Tap-and-Pay Apps?

How Hackers Can “Tap” Your Bank Accounts

Yeh, nope. Tap-and-pay may be convenient, but I have never been persuaded that it is safe, and so have never enabled it. I’m far safer carrying cash (because muggers? *heh* No, for many reasons).

Condition Yellow should apply at all times to data/device security, not just physical security.
_____________________________

For online purchases–another area of banking insecurity–I rely on several different tactics, including the careful use of a debit card tied to an account at my local bank that is designated for such use. . . a bank where my next door neighbor is head teller, and I know all the other folks in the bank as well. They look out for any anomalies very well.

Just One Browser? Nah.

I have to use five different browsers (and occasionally a couple more) to do the web surfing I do. Oh, I don’t _have_ to, but different sites just work differently in different browsers, even if they use the same rendering engine. And some browsers just have features that work well for certain things. Example: If I want to do some searches on topics that are just none of anyone’s business to track (say, procedures and methods for NONE OF YOUR BUSINESS *heh*), I use a TOR-enabled browser in addition to a good VPN, etc. But if I’m just comparing some items at a shopping site I use regularly, I don’t use that one because my fav TOR-enabled browser has lousy tab stacking, so I use one that can auto-stack tabs from the same host. Just different capabilities. If there are a lot of videos on my download list for the day, I use an entirely different browser that is the one I have found to be able to do that task most easily.

And sometimes I use one that offers really nice video backgrounds on its speed dial page, just ‘cos they’re “purtier” than what’s offered on any of the other browsers I use. So?

Passwords

I’ve used various techniques to devise memorable passwords and pass phrases over the years that are easy for me to recall but nevertheless fairly strong.

Here’s one (though it’s not currently active for ALL my password use).

Password construction: Take a song that’s at least 400 years old and uses an archaic form of the language in which it was written. Pick the third (or fourth, or whatever “interior) verse. Sing it backwards. Use the words in this backwards order to construct a password using the second (or third, or whatever; choose at semi-random) letter in each word. Use a number representing which letter of the words, when sung as written, you are using as a part of the embedded “key” to the password. Add at least two symbols that remind you of the site or app you assign the password to and “key” them to the site or app visually or audibly–whichever is a stronger memory gift for you.

Frankly, this is a bit difficult to do for folks who have neither an extensive repertoire of Renaissance (or older) music and lack both a good audial memory and the ability to sing/play something backwards, but it’s fun for those who do. . . or at least for me.

*shrugs*

For added complexity, one can take the reversed song and invert the tune, using the letter names of the resultant tune in the password.

Singing a song inverted and backwards, silently as in one’s mind’s ear, in order to extract the password makes me smile, so it’s worth it even if I have to type 60 or more characters.

Don’t do this for a WiFi password for your local network, though. Other folks will probably get lost trying to type it in and give up. Wait. No, DO use this for a WiFi password. It’ll really cut down on traffic. *heh*

OR. . . just use something like Lastpass to generate and “remember” your passwords, if something like this seems like too much work. You lazy bum.

Plus ça change, plus c’est la même chose?

Or is this “Déjà vu all over again?” *heh*

Now the guy who “wrote the book” on safe passwords has changed his tune and is now advocating using long passphrases.

The thing is, I’ve advocated this sort of thing off and on for years, here at this lil Third World County blog, because it’s an easy-peasy way to have long, complicated “passwords” that are easy to remember. I’ve even posted hints on how folks can “crack” my “passwords”

Hint: many of them are based on, but deliberately do not accurately reproduce, verses from 16th-to-19th Century art or folk songs in any one of six languages, and frequently run well over 64 characters. None of them spell all the words out correctly, and many do not use any of the actual words at all. Go ahead. Crack ’em. For me, they are easy-peasy to remember, though, ‘cos I can just “sing” the songs in my head as I type the passphrases, and because I am an “Odd,” the substitutions I use make sense to me but would seem almost psychotically delusional to “Normals”–or computers.

(Example of “Odd” perceptions/views of reality not directly related to my passphrase substitutions: numbers and mathematical functions have colors, shapes, and positions in 3D space for me. It’s how I “see” mathematical solutions without following steps in formulas. In a similar vein, word substitutions in art/folk song lyrics in foreign languages are “colored” and “shaped” by how I see and hear the words in my mind’s eyes and ears. So, easy to recall, for me, difficult to reproduce for any Normal or logical process.)

So, as I have said, have fun cracking my passwords. I’m sure there are some really Odd folks out there, somewhere, who’d enjoy doing just that. 🙂

The Continuing Search for a New Web Browser

Since more and more sites are becoming even ruder about browser use–going well beyond simply browser sniffing, now–Opera 12.18 is starting to become a little more difficult to use as a default browser. It still does work fairly well, apart from aggressive attempts to lock “old” browsers out by some sites, but only in Windows 7 and 8/8.1. Windows 10 seems to simply not “like” it.

Sad, because it has many features other “modern” browsers–including Opera ASA’s “Chopera” (an Opera browser based on the Chrome rendering engine)–either lack or do not implement as well. Mouse gestures as clunky or just weird in most other browsers that implement them natively, and mouse gesture extensions have uniformly proven to be crap. Newsreader integrated into the browser, no add-in required? Nope. Granular–really granular–control of features/customization? Nope. Bookmarks that really work and can be easily organized? Nope. Even the best at importing Opera bookmarks and allowing organization requires laboriously reorganizing each separate folder and sub-folder, one at a time. That’s a bit tedious when one has a couple of hundred folders and thousands of bookmarks. (I treat bookmarking sort of like a library card file catalog: I want everything saved where and how I want it, organized into subject folders and searchable any way I want. Yes, I weed my “catalog” pretty regularly to eliminate dead links. Doesn’t everyone? 😉 )

I could go on and on, because there are many, many features baked into the “old” Opera that are just not present or are poorly implemented in all the other browsers I have tried. The one that comes sort of close to being a replacement, but even it doesn’t allow real customization, has clunky mouse gesture implementation, lousy bookmark organization, no built-in newsreader, and doesn’t let me choose my preferred default search engine, even though it shows a procedure for doing so! #gagamaggot

OK, so just checked again. Since the last time I tried and became disgusted with it, Vivaldi Browser at least does now import my bookmarks and does–almost–sort them, at least closely to their original organization. Manual sorting thereafter looks straightforward (though still tedious). But the rest? *meh* Notsomuch, it seems. *sigh* For example, it limits the number of “Speed Dial” columns to six. I prefer ten. Why bake in such stupid limitations? That’s just one of many such dumb ideas.

Still hunting.

*gagamaggot*

Opera ASA, the Norwegian company that publishes various forms of Opera Browser for just about every platform out there, has apparently decided that its real growth market is among computer users with the intelligence of a rotten cabbage and attention spans that make mere nanoseconds seem like years.

Example: suppose one were to want to import one’s bookmarks from a previous version of the Opera browser to the current Chrome knockoff Opera browser. The Opera “help” (and I use the term derisively) file says,

“To import your bookmarks:

“From the main menu, select More tools > Bookmark Importer.
“Click the Select Bookmarks button.
“From the list, select which bookmarks you wish to convert to Speed Dial.”

Well, first off, that’s a flat out lie. “Bookmark Importer” has sporadically appeared and disappeared from the Chrome knockoff Opera since its inception. Not there in ver. 24.0.1543.0.

Secondly, “From the list, select which bookmarks you wish to convert to Speed Dial,” pretty explicitly says, “Choose a few bookmarks. We’ll let you sort of ‘import’ those few. You lose the rest AND your folder structure. Tough noogies. We only want users with the attention spans and intelligence necessary to make gnats seem like Steven Hawking in comparison.”

100s of bookmarks nestled in a folder structure that allows clear navigation and categorization with a bookmark management functionality that allows quick and easy searches to delve quickly into that complex tree structure and pluck just exactly the gem one wants? Gone, bubba.

So, then Opera ASA touts its “synchronize” function. . . which does no such thing at all. All it does is export bookmarks in an html file that COMPLETELY DESTROYS ALL ORGANIZATION INCLUDING ALPHABETIZING OF BOOKMARKS, making the thing almost completely worthless. . . especially since it also RANDOMLY LOSES BOOKMARKS.

Now, that’s just ONE of the many, many ways Opera ASA has screwed up a once exceptionally useful tool. *sigh*

I am trying Avant Browser and I find it to have a few useful, built in features even Opera 12.x doesn’t (the old Opera browser that’s still at least an order of magnitude better than the “new” Chrome knockoff Opera), but it, too, does not import Opera bookmarks (though it offers to and appears to attempt to do so), and in all other ways, excepting a few nice lil features, is about as capable as Opera 11.x.

*sigh*

It’s almost enough to make a guy give up on the web.

How Are Your Passwords Holding Up?

The problem with most folks and passwords is that not only do their chosen passwords suck dead bunnies through a straw and that folks typically overuse the same password and even keep their password(s) written down on post-it notes and suchlike, but most folks also NEVER CHANGE THEIR PASSWORDS!

*sigh* Rookie mistake. 😉

I try to rotate/change passwords on an irregular basis. I’ll just feel like changing all, most or some of ’em and do it. Here’s the result of running one of my email passwords (only 32 characters, but still not all that bad) through Steve Gibson’s “haystack” password checker:

password-checker-02

[Just click on the image to pop it up.]

Compgeeky ISP Stuff

So, after serial rocky times with my ISP, it’s been fairly solid of late. Checked the download speed on my nominal 12mbps connection using Speedtest recently and was getting 16-18mbps downloads pretty regularly.

Not bad, thought I… and then I ran across Softonic’s Namebench, a DNS test software. DL-ed it, scanned it, installed it and let it run. Looked at its recommendations and selected the top two to replace my primary and secondary DNS on my router (left the tertiary alone).

Here’s the result:

Much faster (almost double) DL speeds and just slightly slower upload “speeds”. Interesting. I’ll test things out this way for a while and see just how solid the new DNS addresses are over time, but this is promising.

Spies

OK, so maybe it’s all innocent. Maybe tere’s nothing at all sinister. I really DGARA. It bugs the crap out of me to have nosy parkers spying on me anyway. When I visit a web page and Ghostery notes 16 other sites trying to track my visit, it just kind of chaps my gizzard.

Ah, screw ’em with a rusty hammer. At least Ghostery blocked ’em.

A Kid Again

In 1959, we were a single income family, even though both of my parents were college graduates. My dad was making decent money working in a field not known for particularly good incomes. Still with five children, the budget was sometimes a tad tight. So, when my folks decided to buy a World Book Encyclopedia with all the trimmings, including ten years of “yearbooks” and a large (no, REALLY large, “library-sized”) two-volume dictionary set, our lil family library grew by almost 25% overnight, and I found my backup reading material for the next few years.

Yes, there was always at least one volume of the set under my bed, close enough for a night time “sneak read”. Sometimes, it was just one of the two dictionary volumes (yes, for reading), but most often it was just a volume chosen according to some topic that had caught my fancy, then kept for further reading as one article led to another and another and…

And that’s how I get to be a kid again. For the last 18 years the web has been my go-to reading material for times when I’ve exhausted my stash of new books. It’s also been my substitute for an encyclopedia, since I never run out of things to learn. And thanks to my *cough* encyclopedic reading habits over the years, I have a skill set and basic knowledge base that allows me to filter out most crap.

And the resources–good quality resources–are effectively limitless, now, and not confined to one book case. Heck, I find myself re-reading classics online that are in a book case that’s literally within the reach of my right hand as I type these words.

And on top of being a library with more than enough resources to keep me in learning material for life, the web’s a source of amusement (dumbasses a-plenty to poke fun at! Yipee! *heh*), entertainment (I have a full movie list at Crackle, for example), contemporary information (I’ll not say it’s “news”) and interpersonal interactions.

But most of all, it’s a resource just jam packed with information that’s either new to me or in a new format that makes sense in a different way or old information that’s fun to re-read, review and cogitate over.

Sweet. Kid. In a candy store. Unlimited candy budget.

*sigh* I’ve entered my second childhood.