Legal spying via the cell phone system

I don’t think many people know about this or can even really technically understand it.
But this article should serve as another warning to people – you have very little REAL privacy. Just about everything you send or receive via the internet, cell phone or even publicly switched telephone system is very open to ‘evesdroping’.

The NSA has been doing this for years. But now some ‘regular’ guys are showing how it’s done very easily with publicly available tools and techniques.
So for the truly paranoid time to put on the tin foil hats.
🙂

Managing Passwords – Using KeePass

In the digital age remembering your usernames and passwords can be very difficult. You need a password for the Windows network logon, your e-mail account, your homepage’s FTP password, online passwords (like website member account), etc. etc. etc. The list is endless. Also, you should use different passwords for each account. Because if you use only one password everywhere and someone gets this password you have a problem… A serious problem. The thief would have access to ALL your e-mail accounts, banking, mortgage, homepage, etc.

Here is a list of what I have to manage.
My corporate accounts: 64, my logmein accounts: 22,Personal Internet sites and services: 38, my internet email accounts(gmail, hotmail, yahoo): 14,personal banking/credit: 9.
That is a total of 147! And there are probably some I can’t remember!
As you can see having to manage these could be a nightmare without some kind of password management system.

To that end I use KeePass.
KeePass is a free open source password manager, which helps you to manage your passwords in a secure way. You can put all your passwords in one database, which is locked with one master key or a key file. So you only have to remember one single master password or select the key file to unlock the whole database. The databases are encrypted using the best and most secure encryption algorithms currently known (AES and Twofish). I also use KeePass to store my non-digital passwords such as ‘PINs’ for banking and credit cards. Because the database is digital and can be exported it can be copied to many locations for back up purposes – such as USB drives, CDROMs, place in a save deposit box and/or to an Internet storage solution.

http://keepass.info/features.html

There are versions for Windows, Linux, OSX and portable devices such as Blackberrys, iPhones and Windows Mobile (PPC).

There are also ‘Portable Versions’ that can be installed on a USB drive with your Key database for use on other non-secure machines.

Here is a good video how to:
[youtube=http://www.youtube.com/watch?v=hqOe03s9SCs]
Here is another pretty good video on how to setup and use KeePass. It is a little ‘slow’ and it is covering the portable version but the instruction is right on.
http://showmedo.com/static/flowplayer/flowplayer-3.1.5.swf

Security Threat News

I have mentioned many times before of the need to update your computer Operating Systems, Anti-Virus and Anti-Spyware applications.

But I also must mention again to please update your applications as well – ESPECIALLY ADOBE PRODUCTS.

A 2009 Global Threat Report from ScanSafe, a Cisco company, shows that in the 4th quarter of 2009 80% of all web-based exploits were malicious PDFs! It’s not surprising that the PDF number is large, but this number is so large it’s hard to believe, especially in as much as Flash exploits were 18%!
Those are some frightening numbers!

PDFs and Flash are ground zero for malware on the web these days. Just by keeping up to date on your client software you can protect yourself against almost all of it.
Here is the advisory from Adobe.

Users should update to versions 9.3.1 or 8.2.1, the links to which are in the advisory. Alternatively, you can “Check for Updates” in the Help menu.

Get Un-Buzzed!

Since Google ‘foisted’ Buzz on us Gmail users I have been very concerned about how it works and how privacy seems to be highly compromised. I made a few posts/buzz replies about how to turn off or disable buzz. But apparently buzz ‘sticks around’ unless certain deliberate steps are taken to actively remove ANY sharing of information whether you wanted to or not with people you approve and even those you don’t!

I do like a great deal about Google apps – Gmail, Docs and Calendar and I have made a few posts on using them for increasing productivity. I have also made it known that I do not want to share every bit of my life with Google too (see part about toolbar).

My fears spring from my natural high degree of paranoia and usual vigilance when it comes to privacy and security. Seems my concerns about Buzz were warranted. There are numerous articles of people – many very tech savvy, who have had information shared that even they did not know they were exposing. Sometimes to people that could pose a real eminent threat.
I have recommended that people turn off Buzz but I guess that was not enough. Here are the steps you should take to turn off this feature.

Turning Buzz off
If you don’t want to use Buzz, and I think you shouldn’t, you can disable it. To completely remove all of your participation in Buzz, follow all of these steps AND FOLLOW THEM IN THIS ORDER(or it will not be disabled completely!!):

  1. Delete your Google profile. Here’s how.
  2. Block all of the people following you. Here’s how.
  3. Turn off Buzz at the bottom of Gmail. Here’s how.

Read more about Disabling Buzz.

Given the populist sentiment about the way it launched Buzz, by merging it with Gmail, resulting in a million-and-one privacy kerfluffles, Google’s now thinking about going beyond the tweaks it made the other day by cutting the cord between Buzz and Gmail entirely. Or maybe just changing the way it is ‘linked’ to your accounts and contacts.

I make a deliberate effort to try and keep my privacy secure and I think all people should. Especially in the ‘information age’ we currently live in.
I am experimenting with further steps to make sure my information is even more secure. I will post updates as I can.

As always though, remember that the World Wide Web is exactly that – World Wide! If you post anything or have it ‘hosted/stored’ (Gmail, Yahoo, Hotmail, Facebook, LinkedIn, Digg, Myspace etc.) your information is then in ‘someone else’s hands’ literally and figuratively. Your privacy and control of that information is subject to someone besides you. So think wisely what you post, comment on, or email by way of ‘public’ networks.

Be safe all,
Peace.