I am already quite familiar with flickr; I do some photography as a hobby and I have an account there with a large number of my photos already. I pay flickr's yearly fee so people can see more than 200 of my photos.
Of all the 'social' web applications, flickr was the first one I ever joined, so I wasn't used to its 'contacts', 'groups' etc. I was a big skeptic when it came to social web applications. Since using other social applications, I find that I wish flickr had more privacy control. I'd love it if I could prevent certain parts of my profile or certain photos from being viewed externally (such as by Google's indexer), or set viewing rights for my photos on a per-contact basis (so I can show a picture to a certain person).
As a result of having photos on flickr I occasionally get comments from other people who are into photography. This is encouraging. I have also had 3 photos which were published in magazines - one in print, the other two online. The publishers found my photos by searching flickr based on the tags I had used and, in one case, the Creative Commons license I had given the photo.
If you want your photos to be found, I would recommend adding relevant tags to them. That way, someone who is doing a search for a particular Melbourne landmark is likely to find your photo of that landmark. I'd also recommend submitting them to relevant groups, so Melbourne photos can go to the Melbourne group, and so on.
Picture Australia (from the National Library) has created 2 flickr groups which encourage people to upload photos of people, places and events, and their town. The idea is that selected photos from these groups will become a part of Picture Australia's image collection. I haven't contributed anything yet, though there's no reason I shouldn't - I have plenty of photos of 'my town'. If you feel like contributing photos to Picture Australia would give you a warm fuzzy feeling then do have a look at the information on their site. I think I might get involved.
Friday, September 28, 2007
Tuesday, September 25, 2007
Managing passwords
I have so many different accounts with online services that I cannot possibly use a different, easy to remember yet hard to guess, password on every one. Or at least that's my excuse.
For security it's a good idea to choose a password that contains both letters and numbers, is at least 8 characters long, and doesn't contain a dictionary word. This rules out passwords such as 'ringwood' or 'happy123', or anything with your user name in it, because machines could guess them quite quickly. It's also good practice to use a separate password for each organisation where you have an account, and to make sure that you remember them without needing to write them down. Here's some more about password security. While I have a decent understanding of online security, in various ways I fail each of those requirements.
One could argue that the importance of a given password is relative to the sensitivity of the information it protects, and hence the damage it could do if someone else were to gain access. For my online banking, for example, I use a string of otherwise meaningless numbers that are very hard to guess, and I've never written them down anywhere. If I did that everywhere that I have an online account, however, I wouldn't be able to remember them all.
Some people use a software package such as KeePass to remember their passwords for them. This stores and encrypts all of your different passwords, and reveals them to you only after entering a master password of your choosing. I'm skeptical about this, because it allows a single point of failure; if someone manages to get that one single password they can now access anything you own. At the same time, if I forget that master password or my hard drive crashes, I have a frustrating time ahead of me.
Another concern is social engineering attacks including phishing, which have the potential to render all technological security measures useless, as they work by simply deceiving the password holder into revealing the password to someone who appears genuine. A rule of thumb here: if it looks like your bank, it may not be your bank.
From my perspective, though you should always be careful about security online, you should exercise the greatest caution with any organisation that has access to sensitive information such as your credit card numbers, where you live, your real name, or anything that could be used to defraud you or pose as you.
If there is a better way to remember many passwords yet at the same time ensure they are unique and hard to break, I'd be interested in finding out more about it.
For security it's a good idea to choose a password that contains both letters and numbers, is at least 8 characters long, and doesn't contain a dictionary word. This rules out passwords such as 'ringwood' or 'happy123', or anything with your user name in it, because machines could guess them quite quickly. It's also good practice to use a separate password for each organisation where you have an account, and to make sure that you remember them without needing to write them down. Here's some more about password security. While I have a decent understanding of online security, in various ways I fail each of those requirements.
One could argue that the importance of a given password is relative to the sensitivity of the information it protects, and hence the damage it could do if someone else were to gain access. For my online banking, for example, I use a string of otherwise meaningless numbers that are very hard to guess, and I've never written them down anywhere. If I did that everywhere that I have an online account, however, I wouldn't be able to remember them all.
Some people use a software package such as KeePass to remember their passwords for them. This stores and encrypts all of your different passwords, and reveals them to you only after entering a master password of your choosing. I'm skeptical about this, because it allows a single point of failure; if someone manages to get that one single password they can now access anything you own. At the same time, if I forget that master password or my hard drive crashes, I have a frustrating time ahead of me.
Another concern is social engineering attacks including phishing, which have the potential to render all technological security measures useless, as they work by simply deceiving the password holder into revealing the password to someone who appears genuine. A rule of thumb here: if it looks like your bank, it may not be your bank.
From my perspective, though you should always be careful about security online, you should exercise the greatest caution with any organisation that has access to sensitive information such as your credit card numbers, where you live, your real name, or anything that could be used to defraud you or pose as you.
If there is a better way to remember many passwords yet at the same time ensure they are unique and hard to break, I'd be interested in finding out more about it.
Friday, September 21, 2007
Blogging privately
A lot more people than I expected have been blogging anonymously. It shows that people are concerned about revealing their identity online, which is probably a good thing. I've never had a blog before where I've used my real name - though people have been able to find me anyway (more on that later).
Someone pointed out to me this afternoon that while blogging is second nature to some of us, the concept of having an online identity is foreign to some, and the idea that people out in the wider web would be able to find our account without us knowing is a little worrying.
It's true - having a blog enables anyone who really wants to, to find us. If you're taking the step to allow other people to read your blog, people can be reading it at any time and you won't know. It's not so strange to me; as a web site publisher the fact that my audience is largely unseen and unknown is usually at the back of my mind.
I'm quite concerned about privacy and being able to be found on search engines such as Google. So I often use alternative names where people will be less likely to find me. Sometimes I've had to have information revealed about me because of my job - the company website, projects I've worked on and things I've attended.
Unfortunately many of the ways in which I appear in search engines I have no control over, because it's been other people putting information about me online. People have added photos of me to their own sites and tagged me with my real name. I think it's pretty rude, but it seems to be common practice among many people and lots of people aren't as concerned about my privacy as I am. Some believe that I should be less concerned about it too, because it's supposedly inevitable that privacy as I know it will always erode.
I do understand however that anything I place online is likely to be archived by search engines and other public access sites for people to search far into the future. Something worth getting concerned about?
Someone pointed out to me this afternoon that while blogging is second nature to some of us, the concept of having an online identity is foreign to some, and the idea that people out in the wider web would be able to find our account without us knowing is a little worrying.
It's true - having a blog enables anyone who really wants to, to find us. If you're taking the step to allow other people to read your blog, people can be reading it at any time and you won't know. It's not so strange to me; as a web site publisher the fact that my audience is largely unseen and unknown is usually at the back of my mind.
I'm quite concerned about privacy and being able to be found on search engines such as Google. So I often use alternative names where people will be less likely to find me. Sometimes I've had to have information revealed about me because of my job - the company website, projects I've worked on and things I've attended.
Unfortunately many of the ways in which I appear in search engines I have no control over, because it's been other people putting information about me online. People have added photos of me to their own sites and tagged me with my real name. I think it's pretty rude, but it seems to be common practice among many people and lots of people aren't as concerned about my privacy as I am. Some believe that I should be less concerned about it too, because it's supposedly inevitable that privacy as I know it will always erode.
I do understand however that anything I place online is likely to be archived by search engines and other public access sites for people to search far into the future. Something worth getting concerned about?
Subscribe to:
Posts (Atom)
