Lock Your KeePass Workspace!

by on Apr.22, 2012, under Security

I’ve seen article after article decreeing that “passwords are dead”. Reasons range from the mathematical reality that any string of characters, no matter how random, can be brute-force cracked with enough computing power, to the pragmatic arguments that people are stupid and will pick obvious choices, re-use them frequently, and often write them down in plain sight.

There is no denying the math, but until biometrics and multi-factor authentication become more prevalent, alphanumeric passwords are here to stay no matter how deceased they may actually be. But mathematics aside, it is the human aspect that is the far greater threat to password security.

Luckily, tools such as KeePass – which provide a central database in which to store totally random complex passwords – can be used to offset the exploitabilities of the human element. The database is strongly encrypted (optionally multi-factored), and every resource can have its own unique, randomly-generated, complex password. Best of all, the cut & paste process means there isn’t ever a need for the user to even know what the password may be. Simply let KeePass generate something for the account, and blindly paste the copied value when you need to use it.

But if you are a heavy KeePass user, you probably keep the application open at all times. This is the equivalent of putting all your passwords on a PostIt note affixed to your monitor. If you stepped away from the workstation without locking it, someone could read all your password entries or even use SaveAs to make their own cracked copy of the entire set.

For this reason, unless you live and work alone, I strongly recommend that a workspace-lock be enabled on your KeePass installation. KeePass has a number of workspace-locking options, but none of them are enabled by default. You can lock after a certain amount of KeePass inactivity, workstation inactivity, whenever the app is minimized, when suspend mode kicks in, or when the (Windows) system auto-locks via screensaver.

A locked workspace requires you to reconfirm your pass phrase and/or key file before KeePass can be accessed again. It’s a bit faster than exiting & restarting the app each time – though that is in fact one of the lock options. But some measure of workspace lock is worth the slight inconvenience. Pick one and use it. You’ll be safer for it.

 

, Leave a Comment more...

Happy Pi Day!

by on Mar.14, 2012, under Musings

Even though I was a Math-CompSci major, my SAT-Math scores would attest that I leaned much more toward the written/verbal. So when it came to memorizing Pi, I was not some mathematical savant that could recite to an incredibly large number of decimal places. No, I turned it into a ‘piem‘: a mnemonic sentence, where the number of letters in each word represented the digits:

“Now I have a wordy histogram to remind nerds the value equating halfbaked spatial diameters and Pi run nineteen long digits, an actual ‘piem’.”

That equates to 3.14159265358979323846264.

I did this to impress my friends and win bar bets.

Neither of which happened.

As one would, in retrospect, expect.

Happy Pi Day!

No tags Leave a Comment more...

Did You Hear The One About…

by on Jan.02, 2012, under Musings

Will Apple come out with their own Siri-influenced TV in 2012, since Steve Jobs supposedly “finally cracked it” shortly before his death? What about the idea of an iPod Nano-based wristwatch – not just by adding a watch band, but by integrating Bluetooth and turning it into an iOS remote display device? And everyone was so bummed at the iPhone 4S release, expecting instead the oft-rumored iPhone 5 that never materialized – when will that finally appear?

Rumors abound with Apple. And because they are so tight-lipped about product release schedules, no one (who doesn’t work for Apple) will truly know for certain until the big unveiling. Tech journals are filled with unverifiable hints from supply chain partners and “sources familiar with the situation”, and everyone is eating it up in anticipation. Slow news day? Let’s throw out an Apple rumor to keep people interested!

Since your guess is as good as mine, I thought I would add my own random predictions to the mix. And random it truly is.

Introducing the “Apple Prediction Generator”.

All done in jest. No truths implied to named media outlets or unnamed sources. But isn’t it interesting how some generated quotes actually resemble real-life headlines? I’m just sayin’…

 

, , , , Leave a Comment more...

And Now For Something Completely Different… Top Songs of 2011

by on Dec.31, 2011, under Musings

The end of the year… A time for retrospection. And Top10 lists.

My favorite songs of 2011? After seeing the BET “Top 100″ (where everything by Beyonce, Rhianna, Jay-Z, Kanye, Nicki Minaj, or Drake was apparently a winner), or the hipster lists from Spinner and Wired (which seem to go out of their way to ignore lamestream artists), I decided to take a look at my iPod’s most-played list and filter for all the releases of 2011. I’m not embarrassed to admit to having some Top40 in there:

  1. The Airborne Toxic Event – Welcome To Your Wedding Day
  2. The Black Keys – Lonely Boy
  3. Adele – Rolling In The Deep
  4. Christina Perri – Arms
  5. Mumford & Sons – The Cave
  6. Mayer Hawthorne – The Walk
  7. Two Door Cinema Club – What You Know
  8. Ra Ra Riot – Boy
  9. Tom Waits – Satisfied
  10. Super Heavy – Miracle Worker
  11. Gotye – Somebody That I Used To Know
  12. Sara Bareilles – Gonna Get Over You
  13. Snow Patrol – Called Out In The Dark
  14. The Joy Formidable – Whirring
  15. Gavin Degraw – Not Over You
  16. Florence + The Machine – Shake It Out
  17. Wilco – One Sunday Morning
  18. Maroon 5 – Moves Like Jagger
  19. Everything Dies – El Mariachi Bronx
  20. The Kooks – Junk Of The Heart
  21. Death Cab For Cutie – You Are A Tourist
  22. Raphael Saadiq – Stone Rollin’
  23. One Republic – Good Life
  24. Katy Perry – Firework
  25. Guster – Do You Love Me

The only artist that all four lists have in common is Adele. (And she can be found on pretty much any 2011 compendium out there.) Perhaps a preview of things to come for the Grammys in Feb, with a consensus “Artist of the Year”, and maybe “Song of” and “Record of the Year” for “Rolling In The Deep”…

No tags Leave a Comment more...

Using MiniKeePass with Dropbox

by on Oct.30, 2011, under Mobility, Security

This post is going to be of interest to only a very specific demographic, but based on my web site stats, it seems necessary. Since writing my “story” – it barely qualifies as a “review” – of MiniKeePass, it has (surprisingly) become the most popular item on my blog. And tracking the Google search referrals, by far the biggest impetus for coming to my site has been in a quest for the answer to “how to use MiniKeePass with Dropbox”. (continue reading…)

, , , , , , , , 13 Comments more...

An Overview of Network Monitoring

by on Oct.19, 2011, under Networking

Every fledgling network administrator eventually comes face-to-face with the question “how do I monitor my network?”. But “monitoring a network” means different things to different people, and if you ask a crowd of experienced network managers for tool suggestions, it is highly likely that you will get a few misleading recommendations simply because the what-to-measure is not in alignment with your objectives. (continue reading…)

, , , , , , , , , , , , Leave a Comment more...

The Next Revolution

by on Oct.05, 2011, under Messaging, Mobility, Telephony, Usability

The original iPhone was revolutionary because it was the first product to combine a phone, music player, Internet browser, mail client, camera, gaming system, and – let’s face it – an anything-to-anyone customizable application platform.

Likewise, the iPad was equally revolutionary in it’s positioning as a re-imagined PC alternative and Internet/media consumption device.

These were paradigm shifts. Nothing since then – whether from competitors or Apple’s own evolutionary releases – carry the gravitas that would allow anyone to call them similarly “revolutionary”.

Yet “not revolutionary” has been the charge levied – unfairly, in my opinion – against releases such as iPhone 3GS, iPad 2, and iPhone 4S. To my way of thinking, “revolutionary” is a difficult goal to achieve for any well-entrenched product line. And it got me to thinking: what would make for a “revolutionary” jump in mobile devices?

  • A capacitive multitouch display that also had solar charging capabilities? (Not just a solar cell on the back, but one integrated into the touchscreen?)
  • A pico projector and integrated laser-projection keyboard?

 

What do you think? Take a moment to participate in this thought experiment. Beyond simply “bigger, faster”, what next technology iteration would make a mobile device be worthy of the label “revolutionary”? Please comment!

, 1 Comment more...

What’s In A Name?

by on Oct.04, 2011, under Mobility

“That which we call a rose by any other name would smell as sweet.”

For months leading up to the 2011 iPhone release, speculation was running rampant. One oft-repeated rumor centered around the idea that Apple would introduce a low-cost less functional smartphone that targeted the feature-phone crowd (to be called an “iPhone 4S”), and the next rev of the product evolution aiming for the power users (to be called “iPhone 5″).

At the end of the big reveal, Apple did just that. Sort of. (continue reading…)

, 1 Comment more...

Digital Wallet, “BookBook” Style

by on Aug.15, 2011, under Mobility

Like the bulbous monstrosity that Seinfeld’s George Costanza carried in his back pocket, I used to walk around with a very obese wallet. (Sadly, not fattened by an excess of cash.) But eventually I pared down all the receipts and other unnecessary detritus, even resorting to a separate money clip in anticipation of the day when our computer overlords banish such legal tender in favor of NFC and a cashless society.

So now I have a wallet with ID, credit cards, and high-use “rewards cards” in one pocket, and a bumpered iPhone in the other. Cash/coins and sometimes even keys are optional, but I never leave the house without both the phone and the wallet. So why not combine them? This was the premise behind 12 South’s BookBook.

Based on the success of their MacBook and iPad covers, they came out with a “pocket Bible” sized antiqued leather case – but this one can also act as a wallet. Bibliophiles would be smitten by the bookish resemblance, but honestly I could have cared less. I just liked the consolidation idea. There are other wallet-ish iPhone cases, but for me a driver’s license window was mandatory, as well as the ability to hold more than just one or two cards. I intend this to be my everyday wallet, not a stripped-down “night on the town” pinch-hitter.

BookBook is extremely well made. Very sturdy leather construction; I don’t see it falling apart any time soon. It holds the iPhone with speakers & ports accessible (though you have to slide the phone up to clear the lens from the case for photos).

On the wallet side, there is room for my driver’s license, auto club card, multiple debit/credit cards, a couple rewards cards, and even a thick HID building access card. Oh wait, what’s that you say? There’s an app for that? Why yes, yes there is. CardStar allowed me to electronically store all my rewards cards, and even my AAA card. So what’s the toteboard say now? “Driver’s license, multiple debit/credit cards, and even a thick HID building access card.” And the fit is no problem for the BookBook.

So how is it working out? Well, I must admit that I have to retrain myself a bit. There are times – such as working in the server room – where I have set “the phone” down. I must remember that I also just set my wallet down, and there is nothing in my back pocket anymore. A couple times now I’ve locked myself out because my HID card key is still sitting next to the console right where I left “the phone”. But I’ll get over that. I learn, eventually.

No, the bigger issue is answering the phone when in a hurry. When not pressed for time, it is easy to double over the book jacket and hold the sheathed phone to my ear. But when scrambling to answer, I feel quite foolish holding an open book against the side of my head.

, Leave a Comment more...

Secure Password Management with KeePass and MiniKeePass

by on Aug.01, 2011, under Mobility, Security

I always advise users to create hard-to-guess passwords, never re-use them across sites, and change them semi-regularly. The push-back I get is that this can be a daunting task to try and remember a myriad of constantly-changing credentials, no matter how good the mnemonic techniques may be. But one look at the growing list of high-visibility break-ins and security compromises is all you need as incentive. Why make it easy for crackers to jump from one service to another just because you were a victim of limited brain cells devoted to passwords?

Call it “do as I say, not as I do”, the Cobbler’s Children syndrome, or just simple laziness, but despite the best of intentions I was not following my own advice. (continue reading…)

, , , , , , , , , , , 9 Comments more...

  • DarkSideGeek on Twitter

  • Recent Posts

  • Recent Comments

  • Categories

  • Tags

    aggregation android appstore bandwidth blackberry blacklisting ccr cloud cross-platform droid evo exchange facebook facetime filtering firefox flipboard gmail hosting humor infrastructure standards internet ios ipad iphone keepass linkedin malware marketing minikeepass multitouch netbook open-source password phishing privacy rumors skype smartphone spam tether twitter webos whitelisting wordpress

  • New This Month

    May 2012
    M T W T F S S
    « Apr    
     123456
    78910111213
    14151617181920
    21222324252627
    28293031  

  • Archives

    • Copyright © 1996-2010 The Dark Side Geek. All rights reserved.
    Jarrah theme by Templates Next | Powered by WordPress