Safer Internet Day: Passwords and Protection

Today is Safer Internet Day - an event organised by Insafe to help people, particularly young people, become and stay safe in today's interconnected society.

Instant interconnectivity can be daunting to the uninitiated. Within a few minutes, you can have Facebook and Myspace tied into lastfm, twitter, flickr, blogspot, stumbleupon, reddit and literally hundreds of other third party games, apps and sites, all of which come together to help us connect to more people, more quickly, more of the time … every connection you make increases the amount of people that can see information about you – information that could be used to target you. If you have up to date anti-virus software and a firewall it will help protect you against many software based threats, keyloggers, botnets and the like, but it can’t protect you from the malicious and hurtful people you meet on and off-line. Passwords are the key to your on-line life. One of the easiest ways to break into your computer system is to guess your password. Especially if that password is on a post-it note, stuck to the screen. With the word 'password' next to it in block capitals.

Is your Facebook password the same as your computer login? It's easier to remember that way isn't it? So now, because of that post-it, someone knows your personal email address, date of birth, where you went to school, where you work, where you live, who all your friends are, every club you've been to in the past 6 months (and on what dates), what car you drive, when you bought it and exactly what your next door neighbours cat had for breakfast. In isolation, none of this information would be particularly useful in the hands of someone with nefarious intentions, but put it all together and it wouldn't be too difficult for them to impersonate you on-line. I hope your banking password is different...

Aside from the material risks, there is also the danger of someone manipulating your social life. Abusive messages to friends, offensive posts about others and publicised subscriptions to ‘entertainment’ sites you woudn't normally touch with a barge pole can all produce a pretty uncomfortable social backlash. This applies to all age groups, but the most quoted problem area is teenagers and cyberbullying.

Cyberbullying is real, hurtful and dangerous. The faceless nature of the attacker can make it even more disturbing than a bloody nose in the playground or superglued books. How do you fight something intangible? The first step is to know what tools you have at your disposal. Every social website (twitter, lastfm, facebook, myspace et. al.) has a ‘block person’ function to stop people contacting you – and for serious incidents a ‘report this person’ process. Most have a setting to make this the default behaviour, and only those you select can get in touch. If you don't want to communicate with someone on-line, you don't have to - the tools are there and very easy to use.

I know several teachers that have have students who have experienced cyberbullying/cyberstalking incidents that have spilled over into the school environment. By this point, the victim had been terrorised for several weeks or even months beforehand. A trying time for everyone – especially the victims, but the trauma and fallout could have been averted with a few clicks had they only known how to protect themselves on-line.

Internet safety is not just about protecting your computer - it’s about knowing how and why to protect yourself. You wouldn’t walk down a dark alley on your own late at night, even if there was a sign at the entrance saying ‘Play for free now!’ Yet the same sign on the internet flashing red and yellow is often treated as a risk free invitation. A little trepidation is all that’s needed. A slight shift in your mentality from ‘why not’ to ‘why should I?’. Why should I give someone I don’t know the means to contact me any time they please? Why should let them see everything I’ve done and everywhere I’ve been? Why should I keep talking to someone if they’re making me feel uncomfortable?

Just as the internet has become an everyday thing, internet safety should be something that’s considered every day.

Have a look here for some useful information about password practice.

TalkTalk Hiccup With Porn Filtering

TalkTalk - the UK ISP has recently had a problem with the adult content web filtering system it has implemented.  The guys from PC Pro cover the story admirably - "TalkTalk's porn blocker lets explicit videos through" but focus on the failure not the implications.


They've come under a bit of unfair stick for it failing (to my untrained rather wonky eye it was hacked) but at least they've not ducked out of trying to give parents options to protect their children (unlike some other ISPs we could mention).  So hats off and a big hurrah for them!


We (on the filtering and control side of the fence) often hear 'it's too hard' (no pun intended), 'we're not censors' and 'infringement of freedom of speech' noises from the big boys with the fat data pipes (again no pun intended).  What they're really saying is 'with our wafer thin margins how are we going to make an honest buck from adding yet more kit and resources - you lot (us consumers) are only interested in price and speed.'


I've got a wacky idea.  ISPs could show a bit of social responsibility and give parents (and others that want it) decent and easy to control filtered web access for their kids (not just porn, race hate and other societal unpleasantness).  It's not that hard to do (we know how) and we (the parents that do care) will pay a small premium (that we would have spent with end-point controls anyway) and the world will become a better place.  It's happening successfully elsewhere - the famously liberal Dutch have an ISP Kliksafe who have been doing it for ages.  


So, ISPs please spend a fraction of your whopping fiber roll-out budgets on making the online world a better place for kids not just delivering the porn faster and in HD.

Facebook. Look, but don't touch.

Facebook. For some, it's the little black book, calendar, photo album, arcade and mailbox, all rolled up into one crisp pale blue package. The anvil on which many, including myself, forge their social lives.

It is however not without its problems. Between the above, facebook is an effective timesink and can impact productivity in the workplace, ultimately costing companies money. Numerous reports of cyberbullying, facebook stalking and the friend who got 'facebook fired' for posting something libellous understandably put organisations and instituions on edge. The knee jerk reaction is usually to deny access altogether. This hammerblow approach has the desired effect of protecting people from themselves, but can also leave them feeling cut off and frustrated.

Facebook is not an evil of itself by any means. People are social animals, and the Social Network is indeed an intrisic part of every day life for about 800 million people around the world. A friend found his dogs within 6 hours of them going missing, through a chain of events started with a facebook post, so it can certainly be a force for good.

Unrestricted access to facebook is out of the question for many organisations, and no access at all is a blanket solution. Is there a middleground?

I've been working on a project that should offer one.

The result is a solution that allows people to look, but not touch. In short, facebook is available, but without the risk to the individual or organisation. Read-only mode if you like. Combined with Smoothwall's time slots, it offers a powerful and flexible alternative to the hammer approach of blocking it entirely.

Facebook is a technical behemoth. A vast expanse of dynamic content, realtime updates, targetted adverts, likes, shares... the list goes on. It's also tied into an astonishing array of other sites around the web, pulling content from anywhere with a 'like' or 'share' button. Disseminating this giant was a challenge, but definitely worthwhile, and is another step in providing people with the tools to control what enters and leaves their organisations. This time, a scalpel.

iPhone 4S upgrade and first impression review

I love stuff that just works and usually the iPhone ticks those boxes for me. So, naturally, I ordered an iPhone 4S 64Gb the same day this was possible. This is to upgrade from my iPhone 4 32Gb. The three things that excited me the most were Siri, having plenty more storage and the improved camera. Faster is nice but I did not find my existing phone to be slow.

Today my phone arrived and I decided to try 100% wireless restore. I.e. not plug in to my computer with iTunes and only restore from the latest iCloud backup. I was amazed at how well it worked. All I had to do was switch my SIM over to the new phone and put in my wifi password and apple account details and in minutes it was ready to start being used.

The first thing I had to do after that was enter a new lock screen PIN, which it prompted me to do. Then it asked for my apple id again (not sure why it did not use what I entered earlier). Then it prompted me for some Google Apps accounts passwords so I had to set up some new application specific passwords. This re-entering of passwords I have seen before when going from a 3GS to 4. It seems the backup keys the passwords against the hardware for security. Makes sense.

To set up the application specific passwords I had to use the Google Authenticator app. Unfortunately at this point it has not finished downloading and installing all the apps. So I clicked on the app and it jumped to the front of the download queue. A moment later I ran it only to find it had not copied over the 2-factor account details, of which I have 5. Mildly annoying. I guess it’s the same reason as the passwords; security. So I had to choose SMS me the number and I was in. I will finish setting up the authentication later.

But that was about the only niggle I had. All the settings for everything has migrated, all apps, all icon positions and folders, all messages, all pictures - even my open safari tabs, my tiny tower, and my cut the rope progress! Very slick.

I tell you this cloud stuff. It’s the future man! LAN is so last millennium.

Next I wanted my music and went to the wireless iTunes sync. It said... To sync music wirelessly... plug in... and choose wifi sync. Oh well. After I had done that it started to copy them over automatically, via wi-fi. This was taking some time so I just plugged it back in again and let it copy over at USB speeds.
I wanted to play with Siri, so I turned it on and had the following conversation:

“What time is it?”

“It’s 8pm”

"Will it rain tomorrow?"

"There is no rain forecast for Southampton tomorrow."

"What time does my last appointment finish tomorrow?"

"Your last appointment tomorrow ends at 5.30pm."

“What should I buy my wife for Christmas?”

“Sorry, I don’t understand “What should I buy my wife for Christmas?”, shall I search the web?"

"Why not?"

"Why not what?"

“**** ***”

“Sorry I don’t understand “4Q””

“**** ***”

“Daniel, I don’t understand “4Q””

“Now you’re getting cheeky!”

“If you insist.”

“You’re funny!”

“Ha! I’m glad you think so.”

I am going to have so much fun with this!

I tried the camera in a fairly low-light situation and it seems still very grainy but not quite as bad as previous phones. I have yet to try it in the daylight.

So, first impressions are good.

Are Sys Admins and Network Managers Police Persons?

Having spent the last eighteen months in the IT security business (I'm originally a tech marketer from the imaging industry) I'm constantly surprised at the range and responsibility of the jobs Network Managers and Sys Admins are required to undertake - especially those that work in education with all the attendant responsibilities that looking after other peoples' kids entails.


A recent post caught my attention about qualifications in e-safety for those hard-pressed information system plumbers - I don't mean that in a disparaging way either to plumbers or techs - if the information stops flowing, starts leaking, gets backed up ... do you have the skills, knowledge and stomach to unblock the u-bend? - I certainly don't.


I digress - back to the post from the BCS - their core premise is that e-Safety should be taught as a part of the national curriculum (I agree) but there hasn't been a structured way to teach it (I agree) and that the IT department usually ends up having to carry the can for a myriad e-safety problems and incidents (I agree).


To quote The BCS directly:  "You wouldn’t send someone who came into a school with a knife to the design technology department, but with internet issues, people usually get directed to the IT department - and the issue is bigger than that."


The creation of a structure to teach e-safety to our kids can only be a good thing - especially if it's delivered by properly qualified teachers.  The reclaiming of the teaching environment from the techs by continuous education of all teachers in IT related subjects (not just as 'users' of tech) is an important step in this process.  


This also raises the issue of where responsibility (and accountability) lies in hard-pressed schools and LAs for delivering e-safety (and the attendant tech paraphernalia that it requires).  In the eyes of the law it's pretty clear (teachers, employers and Governors) but in practice it all seems to be all over the place - with the IT function getting dumped on because it's 'computer or internet related'. If you read some of the threads in Dr. Brian Bandey's e-Safety Law in Education LinkedIn group they illustrate the complexity of this evolving problem. 


So - going back to the title of this piece - Are Sys Admins and Network Managers Police Persons?  In my personal opinion they should be exactly that - they should provide a safe infrastructure on which to base education.  They shouldn't be considered as policy makers, judges or arbiters of standards just because a computer is involved in the process.  These functions lay with the educators, policy makers and legally accountable members of the education community - who (again in my personal opinion) should step-up to the challenge and properly understand some of the (seemingly transparent) technology that they currently use and rely on to keep them out of the law courts.

Smoothwall at TechMesh EXPO

Our friends at TechMesh are putting on a regional showcase of IT & Telecoms talent to showcase the region’s techie assets - and we'll be there!  The all day event, which is being held at the Royal Armouries in Leeds on the 13th October should prove to be a worthwhile day out with some interesting speakers lined up.


To add to the fun we'll be doing our thing demonstrating our latest tech in the Interactive Zone - a sneak preview of our pitch >>>


Social Notworking - Who's coming to work to play?

• How to see exactly who's doing what and when on your time and network?
• The Dangers of Web 2.0

Web Filtering - Why Bother?

• What web filtering really means and how doing it properly benefits your business?
• How do you filter the web?
• What are the key technical benefits
• What are the productivity benefits

Protecting yourself, your business and staff from web borne threats

• Malware vectors - it's not just email viruses
• What can happen after an e-safety incident
• Cost of fixing the damage
• Legal implications

We think that the expo provides an insight into how the world of technology is changing - and that Yorkshire and Humber have a great deal to offer the world techwise.


In summary - the guys at TechMesh have put together a great programme of over 40+ exhibitors; a techpanel – a seasoned panel of experts; an interactive zone where visitors can watch, listen and play with the very latest in technology and a SME surgery for one to one advice from industry experts. There will also be members from all the local business groups milling around - so the networking opportunities will be fantastic.


Date: Thursday 13th October 2011
Time: 9am – 4.30pm
Venue: Royal Armouries, Armouries Drive, Leeds, LS10 1LT


Cost: FREE please visit http://techmeshexpo2011.eventbrite.com/ to register

iPad 2 vs Chrome Book

I’ve had an iPad 2 for a few weeks now and I love it. I’ve had a Chrome Book for a week now and I like it. There you go, that is the conclusion of the review. But not quite. There is a lot of cross over in functionality between the two devices, such as apps, email, web, Facebook, etc, however they both lend themselves to different scenarios.

The Chrome Book has two key features missing from the iPad;

1. Multiple user accounts
2. Chrome web browser

Multiple user accounts is, IMO, vital for a shared device - not just security but also convenience. I love how the log in (almost) seamlessly integrates with Google web applications and things like Google Cloud Printing. I say “almost”, because a couple of times I have had to enter a password when I would have expected it to know I was already logged in with that Google account.

The Chrome web browser is, without doubt, the best web browser by far and allows full access to all the modern web features like Google Docs and Facebook. The Facebook app on IOS is OK but to get full functionality requires the web version. Google Docs is very very cut down on IOS Safari - so as to be too limited for anything other than the most basic note taking, unless you just want to read a document in which case it’s perfectly good. This review is being written using Google Docs on the Chrome Book.

The Chrome Book is missing a major application though; Skype. This will be a show stopper for some people. The iPad does not have a proper app, only an iPhone app but it works well enough. There is always Google Video but it’s just not got the market penetration. Google chat can also now make actual phone calls like Skype.

My father was able to log in and use the Chrome Book fairly easily but then complained when he was unable to write in French in Gmail as there is no way that he or I could see to enter letters such as e-acute. I ended up writing the email in Docs in English then translating to French then correcting the French then copy and pasting in to Gmail. My father reverted to his iPhone for further French emails.

The Chrome Book has a proper keyboard and tracker pad and a reasonable resolution screen. I also have a keyboard stand thing for my iPad. They are similar in use. I find myself wanting to touch the screen on the Chrome Book instead of use the pad as it would be quicker.

The Chome Book boots in about 5 seconds and it almost takes me longer to type my password than it takes to go from login screen to being 100% ready to go. And I don’t mean the Windows-pretend-you-have-the-desktop-but-actually-come-back-later-after-a-coffee. So both iPad and Chrome Book are ready to use instantly without being concerned about booting.

I’ve just been on holiday for a week and mostly used the iPad and Chrome Book rather than a PC, but today I was back at work and within minutes of using my Windows 7 desktop PC I was frustrated with “Window is not responding” and other crap like the AV telling me it needs to update then when I shut down Windows it had 13 updates to install. Bah! I tell you - things like the iPad and Chrome Book are the future. People won’t put up with this for much longer. That said, I won’t be giving up my Windows PCs for a long time until good games like Portal 2 and WoW work on these devices.

The Chrome Book has multiple external storage options and expansions but the iPad has none. I’ve not found I needed this though.

The Chrome Book runs a little warm for my liking. Mine is a Samsung Chromebook Series 5 and according to top has 4 cores. After a few mins a small fan starts up and pumps out hot air on the left. That would be nice in winter but in the summer it made me put it on a table not my lap. The iPad only gets warm from my hot sweaty hands.

In terms of speed, the iPad seems just a little bit faster. Both can play HD youtube no problem or anything I throw at them. But I think the iPad cheats by only doing one thing at a time where as on the Chrome Book, all the tabs are running at the same time.

Both have similar and very long battery life. Hours and hours of usage.

I was able to get the VPN on the iPad to work straight away with my Smoothwall firewall but the Chrome Book is currently missing this functionality although this is due out soon.

IOS does not support much in the way of automatic proxy settings and is quite picky with the proxy.pac URL in that it has to be a fully qualified address. So for visiting iPad users you will need to use transparent web filtering. I’ve not tested the Chrome Book yet.

The Chrome Book has no integration with my Apple TV (as you'd expect) so when I find something interesting or want to view it on the TV, I can't.

My iPad is configured for remote wipe via Google Apps and MobileMe. I've not found a remote wipe option for the Chrome Book yet, but I'm also not storing anything on it.

If I had to keep just one device - it would be the iPad. It does nearly everything and I hope one day it has a better browser. I am keeping both though!

Chrome Book is ideal to give to one’s parents who keep having to reinstall Windows because they get a virus or don’t update. Fully automatic updating in the background. Love it. Chrome Book is more secure and appropriate for a work place. iPad will keep being useful in a car when travelling and where there is no wi-fi.

iPad is for fun and a little work. Chrome Book is for work and a little fun.