About

My Photo

Adsense


Add to Google Reader or Homepage

Subscribe in Bloglines

Subscribe in one go

  • Subscribe to RSS Feed

Your email address:


Powered by FeedBlitz

Google reader

Software worth checking out

  • ActiveWords
    Do everything without leaving the keyboard
  • Anagram
    Translates copied text into Contact, Calendar, Task, and Note items for Outlook, Palm etc
  • BlogJet
    Weblog client for Windows that allows you to manage your blog without opening a browser.
  • ConnectedText
    Intriguing Wiki-based organiser
  • Copernic Desktop Search
    Great alternative to Google's or Microsoft's offering for searching your PC. Simple and unobtrusive
  • Courier Email
    Great email program
  • DtSearch
    Text Retrieval / Full Text Search Engine
  • ExplorerPlus
    Organize and manage all your system files and folders
  • Gmail
    Webmail that really works. Great for catching spam too.
  • Google Deskbar
    Search with Google from any application without lifting your fingers from the keyboard.
  • Google Earth
    Zip around the planet and see things differently
  • Google Reader
    Best online RSS reader I think there is out there
  • Jot+
    store all of your notes and information in an easy-to-use outline
  • Local Cooling
  • Mindjet
    The mindmapper of choice.
  • MSGTAG - MessageTag
    Email receipt alert
  • MyInfo
    free-form information organizer
  • NoteStudio
  • NoteTab
    Great text and HTML editor
  • Omea Reader
    Good RSS feedreader
  • PersonalBrain
    If you've ever wanted to organise your information in a way that's different, try this. Worth spending time on mastering
  • Process Explorer
    Not too geeky way to figure out what software is slowing down your computer. Just keep it running for a while and the culprit will become obvious.
  • Safari
    Surprisingly fast browser -- and for Windows too.
  • Skype
    Dump those phone bills
  • SpaceMonger
    Keep track of the free space on your computer via treemaps
  • Stick
    Post-It note-like tabs to store text, folders etc that cling to the edge of your screen
  • SuperNotecard
    Great for authors and writers organizing their thoughts
  • TaskTracker
    Lists recent documents by type for easy access
  • Text Monkey
    Easily clean copied text
  • Trillian IM Clients
    Gathers all your instant messaging accounts in one window

« My Technology-free Lunch | Main | The Other American Idols »

March 10, 2008

Backed Up? Or Cracked Up?

image

There's quite a commotion online about a program called g-archiver that promises to back up your Gmail account, but in the process apparently harvests all users' Gmail usernames and passwords, and mails them to a separate Gmail account.

This is indeed scary, although it's possible that the person behind it wasn't collecting the passwords for nefarious purposes. But it highlights some important issues that we tend to overlook in this Web 2.0, mashup age:

  • Your online email account is more vulnerable than an offline one (by which I mean, storing your old emails online, rather than downloading them to your computer and deleting the online copy.) In this sense, POP is good, IMAP and webmail bad.
  • If you give your username and password to third parties, i.e., those who access your account on your behalf, you need to be more rather than less careful than with the original service. For example, services like Plaxo allow you to access your other accounts but will inevitably require you to enter your username and password, which will be stored on their server.

On top of that, it's intriguing to take a look at how legitimate this one program appears, and how little those websites helping in its distribution have vetted it. I found copies at Download.com (owned by CNET), despite a commenter pointing out it steals passwords, Shareware Junkies, BrotherSoft, Softpedia, ZDNet, Download3000, FreedownloadsCenter, the excellently named Safe Install and Filedudes.

Just out of interest, G-Archiver is apparently the work of a company called MateMedia, which registered the website hosting the software. An interview with the company's president, Russ Mate, is here.

A message on the original blog post purporting to be from Mr. Mate says "MateMedia is a legitimate company and we are absolutely horrified that this has occurred", and will be notifying any download sites hosting the software to "remove it immediately."

That clearly hasn't happened yet, but neither has the company removed it from its own website, at the time of writing. (Seeing the software alongside tools like FriendTools, which automates adding friends and comments for MySpace spammers, or TubeAdder, which does the same thing on YouTube, might give a prospective user pause for thought.)

My rules of thumb:

  • Never download software without visiting the author's original site, and finding out who produced it. This applies to Facebook apps as well. (In G-Archiver's case, there is no contact page.)
  • Think hard before you give your email password to any service, however legitimate. It's not so much about losing your email password but about all the other passwords and personal data that a bad guy could access inside your email account.

As Web 2.0 involves more and more cross-pollination of information, so we need to be smarter about who we give our passwords to, and what information we store behind those passwords, both in email and in social networking accounts.

Posted on March 10, 2008 in Email, Phishing, Scams, Security |

Digg This | Save to del.icio.us

TrackBack

TrackBack URL for this entry:
http://www.typepad.com/t/trackback/10988/26944268

Listed below are links to weblogs that reference Backed Up? Or Cracked Up?:

Comments

Post a comment

If you have a TypeKey or TypePad account, please Sign In

Loose Wire search

Regulars

Recent Posts

Recent Comments

Categories

Subscribe to my Podcast

Eco-Safe

Categories

Rank

  • Wikio - Top Blogs - Technology
Blog powered by TypePad
Member since 12/2003

A Directory of...

ten mov.es

tenminut.es