Leaderboard

At any given time there are a number of people from China and Russia on the forum, about a dozen on the low end, and Judy mentioned that she noticed that there were 150+ guests on recently. Some are trying to register to spread spam, others are probably probing for security vulnerabilities. The anti-spam service I subscribe to seems to be doing a great job of keeping spammers from registering and while I'm not too worried about security, the constant traffic does put additional load on the server. This site is very US-centric, so I can't think of any reason why I shouldn't restrict access to the site from problematic countries / IP ranges. I'm not going to make any changes immediately, but it wouldn't hurt to take note of the URL of the Facebook Group if you haven't already, or my email address ([email protected]) in the case that you suddenly find yourself unable to connect to the website. I don't expect any such issues, but a huge number of addresses will be blocked and I want to make sure people have some way to contact me outside of the forum just in case.

We need a Mad emoji.

Yeah we already have a confused emoji. A WTF emoji would come in handy too.

The Second one is perfect. the first one just looks confused. Tom Modesto, CA

Take a look at this app: www.mileiq.com /// sponsor from a tax update webinar at CPAacademy.com yesterday. You do need to buy app but it looks like an easy operation. By the way, FREE to tax preparers and a code for 20% off to any of your clients that might like it. From two audits in PA, journals with all relevant information were OK'd and expenses allowed ---- but they specifically stated to client that without ALL required information, they would have disallowed. States are looking for reasons to disallow, fed's probably the same --- if they take time to take a look, they want a return for that time. Dot all i's, cross all t's.

No, it would prove only the total mileage at that point in time and might be useful to show that he's driven a certain total miles, on average. Plus, how often are the oil changes, once or twice a year? You still have to fill in the gaps between them with the other required data.

Mad.......... Or Mad......

We're discussing it and I'm sure that Eric will come up with something that will work for us. The downvote is more than not liking something because it registers a negative vote against the person, so I don't think that's a good thing to use in this instance. A member that is being helpful by posting information that we find troublesome or problematic shouldn't be assigned negative points.

The online software thing is always a quandary. We get asked about it from time to time. Given there is no 100% access, many are not comfortable with SaS for things like their payroll. (There have been outages for more than 24 hours - I got calls from non customers asking what they should do because Intuit was down!) There are even a few locations where the "privacy" regulations essentially prohibit employers from having employee data out of their control/locality (although I suspect the rule is plain ignored). On the other hand, having data out of people's hands is many times safer, although access is not really improved, since one could use remote software to access your desktop. Data entry and processing speed can also crawl while waiting for online back and forth. Cost of SaS is an issue. One cannot get data access and storage online for free, so the customer has to pay somehow. Either as a per use item (which also adds cost for management) or at some sort of fixed rate, large enough to cover the average customer usage (and maybe more than you actually use). One aspect of security is to be a small fish. SaS, ESPECIALLY payroll, is a HUGE fish, and something nefarious types are certainly constantly trying to exploit. So having your desktop be the place holding your software and data, behind even just a fair security setup, is exponentially less likely to be compromised. Knowing what I do about at least one major tax prep company, I would never use a tax prep person or company who uses SaS or a corp online system.

I see we have a 'downvote' now. I guess that's like a 'don't like' button? Could encompass mad/angry, I suppose.

VPN to Europe. I've never done it but that's what the young'ens tell me they do.

I want one of them IP addresses that let me watch sports on the interweb for free. Where do I go to get one of them suckers? Tom Modesto, CA

In the US ranges, there are also certain ranges - generally hosts friendly to spam - which I block. Also block many of the Amazon ranges, since they generate a large amount of non human traffic, and since my product is not designed for something like an AWS virtual computer. I am willing to share my current list if you would like to review it.

I think you should block those addresses as soon as possible ! Although, I am sure there are ways to get around the block.

This is something I deal with as well. I block for certain countries. It does take some manual handling (not just using an IP list service), since some desired users will have non US IP addresses for various reasons. For instance, I have a customer who lives abroad for 1/2 of the year. When blocked, I show a special page, with contact info, so those who are human, and actually customers, can send me an email with their IP address. Some on the northern border will have a Canadian IP address, some on the southern border will have a Mexican IP address. Some may have randomly placed IP addresses, such as when a VPN or other masking service is in use (have one customer who uses a non US IP s they can stream videos - such as TV sports feeds - which are blocked for those in the US).

Cannot directly answer, but, since I used to not always note my travels well, but never forget my cell phone, I allowed Google to track me. Maybe the client has allowed (or not disables) the "timeline" function in Google Maps...

It's an AutoHotkey script. I've heard of mouse move/jiggle apps that are supposed to keep computers from sleeping or turning off screens during long videos, but I'm not sure it would work with ATX though. I'm not an advance AutoHotkey script writer, but I'd guess it could be done by activating the ATX window and having it do some small task like Ctrl-s for save. That would kill two birds with one stone, wouldn't it? People around here would pay good money for that script!

Main reason that sellers pay closing costs rather than cutting the price has always seemed to me to be because the real estate agents convince them that it is a good idea. They like it because their commission is calculated on a higher number. Maybe that isn't it, but that was what always struck me.

Unless the $80K is a gift from a friend or relative selling the property to him at a below-market price, then it has no effect. I can't imagine why it's even on a closing statement other than to impress on the buyer what a great bargain he's getting. The cost is the cost and the $80K made-up figure is nothing to him (certainly not income-by that reasoning the seller could enter a million dollar sale price less a $780,000 credit and your friend would be in a fix). I'm assuming the buyer is interested in tax basis - here's the IRS Pub. 551 take on that (check out page 2). https://www.irs.gov/pub/irs-pdf/p551.pdf

This story has been out there on tech sites for a little while and just found it way to the mainstream media. I have been using online SaS accounting and payroll software for sometime now, but not tax software. Stories like this one are making me reconsider whether that is a good idea ? Tribune News Service WASHINGTON _ Just as hurricane trackers chart storms in the Atlantic before they make landfall, cybersecurity researchers track viral infections that threaten mayhem. They've found a doozy. A massive zombie robotic network, or botnet, has expanded to infect "an estimated million organizations" and could bring corners of the internet to its knees, an Israeli cybersecurity company, Check Point Software, says. "The next cyber hurricane is about to come," Check Point says. Several cybersecurity researchers Monday confirmed Check Point's findings, saying the botnet could replicate, and perhaps dwarf, the Mirai botnet that almost exactly a year ago took down major websites on the Atlantic Coast, crippling a part of the internet's backbone and slowing traffic to a crawl. The botnet, which has been named either "Reaper" or "IoTroop," was first detected in mid-September. A Chinese cybersecurity firm, Qihoo 360, says the botnet is swelling by 10,000 devices a day, forcibly recruiting foot soldiers in an ever-larger invisible rogue army. Cybercrime gangs form botnets by infecting internet-enabled devices, often wireless cameras or routers with weak security features. Once corralled, controllers can send commands for the botnet to overwhelm a target, knocking its website off line or crippling the internet.The new botnet has spread across the United States, Australia and other parts of the globe, researchers say, although Check Point notes that "it is too early to assess the intentions" of those propagating the infection. "It could be something that's meant to create global chaos," Maya Horowitz, threat intelligence group manager at Check Point, said in a telephone interview from Israel. "But it could be something that's more targeted," perhaps aimed at a country or industry. She said it is unlikely that cybersecurity experts will be able to halt an eventual attack. "The chances are pretty low for that," Horowitz said, adding that like an epidemic of infectious disease, "each infected device is looking for other devices to compromise." Criminal hackers are assembling increasingly powerful botnets. "They are getting bigger and badder," said Robert Hamilton, director of marketing at Imperva Incapsula, a Redwood Shores, California, cybersecurity firm that offers technology to mitigate botnet attacks. "The motive more than ever is money," he said, adding that criminal gangs send ransom demands to companies threatening to hit them with a distributed denial-of-service, or DDoS, attack unless paid off "We had a client that received a letter that said 'if you don't pay us, we are going to bring your websites down with a DDoS attack,'" Hamilton said. "This was a client that you'd definitely recognize their name," declining to specify the company. Last year's Mirai botnet attack hit Dyn, a New Hampshire company that provides backbone services for the internet. Imperva says it found 49,657 infected devices spread over 164 countries. The top infected countries were Vietnam, Brazil and the United States. Scores of major companies were hit in that Oct. 21, 2016, attack, including Netflix, Twitter, Spotify, HBO, Amazon, CNN, ancestry.com and Comcast. The new botnet is based on the source code for Mirai, Horowitz said, "but about 100 different functions have been added ... and it has the potential to reach many, many more devices." The malware creating the botnet is infecting a variety of Internet of Things (IoT) devices but has been found with functions to target networking gear or routers manufactured by D-Link, TP-Link, AVTECH, NETGEAR, MikroTik, Linksys and Synology, Check Point said. "Since Reaper is exploiting a number of known vulnerabilities in different IoT devices, this botnet could definitely be much more disruptive than Mirai," said Merike Kaeo, chief technology officer at Farsight Security, a San Mateo, Calif., cybersecurity firm. "Known security issues in cameras, televisions, home routers, and any other internet-connected devices need to be addressed and fixed." Consumers can do their bit by checking to ensure that "all of their internet-connected devices, especially home routers, have the latest firmware upgrades and security patches installed," Kaeo said. (c)2017 McClatchy Washington Bureau. Written by Tim Johnson