July 18th, 2016

Gotta Catch ‘Em All

PidgeyAt this point you’ve probably seen stories about the Pokémon Go craze sweeping the world.  There have been headlines about it being the most popular app game in the country and more popular than Twitter.  So what is it?  Pokémon Go is the latest installment in a game franchise with a 20-year history.  The players, known as trainers, walk around outside with a mobile device that displays a map of their surroundings.  When small creatures called Pokémon appear on the screen, players attempt to capture them by throwing Poké balls at them.  This step can actually be harder than it looks.  Trust me.  Players gather more balls and other items by visiting places called Pokéstops and interacting with the spot on their device.  Most of our libraries are Pokéstops.  Once the players capture Pokémon they can grow them by feeding them or evolve them into stronger versions.  Players can also use the Pokémon to virtually capture places called gyms that have some tie to the real world.  Our Cecilton Branch is a gym.  Those are the basics but there’s a lot more to the game.  If you want to learn more, there have been some good articles about the game online or you could ask a player.  I know I’ve explained the game to a large number of people in the last week.

pigeondriveSo you might be wondering, how does this all tie back to libraries?  It’s a good question that has multiple answers.  Starting with the obvious physical ones, we have outlets people can charge their devices since the game will quickly drain your battery.  We also have an excellent Wi-Fi system while so you can play without using your phone data plan.  After the last week, it’s also worth mentioning since you can reach the stops and gyms at our locations from inside the building you can play while in the air conditioning.  I’m not sure who was hotter yesterday me or my Flareon.  Going a bit further there is also the social aspect of the game.  A good portion of the players like to talk to each other about the game; sharing their experiences, where things are, good places to go to, things like that.  Libraries are places for exploration and information doesn’t always have to come from our staff.  It can also be between patrons.  There’s also a growing creative community that enjoy posing the Pokémon in the world for pictures.  Our more creative staff members figured out that Pidgey shouldn’t drive the bus.

Now some advice for fellow trainers from a person that played Niantic’s previous game Ingress for over two years (Niantic is the company that programmed Pokémon Go).  In the summer bring water and sunscreen with you since it’s very easy to get distracted and stay outside in the sun too long.  Bug spray also isn’t a bad idea if you are going to play at dusk.  Pay attention to your surroundings; look up from your phone often, watch for traffic, watch for street signs and parking meters since they hurt when you walk into them, watch for other people walking and move out of the way if you are going to be stopped for a while, and don’t walk into dark areas at night.  Playing with other people is always a good idea, especially at night, since you can look out for each other.  It’s also more fun to play with a group and makes it easier to hunt down that Rare who’s three footsteps away.  Be respectful of posted hours since even public places like parks can close at night.  Don’t trespass and respect private property.  Catching anything, even something really cool, isn’t worth having the cops called on you or worse.  Be friendly to other players and people who ask about the game.  You might even be able to recruit them to your team.  Most of all have fun.  See you out there.

Where’s your favorite place to play?

Tags: , , , , ,

October 14th, 2014

October is Cyber Security Awareness Month – How Secure Are You?


It seems like every week there is another news story about a business being hacked and user information stolen.  Unfortunately, these attacks are outside of your control unless you go off the grid and use cash for everything.  However – there are things that you can do to help protect yourself!

Some are easy.  First and most important, don’t believe everything on the Internet.  I hate to be the one to tell you but you haven’t won a foreign lottery if you just send money to process the transaction so you can collect your winnings.  That’s almost as bad as Springfieldians sending “Happy Dude,” a.k.a. Homer Simpson, a dollar in season 7.

Second, always make sure to watch your email for phishing scams.  These scams are getting better every year.  The phishing emails now look cleaner and more professional, the English is better, and they are targeted.  If you click a link in an email make sure that the web page is correct and it didn’t send you to a web page that is just similar.  When in doubt always use Google to search for a business’s web page.

The last point is – passwords.  Passwords truly are the bane of your online existence but they don’t have to be.  As users we have all been conditioned to make complex, hard-to-remember passwords.  We see the instructions every time we sign up for something: password must be at least 8 characters, password must contain at least one number, lower case, and upper case letter.  We see this and then we go and create a password something like this G7d3X$nq.  That is a good password – but frankly, I don’t have a chance of remembering that.  I don’t think I’m in the minority admitting that.  If you can remember that without a lot of work you should see if you can also count cards since there are table games in the Perryville Casino now.

There is an alternative to hard-to-remember passwords.  Most websites now allow longer passwords so you can instead use a passphrase, which is a group of 4 or 5 words. Always use 4 or more words, that mean something to you and are easy-to-remember.  You can associate the words with whatever the password is for.

Say I wanted to make a password for my library account.  I would pick a phrase that I associate with the library that would be easy for me to remember like escapewithgoodscifi.  Now if I take that and add a few capital letters to it, for instance EscapeWithGoodScifi that is even better.  That wouldn’t meet the complexity requirements for some sites though because it lacks a number.  But If I had to I could add a number into that that means something to me Escape279WithGoodScifi.

When you add numbers to a passphrase, you should avoid the common substitutions like 0 for o, @ for a, or 1 for i.  Those substitutions are very common so they should be avoided.  So I now have a 22- character password with numbers, upper and lower case letters that is easy for me to remember.  Another benefit to this method is you can create a different password for every site easily and remember them.  You never want to use the same password on multiple sites.

If you want to stop reading here and just accept what I said, great–  please go forth and try out a few passphrases and see if you like it.  Just remember to give it a little time to get used to the new idea.

For those of you that are still reading and wonder why passphrases work well, it all comes down to complexity.  Simplifying the problem down, if you have an 8-character random password there are about 94 different possible characters on a standard keyboard which gives you around 6 quadrillion – 1 quadrillion is a 1 followed by 15 0s or 1,000 trillion – possible combinations of characters.  That sounds like a lot but a computer can guess very quickly.  Since we are looking at a simple example let’s assume a computer can guess 1 billion times a second.  It would take a computer about 70 days to guess all possible combinations of an 8-character password if there are 94 different possible characters.

When we look at the passphrases we need to make a few assumptions.  The Oxford English Dictionary contains about 250,000 different words.  Taking into account capitalization of just the first letter raises that number to 500,000.  So there are 62.5 sextillion –1 sextillion is a 1 followed by 21 0s – different combinations of 4 words in the English language.

If we then include the 3 numbers from our example passphrase it ends up being about 62.5 septillion —1 septillion is a 1 followed by 24 0s.  I bet some of you never thought of numbers this high before!  If I did the math right, which I’m not promising since that’s a lot of 0s to put into the calculator, a computer guessing 1 billion times a second would take about 1,981,861,998 years to guess all possible combinations.  What’s the expected life of the Sun?

This was a simple example using very basic math but I’d feel confident in saying that my new passphrase for my library account was pretty secure.  That doesn’t mean it couldn’t be compromised another way through phishing, my own carelessness, or being used as an example in a blog post.

If you are interested after making it to the end of this blog and I haven’t scared you away with math and very large numbers, I will be talking at a program at the Elkton Central Library on October 20th at 7pm about computer security for small businesses but a lot of the information can also apply to everyday life.

Have you visited the National Cyber Security Awareness Month site? Stop.Think. Connect.

Tags: , , , ,