Skip to content

Month: May 2012

Quick, Easy, and Cheap VPN for Mac

Published by Will Chatham on 5/9/2012

If you are not paranoid about using open Wifi service at coffee shops, hotels, and other public establishments, you should be. Time and time again it has been proven that such locales can be extremely dangerous for doing mundane things such as checking your email or posting to your Facebook account. If you are unlucky enough to be sitting near one sniffing snooper looking for login credentials to be passed over the air, and you can quickly find yourself locked out of everything you thought was your own.

Update: Please see this new list of the best VPNs for Mac in 2021.

I recently tried out Hotspot Shield, a quick and easy way to get yourself up and running on an encrypted VPN. This one is for Macs, but there are probably many other solutions out there if you are on Windows, Linux, or others.

Hotspot Shield has a free version, but for $29.95 it’s well worth it to have the ads removed and get a bump in speed. In fact, the speed of this VPN solution is what impressed me the most. I didn’t notice any lag in surfing around the web.

Once you have it installed, it’s just a click of the button in the task bar to launch the VPN and get yourself routed through the tunnel. It takes about 3 seconds to connect.

With a third party VPN solution such as this, you aren’t covering your tracks or surfing around in complete anonymity, mind you, but you are at least securing what you are doing from the prying eyes of anyone on the same Wifi (or other) network as you.

PHP-CGI Exploit is in the wild. Get protected ASAP.

Published by Will Chatham on 5/8/2012

The vulnerability that sat undetected for 7 years was disclosed last week, but today it has been announced that exploits have been seen in the wild.  They are working on releasing a new patch. This is pretty bad as it’s not exploiting one particular web application, rather, it is exploiting web servers running PHP in general.

The quick fix is to add this to the .htaccess file on your website(s):

RewriteEngine on
RewriteCond %{QUERY_STRING} ^[^=]*$
RewriteCond %{QUERY_STRING} %2d|- [NC]
RewriteRule .? – [F,L]

Unless you have compiled PHP from source on your web server, you will need to wait for your vendor (Cpanel, WHM, RedHat, CentOS, etc) to release the updated version. I suggest you implement the above .htaccess fix in the meantime.

 

Edit 5/9/12 12:19PM Eastern:

Most cPanel configurations are protected by default: http://www.cpanel.net/2012/05/cpanel-protects-against-php-vulnerability.html

Nextgen Gallery Instruction Manual & Help

Published by Will Chatham on 5/8/2012

If you’ve ever used the Nextgen Gallery plugin for WordPress, you may be aware of how daunting it can be to figure out. There are a lot of settings which take a large amount of trial and error to figure out. If you have given it any time, you know that once you learn the basics, you see what a powerful tool the plugin can be for managing galleries and slideshows on a WordPress website.

Here are a few resources you can use to help find info in case you are in need.

Jenn Mears has taken on the task of creating the missing manual for Nextgen Gallery. It’s a few years old at this point, but it covers a lot of the basics which still apply to the current version of the plugin.

If you can’t find what you are looking for there, you can always peruse the WordPress Codex for Nextgen discussions.

There is also the all-too-brief FAQ on the plugin author’s website.

And, of course, you can always ask for help in the Geekamongus WordPress Forum.

Hide Yourself From Social Networks (and others)

Published by Will Chatham on 5/6/2012

Did you know that Facebook gets a report every time you visit a site with a Facebook “Like” button, even if you never click the button, are not a Facebook user, or are not logged in?

That, and more you should be aware of here in this Consumer Reports article.

Priv3 for Firefox will silently prevent the cookies from Facebook, Twitter, LinkedIn, and Google+ from being installed in your browser, thus protecting you from being tracked everywhere you go online.

Take it a step further and install CSFire to block not only the big four social networks, but any site that surreptitiously makes requests to third parties without your knowing it. It takes a little more management to unblock sites you want to function this way, but it will greatly increase your overall online privacy (and safety).

One of the above, paired with AdBlock Plus and NoScript will go a long way toward keeping you safe online.

 

The Geekamongus Discussion Forum is Open

Published by Will Chatham on 5/6/2012

We’ve set up a shiny new discussion board here on the Geekamongus site. Come join us for professional shop talk related to a wide array of subjecmatter. From infosec to web development discussions, we can accommodate it all.

And uh, yes, this is the first post of 2012. Kinda lame, I know, but we are busy keeping things running for people!