About jachamp

Yes I'm a geek and a photographer. So please send me ideas for things you'd like to see me cover, explain, or simply talk about.

A VPN, Tor, DNS, or just clear my cache

Stop and read this before you make a mistake

The newly passed legislation that gives your Internet provider permission to monitor your web browsing, and then sell it to marketers, is not new. In fact, before this legislation was passed, this has been the way things have been done for years. You see, the FCC rule to protect your browsing privacy has not gone into effect yet. So nothing has really changed, however, interest in Tor and Virtual Private Networks, VPN’s, has skyrocketed.

Rather than see you waste money or effort unnecessarily, I’d rather educate you so that you can make up your own mind.

1) A virtual private network or VPN, is an encrypted network connection where your browsing requests go through a private tunnel and come out somewhere else. This private tunnel is encrypted and thus only the exit node knows what you are asking for. The data within the tunnel is hidden. VPNs are the best of the available options to protect your browsing from your ISP’s spying eyes while allowing your full access to the functions of the internet. This includes media streaming, and file sharing.

This will likely cost you money and it is very difficult to tell who owns these VPN providers. So it is best for you to review these providers and use your best judgement if you opt to pick one.

2) The Onion Routing network, otherwise known as Tor, is a point to point encrypted tunnel that plays whack-a-mole with your packets. Your connection goes through the Tor software which encrypts it. Each point along the line that handles your packets continues this encryption with only the exit node, and those who control it, seeing the final destination and content of your browsing request.

A word to the wise: It has been noted that many governments have set up exit nodes for Tor connections and that includes the US government. Tor is also the only way to get to the dark web and I advise your strongly to avoid the dark web unless you know how to turn off scripting, turn off Java, turn off all active content as much of the dark web consists of serious exploits aimed at your PC.

Also, please remember that whoever controls the exit node controls your data. So plan accordingly.

Now, let’s talk about some bad advice that is out there on how to hide your browsing from your ISPs.

1) No — erasing your cache will not prevent your ISP from seeing your browsing habits.
2) No — using HTTPS for every site you visit will not protect you much either. While the data you send back and forth to the site you are visiting is encrypted, you should know that the visit to the site itself is known to your ISP.
3) No — changing your DNS server alone will also not do much to protect you unless you do that in conjunction with a VPN or Tor. What happens when you type in a URL into your browser is that a request is made to turn the letters your system sends out into a series of numbers that relate to the site your are requesting. DNS does this, however your traffic to your site must travel from your system through your ISP’s hardware, to the site you specified and then the data returns back on the same path but only in reverse.

4) Using ad blockers and using incognito mode do not provide you with any protection either.

These are just some of the things that are being talked about right now. If I missed something, or if you wish to ask any questions, please feel free to drop me an email.

WIndows Tips from the command line

A screen grab of Superfish intercepting an interaction with Bank of America (PHOTO COURTESY OF PCMagazine).

The first of several Windows tips

Starting today I am going to help you with a set of simple commands that can bail you out in the event your computer has some problem.

Windows tip #1–many of you have never used the command line interface or even know what it does. Windows has a large set of programs that run in command line mode but you do not have an icon to any of them.

One of these programs is called taskkill.exe — C:\Windows32\System32taskkill.exe

This program is very powerful and can save you if some program gets stuck.

In order to use it, you will need to know the proper name of the program running … i.e.: Internet Explorer’s executable file is iexplore.exe — in order to find the names, open up the command line tool and run it as Administrator.

There are two ways to do this:

1) Hold down the Windows key while pressing the “R” key
2) Click on the Start button (if you have it)

Either way you get the Run line to come up, type in “cmd admin” and press enter. A box that resembles an old school black and white computer screen pops up.

The first command you should know is C:\Windows\System32\tasklist.exe — this opens up a list of all running programs and gives you their name, the name of the program, the process identification number, and whether it is a service (meaning that it starts up when you boot up your computer) or if it is a console (meaning it runs when you ask it to) program.

Your screen should like this:

A printoout of the C:\Windows\System32\tasklist.exe command

Windows command line tasklist.exe

Find the AppleUpdateService.exe program. It has a process identification number of 1872. This is an example of a program that is harmless to terminate/kill.

With the commandline console still opened type in ‘C:\Windows\System32\taskkill.exe \f \im AdobeUpdateService.exe’ — now you should know that the \F means “FORCE” and the \IM means image name. There is a bunch of these and you can find them explained on DOSPrompt.com.

This will immediately terminate the program and it will react as if you have just unplugged the system. It will immediately stop and not allow any process it may be controlling to complete. Where the taskkill.exe command is most useful is in terminating browsers should one indicate a site that will not let you leave it unless you click on a box asking you to perform some task.

There is a reason why you will want to stop that browser immediately but we will go into that later.

You can also use the ‘C:\Windows\System32\taskkill.exe \f \PID 1872’ and it will terminate the same program. Only now, instead of using the programs name, you are using its process identification number.

This is the first of a series of tips on using the commandline in Windows. If you have questions, comments, something to add, or think this is stupid…please let me know.

For a list of commands that run in Windows command line, you can go to Microsoft’s Technet Site. You should also feel free to perform your own searches to find a list of commands that are explained in a way that makes better sense to you. Technet is a Microsoft product but it is not really meant to be used by the home user.

Microsoft updates, KB numbers, and the support articles that go with them

Cujo the sheppard mix

Cujo the sheppard mix

By now most of you know about Windows 10 and if you are on Windows 7, 8, or 8.1 you likely have a white flag icon in your system tray in the lower righthand corner of your screen.

This flag comes from a Microsoft update, KB3035583. and it does a couple of things, one of which is to push you to move over to Windows 10. If you actually try to read what MS’s own update tool says that this update does, it is cryptic. There is no mention of Windows 10 nor an operating system upgrade that could be pushed to you without your knowledge.

So…when was the last time that you actually read the support knowledge base articles that go with the Microsoft updates that are being pushed to your system?

Most of the time the wording is innocuous. Other times…it can be vague and your own imagination will have to go to work.

Infoworld magazine seems to have uncovered info about the “important” upgrade that is basically “nagware”


The wording of the update says, “This update enables additional capabilities for Windows Update notifications when new updates are available to the user. It applies to a computer that is running Windows 8.1 or Windows 7 Service Pack 1 (SP1).”

But Microsoft seems to take advantage of their customers not reading what these knowledge base support articles are actually doing.

If you read the following article, also from Infoworld, you can see how MS has been pushing failed updates with old KB numbers months after their initial installation attempts have failed.


So this wraps up the second short worded version of this conversation. More will follow—stay tuned!

Time to talk Windows 10

No Windows 10 icon from BetaNews.com

No Windows 10 icon from BetaNews.com

Julie Andrews famous song from the Sound of Music starts with “Let’s start at the very beginning. A very good place to start” and this is where I am at…starting at the very beginning.

Microsoft is touting all the greatness of Windows 10. They say it is more secure and it is more useful than previous versions but in reality, Windows 10 is nothing more than Windows Vista. Technically it is Windows version 6.4 and Vista is 6.1. That tells you that they put lipstick and mascara on a pig and called it your date to the prom. Whether or not you accept it as a date is entirely up to you.

And this is why I write this…to help you make an educated decision about either upgrading to Windows 10 or if you are already there with Win10, I can help you lock it down to limit Microsoft (and it’s partner’s) ability to spy on you.

Two things to remember while you go through this…one–Microsoft is in business to make money and not to provide you with the best or even a workable operating system. Two–you cannot trust everything you read, hear, or are handed by a for-profit company.

No–this is not paranoia but truth. Each publicly traded company’s first responsibility is to its investors…not to its customers or its employees.

So with that stated…I will start walking down the Windows 10 road during this next week. It’s my way of saying thank you for reading this.

Why I Use Ad Blocking Technology

originalDear web site owner,

Since the advent of Doubleclick, Red Sheriff, and other invasive tools for inserting third party advertising on sites seeking to make a profit, I have been doing everything in my power to keep those invasive tools from placing intrusive and sometimes harmful data pools on to my computers.

So now, Yahoo, ExtremeTech, Forbes and a growing list of other sites are fighting back by denying us access to their content.

I will say this as a result. If you want to make money from ads, fine. I, personally, do not have a problem with that. If you want to hire an ad sales team, place ads and even mechanisms to show which ads I have interacted with, which ads I have hovered over, or even which ads I have looked at by using my camera to track my eye movement, that is fine by my book.

However, do you need third parties to place trackers, ever-cookies, and other tools to track every site your viewers/users visit? Is it necessary to have dozens of pages of legalese in 8 point font explaining what your intent is with our information?

Do you have to have ad providers who allow 100’s of fourth parties to inject ads that ave not been vetted into your site’s ad display system?

That is why I use ad blockers and if you are a reader and you agree with me that this out-dated mode of invading my computer and my privacy needs to go away, join me in using Ad Block, Ad Block Plus, Ghostery, and other ad and javascript blocking tools. The system and privacy that you save may be your own.

Pa$$w0rds–good or bad without breaking your brain

Every year some computer security firm releases its list of the worst passwords that people are using. While I do not know the methodology used to compile these lists, I do know that I see these passwords used over and over again in both public and private sector arenas.

password image by Linux Screenshots on Flickr.

password image by Linux Screenshots on Flickr.

Why are people using passwords like 123password? It is likely because the average person, not techno-geek, has a hard time remembering what some ‘best-practices’ list decided was a good password. You know the one; there must be on capital letter, one lower case letter, one number, one special character, and the DNA signature of your neighbor’s cat (I just made the last part up).

Now this is a big deal because passwords are a big deal. They keep people from snooping on your computer, your email service, the websites you frequent, or even keep people out of your bank or credit card accounts.

Passwords are like diapers and politicians. They should be changed and often. Why? Because if you leave a password in place for too long you give an outsider a longer opportunity to crack it open and then gain access to your data/information.

So while password, letmein, 123456, qwerty, or something similar are examples of bad passwords, using a password like 3!dxt*RT2nr$xgg5t06 is a good password but not because it is complex. It is a good password because it is long however the human brain can only remember so much of this string, you have to go back and remember that you are trying to outsmart a computer and not a human being.

A human will guess words that can be found in a dictionary or will tell a computer to look for words that exist in a dictionary. In short…words that make sense to another human being. A computer does not care about dictionary words or special characters.

I will now enter the word “entropy” into this discussion. Entropy, while sometimes relating to thermodynamic relationships in chemical processes, also means a lack of predictability or reliability that can lead to a disintegration of order leading to disorder and thus a large positive run towards randomness. This is a good thing to have in a password or pin.

For instance…your four digit PIN that you use on your debit card has a number of possible combinations of 10^4 (numbers 1-4 give us 10 and since there are 4 of them, that gives us the number of possible combinations) possibilities.

And that 16 character string of special characters, upper and lowercase letters, numbers and your cat’s DNA marker? Well that only nets you an entropy, randomness score, of 119 bits. However, if you were to take the last names of your two favorite teachers, the model of your first car, and your first home phone number..that entropy ramps up to over 200 and that would take the most power computers, hundreds, if not thousands, of years to crack that password…and by then you should have changed it more than two times to something else.

Some examples of good strong passwords in this model are: hulusucksbecauseofcommercials , bernsteincoplandRodeoin38time, spotroverslurpeepepsi

The main purpose of this blog entry is to illustrate to you that a secure password can be one that is long, and strong but more importantly, something that you can easily remember. Just do not use the names of your kids, your pets, or other personal information that you might not want disclosed to the general public.

Lenovo, Superfish, Root certificates and You

If you have purchased a Lenovo laptop, desktop, or some other system since 2010, Lenovo added a surprise for you. It is called Superfish and its purpose is to read everything you type into search engines or Amazon or whereever and insert advertising from Superfish partners to drink to milk more money out of you.

While installation of adware like this is bad enough, this application makes it worse by inserting a root certificate into your system.

A self-signed root certificate like this gives Superfish access to everything you do on your system. It intercepts your communications with your bank and reroutes it through its systems to your bank and acts like a ‘man in the middle (MITM)” type of hacker attack.

A screen grab of Superfish intercepting an interaction with Bank of America (PHOTO COURTESY OF PCMagazine).

A screen grab of Superfish intercepting an interaction with Bank of America (PHOTO COURTESY OF PCMagazine).

While Lenovo nor the company who makes Superfish are likely to exploit this interaction, a real hacker, can intercept this traffic and then you are in trouble.

The best thing for you to do is not to wipe your system clean, nor throw out the computer. Follow this guide from Ars Technica and get rid of the adware and the root certificate and regain control of your computer.

Which memory card for your DSLR?

The Sandisk Extreme Pro 64GB Class 10 280GB oer seciond SDXC card

Need for speed? That 280MB/sec rating may not be the number you are looking for.

When you think about your camera and your memory card needs, do you think bigger and faster is better? Wait a minute..not so fast. Some cameras cannot handle newer SDXC formats, some cameras cannot take advantage of the 128MB/sec read rates or faster, and sometimes smaller and slower win the day.

My example..I have and still use a Nikon D90. It works, takes great photos and works with all of my lenses so why not right?

Well the first thing to note is that I shoot in RAW format, meaning NEF files for the Nikon (Canon uses a CR2 format, Panasonic uses a generic RAW format) are going to be a different size as you get more megapixels. So my D90 takes RAW photos in about 10-11 megabytes per image. While my D7100 uses a 28 megabyte raw image. Your camera has a common raw file size average and you should know it.

Now…for my D90, I never use anything bigger than a 16GB SDHC card. Sure it will support a 32GB card but I get into a grey area I try to avoid.

If I have 28 GB worth of images on the card and it fails, I am going to be mad. However if I only have 7-10GB of photos on card, I will still be angry at the loss but it won’t be nearly as bad as with 32GB. See?

Now a word about speed. Most cards will put their fastest speeds on the card and that is usually the speed a device can READ from it. What you want are cards that sync up with your camera speed. If you shoot at 7 frames per second and have a 90MB/sec write speed on your card, you might be able to eek out a few more shots before your camera’s buffer for the number of images it can hold, runs out.

So..ignore that 250 MB/sec listing on the card and look up the write speed for that card. Odds are it is going to be less than the read speed for that card.

That’s a quick lesson. If you have questions, please let me know. Next time, the quickie lesson will be over picking lenses to take on a trip.

So you got a new DSLR for Christmas…now what?

It started with a trip to a local retail store to find a Christmas gift for my sister and I wound up helping an elderly man the ‘non-commissioned’ sales clerk was steering towards very high speed and high end memory for the brand new Nikon D3300 camera.

I saw his standing there, staring at a wall of memory cards, with a 64GB SDXC card that cost close to a hundred dollars. It’s throughput was around 95MB per second and it was a quality name brand and not some off the wall series of letters on a sticky piece of paper.


When his sales person walked off with the brand new Nikon D3300 in the box to get a lens he asked for with this package, I asked him about the card he was holding. He said it is what the sales clerk handed him and rather than tick off the sales person, I suggested that he go with something slower. I then explained the frames per second rate of the D3300 and how fast the camera writes data to the card.

The key is to have a media card that accepts data at a rate just faster than the write speed of the camera.

So a Nikon D3300 shoots at a maximum still photo frame rate of 5 frames per second. The average file size is a little over 20 megabytes (MB) for each raw format photo. So if your media card accepts data at say 30 MB per second, it will unload three photos while you have taken five. What this means is that the buffer (the amount of built in memory of the camera) will fill up and stop you from shooting at full speed.

And if I know anything about luck, that buffer usually fills up just a few frames before you get your money shot.

But how often are you going to be shooting that fast? This was a senior who was buying the camera for his wife. She likely would not turn on the full burst rate of the camera. And so I asked the man flat out, what was his wife interested in shooting images of. He said nature, birds, butterflies, and water scenes. That type of shooting lends itself to slower shots and limited straining of the camera’s buffer.

I recommended he put down the 64 GB 95 MB per second class 10 SDXC card and instead buy four (4) 16 gigabyte class 10, 30 MB per second cards.


Just so we can get the speed information down properly, a class 2 memory card records at roughly 2MB per second. This is good for H.264 video. Class 4 and class 6 are 4MB per second and 6MB per second respectively. The cards you want with modern DSLR cameras are class 10, or 10MB per second and faster, data transfer rates on the SDHC/SDXC cards.

There are some companies that complicate matters by saying that their cards are 133x or 200x when it comes to speed. Basically those numbers mean their data transfer rates; 100x = 16 MB per second, 160x = 24MB per second and so on….

So you only need a memory card that will keep up with your camera. Not EVERYONE needs a 280 MB per second SDXC card to shoot photos of your family’s sporting events.


The next thing to cover is when to use large cards versus smaller cards. If you have a new entry level camera, you will not need to have a large memory card. You should have a memory card that can hold 100 to 250 photos in your raw photo format for your camera.

Any more space than that can lead to a problem that may one day cause a problem for you

If you have one 64 GB SD card and it crashes on you, it takes all 64 GB of your images with it. If you use multiple cards and spread your photos out over the cards, the odds of a catastrophic failure ruining your memories, decrease. In a worst case scenario where a card crashes with your precious memories on it, you might be able to grab a few extra shots on the other cards and while it may not be the moment you want to remember, you will have some image of that time rather than lament about the one that got away.

Now…let’s talk about brands. Most major brands make good memory cards; Transcend, Samsung, Sandisk, PNY, Sony, Panasonic, Patriot, Lexar, and Verbatim are just a few of the names that come to mind. There are many, many more out there that are worth your time and investigation.

In short…unless you have experience with a DSLR, know what your camera’s specifications are, and maybe have a leaning towards one of the many brands, sizes, and speeds of memory cards, you will likely not need the fast, high capacity, cards. You need to know your camera, know what your needs are and how you intend to shoot. If you “spray” (meaning you shoot photos from your camera at the fastest frame rate your camera allows until the camera’s buffer is full) then yes…get faster cards. But most good photographers will tell you that you rarely need to spray any event. Three shots at one time is usually sufficient.

But we will cover that later.