Getting to know QR codes

Posted on July 20, 2010 by Kristen Vitartas

Androids and iPhones are taking the world by storm, and along with these phones (which, let’s face it, when your “phone” is able to control your television and turn off your lights, it’s not really just a phone anymore, it’s your entire universe, which comes to a screeching halt when you lose it or it (heaven forbid) stops working), comes a plethora of fun, interesting and confusing new apps, codes and gadgets.

One in particular that is still relatively new to the U.S. but is widely popular in Japan is a two-dimensional square that looks like a scrambled barcode, called a QR code. QR codes, or Quick Response codes can be scanned by smartphones that then reveal websites, photos, videos, music or text on the users phone.

QR codes can be found almost anywhere, in magazines and newspapers, on buses, on buildings (Times Square was recently outfitted with giant QR codes on buildings to celebrate Internet Week 2010), window clings, business cards, marketing materials, t-shirts, blogs, fast food sandwich wrappers (showing nutritional information or a cooscpaupon). The possibilities are endless.

But what do I get by scanning a QR code?

Part of the fun of scanning QR codes is finding out what it links you to, and a lot of what you’re going to get depends on where the QR code is that you are scanning.

An upcoming trend is placing a QR code on your business card. Imagine that after a client scans the QR code on your business card it automatically gives them the option to save your name, phone number(s), e-mail address, Twitter username, LinkedIn and Facebook accounts, website, blog, etc. The information that they receive is entirely up to you when you create the code. You could even have the QR code take them directly to your website, or a coupon for a discount off of your services.

Promoting an event? Put a QR code on the marketing materials with a link to the registration page with a discounted price, or use it to link up directions to the event with accommodations and parking instructions.

Creating QR codes

There are numerous QR code generators available, but a really simple and free one to get started is www.qr-barcodes.com/online-generator. The generator is as simple as choosing the barcode format such as a URL, text, e-mail, SMS, location, contact   information or calendar event, selecting the image size and then determining the content of your code. For example, the QR code pictured above is a URL linking to OSCPA’s website. If you have a smartphone, locate the barcode scanner app or download any one of the several QR code readers available in the Market or App Store, and scan the code.

You can have a lot of fun with QR codes, and the possibilities of what you can use them for are endless. Just remember that even though QR codes started showing up in the U.S. in 2008, the concept is still relatively new. Most people won’t know what QR codes are, let alone know how to use them. Don’t let that discourage you from using them though. QR codes are quickly gaining popularity, and when they start to reach your professional and social circles, you’ll be ahead of the game!

Filed under: Technology | Tagged: , , , , | Leave a Comment »

Three simple reasons to leave IE 6

Posted on March 22, 2010 by Jacob Prystowsky

A frighteningly large number of people still use Internet Explorer 6. Let me come right out and admit it: I’ve never been Microsoft’s biggest fan. I wait with bated breath to see Apple’s latest gadgets. I’m first in line to “ooh” and “aah” over Google’s latest and greatest, too. Microsoft’s products? Count me generally unimpressed. But my distaste for IE 6 is for some simple, unbiased reasons. If you find yourself clicking that ancient blue “E” to browse the Internet, take five to read three reasons why you should be using something like Firefox, Chrome, or Opera (or IE 8, if you must) instead.

One: It’s Broken

On the web, a language called CSS (Cascading Style Sheets) is used to design web pages. Just as the English language is standardized so that we can understand each another, so, too, is CSS standardized so that web browsers can understand how to display pages as their designers intended. The problem is that Internet Explorer 6 is the web equivalent of a semi-illiterate cave dweller who ignores the rules half the time and invents his own the other half of the time. Pages either don’t look right, can’t be designed to be as interesting and creative as they could be without IE 6′s problems, or have to be created with “tricks” to make IE 6 render them properly. All of this costs extra time and money, and stifles web innovation. If you wouldn’t trust a simpleton to read you a book, you shouldn’t trust IE 6 to display the Internet.

Two: It’s Dangerous

We do a lot of things with the Internet that require some trust. We buy things with credit cards, click on links without knowing exactly where they lead, and log in to our banks to check our accounts. If using Firefox, Chrome, Opera, and other modern browsers is like driving a car with airbags, seat belts, and body armor, then using IE 6 is like riding in a car with no windshield, a loose door, and a blindfolded driver. This ancient browser just doesn’t have the technology under the hood to keep your information secure and your computer safe if you get into the equivalent of an Internet car accident.

Three: It’s Old

I know what you’re thinking. A lot of old things are great. Everyone loves their grandparents. Most of the finest cheeses and wines are aged. Pyramids, ancient statues, and famous paintings are all great, old things. Computer technology does not, however, get better with age. By holding yourself back with this dinosaur of a browser, you’re missing out on a world of technological inventions. Firefox’s extensions let you turn your “pocket knife”-style browser into a full-fledged chainsaw, for example. Chrome’s combined search/navigation bar makes searching Google never more than one click away. HTML 5, the next generation of the language that powers the Internet, will bring a huge number of advancements, none of which IE 6 will support. Simply put, if IE 6 was a loaf of bread, it would be aged to the point of severe molding. It’s time to throw it out and upgrade your whole Internet experience.

Filed under: Technology | Tagged: , , , , | Leave a Comment »

Have social networkers turned into social creepers?

Posted on February 25, 2010 by Kristen Vitartas

The direction that social networking has taken over the past several years has been monumental. I wasn’t into the whole Facebook craze in college – instead the extent of my social networking knowledge didn’t extend beyond AOL’s Instant Messenger and journaling about my day on Live Journal.

Only a mere five years later, here we are in 2010 where people can’t escape social networking if their life depended on it. With that said, I’m wondering just how many people can live their lives without social media once it’s introduced to them. (I say that because I do know people that live without it. Just take a few of my family members for instance: three of them have never owned a computer in their lives and don’t intend on purchasing one or start learning how to use one now, and the other just canceled her home Internet, claiming that she only needs the Internet at work.)

So for the sake of this post, I’m going to assume that most (if not all of my audience) is using social media – after all, you’re reading this blog right? And you’re probably wondering why you’re reading yet another post on social media.

I’m as much into social media as the next person. I’m on Facebook, Twitter, LinkedIn, write for two of my organization’s blogs, keep my own personal blog, and have 15 blogs that I’m following lined up in my Google Reader. With all of this connection to strangers around the interwebs, one has to be careful to protect yourself.

Turning up the creep factor with Chat Roulette and Foursquare

Now a lot of this seems like common sense, but it’s worth repeating. If you don’t personally know and trust the person you are talking to, then don’t give out any personal information or agree to meet someone in person. A new craze, Chat Roulette has taken social media to the extreme. Chat Roulette pairs up random people via a video chat with the option to click a “next” button at anytime during the conversation. So now people can actually see the creepers people they’re talking to online! Is your skin crawling yet?

Not only is that creepy enough, Foursquare is rapidly gaining momentum. Foursquare allows users to “check-in” to a location via their mobile phone, allowing people that you are connected with on Foursquare to easily see where you are (which speaks volumes of where you are not, but more about that later). The idea is that when your friends check-in to a particular restaurant, store, etc., you can pick up the little nuggets of advice they have left behind. For instance, if I were to check-in at P.F. Changs, I could get a comment from a friend saying, “I highly recommend the lettuce wraps.” Players also receive points to unlock badges. Points can be received for trying a new place in your neighborhood, visiting a location multiple times, or bringing a friend along. These points unlock a multitude of badges. Become a regular at any one location and you may just become the “Mayor” of that bar, restaurant, etc. earning you freebies at that location.

I signed up for Foursquare to see what all the fuss was about, and even added some “friends” that I am following on Twitter, but the problem is, I don’t even know all of those people personally. So why would I want them to know exactly where I am?

Which leads me to http://pleaserobme.com/.

Nobody’s home

The purpose of http://pleaserobme.com/ is to highlight the dangers of location sharing. While the idea behind Foursquare and other location-aware sites are fun, they are also potentially dangerous. Checking in to locations around your city (or even when you’re away on a trip), just scream that you are not at home, leaving you vulnerable.

My advice if you’re going to participate in Foursquare is to only add people that you know – but that still doesn’t stop others from seeing your whereabouts if you share your check-ins on Twitter or other social networking sites.

For the record – I have never checked-in to a location and have since deleted the app.

Let’s hear it!

There’s a good chance a fair number of you have used Foursquare, and maybe even a few that have checked out Chat Roulette. I want to know your thoughts behind both. Have you used either? Do you plan to? If you do, what keeps you going back? Likes? Dislikes?

Leave your comment below, or find me on Twitter.

Filed under: Social Media | Tagged: , , , | 1 Comment »

Bah Hummbuzz

Posted on February 11, 2010 by Chris Jenkins

Yet again I’ve been disappointed by a technology solution that was going to be the latest and greatest thing since the inception of the Internet. Yes, I’m talking about Google Buzz but I don’t blame Google for my disappointment. I blame the hype created by the tech industry. The continued approach to build it up and slam it down simply tires me.

The recipe for a flawed release is simple:

  • 2 Pounds of Rumors
  • Sprinkle in Leaks
  • Add some Expert  Guesses
  • Stir to build Hype
  • Bake in a Release
  • Check for Review
  • Burn and Destroy

In our industry nothing is quite as juicy as playing armchair innovator, except maybe claiming the lack of innovation. Wave, Buzz, iPad, Windows 7 you name it. We will build it up to be exceptional only to ensure everyone thinks it sucks. I’ll admit I follow the hype, I get excited, I build unreasonable expectations, and I’ll be the first to let you know when a solution fails to meet them.

What I’m realizing is it’s not the product failing, but it’s the unreasonable expectations that create my disappointment. Perhaps rather than listening to the hype I should wait patiently, and unwrap new technology like a child on Christmas. Of course to do this I’d have to tune out of the hype, and that’s nearly impossible today.

So to all those tech writers who are spoilers, I say bah hummbuzz!

Filed under: Technology | Tagged: , , , | Leave a Comment »

Twitter Tuesday: Twitter’s getting business friendly

Posted on December 15, 2009 by Kristen Vitartas

In a blog post by Twitter this week, it was announced that Twitter has some special features in the works for businesses that tweet. The Contributors feature, which will allow multiple users to tweet on behalf of an organization, enables users to have more engaging and authentic conversations with their followers.

The feature would attach the contributors Twitter username to the tweet – making whoever posted the tweet identifiable and allowing for more engaging conversations.

tweet

Twitter asserts that after some user testing, the Contributors feature will be released soon, along with several other business developments in the works!

12/16 ETA: Mashable just published an article featuring some wonderful screenshots of Twitter’s Contributor feature. Check ’em out! 

Filed under: Technology | Tagged: , | Leave a Comment »

Computer Security: Back to Basics

Posted on October 6, 2009 by Jacob Prystowsky

Computer security is a complex subject, and staying safe is no easy task. Paraphrasing a quote attributed to security analyst and cryptographer Bruce Schneier, the only secure computer in the world is unplugged, encased in concrete, and buried underground — and even that one might be vulnerable. This reality aside, it’s still important from time to time to review some of the basic steps of computer security.

Physical Security

A general rule of thumb is, once an attacker has physical access to your computer, the game is up. So be smart: Don’t let just anyone use your computer, and don’t leave it unattended in an insecure place. Even at home, you may not be completely safe. Is your screen visible through an outside window? Do you know and trust your neighbors? Has there been recent criminal activity near where you live? Who else in your house has access to your computer? Ask yourself these questions when evaluating your physical security.

Encryption

Treat any information that you store unencrypted on your computer as though it is going to be stolen. You probably wouldn’t care (as much) if someone took your grocery list or vacation photos, but tax returns, bank statements, account passwords, and confidential emails, to name just a few, are another matter altogether. As a rule of thumb, if you can’t stand to have it read by everyone, then make sure it can’t be read by anyone. (For a more thorough treatment of why cryptography is important and to get software recommendations, see “Nothing to hide? Hide it anyway.”)

Passwords

Actually, “password” is now anachronistic – “passphrase” is probably the better term, since short, simple words won’t cut it in this day and age. Good passphrases should be long (16 characters is not unreasonable), complicated (use upper- and lowercase letters, numbers, symbols, and whitespace), easy to remember, and, most importantly, hard to guess. Furthermore, you should use different passwords for different accounts (so that if one is compromised, the damage is contained), change them regularly, and not reveal them to anyone who you don’t implicitly trust.

These requirements are challenging to say the least, so a better solution is to let software pick – and remember! – your passwords for you. I like Keychain Access (built in) on Mac OS X and Password Safe (passwordsafe.sourceforge.net) for Windows.

Public Locations

It goes almost without saying that you need to be especially cautious when using your computer in public. If you’re somewhere where you wouldn’t feel comfortable thumbing through your wallet, you shouldn’t use your computer there, either. Be aware of who is around you, especially if they have a view of your screen or seem suspicious. Make sure that no one can shoulder surf as you’re typing.If you’re traveling, make sure you know where your computer is at all times. Never set it down and walk away from it in places like airports and train stations, even if it’s in a bag (thieves know what laptop bags look like).

If you use a public Internet connection (whether wired or wireless), treat everything you do online as though it is being intercepted and read. If you need to do anything sensitive, use encryption and a VPN if you have one. Avoid connecting to unknown Wi-Fi networks or those with suspicious names. If you are using VOIP or videoconferencing software, act as though your audio and video are being monitored. Make sure all your software, including the OS, is up to date, run antiviral and firewall software, and turn off features like file sharing and remote login before you go in public.

Be Cautious

It’s nearly impossible to cover every possible scenario, but, in a nutshell, think carefully before you act.

If you get an email asking for your personal or account information, it’s probably a scam. Similarly, if you’re asked to visit a website for an unexpected reason (for example, to preserve your account information), you should be extremely cautious – it’s almost never the case that this is legitimately needed. Don’t click on any suspicious links (which might take you to a phishing website). Instead, type in the company’s URL yourself to see if it’s legitimate. If you get a message and you’re not certain that it’s legitimate, don’t hesitate to call whatever company is supposedly contacting you or email them at a trusted address to find out if the email is a scam. And, of course, if you’re offered something that’s too good to be true – a large sum of money, a special business venture, a lottery winning, or something similar – it is almost certainly a fraud.

Outside of phishing emails, you should avoid visiting strange websites or downloading files (especially software) that you don’t recognize or that are from questionable sources. P2P file-sharing software is particularly likely as an attack vector for malware. If you are visiting a secure website and are told that there is an error with its certificate, that it is expired, or that it is signed by an unknown Certificate Authority, it’s always safer to cancel whatever you were doing than to continue on and risk being trapped in a MITM attack. And, of course, be sure regularly to update your OS and install, use, and keep up to date antiviral and firewall software.

Filed under: Technology | Tagged: , , , , | 1 Comment »

Cincinnati accounting show live blog of “XBRL – the digital reporting frontier”

Posted on September 30, 2009 by Jacob Prystowsky

Only fifteen minutes until the session begins. We’ll be updating as things progress soon.

2:27: People are still coming in and we’re going to begin pretty soon.

2:34: Stands for extensible business language and is based on XML. Used to communicate business and financial info. Why use it? SEC and AICPA suggestion and also better than a spreadsheet or other clumsier and slower methods. More accurate… If the taxonomy etc is used properly. And it is faster and enables more frequent updates.

2:40: the taxonomy is code, can bee pulled from SEC website which enables standardization. Instance documents breaks down individual data. This technology is being used internationally already and is required in some places, e.g. China.

2:43: Software is in it’d infancy right now but will probably get better over time. Variety of in house uses probably also, such as live data analysis, that will push development. One thing to note, auditors aren’t required to have any involvement so companies are on their own. Another consideration, what are long term plans for it’s use? Chairman Cox said, long term point is to bring investors faster, easier, more accurate information.

2:48: SEC had been helping development since 2005 and taxonomy etc continues to evolve over time, even recently.

2:50: SEC will require tables, notes, schedules to be individually tagged. Software is immature right now but again will improve.

2:53: Quality of initial submissions varies right now. About 410 issuers submitted XBRL exhibits in July or August and 14% of issuers are using grace period now. From an outside perspective, how do companies post viewer so anyone can grab file? Something to think about. Common mistakes: applying wrong tag or applying it to blocks of data inappropriately, or not tagging parts of documents that need to be as per specs. So still room for growth out there.

3:02: XBRL has been extended more as well. Banking, real estate, utilities, manufacturing, media, and so on.

3:05: Why do issuers need to “get it right?” SEC will require it for one thing. Need to help investor end users get it properly as well. And getting things wrong does pose liabilities.

Filed under: Technology | Leave a Comment »

Google answers the call again

Posted on August 12, 2009 by Jacob Prystowsky

“We’re sorry, the party you are calling cannot be reached. At the tone, please leave a message. After you are done, stop speaking, then hang up, or press: Pound. To leave a callback number: Press. Five. To page this person: Press. Seven. At the tone, Eastern Standard Time Will Be: Eight. Forty. Five. And. Nine. Seconds. Now please: Listen. To. The. Party’s. Voicemail. Message. Thank you. (Beep.)” (OK, maybe that’s an exaggeration, but just barely.)

Sound familiar? If so, you’re probably like most cellphone-wielding Americans. Make you want to tear your hair out? You’re not alone. But have no fear: Google’s just entered the calling and voicemail market, with a beta caveat and pricetag of “free,” as usual, and they’re set to do to it the same thing Gmail did to web-based email providers and that Google itself did to search engines. First we had Google SMS. Then we had GOOG-411. Now we have Google Voice. The best way to experience Google Voice is to try it out yourself (invitation from Google required), but while you’re waiting for your invitation to join, we’ll break down just a few of the reasons that make those of us in the IT Department at OSCPA love it.

Where do you want to call from?

The fun starts at the registration page. Chances are, when you got your cell phone from $carrier (AT&T, Sprint, Verizon, etc. — pick your favorite), they gave you a random phone number, or at the very least, didn’t give you much say in what it was. Not so with Google Voice. While at the moment Google doesn’t allow you to transfer your current phone number to the service, they make up for this by letting you search for a number you want. That’s right: if you want a phone number in New York that contains the word “CODE,” you can do that (if one is available). If you want a number anywhere that has a “1776,” you can do that, too. Or if you’d just prefer to appear to be calling from Hawaii, Google’s got you covered (that would be area code 808, if you’re wondering).

Back to basics

Google, of course, offers all the “basic” features you would expect, all done with their traditional style and simplicity. When people call your Google Voice number, it will forward the call to any number of your choosing. In fact, it will forward it to as many different numbers of your choosing as you like, all at the same time, and it can be programmed to ring different phones depending on who’s calling. You can also choose to block certain people altogether, send some callers straight to voicemail, or even mark particularly annoying callers as spam (rumor has it that they receive a fictitious “number disconnected” message — at last, some competition for the TeleZapper). You can also require callers to say their name first (Google will ask you when you answer whether or not you want to take their call), particularly useful for numbers you don’t recognize. And you can set up several different voicemail greetings to play for different people.

For all of these features, you can set your preferences based on individual people or groups of people (e.g., you could decide that callers in the “Family” group ring all your phones, hear “Hi, please leave a message!” as their greeting, and don’t have to say their name first, while those in “Work” ring just your work number, hear “Hello, I’m not here right now, so please leave your name and the best time at which to call you back” as their greeting, and do have to say their name, and those in “Annoying” are just sent straight to voicemail, being told, of course, “I’m sorry, but I will be unavailable for the foreseeable future”).

Also — and this really does merit its own paragraph — Google Voice isn’t annoying. It doesn’t plague you with prerecorded messages telling you that you’re at a voicemail system and so you should leave your name and number after the beep (really, in 2009, does anyone not already know this?) or asking you whether or not you’d like to page the person you called. If you call in to check your voicemail, it doesn’t beat around the bush, telling you that the menus may have changed since yesterday and that you have: Twelve. New. Messages. And, everywhere, the menus are short, simple, and fast. No more waiting for thirty seconds just to hear how to erase a message. This is Google, after all.

Free calls, cheap calls, and call recording

Another great feature, although perhaps not as crucial since most people using Google Voice will probably use it with a mobile phone and not just a land line, is that you can make calls to any (continental) US number for free (caveat being that it still uses your cell phone minutes if you’re not on a land line). And if you’d rather talk to someone in Brazil, Russia, or Germany, you can call them too, and cheaply at that (at the time of writing, $0.04, $0.05, and $0.02 per minute, respectively). Google even gives you $0.10 right off the bat, just for signing up.

We should also mention that you can record calls to listen to later, although at the moment this is restricted only to incoming calls and doesn’t include calls from your Google Voice number as well. So, next time you’re on an important conference call in the middle of driving to the airport, you can focus on traffic instead of finding a pen to write down your hotel’s address.

SMS? Yes

Not limited only to voice, people can send SMS messages to your Google voice number as well, and these will be forward to however many mobile phones you’ve added. You can also send and receive SMS messages via the web interface, and you can save old messages for reference instead of having periodically to erase them as you would on a phone.

Voicemail, part deux

You have no idea how clunky your current voicemail system is until you’ve seen how Google Voice does it. With voicemail from Google, you can listen to your voicemails online, save them to your computer, or embed them on web pages (sounds like a problem waiting to happen), it’s true. Yes, you can even listen to people as they leave you a message to decide whether or not you want to take their call. But Google’s taken it to the next level, because Google Voice can also automatically transcribe your voicemails to text, send them to you via SMS and email, and let you store, search, and annotate them online in a Gmail-like interface. While not perfect (the transcription is sometimes a little off, but still amazing for a computerized service), this feature is probably the best part of Google Voice, and you really have to see it to appreciate it.

Do you like your carrier’s features? Then stick with them. In the meantime, we’ll be using Google Voice.

Filed under: Technology | Tagged: , , , , , | 2 Comments »

Let bookmarklets work for you

Posted on August 7, 2009 by Jacob Prystowsky

Everybody has heard of web browser bookmarks (aka “favorites”), links to web pages stored within your browser for easy access to websites you want to visit again. But did you know that bookmarks are capable of storing more than just URLs? Modern web browsers allow you to store JavaScript (or “JS” hereafter; JavaScript is a simple scripting language that provides much of the power on the web behind everything from Gmail to the statistics software for our very own OSCPA website) within them too, and with a little creativity and programming experience, you can be well on your way to making your web browsing experience easier and more pleasant — and if you’re like me, taking some of the chore out of regular tasks, as well.

Let’s get started

First things first — if we’re going to write JavaScript bookmarklets, it helps to know a little bit of JS, or at least have prior programming experience of some kind and be good at learning on your feet. If you don’t have this proficiency already, there are plenty of sites that can get you up and running soon. You’ll also need a modern web browser (I prefer Firefox) and a decent text editor — I recommend the excellent BBEdit (or its free cousin, TextWrangler) for Mac, Visual Studio (or its free variant, Visual Studio Express, or Notepad if you absolutely must) for Windows, and either vi[m] or Emacs for Linux — I won’t take sides publicly. For the purposes of demonstration, I will be writing bookmarklets using Visual Studio and running them in Firefox, but the process will look almost identical no matter what combination of the above software you use.

Everybody’s first bookmarklet

The canonical first program is “hello world,” and there’s no reason to break tradition here. Open your editor of choice and type:
javascript:{
alert("hello world");
}
Much as the http:// at the beginning of a regular URL signals to the web browser that we are accessing a web page, the javascript: tells the web browser that this is going to be a piece of JavaScript code, not a regular bookmark. Copy the block of code, paste it into a new window, and remove all the line breaks. (This is the technique we will be using: writing in an easy-to-read style, and then when we are ready to try it, making everything one line, which is required.) If you’ve done this right you should have a piece of code like this:
javascript:{alert("hello world");}
bookmarklets-1At this point we’re ready to add the bookmarklet to our browser. Open a new window and then add a new bookmark to your browser, then after it’s created, paste in your single line of JS in place of the page’s URL and give the bookmarklet a descriptive name like “hello.” After loading the bookmark, you should see an alert pop up with the text, “hello world” inside:

bookmarklets-2

A little more serious

Now that we’ve seen how to make a bookmarklet, let’s try a couple of real world examples of how bookmarklets can make your life easier — since admittedly, “hello world” probably isn’t useful to you. For all these examples, just follow the template above: write your code, make it one line, and save it in a new bookmark in your web browser. (With any luck, you won’t have any debugging to do.)

Search the news

I’m a fan of Google News, but it can be annoying to have to load the home page just to search for something. Let’s tackle this with bookmarklets. To get an idea of the kind of URL we are going to generate by doing a search, we try a test search, and get something like this: http://news.google.com/news?pz=1&ned=us&hl=en&q=test+search. After some experimentation, we come up with this JavaScript solution:
javascript:{
var term = escape(prompt("Search Google News:"));
window.location.assign("http://news.google.com/news?pz=1&ned=us&hl=en&q="+term);
}
The first line (of real code) prompts the user for some search terms, URL-encodes the characters (e.g., “?” becomes “%3F,” etc.), and assigns this result to a new variable named term. The second line appends this search term to a generic-looking Google News search URL, and then directs the current window to go to this search URL. Just what we wanted: searching the news without the middleman.

High-contrast web pages

Sometimes webpages can be downright hard to read. While garish, it’s generally accepted that white text on a black background is the best possible scenario for readability, and bright red and green both stand out well on black as well. The following JavaScript, adopted from a bookmarklet found at Lifehacker:
javascript:(function(){
var newSS, styles = '* { background: #000 !important; color: #FFF !important; font-size: 12pt !important; font-weight: bold !important } :link, :link * { color: #F00 !important } :visited, :visited * { color: #0F0 !important }';
if (document.createStyleSheet) {
document.createStyleSheet("javascript:'" + styles + "'");
} else {
newSS = document.createElement('link');
newSS.rel = 'stylesheet';
newSS.href = 'data:text/css,' + escape(styles);
document.getElementsByTagName("head")[0].appendChild(newSS);
}
})();

will do the job, making any webpage high contrast and easy to read.

These are just two examples of what can be done with JS and some thought. With a little practice and foresight, you, too, can start writing bookmarklets to change the way you work online. (If you like bookmarklets and use Firefox, be sure also to check out the powerful Greasemonkey extension.)

Filed under: Technology | Tagged: , | Leave a Comment »

Password Safe

Posted on July 28, 2009 by Jacob Prystowsky

passwordsafe-2Whether it’s your bank’s website, OSCPA’s membership resources, or even just an email account, nearly everything we do on the Internet requires us to authenticate ourselves with a password. But passwords provide a virtually inevitable quandary: Any password that easily can be remembered can also probably easily be guessed. Worse yet, it is difficult enough to remember multiple simple passwords, much less multiple secure ones, so people tend to reuse the same password, or set of a few passwords, across multiple services, perhaps altering the passwords very slightly (and probably predictably) for each one, and that’s if we’re lucky. Add to this the sometimes draconian password policies requiring passwords to be changed on a regular basis, and it’s no wonder that passwords are such a problem today.

The ideal solution, of course, would be if everyone (we will use an apocryphal user Alice for simplification) used different passwords for each resource (email, banking, OSCPA, etc.), and if each password was secure. The importance of using different passwords for different services is the same as the importance of using different keys for different locks. Imagine if Alice used the same key for her car, her home, her mailbox, and her office. If a thief — let’s call her Eve — ever managed to copy the key, she would immediately have access to all of these locations, and Alice would have additional hassles with having to change so many locks. Furthermore, Eve could target the easiest location at which to copy Alice’s key — perhaps by impersonating a maintenance person at her work, instead of having to go directly to her house. The importance of Alice’s keys being secure (i.e., not easy to copy, not blank keys bought from the store, and of a shape not easily guessed) is, we hope, self-evident.

Password security involves a lot of different technical aspects, but the three take-away elements are this: Good passwords should be complex, utilizing both uppercase and lowercase letters, as well as numbers, spaces, punctuation, and other symbols; they should be long; and they should be random. Complexity is a measure of a password’s key space. Intuitively, the greater number of symbols that Alice’s password contains (e.g., letters and numbers instead of just letters), the greater the number of combinations of passwords that she could be using, and so the more passwords that Eve must guess. Length is a measure of a password’s key length. Once again, the longer a password, the more possible passwords there could be, and so the harder individual passwords are to guess. Finally, randomness is a measure of a password’s entropy, which can be thought of as measuring how hard it is to predict one letter based on another (for example, a password of “abcd” is less entropic and so less secure than that of “a3@Z”).

passwordsafe-3

These days, a minimum amount of entropy that we should demand from our passwords is about 128 bits. In lay terms, this corresponds to a password of between 16 characters (containing a completely random sequence of every symbol of which you can conceive) and 64 characters (containing only regularly-typed English letters). Somehow remembering a litany of completely different passwords of these types, some of which must be changed on a regular basis, is understandably probably impossible (unless you’re Dustin Hoffman’s character in Rain Man). And if you write these passwords down, unless you store them somewhere safe, you might as well use weaker passwords that are easier to remember — and if you do store them somewhere safe, they’re probably not going to be easy to get to.

What’s the solution to this technical headache? Go ahead and use different, strong passwords everywhere — but only worry about remembering one of them. There are a number of different software solutions that will store your password for you, many built into the different operating systems, but the program we will be reviewing is Password Safe, which is free (in fact, open source), available for Windows (beneficial for many corporate environments, and programs compatible with Password Safe are available for other operating systems), and secure.

Upon launching Password Safe, you’ll be asked either to open an existing database or to create a new one (choose the latter if you’re using it for the first time). The fact that you can create multiple databases has a number of useful applications. For example, you could have one database for home and another for work, or one database for personal accounts, and another for group accounts, and the password database for the latter could securely be shared among multiple people. The password that you supply for each database will be all that is required to access the passwords inside, letting you remember just one key — the database password — while forgetting about the numerous secure passwords stored inside. If ever you need them, just open up Password Safe and pull them back out again.

passwordsafe-1

Password Safe helps you manage your passwords in other ways as well, like coming up with good passwords in the first place (you can customize your password policy and even have the program generate a random password for you), storing account and other info along with them, remembering the last several passwords used, copying passwords to the clipboard without viewing them (for deterring shoulder surfers), changing how often passwords expire, and so on.

Finally, the databases that Password Safe creates are very secure, ensuring that if a thief somehow got access thereto, if the password you chose to protect it is secure, its contents will be, as well. The software is open source, so you can examine its code yourself and ensure it is up to no ill, and it was designed by the respected security analyst Bruce Schneier. To protect your information, databases are encrypted with the Twofish algorithm, one of the Advanced Encryption Standard finalists, and Password Safe has been reviewed by Schneier’s own Counterpane Internet Security, Inc. (now BT Counterpane, owned by BT Group plc). So whether you’re a grandmother at home or a corporate executive flying between Columbus and San Francisco, it’s time to set your excuses aside for not using multiple strong passwords everywhere and save yourself a headache of trying to remember them all.

Filed under: Technology | Tagged: , , , , , | Leave a Comment »

Next Page »