|
Patch reliability is unclear. Unless you have an immediate, pressing need to install a specific patch, don't do it. |
Patch Lady here with a kind reminder that at this time the release of 1809 has been paused while Microsoft investigates. If you’ve been hit by the bu
[See the full post at: Patch Lady – 31 days of paranoia – day 6]
Susan Bradley Patch Lady/Prudent patcher
An alternative to going with “free” services, where retention of control could be a problem, is to purchase web services from a provider such as iPage or GoDaddy (just a couple of examples off the top of my head; there are more).
For a small initial fee and few dollars a month ongoing you can get not only your own domain name, but eMail and web services.
For example, let’s say you like a domain name, e.g., “MyLittleCornerOfThe.net” (I have no idea if this particular domain name is specifically available, though there are ways you can check; this is just an example; you pick your own).
You could purchase a lease for the domain MyLittleCornerOfThe.net and sign up to pay for ongoing web services from e.g., ipage.com.
You get, for those relatively few dollars a month, a number of xxxxxx@MyLittleCornerOfThe.net eMail addresses, and even a web page http://www.MyLittleCornerOfThe.net to which you can publish your very own web site. I’ll concentrate on how this affects the thread subject (eMail) here…
A. Your account comes with a master username and password that you use to maintain everything about your account with the web provider, including administering your eMail setup.
B. Logged in with the above account credentials you create individual eMail accounts. Let’s say you set one up as JoeSmith@MyLittleCornerOfThe.net and assign a password to it.
C. Per the web provider’s instructions, you make connections to POP / SMTP servers to connect your eMail clients (e.g., on your computer or in your smart phone), and you supply the info you set up in step B above to make the connections.
D. There is typically also a web interface to the mail server that you can log into using the information from step B, and which allows you to access your eMail via any web browser.
How does this specifically apply to the subject of this thread?
1. If somehow you DO lose control of an eMail password, you retain control of your master account password and can use that to reset a password for a specific eMail address, taking control back.
2. Your web provider provides a method to contact them for support. Since you’re a paying customer, they actually will respond if you have a problem. As a fallback they can reset your master or eMail passwords, etc.
3. You control your domain and eMail account management for as long as you’re willing to pay for it.
4. Your mail interface is not be one of the widely known free ones, so fewer people will know even where to start to try to hack your account. Security by obscurity is not strong, but it DOES reduce your risk somewhat.
I’m not suggesting you go out and buy web services just for retention of control alone, though what I’m saying is that actually paying for web/eMail services can provide some value.
It can be daunting at first to think about creating your own domain and setting up eMail accounts but many, many people have done it and it does provide some advantages, including better retention of control and support if you have problems.
Just sharing my experience.
-Noel
This is pretty much why I recommend services like Fastmail. It is partly a hosting service, but less expensive, with a focus on recoverable email accounts. They have backup which can usually recover recently deleted email messages, sometimes even Files and Notes.
A local (and backed up) desktop email client is also part of my arsenal against hacked or otherwise messed-up web based email accounts. Not foolproof, but I do have local copies and backups of email messages, updated on a regular basis. The same can be done for most messaging services, except “ghost chat” types of services where the messages are automatically deleted after a short period of time, no matter where they are stored. (Although, SnapChat has been bypassed successfully by law enforcement, so they can find “deleted” messages and images.)
As for lock-outs, Google and others are going increasingly over to FOBs and dongles based on YubiKey or FIDO2. For my Microsoft account, the recovery phone number is a cable-company landline, which removes the cell phone from the equation. But a FOB, as long as you don’t lose it, seems to work well. Better than a text message to a phone. Nothing is perfect, not even our own DNA. Anything can be spoofed or hijacked.
-- rc primak
? says:
thanks Noel, “retention of control,” has it’s price. Verizon\Oath\AOL decided to monetize my inbox a couple of weeks ago and on last check a few minutes ago there are 75 spam messages waiting for my enjoyment. I see that this particular problem can be alleviated if i will only start paying for the previously free control of the inbox.
Anonymous ( #222587 ),
So you think that you are getting all that spam because you got yourself a “master account”?
Just to compare notes:
I don’t have a master account and also believe I have the same ISP as you do, but not a lot of spam these days. And whatever little I get is almost entirely from companies and organizations “just keeping in touch” after I bought something from or had some other dealings with them, that I can (and mostly do) unsubscribe to right away. Very, very few. Also, it is not quite a free email service, as I am being charged, without ever been asked, by the way, at least that I can recall, some four dollars every month by AOL (now a Division or some such of Verizon, that first bought them and, last year, farmed out their email business to them). The only mails I get that I would consider to be persistent spam are from AOL itself: some occasional offers of free software to “improve my PC experience” by tuning up my OS and that sort of thing.
It is not a bad situation for me as of now. After reading your entry, I now wonder if it will stay the same for much longer. Was it the same for you before you got that master account? Thanks.
Ex-Windows user (Win. 98, XP, 7); since mid-2017 using also macOS. Presently on Monterey 12.15 & sometimes running also Linux (Mint).
MacBook Pro circa mid-2015, 15" display, with 16GB 1600 GHz DDR3 RAM, 1 TB SSD, a Haswell architecture Intel CPU with 4 Cores and 8 Threads model i7-4870HQ @ 2.50GHz.
Intel Iris Pro GPU with Built-in Bus, VRAM 1.5 GB, Display 2880 x 1800 Retina, 24-Bit color.
macOS Monterey; browsers: Waterfox "Current", Vivaldi and (now and then) Chrome; security apps. Intego AV
Parallel to Noel’s items A/B and 1:
When I first create my email access at an ISP.com, I define a ‘master’ account.
Then I define sub-accounts for the users in the family.
The master account is not used, but it can exercise all authority over the sub-accounts.
Should an in-use [sub-]account be compromised, it can be either reset from the master, or, if bad enough, just deleted.
Donations from Plus members keep this site going. You can identify the people who support AskWoody by the Plus badge on their avatars.
AskWoody Plus members not only get access to all of the contents of this site -- including Susan Bradley's frequently updated Patch Watch listing -- they also receive weekly AskWoody Plus Newsletters (formerly Windows Secrets Newsletter) and AskWoody Plus Alerts, emails when there are important breaking developments.
Notifications
