by WebKeyDesign | Oct 4, 2017 | News & Trends
Like most professionals, I have taken countless courses on data privacy and computer security. After a while, the online courses and training scenarios all end up sounding the same. In 2017, the size and scope of technology breaches has increased and at the same time we are learning that our financial and private data is being compromised in more places than we can count. From our local store at the mall, to our financial institutions, the reality is that technology is making everyone a target. By news accounts, you can’t trust anyone. Your bank, your healthcare insurance, your webmail provider, the IRS, your payroll provider, have all been compromised and this all before we even learned about the Equifax breach. Target is a good example of a company that invests heavily in technology and implemented security protocols better than most companies, however they still became a victim and were compromised. The reality is that security is not ever going to be easy. The best way to implement security is by using a layered approach, with multiple levels of restrictions. Secure your network, secure your devices, secure your software with updates, use strong passwords, and backup your data in multiple ways. This becomes a lot of work for individuals. The frustration is that even if you do everything right, you are still going to be compromised. The best possible outcome is that you will not be an easy target and that you limited what was taken from you.
CCleaner
CCleaner is one of my trusted utilities, on Windows computers. I use it quite often and install it on all of my Windows machines. Recently, their security was compromised and malware was added to their installer. Reading carefully through all the reports, I determined that on two machines the version had not been updated and multiple scans by different anti-virus tools came up clean. On a third machine, a laptop, the machine had been compromised. On this particular computer, I did not have any real data that was of importance, and this was the laptop that I had setup with a custom Windows setup that allows me to restore Windows to a fresh state. This allowed me to restore the machine in less than an hour and I no longer had to worry about malware on that computer.
However, this was a wake up call in regards to my other machines. I need to implement a similar setup for my other computers. There needs to be a strategy for my home Windows Server, my kids computers, and what about my Mac computers? This all came about because I trusted an application that I have been using for years.
iOS Devices
For the most part, I have not had to worry too much about the Apple ecosystem, when it comes to iOS. Apple has been pretty good about keeping malware out of the App Store, not perfect by any means, but good. All I have had to do is keep iOS updated with the latest version that is available for the device and not install too many third party apps. I also keep an iTunes backup for my iPhone and iPad. I do not put too much faith in the cloud, so my iCloud data is pretty slim.
Android
There are not any Android devices in my home. We are pretty much Apple, Windows, and Linux. My criticism of Android is that there are way too many exploits and security compromises when it comes to the platform. The devices are not updated very often and prior Android versions are very vulnerable to all types of attacks. This is an area where Apple has managed to do better due to the faster upgrade cycle and walled garden that is the App Store. My best advice for Android users is the same as iOS users: upgrade your OS and do not install too many third party apps.
Linux
I do not use Linux as a desktop, so my concerns with Linux is typically with servers. Linux is becoming a bigger target these days. Part of the problem is that Linux is a collection of software that is patched together from multiple sources. These sources are all vulnerable. The other issue with Linux in general is that it requires a certain level of admin expertise, which is different from most consumer software. For Linux, I keep a backup of an original setup, so if I misconfigure or break something, I can restore to that setup. For the data, I backup separately and keep multiple copies of that. Scanning tools for Linux tend to be free, but there are commercial versions which you can purchase. If you are using Linux for business purposes, Redhat is highly recommended.
Facebook, Amazon, & Clouds
I find it hard to reconcile individual security and Facebook usage. To me the more you use Facebook, the bigger a target you become. I see people updating their Facebook account with their physical location all the time. This is great information to have, if you are a thief and want to break into someone’s house. The problem with Facebook, Amazon, and cloud platforms like iCloud is that these services communicate with your mobile phone and the data that they send back and forth is very susceptible to being breached. Your phone is literally a beacon that keeps signaling all the time. You can prevent some of this by turning off Bluetooth, Wireless, and not installing third party apps, however for everything you turn off or disable, the phone becomes less connected, less functional. A must have is some sort of VPN, that you can enable when connecting to free wireless networks.
There really is not a good way to be private or have layered security when it comes to the mobile phone. The phone is a beacon at this point, and you are the target.
Identity
Since the Equifax breach, I have been reading about what possible avenues people have to protect themselves, now that everyone is compromised, and the only advice that I found that seemed plausible was to change your name. It is possible to legally change your name and to escape some of the repercussions of the Equifax breach. Unfortunately it has come to this.
by WebKeyDesign | Mar 21, 2013 | News & Trends
Over the last few years, I have become somewhat of a politician, when it comes to speaking about the Internet and the undeniable bandwidth problem we have in the US. The difficulty I ran into multiple times was that it is hard to convince people that not having enough bandwidth is a problem at all. Bandwidth is something that most people just don’t think about. It is like breathing, you never realize you need air, until you are deprived of it. It has only been within the last couple of years that people are starting to wake up to the limitations of low performing internet connections. This has been brought on by consumer usage of more internet connected devices, from the smart phone to the iPad. As these devices tap into more and more of the wireless capacity of home routers and cell phone towers, they begin to push the limitations of the land line technology that usually provides the internet connection. This includes T-1 lines, DSL modems, ethernet, and fiber technologies.
The problem then becomes two-fold. We have a capacity issue for individual consumers wanting to communicate and for our institutions and businesses that want to provide better services. With low performing internet, we end up with schools that can’t use technology to teach our children, businesses that can’t provide the type of services that we want to buy, and innovative healthcare solutions that we can’t adopt. My concern is not being able to watch YouTube without the buffering message, it is instead the elderly person who could receive in-home diagnostic care without having to go to the hospital if only broadband was available.
Last year I spoke to a large audience of educators and mentioned the bandwidth issue. They were able to understand the issue personally because many of them use Netflix at home and have had to deal with streaming problems. Between video streaming and gaming, I think everyone is waking up to the problem. However solutions still seem to be unattainable at this point. Regardless of who do you think is to blame for the lack of affordable broadband solutions, the truth is that we as citizens need to deem this issue important enough to do something about it.
It is disappointing to me that technology wise no one has stepped up and come up with an affordable solution to this issue. Looking back in the past, many companies used proxy servers to provide internet to their offices. The open source Squid Proxy is a good solution for caching internet connections. There seems to be a lack of initiative to create a cheap router with a built-in caching squid proxy. Performance wise, you do need memory and disk space to run squid smoothly, but by far I think the biggest deterrent is the complicated problems that proxies create. With a proxy you do have to deal with some sites not working correctly, and UPnP network devices tend to break.
We are kind of left in this limbo state of having limited internet connections and no real viable solutions. The longer we ignore the problem the longer we stall innovation and deny ourselves improvements in education, business, healthcare, and entertainment.
by WebKeyDesign | Dec 24, 2009 | News & Trends
The calendar is changing yet again on another decade and as we go from 2009 to 2010, it seems only natural to become a bit reflective on all things. Technology is always changing and what seems like life long disputes are now fading into obscurity, and before you know it, you will be sounding like an old timer talking about the old mainframe days of computing. In my case, the old local network model of client and server is where I made my professional career. However that model is dramatically different today. Today, I no longer work on Netware or Windows 2000 file servers and their Windows clients, as much as I work with browsers and the Internet. Instead of supporting a LAN, I mostly support Web Services; a term that describes pretty much anything if you really think about it. I tell most of my non-technical friends that essentially I support web sites, to make sure they are working the way they are suppose to. This is more easily said than having to explain that I spend most of my time trying to figure out where exactly my problem is.
The extraordinary situation is that supporting web services is kind of an unwritten subject matter. You will not be able to walk into Barnes & Noble and find it in the computer books section. Most of the time what you will find will be books that talk about making money with web services, by which they mean running your own website business or using eBay or Amazon to help your business. This is because web services, as we think of web services have not been around all that long. The prior file server and client model, what I call LAN support, has been around for more than two decades and it was properly evangelized by companies like Microsoft, Novell, and IBM.
For years, Microsoft sold and supported training for how to support your basic file server and local clients. You usually ended up with huge thick books and a paper certificate that you could hang on your wall saying you knew how to support Windows. Web services has no such certificate and even if you could point to one, it most likely would be so specialized that it really could not encompass much. For example right now, a web service could mean Apache Web Server connecting to a backend database that is serving up information to a browser on a Macintosh, a Windows machine, a mobile smartphone, or even a GPS device in your car! The technologies that make this happen are varied and when you think about the data it only starts to get more complicated. The iPhone as a platform for web services has been incredibly successful for Apple but even Apple did not foresee most of the web services that the iPhone is now capable of. As Apple has added more sensors to its device and given developers access to their data, it has allowed developers to change the way we think of web services. The iPhone will soon be able to not just tell you where you are, but inform you of what you are actually looking at or even what you should be looking at! Now if you look at it from the point of view of a person who wants to support that technology, where do you exactly start? It certainly is not going to be easy.
Since there is no one company behind the technology that powers web services, it is best to be a good problem solver who knows a little bit of everything and who can properly research problems.
Problem solving is all about being able to break things down to their rudimentary components and to be able to have a grasp on how something works. Experience counts a lot, but only if you develop good skills to begin with. Programmers are very good at breaking things down, so even if you do not see yourself as a developer, it is still important to learn the basics of programming. Languages like JavaScript, PHP, Python, and JAVA can teach you a lot about how to approach problems. Even if you never master a programming language, you can still take away a lot from the experience of just trying to program.
The absolute things to learn are HTML, CSS, and XML. These are the defacto data elements of pretty much all web services and are not at all difficult to learn. HTML is like learning to use different grammar, so pretty much anyone can learn to read and write it. One other subject matter to master for problem solving has to be networking. You must know how networking works, both at the protocol level and at the hardware level. You may not need to master CISCO routing, but you should learn the basics of what routing is, what TCP/IP is and how it works, and you must learn everything you can about HTTP, as this is the most common protocol you will be working with. Remember how I said there was not one book that you could pick up to learn web services? After all this reading, you will probably hate the computer section of the book store.
Once you have acquired some knowledge of the technologies involved, you will need to learn how to research problems. It amazes me how many people do not know how to research. This is the one skill that you need to acquire before you interview for any position. There is nothing more disappointing than to realize a candidate for a position has poor researching skills. If you never took a class on how to utilize Google Search, than pick up a book and learn how to mine Google for all sorts of data. This is an essential skill. No one can possibly know everything and remember you are getting paid to solve problems, so why not get ahead in life by using the immense knowledge out there on Google and other search engines. The other part of research is documentation. Effective people are organized. Find a system of organizing your researched data that makes sense to you, whether this is Outlook, a content management system like a wiki, or just a WordPress blog. Whatever you do, do not rely on your employer or someone else to tell you how to do this. What you will find is that it is a lot easier to stick to a system that works for you than it is to try to work within the limitations of someone else’s system.
Supporting web services is always changing, and so there will always be new browsers to test, new tools to use in your analysis. You will need to devote some small part of your day to reading about these new developments. And who knows maybe someday there will be a good book on how to do all this, but until then you will probably have to do all of the above. Good luck and remember it is just a website, right?
by WebKeyDesign | Jul 3, 2008 | News & Trends
Something which I rarely see being mentioned in the mainstream media is company ethics and consumers. The Internet news sites do cover some of the borderline unethical behaviors of major companies like Apple and Dell, but in reality these stories are aimed more at tarnishing the image of corporations, than really covering the actual situation and shady policies of the workplace. As a consumer of products and services, this bothers me somewhat because I try to only deal with ethical companies. After all would you really buy something from someone you personally knew was a thief? When it comes to corporations, we really should hold them to the same standards as our personal relationships. Although holding corporations accountable seems almost impossible nowadays, there are some things to look for.
Public traded companies do publish their financial records and occasionally their dirty laundry does come to light. Most of the time the bad news is published in obscure trade publications and so it is sometimes hard to find. Eventually if the dirty laundry is serious, it will eventually lead to an investigation or multiple lawsuits. At this point you can pretty much tell that the company acted contrary to ethical standards. Note that this is not something that you find with top corporations only, but with all companies in general. Just because Global Widgets did some illegal stock manipulation, does not mean that their competitor Small Scale Widgets is any less reputable. Sometimes an entire industry is guilty, like when all the memory makers made a group effort to artificially keep memory prices higher.
Perhaps the most direct way of finding out how ethical a company is to talk to them. When you walk into their store, call their customer service line, or email them, what type of response you get can reveal a lot about the type of training that the company gives their employees. Although this probably cannot tell you everything about a company, it does reveal enough to let you know if the company is worthy of your business. Talking may be a lost art, although we communicate every day, we do not do it effectively, and so remember the following points when you engage a company.
- Always ask for what you want directly, do not try to hide your intentions. If you want a cheaper price or think that the service or product is not up to your expectations, ask for an explanation.
- In turn, you should always be fair yourself: do not waste a company rep’s time if you truly are not interested in their services or products.
- Since companies can have multiple businesses, you cannot always hold accountable the bad ethical practices of one of their divisions to all of their other businesses.
- Lastly if you are treated rudely without justification, make the company aware of this, and if the response is lacking, never do business with them again.
In general, companies care about their shareholders more than their customers, it is this mentality that has led many companies to lie, steal, and cheat to make their profits ever larger, only to find out much like Starbucks, that you cannot make money without customers, even if you have thousands of locations.
by WebKeyDesign | Oct 11, 2006 | News & Trends
This is perhaps the most interesting news I’ve heard all week. According to MacWorld, Qualcomm is opensourcing Eudora. I’ve only been using Eudora since version 3.0, and it has always been my preferred email client on all my Macintosh systems. When OS X came out, I never embraced Apple’s Mail, simply because Eudora had so much of my old email, and by now I can’t seem to match the comfort level with any other mail client. About the only email interface that I feel comfortable with is webmail via Horde and Gmail. Although I use Mozilla Thunderbird daily, it still feels slow and alien to me, every time I use it. In reality, Eudora’s interface is so 90’s. The interface feels out of place in OS X and a little hard to use compared to modern GUI apps. Still I can’t seem to feel very fond of Thunderbird’s huge icons and web browser like interface. On the otherside of the pond, there’s Outlook and I cringe daily at how complicated Outlook really is. It would be great if someone could make an email client that can do everything Outlook can do, but do it in a clean and friendly interface, kind of like what Apple did for the MP3 player with iTunes.
For OS X users, it looks like Eudora 6.2.4 will be the last commercial version. Qualcomm expects the first Mozilla Eudora opensource version to come out in 2007, but who knows how well documented the code is after all these years. Most of all, I wonder what the interface will look like in the future? Eudora needs a good GUI makeover.
Eudora Revisited
- Qualcomm’s Penelope Project intends to build an extension to Mozilla Thunderbird that will make Thunderbird look similar to Eudora.
- Correo is an open-source project that aims to use Mozilla code to develop a native mail application for Mac OS X users, doing for email what Camino did for the Web browser.
- Infinity Data Systems – MailForge is a commercial project that intends to build a new email client that looks and feels similar to Eudora.
by WebKeyDesign | Sep 13, 2006 | News & Trends
I am not sure about the whole Web 2.0 debate, but something which is very noticeable about the Internet in 2006 is that forum based sites are dying a slow death, and the sites that include a forum as part of their main site are doing even worse. Forums on those sites are being posted to less and less. It seems that much of the forum posting community has gravitated to either posting primarily on their own web blogs or commenting only on blogs. This has created a shift away from forums and for sponsored forums, it has meant a loss of ad revenue. It may be possible that this trend may continue and cause some sites to scale back or disappear completely.
Lack of Discussion
The most obvious turn off to forums is the moderator. Keeping the conversation going between multiple members is quite hard to do. Most moderators are faced with either not moderating at all discussions and letting other members get offended while a couple of members go at it and argue pointlessly about which operating system is the best or whether you support The President or not. Eventually moderators do buckle down and impose some civility and this causes hard core members to feel censored. Once they leave, the forum becomes a ghost forum with only old discussions left. A moderator is pretty much a thankless job.
Not Enough Ad Revenue
As for the webmaster, you have to pay for the forum software which is not exactly cheap or risk going with an open source script that will require more technical maintenance. Then you have to pay for the domain and hosting services; all of this is added cost. Most webmasters depend on some sort of steady revenue from sponsers and forums have a reputation for not performing well in this area, unlike blogs.
Ease of Publishing
The irony is that while forums were once the easy way to publish quickly, they are now being outclassed by blog scripts. Today almost anyone can learn to publish on Blogger or in WordPress, but learning to navigate, search, and setup your profile in most forums takes longer than the five minute WordPress install.
Not Trendy
Then there is the obvious: web blogs have adapted the latest technologies like CSS, XHTML, AJAX, and other Internet buzzwords. Forums are just catching up and unlike small blog scripts, forum scripts are quite complicated and large, making even small changes sometimes requires thorough testing.
Internet Evolution
All of this leaves forums on the brink of unpopularity, forcing forum script developers to rethink their audience anf evolve into something else. Perhaps the web blog is the natural cousin to the forum, and the Internet may still have future uses for the once popular online forum.
Like most professionals, I have taken countless courses on data privacy and computer security. After a while, the online courses and training scenarios all end up sounding the same. In 2017, the size and scope of technology breaches has increased and at the same time we are learning that our financial and private data is being compromised in more places than we can count. From our local store at the mall, to our financial institutions, the reality is that technology is making everyone a target. By news accounts, you can’t trust anyone. Your bank, your healthcare insurance, your webmail provider, the IRS, your payroll provider, have all been compromised and this all before we even learned about the Equifax breach. Target is a good example of a company that invests heavily in technology and implemented security protocols better than most companies, however they still became a victim and were compromised. The reality is that security is not ever going to be easy. The best way to implement security is by using a layered approach, with multiple levels of restrictions. Secure your network, secure your devices, secure your software with updates, use strong passwords, and backup your data in multiple ways. This becomes a lot of work for individuals. The frustration is that even if you do everything right, you are still going to be compromised. The best possible outcome is that you will not be an easy target and that you limited what was taken from you.