I've already blogged about my love for Minecraft, so the natural next step was to setup our own server for co-op gameplay. It turned out to be a good time too as Amazon is offering free micro EC2 servers for a year.
Getting the server up and running was simple, with a very nice how-to guide on the forums for additional guidance. However, one thing remained, administration.

As a group we all have access to the server, but seeing as its running on Linux and Minecraft is a little flaky, there's a good chance we'll need to restart the application or reboot the server. So what happens if the server falls over when I'm out enjoying a Black sheep? That's where Android steps in. Some very nice programmers have made connectbot, a secure shell application that allows me to SSH into the server and run terminal commands. What makes connectbot even better is that it supports .pem keys, meaning I have passwordless access to the box.

I used Dropbox to copy the .pem certificate to my mobile, set up the server in connectbot, linked to the .pem and that was it. The soft-keyboard interface takes a while to get use to but its easy to learn.

So there we have it, remote SSH access to our Minecraft server via my mobile phone. Now we just have to wait for the Minecraft update so we can use the portal and enter the Nether.

I recently had reason to question the security of my phone which led me to thinking about what services I've placed my trust in.

Back in December I purchased a HTC Hero and quickly found HTC slow at updating the Android OS. Being the geek that I am, I rooted the phone and started using custom ROMS. All was well until last weekend when I installed a new ROM that was so overly customised I was concerned about the safety of my Google account.

I use Google a lot, they have my emails, SMS messages, credit-card details, budget spreadsheets and more. So it's fair to say I prize my Google account and make sure its protected with a strong password. So when this ROM asked for my Google account name and password, it was pause for thought; What's stopping someone from adding code that collects my account details? It hasn't been officially approved. I'm downloading it from a public forum, sometimes from file sharing sites such as RapidShare. The full source code isn't available, and even if it was, how am I sure the binary was compiled from that source? The answer is I can't be sure. I'm taking a risk and placing my trust in the good will of a stranger.

There's always a level of trust asked of us when we use technology. From Window's OS to the Linux kernel, we hope that commercial interests and peer review will protect us. So what happens when small, immature services ask us to hand over our passwords?

One solution is oAuth, eliminating the need to pass your credentials directly but instead deferring to the original provider. This allows for granular control over what data can be accessed and providing a way to revoke that access. Twitter, Android Apps and even Facebook are all examples of this oAuth model.

So it's a shame to see websites still asking for your prized passwords. For example, many social sites will ask for your Google user name and password so it can connect with your friends. This is a bad precedent not only because it trivialise the importance of security but there's no assurance that a rogue employee, error log or cache dump wont let slip your precious password.

So what can be done to protect your accounts? Vigilance, common sense and a small amount of paranoia will all help. Regularly checking and pruning what has access to your accounts, such as your Google account, applying the Duck test, and searching for chatter around any new service are all good preventative measures that will help keep your accounts safe. But its also import to put pressure on those sites that ask for account passwords, pushing them to transition over to more secure techniques like oAuth.

Turns out Internet Explorer 9 requires Vista SP2 or higher to run. I might have actually found a reason to upgrade from XP to Windows 7 now.

With the ever increasing popularity of Netbooks, more and more people are using laptops at work and at home. Yet, I find it disturbing how few people protect their laptops against lose of theft.

Just think for a moment, if you were to lose your laptop right now what information would be on there? Website log in details, facebook passwords, personal emails? What about your IM chat history and all those "downloads"? You get the picture. That's why it's important to encrypt your laptop.

It is not enough to just have a log in name and password, even a novice techy can remove the hard drive and look at the file contents via a HD caddy. To truly secure your data you need to encrypt the data. Encrypted data cannot be viewed without the secret pass-phrase.

So how do you encrypt your laptop? Well that all depends on your laptop's Operating System. The most popular OS is still Windows and for that TrueCrypt is the best option.

TrueCrypt is an open-source encryption tool that can secure data in many different ways, but one of its more impressive features is the ability to encrypt your entire Windows hard-drive. It will sit in the backing and work away at securing all you data. Once finished, every time you boot up you'll be asked for the secret pass-phrase, without this no-one can view the data contained within.

Unfortunately, TrueCrypt does not currently support full drive encryption on Mac or Linux systems. However, both of these come with their own solutions. Mac has FileVault and the Ubuntu distribution of Linux now comes with an install option to encypt users /home directory.

Whatever solution you use, it is essential to secure your data. With free and built in solutions now available on all platforms, there really isn't any excuse not to encrypt your laptop.