Twitter is well known to be fairly insecure. I was hacked a couple of years ago and even now I still get direct messages from people that they clearly haven’t sent me themselves. In fact Age posted the other day about his recent twitter hacking experience. Twitter was under pressure for a long while to introduce a two-factor authentication but it took them forever – however once they did I enabled it pretty quickly.
For those who have yet to experience it, every time you try to login you get a text message or have to approve the request via the app. I chose the app authentication as although I could post to twitter by sms, I never received my authentication codes. All went well until without thinking properly (or backing up the app…) I wiped my phone and installed a new ROM. Sadly, when installing a new OS on my PC I never follow the advice of creating a backup disc and I treated the advice from twitter with the same disrespect and didn’t save any backup codes. They would have granted my access to my account through the app as before and all would have been well with the world.
As it is, I lost all access to my account. Twitter were pretty good though and within a couple of days, I had followed their instructions. Luckily as I was able to post via sms I could prove I was the account holder and they temporarily removed the two factor authentication and I was able to login – a word of warning though – had I not had the option to post by text then there was no guarantee that they could have got me back in. Their support pages state that if you can not prove account ownership then they will not help you regain access and you are left with only the option of setting up a new account. Whilst that would not have been the end of the world for me, it could be problematic for some so make sure that you do as you are told and generate a backup code.
Last night while sitting happily watching the latest episode of Top Gear with my wife, my pocket vibrated and I got the news that my Twitter account had been hacked. A couple of helpful followers had mentioned me to say they’d received a weird direct message from me. I looked and sure enough, I’d sent out a weird tweet and a few DM’s. I immediately turned on my PC and went into action.
Over time I’ve seen plenty of people hacked, from friends to journalists to tech people. No one is safe, but I was a bit annoyed as I thought I’d be relatively careful. I was aware however that my passwords were lacking in optimal security. But I was being carefree about it, why would anyone bother hacking me? It’s not like I have many followers or popularity. So I left the task of improving my password to another day – typical procrastination. I’m sure you’re guilty of it too. Password security is a hassle. Having to have multiple passwords and remember them all, but not just that, to actually use something that’s secure – not your birthday, your cat’s name or ‘password1’. Obviously I hadn’t been that lax, my password was a mix of letters and numbers and not dictionary words, but it still wasn’t sufficient.
The other usual way people get caught out on Twitter is phishing links and dodgy DM’s. I’ve always taken care to avoid clicking links, especially from accounts that look suspicious, but even from people I know where they’ve just sent a link and nothing else. Not only are my friends not that lazy, they’re more sensible.
Repairing The Damage
Obviously the first step in dealing with the issue was to go and change my password, then go about fixing the rest of the problems – apologising to followers and messages, deleting new follows (the hacker had followed a load of random accounts) and then moving onto securing more of my online presence. I spent an hour on it, but I feel a bit more comfortable now.
I’ve written before about using Keypass to create safe and secure passwords but I’d foolishly not followed my own advice across the board. Now was the time to do just that. So I booted it up and set about generating long, complicated and intricate passwords. Set to 25 characters, with numbers, letters, special characters, spaces and brackets my old password was replaced by a new uber password. I then discovered that Twitter has a two-factor authentication system that I wasn’t aware of. So that’s setup too.
Under security and privacy, there’s a login security section where you can require Twitter to send verification emails to your phone. This means that even if someone does break my new super password then they’ll still fall down as they won’t be able to get the verification code as well.
Once that was done, I checked the apps (and removed any I didn’t trust), checked my profile, links and email address, then moved on elsewhere. I later came back and removed followers and blocked certain people, but I won’t both you with that.
On the basis that Twitter was so easily hacked I thought it was a good time to protect other things rather than get burned again. Twitter was connected to my Yahoo! email address, but luckily I’d already set that up with a good password (and different from Twitter) so I was pretty sure that was secure. But just to be sure I changed that as well. Then Gmail, Facebook, Paypal, Ebay, Amazon, Ebuyer, Steam, the list goes on. Each of those accounts now has a password so long and complicated I couldn’t possibly tell you what it is.
Side note – Keypass lets you generate unique passwords with a variety of settings including length, complexity and more. You can then copy and paste these onto the websites and save to keep your account secure. I used a different password for each and saved them all into my password database. However, Paypal was a major pain, you can’t copy and paste when resetting your Paypal password, so if you want a mega secure password you have to manually type out every letter, character and number. This was a massive hassle, but hopefully worth it. Paypal does have two-factor authentication as well now, so I’d recommend using that.
The moral of this story is to do this before you get into trouble. It doesn’t take long really and it ensures your passwords are secure and unique across the board. So many sites are getting hacked lately, if one gets attacked you’re leaving yourself wide open to getting hacked elsewhere.
If you need a horror story to scare you into action (as mine is a bit ‘meh’) then I’d recommend reading about how @N got stolen by social engineering, stubborness and foolishness (using a domain email address rather than Gmail).
Google Glass is one of those great inventions, one that might even be well before it’s time. It’s the sort of tech that could potentially change our lives and yet people are already frowning, wringing their hands and generally kicking up a stink about the potential invasion of privacy Glass presents. And that’s what’s really frustrating me – not the fact that I can’t actually get my hands on a pair yet. Yes, Glass is $1,500 for a developer/explorer edition and that’s prohibitive in itself, but it’s the people that are ruining Glass before it even becomes main stream.
The reasons Glass is potentially great (for me) is two-fold:
- Hands-free photography in the moment – that is you see something great happening and don’t have to fumble in your pocket for your phone, unlock it, find the camera app, oh no, wait, the moment’s gone. There’d be no more missing those amazing moments with Glass – my son’s first words, my cats fighting, an awesome car that’s driving by, a cool sunset, whatever. Glass opens up a world of photography possibilities.
- Heads-up navigation display – Google Maps Navigation is awesome. I’ve always thought so. It’s smart, handy and easy-to-use. But having to look down, sideways or even up to look at my phone screen while driving is impractical and a pain. Having to find a suitable dock/holder for your phone (and possibly replace that every two years when you upgrade) is also an inconvenience. So having navigation right there, just in front of your eye is fantastic.
Alas, both these simple things, that I love (and are the main appeals of Glass in my humble opinion) are exactly the things that people are kicking up a fuss over.
Here’s the highlights:
Pretty disheartening stuff really. Perhaps we can have cybernetic implants instead?
Google has many hidden talents. For those in the know – that is mostly the geeks, search marketeers and Google aficionados – there are a few things you can do to get Google to return you really specific results.
Google has a level of semantic search integration meaning they return the information you are looking for right in the top of the search results. There’s no messing around, no clicking on links. The most pertinent information is right there at your fingertips. Semantic search appears for a number of different searches, far too many to list here. But one of my favourites is for definitions.
If you don’t know, if you type define: followed by a word into Google you’ll get the definition of that word (according to the Internet). The results are always useful and sometimes amusing (especially when it picks up Urban Dictionary as the source.
This recent search even shows usage for the word over time. Not that I needed to know that.
Anyway, define: a helpful tool if you don’t have a dictionary nearby.
Saw this on BoingBoing and just had to share it:
Some are apparently suggesting that his get up doesn’t fit the era, but the argument against such a hypothesis are also believable.
The outfit could also be found 70 years ago. Being used as we are to our contemporary fashion, we look at the man and assume he’s wearing a stamped T-shirt, something that would be indeed out of place (or time). But if you look carefully, you can see that he’s actually wearing (or could as well be wearing) a sweatshirt. And sweatshirts with bordered emblems were not uncommon in the 1940s – in fact you can find those in other photos from the same exhibit.
Read more over at BoingBoing.
I love Mustachio, it makes the web even more hilarious.
I’ve got pretty much every browser under the sun at work – it’s part of my job after all. Safari, IE, Firefox, Opera, Chrome, IE tester, blah, blah, blah, each has it’s own use but all get used at one point or another. Chrome has a few apps installed. Just for giggles I installed Mustachio, but I keep forgetting it’s there and turned on. So when I browse a website, sometimes I’m greeted by some rather dashing moustaches on people that otherwise wouldn’t have them and it makes me smile. It’s the little things that brighten up your day.
When I discovered this yesterday, the woman at the top of the page was sporting a corker.
If you’re using Chrome, give it a try, it’ll brighten your life – be warned it doesn’t work all the time, which is even better because you’ll forget it’s on, then BAM, a website full of moustaches.