Interesting news lately!  It seems a hacker has leaked some confidential information on some of the employees over at Twitter (not good press) and some news sources (namely TechCrunch) have said they’ll publish some of it!  Now there’s a bit of a debate over whether or not it would be good practice or even legal to publish “stolen” information.  I’ll let the lawyers work that out (you can still comment on the issue if you want).

Its interesting to note that Twitter does not lay blame to the security of Google Apps (apparently where information was held).  It’s also apparent that it wasn’t the fault of Twitter’s technical security technology.  The hacker actually weased his way in via an emplyee’s private email account!  This isn’t the first time a high-profile personal email has been hacked into (remember Sarah Palin?).  He then used his access to that account to find access to the company documents.

Here’s the interesting thing.  I’ve read articles using this case as a case against cloud computing, at least where it is today.  Its true that SaaS (software as a service) and cloud computing has some improving to do, especially in the area of security, but I don’t see this as much of an example of it.  Let me explain where I think the leak could have been avoided.

In this modern age of computing and Internet use, many company security policies are in dire need of updating.  For instance, one security standard that should have been upheld is the avoidance of the use of personal email for the access of company information (that goes from documents to network access).  The company should have full control over the security of services such as email.  If there was a breach in the security of the company’s email, it would be the fault of IT and hopefully it would be kept up to date and monitored so there is very little chance of such a leak actually happening.

For a personal tip (one I must also take advantage of), you probably have username and password information for various services throughout your email inbox.  For instance, do you remember that time you signed up for such and such service, or that other time you lost your password for that other service so a new one was emailed to you?  Just stop for a moment and think about how many of your accounts throughout the web can and probably will be compromised if someone got a hold of your email password.  Perhaps it’s time to search those out, write down or otherwise securely save those passwords, and delete the email messages containing them.  Also, you SHOULD be periodically changing those passwords in case they become compromised without your knowledge (check out this article about making strong passwords that you can remember).

I’ve taken the liberty to link to some sources that should help with company securtiy as it would relate to the Internet, mobile work forces, and personal equipment used for work.  Check these out and see how you can keep yourself, and/or your company, secure from nightmares such as Twitter is now dealing with.

1. Securing Our Clients’ Data While on The Road
2. Wireless Insecurity
3. Managing the Security and Privacy of Electronic Data in a Law Office – Part 1
4. Managing the Security and Privacy of Electronic Data in a Law Office – Part 2
5. 5 things you should know about wireless security
6. You should have a data security policy.
7. Email Best Practices – Email Policies in an Organization
8. Email Best Practices – Personal Email Management

These are just a few of many links and sites dedicated to helping other secure their data.  in encourage, nay IMPLORE you to do some research and get yourself secure.  Your livelihood could depend on it!

I ran into Joey while visiting his blog, cleartechinfo.com, which is a blog dedicated to the technology and computer beginner.  He makes some very good tutorials showing how to get things done on the computer.  Check out his blog, you may find it useful!  Here’s the interview he was mkind enough to give:

Bio:

My name is Joey Camarena. I was born and currently live in Southern California. I have an A+ certification. I have worked a couple of years at a large retail store named “Fry’s” and about 7 years at Creative Labs Inc. I currently work for a local school district as a Computer Tech.

Do you mind being called a “techie” friend?

I do not mind being called a techie friend. I don’t get insulted that easily, I have been called much worse, lol.

How long have you been interested in technology or computers?

I have been interested in computers since the 4th or 5th grade. A neighborhood friend had this computer from Radio Shack which we played video games on. I begged my father to buy me one, which he did. Then years later he bought me my 1st real computer, a 386. I then discovered “Wolfenstein” and eventually, “Doom 2″. 1st person shooters became my heroine. So I had to learn how to build and maintain them to keep up with the latest hardware that was compatible with the newest FPS games.

Do people in your life (friends or relatives) seem to turn to you for computer related problems?

Yes. Most people I know, family, friends and coworkers turn to me for help on computer related issues.

If so, does this bother you?

This doesn’t bother me. I don’t mind helping out at all as long as I have the time. The only times I do not help them out the same day or weekend is when I want to get out, away from the computer and have a social life. If they call me up on my cell and leave a message I just call them back the next day. If they want me to fix their computer I just tell them I will not be available that weekend since I am busy.

If someone would contact you for assistance, what kind of steps should they take before asking for help?

The first thing I would tell them is to “RTM” (read the manual *edited*), lol. Next thing I would tell them is to make sure that all the cabling is plugged in correctly and restart the computer. Last thing I would instruct them to do is type their question into Google.

Where do you see the internet in 10 years?

In 10 years I see the print versions of newspapers going out of business and the industry transitioning 100% online or near that figure. I see the Internet integrated into more appliances and vehicles. People will have a very tough time living without it, even more than now.

Related to the last question, where do you see computers in 10 years?

In 10 years from now computer will be smaller, a LOT more powerful, use less energy and therefore produce less heat. Computers will be a lot smarter, artificial intelligence will be much improved but still not perfect. Media Center/Entertainment PCs that are made to be plugged into your living room TV and stereo will be more mainstream and a lot easier to plug in and use.

Your opinion on:

Best OS?

I have used Linux (Ubuntu and Fedora), XP and Vista (32 and 64-bit versions). The best operating system for most people is the 32-bit version of Windows XP Pro. It is the friendliest and most compatible OS that runs smoothly as long as you have a half-way decent PC. If you are very good with computers and don’t mind initially jumping through a few hoops I’d recommend Ubuntu.

Best Web browser?

The best browser is Mozilla Firefox. It runs smooth, fast and has a ton of free add-ons. I love it so much it was the main subject of at least a dozen video tutorials I have made.

Best free/paid antivirus program?

The best Anti-Virus program I have used is Kaspersky Anti-Virus. The computers at work are all using a different brand since I assume it was a lot cheaper to purchase but not nearly as good as Kaspersky. I had my boss buy me Kaspersky Anti-Virus since I noticed there were a lot of virus problems these past 9 months. I combine Kaspersky with the free version of Malwarebytes’ Anti-Malware to scan and disinfect any computer at work that is infected with viruses/malware, etc. That combo works great. I do not have much experience with free anti-virus programs so I do not know enough to comment on them.

Best search engine?

I don’t think there is any doubt that Google is the best search engine. I can’t live without it.

What are the top 3-5 websites you visit regularly?

• Twitter.com
• Anandtech.com
• TomsHardware.com
• ProBlogger.net
• NickyCakes.com

Thanks for giving us some of your time, Joey!

-Anyone else, feel free to add to or comment on anything discussed above!

This is the first guest post here on Timmyjohnboy.com. This will not be the only guest post.  I’m having some guests come and blog for a few reasons, one of which is because I do not know everything and I think some experts in some other areas could do us all some good.

Silki is the the guest and she blogs about security issues on her blog, WebToolsAndTips.com. She was kind enough to share a little about file encryption and some simple tools to help us in that endeavor.  Check out her blog when you get a chance!

Here’s the post:

Most people think that file encryption is something that is needed only by large organizations. With the rapid growth of Internet and IT enabled services, your machines store volumes of personal and financial data, which can harm your privacy and security, if grabbed by wrong hands.

The key to safeguarding your data is file encryption. But unfortunately, many computer users do not use any file encryption tool. Some think that it is too geeky, some think that it is too costly to invest in a file encryption Tools and the rest are too busy and engrossed in their daily routine to give file encryption a serious thought.

Whatever the case is, file encryption needs to have an important place in your arsenal.

And it is not difficult. There are lots of file encryption tools available, which can easily do the job for you. And the best part is that you do not have to pay a penny to use them for your own use. Some of them are following:

Cryptainer LE:

Cryptainer LE uses 128 bit encryption to create a secure archive to store any type of data. It uses 128 bit encryption. You can add or extract files from this archive through a simple drag and drop operation. Cryptainer allows you to password protect and secure any file or folder on any media, including removable drives (Flash Drives, CD ROM’s etc.)

CryptoExpert Lite: CryptoExpert creates encrypted virtual disks but the best part is that these disks are visible as normal disks with drive letters. You can create encrypted containers (file vaults) up to 20 Megabytes in size, which are accessible on a virtual volume on the fly.

TrueCrypt: TrueCrypt is an open-source disc encryption software for Windows Vista/XP, Mac OS X, and Linux. It can create a virtually encrypted disk within a file and mounts it as a real disk. TrueCrypt encrypts an entire partition or storage device such as a USB flash drive or hard drive. It can encrypt a partition or drive where Windows is installed and the encryption is automatic, real time and transparent.

Dekart Private Disk Light: Dekart Private Disk Light creates one or more virtually encrypted disks on your hard drive and/or other external storage devices. This free disk encryption software creates a virtually encrypted disk within a file and mounts it as a real disk. All data encryption is extremely fast, automatic, on-the-fly and with no performance penalty.

Kruptos: Kruptos includes a powerful file shredding utility, and the ability to generate self-decrypting files. It is quick to download and simple to install. Kruptos is good for secure transportation of files on portable storage devices, such as portable hard drives or USB storage keys.

Try These File Encryption Utilities. Remember, your security and privacy deserves a careful look, and only you can provide it.

This is a guest post by Silki Garg. She advises on spyware removal, online threats and malware detection, on her Internet Security Blog. A visit to her Blog is highly recommended. You’re sure to find something of interest.

Thank you, Silki, for taking the time to introduce us to the world of file encryption!  Readers, tell me, have you ever or do you at this time utilize any kind of file encryption?  If so, tell me about it in the comments.

Today, it being Firefox Friday and all, I want to share with you another FireFox add-on I’ve started using called “Web Of Trust” or WOT.

I don’t remember how I came across the WOT add-on, but it was probably the Google alert I set up in Google reader to alert me via RSS whenever “Firefox” shows up somewhere on the internet.  However, since I found it, I’ve fallen in love with the idea.

Basically, WOT offers website ratings to give you an idea of how trustworthy the site is before you visit it.  It rates according to the following categories: trustworthiness, vendor reliability, privacy, and child safety.  Their primary source of the ratings is from other users rating sites, however they also use other “carefully chosen” trusted sources such as PhishTank to help protect users from new, rapidly spreading threats.

Here’s a demonstration video showing how it works:

I encourage you to check out the WOT About Us page to get a better understanding of what WOT is all about, and then download the WOT add-on for Firefox and use it!

Once you have the add-on installed, learn how to rate sites and help out the system!

Common back next Friday for Firefox Friday!