People have sometimes asked me what anti-virus software they should use and if there's any good free stuff out there. (Beware, some of the "anti-virus/anti-malware software" you download might contain some malware itself. So, be sure you trust the source of your software before downloading it.)
If you're running Windows, Microsoft offers Microsoft Security Essentials for free. I haven't tried out too many different anti-virus programs myself, but I've heard good reviews for Microsoft Security Essentials.
[ Microsoft Security Essentials ]
Wednesday, December 22, 2010
Sunday, November 28, 2010
Airport body scanners
Not surprisingly, there's been a lot of talk about the new airport body scanners.
The New York Times has some good discussion on it: Do Body Scanners Make Us Safer?
The New York Times has some good discussion on it: Do Body Scanners Make Us Safer?
Tuesday, October 26, 2010
Facebook remote log out
Have you logged into Facebook at the library or your friend's computer, and forgotten to log out?
Facebook also has a remote log out feature.
"...you can see if you’re still logged in on other devices and immediately log out on those devices from one central control in your account."
BTW, you can also have Facebook send you a message via SMS or email whenever a new computer or mobile device logs into your account.
Facebook also has a remote log out feature.
"...you can see if you’re still logged in on other devices and immediately log out on those devices from one central control in your account."
BTW, you can also have Facebook send you a message via SMS or email whenever a new computer or mobile device logs into your account.
Facebook one-time passwords
Facebook is enabling a feature that I wanted Gmail to have a long time ago: one-time use passwords. These are passwords that you can only use one time. This is helpful if you're using a not-as-secure computer and are worried that someone might have captured your password (and you don't want others to be able to use your password.) In order to use this, you have to register a mobile phone with your Facebook account, and send a text to Facebook to receive a one-time password (that must be used within 20 mins.)
From the Facebook blog:
I try not to use other computers/devices to access personal information unless absolutely necessary. And nowadays, with all the smartphones out there, you don't really need to use someone else's computer. But it's nice to know there's this feature for passwords.
From the Facebook blog:
First, we're launching one-time passwords to make it safer to use public computers in places like hotels, cafes or airports. If you have any concerns about security of the computer you're using while accessing Facebook, we can text you a one-time password to use instead of your regular password.
Simply text "otp" to 32665 on your mobile phone (U.S. only), and you'll immediately receive a password that can be used only once and expires in 20 minutes. In order to access this feature, you'll need a mobile phone number in your account. We're rolling this out gradually, and it should be available to everyone in the coming weeks.
I try not to use other computers/devices to access personal information unless absolutely necessary. And nowadays, with all the smartphones out there, you don't really need to use someone else's computer. But it's nice to know there's this feature for passwords.
Wednesday, October 13, 2010
Dropbox
Dropbox is a neat tool that lets you store files online, synchronize your files across multiple computers, and share files with others. It’s quite useful and convenient, especially because they give you 2GB free! (I've used it to share files that were hundreds of megabytes large.) From a quick scan, they do seem to have their bases covered - all transmitted and stored data is encrypted, and they say they have strengthened their web servers and client application against hackers.
Similar to all other online accounts you should:
Similar to all other online accounts you should:
- Be sure to use a strong password (If you use a weak password and Mr. Stranger guesses it, he could gain access to your files.)
- You will also probably not want to store any of your personal, confidential data on Dropbox.
- Does your company allow you to install external software on your company-issued computer?
- Does your company allow you to use external software to store your work (possibly company confidential) information?
- Are you putting company information at risk of being compromised?
Thursday, October 7, 2010
Security checklist by Gmail
Here's a pretty good help article that Google has posted to help you make sure your gmail account is secure.
Gmail security checklist
Some of it is pretty basic, common sense stuff that perhaps you already do (or maybe not,) but it has lots of good things to review.
Gmail security checklist
Some of it is pretty basic, common sense stuff that perhaps you already do (or maybe not,) but it has lots of good things to review.
Friday, September 17, 2010
Tuesday, August 31, 2010
Protecting your identity online
I saw this guest post on "10 ways to Protect your Identity Online" on momsavingmom.com. (I'm not a mom, but I like to save money!)
I think most of the suggestions listed are things we've heard a lot (change your password, don't use an easy password, get your free credit report, etc...)
I thought number 4 and 5 may be interesting/helpful to some people tho...
I think most of the suggestions listed are things we've heard a lot (change your password, don't use an easy password, get your free credit report, etc...)
I thought number 4 and 5 may be interesting/helpful to some people tho...
"4. Use one credit card solely for online purchases."
If a thief uses your non-online card for online purchases, the credit card company is much more likely to catch the theft because it doesn't fit your normal purchasing pattern. Using certain cards for certain types of purchases also helps YOU to recognize out-of-the-ordinary purchases more easily.
"5. Link your debit card to a special bank account."
If a thief gets a hold of your debit card, they'll only be able to take out as much as what is in that account.
Monday, August 23, 2010
More SPAM
I've recently received lots of email SPAM from friends, mainly about "Fanbox" and "Tubely." (See below for examples.)
Just from the look of the emails and through a quick Google search, these sites definitely look sketchy/fake.
Delete these emails.
Do not register on these sites.
And definitely do not supply your email password to these sites!
See my previous post about this.
Fanbox SPAM: This site tries to get you to click to their site by pretending your friend has shared photos with you.
Tubely SPAM: This site tries you get you to click to their site by asking you to add a friend to your friends network on this new "social networking site."
Just from the look of the emails and through a quick Google search, these sites definitely look sketchy/fake.
Delete these emails.
Do not register on these sites.
And definitely do not supply your email password to these sites!
See my previous post about this.
Fanbox SPAM: This site tries to get you to click to their site by pretending your friend has shared photos with you.
Monday, August 9, 2010
Secure searches
Saw this while browsing the web today.. Secure Google searches..
Basically to perform a secure search (over SSL), use https://encrypted.google.com.
This prevents people (such as the people who run the network you're using, such as your employer, or someone sniffing around on your network) from being able to see what words you're searching on (and the search results pages that Google suggests.)
There's also a Google Chrome extension for this.
Basically to perform a secure search (over SSL), use https://encrypted.google.com.
This prevents people (such as the people who run the network you're using, such as your employer, or someone sniffing around on your network) from being able to see what words you're searching on (and the search results pages that Google suggests.)
There's also a Google Chrome extension for this.
Monday, March 29, 2010
Google Buzz
I've been meaning to write about Google Buzz. It gave a lot of privacy-minded people a headache when it was first launched (and Google has made a bunch of changes addressing some of those issues since then.)
Google Buzz is a neat little tool, and there's things that I like and dislike about it (and how it was launched.) I won't go into all those details, but will give you a few items to check over in case you do decide to use it.
1. Public vs. private posting
2. Hiding those you follow/are following you
3. Google profile
Google Buzz is a neat little tool, and there's things that I like and dislike about it (and how it was launched.) I won't go into all those details, but will give you a few items to check over in case you do decide to use it.
1. Public vs. private posting
- Whenever you post something, you can choose to post it publicly or privately to a group of people. This may be obvious to most of you, but some people hit the "post" button rather quickly and assume it will only be viewable by their friends, when actually the post may be public by default. If it's public, then anyone out there (including Mr. Stranger) could potentially view it.
2. Hiding those you follow/are following you
- By default, I believe the list of people you are following and the list of people who are following you is public. I'm not sure if you want people to be able to see who you communicate with. If not, you can make these lists private - on the edit profile page, de-select "Display the list of people I'm following and people following me."
3. Google profile
- When you enable Google Buzz, Google will also create a Google profile for you (if you didn't already have one.) Remember, this profile is public (anyone could see it potentially) so you may not want to display too many personal details. You may also want to view the profile while not logged in to see how the profile would look to others.
- Google uses your first and last name on your Google profile. If you use your full name, your profile will appear in Google search results. You may not want people to be able to find your Google profile (which also lists your public Buzz posts) by searching for your name. (I don't, but some people want to be found.) If so, you could replace your last name with your initial, or change it some other way. To change your name or any other info on your profile, go to the Google edit profile page, make any changes and save.
- The address of your profile address may either use your Google username or a random number string. Because this is public, people who access this page could easily figure out your email address (your email address is your Google username @ gmail.com) if your address uses your username. This effectively makes your Google email address publicly discoverable. If you don't want that, you should choose not to customize your URL with your Google email username by not selecting that option (on the bottom of the edit profile page under the heading "Profile URL.")
Tuesday, March 23, 2010
People search engines - the information out there about you
If you try searching your name online on various search engines or specialized people search engines, you may find your age, birth date, address, telephone numbers, and other information available in the phone directory or other public documents. (Hopefully that doesn't surprise you.) You may also find a link to your web site, or other public web pages that have listed your name.
Many people search engines also now search what's called the deep web - pages that general search engines generally can't reach. Some examples are pipl.com, mylife.com, and peekyou.com. These sites will search social networking sites such as facebook.com, linkedin.com, myspace.com, friendster.com, amazon.com, classmates.com, etc. I found that on mylife.com and peekyou.com (which I had never accessed before), I already had a profile available to the public about me! peekyou.com even displayed my picture and some interests/hobbies which it probably took from my friendster.com profile page (which I haven't used in years and forgot still existed.)
That's right! Information that anyone on the internet may find about you (by easily using a search engine) might have been made available by YOU! Anything on your public profile pages - your pictures, your location information, blogs, a list of your friends and others in your network, etc, could all be public and searchable by others.
Just think, anything put on your public Facebook page or myspace page could potentially be accessed, saved forever, and made available to others (forever). If you want to prevent this from happening, you should make your profile pages on social networking sites and other public pages private, or at least make private those pieces of information you do not want others to know about!
Many people search engines also now search what's called the deep web - pages that general search engines generally can't reach. Some examples are pipl.com, mylife.com, and peekyou.com. These sites will search social networking sites such as facebook.com, linkedin.com, myspace.com, friendster.com, amazon.com, classmates.com, etc. I found that on mylife.com and peekyou.com (which I had never accessed before), I already had a profile available to the public about me! peekyou.com even displayed my picture and some interests/hobbies which it probably took from my friendster.com profile page (which I haven't used in years and forgot still existed.)
That's right! Information that anyone on the internet may find about you (by easily using a search engine) might have been made available by YOU! Anything on your public profile pages - your pictures, your location information, blogs, a list of your friends and others in your network, etc, could all be public and searchable by others.
Just think, anything put on your public Facebook page or myspace page could potentially be accessed, saved forever, and made available to others (forever). If you want to prevent this from happening, you should make your profile pages on social networking sites and other public pages private, or at least make private those pieces of information you do not want others to know about!
Monday, March 1, 2010
Bridal shower scam
I saw this article "Scam touted bogus bridal show at Hynes..." on boston.com
Basically, beginning last Fall, some scammers set up a fake web site, Twitter accounts, and Facebook page to promote "The Boston 411 Bridal & Home Show 2010'' which was supposed to take place this week in Boston at the Hynes Convention Center.
"...an estimated 5,000 people paid at least $15 a person and that about 200 businesses also paid fees, ranging from $350 to $4,000. The payments were made through PayPal, police said."
A good reminder that just because something has a web site (or Facebook page or Twitter account, etc) does not mean it is legit. Also, don't believe everything you read about online!
Basically, beginning last Fall, some scammers set up a fake web site, Twitter accounts, and Facebook page to promote "The Boston 411 Bridal & Home Show 2010'' which was supposed to take place this week in Boston at the Hynes Convention Center.
"...an estimated 5,000 people paid at least $15 a person and that about 200 businesses also paid fees, ranging from $350 to $4,000. The payments were made through PayPal, police said."
A good reminder that just because something has a web site (or Facebook page or Twitter account, etc) does not mean it is legit. Also, don't believe everything you read about online!
Wednesday, February 17, 2010
ATM security
I don't use the ATM often, but when I do, I exercise the usual safety precautions (such as have my card ready, don't go too late or to an unfamiliar location, go to a well-lit ATM, etc.)
Over the years, I've also heard of people's card and pin numbers being stolen while they are using the ATM. Basically what happens is that thieves install fake readers/cameras in the ATM so that when you insert your card or press your pin number, that information is collected. The installed devices are cleverly hidden/disguised so you can't tell that the ATM has been tampered with. There was a recent story where a card skimmer was installed inside a gas pump.
See here, here, and here for some pictures of ATM skimmers.
So, when I have to use an ATM, I also:
Over the years, I've also heard of people's card and pin numbers being stolen while they are using the ATM. Basically what happens is that thieves install fake readers/cameras in the ATM so that when you insert your card or press your pin number, that information is collected. The installed devices are cleverly hidden/disguised so you can't tell that the ATM has been tampered with. There was a recent story where a card skimmer was installed inside a gas pump.
See here, here, and here for some pictures of ATM skimmers.
So, when I have to use an ATM, I also:
- use an ATM that is not too isolated and generally seems to be in a secure location, such as an ATM in the same building as the bank (somewhere the ATM could not have been easily tampered with.)
- if I have to use a card to open a door to get into the ATM, I use a card different from my ATM card, in case there is a bad reader installed in the door-opening-card-reader device. (You can use any card with a mag stripe to get in.)
- use one hand to cover my other hand when I type in my pin number (in case anyone is looking, or if there was a camera that was installed in the ATM to record what I press.)
- don't use the ATM if it looks any bit sketchy, or if I have to jam my card in to get it in the machine. That might indicate that a card skimmer was installed.
Tuesday, January 19, 2010
Gmail turns on https by default for all users
Before, I had blogged about how you an make your connection to gmail a little more secure.
Gmail is now turning on that setting by default. Nice! This basically protects your email as it travels between your browser and google's mail server.
Gmail is now turning on that setting by default. Nice! This basically protects your email as it travels between your browser and google's mail server.
Subscribe to:
Posts (Atom)
Posts
