Archive for the ‘Internet’ Category

SOPA and PIPA are bad

Wednesday, December 28th, 2011

The Internet in the United States is under a threat of assault, the likes of which I’ve never seen. Two bills going through Congress right now, SOPA (Stop Online Piracy Act) and PIPA (Protect IP Act), will likely cause secure breakage to the technical underpinnings of the Internet.

The idea behind these bills is to go after copyright violators. However, the methods allowed are extremely aggressive. Can you imagine a single image uploaded to Facebook which turns out to be owned by someone else being the catalyst which makes it impossible to go to Facebook unless you know its IP address? These bills don’t take sites of the net so much as they break your ability to look up the underlying address of the site.

A thorough treatise is posted here at the Stanford Law Review. There are many other sites which go into detail on SOPA such as this one by Adam Savage of Mythbusters and this one over at Lifehacker (which includes a nice video describing the problem).

There has also been some collateral damage in this war. GoDaddy, for instance, had initially shown support for SOPA. As a result, a boycott was called unless they inform Congress that they don’t support the bills at all.

It also appears that SOPA will break the forming DNSSEC (a secure form of DNS, the “phone book” of the Internet) specification.

All in all, this must stop. Letters and calls to Senators and Congresspeople are a good idea at this point.

Google is using your wireless router

Sunday, November 20th, 2011

I’ve known about Google’s (and other companies’) use of the SSID and location of my wireless router for some time. My phone, for instance, uses this information to approximate my location. Other phones do this as well. In fact, before GPS became common in smart phones, it was the only way to determine where you were for location-based services (such as finding a local restaurant).

Google does offer a way for you to opt out of this, but as this article points out, that’s not necessarily the right way to go about things. For instance, not everyone knows how to make the changes in the router to accommodate Google’s opt-out method. What if, like myself, you have a long-running network and don’t wish to change everything (not only do you have to change the settings on the router, but you now have to tell all your equipment the new setting)? Another thing suggested in the article is how accommodating Google won’t help you if another company decides to offer a similar service and doesn’t honor the same opt-out method as Google (or any opt-out method at all).

In my opinion, I have bigger things on my mind than people using my wireless network for location-based services. I understand that by broadcasting my SSID, it is visible from the outside. Half of the problem of using wireless networks for location determination is that people have a tendency to move and this will disrupt that kind of service. I even have a mobile hotspot that I use. I can just imagine how that can disrupt things.

Another place where backup is important

Sunday, August 7th, 2011

There’s been a great amount of impetus toward putting our computer lives in “the cloud.” While it has many advantages (such as being able to access our stuff from anywhere on any device), what happens if your access to the cloud is interrupted or, worse, completely erased?

One person found this out as reported here. He had an image on his Google account of questionable legality. He was notified his entire account had been disabled due to the nature of this image. No one asked for an explanation. There was no one to call. He had a great deal of information, bookmarks, saved articles, etc. tied to this account and it was completely obliterated.

While he was able to recover his account (and remove the image which caused the problem), he has since learned to not rely on one cloud service for everything.

What can you do? I would keep a local copy of everything. I learned this myself the hard way when my blog was hacked. Every time I update the WordPress installation, I also download the entirety of the site so I can maintain a local copy in the event another such hacking occurs. You can also use multiple services to keep copies of bookmarks and the like. Even with Facebook, you have the option to download everything you’ve ever posted.

As long as you have more than one copy, regardless of how you do it, you have a backup. If you have only one copy, it’s at risk of being erased due to accident, failure, or a malicious act.

Getting worried about your own data? I have a special where I set up a backup and follow it up later to make sure it’s working. You can order it here: (offer good for local clients).

How will you know your credentials have been compromised?

Thursday, June 23rd, 2011

While there are many news reports on companies being hacked and customer information being released into the wild, how will you know you’re one of them? It seems enough people have asked the same question that one of them decided to do something about it.

According to this New York Times blog entry, one man created a tool for family and friends to check to see if their information is out in the wild and he’s opened it up to the public. Check out his Should I Change My Password site to see for yourself.

Some caveats: It’s a little new so there could be some trust issues with the guy who created the site. Also, it doesn’t check every known data breach, only those where he was able to get access to the data to create his database. While he does plan on adding new information to his database as it comes along, we’ll have to wait and see how well he does that.

Right now, I think it’s better than nothing and worth a shot. I checked several of my e-mail addresses and came up with nothing found so I can’t review what happens if something was.

A reminder: Make sure you use different passwords for each site you are on. Especially use different passwords for financial institutions. Don’t use the same password for a site as the e-mail address used to login.

Want more updates? Send me an e-mail and I’ll put you on my mailing list.

Protect your Facebook

Wednesday, June 22nd, 2011

I’ve seen many friends on Facebook posting supposed links to crazy videos or “rare” items in Facebook games which just aren’t what they say they are. I’ve been bitten myself, but it’s usually curiosity of the “how does this scam work” variety more than “I want to look at this crazy video.”

Most of the time, when you click on the link, it takes you to some web site with what looks like a video player on it. When you click on the player, you’re “invited” to take a survey or something so you’ll get access to the video. I’ve never gone through the survey process myself so I don’t know how it plays out from there, but I have had posts from my Facebook account just from clicking on the supposed video player. You can see it doesn’t take much to get hit by one of these.

What can you do?

The first place I go to satisfy my curiosity is the Bypass Fan Pages site. You can search for the video or list or whatever there to see what the content really is. I’ve yet to see what which held up to the extreme of the headline. I’ve also seen many with a review indicating no actual content after you complete the task.

Another thing you can do is to install MyPageKeeper on your Facebook profile. This was developed by a team of students at the University of California at Riverside. An article about the app is here. I’ve installed it on my profile so I can see how well it works. I could use some additional feedback from my readers as well.

CNet has another article here on Facebook malware here.

While we’re on the subject of Facebook, please like my Facebook page here.