I think I need a password to use my password.

Sorry, as a new requirement for viewing my blog, your now going to have to enter a password to view it. It must be 256 characters long, consist of UPPER, lower, numbers (0-8, I don't like 9), special characters (But not @, everyone use's that), Hebrew, and Russian characters. You must also change it twice a day, and can't use the same password for 10,000,000 passwords.

Should be easy enough right?

What? It's not? But don't you use like a billion passwords right now? For your bank, computer, laptop, your phone, e-mail, facebook, twitter, yahoo, work network, work e-mail, work applications.... and all different passwords right? Changing in some random order? So what's one more?

Really? Your not going to do it huh.... well then fine! How about instead if I give you a simpler way to keep track of all those stupid passwords, on so many different systems, yet make them all secure, and all unique? Does that sound good? Yea, I bet it does. Well how about you paypal me 1 BILLION dollars and I'll show you?!?!

WHAT? You won't do it? Then how am I supposed to afford to put lasers on top of all my sharks? Ok, so I still need to buy the sharks, but now you can really see why I need that money! Right?

No? Fine... Your really an uncaring bunch of people aren't you?! I'll just give you my blood, sweat and tears for free. There you won. Are you happy now?

Important note here, do not use this to keep track of your work passwords, with out first clearing it with your company; and if your a Government employee, don't count on that happening.

First thing you want to do is to setup a file sharing service if you don't already have one. If you don't know what that is, then you don't have one. I'd recommend using Drop Box (http://db.tt/xR8oeei - yes this is also a blatant self promo, cause I get more space if you use that link), they will give you 2GB for free; which will be more than enough space for you to keep 1 file. Use if for more than that if you want it obviously. Please make sure to use a good password here, but one you will remember.

Next, head on over to KeePass (http://keepass.info/) and download the latest 2.x version to you PC or Mac. Now that you have downloaded it, delete it. No just kidding, install it. Geeze.

Your now well on your way to a much more secure world. Just a few more steps here people, keep up.

Launch KeePass and create a new database in your dropbox folder - normally in your home directory, but it depends on where you installed it. Make sure you set it up to use a master password, you don't want to tie to your computer account. Here again, use a good unique password (i.e. not the same one as dropbox).

There, now you have a place where you can enter in all your user name and passwords for everything in one, safe and secure place. Trust me, it's encrypted using AES 256, it's a well trusted and respected application in the security world. Even if your DropBox account gets hacked, or they steal your file they won't be getting into it. About the only one who likely can is the NSA, and they'll just send an FBI agent to your door with an arrest warrant and a gun - quicker and easier.

Awesome!! Now want to make it even better? I knew you did... you greedy little thing you. Fine... Try installing both DropBox, and KeePass on your mobile phone (iPhone/iPad, Android, and Blackberry's are all supported). Now you can access all your passwords from any place in the world you are! YEAH!

Want more? Sure... I'm in a giving mood. Got a husband, wife, significant other, or just a real pretty thing down the street that you want to share your info with? Ammm... wait... don't share your info with that pretty thing down the street, that's a real bad idea. But the others, yea go for it. Make all your lives easier, and in DropBox create a folder to store your KeePass database in - make sure you move it there too. Now have whom ever this OOO so important person is install DropBox and KeePass as well. Fine.. you can even invite them using your link and not mine... you greedy person you.... and get more free space.

Now that they've done that, share out that folder to them and bam! You now both have some free storage, and a shared KeePass datafile! All your bank, and other passwords are there for the share!

Want in on another little secret? You do? Dang your greedy! O'well it's not that big a secret anyways. KeePass can generate random passwords for websites for you that are very secure, and even enter them into the website for you! W00t w00t!! Less typing for you!

So with a few free applications, you can now have very secure passwords all unique at every website, and just about anywhere a password is needed, and you only  have to remember those 2 passwords! YEAH!!!

Now that I have freed up some of your brain power, remember to kill those useless braincells with booze! And while your doing it, don't forget to buy me a beer!

Questions? Comments? Post'm here, and post'm quick before I kill too many braincells and forget how to type!

I've been a Slack'n!

Yea, no way around it. I've been slacking on posting, and all my fans (all 3 of you....) are I'm sure very disappointed.

Well, I will post more soon; I actually have a few things to write about. But in the mean time I figured I'd post about Microsoft.

Believe it or not, it's actually a GOOD thing that Microsoft is doing for security. No really, not a joke here. Microsoft has posted a new FREE Anti-Virus! It's free for both home users, and small businesses with up to 10 PC's. Very VERY nice move Microsoft.

If your looking for a new AV, or your current one is coming up for renewal it's worth checking out: Microsoft Security Essentials

SCAM Alert!

Bad things happened in the world last night: Widespread destruction from Japan earthquake, tsunamis

Now I know anyone reading my blog is a good person (and likely a little off their rocker), and would want to help those people in need. However, now is the time to put your guard up and if you get an e-mail asking for help in relation to this disaster it is unfortunately most likely a dirtbag trying to cash in on people's generosity.

If you choose to donate to help any of these victims, please do so though a known charity. The Red Cross is always a great place to start, but of course there are many other good organizations out there. The IRS maintains a list of Tax Exempt Charities that is a great place to check and see if the people you are donating to are legit. While the list isn't 100%, I personally wouldn't donate to anyone not on that list.

Also, feel free to forward to me any e-mails that you get that you might feel are a scam. I will happily look them over and give you my opinion. I can then send them to other groups that might be able to do something about them.

Patch Tuesday

Tomorrow is Microsoft's Patch (Black) Tuesday. If your running Microsoft Windows, either for home or work, make sure you update you system tomorrow.

So everyone always tells you how important it is to update your system. But do you ever ask... Why? What's so important? I figured I'd go over a few of those reasons, and explain a little bit more about what some of the terminology is used.

Microsoft is releasing 3 patches this month (wow... they've been... ammm... not busy? LOL). However, why they are only a few they are very important. Each one of them will fix a "Remote Code Execution" vulnerability. Sounds scary? Well it is... Or it could be.

So WTH is a "Remote Code Execution" vulnerability anyways? Well, let's start by breaking it down:

Remote -"distant: located far away spatially"
Code - Programming Code - i.e A program, or application.
Execution - To kill... LOL No just kidding. In this instance it means to run, like to run a program.

So when you put that all together it means "Run a program remotely". Doesn't sound too bad? Well it depends on what that program is. In this case, it's like a "malicious" or bad program (think -Virus). So what Microsoft is patching is a vulnerability in Windows, or one of it's many sub-systems, that allows an "attacker" to run a program on your computer with out your knowledge or consent.

Hmmm... actually that does sound pretty bad doesn't it? So make sure you patch your system tomorrow!!!

ATM Skimmers... and you.

Question - How many of you use your ATM card as your almost exclusive means of paying for goods and services? I'd be willing to be, most of you. When you don't use your ATM, I bet you use a credit card.

Carrying cash, and writing checks are quickly becoming a thing of the past. While this is generally a good thing, it also presents some new dangers that most of us don't think about. One of the big things over in Europe, and very quickly becoming big in the US is something called an ATM skimmer. This is a device that criminals will put over a legitimate ATM card reader - such as an ATM machine at your bank or any place else someone might want cash or to make an unattended purchase (think Redbox DVD rentals); to read your ATM card numbers and steal your PIN's.

It's pretty scary stuff, and Brian Krebs (former reporter for The Washington Post) has an ongoing blog about this topic. I'd HIGHLY recommend everyone who has an ATM card to go check it out - as well as many of his other blogs. Check out the link below to his series.

Krebs On Security - All About Skimmers

Welcome

Welcome to my new blog. Yep, yet another blog on the wide open world of the internet. If you are reading this, and not related to me... you are like the only person in the world. :-)

With this blog I will be sharing my thoughts,  opinions, experience, as well as links and comments to other blogs and news as related to security and computers. They will range from business, to government, and even home security issues. Hopefully they you will enjoy them, and even more important you might learn something.

Welcome to "The Cheezie Word of Security"