WATCH Top 10 Worst Toys: What, Only 10?

Every year, the Boston consumer group World Against Toys Causing Harm (WATCH) puts out its top 10 list of worst toys to buy during the holiday season. The group had a lot to choose from this year, and settling on 10 seems, as The Consumerist notes, kind of pointless.

Still, the more information, the better for parents who are trying to find safe toys for their children, so the list is worth checking out. Top on the WATCH list (bringing it to 11 with this alert) is Aqua Dots, one of the most recently recalled toys of 2007, which saw 25 million toys under 70 brands recalled for safety issues, including lead paint and other toxic materials.

Aqua Dots, colored beads used in kids' craft projects, were found to contain toxic chemicals that convert to a dangerous date-rape drug when ingested. There have been at least two reports of children swallowing the beads and slipping into a temporary comatose state.

You'll find some familiar names on the list: a Dora the Explorer lamp, Go Diego Go Animal Rescue Boat, Jack Sparrow's Spinning Dagger, Spiderman 3 New Goblin Sword. But there are also some lesser-known toys, like Sticky Stones, magnetized iron ore stones that WATCH warns can be choking hazards.

Check out the full list on the WATCH web site, and proceed with care and caution down the toy aisles this holiday season.

Excel 2007 Stricken with Bizarre Calculation Bug

Front and center in any "working guy" software arsenal is Microsoft Excel, the spreadsheet that's become a de facto industry standard. Earlier this week, reports surfaced of a strange error in Excel 2007 which caused calculations involving the number 65,535 (and thereabouts) to return wildly inaccurate results.

You can try it for yourself in Excel by multiplying 850 by 77.1. Excel will return 100,000 instead of 65,535. Similar operations that should return 65,535 will also come back incorrect, and there's a problem with 65,536, too. The problem is only present in Excel 2007; earlier versions of Excel are not affected.

Microsoft has traced the problem back to a floating point issue and how results are displayed within a cell in Excel. Microsoft says the calculation is actually done correctly, it's just that when it comes time to show the result on screen, Excel chokes. For example, if you multiply that "100,000" above by 2 and put the answer in a new cell, you'll get 131,070, not 200,000. However, this isn't reliable either: Try adding one and you get 100,001, not 65,536.

Microsoft says a fix is on the way and is in the final stages of testing. I'll update this post when the patch is available; hopefully Windows Update will also push it down automatically.

Free Phone Calls... With a Catch

I've been sitting on this one for a few days, but finally have gotten around to writing about it. It's a doozy: A company called Pudding Media has launched a web-based phone system that lets you call any phone number in North America and talk for free, as long as you want. The catch: The company listens in on your call and serves up ads based on what you're talking about.

Pudding is a VOIP operator, much like Skype, so you have to use a computer and a microphone or headset to make your calls. That's critical to the Pudding experience, as the ads are delivered on your computer screen (rather than via commercial-like audio interruptions). Of course, it wouldn't make sense for a human to listen in on your call and push a button to send you an ad. Voice recognition software listens for keywords. An example cited by the New York Times says that Pudding could offer movie reviews and ads for films if you're talking about the latest blockbuster.

Pudding says it does not keep recordings or logs of call content, but that's little consolation to those who find this an egregious privacy violation. For its part, Pudding says this is no different than what Google does with Gmail, offering ads related to what people are emailing you about, and arguably with more of a paper trail than a telephone conversation.

But is it? There's something indescribably different about a phone conversation than an email. It's more intimate, more personal. I'd have trouble using Pudding's system for all but the most trivial of phone calls. Still, I'd also have no problem trying it out and getting an account in case of emergencies. (I'm currently on the waiting list to join the beta, which you can join as well at thepudding.com.)

Would you give Pudding a try? More than once? Are free phone calls worth it? Be careful how you answer: Pudding notes that people actually change what they're talking about based on what the ads delivered on screen are. That's a little spooky, if you ask me.

How to Secure the Data on Your Laptop

Reader Jessica writes: I am an in-house investigator (not law enforcement) looking for laptop safety software. I've read on some of the "hardcore" techie pages that I need specialized encryption software to keep emails and files safe when I'm on my home wireless network. I'm planning on getting the Dell XPS 1710 for the road and working from home and know that it comes with the basic security suite. However, I'd like to be able to recommend something I can use on the laptop to the firm as well. I can't seem to convince the head honchos that information security is a huge problem!

Securing the data on a laptop computer requires a multitude of applications. The good news is that you're probably already running many of them. Here's a rundown on what you need, and what each application actually does.

Antivirus - The first line of defense; you are probably quite familiar with tools like Norton, PC-cillin, McAfee, etc. I've written about free antivirus options here.

Anti-spyware - The second line of defense; spyware blockers protect you from the other half of the malware out there. Install both Spybot and AdAware; both are free. I've written on how to clean a spyware infection here.

Firewall - A firewall protects you against direct attacks over the internet. Unlike viruses and spyware, these attacks don't arrive via a carrier application. Often they are "denial of service" attacks, which aim to simply disable your computer altogether, as long as the attack continues. The best firewall is the one on your router, so make sure it's turned out. Also turn on the built-in Windows Firewall. It does a fine job. I don't bother with additional firewalls unless the security need is extreme. In that case, ZoneAlarm is the one I'd recommend.

Data encryption - Things get more serious when we talk about encrypting the data on your PC. Encryption essentially scrambles everything on the computer unless the proper password is given to unlock it. You can also set up encryption to protect your email, but this is a more complicated process, as the recipient generally must also use the same encryption process to decode what you sent them. Just remember, encryption is only as good as the password you use to lock it. Windows Vista Ultimate Edition includes an encryption system called BitLocker. If you have Ultimate, definitely give it a spin. There are myriad encryption tools out there, most of which are free, which will encode your hard drive for you. Some are easy, some are difficult. Search around until you find one you like and which has positive reviews. You might start with FreeOTFE, which is pretty simple and rock solid. Be aware that encryption software will often slow down your PC considerably because of the complexity of the calculations it has to do.

Theft recovery - LoJack for Laptops (I've written about it many times) can help you out if your gear gets ripped off.

Additional tools (optional) - Many laptops include biometric scanners (fingerprint scanners) to help lock out unauthorized users. I find them more trouble than they're worth, but for sensitive data scenarios I'd recommend using one if your laptop includes it. Read the LoJack link above fore more commentary on how fingerprint scanners can interfere with LoJack.

Remember that all of these tools will only work as long as you keep them up to date with current data definitions, frequent scans, and with good passwords. Like most things, good security comes down mostly to common sense. Remember that laptop theft is the most common computer crime out there. Keep your machine out of sight and secured with a cable lock whenever you're unsure of your environment's safety.

How to Pick a Genuinely Secure Password

When it comes to security, Bruce Schneier is a god among us mere mortals. He has written some of the most influential books on computer security and cryptography ever printed, and his blog is essential reading for anyone on the Internet.

So when Bruce says here's how to create a secure password (and how he creates his own passwords), I listen. His post on the topic is extensive, so I'll try to boil it down to the essentials. If you have the time, I encourage you to read the whole thing, though.

First question: How are passwords cracked, anyway? Primarily through brute force "dictionary" attacks, where software tries to guess a password by running through a series of common phrases or words in various combinations. Sure, we know that "password" and "qwerty" are easy to crack, but password crackers have gotten much more sophisticated these days. Now, they check hundreds of these common "root" passwords (here's a list)... in combination with various "appendages," including all two- and three-digit combinations, single symbols (like ! and ?), dates from 1900 on, and a few others. The crackers also sub in common characters like "3" for "E" and other typical hacker-speak substitutions.

What's that mean? Basically, if you thought the safe-looking pigl3t9! was a secure password, you're sadly mistaken. Any modern password cracker will suss it out in a matter of minutes.

Before you begin to despair, Schneier offers simple rules on how to create a password that cannot be easily cracked by such methods. (Mind you, given enough time, any password can be cracked, though. But this will make it much harder.)

The trick is to use a "root" that is not in that list that I linked above, and to put your "appendage" (or two of them) in an unusual place: Either in the middle of the root or at both the beginning and the end.

Schneier's example is to use a word that you can pronounce but which is spelled "wrong": armwar or pitchsure or baysball are all examples. Then attach your appendage(s): arm9!9war or 1066pitchsure6601 or bay1776sball. It shouldn't take much effort to commit any of these to memory.

Two Monitors on One Laptop?

Reader Greg Davey asks: I want to use a second monitor in conjunction with my laptop: I want to have one application on my laptop screen and another application on a second monitor. I've tried setting it up via th Display > Settings control panel, but it's not working. What does the laptop physically need for the use of multiple monitors? I'm told the laptop needs a dual video card; if so, how do I tell if my laptop has a dual video card?
Having two monitors can make you doubly productive, but setting this up on a laptop isn't always easy, as you've discovered. You took the right first step: Plugging in an external monitor to the VGA port (or possibly DVI port, depending on your laptop) and then attempting to configure the Display control panel to handle two monitors, side by side. (Just position the boxes labeled 1 and 2 and click "Extend my Windows desktop onto this monitor." (See screenshot for detail.) That's all it takes... if your laptop's graphics card supports multiple monitors.
How do you know if it does? Most recent ATI and Nvidia graphics cards do, as does the Intel GMA 945G integrated graphics chip. If you have ATI or Nvidia graphics on your laptop, download the latest drivers from either the appropriate website or from your laptop manufacturer's drivers page. Windows Update can sometimes provide new drivers, too, but this isn't as reliable.
After installing the new driver, try the steps outlined above again. If you still can't get the two displays to show up, your PC probably can't support dual displays. But don't give up yet, there are other options...
Got a PC Card slot? Of course you do! You can plug the VillageTronic VTBook (or a number of other PC Card-VGA adapters), which works as a connector for a second monitor for your laptop. The quality isn't always the best on these products, and they can be expensive in some cases (especially ones that support three or four monitors), but they're worth a look if you're in a bind.
You can also do the same thing with a USB adapter. A variety of products like this one are on the market. Be aware that most are from no-name companies, reviews are spotty, and video quality isn't the best (no 3-D support at all, for example), but at least they're cheap.
Good luck. Let me know if any of these products or tips ended up working for you!

Baby Needs a New Domain Name

How's this for thinking ahead? Shortly after baby's first footprints are made in the hospital, some parents are securing another kind of identity marker: an Internet domain name.

It's hard to know just how widespread the practice is, but the AP reports that parents are snapping up domain names from companies that charge about $9 and up a year for them. Some are setting up web sites right away to share photos and moments in their babies' live, but most are tucking them away for future use. They don't want someone else to buy the names and experience what Britney Spears did when her 11-month-old son's domain name was purchased by someone else first, writes the AP's Anick Jesdanun.
But what seems forward-thinking now could be quickly outdated. As Peter Grunwald, who owns a research firm specializing in kids and technology, tells the AP: "Given the pace of change on the Internet, it strikes me as a pretty impressive leap of faith that we're going to use exactly the same system and the same tools...15 to 20 years from today."
Other parents are taking the simpler step of setting up email accounts through web-based mail services so they can send emails and thank-you's in their babies' voices to family members and friends. One mom tells the AP she'll be saving all the messages for her kids to read when they get older.
So have you secured domain names for your babies or older kids?