Geek(Wisdom).com - Security/Privacy

Why I don't become a fan of pages for generic things and concepts on Facebook

geekwisdom — Mon, 01 Jun 2009 01:02:32 +0000

The "page" feature of Facebook is designed to provide a way for people to become fans of people, organizations, bands, etc. These fan pages are available to people who do not have Facebook accounts and administrators of fan pages have the ability to send updates to fans. Anyone with a Facebook account can create a fan page about anything, even things for which they are not the authority.

Personal Password Management

geekwisdom — Fri, 15 May 2009 19:02:41 +0000

In this video Software Architect, Steve Moitozo, addresses the issue of personal password management. For links to resources mentioned and a previous blog on this topic refer to Password Management. See the post Personal Password Management Survey to see the questions and the response numbers.

Personal Password Management Survey

geekwisdom — Thu, 19 Mar 2009 19:49:38 +0000

My next computer security video will cover personal password management. In anticipation of that I decided to do an anonymous survey to see how folks manage their passwords. I don't claim that it's statistically accurate or that it reveals anything conclusive. It's a sampling of people from Facebook, Twitter, and work.

49 people from all over the place took the survey.

-----
When asked to rate themselves on their management of passwords:
6% said less than OK
49% said OK
45% said better than OK

-----
When asked about their approach to using passwords:
57% said they use a different password for each class of service (one for commerce, one for banking, one for social services, etc.).
24% said they use a unique password for each service.
19% said they use the same password for everything.

The problem with security questions

geekwisdom — Tue, 17 Feb 2009 04:56:14 +0000

In this video Software Architect, Steve Moitozo, addresses the problem of providing secure answers to "security questions" on Web sites? He's written about this issue in the past in Death to the Secret Question and thought it would be helpful if I addressed it here in video form.

Gaming Social Networks

geekwisdom — Fri, 19 Dec 2008 17:30:00 +0000

Brad Ward's post shows how easy it can be to game a social network. I suspect this kind of gaming is already going on in various other types of groups within social networks like Facebook and MySpace.

Checkwashing Countermeasure... A Pen!

geekwisdom — Wed, 03 Dec 2008 17:01:10 +0000

I less than four minutes a crook can steal your check, selectively erase your writing, and make the check out to himself for any amount. That's checkwashing and it's preventable.

Most pens use dye, not pigmented ink. The uni-ball® 207™ uses ink with certain color pigments that bond with the paper fibers in checks making it very hard to "wash" the ink off. This pen, and others like it, could be a simple defense against the threat of checkwashing, which is simple and fast to do. The use of a pen like this, combined with the habit of properly filling in all the blanks on each check, and routine audits of bank statements will help you defend against checkwashing.

E-petitions Don't Work

geekwisdom — Fri, 21 Nov 2008 17:01:15 +0000

Imagine being frustrated about a new tax and going into the basement to scream. Great, you've had a little therapeutic outlet but unless the people who levied the tax are in your basement it will not change anything.

I'm just as irritated as the next guy when it looks like an injustice might be perpetrated through the passage of a new bill or some court ruling. I want to do something and I want to be efficient when I do it.

At first blush the e-petition seems like a great way to influence the powers that be. Get thousands of people who agree with you and have them all sign it, but there are a number of problems with it.

Greylisting for your telephone

geekwisdom — Fri, 12 Sep 2008 17:45:00 +0000

Greylisting is "method of defending e-mail users against spam. A mail transfer agent (MTA) using greylisting will "temporarily reject" any email from a sender it does not recognize. If the mail is legitimate, the originating server will try again and the email is accepted. If the mail is from a spammer it will probably not be retried since a spammer goes through thousands of email addresses and can not afford the time delay to retry."

Why not apply a similar technique to your telephone? It could be done without much effort in this day of caller-id. Imagine if you had a device that, when plugged into your telephone line, would allow you to automatically answer the phone for unknown numbers and give the caller a message. The message could be generic or it could be instructions to do something specific. You could be program the device with a list of white listed (allowed) telephone numbers as well as blacklisted (denied) numbers. The device could give a different message based on whether the number is in the blacklist or simply unknown. If the calling number is on the white list the device does nothing, allowing standard telephonic devices to continue operating.

Check out my awesome video tutorials!

wartex8 — Mon, 12 May 2008 20:07:37 +0000

I currently make how-to videos on computer related topics. Check out my videos at either
Youtube or Revver

Outlook and Outlook Express Users Want to Reply to Digitally Signed E-mail

geekwisdom — Fri, 25 Apr 2008 15:17:03 +0000

You are probably reading this post because you are an Outlook or Outlook Express user and you tried to reply to a digitally signed e-mail from me. The result was a warning/error notice stating, "You cannot send digitally signed messages because you do not have a digital ID for this account." or some such thing. You are receiving this notice because Microsoft made a mistake in the default configuration settings when it packaged Outlook and Outlook Express for distribution.