Adam Rice

My life and the world around me

Tag: spam

Search tip

A couple of nights ago, Gwen used the phrase “Googling for something on America’s Test Kitchen” instead of “searching for…”, which just reinforces that Google has become a synonym for search.

Google search results are often polluted by irrelevant links to commercial websites like bizrate and dealtime, though. Wouldn’t it be nice if there were a way to avoid that? There is: use Give me back my Google.

It would be even nicer if you could search via GmbmG right from the search field in your browser. And in fact you can, but you’ll need to set it up first

Safari

Safari does not let you customize your search field out of the box, but there are some hacks like Glims that add this capability. Once you’ve done that, you’ll need to add GmbmG to Glims as a custom search engine and teach it the specific search syntax that GmbmG uses. It is:
http://www.givemebackmygoogle.com/forward.php?search= search key

Firefox or Internet Explorer 7+

These browsers support something called the “open search description document,” which makes adding a new search engine dead-simple. I have no idea how this works in IE, but in Firefox, just install this plugin (which I created, not the creator of GmbmG—the plugin is currently listed as experimental, but it’s perfectly innocuous, I promise) and it will add that site to the list of search engines your browser uses.

Mailpass

Bank of America has a smart idea they call “site key” as a defense against phishing. Logging into their site is a two-step process: you enter your username, which takes you to another page to enter your password. On this second page there is a picture that you have previously chosen from among many pictures, accompanied by a descriptive word that you typed in yourself when you chose that picture. Barring a security breach, it would be essentially impossible for a scam artist to reproduce this.

Something like this could be applied to e-mail, to help identify it as legitimately from the bank (or paypal, or ebay, or any other institution susceptible to phishing attacks). When the user sets up an account, they type in a unique, memorable phrase that is completely unrelated to their password. This phrase will then appear in all e-mail from that institution to help identify it as legitimate. I’m calling this key phrase a “mailpass.”

I can imagine a technical objection to this, and a related psychological objection. The technical objection is that with rare exception, mail is not encrypted. So the mailpass will be sent as plain text over unsecured channels, making it vulnerable to interception.

Which leads to the psychological objection. Because a phisher could intercept and use your mailpass, the mailpass would need to be viewed as a necessary proof of authenticity, but not a sufficient proof. This point could easily be lost on a lot of people, and there would need to be plenty of attendant scare-language to the effect that you cannot count on a correct mailpass to be rock-solid proof of authenticity, should always exercise due care against scammers, etc.

But mailpass would definitely make e-mail filtering a lot easier. If I were to get e-mail from paypal that lacked the mailpass, I could confidently route it to the trash without even looking at it. And I can’t think of any other reasons this would be a bad idea, though I’m sure someone out there could.

© 2017 Adam Rice

Theme by Anders NorenUp ↑