Saturday, March 31, 2007
Passwords and Pass Phrases: Take 3
In case you needed any more motivation to start using more secure passwords/pass phrases, this post on one man's blog talks about how shockingly easy it would be to break through most passwords.
Saturday, March 24, 2007
My Set up Part 5: Writing, Projects and Todos
There is absolutely nothing wrong with using office or similar software (like the open source and free openoffice) on your home pc. However, in order to access my documents anywhere and in order to colaborate in real(ish) time I decided to start using an online service.
I used to use zohowriter -which is actually reviewed higher then google docs and whose format I prefered- but switched because google docs is more convient (not as much sign in sign out, being able to see access content from a centralized location ect). I use google docs and google notebook to keep track of the projects I am working on and my next actions/todos respectively (For instance, I use a couple of Master Google Documents to coordinate wedding planning with my fiance). Google docs can't handle heavy formatting, like exporting to pdf. For such I use openoffice at home. Google documents does load really quickly (much faster then office) and can usually get the job done.
I used to use zohowriter -which is actually reviewed higher then google docs and whose format I prefered- but switched because google docs is more convient (not as much sign in sign out, being able to see access content from a centralized location ect). I use google docs and google notebook to keep track of the projects I am working on and my next actions/todos respectively (For instance, I use a couple of Master Google Documents to coordinate wedding planning with my fiance). Google docs can't handle heavy formatting, like exporting to pdf. For such I use openoffice at home. Google documents does load really quickly (much faster then office) and can usually get the job done.
Wednesday, March 21, 2007
Sunday, March 18, 2007
My Setup Part 3: Bookmarks
To make a bookmark is to simply make a note of any site you find useful/interesting/entertaining and want to find later. The function of making and saving bookmarks is standard for browsers. I had two problems however with the built in bookmarking feature. One was that I wanted access to my bookmarks wherever I happened to be (so a browser installed on my pc wouldn't work) and two, I was generating way too many bookmarks (in the hundreds) and had trouble finding what I was looking for.
The way that I solved these problems was to begin using http://del.icio.us/ Del.icio.us at its most basic level is a website that allows you to save your bookmarks online. I use it because I can access (and make) bookmarks anywhere. Beyond that, del.icio.us give you space to summarize and title the bookmarks however you want (while a bookmark in ie would be the title of the website, I can use whatever title strikes my fancy like 'paper to read'). Del.icio.us then gives you space to write a explanation of the site in as many words as you want. Del.icio.us allows the user (you or me) to better organize and retrieve bookmarks through making these subscriptions fully searchable and also taggable. (Tags are small words or phrases used to describe the content of something.) Some of the tags I use commonly range from 'reference' 'aggregator' 'to-do' and 'cool.' But I have definitely abused the cool tag, though that is more of a personal problem then a flaw of del.icio.us. ;p These are all the personal advantages of using del.icio.us
Del.icio.us is made better by the fact that -in addition to the personal advantages mentioned above- it also has social advantages. Del.icio.us has an dedicated search function, which searches the content the thousands of other users are marking, describing and tagging. Google and yahoo are still my search preferences, but Del.icio.us is pretty dang useful too (note: del.icio.us is owned by yahoo). Del.icio.us also has tools to help you find people who have similar tastes (and going and finding more sites through this) subscribing to other people's bookmarks. For instance, I like sci-fi and I find that mark40xv6 is good at finding and tagging sci fi resources. I can subscribe (ie be alerted to) all mark's new book marks or just his sci-fi tagged book marks. Del.icio.us tells you how common your bookmarks are, and can use your bookmarks to find other users like you.
If you and I wished to share bookmarks -and we were both del.icio.us users- we could tag things 'share' for stuff we wanted each other to see like for: john michael.
I use del.icio.us primarily for the personal/solitary advantages. It's nice to be able to access my bookmarks everywhere, and I for one would be overwhelmed trying to record all the sites of interest without the ability to organize my bookmarks through tags and search through them. The downside is, like most of the web apps, you are making more information about yourself readily available. Bad guys of any shade and stripe could learn a lot about a person just by going through their bookmarks... where one lives, what ones interests are ect. This is potentially averted by making ones bookmarks private.
When everything is said and done, Del.icio.us has become essential for me. It is a service I use everyday. If you want to start using del.icio.us I would reccomend getting the extension for firefox or ie.
The way that I solved these problems was to begin using http://del.icio.us/ Del.icio.us at its most basic level is a website that allows you to save your bookmarks online. I use it because I can access (and make) bookmarks anywhere. Beyond that, del.icio.us give you space to summarize and title the bookmarks however you want (while a bookmark in ie would be the title of the website, I can use whatever title strikes my fancy like 'paper to read'). Del.icio.us then gives you space to write a explanation of the site in as many words as you want. Del.icio.us allows the user (you or me) to better organize and retrieve bookmarks through making these subscriptions fully searchable and also taggable. (Tags are small words or phrases used to describe the content of something.) Some of the tags I use commonly range from 'reference' 'aggregator' 'to-do' and 'cool.' But I have definitely abused the cool tag, though that is more of a personal problem then a flaw of del.icio.us. ;p These are all the personal advantages of using del.icio.us
Del.icio.us is made better by the fact that -in addition to the personal advantages mentioned above- it also has social advantages. Del.icio.us has an dedicated search function, which searches the content the thousands of other users are marking, describing and tagging. Google and yahoo are still my search preferences, but Del.icio.us is pretty dang useful too (note: del.icio.us is owned by yahoo). Del.icio.us also has tools to help you find people who have similar tastes (and going and finding more sites through this) subscribing to other people's bookmarks. For instance, I like sci-fi and I find that mark40xv6 is good at finding and tagging sci fi resources. I can subscribe (ie be alerted to) all mark's new book marks or just his sci-fi tagged book marks. Del.icio.us tells you how common your bookmarks are, and can use your bookmarks to find other users like you.
If you and I wished to share bookmarks -and we were both del.icio.us users- we could tag things 'share' for stuff we wanted each other to see like for: john michael.
I use del.icio.us primarily for the personal/solitary advantages. It's nice to be able to access my bookmarks everywhere, and I for one would be overwhelmed trying to record all the sites of interest without the ability to organize my bookmarks through tags and search through them. The downside is, like most of the web apps, you are making more information about yourself readily available. Bad guys of any shade and stripe could learn a lot about a person just by going through their bookmarks... where one lives, what ones interests are ect. This is potentially averted by making ones bookmarks private.
When everything is said and done, Del.icio.us has become essential for me. It is a service I use everyday. If you want to start using del.icio.us I would reccomend getting the extension for firefox or ie.
Friday, March 16, 2007
My Set Up Part 2: RSS
RSS feeds help me get through a lot more content online in much less time. If you are unclear about the whole rss concept, to summarize websites (blogs mostly) can choose to have their content formatted into a machine readable rss or feed format (almost every blog, podcast, video cast ect do nowadays). How much content is made available this way can range from entire articles to just headlines with links leading to their site.
There are many utilities (the new ie 7 has one built in I think) that are rss readers. What this means to you is that when content (blog posts) are posted online it will automatically get pulled for you as soon as it is available. Here are some of the feeds I subscribe to
http://feeds.gawker.com/lifehacker/full Lifehacker is dedicated to trying to get you to get more utility out of your computer and life. If you try entering that url into your browser it may or may not be readable because the information is cut up and formatted to make sense to a machine.
What is useful about RSS is that you can delve through a lot more content, updated automatically, and decide if you want to go deeper. For instance, you would still have to go to the site to leave comments ect but Rss feeds can cure your of the 'I gotta see if a site has updated' itch and help you get through your favorite websites in a hurry.
However, by giving you so much content from one central location it can get... overwhelming. As with the rest of the internet, it is important to know when to say 'no' and not feel bad for not reading everything you are interested in. There is no way you can.
Interestingly enough, we're now seeing what will undoubtadly be dubbed 'rss 2.0.' Yahoo Pipes is a great example of this. Pipes on its most basic level is just a RSSI use reader from yahoo, but now what you can do is pair rss feeds with searches/other rss feeds/or other filters/parameters. For instance, there is one 'pipe' (they are user generated like more and more of the web) takes the feed for newyork times headlines and grabs photos related to the stories. Another takes a list of top music (say, apple itune's top sellers) and pulls the music videos off of youtube. Not terribly impresive, but more complicated pipes could be insanely useful tools for gathering and formatting information off the cuff.
I use Google Reader as my RSS reader. It is fast, easy to use with some more advanced options once you get more comfortable. Also, because it is online I can access my feeds from anywhere, regardless of webfilters (like the ones at school) because nobody blocks google.
There are many utilities (the new ie 7 has one built in I think) that are rss readers. What this means to you is that when content (blog posts) are posted online it will automatically get pulled for you as soon as it is available. Here are some of the feeds I subscribe to
http://feeds.gawker.com/lifehacker/full Lifehacker is dedicated to trying to get you to get more utility out of your computer and life. If you try entering that url into your browser it may or may not be readable because the information is cut up and formatted to make sense to a machine.
What is useful about RSS is that you can delve through a lot more content, updated automatically, and decide if you want to go deeper. For instance, you would still have to go to the site to leave comments ect but Rss feeds can cure your of the 'I gotta see if a site has updated' itch and help you get through your favorite websites in a hurry.
However, by giving you so much content from one central location it can get... overwhelming. As with the rest of the internet, it is important to know when to say 'no' and not feel bad for not reading everything you are interested in. There is no way you can.
Interestingly enough, we're now seeing what will undoubtadly be dubbed 'rss 2.0.' Yahoo Pipes is a great example of this. Pipes on its most basic level is just a RSSI use reader from yahoo, but now what you can do is pair rss feeds with searches/other rss feeds/or other filters/parameters. For instance, there is one 'pipe' (they are user generated like more and more of the web) takes the feed for newyork times headlines and grabs photos related to the stories. Another takes a list of top music (say, apple itune's top sellers) and pulls the music videos off of youtube. Not terribly impresive, but more complicated pipes could be insanely useful tools for gathering and formatting information off the cuff.
I use Google Reader as my RSS reader. It is fast, easy to use with some more advanced options once you get more comfortable. Also, because it is online I can access my feeds from anywhere, regardless of webfilters (like the ones at school) because nobody blocks google.
Wednesday, March 14, 2007
My Set Up Part 1: Email
I am going to make a series of posts concerning how I set up my applications/and how I do what I do. Everything I describe I get without cost, unless you count google ads as a cost.
I use gmail. Gmail is hands down the best email client I have ever come across. For free, you get about two and a half gigabytes of storage, ridiculously effective spam protection, unlimited mail forwarding and all manner of nice little tricks and extras. The only bad part is that by dealing with e-mail entirely online you have no access if your isp goes down, or if (more rare) google experiences technical difficulties. You can alleviate this by fetching your mail from gmail (or any other online e-mail provider) with a program like thunderbird or outlook, which automatically fetch your e-mail and store it on your pc (among other things). The other bad part would be that Google would have access to all your private data.
I actually use two gmail accounts, john.jperkins@gmail.com and somethingelse@gmail.com (note, not my real address).
The reason I do this is s that I can direct people I know personally/professionally at the john address, whereas the somethingelse address is for gaming handles, forums ect. With corporations in particular taking a keen interest in the online activities of job applicants, I do not want to worry about what I am doing or whom I am associating with online and how it might look to a hiring corporation. Someone could still track my other activities down, it would just be more difficult (anyone who searches for john perkins without my e-mail address gets a shaman/economic hitman or a famous doctor). All mail is forwarded from the john address to the something else address, and I can even send mail I compose in the somethingelse address from the john address.
I use gmail. Gmail is hands down the best email client I have ever come across. For free, you get about two and a half gigabytes of storage, ridiculously effective spam protection, unlimited mail forwarding and all manner of nice little tricks and extras. The only bad part is that by dealing with e-mail entirely online you have no access if your isp goes down, or if (more rare) google experiences technical difficulties. You can alleviate this by fetching your mail from gmail (or any other online e-mail provider) with a program like thunderbird or outlook, which automatically fetch your e-mail and store it on your pc (among other things). The other bad part would be that Google would have access to all your private data.
I actually use two gmail accounts, john.jperkins@gmail.com and somethingelse@gmail.com (note, not my real address).
The reason I do this is s that I can direct people I know personally/professionally at the john address, whereas the somethingelse address is for gaming handles, forums ect. With corporations in particular taking a keen interest in the online activities of job applicants, I do not want to worry about what I am doing or whom I am associating with online and how it might look to a hiring corporation. Someone could still track my other activities down, it would just be more difficult (anyone who searches for john perkins without my e-mail address gets a shaman/economic hitman or a famous doctor). All mail is forwarded from the john address to the something else address, and I can even send mail I compose in the somethingelse address from the john address.
Tuesday, March 6, 2007
Passwords & "Passphrases" part 2:
In the last post I mentioned how we need to get away from a “password” and move to "pass phrases”. Their longer length and (hopefully) use of lower and upper case along with punctuation and other tricks make it more difficult for hackers and others to break into our PCs.
I’d like to share a few more thoughts with you about passwords and “passphrases”.
It goes without saying that a strong “passphrase” will protect you much better than a weak password.
But you have to be careful with even a strong “passphrase”.
If you use a favorite saying, or a favorite book title as your “passphrase”, it may still be broken by someone.
HOW? Lets say that your teenage son or daughter asks to use your PC because their PC isn’t working and they need to print out a homework paper. So you give them your “passphrase”. OR they may have a friend over and you give your child the “passphrase” not even thinking that the friend of your child now knows your “passphrase.”
In the event someone else needs to use your PC you need to type it in for them. DO NOT give it to anyone. Once you give it out you yourself have compromised the “passphrase.”
Another thing to keep in mind is the email that “friends” send “friends.” This email asks for personal information about you. This is so your email friends can get to know you. They may ask silly questions like your pets name, your favorite movie, when you were married, etc.
Also be careful of the information you post of “my space” as well and for the same reasons.
This information is a treasure trove of possible passwords / “passphrases” for those who might want to break into your PC.
Never respond to such emails. And however hard it is try to keep yourself (and your children) from posting too much personal information on “My Space”.
And if you have….posted this information OR given your child or their friends your password / “passphrase”…you better change your “passphrase” ASAP.
If you check the little boxes that say “remember my log in information and or password” You’ll need to change them as well.
Don’t take this too lightly. The skillful hacker can get enough info from oen of these”friends” email or “my space” to get your account information from ISP’s like AOL. Or they might be able to access yout account info on Amazon or other sites.
I’d like to share a few more thoughts with you about passwords and “passphrases”.
It goes without saying that a strong “passphrase” will protect you much better than a weak password.
But you have to be careful with even a strong “passphrase”.
If you use a favorite saying, or a favorite book title as your “passphrase”, it may still be broken by someone.
HOW? Lets say that your teenage son or daughter asks to use your PC because their PC isn’t working and they need to print out a homework paper. So you give them your “passphrase”. OR they may have a friend over and you give your child the “passphrase” not even thinking that the friend of your child now knows your “passphrase.”
In the event someone else needs to use your PC you need to type it in for them. DO NOT give it to anyone. Once you give it out you yourself have compromised the “passphrase.”
Another thing to keep in mind is the email that “friends” send “friends.” This email asks for personal information about you. This is so your email friends can get to know you. They may ask silly questions like your pets name, your favorite movie, when you were married, etc.
Also be careful of the information you post of “my space” as well and for the same reasons.
This information is a treasure trove of possible passwords / “passphrases” for those who might want to break into your PC.
Never respond to such emails. And however hard it is try to keep yourself (and your children) from posting too much personal information on “My Space”.
And if you have….posted this information OR given your child or their friends your password / “passphrase”…you better change your “passphrase” ASAP.
If you check the little boxes that say “remember my log in information and or password” You’ll need to change them as well.
Don’t take this too lightly. The skillful hacker can get enough info from oen of these”friends” email or “my space” to get your account information from ISP’s like AOL. Or they might be able to access yout account info on Amazon or other sites.
Friday, March 2, 2007
Pass words vs. Pass phrases
Pass words are a part of life for anyone using a computer, PDA, or numerous other devices.
While we are trying to help the absolute novice with computer related information, understand that many who are computer "experts" don't practice the simple items here. They do so at their own peril.
Pass words and pass phrases are the first line of defense in keeping your information private.
And like it or not, YOU play THE major part in protecting your private information.
You've probably seen people (not that you would do this) leave their passwords taped to their desk or monitor. Even worse...do you know anyone who does this at home?
Some people use the same password over and over just adding a new number at the end of the same word. i.e. Lassie1, Lassie 2, Lassie3 etc.
Doing these things make it easy to break into your computer especially at home. Not everyone tyring to break into your home PC is an international terrorist. It could be a relative, neighbor, or the friend of your son or daughter.
I suggest that you might want to use passphrases instead of pass words at work and home.
Using simple pass words are not adequate.
Now before you get worried that a pass phrase is complicated, it is not. It can be much stronger that any password and even easier to remember.
Here are some examples of pass phrases: (Don't use these - they are just examples to givve you ideas to come up with your own.)
Your favorite book titles may make a good pass phrase:
20,000 Quips and Quotes becomes 20K Quips & Quotes
Fortress Third Reich becomes Fortress 3RD Reich
Another example of an easy passphrase to remember would be:
"I believe I will have a GREAT day!"
Notice that changes I made to the book titles or phrase. I wrote 20,000 as 20K. I used some caps and some lower case letters, and I used some punctuation. These all strengthen the pass phrase.
What makes a strong pass phrase?
Use upper and lower case letters
Use numbers and symbols.
Choose something easy to remember so you don’t write it down on your desk. But change how it is written to make it stronger.
What not to do:
Don't use any thing obvious to a hacker…i.e. a special someone’s name, a pet’s name, birthdays etc.
Don't use the same password over and over and add a number to the end.
An even stronger version of the passphrase is one that does not contain any known word. It is compeltly random combination of letters, numbers, and symbols. BUT this also makes it harder to remember.
*(89HgY3R2R
In theory they could be guessed but this type of passphrase is much stronger.
It is possible to have a passphrase that you can remember without having to write down, but still meet the requirements of a good passphrase. It involves a compromise by using words and numbers that you will remember but mixing them up.
For example, say your son Jason was born on the 15th of June 1983. By taking his birthday 6/15/83 and interspersing his name spelled backwards, you could get the passphrase n1o9s8a3j. While it may look difficult to remember you simply need to know the "key" to your password. This password would be very hard to crack.
To take it one step further you can increase teh strength of this last passphrase even more. You could capitalize some of the letters and add a punctuation mark.
Remember your PASSPHRASE is the first line of defense. Make it good one!
While we are trying to help the absolute novice with computer related information, understand that many who are computer "experts" don't practice the simple items here. They do so at their own peril.
Pass words and pass phrases are the first line of defense in keeping your information private.
And like it or not, YOU play THE major part in protecting your private information.
You've probably seen people (not that you would do this) leave their passwords taped to their desk or monitor. Even worse...do you know anyone who does this at home?
Some people use the same password over and over just adding a new number at the end of the same word. i.e. Lassie1, Lassie 2, Lassie3 etc.
Doing these things make it easy to break into your computer especially at home. Not everyone tyring to break into your home PC is an international terrorist. It could be a relative, neighbor, or the friend of your son or daughter.
I suggest that you might want to use passphrases instead of pass words at work and home.
Using simple pass words are not adequate.
Now before you get worried that a pass phrase is complicated, it is not. It can be much stronger that any password and even easier to remember.
Here are some examples of pass phrases: (Don't use these - they are just examples to givve you ideas to come up with your own.)
Your favorite book titles may make a good pass phrase:
20,000 Quips and Quotes becomes 20K Quips & Quotes
Fortress Third Reich becomes Fortress 3RD Reich
Another example of an easy passphrase to remember would be:
"I believe I will have a GREAT day!"
Notice that changes I made to the book titles or phrase. I wrote 20,000 as 20K. I used some caps and some lower case letters, and I used some punctuation. These all strengthen the pass phrase.
What makes a strong pass phrase?
Use upper and lower case letters
Use numbers and symbols.
Choose something easy to remember so you don’t write it down on your desk. But change how it is written to make it stronger.
What not to do:
Don't use any thing obvious to a hacker…i.e. a special someone’s name, a pet’s name, birthdays etc.
Don't use the same password over and over and add a number to the end.
An even stronger version of the passphrase is one that does not contain any known word. It is compeltly random combination of letters, numbers, and symbols. BUT this also makes it harder to remember.
*(89HgY3R2R
In theory they could be guessed but this type of passphrase is much stronger.
It is possible to have a passphrase that you can remember without having to write down, but still meet the requirements of a good passphrase. It involves a compromise by using words and numbers that you will remember but mixing them up.
For example, say your son Jason was born on the 15th of June 1983. By taking his birthday 6/15/83 and interspersing his name spelled backwards, you could get the passphrase n1o9s8a3j. While it may look difficult to remember you simply need to know the "key" to your password. This password would be very hard to crack.
To take it one step further you can increase teh strength of this last passphrase even more. You could capitalize some of the letters and add a punctuation mark.
Remember your PASSPHRASE is the first line of defense. Make it good one!
Thursday, March 1, 2007
Your Programs and Your Data
When it comes to computers there are three (possibly four) ways for you to store your data and run your applications.
The first -most common and arguably the simplest- way is to simply save data and run programs is through your own system's internal memory. This doesn't really need an explanation (I am going to go out on a limb and assume that if you know how to browse the Internet you know how to save files and install programs). The main advantages to this way of managing your data is that it is simple, safe (or rather the easiest to secure) and most applications are designed with this in mind.
The second way is to store data or run programs is through the use of removeable memory. Removeable memory ranges from the SD Card you plug into your digital camera, to 250 gb portable hard drives. The main advantage to removeable media is its portability... you can access your files (and potentially your programs) wherever you happen to be. The bad points are you can lose these removeable media and for a lot of people it might seem harder to secure data stored this way. Technically, you could conceivably run any program (that would fit) from a flash drive, in fact the new San Disk flash drives have software to help you do this. For a great source of Applications you can install and run from a flash drive (so that you can use the same applications on any computer with a usb drive) go to Portable Applications: they have antivirus, word processing, media player, and lots more software you can run directly from your flash drive.
The final way to store information or run programs is by storing your data on the internet (the fourth possibility is doing the same thing on a private network). One advantage to this is that you have access wherever there is internet, and the only have to carry around your login info (and what else were you going to use your brain for?). The other big advantage is the ability to grant access to your info to any number of people (and with newer applications, it is a lot easier and cheaper to actively collaborate online on calenders, projects, documents etc). People will generally feel this is the least safe method, and but in many ways it is more secure (ie it would be much more difficult to hack or infect google's servers then it would be to do the same thing to my pc). In short, storing data and running applications off of the web has significant advantages. A good summary of this method can be found here at ITRedux.
I will tell you how I put all this together personally in an upcoming post.
The first -most common and arguably the simplest- way is to simply save data and run programs is through your own system's internal memory. This doesn't really need an explanation (I am going to go out on a limb and assume that if you know how to browse the Internet you know how to save files and install programs). The main advantages to this way of managing your data is that it is simple, safe (or rather the easiest to secure) and most applications are designed with this in mind.
The second way is to store data or run programs is through the use of removeable memory. Removeable memory ranges from the SD Card you plug into your digital camera, to 250 gb portable hard drives. The main advantage to removeable media is its portability... you can access your files (and potentially your programs) wherever you happen to be. The bad points are you can lose these removeable media and for a lot of people it might seem harder to secure data stored this way. Technically, you could conceivably run any program (that would fit) from a flash drive, in fact the new San Disk flash drives have software to help you do this. For a great source of Applications you can install and run from a flash drive (so that you can use the same applications on any computer with a usb drive) go to Portable Applications: they have antivirus, word processing, media player, and lots more software you can run directly from your flash drive.
The final way to store information or run programs is by storing your data on the internet (the fourth possibility is doing the same thing on a private network). One advantage to this is that you have access wherever there is internet, and the only have to carry around your login info (and what else were you going to use your brain for?). The other big advantage is the ability to grant access to your info to any number of people (and with newer applications, it is a lot easier and cheaper to actively collaborate online on calenders, projects, documents etc). People will generally feel this is the least safe method, and but in many ways it is more secure (ie it would be much more difficult to hack or infect google's servers then it would be to do the same thing to my pc). In short, storing data and running applications off of the web has significant advantages. A good summary of this method can be found here at ITRedux.
I will tell you how I put all this together personally in an upcoming post.
Subscribe to:
Posts (Atom)