security

My Computer’s Still Personal

One Facebook friend told another (out of my presence, I suppose he thought) that I’m paranoid about The Cloud. Here. Read the exact quote for yourself:

image of Facebook comments about me being paranoid about the cloud
IDs blurred to protect the…ah…insolent. ๐Ÿ˜‰

His opinion versus my opinion — I’ll take mine any day! ๐Ÿ˜€

And I’ll even throw in this next piece for free:

The Cloud’s My-Mom-Cleaned-My-Room Problem

This is not a short reflection on my childhood neither of my parents was the room-cleaning type but a metaphor for the set of web services we call the cloud. We all know the feeling of logging into Facebook/Tumblr/Twitter/Netflix/Pandora/Gmail and realizing that the interface has changed.

[…you really ought to read the missing guts…]

The personal computing era rose at a time when bandwidth was very constrained. Software ran locally and most individuals’ computers were not hooked up to networks. Your computer *was* personal. And when you got a new one, the first thing most people did was to customize the desktop background. BBS, AOL, and the web began to change all that, but we still thought of our computers as objects distinct from the Internet. You ran software (games, word processors, organizing tools, music players) inside your box without reference to the wider web.

Now, more and more of the computing power we use comes from a CPU across the Internet. We no longer own our digital homes. Instead, we live rent-free with our parents. There are some serious upsides to living with your parents, particularly in today’s economy. You save money. You don’t have to worry about figuring as many things out on your own. Someone else fixes all the messes. And it’s harder to make a a mess when you’re being constantly monitored.

But the freedom of usage that defined personal computing does not extend to the world of parental computing. This isn’t a bug in the way that cloud services work. It is a feature. What we lose in freedom we gain in convenience. Maybe the tradeoff is worth it. Or maybe it’s something that just happened to us, which we’ll regret when we realize the privacy, security, and autonomy we’ve given up to sync our documents and correspondence across computers.

So, no, I don’t Carbonite or Sync or Mozy or GoogleDocs or DropBox or Office 360.

I still believe in privacy and security.

I still believe in personal computers and personal local-box software.

I’m old school. ๐Ÿ˜ฏ

I don’t live with my parents.

Go ahead. Call me paranoid for that too! ๐Ÿ™„

Someday a tornado is going to come out of that cloud and remind you of me.

PS: I have some Facebook “privacy” news in the hopper for my next post.

USA v. Timothy David Miller

Is Timo Miller on the right side?

What’s the deal with Timothy David Miller’s alleged involvement in Lisa Miller‘s alleged international parental kidnapping of her own biological daughter (a minor of whom she had legal custody)?

I don’t know, even though I’ve read plenty of news accounts and other online commentary.

Is Timo guilty as accused?

I don’t know that either. After reading a document purporting to be the official Read it all

My Info Is Online

Attention: Whoever Sent This Email to Me

This e-mail is to inform you that your E-mail Address has won you the sum of ยฃ3,500,000.00 (Three Million Five Hundred Thousand Pounds Sterling) from the GM LOTTERY. For your payment, you are required to contact our fiduciary agent with the contact details below:

Look, my info is already available online.

It shouldn’t be difficult for you to find a valid mailing address for me.

I know you’ll have to work harder for that information (than if I were to simply email it to you).

But I’ll compensate you handsomely for that little bit of extra work on your part. Just send me 10% of the amount you mention above…and you keep the rest.

I really could use the money, so please don’t delay.

Thank you.

.htaccess Question

So hackers and wannabe-hackers probe sites for the presence of setup.php in various real and imagined and software-guessed directories.

How do I attack and/or block such probes via an .htaccess file?

Here are some code snippets I’ve seen across the Web:

<FILES setup.php>
Order allow,deny
Deny from all
</FILES>

RewriteRule ^(.*)setup\.php$ http://www.google.com/ [NC]

RewriteRule setup\.php$ http://www.google.com [NC,L]

RewriteRule setup\.php$ – [G]

RewriteRule setup\.php$ – [F]

If any of those work, which is the best?

And if there’s a better way than any of the above, what is it?

Thanks!

Update at 8:46 pm: At this point, I’m using

RewriteEngine On
# 403-Forbidden
RewriteRule setup\.php$ – [F]

Along with an order allow,deny set-up denying access to a huge pile of IPs out of China.

Your Face in Facebook

Your photo. From your computer. To Facebook. And from there to who knows where for who knows what to be 'enjoyed' by who knows whom. Be wise, Facebook users!

And elsewhere.

From Facebook.

Thanks to you.

CNN: ‘Dating’ site imports 250,000 Facebook profiles without permission

How does an unknown dating site, with the absurd intention of destroying Facebook, launch with 250,000 member profiles on the first day?

Simple.

You scrape data from Facebook.

At least, that’s the approach taken by two provocateurs who launched Lovely-Faces.com this week, with profiles — names, locations and photos — scraped from publicly accessible Facebook pages. The site categorizes these unwitting volunteers into personality types, using a facial recognition algorithm, so you can search for someone in your general area who is “easy going,” “smug” or “sly.”

[…]

“Facebook, an endlessly cool place for so many people, becomes at the same time a goldmine for identity theft and dating — unfortunately, without the user’s control. But that’s the very nature of Facebook and social media in general. If we start to play with the concepts of identity theft and dating, we should be able to unveil how fragile a virtual identity given to a proprietary platform can be.”

Now think about those photos of you.

Which you have put on Facebook.

Can you imagine where they might end up next?

Six Free Ways to Stay Secure

Each year, consumers and businesses spend a considerable amount on security-oriented software and/or services. As January approaches, and with it the end of the fiscal year not to mention lowered bank balances and exhausted budgets due in part to a spate of December gift-giving, itโ€™s easy to find oneself or oneโ€™s business a bit short on funds. Fortunately, you donโ€™t necessarily need to spend money for top-notch security software. If you resolve to stay secure in the New Year, here are a half-dozen no-cost ways to do it.

His main points:

  1. Go Gratis for Anti-Virus/Anti-Malware
  2. Encrypt Your Data
  3. Start Using Real Passwords
  4. Keep Your Software Patched
  5. Switch Your DNS
  6. Go Virtual

For the details, please take the time to read (and act on) what Joseph Moran says here: 6 Free Ways to Stay Secure in the New Year.

Above all, love God!