Jerry's Blog  1.3.240
mi propio
Data Security
Thu November 29 2018  6:40pmBlog notes

I used to drive a Toyota pickup whose non-functioning ignition switch I replaced with an array of 3 ordinary household toggle switches for: engine, starter, dashboard. Not what you'd call advanced security; anyone could start my truck and drive off without a key (if they could figure out which switch was which.) At the same time, I lived in a farm house with 4 exterior doors, only one of which had a working keyed lock, and that one key was a big skeleton key, too cumbersome to carry about with me. For eleven years I lived a completely key-less life. And never had a problem with auto theft nor home burglary nor vandalism.

Not that I lived in a crime-free area. I'm sure there were many instances of auto theft and burglary in those same eleven years. For example, my neighbor Dave was the victim of a break-in theft, in spite of the fact that his home was equipped with a state-of-the art security system. Or - was it because he had hi-tech security that he was victimized, and not I?

If your browser is warning you that Jerry's Blog is (gasp!) not secure, that's a sign that you had better be careful with your browser, especially when browsing sites that it considers 'secure'!
Imagine a would-be burglar coming to my house when I'm not home and finding the door unlocked. "Yikes!," he might say to himself, "this guy must be nearby, or he wouldn't leave his house open like this!" Or someone in a darkened parking lot thinking about hot-wiring my truck - but how do you hot-wire a vehicle that has no keyed ignition? The unusual and unexpected lack of security would be alarming to most criminals. By contrast, the presence of a state-of-the-art security system is an attraction to the modern burglar. The system's presence indicates that there must be something worth stealing, probably there are no other significant safeguards, and the system's familiarity is a green light to bypass its well-known security measures and proceed with the theft.

Such has become the internet. Long gone is the early concept of a free and simple exchange of information. The web is increasingly overrun with spammers, hackers, and identity thieves. So protective protocols were developed, but as these have grown more complex, the hackers' expertise has kept pace. Don't be fooled: each new security protocol is certain to be deciphered and exploited in short order, probably even before your browser and your favorite website are upgraded to take advantage of its promised security.


Ugly security
The problem, as I see it, is three-fold. First, each new protocol adds greatly to the 'handshake' exchanged between your computer and the server, which makes the initial connection slower and slower, adds to your monthly internet bill if you have metered service, and makes it nearly impossible to access some web pages if you have a slow connection. Meanwhile, rest assured that the hackers all have modern high-speed equipment. The increased traffic overhead is a problem for legitimate surfers, but not for the bad guys!

Secondly, as noted above, the 'https' protocol becomes, not a deterrent, but an invitation to hackers, a promise that there's some valuable encrypted information, free for the hacking.

Thirdly, and most seriously, ask yourself who are the bad guys? When you post personal information to your Facebook page, are you comforted by the fact that you are using an up-to-date security protocol? That your secure browser is 'approved' by Facebook? Or that your 'secure' browser approves of Facebook's security protocols? Do you really trust Facebook itself? Really? Facebook doesn't need to hack your personal data; you've handed it to them willingly, like a docile, trusting lamb. How many people must sacrifice their identity before people understand that Facebook is one of the wolves?

Who are the engineers of the increasingly complex security measures? Google. Microsoft. Do you trust them? And the baddest wolf of all: the National Security Administration. Remember the Snowden leaks? Yet the NSA continues to contribute to the design of each new protocol, specifically so that they may more easily exploit them and harvest people's internet data.

My response: let Facebook and Microsoft and the NSA chase one another's tails. Welcome to Jerry's Blog. When you navigate here, or anywhere on my CyberJerry site, that's all you're doing. Here there are no Google ads, no links to Facebook. (I suppose you could 'Like' CyberJerry on Facebook, but there are no links here to do so.)

Obviously, if you post a comment, it will be openly published to the world; that's the whole point. But if you want to send me a private message, or create a member profile telling me your real name and email address, rest assured that your data will never be given to the wolves. Even if Google or Microsoft were to track you here, they won't be able to harvest any information, because CyberJerry does not transmit your data via an 'approved' encryption protocol. I use my own encryption techniques, unpublished, and subject to my own revision. Your identity and personal data are safe here at CyberJerry, regardless of your browser's dire warning that the site is insecure. In fact, if your browser is warning you that Jerry's Blog is (gasp!) not secure, perhaps that's a sign that you ought to be careful with your browser, especially when visiting sites that it considers 'secure'!

More technical details upon request. Just ask!
Besides Jerry's Blog, this site contains a private message board available only to Lenore and myself, at least two data bases for my own personal use, and at least three other places where visitors may post private (unpublished) information. Here's a challenge to any would-be hacker: demonstrate to me that you can steal or intercept any of these private data, and I will openly admit defeat, and will publish my admission right here. Am confident that my challenge will go unanswered, or that any attempt to answer the challenge will result in failure. How confident? I will share more technical details upon request. Just ask! CyberJerry is neither running with the pack, nor running in fear away from it; just let the wolves chase their own tails. You, the legitimate CyberJerry surfer, have navigated away from the bad guys.

  1 comment
rev. Thu Apr 4  6:04pm
 
Blog End
Sat December 2 2017  4:45pmBlog notes

Contrary to what the first post says, there seems to be no obvious need to write any more about the process of creating a blog from scratch. Oh, you may notice a few minor tweeks since that post: The color scheme now looks more like the rest of the CyberJerry web pages. Have converted completely away from mysql. Made a small collection of my favorite quotes to display at random on the top of the side bar. Mostly, the past two weeks have been spent testing and shaking out bugs, a process that will surely continue.

In concord with the first post, I believe Jerry's Blog has become pretty much what was intended: A simple tool that should run well on a variety of devices, with reasonable security and without the need to keep up with the demands of Blogspot, Facebook, or LinkedIn, which are constantly 'upgrading' their platforms. I repeat my offer to accept suggestions and criticisms from any and all visitors.

Having said that, this current post represents (perhaps) the last post written about the blog itself. Jerry's Blog is intended to be a tool, not an end in itself, but a means to an end. From now on, I'd like to focus on the end goal: exchanging thoughts and opinions on a variety of subjects which may be of common interest. Or, at least, which are of interest to me, while freely welcoming input from others who share those interests.

I suspect my attention will now turn to my Sudoku Analyzer, and to a "Sudoku Challenge" that I would like to offer soon. Stay tuned.

  0 comments
rev. Dec 4 2017  3:37pm
 
Meta Blog
Thu November 16 2017  10:00pmBlog notes


Blogging about blogging
Writing my own blog. No, that doesn't mean writing posts on a new Blogspot or Wordpress blog. It means creating the blog itself - designing server database tables, writing the webpages and blog scripts, debugging, re-thinking, re-working. . . the whole software development cycle.

What 'meta blog' means is that the first few posts of this new blog will probably be about the progress and regress of the above. Blogging about making a blog. And in this case, blogging about starting over again from scratch, on a new hosting server.

To begin, here are my initial design decisions:

  • Simplicity. I have no interest in top-heavy 'features' as characterized in sites such as Blogspot and Facebook, but a simple no-frills platform in which to communicate and exchange ideas.
  • Compatibility. The aim is to run on a variety of platforms, including old hardware and slow connections.
  • Flexibility. As the programmer, I look forward to being able to make changes as I see fit, without having to depend upon Google engineering decisions.

Would also like to hear any suggestions you might have.

  6 comments
rev. Dec 4 2018  10:58am
Politics be damned; it's like watching two wolves and a sheep argue over what's for dinner.
- Joel Trumbo

Articles
All  
Blog notes
Sudoku
Nicaragua
Religious/Rant
11/29/18Data Security
12/2/17Blog End
11/16/17Meta Blog
©2017, 2019 Jerry DePyper - Jinotega, Nicaragua, C.A.
rev. 2019.01.07