October 14th, 2014

October is Cyber Security Awareness Month – How Secure Are You?


It seems like every week there is another news story about a business being hacked and user information stolen.  Unfortunately, these attacks are outside of your control unless you go off the grid and use cash for everything.  However – there are things that you can do to help protect yourself!

Some are easy.  First and most important, don’t believe everything on the Internet.  I hate to be the one to tell you but you haven’t won a foreign lottery if you just send money to process the transaction so you can collect your winnings.  That’s almost as bad as Springfieldians sending “Happy Dude,” a.k.a. Homer Simpson, a dollar in season 7.

Second, always make sure to watch your email for phishing scams.  These scams are getting better every year.  The phishing emails now look cleaner and more professional, the English is better, and they are targeted.  If you click a link in an email make sure that the web page is correct and it didn’t send you to a web page that is just similar.  When in doubt always use Google to search for a business’s web page.

The last point is – passwords.  Passwords truly are the bane of your online existence but they don’t have to be.  As users we have all been conditioned to make complex, hard-to-remember passwords.  We see the instructions every time we sign up for something: password must be at least 8 characters, password must contain at least one number, lower case, and upper case letter.  We see this and then we go and create a password something like this G7d3X$nq.  That is a good password – but frankly, I don’t have a chance of remembering that.  I don’t think I’m in the minority admitting that.  If you can remember that without a lot of work you should see if you can also count cards since there are table games in the Perryville Casino now.

There is an alternative to hard-to-remember passwords.  Most websites now allow longer passwords so you can instead use a passphrase, which is a group of 4 or 5 words. Always use 4 or more words, that mean something to you and are easy-to-remember.  You can associate the words with whatever the password is for.

Say I wanted to make a password for my library account.  I would pick a phrase that I associate with the library that would be easy for me to remember like escapewithgoodscifi.  Now if I take that and add a few capital letters to it, for instance EscapeWithGoodScifi that is even better.  That wouldn’t meet the complexity requirements for some sites though because it lacks a number.  But If I had to I could add a number into that that means something to me Escape279WithGoodScifi.

When you add numbers to a passphrase, you should avoid the common substitutions like 0 for o, @ for a, or 1 for i.  Those substitutions are very common so they should be avoided.  So I now have a 22- character password with numbers, upper and lower case letters that is easy for me to remember.  Another benefit to this method is you can create a different password for every site easily and remember them.  You never want to use the same password on multiple sites.

If you want to stop reading here and just accept what I said, great–  please go forth and try out a few passphrases and see if you like it.  Just remember to give it a little time to get used to the new idea.

For those of you that are still reading and wonder why passphrases work well, it all comes down to complexity.  Simplifying the problem down, if you have an 8-character random password there are about 94 different possible characters on a standard keyboard which gives you around 6 quadrillion – 1 quadrillion is a 1 followed by 15 0s or 1,000 trillion – possible combinations of characters.  That sounds like a lot but a computer can guess very quickly.  Since we are looking at a simple example let’s assume a computer can guess 1 billion times a second.  It would take a computer about 70 days to guess all possible combinations of an 8-character password if there are 94 different possible characters.

When we look at the passphrases we need to make a few assumptions.  The Oxford English Dictionary contains about 250,000 different words.  Taking into account capitalization of just the first letter raises that number to 500,000.  So there are 62.5 sextillion –1 sextillion is a 1 followed by 21 0s – different combinations of 4 words in the English language.

If we then include the 3 numbers from our example passphrase it ends up being about 62.5 septillion —1 septillion is a 1 followed by 24 0s.  I bet some of you never thought of numbers this high before!  If I did the math right, which I’m not promising since that’s a lot of 0s to put into the calculator, a computer guessing 1 billion times a second would take about 1,981,861,998 years to guess all possible combinations.  What’s the expected life of the Sun?

This was a simple example using very basic math but I’d feel confident in saying that my new passphrase for my library account was pretty secure.  That doesn’t mean it couldn’t be compromised another way through phishing, my own carelessness, or being used as an example in a blog post.

If you are interested after making it to the end of this blog and I haven’t scared you away with math and very large numbers, I will be talking at a program at the Elkton Central Library on October 20th at 7pm about computer security for small businesses but a lot of the information can also apply to everyday life.

Have you visited the National Cyber Security Awareness Month site? Stop.Think. Connect.

Tags: , , , ,

June 12th, 2013

Fire + Meat + Outdoors=A Great Meal

grillThere’s something satisfying in a primal way about cooking outdoors over a blazing fire.  Most people only do this in summer, but I don’t let a trivial nuisance like weather stop me.  I’ve grilled in the high heat of a 100 degree day.  I’ve grilled in the rain.  I even grilled in a snowstorm once.  Why am I such an enthusiast? After a long day, I can think of nothing more relaxing than that smoky smell combined with the sizzles and pops of cooking meat. Admittedly, the optional drink helps too, and it’s all part of the tradition.

Charcoal or gas? I’m always amused to find that people are often staunchly in one camp or the other.  I’m sure some of you are purists who think the only way to grill is with charcoal, taking the time to slowly build the heat of the coals.  Letting the flavor of the charcoal infuse itself into whatever you are cooking is an amazing way to add taste.  A steak cooked to perfection over real charcoal is one of my favorite meals.

And while charcoal-grilled food will always be my ideal, I mostly use a small gas grill for convenience.  The ease of instant flame and even heat is a fair trade for not having the smoky charcoal taste.  I find it’s easy enough to mix up marinades and different spices to replace that signature smoky flavor and keep the taste interesting and the meat moist.

Grilling isn’t just limited to meat though.  Occasionally, I will allow a vegetable to land on my grill, and my favorite is always corn.  Take some corn with the husk still on and soak it in water for 30 minutes, then simply lay it on the grill.  After about 20 minutes, the corn will be steamed perfectly.  The best part is that you can skip all the work of removing the silk – it comes off easily when you open the husk, and the husk even makes for a convenient handle.

If you’re looking to try grilling for the first time or expand your grilling skills, check out these grilling books on our Pinterest site.

Will you be grilling this summer? Charcoal or gas? (And don’t forget to share your favorite recipes).