they know…

What do you think?  And how much do you care?

How careful are you about what you say in email?  Will contemplating this change that?

Well, my external hard drive quit.  Great.

And quite an unhappy coincidence, given the state of the laptop (see prior posts for all the gory details).

I used the USB drive as a backup for the laptop somewhat, but even more so just for extra storage – a laptop hard drive is smaller, anyway, and being about 3 years old this one seems positively tiny compared to the size of all my photos and such.

One of my local La Leche League Leaders’ husband is a computer repair guy, so I’m going to be turning both the laptop and the USB drive over to him.  He’s confident that at least the vast majority of the data on that USB drive will be recoverable, but I’m still really glad I had at least a pretty good backup plan in place.

I tried using the USB as the backup for the laptop, which is fine as far as it goes…  But there are other things on the USB as well, and they need their own backup.

Some of the popular backup services (like Carbonite) won’t back up a networked or external drive, so that was out, even if I wanted to spend that kind of money on an ongoing basis…

The plan I invented, then, went something like this:

Part A

Everything like photos from prior years (essentially static directories), was backed up onto CDs.  I left them on the USB so I could access them easily, but if they get wiped from there I will still have them safely tucked away.  You could do the same thing with essentially-archival directories of documents, music, or whatever.

This accounted for the vast majority of the space, giving me more options for Part B.

Part B

I signed up for a FREE Online Backup account at Mozy.

Mozy has full-service home and business plans just like any other online backup, at a reasonable price…  But they also have a FREE service option. 

You only get 2 GB of space (which isn’t an awful lot when you start filling it up), but it runs automatically (I never “forgot to back up”), in the background, and all the other good things you’d expect.

For me, this is enough to back up the all the “Users” files for the three of us, plus my directory of 2009 photos.  That’s everything vital that changes.

—–

So, hopefully, everything will be restored, recovered, replaced, and happy again…

But if something goes awry, at least I didn’t lose my Quicken files, the kids’ baby pictures, or the draft of my latest writing project.

Well, I uninstalled several more programs.  I removed several more items from the Startup sequence.

I installed Kaspersky Internet Security on the 30 Day Free Trial, although that meant uninstalling both my McAfee suite and the Spyware software I just bought.

It did a thorough scan (which was some progress, as McAfee wasn’t even able to do that any more!), but found nothing.  A few “vulnerability” issues it recommended I correct (downloading crrent patches for Microsoft programs, etc.), but no evil virus or worm…  Rats.

Oddly, things did seem better after that…  For a while.

Next I spent 33 minutes on the phone with Verizon, discussing my wireless broadband service.  He did have me download an update to the interface software, but we diagnosed clearly that the connection speed was not what was causing this. 

He said that fro what I described it was a problem with IE or Windows, and that I should call Dell technical support – he even had their 800-number handy.

Off for another round…  <sigh>

…I am about to tear my hair out!

Things have been getting worse for the last few weeks, and it has gotten absolutely unbearable (hence the lack of recent posting). 

I don’t have an answer yet, so I’m going to walk you through it all in case any of you techies have any suggestions. 

At first it seemed like it was just a case of “laggy” Internet service.  You’d click a link on a web page, and it would take ages to open the new page and load everything.

Then it got worse.  It couldn’t even keep up with typing emails – or blog posts.  You’d type a few words fine, but then you’d continue on… and the display wouldn’t.  It would freeze.  And when it came “back to life”?  Sometimes, nothing at all from what you’d typed.  Sometimes the first part, sometimes the last.  And often, skipping bits and pieces – individual letters missed all over the place, making you look like the world’s most typo-prone typist. 

And clicking the cursor back on the first error you notice…  May have a 5 second delay.  Or 10.  Or it won’t go at all. 

How do you know when to wait, and when it’s just not going to happen?  Clicking again may just make it worse, of course.

The statistics display for my connection shows fairly normal stuff, though.  At times it’s obvious the through-put is slow, but it shows normal levels at the maximums if you look at a longer period of time.

Naturally IE also crashes regularly.  Sometimes it just dies.  Sometimes it starts opening multiple new windows, which sometimes say “HTML Zone” or “Blank Page”.

Most of what I do on the computer is online, these days, but I tested it out and got the same kind of “laggy” behavior when typing a letter in Word.  So I figured maybe it WASN’T the Internet connection, after all.

The computer got erros on booting up periodically, as well.  Often just an “Improper Shutdown Detected” type message, but sometimes weird, serious errors – once concerning the Users file.  Three times I had to use system retore to get running again – but each time it restored to a different point in time, and didn’t back off any changes I could detect and correct.

I started through all the fixes I could think of:

• McAfee Virus protection is and has been in force.  It has not done a full scan since 2/22/09, however, since it gets bogged down and freezes up (more on this below).
• I purchased a Registry utility (CleanMyPC), which corrects something now and then, but generally seems happy.
• Defragmenting the hard drive seems to help for a little while (hours), but accomplishes nothing lasting.
• Startup programs were deactivated to clean up what was running in the background.
• No “extra” Applications were running in the Task Manager.
• I purchased a special Adware/Spyware utility (even though McAfee is theoretically supposed to handle those).  It found and removed 6 threats and 331 infections.  Which did absolutely nothing.

The Task Manager showed some 100+ Processes running and – no surpirse – CPU Usage at 100% (with brief dips lower).  Stopping the ones that I recognized, but were non-essential, had no impact.

The only one that seemed to be hogging resources was some PCM system file from CyberLink.  Research indicated that it was legitimate but useless, and could be disabled.  Unfortunately, that didn’t help, either.

I started Googling everything I didn’t recognize…  All of which were verifiably normal.  Drat.

McAfee should be doing more, I thought.  No matter how slowly, it should eventually be able to scan.  Hmmmm… 

I ran it on the “Quick Scan” mode – checking only the “most vulnerable areas.”  It scanned some 9,000 files, in less than 10 minutes, and found no problems.

So then I tried again running the “Full Scan.”  It’s doing the same scan process, just doing it to more files – all the files on the computer, in fact.  After 4 hours, it is up almost to the 9,000 file mark (3%, in this case).  This is about the same result I’ve had before, when even running it overnight never got us past 31%.  Obviously the problem, if we infer from this that there is one, is not in one of those “most vulnerable areas” the Quick Scan checks.

Then this morning another weird thing turned up…

I was editing photos to make an album for 2005.  I have a “2005″ folder, and a ” Jewel 2005″ folder, and between the two of them there are almost 1,000 photos.  I was trying to sort through and pick the ones to represent the year, crop and adjust in Photoshop, and save in a new folder. 

But I couldn’t Save anything.  I kept getting weird messages – varying – about them being open somewhere else, or being “Locked,” or what-not.  I checked the File properties, and some of them were marked “Read-Only”, and others had “Archive” checked!  Why?!  I unchecked them – but the errors persisted.

I went up to the folders, and the parent folders.  ALL had weird properties checked, and unchecking them even there was similarly ineffective.  What in the world is THAT about?

This morning, also, I booted up without the modem plugged in.  I know it hasn’t been this bad ever since the first of the year when we got this new hardware, but I’m desperate.  And things seemed better!

But I then plugged the modem into Nick’s computer, and it ran fine over there.  So back to square one.

And right at the moment, things seem fairly good back on my computer, online…  Does that make it “back to square -1″? 

Now what?!

I’ve decided it’s time (past time!) to get everything backed up online.

I just had to go back and dig up an email off the old laptop, which we’ve saved largely for that reason, since only a portion of the files were recovered after the crash.  What a mess!  I never want to sffer through that again…

A lot of people I know use and recommend Carbonite, so I downloaded the software and started playing around with it.  I really like a lot of the features, and most importantly it does everything automatically – no “I forgot to back up!” worries.

But it turns out Carbonite is totally unsuitable for me for one big reason:  It doesn’t back up any drive not “permanently attached” to your computer.

My main computer is a laptop, and not brand new, which means it has a relatively small hard drive.  I have a USB drive that lives right here under my desk and functions as the rest of my “permanent” hard drive storage.

Photos from years past I can archive onto a CD with no worries, since they are static…  But also on that drive are the backups from our websites – including the databases of the posts, uploaded image files, etc.  Not to mention any other data files we are working on beyond everyday correspondence – the family Christmas letter, the band fundraising information, my geneaology data, and so on.

These are things that need to be backed up.  Vitally.

Mozy was suggested by someone on another group, so I checked it out.  It has the same sort of automated backup and ”run-in-the-background” functionality as Carbonite, but I can select anything to be included in the backup set.
 
They have a number of plans to choose from, apparently “something for everyone”:  a business plan, an unlimited home plan (only $4.95/month), and a Free Plan.

The Free Plan is only 2 GB free plan, presumably to get you hooked, since 2 GB doesn’t go as far as you’d think…  But they also give extra free space for referrals, so if you want to check it out, please use my link. 

It’s FREE – why not at least back up the most crucial stuff, right?
 
So I am, again, starting the long, slow initial backup…

Okay, let me ask you a “techie” question…  Surely someone out there knows the answer!

I have broadband service through Verizon Wireless.  That’s not necessarily my favorite, but we needed that option when we were travelling full-time in the RV, and now it’s what we’ve got.

I just upgraded my modem from a regular stick-it-in-the-side-of-the-computer-card to a USB “thingie.”  It works great plugged into my computer, and I have plenty of USB ports (obvously, that’s the big incentive for choosing that style).

But I used to plug the card into a wireless router, then Nick and I could both use the connection through WiFi receivers on our respective computers.

Now I ned to find a replacement router that will accept the USB modem for the incoming connection – and I can’t seem to locate such a thing.  Most of them HAVE a USB port, but it’s only for outgoing – to connect a printer or whatever.  Even the old router I had has that…

Is there such a thing? Or do I need to return this cute USB modem and go back to a card?!

Grrrr!

We interrupt this fun family blog to bring you a bit of business info.

This tutorial was put together by my good friend and successful online business owner, Alicia Staz (check out the links to her gorgeous jewelry in her credits at the end!).  It explains what everyone with an online store needs to understand about complying with the laws protecting consumers’ credit card information.

———————————— 

PCI Compliance is required…this is not an option.  Anyone who accepts credit cards must comply with certain standards based on the number of transactions you complete each year.  It doesn’t matter if you use a payment gateway to process your cards or do them manually.  It doesn’t matter if you use a shopping cart or PayPal… you still must commit to keeping all data that is collected safe.  The PCI Security Standards Council has all the information you will need.  Personally I didn’t get into the technical aspect of it.  I knew I needed it and so I set out to get it done.

Who does PCI scanning?

I happen to have the Hacker Safe certification through Scan Alert - this includes PCI scanning at no extra charge.  Scan Alert also offers a PCI scan for $149 a la carte, so you don’t have to have buy the Hacker Safe certification to get it through them.  That said, there are many organizations that offer a PCI scan, just Google it.  

If you use PayPal, they have partnered with ScanAlert, a Visa and MasterCard-certified PCI vendor, to help their customers comply at no cost for the first year. Enroll online with ScanAlert at: https://www.scanalert.com/SignUp.sa?oc=9673.

So what does PCI scanning entail?  

When you have your domain scanned for PCI compliance it has nothing to do with PayPal, your shopping cart or anything else.  That is a huge misconception!  I left my host because she thought the PCI vulnerabilities had to do with my shopping cart, not her servers.  

When a company scans your domain, they are scanning the servers that your domain resides on.  They do all kinds of checks and challenges to try to “get into” the server – similar to what a hacker might do.  It will completely mess up your website statistics… they are hitting pages randomly, every day.  They are trying to find nonexistent pages so your “404 not founds” will be off the charts.  I know someone said there is a way to block them from your stats program (not register any visits by scanalert.com) but I haven’t figured that out yet.  If anyone else know how to do this, please let me know!

Which hosts are PCI compliant?

Not many that I know about.  The only two options I considered seriously were Hand-On Webhosting and A2 Hosting.  I Googled it and had to really search for hosts that were compliant.  I emailed my list of questions to the ones I found, and surprisingly only a handful got back to me with answers.  

Here is my personal checklist for a host:

1. Do they maintain their own servers?  If not, can they tell me where they are physically located?

2. Do they allow spammers or adult sites to reside on their servers?  If so, it could negatively affect my search engine ratings.

3. Are they Hacker Safe compliant?

4. Are they PCI Compliant?  If they are PCI Compliant they are Hacker Safe compliant because PCI compliance is a step more intense than Hacker Safe.

5. Are their prices reasonable?

6. Are there any negative reports about them online? I Googled the names…

7. Have they been in business for several years?  This is my business and I don’t want someone else’s hobby ruining my business because it goes under.  That is why I want to be with a host that owns the physical servers.  Chances are, if they have invested that kind of money in severs, they are in it for the long haul.

What are the next steps?

Once you choose a host that is compliant and get your site moved to their servers, you will still have vulnerabilities to address.  A PCI scan generates vulnerabilities that may or may not be valid for your particular host.  They are testing based on the worst case scenario and in many cases, there is a reason the host does things in a particular manner, and they have other measures in place to protect the data.  

Once I had a PCI Compliance report that listed the vulnerabilities, I emailed it to A2 Hosting’s Technical Support and they typed up answers to address the issues.  Once I had responded to the issues and completed the PCI Questionnaire, I was considered compliant.  Since I have less than 20,000 transactions a year, I am only required to have quarterly scans to be in compliance.  I printed my compliance report and don’t need to print another one for 3 months.

What is the PCI Questionnaire? 

It is just a list of questions you need to answer that ensures that you personally (and any other people your company employs) are doing everything necessary to protect the cc data.  Do you store it on a secure server, do you password protect the data, etc.

I think that about does it.  If you have any other questions, I can try to answer them, but I am by no means an expert.  I just did what I had to do to become compliant and I think I have detailed it all here.  If any of you want to forward this to others I don’t mind… I only ask that you maintain my signature line as part of the article. : )
Alicia E StazOwner, Designer, Beaded Royalty

http://www.beadedroyalty.com

Visit my blog at: 

http://www.handmade-sterling-jewelry.com

Okay, I have SEVEN (I kid you not) unfinished draft posts up there vying for my attention…  But instead I’m going to vent about Internet Passwords – because I just got bugged again.

Every website has their own requirements for passwords.

This has evolved over time, to prevent everyone from using their middle name as their (not very secure) password on every website.  I understand it.

But some places require it to be 6 digits, and some 8.  Some require a combination of letters and numbers.  Some require letters, numbers, and a “special character.”  And a few have a 4-digit numeric code!

So how am I supposed to keep track of all these?

My mom writes websites and passwords on an index card in the top drawer of her desk.  I used to think that was silly, but I’m begining to relate.

I admit I used to use the same password for everything.  But it wasn’t something I felt anyone could guess, so I wasn’t concerned.  But it was letters only, so soon a lot of sites wouldn’t accept it.

So then I had a few alternatives that I began using.  Sort of “variations on a theme” – things I could remember.  So when I tried to log in, if one didn’t work, I’d try another, which usually did.

I’m happiest, of course, when a site remembers me, or my AutoFill pops it up for me…  But alas, things don’t run well unless you periodically delete all those “Temporary Internet Files”.  Then you’re on your own again.

But more and more site have made more and more cryptic requirements, forcing me to use other passwords…  PLUS they limit the number of login attempts, to prevent hackers from sitting there guessing.

What I would like, though, is for them to GIVE ME A CLUE!  Not about my password, necessarily (although the places that have hints and secret questions are nice), but about their REQUIREMENTS. 

At least, if I enter the wrong password, tell me “Passwords must be 8 characters long and contain both letters and numbers” along with the “that username and password don’t match” error message.  Then I’d know it’s one of the LONGER ones, but not one that requires a “special character” – which would probably be enough for me to re-guess what I used.

… or maybe I’ll just start having them tattooed on the back of my hand.

Oh, wait, then there are those sites that require you to change your password on a regular basis…