SSL Beyond 128-bits of encryption

Not All SSL Is the Same*

SSL should be chosen from an established,  reliable CA who delivers at minimum 128-bit encryption and optimally 256-bit encryption. It should be issued from a globally-available root infrastructure using 2048-bit RSA keys or better. The SSL issuing authority should maintain industrial-strength data centers and disaster recovery sites optimized for data protection and availability. The CA must have its
authentication practices audited annually by a trusted third-party auditor.



*Reference - SSL 101: A Guide to Fundamental Web Site Security by GeoTrust

With so many privacy tools out there, why is nothing catching on?

Personal information privacy is a big concern among so many of us. But we find ourselves powerless more often than not in keeping this data under our very own control. Unless we decide to live under a rock.

My colleague in the research lab (Kristine Gloria) asked me a very interesting question over an email conversation we were having. With so many privacy tools out there, why is nothing catching on? This is what I had to say...

1. Some of them are really good and catch on eventually, but its hard to find ones that have mass appeal..Common man is not as tech savvy as we'd like to believe. They want a simpler life, even more when using a computer, a mobile phone, tablet, what have you.
2. Free is good initially but once the people behind it lose interest in their product or move onto something else, there are no updates or bug fixes happening. A product coming from a company has longer shelf life and people know about have higher reliability.
3. A lot of the free products are created for tech savvy customers. Not enough efforts are made for widespread use. The user interface has to ensure ease of use. 
3. Many have come up with good ideas in concept, but the implementation is so crappy, that one begins to lose hope from such solutions.
4. Also, when i think about it, what kind of people would love to work for free and come up with softwares that offer long-term solutions? I find it hard to find good, long-lasting motivations behind them.
That does not mean I've lost hope :-)...just need to ensure good solutions are made part of mainstream and do not get lost in the bleachers!!

How to be an effective blogger, everytime

An excellent and quick read on the fundamentals of writing effective blogs. I myself try to follow the concepts  laid out in this article for every post that I create(except the one which states - write more frequently, at least weekly).
Although the purpose behind the referred article is to learn to effectively create and distribute business related content online, I feel it applies to blog writing in general. For our purposes, that is technical blogging, I tweaked the article a little bit while retaining the overall essence:

1. Writing for the right audience - I understand that not everyone shall benefit from my blog. But at the same time I make sure that I do not lose out on the niche readership base. In my mind, students pursuing higher education, especially in the field of science and technology will relate most it. Also, anyone interested in research or privacy and security related matters will instantly find their time being put to good use when they visit my blog. Others, may be not.

2. Making headlines meaningful - I ensure that the headline basically is a summary of the article in 4-7 words.   A vaguely or incorrect headline will only attract the wrong audience and if this wrong practice is continuously followed, it may discourage the readers from revisiting the blog.

3. Focusing on quantity over quality - I promised me that i'll write at least a post a day. That obviously was an overestimation of the time available to me. Given that I've personal and professional commitments, and that I do forget sometimes about the blog, even a week becomes hard to manage. This is one area I need to work on. Other than that, some form of committed frequency is a good habit. Readers do start expecting a post in that time frame once they become regular visitors. Which, by the way, will happen only if one writes regularly.

4. Use the Search Engine Optimizer wisely - That's what they are for. Properly tagging the post with the right labels will attract targeted readership and make the post show up in search results on a popular search engine like Google.

5.  Blog writing is not the same as other forms of writing - So be careful in replicating the content elsewhere. Like research publications, articles, presentations etc. Blogging uses a more natural form of language, unlike a more technical style used in research publication. They definitely require a much more sophisticated form of writing and that is because of reason no. 1 described above - "The Audience". So keeping the content quality true to the audience it is targeted towards, one will seldom make the mistake of writing too casually or otherwise.

6. Always proofread - Something never to be missed. One is never in too much hurry to allow a poorly or un-proofread post go online. Once completed, always look out for the various mistakes one can make in writing. A short article on this can be found here. My rule of thumb- Read the post in its completeness. Save it. Take a break for a few minutes. Revisit the post. Publish it only if it still makes sense.

Everyone's snooping

And I thought only free online services are sharing user’s personal data. Apparently, even if you’re shelling out $70+/month for your phone bill and have a Verizon account, there is a likelihood that your call’s metadata (information like call’s origination, destination, call time and duration, caller’s and recipient’s phone numbers)has already been shared with the NSA and FBI. Thinking of switching to AT&T?

Well, they're not any better. In 2006, an AT&T technician, Mark Klein exposed that the company was providing fiber tap to the NSA through some of its data centers.

Another one caught my attention a few days back. So Marissa Mayer wants to read my emails. Claims the company's TnS mail and messenger,"to provide personally relevant product features and content, to match and serve targeted advertising and for spam and malware detection and abuse protection." My strong intuition tells me its more for the advertisers less for protection against spams. Looks like she's bent on making Yahoo, a Google-like company in more ways than one. This idea too was stolen from Gmail. And why not. Revenues generated from such advertisements may just save this giant sinking boat.

What surprises me is that these news still surprise people and have the tendency to make it to the front page. Even today, when bills like CISPA are being approved by the House of Representatives (more than once),  I doubt much was hidden from the national agencies. They do, however, act as a reminder to people that they need to raise their voices much louder and more often to whoever is taking privacy for a ride.

Friendship that benefits

LinkedIn published an interesting article yesterday on how can the success of people one is surrounded with be a factor in their success.

That is, if one wants to be successful in life, he needs to spend more time with other successful people. Else the "ability" to not succeed can bring one down. And five is the magic number.

Says Jim Rohn - "You are the average of the five people you spend the most time with."