the most awesome guy ever.

The Blog of Darryl E. Clarke

  Random musings from a jaded coder who just needs a hug.

Posts Tagged ‘Security’

You Want Us To Be Secure…

Thursday, August 4th, 2011

But you make it so complicated.

From a technical standpoint, I understand how simple it is to create certificates for SSL/TLS and put them into configs and use ’em.

From a user standpoint, I can not understand the who/what/when/where/why as to the whole security industry and being so damn complicated.

So many SSL providers out there off you packages from FREE to thousands of dollars and for what? It’s just encryption. It’s just a browser asking “Hey, is this certificate valid still?”

So many providers also make it hard to just register. You’ve gotta jump through hoops and do crazy things like create a CSR and upload it when they could just have a simple, secure (irony) web form to let you generate one on the spot. Sending documents back and forth to “verify” your identity.

Seriously, I just want some encryption.

I also like the “we need to verify you’re the owner” processes… so many loopholes.

There’s a huge opening in this industry for someone who wants to make this whole process simple and easy (and cheaper). Just sayin’.

Tags: , , , , ,
Posted in Linux, Randomness, Security

Don’t Allow Facebook Apps to Get Your Email

Wednesday, March 10th, 2010

Just say no to these prompts. There’s no need a Facebook application has any need to email you directly bypassing the “safe” realm of what Facebook already offers.

Applications that need to contact you can already do so via your in box, application counters, and emailing you via Facebook’s email proxy. (A proxy which protects you from the malicious behaviour I’m about to describe…)  There is just absolutely no reason that Mindjolt (no offense guys, you were the first that I saw this using and the rant below is not directed at you) needs to email me anything, ever… (more…)

Tags: , , , , , ,
Posted in Security

Google’s Security Updates…

Wednesday, January 13th, 2010

Google seems to be rolling out an interesting pack of security updates for their sites.  The only official announcement I’ve seen is for Gmail, but I’d expect this to come for many other services.

Currently a lot of Google services work fine with https (docs, calendar, blogger.com) but none seem to offer the same default options that Gmail has.  Hopefully that will change soon.

Co-incidentally, it may just have something to do with this recent announcement from their Chief Legal Eagle.

Tags: , , ,
Posted in Randomness

Don’t Trust Facebook’s Photo Privacy At All

Sunday, November 22nd, 2009

You constantly hear about things happening to people because of things on facebook.  Mostly pictures and how certain people who probably shouldn’t be able to see them somehow managed to see them.

And it goes sort of like this.  I have a photo album called ‘Pets‘ and this album on Facebook.  This album has the privacy setting “Friends Only” and as you will see if you click the link to the album a few things will happen depending on who you are and whether or not you are logged in to Facebook… (more…)

Tags: , , , , ,
Posted in Security

GeoLocation Technology is Frightening Me.

Sunday, August 23rd, 2009

Firefox 3.5 added support for “My Location”; Google Maps added a feature “Show My Location.”

One random day I thought I’d try it out and see how well it does. I’m only using a laptop with no real GPS technology built in.  I have a phone, but it doesn’t support anything fancy. It’s just a phone.

When I first clicked the “Show My Location” circle on Google maps, Firefox was kind enough to ask me if it was OK for Google to know this. I said yes, because I wanted to know.  To my surprise, awe, and WTF? It had my location closer than I could have ever imagined. (more…)

Tags: , , , , ,
Posted in Randomness

Password Restrictions are Bad

Tuesday, August 18th, 2009

I’ve had it up to here (imagine a 6 foot guy reaching above his head) with corporate any sites that insist on slapping you with a password restriction. I’m talking about the infamous “Your password must be between 5 and 10 characters” Or other good ones such as “Your password must contain a number and one upper case character.

(more…)

Tags: , , , ,
Posted in Randomness