Everyone uses online services to buy things, communicate, work, share information and keep in touch friends and family.  We all need to log into a website or service before we get access and that means using a password.  We all love passwords because they’re easy to use, but we hate them because we have to remember them.

The experts tell us to create something that’s not easy to guess, but it needs to be something you won’t forget either – don’t use “password” as your password.  The best thing is to create something you can easily remember, but add a few upper case letters and symbols into it.  That makes it harder to guess and harder for a hacker to find using a brute force attack.

Here are some examples.

• Rather than using “spaghetti”, use “$p@ghe!!I”. 
• Instead of “pistachio”, use P1st@chio”.
• Don’t use “American Airlines”, use “aM3r1CanA!rl1nes”. 

Read the rest of this entry »

Being a Boston sports fan isn’t always easy, but whether the teams win or lose, communicating through the cloud makes it better.  Last night the Boston Bruins ended a 39 year drought by winning the Stanley Cup and I felt like I was there with thousands of fans.  Obviously watching it on television gives one a sense of being there, but sharing the experience with people through the cloud makes it feel more real.

I was watching the game on TV, but was also sharing the experience on Twitter and Facebook.  I had friends and acquaintances from all over the US and the world sharing information, commenting back and forth and making it feel real.

When I thought about experiencing these events a few years ago, things were very different.  The last time the Bruins won the Stanley Cup I was in grade school.  Twitter didn’t exist.  Facebook didn’t exist.  In fact, the Internet didn’t exist, except for a few US Department of Defense companies and researchers.  The founders of Facebook weren’t born yet.  One of the founders of Twitter was born, but he was only a few months old.

Read the rest of this entry »

That may not be quite true, but Facebook got a lot closer this week by finally implementing HTTPS in account security settings.  This makes it a lot harder to grab your username and password and hack your account.  Whether this is a reaction to Mark Zuckerberg’s account being hacked or just a realization that it was high time they did this is irrelevant.  They did it and this immediately improves security and privacy.

For those of you not familiar with general browser communications, it’s fairly common for websites to encrypt a username and password during the login process, but uncommon to encrypt communication after that.  After you login, most websites send a cookie to your computer so that your browser can interact with the website without having to constantly login to every page.  If you are on a mobile device, the cookie is broadcast through the air waves, so there is a chance that anyone could grab it and access your information.  This process is known as HTTP session hijacking or sidejacking.

Read the rest of this entry »

Should you use social media at work because it’s the way work gets done today?  Or should you ban it because the risk is too great that an employee may disclose confidential information through it?

I love social media and social networking.  I use it all the time.  I use Twitter as my up-to-date news source and have great conversations with people.  I use LinkedIn extensively to share blog posts, read articles, get a pulse on what’s happening in the industries I follow and find business opportunities.  I use Facebook to keep up with my kids, friends, colleagues and numerous companies.  I learn about products, services and how to do things on YouTube.  And of course I read blogs for all kinds of great information.  Many businesses use social media to interact with their customers and get work done.  In fact, even the Pentagon has recently embraced social media as an important communication medium.

All of these tools are great for research and exchanging information with people.  But how do you decide what to share and what to withhold?  One of the great things about social media is how easy it is to share information.  There are Twitter and Facebook buttons all over the web that make it easy to post information with the click of a mouse or swipe of your finger.  That also means it’s easy to share confidential information accidentally or maliciously.  A data breach is as easy as a click away.   

Read the rest of this entry »

Today Apple released iTunes 10.1.  I opened up iTunes and the application told me there was a new version available.  I clicked through the install screen and the EULA (end user license agreement) popped up in my face.  Like most people, I usually just click through the EULA without actually reading it.  But today I read the top section.  Why?  Because it was in VERY LARGE LETTERS.  This is what the first part said:

IMPORTANT NOTE REGARDING PING.  We have changed the iTunes Store Terms and Conditions to provide you notice that if you have opted in to the Ping social network and use the new Ping Sidebar, iTunes will send information to Apple about the content you select in your iTunes library in order to provide you with Ping personal recommendations.  By using Ping, you agree to Apple’s use of such information.  If you do not want iTunes to send this information to Apple for Ping, you may hide the Ping Sidebar or opt out of Ping.

Read the rest of this entry »