gift card vs. cool gift

Doing some last minute Chrishanukwandiwaleid shopping today, my friend was telling me why she hates gift cards. If you’re going to give a gift, she said, give an appropriate gift. If you want to give a gift of money, give real money, not a gift card.

When you give a gift card, you are forcing the recipient to shop in a specific store. Maybe they can’t find anything they want there. Maybe it will be a hardship for them to get to that store. How many kilometers away is it? Is it accessible by transit?

When your recipient finds something in it they want to buy, if it costs less than the amount on the card, they might be left with a card that has sixteen cents left on it. Or if they buy something that costs more, they have to give additional funds to the store.

Who does a gift card benefit, anyway?

I’m wondering how many gift cards never get used. Even if each card is left with a few cents unspent, the store benefits. In essence, the gift card is more of a gift to the seller.

One of my favorite stores is a shop called Green Earth, which can be found in Conestoga Mall in the southern Ontario town of Waterloo.

looking at the storefront in the mall

It’s part of a chain, so you might find one in the mall nearest you, too :)

pegboard wall of masks

Find everything from masks…

faerie perched on the edge of a shelf

… to faeries …

a shelf fulh

… little piggies …

Buddha sculpture

… garden gurus …

a Woman is like a tea bag ... you never know how strongshe is until you put her in hot water

… pithy sayings …

Close up of a stuffed tiger's face

… and furry friends.

text reads: what good can come from a day ... that starts with getting up

Full disclosure: I am not affiliated with Green Earth except as a customer.  Green Earth is a great store full of fun and off the beaten path gifts. Chances are you’ll find just the thing for that hard-to-find-the-right-thing-for person on your list. Whatever you need to get for Chrishanukwandiwaleid

Sculptures of hands holding uo two fingers to form the peace  or victory symbol

Tell you what, if you decide it is cooler to buy a fabulous gift rather than a boring old gift card, drop round Green Earth this week.

When you do, make sure to tell them you read about it here in Lothlaurien’s Lore :)


Be Safe Online

hackers or crackers

First, I’m sick of people blaming “hackers” for online security breaches. Hollywood may think that “hackers” are the people breaking online security, but I know too many computer peeps who call themselves hackers, and say a “hack” is a creative solution, not a criminal activity. They call the badguys “crackers.”

Crackers maliciously “crack” open your security, sometimes for fun, the way vandals find vandalism fun, but more often for profit. This is a large part of identity theft; this is the growth are of the crime world.

safe or not

Too often the websites and institutions that are supposed to be keeping us safe online are just making it look safe.

Debit/Credit Cards
: I am so tired of the new “chip cards” that are being foisted on us. Supposedly they are supposed to bring increased security. I haven’t figured out how, exactly. What it does is make the transaction take longer. I have to leave the card in until it is finished. A merchant told me that increases the incidence of forgotten cards. This new technology costs the merchants more (in effect costing us more, too) but does it actually improve our security? Don’t think so.

the appearance of security?

The Internet has happened so fast, most of us don’t understand it. But we need to start taking responsibility for our own security.

After people find themselves victimized by a breach of an email account or a highjacking of a domain name, they start thinking about security. The first thing we look at is the password. Suddenly we think this isn’t enough.

That’s why banks and sites have started adding “security questions.” Not to make us more safe, but to make us feel more safe.

passwords

I’ve heard it said that a username and password is fine if the password is good, and if you keep it secure.

But if your password is “password” or anything:

  1. easily guessable (your birthdate, middle name, dog’s name, etc.) or
  2. simple enough that password cracking software can breach it
  3. a password you use in more than one place
  4. a password stored “in the cloud”

then you are playing with fire.

Any public information is insecure. One thing that would help enormously with online security would be if we were to stop giving out personally identifiable information everywhere we go.

Lie

When I walk into WalMart, I don’t have to show the greeter ID, or tell them where I live. If they asked that, customers would turn around and walk out.

So why should I have to tell a website I visit my name and post code? None of their business. But if they ask, it usually means you can’t get into the site without giving the information. Rule of thumb: if they don’t have the right to ask for the information in real life, they don’t have the right online.

If you buy something from the site, obviously you need to give them the real info. But if you are just shopping, or doing price comparisons, it is none of their business who you are or where you live. The only thing to do is lie.

Find a post code located far away, tell them a made up name. If you’re feeling really adventurous, change your age or your gender. There are also places where you can get disposable email addresses if you need to validate. Like Mailinator.com

The more people with access to your personal information means there is more chance that your personal security will be breached.

public = anyone can find out

Once you have given it out, used it anywhere, online, EVER, it is not secure. Online anonymity is only as anonymous as you make it. The Electronic Frontier Foundation says in most cases all it takes is three personally identifiable pieces of information to find you.

questioning the questions

Adding a “second layer” doesn’t help when the question is “mother’s maiden name” or “elementary school” as the question. Seems to me those “security questions” are rubbish, only giving the appearance of security. When the answer to “security” questions are publicly identifiable information, you end up using public personally identifiable information which identity thieves can use to crack your account.   #FAIL

You can get around this by answering a different question, so the question and answer no longer make sense. Mother’s Maiden Name: Pepperoni Pizza … but then you have to keep track of the question and answer, too, so instead of keeping one password per site you have to keep track of username, password, question, answer and perhaps another question and answer. So now instead of one reasonably secure password, you need a book or file to keep track of it all. This makes it much easier for the bad guys to grab hold of this. So this “security” nonsense can end up being even less secure.

Funny story: I forgot my bank question thing, but was able to get online access back, over the phone, by telling them my mother’s maiden name. This is my BANK. You know, the ones pushing the chip cards.   #FAIL

real security

Better security can be achieved by keeping out malware. Start with a trusted virus protection program. AVG is good. Check for spyware periodically too.

Don’t open suspect email. If anyone you know has had their identity stolen or sitejacked, don’t open email from their old account. Don’t open attachments. Or apps.

I use the Firefox Browser. Before I click a link on a webpage I am new to, I can hover over it with the curser arrow, and the link’s URL appears in the lower right corner of my screen. This way I can see that the link will take me where the site says it will take me.

One of the ways malware find itself onto people’s computers is through security holes in FLASH which allows crackers entry to *your* computer when you upgrade (don’t do it!) or, my personal favorite: javascript.

I use NoScript because when you allow javascript free reign on your computer, you run the risk allowing executable code on your computer. This means that the java script can have a trojan horse in it, it can start a program to do all kinds of things to your computer. Nowadays they don’t usually turn your computer into a brick, at least right away. Usually they will suck information on your family and friends or record your keystrokes and so find your passwords. Malware, viruses etc.

When I come across a website that is broken without forcing me to load Flash, or worse, that has been javascrippled, I leave. The security risks are simply too high.

passwords

Just so you know: if you use your mother’s maiden name as your password, it doesn’t take a cracker to crack it. The seven year old two doors down the block could likely manage it for a laugh.

Internet bad guys just use a different set of tools. Think of your email password as the lock to your front door. Who would you share the combination with?

If you give the combo to the builders, after they’ve done the job, it is time to change it. The beauty of passwords is that they are much easier to change than physical locks are.

When in doubt, change it.

Keep it secret. Keep it safe.