You are here: Home / Live There / Dangers

We Need Better Password Security — But This Ain’t It!

September 12, 2009 By Philly 2 Comments

For years now I’ve heard discussions regarding security of online password-protected services and, in particular, how to protect yourself when using common use computers, such as those in Internet cafes.

A continual background chorus of folks has had something wrong for years .. use the built in Microsoft On-Screen Keyboard application they say. 

This is a dumb idea and has very little, if any value in protecting you … but especially here in the Philippines this seems to have become almost a shibboleth. 

I’m tired of wasting my breath with people who fail to grasp how computers and Windows actually work.  Perhaps this article will help … safe computing is an issue here in the Philippines, but osk.exe is not the answer..

Prevent keyloggers from grabbing your passwords
Scott Dunn

By Scott Dunn

Strong passwords are important, but even the best password won’t keep you safe from keyloggers — hardware and software that’s designed to secretly record your keystrokes.
Fortunately, there’s a way you can enter sensitive data so it’s extremely difficult for snoops to extract your passwords from keylogger files.
In her Aug. 6 Top Story, WS contributing editor Becky Waring reported that Google’s Gmail service allows hackers to try to guess your password 1,200 times per day. She provided some useful tips for making strong passwords that are easy to remember but hard to crack.
The bad news? Even the strongest passwords can be recorded by keyloggers. These are software and hardware products designed to capture computer events and store them in a log file.
Keyloggers can have legitimate uses in business, or they can be perverted into collecting passwords for identity theft. For more information on how these products work, see my Oct. 9, 2008 review of free software keyloggers.

Windows’ On-Screen Keyboard app is also logged

If you’re using a computer you aren’t sure is keylogger-free, how do you protect any passwords to sensitive Web accounts you may need to access? A reader named Kenneth recently submitted the following suggestion:

  • "I use a simple existing tool in Windows called osk.exe (On-Screen Keyboard). This program, as you may know, resides in the C:\WINDOWS\system32 directory, but there’s no shortcut or link to it, so most people don’t know it exists! You can launch it by entering osk in the Run command.
    "Anytime I need to log in to any sensitive sites (banking, etc.), I launch osk.exe first and use this on-screen keyboard to click and enter my user name and password, even on my own home computer. This way, I feel confident that my credentials can never be captured."

Kenneth’s suggestion may be useful to prevent some types of hardware keyloggers from detecting signals from the physical keyboard. Unfortunately, the program provides no defense against software keyloggers. Windows’ On-Screen Keyboard sends information to applications as keystrokes, just as though you’d pressed the keys on a keyboard.
The first keylogger program I tested with the OSK workaround — All in One Keylogger from RelyTec — easily captured my keystrokes as I signed in to a Web site. (For more information about the All in One program, see the vendor’s site.)

Popularity: 3% [?]

Filed Under: Dangers

Why There Is So Much Dust In Pampanga

July 7, 2008 By Philly Leave a Comment

Just came across this video today courtesy of an old friend from the Philippines/US, Ken Rice.  he has some others on his site that may be of interest.

Frst floor of Porac church covered by laharThis was of particular interest to me because I go to Clark, Subic and farther north in Zambales where some family members live, essentially all around the base of Mount Pinatubo.

One of the big products of the area is lahar, the technical name for the sharp-edged sand that fell to earth from Pinatubo.  The lahar changed the entire landscape of some areas (my uncle’s yard in San Marcelino, Zambales is about 2 feet higher than it was pre-1991 … in Porac, Pampanga and at several other towns in the area there are churches where the eave of the roof touch the ground now.

This video was shot by a UASF Security Forces sergeant during the time of the eruption itself and shows some of the collapsed building as relief/rescue efforts going on on Clark Air base before the decision was made to evacuate the US forces and let Pinatubo Scenessomeone else clean up the mess.  Most of Clark is in good shape today … it’s amazing the difference between then and now. 

 

 

 

 

 

 

 

 

 

Just click the picture to watch the video if you are so inclined.

Popularity: 3% [?]

Filed Under: Dangers, Live There

Oh, We Don't Get Those Here

April 19, 2008 By Philly Leave a Comment

US midwest earthquake damage I watch Discovery Channel a lot here in the central Philippines.  In general, Discovery is pretty good, they have quite a few shows worth watching … but they have one very, very annoying habit or mannerism.  In addition to being more OA (Over Acting) than the typical Tagalog romance movie, the writers, announcers and narrators are obsessed with the "Man Battles Nature" theme.

Well, I can give you outcome of that war … in the past, present or future.  Man loses.

A lot of folks talk to me about safety in the Philippines regarding the natural disaster potential here.  For many reasons a majority of foreigners feel their image own countries are automatically safer than here in the Philippines.  After all, the Philippines is on the Pacific Rim Of Fire.  There are active volcanoes here.  And yes, a lot more people died in the Mt Pinatubo/Typhoon Yunya disaster than died in the huge St. Helens event.

But I also find that events in the Philippines seem over reported at times in contrast to US events.  The lead picture here is from an earthquake Friday, US time in southern Illinois.  "Oh we don’t have earthquakes in the US very often".

Well, actually, you do.  There are dozens of ‘felt’ earthquakes in the contiguous "lower 48" each year and, of course, many more in Alaska and Hawaii.  Just this morning Illinois got reminded of earthquakes … every state can be a victim.

What was really interesting to me was just a few minutes ago when I rechecked the headlines before publishing the news of the Illinois earthquake was way down below articles about John McCain’s tax returns.  Talk about trivial pursuit.

Tropical storms?  The Philippines gets its share of them too, just like the US Gulf costs, east cost and Hawaii as well.  Sometimes Asian storms seem to do more damage but I doubt the people of New orleans or the truly forgotten areas on the Mississippi and southern Alabama coasts will try to argue that theirs aren’t serious.

Bottom line is … Mother Nature can be very powerful and it doesn’t pay to be too proud of how "safe" any particular area is .. man proposes but God disposes.

Popularity: 1% [?]

Filed Under: Dangers, Live There