Security, Sidestep and Google Accounts

In the wake of several crude hack attempts, ostensibly by members of the Qadiani Ahmadiyya cult, I decided to play it safe and up my email security. I now use two-step verification, which I recommend to anyone interested in keeping their digital identity protected. As more and more of our lives become digital (how many people no longer need to do their Christmas shopping anywhere other than on-line these days?) we need to take more precautions with our email addresses, google accounts and passwords.

I tend to use quite ridiculously strong passwords, sometimes opting for long pass phrases and at other times choosing random characters. I don’t remember them, I have 1Password for that, except for when I’m at work, but I tend to keep my private life and work life quite separate, so if there’s anything personal I need to do, I prefer to use my own machine from the comfort of a nearby coffee shop, and that’s where I run into a little snag.

You see, most coffee shops use open WiFi, with no WEP, never mind WPA or anything fancier, so unless you’re using https login for your gmail, pretty much everything you’re sending over the air can be captured by a person running Firesheep as a plugin in an older version of Firefox. Then you’re stuffed. So I use Sidestep to get me hooked up to a proxy server. I’ve also used it to connect to my VPN on an Amazon EC2. I really don’t consider myself an expert in any of these things, but I can do what I need to follow instructions. Sidestep automatically directs me to a proxy if I happen to be on an open line, and leaves things alone if I’m on an encrypted wireless network, as I often am at home.

Sadly, Sidestep interferes with Google’s 2-step verification and Mail’s GMail integration gets confused. At home then, I have to disable Sidestep rather than leave it running and at a coffee shop, I will just have to go to gmail through my browser, or leave it for the iPhone.