Yeah yeah yeah.
I just stumbled on a Yahoo! article (in Indonesian) calling all internet users to arms, with a strong password as their weapon.

So, all along the article, they beat around the 'please do not use 123456 as a password' theme and leave it at that. Good one, Yahoo! I still have friends who never ever remember their passwords.

Chosing a strong password is good, but how the heck are you supposed to remember " h4Xxx0|2l337fgalFUb@r30" ?
Hint: you're not.

But here, I am going to give you a trick that will make you feel like you have some sort of super power:
I am going to make you remember D4nFr&&Bl0g11.

Just follow the rules:

1. Pick a name you're sure to remember, nickname or pet name : Dan
2. Pick your family name, or a second nickname in relation with the first one: DanFr
3. Pick a random separator: DanFr&& (and)
4. Pick a word that has someting to do with the site you're using: DanFr&&Blog
5. Add the date (birhday, year of creation, last 2 or 3 digits): DanFr&&Blog11
6. Replace all vocals with numbers: D4nFr&&Bl0g11

Why you will remember?

Because the password is separated is two parts: your name, and the context. You won't forget your name unless you had that many beers, and the context will be pretty obvious. Now, if you're not an used to the technique yet, you can still write down the template somewhere safe: NameOtherNameANDx2ContextYear.
Oh and yes, you can actually read it aloud: Dan Efer And Blog Eleven :)

I know it looks a bit complex, so here is another way to make your passwords hard to guess for both machines and humans alike, with passwords such as: donkey123&&098yeknod

1. Pick a word you like: donkey
2. Add the 3 first digits on the second keyboard row: donkey123
3. Pick a random separators: donkey123&&
4. Add the 3 last digit on the second keyboad row, backward: donkey123&&098
5. Add the word you just picked, backward: donkey123&&098yeknod

Why you will remember?

Because the password is symmetrical. You type the same thing twice, but after the separator, you type it backward ;)

Why are these passwords safe?

• You can create your own rules and rely on the templates
• They mix lower case, upper case, numbers and special characters (neither machines nor humans are good at guessing all that)
• They use words that don't exist, limiting dictionnary based attacks
• They are long enough to discourage even a computer

You're still desperate?

If you're in search for the simplest solution... try that: &wakeupgrababrushandputalittlemakeup&.
These are the lyrics of a song you love, plus a couple of special character to frame them, like a nice picture in your mind.
It's not as strong as the first two methods, but that can do for an emergency ;)

Keep safe!

(picture source: http://www.worldofantiques.net/74.jpg)

This morning I received an email from a very dear friend.

The email:

Dear,

Hope all is well with you? sorry to bother you at this time, please I need your urgent assistance, I had a trip to United Kingdom yesterday for a program, and I was attacked last night by some robbers on my way to the hotel and they took all my money from me, including my phone, right now I don't have any cash on me and I need to pay for a return ticket and make arrangement back home. I want you to kindly assist me with £750 (GBP) or any amount you can afford to help me, I will pay you back when I return. I had to walk down to a public cafe to quickly send you this mail as I do not have access to any phone.
I will be waiting for your urgent response.

She is a music reporter, so she tends to travel a lot. We hadn't been talking for a little while and the story was kind of plausible.
After I replied, I received another mail containing this:

Thanks for the mail and concern, I am somewhere in London at the moment and I have lost contact with everyone ever since the incident took place. I am still not in total control of my self and the bad news is that, I cant access a phone at the moment.

That's where common sense came into play. My friend is smart, way smarter than that. If she's in a hotel, she can use the phone there, she can call the police, the ambassy... She has a twitter account, a facebook account, she cannot have lost contact with anybody at all.

Passed the knee jerk reflex of helping a friend in need, I smell fish and give a try to her BBM, which I should have done in the very first place. She replied.

I know, my email has been hacked

It's sad when you have to doubt your best friend's words. And it's sad when you are rewarded for your lack of trust.
But that's the reality of things, especially on the internet.
So, one more time, I'm giving you a checklist here, in case of doubt.

The anti scam checklist:

• Doubt everything councerning money
• Call your contacts on their phone
• Check their social media account as well
• Ask for proof of identity, something personal
• Use common sense
• Never communicate sensitive info online

Happy I didn't fall for it, happier if you don't ;)

Ever received a weird message from one of your friends mentionning some bizzare malfunction of your instant messenging service business plan or claiming to have uploaded pics of you poledancing with a lobster?
That's a hoax.
Here are three patterns you can learn about, so next time, I swear, you don't fall for it.

1) Facebook/Twitter/Yahoo!/YourDog/BBM is going to shut down

I you have used an IM service for more than a couple of month, you have already seen this one.

How it usually looks like:

• The big boss of your favorite IM service woke up this morning and decided to commit corporate suicide
• He took the decision to close/charge for it's star service because it's not making enough money/their servers are full/they are fed up of being rich
• Unless everybody forwards the message they are reading right now

Ask youself:

The smallest number for an IM service I know of is about 33 million users worldwide, and that's BBM. , Twitter must be around 200 million now, Yahoo! has around 250 million users, Live Messenger more than 300 million and Facebook 500 million.

All these service have more users than many countries have inhabitants.
We're not all supposed to know about these numbers, but look around you, isn't literaly everybody you know already using them?
Why would they close the gold mine? Wouldn't such a decision make the news, be documented?

Oh and yes, why would the CEO of Big Fat Internet Company bother sending you an...IM for something that important, instead of caling a press conference and making it a headline on the first page of their website?

Because it never happened, the CEO/Message/Broadcast/Cake is a lie.

What if you do what they say?

Someone, at one point, will come to your office with a fully loaded chicken launcher and chase you around untill you collapse.
Seriously, chain messages are pointless and everybody will end up hating you for relaying them.

What to do?

Don't forward, and tell the contact who forwarded the hoax to try and think about it for two minutes. And to never do that ever again. Ever.Again.

2) Hey is that you in that terrible picture/video ?

This one is a bit trickier. It usually comes via a legit contact, is not a broadcast and provides you a link to check what terrible deeds you have been immortalized doing. Man these blackouts are annoying.

How it looks like:

• A contact has tagged/seen you in a photo/video
• What you did is often either terrible or wonderful, or both
• The links points to a website you never use, or worse, it's a shortened URL full of crunchy garble

Ask yourself:

What have you been doing lately? Do you really pass out that often that you don't remember who takes your pic and puts them on totally unknown websites hidden behing completely incomprehensible urls?

If week long hangovers are not your favorite hobby, there are hudge chances that message is a scam.

What if you do what they say?

You're in for a whole lot of trouble. Sometimes these links are just there to attract visitors to badly coded, ugly ad-ridden website about poultry dating and the likes.
Most of the time, a virus is patiently waiting for your click to turn your computer into a scam broadcasting zombie machine.

What to do?

Do not, under any circumstance, click on the link.
Copy-paste the message and send it to your contact, followed by the questions "Did you just send me that?" and, to be extra sure, a more personal question such as "How many Swiss cheese can I ingest before turning into a dafodil?".

You'll know wether the answer make sense. If not, your contact is infected already, advise her to use a better anti-virus and to stop clicking on random links.

3) Just a random link

I won't develop here, the scams use the same methods as the photo/video links, they are just too lazy to ellaborate: A legit contact sends you a random URL without any other information.

The consequences are the same, you'll end up infected or redirected to avianDating.info

Again, same method, check with your contact: Did she really send you that?

Bonus advices:

Just because I'm a good guy, here are some bonus tips when in doubt:

• Never give away your password, websites never ask for it
• Never give away any sensitive information (bank account number, phone number...)
• If you believe the contact is legit, use the phone
• Never forward a message when you're asked to
• Use common sense (would your mother send you a link containing " \/iag|2a" ?)

Hope it helped. Forward this blogpost to 400 of your contacts or your dog will get his car stolen.

Yes, yes, yes there are much blogs over the web discussing this sad story. But god I'm still mad.

Two post below you already can read about it, how mad I feel.

Unfortunately it's not getting any better. The debate is shifting, the debate has shifted, from a point where everybody was so sad for little Megan, to a point where everybody was so angry at the Vile Perpetrators, to this and this.

This website is the most awesome slice of horse manure I've stumbled upon since ages.

Mind you, I've been browsing the Web for more or less 10 years now, and I've seen disgusting things, revolting things, and these posts are in my top 10.

They give themselves the pseudonyms of "Exposer" or "Fighter", and they think are the heralds of truth and justice. Under the cover of I don't know what kind of devious moral, they walk all over the private life of persons who'd probably be better of left alone, be them victims or offenders.

Not only they are coming out with ugly templated tabloid-like blogs, not only the content goes as far as reporting supermaket encounter, home family talk and other lame-candies, but they are making a MAJOR mistake.

These irresponsible self proclaimed truth seekers are airing the accused couple's PHONE NUMBER ! I am losing my french here, you just don't do that !

You are actually encouraging as many people as can to behave exactly as the "predators" you brag about denouncing on your ugly page ? Have you lost your common sense if you ever had any ?

There are actually many websites about internet security awareness, may it be technical or common, hoaxbusters, honeynets, HITB, Safety.com, wiredsafety... many are professional at heart and I'd get miserable reading your cowbows blogs if I were one of these website's admins.

So, here and now, for the obvious rage, devious moral, call for hate, privacy disclosure and tabloidism, I let the word know that cyberpath blog and theexposer blog are thrown in my shamelist under the "not even funny" tag.

And I'll make sure that my friend's kids keep away from these places.

Powered by ScribeFire.

Technorati Tags: douchebag, privacy, terrorism, megan, megan meier, WTF, sad, tabloid