Online Security: We Are All at Risk

     I read an article on Monday on how a tech writer had his online life literally destroyed in under an hour. Not for who he was, but because someone wanted his Twitter account handle.  This could happen to any of us for the same reasons.  The thing that was interesting to me about this hack was that the hackers didn't have to crack his passwords to gain access to his accounts.  Apple and Amazon handed the information over.  Amazon has already responded and has changed internal procedures. Still no word from Apple.
     So, how do we stop this from happening to us? By making it as hard as possible to get in.  If someone wants in and is willing to spend the time, they will most likely gain access thru brute force attacks.  But you don't have to make it easy on them.
     One of the most common mistakes people make is using the same username and password for every website. DON'T!  If you already have, starting changing them today.  I know, "How do I keep track of all the usernames and passwords? Writing them down isn't good either."  One way is to use a password manager like LastPass.  While browsers like Google Chrome have password managers built in, I prefer LastPass for a couple of reasons. One is that they have browser plugins to make it easier to access your information, and it goes with you.  It's web based and can be accessed from any computer.  I'm not going to get into all the features here. Go to their website and check it out.
      Another thing people do is use dictionary based passwords.  These are easily hacked with the power of today's computers.  There have been many articles on what the best passwords are.  I try and combine all possible combinations when possible.  Short three or four word phrases will take years to crack with todays computing power.  Phrases like "he likes pizza" is more secure than "helikespizza".  When you throw in numbers, letters and special characters you have the making of a very good password "h3 Like$ pizz@".  And the longer the better.  Try to use the maximum number of characters the site will allow you to.
       Lastly, use 2-step verification when possible.  What is this? It's a security protocol that makes you have two steps to login.  Some of you may use RSA keys at work. This is a 2-step verification product. Most of the time the second step requires the use of your cell phone.  While this can add a few seconds to your login time, the security it provides is some of the best available.  With 2-step verification hackers will have to have both your password and your cell phone to gain access to your data.    If you have a Google account(either personal or business), they offer Google Authenticator.  LastPass offers this as well. They have 3 different options to use, Google Authenticator is one of them.  That's another reason why I like using LastPass.
       More and more sites are starting to offer different 2-step verification options.  Hopefully more will start using Google Authenticator.  It's free for site developers to use.  Everyone's favorite social site Facebook has "login approvals".  Not everyone can use it though.  I login into Facebook using the secure site(https:\\ not http:\\) and I keep my browser secure.  Facebook won't let me enable it.  Dumb. Hopefully they will change this in the future.
      Please leave any questions and comments below and be safe online.

The Phone Wars: Google vs Apple

Unless you have been living under a rock lately you know about the fight going on between Google and Apple.  This fight had been escalating for a bit now.  In my opinion here is how the fight is going:

Apple: blocked the Google Voice app from the iPhone. If it was at AT&T request is not the point they still did it and there are jailbroken phones that could of used it off of AT&T.  

Google: Launched the Nexus One even though it obviously was in development for a bit Apple's punch came first

Apple:  Mr Crapple (aka Steve Jobs) trashed Google at the Apple all employee meeting

Google: Turned on mutlitouch in Google apps on the Nexus One

Handicaps:  

        Apple: AT&T's network is being severely strained by data users.  To make matters worse for AT&T, they approved the SlingPlayer app for use over their 3G network.  I see data usage going up even more now.  More dropped calls on the iPhone now.

       Google:  the Android Market & app storage.  The interface is not great and there is no real good way to browse the market on the web. The App store may have more apps but that means more junk as well.  Developers are slowly moving apps to Android from the iPhone.  Google is working on Apps2sd as a default to make more memory for app storage, but currently storage is an issue.

Current state of the fight:  Google ahead.  The Nexus One running it's current enhancements is a stronger phone than the iPhone.  Once Google gets apps2sd running and the market in good shape the iPhone is in serious trouble, but we will just have to wait and see who lands the next punch and what it brings.