Is Intuit Insane?

Updated on Wednesday, February 22, 2017

Yes.

Some more color. I use Intuit's assisted payroll service, which is fantastic. You run payroll straight out of QuickBooks and Intuit handles all the tax disbursement and filing for you.

I got an email today with an attachment called securedoc.html claiming to be a message from Intuit. The idea is that you open the attachment and then login to view the message.

It really couldn't look any more like a phishing email, however I called Intuit and remarkably it's a real message. They seriously expect me to open an email attachment and provide account information. The support person at Intuit was able to read the message to me and it was just a routine acknowledgment that some tax rates had been updated.

Intuit is seriously training its customers to fall victim to phishing attacks. The right approach would be to say that a message is available and to log in to your account to retrieve it, or better still to send a message through the existing system in QuickBooks. Securedoc.htm is just begging customers to provide their account information to the bad guys.

Intuit's payroll service stores bank account information, employee Social Security numbers and other data that you really don't want to expose. If you're an Intuit Payroll customer please call and complain. If you've received one of these messages I'd also recommend forwarding it to [email protected], their address for reporting phishing attacks. 

 

Add your comment...

Related Posts

You Might Also Like

(All Etc Posts)

Reviews and links for February 2010

Updated on Friday, February 24, 2017

Programming WPF by Chris Sells

4/5

A highly detailed and well written reference to WPF. Note that this second edition is still based on Visual Studio 2005 / .NET 3.0 so a little out of date now. I still found the book to be very useful and would recommend it both for picking up WPF basics and to refer back to for more advanced topics when needed.2/26/2010 2:00:00 AM

 

Professional C# 2008 by Christian Nagel

4/5

I'm in the process of upgrading to VS2008 and loved the 2005 version of this book so picked up the 2008 update. It's a broad language and framework reference, perfect for understanding what's available in .NET 3.5 and how to get started. My only complaint is that it could have used a "what's new" section or guide to separate out completely new technologies from those familiar from .NET 2.0. Not a big problem though, it's easy to skim through the old stuff and then pay attention when you reach something new. I'll probably pick up the 2010 version in 2015 or so ;)2/15/2010 2:00:00 AM

 

Links

- UK NHS urged to buy Fairtrade tools from BBC News | News Front Page | World Edition (Fair enough, but what about having developing countries pay to train doctors and nurses and then poaching them to work for the NHS?).

- Brown 'upset' by bullying claims from BBC News | News Front Page | World Edition (And when he finds those responsible he's going to turn purple, squint and twat them.).

- CBS runs free ad for "magic" energy box from Boing Boing (A slightly more skeptical take. Magic box plus natural gas...).

- French halal burger sparks appeal from BBC News | News Front Page | World Edition (So eat somewhere else. You're in France and not about to starve.).

- One inch equals $30,000 in online dating world from Boing Boing (I'm worth $2.2 million :)).

- Video: Mantis vs. Cursor from Boing Boing (OK, I need a Preying Mantis to entertain me like this while I work...).

- Toyota recalls 8,000 US vehicles from BBC News | News Front Page | World Edition (And they're not even real propellers. They're just the joke ones you can attach to your tow hitch.).

- Britain reveals how U.S. treated detainee from SFGate: Top News Stories (Miliband against the "principle of their disclosure by an English court against U.S. wishes"!).

- Mariposaaah!!! from Spots Unknown (Feels steeper walking up it.).

Add your comment...

Related Posts

You Might Also Like

(All Reviews)

BlogEngine.NET most popular pages widget using Google Analytics

Updated on Wednesday, February 22, 2017

I finished off my BlogEngine.NET migration yesterday missing a couple of useful sections from the previous incarnation of this blog. The first is a list of the most popular posts based on Google Analytics data. I've just finished porting this from a UserControl to a widget for BlogEngine.NET. To use this just download and extract this zip file to your widgets directory:

MostPopularFromGA.zip (5.22 kb)

You can see the widget in action under the Most Popular heading to the left if you're reading this post on the blog.

Most of the settings should be pretty obvious. The Google Analytics profile is the exception. This isn't the ID included in your tracking code. To get the profile log in to Google Analytics and click Edit next to the profile you want to use. At the top of the page you'll see a Profile ID. You need to use this number prefixed by ga: (i.e. ga:1234567). Once you have this and your account credentials entered you should be up and running.

The Post must match settings is a regular expression used to filter the Google Analytics report to only include blog posts. The default value corresponds to a default BlogEngine.NET install and only includes pages that start .../post/ (the regular expression is ^/post/). If your posts are under .../blog/posts/ then just update accordingly (^/blog/posts/). If you want to include the most popular pages regardless of the path just leave this setting blank. 

If you have any questions or feature requests leave a comment below. 

Add your comment...

Related Posts

You Might Also Like

(All Code Posts)

Migrating from Blogger to BlogEngine.NET

Updated on Friday, December 27, 2019

(Update June 22, 2010: I've released a tool, Blogger2BlogML, that converts Blogger's ATOM export file to BlogML. I ended up doing this because of problems with comments when I migrated this blog — I had to fix these up manually which was painful. I'm now working on some larger blogs where this would be impossible…)

In January I got an email from Blogger announcing that they're killing FTP support. Apparently only 0.5% of Blogger blogs are published using FTP and it's a huge pain to support, mainly because many hosting providers restrict FTP access to certain IP addresses and if the Google servers running Blogger that moment aren't listed it's technical support time. 

Fair enough, but a bit painful for me as I have five blogs running on top of Blogger. I need FTP publishing as the templates I use end up running as ASP or ASP.NET pages. I Thought He Came With You is the first to move - if you're reading this post then it's up and running on BlogEngine.NET. This is an open source ASP.NET blogging platform. If it works out for this blog over the next month I'll start migrating the others. 

Getting up and running with BlogEngine.NET is easy enough - download the latest release and follow the getting started guide. I added the default install to a new Visual Studio web site project and was able to run it fine in the development server, no need to configure IIS. 

The challenge was moving posts and comments from Blogger into BlogEngine.NET. BlogEngine.NET happily imports and exports BlogML, Blogger spits out it's own Atom export format

Luckily Aaron Lerch has knocked up a PowerShell script to export Blogger to BlogML. This takes your Blogger ID as a parameter and exports all the blogs associated with that ID. You can just pull the <blog> element you need out of the export if necessary. If you use this tool follow the syntax closely from the example on the post. If you're new to PowerShell run this as administrator to start with and enter "Set-ExecutionPolicy RemoteSigned" to give permission to run the script. Then exit and run a non-admin instance of PowerShell to run the script.

After getting the export BlogEngine.NET refused to import it. I kept getting an invalid username or password error from the BlogML importer. Digging into the code a bit I found that a crash was occurring in api/BlogImporter.asmx when a blank category was passed to AddCategories(). I patched this function to skip blank/null categories and was then able to import successfully. I added a bug report for the problem so please vote for it if you hit the same issue.

The blog was in pretty good shape after the import. Categories were lost so I had to create them again in BlogEngine.NET and then apply them to each post. I also found that the date for comments had been set to the date they were imported. This can be fixed by editing each post directly (the files in App_Data\posts). I fixed the timestamps and also added back the URL for each comment where I had one from Blogger. I also edited my own comments to match my new BlogEngine.NET account so they got decorated as "by the author".

At this point the blog was good to go, but using the default template.

I've now whipped up a new template to match the old blog - I was pleasantly surprised by how easy this was to do. At this point I Thought He Came With You is going live on BlogEngine.NET. 

Almost everything is working at this point. I had a couple of user controls I need to move over - one shows the number of people who haven't visited the blog, the other figures out the most popular posts using the Google Analytics API. I'll see if I can implement at least the latter as a Widget so that other people can use it - watch this space (Update - now available here). 

Overall, I'm impressed. I resisted the urge to just write my own blogging platform which is a testament to how easy it is to both get BlogEngine.NET running and to customize the look and feel. Now I just need to work up the enthusiasm to do the same for my remaining four Blogger based blogs...

Add your comment...

Related Posts

You Might Also Like

(All Code Posts)

Catfood.Shapefile.dll 1.10

Updated on Sunday, May 23, 2021

I've just released v1.10 of my ESRI Shapefile Reader (Catfood.Shapefile.dll). This is a .NET 2.0 forward only parser for reading shapefile content.

Sharon Tickell was kind enough to report two bugs with suggested updates. These have both been fixed in 1.10.

While working on these fixes I also discovered that there are no 64-bit Jet drivers (since releasing the first version I've upgraded to a 64-bit box for development). This is an easy fix, just target any application using Catfood.Shapefile.dll at x86. I've updated the demo application accordingly.

Download Catfood.Shapefile.dll from GitHub.

Add your comment...

Related Posts

You Might Also Like

(All Code Posts)

MMS Photo Upload to Facebook

Updated on Sunday, May 9, 2021

Does Facebook now hate MMS? For the past couple of weeks every time I tried to send a photo I got the following error message:

You have uploaded from an unrecognized address. For instructions on how to upload photos to Facebook, go to http://www.facebook.com/mobile"

I got this sending to both [email protected] and 32665. The referenced page is no help at all, and my phone number is registered with Facebook Mobile.

It turns out that there's a new secret email address. On the Facebook site click the icon to share a photo:

Facebook MMS Upload Step 1

Then click Upload a Photo:

Facebook MMS Upload Step 2

Then click upload via email:

Facebook MMS Upload Step 3

Your personal email address is finally revealed and can be used to send a photo via MMS.

Facebook - update your error message to point this out!

Add your comment...

Related Posts

You Might Also Like

(All Etc Posts)

Ambient Orb Controller .NET Library

Updated on Friday, December 27, 2019

The Ambient Orb is (was) an LED illuminated globe designed to display subtle information - stock market prices, weather, etc. Normally the Orb is controlled via the pager network but you can buy (or build) a developer module and connect the Orb via your serial port.

Ambient Orb

I've used my Orb via both pager and serial port for a number of applications. I've just released a library - Ambient Orb Controller - on GitHub that supports both methods of control. I wrote the library to make it easier for me to gin up new Orb applications. If you use an Orb let me know what you come up with. Two of my favorites are using the Orb for continuous integration and as a music visualizer.

Add your comment...

Related Posts

You Might Also Like

(All Code Posts)

Finding NPR on Windows Mobile

Updated on Sunday, October 23, 2022

Now here's a niche:

Windows Mobile Owners and NPR Fans Venn Diagram

I'm occasionally jealous of an iPhone app, in this case a station finder for NPR. I hate hunting on a long drive or in a strange city. Luckily, NPR has an API, so I've whipped up an NPR Station Finder for Windows Mobile.

Add your comment...

Related Posts

You Might Also Like

(All Code Posts)

Licensing Fail: WinZip vs. ScanToPDF

Updated on Sunday, May 3, 2020
Software licensing is a tricky art - too little security and you leak revenue, too much and you leak customers. I worked on several license management systems at Ç-Dilla and Macrovision so I've spent far more time than is healthy thinking about this problem.

In general I think the best system is one that helps keep honest users honest. A speed bump that itches the conscience but doesn't get in the way of legitimate customers getting their job done.

I just migrated to a new computer and have finished several days of installing software and drivers. This is never a fun task, but I've been through it a few times and keep all my license information on a NAS drive to reduce the pain.

WinZip has a great trial model. The product is fully functional and nags you just enough that you'll eventually pay. I've been a customer for years, and as I moved to Windows 7 I emailed to ask about upgrade pricing. I got a prompt response and was up and running in no time.

I didn't need to upgrade. The old version of WinZip installed just fine using an existing license key.

ScanToPDF from O Imaging was a different story. The license is locked to a PC, and there's no way to move it automatically. You have to email them. It then gets worse - there's an "administration charge" to move a license. So as a paying customer I have to wait for the UK office to respond to email and even then I can't continue to use the product I've paid for.

I'm sure it's in the small print somewhere.

But the impact is that ScanToPDF has lost a customer, an advocate (I've suggested the product to others in the past, never again) and infuriated me enough to throw up a negative blog post. Is the administration charge really worth it?

At Catfood I use very simple license keys locked just to an email address. I'll refund any purchase with no questions asked. I'll issue new licenses as needed to keep customers happy. I have an online service to retrieve lost keys.

The products get pirated immediately, and finding a key generator doesn't take a lot of sleuthing. I don't care about this at all, because happy customers recommend products to their friends. Pain-free licensing is absolutely key to happy customers. Don't fall into the trap of putting your energy into complicated licensing and enforcing procedures. Add a new feature instead.

Add your comment...

Related Posts

You Might Also Like

(All Marketing Posts)

State of the Micro-ISV-osphere

Updated on Saturday, May 1, 2021

I was a micro-ISV (µISV) for years before I heard of the term. It was coined by Eric Sink to describe a one man software shop, and is now generally used for any small software company.

There isn't much market data available this far down the long tail so I've spent some time analyzing PAD files to see if I could answer a few questions.

PAD is the Portable Application Description specification from the Association of Shareware Professionals. It's used to describe software for submission to download sites. How useful these sites are is another question — read Scott Kane on this if you haven't already.

I spidered all the PAD files listed in the ASP directory, downloading data on 76,066 products from 39,861 µISVs (companies / people / publishers). It's not a perfect data set as there are PADs that aren't software and µISVs that don't use PAD. I've also heard that some people are developing web apps these days. But here goes…

Where are the µISVs?

Countries with the most micro-ISVs

Overwhelmingly in the US. Other countries with more than a thousand listed are the UK, Russia, China, India, Canada, Germany and Australia (in descending order). Most countries have at least one µISV but the numbers fall off pretty quickly.

How much do µISVs charge for their products?

Micro-ISV product cost distribution

$29.95.

About a third of products are free and a third fall into 9 price points (all ending in 5). I found over a thousand different US Dollar price points overall.

The most expensive product was a $150,000 Green Living site license from South Beach Software (an order of magnitude more expensive than the runner up).

How large are µISVs products?

Micro-ISV product sizes

There's not much action past 20 MB. Most downloads are between 1-2 MB. There's an interesting little spike around 14 MB. I guess this is a popular framework, possibly Java? The largest download was almost 1.5 GB.

Are µISVs still releasing downloadable software?

Most recent micro-ISV product release by month

This is a tough one to get at because PAD files just tell you about the most recent version, not the release history. The chart really shows a last update distribution for the products in the PAD catalog.

There's a large number of products last updated in mid-2008 with nothing comparable in 2009. Could this be a drop-off in PAD usage? A shift to web apps? Maybe final releases before the recession hit leading to less spare cycles for side projects (my µISV certainly pays for beers rather than mortgages).

How many products do µISVs publish?

Micro-ISV products per company

This final chart shows that most µISVs have just one product. Of course in some cases there might be a brand per product and still a single entity — it's impossible to separate this out from the PAD data. The largest number of products from a single µISV is 616.

Add your comment...

Related Posts

You Might Also Like

(All Marketing Posts)