Monthly Archives: September 2011

20 Things I Learned About Browsers and the Web

Safe web browsing…

It isn’t something that Facebook provides. It isn’t something that you download to your computer. It isn’t even using the right browser (although that does help).

Safe web browsing is a human activity. It’s something that has to be learned, and it starts with user education about the internet.

DISCLAIMER: This post is not meant to offend. I especially don’t mean to offend anyone who might have done what I’m about to talk about. If you have, It’s not like you’ve killed puppies or something. But you might benefit from what I’m about to say.

This post all started with Facebook. I’ve had too many Facebook friends post something like this:

FB has changed without any notification. Look at your URL (top box on your screen) If you see “http” or just “www” instead of “https” you do not have a secure session & can be hacked. Go to Account Setting; Security – Click Edit. Check box (secure browsing) Click Save.

There’s two things wrong with posting something like this as your status. First, it’s spam. Second, it’s ignorantly incorrect.

What do you mean it’s spam? Well, because it’s wrong (see below), the only reason someone wrote it in the first place was to get other people to copy it as their status. It’s not the kind of spam that advertises Viagra.  It’s the kind that gets uninformed people to copy and paste statuses over and over. Here’s the obvious sign that it’s spam: the majority of people who post something like this as their status don’t even know what HTTPS stands for, they probably already had the secure option enabled (or they still don’t have it enabled, even after reposting this), and if you asked them how to even get to their security options, they probably don’t know.

What do you mean it’s incorrect? Well, it’s just plain wrong. There was a lot of notification when the Secure Browsing feature came out. Plus, this status leads people to think Facebook turned off such a feature. In fact, Facebook didn’t have the a secure browsing feature when it started. It started out as something that didn’t need that much security. But since more and more people are doing more and more on Facebook (did you know JCPenny has their entire catalog on Facebook?), the need for increased security was apparent. (Also, some jerk hacker created a browser extension that could hijack a Facebook session and released it to the world, making it easy for anyone to hack into others’ Facebook accounts.) When Facebook introduced the secure browsing option, it required that people change the setting themselves (because it’s slower to have a secure connection, and people might complain if Facebook suddenly became slower). And like I mentioned before, Facebook showed a lot of notifications when it added the secure feature. If people missed them, it’s because they dismissed them without reading them.

I'm appalled that the free service that I am in no way obligated to use keeps making changes that mildy inconvenience me.
Remember guys: it's free.

Besides all that, Facebook users should know that even with a secure TLS/SSL (HTTPS) connection, they can be hacked if they do something like click a suspicious link from a friend’s Facebook application or paste JavaScript into the address bar while using Facebook. Using unsafe Facebook applications can put your privacy at risk. Attempting to download pirated music can allow an amateur hacker to spy on you using your webcam. Safe browsing is much more than a secure connection to a server. It’s smart browsing practices.

Most hacks exploit the most vulnerable part of a system: the user(s). Antivirus software isn’t meant to protect users from Windows; it’s meant to protect Windows (and users) from users.

If you’re the kind of person that sees the above type of Facebook statuses and reposts them or gets paranoid, then you’re probably the kind of person who needs to learn more about the internet. If you believe that browser cookies are bad and dangerous, then you definitely need to learn more about the internet. If you’re still using Internet Explorer 6 (or don’t know what browser you’re using), then you need to learn more about the internet. We would never let our 13-year-old daughter take the keys to the car and drive to the mall, but we let those same girls get on Facebook with nothing but the occasional glace at their screen. It’s not hard to get into trouble on the net. We need to be more educated.

Here are some great resources to learn about safe browsing and the internet in general. Both are sponsored by Google and are very informative.

20 Things I Learned About Browsers and the Web
Please read me.

This post isn’t an in-depth look at internet security. It’s just a call for people to educate themselves on the technology that we use every day. You’re welcome to share it with others, or just share the above links with them (there’s nice links on both sites to do just that). And please, if you have kids that use the internet, sit down with them and learn together. The best rule of thumb: if you’re not sure what clicking a link, button, or anything else will do, then you probably shouldn’t click it. Steer clear of 99.9% of Facebook apps. Never click on a link from a friend that came from such an app. There are a few useful and awesome apps (TweetDeck, for example), but most are after either your information or your money.

And Facebook isn’t the only place that you can find trouble. It just happens to be where 90% of people spend 99% percent of their time. Be smart wherever you browse. If your browser tells you that a site may be malicious, take its word for it and run away! Use a modern browser and use caution. Keep your computer up-to-date.

If you’re wondering about me, I use Google Chrome. Chrome updates seamlessly in the background, frequently, and includes updates for Adobe Flash Player (which must also be kept up-to-date). I use the Adblock Plus extension to block a lot of ads, but also a lot of harmful web content. Right now, all of that is running on a Mac, but in a few days, I’ll be using Windows 7. Windows is just as safe as a Mac, as long as you’re smart (which includes running up-to-date antivirus software, just in case). I google everything, because it’s safer than trying to guess a URL. I hide most all apps on Facebook (once it hits my newsfeed with anything but a normal status, it’s hidden). I don’t use apps on Facebook. I don’t give websites access to my Facebook/Twitter/email account. I am very careful about what apps I install on my phone. I don’t use the same password for Facebook that I use for PayPal (meaning I don’t use the same password for everything). And I don’t friend everyone and their dog on Facebook because I don’t need (or want) everyone (and their dog) to see what I’m doing. And I also don’t care about the boring minutia of everyone’s boring lives (sorry). Basically, I’m careful about what I do, where I go, and how I get there on the web. And you should be too.

Currently listening to: “Never Gonna Leave This Bed” by Maroon 5

When life gives you lemons…

… apparently you buy a new computer.

“It’s been a really, really missed up week,” so to help cheer me up (and because I already wanted to, and Sav said it was ok), I finally went and bought this:

Needless to say, this thing is going to load Facebook so fast.

Quad-core, 6 GB RAM, blah, blah, blah.  Since I didn’t want fork out $50 for a custom lid, I think I’m going to go buy some $3 stickers instead.  (Most likely, I’ll just be ok with plain black.)  Too bad xkcd doesn’t have any good ones.

Oh, and I watched Moulin Rouge for the first time.  That movie is crazy.

Currently listening to: “Come what May” by Nicole Kidman and Ewan McGregor