Gadget Wisdom

When we originally commented on the security key to be offered by Paypal, we could not secure one. Now…the Consumerist reported that they were available and we arranged to receive one. We will report back as soon as we receive this device.

Batteries would seem to be a safe and established technology. Perhaps if it was a now fuel-cell battery, we could understand some flaws in the technology. It would be no less acceptable…but more understandable.

A cell phone apparently ignited in a man’s pocket, causing second and third degree burns. There is currently no information on the manufacturer of the phone of the battery. We hope we use neither of them.

Gizmodo reported yesterday on Paypal’s new security measure. Paypal will be offering a hardware-based solution which will display a one-time use passnumber every thirty seconds, to be added to your password and username. These keychain sized devices, common for business based security protocols, are an easy and inexpensive way of ensuring security…assuming you don’t lose the device.

We wish we could get one to review. We tried to log in…and it said it was currently unavailable.

Lifehacker recently came up with its New Year’s Resolutions…things people should do but don’t for their computers.

1. Regularly back up your hard drive - We know we should…but we don’t. Admittedly, we store our data on a mirroring RAID array, but that doesn’t make us any safer if disaster comes
2. Set up a self-repairing hard drive - Schedule your computer to run repair programs regularly, including things liek defragment, drive checks, etc.
3. Clean out your hard drive - Over time your hard drive becomes full of programs and files you don’t use…get rid of them. If you aren’t using it, delete it or back it up to optical media.
4. Organize your virtual filing cabinet - Now that you’ve cleaned things up…time to organize what you have into a good and easy to work with hierarchy.
5. Keep your hard drive clean - You just did all this work…you had better work to keep it that way.
6. Encrypt your private data - Protecting your important information from prying eyes is important…especially if you have a laptop.
7. Securely Track Your Passwords - First…make sure your passwords are not easy to crack…and then secure them somehow. A password program, such as KeePass, among others, can create a secure password vault.

The New York Times reports that security researchers and hackers have already found serious flaws in Vista. So far, Vista has only been released to some corporate customers and not yet to the general public.

On December 15, a Russian programmer revealed a flaw that makes it possible increase a user’s privileges. Since Vista’s greatest improvements in security involve having users run under accounts with restricted privileges for security reasons, it is a major blow. Later, a Silicon Valley security firm discovered five additional flaws, one in Windows Internet Explorer 7.

Being that the company still has some time, hopefully it will be able to roll out an update repairing these flaws. Microsoft is counting on Vista to be a moneymaker for them. We’ve commented on its lack of significant impact…although like everyone, we’ll eventually have to give in and buy it as support for XP is eventually discontinued.

Sometimes, simple ideas are the best. Take 10minutemail.com for a temporary email address that expires in ten minutes. The best use is to receive emails for organizations that require sending you informtion by email to verify yourself, but follow up with spam.

We like the title of this article from the Mobility Guru a great deal. Backup is something we save for the last minute too often…and ultimately forget, dooming us in an emergency. It is not a matter of IF you need to back up your data, it is WHEN.

For the frugal individual, try an old hard drive. For a minimal fee, you can convert it to USB operation and use it as backup. There is also the CD/DVD option, which will definitely work for some data. For the average person remember…your media files will not change, and thus can be backed up on a few DVDs rather efficient. For frequently updated information, such as application data, a copy of your registry, and your documents, you can use the old hard drive, supplemented with regular optical disc backups to back that drive up.

We follow Bruce Schneier, a guru in the field of security of all types. Recently, he commented on the issues management has in understanding IT security. Management tends to see implementing IT security measures as a low priority. Security is a preventative measure…there is no easy way to point somewhere and show the profit made by implementing good security.

Security insures against loss. Perhaps there is a way to relate a cost-savings in insurance, but besides that, security is a drain on the bottom line, be it in a corporation or with an individual.

Individuals are the same when it comes to security. The managerial side of us has to ask the justification for spending money and time protecting against loss, while our IT side speaks of viruses, spyware, malware, and environmental disasters…

Data seems too intangible to people to see it as a valuable item, like the equipment protecting it, or jewelry which must be secured. Either way, we must force ourselves to listen to our IT people, or the IT voice in our head and protect our valuables…

Not long ago, we gave you our basic advice on buying USB flash memory drives, also known as Jumpdrives, after the popular Lexar line. We commented we did not have enough funding to review a large selection of drives.

Then we moved on to some advice on security and data protection using these drives. We suggested you visit Portableapps.com for some applications that can run on a flash drive.

But, for those of us who don’t want to put together our own Windows-based selection of portable applications, there is U3. U3 is backed by various USB flash memory producers and is a system that “turns simple storage devices into USB smart drives.” Essentially, it combines data protection, portable applications, and password protection against a single standard several companies used.

We picked up a U3 smart drive, the SanDisk 1 GB Cruzer Micro with U3 ( SDCZ6-1024-A10, Retail Package) at our local Staples for $19.99 after a mail-in rebate. The Cruzer Micro is a U3 Smart Drive with a retractable USB connector. It has its issues. It certainly looks flimsy…although no one is going to try and run it over with a car. The retractable USB is nice, but with it being designed to go on a keychain, without a cover…the connector will likely fill up with lint and other pocket dirt.

The biggest complaint with this item for some is the U3. The U3 software can be uninstalled, turning it back into a standard USB drive…which you can then install the same portable applications on. What the U3 software does is link in built-in encyption as well as a menu launcher. The problem is that this software launches automatically and tried to reboot the computers we put it into. It also is Windows specific. Both of these can be showstoppers if you want to be mobile. The computers of your friends, as well as public terminals, don’t appreciate something that looks like malicious software.

Ultimately, for those users willing to put up with it, U3 is a nice and convenient way to run a good basic set of applications off of a USB drive with a minimum of difficulty. And you don’t have to use it if you don’t want to.

In a recent article, we wrote on the subject of Password Security. We advocated creating a secure vault to store your passwords. As a recent article by CNET news indicates, sometimes you can take password security too far.
When William Talcot, a prominent poet, died in June…his daughter couldn’t notify most of his contacts because his email account and online address book were password protected. It is a not uncommon problem. As more and more information is kept on computer and on websites, the danger that in the event of an emergency or death this information will be inaccessible to loved ones is increasing.

Now, savvy attorneys are advising their clients to put passwords to things online into estate documents, and what they want to do with their electronic resources. The provisions governing the release of information from online providers in the event of death are not consistent amongst companies, and often require court intervention.

Our advice for safety in the event of death is as follows: We advised that passwords can be stored in a password vault program…our example is KeePass. KeePass uses one master file for your passwords. We recommend a copy of your password vault with the master password by placed with your estate files. Consider perhaps a safety deposit box for it. We recommend considering a bank safety deposit box as a backup site for a set of your backup media, updated periodically.

The important thing to remember, that in the event of your death or incapacitation, you need some provision for allowing a loved one to access your information to follow your instructions. You have to find the solution that works for you. It isn’t pleasant to think about, but we tend to find that the solution that requires the least amount of work to set up and maintain is the one you are most likely to follow through on.