| Organize or Die |
| I'm not getting any younger, and my brain feels like it wants to go on permanent vacation, which is fine with me, really, if it will just take me with it. Part of the fun of having a vacationing brain is that it doesn't care at all about remembering things that you may find important. Trying to remember how to set up your Outlook to work with that stupid webmail account from work? Forget about it. Just give up. Unless, of course, you had the foresight to wright down the procedure the first time you had to do it, realizing as you did, genius, that you'd have to do it again someday. That, of course, brings us to why I use ninellc.com to keep track of all the things I tend to forget, not the least of which are my passwords. I'm lucky when my brain can remember that I've saved such information on a convenient web site, because then I get to log on to whatever site I wanted to log on to, without having to admit to the site in question that I had forgotten my password, and would they please email me a new one. Embarrassing. 
|
| Steps Towards Online Security |
| Years ago, when I first started building the online tools that would become ninellc.com, the most useful feature for my personal use was the storage of login and password information. Back then I didn't know much about online security in general, much less about the secure socket layer or cryptography. Luckily, I never suffered from a security breach, even though, at that time, I was storing my passwords in plain text. Nowadays almost everyone knows that such a practice is a recipe for disaster. A simple "man in the middle" attack is enough to expose anything sent between two nodes on the internet. SSL is an almost complete solution for the "man in the middle" attack, probably close enough, by itself, to keep you out of harms way. But there is more that can be done, and that is cryptography. Nine uses AES cryptography, which replaces something like "1234" with "7110EDA4D09E062BA5E4A390B0A572AC0D2C0220". Further steps towards a more secure online environment include two factor authentication and encryption key management. Nine will be set up to use two factor authentication in the near future, but we are not yet able to offer individual encryption keys without a custom set up. In some ways, the use of individual encryption keys is a dangerous practice. Once lost or forgotten, so is all of the data the key was securing. Part of the problem with securing your online data is the issue of trust. Unless you host your own application you are essentially trusting someone else with your data, unless you are using an individual encryption key. The administrator of the site you use will almost always be able to decrypt your data, should the need arise, unless you are using an individual encryption key. Thus, you must trust the administrator to keep your data encrypted at all times. We build trust into our terms of use. We will not decrypt your data for any reason other than legal necessity. We promise to protect your privacy at all costs and to insure that the data you have entrusted to us remains safe.
|
Archives