Unlist Your Number from TrueCaller today!

UPDATE July 18, 2013: Approximately 7 months after this article was published, there’s been news that the TrueCaller database has been hacked into by the so-called Syrian Electronic Army. Again, this highlights the need for users to be careful in the choosing the companies with whom they entrust their private data.

TrueCaller is a mobile app and online service that serves as a very large phonebook for reverse phone number lookups. It can be used to augment your own phone’s contact list in your iOS, Android, Windows Phone, Symbian, or BlackBerry device, helping you let know the names of unknown callers. You can test to see which of your or your friends’ numbers are available in their database at www.truecaller.com.

How does it work?

TrueCaller claims to source the caller information present in their database partly from public directories, and partly from “crowdsourced” data.

However, when I checked, their data didn’t seem to come from public directories. I began searching for my friends’ landline and mobile numbers and those of my own as well, and noted a few interesting things:

  1. Sometimes somebody else’s name would prop up. This would probably be a previous owner, or the former name of the person in case of a name change.
  2. Sometimes the company name would be suffixed or prefixed to the name.

This definitely seems to be populated from contact lists of users.

TrueCaller seems to stop here – it doesn’t, for example, seem to retrieve or store users’ locations. Also, it doesn’t support searching by name – you can only search by number. However, what TrueCaller does reveal is still bad enough, and has actually made many users unhappy, as you can see in a Quora thread on this subject.

Removing your Number

Luckily, fixing this privacy issue turns out to be easy. Head over to Unlist your Phone Number to request an automatic unlisting of your number. It took a few hours for my numbers to get unlisted, and I heaved a sigh of relief after that.

SiliconIndia Stealing Content from Lighthouse Insights: Livebloggers Battle the Scourge of Plagiarism

Just under a day ago, I found an appalling phenomenon in my Facebook timeline – A leading online technology magazine focussing on the Indian domain, SiliconIndia, was caught stealing portions of a recent interview published by rising social media blog Lighthouse Insights.

Lighthouse Insights was started in late 2010 by Prasant and Vinaya Naidu with the aim of bonding the community of social media users. I first met Prasant at a meet-up in Pune, and instantly liked the knowledge he had built on the social media scene in India.

You can read the complete account of the theft in one of their posts.

Do News Sites Have the Liberty to Steal?

When the founders of Lighthouse Insights confronted SiliconIndia on Twitter, an incredibly shocking explanation appeared: Plagiarism            

Only the most juvenile of writers could possibly put up such an explanation; I had to remind myself that this was emerging from a well-established media organization that has been around since 1997. The tweet was subsequently deleted, but it was too late as it was retweeted several times and its screenshot began to float around on Facebook.

The founders of Lighthouse Insights decided to battle it out on Twitter to expose the high-profile content thieves after appeals to their CEO and content managers fell on deaf ears. The complete blow-by-blow description of the fight has now appeared in a new blog post on their site.

The battle-cry hashtag #OccupySiliconIndia began to pick up momentum during the early part of the 14th of August, and hit the list of top ten trending hashtags in India by evening. That forced SiliconIndia to sit up and take notice, offering Lighthouse Insights either of two options, of providing due credit, or removing the copied post completely.

The result? The offending post vanished while supporters of the campaign continued discussing possible outcomes. The fight isn’t over; after receiving a bloody nose, SiliconIndia have simply disappeared from the scene instead of announcing an unconditional public apology for the theft and the subsequent distress caused to ardent followers of an insightful new social media blog.

The Scourge of Plagiarism and the Hope from Social Media

Plagiarism has been a perpetual enemy for writers and publishers ever since the introduction of the printing press in the Middle Ages. The matter has become much worse with the arrival of the Information Age, now that just a few keystrokes and mouse-clicks are all that one needs to lift thoroughly-researched material and claim its ownership.

Many web publishers conscious of the lurking thieves invest a significant amount of their time in filing Digital Millenium Copyright Act (DMCA) reports to get Google to de-index plagiarised content, but the cat-and-mouse game continues. Even when such reports are not filed or delayed, search engines are sophisticated enough to ascertain the real thieves. Unfortunately, webmasters may end up on the losing side when their sites are restructured or migrated to new domains, since such changes can confuse search engines.

The Wrath of the Connected World

Will social media come to our rescue? The signs are positive, with the victory of #OccupySiliconIndia – even after SiliconIndia decides to undertake major damage-control exercises, Lighthouse Insights is likely to present this story as one of the most potent case studies showcasing the vast power of social media. Publishers, no matter how big or small, must now realize the importance of original content and think twice before facing the wrath of the masses in a connected world.

What are your thoughts about the battle against plagiarism? Please feel free to use the comment form below and speak your mind!

6 Ways to Defend Yourself Against Viruses and Malware

Which virus protection is the best?

Well, to protect yourself against malicious software, the six defensive ways detailed below can work better than the best anti-virus software left to act alone.

1) Be aware of virus symptoms, and attack vectors

This piece of advice might sound something beyond the realm of non-techies. However, non-techies had to learn how to use computers anyway, and learning a little about the basics of viruses won’t hurt. The information contained in this article is a good start.

(i) Be wary of suspicious, new process names in the list of running processes

Sometimes these processes have the same names as legitimate ones to disguise themselves (svchost.exe is an example). Sometimes they have similar names, like svvchost.exe and _services.exe (the legitimate ones have the names svchost.exe and services.exe). The username that’s running the process sometimes gives an indication of whether it’s a legitimate system process or not – a virus usually runs under the currently logged-in user’s name. If you’re a power user, you’d want to use Process Explorer, which will allow you to dive in more deeply when inspecting processes, such as figuring out which exact executable on the file system is responsible for the running process.

(ii) Emails from your friend may not have been actually sent by them

Be wary of opening email attachments, unless you were expecting them – even seemingly innocuous video files could cause your data to disappear. Take your precautions even when the attachment is expected – the anti-virus scanners embedded with the popular email providers provide a good defense.

On a similar note, be careful when downloading files randomly from the Internet. Executable (.exe or .com on Windows) files are the ones that can cause most harm.

(iii) Do not leave the Windows’ auto-run option enabled for portable drives

Auto-run has long been one of the most popular ways in which viruses spread – ensure that you keep it disabled. Never, ever, trust a portable drive that had been previously inserted into a machine that you don’t own, even if it has an anti-virus. Use your anti-virus to scan data that has arrived from external sources. Viruses won’t usually spread through text editors, so you can use these if you’re just inspecting simple files and don’t have an anti-virus at hand.

(iv) Watch out for typical virus symptoms, and gear up to protect yourself

These include:

  1. Access disabled to Task Manager, the Registry Editor1, or msconfig2.
  2. Spikes in CPU or GPU usage – these can be observed either through monitoring tools, such as the Task Manager for the CPU, or GPU-Z for the GPU, or by noticing the hardware fans spinning faster when there is no processor intensive program running.

A good tactic is to run anti-virus scans, preferably from outside your OS, such a Live CD, whenever you detect suspicious activity. Live CDs allow you to boot into them without having to load your OS, which might end up running the virus before any anti-virus can take effect (assuming that the anti-virus failed to detect the malware when it loaded itself onto the machine). Bitdefender Rescue CD is one such option. In addition to regular viruses, Bitdefender scans for rootkits – malware that reside deep within the core of the OS, evading detection while carrying out malicious activity.

(v) Safe online banking

Most Linux distributions, including Ubuntu, support booting from a Live CD and are great for providing added protection when banking online, since viruses cannot write to these disks permanently. Live CDs offer no compromise when it comes to your online browsing experience. These Linux distributions can also be installed on bootable USB sticks.

2) Choose to manually enable the running of plugins in your browser

Chrome and Firefox have the option of enabling “Click to Play” for plugins (i.e. either Flash or Java) within websites so that they run each time only with your permission which you provide by clicking on the area of the page in which . This will help prevent drive-by attacks from malicious code embedded in such plugins, which are almost always hidden from view, or use some sort of social engineering to trick users into downloading malware.

In Chrome, copy and paste chrome://chrome/settings/content into your address bar, and choose “Click to play” under “Plugins”.

Chrome Plugin Settings

In Firefox, go to about:plugins, and turn on the plugins.click_to_play option.

3) Update your OS, focusing on the security updates

They are called “security” for a reason. This is especially important for the Windows OS. Because of Windows’ popularity, hackers have been known to target security holes in Windows on unpatched machines by studying the fixes Microsoft sends out. This is becoming true even for Mac’s OS X; the recent Java malware is an example –though Apple actually released the update and fix after the Trojan was out in the wild. A Windows example: If you updated before Sasser arrived, you’d be 100% secure.

4) Use a firewall

This doesn’t offer much more protection from Internet worms than a NAT, but will be useful if you connect your laptop to a public network. It will also protect yourself from infected machines on your own network. A firewall would protect you from Sasser even if you didn’t install security updates at the time, and would offer partial protection against MSBlast.

While the built-in Windows Firewall provides decent protection, you could try out third-party solutions like ZoneAlarm for better control over what moves in and out of your computer.

5) Use an Anti-virus

This is important, but you must know where it stands – it cannot protect you against everything. In fact, most people skip it on the Mac and Linux, though it’s always recommended for Windows. Remember, you are worse off if you use an anti-virus but don’t know how viruses work.

I bet if you brush up your knowledge of viruses and run Windows without an anti-virus, you’d be infected fewer times than a noob running an anti-virus on a Windows and not knowing a thing about viruses. Anti-virus software are perfect if you realize that they work best for protecting against viruses that the software already knows about, and not so good at protecting new ones.

6) Backups

Whatever precautions you take, you might still lose the fight. Always ensure that you have important data backed-up, so that you can easily restore it in the case of an infection.

Even if there was no danger of infection, backups come in handy in the case of hardware failure, for which you should be prepared for anytime.

Footnotes

  1. ^The Registry is a database of configuration settings and options related to the Microsoft Windows operating systems. It can be accessed by pressing Ctrl+R, typing regedit.exe and pressing Enter
  2. ^MSConfig is a Microsoft Windows utility you can use to troubleshoot issues related to processes that are loaded on startup. Viruses often register themselves to start up automatically – you can remove the easier ones using msconfig or by editing the registry.

Converting Multiple VMDK (Virtual Machine Disk) files into one

To convert multiple VMDKs into a single file, I used the following command (LinuxVM.vmdk is the name of the first VMDK file – i.e. the one attached to the VM):

$ vmware-vdiskmanager -r LinuxVM.vmdk -t 0 LinuxVMSingleDisk.vmdk

Note that vmware-vdiskmanager is bundled as part of VMware Workstation. I couldn’t locate that as a separate download, so I ended up downloading the trial version of Workstation.

The above operation takes a while, but not too long. It shows its progress as it completes.

Next, I had to modify the VM settings so that it would use the new disk. I couldn’t find this option in the GUI, so I had to modify the vmx file manually (use an appropriate editor on a Windows system):

$ vi LinuxVM.vmx

I modified the scsi0:0.fileName property to point to the new disk:

scsi0:0.fileName = "LinuxVMSingleDisk.vmdk"

Next, I double checked the VM settings in the GUI to check if the disk had changed, and then booted it up to confirm everything is fine. I then deleted all the old, multiple vmdk files.

The Motivation for Doing This

I’d been using a few heavy applications in my VM: an HTTP server, an Application Server behind it running a couple of large applications, and a database. When doing intensive work, my hard disk would make grinding noises and my Ubuntu host would suddenly exit to the login screen. I’d lose all data in my current session, though oddly, some background applications would continue to run.

So I decided to implement VMware’s suggestion to use a single file for better performance:

VMware Workstation - Creating a virtual disk

Did it really work? The host did crash once, but that was when another heavy application was running on the host itself. In my entirely subjective assessment, I do think there’s been an improvement in performance – though I still need to be a little careful with certain applications.