Net Neutrality & Nucleus By : Dave Berzins, President Should Internet providers be allowed to selectively slow down or stop certain types of traffic over their networks? If they do slow down or stop this traffic, how is the data collected and used? Volume 1, Issue 3 These are two of the questions the Canadian Radio-Television Commission (CRTC) is currently trying to answer. During hearings in Gatineau, Quebec July 6 to 14, the CRTC heard from Internet Service Providers (ISP’s), telephone companies, lobbying groups, and content providers on these matters. July 2009 At the heart of the matter was a complaint made by the Canadian Association of Internet Providers (CAIP) to the CRTC against Bell Canada in April 2008 regarding Bell’s new policy of throttling (slowing down) certain types of traffic being transferred on their network. Most of the traffic management, or throttling, at this point is around Peer-to-Peer (P2P) traffic. CAIP’s complaint was that while Bell could slow or stop transfers for their own retail customers, wholesale customers such as other ISP’s who buy large pipes from Bell, should not be subject to the same type of traffic management. Each individual ISP should be able to determine how they manage their network and subsequent traffic. During the week of hearings, the CRTC heard from different groups, each with an opinion as to what should be done. Bell Canada maintains that without the ability to manage the network, they will be unable to keep up with the demand placed on it. Others, such as zip.ca, a Canadian online movie rental agency, and independent movie producers say P2P is an easy and economical way to distribute films, video, audio and new media. The latter also pointed out to the commission that the ISP’s who are currently slowing traffic are also, coincidentally, providers of cable and satellite TV services. P2P is used widely for the distribution of video and audio files. It was also interesting how each ISP decided to slow this traffic down. Bell Canada throttles upload and download during peak times. Shaw, Rogers and Cogeco only throttle uploads, but do it all the time. Telus, at this time, does not slow down any traffic on their network. While it was not originally part of the CRTC discussion, the commission was also interested to understand how ISP’s were able to slow down certainly types of traffic, while allowing other types to pass without issue. Bell Canada went on to describe how they examine traffic; they use Deep Packet Inspection (DPI), to look into, and capture every piece of information that passes on their network. This brought up questions of how long this data is kept and what it is used for. Bell Canada admitted that they retain the data for up to thirty days and that the current Privacy laws would allow them to use this information for marketing purposes without being required to inform their customers of this type of use. This seemed to upset the commission deeply and brought with it a long discussion on privacy. The Internet has been an ever-evolving creature. It has uses today that we never imagined fifteen years ago. Radio, television, video, phone calls, etc are now the norm. These applications and files are getting larger every day. ISPs continue to build bigger and bigger networks to facilitate this capacity. Bell Canada and others argue that if they are not able to manage this traffic it will create a negative online experience for the customer. Nucleus believes that competition in this area is critical. Customers should have a choice, and more importantly be informed if their ISP is slowing down or stopping certain types of data. Nucleus, or any of our upstream providers, do not currently throttle any type of data. Our network is managed by a hands-on approach of monitoring usage and customer education. While Nucleus can tell how much data you use, we do not know, retain, or DPI any of this data. We find that most of the people that are using an excessive amount of bandwidth don’t even know they are doing it. Of all the customers we contact on a monthly basis about their abnormally high utilization, roughly seventy five percent have a virus or Trojan horse that has compromised their system unknowingly. The CRTC has set November 2009 as its timeline for delivery of a verdict on this matter. While we can’t predict the future, it is our aim to provide our customers with an unrestricted pipe to the Internet directly through Nucleus, or our upstream providers. We will continue to provide the level of service and support that you expect from us, as is always our goal. Special Points of Interest: • • • • • • • • • • • Net Neutrality Planning a move New Equipment Senior’s Discounts Domain Consolidation Payment Options Email Filtering Guideline to choosing a good password Most dangerous keyword to search Helpful Links Office Hours and contact information Page 2 Planning on moving? Planning on moving your ADSL Service (Or changing your phone number)? It does take about 10 Business days to complete the move procedure. To avoid complications with your move, it is very important that you notify your telephone provider and Nucleus at least 2 weeks prior to your actual move. ADSL is a service that piggy backs on your phone line and must be moved by Nucleus. The following procedures should be followed for making the ADSL move go as smoothly as possible. Contact your telephone provider, confirming the phone line is being moved to your new location and what date this will be done. **if your telephone provider is someone other than Telus, you will also need to get a new code starting with L1LXXU...** Contact the Nucleus Sales Department and inform them of your new address and date the phone provider has arranged to move the phone line. **please provide the Sales person with the new L1LXXU code – if phone service is not with Telus** Depending on where you move, your Nucleus ADSL modem may need to be reprogrammed. The Sales Department will advise if your modem does require this prior to the completion of the move. In the case where ADSL is not available at your new location, the Sales Department will advise you on this and will discuss alternative solutions. *Please note there may be fees associated with moving* New Equipment now offered at Nucleus The days of downtime are numbered. Nucleus has developed a reliable and economical solution to create continuous connectivity. Our recent partnership with Bell Mobility has given way to the “Everywhere Internet” mobile device which offers Internet connectivity at 3G speeds anywhere within regular cellular coverage. At this time we are also pleased to introduce a business/home office continuity solution that will ensure your business stays online. Nucleus now offers the CradlePoint suite of routing equipment. Whether you need on the go Wi-Fi access, or a complete internet connectivity fail over solution, these devices will do the job. The CradlePoint MBR1000 is a robust 802.11N router with 3G failover capability. Meaning you can plug a wireless 3G USB or Express Card adapter into the device as well as your standard Ethernet connection and should the Ethernet connection drop off or fail, the device instantly kicks in to provide TCP/IP connectivity to all your network devices, over the high-speed 3G data network or a secondary ISP connection. No configuration changes required. The other unique use of these CradlePoint devices is the ability to plug in 3G enabled wireless devices into the USB port and then have an instant Wi-Fi network capable of supporting multiple users. This is perfect for point-of-sale applications where your business and sales ability hinges on staying connected. Other viable uses would be a kiosk or outdoor internet connectivity needs. If you are interested in hearing more about this solution, please give us a call and we’ll be more than happy to provide you with additional information. Senior’s Discount on Dialup Services For our clients 55 and older, we presently offer discounted rates on our monthly and annual dialup services. If you would like to take advantage of this discount, please contact our sales department and they will be more than happy to assist you. Volume 1, Issue 3 Consolidate your domains with Nucleus For a limited time, when transferring your domain to Nucleus we are offering the price of $10.50 per domain for the first year. Generic and Country Code Top Level Domain Names for your domain name portfolio, including .COM, .NET, .ORG, .INFO, .BIZ, .US, .CN, .MOBI, .ASIA and .TEL In addition, if you are looking for Domain Privacy... keep your WHOIS information confidential on the web for only $10 CAD/year per domain name*. *not available for .TEL or .US domain names. Nucleus Payment Options We have several different payment options available to our clients which are outlined below. If you would like to change your current billing method or have any questions, please feel free to contact our Administration Department via email to: billing@nucleus.com or by calling our office during regular business hours. Cheque/Money Order/Draft Payment may be made by cheque, money order or draft payable to “Nucleus Information Service Inc" at our offices or by sending it through the mail. Credit Card Payment Payment may be made by Visa, MasterCard or American Express. The credit card number and expiry date are required for this process - in some cases we may also require the CVS number listed on the back of the credit card. We can automatically charge your credit card on a monthly basis or you can call in each month to have us process the payment to your card. Pre-Authorized Monthly Payment Plan (PAP) Automatic withdrawals from your bank account can be setup to debit your account on the first business day of each month. To enroll in this program we require the account holder(s) to fill out an authorization form as well as provide us with a void cheque. If you change your banking information please make sure you contact us immediately so we can update your records. Electronic Funds Transfer This option is normally setup through your bank as a transfer of funds from your account to ours. Please contact our billing department if you require our banking information. Online Banking Nucleus is setup with all major financial institutions in Canada. Simply search for Nucleus (depending on the bank it may be listed as Nucleus Inc. or Nucleus Information Service Inc.) and add us to your list of payees. You will be asked to enter in your account number (this is your 9 or 10 digit registration number) and save the information. Once saved, you will be able to make payments through your online banking at anytime. Cash/Debit Card If you prefer to pay with cash or your debit card in person, our Calgary office is open Monday – Friday from 9 AM to 5 PM. Please note that we are not setup to take debit cards in our Edmonton office. Page 3 Page 4 “Spam Wars: Email Filtering Using Blacklists” By : Julia Zochodne As an Internet user that uses email for everyday business and personal communication, you are undoubtedly familiar with spam, generally defined as bulk unsolicited email (junk mail for lack of a better word). Spam comes in many varieties: from the harmless and mildly irritating to messages directing users to malware, or malicious software, which poses serious threats to computer systems. It is estimated that spam makes up approximately 90 percent of the email sent and received today. To effectively block spam we need to identify the source of the spam message and configure the mail server so that it rejects any messages sent by this source, this in turn prevents the messages from reaching your inbox. A mail server is able to block individual sources of spam because the Internet relies on two important systems called Internet Protocol (IP) addressing and the Domain Name System (DNS). Each computer that uses the Internet is assigned a unique IP address (think of this as its phone number) and DNS is the system that translates a name such as www.nucleus.com to an IP address so it knows which computer the name belongs to (DNS is extremely important as it is much easier to remember a name than it is to remember a bunch of numbers). One of the methods we use to stop spam is by blocking the IP addresses of known computer systems that send out spam. Our mail server obtains a list of these IP addresses by consulting a real time blacklist. Hundreds of third-party web sites are dedicated to generating and maintaining blacklists, and many have widely varying methodologies for adding and removing IP addresses from their lists. Nucleus currently uses the following blacklists: Composite Block List, Spam Rats!, Spamcop, Barracudacentral.org and Passive Block List. These blacklists were responsible for blocking over 100 million spam messages for our clients in the month of June alone! Blacklists place IP addresses on their lists when a computer system is exhibiting abnormal email activity. By definition, spam is email sent to a large number of users, so computer systems attempting to send out a large number of emails over a short period of time, or trying to send to too many invalid email addresses, will have their IP addresses added to these lists. In addition, IP addresses that belong to systems that are known spammers are also added. If you receive a bounce-back message stating that your IP address has been blacklisted, you can find out which lists have blacklisted the IP address by accessing http://www.mxtoolbox.com/blacklists.aspx. Removing an IP address from many blacklists is a straightforward process - however; the cause of the problem must be resolved first otherwise the IP address will be quickly listed again and in some instances can take months for removal. It is extremely important to ensure that the issues are resolved prior to asking to be removed. In some cases, a user can remove oneself from the list through the blacklist’s website, while other list remove IP addresses automatically after a given period of time without any additional suspicious activity. Clearly, the spam issue cannot be solved overnight, but as with many computer security-related issues, being an informed user will put you in a much better position for handling today's and tomorrow's problems. If you would like to learn more about spamming and blacklists, the following links may be of interest to you: Recommended Links Barracuda Central. - http://www.barracudacentral.org/ The CBL. - http://cbl.abuseat.org/ MessageLabs Intelligence Reports. - http://www.messagelabs.com/resources/mlireports MX Toolbox. - http://www.mxtoolbox.com/ Passive Spam Block List. - http://psbl.surriel.com/ Security- Ars Technica. - http://arstechnica.com/security/ Spam Cop. - http://www.spamcop.net/ Spam Rats! -http://www.spamrats.com/ Volume 1, Issue 3 Tips on choosing a good password Choosing the right password is something that many people find difficult, there are so many things that require passwords these days that remembering them all can be a real problem. Perhaps because of this a lot of people choose their passwords very badly. The simple tips below are intended to assist you in choosing a good password. Basics: • Use at least eight characters, the more characters the better really, but most people will find anything more than about 15 characters difficult to remember. • Use a random mixture of characters, upper and lower case, numbers, punctuation, spaces and symbols. • • Don't use a word found in a dictionary, English or foreign. Never use the same password twice. Things to Avoid: • • • • • • Don't just add a single digit or symbol before or after a word. e.g. "apple1" Don't double up a single word. e.g. "appleapple" Don't simply reverse a word. e.g. "elppa" Don't just remove the vowels. e.g. "ppl" Key sequences that can easily be repeated. e.g. "qwerty","asdf" etc. Don't just garble letters, e.g. converting e to 3, L or i to 1, o to 0. as in "z3r0-10v3" Bad Passwords: • Don't use passwords based on personal information such as: name, nickname, birth date, wife's name, pet's name, friends name, home town, phone number, social security number, car registration number, address etc. This includes using just part of your name, or part of your birth date. • Never use a password based on your username, account name, computer name or email address. The Web’s Most Dangerous Keywords To Search For Which is the most dangerous keyword to search for using public search engines these days? It’s “screensavers” with a maximum risk of 59.1 percent, according to McAfee’s recently released report “The Web’s Most Dangerous Search Terms”. Upon searching for 2,658 unique popular keywords and phrases across 413,368 unique URL’s, McAfee’s research concludes that lyrics and anything that includes “free” has the highest risk percentage of exposing users to malware and fraudulent web sites. The research further states that the category with the safest risk profile are health-related search terms. Here are more findings: The categories with the worst maximum risk profile were lyrics keywords (26.3%) and phrases that include the word “free” (21.3%). If a consumer landed at the riskiest search page for a typical lyrics search, one of four results would be risky. The categories with the worst average risk profile were also lyrics sites (5.1%) and “free” sites (7.3%) The categories with the safest risk profile were health-related search terms and searches concerning the economic crisis. The maximum risk on a single page of queries on the economy was 3.5% and only 0.5% risky across all results. Similarly, even the worst page for health queries had just 4.0% risky sites and just 0.4% risk overall. *Article from May 27, 2009 off of ZDNet.com. Article written by Ryan Naraine & Dancho Danchev* Page 5 Organizatio n Calgary Office: 1835B 10th Ave SW Calgary, Alberta T3C 0K2 Toll Free: 1-888-682-5387 Main: (403) 209-0000 Technical Support: (403) 509-4960 Fax: (403) 541-9474 Feedback : http://feedback@nucleus.com Edmonton Office: Suite 201, 10544—106 Street Edmonton, Alberta T5H 2X6 Toll Free: 1-888-682-5387 Main: (780) 413-1700 Technical Support: (780) 448-0460 Fax: (780) 420-1075 Office Hours: Both of our offices, Calgary and Edmonton, are open Monday – Friday from 9AM-5PM. Helpful Links Looking for a quick way to get where you are needing to go? Below are some of our most common links: Nucleus corporate website – http://www.nucleus.com My nucleus (client website) – http://www.mynucleus.ca • • • • • Live Help Support - http://support.nucleus.com Account Maintenance Games Contact Us Frequently Asked Questions - http://faq.nucleus.com Internet 101 - http://www.mynucleus.ca/internet101 Kids-Korner - http://www.kids-korner.com Destination Calgary - http://www.calgarybiz.ca Destination Edmonton - http://www.edmontonbiz.ca Security Programs and Resources http://www.mynucleus.ca/support/security.cfm Mailing List - http://www.mynucleus.ca/mailinglist.cfm If you need to drop payment off, there is a mail slot available at the front door that can be used after hours. If this is not convenient and you would like to make payment arrangements, please contact our billing department during the week and we will be more than happy to work something out for you. Our Technical Support Department is open from 9AM-5PM on the weekends and from 8AM-9PM during the week. Upcoming Office and Support Closures 2009 Calendar August 3 - Heritage Day September 7 - Labour Day October 12 - Thanksgiving Day November 11 - Remembrance Day December 25 - Christmas Day December 26 - Boxing Day