Category Archives: Internet

Password Management

With hundreds of accounts spread across the Internet, covering everything from social media to email to financial data, its important to have strong, unique passwords for every website.   But keeping track of those passwords is a huge pain.  Many people resort to storing their passwords on paper or a worse, in a document stored on a computer.

The best way to deal with all that account security is to use a password management tool.   Some of the most popular password management tools:

Things to look for:

  • Does it work on phones as well as laptops/desktop computers?
  • How much does it cost:  is there an annual fee or cost per device?
  • Can you synchronize the stored data between platforms (phones and laptops)?

Note:  Some browsers, like Google Chrome, can do a remarkably good job of generating, storing and recalling passwords.   However, that’s about all they can do — that can’t keep track of secret questions, birthdates, etc.

Security tips:

  • Always use strong, unique passwords.  A good password manager tool can generate strong, unique passwords for you.
    • Passwords should generally be composed of upper and lowercase letters as well as some punctuation and numbers, and should be at minimum eight characters long.
    • Every website should have a unique password — do not reuse passwords.
    • Don’t make up new passwords based on a variation of common root word (like bobby12, bobby12a, bobby5x).
  • Turn on two-factor authentication (2FA) for all sensitive accounts including financial, social media, and storage accounts.  Major accounts that provide access to key personal data like Google (gmail) and Apple accounts should definitely have 2FA turned on.

The Internet of Things

Internet of Things (IoT) is the latest trend in the Internet saga.  IoT is basically the connecting of devices to the Internet for monitoring.  Initially, this was simple devices like webcams and smartphones.  But now IoT is the monitoring of just about anything.  One of the smallest and simplest examples is Amazon’s Dash buttons.  033115_AmazonDashButtonWith a single press of the button, the device sends a message back over WIFI to the Amazon motherland, letting them know you want to order more of that product.  Other examples include washing machines that let your smartphone know when the current load is done and the Nest thermostat, which observes your heating/cooling usage and adjusts its schedule dynamically, all while tracking and processing much of the information up in the cloud.

Looking at a bigger picture, IoT is be used by companies with their products to keep track of inventory and collect information on usage.  And all of this data has to be stored and processed somewhere, which is another growth industry.

For most people, one of the biggest and potentially most useful areas of IoT is home automation. Nest-1000x1000 Initially, the process can seem simple:  add a WIFI connected thermostat, or a few window and door sensors to detect entry.   But the real trick, as with all of IoT, is in the choreography of these devices.  With the right home automation setup, the system can warn you when the furnace is turned on but  you’ve left a window open and outside temperature will impact the furnace performance.    And going deeper, a home automation system can watch for movement within the household after 6 am, and then triggers the turning on of lights (if light levels are detected to be too low), turning up the furnace thermostat, turning off the alarm system, and turning on the coffee maker.  The interconnecting of these IoT devices, and the logging and processing of the data, can lead to some complex and powerful systems, which can help not only make your home safer, but save energy and add a lot of convenience.

However, as of fall 2015, we are still in the early adopter stage.   It reminds me a lot of the early days of the personal computers, when there were many producers but the complexity level of assembling and using them was still high.  Most early computer users had to build the computer from parts, how to load and run programs from a command line, edit configurations by hand and sometimes even write their own programs. And most people, at the time, thought they would never need a home computer.  Most of the advanced home automation systems are much the same way, requiring power users who are comfortable with customizing configurations and loading modules they have to seek out from user forums.  And again, most people don’t see all the potential of what these systems can do.  There is no clear home automation leader — it is the Wild West still, and one strong horse now could be off the track by next year.  Apple, Google, and many more have their fingers in the water, but haven’t produced significant efforts yet.

shop-app_900x600_monitoring-kit_final-2One of the early leaders is SmartThings, a kickstarter home automation system that has since been purchased by Samsung.   It provides a low cost, fairly open, and highly configurable system that accepts a large number of IoT devices.  But it also requires a solid tech understanding of the devices, and frequently custom device type configurations and coding speciality routines. It is one of the most popular systems with the techies, and when working properly, it can do some amazing and complex automation.  It’s the TRS-80 of the early IoT days…  can it be the IBM PC?  As of this writing, the company has been struggling to keep up with their fast growth, and the stability of their product has been suffering.

The next few years will see a rapid evolution in IoT, and automation, as these systems become more widespread, and we adapt to more and more technology in our lives.

The Future

At the 2011 CES show, Motorola rolled out an amazing new product, perhaps the most groundbreaking since the iPhone.   It’s called the Motorola Atrix.   And it represents the future of computing.

Basically, the cellphone is the computer, and by using simply docking units, you can switch to using it as a desktop computer, a laptop or even a home entertainment system.

Check out the Engadget article and especially watch the full video demonstration.   It really is amazing.

Game Changer

A new Firefox browser plugin released in late October 2010 is having a chilling effect on public WIFI surfing on the Internet.   The plugin allows anyone to simply use their web browser to discover and hijack access to many of the most popular websites while surfing on a public, open (unsecured) WIFI network.   In simple terms, this means if you surf the web from a local coffee shop or public library using unsecured WIFI (no password needed), then other users at that location can very easily gain full access to your web accounts like Facebook, Twitter and even Amazon. While this type of hack was possible in the past, it required a fair amount of technical prowess and specialized tools.    Now it is as easy as installing this freely available plugin — This really is a game changer for public WIFI web surfing!

What can you do?

  1. Whenever possible, avoid accessing any personal accounts (and email) while you are connected to an unsecured WIFI network.
  2. Try to only use WIFI networks that have encryption (should show a lock on the WIFI network when browsing, and will require a password/code to acces the network).
  3. Consider installing and subscribing to a VPN service.  A VPN service will encrypt all of your network communications, regardless of the type of network you are connected to.   Here are a few products/services: HamachiHotSpotVPN, TrustConnect.
  4. If you have the ability to access the web via your cellphone (a process called tethering when used with computers), then use that access instead.
  5. If your browser supports plugins, look for a plugin that will force encrypted sessions (SSL) for popular web sites. For Firefox, one plugin is called ‘HTTPS-Everywhere’ and Chrome has one called ‘KB SSL Enforcer’.   You’ll need to verify the website URL starts with ‘https’ (note the ending s) to ensure the connection remains secure for every page you visit.

Who is impacted?

Anyone using a computer (or ipod, cellphone, etc.) to access an open WIFI network.  All types of computers, all types of operating systems, are vulnerable to this attack as it occurs at a network level.   Again, an open network is one that is not locked (does not require a password).  Most public WIFI, like the kind at coffee shops, public libraries and even hotels, are open and unsecured!

Who is not impacted?

If you using computers at the public library that are not connected wirelessly (i.e. they use an ethernet cable), those are generally safe.  Surfing from your cellphone should be fine, as long as you are using the cellular network and not connected to a WIFI network.   If the WIFI network you connected to is locked (requires a password to make the network connection), then your surfing is safe.

More Info:
Video explaining more details on this plug-in and showing how simple it is to use.

Malware Attacks Becoming More Deceptive: XP Antivirus

One of the more insidious malware attacks in recent months as been an attack that disguises itself as an antivirus program. It appears on your system as ‘XP Antivirus’, which is not a real product. It then usually flashes up a fake virus detection notice such as this:

And then tries to get you to purchase the software or updates, thus providing your credit card details to some rogue organization. In addition, the virus usually embeds itself deeply into your system software, making it difficult to remove. It may also monitor keystrokes and steal other personal data.

If you start encountering antivirus warnings from a program you are not familar with, you should have your system checked immediately.

You can also do a cursory check of your system following the steps outlined in our Support article:  Spyware/Virus Detection.