Personal Finance: Manage Your Money Better Online

Let's be honest. When times are good, we probably spend too much. Most of us could do a better job handling our money. When times are bad, too many of us stick our heads in the sand.

The Web has a wealth, indeed a surfeit, of tools and information to help you manage your personal finances. Both, of course, are bad ideas. To get an idea of just how much, simply take a look at Google's personal finance directory. So I've culled the list to find Web sites and tools that you'll find helpful and I find trustworthy. It's overwhelming. This is by no means "a best of the Web" list.

Swiss Army Knives of Personal FinanceKiplinger.com is a very deep site, ranging from short, newsy pieces like "A new ban on overdraft fees" to extensively reported features like this month's "Making the most of your benefits." The site tries hard to be helpful; for example a recent piece called "My Wallet was Stolen" gives bullet points about what to do right away and ends with the phone numbers of three major credit reporting agencies. It's too difficult to make that call, and I've avoided sites that have no free information. The Web site is free, but the eighty-year-old company offers a variety of newsletters and magazines at various prices. SmartMoney also has a well-deserved reputation for excellence and is notable for its wide-ranging information. One big benefit as outlined on the site: "Kiplinger answers the queries of its readers as a regular feature of their subscriptions, filling requests for additional information on any subject its publications cover, by phone, mail or email. Clicking on "personal finance," for example, brings up sections devoted to 13 different topics, including bank notes, debt, elder care, marriage and divorce.

College and Retirement Planning With the price of tuition at even public universities moving into the five-figure range, it's never been more important to develop a plan to afford a college education. SmartMoney also offers a wealth of investment tools, including real-time quotes, analysis and stock screening, but those features are behind a pay wall. Even if the heir apparent is very close to graduating high school there are steps you can take to mitigate the financial pain. Indeed, the site has an entire section devoted to financial planning for college filled with actionable tips, newsy items and generally helpful stuff. SmartMoney, for example, has an informative story about early decision students and financial aid.

Not to be outdone, Kiplinger has very meaty college-focused special report that includes pieces on comparing student loan packages and how best to use 529 (college savings) plans. By entering your personal information, you'll get back an estimate of your (teensy) monthly benefits at various retirement ages. It may be somewhat early for you to file for Social Security, but if nothing else, this government site provides a great reality check. The site has a good deal of related information, including application forms. Best Rates on CDs Finding a financial advisor is not easy and is a decision that has real consequences. There is a also a wealth of information for people approaching retirement on the Web site of the AARP. One feature I really liked that has use for a consumer of any age was called "The All Cash Challenge." As you'd expect it underlines something we all know, but probably don't put to use often enough: People who pay with cash spend less than those who pay with credit cards, because pulling those greenbacks out of your wallet hurts.

One place to start: The National Association of Personal Financial Advisors. NAPFA insists that its members be " fee only," which means the financial advisor is compensated "solely by the client with neither the advisor nor any related party receiving compensation that is contingent on the purchase or sale of a financial product." CDs don't pay much these days, but they are a secure place to park your money until better opportunities arise. Its Web site lets you search for advisors by area and by specialty. If that works for you, bankrate.com is a good place to shop. A similar tool on the site allows you to check fixed and adjustable mortgage rates for different durations and localities.

Its simple search tool includes clickable links, so if you see a deal you like, it's to take the next step. Any number of online sites help with basic financial chores, including budgets and expense tracking. After all, you'll be entrusting credit card numbers, bank account and maybe investment account information to a company you don't know much about. But I have to say that security is a real concern. That's not to cast aspersions on anyone; I'm just careful, and I hope you are as well.

Mint.com, which has garnered some good reviews, is now owned by Intuit, so the combined site is worth a look. Certainly Quicken Online, owned by Intuit, is long established, and its Web site is now free. Here's a final tip that I figured out after wasting too much money. When I had a misunderstanding with a credit card company, my account was temporarily suspended. My online life includes many services and publications that renew automatically. Suddenly a number of those automatic renewals bounced and I was prompted to update.

My credit account was quickly restored, and as a result of that little mishap I saved hundreds of dollars. (Thanks to Kathleen Pender, the long-time personal finance columnist for the San Francisco Chronicle, for her helpful suggestions.) San Francisco journalist Bill Snyder writes frequently about business and technology. I realized that I wasn't using some of those services and cancelled. He welcomes your comments and suggestions. Follow everything from CIO.com on Twitter @CIOonline. Reach him at bill.snyder@sbcglobal.net.

3 Basic Steps to Avoid Joining a Botnet

Banging the drum for security awareness never gets old. Online, the biggest battle these days is against botnets: networks of infected computers which hackers can use - unbeknownst to the machine's owner - for online crimes including sending out spam or launching a denial of service attack. As much as CSOs try to get folks to bone up on safe practices (both online and in the office), there are always going to be some who need reminding.

Unfortunately, the black-hat techniques employed to snare users into a botnet web have evolved to a level that makes them often undetectable by even the most sophisticated security products. Santorelli, director of global outreach with the non-profit security investigations firm Team Cymru, spends his days monitoring malicious online activity, particularly botnets. Combine that with a lack of user knowledge, and the threat of infection becomes very high. (See: Botnets: Why it's Getting Harder to Find and Fight Them). "The frustrating thing is they can make their chances of getting infected much, much smaller," said Steve Santorelli, who sees how users fall prey to easily avoidable traps every day. Santorelli notes that while just one strategy probably won't cover you, with several tools in the tool box, the rate of infection within an organization significantly drops. They might not realize the importance of working with IT to ensure they are up to date with patching and software upgrades.

Tip 1: Have work AND home machines regularly updated with patches and antivirus software The average user doesn't necessarily have a lot of technological knowledge, said Santorelli. This problem may be especially prevalent among workers who are exclusively remote. Sophos scanned 583 computers for 40 days and found that 81 percent of the machines failed one or more basic security checks. In fact, a study conducted by security firm Sophos last year found most computer users ignore security updates and turn off their firewalls. Most machines, 63 percent, were lacking security patches for the operating system, office application and programs like Windows Media Player and Adobe Flash. Those are exactly the folks that criminals love. "These people are going to go for the low-hanging fruit and unfortunately there is a lot of it out there," said Santorelli. "There are so many machines without updated AV on it." If your patching system isn't automated, your users need to be made aware of the risks they are taking by working with unpatched and out-dated security technologies.

More than half, 51 percent, had disabled their firewall and another 15 percent had outdated or disabled antivirus and anti-spam software. And while security updates are not the cure-all for malware infection, Santorelli said they certainly serve as a strong deterrent. "If you are walking down the street as a burglar and you see a house with a Rottweiler, and a visible sign from a security company, you probably won't attack that house," he noted. Unfortunately, that's less and less foolproof. "It used to be that if you surfed to places like CNN, or the Weather Channel, you weren't going to come across great deal of malware," said Santorelli. "That isn't the case anymore. Tip 2: Use the latest browser versions Staying away from dubious sites and sticking to known brands used to offer reasonable online safety. We've seen a number of cases recently where people have gone to a legitimate web site and there is an advertisement up there hosting some kind of malicious code." That is where the latest safe browsing technologies can help, said Santorelli. There is also a great deal of anti-phishing and anti malware that goes into them now.

The latest versions of today's browsers will often flag potentially dangerous content. "Browsers are so much more secure now that so many of the holes that existed in these browsers have been patched. So if you try and go to a link that contains malware, your AV might not pick it up. You can download the latest version of Internet Explorer or Firefox fairly easily and quickly, too (See: IE or Firefox: Which is More Secure?). "It will only take you five minutes to have the latest browser technology," said Santorelli. "It is just another string to your bow, so to speak." Tip 3: Be a little more careful when you get a link or an attachment. "Don't just blindly click on things and rely on other people to protect your computer," noted Santorelli. "You've got to take some responsibility for your own security." Team Cymru research reveals that the most common attack vectors for installing malware continue to be links in emails, or drive-by downloads. "We know from our recent investigations that there is a great deal of success to be had [for hackers] by just sending links out," he said. But your browser will say: "Are you sure?" The good news is most browsers are free. Just because you receive the email from someone you know and trust, it doesn't mean it is safe. See Five More Facebook, Twitter Scams to Avoid for examples of current attempts to exploit social media sites.

This includes friends and family, whose systems or accounts may have been compromised, and also well-known web sites you use, like social networking sites or banks. And large banks, such as Bank of America, often find their name is used in email phishing scams where thieves send out messages warning that customers their account has been compromised with a link that leads to a fake, but very legitimate-looking login screen. Of course, whether or not you should click any link or attachment also depends on if you have complied with steps 1 and 2 above. "You're going to have to take it on a case-by-case basis," said Santorelli "And my concern would be significantly raised if I didn't have my computer up to date with antivirus and browsing technologies."

Intel CTO: Machines could ultimately match human intelligence

Will machines ever be as smart as humans? The notion of a technological "singularity," a time when machines match and surpass human intellect, has been popularized by thinkers such as inventor and author Raymond Kurzweil, who commonly cites Moore's Law in his arguments about the exponential growth of technology. Intel CTO Justin Rattner thinks that someday, they might. Rattner's views on the singularity are sought after, given that he is CTO of the world's biggest chipmaker and the head of Intel Labs, the company's primary research arm.

So yeah, at some point, assuming all kinds of advances and breakthroughs, it's not inconceivable we'll reach a point that machines do match human intelligence." Already, scientists are working on placing neural sensors and chips into the brain, allowing people to control prosthetic limbs with their own thoughts. In a recent interview with Network World, Rattner said he has "tried to sidestep the question of when [the singularity] might occur," but says machine intelligence is constantly increasing due to laws of accelerating returns, "of which Moore's Law is perhaps the best example." "There will be a surprising amount of machines that do exhibit human-like capabilities," Rattner said. "Not to the extent of what humans can do today, but in an increasing number of areas these machines will show more and more human-like intelligence, particularly in the perceptual tasks. This is likely to become a "relatively routine procedure" in a few years, Rattner said. Rattner's views are also held in high regard in the world of supercomputing, of course, and he will deliver the opening address at the SC supercomputing conference in Portland, Ore. in November. Rattner said that while many commentators are preoccupied with the far-off singularity, he concerns himself more on how laws of accelerating returns "are real" and could lead to amazing advances in technology, including augmentation of the human body. "Assuming that interface technology progresses in an accelerating way, the possibilities of augmenting human intelligence with machine intelligence become increasingly real and more diverse," Rattner said. Nearly 80% of the world's 500 fastest supercomputers use Intel processors.

But Rattner says the supercomputing industry is already looking forward to the era of the exaflop - 1,000 times faster than a petaflop. The world's first petaflop machines, capable of performing one thousand trillion calculations per second, came online just last year. Rattner says the fundamental technologies behind a future exaflop machine could be demonstrated by the middle of next decade, and - depending on government investment - the first exaflop machines could become operational in the second half of the decade. You'd need a 500-megawatt nuclear power station to run the thing." The industry will have to move that number down to something practical, perhaps tens of megawatts, Rattner said. But this still depends on overcoming limitations in today's computing architectures. "Now that we've achieved petascale computing, there's all this interest in getting the next factor of 1,000," Rattner said. "But we can't get there with today's technology, largely because of power considerations.

But the work is just getting started. "We've got a lot of really big engineering challenges," Rattner said. "Today, we just don't know how to get there."

NASA, European Space agency want to go to Mars

NASA and the European Space Agency (ESA) are aiming to cooperate on all manner of robotic orbiters, landers and exploration devices for a future trip to Mars. The program would focus on several launch opportunities with landers and orbiters conducting astrobiological, geological, geophysical, climatological, and other high-priority investigations and aiming at returning samples from Mars in the mid-2020s. NetworkWorld Extra: 10 NASA space technologies that may never see the cosmos The envisioned program includes the provision that by 2016, ESA will build what it calls an Entry, Descent, and semi-soft Landing System (EDLS) technology demonstrator and a science/relay orbiter. Specifically, NASA and ESA recently agreed to consider the establishment of a new joint initiative to define and implement their scientific, programmatic, and technological goals for the exploration of Mars. In 2018, the ESA would also deliver its ExoMars rover equipped with drilling capability.

NASA and ESA will establish legally binding agreements, as soon as feasible, to cover specific activities of this initiative, the agencies said in a release. NASA's contribution in 2016 includes a trace gas mapping and imaging scientific payload for the orbiter and the launch and, in 2018 a rover, the EDLS, and rockets for the launch. The NASA/ESA agreement has been in the works for months and while the agencies have cooperated in the past, budgetary constraints likely helped move the discussions along. In fact one of the findings in the recent Review of United States Human Space Flight Plan Committee report said the US can lead a bold new international effort in the human exploration of space. The idea being they can support the costs of research, development and launch of Mars missions together better than individually.

If international partners are actively engaged, there could be substantial benefits to foreign relations and more overall resources could become available to the human spaceflight program. If humans are ever to live for long periods on another planetary surface, it is likely to be on Mars. The commission also said that "Mars is the ultimate destination for human exploration of the inner solar system; but it is not the best first destination. But Mars is not an easy place to visit with existing technology and without a substantial investment of resources." NASA's Mars Reconnaissance Orbiter has sent back high-resolution images of about 30 proposed landing sites for the Mars Science Laboratory, a mission launching in 2011 to deploy a long-distance rover carrying sophisticated science instruments on Mars by 2012. The European Space Agency recently said to wants volunteers to take a simulated 520-day trip to Mars. The 'mission' is part of the Mars500 program being conducted by ESA and Russia's Institute of Biomedical Problems (IBMP) to study human psychological, medical and physical capabilities and limitations in space through fundamental and operational research. Starting in 2010, an international crew of six will simulate a 520-day round-trip to Mars, including a 30-day stay on the Martian surface.

NASA: 2 rocket companies win $1.65M moon lander prize

NASA said it will this week award $1.65 million in prize money to a pair of aerospace companies that successfully simulated landing a spacecraft on the moon and lifting off again. NetworkWorld Extra: 10 NASA space technologies that may never see the cosmos To win the prize, teams had to demonstrate a rocket-propelled vehicle and payload that could take off vertically, climb to a defined altitude, fly for a pre-determined amount of time, and then land vertically on a target that is a fixed distance from the launch pad. NASA's Centennial Challenges program, which was managed by the X Prize Foundation will give a $1 million first prize to Masten Space Systems and a $500,000 second prize to Armadillo Aerospace for successfully completing the Northrop Grumman Lunar Lander Challenge. After landing, the vehicle then needed to take off again within a predetermined time, fly for a certain amount of time and then land back on its original launch pad.

Level 1 required a vehicle to take off vertically from a designated launch area, climb to an altitude of at least 150 feet, remain aloft for at least 90 seconds while traveling horizontally to a landing pad 300 feet away, then land vertically. The Challenge involved two levels of difficulty, with awards for first and second place at each level. The much more difficult Level 2 required a vehicle to take off from a designated launch area, ascend to an altitude of 150 feet, hover for 180 seconds, then land precisely on a simulated, rocky, lunar surface 300 feet away. The challenge required exacting control and navigation, as well as precise control of engine thrust, all done automatically, NASA stated. For both Levels 1 and 2, competing teams had the option to refuel their vehicle before conducting the required return level to the original starting point, all within a two-hour-and-15-minute time period.

The rocket's engine needed to be started twice in a short time with no ground servicing other than refueling. Masten Space Systems met the Level 2 requirements by achieving accurate landings and captured the first place prize during flights of their "Xoie" (pronounced "Zoey") vehicle Oct. 30 at the Mojave Air and Space Port. This represented the technical challenges involved in operating a reusable vehicle that could land on the moon. Masten also claimed a $150,000 prize as part of the Level 1 competition. Armadillo placed second in the Level 2 competition, earning a $500,000 prize. Armadillo Aerospace was the first team to qualify for the Level 2 prize with successful flights of its Scorpius rocket Sept. 12 in Caddo Mills, Tex.

An awards ceremony for the winning teams will be held at noon on Nov. 5 in Washington, DC.