Archive for the ‘Security’ Category

How to browse securely with SSH and a SOCKS proxy

Wednesday, September 3rd, 2008

I was in Moab this weekend with my family and our motel had free wireless Internet. I used SSH and a SOCKS proxy to create a secure tunnel to my iMac at work. This allowed me to browse Gmail and Facebook securely.

Here’s a screencast on how to create an SSH tunnel and browse securely in Safari and Firefox:

Here’s a full-size video:
How to browse securely with SSH and a SOCKS proxy (full size video)

These are the basic steps on a Mac:
1. Open Terminal. (In your Applications/Utilities folder.)
2. Type “ssh -D 9999 username@example.com”, replacing “username” and “example.com” with the actual username and address of your remote machine. The remote machine will need the SSH service, or Remote Login service, turned on.
3. Open System Preferences -> Network -> Advanced tab -> Proxies.
4. Turn on the “SOCKS Proxy” and enter “127.0.0.1″ and “9999″ in the fields. Click OK and Apply.

Now your Internet connection will be tunneled through a secure connection to your remote machine — a poor man’s VPN.

Posted in Mac, Main, Privacy, Security, Tech, Unix | 4 Comments »

What goes around, comes around

Wednesday, February 20th, 2008

I’m not a big believer in karma, but this week I experienced some karma-like effects. Two years ago for work, I developed code to protect wiki websites. Then I published it on my blog.

This weekend a software upgrade caused this protection code to stop working on our websites. I couldn’t find an answer. Then yesterday, some chap named Nathan left a comment describing the solution. I hadn’t asked for help. He was simply documenting his own experience. But it was just what I needed.

This is fundamental to open source software — the creation of a software commons. It’s also what happens on Wikipedia, the creation of a knowledge commons.

In Love Is the Killer App, Tim Sanders suggests freely sharing your knowledge and your network, not hoarding them.

Jon Udell talks of “narrating” one’s work from day to day. This allows everyone to share in your vast brain knowledge, and it becomes your living résumé. I’d like to do more of that.

Posted in Main, MediaWiki, MySQL, PHP, Security, Tech | Tags:  | 3 Comments »

Choose a good password

Friday, May 11th, 2007

You’ve heard over and over the importance of choosing a good password, but we all seem to keep the same bad habits. Roger Grimes analyzed 34,000 real passwords and discovered some interesting trends:

  • As expected, English vowels are by far the most frequent occurring password symbols.
  • [In passwords with numbers,] the number 1 appeared 45 percent of the time, followed by the number 2 (22 percent.)
  • The exclamation point was the most commonly used non-alphanumeric character.
  • Words, colors, years, names, sports, hobbies, and music groups were very popular.
  • Other popular words include: angel, baby, boy, girl, big, monkey, me, and the.
  • Names of sports — golf, football, soccer, and so on — were as popular as professional sports teams and college team nicknames

Drawing on this study and other wisdom, here are some tips for choosing a good, secure password. Read #8 if you don’t read them all:

  1. Don’t write your password on a sticky note attached to your monitor (or “hidden” under your keyboard.)
  2. Don’t choose anything obvious like your birthday, spouse name, etc.
  3. Don’t choose any single word you can find in a dictionary.
  4. Don’t use the same password on a secure site (like your bank) as on an insecure site (like a mailing list.) If someone discovers your password because it was emailed to you from an insecure site, you don’t want your bank account to be vulnerable. Ideally you’d keep a different password for each site.
  5. If a digit is required in your password, don’t simply append a “1″ or a “2″. If a symbol is required, don’t simply append an exclamation point.
  6. Learn which channels are secure and which are not. Generally HTTP, FTP, and VNC are not secure, while HTTPS, and SSH are secure. Don’t use secure passwords on insecure channels. (Look for the padlock in your browser.)
  7. Pick a password you can remember, so you won’t have to write it down.
  8. Pick a LONGER password. Think of a phrase or sentence or haiku, not a word. Password length is more important than symbols or numbers. For a security expert like Mr. Grimes, a 6-9 character password with “complexity” (symbols, numbers) is fairly easy to break, while a password with 15+ characters is almost impossible to break.

Eventually, we may be using our fingerprints or some other biometric procedure, but until then, choose a good password.

Posted in Main, Security, Tips | 8 Comments »