Q&A
Q&A with InetD: Answers to Computer, Internet, Networking and Telecom questions from our reader’s e-mails and comments.
Free Online IT Tutorials and Training
This question was cobbled together from several common e-mails this week.
Hey, Inetdaemon, Â Doesn’t bandwidth solve all network problems with [Skype, Facetime, Vonage, NetFlix, Hulu, YouTube, World of Warcraft (WoW)...], and push my frame rates through the roof in [choose any FPS/MMORPG]?
Answer:Â Not so!
Engineers use a measurement called “latency” to measure delay between endpoints in communications systems, including the Internet.  High latency is bad, low latency is good.  High latency indicates a problem between endpoints. This could be you and a friend across Skype, Facetime, Vonage or  anything else.  Problems with ‘delay’ are the real causes of ‘slowness’ and communications problems. More bandwidth will only fix issues with congestion and over-subscription, and only if you can add more bandwidth along the entire path from end-to-end.  More bandwidth can’t do anything about the actual delay from the communications systems, routers, switches and the infrastructure supporting it or delay from the server.  Moreover, if the “internet pipe” at the far end serving the person or site you’re trying to reach is full, their router is busy, or their servers are overloaded, there’s no benefit to upgrading your own service to higher bandwidth. Given the nature of the Internet, everyone else would also have to upgrade thier Internet connection to make your services faster to every site you use frequently.
Why can’t I buy a basic 4:3 1600×1200 LCD monitor any more for less than $380?
A 1080 monitor is “missing” 120 pixels of vertical resolution. Â In practical terms, this means you spend a LOT more time scrolling up and down when you browse the web, write a Microsoft Word document, edit your latest eBook, work on updating your website.
When it comes to computers, I’m a power user. Â Lots of applications running, Internet browsers, file transfer applications, e-mail, office applications (Word, PowerPoint and Excel), graphics and website development software, even video conferencing from time to time, all at the same time. Â It takes not only a lot of CPU and RAM to run all of this, but it takes a lot of desktop real-estate too, which is why I need high-resolution monitors. The rise of High Definition television (HD or 1080p) and mobile devices has brought about an odd situation. Â Six years ago, you could get a 1600×1200 LCD/LED monitor for around $189. Â I bought two Samsung monitors at that price. Â One of them failed recently, and I went shopping for a new monitor with the same resolution, only to find that I had to choose between medical-industry-grade monitors at $1200+, new monitors at $450+ (if I could find them), refurbished monitors for around $200, or settle for a 1980×1080 monitor.
I was flabbergasted that you just can’t buy a new, standard 1600×1200 monitor these days for under $300.
After some research, I discovered that the people that make monitors aren’t interested in making PC monitors any more. They can take the same materials and produce an HD television at three times the price.  A basic 27-inch 1920×1080 LCD monitor will run you $109 US.  A 27-inch 1920×1080  HD-TV will run you $349 US.  Manufacturers add a tuner component, but otherwise, the HD-TV is the same materials, components, screen-size and electronics. Because it’s an HDTV, you’re willing to pay more and so you do, and the manufacturers realized that at a 250% markup, HD-TV’s are more profitable, so they retooled their factories to turn out 1920×1080 screens for HD-TV’s.  Even better, they can carve up what could have been a $109  27-inch screen into a dozen iPhones, charge $100 for each iPhone screen,  and make at least  600% markup with the same materials and production costs.  Thus, today’s monitor manufacturers see PC monitors as “unprofitable” by comparison to HD-TV’s, mobile phones and tables, so they refuse to put anything more into a PC monitor than is required to get a consumer to buy it.  Since they converted their factories for HD TV’s, they can only crank out 1080 PC monitors now.  Setting up a production line to turn out a 1600×1200 monitor may be possible, but they see making a smaller profit as a financial loss.  Since consumers are unaware that 1600×1200 used to be the standard monitor size and didn’t continue to demand them, the manufacturers have gotten away with stealing… Continue reading
(Jump straight to The Fix)
The Reader’s Question:
Dear InetDaemon,
Why do I get a “503 Valid RCPT command must precede DATA” message when I send to some people?
Thanks!
The Error Message
This mail message is sent to you automatically by the mail server. Â It most often happens when you are sending to someone who doesn’t use the same mail provider you use. Â The mail server will automatically send you this notification when you have not configured Outlook to send your login information to the server before sending e-mail. Â The body of the notification email will have a message that looks something like this:
FROM: System Administrator
TO: InetDaemon
Subject: Undeliverable: Test Message
Your message did not reach some or all of the intended recipients.
     Subject:   Test Message
     Sent: 6/2/2012 7:38 AM
The following recipient(s) cannot be reached:
     <address@domain.tld> on 6/2/2012 7:38 AM
503 Valid RCPT command must precede DATA
Why It Happens
Responsible email providers will require you to configure Outlook to log in to their server before sending e-mail to restrict the ability to send mail from their servers to just their own customers. Â This helps block spam by preventing anyone who doesn’t have a login from sending an e-mail from that server. Â Your mail service provider requires that you verify your account information before downloading mail (via IMAPÂ or POP3), and they also require it before sending mail via Simple Mail Transfer Protocol (SMTP).
Sending login information to the server before sending an e-mail is not a Microsoft Outlook default, so you get an error from your email provider’s mail server when sending to external providers.
The Geeky Bits
The mail server that actually sends your e-mails for you has been configured to use the SMTP AUTH extension as defined in RFC 2554. Â When sending an e-mail, the mail user agent (Outlook) connects to the mail transfer agent (your provider’s mail server) and the server responds with the authentication types used by sending the client the SMTP verb “AUTH” and a list of methods. Â The client selects an authentication method it supports and replies back with “AUTH <method>”. Â If the server does not receive an AUTH from the client, it treats the client as an unknown sender and does whatever the server is programmed to do when an unknown sender sends mail (ignore the mail message, send a warning message to the client).
How to Fix It
How to fix “503 valid RCPT command must precede DATA”:
Continue reading
Malware is malicious software which the user is tricked into downloading and/or installing from an e-mail attachment, or more commonly today, malicious and infected websites. Â Social Engineering is a term used to describe the techniques used to deceive people and trick pe0ple into revealing information or taking an action that is unsafe. Â Socially-engineered malware is malware that is pushed to Internet users from malicious URL’s (website addresses) that have content designed to grab your attention and trick you into clicking a link in a search engine or e-mail, or which exploit a vulnerability via JavaScript or within a plugin (Java, Flash, Silverlight, Adobe Reader etc.) to gain access to the computer and install malware. Â Once installed, the malware remotely grants hackers control of the computer, and full access to everything on the computer and everything the computer is used to access, including email, online banking and personal online investment accounts. Â The hacker may even be able to observe the screen, and record keyboard and mouse activities.
The latest website to fall victim to getting hacked is MySQL.com, owned by Oracle Corporation, which was briefly forcing malware downloads to computers running vulnerable web browsers that connected to the MySQL.com website.
According to recent statistics published at Virus Bulletin by Bruce Hughes of anti-virus company AVG technologies, Internet users are four times more likely to encounter social engineering as the mechanism used to infect their computers than a technological ’hack’.
An independent security firm has released their third quarter report on the protection provided by each of the top five web browsers. The test was designed to determine how well each browser protects against malicious URL’s, malicious downloads and phishing.
The firm compared the following browser versions:
- Internet Explorer 9
- Firefox 4
- Chrome 12
- Safari 5
- Opera 11
Which browser blocked the most malware and was the best, most secure browser against socially-engineered malware?
According to NSS Labs,  all of these browsers offer a reputation system to warn the user about malicious URL’s and block malicious software downloads from those addresses. Reputation systems are used to provide the user additional feedback to make a determination as to whether the site is safe and to recommend blocking the website to the user in cases where the sites are known to be malicious. However, one of these browsers proved dramatically more effective at blocking socially-engineered malware–malware that users are tricked into downloading simply by visiting a website or clicking a picture or link in a search engine result, e-mail, tweet or SMS text.
Cool flash applet HTML5/JavaScript page showing the history of the development of web standards and web browsers:
http://evolutionofweb.appspot.com/
(I stand corrected.. 
 )
Great article at Wired magazine about how digital detectives at Symantec and elsewhere deciphered the STUXNET worm.
See: Â http://www.wired.com/threatlevel/2011/07/how-digital-detectives-deciphered-stuxnet/all/1