Adam Langley, You are dead to rights wrong. Why you should enable SSL revocation checks!

Don’t tell your think it is for the best!

After what seemed like a few hours looking over other blogs and what they were saying.   I came to this blog post from Adam Langley’s Blog  ImperialViolet.   He is saying we shouldn’t even check that box to check for certificate revocation.  I am going to try to explain why it is so vital that you enable it.   Even if it is a soft fail we will still be far better protected than not to even have it on in the first place.

So soft-fail is the only viable answer but it has a problem: it’s completely useless. But that’s not immediately obvious so we have to consider a few cases:

After reading everything he has to say about the subject at hand, I’ve come to wonder what he is trying to say.   Some of the things Adam talks about why not to enable SSL Certification check just seem moronic to say the least.   Here are a few things I read and want to talk about:

That’s why I claim that online revocation checking is useless – because it doesn’t stop attacks. Turning it on does nothing but slow things down. You can tell when something is security theater because you need some absurdly specific situation in order for it to be useful.”

It is more than useless, it was an old protocol that just needs to be retired but unfortunately we have had little reason to or even any want to.   We can not keep accepting that these revocation system do anything but help either the governments or even the highly efficient hackers to gain valuable information about users.   It isn’t like they have to do any more than write a script and be able to retrieve what ever they want.   The problem with SSL is quite simply it wasn’t designed around security or proper encryption.   It was designed for one purpose and one purpose alone to make people feel safe about giving out their credit cards and other such important information.   This one comment we both agree on but I also think that having a soft fail option is a better option than not having one at all.

Google Wants Money

Your just telling users that you are telling them what is best for your interest not theirs.   In one word, it really comes down to money and advertising.  We know you make money on searches and if you this go through then you are more likely to start loosing even more money because you will have constant hard fails from sites and you May not be able to serve up ads for sites because of the hard fail.  Users who do not even know about it will likely just go to sites that can’t be verified and think it is the their browser but it is the server that is causing the problem.

It’s all about numbers!

I am sure that OCSP Stapling isn’t all it is cracked up to be or even the perfect option.   If your saying that it will stop all possible attacks and keep your identity safe, then your probably going to be wrong.   I argue that nothing you do can keep your identity or even credit cards safe online.   There will always be some one who can come up with a way to get that information they are so desperately wanting.   Although by using this system we make it that much harder for them to sneak past the browser.   Yes we can probably come up with stories of how it happened when that box was check but I will say it is less likely to happen because people are smarter than they once were.   We’d also be able to keep track of newly discovered revoked certificates that were in the wild by using the OCSP Stapling along side a way to report to the browser developers that we have found an invalid certificate and we could strengthen our security even more.   It is just theory but I am sure it would at least keep more people safe than doing nothing at all.

Finally, it isn’t the fault of the users who are the problem but how browsers have dealt with users who either do not know better or have not been educated on how to properly protect their identity.   You should be making more impact on the end-user by teaching them about security and privacy settings than expect that you know what is best for them.

Why you should check your SSL settings!

My Heartbleeds for Chrome

When we first heard about the Heartbleed bug came out.  We had Lastpass create a test to see if a site is vulnerable to this bug.   Heartbleed is a vulnerability in which an attacker could gain sensitive information by asking the server some really simple questions.

Heartbleed explained

How it works!

Some people have a better grasp then I do on this subject but I will say Steve Gibson  on the subject if your really wanting to get into even more detail about this bug.   I won’t go into much detail about this bug or even if it is truly a vulnerability but I will talk about how you should make your Chrome OS browser have a hard fail for your certificates that is not be verified.   I know I’ve heard people say in the past that it may stop making sites being seen but I have yet to see this problem in detail and I think it is a good security idea because this will help prevent phishing attacks and maybe even save you from identity theft but I can’t guarantee it 100%.

The Chrome OS!

If your like me and using Chrome OS, you will need to go into your settings.  You can easily get into the settings by clicking the three bars on the far upper right corner of the chrome browser.   This will bring down a menu and you will then click on Settings.  Once there you will need to go all the way to the bottom and then click Show Advance Settings.

Screenshot 2014-04-26 at 3.53.05 PM

Go find the HTTPS/SSL and check mark it to look like his.   Once your done with that, restart your chrome os browser.   Simply exit out of the browser and then come back in and it should start working for you the way you are wanting it to work!  This will make all SSL certificates that are not verifiable become hard fails and thus you will not be able to view sites like http://revoked.grc.com which is what we call a hard fail.  You will then see this:

Screenshot 2014-04-26 at 4.23.40 PM

If you see this the next time you visit that site, you are now protected from some forms of possible phishing attacks and other forms of personal information being taken from you unknowingly.   This will not protect you all the way but it will allow you to at least make it harder for people to do a Man in the Middle Attack and other such attacks.

I am going to review the RCA A1 4.7″ 3G Unlocked Dual SIM Phone from RCAmobile!

41en96KC1tL._SL160_The RCA A1 4.7″ Phone!

The Phone has shipped and is coming my way in the next few days.  Some of the things that I will do with this phone is talk about getting it to work with Straight Talk.   It should work flawlessly when I get it, I will be going to buy the Straight talk Sim card in the next few days.   You are able to get it from Wal-Mart or even Amazon Directly!

Some of the things we will talk about when I get this phone is how will it work with Multimedia Messaging Services (MMS) with straight.  If I am able to send or receive picture or even video messages from friends and family.  I will explore how to get this phone to work with any Straight Talk provider.

Wi-Fi And Hotspot Capabilities!

I read and I know this phone should be able to have WiFi or even Hotspot capabilities so you can tether it to your laptop or even other mobile devices and not have to worry about data or speeds.   I remember Straight Talk talking about the speed reduction so I am unsure if it is still in effect!  With Virgin Mobile, doing the more aggressive solution by cutting speeds in half.   I’ve pretty much decided it was time to either use this phone with Straight Talk or even T-mobile and be able to use the phone the way I want, and when I want to!

Stuff I will do!

In the coming weeks, I will talk about installing Cyagen mods and other fun stuff to the device to have fun.   I’ll have to explore as much as possible but until then we will talk about which phones cases will work with this phone!  It looks to be only one now but I am hoping there will be more in the coming weeks and months.   It looks like an awesome phone for my needs and can’t wait to start playing with the phone in greater detail!  So stay tuned!

Why I switched back to WordPress from Squarespace!

I’m back WordPress!

If you have been an avid reader of my blog, you will have noticed the last week that my website has changed looks.  I even went with BlueHost (Affiliate Link).   I wasn’t really sure about these guys but I have been really pleased with them the last few days.  Very responsive with emails and when you asked for help they are always happy to help you out when possible.  I could go on and on about how easy it was to get this website started on WordPress but that wouldn’t be the reason I switched.

Constant change!

The need for my website to constantly change is one reason I just had to switch back to WordPress.   I have more customize-able settings and other ways to make this website rock.   I have just begun to start customizing this website.  when I am done. I am sure it will rock!  I can have anything I want with advertising space on my website.  I can easily have a way to have people buy advertising space without any involvement from me.   It isn’t going to happen any time now but I am sure it will develop in the next couple months.   If I get it working the right way.  I could always use comments and suggestions so you will see a page that you can go to contact me!

Link Track-ability!

With Squares Space, I could never track which links were clicked on or which links were dead links.   I would constantly worry about which links are just not working.   I can now use plugins to find dead links and fix them to go to the right place easily and quickly.   You couldn’t know which links were not working until a user would comment or contact you and tell you.  It wasn’t a pleasant experience to have a reader contact me and tell me.  I would have to apologize and fix the problem.

Up time Guarantee!

Even though Square Space claims to have a 99.99% up time, I would have problems over last year having it being down for one reason or another.  I know it couldn’t be my fault but again, I do not know what the problem was to begin with.  It was more like 97% of the time I was up but the stats never showed it be 99.99%.   I got close last year to 98% but that was about it.

Speed of the website!

I am sure it wasn’t just me but I had speed issues with Square Space and it would be a constant problem.   Although I was on Square Space 5, it wasn’t very speedy as it used to be.  It was just like other hosting providers that I had but it just got worse over time.   I am sure it was because they were not updating it as much or any now and it is slowly going away to get people to go to square space 6.  It wasn’t like I didn’t like them, it was just getting more of a hassle to deal with the site.

Duplicate Content!

It was a constant problem with Square Space, but I had to keep changing my username for my account to prevent the search engines from finding it.  I do not know why it happened.   I am sure it was something I was doing but couldn’t figure out why.   So I had duplicate content and I also think that was why they dropped my sites PR was because of that.   I had to just get out of Square Space.   So I am going to be working the next few weeks to move all images to this site.   Until then you will find some images not being displayed right and they will be quickly fixed in the coming weeks but until then you will just have to be patient.

As you can see these were just a few of the reasons why I switched back to WordPress, but I am really happy with the change back to them.   I am really thrilled that they have added so much grammar and spell checking to the WordPress outlet that I think I made the right call.   Give Bluehost a try for your self and see just how responsive these WordPress templates are!

 

How much is your identity really worth to you?

Identity is Everything!

I’ve been talking about this my whole life about security and you but it seems it might of happened to me.   I am sending off my information snail mail to Equifax to get my mail version of the Credit report!

If it wasn’t for Lastpass and their Free Credit Monitoring that you get with your 12$ a month subscription to their lastpass Mobile service.  I was alerted earlier than I ever thought possible.   Almost as soon as it hit the credit monitoring services.  I am so glad I took the option of having them monitor my credit report for me.   It reminded me through pop ups and push notifications on my phone and tablet.

Identity theft and you!

It can happen to anyone and at any time.   I found out that I might be a victim and I put a Credit Reporting Freeze on my account on Equifax, Experian, and Transunion.   It only cost me 15$ on all three credit bureaus that prevent it from going any further than that!  I also went with LifeLock (affiliate link) to help protect my identity for 10$ a month.   Currently I am going to offer peope a 30-Day Free Trial + 15% Off 6 Months LifeLock Service with code SHAREASALE15S30 (affiliate link) to encourage you to keep your identity safe.

I will be talking more in depth on what to do if your identity is stolen, but first I have to fix the problems I have and see if I can make it even better for myself.   This post will not be long but the ones that come up with be more in depth on how to avoid this misfurtune fro yourself!

How to tell if that Match.com account is fake. (From Personal Experience)

On Average — 1 in 10 is fake!

I joined Match.com (affiliate link) and sign up with the three-month membership.  I must say it was nothing I was expecting. Me and this woman online started talking on their in under a day we switched to the Google Hangouts and have chatted for the past week at least on and off.   I’ve been loving the talks, and we have talked about everything from sex to secrets in dating!  I’ve been up front about almost everything that wasn’t to personal and we are finally going to meet in the next few weeks.  Even though Venturebeat talks about one in ten profiles are scams.   I do not like scams or for that matter and I try to avoid them at all costs!

How to defend against Scammers!

There are ways to find out if that profile or that picture is possibly a scammer.    I will say that even these techniques are not a 100% guarantee and you will have to ultimately make your own decision on if that person is actually real or fake.   If you take my advice you’ll be far more likely to find the real account and keep yourself from getting hurt.  Although again, it isn’t going to be 100% perfect, you could still find those scammers who are more diligent in their scams.

Details are everything!

If you find a match on Match.com (affiliate link), Zoosk, eharmony, or OkCupid.   You will need to do several things before you email them or chat with them.

 

  • Search for their Pictures  — Download or find the link to their picture on the dating site and do a reverse picture search on sites like Tineye.comBing, or Google.  These are the three you should start first and try other sites that have similar abilities.
  • Profile search — Copy the text of the profile and search Google and Bing and see if you find other profiles with the same text in either whole parts or over 50% of the same text.   Even though it could happen it is unlikely that the profiles would use the same exact wording and styles.
  • Self Employment — if the profile says they are self-employed then that is another mark on the profile and you will have to be careful.   It doesnt’ mean that it should disqualified all together but it should make you keep on the look out for them asking for money.

 

Most of the time, these are the red sirens in the mind that should go off if you do come across a profile that is questionable.   If you find two or more of these that are on other sites or same site with different name and profile.   You can bet that it could very well be a dating scammer.   Only way to know is time.

 

The Chat sessions!

If by chance you found someone who doesn’t have any of these 3 things going on with their profile.   You should start talking to them but you need to do these steps until you finally meet!

  • Picture exchanges — if they send you new pictures you have never seen before, you should go back and find the most likely photos that might be used on other and see if those pictures come back with hits to other sites.   It not be as bad as you think but it should kept a constantly making sure the person is real.
  • No money — Tell the person after you get to know them your stance on not giving money to them or anyone else until you have physically met them.   Even then you should be cautious after the first meeting because they could very well be scammers.   Again only time will tell.   If you throw out this to the scammer, they will stop talking to you because they know they are wasting their time on you.   It is a good way to weed out the fakes accounts from the real ones.  The ones that are really will understand not try to get any money from you.
  • Be Honest — Be honest with yourself and them about your goals and what you are wanting from the relationship can help decide if they are truly meant for you or some other person.   If you try to hide these things, then you will not succeed in finding that perfect match.

 

If you follow these simple steps, your less likely to be scammed and thus you are will have a much enjoyable experience in your dating attempt.   Nothing is set in stone with these steps but I am sure these will help you in finding your perfect mate for life and help you avoid those scammers!

Why blogging personally helps me! (5 Insightful tips for Blogging)

The Art of Blogging — mkhmarketing (http://mkhmarketing.wordpress.com/)

Why I blog!

When I started blogging in the 2007, I never really got the idea of what a blog is and what it was designed for.  For that matter, I didn’t even understand the dynamics of how to keep my blog writing.   The idea of researching, and working my blog was as foreign as to me as dating.   I haven’t dated very much in the past and I know that being nervous is something you have to expect.   It’s like the body is preparing for a fight or flight, when you have nothing to worry about.   Blogging is something that is an outlet for me.   It’s like a pressure valve that I can release steam if I am under to much pressure.  

Journaling and my Thoughts!

Since I can ever imagine, I’ve been one of the ones to love to journal and put my thoughts on the page.   It is something that not everyone can do or even accept.   Some people think that doing a blog is making yourself more public.   I tend to agree on the stance that once you start blogging your becoming a public figure.   It isn’t something that people can comprehend but it is something that must be accepted.  Acceptance is something that is required by everyone, because if you can’t accept that.  Firstly, people will be looking at your blog post in detail and judging you on the merits of the blog posts.  This can be very frustrating to some, and others like me simply smile and keep blogging.

Some useful Insights!

Since I having been blogging for over 7 years, I would of thought I would give you some valuable insights on blogging!  Each of these isn’t set in stone but can be a valuable tool and reference to keep people coming back to your blog!


Nothing Set in Stone — Even though your starting to blog you have the right to change or move your blog to anyplace you see fit.   That being said, if you do not learn from how your visitors feel about a certain setup of your blog.   You’ll know based on how they do not stay long or amount of people who come in the first place!  

Find your Niche — Even though it seems like a constant reminder, it isn’t something that you need to figure out.   If you do not, you will have people come and go without actually having people stay and want to build a community!  Like Me, My niche is basically Cell Phones, and Android Operating systems.   Anything to do with Google Android is what I like to talk about it in one way or form!

Add personality — If you you aren’t going to be warm and inviting for each reader that comes to your site, then your wasting their time and yours.   They want that connection that drew them to your site in the first place.   If anything you should welcome them in one way or other to your site and make it so they want to keep coming back.   It takes 7 times before a reader decides to stay or go, so you have 7 times to make it inviting and create an community.

Build upon stories — I’ve done this in this post and others, talking my experiences and adding personality.   Guest of every nationality like to hear stories and just about anything that revolves around the niche you trying to build upon.   So I am sure you have stories that can be used with your blog idea if you just stop and relax!

Money isn’t everything —  When I first started blogging, and I knew it was going to be hard to instantly start making money.   So I just put the idea to the side.   I developed the community and my niche first and then you can start learning to make money around your niche.   You should not expect to make any money in the first year if that.   I think that is a good rounded answer.   It just depends on how hard you work on your blog and how many readers you get to come to your site.   Keep in mind that what you promote should be something you believe in and not what others believe in.   If you take a personal responsibility on that, you have a much greater chance of making money.  Don’t expect it to come over night that is for sure!

If you follow these 5 tips, your be more happier and bring in even more readers and followers to your blog.   Nothing comes without hard work and understanding of the people or things that you talk about.   So if you put your heart into your blog, you can bet it will be a success no matter the real outcome!

My Chromecast Experience, a Tech review of it!

Chromecast_largeSuggest Retail Price 35$

Disclaimer: All Links on this post are affiliate links, I believe in this product and fully recommend it to my friends and family.   If you have a problem with these links please do not click on the links!

 

Chromecast is Amazing!

I got my Google Chromecast from RadioShack, but you can also buy the Chromecast from Best Buy, and Amazon.com (Affiliate Link).  Which is where you could possibly get it cheaper than I did.  I paid the full 35$ for mine because they had it there ready for anyone to buy. You will need a Television W/ HDMI Inputs (Affiliate Link) to be able to use this device and I must say it works really well once you have it configured.

Some Specs for you:

  • Supports Netflix, YouTube, HBO GO, Hulu Plus, Pandora, and Google Play Movies and Music mobile apps as well as select content through Chrome browser, works with recommended modem
  • Box includes Chromecast, HDMI extender, USB power cable, and power adapter
  • Easy setup: Plug into any HDTV and connect to your home WiFi network
  • Works with Android, iOS, Chrome for Mac, and Chrome for Windows
  • Stream online video, music to your TV using your smartphone, tablet, or laptop; Available for Windows computers running Windows 7 or higher

Portability is Excellent!

I was able to move the Chromecast from one room to another and not have to worry about setting up the device again.   You can stream movies that you buy from Google Play to the Chromecast and be able to watch it on the big screen.   From even my small cell phone,  I can stream movies to the Chrome cast with ease.  I have been using my Acer 200 10.1 Tablet to stream to the Television.  You can however use any device that has the Chromecast app on it like the IOS and even Chrome.   I could even use my Chromebook to stream whatever I want to the Television.  As long as you have the Chromecast extension and have it setup properly, I see no major problems.

Setting up the Chromecast

The process of setting up the Chromecast on your devices were simple and quite pleasure.   The only hitch that I came in was the downloading of the updates to Chromecast.   That took the most time.   It took me around 10 mins because of my connection to the internet.   If you have a faster connection it could be faster or slower depending on your internet speed.   You can name your chromecast anything you want and yo really do not need an internet conenction to stream to the device.   If your like me downloading movies and then watching them when you get home, this is an excellent option for those who want to watch movies on the big screen.   For 35.00$ (29.99 Right Now) (Amazon Affiliate Link), It was a bargain for me.   You really do not need an internet connection do watch movies you purchase on Google Play store and or Music.   You just need to have the App and the Chromecast device.   I found I made the best purchase possible, for the money!   You really should try it yourself.

Google shoots my site in the foot! (Unnatural outbound links)

I got this email Thursday!

It wasn’t the best news that I could of wanted from Google.   After all, I was getting some great traffic from searches.   Although, admittedly I am not really to worried about page rank.   It isn’t like I was making a ton of money from people coming to my site but it is the principle of thing that really bothers me and makes me really un happy.  I would of like Google to email me saying we think you have unnatural links and suggest which links were unnatural instead of just dropping my page rank.   some sites just do not know some of this, I am working long hours at work and this comes my way.   It’s like Google likes to shoot all sites in the foot just because they can.

Granted, Sites like to Make Money!

It would be silly of my to say that I didn’t like the adsense revenue that started to happen last month.   I pretty much doubled my adsense in a months time and I am quite sure it was all by my doing alone.  I know which posts Google had a problem with and I’ve pretty much dealt with them.  It was my Gust Posts from other people and organizations.   I found out that Google thought I was getting paid for these guest post.   In truthfulness these were really from BlueFirePR, which isn’t necessarily anything bad but I guess Google Doesn’t want them to control SEO rankings.  So I am instituting a new guest post policy.    Anyone wanting to submit any guest posts, must now be using the NOFOLLOW policy, and maybe a Dofollow policy for anything that I think is a good site but I have the final say so.   I have already went and put all those links that I think were not tech related as nofollow and I have also submitted a request to remove the block and asked that they give back my rankings.   I do not know if I will be at the same level as before, or if it will go down and never recover but I am willing to work with Google on this.

Guide Lines for Other Webmaster!

I thought it best to talk about some of the things most webmaster will want to implement as soon as they hit that little snag in the road.  It isn’t everyday you get an email like this from Google.  I have submitted a manual request but it could take several weeks before I find out the results of what they will do!  Until then here are some suggestions for future guest posts that you might do on your own site:

 

  • Guest Posting — If your looking for quality guest posts, join something like Guest Crew (Affiliate Link).  I’ve been on their for some time and I have been publishing posts to other sites with little effort and been making my site more popular!
  • Only have one Dofollow link — If you looking publish an article that isn’t in your niche you may as well make all links nofollow just so you do not make Google suspicious!   It is up to you how you publish or post your content.
  • Niche Guest Posting — If you are going to post, it is suggested that you keep the post in your niche and that way Google will not get to suspicious.   This is where Guest Crew (Affiliate Link) can help.   It can find posts that are in your niche and you have the final say so!

 

I was going to do a how to on finding these culprit links but there are plenty out there that do the job for me and I didn’t have to look far or long to find the problems on my site since I have been doing this for so long, I know Google doesn’t act slowly, so I knew it had to be really recent that was the red flag for them.   If you think it is something really old, then you will need to do a lot of searching but I knew it wasn’t so for me.

I’ve played a version of this game before and I know my site is older than it looks but I also know what to do when I get hit by these problems.   Stop think, re-examine the problem and you will always come out on top!  

Has it happened to you, how about leaving a comment telling me what you did?

How to restore and backup your Timesheet date on the Android OS!

Timesheet Pro: $2.50Backing it up!Screenshot 2014-03-29 at 3.53.57 PM

I talked about 3 Different Timesheets but I still recommend TimeSheet Pro from Google Play store.  I’ve had nothing but success but I have had one or two problems along the way with this app.  I wanted to discuss this and possibly help people keep their important time information from being lost.

Before we begin though there are a few things you need to make sure you have a way to backup your times.  You will need to register for a Dropbox account (Again, I get no money for the link other than the possiblity to get 16gb of space on dropbox).  I have yet to figure out how to use it with Google Drive but I am hoping the maker of the app has it planned in the comming weeks! :) It would be so much easier for me since I already have enough space on my Google Drive to keep it safe!

How to Back it up!

Screenshot_2014-03-29-16-33-38Right Now you will need to have your Dropbox account registered and download the Dropbox app.   You will then need to Authorize Dropbox.  You can get to that by going into your settings menu.   The easiest way I can do it by using the Menu button and then select More and then Settings.   Once their you should then go to the Backup menu and that is menu should look like the picture.

If you want to have two different backup locations such as the cloud and and external SDcard.   You will need to enter the SDcard location.  It can be several ways like:

/storage/external_SD/(folder)

/mnt/sdcard/_ExternalSD/(folder)

/mnt/sdcard/external_sd/(folder)

/mnt/sdcard/(folder)

These are just a few but if you need help figuring out the name of the location of your SD Card, you can use something like Astro File Manager!  I use this all the time when start using a new phone or tablet.

Now since you have setup both your dropbox and ou sd locations.  You will need to test it out if this is your first time, if not you will just have to go to next step.

Restoring your Information!

Screenshot_2014-03-29-15-32-04 Screenshot_2014-03-29-16-33-23Now since you have setup the dropbox.   You will now need to restore the information that you have lost.   If you did not do this in the first place your data probably wasn’t backup and this will be useless but if you did this in the beginning to prevent that then please continue!

You will need to find the location that you have the newest backup of your data, either the external sd card or Dropbox.  You can use Astro File manager to know which dmp file was created the lastest.   Once you’ve found it, you will need to make a copy of the file.  This way if something while restoring you can still have a copy.

The dmp file should start of with:

(year)(month)(date)_numbers_numbers.dmp

Screenshot_2014-03-29-17-43-42Even I do not know what the numbers mean but you can find the date that is needed to back up and copy to either the cloud or copy from the cloud.   Once you have made a backup of that file.   You will then need to rename the file to “automatic.dmp” and copy it to the location on the sdcard that you’ve told the program were to backup to.  I found this to be the easiest way.  You can however just use the file that is created but I like to keep it from being deleted or used.

If you have setup the paths the right way and copy the files to the right directory you will see something like this when you click restore on your phone or tablet.   Each time you need to restore, you should follow these directions that way it makes it so much easier and simplier.  If you decided to use the automatic.dmp file, you will have a selection to select the automatic file.   Either way, once your restored your back to where you have left off.

If I have helped you with this app please consider sharing it and also use my Amazon link whenever you want to buy something from Amazon.  This helps me keep doing the things I love.  A small commission is given to me everytime you use this link to buy products or services from Amazon and you pay nothing more for using it!