App security

Did you know that even if you think you’re careful of what you view or allow, it’s not only what apps and websites you allow to access your Facebook account, it’s also what your friends allow on theirs that attach to your account and impact what information is shared about you. Malware is a piece of software that is automatically installed on your computer without your knowledge. Apps are a common place for Malware to hide and can be easily added to your computer when you visit sites while logged into your Facebook account. Managing and cleaning up this section of your account requires more vigilance than simply checking a security setting box. When you open this section, you may be surprised at how may apps are actually attached to your Facebook account.

To check your profile for a list of Facebook Applications, click on the “Edit Settings” in the Application Settings.

When you click on the “Edit Settings” link for one of the applications, you’ll see what the app has access to and you can edit those settings. If you no longer want that app on your Facebook account, click the “X” to delete the app. It will be deleted temporarily but you’ll eventually see it back in your list. The best way to avoid apps attaching Malware to your computer is to log out of Facebook before surfing the Internet.

You may not realize it, but the apps your friends use on Facebook can also access information about you, like your photos, hometown and current city. If that’s a concern for you, there are two ways to manage how your information is shared. The first and most extreme is to disable all platform apps to completely prohibit any third party Facebook apps from accessing your account. You can do this by clicking “Turn Off All Apps” in this section.

The second option is to deselect the boxes of information that you don’t want shared with the world. You can do this in the “This App Can” section of each app. As seen above, I allowed Pinterest to post on my behalf but I deleted the rest of the default sharing options.

Blocking People

If someone is contacting you or posting negative comments on your wall, you can block them from being able to access your account. Go to that person’s Timeline and hover over the “Friends” tab. You’ll see a drop down menu of options to choose from. You can simply click “Restrict” to block them from accessing your Facebook page or you can “Unfriend” them altogether.

Custom Privacy

In addition to each category setting above, you can customize your Facebook account further so that only specific people can see certain updates and the same can be done if you want to hide updates from certain people. Just change your “Privacy Setting” to “Custom” and the window will open where you can select who will see that information. Making lists of family, coworkers, or whoever you will send bulk email to will make this step much quicker.

Post Security

Facebook is a place where you share all of the big things and small things with your family and friends. Though we should always keep security in mind, it shouldn’t keep you from sharing pictures of your family or a vacation for fear of it being seen by the wrong people. When you write a status update, you can select who sees that update by clicking on the padlock icon next to the “Post” button. Then only those people you select will be able to see the post and comment on it.

If you follow all of the security steps in part 1 and part 2 of Putting Your Facebook On Lockdown, you shouldn’t have any trouble with a hacked or compromised account. I will be making some changes to my account and cleaning up some things that don’t need to be there. Will you join me in making Facebook more secure for you and your family?

Related Posts:

• A User’s Guide To Facebook Ads
• Put Your Facebook Account On Lockdown (Part 1)
• How to Add Social Shortcuts to Your Windows Desktop
• How to Use Facebook Groups and Lists To Market Your Business

To get started, simply go the Cocoon website and install the addon. It is currently available for Firefox and IE.

Once you have installed the extension and restarted your browser, you should see a toolbar appear at the top of the browser. To start a Cocoon session, you have to first register for a Cocoon account, then login to your account in the toolbar.

After you have logged in, it will immediately connect itself to a secure proxy server and switch your browser to Private Mode. From here, you can proceed to surf the Web like normal and with the knowledge that you are now behind a proxy server and your browsing session is secured.

While browsing the web, there is also this nifty feature that allows you to add a note for the site. All the notes are saved in your Cocoon account. Regardless which computer you are using, as long as you are signed into your Cocoon account, you can access the notes. There is also a pin for you to bookmark sites.

Cocoon Security

If you attempt to download an exe file from the Web while on a Cocoon session, you will not be able to do it as Cocoon blocks it as part of their security measures. In addition, all the downloaded files will be scanned for virus and trojan before they reach your computer. The most important of all, it also prevents automatic drive-by-downloads and prevents you from being tricked into manually downloading malware.

Cocoon History

In usual Private browsing mode, all your cookies and history will be erased right after you close the session. In Cocoon session, your History is not erased. Instead, you can access your History from the “Settings -> History” tab in the toolbar. Of course, this History Saving feature is optional. You can opt-out of it if you don’t want any of your browsing record to be saved.

Disposable Email Address

Another cool feature of Cocoon is the disposable email address that you can setup and use. Under the Mailslots tab, you can check your Disposable email inbox for any kind of newsletters (or freebies) that you have signed up for. The “Manage” sub-tab is where you can find create disposable address to give out. One thing that I love about this feature is that it is well-integrated into the session. You can create disposable email address on one tab, give it out on another and return to check the emails. There is no need for you to sign in to your personal mailbox to check, or setup another temporary email services from third party sites.

Cocoon Settings

Just like a browser, you can configure the Home page to load when a Cocoon session starts and whether to clear cookies, form fill, history on log out. There is even an option to block Facebook tracking which is pretty useful for those who want to block facebook, but don’t know how to do it.

Lastly, to log out of Cocoon session, simply click the Power button at the left side of the toolbar. This will log off your Cocoon account and return your browser to the normal mode.

Conclusion

You can either spend hours trying to configure a firewall, VPN or proxy server or just spend a few seconds to start a Cocoon session and stay protected. That is how easy to use Cocoon is. It gives you hassle-free protection and allows you to spend your time on more productive matters. Best of all, you can install on every computer you use and have the same settings throughout.

Cocoon is currently available for Firefox and IE and a mobile version is said to be on the way. It is free (ad-supported) and you can upgrade to the premium plan to remove the ads.

Cocoon

Related Posts:

• Tails : a Linux Distribution For Protecting Your Privacy
• 4 Must Have Browser Addons To Protect Your Online Privacy
• BrowserLinux: A Linux Distro For The Sole Purpose Of Browsing The Web
• How to Tile Your Tabs Easily in Firefox

The smartphone nowadays is more than just a simple calling device. The Android phone or iPhone that you own is a powerful mini-computer that allows you to surf the web, check emails, chat with friends, read books, listen to music, watch videos or even work while on the move. Thus, it can be a frustrating experience when it lags terribly, or the battery runs out of juice very quickly. With a little (and regular) maintenance and the help of several applications, you can easily get your phone to perform at its best, consistency.

Security

Protecting your Android phone is the most important thing that you need to do. Having a virus or malware attack on you is no joke. It might cause your phone to lag, applications to crash and the performance to deteriorate. On a heavier scale, it can also send unauthorized (and expensive) SMS or make oversea call without your knowledge. Worst still, it accesses your file folders or emails and steals your confidential data.

1. Install anti-virus software

Unlike the anti-virus suite you install on your PC, the anti-virus applications for Android often come with much more features than just simple virus scanning. Avast Mobile Security is one anti-virus app that I use and love. It comes with a virus and malware scanner for the apps you installed and the files you downloaded, a privacy advisor that shows the privacy issue for each app, a firewall that you can use to configure which apps can access the Internet and lastly, a comprehensive anti-theft feature.

2. Backup your system

If you have associated your Android phone with your Google account, there is an option in the phone that allows you to sync your data (all apps installed from the Play Store, WiFi, passwords and other settings) to the Google server. For apps that you installed directly using the .apk file (Google doesn’t sync apps that are not installed from Play Store), you can make use of Astro file manager to backup the app. If you have a rooted device, the Titanium backup is a better choice since it backups your app settings as well. Lastly, you might want to sync your files with Dropbox or Box. One tool that I use to sync between phone and Dropbox is Dropspace.

Performance

One of the main factor that affects your phone performance is the battery life. Before we go on to fix the battery life, it is best to go to “Menu -> Settings -> Battery” to check out which function is sucking away all your battery juice. In most, if not all, Android phone, the screen will be the killer followed by the Android OS.

To combat this:

3. Switch to Auto-brightness for your screen setting

At the Brightness section in the Settings, set the phone brightness to “auto-brightness” mode. In this mode, the phone will detect the surrounding light and adjust the screen brightness accordingly. Alternatively, you can turn the screen brightness to the lowest when you are indoor and switch to auto-brightness when you are outdoor. An easier way is to place a Brightness toggle widget on your home screen so you can switch between each brightness level quickly and easily.

4. Disable battery-sucking settings in standby mode

If you care about your battery life, Juice Defender is the app that you must install. It helps to preserve your battery life by automatically turn off the battery sucking settings (such as 3G mode, screen brightness etc) when your phone is in standby mode. I have been able to stretch my battery life to 25 hours (from 18 hours) right by installing this app.

5. Monitor apps and kill them when they misbehave

Watchdog Task Manager is one app that you can install and leave it to do its work. WatchDog works quietly in the background to monitor your Android system for misbehaved apps and kill them when they are taking up chunks of your CPU power. It will ensure that your Android phone is always at its tip-top conditions and is not affected by any poorly-coded app.

6. Clean up your system cache, history and temporary files

Just like the browser in your PC, the more cache, history and temporary files it have, the slower it runs. This is especially if you have limited (internal) storage space on your phone. One tool that I use is the ZDBox. It comes with a system cleaner function that allows you to clean your system with one click. Other than that, ZDBox also has app locking, task killing, battery saving and do not disturb feature. All these made it a versatile, useful and handy tool for your Android phone.

Efficiency

Your smartphone should be able to improve your efficiency and help you to do more things with lesser efforts.

7. Automate the mundane tasks

Llama is one powerful (and free) and easy to use app that you can use to automate plenty of stuff on your phone. You can get it to automatically switch phone profile (Silent, Loud, Vibrate etc) according to preset events. You can also set rules and conditions and get it to perform tasks when the rules/conditions are met. One rule that I set is for it to switch to flight mode during sleeping hours. This will ensure that I have a peaceful sleep and save my battery life as well.

8. Change the workflow

The best way to improve your productivity is to change the workflow of your phone. If your Home launcher is very limiting and doesn’t allow you to do custom configuration, it is best to switch to one that gives you flexibility. There are plenty of launcher apps out there, with ADW Launcher, Go Launcher and LauncherPro among the more popular one. Most of them come with plenty of configuration options for you to customize your homescreen to the way you like it.

What other tips do you have to get the best out of your Android phone?

Image credit: By MJ/TR (´???)

Brand Statement

• When it comes to your tax return, you never have to settle for less with H&R Block. Filing your taxes with H&R Block just became an event worth sharing. Get started now for your chance at instant cash prizes and the $100,000 refund! There are winners every hour. So file your taxes then let your friends know how rewarding it can be.
• NO PURCHASE OR PAYMENT OF MONEY NECESSARY TO ENTER OR WIN. A PURCHASE WILL NOT INCREASE YOUR CHANCES OF WINNING. H&R Block® –100,000 Refund Giveaway starts 1/17/12 at 12:00 P.M. (midnight) ET and ends 4/17/12 at 11:59:59 PM ET. For Official Rules, to learn how to obtain a free means of entry without purchase, to learn how to play the instant win game and enter the sweepstakes, drawings, prize details, odds of winning, restrictions, etc. click here. Open to eligible legal residents of 50 US/DC, 18 years or older at time of entry. Void in P.R. and where prohibited. Sponsor: HRB Digital LLC, One H&R Block Way, Kansas City, MO 64105.

Disclosure: Compensation was provided by H&R Block® via Glam Media. The opinions expressed herein are those of the author and are not indicative of the opinions or positions of H&R Block®”

Related Posts:

• Gives Your Windows Total Protection With Bitdefender Total Security 2012
• Unplug And Reconnect Lets You Take Some Time Off Your Android Phone
• 4 Ways to Keep Your Windows PC Secure Without Paying for Third-Party Applications
• 4 More Distraction Deterring Android Apps To Increase Your Productivity

1. Stick With Microsoft Security Essentials

Gone are the days you have to shell out money for computer security just to get rid of a couple of viruses every year. For its customers, Microsoft already offers an application called “Microsoft Security Essentials“. It doesn’t come as part of your Windows installation, but it’s been around, and it’s been free for a very long time. You can download it if you run Windows Vista (32 or 64 bit) or later.

Microsoft’s Security Essentials software keeps you updated with its own virus definitions and helps you combat even the most complex infections. An additional bonus to install MSE is that it doesn’t take a whole lot of resources from your computer, like other “bloatware” anti-virus solutions do.

Go ahead and download MSE from here.

2. Windows Firewall Is as Competent as Any Other Firewall

It’s become a new fad lately to criticize every product Microsoft comes up with. While some of the complaints are well-merited, people often avoid using Windows Firewall because they hear it won’t really protect them. In reality, you can configure the firewall to do practically anything any other firewall can do. Contrary to many beliefs, Windows Firewall has the possibility to block outbound connections coming from a malicious application and monitor your network for anything else:

It’s all about searching. You can get to this window by clicking “Advanced settings” when you reach Windows Firewall settings in the control panel. There’s no reason anyone shouldn’t be able to have a secure system running solely with Windows Firewall. Honestly, though, configuring outbound blocks doesn’t really help you stop anything. If malware is making outbound connections through your computer, you should really consider getting rid of the malware. Blocking the malware’s access to the Internet doesn’t really stop it from hogging your computer’s resources.

On the other hand, you should really keep an eye on inbound connections, which often try to hook onto your Internet line and exploit your computer’s vulnerabilities. We can speculate as much as we want, but having Windows Firewall running on your computer is no different than using iptables on Linux. Both are very secure and difficult to exploit.

3. Download Windows Updates

Don’t listen to the conspiracy theorists saying that Microsoft Windows Update is an evil service that attempts to control your computer. While they might be right about the “control” part, it’s not like you’re going to suddenly see that you can’t go to a website because Microsoft is trying to “protect” you. The only thing that can happen is that they’ll pull an application from your system if it violates their policies, and that’s not going to happen until Windows 8 comes out. Still, they don’t need Windows Update to do that.

Downloading your updates is as important as running a firewall and keeping an up-to-date virus database. In fact, some malware has been rendered useless (like the “Conficker” virus) within a short while, when Microsoft patched up a vulnerability in Windows that it released as an update. People who refuse to use Windows Update might scoff at this, but it’s no laughing matter when you consider that many people also said that smoking isn’t bad for you.

It’s true that sometimes Windows Update might accidentally detect your Windows installation as counterfeit, but you can always ring up Microsoft on this. They’re always glad to assist you should anything go wrong on their end.

Are you annoyed by Windows Update forcing your computer to restart all the time? This isn’t an issue, as you can always configure it not to auto-restart after the update.

4. Disable UAC & Stop Downloading Suspicious Files

There’s a certain something that Microsoft should have never included in Windows: User Account Control. This intervention isn’t necessary in most systems, and certainly shouldn’t appear in home PCs. UAC basically is the pop-up that comes up whenever your computer wants to make sure you’re running an application on your own accord.  It looks something like this:

To disable it, read this article, which teaches you how to disable it under the “Disabling UAC” section.

Aside from disabling UAC, you can keep your computer secure using prevention. Download only from familiar sources and don’t download suspicious files. It only requires common sense. If someone links to a “.exe” file and says it’s a picture, don’t approach it. Someone links you to a page where you must log in to a website you’re already logged into? Don’t go to that page! These are simple and common tactics of fooling people, but as you grow more aware of what’s going on, you might prevent a major system catastrophe.

If you have a file you want to download and don’t know whether to trust it or not, upload it to VirusTotal and let its results tell you about it. The website runs the file you just downloaded through a ton of different anti-virus solutions and lets you know what each of them picks up. A few false positives might appear, but if many of the anti-virus solutions say that it’s an infected file, you’d best steer clear from it.

Following all this advice will help you thwart most common attacks, and even some rare ones, without ever having to pay for third-party software. If you have more ideas, throw them at us in the comments section below! We’d love to hear from you!

Related Posts:

• 4 Reasons Why Windows UAC Is Useless
• 4 Things Computer-illiterate Users Should Know When Running Windows
• Gives Your Windows Total Protection With Bitdefender Total Security 2012
• BufferZone Pro Lets You Surf In Security Sandbox, Keeps You Protected From Virus And Malware

The traditional program for a firewall in Linux is the command-based IPTables. Directly derived from the ideal of Unix, it is very powerful, and yet extremely complicated for a beginner. IPTables does not launch itself at the boot, so it is the user’s duty to configure the firewall in a script and run it right after the login. An easier option is to use UFW (Uncomplicated FireWall). UFW is a command-based firewall, but with a much simpler syntax. It launches itself at boot, and comes with the same security level as IPTables. An even easier way to bypass the command line altogether is to use gUFW – a graphical interface for UFW.

Installation

In Ubuntu, all you have to do is to use the command (you can also install via the Ubuntu Software Center):

sudo apt-get install gufw

Configuration

Run the gUFW application. You should be prompted with a nice gray window.

To operate properly, gUFW needs the super-user’s rights, which means that in a terminal, you will be using the command:

sudo gufw

If you launched it from the Application Menu, you can click the gold lock at the bottom right of the gUFW window and type your password to elevate the user permission.

The window should come to life and you can now begin the configuration.

First, you want to activate the firewall by clicking on the bar next to “Status” so that “On” is displayed. You can then choose what you want to do with the incoming and the outgoing traffic. By default, the incoming is denied and the outgoing is authorized. This is a good basis, but in general with Linux, you want to use your full control to go further than the default. The configuration as it is now will prevent something from coming into your computer but will not stop your computer from communicating. Imagine that your computer is already infected or that a malware succeeds in going through the firewall. In this case, UFW will not stop him from communicating with the Internet and maybe from transmitting your data to an evil cracker.

I therefore advise you to apply drastic measures: deny everything – incoming and outgoing!

At this moment, you will find that you have cut yourself off from the Internet. By denying everything, you also deny any web traffic from coming in/out to your system. Worry not, we are going to set rules to only allow the applications you need and trust to access the web. Adding a rule is simple. You just have to click the “+” button at the bottom left of the window. Equally, the “-” button is to delete rule.

Now, click the “+” button. You should now be in front of a new dialog box with three tabs.

The “Preconfigured” tab is for creating some rules for defined and specific tasks, like for Skype or Transmission. It is the easy way to set rules quickly: decide what program or service you want to use from the list, if you allow incoming or outgoing, and the rules will add themselves.

For example, if you decide to allow in Skype connections, gUFW will allow incoming connections to port 443 using the TCP protocol.

As easy to use as this tab is, it is however incomplete. There is still a bunch of stuff that you cannot do without going into the “Simple” tab. I promise, we won’t go any further, no “Advanced” tab for today.

This tab is not very complex to use. All you have to do for adding rules is to choose between incoming or outgoing connections, the protocol used, and the port number. I am not going to teach you the difference between UDP protocol or TCP, but instead, I will provide you a non-exhaustive list of ports that you may want to keep opened, and the reasons why.

Non-exhaustive List Of Ports

Outgoing connections:

• 80/tcp for HTTP
• 53/udp for DNS
• 443/tcp for HTTPS (secured HTTP)
• 21/tcp for FTP (File Transfer Protocol)
• 465/tcp for SMTP (send emails)
• 25/tcp for Insecure SMTP
• 22/tcp for SSH (secure connection from computer to computer)
• 993/tcp&udp for IMAP (receive emails)
• 143/tcp&udp for Insecure IMAP
• 9418/tcp for GIT (version control system)

Incoming connections:

• 993/tcp&udp for IMAP (receive emails)
• 143/tcp&udp for Insecure IMAP
• 110/tcp for POP3 (old way to receive emails)
• 22/tcp for SSH (secure connection from computer to computer)
• 9418/tcp for GIT (version control system)

Again, this list is incomplete, but it is a good start. Don’t hesitate to search if you have other needs, and check the “Preconfigured” tab first.

Some services, like IMAP, require an incoming and an outgoing connection to work properly. And in some cases, encrypted connections ask for a different port.

Conclusion

Now you are ready to perfectly control your own firewall and assure yourself your security. Lastly, UFW needs to be added to your daemons at boot. Use the command:

sudo update-rc.d ufw defaults

And in other distributions like Archlinux, edit your /etc/rc.conf file. It is of course better to add the UFW daemon before the daemon that establishes an Internet connection (like wicd or network-manager for example).

Do you use another firewall? Or do you have some other rules that you recommend? Please let us know in the comment.

Related Posts:

• How To Configure A Firewall In Linux Using Firestarter
• How to Integrate Skype With Ubuntu Unity
• How to Install Java Runtime In Ubuntu 12.04
• How to Connect to A VPN In Ubuntu [Quick Tips]

Boot

First thing with Tails – it boots fast. Secondly, it is very well designed. Based on a Debian architecture, Tails proposes eleven languages for the system.

As a bonus, there is a camouflage option that makes the Gnome desktop look like Windows XP. No one will suspect what you are doing. To boot with the camouflage option, at the language selection screen, instead of pressing Enter at your selection, press Tab and then add “winxp” to the code that appeared. Here is the result:

Usage

Once your system has booted, you arrive at the simple Gnome desktop and Tor automatically launches itself.

The first evident use of Tails is surfing the web. For that, you are provided with a Vidalia as a GUI for Tor and Iceweasel as a web browser. The latter comes with a plethora of practical add-ons like HTTPS-Everywhere, Adblock Plus, or NoScript. All of these add-ons give you the necessary protection: encryption, protection from tracking cookies, script prevention, etc. Tails guarantees a maximum of privacy possible on the Internet.

As an extra, Tails also comes with aircrack-ng, a non graphical tool for checking the security of your network. If the Wi-Fi you are using is not protected enough, your packets could be sniffed by an intruder. That is why aircrack can try to break into your network as if you were the intruder, and reveal vulnerabilities.

On the other hand, a Tails session can be used as a “safe” environment to work on “sensitive” documents. You are provided with all the necessary software to view and edit files. OpenOffice, Audacity, Gimp, and more are included in the distribution. You will be able to edit Office files, watch videos, record sounds, and more, with the assurance of leaving no trace on the physical computer. Also, in the spirit of Debian, the default file manager to navigate among your folders is Nautilus.

Another usage of Tails would be for secure communications. If you know the chat client Pidgin, you will be glad to know that it comes by default with the plugin OTR, for “Off The Record”, that will encrypt your messages.

And if you are a fan of email clients, Thunderbird is also included with the extension Enigmail for the PGP encryption of your emails.

Finally, Tails can be used for the encryption of physical drives and folders. You can use the program TrueCrypt for a LUKS encryption.

Extras

On the same level, Tails comes with two programs in the system-tray: a copy-paste manager and a virtual keyboard. The latter is useful against key-loggers. In the case that the computer on which you are currently working physically records what you are typing, the virtual keyboard will assure you security.

The copy-paste manager, while useful, is also a security vulnerability by itself. I don’t know about you but I sometimes forget to erase it at the end of my session, and you never know what it might contain. Email addresses, URLs, passwords, any information that you copied into the clipboard can be accessed. Against that, the copy-paste manager in Tails propose a funny option: the encryption of your clipboard.

Also, Nautilus has been installed with the extensions for securely wiping files. In others terms, you can delete and be sure that no one will recover. For that: a simple right-click on a file, and then “Wipe” will do the job. The file will be erased and the space written over with random data in order to make any recuperation impossible. However, if you normally deleted a file and forgot to wipe it, there is also an extension for that. A right-click on a blank space will make the option “Wipe available disk space” appear. By using that command, all the files that were on a USB drive, for example, will be totally eradicated, even if normally suppressed before.

Finally, there is a last attack against which Tails is prepared: the cold-boot attack. When you shut down your PC, the RAM will take several minutes to completely erase its content. A cold-boot attack is when a hacker makes use of the delay to recover all the content of the RAM, which means practically everything you’ve done during your session. Even if the cold-boot attack is not regularly used, it is still a threat that users have to cope with. The good thing is, Tails automatically wipes and fills the RAM with random data at the end of your session.

Conclusion

Although Tails is still in its early version (0.10.1), it presents a couple of very well thought-out abilities. Its goal is very clearly established and developers are actively working towards it. I appreciated even more the invitations to give feedback and to report bugs. It is true that there are still a couple of areas that can be enhanced. There are still a couple of bugs in the winxp camouflage mode, and the mac changer program is currently not working, according to the wiki. But, as I said, Tails seems very promising and I can hardly find any other areas to improve.

And you? Have you tested Tails or something similar? Can you think of any weaknesses or fields that have not been treated? Are you using some other methods to protect your privacy? Please let us know in the comments.

Tails

Image credit: Privacy by BigStockPhoto

Related Posts:

• Linux Mint 12 “Lisa” Review
• Cooking with SliTaz – An Innovative (and TINY!) Linux OS
• 2X ThinClientOS: A Linux-Based Thin Client System
• Choosing the Best Linux Distro For A Web Server

Your Stuff, Everywhere

iCloud now comes fully to Mountain Lion. If you aren’t familiar with iCloud, it allows all of your documents, photos, iCal, Address Book, etc to be available over the air without having to be saved on a flash or hard drive. The cloud initiative is also found with many music sharing companies that allow songs to be available over the air for download once purchased. To use on your Mac, just sign in with your Apple ID. What ever you do on one device hooked up with iCloud, it will reflect on the other connected devices. It will be something you’ll find yourself using a lot with Mountain Lion!

iMessaging on a Mac

Facetime become available on the iPhone, before appearing on the iPad, then Mac. Now, iMessage followed suit. First becoming an iOS feature, before appearing on the iPad, and now it replaces iChat with the latest Mountain Lion update. Now known as Messages for Mac, the new messaging hub allows you to chat on the same services available through iChat, however you can also iMessage between Macs and iOS devices. Messages for Mac also has the ability to send photos and files, and if the device you want to conversate with has FaceTime, you can even hold a FaceTime conversation by clicking the special respective button that launches the FaceTime application.

Sharing Sheets

Throughout Mountain Lion, you will see a special button called Sharing Sheets. This allows you to share photos, documents, and more through Messages, adding a bookmark, reading for later, and more. This is the best way to share everything from links you have found online to photos you have taken on Photobooth, to even photos you have collected in iPhoto. In iPhoto and Photobooth, if you have created a video or taken a photo, you can even share them on Vimeo and Flickr, respectively. Have a PDF document you need to run by the boss? Share it through Mail with Share Sheets. Did we mention there’s also Twitter support?

Tweeting on Your Mac

With Share Sheets, you have the ability to share photos and links you have found onto Twitter. The tweeting feature and interface looks identical to that found on iOS. You have, what looks like a note card, where you can write your message, have the link or image clipped, and the ability to add your location. With a character counter on the bottom, you never have to worry about staying within the 140 characters. If you receive a mention or DM, you’ll know with Twitter integration.

Your Mac, Safer

OS X Mountain Lion is there to make sure your Mac is safer than ever. This is done with the addition of Gate Keeper. This makes sure that the applications downloaded are of your consent. You have three options for protecting yourself. You can have no setting at all, allowing you to download just about anything anywhere, but you’ll at least be protected in some minor way. You can set to only download from Apple accredited developers, simply those who have a Developer ID, or you can only download from the Mac App Store.

Notifications in One Place

Just like with iOS, Mountain Lion is bringing your Notification Center. If you aren’t familiar with Notification Center, it is the hub for all of the notifications and alerts you get on your iPhone, and now on Mac. Notification Center will show you when you have a new tweet, when you’ve received a new Message, when you’ve missed a Facetime “call”, and more. To activate, simply slide to the right with three fingers on your trackpad. To clear a notification, click the “X” or click to execute it. Just as is the case with iOS, you also receive discrete notifications without having to activate Notification Center, never having to miss a thing.

Gamer Friendly Mac

Game Center for iOS allowed you to keep of your stats and standings with the games you played alone and with friends. Now, Game Center has come to Mac. You can now check out your standings with the myriad of games available on the Mac App Store. Just sign in with your Apple ID to enjoy the fun. If you are already using Game Center on your iPhone or iOS device, all of your stats and information, including profile information, will match up. Have fun, but not too much fun!

Remember Everything

Reminders first appeared on iOS and it’s an application I use about everyday to remember tasks I have to get done for the day. Now, Reminders is made available on Mac through Mountain Lion. Now you can remember everything that has to get done, from projects to groceries. Reminders for Mac also uses iCloud to apply additions and changes made on your Mac with the iOS devices connected with the Apple ID. Reminders are categorized, like on iOS, making for easier retrieval.

Your Mac, On TV

Want to show of an iMovie creation or footage from your latest vacation? Or maybe you want to show off spreadsheets or a PowerPoint presentation to a class or coworkers. Now, with Airplay Mirroring, you have the ability to play your Mac screen on the big screen, or at least how ever big your TV is. All you need to do is make sure your Apple TV box and Mac are under the same WIFI network, and then you’re ready to begin.

Notes for Your Thoughts

Lastly, Mountain Lion finally has a stable, formal notes section. This allows you to add small pointers, instructions, or just reminders for yourself without having to waste a sheet of paper. If needed, Notes now allows you to add photos and attachments to your notes. Once your notes are completed, you can send them, through Share Sheets to Messages or Mail. Have a note you need to remember once you get back to your Mac? Notes allows you to pin them onto your desktop for later review. All of this works with iCloud, meaning the notes made, edited, and deleted on your Mac will reflect on your iOS device, vice versa.

Which one is your favorite Mountain Lion features?

Related Posts:

• How to Turn Your iPad into a Mac
• What You Need To Know About iCloud
• How to Secure Your Mac
• How To Set Up And Manage Parental Control On Mac

1. Don’t Listen to Websites Promising to Speed Up Your Computer

In most cases, you’d probably land on a pop-up advertisement promising that your computer will run much faster after you try out their software. I assure you that this is a gimmick intended to make you pay money for software that only takes up space on your hard drive. If you really want to make your computer faster, you’re going to have to pay some real bucks to get its hardware in shape.

Everything running on your computer depends on the hardware to run smoothly. Go to your local computer store and ask for a quote on a hardware tune-up. Most likely, if you bought your computer less than two years ago, the process will be painless and inexpensive. Make sure they don’t get cheap and install a bunch of low-grade parts on the PC just to give you a temporary boost in speed.

The software you really need to make your computer run faster comes with Windows already. Disk Defragmenter is one of them. All computers running a Windows version above 3.0 can defragment their drives, and you’ll find the defragmentation utility in the Accessories sub-menu of your “Start” menu. The utility finds files on your hard disk that have been scattered all over the place and puts them all in one place, making them easier to find.

Other third-party utilities might speed your computer up efficiently, also, but don’t listen to the pop-up ads that advertise a utility that can speed up your computer. Use things like Tune-Up Utilities or something you can purchase from your local computer store.

2. There Are Two Types of Memory on Your Computer

This might be rather rudimentary, but there are cases when people can’t distinguish between random access memory (RAM) and storage. Both types of memory store things, but RAM only does this temporarily.

RAM stores everything you’re running right now, at this very second. This page you’re reading, for example, occupies a certain space in your RAM and will disappear once you close the page. Active components of every program are committed to this memory. A computer’s RAM takes the form of small cards that sit in slots on the motherboard.

Storage is the kind of memory that stores everything your computer has, like installed programs and the operating system. This memory often resides in the hard drive or solid state drive. Both devices have the same purpose, but are designed differently. A hard drive has multiple platters that spin, and read/write heads that manipulate and retrieve data. It’s sort of like a vinyl record player that can also write to the record. Solid state drives are designed with flash memory, much like the memory on your digital camera or phone.

3. Windows UAC and Security Isn’t Enough

Sure, Microsoft can boast about how its product has immense security and how you are less likely to get infected by a virus, but that doesn’t eliminate the possibility of a virus finding its way to your computer. You should always install an anti-virus application on your computer to keep it safe from threats, particularly one that regularly updates its database. There are many mixed reviews about anti-virus software, so you’ll have to do a little bit of homework to find out which one is right for you. Our favorite is Microsoft Security Essential though.

Try to avoid buying an AV from a company that’s not reputable. Do a Google search for “anti-virus review.” You’ll see a whole bunch of reviews related to many different anti-virus programs. Even better, search for “top 10 antivirus software.” Just so you know, BitDefender hits the top for 2012 and it’s affordable, priced at $30. That’s much better than paying insane prices for a computer repair after an infection.

4. Windows Update is Your Friend

Some people might tell you to turn off Windows Update because of bad experiences they’ve had. DON’T DO THAT! Microsoft usually releases an update within a week of discovering a new vulnerability. By updating your computer regularly, it keeps your computer running with tighter security that others might not have. If you don’t feel comfortable turning on automatic updates, at least let Windows prompt you when new updates are available so you can pick and choose them individually. Some of the updates released by Microsoft plug up serious security holes in the operating system.

A Final Word

I remember when I was much younger and got my first computer with Windows 95. It was something exciting, an unadulterated realm where I could do practically anything I wanted. There was only one problem: My computer became infected with all sorts of viruses after only a month, and I remember all the trouble I went through to get it cleaned up. Everything started running slower after a while, and I had no clue why. With the tips I mentioned above, you’d fare much better than I did and probably wouldn’t go through as much trouble. Happy computing/Windows-ing/whatever you do!

Photo Credit: flickr

Related Posts:

• 4 Ways to Keep Your Windows PC Secure Without Paying for Third-Party Applications
• Gives Your Windows Total Protection With Bitdefender Total Security 2012
• Everything You Need to Know About Windows Drivers [MTE Explains]
• 8 Useful Tips To Get The Best Out Of Your Android Phone

We have discussed plenty of tricks to secure WordPress, and enabling SSL encryption for your login session is yet another useful way to secure your blog.

If you are not aware, while using SSL encryption, all your data are encrypted before they are transmitted over the web. The encrypted data format data format makes it very difficult to be read by the other users.

To enable the SSL Security to your WordPress blog, you will need to have a SSL Certificate (consult your web host if you don’t have one) and then you can follow the below procedure to make it work with your blog.

• At first, Open your site directory either using cPanel File Manager or the FTP. I would recommend to use the File Manager instead of FTP.
• Once you reach the files directory of your WordPress installation, open the wp-config.php file.
• This is the WordPress configuration files and it is the most important in the whole WordPress system. After the file is opened, add the below code and save the file. You can add the code anywhere in the file, there’s no certain place for it.

/* Enable SSL Encryption */
define(‘FORCE_SSL_LOGIN’, true);
define(‘FORCE_SSL_ADMIN’, true);

• From then on, your WordPress site Admin area will always load with the SSL Encryption. If your site domain is http://www.mydomain.com, it will load the admin area of the same with https://www.mydomain.com/wp-admin.

There are so many advantages of using the SSL for your site. The above process will force WordPress to use SSL encryption for the Administration area. It is not necessary to enable SSL encryption for the frontend (unless you are running a blog shop) since all the confidential information, like the Username and Passwords are used only in the Admin area, not anywhere else.

Image Credit: Reevoo.com

Related Posts:

• Tails : a Linux Distribution For Protecting Your Privacy
• 5 Useful Ways To Protect Your WordPress Login
• How to Encrypt Your Files And Improve Dropbox Security
• How to Increase Your Website Security And Performance With CloudFlare

1. People Click “Yes”

Even if there’s a ton of text in bold on the screen, your average home user will click “Yes” if the dialog keeps repeating itself. This is otherwise known as a reflex, and develops in the act of repetition. Let’s face it. The majority of applications on your computer are safe. If 98% of applications that open in a computer are safe, the other 2% might go unpunished as the end user clicks “Yes” every single time the annoying dialog appears. Would you really take the time to read 200 dialogs in an 8 hour day, if you’re not paid to read them? Add all this to the fact that the “Yes” button isn’t labeled “Yes,” but “Continue” – a word the mind is less likely to want to process when it’s in a hurry.

2. People Are Smug/Annoyed

This reason is much less about why UAC doesn’t work and more about what people do as a result of being annoyed. Some high-end users will disable UAC manually, and then teach their less-versed friends how to do it. These naive friends will probably forget that UAC is a security feature and consider it more an annoyance, so they’ll disable it as soon as they learn how to. Disabling UAC eventually will put them at risk for certain vulnerabilities Microsoft didn’t compensate for if the users don’t have an anti-virus application installed. The ball keeps rolling and the picture isn’t pretty.

3. Malware Doesn’t Normally Knock on The Door

If you’ve ever had the misfortune of being infected while UAC is on, you know the truth. UAC will not protect you from malware, since there are tons of different ways to call the Windows function library (WinAPI) without having to actually go through the feature’s screening process. The simplest method that malware uses to bypass the supposed security feature involves acting as an innocent application then writing all of the “bad stuff” to your AppData folder, which isn’t touched by UAC. Of course, there are other ways to bypass UAC, but I won’t discuss them for the sake of not giving people ideas.

4. Not Everyone Knows It’s Malware

It’s not like malware has an evil vampire face or Jolly Roger icon on it for you to tell what’s what. Most people will look at something like “Internet Optimizer” as an innocent application name and cilck “Confirm” in the UAC dialog if they even read the text on it. The malware infects the computer and it’s a done deal. Windows has no way of telling you, “Hey, look at this! We think it’s malware!” Knowing this, it’s difficult for someone to ever benefit from UAC.

Conclusion

While the intention of UAC is good, it often gives people a false sense of security, or worse, causes annoyance to everyone. We don’t advise you to turn off UAC completely, but don’t ever assume this is going to protect you if you are going to click the “Continue” button without thinking through the consequences.

What’ do you say? Do you think the UAC is really useful?

Related Posts:

• 4 Ways to Keep Your Windows PC Secure Without Paying for Third-Party Applications
• 4 Things Computer-illiterate Users Should Know When Running Windows
• 4 Tips to Strengthen Your Windows Network
• Gives Your Windows Total Protection With Bitdefender Total Security 2012

I am not sure about any other distro (as I have not tried them all), but in Ubuntu, the default keyring manager (also known as seahorse) comes with the ability to create public/private SSH key and help you set it up in the server.

1. In Ubuntu, open the “Password and Keys” app. Go to “File -> New“.

2. In the popup window, select “Secure Shell Key” and click “Continue”.

3. Enter a description for your SSH key and click “Create and Set Up”. You can, of course, select “Just Create Key” if you just want it to generate the keys and do nothing else.

If you click on the “Advanced option”, you can configure whether to use RSA or DSA for the encryption and the key strength. Most of the time, you can just leave this as default.

4. Next, enter a passphrase for your key. This is purely optional. To set a empty password, just leave it blank and click OK.

5. Lastly, enter your remote hostname, port and login name. If you don’t know your remote hostname, you can replace it with its IP address. Use the “:” to separate the hostname and the port, for example “maketecheasier.com:2233“. (If you are connecting via the default port, you can leave the port section empty)

6. It will then prompt you to enter your remote host login password. /home/username/.ssh/id_rsa

If everything goes well, your remote host will be properly set up to accept public/private key connection.

To accept to your remote host, you just have to enter the following command in the terminal:

ssh username@remote-host-ip-address

That’s it.

Thanks to Michael Stephenson for the tips.

Related Posts:

• How to Generate A Public/Private SSH Key [Linux]
• How to Handle And Configure Firewall In Linux
• Tails : a Linux Distribution For Protecting Your Privacy
• How To Take Secure Remote Backups Using SSH

1. Disable NetBIOS

I’m not kidding. Do it right now, if you haven’t done it already. I can’t stress how important it is to have NetBIOS disabled on a computer. With the feature enabled, you basically expose your entire network topography and shared files. Anyone and their dog can just hop into your network, access a specific directory tied to your IP, and see your most intimate documents. To disable NetBIOS on your computer, you need to access your network adapter’s settings:

1. Click your “Start” menu, then “Control Panel”.

2. Click “Network and Internet.”

3. Click “Network and Sharing Center”.

4. Click “Change adapter settings”. This takes you to all the network adapters on your computer.

5. Right-click a network adapter you would like to disable NetBIOS on, and click “Properties”.

6. Select “Internet Protocol Version 4″ from the list in the new window and click the “Properties” button below the list. See the image below if you’re lost.

7. Click “Advanced” in the new configuration window then click on the “WINS” tab near the top.

8. Click “Disable NetBIOS over TCP/IP” then “OK.”

This, of course, addresses only part of the problem. Windows has other security holes which can be exploited, but you already took care of a big one.

2. Limit Home Network Sharing and Discovery

While disabling NetBIOS prevents your computer from being an open book, you’re still leaving your computer out in the open with network discovery and file & printer sharing. Both of these features, while useful in a home network, can totally compromise the security of the computer. To better tighten your network, you must access the Network and Sharing Center once again:

1. Go to the Network and Sharing Center like you did in the last section. Look under “View your active networks” and note which type of network you use to connect to the internet. It will say something like “Home”, “Work” or “Public”. You’ll see a link called “Change advanced settings” right under the “Change adapter settings” link. Click on it and expand your active network type.

2. Ensure that the following options are selected:

• Turn off network discovery
• Turn off file and printer sharing, and
• Turn off Public folder sharing

Once you’ve selected these options, hit the “Save changes” button at the bottom of the window. I still got more work for you to do, though…

3. Windows Update

If you didn’t purposely disable Windows Update, you don’t need to worry about this. While I understand the urge to disable Windows Update, it’s important to use it because Windows releases “hotfixes” once in a while that will make your computer safer. I cannot stress how important it is to keep up to date with everything Microsoft offers, as it might benefit you in the battle against hackers. Every time a security hole is exploited, Microsoft quickly finds out about it and tries to develop countermeasures. Failing to receive updates will keep you out of the loop. If you host a server on Windows, the responsibility requirement to update grows tenfold.

4. Go on a Service Killing Spree

You might already be familiar with the fact that Windows runs tons of services that don’t really do anything for you if you don’t use them. Some of them even leave gaping holes in your computer’s security. If you don’t know how to disable a service, read the third section of this article, which teaches you how to reach the services window. If you want to disable a service, right-click the service, click “Properties,” expand the drop-down menu next to “Startup type,” and select “Disabled” from the list. Once you click “OK,” the service will no longer run on your computer. Now that we have established how to disable a service, do this to the following services:

• Any service with “Homegroup” in the name – Disable these services only if you don’t plan to use the homegroup features in Windows. If you don’t know what a homegroup is, just disable the services.
• Remote Registry - As the name implies, this service lets others look into your registry and modify it as they please. Would you allow a random stranger to hold the keys to your car?
• TCP/IP NetBIOS Helper - You already know what NetBIOS does to your computer. This service helps it run properly.
• Server - This service allows sharing files and printers, which you don’t do anymore. Put a lid on the problem by disabling this service.
• Computer Browser - This is what allows others to see the contents of your computer in the first place. Disable it if you don’t use it.

Disabling what these services support is only half the job. If you don’t disable the services themselves, you still could end up with very gruesome vulnerabilities that will make your computer a hacker’s haven.

Firewall & Antivirus

While the majority of you might feel this is a little redundant, some people still don’t understand the concept of locking the front door in their house. That’s exactly what the combination of a firewall and antivirus application does to your computer. An hour of aimless browsing without an antivirus app can easily turn your computer into a Petri dish full of infections and malware. Remember, though, that a virus can infiltrate your computer only if you execute it directly or indirectly.

Indirect infiltration happens when you install a program that asks you to install some third-party application that will benefit you in some way or another. The program might not have a virus, but the third party app may be infected.

Even with an antivirus program installed, I highly suggest that you execute only applications that come from trusted sources, like Microsoft, Apple, and Adobe. If you’re suspicious about an executable file (EXE), upload it here to have it checked for viruses through a comprehensive engine that checks through many different antivirus applications. Good luck and happy surfing.

Photo Credit – flickr

Related Posts:

• 4 Ways to Keep Your Windows PC Secure Without Paying for Third-Party Applications
• 5 More Ways to Increase Network Speed via Registry Editor [Windows]
• 3 Ways to Increase Network Speed via Registry Editor [Windows]
• 4 Things Computer-illiterate Users Should Know When Running Windows

1. Open a terminal. Type:

ssh-keygen -t rsa

Alternatively, you can also use the DSA (Digital Signing Algorithm) technology to create the public/private key.

ssh-keygen -t dsa

Note: There has been a lot of debate about the security of DSA and RSA. In my opinion, unless you are very particular and love to delve into the technical detail between the two technology, it doesn’t matter which of the two you choose. Both will work fine.

2. In the next screen, you should see a prompt, asking you for the location to save the key. The default location is the .ssh folder in your Home directory. You can just press “Enter” to accept the default setting.

3. Next, you will be prompted to enter passphrase. This is NOT the passphrase to connect to your remote host. This is the passphrase to unlock the private key so that no one can access your remote server even if they got hold of your private key. The passphrase is optional. To leave it blank, just press “Enter”.

4. Your public and private SSH key should now be generated. Open the file manager and navigate to the .ssh directory. You should see two files: id_rsa and id_rsa.pub.

5. Upload the id_rsa.pub file to the home folder of your remote host (assuming your remote host is running Linux as well). Connect to your remote host via SSH and use the following command to move the public key to the correct location.

cat id_rsa.pub >> ~/.ssh/authorized_keys
rm id_rsa.pub

6. Still in your remote host, open the SSH config file:

sudo nano /etc/ssh/sshd_config

Scroll down the config file and make sure the following attributes are set correctly.

RSAAuthentication yes
PubkeyAuthentication yes 
PasswordAuthentication no

Press “ctrl + o” to write and save the file, follow by “ctrl + x” to close the file.

7. Lastly, restart the SSH server in the remote host

sudo /etc/init.d/ssh reload

That’s it. You can now connect to your remote host with the following command:

ssh -i /path-to-private-key username@remote-host-ip-address

Image credit: eternicode @ DeviantArt

Related Posts:

• An Easier Way to Generate A Public/Private SSH Key Via a GUI [Linux]
• How to Handle And Configure Firewall In Linux
• Tails : a Linux Distribution For Protecting Your Privacy
• How To Take Secure Remote Backups Using SSH

Bitdefender Total Security 2012 is a complete security suite that comes with anti-virus, anti-spam, parental control, privacy control, firewall and many more security and Windows performance boosting features. The software, once installed, runs in auto-pilot mode so you don’t have to deal with tons of configuration options just to get it running.

To get it started, simply download and install Bitdefender (Bitdefender is NOT free. You can, however, download the free trial and see if you like it). Once installed, you will have to restart your PC.

After the restart, unlike other security suite, it doesn’t pop up to ask you to configure anything. It automatically assumes the default settings and run on auto-pilot mode. For once, I didn’t even know that it exists.

This is what you will see at its control panel:

By default, all the settings are turned to “ON”. You can easily turn them off by flipping the ON/OFF switch.

Anti-virus

The Anti-virus mode allows you to perform a quick scan, full scan, custom scan (of particular folders), vulnerability scan and reboot your PC in rescue mode. The vulnerability scan includes scanning of windows and applications updates and your password strength.

Anti-Spam

Anti-spam is probably useful only if you use email client like Outlook or Thunderbird.

Firewall

The Firewall scans your incoming and outgoing ports to make sure there is no unauthorized access to/from your PC.

Privacy Control

There are three modes in the Privacy Control section: Anti-phising, Data protection and encryption. The Anti-phising feature protects you while you are surfing the web. It detects phishing and fraud site and notifies you when you encounter one. It also integrates a toolbar to your browser and inform you if the page you are visiting safe or not. I do find this annoying though, and I switched it off immediately.

The Encryption feature allows you to add confidential files to the file vault and have them encrypted. You can also shred a file if you want to delete it beyond recovery.

Tune up

The tune up section cleans up your internet cache and detect duplicate files. You can also use it to monitor applications and see the amount of CPU and memory they are using.

Safebox

Safebox is the online backup solution of Bitdefender. They offer you 2GB of online space (bundled with the software cost) and allows you to backup important files to your account. You can get it to autosync so your important files will always be backed up. While this is a great effort by Bitdefender, a meager 2GB storage space is not going to amount to anything, especially if you are going to backup your music and videos. With online storage solutions abound, I am not sure this feature will attract any interest and usage.

Conclusion

Most security suite software use plenty of system resources and cause your system to go slow. For Bitdefender, it is not the case. At its auto-pilot mode, it only takes up less than 10MB of memory. As I mentioned earlier, I almost forgot its existence. Together with the comprehensive security features, it is definitely worth the consideration if you are looking for a security suite software.

Bitdefender costs $69.95 for 1 PC per year.

Bitdefender

Related Posts:

• 8 Useful Tips To Get The Best Out Of Your Android Phone
• 4 Ways to Keep Your Windows PC Secure Without Paying for Third-Party Applications
• 4 Things Computer-illiterate Users Should Know When Running Windows
• 4 Reasons Why Windows UAC Is Useless

Download and install Wuala on your computer. On the first run, it will prompt you to create an account (or sign in to your existing account if you have one).

Once you are logged in, you will see your dashboard with several folders (Document, Music, Photos, Videos). Unlike Dropbox, Wuala does not integrate with your filesystem. Instead, it mounts itself as a drive in your system.

You can get it to sync with any folder in your computer. To do so, click on the “New -> Sync” option and select the local folder that you want to sync.

It also works the other way – syncing your Wuala document to your local computer. You just have to select the folder and go to “File -> Synchronize with this computer“.

There are several sharing options in Wuala. By default, all your files and folders are marked as Private. No one, other than you, can view your files. You can, however, change the file permission to Share or Public. For Share option, you can share your files with your contacts, either via email or web link. For Public option, the file/folder is publicly available for everyone.

Wuala Preferences

The Preferences section of Wuala is pretty comprehensive, covering everything from your account detail, connection speed, cache size, filesystem integration, notification and many more options.

Trading of local storage in exchange for online storage

When you sign up for a free account, you will receive 1Gb of storage space. To many of us, this is too little. If you need a lot of online storage space, and at the same time, you have plenty of free space in your local hard drive, you can trade your local space in exchange for online space.

It works like this: you need to first specify the amount of hard disk space you are willing to trade (say 100GB). Depending on the amount of time you are online (for example, you are connected to Wuala 70% of the time), you will be given a free online storage space equivalent to the product of the hard drive space you are trading and the time you spent online. In this case, you will have access to 70Gb (70% * 100Gb) of online storage space.

Alternatively, you can refer your friends to use Wuala and earn up to 3Gb of storage space. Lastly, there is always the premium plans that allow you to buy storage space for a annual fee.

Conclusion

Wuala comes with plenty of features and it is really an enjoyment to use it. Personally, I like its security feature and the ability to choose the folders that you want to sync. The only gripe is the 1Gb storage space. Most online storage services offer 2Gb (some offer up to 5Gb) for their free account. Upon comparison, Wuala’s 1Gb storage space is really pathetic and unattractive. With competitors like SpiderOak and Ubuntu One, this could really make a lot of differences.

Wuala is available for Windows, Mac, Linux, iPhone and Android.

Related Posts:

• A Comparison Guide Of The Various Cloud Storage Services
• InSync + Google Docs = Cheaper And Better Dropbox?
• Easily Store And Search For Files In The Cloud With Hopper
• How to Encrypt Your Files And Improve Dropbox Security

1. Google Authenticator

The Google Authenticator plugin makes use of the Google Authenticator mobile app to provide a two-factor authentication login to your WordPress site.

Note: Before activating Google Authenticator, make sure that you have enabled two-factor authentication in your Google account and installed the Google Authenticator app in your Android, iPhone or Blackberry phone.

Once you have installed and activated the plugin, go to the “Users -> Your Profile” section and you should see the Google Authenticator settings.

Check the box beside “Active” and save the changes. Next time you login, it will prompt you to enter the secret key. If you failed to enter the correct code, you will not be able to login.

Google Authenticator

2. One Time Password

One Time Password allows you to login to your WordPress without using your real password. It generates a list of passwords that you can use to login to your site. These passwords are valid only for a single session, so even when the password is stolen, others won’t be able to login to your site. This is particularly useful if you are travelling but need to login to your site in a cybercafe.

Once installed and activated, go to the One Time Password section to generate your password list. Enter a passphrase and click the “Generate” button.

Print out the generated password list and bring it with you wherever you go.

When you need to login, it will show a sequence number. You just have to match the sequence number with your password list and enter the password accordingly.

One Time Password

3. WP Login Security

WP Login Security works via the IP address. It first requires administrators to register or whitelist their IP address. Next, it will detect the IP address whenever the administrator logins. If the IP address is not recognized, it will send an email to the administrator with a link that contains a one-time key.

A good thing about this plugin is that there is little or no configurations required. You just activate it and it is good to go.

WP Login security

4. Login Lockdown

We have mentioned Login Lockdown before in our previous post on WordPress security. We are going to mention it again here because it is truly a useful plugin. What it does is to records the IP address and timestamp of every failed login attempt. If more than a certain number of attempts are detected within a short period of time from the same IP range, then the login function is disabled for all requests from that range.

Login Lockdown

5. WP Firewall 2

This plugin is not directly related to the login field, but it protects your site by investigating web requests to identify malicious attack. It is able to stop the attack before it causes damage to your database.

After activating, you can find the configuration options under the Firewall section. The default options are often good enough for everyone and you seldom have to make any changes.

WordPress Firewall 2

The above mentioned methods are only some of the ways to protect your WordPress site, don’t forget to check out:

• 11 Ways To Secure Your WordPress Blog
• How to Increase Your Website Security And Performance With CloudFlare
• How To Connect To Your WordPress Account Via Secure FTP

Related Posts:

• 4 Awesome Typography Plugins to Help Your WordPress Site Stand Out
• How to Turn Your WordPress Site Into A Forum With SimplePress
• How To Add SSL Security To Your WordPress Blog
• How To Configure Facebook Two-Factor Authentication

Why is this important to you? A mistake made by the Dropbox team few days back had left the Dropbox’s main door open for 4 hours. During this period, anyone can log into any account and access all the files in that account without any passwords. While this affects only 1% of its users (which amounts to about 250,000, and that is not a small number), if you are one of those whose accounts have been compromised and you have confidential files in your Dropbox, you better watch out for the bad things that might happen to you.

Since you never know when such incident will happen again, it is best to encrypt your files before you sync them to the cloud so there is a second level of defense when your account has been compromised.

1. SecretSync

SecretSync is a file-by-file encryption solution for Windows and Linux. Once installed, you will find a new “SecretSync” folder in your user directory. Any files that you place in this folder will be encrypted and sync to Dropox.

The installation and usage of SecretSync for Windows is pretty straightforward. You simply download, install and run it. it will then guide you through the encryption process.

For Linux, the usage is purely command-line based.

1. You have to first download the deb file and install it in your system.

2. Open a terminal and type

secretsync

This will run the installer and download the necessary files from SecretSync site. It will also run you through the setting up process.

After the installation, type

secretsync start

to start the SecretSync service. You should see a new SecretSync folder in your Home directory. Any files you place in this folder will be encrypted and synced to Dropbox.

Note: The latest version of SecretSync will add itself to the autostart item automatically. The following step is meant for the older version.

To get SecretSync to autostart everytime you login, go to “System -> Preferences -> Startup Applications” and create a new startup item.

SecretSync

2. Encfs

Encfs is a better solution than SecretSync because it stores the encryption keys on your local machine and it can work in Linux (natively), Windows (via BoxCryptor) and Mac (via MacFuse), which is great if you use Dropbox on more than one operating system.

In Ubuntu, open a terminal and type:

sudo apt-get install encfs
sudo addgroup <your username> fuse

To create an encrypted folder, type the command:

encfs ~/Dropbox/.encrypted ~/Private

The above command instructs encfs to create an encrypted hidden folder (with name .encrypted) in Dropbox and mount it in the Private Folder in your Home directory.

When it prompts you for the configuration option, press “p” follow by Enter.

Next, it will ask you to enter your password. Be very careful with what you type since it won’t appear in the screen.

That’s it. Whatever files you place in the Private folder will be encrypted and synced with Dropbox.

To get the encrypted folder to automount everytime you log in, you can use gnome-encfs.

1. Download gnome-encfs here (or grab the source here) to your Home folder.

2. Type the following command:

sudo install ~/gnome-encfs /usr/local/bin
gnome-encfs -a ~/Dropbox/.encrypted ~/Private

GUI for Encfs

In Linux, Cryptkeeper is an application that provides a graphical interface for encfs. It doesn’t come with the full configuration option for encfs, but if you need an easy way to get started quickly, this will be very useful.

In Ubuntu,

sudo apt-get install cryptkeeper

Cryptkeeper works as a system tray applet. If you are using Unity, use the following command to get it to work:

gsettings set com.canonical.Unity.Panel systray-whitelist "['Cryptkeeper']"
setsid unity

BoxCryptor

BoxCryptor is not really a GUI for encfs, but its encryption method is compatible with encfs. If you have created an encrypted folder in Linux, you can use BoxCryptor in Windows to mount the same encrypted folder.

3. TrueCrypt

TrueCrypt is another powerful and cross-platform compatible encryption tool that you can use. We have mentioned it here and here, so we won’t go through it again.

One disadvantage of TrueCrypt is that you have to create a fixed size virtual container before you can use it. In addition, you can only get it to sync after you have unmounted it. This means that you won’t be able to sync your files in real time. Other than that, if you need a true cross-platform solution, then TrueCrypt is definitely the one for you.

That’s it. Which method do you use to secure your files in Dropbox?

Related Posts:

• Share Sensitive Information Online With CloudSafe
• How to Access Your Encrypted Dropbox Files In Android
• Tails : a Linux Distribution For Protecting Your Privacy
• How To Add SSL Security To Your WordPress Blog

While Apple does release new batch of definition files in its daily updates, some users have reported that the files have not been automatically updating the way that they should. This procedure shows you how to check if your virus definition files are up to date, and if not, how you can update them manually.

Check To See if Your Malware Definition Is Up To Date

1. In the Spotlight, search for “terminal“. Open the Terminal app.

2. Copy and paste this command:

more /System/Library/CoreServices/CoreTypes.bundle/Contents/Resources/XProtect.meta.plist

4. In the code that comes up, you should see a last modification date in the code. If this date is today, you do not need to update. If it is not today, then you need to update your virus definitions manually. The date line should look like this:

How to Update You Virus Definitions

You are going to love this one because it is so simple. Just follow these steps:

1. Open your System Preferences.

2. Click on the “Security Preferences” pane.

3. Uncheck the box next to the word “Automatically update safe downloads list”.

4. Re-check the box.

There you have it. You will have your files automatically updated. You might want to double check your system with the same command to see if the file is is up to date. If you see today’s date, then you are good to go. If not, you might need to check your Mac for 1. virus that prevent the system for auto-update, 2. software defects.

There you have it, the best way to make sure that your system is up to date on the virus definitions that are available to you.

Image credit: ?rakaz

Related Posts:

• Put Your Facebook Account On Lockdown (Part 2)
• Sudo vs Su [Linux] (MTE Explains)
• Cocoon For Firefox Gives You A Secure And Private Browsing Session
• 8 Useful Tips To Get The Best Out Of Your Android Phone

Introduction

Login Approvals is a security feature that requires two-factor authentication from the user before access is permitted. This is a type of security feature which requires two separate steps to identify a user. In short, instead of just using a password, the user must input some other information. In this case that other information is a code sent to an authenticated mobile phone.

Set-Up Two-Factor Authentication

To set-up two-factor authentication, you have to enable the option in Facebook.

Once you have logged into Facebook, click the Account link at the top of the page and select Account Settings.

This will open up your general Facebook Account Settings page. Here, click the “change” link next to the “Account Security” option.

This will open up a drop-down below the “Account Security” section.

Firstly, you have the option to enable “Secure Browsing” which automatically switches your Facebook session over to a secure HTTPS connection.

Secondly, you can enable “Login Notifications” which notifies you via email and text messages whenever someone logs in to your Facebook account.

Finally, you have the option to enable “Login Approvals“. Check the box next to “Require me to enter a security code sent to my phone” to activate this feature.

After you do so, a pop-up will open which will guide you through the process of enabling this security option.

After selecting Next you should receive a text message on your phone which will be in the following format:

“Please use the code 12345 to confirm access to your phone for login approvals.”

Keep the code in mind and enter it into the box to confirm your phone.

If the phone number displayed is incorrect, select “Change my phone” to enter the mobile number you wish to associate with your Facebook account.

You have to confirm this number through a text message. Once you have added your number, you are directed back to the original page to continue setting up the two-factor authentication.

Once you have confirmed access to your phone, you will have to name your computer to add it to a list of recognized devices. Essentially, this computer will not require authentication after it is “recognized”.

That’s it! Two-factor authentication is now enabled for your Facebook account.

Logging In With Two-Factor Authentication

When logging into your Facebook account from a new device, a code will be sent to your phone which you will have to enter before you are granted access to your Facebook Account.

Once you enter the code, you will have to name your new device and add it to the list of “recognized devices”.

If you don’t have your phone, you will not be able to login to your Facebook account from a new computer. However, you can still login to your account from a computer that has already been authorised.

Conclusion

The two-step login verification function is a useful feature implemented by Facebook. However, it can become a problem if your phone is lost or for some reason you are not able to see the code on it. For example, if you travel to an area with no mobile reception, you will not be able to receive the code that allows you access to your Facebook account. On one hand this feature is useful if you are abroad and you want to ensure that your account is protected. On the other hand, you would not be able to use the two-step verification because your phone may not have roaming enabled. Although mobile phones are generally within easy reach, there will be plenty of times when login may become impossible simply because your mobile phone is not at hand. Hence, we suggest considering whether the benefits outweigh the difficulties of using the service.

Related Posts:

• Put Your Facebook Account On Lockdown (Part 2)
• 5 Useful Ways To Protect Your WordPress Login
• Receive Facebook Alerts For Unauthorized Access to your Account
• A User’s Guide To Facebook Ads

Do you know that Google actually penalizes websites that are slow to load? If you want to get a good search engine ranking, one of the most important thing is to make sure your site load fast, blazingly fast!

If you are running WordPress, we have already mentioned several ways to polish up your site loading speed, including adding Google Analytics site speed tracking feature, lazy loading your images, using W3 Total Cache and minify the code.

One other way is to use CloudFlare as a proxy server.

CloudFlare acts as a proxy server that link between you and your readers. When your readers enter your site’s URL, the browser will first connect to CloudFlare, which will then detect their locations and load your site content from the server closest to the readers. This will ensure your reader get the fastest loading time and performance. Furthermore, CloudFlare caches your script, css and image files, so there is no wastage of bandwidth and server resources.

In addition, as a proxy server, CloudFlare can detect who is accessing your site and block threats and limit abusive bots and crawlers before they reach you. In other words, CloudFlare is able to increase your site security as well.

Configuring CloudFlare

Getting your site to run with CloudFlare is easy.

1. Go to CloudFlare.com and sign up for an account.

2. Next, enter your site’s domain name. Click “Add this domain”.

3. CloudFlare will then scan your DNS. It might take up to 2 minutes. Once the scanning is completed, click “Continue to Step 2″.

4. The next page displays a list of your site existing DNS record. Check to see if they are correct. If necessary, you can add in extra DNS record here. If everything is correct, scroll down to the end and click “I’m done checking my DNS records, continue”

5. CloudFlare will then register your DNS setting and configure itself to power your site. CloudFlare will also add a sub-domain (of the name “direct”) for you to access your server without passing through the CloudFlare network.

6. The last step is to update your domain with the new DNS setting. If you register your domain name via a domain registrar, you can login to your domain registrar account and change the DNS setting. If you got everything set up via your web-host, submit a ticket and get them to change the DNS setting for you.

That’s it. You are good to go.

This is loading speed of Make Tech Easier before and after implementing CloudFlare.

Before:

After:

There is a saving of 1.8 second, which translate to a 18.5% improvement.

The above results were taken from Pingdom. You should also test out your site loading speed before and after implementing CloudFlare too.

What’s next after configuring CloudFlare?

After you have set up CloudFlare, login to your CloudFlare account and go to the “Settings -> CloudFlare Settings” (the link is beside your website). Here is where you can configure the settings for CloudFlare. Some of the important settings include Security level, Caching level, customize the Challenge page, E-mail Address Obfuscation, IP Geolocation (useful if you are showing geolocation ads) and Hotlink Protection.

In addition, if you are using WordPress, install the CloudFlare plugin which can help you optimize your database and better protect your site from spammers.

Image credit: lrargerich

Related Posts:

• 8 Useful Tips To Get The Best Out Of Your Android Phone
• How To Add SSL Security To Your WordPress Blog
• 5 Useful Ways To Protect Your WordPress Login
• How to Quickly Build A Professional Website Without Being a Coding Expert