Category Archives: Software

Do Yourself A Favour, Use A Password Manager

Back in 2010 I wrote about improving your online personal security, which included some tips and tricks to consider to reduce your risk – one of which was to consider using a password manager.

Password Managers provide an encrypted storage vault to keep all of your username/password combinations for the different websites in a single place. Firstly this is helpful so that you don’t forget the passwords and need to constantly use the password reset functionality that websites provide. However, most importantly – because you’re absolving yourself of the need to remember the passwords, it allows you to use unique, highly complex passwords for every website.

The statistics on password reuse and complexity are frightening. The majority of us use the same very limited set of passwords over and over again on different websites. The passwords used most are things like ‘password’, ‘love’, simple dictionary words or a pattern of numbers like 12345. When hackers go out to attack a website, they can literally walk through passwords like the above using brute force tactics like an unlocked door.

By setting unique, highly complex passwords for each website – firstly your password is infinitely harder to crack but more importantly, if your password does get cracked or a website you use gets hacked and passwords are stolen – the hackers can only get into that one website, not any other websites you might use such as your internet banking.

To clarify, high complexity passwords will be at least 10 characters long, use lower and upper case letters, numbers and symbols such as ‘AdD7Dc&@ds*!1_8’.

Why Now?

This month it was announced that a core cryptography library named OpenSSL, used by approximately 2/3 of all websites on the internet that use Secure Sockets Layer (SSL), more commonly recognised as HTTPS in your browser address bar, have been vulnerable to undetectable attack for the last two years via an exploit named Heartbleed.

Of course the likelihood that your particular password or private information were compromised as a result of this exploit are quite remote, however it should serve as a stark reminder that despite the fact that industry wide security technology is peer reviewed and heavily scrutinized – the software engineers and cryptographers writing it are still only human and as such, fallible.

What Next?

Go and install a password manager such as LastPass, it is free to use and if you pay a whopping $12/yr – you can install it on every computer, laptop, tablet and phone you own so that you’re never left high and dry without your passwords.

Once installed, your next job is to allow it to import all of your stored account information on your computer. This part of the process is going to scare you, as it will import dozens or in my case hundreds of pieces of account information.

Remember, if the password manager could extract all of your account details, so could a virus, trojan or malware and send it off to some nefarious hacker on the other side of the world. Make sure you allow the tool to delete all of your stored passwords on your computer at the same time, just so that doesn’t happen in the future.

After it has imported all of your stored accounts, in the case of LastPass there is functionality for it to audit or perform a security scan against the account information. This is the next scary part, you thought you were doing an okay job with your passwords – let’s be realistic, you and I both know that we both sucked at it.

Now start going through your most important accounts first and change the passwords that they use to a unique, highly complex passwords. In case you were wondering how to generate strong passwords, LastPass has a password generator within it that you can configure with various options to increase/decrease the complexity of the passwords.

Each time you update the password to a shiny new hard to guess password, your online security is improving, one password at a time!

Windows 7 HP Laserjet Drivers Support

In 2008 I struggled and struggled to get Windows Vista and a HP Laserjet 1010 printer working correctly. It didn’t matter how many times I installed it or changed HP Laserjet drivers, it seemed that no driver software was going to work until I literally stumbled onto a solution that on the surface shouldn’t have worked.

Fast forward a few years and I found myself in a position where I need to use the HP Laserjet to print onto some fancy paper that the Canon MP610 ink jet isn’t all that compatible with.

Following is the driver installation process I have just used in Windows 7 to get the HP Laserjet 1010 working. Your mileage may vary to mine, depending on the year of your printer or computer setup but it has worked for me.

HP Laserjet Driver Install Process

  1. Click the Start button and open Devices and Printers
  2. Click “Add a printer”
  3. Click “Add a local printer”
  4. Click “Use an existing port” and select DOT4 from the dropdown list
  5. Select HP from the Manufactuer listbox
  6. Click “Windows Update” button to download the latest set of drivers from Microsoft
  7. Browse the Printers listbox and select HP Laserjet 1015
  8. Give the printer a name or use the default
  9. Finish the process

At this stage, you should have installed the Microsoft provided HP Laserjet 1015 printer driver. Coincidentally, I think that same driver will also work for a HP Laserjet 1010, HP Laserjet 1012 and obviously a HP Laserjet 1015.

If the above driver installation process doesn’t work for you, HP provide a Windows Vista 32bit and Windows Vista 64bit driver for the HP Laserjet 1010 that it states works with the 1010/1012/1015. I don’t know if the Windows Vista drivers are compatible with Windows 7, though it might be worth a shot – keep in mind though that it would of course be unsupported by HP; then again so is what I outlined above.

WordPress 3.1

WordPress 3.1 was released during the week, which is the next major release of the worlds most popular personal publishing and blogging platform. There were over 820 enhancements or support tickets closed during this release, spread over more than 2000 commits to their source code by over 180 developers spread around the world!

Like I’ve become accustomed to and so many others around the world, the upgrade from WordPress 3.0.x was seamless, fast and error free. I was impressed that all of the plugins that I’ve got installed, which while not all were tested with enough volume against the pre-releases of WordPres 3.1 – all seem to be working without a hitch.

Now I just need to learn to grapple with all of the new functionality, to see how I can leverage it moving forward!

Windows Live Profiles & Twitter Integration

Last year I wrote about Microsoft Windows Live getting smarter, specifically that Microsoft were gearing the new Windows Live profiles as a one stop shop for social web site aggregation. In a few quick clicks of your mouse, you could consolidate down dozens of your social networks and personal services into a single place, removing your need to visit each of them independently – fantastic!

One of the social networks that the Windows Live profiles had a web activity for was Twitter. Without any hesitation, I configured the Twitter web activity and all of my tweets were seamlessly imported into my activity stream within Windows Live. My only criticism at the time was that Twitter is a real time service, however my tweets were slow/sluggish to appear in my activity stream – sometimes taking a few hours to show up.

I was disappointed to receive an email on 30 June from the Windows Live team stating that they were no longer able to support the Twitter web activity and that they’d be disabling that functionality, until such a time as they could work with Twitter on their policy change which meant that Microsoft could no longer use the service.

Fortunately, Microsoft provide a generic web activity named “Blog RSS Feed” which will import any valid RSS or Atom XML feed into the Live profile activity steam. Of course, Twitter being the good netizen that they are, also provide an individual RSS stream for each user. Joining the dots and it means that Windows Live profiles and Twitter integration is still possible.

The downside is that because it is using a ‘generic’ web activity, how it is displayed within my activity steam isn’t as elegant and neat as it was prior – bug beggers cant be choosers.

WordPress 3.0 Upgrade

WordPress, the popular open source blogging software that powers this site and literally millions of others around the internet, has been updated to version 3.0. Version 3.0 has been some six months in the making, has seen contributions from 218 developers around the world and has resulted in a lot of new features and over 1217 enhancements and bug fixes.

I’ve gone through and updated all of the sites I own with the latest version, which is why my site looks different at the moment as I haven’t installed my old theme or bothered to make any changes to the new default Twenty Ten theme that ships with WordPress 3.0.

As predictable as the sun rising, the upgrade from the 2.9.x series of WordPress was simple, fast and no fuss. Back up your database and site contents in case something goes wrong as a precaution & then hit the go button. By the time you’ve depressed your mouse button, the upgrade is nearly complete.

I now just have to go through the paces of installing and checking all of the WordPress plugins that I use work with version 3.0, which should only take about half an hour or so.