Category Archives: Industry News

Computer Security 101 – Section 1 – Passwords

Secure passwords are just the first step

We all hear the news, cyber threats and identity theft are on the rise. What can be done? The best defense starts with your own behavior. One key factor of any security policy is how you handle passwords.

The first rule of a good password is, it should never be shared with anyone. This may seem obvious, but at the root of some of the biggest security breaches in the world, you’ll find stolen or misused passwords.

This goes beyond simply not giving out your password to strangers. If you reuse passwords over several websites, you are exposing all of them. For example, if you sign in to a shopping website with your email address and a strong password, what happens if that site is breached? The hackers immediately start going around to your email server, your banking website, Paypal, etc to see if that same password works.

If that stolen password does work on your email, they have the key to almost any website you use. Most websites allow you to recover your password and user name by email. If they control your email account, they receive the password reset messages, and they’re in.

The first thing you should do if you do have a password stolen is change the passwords on any other critical websites and systems you use. If you think your computer may be compromised, you should do this from another computer as soon as possible. Don’t wait until your PC has been replaced or cleaned. Time is of the essence. Nowadays, the hackers are getting paid to act quickly, you have to as well.

The actual password you use is also important. It needs to be as complex as possible. Many systems will now force you to make a reasonably complicated password. However, the biggest thing that will actually slow down a hacker is the size of your password. That’s why many security experts now recommend a pass phrase rather than a password. That is, instead of using “Tulips73”, use something like “In1973ISawSomeTulips”. This would be a good practice on your most secure sites.

Which brings up the concept of security levels. You know the government has them. You should too. You could have one or more “public” or “throwaway” passwords you used for unimportant sites. For example, a news site that doesn’t know any personal information. You could then have a “mid grade” set of passwords for websites that know some personal information, such as your address. Finally, you would save the “high grade” passwords for important sites like your email, online banking, etc. Each of these should probably have a different password, especially the email.

Quick point on personal information. You should give out as little as possible. Every site doesn’t need to know your real address, and almost no site needs to know your real birth date, much less your Social Security Number, credit card number, etc. If an identity thief knows your birth date and address, they can find out almost anything else. Since so many sites do ask for your birthday, make up a fake one so you can remember. Maybe add three to your actual month day and year. If you were born on February, 5th 1980, you could tell any website that asks that you were born on May, 8th, 1983. Yeah, you’ll get some strange birthday wishes, but isn’t that better than strange accounts on your credit report?

Hopefully, this introduction section has given you something to think about. That’s the biggest thing you have to do. Develop the habit of thinking about security.

Postal Reform May Finally Happen

USPS Report Bill

USPS Postal Reform May Finally Happen

It’s early yet, but according to a report in the Washington Post, there is strong bi-partisan support for a new round of Postal Reform. As one would expect from a compromise, there are good and bad points from whatever viewpoint you may hold.

Some key items, Saturday delivery would continue (which is a major advantage for USPS in the parcel delivery space). Stamp prices would increase 1 cent (beyond the recent annual increase). It’s not stated in the article, but this would likely include a similar modest increase for commercial mailers. Postal employees would participate in Medicare, eliminating a great portion of the pension and healthcare issues that have plagued the organization.

The main point is, if it holds together this time, the USPS may finally have the reform legislation that’s been needed for many years. Then we can all get on with the business of using the postal system without having all the uncertainty hanging over us.

 

USPS Rates Increase. Are you ready?

USPS Postage Increase

New Rates Effective January 22, 2017

The 2017 rate increase is almost upon us. Any mailings presented after January 22, 2017 will use the new rates and fee. While the rates are tied to inflation, and First Class stamps are going up from 47 to 49 cents, they have adjusted the rates differently in various categories. For example Non-Profit postage had a slight decrease, while Bound Printed Matter goes up about 1%.

Here’s a link to the USPS Proposed Rates page.

There are also various rules changes associated with the increase. For example, you cannot use FTP to transmit SSF and EVS files soon, but that’s another story.

 

 

The Scary Side of The Internet of Things

The Scary side of IOT

The IOT Gets Scary

You may have heard some buzz about the Internet of Things or IOT. This is the idea that our appliances should all get smarter and be connected to the internet. While there are useful things (smart TVs with built in Internet browsers), and things that sound like they would be handy (a DVR that can download and search the TV listings to find your favorite programs), there are also things that seem a little creepy. (Do you REALLY want your refrigerator to keep up with what you eat and drink?)

Besides all that, the technical press has been discussing the truly scary side of IOT devices for a while now. That is, they are internet connected computers with little or no security, and almost no way to correct flaws. There’s now been a major example of this issue. If you had a hard time reaching Paypal, Amazon, Twitter, Netflix, or other popular Internet services on October 21th, you may have been a victim. An underlying service provider named Dyn was attacked with a massive distributed denial of service attack (DDOS). This made it difficult for many users to reach several of the internet’s top properties.

According to Flashpoint, the attack used a hacker technology called a Mirai BotNet. A BotNet is a collection of hacked computers that can be utilized as weapons or soldiers in attacking a system. What makes Mirai different is that it is designed to hack and control IOT devices. Previously seen in an attack on KrebsOnSecurity, the source code for the Mirai system has now been released, and almost anyone could build their own IOT BotNet.

After action reports indicate this may have been the case in the recent outbreak. Industry experts are of the opinion that this attack was conducted by one or more low level hackers, perhaps trying to experiment with the toolkit, or just show off for their friends.

So just remember the next time you look at your “smart” toaster. It may be a battle hardened robot warrior in disguise.

 

 

Analysis of USPS 2017 Bound Printed Matter Postage Rates

USPS Bound Printed Matter

Bound Printed Matter increases average of 1%

Details of the 2017 proposed rate increase have been filed by USPS with the Postal Regulatory Commission (PRC). While preliminary, the filing usually reflects the rates we’ll see. We’re in the process of performing our analysis of these new rates and rules. Rather than simply comparing the old rates to the new, our analysis takes actual historical shipping data into account.

Specifically for Bound Printed Matter Parcels, the USPS states a 1% rate increase. For local entry mailers, this basically holds true. The rate of increase varies from 0.8% to 1.5% by weight of the mail piece. With a typical 2 pound book, the rate is 1%.

However, there is good news for drop ship mailers. Whether you enter at the NDC or SCF level, the rate increase is only 0.5%. It seems the USPS has finally figured out they should reward drop ship mailers for doing so much work for them.

We hope you find this information useful. If you have further questions on proposed rates or rules changes (such as the proposal to drop the FSS discount/sorting requirements for Flats) please contact us, and we’ll be happy to look into it for you.

If you’d like to explore the published rate information yourself, it’s on USPS Postal Explorer.

USPS Intelligent Mail Package Barcode (IMpB)

USPS IMpB Example Bar Code

USPS Intelligent Mail Package Barcode

Are you ready? If not, we can help.

There’s a lot to know about the Intelligent Mail Package Barcode, and the stakes are pretty high. For example, an average 2.5 pound book, shipping Bound Printed Matter, would cost 79 cents more without the IMpb. If you do drop shipping, it’s even worse, because you lose those discounts too. If you’re not ready, we can help get you there quickly and efficiently.

Intelligent Mail Package Barcode (IMpb)

Effective January 2013, the USPS requires an IMpb bar code for all parcel/package services.
If you don’t have it, you lose your presort discounts.
If you drop ship, you lose that privilege and discount.
Effective January 2014, there is also a 20 cent penalty per piece.
You must submit a data file, which is not a Mail.Dat, to the USPS for each shipment.
There is a strict certification process for the barcode printing, and the data file.

IMpb Related Services

Guidance through entire certification process.
Programming and consultation in preparing the new label format.
Pre-certification examination of label samples to catch formatting errors.
Advice in passing the print quality standards.
Ability to format the labels and send you print-ready PDFs.
Programming and consulting in creating the package data file.
If desired, we can prepare and transmit the file on your behalf.
We provide as much or as little help as you need in a fee for service structure.

Ready or Not, Here it Comes! Windows 10 Update That is.

Users forced to update to Windows 10

We’ve been hearing rumors it was going to happen, now we’ve seen it. This morning, one of our customers experienced a forced update to Windows 10.

While the PC was running a large print job, they walked away from it. When they returned, the Windows 10 upgrade was already in process, with no prompting or way to cancel. Thank God the process they were running had completed before the PC rebooted. That PC was running Windows 7 Home, 32 bit.

Aside from the almost-universal complaints about the user interface (which is at least better than Windows 8), the update did go pretty smoothly. So far, their programs and drivers are all working.

If this follows the pattern we saw with the “free upgrade” icon, it will hit more and more of these Window 7 Home Edition PCs, then eventually get into the Windows 7 Pro Edition PCs.

If you have systems that cannot have an unscheduled interruption, it may be time to go ahead and take the update plunge. At least you can control the timing that way.

USPS – Postal Reform Taking Shape

USPS Postal Reform Update

As you’ve probably heard, the USPS is in deep financial trouble. They’re losing billions of dollars every year. This report from the Government Accountability Office (GAO) – Testimony Before the Committee on Oversight and Government Reform in the House of Representatives on May 11, 2016 outlines many of the challenges they face. In many cases, it may be worse than you know. Here are some key points…

  • Despite declines in service levels, labor compensation and benefits account for 80% of USPS expenses. This puts them in a bind to further reduce expenses.
  • First Class mail (letters, statements, invoices, etc) is the most profitable class of mail. Volume has declined from about 98 billion pieces of mail in 2006, to about 62 billion in 2015.
  • As the USPS is major fulfillment service for online shopping, package volume is rising. However, USPS calculates they need $2.50 in new package revenue to offset each $1.00 lost in First Class Mail volume due to higher processing costs.
  • The mandate to 100% pre-fund the retirement accounts of all past, current and future employees is often cited as the key contributor to USPS losses. However, you may not have heard that USPS has defaulted on $28.1 billion in these payments since 2007, which makes all that red ink a few shades darker.
  • Even without this pre-funding requirement, the USPS would still have lost $10.8 billion during the same time period due to reduced mail volume.

While Congress will have the final say in what, if any, reforms will take place, in Postmaster General, Megan Brennan’s Written Testimony to the Committee, she outlines the position of the USPS. She outlines the major elements of their plan as follows..

  • Require full Medicare integration for parts A, B and D, for postal retiree health plans (This would lower USPS exposure by moving some of the burden for retiree health benefits onto Medicare).
  • Restore the exigent price increase for market-dominant products (taking back the April 2016 price decrease).
  • Calculate all retirement benefit liabilities using postal-specific salary growth and demographic assumptions (they dispute the way the payments are currently calculated).
  • Provide some additional product flexibility (more control over the services they offer, and what they can charge for them).

Even if they do get this entire wish list, Brennan admits it won’t be enough to solve all the USPS woes, to which the answer is more price increases. Unfortunately, we feel this will mean further declines in volume, which will lead to larger losses.

We’ll keep you posted if there are any developments from Congress, but don’t expect anything until at least November after the elections.

 

National Postal Forum 2016

National Postal Forum

NPF 2016 Coming to Nashville, TN March 20-23

The National Postal Forum will meet in Nashville, TN March 20-23, with the exhibit floor being open on March 21 – 23. The NPF is the premier show to demonstrate and learn about the latest in mailing technology and techniques.

There are educational sessions discussing USPS, postal news, Direct Mail, and general business subjects, with several professional certifications offered. The exhibit floor allows you to explore the latest in the world of mailing and printing hardware and software.

The NPF is always a good show. You should catch it any time it’s near you.

 

GABBS Atlanta Coming March 2-4

Great American Bargain Book Show

GABBS 2016, The Great American Bargain Book Show, is coming March 2 through 4 in Atlanta Georgia. GABBS is trade show focused on small and independent book stores. There are general business education and industry news based seminars, and a show floor to purchase reduced cost books, and explore other products and services.

For the first time, we’ll be there as an exhibitor. We’ll be talking to people about the ShipSYS Shipping System, our Remote Mail Manifesting services, web page development, the DIY Lobby product, and more.

Hope to see you there!

 

1 2