Run Your Own Free Proxy Through the Google App Engine [Proxy]

This post is by Jason Fitzpatrick from Lifehacker

Click here to view on the original site: Original Post

Finding a good proxy is difficult. You either have to run it yourself from your home computer or web server, or you’re left scavenging about for free proxies online. Instead, you can run one for free through the Google App Engine.

If you want total control over your proxy experience, you can always run a home proxy. We showed you how to set one up last month with our guide to bypassing heavy-handed firewalls. While you’re tinkering away with your home network it’s also worth setting up a SSH SOCKS proxy to encrypt and secure all your remote traffic too.

If you don’t want to leave your computer on all the time or be limited by the speed of your home internet connection however, you can use a Google account to set up a proxy server that runs off the Google Apps Engine and allows you to browse via proxy independent of your home network and without having to trust a sketchy third-party proxy. You’ll be running your own proxy server through the Apps Engine, free for you to tweak. They’ve put together a detailed guide at Digital Inspiration, check out the video below:

For step by step instructions, including lots of screen shots, visit the link below. Have your own way for circumventing firewalls and browsing on your own terms? Let’s hear about it in the comments.

Run a Total Background Check on Yourself with Free Online Tools [Privacy]

This post is by Adam Pash from Lifehacker

Click here to view on the original site: Original Post

Consumer-advocate blog Consumerist is always looking to help you keep tabs on Big Brother and any of your personal information He’s tracking. Toward that end, their comprehensive list of online background-checking tools is worth a look.

Photo by Charline Tetiyevsky.

Why would you want to run a background check on yourself? We’ve offered reasons before, but as Consumerist puts it:

Now you can know what Big Brother knows about you and get access to the same dirt everyone from your boss, landlord, insurance agent, to your favorite casino has on you. Here is a comprehensive list of websites and phone numbers for most of the “specialty” consumer reports, like your employment, rental, and check writing history. Be sure to check them out and correct any errors, before a crisis hits.

Their list covers the gamut of online info checkers, from employment and tenant history to insurance claims, credit reports, check-writing histories, prescription drug histories, and more—and most of the services appear to allow consumers to run a free report on their own information. If you’ve gone down the background-check road in the past, let’s hear what you used—and what you discovered—in the comments.

Don’t Hit F1 in Windows If a Web Site Asks You To [Malware]

This post is by Kevin Purdy from Lifehacker

Click here to view on the original site: Original Post

Microsoft has announced a scripting vulnerability affecting Windows 2000, XP, and Server 2003 users using Internet Explorer. A dialog pop-up that convinces the user to hit F1, the commonly known “Help” button, could then run code on the machine, which would lead to, well, all kinds of unfortunate things. A patch will arrive, but in the meantime, let no web site direct you to call for help. Original image via Tom’s Guide. [Microsoft TechNet via Gizmodo]

Four short links: 3 March 2010

This post is by Nat Torkington from O'Reilly Radar - Insight, analysis, and research about emerging technologies.

Click here to view on the original site: Original Post

  1. Top 25 Most Dangerous Programming Errors (MITRE) — I could play bingo with this on some of the programs I wrote when I was learning to code. Now, of course, I am perfect. *cough*cough*
  2. RepRap Printing in Clay — interesting because of the high price of the plastic that fab units typically use. Other groups are working on this–see, for example, recycled glass, sugar, and maltodextrin.
  3. Artificial Flight and Other Myths — amusing parody of anti-AI arguments.
  4. Snake Oil Supplements — visualisation of the scientific evidence for various food supplements. What interested me is that it’s automatically generated from data in this Google Doc.

No Microsoft, General Taxation Is Not the Answer to Malware

This post is by Sebastian Rupley from GigaOM

Click here to view on the original site: Original Post

Microsoft Vice President for Trustworthy Computing Scott Charney today at the RSA conference in San Francisco proposed an Internet usage tax to fight malware infections and the effects of botnets. But do users at large really need to pay for one of Microsoft’s own most costly problems?

As Computerworld reports, Charney equated his proposal for better “social solutions” to the malware problem with existing models in place in the health care system:

“I actually think the health care model…might be an interesting way to think about the problem. With medical diseases, there are education programs, but there are also social programs to inspect people and quarantine the sick. This model could work to fight computer viruses too.”

Charney proposed that “general taxation” could foot the bill for fighting malware, and discussed inroads being made battling it at the Internet Service Provider (ISP) level. In particular, ISPs have been having increasing success at shutting down some botnets, which produce large quantities of globally spread malware and spam. Just recently, Microsoft was successful in shutting down the Waledac botnet, which it did by filing a legal injunction that resulted in a restraining order allowing the shutdown of over 200 allegedly nefarious Internet domains.

Clearly, Microsoft is getting more creative in battling the spread of malware, but let’s not forget that there is self-interest in such creativity, because Microsoft’s own Windows operating system and other tools are the largest targets in the worlds of botnets and malware baddies. As OStatic notes, “Few are likely to be impressed or take seriously a suggestion that a general taxation should be used to fix a problem that Microsoft is more than partly responsible for, especially when the company reaps staggering profits on its Windows licenses in the first place.”  If general taxation is implemented to pay for the costs of fighting malware, do Linux users have to pay the same tax as Windows users?

Charney did suggest numerous creative strategies to fight malware going beyond general taxation, including public education programs and public service announcements. But these suggestions, too, raise questions as to who is going to pay the bills at the end of the day. Hopefully, taxpayers at large won’t get stuck with them.

Related Post on GigaOM Pro (sub req’d):

As Cloud Computing Goes International, Whose Laws Matter?

Image courtesy of Jacreative on Flickr.

White House cyber security chief says cyber threat is biggest economic risk

This post is by Dean Takahashi from VentureBeat

Click here to view on the original site: Original Post

At the RSA security conference in San Francisco today, White House cybersecurity chief Howard Schmidt said that the biggest economic threat facing the nation is the cybersecurity problem.

He said the government is mobilizing to deal with electronic attacks, which have hit everyone from Google to everyday consumers who have had their identities stolen in credit card scams. (He didn’t dwell on the idea that this is the biggest economic threat; after all, bankers and insurance companies have been pretty big threats to the U.S. economy as well).

In his first major public appearance since President Obama appointed him last year, Schmidt said that the country has to do something about fixing systemic problems that make the nation’s computers vulnerable to cyber attack.

Government has to go beyond functioning like a “fire department” that puts out fires. The federal agencies in charge of dealing with cybersecurity have been too reactive and haven’t cooperated enough. Schmidt said that in the past nine months, he has tried to pull everyone together in a coherent effort. His job is to coordinate the government’s response across all federal agencies, including defense and civilian operations.

Schmidt ticked off a bunch of things that were on President Obama’s to-do list last year, including naming a civil liberties coordinator whose aim is to protect privacy of the citizenry. He recognized that private industry, including entrepreneurs, have a big role to play in upgrading the nation’s defenses.

Some of the work is very basic. Schmidt said there should never be any confusion about who to turn to in the government when an attack happens. He said the government should be set to respond in real-time to threats, not after the fact.

“We have to learn to deal with a moving target because the attacks are always changing,” he said.

And the government should reveal what it knows in the name of transparency, without spilling necessary secrets.

As an example, he said that the White House was declassifying information in its Comprehensive National Cybersecurity Initiative, which was launched in secret in January 2008. It consists of 12 programs that include information about research and development, cyber education, and some details about cyberwarfare issues.

The Easy, Any-Browser, Any-OS Password Solution [Passwords]

This post is by Kevin Purdy from Lifehacker

Click here to view on the original site: Original Post

Whenever we talk passwords, we always preach the same thing: Use strong, difficult-to-remember passwords, and different passwords for every site. Easy to say, extremely difficult to do through sheer willpower. I’ve tried many password-remembering systems, and this is what I’ve stuck with.

To paraphrase photographer Chase Jarvis, the best password manager is the one you have with you. Of all the password management utilities out there, I consider LastPass the most elegant compromise between convenience and security, and if you’re not using it already, I recommend you start. It’s mostly free, plugs into nearly any browser or smartphone, is KeePass compatible, and just works.

Why LastPass?

Why not just use KeePass for all my passwords and be done with it? It’s secure, open-source, extensible, and geeks like Gina have sworn by it as a password solution. Oh, and many readers love it, too. If I only used Firefox, KeeFox would provide a pretty good browser integration, and I could use Dropbox as a universal KeePass syncer.

I like KeePass. KeePass is friendly and locks down pretty tight. But when it comes to filling in web passwords, I want the path of least resistance—and I want to convert my friends and family into more secure practices, too. LastPass offers a few advantages over KeePass:

  • Universal: KeePass has a nice collection of extensions and plug-ins, but they’re all over the place when it comes to support, updating, and platforms. LastPass offers extensions for Firefox, Internet Explorer, Chrome, and Safari on Windows, Mac, and Linux. There are a few gaps (Opera, mainly), but they’re covered in large part by free auto-filling bookmarklets (covered below) and desktop, portable USB apps, and mobile software, offered to LastPass’ premium subscribers.
  • Simple: LastPass has a multitude of options, settings, tools, and other knobs to twiddle, just like KeePass. If all you want, though, is a better kind of universal password manager that remembers your log-ins, simply install the browser extension, log into LastPass, and let it do its thing. It automatically prompts you to save passwords and form data—though you can turn that off—and fills out username/password fields, with an easy switch to another login name.
  • Secure, yet dummy-proof: My one fear with systems like KeePass, where I’m keeping my own database and, potentially, safe-keeping my own encryption key file, is that I’ll do something stupid and delete that file, or forget that ultra-secure master password. Sure, sure—you’re a superhero of forethought and memory, and would never do such a thing. Me, I’ve had too many brushes with Dropbox sync screw-ups (my ow fault for tinkering, usually) and memory gaps to leave it up to myself to serve as my own knight to protect the Holy Grail. LastPass uses a single master password to log into your account, sure, and if you lose that, you have to jump through quite a few hoops to get it back. But it is, technically, recoverable.

The short version of LastPass’ safety and privacy setup, and its technology is that the only thing stored on LastPass’ servers is a heavily encrypted bundle of your passwords and the sites they belong to—a form of host-proof hosting. They don’t have the encryption key to your passwords (only you do), and the encryption and decrypting all takes place on your own computer, where a backup copy of LastPass’ records is always kept. If LastPass became evil, or got hacked, the nefarious doers would have to buy one of Google’s server farms to break into its users’ passwords. And the service strongly encourages using strong, secure, randomized passwords with web sites, and it ends the use of insecure password storing by browsers.

Switching to LastPass is easier than you’d think too, mostly because LastPass lets you import passwords from KeePass and many, many more password management apps and sites. Heck, if you only want to use LastPass for your web passwords and still keep your more intense security concerns in KeePass, go ahead. You can actually store non-web passwords and data in LastPass, but we’ll get to that in a bit.

Intrigued? Even just a little interested? Here’s how LastPass can make your web browsing, or maybe the browsing of a friend with really weak passwords, more convenient and secure. Go ahead and create an account if you’d like, but LastPass actually recommends creating that account from a browser extension or software download.

Browser Extensions

The primary means of getting your username and passwords into your web sites. They’re all slightly different, but work basically the same: you click an icon, log into LastPass with your One True Password—making sure not to set your extension to remember that password—and then just go about your browsing. When you hit sites that ask for a username and password that you already know, LastPass will drop down a tiny little toolbar and ask if you want to save them. If you need a new username and password, you can have LastPass generate a random, highly secure couple, save them, and never worry about remembering them again.

Here’s LastPass’ (somewhat clinical) explanation of how their extensions work, demonstrated on Firefox:

One-Time Passwords

If you’re in a foreign land or on a sketchy Wi-Fi connection, the last thing you want to do is pass your universal LastPass password over the insecure airwaves. Luckily LastPass has a brilliant solution: Set up your account with some one-time passwords, then use them whenever you’re somewhere not entirely locked down. As soon as you log in, that password becomes invalid, and, as mentioned before, your passwords don’t fly over the open air in any case.


As we’ve previously shown, when you’re on a system where you can’t install your LastPass extension, or if you only like to occasionally fill in a form or login/password field, you can use LastPass bookmarklets to get at your stashed-away passwords. They work on nearly any browser with decent JavaScript capabilities on most any platform.

Secure Notes

Let’s say you’re looking for a universal password, PIN, and other security data database, like KeePass and its ilk. If you find LastPass convenient, you can store any data as a Secure Note, and it gets the same kind of password-protected, blindly encrypted treatment as your passwords. Helpful for those “virtual keyboard” passcodes that banks often use, telephone PIN numbers, and other non-simple security schemes.

Smartphone Apps, Portable Apps, and a Mobile Site

Small screens, tiny keys, and microscopic text fields are a reality of many smartphones. Even if your phone handles password input well, it’s hard to find a password syncing solution that meshes well with every browser and system (Mac users have 1Password, but that’s a very Mac-universe app). LastPass has dedicated apps, with free 14-day previews, for iPhone, Android, BlackBerry, Windows Mobile, Symbian, and Palm WebOS (phew). They generally offer both simple password retrieval databases and in-app browsers for jumping right into a site.

If your phone isn’t covered by an app, or you don’t want to pay the $14/year for a premium subscription, you can hit the LastPass mobile site to get at your security goods. If you’re the type to keep a USB thumb drive handy at all times, you can grab a Firefox Portable extension, or “LastPass Pocket,” from the downloads page and launch either one right off your drive.

That’s why I dig LastPass, and it’s why I’ll be quietly trying to move the other computers in my house, my family, and, not so quietly, my fellow editors onto this service. If you have other reasons you dig LastPass, or another web or desktop-based password management scheme, tell us all about it in the comments.

Qualys launches cloud-based scanner to detect drive-by malware on your site

This post is by Dean Takahashi from VentureBeat

Click here to view on the original site: Original Post

Drive-by malware has become a huge problem lately. That’s where hackers use a vulnerability in your web site to embed malware within it. Then, anyone who visits your site will download the malware onto their computers.

That’s why Redwood Shores, Calif.-based Qualys is launching two new services today. The first one is Qualys Guard Malware Detection, a free cloud-based service that scans your site to determine if you’re a victim of a drive by and your site has inadvertantly become a distributor of malware. The software also cleans up the malware and provides you with automated alerts. It identifies the snippets of bad code so that you can immediately remove it.

The second is Go Secure, a paid service that lets companies take more actions to protect themselves. For $995 a year, the service checks to see if your web certificate is up to date, which allows for secure e-commerce. It also scans for other vulnerabilities and reviews your web applications for vulnerabilities. If you subscribe and pass muster, you get a security seal on your site. If your site is hit with an attack, the security badge is removed and then automatically reinstated when the site is cleaned up.

Qualys was originally founded in 1999 to pioneer a software-as-a-service model for security software. The Qualys Guard service is used by 4,000 companies.Qualys itself now has $57 million in revenues and 42 percent of Fortune 100 companies are using its security software. The company has 240 employees and has raised $65 million to date.

Philippe Courtot, chief executive and chairman, said in an interview that the software is highly accurate, with only 3.2 errors for every 1 million scans. It can also scan millions of URLs daily. Courtot said there are built-in protections to make sure that the scanning does not slow down a site so it is unresponsive.

The software uses both static analysis and behavioral analysis to identify malware while scanning. The static analysis identifies the source code that is typically used in malicious attacks, such as encoded JavaScript, web bugs, and character encoding inside of inline frames. Behavioral analysis catches behavior that occurs when visiting a site with an unpatched browser or operating system. It monitors the unpatched machine for suspicious behavior, such as programs being installed or files being written to a hard disk.

Rivals include Dasient.

Check Point launches ZoneAlarm DataLock to protect laptops and netbooks

This post is by Dean Takahashi from VentureBeat

Click here to view on the original site: Original Post

Just like laptops, netbooks are easy to steal. So security software maker Check Point Software Technologies is launching software that can protect your data even if the laptop or netbook is stolen.

The ZoneAlarm DataLock software is designed to encrypt laptops and netbooks so that they’re useless to whoever steals them.

A survey by Harris Interactive revealed that 56 percent of laptop owners would be concerned if their personal data was stolen, but only 10 percent of them use encryption to protect their files. Mostly that’s an education issue. But the software hasn’t been that easy to install either.

Redwood City, Calif.-based Check Point focused on making the software easy to handle. It automatically encrypts all hard drive content, including credit card numbers, personal photos, social security information, financial documents, medical records and other important data. ZoneAlarm DataLock also safeguards information that users forget about, such as automatically stored passwords and things that they’ve thrown into the recycle bin — but still isn’t flushed from the system’s storage. (Hint, you have to empty your recycle bin periodically).

Users have to provide the correct username and password before they boot the operating system on the computer. If you forget the password, ZoneAlarm has a 24-hour per day password recovery phone service. ZoneAlarm DataLock by Check Point sells for $29.95 but can now be purchased from the ZoneAlarm web site for an introductory price of $19.95.

Check Point Software Technologies, a publicly traded software firm, bought Zone Alarm six years ago. Back then, the company had firewall software that offered basic protection for a computer. Zone Alarm now protects more than 60 million computers.

ZoneAlarm competes with rivals such as Symantec and McAfee.

Cloud ‘Recovery’ or Just The Same Old Thing?

This post is by Guest Author from ReadWriteWeb

Click here to view on the original site: Original Post

cloud sky rainCloud computing means many things, but almost all definitions include some key value propositions: scalable on-demand resources, a metered pay-per-use model, access over the Internet, and infrastructure management and optimization that is better than most data centers.

At a more conceptual level, cloud computing abstracts away all the undifferentiated IT tasks. Most businesses don’t add any value to their customers or create any competitive advantage for themselves when they buy, build, configure, and manage servers and storage. This is doubly true for disaster recovery equipment and data centers.


Conversely, poor performance in these tasks can cost value and competitive advantage. There is no benefit in doing these tasks well, but there is cost to doing them badly. This is like the opposite of a financial call option – lots of downside risk, but no upside.

For companies planning their first disaster recovery data center, with the associated selection, build, and maintenance tasks for servers, storage, and networking, cloud computing seems like an obvious fit. They can trade the capital expense that buys them no new value, for a no-commitment operating expense that probably buys better operating practices than they could achieve themselves.

Solutions are beginning to grow up around this idea of cloud recovery. The name is a little optimistic because most offerings today are traditional backup solutions, with little or no ability to actually recover in the cloud. Although a lot of vendors in the backup industry are making cloud announcements, they are mostly just letting users store backups in the cloud. In order to really deserve the cloud recovery title a solution should have the following features.

  1. The ability to recover workloads in the cloud: The cloud can offer more than just a place to dump your backup files. It can provide the computing systems to run your recovered systems, and after a production system fails, the ability to quickly restart a complete replacement with data, applications, and complete configuration in the cloud.

  2. Effectively unlimited scalability with little or no up-front provisioning: A few vendors can offer rapid, off-site recovery, but they don’t really qualify for the cloud title unless they provide lots of stand-by capacity with no up-front reservations or configuration. While this seems like a lot to ask, this is the promise of cloud computing.

  3. Pay-per-use billing model: A defining characteristic of cloud computing is that we only pay for the things we use. Use a little this week and pay a little; if we use a lot next week then we pay more, but only for that specific week.

  4. Infrastructure that is more secure and more reliable than the one you would build yourself: When we decide to outsource any part of our operation, we worry about the security and reliability of our vendor. The best cloud providers have not only large scale equipment, but also large scale expertise. This means that they can be much better at security and reliability than any of their customers, and their data center is better than one we might build for ourselves.

  5. Complete protection and automated recovery: Non-expert users should be able to recover everything they need by default – the current crop of solutions is shockingly bad at this. This is the cherry on top because it makes everything so easy. No one wants to go through a “run book” full of recovery procedures and bring in experts for each system to assist with getting recovered systems back online. Depending on the type of disaster, experts may be scarce, and the run book is probably out of date. Why not make the run book part of the automated system? Instead, simply push a button that says “recover now”, wait for the files to copy, and then log in to the perfectly configured system, running right in the cloud.

In summary, the trouble with traditional backup solutions is that they are really focused on dumping the data onto tape or disk (and now onto cloud storage), and maybe restoring it back onto the original hardware. If you must recover to different hardware or a different virtualization platform, they don’t generally do much to help with the inevitable incompatibilities. And for equipment failures, you really have to have some hardware standing by.

So while cloud computing means many things, it is fair to say that any cloud recovery customer who doesn’t get all five of these features will be disappointed.

Photo credit: Suresh

Introducing the new VentureBeat weekly newsletters

This post is by Scott Hildebrand from VentureBeat

Click here to view on the original site: Original Post

I’m pleased to introduce a brand new way to stay on top of all the innovation that VentureBeat covers. Today we’re announcing the launch of 4 new weekly email newsletters: VentureBeat Week in Review, MobileBeat Week in Review, GamesBeat Pulse and GreenBeat Week in Review.

So much happens during any given week that it’s often difficult to keep up with all the headlines, product launches, acquisitions and investments. And if your professional life keeps your nose to the grindstone, it’s ever so easy to disregard the news altogether and end up missing big stories.

In addition to highlighting the biggest news of the week and giving you our take, the newsletters will keep you in the loop about all upcoming events that VentureBeat is hosting, as well as events that we just think you should know about.

We’ve also reorganized the RSS feeds so it’s much easier to find the feeds you might be interested in, as well as choose the delivery mechanism that works for you. If you’re not interested in reading feeds or don’t have the time or know-how, it’s now really easy to get an email digest of all the headlines… skim the story titles and then just read what interests you most. For example, to get a list of all VentureBeat headlines in your email inbox every day, click here.

We’ll be sending out the first newsletters within a week. Subscribe here:

Tags: , , ,


How to Investigate a Fake BitTorrent Tracker [File Sharing]

This post is by Ernesto from Lifehacker

Click here to view on the original site: Original Post

Ed. note: Ever go on a BitTorrent scavenger hunt but end up with bum files from a fake tracker? All-things-BitTorrent site TorrentFreak explains how to quickly determine the authenticity of a torrent tracker.

Image from BitTorrent visualization.

Seeding fake files on BitTorrent is nothing new, and the practice has been carried out by anti-piracy groups and malware spreaders for a long time. While many of them choose to use various open and public BitTorrent trackers, others are setting up their own trackers. We take a look at an easy way to find out more about them.

Back in 2007 TorrentFreak published a series of articles on various dodgy practices targeted at BitTorrent users. Many people were downloading torrents only to be told that they needed to install software like DomPlayer and 3WPlayer to get them to work. Of course, the torrents were fake.

We also reported on BitTorrent clients such as Torrent101, BitRoll, and GetTorrent, which also caused a whole load of trouble for those who installed them—even uTorrent and WinZip users were in the sights of malware offloaders.

In an email yesterday to TorrentFreak, a reader pointed us to a problem torrent located here (removed). The file is clearly labeled as ‘The Wolfman DVDrip 2010 aXXo’, but it is a fake—a fact which can be quickly learned by reading the comments underneath the torrent. Nevertheless, we thought it might be interesting to demonstrate how it’s possible to look a little deeper.

The file is tracked by a whole range of trackers but one sticks out immediately. currently lists 48,416 seeds and 37,496 seeders for the supposed ‘The Wolfman’ movie, a highly attractive proposition for those inexperienced in dealing with fake torrents.

Of course the stats are faked, and are run from a tracker set up especially to deliver fake torrents. Indeed, it’s run on a subdomain of TorrentQ, a bad client we featured in an earlier article. Here’s a quick step-by-step of the method we used to investigate the tracker. There are other ways, but this is pretty simple so anyone can try this out.

It’s possible to find information about the files indexed on many trackers by using ‘scrape’. In the case of the TorrentQ tracker, the scrape URL is located at So first off, go to this URL and you’ll get the option to download a file, in this case ‘scrape.php’—download it.

In this file will be information about the files being seeded on this tracker.

Next use DeHackEd’s nice little online tool called DumpTorrentCGI. Browse to the ‘scrape’ file on your hard drive, change output type to ‘/scrape’ and click the ‘decode’ button. You should get this report;

Immediately you can see that all the files are apparently hugely popular, but of course, all of these stats are faked. To prove that, one can use a site like, which creates its torrent URLs by using a torrent’s hash value. Simply test each torrent by using followed by the hash value, as shown below, and check the comments.

The torrents TorrentQ tracks are for Wolfman, Legion, My Name is Khan, The Book of Eli, From Paris With Love, Ninja Assassin, Edge of Darkness, Shutter Island and Dear John.

Every single one is flagged as a fake by commenters on

TorrentFreak is a weblog devoted to all things BitTorrent and file sharing. To get all of the latest from TorrentFreak, be sure to subscribe to the TorrentFreak RSS feed.

Add an Alpha-Numeric Passcode to Your iPhone or iPod touch [Security]

This post is by Adam Pash from Lifehacker

Click here to view on the original site: Original Post

Want a little stronger security lock-down for your iPhone than what the 4-digit PIN offers? Weblog 9 to 5 Mac details how to enable a more secure alpha-numeric passcode on your device with a few tweaks.

You’ve always been able to turn on the passcode lock in Settings -> General, requiring users to enter a four-digit PIN to unlock your device. But if you’ve ever wanted a little added security, 9 to 5 Mac has put together a simple profile using Apple’s corporate development kit that you can install on your device to enable the alpha-numeric passcode. It’s a one-click download-and-passcode affair, but if you’d prefer not using their pre-made profile, you can make one yourself by following these instructions.

Google Buzz Hit with Class Action Complaint [Privacy]

This post is by Adam Pash from Lifehacker

Click here to view on the original site: Original Post

A lot of people were upset over how Google handled their privacy when they launched Buzz, and it looks like Google may pay the price in legal fees. According to SFGate, a class action complaint has been filed against Google alleging that it “broke the law when its controversial Google Buzz service shared personal data without the consent of users.” Good thing we’ve got that handy disable button now. [SFGate]