We say NO to SOPA!
By now you should have heard or read about SOPA (Stop Online Piracy Act). On Wednesday January 18th, there will be a hearing about this web-crippling law in Congress. And although you might have heard that some politicians halted their support, the bill is NOT cancelled. Neither is it Senate’s equivalent, called PIPA.
One of the many bad effects of these laws is that a webmaster is going to be responsible for ANY content on his site – including comments! So, one comment receiving a complaint of an Intellectual Property law violation might bring down a complete website! Linking to your home made video that contains a song of your favorite artist then becomes a double offense: not only the song is used “illegally” (even if you use it for personal entertainment only), but linking to it from any site (or in a comment) endangers the site as well – not just that one page, but all pages (which can be 1.000′s pages for news-sites etc.). As a webmaster you would have 5 days to remove the link/comment, otherwise your site goes down – and we all know how difficult it is going to be to get it up and running again – lots of paperwork for sure and perhaps a ticket? Three tickets and you’re out?
As a webmaster it is virtually impossible to monitor all comments: this site only has a couple of dozen pages so far, but one single comment can be one too many. For larger sites it means either dedicating staff to comments only or to just disable comments completely – effectively crippling the option to voice our opinions (how misinformed, poorly spelled or vulgar they may be). Also, webmasters tend to fall ill for several days – or longer. Or they make a business trip. Or even holiday… Just disabling comments as the risk is too great? “Thanks to SOPA you can not comment until the end of next week.” That kills our options for discussions, adding information, exchange of ideas etc.
That is only one tiny aspect of SOPA and PIPA – one that affects you as an user of the internet. We feel that is a bad move and that is why this site is protesting SOPA – we put up a ribbon in the right corner and Wednesday this site will go dark. Just like WikiPedia and sites I manage, like Defrosting Cold Cases.com and Gerbera.org.
Below are a few links for more information:
We hope you support us to keep the Internet the free and open place that is right now!
Read MoreYour essential PC-security guide
Because of the recent DigiNotar-scandal and general questions from friends and clients, herewith my ‘best practices’ when it comes to securing my pc (and online activity).
A few remarks:
- I use Windows machines – software I discuss might come in other OS-versions – or not. If you feel you don’t need any security because you’re on an Apple, think twice: it might be safer and stabler than Windows, it doesn’t mean you are completely safe: just because there are less Apple users, there are less hackers out there writing viruses etc. Educate yourself: Apple security and anti-virus. There are still some useful tips and links for you here;
- Almost all software and links that I use/mention are free – MailwasherPro isn’t ($30 a year). Most free versions are ‘doing a good job’, but, sometimes the paid versions are worth it (if only to support the developer(s)).
I do not get anything from them for endorsing them – it is based on my experience with their products (sometimes for years now) and by sharing it I can assist you and help them a bit. There are no affiliate links here, so there is no commercial interest or incentive from my side – I’m objective and independent; - I indicate whether something is critical, strongly advised etc. That’s just my ‘grading’ – based on my experience. So, that is subjective, as you might feel that something is not that needed at all because you have never used it and never ran into trouble. Great, good for you – this is a guide only – not some law. I use everything mentioned here, so you could do so as well – or use something similar (like a different virus scanner). Still, try the stuff I mention here – it won’t hurt your machine or experience, but you will be better protected.
- No guarantees from me – as they say: “the chain is as strong as the weakest link”. Meaning, if you, for instance, use weak passwords, no firewall can protect you. Follow this guide and you won’t make the rookie mistakes any longer.
Questions? Suggestions? Overwhelmed and confused? Leave a comment below or email me via the contact page. Any feedback is appreciated – always (please leave out comments on ‘better’ OS’s – this is about making Windows safer – comments need approval, so do not waste your time).
In due course I will update this page – better solutions might come available, so I want to add those. Check back every 3 months or so.
At the bottom of this long page, you will find a table that conveniently holds all links from this article – like a summary. Once you know what you need to add or update, you will find it quickly there.
DigiNotar issued certificates that verified computers and websites: like a passport, telling you that it really is who they claim to be. That is standard practice and you see certificates each day: Verisign and RSA are the bigger players. Except, the DigiNotar certificates got compromised (‘infiltrated’) and can not be trusted any longer. They are added to your browser, but if you recently updated your browser, they should not be in there any longer. Here’s how to remove them manually (Internet Explorer, Firefox and Chrome): remove DigiNotar from your browser.
Anti-virus & Firewall: Critical
- No introduction needed. I don’t like Norton or McAfee, as they are clunky and invasive, clogging up your machine and slowing it down. Much better (!) alternatives are Avast (I got their paid version, but after some update it interfered with my DSL line, so I switched to) and Comodo. Very good products, including firewall;
- Although some people feel you need only one anti-virus product, I disagree. Because Microsoft offers an excellent tool to keep you safe(r): Security Essentials. You can run it in conjunction with any anti-virus scanner, so get it now;
- Also, make sure you enable Automatic Updates – follow the instructions or click on the left mechanic-image. To manually check for updates, bookmark this page: Windows Update;
- WIFI/WAN – check the settings of your router/modem – usually there is a built-in firewall (hardware one, as opposed to software one (see 1 & 2)). Make sure you use a strong access key, so strangers can not access it from outside, stealing your bandwidth – or worse.
Heard of ‘scareware’? It’s fake, free online virus-scanning. Fake because it is a virus or malware – by fooling you that you are cleaning your pc, you actually get infected. Use only the above tools to scan – never click on a link in an email or one of those annoying, flashing banners or pop-ups. Even if it displays the contents of your disk (folders/directories and a list of files), do not accept their friendly offer! Without your permission they read the contents of your drive to give you the impression it was a serious virus-scan. To learn more about the risks, read this: avoid scareware scams.
Passwords: Critical
We all ‘know’ we need good passwords, but we also admit that we are lazy, sloppy and un-smart. That’s why hackers love you and will keep returning to your accounts.
A few pointers:
- don’t use your main/business email account to sign up with websites, newsletters etc. Use one you could afford to ‘lose’ or throw away (Gmail is quite good) – reason being, if some site gets hacked, they only find your disposable address (and password);
- use unique password for each site – you read about several major sites being hacked and passwords being exposed lately – those password are now tested on other sites, trial and error… A simple trick is to use the first 3 letters of a sites’ name before some generic password: ‘gma’ for Gmail, ‘hot’ for Hotmail > gma#Mypwd & hot#Mypwd – far from perfect, but much better than no site-variation at all;
- Don’t use (pet)names, words from the dictionary, birth-dates only etc. Also, use at least 8 characters (Capitals, digits, special chars: !_+@#$-~%()
Good passwords are usually hard to remember – certainly the first few times – and once you start remembering them, you should change them as they might be a bit too ‘old’ now… But what is a ‘good’ password? There are many articles out there – here’s a good one: Simple Formula for Strong Passwords.
Skip the boring stuff and jump to their Appendix A (page 40) – use it as a guideline – you can change anything you like, as long as you make it yours so you can remember it easily:
How to create a password:
A.
- Pick any special character. You will always use it for your passwords (like !@#$%^& (*+)=-;:’”~`][}{\|><?/.,`)
- Pick a secret 3 or 4 digit number (could be birthday, like April 5, 1956 or 4/5/56, written without the slashes= 4556 (this is your secret code)
- Pick a very simple password that you can remember (this is the root of your password – it can be the name of the application/site you are logging into, such as Windows, Hotmail, MS Word, Resume, etc.)
B.
- Always surround your root password with your favorite special character
- Always insert your special number after the second character of your root password
- Always capitalize the first character after your secret code (now you have the unchanging part of your password – the Static Password)
- (Now for the part of your password that changes every 90 days when you are forced create a new password) Always add the creation date to the end your new static password. Add it as a combination of the calendar quarter plus the calendar year (Quarter 1, or Q1 of 2005 would be 1 and 2005 written together as 12005 – Now you have your Full Password)
Example 1
(Password = ~Ti4556M~12005)
Step 1: ~
Step 2: 4556
Step 3: Tim
Step 4: ~Tim~
Step 5: ~Ti4556m~
Step 6: ~Ti4556M~
Step 7: ~Ti4556M~12005Example 2
(Use the same technique for each account that you have. Just change the root password to the name of the account or application and everything else is the same)Hotmail (Password = #ho4556Tmail#12005)
Step 1: #
Step 2: 4556
Step 3: hotmail
Step 4: #hotmail#
Step 5: #ho4556tmail#
Step 6: #ho4556Tmail#
Step 7: #ho4556Tmail#12005Example 3
Windows (Password = $wi4556Ndows$12005)
Step 1: $
Step 2: 4556
Step 3: windows
Step 4: $windows$
Step 5: $wi4556ndows$
Step 6: $wi4556Ndows$
Step 7: $wi4556Ndows$12005
Want to test your password-strength? Go here: Microsoft Password Checker or here: Passwordmeter.
Now that you have more and stronger passwords, you need to keep track of them. Don’t put them in an Excel sheet, as that is not safe enough. Use this: Keepass. Make sure you start with a really strong pass-phrase(!)
Even losing 1 file that you worked on all day is a small crisis – imagine losing several folders or email messages. It happens all the time: deleting the wrong files or too many; a power dip that freezes the file(s) you’re working in; uninstalling software which deletes your workfolder without warning. Or your hard disk simply giving up. Just like you have insurance on your car and home, you need to be prepared for the worst case scenario when it comes to your computer. Not only in the cases mentioned earlier, but also fire or theft – you can not afford to lose those files.
I don’t use any software to backup my files – using ‘old’ DOS batch files that I edit myself, I copy my recently changed files to an external drive. To save you the hassle, there are several programs that make it an simple task for you. This one seems very efficient: SyncBack (they offer 3 versions; the free one is basic, but should be enough for starters – you can always upgrade later).
Another option is online storage: no external drive needed (that you have to store away from your PC!) and that you then forget to bring to your pc…. missing your weekly (or even daily) backup. You’re online already and this service helps you out: Comodo Backup – it looks like a good solution (they even help you setting it up).
And, one of the leaders in online backups: Carbonite – not free, but robust and reliable.
Malware (trojans, key-loggers etc.) might not always be detected straight away by your virus-scanner(s). Yes, they should protect. No, they don’t as there are now so many different forms and mutations, that it takes specific tools to scan and remove. One of the better ones is Malwarebytes. Run it regularly (weekly) as an extra safety.
Regular clean up: Strongly advised
Windows is not the best platform when it comes to ‘resources’: it saves a lot of useless files, depending on your settings it keeps all your internet history for ages, the registry gets clogged (no built-in cleaner, not even after all those years…). So, you need to do some extra maintenance there as well…
Two cleaning tools:
- CCleaner – excellent tool to clean your internet history (incl. cookies that contain personal/private data) and your registry (so your machine runs a bit better). Also for Mac;
- Regseeker – does a very good job on cleaning your registry (finds other stuff than Ccleaner) and some other clean ups (older tool, might not work on the latest Windows-versions)
The regular warnings:
- do not open attachments from strangers – never;
- do not click on links in mail from strangers – not once;
- do not reply to spam or junk with some smart Alec answer – all you do is confirming your address, so they can sell it, resulting in more…
Now if you are really serious about mail and security, get MailwasherPro. It checks your mail on the server and you delete it there – it never reaches your inbox. Also, it detects spam, so you can delete it even faster. You can set up all kind of rules, making your online life a bit easier. The free version is pretty useful, but Pro is worth the yearly fee of about $30 – seriously!
Other updates: Strongly advised
Now that you update Windows regularly (see above), you also need to check on other programs (Windows should do this, but hey…). Make sure you stay up to date as much as possible: no use having anti-virus and firewall, but the bad stuff comes in via a backdoor (like outdated software).
Two suggestions (I use both):
- Secunia – online scanner, checks for the most common programs (run it every 2 weeks)
- FileHippo – installs a small program – checks for updates on many programs on your pc – great site for finding new software as well! (run it every 2 weeks)
If you really want to protect all sensitive data on your harddisk, use Truecrypt – it ‘locks’ (part of) your disk. As that section is hidden, others don’t even see it when browsing in Windows Explorer (in case they would get access to your pc – either via the web or when it is stolen).
Also, you could install Prey – intended for laptops mainly, it sends data over the internet once in the hands of a thief: screenshots, IP address etc. With that info, you possibly can find your machine and hand it over to the police so they can get it for you – as was the case here: “How I got my laptop back with Prey”
SUMMARY (all links together now)
Section | Status |
DIGINOTAR (section) | Critical |
Remove DigiNotar | click here |
ANTI-VIRUS & FIREWALL (section) | Critical |
Avast | click here |
or | |
Comodo | click here |
MS Security Essentials | click here |
MS Windows Update | click here |
PASSWORDS (section) | Critical |
Keepass | click here |
Formula for Passwords | click here |
MS Password Checker | click here |
Passwordmeter | click here |
BACKUP (section) | Critical |
SyncBack | click here |
Comodo Backup | click here |
Carbonite | click here |
MALWARE (section) | Strongly advised |
MalwareBytes | click here |
CLEANERS (section) | Strongly advised |
Ccleaner | click here |
RegSeeker | click here |
MAIL (section) | Strongly advised |
MailwasherPro | click here |
OTHER UPDATES (section) | Strongly advised |
Secunia | click here |
FileHippo | click here |
ADVANCED (section) | Optional |
Truecrypt | click here |
Prey | click here |
How to kill an elephant, your online reputation and anger a swarm of mosquitoes
When I read this, Webpronews Godaddy, I was surprised to see the number of comments – apparently hundreds of people felt the need to comment – within 2 days! That means, this issue touched a nerve… Something to remember next time you post your holiday-video online – and then brag about it!
In short, Bob Parson, the CEO/Owner of Go Daddy (hosting & domains) went to Zimbabwe with a hunting rifle – shot an elephant bull female in a cornfield, gave the locals GD-swag and filmed not only the hunting, but also the butchering. Claiming that it was a rogue bull, that shooting it was the only option and that it provided meat for the starving people.
I was a GD client for several years – but yesterday I transferred my (clients) domains away from them (and not renewing the ones I left with them). Because of the above. Not because their products are bad (ok, their interface sometimes is cluttered and their upsell is obnoxious), but simply because I don’t support hunting. This senseless hunting takes plase all the time here in Southern Africa (and many other areas!) – it’s small people with big wallets and big guns needing to prove their manhood.
I know, elephants do destroy crops, trample villages and people. In some areas they have become a threat, so something needs to be done. In case of threatening herds, there are better solutions than simply killing them – particularly when it is done in an ‘uncontrolled’ way, by self-proclaimed conservationists that are basically only interested in the trophy-shots. But look at the cause. People invade the natural territories of game and wildlife on a daily basis. So what used to be the animals’ feeding-grounds for centuries, is taken away from them. Because of that, perhaps we should look into population-reduction – as opposed to wild-life extinction?
And yes, people in Zimbabwe are starving. But not because of an allegedly rogue elephant – unless you want to put that label on Robert Mugabe. No, the country is a completely ‘Failed State’ – it’s in the top 5 – all African countries – with elephants – for so long, as poaching decimates their numbers rapidly. By travelling to Zim, one bad Bob supported some other Bob – a totally corrupt and inhumane one. Yes, the villagers got some meat for a few days, but the money went to the baddest Bob of all – not to the people.
Also, it is claimed Parson shot a leopard. Was that a rogue animal as well? Destroying crops? Eating babies? Did Bob come to the rescue once again? Hard to believe; it was just another trophy – and even worse than the elephant, as leopards are even more endangered – and feed less starving people…
Parson thrives on publicity. I’m sure he got more than he begged for. Everywhere people started to cry out loud. “how to leave Godaddy” is a popular search term, with dozens of instruction-pages now. Competitor Namecheap (no, I didn’t need to watch the vids) offered a transfer-special, donating $1 per domain to Save the Elephants. Even banners are designed: Bye Daddy swag. That is all within a few days – even before big media picks up on it.
Update 10 April: apparently my post and the massive media-coverage made Bob (or his PR guru) a bit nervous – his original video now re-surfaces heavily edited. He intially claimed to fully stand behind his actions, including his videos. Although I doubt he will give up hunting, he now tries to save some of his public image? Or business?
Internet can be your friend – as self-made man Parson knows: he built GD from scratch and is now the biggest domain registrar – I have a lot of respect for that. However, it can turn into your worst enemy as well… we will probably never know how many clients Bob lost, but his 2 shots killed more than just that bull… yet, I don’t think he, as a former Marine, will lose much sleep over it….
Some people may argue that I ‘make an elephant out of a mosquito’ (as the Dutch say). And obviously, Bob is the elephant here, whereas I’m nothing more than, well, a futile mosquito. But then, Anita Roddick, put it cleverly: “If you think you’re too small to have an impact, try going to bed with a mosquito.”
As a mosquito I now go to bed knowing that I put my money where my mouth is.
UPDATE: $20.000 donated!
Read MoreJachtplezier.nl
Client: Jachtplezier.nl
Platform: CMSimple-XH
Graphic design: Claire Concept
Briefing: Claire designed logo and corporate identity and this needed to be translated to the web. Client wanted to be able to add ‘news’ pages, to edit existing pages (occasionally) and a multi-lingual site (NL, EN & DE). After some research we decided on CMSimple, as it really
Read MoreGerbera.org
Platform: WordPress
Theme: Patricia Ritsema van Eck
Initially built in html and css in 2004, the site became too big (200 pages now) to manage, so I decided to transfer to WordPress. With the help of Stefan all pages were converted. This is a prime example of using WP as a CMS (Content Management System): WP is primarily used for blogging: the newest
Read MoreBemanninggezocht.nl
Client: bemanninggezocht.nl
Developer: Scube
Graphic design: Claire Concept
My role: project management. Translating
Read MoreSitepoint CSS-live course
Two weeks ago I signed up for this training: CSS Live with Russ Weakley (of MaxDesign).
Why? After dabbling with CSS for years now, I felt there was not a true understanding/foundation – sure, I manage (with the help of an editor), but some things just didn’t work – they should, yet they didn’t… and of course they didn’t make sense at all – “CSS sucks!”. And what the heck are ‘floats’? “I don’t need them, so who cares?”
Vaultpress – The Golden Ticket
Friday I got ‘The Golden Ticket’ from Vaultpress (see my previous post here: Aliens happen) – the new WordPress back-up service (from Automattic – WP’s mother). Being excited becoming part of the beta, it was kind of a disappointment when I was taken to this page:
Read MorePattern Tap keeps your inspiration running
“Pattern Tap is here to satisfy and encourage the inspiration needs of my interface design peers and peeps. We aspire to be the design tap for your next inspiration need.”
“Pattern Tap was born out of our love for the best interface designs on the web. We wanted a place where we could come and easily find the stuff we were looking for. Sometimes
Read MoreWorlds oldest computer user
Granted, not a pc or laptop, but still: Virginia loves her iPad. For perspective: she was born in the year aluminium foil was invented. And this: 1910 inventions. In the first 10 years of her life, this was added: 1910-1920 inventions. Yet she’s still rhyming better than most rappers these days 🙂
Thanq Mr. OneDayCompany!
Read More