Archive for the 'Computers and Software' Category
Jan
15
Each time you turn around, there’s another news story about compromised passwords and computer security. Just recently we’ve learned of massive breaches at Target, Neiman Marcus, Adobe, and Cupid Media (the OK Cupid dating site people.)
An important thing to remember is to use unique pass phrases on every web site so if one site gets compromised, the others aren’t.
For example, if the Adobe data dump revealed your password of “I-Like-CLU-in-2014″ to the bad guys, they will try to use that same password on your banking site and could rob you.
Some people resist using multiple passwords because they’re a pain to remember.
Here’s a suggestion — not perfect, but will do for the majority of sites — that will help keep things reasonably safe, while still making every password unique, yet memorable.
Given some baseline pass phrase (more than just a password) that only you know, such as the aforementioned “I-Like-CLU-in-2014″, append a site-specific suffix mnemonic to it. For example, your pass phrase for the Wells Fargo web site might be: “I-Like-CLU-in-2014.WellsFargo” while you might use “I-Like-CLU-in-2014.Target” for the Target web site.
If a “black hat” puts eyeballs on your pass phrase they may recognize the pattern, but in my opinion that is highly unlikely. When they harvest 40 to 70 million IDs and passwords at a time, they’re gonna write programs that test your credentials against other sites, not humanly scan each one individually.
As a side note, I recommend using a different e-address for each site you access. Unless you have some technical savvy and your own domain, this might be problematic. However, you can use a service such as offered by SpamGourmet.com to generate anonymous e-addresses that are site specific. I’ve had about 95% success with Spamgourmet.com addresses. In only a few cases (Redbox and the City of Phoenix are two that come to mind), the vendor blocks, drops, or ignores those addresses even though they are valid.
Lastly, it’s old news but I’ll repeat it anyway: make your pass phrase long enough that it’ll be hard to guess, with a mix of letters (upper and lower case), numbers, and punctuation.
Yeah, it’s all rather a pain in the okole, but replacing your credit cards, recovering stolen funds, or trying to repair your credit history is a much bigger pain.
John
P.S. I was directly affected by the adobe.com breach. After the breach I began receiving phishing e-mail from Russia. Fortunately the messages went to my SpamGourmet address, so I just disabled that one address without affecting my other logins or addresses.
Comments are off for this post
Sep
3
Here’s an interesting idea about using The Human Body as Touchscreen Replacement from the Nielsen Norman Group, experts in the usability field.
Jan
17
I use and recommend the following tools for web development.
- CSE HTML Validator Professional provides an easy way to validate web for compliance with web standards, thus making your pages more likely to render cleanly across many different browsers and devices. I use it as my code editor as well because it’s easy to use while still giving me the low-level control I demand.
. - Easy Thumbnails is a free tool for creating thumbnails from Fookes Software. I like it because I was able to make custom batch files to process huge collections of images in one shot AND have the tool create a web page from those resulting thumbnails at the same time. The downside is that it doesn’t work with PNG files.
. - Goodsync is a valuable tool for synchronizing data, including web data, across multiple devices and hosts. I use it for managing several web sites via FTP, as well as a file synchronization and backup tool so that I can duplicate selected files on multiple computers. This way I can develop information, including my CLU presentations, on a laptop, desktop, or external drive, and keep the others synced up.
. - Iconico provides provides clean, simple, elegant tools used like ColorPic and ScreenCalipers to help match colors, measure layouts and so on, and some of their tools are free.
. - I use Advanced Renamer for giving my pictures and videos more meaningful filenames, as well as performing date/time stamp operations and case conversions, but this only scratches the surface of what the tool can do.
. - For a free, basic text editor that nonetheless offers a lot of great, advanced features, I use conTEXT. It supports templates for many types of files, but if you don’t see or like the ones that are available, you can add or customize them to your taste. For example, I tweaked one for use with IBM Notes (formerly known as Lotus Notes). I use this a lot for examining SQL files too.
. - Batch Purifier is an easy way to strip unwanted data from your image files, such as camera information, location, and date/time. The “LITE” version is free but works only with JPGs.
. - Background images can be generated by tools found on grsites.com.
. - freecsstemplates.org is one of may web sites that offers free CSS templates you can adapt for your pages.