Categories
Featured How-to IT News, Tech Information and Analysis Learning

How to keep your Passwords and Online Accounts Safe?

Internet has provided us with some amazing ways to do our day-to-day tasks better; sharing content and even getting in touch with friends have never been so awesome. As easy as it sounds, it is equally vulnerable to attacks. Most hackers either take control of your account for malicious activity or are just mere stalkers. I did hear about a couple of stalking cases from my friends recently and that’s when I thought of writing this piece. I even had a discussion with my friends online and they shared few commonly used methods in this regard.

Here are some of the best practices. The first tip is a very obvious one; using a strong password.

1. How to Keep Passwords Safe:

  • A strong password is generally referred to a key which has over 14 characters with at least 1 special character and numbers. There are online tools which can help you with suggesting some passwords. Random and Secure Passwords to name a few.

  • Do not use consecutive letters or numbers. For eg: abcd, 9876 etc.
  • Do not reuse old passwords; change your password regularly, at-least once in three months.
  • Do not use your family members name, the place you work, Anniversary and Birthday dates as passwords which is commonly known to others.
  • Do substitute numbers, symbols, and misspellings for letters or words in an easy-to-remember phrase. Passphrase as some would refer. Again, partial substitution is a good idea. For example, One Step Closer can be One$tepCl0sEr.
  • Do not use long words, quotations or phrases in your password; anyone around your desk or the key logging tools can always track the possibilities.
  • Do not use the same password for all your email accounts.
  • Do not write down your passwords on a paper near your desk; or even as a saved note on your Phone.
  • Do not sharing password information on Emails and Instant Messengers etc.

2. Social Accounts:

  • If you use your Gmail address to sign-in to your Facebook Account, use unique passwords for the same. Your Gmail account and Facebook’s password doesn’t need to be the same.
  • Similar to emails, do not have the same password for all your social accounts.
  • Having a base password mixed with a prefix or suffix created using the name of each website can be a good idea too. So, for example, Facebook, the password is H!Th3r3Face. For Google, H!Th3r3Goog.
  • If you have synced your email / Facebook accounts with your Phone, try enabling a passcode/pattern/finger print for your device.
  • It is very easy to impersonate your profile these days. A hacker, generally takes the relevant details from your profile and your display pictures and create a new profile with your exact name. These fake profiles further send out friend requests to all your contacts claiming that, your old account was hacked and this would be your new profile. In such a scenario, it would be great idea to talk to your friend over phone, before you confirm the friend request.
  • If you abandon an old email address associated with any of your social accounts like Facebook, Apple ID, Dropbox etc. Be sure to update them with your current email address.

3. Two-Factor Authentications and OTPs

Two-Step Verification adds an extra layer of security to your online Account, drastically reducing the chances of having the personal information in your account getting stolen. To break into an account with 2-Step Verification, a hacker would not only have to know your username and password, they’d also have to get a hold of your phone.This can be a turn off to many people considering that, some of the providers send you a code via SMS, and you will need to wait for the SMS code before you log-in.

Google also introduced an USB Security Key; one does not need to look or wait for codes on the phone and then re-type it; rather he/she can simply insert the Security Key into computer’s USB port when asked.

However, Google’s 2 Factor authentication doesn’t need a SMS too; you can use their mobile app for the secondary token. It is quite similar to those RSA token generatorsDo find the detailed steps for Google Accounts.

Apple has introduced this option for the iCloud users as well. In order to set up the two-factor authentication on Apple’s cloud storage service, users must login to the Apple ID account, click on “Password and Security” and find “Two-step verification.” Once activated, a unique four-digit verification code is sent to the registered mobile number via SMS or Find My iPhone. The unique code will be asked every time there is suspicious account activity, like login from an unfamiliar device. This way, unauthorized access to the accounts can be blocked.

Facebook calls it code generator; Once you login, you can then get to the security settings and enable this feature. As a review, you can also check on the logic notifications, and trusted browsers to verify if those are the machines/connections you used in the past.

Read these official notes from LinkedIn and Twitter for detailed steps. Enabling an OTP before making a fund-transfer or payment is considered safe in online banking; Most of the banks do this by default now.

4. Email Attacks:

  • Phishing scams – Do not click on links in suspicious email messages, and never provide personal information on any websites. Think before you click or download anything. Some deals may be too good to be true; for eg: A free Airline ticket or a 100,000,000 GBP lottery price.
  • Manage your subscriptions; clicking on the ‘Unsubscribe” option in the spam mail is usually a bad idea. As most email providers these days do not send back “read-receipts”, hackers/spammers send you email from mailing list and wait for you to unsubscribe to confirm that its an email id “in use”. It’s best to just mark them as spam and leave it. You can also create some smart filters which moves emails like these straight to archives or deleted items.
  • Always have a secondary email configured for password-reset instructions. Preferably, a secret email address which you haven’t shared in public forums.
  • For a password reset request, choose security questions and answers that cannot be easily guessed by someone else. For eg: Do not choose a question like, what is your favorite color? and even if you end up choosing this question, Answer does not need to be black or blue always. You can even answer as weird as a cow or an elephant. But yea, do remember what you enter.

5. Keep your browser and other apps up-to-date.

  • Generally companies like Adobe, Microsoft, Google, Apple and few others release software updates and hotfixes and make it available to the end-users for download. These may not be just for new features but also to fix newly identified vulnerabilities with the software. Always make a point to run an up-to-date browser. Ensure your Java and Flash Player are updated to the latest available versions. Likewise, do not ignore OTA (On the Air) software updates on your smart-phone as well. Do update them.
  • As much as possible, do not auto-save your passwords on your browsers.
  • I personally do not recommend a password saving programs as well. However, if you still want to try these softwares, 1password can be a good option. 
  • If you are installing any 3rd party applications to access Facebook or Emails, understand the level of access these applications have on your phones. Well, Mobile and Cloud Security are totally new areas, let us look at them later.
  • When using a public computer, always sign out when your session is complete to prevent other people from accessing your account.
  • Use incognito / Private Browser window while accessing your bank accounts.

Summary:

Your online experience totally depends on how secure your accounts are. For many of us, businesses run on Internet and compromising them will result in a huge impact. Hopefully, this article has helped you with some inputs. Always remember to report when your account is hacked; not just to your friends but most importantly to your service providers like Google, Facebook, Banks etc. They can further block your account before it can be accessed by anyone else. Of Course, the most obvious thing remains, Do not share your password with anyone..!

Categories
General Microsoft

Meet with Microsoft Applications Practice Team – Internet Explorer 9 Platform Preview 4

Last week, i got an invite to attend a technical briefing up on the Internet Explorer 9 at the local Microsoft Office. When I went there, I saw Harish and Sandeep ready with their slide-decks and demos. After a round of our introductions, the Tech briefing started. The discussion was primarily around the Performance improvements, HTML5 significance, Integrated SVG, WOFF (Open Font Format) and the Hardware Acceleration of the latest version of the Internet Explorer browser.

The Fourth Platform Preview moves the new JavaScript engine, codenamed Chakra, inside IE9 and brings them together into one single, integrated system. Through this deep integration, the performance of real world websites significantly improves, and IE9 becomes the first browser to have a shared DOM between the browser and the script engine based on ECMAScript5. The benefits are both in performance and consistency.

Chakra is the new JScript engine developed by Microsoft for their upcoming Internet Explorer 9 (IE9) web browser. A distinctive feature of the engine is that it compiles scripts on a separate CPU core, parallel to the web browser.

The New JScript Engine - Chakra

The performance benefits of hardware accelerated HTML5 are clear from running different sample sites side by side in IE9 and other browsers. Browsers that implement partial hardware acceleration – for example, text-only, or video-playback only, or image-only acceleration – offer inconsistent and possibly unpredictable platform experiences to developers and end-users. IE9 offers consistent, fully hardware-accelerated text, graphics, and media, both audio and video.

The IE9 Platform Preview 4 also introduces a highly-interactive and integrated SVG. Typically, developers think of SVG as the graphics format for static engineering diagrams and images. With HTML5 and hardware acceleration, SVG is an excellent choice for a new class of interactive, animated scenarios.

If you have not yet tried the Internet Explorer Platform Preview 4 and its demos., do give it a shot here – http://ie.microsoft.com/testdrive/

Few Feedbacks and Questions Raised during the Discussion:

  • When can we expect the Download Manager in the Internet Explorer Browser?No information as of now, as it was more a developer overview. We can expect some news on the User Experience features on Sep 15 (beta launch).
  • Cross Platform – Availability – No plans to make IE browser available for other platforms like Linux and Mac.
  • The Internet Explorer 8.0 Task bar Launch Issue- Scenario: Trigger a download and  close all the IE browser windows, excluding the file Download one. Now when you click on the quick launch button in the task bar, the browser doesn’t launch. You will need to right-click and open a new instance. – Feedback will be sent to the Development Team.
  • Security Enhancements – The In-private browsing experience would be much better and secure. No Concrete words from them.
  • Sand boxing Technique and Tabs, how Process Kill would be handled – The IE Browsing tabs would be more robust, but nothing clear with multiple tabs as of now; because the Platform Preview is just a frame.
  • Significance of the new UA String – Changed with the new version. Read more
  • Extensibility – Would be more developer friendly in coming days.
  • Can we expect the browser to give the same experience on Both PC and Windows Phone? – In the initial releases of Windows Phone.. No! But in the future, Yes. (Thoughts are that, the Windows Phone 7 will run with the IE6 Browser)
  • Extensions and Add-Ons – One of the biggest areas where other browsers is beating IE is with the add-on/extension support and development. There isn’t anything significant from Internet Explorer other than the 3-4 most used Add-Ons. This phase needs to be changed, to make the browser more geeky and user friendly!
  • Strategy for Pushing Internet Explorer 9 in the Market – The initial release will target the consumers; Moving forward the concentration would be to get onto Enterprises and see how it can be used in a corporate environment.

If you have any more questions / Comments to the Internet Explorer Team, do write in the comments here. I shall forward the same to them!

An Event would be conducted on September 15th at San Fransisco where the first public beta of Internet Explorer 9 will be demo’ed and made available. Lets wait for Sept 15th, to know what’s more in Store!

Update: 8th September 2010 – Sandeep Alur did try out some of the tests of the IE9 demos on latest browsers and here are his findings – “FF has improved drastically from the previous versions, but IE 9 still leads the race. Another important element to note is of the fish movements. IE9 is still smooth, while FF has a little bit of a drag. Chrome is lagging big time with massive CPU usage as indicated in the visuals.”

Fish Tank Demo in IE9
Fish Tank Demo in IE9
Fish Tank Demo in Chrome 6
Fish Tank Demo in Chrome 6
Fish Tank Demo in FireFox4
Fish Tank Demo in FireFox4

You would also be interested in reading –

Categories
General

Fix Commonly faced issues with Reliance NetConnect

Reliance Communication today released a trouble shooting guide to fix commonly faced issues with the NetConnect internet device.

NetConnect claims to be the India’s fastest wireless internet with upto 3.1Mbps in Reliance Broadband + Network optimized for running rich media / heavy applications such as video conferencing, video streaming, electronic surveillance, online multiplayer gaming and heavy file transfers.

You can download this Guide here (.xls Spread Sheet format)

This Trouble Shooting Guide covers information on how to fix Connection Errors, Frequent disconnection, Site opening problem, Poor Speed and Installation Error.

Courtesy: Reliance Communications

Categories
General IT News, Tech Information and Analysis

Tata DOCOMO BuddyNet- Unlimited Browsing & chatting on 5 Social Networks

In keeping up their promise to ‘DO the New’, The Docomo team are pleased to introduce a unique feature on the BuddyNet platform which will enable subscribers to get FREE access to Twitter, facebook, Orkut, LinkedIn and all Instant Messengers (through Nimbuzz). No Data charges, No GPRS Packs needed.

TATA DocomoHaving received an enthusiastic response to India’s first mobile community product, BuddyNet, Tata DOCOMO has introduced a unique feature which will enable its BuddyNet subscribers to browse and chat across 5 social networking sites namely Facebook, Twitter, Orkut, Linkedin and Nimbuzz (MSN, Yahoo, Gtalk and more) for free.

Tata DOCOMO will now empower its BuddyNet members with the ability to stay in touch with their buddies anytime, anywhere. Tata DOCOMO BuddyNet members can browse through these five social networking sites without having to pay any browsing charge thus enabling them to share posts, information and chat absolutely free of charge. The free browsing is available on both Tata DOCOMO Dive- in and Tata DOCOMO ‘INTERNET’ APN’s.

For more information on the new features of Tata DOCOMO BuddyNet visit: www.tatadocomo.com/buddynet.aspx

Tata DOCOMO is continuing its journey in making the world of friendship come alive in the mobile phone arena.  They have extended a host of unique features on their BuddyNet Platform which also gives its BuddyNet members the opportunity to share talktime and gift a recharge to any other Tata DOCOMO Prepay user.

Tata DOCOMO has stated that these innovative features are just the beginning of a long and exciting series of offerings for buddies on Tata DOCOMO BuddyNet and will help extend online communities onto the mobile platform!

Disclaimer: This article is just a public information post, and not a review on this product! Please contact TATA Docomo if you have any issues/concerns with this feature!