Comparison: MapQuest vs Google Maps

Although I still have a file folder with paper maps, these days I find it much quicker to use either MapQuest or Google Maps to find an address or directions somewhere. I've used MapQuest for years, but the new Google Maps (which is still in Beta) gives it a run for the money. I decided to do a comparison of each for my own use.

QUICK DEFINITION OF BETA - in software development, a "beta version" of a product is one that is still in development but is published for testing purposes.

My typical use of online maps is finding out the directions and location of somewhere that I plan to go. This comparison may not produce the same results for an American tester as for myself (a Canadian), since both MapQuest and Google Maps default to US maps. For this test I will simply locate the municipal government building at 453 West 12th Avenue, Vancouver, BC, Canada, V5Y 1V4. Since I am familiar with the area, all I want is a view of approximately 3 to 5 blocks surrounding the location. And since I want to minimize the typing, I'll just provide "453 west 12th ave vancouver bc" as my search criteria. This is very typical of the my use of these sites. I will also record the number of actual key and mouse clicks along the way, as shown by a number like this [1], which will be tallied at the end. The address itself counts as [30].

MapQuest

The one thing I've always disliked about the MapQuest site is that it has an address input form that assumes an American address. In order to input a Canadian address, I have to click on Maps [1], search through a list of countries to get Canada [5], enter the address, city and province [30] in separate boxes [4], which means that you can't easily cut and paste a single address line. The map that appears is about 12 square blocks, so to zoom in requires one more click [1]. MapQuest has historically been a very slow site, although recently the map pages load much quicker than they used to. Total clicks: 41.

Google Maps Beta

As a Canadian, I am immediately impressed that Google Maps defaults to a North American map. Unlike MapQuest, Google gives you a simple search field where you can enter any search criteria, such as our test address [30]. Hitting the search button [1] immediately brings me to a 20 square block radius. A couple more clicks [2] on the zoom button brings me to the desired view. Total clicks: 33.

Other Criteria

A long-standing complaint I've had about MapQuest's map size is that it is only about a quarter of the screen in size, an area of about 164,000 pixels. Google made theirs considerably larger at about 283,000 pixels, or over 40% larger. This is important when you need to print out the map for readability on the road.

If you want to move the map view over to the right a few blocks, you can double-click on either map to move your view. Google takes less than 1 second, while MapQuest, even after improving their site speed, still takes about 4 seconds.

When evaluating the readability of the maps, take a look at each sample result from Google and MapQuest. MapQuest frequently fails to show street names, although in this view Google has some names just out of view. Google again comes out on top.

And the Winner is . . .

Google Maps Beta comes out on top. It takes fewer clicks to get to where you want to go, the maps load instantly, the map is large and easily readable. MapQuest has fallen behind in ease of use, and Google has taken advantage of that. Looks like I'll be using Google Maps Beta from now on!

Read more!

Anti-Phishing Sites Help You Identify Suspicious Emails

In my previous article, "How to Identify a Phishing Scam", I gave an example of one type of phishing email that I had received. There are many others that pretend to be from such companies as eBay, MSN, Paypal, VISA, Citibank, and many more.

QUICK DEFINITION OF PHISHING - "Phishing" comes from password harvesting fishing, which is the illegal practice of attempting to get sensitive information such as passwords and bank account numbers from victims by pretending to be a trusted legitimate source. They mimic trusted companies and manage to trick approximately 5% of their victims into giving them personal information.

If you receive an email that looks suspicious to you, there are some great web sites that list current phishing scams. All you need to do is compare your email and see if it is on their list.

The first resource is the Anti-Phishing Working Group. They maintain a large archive of current phishing scams listed by date. Clicking on the name of the scam produces a very detailed breakdown of the email. Click here to see my example of the Washington Mutual email.

The second resource is Millersmiles.co.uk (yes, it's a very odd name) which is self-described as "the web's dedicated anti-phishing service". It similarly lists the most recent scams in order of date. Clicking on the name also lists some information about the scam, however it is typically not as detailed as the Anti-Phishing Working Group's as you can see in the Washington Mutual example.

Both sites are good resources for discovering if a recent email is a phishing scam. As well, they both give good information on what to do if you've accidentally given out personal information. The best thing to do is react quickly to minimize the damage by contacting the police as well as your bank, credit card company, etc.

Read more!

Download: OpenOffice

OpenOffice is a free productivity suite compatible with all major office suites. Currently there are 2 versions available (both free), the older stable v1.1.4 and the newest v2.0 Beta.

An estimated 16 million people have downloaded OpenOffice, which is a great, inexpensive way to get Microsoft Office compatibility. OpenOffice includes a word processor, spreadsheet, presentation software, a drawing program, and database tools that allow you to access databases. There are a few compatibility issues, most minor, but most home users won't notice any problems. One thing that OpenOffice doesn't come with is a database comparable to MS Access, instead they allow you to use any database, such as MySQL, Oracle, or even MS Access. It does, however, have the ability to create flat-file dbase databases. The new version 2.0 Beta will improve upon v1.1.4's database components.

One of the best things about OpenOffice, other than its price, is that the features are familiar to MS Office users, and many common things are even easier to do, such as mail merge. A number of support options are available, including paid commercial support. For home use, OpenOffice is a great product, and for corporate use, I recommend a formal evaluation to see how it addresses your company's needs.

Read more!

When is Spyware Not Spyware?

In my earlier article eBay Toolbar Alternatives, I did not give one of the toolbars (MOOBar) a recommendation because one out of four of my antispyware scanners reported that it contained spyware. To be fair, I informed the author, who replied,

There's DEFINATELY nothing which could be remotely considered Spyware inside any MOO* product - in almost 3 years and 10s of 1000s of downloads, you're the first person to even have a scanner notice anything (and at least one of the other 'MOOs' has been certified spyware-free on a couple of download sites).

I sent him my scan information, and some avenues to contact to have his software certified by the antispyware company as actually being spyware free. He has yet to respond, although I do believe it may be a false alarm (also known as a false positive in security lingo).

This begs the question, if only one out of four spyware scanners report a result, is this reliable? Are the spyware scanners themselves reliable?

Like the antivirus industry, sometimes spyware scanners can mistakenly report spyware when it isn't there. It can misidentify things that lead it to believe that you have a particular piece of malware on your system.

Unlike the antivirus field, where most antivirus programs catch every known virus a majority of the time, the antispyware industry is still maturing. This means that one antispyware program is not enough to catch most spyware residing on your computer. So to answer the questions, generally, the spyware scanners and their results are reliable. However, you should not rely on only one antispyware product. Two is better. Three is good.

Each antispyware program has its own strengths and weaknesses. Some are good at catching key loggers, while others ignore that class of threat and are better at catching adware. For links to some good antispyware products, both commercial and free, I will be adding them to my downloads page.

Read more!

How to Identify a "Phishing" Scam

"Phishing" scams are some of the worst types of scams, because they look like legitimate emails. A phishing scam (pronounced "fishing") is an email (or even a phone call) where someone pretends they are your bank, doctor's office, credit card company, utility, etc and they try to get you to reveal your personal information. They then use this information to obtain money from your bank account, credit cards, or worse.

I recently received what appeared to be an email from Washington Mutual bank. Although at first glance it looked legitimate, there were a number of things wrong with it that made it recognizable as a phishing scam. In this article I will show you the email I received and teach you how to tell that it was fake so you can protect yourself and your family.

The email, which even contained a Washington Mutual logo, read as follows. I've replaced some text as indicated by [square braces]:

From: "Washington Mutual Security Service"
To: [one of my business emails]

WARNING: CONFIRM YOUR ONLINE BANKING RECORDS

Dear [one of my business emails],

We recently have determined that different computers have logged onto your Online Banking account, and multiple password failures were present before the logons. We now need you to re-confirm your account information to us. If this is not completed by March 5th, 2005, we will be forced to suspend your account indefinitely, as it may have been used for fraudulent purposes. We thank you for your cooperation in this manner.

To confirm your Online Banking records click here:
https://login.[fake Washington Mutual site].com/logon/logon.asp?dd=1&Update&Your&Info

Thank you for your patience in this matter.

Washington Mutual Customer Service

Please do not reply to this e-mail as this is only a notification. Mail sent to this address cannot be answered. Copyright 2005, Washington Mutual, Inc. All Rights Reserved.

Looks fairly legitimate at first glance. Here are the top reasons that I recognized it for a fake:

1. I do not have a bank account with Washington Mutual. However, sometimes a phishing scam might use one of your real accounts, so beware!


2. It was addressed to a business email account that I do not use for personal business.


3. It asked me to confirm personal details. No reputable business will EVER ask you to confirm personal details by email or telephone. They will always send you a letter or ask that you come into their branch.


4. The "Dear:" line didn't have my name, only my email address. If I had an account at Washington Mutual, wouldn't they know my name?


5. They made an unrealistic demand with a threatening tone, "We now need you to re-confirm your account information to us. If this is not completed by March 5th, 2005, we will be forced to suspend your account indefinitely..." No legitimate business would simply shut down your account indefinitely with only a few days notice just to confirm some personal information.


6. A link to a fake Washington Mutual web site was used. This one was very tricky to notice. In the text it appeared to point to a Washington Mutual web site, but my email client warned me "The actual host is different than the host in the link text" when I hovered my pointer over it. Not all email clients are smart enough to do this. Sometimes they'll show you the real address in the status bar at the bottom of the window, but the real address, had I clicked, would have taken me to a different illegitimate site (which has subsequently been taken down). Now be careful; many people are taught that if a web address begins with "https:" rather than "http:" it is a secure site. Do not confuse the appearance of a secure web address with a legitimate web address. The bad guys can use "https:" too.


7. Never trust the "From:" field, it is easily faked. I checked the "Reply-To:" and it listed a different email address at Washington Mutual. I knew already it was a fake address, and a quick email to that address confirmed it. I do not recommend you reply to any email addresses that you suspect might be from a phishing scam!

I immediately notified the US Federal Trade Commission as well as the real Washington Mutual, as recommended by Washington Mutual's security guide. They have a good guide to your online security, well worth a read.

My final advice to you is that if you aren't sure if an email is legitimate, do not reply! Telephone your bank/credit card/utility (whoever they say they are representing) yourself to confirm whether they sent you any emails. Remember to get the telephone number from the phone book or one of your bills, do not use the telephone number in the email!

Read more!

eBay Toolbar Alternatives

I have been occasionally selling items on eBay for a few years. Recently I decided to sell some items and noticed that eBay now has a toolbar for Internet Explorer. This toolbar allows me to track my auction items and it also has a feature called Account Guard that warns me if I'm on a fake eBay or or PayPal web site.



I decided to give this toolbar a whirl. However I noticed a number of problems that began right after the installation:

• The Symantec antivirus icon disappeared from my taskbar
  
• IE began to run very slowly
  
• My new Firefox 1.o.1 download arrived corrupted

I quickly uninstalled the eBay toolbar, and did a full virus scan and spyware scan. My system was clean. I uninstalled the eBay toolbar and I haven't had a problem since.

I did some research into the eBay toolbar and discovered that there are some reports of problems with it under different versions of Windows, including the dreaded BSOD (blue screen of death!) under Windows XP SP2. I also came across a couple of other toolbars with similiar functionality in tracking my auction, MOOBar and LittleBigBar.

MOOBar

MOOBar is a supposedly spyware-free toolbar for IE that allows you to search eBay auctions. There is also a Firefox version available as well. It isn't quite as nice as the eBay toolbar for tracking auctions because any of your auctions have to be part of the search history. It will not automatically find all of your personal auction listings.



It does however have buttons that let you refine your eBay search to things like what field you want to search on, eBay USA vs the world, and whether you want to search all auction items or only "buy it now" items.

The reason I say MOOBar is "supposedly" spyware-free is that PestPatrol reports a spyware dialer program in both the installer and uninstaller. However the spyware isn't installed in the registry at this time, so it may be a false alarm. I wrote to the author about it but he has yet to respond. I'll update this article if he does, but for now MOOBar is off my list of acceptable software because of the spyware possibility.

LittleBigBar

LittleBigBar is a general purpose toolbar that has some handy features such as buttons that let you search over 60 search engines (including auction services like eBay), a popup blocker that works pretty well, a hilight search term button, and a button to toggle image viewing on or off. And the buttons are completely configurable.



Similar to MOOBar, you can enter your eBay auction number in the search field and hit the eBay button and LittleBigBar will quickly take you to your auction page. Again, this is not as slick as eBay's toolbar offering. If you are auctioning off multiple items, all you see are your auction numbers in the search pulldown, but no descriptions like the eBay toolbar. One excellent feature it does have is when you click the eBay button, it offers a menu of about 30 search options, including a list of searches by category. This is a lot quicker than searching through eBay's web site and can save you time.

LittleBigBar has a lot of configuration options, as well as a pulldown menu that offers a lot of help and support for the freeware product, such as report a bug or suggest a feature. This product appears to be well supported by its author, contains no spyware and seems to run without any glitches.

Conclusion

The eBay toolbar is the most functional toolbar for managing your eBay auctions because it uses your actual eBay login to list your personal auction items. It also includes the Account Guard which alerts you if you are on a non-eBay web site that tries to trick you into revealing your eBay information. However I found it to have some negative effects on my system, including slowdowns and making my antivirus icon disappear, so I cannot recommend it.

MOOBar is an eBay-specific toolbar with a version for both IE and Firefox, however until the spyware issue is resolved I cannot recommend it.

LittleBigBar is a general-purpose toolbar that includes excellent eBay support, it doesn't require your personal eBay account information which makes it safe to use, and it contains no spyware. It also includes a popup blocker and some other excellent search tools, and coexists peacefully with the Google toolbar. It does not have a Firefox version available. I would recommend giving it a try for its many search options, even if you do not use eBay.

Read more!

Bloglines - A Free News Reader Service

Bloglines is a free web site that allows you to read live feeds from different news sites. Recently I showed you how to add the Paramount Digital Security newsletter to the Firefox browser. If you don't use Firefox and use Internet Explorer, you are out of luck because IE doesn't have a built-in news reader. There are other choices however, one of the more popular and easy to use is Bloglines.

Bloglines is web-based, which means that you won't have to download and install anything which can be an advantage for those with older computers with little disk space or if you want to read news at work.

On the Bloglines register page you will need to fill out your email address and a password to use. They will send you a confirmation by email to complete your registration.

One of the advantages of Bloglines is that you don't have to figure out the exact address of the newsfeed. They have a handy tool that lets you enter the main blog web page and it will report the correct exact address of the site's newsfeed. We'll try this now. On the My Blogs page you can click the Add button to add a news service. On the right of the screen, just use the topmost Blog or Feed URL box and enter www.techforthetimid.com then click Subscribe.

At the top of the screen is the summary of the news feed, and below it is the Options screen. Just leave everything as default and at the bottom, click Subscribe. Now you'll notice in the left pane, under My Feeds, you will see Technology for the Timid. Click on it (it is underlined like a link) and all of the newest articles will appear in the right pane. It's that simple.

Bloglines also has a number of tools to help make adding sites easier for you. For those who do not want to install Firefox or dedicated newsreader software, Bloglines may be right for you.

Read more!

Googlefight

We all get links from friends and acquaintances about the latest interesting or amusing web site, and typically they take about 20 seconds out of our valuable lives. Well here is another one that actually demonstrates some usefulness.

Many people try a "vanity search", that is, they go to their favourite search engine and type in their name to see how many hits they get. Googlefight takes this one step further and allows you to compare the results of two searches simultaneously. For instance, if you type in the name of two famous boxers, "ali" and "tyson", you'll see who wins. Try it with your own name and someone you know.

This brings up an interesting subject as well regarding information security and privacy. Why is your name out there? What other personal information about you might exist somewhere on the Internet? It might be worth your while to do a vanity search on a popular search engine like Google (try putting quotes around your full name) to see if anything personal is revealed about you.

Read more!