Those barcode-looking things? They’re called QR codes. Here’s what they do.

Many of you reading this have undoubtedly seen a QR (Quick Response) code by now… …but there’s just as much — if not more — confusion surrounding them today as there was a number of years ago. Well, prepare to no longer be confused by these highly-useful things that are seemingly popping up everywhere these days (and for good reason, too)!

Put simply, QR codes serve as an ultra-fast reference for something that someone can look up immediately on the spot, or at a later time. By using your cell phone and a QR code reader app, scanning a QR code might yield a Web address, name and address, phone number, email address, pre-filled text message, or some other similar data type. To give you a better visualization of how it works, consider the following 3 short scenarios:

Scenario 1: You’re walking around in a town you’ve never been to before, collecting menus from restaurants that you’re hoping to find some decent local food from. But instead of simply handing out takeaway menus, you notice many of the restaurants are providing an eco-friendly QR code for you to scan to see their menu and effectively have it with you at all times on your phone.

Scenario 2: You’re out at a concert, listening to one of your favorite bands, when all of a sudden, you notice the guitarist is wearing a shirt with a giant QR code on the back of it. Being in the 7th row and knowing what a QR code is, you take out your phone so you can get a picture of it to see what he wants you to see. Lo and behold, you’ve just earned a secret backstage pass right there on the spot that no one else can win now because you were the first to access it!

Scenario 3: You’re flying over a city about 15 minutes out from landing at your destination, when all of a sudden, you notice an incredibly massive QR code that has been painted on the top of an entire building. Once again, you take out your phone and quickly take a picture so you can see what it’s all about (be it a URL, phone number, text message, or otherwise) once you’ve got cell service again.

Those are just a few scenarios, but there are TONS of scenarios that companies and individuals are currently utilizing QR codes for. Just the other night, I was practically inundated by QR codes while out eating dinner at a restaurant: their menu had a QR code on it so you could have a copy to go right there on the spot, the ketchup bottle on the table had a QR code on it so you could visit the manufacturer’s Web site, and someone had printed out a QR code on a sheet of paper and stuck it on the mirror in the men’s restroom.

Now, what do you do when you see a QR code? Well, you either need a camera or a phone with an in-built camera. If you have a phone with an in-built camera, there are plenty of QR code apps you can download from your respective app store/market that will allow you to scan a QR code and it’ll show you the information contained within it. If you only have a camera, then you can simply take a picture of a QR code with which to upload later to a site like ZXing Decoder Online. Lastly, if you’re interested in creating your own QR code, well, that’s just about as easy as decoding one, what with online QR code generators like this one.

For as quick and convenient as QR codes are, they aren’t 100% risk-free, since all kinds of data can be contained within them. Wikipedia spells it out best in their QR code risks section:

Malicious QR codes combined with a permissive reader can put a computer’s contents and user’s privacy at risk. They are easily created and may be affixed over legitimate QR codes. On a smartphone, the reader’s many permissions may allow use of the camera, full internet access, read/write contact data, GPS, read browser history, read/write local storage, and global system changes.

Risks include linking to dangerous websites with browser exploits, enabling the microphone/camera/GPS and then streaming those feeds to a remote server, analysis of sensitive data (passwords, files, contacts, transactions), and sending email/SMS/IM messages or DDOS packets as part of a botnet, corrupting privacy settings, stealing identity, and even containing malicious logic themselves such as JavaScript or a virus. These actions may occur in the background while the user only sees the reader opening a seemingly harmless webpage.

In other words, the information waiting on the other side of a QR code might not be all roses and sunshine — even if it’s something as simple as a derogatory plain text message.

So, with all that said and now that you know everything you need to know to make use of QR codes, what are you waiting for? Start by scanning the QR code you see in the upper right-hand corner of my post (I promise it’s not malicious) and see where it leads to. From there, be on the lookout for QR codes all around you as you’re shopping, eating, vacationing, working, browsing, etc. Before long, they may just start making life a little more convenient for you!

10 ways to improve Excel performance

Most Excel files are small enough not to affect performance, but size isn’t the only thing that can slow things down. Fortunately, you don’t have to know all about multithreads and dual processors to eliminate bad performance. The following tips are easy to implement, so even the most casual users can improve performance when a workbook slows down. Better yet, apply this advice when designing sheets to help avoid sluggish performance altogether. 1: Work from left to right This tip is easy to implement because data tends to flow from left to right naturally, but it doesn’t hurt to know that there’s a little more going on under the hood. By default, Excel will calculate expressions at the top-left corner of the sheet first and then continue to the right and down. For this reason, you’ll want to store independent values in the top-left portion of your sheet and enter expressions (dependent cells) to the right or below those values. In a small sheet, you won’t notice much difference, but a sheet with thousands of rows and calculations will definitely perform better when you position dependent cells to the right and below the independent values. In technical terms, this behavior is called forward referencing. Formulas should be to the right or below the referenced values. Avoid backward referencing, where formulas are to the left and above the referenced values. 2: Keep it all in one sheet When possible, store everything on the same sheet. It takes longer for Excel to calculate expressions that evaluate values on another sheet. If you’ve already spread your work across several sheets, rearranging everything probably isn’t worth the effort. But keep this one in mind when planning sheets. Keep expressions and references in the same sheet, if possible. 3: Keep it all in the same workbook Linking to or referencing other workbooks will usually slow things down, even in an uncomplicated workbook. If you can, store everything in the same workbook. Using fewer larger workbooks will be more efficient than using several smaller linked workbooks. When you must use linked workbooks, open them all — and open the linked workbooks before opening the linking workbooks — to improve performance. 4: Clean things up What you’re not using, delete. Create a backup so you can reclaim functionality at a later date and then delete everything you no longer use. In doing so, you’ll minimize the used range. To determine the used range, press [Ctrl]+[End]. Then, delete all rows and columns below and to the right of your real last used cell. Then, save the workbook. 5: Convert unused formulas If you’re still referring to derived values (the results of formulas), #4 isn’t feasible. You can, however, convert the formulas to static values. But only do this if you’re sure you will never need to recalculate the formulas that generated the values in the first place. To convert formulas to their static values, use Paste Special and select Values to paste. Doing so will overwrite the formulas with the results of those formulas. Be careful, though. The formulas really will be gone. Create a backup first, just in case. 6: Avoid multiple volatile functions A volatile function recalculates every time there’s a change in the worksheet, and that slows things down. An efficient alternative is to enter the volatile function by itself and then reference that cell in your formulas. The function will still calculate as expected, but only once instead of hundreds of times. Examples of volatile functions are RAND(), RANDBETWEEN(), NOW(), TODAY(), OFFSET(), CELL(), and INDIRECT(). 7: Avoid array formulas Gurus and power users alike love arrays, and they are a powerful tool. Unfortunately, they’re memory hogs. It might be hard to believe, but a couple of regular formulas will calculate faster than their equivalent array. If helper formulas aren’t adequate, consider a user-defined function. In addition, you might be able to replace arrays with new functions, such as SUMIF(), COUNTIF(), and AVERAGEIF. (Array formulas perform somewhat better in the Ribbon versions of Excel.) 8: Avoid monster formulas The performance killer in most workbooks is the number of cell reference and operations, not the number of formulas. Throw in some inefficient functions and you can slow things down enough that users will complain. Two or three helper formulas are almost always more efficient than one super colossal formula. 9: Use ISERROR() to update old error-masking formulas If you’ve upgraded to a Ribbon version of Excel, you can replace most of your convoluted IF() masks with the IFERROR() function: =IFERROR(expression,actioniferror) This function is more efficient than the pre-Ribbon solution of using IF() in the following form: =IF(ISERROR(expression,trueaction,falseaction)) If you’re still working with a pre-Ribbon version, consider a helper formula (#8). Two columns of simple formulas will be more efficient than a single column of IF() functions. 10: Limit conditional formats Many techniques rely heavily on conditional formatting, but sometimes at a cost. Every conditional format is evaluated every time the workbook performs calculations. Use conditional formatting wisely, and sparingly. Too many conditional formats will slow things down.

Phone scammers target PC users with phony virus reports

Here’s an informative article from ZDNet about a new scam:

An old social-engineering scam appears to have taken on new life lately, targeting PC users worldwide.

Ironically, the scam doesn’t use a computer at all—at least, not initially. Instead, it starts with a phone call from someone who claims to be affiliated with Microsoft or another legitimate company or government agency.

The caller then asks for the primary computer user in the house, who is told: “Your computer has downloaded a virus.” And, of course, the caller is ready and willing to fix the problem. All you have to do is navigate to a web site, click a link to install some remote-control software, and allow the “technician” to get to work.

The perps are using legitimate remote-assistance software, like the Ammyy Admin program from Ammyy Software Development, which posted a warning that included some reports the company has received from scam victims:

“I got call from an India based consultant who said to me that he is calling from a govt. organisation in Melbourne, Australia. He made me to log into my computer to track some files and without advising me he wanted me to download a software application from ammyy.com and get remotely connected to a technician to delete some files…”

“I was recently called by what I thought was my internet service provider technician who used Ammyy to gain remote access to my computer – after I stupidly granted him that permission. It turns out that he was nothing to do with my internet service provider. When I became suspicious and began questioning him he said he would show me who he was and opened a website of a company – the web site triggered my virus software and I then demanded that the remote access be terminated…”

The scam has been around for a few years. Charles Arthur at the Guardian UK wrote about a similar scam last year, noting that it had been “going on quietly since 2008 but has abruptly grown in scale this year.” He wrote about it again in March 2011.

In June of this year, Microsoft published a warning about the scams, including results from a survey it conducted in the U.K., Ireland, U.S. and Canada. The survey showed that across all four countries, 15 percent of those surveyed reported having received one of these phony support calls.

Of those who received a call, 22 percent, or 3 percent of the total survey sample, were deceived into following the scammers’ instructions, which ranged from permitting remote access to their computer and downloading software code provided by the criminals to providing credit card information and making a purchase.

The vast majority (79 percent) of people deceived in this way suffered some sort of financial loss. Seventeen percent said they had money taken from their accounts, 19 percent reported compromised passwords and 17 percent were victims of identity fraud. More than half (53 percent) said they suffered subsequent computer problems.

The latest outbreak appears to be another wave, judging from the sudden increase in complaints I’ve seen recently.

I’ve heard from Windows users and legitimate support specialists who’ve seen this scam in action in Australia, Canada, and the UK. Recent reports from Microsoft indicate that the scammers have widened their net and are now working in languages other than English, targeting Windows users in Poland and the Czech Republic.

I also got one reliable report from an extremely trustworthy source: my mother.

A caller with a thick accent tried to run this scam on my mom, who peppered the caller with questions. What’s your name? What’s your company’s name again? What’s your phone number? (She raised six kids. She’s used to social engineering attempts.)

My mom’s Caller ID said the call originated from 999-910-0132; the caller claimed to be from a company that sounded something like Alert Center, and she gave a callback number of 609-531-0750.

If you plug those numbers into a search engine, you’ll find that they lead to a group of companies using identical website templates under different names, including TechResolve, Itek Assist, and—bingo—AlertSoft. A company with the unimaginative name Custom Design Firm, at the same address in Kolkata, India, also offers custom web-design and search-optimization services at exorbitant prices.

My mom eventually hung up on the scammers, but others haven’t been so lucky. If a victim falls for the scam, the next step involves a credit card, naturally, as this victim reported:

Posed as troubleshooter, got into my system, used a “safe code” to get into my computer. Claimed my machine has been hacked into and infected with a virus. Tom and John, heavy Asian accents. Wanted to install “lifelong protection” for $130. I balked. They have my name and number and have been calling incessantly. I’m concerned that they might have planted something in my computer that allows them access.

Indeed, that’s a legitimate concern. Once a victim has granted an intruder remote access, it’s impossible to tell exactly what sort of damage they’ve done. If you know someone who has fallen for this scam, you should assume their computer has been compromised and respond appropriately.

Most readers of this blog are sophisticated computer users who would laugh out loud at an attempt like this. But you probably have friends, family members, or clients who could use a heads-up on this one. If you get a call from someone claiming to have detected a virus on your PC, just hang up.