livebooks blog

“Photographers get busy and don’t always come to the blog for news.”

Kodak’s new brand campaign named “It’s Time to Smile,” focuses on strengthening relationships by sharing important life moments, in pictures of course. Behind the happy message, though, is a not-so-cheery outlook. After thousands of layoffs and salary cuts earlier this year, the company reported yesterday its fourth quarterly loss in a row, PDN reported.

Jorge Colberg at Conscientious alerted us to an interesting interview with William Patry, senior copyright counsel at Google and author of a number of books on copyright law, including his recent Moral Panics and the Copyright Wars. The interview covers topics from the AP-Fairey lawsuit to the moral imperative of copyright.

Popular news site The Daily Beast, in partnership with Global Philanthropy Group, has launched a philanthropy and photography site, The Giving Beast. Be sure to check out the galleries, featuring works of Sarah Elliot, Elizabeth Gilbert, Suzy Allman and other note-worthy photographers.

Despite some questions about its longevity, the New York Photo Festival will launch its third year in 2010, as Andrew Hetherington reported this morning on What’s the Jackanory? Lou Reed will be one of the lead curators this year, but Andrew tips his hat to Erik Kessels, whose 2008 NYPH conversation with Martin Parr was a highlight. We’re stoked about photo thought leaders Vince Aletti and Fred Ritchin (check out this excerpt from Ritchin’s recent book, too).

I blame my friends who work at three-letter agencies for the United States government. They are the ones who invited me to the Black Hat Technical Security Conference in Las Vegas to drink, have a good time, and learn how completely ignorant I was about online security.

Today, I am a changed person. What I previously deemed to be adequate, if not savvy, security precautions for my quotidian web use, I learned was the same as leaving a full camera bag with the top flipped open on the front seat of my parked car. Sure, the doors are locked, but it would take only the slightest initiative and about six seconds for someone to break the window and walk away with tens of thousands of dollars in gear. I know what you’re thinking. You would never do that. Okay, then take the quiz below. If you answer yes to any of these questions, I’ve got news for you: You’re way more vulnerable than you think.

• Do any of your passwords contain a word that can be found in an English language dictionary or in a dictionary covering pop-culture references from the last 100 years?
• Do you ever close a web window that is signed into an account of some kind without logging out of the account first?
• Ever log in to your bank or credit card account without first checking if the lock symbol is active on your browser window?
• Ever log in to your bank account or 401(k) from a free WiFi access point?
• Ever open an email when you’re unsure where it came from?
• Ever log in to a secure site from a borrowed computer?

Why we are the way we are
In spite of the news stories that circulate daily about online security breaches, we are surprisingly apathetic about the threats they pose to us personally. It’s like backing up your computer — it’s a secondary concern until you’re hit with disaster. Then, suddenly, you’re a convert to the church of redundancy.

Unfortunately recovering from a security breach is nowhere near as easy as recovering from a lost hard drive. With the latter you at least have an idea of what you’ve lost. You can lament it over a glass of wine and move on with your life. A security breach places the control of your social, financial, and photographic life in the hands of someone else. And the ramifications will potentially haunt you long after the initial breach.

Consider the following. A friend of mine had a huge falling out with a close friend, who guessed her email password and sent an inflammatory email to her entire address book. Most of the recipients realized her email address book had been compromised, but those who didn’t know her well were shocked. Ultimately she was able to contact everyone and inform them what happened — but you can imagine how things could have gone worse.

My friend, like many of us, never thought twice about the weak password on her email account. The convenience of an easy-to-type, easy-to-remember password took priority over other considerations. She could not fathom anyone using her email account maliciously.

This is what gets us into trouble. We’re good people and have an inherent problem thinking like criminals. It’s hard for us to see our online assets through criminal eyes and predict how to protect ourselves.

Squatting
A while back I was uploading images to the FTP directory of my web site when I was hit with a disk space error. An examination of my FTP server revealed dozens of unidentified folders, most filled with illicit pornography. My head spun. Given the nature of the material, I contacted my internet service provider, filed an official support ticket, and had them remove the files in case there were any legal protocols involved. A hacker had broken my FTP directory password and was serving up an entire website from my FTP directories for months without my knowledge. Oh man, I was pissed.

Unfortunately there was no way to trace the hacker. Moreover, and frightening to consider, if the authorities had found the illegal site before I did, I could have been arrested. An investigation would have revealed I had been hacked, but who needs that kind of grief?

If you’re utilizing a portfolio service like liveBooks that is monitored by a professional IT staff, you’re safer, but only if your password is strong. Weak passwords are the easiest way for a hacker to access to your account. If you do get hacked, liveBooks keeps a backup of your online portfolio going back a week onsite, and going back a month at a secure offsite facility. Recovery usually takes an hour. But don’t depend on those protocols unless you absolutely have to. Adopting safe practices is a lot easier and less expensive.

Good habits
So here we are at the basic security primer for photographers, or anyone else who spends most of their time online. This is by no means a definitive list, but it will help you think more carefully about your online habits. The information here was gathered from Black Hat, Craig Butterworth at the National White Collar Crime Center, and Carl Slawinski from Agile Web Solutions.

NEW HABIT 1 — Free WiFi: Never, ever, ever log in to your bank account or credit card account when you’re on a free WiFi access point. The reason you have to use a password to access most WiFi networks, especially your own, is because that password encrypts the information floating through the air between your computer and the WiFi hub. If the network is open, so is the information your sending over it.

NEW HABIT 2 — Passwords: The days of passwords drawn from kid’s birthdays, dog names, and Star Wars characters are over. I have seen a brute-force attack crack a weak password in minutes. With today’s powerful computers and free cracking dictionaries and rainbow tables available online, hackers can let computers run for days while they sort out passwords.

One of the most effective ways to keep your passwords strong, like ox, is to invest in a product like the highly regraded 1Password from Agile Web Solutions. I have been using the product for years, but only after my discussion with folks who make 1Password did I take my security to the next level.

1Password generates strong passwords, which it stores for you. When you need the password, the application will enter it for you with an easy key stroke. The generated passwords are so convoluted that you’d never be able to remember them, but that’s the point. 1Password is also on the iPhone so you can take your passwords with you. The file that they use to store your passwords is heavily encrypted and would take a supercomputer 128 years to crack it. More »

“We want to make sure we are as specific as possible to keep our business safe.”