Just Coded A Password Manager in Python.

Lately, I’m learning how to code in Python. So far I was able to complete coding a password manager in Python. This password manager can encrypt and decrypt the stored local passwords. You also need to create a master password before you can use the software. This program got a few minor bugs but it’s fully functioning. I’ve uploaded the source code to Github. Check out the source at https://github.com/aarriitt666/VPass.

How Real Is Cyber Threat?

Technology is like anything else that can be used for good or for evil purposes.  Many things have dual purposes or even more than just dual purposes, and technology is no exception to this fact.  Perhaps, there is an exception to the rule, but my small brain cannot think up one for the moment.  Anyhow, there are forces in the world that are trying to use technology for evil purposes.  For an example, from nuclear to cyber threats.  Nuclear threat has existed for many decades already, and by now most people know what MAD means.  In this blog post I’m not going to bother with voicing my opinion on nuclear threat.  Instead, I’m going to focus on voicing my opinion on cyber threat.

Lately, we have seen big powers like USA and China accuse each other of cyber warfare.  It’s obvious that it’s hard to know who is doing what in term of hacking one another in the cyberspace.  Nonetheless, I think I know why cyber threat is a growing concern.

On the surface, before we unravel all the layers of onion, we truly cannot see why there are fusses about cyber security.  For some people, they think that cyber threat can be dealt with best cyber security practices and no more than that.  Of course, it’s true that cyber security measures such as installing well known antivirus software and firewall are definitely going to help counter most cyber vulnerabilities.  Nonetheless, there are other cyber vulnerabilities out there that won’t be eliminated by even the most powerful firewall and antivirus programs.  Why?  I think there are some well kept or new cyber vulnerabilities that have not been dealt with, because these cyber vulnerabilities are well kept secrets or too new.  By using these cyber vulnerabilities and better hacking tools, hackers are able to wreck havocs on the cyber networks of the world.

When we peel more layers of the onion off, we can see that cyber security is very important.  How come?  In my opinion, it’s about a digital future where money mainly get create in digital form.  This is the future trend that our present (the world) is heading for.  Of course, if we just rely on cyber networks for communication and not for banking and monetization, then cyber security can only be boiled down to privacy and few other things but not of money matters.  Nonetheless, cyber networks as in the Internet can be used for electronic commerce, banking, and the whole nine yards.  This means cyber security is needing to be taken seriously, otherwise hackers can just waltz in and erase, steal, change, and do whatever else to the digital money that belong to various money matter institutions such as banking, electronic commerce giants, and whatnot.

I can imagine a scenario that a group of powerful hackers that is sponsored by a powerful organization hacks a cyber system of a country to a point that they erase all of the digital money from this country, leaving this country as a bankrupted nation.  Nonetheless, this country can totally create new digital money out of thin air if she wants to, but will this be ethically, legally, and sensibly?  Can such an incident be covered up easily?  After all, we’re living in a globalized world, and transactions are having been done globally all the time; something like this if to rain upon a country will not be easily covered up.

This is why I think cyber security issues are so important nowadays.  Without proper measures to protect cyber networks, the vulnerable Internet can gradually weaken the trust of digital money transactions, leaving countries and everyday people seek out the traditional means of doing transactions.  Perhaps, this is why we’re seeing the prevalence of traditional transactions today.  Cash is one good example of traditional transactions.

When I’m hearing how one country is having difficulty in protecting a state secret from being leaked out through the cyber networks, I think it’s absurd that such a country is connecting her secret networks to the Internet in the first place.  I think each country should keep her state secrets on an Intranet that won’t be connected to the regular Internet.  Furthermore, such a country needs to provide physical protections to her Intranet, because when hacking cannot be done remotely someone ought to waltz into such a network physically so the hacking can be done eventually.  For an example, stealing state secrets with the usage of a thumb drive (USB devices or similar devices).

In summary, I think the fusses about cyber security threat are real.  This is why we are hearing countries complain about being victims to hack attacks and whatnot.  Corporations are also experiencing cyber security issues, because corporate espionage can be done through cyber networks with ease.  Whenever an entity is connecting to the Internet and it doesn’t matter what type of entity that is, cyber security issues become real just like any other important issue that matters.  Of course, if there is a day that we do not rely on the Internet anymore and money transactions do not take place in the Internet, then cyber threat will not be a threat of anything but only a historical fact.

Personal Note:  The advance of encryption is also important, because encryption can be incorporated into various network tools to secure the Internet transactions.  With strong encryption, it’s harder for hackers to decrypt the Internet transactions into plain text, thus preventing important information from being leaked.

Reset ownCloud Passwords For Admin And Users Using phpMyAdmin

Warning:  Following the instruction below at your own risks, because bad things happen!  Don’t blame me for your bravery in destroying ownCloud’s database if something goes wrong and beyond one’s expectation.  Nonetheless, I’ve used the exact directives to successfully change the admin and users passwords for ownCloud.

Forgetting your ownCloud’s password?  Whether your ownCloud’s admin or regular user password is lost, you can always restore or change the password for the admin or user.  Perhaps, you forgot to enter the email address into user’s settings to receive lost password reset email, to think that you’re stuck is being crazy.  Of course, unless you forgot your MySQL database’s root password too, then you really are stuck and won’t be able to access your data that reside within ownCloud.  Nonetheless, let’s hope you aren’t yet out of options, then you can totally use your MySQL’s root password to edit your ownCloud’s admin or user password.  I won’t talk about how to access and edit any other database as I can barely get around MySQL.  Nonetheless, read on and the trick is here to treat you well.

I don’t even bother with MySQL command lines, and so I sure hope you have installed phpMyAdmin.  We will use phpMyAdmin to edit out the oc_users table’s passwords.

  1. So, first of all, log into your ownCloud MySQL’s database as a root user or the owner of ownCloud database through phpMyAdmin.
  2. Secondly, expand the left panel and expand the ownCloud database.  You should see bunch of ownCloud tables underneath ownCloud’s database, and these tables should begin with oc_ extension.  Try to find oc_users!
  3. Click on oc_users to access the oc_users table.  Before you even think aboud editing a user entry within this table, you must know that once you edit a user’s password there is no going back to the original password.  Of course, if you already know the original password, you wouldn’t do this in the first place!
  4. Click on the edit link next to the user to access the oc_users’ user entry.  In here you can change the password for a user.  Don’t do anything yet though, because the passwords store within oc_users table are encrypted with whatever.  If you delete the encrypted passphrase, you basically delete the password.  Nonetheless, you can’t enter a password of your own, because your password isn’t encrypted.  If you try to enter a plain password, your user account won’t see the password change.  Furthermore, if you try to empty out the password, ownCloud’s login page won’t allow you to access ownCloud service even though you had emptied out the password.
  5. If you read my instruction carefully, it means you haven’t done anything yet.  Good, because now you need to open up a web browser’s tab or a new web browser so you can go to http://pajhome.org.uk/crypt/md5/ (link).  If this webpage is still the same and has yet to be changed, under the Demonstration section you should see MD5/SHA-1 boxes.  Instead of entering a real password that can be read by the owner of this website, you need to enter a weak password (that you plan to change it later) into the Input Calculate Result’s top box.  When done entering a temporary password that is easy to remember, hit the SHA-1 button to allow the webpage to generate the SHA-1 hash.  Make sure you copy the SHA-1 hash result in the bottom box.
  6. We need to paste the SHA-1 hash passphrase into the password’s value field (box) of a user you want to change the password for within the database.  So, back in phpMyAdmin, within a user’s entry which resides within the oc_users table, you need to enter the SHA-1 hash into the password’s value field (box).  Hit the Go button which situates right underneath the password’s value field (box).  This should do it.
  7. Now, you can try log into ownCloud service with a new password that you had created for the ownCloud user.  Of course, the password isn’t the SHA-1 hash passphrase, because the ownCloud’s login page expects the regular plain password that you encrypted with SHA-1 hash earlier.  If everything goes as plan, you should be able logging into the ownCloud’s admin or user account.  From, here you can change the password in Personal page, and so you should change the password you just changed for your ownCloud admin or user into a really strong password.

Now, you can chuck down a beer and congratulate yourself a job well done.

Crypto Currencies, Bitcoin, and Quark for Newbies

Crypto currencies are on the rise. Don’t ask me why, because I don’t think I know the whole answer to this. Sure, I can make few indirect, incoherent, suggestions that may suggest why crypto currencies are on the rise, but I won’t as I know that will open up all sorts of crazy talk against me and whatever. Nonetheless, as I’m speaking, the crypto currencies such as Bitcoin and Quark are gaining in value, tremendously. How so? It’s now that 1 Bitcoin is worth around $1000 or more. Let us check out the link below and you will see that I’m not making this stuff up.


Anyhow, Quark is the newest crypto currency yet, and it is also on the rise. The developers for Bitcoin who are also developing Quark boast that Quark is even more secure than Bitcoin. How so? They suggest that Bitcoin was the very first crypto currency they had worked on, and there were many mistakes that they had made with Bitcoin. Although they weren’t the one who came up with Bitcoin and the whole idea of Bitcoin, but they were the ones who worked on Bitcoin platform to improve Bitcoin crypto currency in general. Nonetheless, the mistakes they made with Bitcoin are now being fixed by Quark. Basically, I’m not sure I understand about Bitcoin and Quark underlying technologies all that well, but what I can comprehend from their saying is that Quark is way more secure since Quark relies on more than one encryption. In fact, if I’m not wrong, Quark is relying on 6 different encryption technologies while Bitcoin is only relying on one encryption technology. With more underlying encryption technologies behind Quark, it’s much harder for people to figure out how to break Quark’s encryptions at a go, therefore it won’t be easy to bring down the whole Quark crypto currency in time. With Bitcoin, whoever knows how to break its underlying encryption technology will be able to mint Bitcoin however he or she wants. It means, he or she can be rich in Bitcoin whenever he or she wants.

Of course, my understanding of these two crypto currencies’ underlying encryption technologies are clearly limited, therefore what I’m spewing might seem to be very uneducated, regardless to Bitcoin and Quark. Nonetheless, if I’m not wrong, then what I’m saying might have some merits, therefore what I’m saying might help you scratch the surface, somewhat revealing how these crypto currencies work.

Anyhow, at this moment, crypto currencies aren’t yet clearly labeled as illegal means of attaining some sort of wealth values by any specific government. Sure, I’m not exactly knowing which government would condone or not condone the usages of the crypto currencies, but I’m seeing that the people of the world are using them as we speak. Or else how they’re becoming valuable as we speak? Of course, in the future, we won’t know which crypto currency would survive as complementary currency to the government back currencies, but as we speak there are more than one crypto currencies in play. If you check out cryptsy.com, you will see people are trading in dozens of different crypto currencies. For me, only Bitcoin and Quark caught my eyes. Why these two? Well, Bitcoin was the very first of its kind and its value per Bitcoin has no rival as we speak. Quark on the other hand is being suggested by its developers that it’s more secure than Bitcoin and all other crypto currencies, therefore I think it might have better chance in surviving the crypto currency madness if the crypto currency venue is here to stay.

Am I supporting and condoning the usage of crypto currencies such as Bitcoin and Quark? Look guys, I’m a nobody, therefore even if I say Bitcoin and Quark and other crypto currencies are the way to go, nobody will care. Nonetheless, if you are insisting that I should make it clear, to be honest let me say I don’t have a clue. I can’t really condone or suggest that you should use these crypto currencies since I don’t have a clue. Furthermore, these crypto currencies carry risks. What risks? Let see, you never know that these crypto currencies might just be a trend of fads, therefore one day people will think them just as funny money. You know, like how you play with those funny monopoly money in the monopoly board game? Nonetheless, to be honest with you, I’m currently owning some crypto currencies. At first I owned around 0.10 of Bitcoin, and then I converted 0.10 of a Bitcoin into Quarks. Now I have a lot of Quarks.

Regardless of my supporting for crypto currencies or not, let just say that if one day the crypto currencies suddenly become useless, don’t say that I push you into believing in crypto currencies. As I had said, I’m pretty clueless about the future of crypto currencies as you are. Nonetheless, what I know is that these crypto currencies have made some people really wealthy as we speak. Furthermore, nobody knows the legal status of these crypto currencies in the future.

With the whatever I had spewed on crypto currencies, especially about Bitcoin and Quark is out of the way. Let me show you how to mine Bitcoin and attaining Quark, OK?

  • At this rate, Bitcoin is way too hard to mine, and might not be profitable at all, but if you insist, you can still mine them. Before mining Bitcoin, you must have a Bitcoin wallet first. Like the one that I’m going to open up now. (Opening up Bitcoin wallet!) — By the way, don’t download Bitcoin wallet in dangerous, unknown websites, because you might download computer viruses and malware and not of Bitcoin wallet. Please go to the official source for Bitcoin to download your Bitcoin wallet.
  • After you have a Bitcoin wallet, you can choose to create a passphrase to encrypt and protect your Bitcoin wallet and so whoever has physical access to your computer or is able to hack into your computer cannot steal your Bitcoins. Of course, once you forget the passphrase somehow, you will forever lose your Bitcoins in the Bitcoin wallet. Therefore, some people might just use the Bitcoin wallet as it is and not encrypt the Bitcoin wallet with a passphrase. It’s really up to you. Nonetheless, I chose to encrypt my Bitcoin wallet with a passphrase. (Show them how to encrypt Bitcoin wallet with a passphrase.)
  • With Bitcoin wallet in hand, you can now create a public Bitcoin address to receive Bitcoins. This means, you can also send the Bitcoins that you mine to a public Bitcoin address that you create for Bitcoin mining purpose. (Show them how to create Bitcoin’s public address with Bitcoin wallet.)
  • Now, you need a software which will allow you to mine Bitcoins. I have heard of Bitminter, bfgminer, cgminer, and guiminer. If you are so new to the mining of Bitcoins, then I think guiminer and Bitminter would be the easiest software for you to mine Bitcoins. Please, once again, look around and ask around for how to download these software safely, because if you’re downloading these Bitcoin mining software at unknown, not trustworthy sources, you might download computer viruses and malware and not of Bitcoin mining software.
  • Before you can even mine for Bitcoins with a Bitcoin mining software, you need to create an account with a Bitcoin pool. There are so many Bitcoin pools out there that you can sign up an account with. What is Bitcoin pool? Well, let just say that you can use a Bitcoin mining software to mine Bitcoin by yourself, but this may take years if not hundreds of years for you to be able to mine any Bitcoin. It’s all about Bitcoin encryption/math difficulty levels. Don’t ask me the underlying understanding of it all, because I’m pretty much clueless about the calculation of Bitcoin difficulty levels. Nonetheless, just to scratch the surface, Bitcoin difficulty levels increase by day as we speak, and to a point of a future that the difficulty levels get so high that mining for more Bitcoins would be impossible, even if you have really really powerful Bitcoin mining hardware. With Bitcoin pools, you can basically create a Bitcoin pool worker, entering the Bitcoin pool worker’s password and username into Bitcoin mining software to allow the Bitcoin mining software to mine for Bitcoin in a Bitcoin pool. This way, whatever electricity and hardware costs that you contribute to the Bitcoin pool will count toward the earning of a Bitcoin. Of course, each Bitcoin pool host will either charge a fee or not for allowing you to mine Bitcoin with a Bitcoin pool. So, you must look up for a good Bitcoin pool that is appropriate for your Bitcoin mining needs before you join such a Bitcoin pool. By the way, when the Bitcoin mining software asks for a worker’s password, it’s not a password of your Bitcoin pool’s account, but it’s a password of a Bitcoin’s pool worker that you had created. I hope that is clear enough so you won’t be entering a password of a Bitcoin pool account into a Bitcoin mining software. (Opening up Bitminter or guiminer to show how a Bitcoin mining software might work.)
  • Before to mine Bitcoin for real with a Bitcoin mining software, you need to create a Bitcoin public address. Once you have a Bitcoin public address for mining, you need to log into a Bitcoin pool’s website to add the Bitcoin public address that you had created for Bitcoin mining into your Bitcoin pool’s account. How to do this? Well, you have to look this up as each Bitcoin pool website might behave differently. Once you have linked the Bitcoin public address of your Bitcoin wallet to a Bitcoin pool’s account through the Bitcoin pool’s website, then you can begin to fire up your Bitcoin mining software to mine for Bitcoins.
  • At a current 700 million plus or so Bitcoin difficulty level (to be exact, as I’m speaking the Bitcoin difficult level is at 707,408,283), and this difficulty level will rise soon or later, mining Bitcoin with a latest, powerful graphic card will be very unwise, because you won’t be able to generate any worthy amount of hash to count toward your Bitcoin pool’s contribution, therefore you will waste a lot of in home electricity and electricity costs and yet you won’t be able to generate any worthy fraction worth of a Bitcoin. This is why many Bitcoin miners are using special Bitcoin hardware they have bought at specialized Bitcoin hardware dealers such as Butterfly Labs. Nonetheless, these specialized Bitcoin hardware are super expensive, and you might not even make enough return to cover the costs for these specialized Bitcoin hardware. The cheapest way to mine for Bitcoins is still about acquiring a specialized Bitcoin hardware known as ASICMiner Block Erupter USB 330MH/s. As you can see in the title of this specialized hardware, each ASICMiner Block Erupter can generate around 330 Mega Hash per second, and this is probably on the par with the latest, most powerful graphic card yet. It’s the cheapest solution since you can purchase them on Amazon and Ebay for around $46 to $75 bucks for each. A single latest, most powerful graphic card might cost up to $1000 per graphic card. Once you string a bunch of ASICMiner Block Erupter together on a powered USB hub, you can increase your hash rate by a lot. This way, you can generate a lot more hash contribution toward a mining pool and earn bigger fraction worth of a Bitcoin when the pool pays you for your mining effort. By the way, you must look for more information on how to use those ASICMiner Block Erupter USB thumbs with your Bitcoin mining software OK? I have heard that some suggest you have to download special driver for them if you are going to use them with bfgminer. With Bitminter, you may not have to download any special driver, but I’m not sure if it’s the case. Anyhow, things might change as we’re moving forward, and so it means the software might get develop differently and these ASICMiner Block Erupter thumbs might be outdated, therefore mining with them might not be feasible. Furthermore, the difficulty levels of Bitcoin mining might rise so high that mining with these ASICMiner Block Erupter might just be unwise. I guess it’s all depending on the situation you’re in when it comes down to mining for Bitcoin. Do what you can if you’re so into this whole idea of mining for Bitcoins, but don’t overdo anything or else you are at risk of losing money and health. So, be wise and careful. If you think this is not worthy of anything, please don’t mine for Bitcoin at all. If you don’t like or trust Bitcoin at all, stay away from this whole Bitcoin gambit OK? Just focus on your wellbeing.

Now, let me talk about Quark. To tell you the truth, I don’t know how to mine Quark at all, because I haven’t read into it enough. Nonetheless, what I have heard is that Quark is about 97% mined already, therefore you can only mine about 1% a year of Quark in total. So, I won’t talk about mining Quark, but how to get Quark. To get Quark, what I did was created an account with a crypto currency exchange known as cryptsy.com, and then this crypto currency exchange allows me to use my Bitcoin to purchase for Quark. That is how I get to own some Quarks. Before I can even own some Quarks, it’s obviously I have to download a Quark wallet. Like before, you must be very careful of where you download these software, because you might download computer viruses and malware from unknown sources. I think I downloaded from the official source and I had use antivirus scanner to scan the Quark wallet before I think that it’s a safe software to use. Anyhow, just like how Bitcoin wallet is being used, a Quark wallet allows me to create Quark public address. With a Quark public address is made known to a crypto currency exchange, I can then withdraw my Quarks from a crypto currency exchange and store the Quarks in my Quark wallet. Of course, you can also leave your Quarks inside a crypto currency exchange account if you decide to do such a thing. Nonetheless, I prefer my Quarks to be physically near me, because I never know a crypto currency exchange might be down or go out of business. You can also use your Quark wallet to pay for whatever in Quarks just like how you would use a Bitcoin wallet. Sending Quarks to a crypto currency exchange is also requiring you to send your Quarks out of your Quark wallet to a known Quark public address that a crypto currency exchange had generated specifically for you.

In summary, crypto currencies are very intriguing, but the future of them all is still remaining to be seen. This is why I think you should approach this whole thing with care, otherwise you will be at risks of losing money and your happiness, consequentially your wellbeing. I think if you don’t trust crypto currencies at all, then you should stay away from them. Now if you want to test the water, then just play with them but not taking them too seriously. For me personally, I’m still playing around with these crypto currencies, but the two crypto currencies I interest in most are Bitcoin and Quark. I hope my talk on Bitcoin and Quark actually helps clear up some curious questions that you have about Bitcoin and Quark and crypto currencies in general.

How Paranoid Should You Be For Backing Up Your Data?

Backup Backup Backup - And Test Restores

Backup Backup Backup – And Test Restores (Photo credit: Wikipedia)

If you ask me what is the best way to backup your data, I will probably direct your concern to more than one way.  I like to think of not placing all of your eggs in one basket kind of scenario.  What’s the point of backing up data in the first place?  It’s to hope that when things go crazy such as a computer’s data corruption might occur, you can then access your most valuable backup data.  If you only rely on one preferable backup method, then what if in a critical moment that even the backup data isn’t accessible through your preferable only backup method, what will you do then?  Even a perfect storm is a possible scenario for spreading eggs in more than one basket, therefore I think being paranoid about safekeeping your data with more than one preferable backup method is the best way to go about doing the backups for your valuable data.

For us normal folks, the regular Joe(s), who have data that we want to safeguard, it’s a must for us to spread our data in more than one basket.  It must not be that you have to be a company to take this approach.  Furthermore, nowadays regular Joe(s) do have plenty of ways to go about doing backups for their data.  Let me list few of them:

  • Google Drive
  • Pogoplug
  • Dropbox
  • Amazon Simple Storage Service
  • CrashPlan
  • External hard drives
  • Network attach storage solution such as QNAP NAS servers
  • Do it yourself FreeNAS server solution
  • rsync to a renting server with affordable monthly fee

And the list can go on a lot longer as third party cloud services are now in amble supply.  I think the problem isn’t about finding a backup solution or solutions for the regular Joe(s), but it’s about the affordability, speed, security, and conveniency aspects.  Let say, if a regular Joe wants to spread his backup data in more than one basket, how affordable can this be?  So on and so on…

I think affordability should not be as big of an issue as before the time when there were no third party cloud service and competitive (affordable) computer hardware pricing.  If you don’t intend to harbor 100 of Gigabytes worth of data for streaming purpose or whatever extreme configuration, backing up few Gigabytes worth of data should not cost you much at all.  Perhaps, you can do it at no cost too.  One example, I think Google Drive gives you around 10 Gigabytes worth of free data space or a little bit more than this, and just with this service alone you know you don’t have to spend a dime to backup your data as long you are not going over the free space limitation that Google Drive allows.  Don’t like third party cloud services for whatever reasons?  Computer hardware such as external hard drives nowadays are no longer pricing at outrageous prices, therefore it’s easier for regular Joe(s) to go this route for doing their data backups.  How about coupling Linux with a spare, dusty computer to form a local backup storage server at zero cost in term of money, but you have to spend time on putting things together such as installing Linux and deploying Linux’s network attached storage services to have a more complete backup server solution.

I can see that the many third party cloud services as good solutions for doing backups.  How come?  Let say you’re paranoid about the safety of your data to a point that you consider the scenario where local backup data can all be corrupted at the same time for whatever reasons such as a virus/hack attack (or by even a more nefarious scenario), therefore you think third party cloud services are the additional safety reservoirs for your backup data.  If you are this paranoid, I think you’re doing it right.  Although third party cloud services are good measures against local data corruption, there are problems with this whole approach in general.  Let me list a few:

  • Broadband’s upload speed (Internet connection) isn’t fast enough to do a major backup (i.e., backing up huge amount of data in Gigabytes worth)
  • Security issue… how do we know our data can be securely safeguarded and stored on the remote servers?
  • Trust issue… such as how do we know our data privacy and our privacy won’t be breached on the remote servers?

I sneakily snuck in the speed and security concerns about backing up data remotely through third party cloud services, but we should not take the security issue lightly since many people may not want their privately backup data to be made known to the whole world.  Security done right in term of backing up data locally and remotely, this will also address the privacy issue/concern too.  I think employing good network and computer security measures locally will enhance the security protection level for the backup data.  Such measures should be about employing hardware and software firewall, antivirus, and so on.  Don’t forget to update the software and firmware, because through updating these things that you can be assured of weeding out security bugs.  You can never be too sure about the security of your data when you’re backing up your data remotely, therefore you should employing encryption for your backup data before you upload your backup data to the remote servers.  One good encryption measure I know of is TrueCrypt software which can be downloaded and used freely.

I don’t think we should sacrifice our data security for conveniency, because data security is definitely more important than otherwise.  Still, conveniency should be considered in the calculation of our data backup challenge too.  It’s just that we have to make sure we don’t have to sacrifice data security for conveniency.  Let say, you want to backup your data to a third party cloud service, but you don’t like the idea of doing a local encryption for your data first… this means you are sacrificing your data security for conveniency and this is truly bad for you as the owner of the backup data (i.e., privacy concern).

In summary, I think if you’re paranoid enough about the health of your data, then you should devise many backup plans for your data.  You should try to backup your data both locally and remotely, but you should employ encryption for your data when you do backup your data remotely.  Backing up huge amount of data remotely can be very inconvenient at this point in time since so many regular Joe(s) do not have access to fast upload broadband speed.  Let hope this will change soon, and I know things will be moving in this direction since data streaming and data sharing and data backup are in much more demand than ever before.  One example would be Google fiber Internet service.  Google is driving the Internet Service Provider competition forward as Google deploys its Gigabit Internet connection service for many households in various lucky cities and towns.  With Google pushing for more competition in the area of broadband speed, I think the future — having great Internet connection for uploading our backups — is definitely bright.  As time is moving on, the costs of computer backup hardware and backup services can be even more competitive, we can expect the cost of deploying backup measures for our data can only get cheaper and easier.  I like the idea of having a NAS locally, and using one or two third party cloud services for my data backups.

(How paranoid should you be for backing up your data?  In my opinion, the answer should be, the more the merrier.)

Using VPN To Access All Local Services Without The Need To Open Up Unnecessary Inbound Ports

Before knowing much about VPN, I usually opened up many inbound ports for my computer firewall and the firewall that resided within the router so remote services such as APF (Apple Time Machine) would function correctly.  Obviously, these remote services (e.g., APF, FTP, CIFS, etc…) are also accessible within local area network, therefore one does not need to have to be outside a local area network to use these remote services.  For an example, one can just sit next to the APF server (i.e., APF which hosts on a network attached storage) and locally backup one’s Mac to the Time Machine service.  When using such services locally, one has to use local IP addresses, because one  is within a local area network (e.g., home network, office network, etc…).

The idea is to open up less ports to protect everything within a local area network better.  So, when one travels abroad, one cannot use local IP addresses to access one’s remote services (e.g., APF, FTP, CIFS, etc…), and one has to open up ports for these remote services so remote access would be possible.  Since one has to open up inbound ports for remote connections, one’s local area network might become more vulnerable.  The more open ports there are, the more exploits that hackers can use to test or attack against the services that rely on the open ports.

Luckily, we have VPN.  VPN stands for Virtual Private Network.  Big companies love to deploy VPN for their employees.  If you have ever met one of those employees from one of those big companies, you might see this person logins into a VPN network through a laptop when this person is away from the company.  Since big companies are using VPN, VPN must be for the elites only right?  Wrong!  Just about anyone can use VPN to protect oneself, and it doesn’t take a rocket scientist to do so.  If you watch other videos of mine within my YouTube channel, you will see how easy it’s to set up VPN server/service on Windows 8.  Anyhow, the whole idea is to open up less ports for a network so everything within a network can be somewhat more secure.

Using VPN, one can access local area network as if one never leaves local area network all along.  For an example, one can sit at a Starbucks and yet connect to remote services(e.g., APF, CIFS, FTP, SSH, etc…) with local IP addresses.  How is this possible?  Like I said, using VPN, one never leaves local area network!  This is why VPN is definitely a better option than just opening up whatever inbound ports there are for different remote services.  With VPN, all one has to do is to open up one port which VPN relies on.  Through the connection of VPN, one then can just access all services within a local area network as if one has never leave a local area network all along.  In case you don’t know, VPN encrypts data automatically.  This is just another reason why I think VPN is definitely a better solution for remote access.