Securely manage your passwords with LastPass or KeePass

A quick little post today to let you all know about a great service I’ve been using the past few weeks. We all have so many online accounts these days. Social media, online banking, forums, multimedia sites, productivity sites – and most people don’t think enough about the the security implications involved.
I know so many people who use the same password for all their online accounts. Stupid. Very very stupid. Earlier this year Twitter sent emails to a number of users advising them to change their password after ‘suspicious activity’ was detected. Turns out, it was a phishing scam that used a backdoor in free bittorent/forums software that a hacker exploited to gain the usernames, passwords and email addresses of potentially thousands of people. When I ran an online gaming site, one of the off-the-shelf gaming ladder systems we used stored users passwords unencrypted, plain text. That made it real easy for me, as an administrator, to fix users’ account problems, but it was a glaring, and unnecessary risk. Late last year, popular Facebook application developer RockYou (which made Super Wall and Birthday Cards, among others) had their servers hacked and thieves stole 32 million usernames and passwords. If your Facebook password is the same for your email or bank account, you’re giving those thieves access to a lot of damaging information. And there’s huge corporate implications here too – if you use your Facebook password for your work network or corporate email, you could be jeopardising sensitive business information. Every site you use should have its own, unique password.

And those passwords should be long, complicated and unpredictable. Online security company Imperva analysed the passwords stolen in the RockYou attack and reported that ‘nearly 50% of users used names, slang words, dictionary words or trivial passwords … The most common password is “123456”’. In fact, the detailed report lists the most common passwords and reveals that many passwords are so short and simple they would be easy for a “brute force attack” to crack them. Fortunately, Angus Kidman over at Lifehacker has produced a really handy guide to choosing passwords that are unique to each site, yet still easy to remember. That’s the system I use. However, if you’re really really worried about your passwords, security expert Steve Gibson has developed the Perfect Passwords page, which generates completely random 64-character strings every time it is refreshed.
KeePass Main

But right there is the problem – how are you going to remember 64 different characters, for every single site you use? Obviously, you can’t do it just by memory. One popular way is with the free, open-source and program KeePass. KeePass stores your passwords in a very secure encrypted file, which you can access and decrypt with your (strong, right?) master password. This is perfect for your home computer, and it’s completely portable (doesn’t even need to be installed, and can be run straight from a USB drive) so you can take your passwords with you. It is something of a hassle, though, to have to copy and paste your passwords from KeePass – but that’s where KeeFox comes in. KeeFox is a FireFox extension that integrates your KeePass database. It’s still new and needs some refining, but it does the job and will improve with time. But obviously it’s limited to Firefox – if you’re using Chrome, Opera or Safari (we’re talking security, so you’re obviously not using Internet Explorer, right?) you’ll have to copy and paste from KeePass.
LastPass integrates with your browserFor the last few weeks I’ve been trying another method which solves that problem, and integrates nicely into all browsers on all platforms (and, for a small fee, even mobile devices). Lastpass is essentially an online KeePass. Your passwords (and notes and other sensitive data) are stored in your “Vault” online, accessible only with your master password. Connections between your computer and their server are secure and they only store your password in encrypted form – the decrypting happens on your computer, in your browser. You install the LastPass extension for your browser – Firefox, Chrome, Safari, Opera doesn’t matter, they’re all supported – and it can import and then delete passwords in your browser. Passwords stored in your browser are almost always in plain text, and therefore anyone with access to your computer can see them. After that, whenever you go to a website and log in, you can set LastPass to automatically log you in, or you can choose which username you want to log in to if you have multiple accounts for that site. Speaking of multiple accounts, you can have several with LastPass as well – so your spouse can log in to all his/her sites but not yours, if you wish. There’s a version designed for Firefox Portable, so you can load it on a USB drive and take it with you as well.

Both Keepass and LastPass are excellent password managers that I willingly recommend you check out. For me, I prefer LastPass for a number of reasons. Firstly, being online my passwords are available whether I’m at work, home or on the laptop. With KeePass, I’d have to sync my database file on all machines whenever I changed a password or signed up for a new site. Since I use Chrome on most of my machines, I can’t use the Firefox extension KeeFox but LastPass is available for all browsers I use. It’s also quicker and easier than KeePass because it can automatically log me in to my favorite sites. But KeePass is open-source, has a huge community behind it and has a proven track-record, so you may find it suits your needs just fine. Remember also, with LastPass you’re putting your trust in a third party and whilst they can’t see your passwords, if their servers go down you won’t be able to connect to anything. And if you’re without an internet connection, your saved notes won’t be available. The good news is, there’s no reason why you can’t run both, and keep your secure notes available offline.

KeyPass can be downloaded here, and LastPass can be found here.

How do you keep your passwords secure? Have you tried LastPass or KeyPass? Or have you ever had your account hacked as a result of phishing or an insecure password? Let us know!

Google Buzz: Gettin’ Buzzy Wit It

With the recent launch of Google Buzz, I’ve been toying with it a bit when I’ve got the time. It’s different, definitely not what I was expected, but I think I kinda like it.
It’s a little bit Twitter, a little bit Facebook, a little bit FriendFeed. I used to look at Facebook as my semi-private “Internet Face” – my online profile if you will. But it was mostly private and closed in, and limited in terms of integrating external sites etc. Buzz does much the same thing but it’s a “Public Internet Face”. You can see what other people are doing, and than can see what you’re doing. Which is not to say you can’t keep things private – with everything you post you can choose to make public, or only visible to selected groups or individuals. It’s much more customizable than Facebook in that regard. And in terms of aggregating your online life, it so far does an excellent job.

Despite the over 9 million posts and comments (200 posts per minute from mobile phones), it’s still very early days. But just as Gmail was a slow start, Buzz looks like it could develop into quite a powerful tool. I’ll have to play around with it a lot more to truly get my thoughts on it, and I’ll post again soon when I’ve made my mind up.

In the meantime, check out the References for this post for a number of links with more information, and some interesting thoughts about Buzz and where it’s headed. Also check out my Google Profile – be my fwend?

Here are some initial things I don’t like, though, which should be addressed.

  1. Facebook integration. All it really needs to do is post buzzes to Facebook, but so far there’s no connection at all between the two. And that’ll be hard for Google – given Facebook has just recently said it intends to launch an online email service in direct competition with Gmail.
  2. For the love of god, please let me collapse buzzes. And comments should be hidden to begin with – if I want to read comments I’ll click the link, like in Facebook.
  3. Give us the option, if we wish, to keep things in chronological order. At the moment, when someone comments on another buzz, that buzz gets dragged back to the top of the page.
  4. Flesh out the Google Profile a little, yeah? Give people more prompters and ideas for what to put on the About Me page.

But what I do love, is how the mobile version is truly social. I just had a look at Buzz through the Maps app on my phone, and I can see where people have posted their buzzes – a few scattered around me, increasing a lot the closer you get to the city. This has huge potential. The other day when we got Melbourne’s Wild storms, it seemed everyone at work was glued to a radio giving me constant updates on where it was. “The rain’s hit Sunbury! 30 billion millimeters!” they’d scream, thinking I cared. Now, we don’t need to suffer through talkback radio – imagine searching for “rain” on Buzz, and limiting it to a 20 km radius in the last 10 minutes. You’d see the little speech bubbles popping up around you and you know where it is. I’m sure that could be useful, or more to the point a useful use could be made of that feature. (Note: search isn’t – to my knowledge – available like that yet. But I’m sure it will be eventually, it’s the sort of innovation Google’s famous for).

Anyone else using Buzz? What’s your profile page, and what do you think of it? Are you fed up with social media yet?

What I love, though, is how the mobile version is truly social. I just had a look at Buzz through the Maps app on my phone, and I can see where people have posted their buzzes – a few scattered around me, increasing a lot the closer you get to the city. This has huge potential. The other day when we got Melbourne’s Wild storms, it seemed everyone at work was glued to a radio giving me constant updates on where it was. “The rain’s hit Sunbury! 30 billion millimeters!” they’d scream, thinking I cared. Now, we don’t need to suffer through talkback radio – imagine searching for “rain” on Buzz, and limiting it to a 20 km radius in the last 10 minutes. You’d see the little speech bubbles popping up around you and you know where it is. I’m sure that could be useful, or more to the point a useful use could be made of that feature. (Note: search isn’t – to my knowledge – available like that yet. But I’m sure it will be eventually, it’s the sort of innovation Google’s famous for).

The iPad Part 3 – The Competition

Having looked at the good things and the bad things about the iPad, I’m now going to look at the market as a whole and see where the threats are going to come from. One of the best things about the iPad is that it got out there first. And while there are plenty of Tablet computers on the market or on the way, only the iPad is really finger-friendy, light and portable while still being reasonably functional. And at the moment, there really isn’t anything that competes with the iPad.

You have to remember, too, that this is a new market – it’s not the established tablet market, because the iPad can’t compete on features. Again, it’s an appliance – a media consumption device. A glorified e-reader.

Kindle
So let’s compare it with the dominant King of e-readers, the Amazon Kindle. In it’s own right, it’s a fantastic device. The impressive e-ink screen mimics an actual book and has no backlight, so it’s very easy to read and doesn’t hurt the eyes. But it’s even more limited than the iPad – it can’t run apps, it can’t play movies or music. It’s just a black and white book/newspaper reader. That will change though – we already know Amazon is looking to implement apps capability for the Kindle, but even then it is starting from scratch. The iPad appstore has over 134,000 apps (80,000 of which are fart apps and Duke Nukem soundboards). Colour e-ink has been developed in working prototypes, so a Colour Kindle won’t be far away. Amazon will have to dramatically slash its price, though, given how severely limited it is compared to the very cheap iPad. The key strength of the Kindle is that it’s backed up by Amazon’s massive library of over 400,000 ebooks – but since the iPad can read Kindle books anyway, that advantage is gone. And while the iPad is ridiculously ugly, theKindle is oh so much worse.

Windows
Microsoft is touting it’s Windows 7 operating system as beingoptimised for tablets, and while the interface on Windows 7 is finger-friendly, many of the applications you use on a daily basis aren’t. Things like web browsers and email clients all have small menus rather than big, finger-sized buttons. And because most Win7 tablets are more like stripped-down laptops, with all the hardware you’d expect like cameras, wired ethernet, and an array of usb/video/networking ports they tend to be heavy and expensive. The big advantage they do have, however, is stylus support and handwriting recognition. It remains to be seen if the iPad has a sensitive enough screen to be used for writing or drawing.
The most hyped up Windows tablet coming out this year is probablythe HP Slate. Details are sketchy, but it’s believed to be have a 10” multi-touch LCD screen, a 1.8GHz processor (compared to the iPad’s 1GHz), and that’s about all we know. It’s due for release “Sometime in 2010”, and has a stupidly massive frame.
And then there’s smaller, almost unheard of companies like ExoPC and Archos who are have released or are planning to release mini-tablets, like iPads but with all the features of Win7.

Android
The real competition for the iPod is from a tiny, little-known Californian company called Google. As proven by the Google Nexus, Motorola Droid and upcoming HTC Bravo, Google’s Android operating system is an impressive rival to Apple’s iPhoneOS. While it hasn’t got the quantity of available apps – only 24,800 – almost all the top-used iPhone apps are available on Android. The only thing I wish my Nexus could do is listen to Audible books, which is likely to be supported early this year. Google is the only company with the resources, finesse and reputation to make a product that can take on the iLove that Apple has. Google is massive, it’s everywhere and for the most part, everyone loves it. And we love Google not because of its marketing efforts – Apple reigns the marketing world – but because of its simple, open, friendly deliver-what-the-user-wants philosophy.
Android’s a great platform for tablet-style devices because, like the iPhoneOS, it’s designed with fingers in mind. Unlike Windows Mobile, it doesn’t require a stylus for using tiny menus and buttons. Unlike Windows 7, it’s not bloated and resource-intensive (despite Win7’s huge advances in those areas over previous versoins). And most importantly, apps developed for Android share its finger-friendly interface.

There are no tablets running Android yet, but a lot are being developed. Perhaps the big weakness with Google’s open philosophy is that too often the hardware companies will let them down. For example, HP is making a version of the Slate for Android – but they’re building a keyboard onto it. That’s not a tablet, HP, that’s a netbook. However companies like Acer, Asus, HTC and Dell have some very worthy looking devices, most tipped for release this year. They range from stupidly small (the Dell Mini 5 has a 5” screen, half that of the iPad and only 1.3” bigger than my phone) to the same as the iPad (10”). Perhaps the most highly anticipated will be from MSI, with a much more powerful processor and graphics capabilities than the iPad for a similar price.

What I’d love to see, though, is Google teaming up with Amazon to create a colour Kindle-style device based on Android. The device would be able to play video, multi-task, have a camera and integrate with Amazon’s ebook store.

It will be interesting to see how the future plays out with Apple and Google, I think these two companies will revolutionise how we interact with information and the world around us. Tech site Gizmodo recently did a comparison of the Apple, Google, Microsoft and Yahoo empires, illustrating how many markets those companies are in competition with each other. Both Apple and Google are innovative, have good brand recognition and have products that are ubiquitous and high
quality.

Will I buy an iPad?
No. I’m a gadget freak, a geek, a nerd but most importantly I’m a tinkerer. I like going outside the mainstream and pushing the boundaries. Apple won’t let me do that. I completely agree with tech personality and Google FanGirlGina Trapani who said “iPhone’s for Sheep; Android’s for Geeks”.
When iPhoneOS is available on hardware made by other manufacturers, allows multitasking and allows me to get apps that Apple hasn’t approved, then I’ll consider it.
But I can can see why other people will buy it. And I’m glad Apple’s bringing portable, flat, paper-like devices a step closer. In fact, that’s why I want the iPad to sell really well. If the iPad takes off, and all the other companies start thinking “Wow, we need to get in on that action” – the technology will advance dramatically, the price will drop, and we’ll start seeing some really cool stuff.

The iPad Part 2 – The Bad

Having given a quick summary of  what I like about the iPad, now it’s time to talk about what I’m not too thrilled about. And with such an over-hyped product, there’s no shortage of “faults” and weaknesses. But I will point out, that the vast majority of things I don’t like about the iPad are geeky, nerdy things. Things that won’t bother your everyday Joe Blow, and things that iFanboys will hate me for saying.

Control
The first, of course is obvious: It’s Apple. I don’t say that to be a hater – I have a lot of respect for much of what Apple has done over the years. It’s innovative “dumb it down” approach has brought smartphones, laptops and mp3 players to the masses and that’s a good thing. Unfortunately though, only one Apple product really offers anything to geeks, and that’s Mac OSX. And even that’s because it’s based on a free, open-source operating system (linux) that Apple charges a shiteload for. You see, the problem with the iPod, iPhone and iPad is control: in using those devices you surrender all control over what you do on them to Apple. And as long as you’re doing basic, simple things, that’s great. But try using a different web browser on your iPhone. You can’t. Because any third-party web browser gets rejected from the Appstore because it “duplicates the functions of the iPhone itself”. And we all know what happens when you force people to use your web browser until it’s everywhere. So, can’t use a more powerful email client, can’t use a different SMS style, can’t use Google Voice or another voicemail system. You also can’t tether it to your computer (tethering is when you connect by bluetooth or usb to your phone and use it as a modem, for example if your home internet cuts out or you’re on the road). There is no sensible reason for this. Being able to use Opera Mobile on an iPhone wouldn’t worsen the iPhone’s sales, it’d boost them. Running Firefox on the iPad won’t make the iPad less secure, it’ll strengthen security. But Apple needs everything you do on your device to be approved by Steve Jobs, so bad luck.

Flash
A follow on from the control issues is a key feature of the web: flash. “A revolutionary device for browsing the web”, says the iPad press release. As the good folks at Adobe (who make Flash) have pointed out,not exactly. The vast majority of the internet uses flash – whether for streaming video, fancy menus, advertising or online games. But iPods, iPhones, iPads – none of them can run Flash. Not because of Adobe – Adobe WANT their product on all mobile devices, iPads included. Adobe have been trying to get Apple to include Flash support for years, but Apple refuses to. And they haven’t given an explanation either. Some say flash is unstable, buggy, crashes too often – well, I’ve never had a website crash, from Flash or anything else. Some say that mobile devices aren’t powerful enough for flash – which is bollocks. Flash works great on the Nexus One, as proven in this video, and the Nexus has the same processing power as the iPad. It’s true that a lot of Flash will, in many ways, be replaced by HTML5 – an open, standardised Rich Media format.
I will concede that this could also be a good thing – part of the reason HTML5 hasn’t been widely adopted (apart from the fact that it’s still being developed, but parts are in final beta) is because web developers haven’t known there’s a need for it. If you’re a web developer making games playable on the web, you don’t care that iPhone users can’t play them. If people want to play games on an iPhone, there’s thousands of downloadable apps for that, and if you want them to play your game you can write it for iPhone. But on a desktop, you can play fllash games. On a tablet, you’d want to be able to play them. So there’s now a NEED for web developers to factor that in, and move on to HTML5. Again, though, it’s Apple trying to control how the internet works, and how we surf the net – which is only a good thing until they do something bad.

Multitasking
It’s not a phone – so why can you only do one thing at a time! It’s got more speed and power an old laptop, but it can only run one program at a time. I can’t browse the net and have a twitter app open at the same time? I can’t write an email while running a chat client? It makes sense (I suppose) to limit multitasking on a tiny phone, but on the iPad it’s a glaring shortcoming. Multitasking is a natural way of doing things – we humans are always multitasking, we shouldn’t be restricted on a lifestyle device like the iPad.

Camera
Wouldn’t it be great if you could go on holiday for a few days, leave the laptop/netbook at home, and in the hotel room fire up Skype and see your brother and new baby niece in video chat? But the iPad has no camera, either front facing or on the back. Sure, it has a retarded port that you can plug accessories in (once they’ve been developed, of course), but that’s an extra thing to pack which defeats the purpose in the first place!

No USB port
As usual, Apple is trying to force us to use their proprietary connector for everything – instead of using an industry standard like micro-usb for example. This means that your existing webcam, USB speakers, external hard drive, printer, or keyboard won’t plug in. Oh sure, you can plug Apple’s adaptor in, and then plug things into that – MAYBE – but again that’s more crap to lug around with it, and it’s inconvenient and ugly.
Speaking of ugly…

It’s Ugly
Seriously, we’re used to stylish, glamorous products form Apple. This looks like an uglydigital photoframe. Look at the massive frame around the screen:

That massive frame around it looks horrid, in my opinion. The screen SHOULD go right up to a few millimeters of the edge of the device.

It’s not a lot of things – and nor should it be
It’s easy to compare the iPad to a desktop computer or a laptop and say “Well it sucks, because it hasn’t go this, that or the other thing”. Seriously, it’s damn easy – look I just did it up above. But that’s not what the iPad’s about. As I said in part 1, the iPad is an appliance. It’s not a laptop, it’s definitely not a desktop. It’s an appliance – a digital toaster, if I can invoke Battlestar slang. Journalists won’t be writing articles on this, authors won’t write books on it. You won’t make videos – apart from simple Youtube style vids – and you won’t use the iPad to do graphic design. This is not a replacement for any device you use now – except possibly a netbook, but even then probably not. This is for Mums and Dads, to leave on the coffee table. And for an hour or two on a weekend, Dad will read a book or Mum will flick through a magazine. Or while they’re watching TV, they’ll think of something to look at on the net, pick it up and while watching tv they’ll surf the net. And of course there’s Home Shopping at 3am when you see that  practical weight loss device you can just pick up your iPad, go to the website and order it. Order one for your wife, too, if you think she needs help. You’ll go interstate for a work function, and you won’t need to lug a huge laptop around. You’ll take your iPad to stay in touch with your office, your family. You’ll watch a few videos and catch up on the latest episode of Survivor 53: Adelaide.
And that’s also why I come back to my point about this being a stepping stone device. It’s the first model, first generation – the  initial iPod was unbelievably limited. Future versions WILL have multi-tasking (even if that’s just cos this is likely to be Steve Jobs’ swansong). They WILL have cameras, and standard ports, and they’ll get really cheap until they’re as ubiquitous as the iPhone. They will always be under Apple’s dictatorial thumb, because Apple is a conventional corporation, but other companies will step up on more open platforms.

More to come: in Part 3 I look at the competition for the iPad, and the future for tablet devices.

The iPad Part 1 – The Good

It’s hard to be a geek and not feel compelled to talk about the iPad. Steve Job’s latest creation Apple Computer’s latest creation, a very big iPod, was announced on Thursday after months of hype and media speculation. The build up to this was incredible – as much driven by fanatical Apple-lovers as by marketing. And the rumours about this device have been about  for nearly ten years.

There’s been plenty said about the iPad, but these are some of my favorites:

“Wouldn’t it be good if Apple could shrink this down in size to fit in your pocket?”

“Did you ever wish your iPhone was bigger and didn’t make phone calls? Then this is for you!”

“Yo mama so fat, she uses an iPad as an iPod.”(That one has a little sister: “Yo mama is so fat; she can fit an iPad in her pocket.”)

And of course, the  UnNews page is brilliant: “Apple Chief Executive Steve Jobs put an end to weeks of speculation by unveiling Apple’s latest technological masterpiece – an extra-large iPhone designed specifically for giants, trolls and other large humanoid creatures.”

So, here’s my thoughts:

The Name.
iPad. Seriously. C’mon. That’s the BEST you could come up with? You didn’t have any women on the “Name deciding” team, did you, Steve? Surely the first thing you did, having decided on “iPad” was to Google Bing it? Didn’t you see that  MadTV sketch from 2007?

Within hours, Twitter was full of jokes poking fun at the name, with iTampon going straight to the  number 2 trending topic worldwide. Of course the  Uncyclopedia jumped in on the act, as did  just about  everyone  with a  copy of  Photoshop.

Am I the only one who thinks the “i” prefix is so 2003? iPod, iPhone, iBook, iMac, iTunes, iLife, iWork, iDVD, iPhoto, iMovie, iChat, iTheater, iStumbler, iCal, iSync, iArchiver, iCab, iWeb, iCan’tBelieveIt’sNotButter…. move on. Find a new theme. Stop tying yourself to one moment in October, 2001 when you started to make sales.

But despite all that criticism, I don’t actually have a better alternative.

The Good.

The really really really really awesome thing about what Apple’s done? They’ve gotten the ball rolling for other tablet manufacturers to lift their game. Futurists, sci-fi writers and geeks have  for long time envisioned a world where flat, paper-like devices are  as common as, well, paper. And the touch concepts that have been recently introduced to mobile phones and now the iPad are an early stepping-stone to that. While the iPad uses a conventional LCD display, new devices (like my Google Nexus One) use OLED screens which, as  this preview from Sony shows, are unbelievably thin and bendable.
So the technology is there, has been around for a while but nobody’s really come along and made it marketable. Nobody’s made it cool for non-geeks. And that’s what Apple does best – simplify, and dumb-down computers for the masses.

It will sell. It will sell LOTS. It will mainly sell to Apple’s core market – iFanboys. The people who buy iPhones because they’re made by Apple and so they have to have one (see MacBook Wheel). Popular gadget site  gdgt.com already has three thousand users who have marked it “Want”.

But it will also sell reasonably well to everyday ordinary people, who want to read ebooks or watch Lost on train to work, or in bed. It will sell very well.

It’s cheap. Surprisingly cheap. Un-Applelike cheap. The basic version, without mobile internet (just your home/work wifi) starts at USD$499 – so about AUD$600. By comparison the Amazon Kindle (black and white, just a book reader with no apps) costs only AUD$300.

It won’t sell as much as the iPhone. You NEED a phone. You WANT an ebook reader. You NEED to be able to listen to music, you WANT to surf the net on the toilet. Because the iPad isn’t a tablet pc. It’s not a computer. It’s not must-have gadget: it’s a big iPod. It’s an appliance. It’s something
you buy as a handy way to do a few simple things. It does not replace any existing device you have now, except possibly a netbook.

At the moment.

In five years time, it will though. Because in five years time, it will be bigger, lighter, thinner and most importantly: do most of the major things it currently can’t do.

More to come later: in part 2 I take a look at what’s not so good about the iPad.