Wednesday, December 13, 2017

Web Secret 497: the best of iWebU - Web Sites that Suck

On August 15, 2018, I will be celebrating the 10th anniversary of iWebU - that's over 500 weekly posts.

Leading up to that momentous date, I am rereleasing the "best of iWebU", starting in 2008 and moving forward in time.

These are the posts that stand the test of time and remain as valuable today as they did then.

I begin with Web Secret #24: Very Bad Websites. Why? Unfortunately, there are still terrible websites out there - I am talking to you Nespresso.

Note to my readers: Websites that Stuck stopped updating after 2014 - but the site is still up and in my opinion - it's the best of its kind - and hilarious to boot. Also - and maybe this is comforting - the individual websites that I listed have gone out of business. They were too terrible to survive. The "Checklist 1 - 149 Mortal Sins That Will Send Your Site to Web Design Hell" alone is worth reading:

Web Secret #24: Very Bad Websites - October 29, 2008

Just as you can learn from visiting the very best websites, you can learn a lot from visiting the very worst.

Conveniently for all interested parties, there is a web site that collects and ranks the absolute turkeys of web design, web navigation and web content. I am talking, of course, about the fabulously edifying and entertaining "Web Pages That Suck".

The great thing about this website, is that not only do they rank the worst of the worst on a yearly basis, but they accompany their selections with witty commentary.

You too can explore such atrocities as:
Tally-Ho Uniforms & Accessories - one of the top 10 worst websites of 2007
Yvette's - a rising contender for the worst of 2008
Burlington Ufo and Paranormal Research and Education Center ("This is so godawful that it ruptures the very fabric of space and time")

Remember my August 22, 2008 post, Web Secret: Ten Commandments of Website Design? This is what happens when you simultaneously violate all ten commandments.

Bonus Secret: Wondering if your web site sucks? Then read their "Checklist 1 - 149 Mortal Sins That Will Send Your Site to Web Design Hell", and wonder no more.

Wednesday, December 6, 2017

Web Secret 496: Computer security

Last month, CNET published an informative article "How to give your parents the security talk this Thanksgiving" which I have decided to summarize (with occasional comments) for you, my readers.

I am doing this because my experience has been that most people - whether they are Boomers or Millenials - don't know Jack about computer security.

So even though the topic is borrrring, you should at least understand the following:

Phishing: This is when someone pretends to be somebody else in an attempt to steal your information, whether it's a credit card number, login password or any data that can be used in an attack. Phishing attacks often come in the form of email that contains a link taking you to a website designed to trick you. The easiest way to avoid getting phished is simply to not click on any links in emails. If an email coming from Netflix says your account is getting canceled, just go directly to Netflix's website to check it out -- don't do it from the link in the email.

3 tips to spot a phishing email:

Grammar: Bad grammar is a tell-tale sign of an online scam.

Check the source: The address the email came from is often a thinly veiled disguise (coming from instead of, for example).

Weird links: You can hover your mouse over links and pictures to see where they'll lead you. If an email claiming to be from Netflix is actually going to a suspicious website, that's a good sign it's a scam.

My comment: Phishers are becoming increasingly expert at sending emails that look authentic. Many of these emails report that something is being canceled. Automatically be wary of any such email.

Password managers: It's a pain to have to remember different passwords - but it's also a must. Fortunately, there are services out there that will keep all your passwords in one place.

With password managers, you just have to remember one password for the manager. You log into that service and the managers sync across your browsers and devices, bringing both security and convenience. Find out more here.

HTTPS and SSL: Every time you go on a website, you should check to see if there's a green lock icon next to the URL. That symbol shows you're on a page protected by HTTPS, which stands for Hypertext Transfer Protocol Secure.

The green lock tells you the website has Secure Sockets Layer (SSL) enabled, meaning there's a certificate to prove that the website is secure and that your sensitive information can't be stolen or spied on. Think of it as a virtual seal of approval that your secrets are safe.

Sometimes going on a nonsecure site can't be avoided (CNN's website, for example, is not HTTPS). You should be careful about entering sensitive information on public Wi-Fi if you have to go on non-HTTPS pages.

Ransomware: This is a type of virus that locks up your important files and sometimes your entire computer, unless you pay the ransom.

You should back up your files regularly in case you ever get hit with ransomware - my fav utility for this is Carbonite. CNET has an entire guide on whether you should pay the ransom. The short answer is don't.

Patching: Companies like Microsoft and Apple aren't sending frequent updates just to annoy you. Most of the time these updates come with patches to fix security flaws that were recently discovered. Suck it up and update your devices.

Two-factor authentication: It's an extra layer of security on top of your password.

It's around you everywhere you go already: swiping your debit card and then entering your PIN code, or writing a check and showing a driver's license with it. The factors are often a combination of something you know (a password, a PIN, answers to a question) with something you have (a thumbprint, a card, a phone).

The most common version of two-factor authentication is a code texted to your phone after you enter your password. Warning - this can be more complicated and annoying than it sounds.

Be safe.