Security alert for Internet Explorer

From my friend Edward, the IP Wizard,

A new security flaw has been reported by Microsoft for all versions of Internet Explorer. Microsoft is working on a fix, but until that is available use Chrome or Firefox.
For further details see:

Serious Internet Explorer Security Flaw

Cheers,
Edward
S/Y Gypsielady

Have you fixed the Heartbleed problems yet?

I thought that the coincidence was quite strong.

I watched episode 2 of the 2010 TV series, “Human Target” that has the hero and his team, trying to save the life of someone who has discovered a secret, “Key to the Internet, that will allow anyone to unlock ANY website and steal money or secrets, etc.” Hollywood drama, right?

Just a day later, a colleague here in the marina announce the, “Heartbleed Bug” to us. Virtually the same thing.

In case you have somehow missed it, here is a link below that explains it. You know all those chain emails that come around, where, “The sky is falling! Send this to everyone you know, and everyone you don’t know, IMMEDIATELY!”

Well, I’m somewhat surprised that Edward is the only one who has told me about it so far. But, it is a genuine threat, that as you will see in the link below, does not affect the entire Internet, but does in fact jeopardize a great deal of it. In the flaw has existed for about two years, without the good guys knowing about it. Have a look.

http://money.cnn.com/2014/04/10/technology/security/heartbleed-passwords/

There is more and more every day about it online. As they caution, not every website is affected, and changing passwords on a website that still has the problem, is of limited usefulness. But, look at some reputable sources and protect yourself.

The browser, “Google Chrome” has a plug-in that automatically warns you if you go to a website that still has the danger unresolved. A nice safety feature.

BTW, there are/were a LOT more sites that had/have the problem than listed in the link I show. I think it would be responsible for any website that, EVER had this problem, to post a notice on its homepage, like, “We used to have this problem, that no one knew about until recently. However, we have fixed it now. So please change your passwords. We apologize for the inconvenience, but literally no one knew the danger existed, until very recently.”

David

I believe that Google+ is dishonest and ought to be sued (again).

I just got an email from my good friend Mike who forwards my snail mail. Here is the relevant part of it:

>>>>>>>>>>>>
Hi Dave,

I got this message in my inbox this morning:

Your contact David Heath (alegria1976@gmail.com) joined Google+

I have gotten a whole flock of these lately, which I have been ignoring. Two of them were from W and E, so I wrote them asking what it was. W wrote back indicating that he hadn’t joined, or asked me to join. Actually, W had essentially no idea what Google+ was.

Do you know anything about it?

M
>>>>>>>>>>>>>>>
Well, I think I know what it wants to be. It is trying to replace Facebook. And moral fiber is not included in their business plan.

A few days ago, at a meeting about computers here in the Marina, one of the experts said that Google+ and Google groups and related things from Google have a very bad reputation. Many say that when you join it, it goes through your contact list and sends advertisements to everyone on your contact list. These may be advertisements to join, or fraudulent claims that Dave recommends such and such product. But Dave knows nothing about it.

This morning, I was logging into my Gmail on the computer that I don’t use for that purpose very often, and it appeared to me that a screen came up like the one I occasionally get saying that, ’We do not recognize this computer and could you confirm some information?’ As is often the case, I was in a hurry and did not read it very carefully. The information looked correct.

However when I clicked on the ‘continue’ and expected to now be in my Gmail account, I got a page welcoming me to Google+. That really upset me and I spent the next several hours trying to figure out how the hell you sign out of Google+. By the way. Their help pages tell you everything in the world except how to close your account. I eventually found it but it was a battle.

I think I have gotten out, but unfortunately, a nanosecond after I pushed the ‘continue’ button, they probably had already sucked up my entire contact list and address book. And that kind of toothpaste is not going back into the tube.

I sent them several nasty emails, but I doubt if they care a hoot.

I apologize to everyone of you for my mistake. They tricked me fair and square. But, in less than that 10 seconds, I went from really liking Google and all of the wonderful things they have done, to thinking that they are dishonest, moneygrubbing scum. Actually, that is not a fair statement. Pond scum is actually a very useful organism. Not at all like the people at Google.

I think some people do honestly like Google+ and since I know essentially nothing about it, I’m not giving them a fair shake. But Mike’s email confirms my fears.

Gmail already handles my address book and contacts list. So it is only a matter of faith that one hopes that they will not use it for bad purposes. At the moment it looks like that faith is unjustified. It will be interesting if I really have signed out of that plan. And what sort of lies they will tell and for how long.

My mistake. I should have read more carefully.

Several times in the last two weeks I’ve gone to comment or answer a question on a website and it says you will need to login. It is free and all you have to do is click this or that to login through your Facebook account, or Twitter, etc. But, before I did that, I noticed that further down the page it said that in doing so, I would be giving this Joe Blow website my complete friends list or contact list or address book.* That scared the heck out of me and I did not do it any of those previous times. But Google+ fooled me. We live in complicated times.

Sorry folks,

Dave
*PS: I include the following link that supports my opinion. HOWEVER!!!! I think that if you comment, it will suck up you address book, just like I described above. I believe it to be safe to read, but do not reply, comment, etc and do not click the Facebook Icon, etc., at the bottom.

http://www.classaction.org/blog/whats-mine-is-yours-google–1-268080.html

PPS:
I added this part on 22 November 2013.
I sent emails similar to the above post to the several people that had invited me to Google+. Every single one of them, was not aware that they had done so. They did not belong to Google+ nor wanted to. This confirms my grim view of how sinister Google has become. If anyone knows of a class-action lawsuit against them, related to stealing my contact information and sending emails claiming that they are from me, please let me know. To me that is lying of one of the worst types, immoral, and I certainly hope that it is illegal.

PPPS:
http://edition.cnn.com/2013/11/20/opinion/schneier-stalker-economy/index.html?iref=allsearch

Is another article about these disgusting practices. Stay safe.

Your passwords may be no longer secret

Since I don’t blame anyone for not reading all the way to the bottom, I will insert at the top, that Dave continues to do well. We just had a couple of days of rainy weather with heavy clouds. But today dawned clear again. There is now snow on the mountains for the first time this season.

Yesterday, some industrious people in the marina hired a small bus for 16 of us to go to Antalya for the day. We had kind of a late start and an early return, but all of us got a lot of shopping done in the big city. And got to yak yak en route. Now for the very important, and extremely annoying reason for this post.

It you would please take a moment to read this:
http://bits.blogs.nytimes.com/2013/11/12/adobe-breach-inadvertently-tied-to-other-accounts/?nl=technology&emc=edit_ct_20131114&_r=0

Basically, the story is that Adobe’s secret servers were hacked. The truly gigantic amount of data that was stolen regarding personal accounts and passwords was posted online for essentially anyone to download and snoop around in. Whatever password information you had on anything that has anything at all to do with Adobe, is probably no longer secure. That may not seem like the end of the world, however, many people use the same password for several accounts. If that is your situation, anything that uses the same password that you used with Adobe, and by Adobe I mean anything at all that Adobe has anything to do with, is now known to bad people.

They also know who you are and can fairly easily go down the list of all the easy to rob accounts that you might have, trying your Adobe password, or simple variations, to see if they can get into your accounts.

Much of this can be automated by a robot, and they only need to break in to one account out of thousands to make it very profitable.

And, as hundreds, or thousands of people have suggested, do not use easy to guess passwords for anything. Personally, I do use a simpler password for something that I can’t imagine could ever hurt me if it got hacked. Like my subscription to the Ingrid Sailboat Blog. I try to use a strong password for bank accounts and the like. If all of my bank accounts were suddenly empty, I would be very sad indeed.

And, one excellent suggestion on how to create a hard to guess password, is to use a passphrase, rather than a password. That is, rather than use your birthday, or your street address, use the initials of some memorable phrase.

For example, Lucky Strike cigarettes, used to have the phrase, “Lucky Strike means fine tobacco.” And the packages carried the abbreviation, “LSMFT” which when I was in high school, we changed the meaning to, “Ladies’ shoes make funny tracks.”

“LSMFT” is not a word, although since that particular combination of letters has been widely used, it may be in a dictionary somewhere.

It is my understanding that a common way to break a password, is to have a computer program try all the possible combinations until it breaks it. It uses some sort of dictionary of the most likely combinations to try first.

It seems kind of obvious to me, that the defense against this, is to only allow you a small number of mistakes per day. For example, if you cannot type in the correct password within six tries, Internet access to your account is closed for 24 hours. Usually, you can call them and convince the human that you are really you, but their robot will not let you in if you make too many mistakes.

This seems like such an elementary defense, yet obviously is not widely used or the dictionary attack would not be so successful.

I use one of the free, but highly regarded, password databases, to keep my gazillion passwords organized on my computer. It has a very strong password to keep you from getting in, and is supposed to be quite thoroughly encrypted. Of course, if the people designing it, are bad people, and it is automatically, secretly sending my information to some archvillain somewhere, then I have a slight problem don’t I?

If you really think about all of this stuff, it gets pretty complicated. Therefore most people don’t really think about all the stuff, because it makes their head hurt. This is wonderful news for the modern-day crook. Especially the clever one. Fortunately there are not very many of those.

But when my credit card information was stolen a few years ago, as far as I could tell, the credit card company and the local law enforcement, did not think it was worth their trouble to go after the person that stole the information, even though we knew exactly who it was beyond any doubt.

I appreciate that a court case would cost them more than the perhaps $6000 that they stole. But, it was surprisingly easy for them to steal it, and if nothing even annoying happens as a result of it, then why won’t they do it again every chance they get?

But, from my perspective, the stolen money was instantly replaced into my account by my credit card company, so I let the matter drop. However, I still question the wisdom of ignoring thieves when you know precisely who they are.

Dave

Cybersecurity

I just found quotes like these:

“A U.S. congressional committee last year said Huawei and crosstown competitor ZTE Corp. (000063) provide opportunities for Chinese intelligence services to tamper with telecommunications networks for spying. Huawei was barred by the U.S. in 2011 from participating in building a nationwide emergency network.
“Australia in March 2012 banned Huawei from bidding on a national broadband network citing “national interests.”

at
http://www.businessweek.com/news/2013-10-17/huawei-sees-resolution-of-u-dot-s-dot-security-concern-taking-a-decade

I have no idea what the problem is. Remember that the article may be totally misleading also. However, I assume what it is is that they have been accused of putting in backdoors that Chinese spies can eavesdrop on your communications through some convoluted method.

You can’t really call it a secret method if everybody knows it’s there.

It would only be of any use if it somehow magically overcomes the problems of virtual private networks or other encryption technology that you might already be using. So, I don’t think the sky is falling quite yet. However, Huawei is the company that makes the MiFi device that I use when I use the Internet through TURKCELL.

So, the article got my attention. Since I am not up to any form of illegal activity I’m not worried about the so-called legitimate spies. My concern is that I do my banking and practically everything on the Internet and if suddenly I had not a penny to my name, or even owed a fortune in fraudulent charges, I would be very upset. It would also probably be fairly terrifying to my close friends, World wide, because they would be afraid I would come live with them, ‘while I sorted things out.’

Therefore, I need to be careful for many reasons.

The gold bugs, and survivalists, and many flavors of strange people, have the advantage that they can stockpile gold and sacks of beans and who knows what all in their relatively normal homes. But on a boat I just don’t have room. I mean I could stockpile far more gold than I could possibly afford, but if the boat went down I might as well go with it. And if bad people even suspected that I had anything of any value in my possession, I might not get a chance to go down with it.

And I am fortunate that I am quite happy living very low on the ‘economic hog’. I can imagine that any thief would go to the trouble to break in for anything that I actually possess. If they get some irrational bug in their ear, there’s not much I can do about that.

So, as always in life, I try to keep my eyes open, and watch for possible dangers, do the best I can, and when some sort of poop hits the fan, deal with it.

My mom had a small mirror on the wall near her dressing table that had a small shelf at the bottom of it, and a very nicely done, sort of rustic tiny, sheet metal caricature of a woman, with dangly earrings, sitting on the shelf. There was a plaque that said, “It’s time to put your big girl panties on, and deal with it!”

Hopefully, big boy jockey shorts will work as well. Maybe that’s my problem? Maybe I need to buy some big girl panties. Somehow I thought that that would just make things more complicated.

I probably should not of published this part. Now you’ll always be wondering what’s Dave wearing? Sort of like what is the Scot wear under his kilt?

A little mental activity is probably good for you. Don’t strain anything.

Dave

Computer things

I am trying to clean out some hard drives and my goal is to have a backup of all the data that I want to save, stored on at least two separate hard drives. At least two complete, redundant systems. Because I’ve had several drives fail in the past with no warning in the data lost. Sometimes I could recover all of it, frequently I could recover part of it, but several times, all the data was totally lost. Most of the drives that I left behind when I went to the states, have been fine. However, two of them have been defective right from the get-go, as I tried to read them recently.

It’s a slow process, and when I get failures like this, is particularly frustrating. Also, going through and cleaning out old files that I no longer want, is very time-consuming. It would really be simpler to just buy some more drives and keep filling up drives ad infinitum. However, I really have a lot of storage space that I already own, and I’m already storing in my limited space. So, I think it’s better for me to try to minimize the redundancy. Because I have backups of backups of backups on some of these drives. So, the older data, that I often don’t want anyway, I might have 10 or more copies of it here and there. I use Heatsoft CloneCleaner Pro,
http://www.clonecleaner.com/HCCdownload.html

for finding files that are exact duplicates of each other. I see that they have not come out with a new version for quite some time. And I also have had the experience that it does not always do what I thought it was going to do. But that’s usually operator error. And I don’t know of an alternative that would be even close to as good. So I put up with it.

So, in summary, I am doing quite well in most areas. But, I really get tired of some of the chores that I need to get done. But isn’t that the normal state of affairs in life? It is in mine.

Dave

Change of Seasons

I just realized that I missed commenting on the equinox at the time it happened. September 22 for most of you. That’s when the sun crosses the equator, and the hours of daylight and hours of darkness are virtually equal.

Time flies when you’re having fun. I guess that must mean that I’m having fun. For me, the summer went by quite quickly. I hope everyone had a great summer.

By the way, I found out why I feel like the water is annoyingly cold when I swim into the freshwater that is floating on top of the salt here near the Marina. As I mentioned there many springs coming in and there is a lot of freshwater that has not yet mixed with very well with the salt water. So you get large areas of, for me at least, annoyingly cold water. Today I got out my thermometer and measured some of it. The areas here around the boat were typically 64°F, 17C. While the deeper water, say 3 feet or a meter down, was 80°F, 27C. It turns out I like 80, and actually prefer 85. But, I really don’t like 64. Not in my bare skin. I appreciate that people living in higher latitudes think that is positively bathwater, but that’s why I don’t like to live in high latitudes. I’m a wussy.

Here’s a picture I took of one of the charter boats that are very common around Turkey. You can charter any size boat if you go to the right place, but these large boats, really small cruise ships, are extremely popular. As I said some time ago several of them offer a yoga cruise.

Yesterday and today I am checking out a hard drive that was acting a little suspicious. It is very new. So I certainly hope that it is happy. But it appeared to have at least one corrupted area on it that was giving my backup software nightmares. And this sort of stuff could easily be why I seem to have so many computer problems. So, I’m having my less used computer scan the entire drive for bad sectors. It is a 3 TB drive and so far it is been working for 26 hours on the project. Good thing I don’t need it soon. But it would be nice if they would give me some reasonably accurate clue as to when it would be done.

The cat that I am feeding for Brian and Jane has been really good all summer about not coming on to my boat. He jumps on the other boats with gay abandon. And I tell him that’s between him and them. But I don’t want him to come on to Alegria, primarily because I get extremely upset when cats spray things that I own, or any surface that I want to be anywhere near.

The first time he came aboard I just kind of ran him off. The next time, I happened to have a spray bottle right by where I was standing. Kind of like a generic bottle that Windex might come in. It has a big trigger and when you squeeze it pumps out water and either a spray pattern or a jet. It makes a nice high-capacity water gun. I gave him several squirts with that and he immediately got the message. I did not get him very wet, but they don’t like it at all.

A similar eternal question is, “Why is it that when you blow in a dog’s face, he hates it and may bite you, but when you take them for a ride in the car he sticks his head out the window and the breeze completely rearranges his face and ears?”

I’ve seen a couple of cats in my lifetime that actually like to swim, but they surely must be less than 1/10 of a percent of the cat population.

The squirt gun message worked extremely well. He remembered it for several weeks and then he tried again to come aboard. I did it again and that worked again for several weeks. We did work out kind of a compromise. He would sit on the bowsprit. Not on the deck at all. Just on the bowsprit. And I would allow that. But I’ve read the story about don’t let the camel get his nose inside the tent, and would’ve preferred that he not come aboard at all. But he seemed to be promising me that he would only be on the bowsprit, so I let it go after a short while. I let him use the bowsprit.

Well, that was many months ago. A few days ago, he was sitting on the bowsprit when I got up at dawn. I saw him out the forward porthole. He was just fine. I got dressed and combed my hair and came out the hatch, near the back end of the boat, and there he was all glad to see me and rubbing up against things. All lovey-dovey. I yelled at him and squirted him with the squirt gun. And he ran away. When I got onto the pier I told him that I was not trying to be mean to him but I did not want him on the boat.

The next day it was déjà vu all over again. The exact same thing, except this time I happened to have the garden hose hooked up with a pistol nozzle on the end. So, I squeeze it enough to make a vigorous mist and he immediately went to the pier. This time I refuse to talk to him other than in very upset tones. I put down his food and went off to feed the other cat that I’m feeding while his people are away. I gave in the cold shoulder. Cats seem do that to humans when the cat is upset at us, so I hope that he would understand that I was angry at him.

Later in the day, in my continuing effort to try to communicate to him that I like him, but he must not come on the boat, I petted him and talked to him and was friendly whenever I saw him, which was not often.

The next morning I got up and saw him on the bowsprit. Behaving himself just fine. But, as I was about to come outside I double checked and he was gone. This did not seem to be a good sign, because the consistent pattern that we’ve had for the last several weeks was that he waits on the bowsprit for me to come up to him, and then he gets onto the pier. So, I was 99% sure that he was coming back to greet me at the hatch again. So, as soon as I was ready to go outside I slid the hatch open very rapidly and looked all around. But saw no cat.

In order to get ventilation in the boat without having to go to the very difficult job of moving the dinghy all by myself, I have lifted up the front of the dinghy, which allows me to open the skylight over the main salon and get quite a bit of air through. Almost the maximum available airflow. The dinghy is tipped up in front so it of like a child’s robin trap where the child props up a cardboard box with a stick.

Well, just as I decided that maybe I had misjudged him and he really had jumped on the pier, he stuck just the end of his head out from under the dinghy. Sort of ‘peekaboo!’ Perhaps even, ‘You can’t get me!’

Well, the garden hose was still right there at hand, so this time I squeeze it all the way, which makes a concentrated stream like a small firehose. And it takes some time for a startled cat to get up to speed and navigate all the obstacles to get to the bow. I continued squirting him even after he was on the pier running away, and so it appeared to me that he was essentially as wet as if I’d thrown him overboard.

Again I put down his food at the normal spot, and did not talk to him at all. I immediately left to feed the other cat.

I wish I could just explain it to him. I would really rather not terrorize him, but I don’t know how else to enforce my rule.

Since that day, several days ago, he has been quite good as far as I’ve been able to see. I worded that way because the cat that my folks had at the ranch that we loved dearly, but that we also did not want to come aboard the boat, quickly learned. But, not the lesson that we wanted. We wanted to teach him to not come aboard the boat. But he learned, ‘To not get caught aboard the boat.’ An altogether different lesson. We knew that he snuck up there, because either he did not understand about footprints in the dew or on dusty surfaces, or he understood them completely, and it was a little, thumbing my nose at you message.

This Finike cat, which the first month that I knew him on the pier, before Brian and Jane left, would be softly meowing, almost constantly, whenever I saw him. He did not appear to be meowing TO anybody. Just talking to himself. The English speakers call him, ‘Chat a lot’, among other things, and since he is mostly black the Turks call him, ‘Arap’, which I think is the same word as for Arab and I wondered if it was also expressing an opinion about the cat.

I later met some Turks that spoke excellent English, and knew the cat, and so I asked if calling someone an Arab had any connotation, good, bad or otherwise. Apparently not. They were the ones that pointed out that the name I was hearing was not Arab but Arap, which in addition to meeting Arab in Turkish, also means black. No implications. Just a fact of life. The cat is 95% black.

I have no idea what if anything has changed, but now he does not seem to meow to himself. He often will meow at me if I’m walking by and I haven’t seen where he is hidden himself on somebody’s boat, and I make my best imitation of a meow back at him. I think everyone figured out that I’m kind of weird, long before I started meowing to cats. So, I assume that that doesn’t really lower my reputation any further.

The weather is getting cooler, and I usually use a light blanket at night. Brian and Jane thoroughly enjoy having ‘Chat a lot’ come inside the boat with them, and it could be that his insistence on testing his limits recently was due to the cooler weather and wanting a warm place to sleep. It is possible that that is the reason he was under the dinghy. He was asking, “This is a nice little clubhouse. Is it okay if I sleep here?”

No.

Many of the uninhabited boats have elaborate covers and enclosures that would be relatively warm and certainly out of the wind. He’s quite clever and I assume that he scouts around for nice spots. Some of the people returning to their boats the summer, mentioned finding secluded areas on their boats covered with cat hair. All but a few close up their boats when they’re not on board. These areas were not inside the boat. But for example, on top of a dodger that was covered by an awning. That way he has a nice little cloth hammock in a protected area. It would be relatively soft and relatively warm.

More and more boats are coming in for the fall. And several have come in and their owners have flown a way to wherever they live. They’re also starting to get more boats in the dry storage yard. It was extremely empty during the summer. Perhaps only five or 10 boats at the most. The first winter we were here, they kind of oversold the dry storage. They completely filled up the yard, and even took down some fences, so that they could drive boats hundreds of meters down the road into the main Marina area, and fill up a lot of the parking area around the, ‘boats in the water part,’ of the Marina. It was not that way when I got here this year, so I assume, based on only two data points, that that is not normal. The travel lift moves very slowly. So, it takes him forever to bring boats all the way down here. And forever to take them all the way back again. Plus, if they were to do any nasty stuff like sending off bottom paint. It is much harder to keep that out of the environment. The normal dry storage yard is all concrete. And there is a cleaning lady that works very hard at keeping it spotlessly clean. Well, spotlessly clean for a dry storage yard, or boat yard. She really keeps the crud picked up including cigarette butts, and all sorts of things. It makes it a very nice environment for people working on their boats. Also if you’re painting, there is much less dust than in most yards that we’ve been in. Not zero you understand. Just much less.

Well, even though the untrained eye would not realize that I’ve spent a couple of days straightening things up and putting them away, I have been. It is not much fun, but I better get back to it.

I have added some more videos to the list of funny videos. Several of them are not funny at all, but I thought they were interesting. I’m quite aware that that’s a slippery slope. I find it quite easy to fritter away a lot of time searching for interesting videos on the Internet. The terrible Internet connection that we have here makes it easier to not get trapped into that. It takes so long to download a video, and if I’m using my Turkcell Internet connection, which uses cell phone technology, that is slow AND I’m paying by the megabyte. Not all bad, because it gives me constraint against the seduction of searching for amazing videos.

Dave