Two-step-authorization

Posted on April 25, 2013 by Gwen

Expect two-step-authorization to become the standard to make it more difficult to hack an account.

Twitter Is Rolling Out Two-Step Authorization (Finally) by Jared Keller, Bloomberg BusinessWeek (Apr 24)

Kim’s security tips

Posted on April 24, 2013 by Gwen

Secure your computer and your browser — Erase sensitive data your browser stores about you – tips from Kim at Komando.com.

Malware in search results

Posted on April 13, 2013 by Gwen

Message might be – avoid searching on breaking news to reduce risk of malware. Study by a German IT group analyzed amount of malware in search results at Google, Blekko, Bing and Yandex. Google was least, and Yandex most.

Google Beats Bing, Yandex & Blekko At Keeping Malware Out Of Search Results [Study], Matt McGee, Search Engine Land (Apr 11)

AV-TEST found that news-related search results frequently contained malicious links, due to malware developers’ focusing on breaking news topics and because “users are the least suspicious in such cases and therefore quickly click on the links provided.”

Private browsing with Firefox

Posted on April 4, 2013 by Gwen

New page from Mozilla on Private Browsing – Browse the web without saving information about the sites you visit

“Private Browsing allows you to browse the Internet without saving any information about which sites and pages you’ve visited. This article explains what information is not saved when in Private Browsing and gives you step-by-step instructions for using it.”

Applies to Firefox 20.

About hyper-targeting and your privacy

Posted on April 2, 2013 by Gwen

If you weren’t concerned about privacy on the Internet before, you will be after listening to – Hyper Targeting – How Brands Track You Online. This is an episode by Terry O’Reilly, in the excellent CBC radio program, Under the Influence. It’s very scary business on how much is known about us and there are very few controls. Read and listen – podcast is 27 minutes – I’m guessing it will be available for 2 or 3 weeks before it’s pulled and sold through ITunes.

Managing Passwords

Posted on March 26, 2013 by Gwen

MakeUseOf has issued The Password Management Guide (March 2013)

Passwords have become the bane of our lives – or they have mine. Which takes longer – keepin a record of passwords used or setting up a real password management system?

Mohammed Al-Marhoon, the author, explains password management (in detail), its importance and how to do it, and introduces tools and techniques.

Concluding words were:

And our last recommendation that we strongly encourage is for you to start evaluating your passwords, building your tiered password system, alternating your ways of creating passwords and storing them using password managers or password tree, be up-to-date with the latest security news, and regularly change your passwords.

I guess no one said it would be easy.

Security Measures on Chrome

Posted on March 22, 2013 by Gwen

Google Chrome: Best security tips for safer browsing at PCWorld (Mar 18) – one can never be too safe, I suppose.

This article recommends blocking javascript – and what – not use web pages? I think that’s going too far. OK to control plugins, but javascript is used too widely.
If you’re syncing Chrome data across devices or computers there is merit to setting up an additional passphrase for security if the extra level doesn’t irk you. Or securing your Google account.
There are also extensions such as AdBlock that can help.

Google Violated Privacy in Street Maps

Posted on March 16, 2013 by Gwen

This is a guest posting from Marc Kosciejew. He follows privacy issues and is quite right in alerting us to Google’s unauthorized collection of personal data and its implications. Was Google being careless, unethical, arrogant? Evidence points to all of these.

It is disturbing and shocking how Google secretly collected personal information from its (intrusive) Street View mapping project; moreover, it’s particularly troubling that the online giant initially denied its clandestine activities.

“Google Concedes That Drive-By Prvying Violated Privacy”, The New York Times, 12 March 2013

Some highlights:

Google acknowledged to state officials (from 38 American states) that it had violated people’s privacy during its Street View mapping project when it casually scooped up passwords, e-mail and other personal information from unsuspecting computer users.
The Street View case arose out of Google’s deployment of special vehicles to photograph the houses and offices lining the world’s streets. But the company also secretly collected personal information — e-mail, medical and financial records, passwords — as it cruised by. It was data-scooping from millions of unencrypted wireless networks.
A worldwide uproar and investigations in at least a dozen countries ensued. An Australian regulator, Stephen Conroy, called it “probably the single greatest breach in the history of privacy.”
Google initially denied any data had been collected from unknowing individuals, then sought to play down what data had been collected and fought with regulators who wanted to examine it. Google said the data had been destroyed, although it turned out some had not been. Some data was purged, but Google is holding the rest until several private lawsuits are resolved.
Privacy advocates and Google critics characterized the overall agreement as a breakthrough for a company they say has become a serial violator of privacy.
Google, for the first time, is required to aggressively police its own employees on privacy issues and to explicitly tell the public how to fend off privacy violations like this one. But some critics worry that the case’s beneficial impact for privacy rights may be limited. Consumer Watchdog, a privacy monitor and frequent Google critic, said that “asking Google to educate consumers about privacy is like asking the fox to teach the chickens how to ensure the security of their coop.”

Gmail vs Outlook – new battle

Posted on February 7, 2013 by Gwen

Yes – Google targets ads to GMail users based on the content of their emails. Most GMail users must realize that and have decided to accept it. But maybe Microsoft will lead the battle to change things.

Danny Sullivan describes the situation in Microsoft Attacks Gmail Over Privacy In Latest “Scroogled” Campaign (Feb 6).

Of course, Microsoft would like GMail users to become Outlook users – where users can pay $20 to turn off the ads. Microsoft at its Scroogled site is also running a petition against Google.

Google does offer ways to opt out of the ads – as Danny explains – but they aren’t easy.

All very negative – but GMail users might check into ways to turn off those ads.

Password Authentication Coming

Posted on January 21, 2013 by Gwen

One day soon we won’t be using passwords, we’ll have a cryptographic card or some other token-like authentication. Robert McMillan in Wired (Jan 18) - Google Declares War on the Password – summarize points made by Google Vice President of Security Eric Grosse and Engineer Mayank Upadhyay about the future for online security.

Thus, they’re experimenting with new ways to replace the password, including a tiny Yubico cryptographic card that — when slid into a USB (Universal Serial Bus) reader — can automatically log a web surfer into Google. They’ve had to modify Google’s web browser to work with these cards, but there’s no software download and once the browser support is there, they’re easy to use. You log into the website, plug in the USB stick and then register it with a single mouse click.

What if we lose the token?

Web Search Guide and Internet News

Web searching with Gwen Harris

Category Archives: Security and Privacy