Category Archives: Security

Back the F(iles) Up!

Back the F(iles) Up!

Drobo mini backup solution

If you don’t have a solution in place that you are using to back up your important files, they could be gone tomorrow. And yes, it’s April 1st, but this is no joke. I have a really great recommendation for youto use the Drobo mini backup solutionand I’ll tell you why.

I’ve always encouraged my customers, family and friends to always have more than one place to keep their files, whether it is on an external drive, in a cloud service or, at the very least, making sure to create a partition on your Windows hard drive (or Mac). Having that extra partition should be done no matter what; if Windows crashes, your data is isolated from a reformat of the installation partition.

But, due to the horrific idea of paying for a cloud service for the rest of your life (and exposing all your privacy to the Internet), I recommend having a really good home-based solution. After all, if your password gets hacked (which is likely unless you have a strong one for each site you use), do you really think that data is actually very safe and secure? Sure, it’s in two places, but if there is a better solution, wouldn’t you choose it instead?

For home-based back-up solutions, you have Time Machine for your Mac and…well…nothing really for Windows except a few pieces of software and hardware here and there, but each will require you to have a fairly credible skillset in using Windows. For example, you could buy some extra hard drives and create a RAID, but that’s not for the faint of heart or for anyone who has never built their own computer.

So is there an easy solution that doesn’t require an advanced skillset? And is there something better than Time Machine for the Mac? Well, let me answer the question about Time Machine first. Time Machine is really great for keeping a snapshot of your Mac, but as far as a home-based backup for any Windows machines or having a long-term backup of your important files, chances are you need more than Time Machine. And if you don’t have a Mac then Time Machine is not for you.

Yes there are some really nice solutions out there such as Network Area Storage devices that also connect printers up via USB and I’ve looked into these myself, but these are single-drive solutions and a drive failure would mean disaster.

But there IS a solution that I recommend that is better than a one-drive solution and is useful for anyone with a Mac (or without as most are). I’d strongly recommend this for anyone with an extensive photo, graphics or video solution.

And then there’s Drobo…

mini-right

The Drobo is unlike a single-drive backup because it has its own pre-built four-drive RAID. For those who are not technical, what that means is that if one of the drives is about to fail, you can replace the drive without losing the data. A RAID is like a duplicate set of data on each drive which allows for the permanent loss of a one drive without losing any data.

This is really the best possible solution because it requires the kind of computer knowledge you would need to set up a network printer (most people) and gives you essentially three places for your data. On your computer and in two places in the four-drive RAID in case one drive fails. So, if your data drive on your computer dies, you have the Drobo; just replace the drive and then copy data you need from the Drobo. If a drive in the Drobo dies, you have the RAID inside the Drobo; just replace the drive and you’re done. It will do the work for you.

One additional nice bit about the Drobo is that you can use any 2.5″ SATA drive, no matter what the make or capacity. Drobo devices also come in different configurations, so please check those out, but this one is really nice because it’s small and takes four drives and does all that is needed for a credible backup plan.

Here is a more detailed review of the Drobo mini.

Please get yourself a credible backup solution even if you don’t use something like the Drobo. You would be hard-pressed to find a better backup solution four your home. You can get the Drobo mini here at the link…

The Secret to Strong Passwords

The Secret to Strong Passwords

There should be no doubt that it’s essential to have a strong password for your email account, your online banking, your computer and any site where you have an account that uses your credit card such as Amazon.com or iTunes.com. Here is my secret to strong passwords:

First, you must know that if your password is ever leaked from a website as happens from time to time, that same password with your email address can be used on other sites if you use the same password for every site you visit. That means that you must use a different password on each site you visit that’s important enough to protect. I do use a weaker password on some sites where my credit card information can only be used to pay for services but not products; for example, my Tivo account and my high-speed internet service are on different websites, but they use the same weaker password. It’s only necessary to use a different password where your credit card can be used to buy products (in addition to your most important sites such as email, your computer, your online banking, etc.).

You may think it’s hard to have a different password for each site, but that’s where the secret comes in because it makes it easier. The secret is to have one easy-to-remember “key-ring” password, a joining character and a pattern. That’s all.

KeyRingPassword

 

So in this example, we start with a key-ring password by picking a song, band and year. Stairway to Heaven by Led Zepplin and released in 1971 becomes S2HLZ71. Star Wars starring Harrison Ford released in 1976 becomes SWHF76. It’s not necessary to worry about upper and lower case letters just yet. The important thing is that you have something easy to remember.

Next, you choose a junction key or something to join your password to the website you are using. You can use any of these and more than one if you really wish to: plus sign, underscore, exclamation point, equal sign, dash, dollar sign, pound symbol, etc.

Finally, you choose a pattern for the website you are using this password with. For example, it’s not uncommon for people to abbreviate Bank of America as B of A. Using this same pattern of upper case and lower case, you can make any website the same. Amazon.com becomes AmaZ. For your Gmail account, it could be GmaI.

When you put them all together, you end up with a very complex and hard-to-crack password that is suited for each site you use.

Bank of America becomes S2HLZ71+BofA.

Amazon.com becomes S2HLZ71+AmaZ.

For a Gmail account, you would use S2HLZ71+GmaI.

iTunes would become S2HLZ71+ItuN.

The more that you use your key-ring password, the easier it will be to remember the rest of your password using your joining character and the pattern of uppercase and lowercase for the site you are visiting.

New Facebook Privacy Threat

New Facebook Privacy Threat

I have noticed some odd behavior with a couple of new apps and I have a feeling that you won’t notice this unless you are aware of it, so I’m letting you know now.

You’ve probably seen some Facebook updates that show a Yahoo! News item or a Washington Post Social Reader story such as these:

It seems innocent enough, but then you click on one of the stories you see (the top one using Washington Post Social Reader in this example) and you are prompted to give permission to the app which posted these stories using the profile of the one who read it. The box looks like this:

Well, that seems fair enough, so I go ahead and click “Add to Facebook” so that I can read the story. I get sent straight to the article and, something really creepy, it tells me who else has read the article meaning that if a third person comes along, I have NO CONTROL over whether or not I want them to know I’ve read this article. Notice by the way, that it doesn’t say it will be telling everyone you read this story on your Facebook Timeline or on their site; it does say it shares articles which is innocent enough. It does NOT give you the option on their site to “un-Like” or change their public action to show your name on their site.

This is really where the danger is. Nobody but me knows the motivation behind why I read an article. I’m concerned about the dangers of the Internet, so I’m going to be clicking on stories that may only interest me professionally and that should not be confused with me personally. Of course I could switch profiles, but really, this shouldn’t be so hard to keep what I am doing simple.

The problem then becomes that someone who sees my name on an article that I read may wonder why I am reading such an article and that makes this a privacy threat.

You see, I sometimes click on a link and I regret even going to read that story because it may contain content I didn’t realize was going to be there and I go back to where I was, but a record of my visit there has not only been recorded, but it’s made public. OUCH! And then I have no control over that! DOUBLE-OUCH!

And, in addition, it’s on my Facebook Timeline! Check it out:

At least I can and you can do something about that. I can simply hide it by clicking the upper-right-hand corner of each post each time if I want, but I’d rather not have to do this each and every time and I’d rather selectively choose which articles WILL show up on my timeline rather than all of them automatically showing up there, so here’s what I found I can do about it.

If you go to the following link in your Facebook (http://www.facebook.com/settings/?tab=applications), you will be able to remove this app completely OR you can get rid of it’s capability to post on your timeline.

Just click the little X where it says “This app can also: Add app activity to your timeline” and this way you can use the app without approving/removing it each time without it posting to your timeline. It does not appear that you can re-enable this permission later to add it to your timeline nor does this option automatically reappear later if you remove and re-approve it.

So that’s it. You can customize this app further, but as far as options go, this seems to be it. If anyone finds any further way to keep my name off of websites using this app, please let me know.

If you really feel like sticking it to Facebook and Washington Post Social Reader and the Yahoo! app, then mark each one as spam. If enough people will do that, then this sort of thing will be lessened.