Profile cover photo
Profile photo
Daryl Gibson
Trying to make the world a better place.
Trying to make the world a better place.

Daryl's posts

Post has shared content
Wait until he gets out of the car...
Nearly every day, I see Google's self-driving cars on the perimeter of our Mountain View campus. I haven't yet set foot in one. But a man named Steve Mahan got to drive one. See his experience in this video and see why this innovation is special.

Post has attachment
Is your most secure content hiding behind your most insecure password?

Many of us, stung by hacking attempts or scared stiff by media reports, have thought up pretty secure passwords for our online banking -- and that’s as it should be. Your online banking passwords should be passwords that are impossible for a would-be attacker to guess from learning about you. Preferably, financial passwords should be passwords that are either constructed from nonsense words and phrases, mixed with numbers and punctuation and numbers, or are passwords that are random -- something that has been generated by a random password generation program, or a phrase that is chosen at random from a book close to hand, then obscured in some way with misspelling, numbers and punctuation and then memorized.

So we do this for the dramatic passwords -- the ones that get at our money or or important materials, but what happens if we forget our password (I’ve done it when I’ve come back to a system that I haven’t interacted with in a while)? We choose the “reset password” link -- and it sends a reset code to your email box.

And if you’re like many people, that email box has the most insecure password you have -- it’s probably the oldest one, it’s likely one that you have never thought about toughening up, and it’s possibly known by various programs on Facebook, Twitter or your personal computer. It’s also the password that’s most easily stolen when you’re using an unsecured wifi link in a hotel or a cafe -- because your phone or tablet is constantly checking email, and it may be transmitting your password in the clear.

Once your password to your email is stolen, thieves look through your email for your banking statements, reset those passwords, and send money all over. They also send out silly emails to your contacts, pretending to be you, with woebegone stories about how you’re stuck in a jail in Wales or are stranded in Paris after someone stole all your money.

So how do you work against this?

1. If you’re using Gmail or have a Google account, turn on two-step verification. This service puts an extra layer of security on your logins -- and it alone is worth changing to Gmail if you don’t use it. It requires that a potential thief have your phone to authorize your login -- they can have your password and without your phone, they can’t get in. It’s discussed at Plus, don't use unsecured wifi, or if you do, only use it when communicating via https:.

2. Turn on whatever alerts and safeguards your bank allows. Set alerts for wire transfers, or if possible, prohibit wire transfers. Keep track of your checks and deposit slips, your credit cards and ATM cards. Set up every alert that they offer for balance alerts and set the numbers low. Thieves will try and get as much money as possible the first time out -- make it more difficult for them to get at it.

3. Get a credit monitoring service, and use it. All the big three credit report companies offer them, and many offer them through your bank, or your credit card company.

4. Use ATMs at your bank, not at some strange convenience store. Even then, inspect the ATM before you put your card in the slot -- sometimes thieves can make mini-card readers that look like they belong. If it looks odd, go somewhere else.

5. Don’t use your ATM card at gas pumps. Use a credit card, which offers you more security against fraud. With your ATM card number and your PIN, a thief can empty your bank account sooner than you can notice it, but with a credit card that you pay in full each month, you get safeguards against fraud, and if your credit card is issued by a paranoid company such as Capital One or American Express, they’ll catch the fraud long before you see it.

6. Keep your computer protected against spyware and viruses. Any computer can have viruses and spyware, but Macs are currently less likely to have them because PCs have a greater market share. One of the big vehicles for spyware intrusion is “free art” or “free music.” They can carry a payload that will give a thief a window into your business.

7. Watch what applications you install on your phone or tablet. Your phone or tablet may give a thief a window into your accounts, just by installing an application that monitors what you do while it makes annoying farting noises to amuse your friends. Apple says they watch the applications that they offer, while Android tells you before you install or update an application what it has access to. In either case, consider adding a third-party application to look for malware and keep track of your phone.

8. We all know the stupid Nigerian email scams, but many of the worst scams claim to be from your bank, your company, your credit card provider, or my favorite, the IT help desk. Don’t click on any link in any such email, no matter how innocuous it may appear. If you get a scary email from your bank, go to the bank’s website itself to check it out; don’t click on the link in the email. Don’t give anyone your login and password, no matter what kind of yarn they spin in their email to you. Be careful.

9. Be an advocate for better security. Ask your bank to toughen up their security on their banking site, if they seem too easy. Write your congressman and ask for tougher laws on credit fraud. Become a victor by taking on the people who would take you on instead.

10. Lastly, be aware of how you connect. Use https for logins like Facebook or Twitter. Log out when you’re done reading people’s posts, and playing Farmville. Tighten up your security, and for goodness sake, don’t spread your birthday all over the web. Be aware of where you are, what you’re doing, and who you’re doing it with. Keep just as aware as you would be if you were wandering around using an ATM in a bad part of town, at night!

Daryl R Gibson

Post has attachment
As a general rule, I dislike public transportation, but I find this article about Google's influence in it to be fascinating.

Post has attachment

Post has shared content

Post has attachment
Here's a nice piece in Forbes about why Wells Fargo is such a great bank. It's led by great people with great ideals.

Post has attachment
Here's a link to our latest Brimhall Building webcam movie, showing 2011 as seen at 10:01 a.m. each day from our offices on the east side of BYU's Brimhall Building. Probably the last of these 10 a.m. videos that we'll put together, since the computer systems and people here will be different in the future. We've got three years up now.

Post has attachment
It's past time for banks and other financial institutions to start supporting 2-step authentication, ( such as Google Authenticator. With the proliferation of various virii and spyware that can read keystrokes, a time-based authentication process such as this can lock potential thieves out of bank accounts, even if they have the password. At least make it optional for those of us who are security-aware. I notice that Stanford is now using 2-step authentication for some of their more sensitive areas, ( and they are recommending Google Authenticator, which is available for multiple smartphone platforms. For the Google-adverse, Amazon offers the AWS Virtual MFA, which is compatible, or there are multiple hardware-based solutions. Share if you think this is important.

Post has shared content
The Muppets explain the world...
How the world really breaks down:

Post has attachment
I found this quite comforting in these trying times.
Wait while more posts are being loaded