Insights For Success

Strategy, Innovation, Leadership and Security

Information

5 best Random Password Generators

GeneralEdward Kiledjian1 Comment

1 - Random.org

Random.org has been one of my favorite sites for a long time. It uses atmospheric noise to generate its randomness which is much better than the logical pseudo-random generators used by many sites and service.

You choose the password parameters you need and it generates wonderfully random passwords to use with your password manager of choice.

Link

2 - Symantec Identity Safe

Symantec has been a mainstay of the security market since the 90s and they bought a company called PCTools (and its Secure Password Generator). As a PC Tool vendor, they will try to make you download their privacy tools but I wouldn't recommend their password vault.

Use the password generator on the right side of their site to generate high quality complicated passwords with the required complications. As an example, the above complications generated this password for me : dr-cr+wreF5p.

Link

3 - Wolfram Alpha

Wolfram Alpha is a powerful knowledge engine created by the brainiacs behind mathematica, It is a superb tool I use regularly for problem solving but it also generate random passwords. Head over to their knowledge engine and enter Generate Strong Password. Then press the equal sign. 

Then choose the complications you want and press the equal sign again to generate you password.

then it generates your wonderful password

you press on Plaintext and copy it into your favorite website or password manager.

Link

4 - Lastpass password generator

My 2 favourite password managers are Lastpass and 1Password. Both have the capbility to generate strong passwords and you should use that functionality if you have those those. Considering most of Lastpass is now free to use, you really have no excuse.

But Lastpass also offers a web based secure password generator which is clean, easy to use and efficient. 

When you scoll up on that page after choosing your complications, you get a wonderfully generated password of your can click the button and have another one created for you.

5 - GRC Ultra High Security Password Generator

GRC is the home of Gibson Research Corporation. It is owned by Steve Gibson the Grand Poobah of internet security. He found the first spyware and wrote the first anti-spyware app. He is considered one of the most prominent security professionals and makes tones of tools available on his site. 

His site generates perfectly random long complex 64/63 character passwords and he then explains why his passwords are high quality. If you are interested in geeking out, its a wonderful read. 

Using Non-US cloud providers doesn't protect data

technologyEdward Kiledjian2 Comments
Image by  Jaaron  under Creative Commons License

Image by Jaaron under Creative Commons License

My day job is in security so I read every Snowden leak with great interest. It is fascinating to see how well funded intelligence agencies can collect the data they need. All these these leaks seem to have tickled a nerve with some non American corporate IT managers who are now demanding that their cloud providers store their data outside of the US. 

But does that really make a difference?

In my opinion, the answer is no and here's why. The US Patriot Act (link) which gives the US intelligence community its super powers, compels any US company to turn over requested data regardless of where it is stored (it is not limited to data stored in the United States). Companies that allow customers to choose where the data is stored are providing a false sense of security to customers.

So how should we do to protect our data?

If you are a non-US company that wants to leverage a cloud service provider but that still want to protect your data from the NSA then you have to use a non-american provider and ensure your data is stored outside of the US. 

But even this doesn't guarantee total privacy. Keep in mind that most countries have local intelligence organizations (CSE in Canada, GCHQ in the UK, etc) and the leaks show that many of these agencies eagerly collect data for each other and share that data with limited control.

For the time being, your super secret data should be encrypted by you before it is sent to the cloud using Trust No One encryption but then you lose most of the value of these cloud services. Ultimate security means broken functionality. Ultimate functionality means broken security. You'll have to try to find a balance somewhere in between. 

How many of your Twitter followers are fake?

technologyEdward Kiledjian2 Comments

With all the talk about fake Facebook/Twitter/Youtube followers, you may be wondering how many of your Twitter followers are real people and how many are bots.

Enter Twitter Audit. The company describes itself as

Each audit takes a random sample of 5000 Twitter followers for a user and calculates a score for each follower. This score is based on number of tweets, date of the last tweet, and ratio of followers to friends. We use these scores to determine whether any given user is real or fake. Of course, this scoring method is not perfect but it is a good way to tell if someone with lots of followers is likely to have increased their follower count by inorganic, fraudulent, or dishonest means.

You go to the frontpage

And log in with your twitter credentials.

It then analyzes your followers for a couple of minutes and generated a nice graphical representation

 

It provides a couple of graphs but the most important info is at the top. The service believes 120 out of my 3757 followers are fake(which is pretty good).

Why not take a second and check your follower count?

I recommend you then go to the Twitter permission page and revoke the apps rights (just in case).

 

SoundGecko let's you listen to your favorite website

technologyEdward KiledjianComment

SoundGecko is a service that takes in web content you are interested in and makes it available as a downloadable audio track. In simple terms, it converts the content you want into spoken word so you can listen to it while driving, running errands or anytime you can't read.

There are clients for IOS, Windows Phone and Android.

Available on the App Store Download from Windows Phone Store Android App on Google Play

How it works

You sign up for a free account and then go to the SoundGecko page.

you enter your registered email address and add the URL of the content you want read.

You can also add content via the Chrome extension.

Once processed, you can listen to the content online, download it or browse it via their mobile app

Their mobile apps

The mobile apps are clean and easy to use. Any article it processes appears in the app within minutes.

You can play the content or link to the original article. If the original article contains graphs or videos, that part of the article is skipped by the audio conversion engine.

Leverage the cloud

If you use Dropbox, Google Drive or Microsoft Skydrive, SoundGecko can automatically upload the MP3s to that service. 

You can also listen to your conversions as a podcast using most podcast catchers.

Premium version

Many users will find that the free version is more than adequate for their casual needs. For the more die hard, they offer a pro version which costs $2.99 a month:

Verdict

This is an interesting way to stay up to date with the latest web content that interests you. I tried it for a couple of days and stopped using it but some of my contacts swear by it and have even forked over for the premium version. 

I say try it with the free version and see if this is something that can benefit you. Definitely interesting for the road warrior.

You make bad decisions when too much info is available

Leadership StrategiesEdward KiledjianComment

We live in the information age where almost anything can be researched and learned from the massive information superhighway. But is too much information a bad thing?

Psychology today has an interesting article that claims the more we learn, the harder it becomes to make a decision. Pushing the point just a little more: more information may encourage us to make a worse decision.

The article is worth reading and one paragraph that stood out at me was this:

"The human mind hates uncertainty. Uncertainty implies volatility, randomness, and danger. When we notice information is missing, our brain raises a metaphorical red flag and says, "Pay attention. This could be important."

If information overload leads to bad decisions, then why do we do it? They have a great explanation

Learning is associated with the release of dopamine, the same as powerful drugs like cocaine. It's why we are so vulnerable to an Internet rife with attention parasites that leave us worse for the wear.

They also state that humans tend to over-estimate the value of missing information. Any time we feel info is missing, our subconscious assumes it must be useful. The moral of the story is to consciously decide how much information you really need to make a good decision and stick to your plan.

I wonder if we will ever see people claiming to be "Information Addicts". Do we need to create a 12-step program for information addiction? LOL