Imagine that! Information overload as a privacy violation…

In today’s world we are spammed with massive amounts of information. There’s actual spam, of course. My email spam folder gets hundreds of messages a day. Every now and then, I like going through my spam folder to laugh at the spam taglines. My spam folder has even been used in the creation of odd poetry.

But when I think of information spam, the first thing that pops into my mind is advertising. Targeted advertising displays adverts you might be interested in based on your search. There’s also advertisement overlays on video sites like YouTube (don’t you just hate not being able to see the whole video screen because of an advert that just won’t go away!). Advertising is everywhere, spamming us with an overload of information targeted specifically for us.

Today is International Data Privacy Day. When people think about privacy, their thoughts almost always turn to things which they feel threaten their privacy, things like SOPA/PIPA, ACTA, or H.R. 1981. While these may be legitimate threats to privacy, is that all you think about when the subject of privacy comes up?

Bill Gates said something 10 years ago, in a Microsoft email where he promoted Trustworthy Computing. What is Trustworthy Computing? I quote from that email:

“What I mean by this is that customers will always be able to rely on these systems to be available and to secure their information. Trustworthy Computing is computing that is as available, reliable and secure as electricity, water services and telephony.”

And how does privacy fit into Trustworthy Computing? It’s an integral part, according to Bill Gates.

Privacy: Users should be in control of how their data is used. Policies for information use should be clear to the user. Users should be in control of when and if they receive information to make best use of their time. It should be easy for users to specify appropriate use of their information including controlling the use of email they send.

Trustworthiness is a much broader subject than security or privacy. When we think of things that violate our privacy, we generally relate it to things that violate our sense of security.

But this line: “Users should be in control of when and if they receive information” Wow! Even though information overload isn’t necessarily a breach of security, it is a privacy violation.

Okay, well… they didn’t exactly say that, but if you are one of the few thousand people whose head is being crushed by the rock you’re living under, it might as well say that.

All Windows users who are using out-of-date versions of Windows (read: Windows 2000, and any XP version pre-SP2) are being urged to update.

The Mozilla Release Engineering Team announced they are going to begin upgrading their Windows build systems to Visual Studio 2010. Because of that they will no longer be able to build Firefox versions that run on Windows 2000, Windows XP RTM, or Windows Service Pack 1.

Firefox 12 will be the last version that runs on older systems. After that? Well, you need to upgrade if you want Firefox!! Or, if you prefer that rock you’re living under to upgrading, you can always switch to Opera.

Yesterday, my amazing desktop computer that I built from my own blood and tears lost it’s GPU. All of the sudden, everything lagged… and then it died.

I was able to back up all my important files using a Linux USB bootkey with a very minimal UI, but I’m not sure how long it will take for me to rebuild my desktop back to glory… assuming it can be rebuilt.

Sigh……….

Mark Shuttleworth has just blogged about a new way to use applications menu.

Called Head-Up Display, or HUD, this new feature will ultimately replace menus in Unity applications. HUD is a new means of invoking commands where users can search and launch menu commands from a console. It has a smart mechanism that prioritizes frequently used commands in list. Every application that support Ubuntu global menu currently will have the ability to use new HUD menus.

Check out the video:

You like what you see?

Here’s how you can get it!

To install HUD from PPA, run following commands (Ubuntu 12.04):

sudo add-apt-repository ppa:unity-team/hud

sudo apt-get update

sudo apt-get dist-upgrade

I think HUD will make a wonderful addition to Ubuntu on newer computers! I have reservations though… Now I’m going to close off this blog entry by explaining my reservations about HUD.

It’s not a HUD!

Understand, I have great respect for Mark Shutterworth and his thesaurus/dictionary which, on any given letter in the alphabet, manages to find animal names paired with amazing words I didn’t know before they became distros.

But calling this system HUD makes it seem like the thesaurus/dictionary lost it’s muse. It’s not a HUD. Look it up! Or better yet, here’s a definition I pulled from the internet about what a HUD is.

“An acronym for Heads up display which is a system of mounting gauges so that the read-out is shown on the Windshield. In this way the Driver does not have to take his eyes off the road to see how his vehicle is performing.” - By this definition, the Linux package Conky is more of a HUD than “HUD” is! According to the blog and video above, all HUD does is replace an application menu. It doesn’t display gauges, or program information. Also, that part about “a driver does not have to take his eyes off the road to see how the vehicle is performing”? Could we say the same about HUD? Will it allow you to use it without taking your eyes off the program? It covers half the screen, so I think the answer is no.

Now, there was a name in Mark Shuttleworth’s blog that I liked much better than HUD. To quote directly from his blog:

a way for you to express your intent and have the application respond appropriately. We think of it as “beyond interface”, it’s the “intenterface”.

Intenterface!! Now I like that name! No, I LOVE that name! It sounds so much better than HUD. I think the name should be changed from HUD (which it isn’t) to Ubuntu Intenterface.

Intenterface/Unity vs Older Computers

And this beings me to my next issue with Ubuntu Intenterface. It won’t support older computers. Unity barely supports older computers now!

Remember the olden days when you could reformat an old computer that wouldn’t run Windows because of being too slow, but you could slap Ubuntu on there and it would run just great! In fact, using Linux probably extended the life of many computers by years simply because it was a slim OS (didn’t need much in the way of memory or hardware).

Those were the days…

I started testing Unity starting with 10.10, when the first change to Unity came. The results were disastrous! Unity, based on Compiz, uses so much video memory, it crashed and burned on older laptops and desktops that just needed a small life extension. Unity 2D was only slightly better, but it also lagged horribly when put under test. Here’s why: everything had to be indexed in order for Unity to work. All the programs, and documents needed to be indexed so Unity could shortcut to them.

Unity worked okay on new computers where the processor could handle a Unity search. But even new computers tended to lag once you loaded them up with documents, movies, and music. The sheer number of options for any 3-to-4 letter Unity search would lag… and on an older computer, that lag could turn your hair gray.

Now, with documents, music, videos being indexed, along with nested menus, shortcuts, bookmarks, etc. in a beautiful interface that uses lots of video memory… I don’t feel that the Ubuntu Intenterface HUD is going to work well on older computers.

All That Indexing!

Pre-Unity if you wanted to hide documents or files on a computer, all you had to do was put them in a folder and preface the name of the folder with a period - .private

Then came Unity, and along with it indexing every file on the computer came unwanted results. It indexed every file and would display those files regardless of their being hidden or not.

That bug still hasn’t been solved! Still in Oneiric, you can do a search for hidden files and they will obediently show up! There is a fix, but it doesn’t always work. You can download the Activity Log Manager and fix Unity so Zeitgeist doesn’t log everything, but occasionally this breaks and suddenly hidden files start showing up again.

We thought everything was indexed before… now, it literally is, EVERYTHING. Can anything be hidden now?

That Being Said… In Conclusion

I am a very negative person at times… and changing things that weren’t broken causes me to be doubly negative.

But I always try to be fair, even when I’m negative. With that in mind, I do plan to trying out Unity in 12.04 along with Unity’s new intenterface HUD.

I’ll probably have a different opinion then… and even if I don’t, at least having tried it, I have a better idea of what needs to be fixed than I do now from just watching a video and reading a blog.

Senator Lamar Smith is at it again! First it was SOPA. Then it was PIPA. Now it’s “Protecting Children from Internet Pornographers Act of 2011” (PCIPA, anyone?). It’s H.R. 1981 and it is poised to have even more dire consequences than SOPA or PIPA ever had the potential to have!

At issue is how to catch child pornographers. It’s too hard now, say the bill’s backers, and I can sympathize. It’s their solution that appalls me: under language approved 19 to 10 by a House committee, the firm that sells you Internet access would be required to track all of your Internet activity and save it for 18 months, along with your name, the address where you live, your bank account numbers, your credit card numbers, and IP addresses you’ve been assigned.

Tracking the private daily behavior of everyone in order to help catch a small number of child criminals is itself the noxious practice of police states. Said an attorney for the Electronic Frontier Foundation: “The data retention mandate in this bill would treat every Internet user like a criminal and threaten the online privacy and free speech rights of every American.” Even more troubling is what the government would need to do in order to access this trove of private information: ask for it.

I kid you not — that’s it. All someone has to do is ask, and they can get all your credit card numbers, your bank account numbers, your address, and your name!! Does this sound like the perfect setup for identity theft here?

As written, The Protecting Children from Internet Pornographers Act of 2011 doesn’t require that someone be under investigation on child pornography charges in order for police to access their Internet history — being suspected of any crime is enough. (It may even be made available in civil matters like divorce trials or child custody battles.) Nor do police need probable cause to search this information.

Don’t worry though, there’s an additional set of lines that should placate you because it’s so very kind of them to think that you might not like being spied on 24/7:

(1) to encourage electronic communication service providers to give prompt notice to their customers in the event of a breach of the data retained pursuant to section 2703(h) of title 18 of the United States Code, in order that those effected can take the necessary steps to protect themselves from potential misuse of private information; and

(2) that records retained pursuant to section 2703(h) of title 18, United States Code, should be stored securely to protect customer privacy and prevent against breaches of the records.

So don’t worry, your information will be “stored securely” so no one else can access it! But if they do access it, your ISP will give you “prompt notice” so you can change all your credit card numbers, change banks, hide your kids, hide your wife, and hide your husband.

I can’t believe that could be another law even worse than SOPA/PIPA, but leave it to Lamar Smith to write one!

In this previous article, I shared an infographic with dozens of great tips on how to create a secure password.

“But I’m not that imaginative!” some people complain. Actually everyone I know who read my article and looked at the infographic complained that way.

So I decided to see how serious the lack of secure passwords really was. I started polling people, randomly, asking them how secure they thought their passwords were, and then asking them to type their password into howsecureismypassword.net to test them and let them see for themselves how long it would take for someone to crack their password.

100% of the people I polled thought their password was secure. 99% had passwords that could be cracked with a minute. 0.9% had passwords that could be cracked within a day. Less than 0.1% had actual secure passwords.

Some people actually said they don’t remember passwords. They write them down so that they won’t forget them. I suppose this works well if you never travel anywhere… but what happens when you go on a trip and your computer bag with your laptop and password list suddenly goes missing?

Others said they store their passwords on their computer. I get a migraine when I hear someone tell me that the passwords to their life are stored on their computer. You’re just begging to be hacked or have a nice computer virus aren’t you?

A few other people I know said they based their passwords off of their names… (oh, don’t laugh yet, it gets better!).

One person told me his password is his first name (which only about 10,000 people know is Steve).

One person, who had a very interesting password with 9 numbers at the beginning followed by his name and a concluding 6 numbers at the end, told me that he based his password on social security number, his name, and his date of birth!

From another hundred responses, I garnished passwords like God, 12345678, qwerty, doctorwho… and etc.

Let me repeat the guidelines for a strong password.

1. A strong password has at least 15 characters.
2. A strong password uses uppercase characters.
3. A strong password is NOT made up of only uppercase letters.
4. A strong password uses lowercase characters.
5. A strong password is NOT made up of only lowercase letters.
6. A strong password uses numbers.
7. A strong password is NOT made up of only numbers.
8. A strong password uses symbols, such as !@#$%^&*()[]{}_-<>,.?/\|
9. A strong password is NOT made up of only symbols
10. A strong password is NOT found on only one row of the computer keyboard.
11. A strong password is NOT like your previous password.
12. A strong password is NOT your name.
13. A strong password does NOT use any part of your name.
14. A strong password is NOT your login ID.
15. A strong password does NOT use any part of your login ID.
16. A strong password is NOT your friend’s name.
17. A strong password is NOT the password your friend uses.
18. A strong password is NOT a family member’s name.
19. A strong password is NOT the password another family member uses.
20. A strong password is NOT a dictionary word.
21. A strong password is NOT your bank account number.
22. A strong password is NOT your social security number.
23. A strong password is NOT your Military ID number.
24. A strong password is NOT one that unlocks a bunch of stored passwords.

If this list of rules has left you feeling a little awkward, it might be time to change your password.

Below I am going to list my top 10 password making sites to help inspire you to change your password that you thought would never be cracked.

1. http://maord.com/ - This is my current favorite password generation site! It can generate up to 2500 passwords at a time, and includes features like MD5 and SHA1 hash values for encryption
2. www.passwordcard.org/en - For those of you who feel the need to have your passwords in print, Password Card does just that. It prints multiple secure passwords on a wallet-sized card for you to print, laminate, and save.
3. http://randomkeygen.com/ - Generates a full page of passwords that you can print and use.
4. www.us-webmasters.com/Random-Password-Generator/ - Generates a list of passwords. This is good for you people who write them down; you can print out a sheet of secure passwords - just don’t make any marks on the page to show which password you are using.
5. www.passwordchart.com/ - This is a unique way to make a password! Type in a passphrase, and it generates a wallet-size chart using your passphrase. You can then use the chart to make other secure passwords that you will have no trouble remembering.
6. www.freepasswordgenerator.com - Generates a list of passwords. This password site removes 0, O, |, I, 1 and l to avoid possible confusion and future misspelling of your password.
7. www.grc.com/passwords.htm - Every time you refresh the page it generates a new set of high-quality, maximum entropy, pseudo-random number, cryptographic-strength passwords. Don’t change your password until you’ve copied it down! Otherwise your computer will be secure from you as well.
8. www.safepasswd.com/ - This generator can make passwords that are both easy to remember or secure.
9. www.randpass.com/ - This site doesn’t generate the most secure passwords. However for people who have trouble remembering really long passwords all the passwords generated here are only 8 characters long.
10. http://makemeapassword.net/ - The sister site to howsecureismypassword.net. Probably generates secure passwords, but I mostly like it because it offers a good example on how you can change letters and numbers in a password in order to make it more secure.

Below each post on the Proxy Glider is a comment box.

Enjoy!