Category Archives: Internet

David Mabus ARRESTED in Montreal

Posted on by

Dennis Markuze, a.k.a. David Mabus, is being investigated by the Montreal police following a petition on change.org for them to take his thousands of death threats seriously. An arrest was made today: we can safely assume Markuze was the one taken into custody (this is further confirmed by Tim Farley’s excellent blog post on the matter.)

I was Mabus’d precisely twice; both times were on Twitter, with a charming poem about James Randi (viz. something resembling a corrupted text file of Nostradamus predictions with the vowels missing.) Neither time particularly unsettled me. In many ways, it was pleasing to know that he’d noticed me (finally, after some three years active in the skeptical “sphere” on the Web.)

The alarming thing is that he had been going at his spamming, obsessively, for over a decade. In the case of PZ Myers of Pharyngula, it was at the stage where the first thing he did every morning on turning on the computer was to bulk-delete Mabus spam.

There is a stage where one has to say that enough is enough. This man clearly had some kind of mental deficiency, and the fact he had, on more than one occasion, turned up in person to harass his targets was a cause for alarm bells.

I can only hope that now he is in custody, this man gets the psychiatric help he clearly needs.

On passwords

Posted on by

On Friday afternoon, I was on a train from Gatwick to Reading when I received an unusual text. It was a verification code from Google for their two-stage authentication mechanism.

For those unfamiliar with it, Google offers a two-stage authentication system for their accounts (which offer single sign-on over Gmail, Google Reader, YouTube, et al.) This works as such:

  1. You enter your password to sign in to your Gmail account.
  2. Google sends a text, with a six-digit verification number, to your mobile phone.
  3. You enter this number (being the sole person with access to your phone) and Google, hence, knows it’s you and lets you in.

This is perfect for the paranoid, and, being slightly paranoid myself, I was a little unsettled by the fact that I hadn’t attempted to log in to my Google account from anywhere. (I couldn’t, as I’d been on a train.)

After alighting from said train at Guildford, and heading home via two more trains and a couple of buses, I went home and promptly forgot all about it. However, by 12pm today, I’d received two more unsolicited Google verification codes.

Google verification codes

Hmm...

This was more of an alarm bell. I hadn’t made any attempts to make a fresh login to my Gmail account in that time. Ultimate conclusion? Someone might know my Gmail password.

Therefore, at 12pm today, I changed my Gmail password (for probably only the second time since I got it.) I also updated my Twitter and PayPal passwords while I was at it.

Considering how much of my work on computers revolves around my Google account, the prospect of someone jacking my account was, to say the least, disturbing, if not simply terrifying. Therefore, this story has three morals:

  1. For god’s sake, turn on two-factor authentication. It’s easy to do as long as you have a mobile phone.
  2. Be alert for suspicious activity, and avoid reusing passwords.
  3. Make your passwords very strong, but don’t change them too frequently. One strong password every three years is better than a weaker, easier-to-remember (and guess) password every three weeks.

One of the projects I’m hoping to work on in the vast summer desolation ahead of me (providing I can’t find a short-term job, which, unfortunately, is looking increasingly unlikely) is a memorable password generator, that builds passwords out of symbols, nonsense words and numbers. There will probably be a version for Windows Phone, and almost certainly a version for desktop Windows.

Until then, ladies and gentlemen, stay safe.