James Kendrick, one of the bloggers at jkontherun.com, recently wrote: "Mobile computer users will tell you that the number one need they have is for sufficient battery power." There are a few ways laptop computer users can get more battery power for their computers:
- Buy a larger battery designed specifically for your computer. When buying many, if not most, laptop computers, you should have a choice of batteries. Higher-capacity batteries are physically bigger, cost more, and may very well protrude either vertically or horizontally.
- If you find you need more power for a laptop computer you already own, you can buy a second battery. One downside to this approach is that the computer has to be powered off to switch batteries. Then too, there are safety concerns when carrying around an internal battery.
- Yet another option involves an external battery pack that plugs into the same port on the laptop that the AC power cord does.
If you are interested in buying an internal battery, either to have as a spare when traveling or simply to replace a dying one, then check out "Cheap laptop batteries: Good deal or risky business?" by Brian Nadel of Computerworld. As Nadel explains it:
"There are two basic types of notebook batteries: the brand-name batteries that the manufacturer sells and the aftermarket batteries that are available from third-party resellers -- often for a significantly lower price ... We all want to save money, but not if it puts our notebooks at risk. Buying an aftermarket battery often goes against the advice of laptop manufacturers, and in some cases can even void the warranty. Is it worth it to save a few bucks?"
He tested three replacement batteries for a MacBook Pro and another three for a ThinkPad R50. His conclusion? "The aftermarket replacements proved to be just as good and reliable as the originals." That said, there is a big difference in aftermarket batteries; the article offers buying tips.
One issue with having two batteries is that only one can be charging at a time. But, every problem is a marketing opportunity, and a recent posting at Liliputing describes chargers you can buy for an Asus Eee PC that let you externally charge an internal battery.
In "External battery packs can power that notebook for hours", Kendrick discusses his experiences. In brief, external batteries offer a lot of power but at a price. As for power, he says they "can power most laptops for 8-10 hours." As for price, the two companies he mentions offer models priced at $200 and $300. Not cheap, but as Kendrick says, when you need them you really need them.
See a summary of all my Defensive Computing postings.
There is a common defensive computing thread in two recent stories.
In the first story, Newsweek reports that both presidential candidates had their campaign computers hacked from afar. As they put it:
The computer systems of both the Obama and McCain campaigns were victims of a sophisticated cyberattack by an unknown "foreign entity," prompting a federal investigation, both the FBI and the Secret Service came to the campaign with an ominous warning: "You have a problem way bigger than what you understand," an agent told Obama's team. "You have been compromised, and a serious amount of files have been loaded off your system." ... Officials at the FBI and the White House told the Obama campaign that they believed a foreign entity or organization sought to gather information... "
The second story involves a former Intel employee who allegedly stole trade secrets. As CNET's Stephanie Condon writes, the employee resigned, yet continued on the Intel payroll for a few weeks (perhaps working off vacation time). During this transition period, he started working for Intel rival AMD, yet he remained in possession of his Intel laptop and still had access to Intel's computer network. The FBI later found him in possession of "top secret" Intel files worth more than $1 billion in research and development costs.
The lesson is clear. If you have really valuable or sensitive files, don't make them remotely accessible. Cut the wire. Some files should never be available off-site.
If this means buying a new computer just to hold really sensitive files, it's money well spent.
A couple years ago, I heard someone from the hacker group 2600 give out this same advice on their radio show, Off The Hook. It made sense back then and makes even more sense now.
Windows passwords are easily hacked. Instead of relying on a Windows password for local physical security, set both a power-on password and, if the computer supports it, a hard disk password. Whole disk encryption is another option, but one that involves much more work to implement.
If you put sensitive files on a laptop computer, then consider storing it in a safe when not in use. If you have a small safe, get a small laptop or a Netbook.
Laptops need more than just cutting the Ethernet wire. To begin with, turn off the Wi-Fi radio (there is probably a switch or a function key for this). If the laptop has Bluetooth, physically turn that off too.
Then, turn off the networking features in the operating system.
On Windows, turn off file sharing for every network adapter and turn off every network protocol. Then, disable all the network adapters.
Finally, disable the underlying Windows services that handle networking. On Windows XP this would be: Wireless Zero Configuration, Server, Computer Browser, Workstation and SSDP Discovery. Then since, the machine will be off-line forever, there are quite a few other Windows XP services that won't be needed and can be disabled: Automatic Updates, Distributed Link Tracking Client, Distributed Transaction Coordinator, Net Logon, NetMeeting Remote Desktop Sharing, Network DDE, Network DDE DSDM, Network Location Awareness (NLA), Network Provisioning Service, Remote Desktop Help Session Manager, Remote Registry and WebClient. The laptop I'm writing this on also has an Infrared Monitor service. I don't know what it's for, but I keep it disabled.
All told, this isn't much work and doesn't involve much expense. Yet, it's great insurance and can leave your sensitive files better defended than those at Intel and each presidential campaign.
See a summary of all my Defensive Computing postings.
If you are in the market for a Netbook computer there are many decisions to be made. The pictures here may help with a couple of them. Shown below are an Acer Aspire One and an Asus Eee PC 1000.
The Acer Aspire One (left) and the Asus Eee PC (right)
The machines are as different as any two Netbooks can be. The Acer runs Windows XP, the Asus runs Linux. The Asus has an SSD, the Acer a traditional hard disk. The Asus supports Wi-Fi N, the Acer doesn't. The smaller Acer machine has a weaker battery and was significantly cheaper.
But the picture above points out other differences (see a larger version of the picture).
The smaller Acer has a 9-inch screen, the larger Asus is 10 inches (approximately). Measuring the other sides of the triangle, the Acer screen is (approximately) 7.5 by 4.5 inches, whereas the Asus screen is 8.5 by 5 inches. Both screens have the all-but standard Netbook resolution of 1024 x 600, which means that everything is just a bit bigger and easier to see on the Asus machine.
... Read moreI just got a Lenovo S10 Netbook computer and couldn't have been more enthusiastic about kicking the tires. As I've written before, I think Netbooks will be very big, and this was to be my first.
So this posting should have been a first look. I should be offering my opinion on whether the keyboard is too small, what it's like to use Windows XP on such a small screen, and how hot the thing gets. But I didn't get that far.
After a delay in getting the machine the box arrived all beat up. Not unusual, of course, but computers are normally so well packaged that it doesn't matter. Not this time.
My first impression was that the box had been opened in transit; two sides weren't sealed at all. As you can see below, a golf ball easily fit in the open sides of the box.
The golf ball points up three problems:
- Something could have fallen out or been purposely removed during shipping.
- The cardboard was thin, closer to a manila envelope than something protective.
- It didn't appear that the box had been vandalized, rather two sides were never sealed in the first place.
In a nutshell, the contents were not well protected in transit.
As I examined the box and turned it over, stuff was rattling inside. I've had more than my fair share of computers mailed to me, and never before did a box arrive with stuff rattling around inside.
I removed the 4-inch strip of tape that held the outside box closed and found the computer and a white box inside as shown below.
The white interior box was the source of the rattling. As you can see in the picture below, the battery and the AC adapter are together in the box and neither was covered. There was a plastic bag in the box, but it wasn't wrapped around anything.
That Lenovo would ship a battery in a plastic bag without cushioning is, to me, poor judgment--a corner that should not have been cut. That Lenovo would ship the battery without the plastic bag actually covering the thing is poor quality control.
Am I overreacting? After all, it's a $400 laptop. Perhaps, but lithium-ion batteries are a well-known fire hazard. In normal use I'm sure they are safe, but one mistake that you can make with a lithium-ion battery is banging it. According to PC Pitstop:
There are numerous conditions where these fires can occur in real life. Faulty battery packs (driving the recalls), faulty protection circuits inside the PC, exposure to excessive heat, and blunt force are some of the major ways that this could happen to you.
Shipping an unprotected, unwrapped battery right next to a hard object is risking "blunt force."
The Department of Transportation no longer allows lithium-ion batteries in checked baggage when flying. As for carry-on bags they say that "you may still carry any number of some types of lithium batteries, such as the ones used in cell phones and most laptop computers, provided you take measures to protect terminals." Why the different policies for checked vs. carry-on bags? "In the passenger compartment, flight crews can better monitor safety conditions to prevent an incident, and can access fire extinguishers, if an incident does happen."
To further illustrate the danger, the Department of Transportation offers these suggestions for flying with a loose lithium-ion battery:
- Place tape across the battery's contacts to isolate terminals. Isolating terminals prevents short-circuiting.
- If original packaging is not available, effectively insulate battery terminals by isolating spare batteries from contact with other batteries and metal. Place each battery in its own protective case, plastic bag, or package. Do not permit a loose battery to come in contact with metal objects, such as coins, keys, or jewelry.
- Take steps to prevent crushing, puncturing, or putting a high degree of pressure on the battery, as this can cause an internal short-circuit, resulting in overheating.
As for the S10 itself, I never removed the plastic covering the computer. It's going back.
As I was deciding whether to keep the computer or not, Lenovo e-mailed a receipt for the purchase. The receipt arrived a couple days after the computer arrived, and eight days after the initial order. There was a link in the e-mail message (www.lenovo.com/products/us/returns) for how to return a purchase, but it's broken. Instead of the return policy, the link results in "There were no items matching your search." This is on top of the shipping delay because UPS said there was no label on the box.
Lenovo ThinkPads have an excellent reputation, but an IdeaPad is not a ThinkPad. The S10, in particular, is a whole new product category, one for which there is no pre-existing reputation. So things boil down to confidence and Lenovo did not inspire confidence.
My next hassle is trying to convince Lenovo not to charge me the $60 restocking fee. If you're thinking of buying a Lenovo computer, be aware that machines sold on their Web site are subject to a 15 percent restocking fee. You may be better off at a local retailer with a more liberal return policy.
Update: Unboxing other Netbooks
- The Dell Mini 9 comes wrapped in heavy cardboard and seems to have the battery already inserted.
- The battery for the MSI Wind U90 ships in plastic bubble-wrap. The computer itself comes in box inside another box.
- The Acer Aspire One battery is wrapped in plastic and seems cushioned by cardboard to keep it from moving in transit (2 minutes, 10 seconds into video).
- Laptop magazine got a very early copy of the Lenovo S10 and unboxed it on video. First point they made was that it might not be the final retail boxing. Still, their battery, like mine, shipped naked.
- Brand Linder at Liliputing did an unboxing video of the Asus Eee PC 100H. It shipped as a box within a box and the battery was protected by plastic bubble-wrap.
See a summary of all my Defensive Computing postings.
I've been watching the new category of small cheap laptop computers since they first came out. Watching, but not buying. The time, however, may have come to take the plunge.
One of the few Netbooks* I've actually used was the first Asus EEE. It was an amazing machine, small, cheap, light, sturdy and reasonably fast. It sparked my interest in the emerging new hardware category. But, it wasn't amazing enough to get me to buy it. The keyboard and the screen were just too small.
The flood of subsequent Netbook models have all seemed to have a fatal flaw, to me at least.
Sometimes the flaw was the operating system. I can't understand why every hardware company feels the need to create a customized version of Linux. What's wrong with the popular distros? Then too, some of these underpowered laptops ship with Vista, which, to me, is a mistake on multiple levels.
Often, the flaw is the price. A big part of the appeal of the original Asus EEE was the low price. HP is perhaps the biggest offender here, their Mini-Note 2133 KR948UT came out at $949 and just had its price reduced to $789.
Sometimes the flaw was the processor. From what I've read, waiting for the Atom processor was the way to go. This ruled out a slew of early models, but now there are many Atom based models to chose from.
In part the flaws probably stemmed from the hardware manufacturers not understanding their target audience.
In July, I attended The Last HOPE hacker conference where I was surrounded not only by techies, but by many ultra small, ultra light laptop computers. At one point someone sitting next to me was using an Asus EEE to sniff the WiFi traffic in the room. That machine certainly wasn't running the factory-installed operating system.
Sometimes the flaw is the hard disk. I long for a laptop that can be bounced around while running without risking severe damage to the hard disk. In other words, I'd prefer a solid state hard disk (SSD) rather than a traditional rotating platter model.
But hardware vendors seem married to the idea that more storage is better than less storage. When the incremental cost is trivial, this may be true, but SSDs are expensive. Thus large capacity SSDs come with large price tags. Here too, I think they mis-judged their audience.
A Netbook class machine is often a second computer rather than a primary one. Thus, it doesn't need gobs of gigabytes. Six or eight gigabytes would be fine by me. Anyone needing more storage space should be able to stick a memory card inside the machine. Those of us looking for a secondary machine shouldn't be burdened with features meant for a primary computer.
I'm not the only one struggling to pick a specific machine. In Building the perfect Netbook CNETer Dan Ackerman says "... we found that none of these Netbooks hit all the benchmarks we were looking for-- some were underpowered, some had terrible batteries, and others simply cost too much for what should be almost an impulse purchase."
So where does that leave those of us trying to settle on a particular cheap, small, light-weight secondary computer?
On paper, I agree with CNET's recommendation of the Acer Aspire One as the best combination of features and prices. I say "on paper" because I haven't actually used one. The new Lenovo Netbooks may be even better, but they are not yet available.
The problem with the Aspire One is picking a model, each entails compromises. More on that next time.
See a summary of all my Defensive Computing postings.
If there were ever a place for Defensive Computing, it's at a hacker conference.
So while attending the Last HOPE conference, a number of my previous postings came to mind.
First, there was the list of available Wi-Fi networks (see below) at the conference which, at times, showed four computer-to-computer networks (using the Windows XP terminology). These networks, also known as ad-hoc networks, are not governed by a router. While they may be set up on purpose, they are more likely to be accidental creations on the part of nontechnical computer users, or a purposeful trap set by someone with ill intentions. I wrote about this back in May. (See "A warning about 'free' public Wi-Fi.")
Everyone knows not to send anything sensitive, such as a password, over a wireless network. At a hacker convention, even a wired Ethernet connection to the outside world should be treated with caution. Not to pick on hackers, at any convention or at any hotel, a wired Ethernet connection deserves the same caution as a public wireless network. Back in January, I wrote that "wired connections to the Internet in a hotel are not, by their very nature, more secure than wireless connections." (See Ethernet connections in a hotel room are not secure.)
What to do? Rent a personal VPN.
The classic use for a VPN is an employee of a company using it to make a secure, encrypted connection to the office. But someone without a corporation, can rent a VPN that offers a secure connection to the VPN provider. Once data gets to the VPN company, it is dumped, unencrypted, on the Internet with everything else. The point is to encrypt everything coming into and out of your computer to protect it from any local bad guys.
The downside is speed. The speed test at Speakeasy.net showed that while I was connected to my VPN, the speed dropped by over half compared to using the Internet in an unprotected way.
The laptop I had with me was running the Online Armor firewall instead of ZoneAlarm, and as I noted a few days ago, I really missed not being able to see a log of intrusion attempts on my machine. At home, behind a router on my personal LAN, this isn't very interesting. But at a hacker conference, using a shared Wi-Fi network, it would have been fascinating to see who, if anyone, was knocking on my virtual door.
Something easily overlooked when connecting to public networks is file and printer sharing. While it's not the be all and end all, you're safer with it turned off. Windows XP users can find this with Control Panel -> Network Connections -> Properties of the network connection (you may want to do this for both wired and wireless networks) -> General tab -> checkbox for "File and Printer Sharing for Microsoft Networks."
Another easily forgotten protection involves turning off the wireless radio when you are not using it. This goes beyond the obvious issue of disconnecting from a public Wi-Fi network when you don't need it. There was a case where, due to a bug in some driver software, a computer could be hacked even when it was not logically connected to any network. All that was needed was for the Wi-Fi radio to be physically turned on. Plus, turning off the radio saves battery power.
Some laptops have a physical switch that turns off the radio. ThinkPads use Function-F5. As a last resort, Windows XP users can disable the Wi-Fi network. In my experience, that also turned off the radio.
Update July 19: Added topics on file and printer sharing and turning off the radio--thus proving, they are easily forgotten.
See a summary of all my Defensive Computing postings.
Not long ago, I purchased a Netgear WGR614 wireless G router. It's a new router and the G flavor of Wi-Fi is relatively mature so I didn't expect any problems. Silly me.
I set up the wireless network to use WPA-PSK-TKIP and connected to it just fine from my Windows XP laptop. A relative came over and their Windows XP laptop also connected to the Wi-Fi network. But, a few days later a third person tried it and their Windows XP laptop, a ThinkPad T60, refused to make a connection.
Perhaps, the vendor software managing the network connection was at fault. The first two machines had used Windows XP to handle the wireless connection. Nope. Even with Windows XP in charge of connecting, the T60 refused to get with the program. I turned off the software firewall and verified the router was using the latest firmware (which was version 9). I even turned off the firewall in the router. In the end, nothing helped and I had to switch routers.
(Credit:
Netgear)
Now, days later, I get to finish debugging this. It turns out, the problematic T60 laptop does Wi-Fi just fine. Using the vendor supplied software, and with the firewall running, it connects to WiFi G routers from both Linksys and Belkin. Then, we try the Netgear WGR614 again, and it refuses to connect.
So, the Netgear router talks to two laptops just fine but not to the T60 ThinkPad. The T60 ThinkPad talks to two WiFi routers just fine, but not the Netgear router.
Go figure.
Last week, I set up a wireless network for a client. It worked fine for a couple days and then nothing. I'm on the phone with the client checking this and checking that, both from the wireless computer and from a wired computer connected to the same router. Some things are working, some aren't, I'm struggling to get a handle on the problem. And then, the network is working. Mind you, we didn't change anything. Like a petulant child, the network just decided to start working. Much like it decided to stop working. My best guess is some type of local radio interference.
One thing we tried was verifying the password for the network, which was also Wi-Fi G with WPA-PSK-TKIP. Rather than have the client login to the router and try to find the sub-sub section where the password is, I had them purposely enter an invalid password. I wanted to see the error message you get, figuring the lack on an error message meant the password hadn't changed. This was on a Windows XP machine using Windows to control the wireless network.
There is no error message.
Thinking that something must be wrong, I verified this on another XP machine on another network. Sure enough, if you login to a WPA-PSK-TKIP network with the wrong password, Microsoft doesn't see fit to issue any error message at all.
I hate Wi-Fi.
See a summary of all my Defensive Computing postings.
I recently found myself in an airport terminal with a laptop and time to kill. Not knowing what the Wi-Fi options were, I let Windows XP search for available wireless networks. As you can see below, one of the networks was called "Free Public WiFi". If this happens to you, don't connect to a network like this.
The first two networks are each labeled "Unsecured wireless network". Fine. But the Free Public WiFi network is described by Windows as an "Unsecured computer-to-computer network". As the name implies, this network connects to a computer run by a total stranger somewhere nearby in the terminal.
Normally, wireless networks are created, run, and governed by a router. But, two Wi-Fi-enabled computers can talk directly to each other without the need for a router-based network. Another term for this type of network is "ad-hoc". Personally, I've never needed or used an ad-hoc computer-to-computer network.
How unusual are computer-to-computer networks? I live in Manhattan, surrounded by large apartment buildings. At home, my laptop picks up 28 wireless networks. Not one of them is a computer-to-computer network.
Why would someone set up a computer-to-computer network in an airport terminal? Most likely, it is good for them and bad for you. For one thing, the network name seems a bit too obvious. Who, in an airport terminal, doesn't want free public Wi-Fi? It's like asking a child if they want candy.
I always configure laptops to only connect to router-based networks and suggest you do so, too. Windows XP has a configuration option, shown below, that controls the type of networks it talks to.
You get to this window with: Control Panel -> Network Connections -> Wireless Networks tab -> Advanced button. Router based networks are referred to as "infrastructure" or "access point" networks.
Knowing that my laptop wouldn't connect to an ad-hoc network, I tried it anyway. The result is the warning shown below.
Unfortunately, lots of software competes to control the Wi-Fi connection on laptop computers. In the examples above, Windows XP was controlling the network. Your laptop may have software from the company that made the computer controlling the wireless network. Or, your Wi-Fi environment may be controlled by software from the company that made the Wi-Fi adapter hardware or by an outside party altogether. This other software may or may not have an option to avoid computer-to-computer networks. If it doesn't, hopefully it will at least identify the type of network it detects.
Update May 14, 2008: For an explanation of where some of these computer-to-computer networks come from see Free Public WiFi SSID. The important point here is that when you are looking through the list of available wireless networks that you be on the lookout for ad-hoc computer-to-computer networks as opposed to normal, router-based (infrastructure) networks. If the software you use to scan for available networks does not indicate the type of network, you may want to use different software. As more people become aware of this particular network name, a bad guy may simply use another enticing name.
See a summary of all my Defensive Computing postings.
It seems that Michael Dell is breathing new life into his company.
A year ago, Dell was brave enough to backtrack on its Vista-only policy for consumer machines (Dell brings back XP on home systems). It also showed some independence from Microsoft by offering Linux to consumers. And again, Dell is innovating.
Fact 1: As of June 30, large computer manufacturers such as Dell and Hewlett-Packard can no longer offer Windows XP preinstalled on new computers, though Microsoft has said it would consider re-evaluating the deadline if there's enough customer demand.
Fact 2: Anyone who buys a copy of either the Business or Ultimate versions of Vista is entitled to also get Windows XP Professional.* Each computer manufacturer decides whether, or how, to implement this.
Until now, consumers who exercised their right to get XP Professional when they purchased Vista got a computer with Vista preinstalled and an XP image CD in the box (an image CD is very different from a retail Windows CD).
Dell's innovation? It will do the XP image installation for you. It may not sound like much, but the net result is that the computer leaves the factory with Windows XP Professional on it, rather than Vista.
Deadline? We don't need no stinkin' deadline.
Microsoft can't be happy about this, though a cynic would note that even though Dell computers leave the factory with XP on them, Microsoft can tally it as a sale for Vista.
It's an interesting power play between the two companies. Will other companies follow Dell or toe the Microsoft line?
According to Randy Copeland, president and CEO of Velocity Micro, after the June 30 deadline, all of its computers will ship with Vista preinstalled. The company will offer the XP Professional "downgrade" in the traditional way, by including an XP image CD in the box. Interestingly, each XP image CD will be mated to one, and only one, computer.
Dell has a Web page devoted to its new policy, Windows XP Availability, which notes that the last day to buy a computer with Windows XP preinstalled under the current rules is June 18. Afterward:
When selecting your operating system, you will see an option called "Genuine Windows® Vista Business BONUS" and "Genuine Windows Vista Ultimate BONUS." With these options, you may...have Dell factory install Windows XP Professional. You will also receive a backup media disc for Windows XP Professional, as well as the media for Windows Vista.
In other words, Dell provides optical discs for both XP and Vista, so you can change over at any time. This is not like Apple's Boot Camp, however; the computer can have only one operating installed on the hard disk at a time. But Dell provides technical support for both XP and Vista. Whether its tech support is worthwhile is another matter.
According to Infoworld, Dell will offer this new "buy Vista, get XP Pro preinstalled" service on some Latitude, OptiPlex, and Precision systems for free. It will also offer it on some Vostro and XPS systems for a small fee.
For more about getting Windows XP after the June 30 deadline, see my previous posting, Who's selling Windows XP in July?
*NOTE: Microsoft allows a "downgrade" only to XP Professional, not to the Home or Media Center editions. According to InfoWorld, large organizations with site licenses can "downgrade" from any version of Vista.
See a summary of all my Defensive Computing postings.
Defensively speaking, anyone using a public WiFi hotspot should employ Virtual Private Network (VPN) software to encrypt all traffic/data traveling over the airwaves. Less obviously dangerous, but equally snoopable, are wired Ethernet connections to the Internet in hotel rooms. I wrote about the dangers in hotels last month, see Defending against insecure hotel networks with a VPN.
If you work for a large company, you may already be using VPN software to make an encrypted connection to the home office. Many of you however, need it and don't use it.
Yesterday I briefly described the VPN services, and related costs, from two companies, WiTopia and HotSpotVPN (see More about VPNs: Price and Trust). The head of each company made long comments on yesterdays posting. Since they raise important points, I'm re-publishing them here.
Glynn Taylor of HotSpotVPN
Below is Glynn's comment, unedited.
My name is Glynn Taylor and I'm the founder of HotSpotVPN and WiFiConsulting, inc. I'd like to expand upon my rather terse reply above.
Trust is one of the most important things in the security business. Our privacy policy consists of some strong simple statements that we have stood by for five years. We pledge that we will not sell, share, trade, disclose or rent any of your information to others. We also state that we will not record, sniff, scan or view any HotSpotVPN user's Internet traffic. Beware any VPN vendor that will use your information for other purposes.
Price: We have many more features than any of our competitors and this leads to higher costs in our infrastructure. It also leads to the most safe flexible and usable VPN service available. We use the service ourselves so we built it with everything we wanted it to have.
TunnelGuardian: HotSpotVPN is more than just a VPN. We have software running in our infrastructure that will proactively block malware and optionally block all on-line advertisements from getting to the client's computer. In low bandwidth situations the ad-blocking speeds up the surfing experience. Most importantly on-line ads served through reputable ad agencies can be used to load Trojans and viruses onto a computer. Ad blocking prevents this attack vector from being used against our users.
Most Flexible: With HotSpotVPN2 you have a choice of ports to use and you can switch from tcp to udp protocols. We default to tcp on port 443 so if a browser on a https session works, the vpn will work. You can also change to the udp protocol which provides much better voip streaming video and audio than tcp.
Our servers are spread out across the country so you can choose the servers closest to you to minimize latency. If you are in Europe you would use our east coast servers, in Asia, our west coast servers. It makes a big difference. I have used the service from China, New Zealand and Europe over the last year and this is very important.
Bandwidth: Our goal is to provide quality service to our users without having to throttle their bandwidth down to annoying levels. We have succeeded in this and are actually adding another 1.2 Gigabits during the next change control window (about a week from now).
Thank you.
GT
Bill Bullock of WiTopia
Below is the un-edited reply from Bill Bullock, President of WiTopia.
Hi. This is Bill Bullock from WiTopia. Glynn raises some additional points in his amendment that I feel should be addressed just so they are not misleading. Not that Glynn meant to mislead in promoting his service. I would like to give credit where credit is due, but clarify that we do not charge less because we "skimp" in the areas mentioned.
Glynn said: We pledge that we will not sell, share, trade, disclose or rent any of your information to others. We also state that we will not record, sniff, scan or view any HotSpotVPN user's Internet traffic. Beware any VPN vendor that will use your information for other purposes.
Reply:
Same with WiTopia as governed by our privacy policy. We absolutely do not record or monitor customers' data, sites visited, etc. and also certainly do not share customer information with any third party. Again, we take the privacy aspect of the service deadly serious.
Glynn said: Price: We have many more features than any of our competitors and this leads to higher costs in our infrastructure. It also leads to the most safe flexible and usable VPN service available. We use the service ourselves so we built it with everything we wanted it to have.
Reply:
Yes. We use our own service too. :) I think words like "most" may be misunderstood. I don't believe any VPN provider (or any network service) can accurately claim "most usable," "most safe," "most flexible." We have comprehensive security and usability features in place. Some simply keep "bad guys" off the service, thwart attacks, and enforce solid security policy, and some are convenience such as providing zero-config SMTP relays, certificate regenerators, etc. This gets into network design elements and "secret sauce" that would likely be quite boring to most people. Again, I would sincerely hope both services have serious networking expertise behind them.
Glynn said: TunnelGuardian: HotSpotVPN is more than just a VPN. We have software running in our infrastructure that will proactively block malware and optionally block all on-line advertisements from getting to the client's computer. In low bandwidth situations the ad-blocking speeds up the surfing experience. Most importantly on-line ads served through reputable ad agencies can be used to load Trojans and viruses onto a computer. Ad blocking prevents this attack vector from being used against our users.
Reply:
I have a legitimate question on TunnelGuardian, but HSVPN may have a great answer. Don't know. It sounds like a neat feature if you think ads are slowing your connection.
Here's the question: To deliver the TunnelGuardian service, wouldn't HotspotVPN have to inspect the html code before encrypting it to block malware, on-line ads, etc.? Wouldn't the traffic have to be scanned?
Glynn said: Most Flexible: With HotSpotVPN2 you have a choice of ports to use and you can switch from tcp to udp protocols. We default to tcp on port 443 so if a browser on a https session works, the vpn will work. You can also change to the udp protocol which provides much better voip streaming video and audio than tcp.
Reply:
OK. again with the "most" stuff. :) We will soon allow customers to "customize" on the client side and choose different ports, etc. We optimized a standard configuration/bundle which would suit the needs of most everyone before we allowed customization. This ensures easier support, scaling, and allows us to offer a lower price to more people.
WiTopia's openVPN SSL service is optimized for video and VoIP (using udp) and we designed the PPTP to be more "scrappy" using tcp as its error-correcting ability is superior if there are network irregularities.
Glynn said: Our servers are spread out across the country so you can choose the servers closest to you to minimize latency. If you are in Europe you would use our east coast servers, in Asia, our west coast servers. It makes a big difference. I have used the service from China, New Zealand and Europe over the last year and this is very important.
Reply:
We do agree moving gateways closer to customers is a factor of performance so we have several spec'ed out to be deployed over the next quarter. Although, there are other factors... and from personal and customer experiences from all over the world, I'm not sure this matters as much as even we once thought. Improvements in routing, capacity, peering points etc. on the Internet have lessened the need for geographical proximity. Still, we'll be doing our rollout too. Purchasing shiny new gear.
Glynn said: Bandwidth: Our goal is to provide quality service to our users without having to throttle their bandwidth down to annoying levels. We have succeeded in this and are actually adding another 1.2 Gigabits during the next change control window (about a week from now).
Reply:
So I don't crash CNET's servers with my response, I'll just conclude with, we don't throttle any bandwidth whatsoever. Our only policy is if usage falls completely outside reasonable customer norms, e.g., you try to run a phone company over it, we have the right to be "unpleasant." Haven't had to do it yet!
A note about finding each company. HotSpotVPN is at hotspotvpn.com. The website hotspotvpn.org is from a competing company, one that I know nothing about. This competitor doesn't say anything about who they are, and doesn't even offer a physical address on the Contact Us page. Trust is part of the equation with VPN companies, so I would not consider using this competitor. WiTopia is at witopia.net. There is no website at witopia.com and if one shows up tomorrow it will not be from the VPN company, which does not, at the moment, own the .com domain name.
See a summary of all my Defensive Computing postings.
