Be careful while you shop online this Christmas

I was reminded this morning on the radio about the importance of security while shopping online. Every year people are falling victim to identity theft, frequently because they don’t make a few simple checks when they shop online. Here are a few checks all internet users should understand in order to make to ensure the website you think is safe, actually is.

Check for two things before you type your personal information online:

• Make sure the address in the address bar at the top starts with “https:”, not just “http:”.
• This means that information sent from the website you are viewing is encrypted and won’t be easily read by others electronically.
• Note: most websites don’t present the “https” until you actually sign in but if you are signed in or about to sign in, it should be visible.
• Check the security certificate of the website.
• It’s real easy for me to create a website that just looks legit and collect personal information such as credit card numbers.
• If I’m a legitimate vendor such as amazon.com(below), I’ll pay a third party company, like VeriSign, to issue a security or validation certificate saying I am who I say I am. In Internet Explorer, you can check the certificate issued to the website you are viewing by clicking the padlock in the top right. If the pad lock doesn’t appear, there is no certificate and you should not trust the site. Shop somewhere else.
• Note: most websites don’t present the padlock until you actually sign in but if you are signed in or about to sign in, it should be visible.

Every browser is different. The Amazon.com screenshot was taken using Internet Explorer. If you use a different browser, you’ll have to research how to check the security/validation certificate on your own. Just because I found it already, here’s some documentation on how to check it in Safari from http://www.apple.com/safari/features.html

EV Certificates in Safari

Safari supports Extended Validation (EV) Certificates, allowing you to easily identify legitimate websites and businesses. For sites that have an EV Certificate, Safari displays the site’s name in green on the right side of the address field. Just click the name to learn more about the website’s security credentials.

A few more references and tips for secure online shopping:

• http://www.microsoft.com/protect/fraud/finances/shopping_us.aspx
• http://blogs.techrepublic.com.com/five-tips/?p=322

Disclaimer: I haven’t helped you mitigate ALL risk of using the internet with this simple post. You are responsible for your own risks and any damages you receive through them. Be advised.

Intelligent Content: My latest battle between doing it right and getting people to buy off on it.

So lately I've found myself in a daily tug-of-war.  The battle has been between using some really cool technologies to set up some team processes which would save time, improve our efficiency, reduce redundancy, ..., and a number of other benefits which I just wont get too involved with listing... and Microsoft Office.  Right. This ought to be a no-brainer. However, the teammates I'm trying to convince REALLY like to stay traditional.  Let's throw the customer and parts of management in there too.  You'd think that being engineers we'd all favor efficiency but somehow tradition has been winning. :(


Let me explain why -


Most people like what they are familiar with.
Most people don't like to learn new tools.
Most people feel that if they managed to do it one way before and it didn't hurt too much... why not do it that way again?


Ok I'm stereotyping but this is really frustrating.  As a general rule I'm all for doing things right the first time.  I understand there are special cases when we need to sacrifice a little efficiency in order to get things out the door, but really, when it comes down to balancing time, cost, schedule, quality, and efficiency... I plead, don't completely zero out the last two because you don't feel like starting a tiny revolution with some new tech! Be Brave! Stand Out!


Right about now you'd expect me to explain the tech I've been trying to foster into existence with my team, but... why do it if it's already been done?  If I can't be anti-redundancy at work, I'll at least stand firm with my blog.  In short, I speak of the DITA OASIS Standard, an XML architecture for designing, writing, managing, and publishing information.


Here's a link to their community website: http://dita.xml.org/


A link to a little more of a conceptual presentation is:
http://idratherbewriting.com/2008/11/24/what-constitutes-intelligent-content-interview-with-ann-rockley/


With this I want to give my full endorsement that this is some really great stuff that every team that does documentation should at least consider.

Safety First

I originally posted this content on another blog I write to (http://ldstechblog.blogspot.com/) but I thought that it would be appropriate to post here too.

A "podcast" is an audio broadcast available for downloading from a website to a personal computer or other device.  You can also listen to it directly from the website if your computer has speakers.

Some time ago I had the privelege to take a class from Dr. Knutson at Brigham Young University.  One of Dr. K's long time side projects has been the The Internet Safety Podcast.  He broadcasts these podcasts for non-profit and solely for our benefit.  Being the veteran computer user and LDS parent, Dr. K expresses his concern for those of us that are still a little naive about the content of the Internet.

What is on the Internet?

Who is on the Internet?

What dangers might I run in to while browsing?

What risks am I taking as I give out information on the Internet?

How can we safely raise kids in a computer oriented age?

These and many other questions are addressed in the podcasts you'll find at  www.internetsafetypodcast.com .

This website is not just for LDS members.  In fact, it's not even labeled as an LDS resource, but I wanted to give Dr. K a little debut here on my blog first of all.  If you feel you are relatively new to the Internet and feel you could use a little training, I strongly recommend you visit The Internet Safety Podcast today and start listening in.

Each podcast lasts about 30-40 minutes.  You don't need to be at a computer to follow along so feel free to just upload them to your music player and take your dog for a walk.

Dr. Knutson is an Associate Professor in the Computer Science Department at Brigham Young University in Provo, Utah. As a formal student I can testify that, as far as computer science professors go, his presentation skills are exceptional and he will be worth your time.

I got this from a friend in the CS462 class that hasn't posted it yet.

For those of you that need a nice tool for connecting to AWS with php...
Tarzan is a fast, powerful PHP toolkit for building web applications with Amazon Web Services.
http://tarzan-aws.com/

My experience:
Setup was semi painless.
Their docs page wasn't too complicated.
I haven't actually implemented anything with it yet but it looks pretty simple compared to phpcurl.