Improve Your Online Personal Security

March 10th, 2010

With the explosion of the internet in the last ten years and the ever increasing use and reliance on it to perform our every day life and work, it has become more important than ever to consider your personal security online.

The overwhelming majority of internet users have no idea at all about the steps required to help protect their personal information online. This can be seen by the massive surge in identity theft in the last five years, which is happening online and offline.

To help combat that epidemic, below are my top recommendations to lower your risk of identity theft and improve your online personal security:

  1. Don’t Share Your Account Information
    Just like your PIN number on a debit card or your credit card number, don’t share your account information for with anyone. If you have in the past, regardless of how much you might trust that person – make a point of changing your password as you don’t know how lax they have been with your personal information.
  2. Don’t Reuse Your Account Information
    People hate having to remember different usernames and passwords for different web sites. However, reusing your account information from one site on another puts all of your online accounts in serious jeopardy if someone tries to attack your identity online.
  3. Create Different Accounts For Different Purposes
    For most people it is hard enough to not reuse your account information across literally dozens of different online accounts. However, if you can’t manage a unique set of credentials for each web site – at a minimum group the web sites by type (email, social network, banking, online shopping, ..) and use a different set of credentials for each site. At least if someone gains access to your Facebook account, they don’t automatically get access to your bank accounts.
  4. Choose Strong Passwords
    Just like people hate having to remember different usernames, people hate having to remember different passwords. This leads people to using a simpler password, in the hope that they’ll be able to remember it. That mental stumbling block is the perfect attack point for an average user, as their password will probably be a dictionary word or another simple combination of characters such as ‘12345′. When creating a password, regardless of whether it is for an email account, social networking or an internet banking account – it should contain lower case, upper case, numbers, special characters and be at least 8 characters long. I know that sounds like a lot of hoop jumping but there are simple ways to remember a complex password, such as using a memorable phrase and replacing a few characters within it.
  5. Reduce The Number Of Online Accounts
    With the creation of the authentication protocol OpenID, web site developers now have the ability to allow clients to create a new account without having to worry about managing yet another password. Instead users can signin using an existing account such as a Google, Microsoft Live, Yahoo!, AOL and many more. By signing up using an OpenID enabled account, you have one less password to remember and when you change your password – it is changed on all sites that are linked to it. It might seem as though using OpenID contravenes points 2, 3 and 4 above however it doesn’t because you can create one more OpenID accounts and use a strong password on each instead of something simple like your pets name.
  6. Ensure You’re Using HTTPS
    If you’re logging into a site or disclosing your personal information online, make sure you’re currently viewing that web site in HTTPS. The ’s’ in HTTPS stands for secure and it uses high strength encryption to keep your personal information private when transferred from your web browser to the web site in question. If you aren’t viewing it site in HTTPS, your personal information is transferred across the internet in clear text that anyone could potentially read.
  7. Practice Minimal Disclosure
    The internet is a public medium, once you put your personal information out into the public realm – it could very well remain their for the foreseeable future. That means that anyone that might be inclined to go looking for information about you can find it with ease. With that in mind, you should make a point of only ever publishing as much information about yourself on a web site as you’d be happy to have displayed on a billboard beside a busy motorway.
  8. Consider Using A Password Manager
    If you do have dozens of different accounts and you cannot keep up with it all, consider using a password manager. You can generate a strong, high complexity random password for every site you create an account on and store it within your secure password manager. If and when you need to signin to that site again, simply look it up within the password manager. If you don’t want to use a standard desktop password manager like KeePass, there are also some fantastic secure password managers which provide web browser integration such as LastPass.
  9. Your Email Address Isn’t Your Username
    If a web site doesn’t support OpenID but it does allow you to create a username that isn’t your email address – you should take them up on that offer. While convenient, your email address isn’t your username and can lead to issues in the future if you lose that email account. A friend of mine signed up to Amazon using their Hotmail account and it was previously used by another person but expired. Once signed in, my friend could see all of the previous owners personal information they’d provided Amazon, including name, address, purchase history and more.
  10. Shared Computer Access
    If you’re in a position where you use a computer and it is shared between a number of different people, either at home, work or elsewhere – always remember to clean up after yourself. Most web browsers have the ability to remember usernames and passwords for convenience. However if you’re using a shared computer, you could be leaving your account information laying around for someone else to pray on. An easy solution for this is to simply clear all the temporary internet files when you’re done or before logging out of the machine. If that seems like it is too much hassle, the latest versions of Internet Explorer, Firefox, Chrome, Safari and Opera all provide a privacy mode or private mode which won’t keep any history of your activity while it is enabled.

While there might seem like a lot of things above to consider, those ten items certainly aren’t the only things you can do to improve your identity management process. In a future post, I’ll talk about how you might go about implementing some of my recommendations above so you can take the first step, which is often the hardest.

Posted in Internet, Websites | No Comments »

DoFollow No Longer

March 3rd, 2010

In 2005 Google decided they were going to attempt to unsettle the online spam ecosystem by recommending that web sites add an additional attribute to a link from site A to site B if they were not verified to be trustworthy. For instance, if someone left a comment on my site who I didn’t know or couldn’t vouch for – I would add a rel=”nofollow” to the link to their site.

While it sounds like a small change, the longer term plans were for search engines to not include those links when ranking a given web sites content. It was common place for spammers to comment spam thousand or millions of blogs, leaving a link to their preferred sites. Before the rel=”nofollow” attribute was introduced, the search engines had no way of knowing if a web site owner trusted that site and as such had to use other methods of measuring trustworthiness.

The intention is clear, by removing the incentive for a spammer by using rel=”nofollow” in the links – it was hoped it would have an impact on the insidious and incredibly aggressive spam ecosystem online. Unfortunately, spammers aren’t the kind of people that just roll over at the first sign of a battle and the war on spam raged on. As the rel=”nofollow’ attribute gained momentum over the years, spammers have subsequently sought out web sites which were considered dofollow – in that they have clean links that the search engines will count when ranking a web site.

As I’ve upgraded WordPress over the years, I’ve been carrying the same set of themes or templates forward through the upgrades and hadn’t bothered to upgrade to a newer base theme. Of course this meant that links from my site were dofollow links and were valuable to the spammers. So valuable in fact that my site has been listed countless times on different forums as being a dofollow blog – essentially proclaiming to the spammers of the world that they should target my site for high quality backlinks.

I’m happy to say that after a recent upgrade to WordPress 2.9.x, I ported my current theme over to a new base theme provided in the 2.9.x code base which uses rel=”nofollow” links by default. In fact, if I want to allow people to have clean links – I’ll need to specifically allow them by use of a plugin – which is fine by me.

This will no doubt upset the spammers out there that thought they’d be getting easy, free dofollow links from my site. While I understand why they want my clean links, I also hate having to deal with comment spam – so I’m going to leave my comments rel=”nofollow” from now on.

Posted in Blogging, Websites | No Comments »

Ford Falcon XR6

March 2nd, 2010
Ford Falcon XR6 Sedan 2004

Last week our family took the next logical step in preparing for the arrival of our second child toward the end of May – we bought a family car.

Claire bought her 2003 Mazda 323 SP20 in 2004 with less than 10,000km on the clock when the original owner decided that she wanted a Mazda 6 instead. In that time, Claire and I have clocked up about 120,000km on the Mazda and it hasn’t missed a beat.

The downside of the Mazda 323 hatchback from a family standpoint is that the mount point for the child restraints are at the rear of the boot, just in front of the latch for the hatch boot lid. The engineers who designed that component clearly don’t have kids, as for the life of me I have no idea why a car manufacturer would put a child restraint point in that position as the straps severely interfere with the storage space in the boot. It’d have made much more sense to me to have them on the back of the rear seats, that way the boot space in the hatchback is maintained.

Claire and I toyed with the idea of keeping the Mazda for a little while longer but after more discussion amongst ourselves and with family, it seemed as though it was really going to be a major pain – especially once we added in a second set of restraints.

With that in mind, we went on the hunt for a replacement vehicle in the fourth quarter of 2009 but were unable to find something we were interested in at the time. Fortunately we weren’t in any particular rush at the time, so were happy to bide our time to wait for something to pop up and as they say, patience is a virtue.

Claire stumbled onto a 2004 Ford Falcon XR6 on Car Sales and thought it looked fantastic, even with the little rear spoiler! We submitted an inquiry to the Car Sales web site to get in contact with the dealership and when I drove down to Hinterland Toyota at Burleigh to have a look at the car and was completely impressed. The exterior of the car was absolutely pristine, hadn’t been in an accident, no dints, no marks and only a few light grazes on one of the mag wheels. The interior of the car was the same, no wear anywhere in the car or pulled threads in the fabric – it was if the car hadn’t really been used in the last six years. On top of that, with about 95,000km on the odometre – it really hasn’t seen a lot of driving for a car of that age either.

Dealing with Hinterland Toyota was a very easy experience as well, the sales staff were happy, polite, efficient and weren’t pressuring me into a decision. It took about two hours to have Claire’s car valued, which they were happy to do without any real notice when I arrived and were transparent with costs as well which I think is great too. An added bonus of Hinterland Toyota which I didn’t expect was that they offer 175,000km warranty on their vehicles, fixed price servicing in either their Nerang or Burleigh locations and their service centres are open until 11:30PM!

After everything was sorted, handover of the vehicles took less than 30 minutes and I was on my way in our new family car. I provided our personal particulars the day before we took delivery, which meant all of the paper work was ready for me when I arrived – simple but great time saver. I was really surprised it was such a short change over process, I recall spending literally hours at Eagers Mazda in Brisbane when we bought Claire’s car initially – so this was a welcome change.

Claire and I are really happy with our new family car. Claire couldn’t believe it had a slight burble, I think I mentioned it was a happy coincidence. Of course, Claire being the motor head that she is, proudly exclaimed to the world that she now feels like the typical Australian bogan mother – awesome!

I have to thank our parents for their continued advice, help and support over the years. I think if Claire and I can provide as much guidance to our children when they grow up as ours have to us – we’ll be very very proud as it has meant a tremendous amount to the both of us.

Posted in Family, Photos | 3 Comments »

Hugo Trying Out My Running Shoes

February 27th, 2010
Hugo Lattimore at 17 months of age, standing with his feet in his fathers running shoes

Hugo loves playing with things, it nearly doesn’t matter what it is – he’ll find a way to play with it. One of his favourite things to play with is our shoes, they could be thongs, flip flops, jesus sandals or running shoes – they are all fascinating when you’re about 18 months old.

Normally Hugo picks up said pair of shoes and will carry them around the house, putting them in their rightful place – which is of course not necessarily where Claire or I might want them. However this time around, Hugo decided it was a perfect opportunity to put his feet into my running shoes.

Of course, once you’ve got your little feet into a new pair of shoes – the logical thing to do is go for a walk. Unfortunately on this particular attempt, Hugo didn’t manage to walk very far with my shoes on but he did give it a red hot go. Next time he decides to go for a casual stroll in my running shoes, I’ll try and get a little video of it!

Posted in Family, Photos | 1 Comment »

Hugo, Tough As Old Boots

February 13th, 2010

This evening just before Hugo went to bed, he was walking around the coffee table, fell over and knocked his head on it.

Normally when that happens, he has a bit of a cry and he is good as gold in a few minutes. This time around, he must have bumped his mouth and he had blood everywhere. Simply because of the fright that it would have given him and the unpleasant taste of blood, I was expecting him to be quite distressed.

Amazingly, it didn’t seem to worry him though. Within a minute or two of doing it, he was calm, still bleeding, but calm. I got a wet washer to clean him up but he was just happy to suck and chew on it for a minute. Once he’d finished, we cleaned up the remaining blood on his face and he was happy again.

Tough as old boots.

Posted in Family | No Comments »

« Older Entries