The First Honest Cable Company is a spoof ad showing what an honest ad from your cable company would look like.
7 “Must Have” Apps for the Social Media Professional
In many ways, social media allows a business to get the word out about itself easier than ever before. As the format has developed however, audiences have become more fragmented and specialized, causing companies to search for ways to quickly and easily reach their customers. Fortunately, app developers have seized upon this and created several programs to serve this need.
While social media sites like Facebook and Twitter have their own apps, developers have created many others that can provide more specific services while working within those sites. Read on to learn about 7 awesome apps to help your social media marketing efforts. [Read more…]
21 Tips to Make Oodles of Content in Less Time
In content marketing, there’s never enough time. It’s like a grandfather clock.
Tick. Tock. Tick. Tock.
Before you know it, the time’s run out. If you’ve got a bit of extra budget, and the right ideas on board, you can make plenty of content in a lot less time.
Gmail is getting PGP Signatures
Ok for those who don’t know what PGP is let’s first give a brief explanation. PGP stands for Pretty Good Privacy. PGP encryption uses public-key cryptography and includes a system which binds the public keys to a user name and/or an e-mail address. Basically, PGP can be used to detect whether a message has been altered since it was completed and to determine whether it was actually sent by the person/entity claimed to be the sender (aka it’s a digital signature). In short it allows you to encrypt information, check the received information was not altered, and verify that it is in fact who it came from.
I know that sounds all complicated, so let me try to break it into lamens terms. You download PGP and create a public key and a private key. They are both called keys… but I prefer to look at it like this: Public Key = lock, Private Key = key. Your public key can be shared with anyone. They can use your public key to encrypt anything they want and send it to you. Once they encrypt it with your public key (aka the lock) nobody can open it but you with your private key (aka the key)… not even the sender.
Phil Zimmermann created the first version of PGP encryption way back in 1991. It’s gone through several revisions since then, changed hands many times, and has finally landed back in the hands of several ex-PGP team members who formed a new company, PGP Corporation. Confusingly PGP stands for both the company, and the technology. In reality their are open source (free) implementations of PGP that you can use.
When PGP first hit it scared the CRAP out of the government. The spooks wanted to control strong encryption, at the time PGP was created Cryptosystems using keys larger than 40 bits were then considered munitions by the government; PGP has never used keys smaller than 128 bits so it qualified at that time. Penalties for violation, if found guilty, were substantial. Zimmerman found a very novel approach to getting around this which you can read up on here.
I’ve been a PGP user for a LONG time. Most people don’t understand why. To be honest, I have very few people with whom I can send encypted or digitally signed emails too. And that’s a shame. Most people don’t understand that email travels around the net UNENCRYPTED. That’s right… it’s just like writing a letter and not even putting it in an envelope.
Ok so what’s this have to do with Google and Gmail? Apparently, a new Gmail feature was spotted that checks if the PGP signature attached to a message is valid. The following was spotting in Gmail recently:
So Google is playing around with public key cryptography to provide a method for employing digital signatures. Digital signatures enable the recipient of information to verify the authenticity of the information’s origin, and also verify that the information is intact. Sweet… if Google does this, digital signatures for the masses! Google has been pumping out new Labs features at a furious pace lately… hopefully we can expect to see this very soon!
To see code snippets and read more check out Google Operating System.
Offline GMail: Is it secure?
Gmail finally provided “offline” mode via Google Gears. So when Gears is enabled you can access your Gmail from your browser any time… even when you’re not online! Ok so that’s cool… but where does it store the data and is the data secure?
When a website attempts to interact with a gears datastore it uses uses the same origin policy as its underlying security model. In a nutshell, the policy permits scripts running on pages originating from the same site to access each other’s methods and properties with no specific restrictions — but prevents access to most methods and properties across pages on different sites. This means that a web page with a particular scheme, host, and port can only access resources with the same scheme, host, and port.
This means a site using Gears:
- Database: Can only open databases created for that site’s origin.
- LocalServer: Can only capture URLs and use manifests from the site’s origin.
The data is stored locally using a SQLite database. The downer is that your data within this database is NOT encrypted. Gears data files are protected with the user’s operating system login credentials. Users with separate login names cannot access each other’s Gears data files… but this is only enforced by the operating system.
If two users are sharing the same login to the operating system they could theoretically access each other’s Gears data files, just as they could access any other file on the machine.