Make money online (internet) selling photos

What a wonderful world the Internet has evolved into. Among all the scams and spams there are still numerous ways one with creative skills and positivity can make money as long as you can stamp your uniqueness into it. Last time I talked about how to make money by taking surveys on legitimate sites. Today, let us look at how to turn your creative photography skills into the most valuable piece of paper in the world..currency or money!

There are numerous sites online (Internet) where you can put your photos for sale and earn a royalty (money) every time it is downloaded by a client. istock photography is the most prominent in this field and they are the icons in this area. As far as my understanding goes they pay you 20% to 40% royalty fees. One thing to be noted is that some photos can be downloaded by more than one client. This means that one good photo could earn you royalties from multiple clients.

Let us take a look at some of the sites which you can cash on:

www.istockphoto.com : As mentioned they are the leaders in this area. They pay you a royalty on every photo of yours downloaded by their client/clients. As some photos can be downloaded by multiple clients, it means that you could earn multiple royalties for one photo depending on its quality. They pay 20% as royalty for normal pictures and for pictures they consider as exclusive (based on the quality and uniqueness) they pay 40%. istock now has provisions for uploading not just photos but you can upload audios and videos as well. Just browse through the audio and video area of the site and it will give you an idea about what is hot and thus create your own files taking a cue from that.
If you want to read more then click on the "sell stock" option which you can see towards the bottom part of their website and it will give you an idea about how you can join and upload your stocks such as photos, videos and audios.

www.shuttershock.com : Shutterstock will pay you 25 cents every time one of your images is downloaded. Once you reach $500 in earnings, your commission goes up to 30 cents per download. To read more about submitting your files you can go to: http://submit.shutterstock.com/

www.bigstockphoto.com : This site offers money to photographers, web designers, print designers etc. For photographers they offer 50 cents to $3.00 per image download - or much more on Special License downloads. Also you can make up to $60 per download with Special Licensing sales.
If you are a photographer for more details visit:
http://www.bigstockphoto.com/forphotographer.html

www.dreamstime.com : As of now there is around 65,859 photographers registered on this site. But you have to look at the fact that there are 1,340,343 users, which means there is still an opportunity there. Here you sell your stock images and get 50-80% from each sale you make.

www.stockxpert.com : They claim that there commission rate is the best and they offer 50% for each download you generate. They pay you by check or through other online payment options such as paypal, moneybookers and Ikobo.

Other similar sites : The best way to do a research is by using Google and you can check out the other related websites and do a research. For that all you have to do is type or copy and paste the following into the Google search box: related:www.istockphoto.com/index.php?view=full

It does not matter which place you are at as there is always a need for different kind of pictures such as sceneries, humans, animals, landmarks etc. So wherever you are just take out your camera and click some unique pictures and upload the photos. After all there is nothing to lose. Just give it a try.

How to make money online (Internet) through surveys- No scam

There are millions of people looking for ways to make easy money on the Internet especially to earn some additional income. One of the legitimate ways to make money online on the Internet is by taking part in surveys. But make sure that these are reputable research companies. There are a lot of scams going around and one must be cautious about not treading into those territories. Let us have a look at some of the reputed websites that help you make money by spending a few minutes of your time.
www.surveys.com : This site gives you vouchers which you can redeem against a range of items. The membership is free and also gives you multiple chances to earn cash prizes by taking surveys. This is an online community operated by GfK. GfK is a top-ten market research company, uniting some of the most renowned US and European research firms into a single global organization.
www.yougov.co.uk : You can join a community here by selecting the country you belong to and they pay you hard cash which they send by cheque (check). The surveys are really enjoyable and it gives you a place to voice your opinions and influence products.
www.ciao.co.uk : This site offers paid surveys and you can get paid for your opinions. You will receive £1-5 or the equivalent in US$ per completed survey.Your cash rewards will be paid into your Ciao account. You can request a payout once a treshold of £5 has been reached. Also for every new member you recruit for the Ciao Expert Panel, they will pay you 50 pence!
OTHER SITES :
All three of the survey sites listed above are legitimate sites and there are many other sites out there. But one must make sure that these sites are not scams and one of the ways you can check this is by going to http://directory.esomar.org/ There you can choose a country and go through the list of sites. They have listed all the legitimate sites and along with checking for the reputation of a site you can also bring up a list of survey sites where you can make money online.
So spare a few minutes , voice your opinion and make money. Good luck!

Microsoft Next-Generation Secure Computing Base

Q: What is the Next-Generation Secure Computing Base?

A: The Next-Generation Secure Computing Base (NGSCB), also referred to as "Palladium" is a new security technology for the Microsoft® Windows® platform. It will be included as part of an upcoming version of the Microsoft Windows operating system, code-named "Longhorn." NGSCB employs a unique hardware and software design to enable new kinds of secure computing capabilities to provide enhanced data protection, privacy and system integrity.

NGSCB will transform the PC into a platform that can perform trusted operations spanning multiple computers under a trust policy that can be dynamically created and whose integrity anyone can authenticate.

The technology being developed as part of NGSCB includes new software that will work on a new breed of PC hardware. This new architecture will provide unprecedented capabilities for enabling secure processing on the Microsoft Windows PC platform. In addition, it will preserve the flexibility and extensibility that contributes so much to today's PC ecosystem.

Microsoft is building base-level software components, including a new operating system module called a nexus that will enable secure interaction with applications, peripheral hardware, memory and storage. A nexus-aware PC will be designed to offer four categories of new security features:

• Strong process isolation. Users can wall off and hide pages of main memory so that each nexus-aware application can be assured that it is not modified or observed by any other application or even the operating system.

• Sealed storage. Information can be stored in such a way that only the application from which data is saved (or a trusted designated application or entity) can open it. With sealed storage, a nexus-aware application or module can mandate that the information be accessible only to itself or to a set of other trusted components that can be identified in a cryptographically secure manner.

• Secure path to and from the user. Secure channels allow data to move safely from the keyboard/mouse to nexus-aware applications, and for data to move from nexus-aware applications to a region of the screen.

• Attestation. Users have the ability to authenticate software or a combination of software and hardware. With attestation, a piece of code can digitally sign or otherwise attest to a piece of data and thus assure the recipient that the data was constructed by an unforgeable, cryptographically identified trusted software stack.

The Windows technologies that NGSCB introduces — the nexus and the special processes that the nexus commissions, called nexus computing agents (NCAs) — will offer a parallel execution environment to the traditional Windows kernel- and user-mode stacks. NGSCB creates a new environment that runs alongside the operating system, not underneath it.

A key goal in the development of NGSCB is to protect software from software-based attacks in the PC environment. In other words, NGSCB is designed to provide a set of features and services that a software application can use to defend against malicious code that might also be running on the machine, such as viruses running in the main operating system, keyboard sniffers or frame grabbers. This technology is not designed to provide defenses against hardware-based attacks that originate from someone in control of the local machine.

Q: What's new in NGSCB? What's the difference between NGSCB and Microsoft Windows today?

A: NGSCB extends the Windows operating system to provide a set of new secure computing capabilities. NGSCB will not change anything in Windows, but rather will sit beside with the regular Windows environment. To make NGSCB possible, both the software and the hardware will evolve. On the hardware side, the CPU, chipset, USB I/O and GPU hardware components will be redesigned, and a new component will be added, called the Security Support Component (SSC). On the software side, a new operating system component will be added, called the nexus, along with some associated code to enable the NGSCB environment. Collectively, this software comprises the trusted computing base (TCB) for NGSCB.

Q: How can I learn more about NGSCB ?

A: Microsoft will publish additional technical information about NGSCB as it makes progress. To be notified when this information is available, those interested can send e-mail to ngscb_qa@microsoft.com with "subscribe" in the subject line. Microsoft has established this announce-only mailing list to alert subscribers whenever new information has been posted to Microsoft.com.

Security vulnerability in Google Chrome browser

Hours after Google's very own browser Chrome was launched news is rife in the Internet world about its security vulnerability termed as carpet-bombing flaw.

The issue that this new arrival in the browser world faces is the Carpet bombing flaw: This is a combination of two vulnerabilities: one found in the Apple Safari (webkit) which Chrome uses and another a Java bug. This causes the users into launching executable files direct from the browser without any notification. This could lead to malicious hacker attacks.

This was an automatic download vulnerability found in Apple's Safari 3.1 and was already fixed by Apple in its next version,Safari v3.1.2. But Google, it seems, is using the WebKit 525.13 (Safari 3.1), which is an outdated/vulnerable version of the Safari browser.

It is said that Chrome could have more security issues in store. According to the researcher Aviv Raff who brought to light this vulnerability "I really wonder why Google have taken several features from other browsers and mixed them all together. Security wise, it’s very problematic.They’ll have to track all security vulnerabilities in those features, and fix them in Chrome too. This will probably be only after those vulnerabilities were fixed by the other vendors or were publicly reported. It will put Chrome users at risk for a long time."

So let us wait and watch what is in store for Chrome on the security front. In other areas such as speed and stability Chrome has already gained huge appreciation and has proved to be much better than other existing browsers.

Google's very own browser: Chrome

Google is launching its very own browser Chrome in 100 countries today. From what we have gathered through the articles spread across the Internet world it looks pretty promising and a leap ahead of other browsers with its JavaScript Virtual Machine called V8. Coming from Google we all expect them to be a league ahead of others. So far from the news that is going around it is definitely going in that direction.

Let us look at some of the features we came across; features which are only specific to Chrome apart from other usual features such as open source etc.-

• Special Tabs:

Each tab will run in its own process. These processes will be completely isolated from each other, will be killable from the operating system's process manager, and will be sand boxed to prevent them from accessing information on the user's computer. This means a tab crashing won't crash all the other tabs and also improves the security of the browser.

It is also mentioned that the Chrome puts the tab buttons on the upper side of the window, not below the address bar. I don't know what benefits this brings to the user.

• JavaScript Virtual Machine called V8 and speed:

According to the Internet sources "It is built from scratch by a team in Denmark, and open-sourced as well so other browsers could include it. One aim of V8 was to speed up JavaScript performance in the browser, as it’s such an important component on the web today." This means that this can also work with future generation web applications. The possibilities are simply mind boggling.

A multi-process design is used which could eat up a bit more memory up front but over time this could also mean less memory bloat and when web pages or plug-ins use a lot of memory the user will be able to spot it and pin point it to the respective item in the Chrome's task manager.

• Privacy:

A feature called the “incognito” window is available in this windows and according to Google “nothing that occurs in that window is ever logged on your computer.” The latest version of Internet Explorer features a similar feature which is called "InPrivate."

• Internet Security:

Google is already known for keeping a list of harmful sites and it is no wonder that for this browser to fight malware and phishing attempts, Chrome will constantly download lists of harmful sites.

Also the sandbox feature for whatever runs in the browser tabs makes sure that whatever runs on the tab won’t affect your machine and can be safely closed and is blocked from accessing other processes on the computer. But Plug-ins the user installed may escape this security model.

Apart from these there will be loads of other features. You can keep yourself posted on this by reading Google's Chrome related blog here.

Google's Chrome based comic

Hackers targetting legitimate websites to compromise user security

In the past it was through websites that were riddled with malwares an attacker compromised the Internet user security. Those websites were specifically created for this purpose. By exercising proper caution or by not visiting suspicious or unfamiliar sites an user was able to avoid such malwares.

Now, the focus has shifted. There is a new trend among the hackers/attackers. And it is compromising the security loop holes of legitimate websites.

Today the greatest risk to the user comes from the exposure to such malicious code from legitimate websites. The risk of getting exposed to these codes is huge since it is natural to unsuspectingly visit a legit and reputed website. And that is exactly what has made the hacker shift focus to these kind of websites.

The figures are scary. Scansafe reported that the increase in compromise of legitimate websites is a scary 407 percent and that 68 percent of the all the web based malwares the Scansafe security software blocked came from legitimate websites.

Talking about malicious websites, the Chinese territory of Hong Kong and the People's Republic of China are home to the largest fraction of malicious Web sites, according to a report published by McAfee antivirus company.Reports reveal that the top-level domains with the largest proportion of malicious sites belonged to Hong Kong (. Hk) and China (. Cn) with the Philippines (. Ph) and Romania ( . ro). The company surveyed nearly 10 million heavily-trafficked. A detailed study found out that 19.2 percent of all Web sites ending in the .hk posed a danger to visitors.

But those are websites which can be avoided by a user who excercises caution. The problem is that when it comes to legitimate websites it is difficult to suspect. Since the attacks are not directly carried out by these websites but by the attacker exploiting the security vulnerabilities and compromising the site, even the site owner might be unaware of these. Because of this it might take some time before the security vulnerabilties are fixed.

Some of the legitimate websites that have been reported to have been compromised are Nature.com, Foofighterslive.com, Thecareercompany.co.uk, Acer.co.th, Webster.edu and Photopass.com.

Let us have a look at how these websites are compromised:

1.Use of malicious scripts and iframes designed to silently deliver password stealers and backdoors to visitors' computers.

2.The fastest growing category of threats is backdoor and password-stealing malware. According to the ScanSafe report this increased 855 percent from May 2007 to May 2008, putting sensitive corporate data at serious risk of theft.

3. Use of Web-based malware-viruses, Trojans, password stealers and other malicious code.

4.SQL injection attacks that began in late October 2007 affecting hundreds of thousands of websites.

5. Through the use of stolen credentials FTP.

6.By inserting iframe redirection code or compromise a site to host malicious software.

7. A number of attacks on vulnerabilities in Web-site databases and administration tools has allowed attackers to litter legitimate sites with malicious code .

8.Random JS infection toolkit: It was reported by the security firm Finjan that hackers had bypassed security on at least 10000 legitimate domains to install the this toolkit.

Measures taken by Web browser developers to combact this:

Both Microsoft and Mozilla have through their browsers viz:- Firefox 3 and Internet Explorer 8 will block sites that attempt to infect visitors' computers with malicious code. Opera's new browser Opera 9.5 also has the anti-malware features.

These features will prevent users from downloading programs from Web pages that purposefully or inadvertently attempt to visitors infected with malicious code.

Using these web browsers along with good anti-malwares (updated regularly) and constantly patching up OS security vulnerabilities can help the user in restricting these kind of attacks to a great degree. But there will always be some room for these attackers as they keep on shifting their focus to unexplored terrirtories. So it is always a catch up game. This means that apart from the proper usage of anti-malware softwares and patch ups, the user should constantly keep in touch with the latest threats and security vulnerabilties.


References:
Securityfocus
ScanSafe

Prevent Cross-Site Scripting (XSS) and browser security vulnerabilities

The famous and highly useful NoScript add on has been around for a while. This open source add on has been evolving so much and now it is compatible with Firefox 3.1a1pre (Minefield) along with other features such as Faster Base64 injection checks in Anti-XSS filters, Improved IP based shorthands and Enhanced cross-site POST blocking as an anti-CSRF mitigation.

For those who are not yet aware of what Noscript is:

It is no secret that Firefox is the top dowloaded browser in the world and one of the main reasons for this can be attributed to the add ons feature it provides. There are plenty of them out their to suit the various needs of the users right from file sharing to video downlods.

Apart from this it is also the most safest web browser. But can it be more safer?
Well, as most of you know the best way to visit any site that you are unfamiliar with is to turn off the javascripts, flash plugins, cookies etc etc. So obviously a safe browser can even be more safer with these things turned off. And that is where the NoScript add on comes in.

The NoScript Firefox extension provides extra protection for Firefox, Flock, Seamonkey and others mozilla-based browsers: this free, open source add-on allows JavaScript, Java, Flash and other plugins to be executed only by trusted web sites of your choice.

One of the major feature of this add on is that it provides protection to the infamous Cross-Site Scripting (XSS) vulnerabilities. This sort of vulnerability is highly used by the hackers to steal passwords of the users.

Already there have been many incidents where this vulnerability was used to steal Myspace passwords and online banking passwords. As a person who has written and read a lot about how many browsers were compromised to steal the identity and user authentication using this vulnerability am glad that NoScript has put special attention to this.

Cross-Site Scripting (XSS) vulnerabilities are usually programming errors made by web developers, which allow an attacker to inject his own malicious code from a certain site into a different site. This usually happens when you have a website open in your browser and open another page which executes the vulnerability. Many famous browsers such as even Firefox had this issue before they came up with ant-phishing techniques. But still even the white listed sites are prone to this attacks and NoScript has taken special care to tackle this with its Anti-XSS counter-measures.

One of the best features of NoScript is that it has an unique whitelist based pre-emptive script blocking technique which prevents exploitation of known and unknown vulnerabilities.

When I checked today the No Script website is at 4 among the movers and shakers section list. It is clearly a hit among users especially the ones who are into online transactions.

Related links:
Some people have problems with setting up this add on to its full potential. If you are one of those go here

About Cross-Site Scripting (XSS) and the Anti-XSS feature.

NoScript home page

Some popular and very useful Firefox Add ons

Below is a collection of Firefox add ons/ extensions and they are listed here because of its popularity and the value of the comments from its users. All the add ons listed below are very popular and has racked in some very valuable comments from its users. Hence am sharing it here. Any add ons which have a huge weekly download and is popular , yet have negative feedbacks from its users are not listed here. So enjoy!

DOWNLOAD AND UPLOAD RELATED

Rapidshare HappyChecker
As everyone knows a non premium Rapidshare user has to go through the time wait and then has to fill in the Rapidshare captcha. But rapidshare for its non premium users has come up with the happy hours to give the Rapidshare non premium user some relief. This is a very popular Rapidshare happy hours notifier which notifies the user when Rapidshare Happy Hours are active.

DownThemAll! 1.0.1
DownThemAll is a very useful and popular download manager. It claims to have an advanced accelerator that increases speed up to 400% and it allows you to pause and resume downloads at any time. Users say it is fast, reliable and easy-to-use! It lets you download all the links or images contained in a webpage and much more. Also you can refine your downloads by fully customizable criteria to get only what you really want.

Firefox Universal Uploader
This firefox extension allows you to upload/download files from any website using a friendly interface. Upload files/photos/videos to Flickr, Picasa, Youtube, Box.net(1GB of free space), Facebook, Webshots and OmniDrive in this version. Next versions would support other websites like Google Videos etc. You can add multiple files to the queue at a time. Extension will take care of uploading them for you.

TORRENT RELATED

FoxTorrent 1.13
This is a BitTorrent client integrated into Firefox. Allows you to stream videos as they download and supports Windows, Mac, and Linux. This popular add on has 8,887 weekly downloads.

Torrent Finder Toolbar
Torrent Finder Toolbar is a torrent search toolbar for Firefox, which enables users to search over 180 top torrent sites and trackers from their Firefox browser. This is a great torrent finder and no longer one has to go to individual sites to search for the torrent files.

MUSIC AND VIDEO RELATED

FoxyTunes 2.9.5
FoxyTunes lets you control almost any media player and find lyrics, covers, videos, bios and much more with a click right from your browse Not compatible with Firefox 3. But this is very popular and has earned some great reviews by its users.

Video DownloadHelper 3.0.4
DownloadHelper is a tool for web content extraction. Its purpose is to capture not only videos but image files from many sites directly on your file system. It also works with MySpace, Google videos, DailyMotion, Porkolt, iFilm, DreamHost and others. This is very popular and has earned some great reviews.

There are some other video download add ons at the Firefox Add on website but the other very popular ones I had a look at had some bad reviews including one of them being detected as spyware by Avira Anti-Virus

Note: You can just use the free VideoLAN player to view .flv videos.

BLOG RELATED

BlogRovr 1.1.779
RovR fetches posts from your favorite blogs about anything you're browsing, and shows you summaries you can open read posts without leaving the web page you were on. Has got some great reviews.

Sage-Too 0.9.1 RSS Feeds etc.
Sage-Too is a lightweight RSS and Atom feed aggregator extension for Mozilla Firefox. Features include: Reads RSS (2.0, 1.0, 0.9x) and Atom feeds, Feed Discovery, Integrates with Firefox's bookmark storage and Live Bookmarks, Imports and exports OPML feed lists, Newspaper feed rendering customizable via style sheets, Technorati and RSS search engine integration, Support for the following locales: Argentine Spanish, Catalan, Chinese, Czech, Danish, Dutch, Finnish, French, German, Greek, Hungarian, Italian, Japanese, Korean, Polish, Portuguese, Russian, Serbian, Slovenian, Spanish, and Swedish This is highly popular with very positive reviews.

DashBlog 1.5
DashBlog lets you quickly collect videos, images, text/quotes, songs and screen-captures from any web page and publish them to your blog (word press, blogger/blogspot, tumblr) and/or twitter.It’s the fastest and easiest way for you post video, text, quotes, images and songs to your blog, tumblr and twitter (all at the same time). This is very popular among bloggers and has a high reputation among its users.

SECURITY/ ANONYMITY RELATED

Netcraft Toolbar 1.2
Blocks phishing sites, helping to protect users from online fraud. This toolbar is only for Firefox 2.0 or later. For earlier versions of Firefox, please download the toolbar direct from http://toolbar.netcraft.com/install

ProxySel 1.3.08a import export proxies
The Proxy selection and processing utility is a Mozilla extension that let you select a proxy from a drop down menu. You may import proxy lists in different formats. This has a Menu to add proxy manually and a Auto Tor, Privoxy detection feature. But some users are facing problems with TOR in the latest version of this.

Tor-Proxy.NET Toolbar 0.3
With this toolbar you can access TOR-Proxy.NET directly.This Addon creates a new toolbar, where you can enter the address you want to take a look at. You also can choose between different anonymization-networks. There are not much reviews on this even if it is popular. So it would be advisable to wait for some more reviews.

Torbutton 1.0.4.01
Torbutton provides a button to easily enable or disable the browser's use of Tor. This has earned some great reviews.

SwitchProxy Tool 1.4.1
SwitchProxy lets you manage and switch between multiple proxy configurations quickly and easily. You can also use it as an anonymizer. BUt this does not work with Firefox 3.

FoxyProxy 2.7.4
FoxyProxy is an advanced proxy management tool that completely replaces Firefox's limited proxying capabilities. It offers more features than SwitchProxy, ProxyButton, QuickProxy, xyzproxy, ProxyTex, TorButton, etc.

OTHERS
CustomizeGoogle 0.72
CustomizeGoogle is a Firefox extension that enhance Google search results by adding extra information (like links to Yahoo, Ask.com, MSN etc) and removing unwanted information (like ads and spam). All features are optional and easily configured.

Yapta 1.3.0.9 for Ticket Fares
An user review sums up this add on very well: "For the frequent traveler, this add-on by Yapta is essential. Every time you're looking at flights it just shows up and allows you to tag/watch those specific flights, thus avoiding (a) a separate trip to the Yapta site to utilize their very unique service, (b) having to go back again and again to the flight listings and check it. They notify you. You know how some add-ons are kind of complicated and you're not really sure how to use them? Nothing overdone on this add-on. It's simple, it works, and it saves you time. Plus it's not intrusive to your browsing experience. I did find a couple small issues, but no show-stoppers and the folks at Yapta have been responsive. Probably already fixed." But..even if this is very popular with 6,077 weekly downloads, it has only two reviews so far.

Shareaholic 1.4
Shareaholic allows you to share, bookmark, and e-mail web pages quickly via a wide array of web 2.0 social websites without cluttering up your browser. This add on is hugely popular and is even recommended by Mozilla/ Firefox.

Note: I have listed the add ons here which I felt are fine to use, after reading the reviews. Like I mentioned above all the add ons listed below are very popular and has racked in some very valuable comments from its users. Hence am sharing it here. Any add ons which have a huge weekly download and is popular but yet has very feedbacks from its users are not listed here. But it does not necessarily mean that I am right. Its just my belief and it does not mean that readers have to cater to that. All the extensions/ add ons listed above are submitted to the Firefox Addons website by individual developers and it does not necessarily mean that all of them are safe to use or not safe to use. So it is always advisable to read reviews about them before using them and its entirely upto the readers' discretion as to whether to use them or not after reading the reviews carefully. Its always great to use your logic and analytical skills before using them. Each individual add on has a longer description at the Firefox site and user reviews along with the developers' remarks. So choose wisely.