Skip navigation
All People > Giulia > Giulia's Blog > 2017 > January
2017
Giulia

Quick Bit of Info

Posted by Giulia Champion Jan 30, 2017

Add a Comment VS Reply

 

If you click on the blue "reply" link at the bottom right of someone's response, you're essentially responding to their post  specfically and they will get notified (though everyone else will also get to see your response).  If you want to respond to the author of the blog, then go to the very bottom of the document and click on the red "add a comment."  The two buttons act in slightly different ways.  If someone has unsubscribed from the general comments, for example, replying to their particular response will get their attention, I think.  Either way the author of the piece (and everyone else) will see you comment.  It just makes it a little more easy to understand who's commenting to whom.  If this makes any sense whatsoever.  

Giulia

I'm ready to JIVE. Are you?

Posted by Giulia Champion Jan 24, 2017

We're gona learn some new dance steps here.  It's gonna be fun!  More functionality.  More opportunities to communicate in different ways.  It's gonna be a whole new world.

 

Giulia

Giulia's Profile

Posted by Giulia Champion Jan 23, 2017

Description  If you still want one - you're still vulnerable.  Protect your quit! 

 

Young enough to know better, old enough to better know.

 

If you preach it, practice it.  And don't take the Truth as criticism!

 

I quit smoking March 1, 2006. I smoked a pack and a half a day for about 35 years. What did it take to get me smoke free? Perseverance, a promise not to smoke, and a willingness to be uncomfortable for as long as it took to get me to where I am today. I am an Ex but I have not forgotten the initial difficult journey of this rite of passage. That's one of the things that's keeping me proudly smoke free. I don't want to ever have another Day 1 again.
You too can achieve your goal of being finally free forever. Change your mind, change your habits, alter your focus, release the myths you hold about smoking. And above all - keep your sense of hewmer.  DAY WON - NEVER ANOTHER DAY ONE.

 

Website

http://community.becomeanex.org/pg/profile/bex_user_138672

 

Location

Tennessee (if you want to contact me, hover over my G, then click on Message and I'll get back to you.)

 

Interests

Helping you become and stay smoke free and  keeping myself so.

 

Skills

Whadda ya need? I quit smoking March 1, 2006.  A skill I hope to pass on.  

 

 

======================

Be selfish with your quit - selfless with your support

 

((((((((((((((((Desist, Resist, Exist)))))))))))))))))


The following items are active links.  Click to get there:

 

IF YOU WANT TO CHANGE YOUR LIFE, CHANGE YOUR MIND

 

 RELAPSE TRAPS

 

100 DAYS OF QUITTING

  BEST OF EX

 How to Manage Cravings

       Why Quit.com Videos

           

      NICODEMON'S LIES

              

       Allen Carr's  The Easy Way to Quit Smoking (PM me)

               

         NOPE SONG

     
            NO MAN'S LAND
                             

       Disclaimer:  The views and opinion expressed by this member reflect nothing but their own “take” based upon their years of quit experience.   Please take what you like and  leave the rest.  

     

       BUT - If I've offended, let me know and let’s have an interesting dialogue.  My aim is to help.  If you don’t think I’m doing so, I need to know why so I can be a better supporter.  Let’s talk about it.

     

       The photo slide shows below were taken by me.

 

ZOO

          FALL

                         SHROOMS!
FABULOUS LYNX (Links to incredible creativity and talent.)
    

      

     

      
      
        Having a craving? Click on one of the links below. It'll take your mind off it and - POOF - before you know it, it'll be gone! (If any of these links doesn't work, please let me know.) 

        

       It's always spring here.  Life of Flowers.  (Click on the play button to start the video.) 

      The Beauty of Pollination

      TED Talk:  Brene' Brown's Vulnerability     

       Scott Wade's Dirty Car Art  (click on Grime Scene then on Imagine Gallery.  Then on any image to enlarge it.    

       Ethan Law Cyr Wheel - Takes hula hoops to a whole new level!     

       Tim Minchin UWA Address     

       TED Talk:  Virtual Choir     

       TED Talks:  Compassion     

       TED Talks:  Monkey Marketplace     

       Color Personality Test

       The Year You Were Born (enter you birth year when you get there)

       Thousand-Hand Guan Yin (They're all deaf by the way)

        A Woman from the Inside Out

       Just Imagine by Ilana Yahav

     Our Amazing Universe (Once it's downloaded, click on the "manual" button to slow it down (or you can move the little bar to the right to slow it down.)

       Ashes and Snow  (Click on the bottom video, then enlarge it so that it's full screen.)
       Women in Art
       Women in Film

       Stacey Westfall no reins, no saddle - just a girl and a horse

       You've Got a Friend
       Buddy Greene Harmonica
      Louis Armstrong & Danny Kaye
       Fred & Ginger II

      Hope & Cagney

       Ron Mueck Sculpture  (Warning:  graphic images)     

       Tina & her Partner
       Opera with Paul Potts
          

     

      

    

       

          

        

     

        

     

        

    

 

A friend sent me the following information and I thought it very important for all of us.  I've edited it slilghty to take out certain links.  If you want to read the whole thing go to:  https://www.wordfence.com/blog/2017/01/gmail-phishing-data-uri/

Wide Impact: Highly Effective Gmail Phishing Technique Being Exploited

A new highly effective phishing technique targeting Gmail and other services has been gaining popularity during the past year among attackers. Over the past few weeks there have been reports of experienced technical users being hit by this.

This attack is currently being used to target Gmail customers and is also targeting other services.

The way the attack works is that an attacker will send an email to your Gmail account. That email may come from someone you know who has had their account hacked using this technique. It may also include something that looks like an image of an attachment you recognize from the sender.

You click on the image, expecting Gmail to give you a preview of the attachment. Instead, a new tab opens up and you are prompted by Gmail to sign in again. You glance at the location bar and you see accounts.google.com in there. It looks like this….

You go ahead and sign in on a fully functional sign-in page that looks like this:

GMail data URI phishing sign-in page

Once you complete sign-in, your account has been compromised. A commenter on Hacker News describes in clear terms what they experienced over the holiday break once they signed in to the fake page:

The attackers log in to your account immediately once they get the credentials, and they use one of your actual attachments, along with one of your actual subject lines, and send it to people in your contact list.

For example, they went into one student’s account, pulled an attachment with an athletic team practice schedule, generated the screenshot, and then paired that with a subject line that was tangentially related, and emailed it to the other members of the athletic team.

The attackers signing into your account happens very quickly. It may be automated or they may have a team standing by to process accounts as they are compromised.

Once they have access to your account, the attacker also has full access to all your emails including sent and received at this point and may download the whole lot.

Now that they control your email address, they could also compromise a wide variety of other services that you use by using the password reset mechanism including other email accounts, any SaaS services you use and much more.

What I have described above is a phishing attack that is used to steal usernames and passwords on Gmail. It is being used right now with a high success rate. However, this technique can be used to steal credentials from many other platforms with many variations in the basic technique.

How to protect yourself against this phishing attack

You have always been told: “Check the location bar in your browser to make sure you are on the correct website before signing in. That will avoid phishing attacks that steal your username and password.”

In the attack above, you did exactly that and saw ‘accounts.google.com‘ in the location bar, so you went ahead and signed in.

To protect yourself against this you need to change what you are checking in the location bar.

This phishing technique uses something called a ‘data URI’ to include a complete file in the browser location bar. When you glance up at the browser location bar and see ‘data:text/html…..’ that is actually a very long string of text. If you widen out the location bar it looks like this:

GMail phishing data uri showing script

There is a lot of whitespace which I have removed. But on the far right you can see the beginning of what is a very large chunk of text. This is actually a file that opens in a new tab and creates a completely functional fake Gmail login page which sends your credentials to the attacker.

As you can see on the far left of the browser location bar, instead of ‘https’ you have ‘data:text/html,’ followed by the usual ‘https://accounts.google.com….’. If you aren’t paying close attention you will ignore the ‘data:text/html’ preamble and assume the URL is safe.

You are probably thinking you’re too smart to fall for this. It turns out that this attack has caught, or almost caught several technical users who have either tweeted, blogged or commented about it.  There is a specific reason why this is so effective that has to do with human perception. I describe that in the next section.

How to protect yourself

When you sign in to any service, check the browser location bar and verify the protocol, then verify the hostname. It should look like this in Chrome when signing into Gmail or Google:

Gmail phishing secure URI example

Make sure there is nothing before the hostname ‘accounts.google.com’ other than ‘https://’ and the lock symbol. You should also take special note of the green color and lock symbol that appears on the left. If you can’t verify the protocol and verify the hostname, stop and consider what you just clicked on to get to that sign-in page.

Enable two factor authentication if it is available on every service that you use. GMail calls this “2- step verification” and you can find out how to enable it on this page.

Enabling two factor authentication makes it much more difficult for an attacker to sign into a service that you use, even if they manage to steal your password using this technique. I would like to note that there is some discussion that indicates even two factor authentication may not protect against this attack. However I have not seen a proof of concept, so I can not confirm this.

Google have modified the behavior of the address bar in the past to show a green protocol color when a page is using HTTPS and a lock icon to indicate it is secure.

Gmail phishing secure URI example

They also use a different way of displaying the protocol when a page is insecure, marking it red with a line through it:

During this attack, a user sees neither green nor red. They see ordinary black text:

That is why this attack is so effective. In user interface design and in human perception, elements that are connected by uniform visual properties are perceived as being more related than elements that are not connected...

 In this case the ‘data:text/html’ and the trusted hostname are the same color. That suggests to our perception that they’re related and the ‘data:text/html’ part either doesn’t matter or can be trusted.

Update: How to check if your account is already compromised

I’ve had two requests in the comments about this so I’m adding this section now. (at 9:39am Pacific time, 12:39am EST).

There is no sure way to check if your account has been compromised. If in doubt, change your password immediately. Changing your password every few months is good practice in general.

If you use GMail, you can check your login activity to find out of someone else is signing into your account. Visit https://support.google.com/mail/answer/45938?hl=en for info. To use this feature, scroll to the bottom of your inbox and click “Details” (very small in the far lower right hand corner of the screen). This will show you all currently active sessions as well as your recent login history. If you see active logins from unknown sources, you can force close them. If you see any logins in your history from places you don’t know, you may have been hacked.

Spread the word

By Mark Maunder

Giulia

HOW MANY WILL IT TAKE?

Posted by Giulia Champion Jan 13, 2017

This post was originally written by Mike.n.Atlanta

Unfortunately it seems to need constant updating.  Feel free to add to it.  The more names, perhaps the more impact.  And perhaps it will awaken one "on the fence" quitter who hasn't yet made the life and death commitment to be Free.  This is why we don't take smoking lightly here.  As Nanawendy said:  "Sometimes while waiting for the right time to quit, we run completely out of time."

 

  
   
    
      Mike.n.Atlanta     

9 badges

    
   
   

Life or Breath

   

August 26, 2015 by Mike.n.Atlanta 

  
  
   
    

cancer, stroke, copd, emphysema, heart attack, heart failure

    
     

Was asked to update & repost this.

    
   
  

I can’t say that I’ve suffered more personal losses than anyone else here. It just seems like it to me. I know only of those lost that are dear to my heart. It’s never an easy thing to lose the ones we love. No matter how long we have to prepare for the day they slip into the darkness we’re still not ready when it happens. Your loved ones won’t be ready either.

For those who think me overly dramatic when I say this is a matter of life or death, just ask my mother & father, sister June, brother Levin, Aunt Nancy  & my grandmother, sister in law Sue, Uncle Pete & Uncle Harold, or my friends Ronnie & Willard, JL, Mac & Butch.  Dale’s Aunt Dorothy, Uncle Ed & cousin Curt. Ex Nancy’s grandmother, neighbor Karen, uncle & sister in law or her neighbors husband.  Connie’s stepfather JP & Uncle Chuck. Kris’s Mom. Jessie’s Dad only 2 days before her high school graduation. Ryan’s mom when he was only 17, Teresa’s friend Paul, her sister in law & uncle, Laura’s (Michwoman) Mother, Patty-Cake’s Grandfather, uncle & brother in law, Joyeuxencore’s dad & grandfather, Misty@Dawn’s dad, grandfather & ex-husband or Tigerladie’s dad, Harvey D’s wife, Giulia’s friend Kiel, Sharon’s Mom & Dad, Jennifer’s Mother, Moody’s stepdad & Ann B’s Mom. Wait a minute…you can’t ask any of these people…they’ve all died from lung cancer & other smoking related illnesses.

These are all loved ones & friends that we will see no more. Don’t let this be you to your children & loved ones. Make a commitment…I’m just sayin.

Keep on keepin on,

P.S.- Here’s a little something to chew on. Of the members I listed above, how many are still active here? We’re all gung ho to encourage & praise our active members. How bout we reach out to those friends of ours we haven’t seen around in a while. Maybe they’re good in their quit & still living smoke free…but then maybe we didn’t reach out enough when they were here & they felt no one cared.

=================

a/o 1/13/17

Mike's cousin Earlene. 

Kim-1-6-16's  Nanny

xsaffron's Grandorie and Bumpa, died from lung cancer 

Ninepatch_7_27_12's aunt, lung cancer age of 47 & cousin's husband. 

Doris's nephew, lung cancer age 39

hairspaz's father (small cell, lung cancer)

jojo29's mother, lung cancer

BonnieBee.quit.2.8.15's mother & first cousin - lung cancer

msgardengirl320's long time friend - lung cancer

Grey1's mother - lung cancer

Kate77's mother - lung cancer

serpas97's mother - lung cancer

ladyhawk3's dad - lung cance

Mysterious_Stranger's grandmother - lung cancer

Brenda_M's grandfather - lung cancer

Sandee's sister (age 44) & mother - lung cancer

elvan's dad - lung cancer     

And the list goes on.....

Filter Blog

By date: By tag: