Security 101: 1.2 Billion Passwords Hacked and YOU

10590485_1544622415761388_2121292101621360298_nFirst, the story. From USA Today.

I asked a friend who does computer security, what to do about passwords. Here’s a small primer. He wrote up his suggestions for the layman here.

1. If you have a password that’s under 12 characters long, it’s too easy to crack. Change it.
I’ve had a few computers come to me, at work, where I need to find out what the password actually was. Resetting the local administrator password on Mac/Windows/Linux is ludicrously easy. Finding out what the password is can be more difficult. I use software that uses something called a “Rainbow Table” to crack these passwords. Short passwords are recovered in a few minutes.

2. Don’t use the same password for “social” websites that you use for your bank or other financial institution.
If I’ve successfully cracked the Woodwind Forum’s password tables, the first thing I’d do is take that e-mail address and password and try it at a credit card company. Don’t use your work password at home (or vice-versa), either.

3. Use a password keeper and use that to generate your passwords.
At Gandalfe’s suggestion, I started testing a program called LastPass about two years ago. Since then, I’ve seen other techs in my company use it and I’m really quite happy with how it works. It’s not perfect — it doesn’t like entering the proper username and password on some websites — but it’s recommended. I just wish it’d work on everything, not just websites.

4. Remember that your e-mail account is where you recover passwords. Reset these passwords monthly.
Almost every website I enter a password into has a way to reset your password: they e-mail you at the address you signed up with.

5. For my sake, practice safe browsing.
I typically deal with malware and viruses where I work. An overwhelming majority of these problems come from people going to websites they shouldn’t or clicking on links in e-mails that they shouldn’t. Especially don’t go to someplace other than the manufacturer to download software. If you need Adobe Flash Player or an update, go to www.adobe.com, not www.peteshouseofmalware.com. There are fake installers out there for just about every one of those little plug-in programs.

6. Install some good antimalware and antivirus software and use it.
The best Windows products out there are free for personal use: Microsoft’s Security Essentials and Malwarebytes’ Anti-Malware. For Mac, Sophos is very good and also free for home use. I no longer tell folks that if they have a Mac, they’re probably fine. Get Sophos. Really. And do quick scans with all this stuff at least weekly and full scans monthly.

7 Don’t be stupid.
I’ve come across lots of users that have a document on their computer called something like, “My secret list of passwords,” and that document isn’t even encrypted — not that it wouldn’t be easy to crack (see above).

Posted in Computers and Internet, FAQ, Guides, Security | Tagged | Leave a comment

39th Wedding Anniversary

marriage

Now retired, this is our first wedding anniversary in that state. So many years of love and companionship, how do we celebrate? Well for us, we celebrate with good morning kisses, walks with the dawg, picking a movie to see together and a nice dinner out on the town. How lucky are we?

Posted in Holiday, My World | Tagged | Leave a comment

The Java Key

I have measured out my life with coffee spoons. ~ T. S. Eliot

Coffee_Keyboard

We want to do a lot of stuff; we’re not in great shape. We didn’t get a good night’s sleep. We’re a little depressed. Coffee solves all these problems in one delightful little cup. ~ Jerry Seinfeld

Posted in Coffee, Quote | Tagged | Leave a comment

When Microsoft Lays You Off ~ Tips from Someone who has been There.

10403668_516106198490681_6419961896243906111_nFor those of you who live in a cave, let me catch you up. Microsoft gave 12,500 employees walking papers last week. Note, Microsoft conducts these Reduction In Force (RIF) exercises every 3 to 5 years. This current RIF is the largest in the history of the company.

Microsoft’s Stephen Elop provided us with his “moving forward” email to the troops. This letter is not a secret–it is posted on Microsoft’s own site:  http://www.microsoft.com/en-us/news/press/2014/jul14/07-17announcement2.aspx

Full disclosure, I worked at Microsoft as a contractor and then FTE for 19 years, 8 months. Let’s just call in 20 years. Then I was laid off along with 20 or more people from my product group. Don’t worry about me, I got snatched up by Amazon within a month of my leaving MS. And I got a nice severance package as long as I signed a contract saying I would never reveal the particulars of my severance. But I lost all my unvested stock which was a really big chunk of value.

Now less than a week later I find that six of my friends, all senior people in the company, have been cut. 5 of the 6 are over 50 years of age. All six are just short of 15 years with Microsoft. Ever single one of them will look for work because they are not ready to retire. One could retire, but he would rather work than eat—he is just that kind of guy.

In my case, my wife was incredibly supportive, still working herself, and my layoff gave us a reason to downsize our lifestyle. We canceled the cruise we’d been saving up and planning for three years. We sold our McMansion and moved into a smaller house where we would not have a mortgage. (Suzy had been campaigning for years for this.) Now three years later, we are so much happier.

So here are my top three suggestions for my newly out-of-work friends. Ping me if you wanna have lunch, strategize, and/or work on your LinkedIn profile.

1. Don’t take it personally, it’s just business. Yes, they can hire 1.5 to 2 people for what you were being paid. That’s a very compelling impetus for a corporation that has stock holders. Fight the potential depression and destructive self guessing: I should have spent more time at my desk, I could have done better, or I was at that position too long, I should have seen it coming and moved before the shoe dropped.

2. Update your LinkedIn profile. Now. If you don’t have one, create one. Trust me, this is how you will get your next job. I blogged about this here: Post Your Resume on LinedIn. See my current profile for some examples: www.linkedin.com/in/jimglass/. My LinkedIn profile was the first thing the hiring manager looked at before he had HR call me for an interview.

3. Network. Yeah, you’ve heard it before. When I was looking for work I was dropping 10 to 20 resumes a week and not getting any response. By the third week I was feeling really depressed, I’d never been without work for this long since I was in high school! I was on Facebook, and actually felt guilty that I should be emailing more resumes when a friend from way back said she was looking for a writer.

I pinged her and said I was available and she said, “You are overqualified.” I said, so what? The next day Amazon HR called me. I got more action from my friend than I got from any other company, companies that are sifting through, in some cases, thousands of resumes for each position listing.

Most people don’t realize how valuable they are, their experience is. Don’t sell yourself short, if you worked at Microsoft for more than five years, you can work anywhere. Every time I moved from one job to another, everything got better: pay, people, challenge, and happiness. So get started on the top three things mentioned here, your friends are behind you all the way.

Picture credit Human Workplace on LinkedIn and Facebook.

Posted in Employment, Guides, LinkedIn, Microsoft | Tagged , , | 6 Comments

Superhero Muse du Jour

10419973_722778797785099_1278952245465997169_n  10501746_732347700161542_783593678335151188_n 

992926_493487334073009_1522237675_n  WonderWoman

Are there any other questions?”

I cleared my throat. “Yeah,” I replied, raising my voice. “Can I get paid for being the repeat victim in these practice runs? It’s not easy, you know, getting tied up or stuffed inside
something, while everyone figures out what catchphrases to use when destroying people.”
For a few seconds, Magnifiman was quiet. “Okay, are there any other questions?” he asked.

I sighed, my shoulders drooping. “I’ll have to take this up with my union,” I said. Of course, I just needed to form one.” ~ Hayden Thorne, Curse of Arachnaman

Posted in Art | Tagged , , , , | Leave a comment

Microsoft Live Spaces Saga Continues

wordpress-spacesThis blog started on a platform called Microsoft Live Spaces. Wikipedia sez,

“Windows Live Spaces was Microsoft’s blogging and social networking platform. The site was originally released in early 2004 as MSN Spaces to compete with other social networking sites, and re-launched in 2006 as a part of a shifting of community services away from the MSN brand. Windows Live Spaces received an estimated 27 million (27,000,000) unique visitors per month as of August 2007. Despite being considered a useful messaging and communication tool, Windows Live Spaces has been criticized as not being as powerful as some of its alternatives. It was shut down in 2011.” ~ Wikipedia

icon_photos_bigWindows Live Spaces censored the words that a user can choose when naming their Space, prohibiting for example the word whore or the so-called “seven dirty words”. In addition, Microsoft has received criticism for censoring the words “democracy” and “freedom” under its Chinese portal.

Forced to move to WordPress or lose my posts, I soon came to love the more feature laden, user friendly platform. This year, I have noticed that my original Microsoft Live Spaces post have lost all photos which renders them practically useless.

If you want me to recreate any of my oldest posts from that time period, ping me here and I will do the best that I can.

Posted in Blog, Microsoft | Tagged | Leave a comment

Professor Gadget Sax Quartet, take 2014

“Music is your own experience, your own thoughts, your wisdom. If you don’t live it, it won’t come out of your horn. They teach you there’s a boundary line to music. But, man, there’s no boundary line to art.” ~ Charlie Parker

Suzy and I were busy this weekend. First we have the normal family get-togethers and the weather was cooperating. Then there was my sax quartet gig at Ballard Locks. It was lightly raining part of the time but we had over 35 people listening to us. And many, many people come up and talk to us about playing in high school and loving the music. We even had two requests for a CD.

DSCF3124

We played soprillo, soprano, alto, tenor, and bari sax. We had charts from Paul Coats and Russell Peterson plus more. Very enjoyable and quite the challenge to work up with only 4 practices this year. 

Posted in Sax Quartet, Saxophone | Tagged | Leave a comment