Apple vs Windows Security

In a recent post by David Pogue on Apple security, he states

* You can opt to make your Mac invisible to “pings” from the Internet, a common tactic of spammers who are looking for available machines to turn into spam relay stations.

As an Apple fanboy and Windows user at work, this is true for both systems. Unfortunately it is disabled in both systems by default. Here’s how to enable it:

On Mac OS X 10.4:

  1. Go to System Preferences > Sharing
  2. Click the Firewall button
  3. Click Advanced
  4. Check Enable Stealth Mode

On Windows XP Professional:

  1. Go to Control Panel > Windows Firewall
  2. Click the Advanced tab
  3. Next to ICMP click Settings
  4. Uncheck the first option “Allow incoming echo request”

This will set both systems to drop any incoming ping request.

Note for Windows XP: The Allow incoming echo request is checked by default if you have File and Printer sharing enabled. To stealth your computer, you need to turn off File and Printer sharing. This is due to the fact that Microsoft Directory Services (Port 445) requires the ability to ping for it to function correctly.

Mac OS X handles this a bit better and allows you to share files and printers without allowing someone to ping it on the local network. But, as the general rule of thumb, the more services you have open, the more vulnerable you are for an attack, regardless if you allow pings or not.

Whitelist domains in Gmail

I think I just discovered how to whitelist a whole domain in Gmail. I’ve been having issues with emails from my online school getting flagged as spam. Luckily they all come from the same domain, but I couldn’t find a way to whitelist a whole domain.

According to the Gmail Help topic:

How do I prevent mail from being marked as spam?
Make sure you’ve added your friends’ email addresses to your Contacts list. Gmail always delivers messages from your contacts.

From this I gathered that I could add each as an individual, but as different people from financial aid, new instructors, announcements, etc contact me, they’d be coming from different addresses. Just on a whim I added a wildcard address to my contact list.

Once I added a *@domain.com entry to my contact list, all my emails from the various people showed up in the “Recent conversations” section for that contact. Unfortunately I can’t confirm this until I receive some more emails from them. So far it seems to have accomplished what I want. Please try it out and leave comments if it works or not.

More AOHell

AOL managed to hit the news big today. Two new juicy topics for your Monday morning.

First up, AOL denies your right to cancel AOL, even if you’re dead! Thats right, the daughter of a deceased man fought for 9 months to get his AOL account canceled. It was only canceled after someone from Tech Talk column of the St Louis Post-Dispatch contacted AOL on her behalf.

Second up… AOL has also released massive amounts of private data. The data is mirrored on about 5 sites still, AOL has taken down the official page.

This collection consists of ~20M web queries collected from ~650k users over three months.
The data is sorted by anonymous user ID and sequentially arranged.

The goal of this collection is to provide real query log data that is based on real users. It could be used for personalization, query reformulation or other types of search research.