We've got inboxes over here, inboxes over there, boards here, there, tweets, docs, posts and shares. It's almost too much to keep straight. Fortunately, there are little helpers out there. I've found two I love, and I'll show you how to use them. One is free, the other is in closed beta, but there are invites below! If you've got other suggestions, please feel free to share them in the comments.

Greplin: For Finding Your Stuff

Greplin is the way I find that one online thing I'm looking for. It's a fast search engine that can index a whole bunch of common cloud services many of us use. Once it's done crawling for the first time, you don't have to wait for a second. You type in your search query, and Greplin brings back an organized list of everything in your cloud-life that matches.

It can search Gmail, Google Calendar, Google Docs, Google Reader and Google Contacts (as well as the professional Google Apps versions). It searches Dropbox, of course. It searches Facebook, Twitter, Tumblr and LinkedIn. It's got Delicious and Pinboard. It has Yahoo Mail. It even searches Reddit. And these are all free. Premium users can search Evernote, Yammer, Salesforce, Basecamp, Highrise and Campfire. All of these services in one search.

Some of them you have to unlock by inviting friends. That's okay. Invite your friends. They'll thank you for it.

Here's Greplin in action:

Yes, you're reading that right. My Greplin has (at press time) 1,106,324 documents in it. Every search is instantaneous, though. I can filter the results by service (Twitter, Google Reader, whatever) as well as by type of content: events, files, links, messages, notes, people and streams. Clicking on each service on the left sidebar tells you its status and how many items are indexed.

Greplin's premium service is $4.99 a month or $49.99 a year. But basically every consumer service, and even the Google Apps service, is available for free. Evernote is in premium, and that's a very tempting hook for power users. But it's amazing what the free version of Greplin can do. In addition to the Web version (which works on mobile), there's a free iPhone app, and it's killer.

What About Sensitive Stuff Like Logins & Passwords?

User names, passwords, ID and credit card numbers are hard to remember, too, and we need to use them often online. But it's not a good idea to keep those in a cloud-hosted service like the ones Greplin searches. It's best to keep those in a secure service if you're going to store them on your computer at all.

Today I found out about Dashlane, which will do just that. It's a desktop application for Mac and Windows that will remember all your sensitive info so you don't have to. It's also just a convenience; it plugs into your browsers and lets you fill in Web forms with your saved information automatically. It's like 1Password, which is available for Mac, Windows, iOS and Android, but the features are a little simpler.

I've taken it for a spin. It's easy to set up, and it's very secure. It lets you store your contact info, various forms of ID, credit cards and Web accounts. It's also good for shopping online and lets you speed through the checkout process. When you're filling out a form on any Web page, boxes that Dashlane can fill in have a little gazelle (or whatever its mascot is) icon. You click it and drop the info in. No need to remember it or even type it out.

Dashlane is not quite open to the public, but here's a link for RWW fans to get it now! I've been using it all day, and it makes everything faster.

What other services do you use to keep yourself sane online? Share them in the comments.

The trick is to file an impersonation claim. That's the only one Twitter responds to in a timely fashion. This means you have to make a credible case that you or your brand is being impersonated, and the account has to have violated Twitter's inactive account policy. But if you have your ducks in a row, you can have that account in your hands in under a week. Here's how.

Yes, in some cases, that's a big caveat. But it's much easier to get a domain name than a trademark, and you need to establish that the name or brand you're after is indeed yours. You're going to need an email address giving you a credible claim. Having a website, even if the domain is just forwarding somewhere, won't hurt.

For example, the Twitter handle I wanted was @emotikon, which is the name of my musical projects. I own emotikon.co, so I used an email address from that domain throughout this process.

Step 1.5: If you already have a Twitter account with an alternative name, and you just want to change its name to the one you want, skip step 2.

Step 2: Register A Dummy Twitter Account With That Address

Sign up for a new Twitter account using the email address from step 1. The handle can be anything you want. When Twitter liberates your account, they're going to merge it over to the dummy account, so you're saving a step by giving them an existing account to use. I called mine @emotikonTEMP.

Step 3: Report The Account for Impersonation

The form you need is at support.twitter.com/forms/impersonation. Choose the bottom option, "I am being impersonated." When you click that button, more options will appear. Choose the one that applies.

Once you've chosen the right option, a contact form will appear. Fill that out with all the relevant information and be sure to use the email address that clearly establishes your claim to the name. The optional Twitter username is the one from step 1.5 or 2. It says it's optional, but it will save you a step.

Step 4: Wait A Little While

After you submit, you'll get an auto-reply right away. Before too long, a human on the Twitter Trust and Safety team will follow up with you if there are any problems with your submission. If everything is in order, after a perfectly reasonable amount of time, you'll get the glorious email.

After that, the account is yours! When you log in to the account you listed in step 3, it will have the name you've been waiting for.

Victory is mine.

— emotikon (@emotikon) December 13, 2011

Thanks to J.B. at Fusible for showing me how this works. I can't believe it, but it really does!

Storify.com on the desktop is the place to start. You can use Storify to capture a momentous event online, or you can ask a question and curate the best answers. Its uses are almost limitless. I've gotten so much out of it as a blogging tool, and I know you will, too.

Storify rolled out a gorgeous update to its interface yesterday, and now is a great time to start using it. In yesterday's Big Question, we asked, "What's your favorite way to use Storify?" We got some answers, but they were mostly gripes and questions. So I thought I'd offer some suggestions.

Here are a few ways I've used Storify. I hope they'll inspire some cool new ones. Some are just for fun, but others made for great work. Storify is totally embeddable and SEO-friendly, so it's well worth learning as a tool for making your site more social and letting your audience participate.

Storify Breaking News

In the Twitter Age, news unfolds in real time. Some believe that the Twitter-ification of information is harmful, but I couldn't disagree more. Twitter condenses bits of info so that they flow smoothly, rather than in chunks. One tweet is not the story; the whole stream of tweets is.

When an error propagates on Twitter, the correction propagates just as quickly. The real-time, right-now nature of Twitter is just a snapshot. Over a period of time, a whole story emerges. And its not just the story of what happened; it's also the story of how it happened, how we got there and what we learned along the way.

When I noticed Gmail was down on September 23, I tweeted my observation and then started Storifying what I saw. With the torrent of tweets going by, how did I catch the ones I wanted? Great question. I used the Twitter ★ button. Whenever I saw a tweet I wanted to include, I faved it, which made it easy to grab from the Storify favorites tab, which now looks like this:

Storify uses drag-and-drop to move messages from the service tabs - Twitter, Facebook, YouTube, SoundCloud, Flickr, Instagram, Google, RSS, and more coming soon! - into your story. Favorites are a great way to pull out the posts you want, so that they're all right there in Storify and easy to find and drag.

I grabbed the best replies to my tweet as well as other messages about the outage that streamed by. I threw together a breaking news intro, and I just embedded the Storify below the fold. That way, I could just work on the Storify, and every time I clicked 'Save,' the RWW post would be updated with the new messages I added.

It wasn't the most serious story, but it did great, and that's because it was fun! I did the usual, boring updates at the top of the post about what was officially going on, but the Storify part showed what it was like, the experience of the Gmail outage as we Gmail users felt it.

Ask Questions, Storify Answers

Yesterday, a developer emailed me to show me a cool QR code maker he made. I wanted to write about it, but I didn't know how. It wasn't news, and I didn't think a whole review of this one pager was warranted, as neat as it was. So I asked myself, "What is it about QR codes?" Then, I realized I should just ask my Twittizens and my Circlemates!

Now, here's where you stop me and say, "But Jon, there is no Google Plus tab on Storify." And I will reply, you're right, BUT! The Storify folks told us that's coming soon, for one thing, but there are also passable work-arounds in the meantime.

In addition to posts from around the Web, Storify lets you add text and images yourself, and you can add hyperlinks to text. For my Google Plus responses, I decided to put a link to the whole thread in, which pulled in the QR code image I attached to the Plus post, and then I just copied and pasted the text of the answers below, making the names into links to people's Plus profiles. It doesn't look great, but all the info is there:

As an alternative, our community manager, Robyn, used screenshot images of Google Plus posts in her Big Question Storify yesterday. It looks much better, but the text isn't really on the page. That has some SEO and accessibility issues, but it looks better. And my text way was a lot more geeky work. For a service that isn't built into Storify yet, one must decide between these trade-offs.

And hey, Google Plus? If comments had their own permalinks, that would be really nice. Just sayin'.

Anyway, after a great day of collecting, I put together this post by setting up the questions and then embedding the Storify of the RWW community's answers.

Storify And Share Your Favorite People

If you've been following along at RWW, you know that #FollowFriday is my favorite Internet holiday. On Web 2.0, or whatever version this is, sharing people is the best way to find new sources of information and fun.

But #FF tweets disappear into the ether. Storify is a great way to gather up all your #FF recommendations and share them in one place. Check out this Storify post I did on #FollowFriday, July 15, in which I shared my Internet heroes.

How Do You Storify?

There are so many more ways to use Storify to preserve great moments on the Web, and I've hardly thought of them all. Do you have any examples you'd like to share? Post them in the comments!

Follow RWW on Storify

Newsstand is a strange, abnormal feature of iOS. It sucks up your publications, so you can't decide where they go, and it stands out badly from other folders, visually. Fortunately, though this will surely be fixed soon, there is a temporary trick to put it in a folder! All credit to 52 Tiger for discovering this, but it's important to share it with you as a public service.

1. Put two apps that will go in your "news" folder next to each other, and put Newsstand right next to them.
2. Drag the two normal apps together to create a folder
3. Really, really quickly, while your normal apps are merging in the folder creation animation, grab Newsstand and drag it on there.

PLEASE NOTE: You can't use Newsstand if you do this. It will crash. Hard. This is just for getting it out of the way and de-uglifying your screen.

The first tool we discovered (and one I use myself) is a web app from the creator of Reader2Twitter, the tool that automatically syncs Google Reader Shared Items to Twitter. His new Buzz sync service, Buzz2Twitter, uses the pubsubhubbub protocol so that the synchronization between the two services occurs in real-time. However, in our tests, there were some delays which the developer attributed to the particular pubsub hub he was using at the time.

The other features of Buzz2Twitter include:

• The ability to bind your bit.ly account to the service for link shortening
• The ability to format your synced tweets

For a longer review of Buzz2Twitter, check out Louis Gray's post.

2) Buzz Can Tweet

The second service we came across that allows for Buzz to Twitter synchronization is Buzz Can Tweet. This service takes a slightly different approach than Buzz2Twitter. Instead of syncing the exact text from your Buzz update over to Twitter, Buzz Can Tweet syncs your Buzz post with a link that directs your Twitter followers back to your Buzz update itself. This is especially handy for Buzz posts that are longer than the allowed 140 characters available in Twitter. If you're looking to encourage more discussion over on your Google Buzz profile, this may be the tool you want to chose.

In addition to bit.ly integration, Buzz Can Tweet offers a few more customization options, too, including:

• Selective tweeting - that is, only tweet buzz with keyword #twitter (customizable)
• Exclude text after keyword (customizable)
• No link back to Buzz when under 140 characters (customizable)
• Access settings via the control panel.

Those are the only two services we've found so far that integrate this often-requested functionality with Buzz. In the future, the Google Buzz team plans to offer Twitter synchronization as an option, but for now, they have to focus on bug-fixing and design issues. When all the glaring issues have been addressed, they can then worry about adding new features. (In other words, it may be a while!)

If you've tried either of the services above, let us know about your experiences in the comments.

Today, we've come across more even more tips for working with Buzz, including how to add Buzz extensions to your web browser, new ways to subscribe to others' Buzz, and even ways to update Buzz via email. If you're becoming a regular Buzz user, then you'll want to read through this latest collection of tips to take your Buzz skills up another notch.

First of all, a little known fact: did you know that Google Buzz is supposed to be spelled with a lowercase "b"? This comes from Google engineer Cedric Beust who posted this info to his Buzz yesterday. While that may be true, we've noticed that "Buzz" is capitalized in our Gmail inboxes to fit in with the other labels and it's also capitalized on your own Buzz page and when you see the Buzz tab on someone's Google profile. Frankly, we prefer it in capitals and until Google cleans up the inconsistencies throughout Gmail and Google Profiles, we'll think we'll leave it that way.

Now, onto the tips:

1. Get Buzz Browser Extensions

After only being live for two days, there are already web browser extensions for integrating Buzz into your Firefox or Chrome browser. As a Chrome user myself, I've been keeping my eye out for Chrome Buzz extensions - it seemed like Chrome would be the first one to get some sort of add-on. Yesterday, it finally did. In fact, it got two.

The first is the Chrome Buzz extension which adds the Buzz conversation bubble icon to your Chrome browser. When clicked, you can read through all the latest Buzz in the window that displays. Unfortunately though, this is currently a read-only experience. If you want to comment, like, or post new Buzz yourself, you have to head back to your Gmail. However, it's a good first effort from the developer and worth watching for future updates.

A second Buzz extension for Chrome is called Buzzer. This lets you publish to Buzz from Google Reader. This one actually seems a little redundant since you can add your Google Reader Shared Items to your Google Profile and have them automatically published on Buzz. However, this would be useful if you came across a website that you weren't subscribed to and still wanted to add it to Buzz. Clicking the button will open up the site's feed in Reader and allow you to add a note (if desired) before posting the item to Buzz.

Meanwhile, Firefox users have an experimental add-on called "Buzz It!" which lets you update your status via Gmail with the link and title of the webpage you're currently viewing. (Thanks to Orli Yakuel for finding this one.)

2. Hide Your Buzz Contact List from Prying Eyes

As Philipp Lenssen pointed out on Google Blogoscoped, Buzz may not be for everyone...especially those who don't want to expose their private Gmail contact list to the world at large. The problem with Buzz is once you set it up, those you follow and those following you are shown on your profile page. This isn't all that different from FriendFeed expect for one important fact: on FriendFeed you picked and chose who your friends were, but your Buzz contacts are added for you automatically based on who you email the most. If that's not information you want to share, here's how to turn it off:

1. Sign into your Google account via Gmail (or any other Google service)
2. Go to your Google profile here: http://google.com/profiles/me
3. Click the link at the top-right of the screen that reads "Edit Profile"
4. Here, you'll see a checkbox that reads "Display the list of people I'm following and people following me." To make this info private, just uncheck that box.
5. Scroll to the bottom of the page and click the "Save changes" button

3. Update Buzz via Email

One of the nice things about Buzz's Gmail integration is that it lets you update your Buzz via email. This one's simple: just send an email to buzz@gmail.com using your gmail.com email address. You can even send in attachments!

4. Subscribe to Someone's Buzz via RSS

As noted by commenter ArpitNext on our previous post and as Skeptic Geek blogged, Google Buzz is RSS-enabled. If you want to subscribe to someone's Buzz in your feed reader, just go to their Google profile page. Once there, you'll see the orange RSS icon appear in the browser's address bar. Click the icon in order to add Buzz to your favorite feed reader.

5. Email, Link to, or Mute a Buzz Post

To do more with a Buzz post, click the drop-down arrow to the far right of any post for a list of other Buzz options. From here, you can email the post, get the post's permalink, view all Buzz from that person, follow them, or mute the post.

Update! Bonus Tip!

Our own Frederic Lardinois discovered that Google Buzz understands a little bit of the Textile Markup Language. Here are the markups he found that work:

(*)word(*) = bold

(_)word(_) = italics

(-)word(-) = strikethrough

(--) = em-dash

Note: Use those without the ()

That's all for now - but if you have Buzz tips of your own, feel free to share them in the comments below!

After spending a day with Buzz ourselves, we came across a few tips and tricks worth sharing with you, our readers. Below you'll find four Buzz hacks, as we'll call them, which help you do more with Buzz... or less, as the case may be.

1. For Those Wanting Access to Buzz

Buzz officially launched yesterday, but you may not see it yet in your inbox. According to the google.com/buzz page, the company is "still rolling out Buzz to everyone" so "check back soon." Unlike with the launch of Gmail and Google Wave, there are no invites to beg for this time. Instead, you'll just have to be patient and wait. Oh, what's that? Patience is not a virtue? OK then. Check out these (unconfirmed) hacks that may help. The first is a tip we saw posted on Twitter. According to some, visiting Google Buzz from its mobile site on your phone (go to m.google.com then click on Buzz) will "switch it on" for you.

A couple of other more detailed hacks we came across include:

The Google Chrome Hack

(via nyquil.org)

1. Create a shortcut to Google Chrome on your desktop, right-click on it, select Properties, and then paste this after everything in the 'Target' field:

   - -user-agent="Mozilla/5.0 (Linux; U; Android 2.0.1; en-us; Droid Build/ESD56) AppleWebKit/530.17 (KHTML, like Gecko) Version/4.0 Mobile Safari/530.17"

2. Then go to m.google.com and click on Buzz. This will, however, make all pages Chrome loads behave as if you're browsing them from a Motorola Droid, so it's advisable to make another desktop shortcut with user-agent="" to reset everything.

The Firefox Hack

(via Aalaap.blog)

1. Fire up Firefox.
2. Install the "User Agent Switcher" add-on and restart Firefox.
3. Go to Tools > Default User Agent > iPhone 3.0.
4. Visit http://google.com/buzz and start buzzing!
5. Firefox will ask you if you want to share your location with the website. Say yes!
6. When you're done buzzing, switch back the user agent to default.

Note: since we all have Buzz ourselves, we couldn't test these hacks for you. Please let us know in the comments if they worked!

2. For the Inbox Purists

One of the complaints about Buzz is that it automatically adds Buzz to your inbox - yes, your actual inbox where you're already overwhelmed with traditional email messages. This occurs despite the fact that Buzz has its own section in Gmail, accessible via a link on the left. We're not sure if the Google guys haven't yet heard of "information overload" or if they just don't care, but some of us would rather keep our Buzz elsewhere.

Getting Buzz out of your inbox is simple, though, thanks to Gmail's filtering mechanism. Here's how to use it.

Remove Buzz from Your Inbox

(via Lifehacker)

1. Click "create a filter" next to the search box at the top.
2. Then, in the Has words text box in the filter tool, enter label:buzz.
3. Click the Next Step button; Gmail will warn you that Filter searches containing label and a few other search operators won't work, but don't worry--our testing shows that for Buzz messages, they seem to work just fine, so click OK and move on.
4. Finally, tick the checkbox next to Skip the Inbox (Archive it) and the click the Create Filter button.

3. For the Developers

Since Google launched Buzz APIs along with the Buzz service, developers already have access to the tools needed to syndicate Buzz updates, connect sites to Buzz, and soon, read/write support will be offered, too.

All the info on the APIs is hosted at Google Code and Buzz resources are centralized at code.google.com/apis/buzz.

But for some extra fun, the Yahoo! Developer Network Blog announced they created an Open Table for users of YQL. The table is now live on GitHub: github.com/yql/google/google.buzz.updates.xml. Developers who want to use it in their queries can do so like this:

USE "http://github.com/yql/yql-tables/raw/master/google/google.buzz.updates.xml" AS google.buzz.updates; SELECT * FROM google.buzz.updates WHERE user="nakedtechnologist"

4. For the Buzz "Haters"

Google Buzz not your thing? You can switch it off altogether, if you would like. Scroll all the way down to the bottom of your inbox and look for the link underneath your quota usage informational message. Click "turn off buzz" to be bothered no more.

]]> Discuss]]>

If you've found yourself in the terrible position of having a broken version of Chrome and you don't want to uninstall and start over from scratch, you can instead launch Chrome using "incognito mode", which disables extensions and allows you to disable the bad apple extensions.

Setting up a shortcut to launch Chrome in incognito mode is a simple four-step process:

1. We recommend first making a copy of your shortcut, that way you can access the browser normally too, once you've fixed whatever problem you're experiencing.


2. Find your copied Chrome shortcut, right click on it and select "Properties".


3. Select the "Target" field and append "--incognito" to the end of the command.


4. Click "Apply" and then "Okay" to save your changes.

Now, all you have to do is double click on the edited shortcut to enter into a "Safe Mode"-style Chrome. From here, all you'll need to do is enter "chrome://extensions/" (minus the quotes) into the browser's navigation bar to edit the extensions.

If you're unsure which extension broke Chrome's back, simply disable them all and switch back and forth between incognito Chrome and regular Chrome until you break it again.

And while we're speaking of Chrome extensions, we recommend going and getting the ReadWriteWeb extension to keep up to date with everything we post here. After all, if your Chrome shuts down from extension overload, now you know how to fix it.

So why would you want to hack your Android phone? For those with older handsets, rooting the device lets you install customized ROMs which can deliver major speed improvements and performance increases. For example, the popular CyanogenMod, created by one of Android's most notable hackers, optimizes performance for both the G1 and MyTouch 3G handsets.

Another good reason to root your phone? Multi-touch. One of the surprising omissions from Google's own Nexus One handset, for example, is the ability to use more than one finger at a time to operate the device. Although available on iPhone from the start, the Nexus One excludes this valuable feature from its mobile operating system. Why? No one knows for sure, but it might have something to do with some patents Apple owns. But that's no matter to the hacker community. Thanks again to cyanogen, Nexus One owners can enable the feature by copying some files over to their device. Other Android owners can perform similar procedures to enable multi-touch Web browsing. But before you can get started with any of these hacks, you first have to root the phone.

How to Root Your Android Phone

However, for novice hackers, "rooting" the phone sounds like it may be easier said than done. Although seemingly intimidating, by following a few simple steps anyone can do this with ease.

Before getting started, remember to back up your phone, including your contacts, SMS messages, files and photos.

1. The first step is to download and install Superboot, a boot image that, when flashed, will root the device the first time you boot up. You can grab a copy of the Superboot zip file from the Modaco forums here.
2. Once downloaded, extract the files it contains to a directory on your computer, just like any other zip file.
3. Now put your Android phone in bootloader mode. (Note, owners of a retail N1 should see instructions here).
   • To do so, turn off the phone, remove the battery, and plug in the USB cable. When the battery icon appears onscreen, pop the battery back in. Now tap the Power button while holding down the Camera key.
   • For those whose Android phones have a trackball, you have an even easier method of doing this: Turn off the phone, press and hold the trackball, then turn the phone back on.
4. Depending on your computer's OS, do one of the following:
   • Windows: Double click "install-superboot-windows.bat"
   • Mac: Open a terminal window to the directory containing the files, and type "chmod +x install-superboot-mac.sh" followed by "./install-superboot-mac.sh"
   • Linux: Open a terminal window to the directory containing the files, and type "chmod +x install-superboot-linux.sh" followed by "./install-superboot-linux.sh"
5. That's it, your device has been rooted!

If those instructions confused you, check out YouTube for instructional videos instead. Here's one for rooting the myTouch 3G or G1, and here's one for the Motorola Droid. Here's another. There's also an alternative rooting method involving 1 click demoed here. You get the idea.

Now What?

Now that you've rooted your Android phone, you can get busy adding features, functionality and other hacks. This is the fun part! LifeHacker offers five great reasons to root your phone, for those wondering why you would bother to do this.

Our favorite reasons?

1. Multi-Touch

First of all, Nexus One users can enable multi-touch on their devices. RedmondPie has a good how-to on this:

Meanwhile, Droid owners can hack their phones for multi-touch Web browsing:

T-Mobile G1 owners can do this too following the instructions here.

2. Mods for Performance Improvements (and More)

G1 and myTouch 3G owners can follow this tutorial to install the popular CyanogenMod on their devices, which boosts performance and speed, among other things. Here's a video tutorial on this via AndroidandMe.com: 

If you need more information, visit the Cyanogenmod Wiki for all the details on this custom ROM. And stay tuned to the latest Cyanogen news via this website. 

3. Extra Apps and Features

For more fun hacks, try these:

Anyone with a rooted handset can set up Wi-Fi and Bluetooth tethering using this app. The ever-popular Apps2SD software lets you migrate your Android apps over to your SD card, freeing up room on your phone. You can also install custom themes, ringtones and alerts.

More?

If you've hacked your Android phone, share your tips and tricks in the comments. Or if you have links to other good hacks, let us know.

Those of you who edited your privacy settings prior to December's change have nothing to worry about - that is, assuming you elected to keep your personalized settings when prompted by Facebook's "transition tool." The tool, a dialog box explaining the changes, appeared at the top of Facebook homepages this past month with its own selection of recommended settings. Unfortunately, most Facebook users likely opted for the recommended settings without really understanding what they were agreeing to. If you did so, you may now be surprised to find that you inadvertently gave Facebook the right to publicize your private information including status updates, photos, and shared links.

Want to change things back? Read on to find out how.

Probably the most critical of the "privacy" changes (yes, we mean those quotes sarcastically) was the change made to status updates. Although there's now a button beneath the status update field that lets you select who can view any particular update, the new Facebook default for this setting is "Everyone." And by everyone, they mean everyone.

If you accepted the new recommended settings then you voluntarily gave Facebook the right to share the information about the items you post with any user or application on the site. Depending on your search settings, you may have also given Facebook the right to share that information with search engines, too.

To change this setting back to something of a more private nature, do the following:

1. From your Profile page, hover your mouse over the Settings menu at the top right and click "Privacy Settings" from the list that appears.
2. Click "Profile Information" from the list of choices on the next page.
3. Scroll down to the setting "Posts by Me." This encompasses anything you post, including status updates, links, notes, photos, and videos.
4. Change this setting using the drop-down box on the right. We recommend the "Only Friends" setting to ensure that only those people you've specifically added as a friend on the network can see the things you post.

2. Who Can See Your Personal Info

Facebook has a section of your profile called "personal info," but it only includes your interests, activities, and favorites. Other arguably more personal information is not encompassed by the "personal info" setting on Facebook's Privacy Settings page. That other information includes things like your birthday, your religious and political views, and your relationship status.

After last month's privacy changes, Facebook set the new defaults for this other information to viewable by either "Everyone" (for family and relationships, aka relationship status) or to "Friends of Friends" (birthday, religious and political views). Depending on your own preferences, you can update each of these fields as you see fit. However, we would bet that many will want to set these to "Only Friends" as well. To do so:

1. From your Profile page, hover your mouse over the Settings menu at the top right and click "Privacy Settings" from the list that appears.
2. Click "Profile Information" from the list of choices on the next page.
3. The third, fourth, and fifth item listed on this page are as follows: "birthday," "religious and political views," and "family and relationship." Locking down birthday to "Only Friends" is wise here, especially considering information such as this is often used in identity theft.
4. Depending on your own personal preferences, you may or may not feel comfortable sharing your relationship status and religious and political views with complete strangers. And keep in mind, any setting besides "Only Friends" is just that - a stranger. While "Friends of Friends" sounds innocuous enough, it refers to everyone your friends have added as friends, a large group containing hundreds if not thousands of people you don't know. All it takes is one less-than-selective friend in your network to give an unsavory person access to this information.

3. What Google Can See - Keep Your Data Off the Search Engines

When you visit Facebook's Search Settings page, a warning message pops up. Apparently, Facebook wants to clear the air about what info is being indexed by Google. The message reads:

There have been misleading rumors recently about Facebook indexing all your information on Google. This is not true. Facebook created public search listings in 2007 to enable people to search for your name and see a link to your Facebook profile. They will still only see a basic set of information.

While that may be true to a point, the second setting listed on this Search Settings page refers to exactly what you're allowing Google to index. If the box next to "Allow" is checked, you're giving search engines the ability to access and index any information you've marked as visible by "Everyone." As you can see from the settings discussed above, if you had not made some changes to certain fields, you would be sharing quite a bit with the search engines...probably more information than you were comfortable with. To keep your data private and out of the search engines, do the following:

1. From your Profile page, hover your mouse over the Settings menu at the top right and click "Privacy Settings" from the list that appears.
2. Click "Search" from the list of choices on the next page.
3. Click "Close" on the pop-up message that appears.
4. On this page, uncheck the box labeled "Allow" next to the second setting "Public Search Results." That keeps all your publicly shared information (items set to viewable by "Everyone") out of the search engines. If you want to see what the end result looks like, click the "see preview" link in blue underneath this setting. 

Take 5 Minutes to Protect Your Privacy

While these three settings are, in our opinion, the most critical, they're by no means the only privacy settings worth a look. In a previous article (written prior to December's changes, so now out-of-date), we also looked at things like who can find you via Facebook's own search, application security, and more.

While you may think these sorts of items aren't worth your time now, the next time you lose out on a job because the HR manager viewed your questionable Facebook photos or saw something inappropriate a friend posted on your wall, you may have second thoughts. But why wait until something bad happens before you address the issue?

Considering that Facebook itself is no longer looking out for you, it's time to be proactive about things and look out for yourself instead. Taking a few minutes to run through all the available privacy settings and educating yourself on what they mean could mean the world of difference to you at some later point...That is, unless you agree with Facebook in thinking that the world is becoming more open and therefore you should too.

In other words, if you're the owner of a jailbroken phone, you should now be concerned.

Unlike the relatively innocuous iKee worm which the creator designed more as a "public service" to alert users to the potential for malware on the iPhone, the new hacker tool, dubbed "iPhone/Privacy.A," is the real deal. Where iKee simply switched the iPhone wallpaper to display a photo of singer Rick Astley (a nod to the internet meme of rickrolling), Privacy.A gives the user no indication that it is running on the device.

The new hacker tool also operates a bit differently than iKee does, as it doesn't have to sit on the iPhone itself in order to inflect its damage or spread. The hacker can either load the worm onto their personal device and then monitor the network for jailbroken devices to attack or they can load the malicious program onto a computer. As Intego points out in their post, this computer could be on a public network at an Internet cafe or retail store. In that scenario, the tool would then scan for any other jailbroken iPhones that came within range of the Wi-Fi network and attack them.

How to Secure your iPhone

Although many jailbreakers are tech-savvy enough to know how to lock down their devices to protect themselves from attack, there are quite a few who have simply followed online instructions such as these to perform the jailbreak. This group, while arguably somewhat tech-savvy, doesn't necessarily know all the nitty-gritty details about the iPhone filesystem or its security mechanisms.

To make it easy on these users, we've provided steps on how to change your iPhone's root password - the common denominator required in order for the malware to gain access to your device.

While some may argue there's no need to change your root password if you haven't also installed the SSH program, another necessary element for these attacks to work, we think that's a little short-sighted. It would be easy enough for a malicious hacker to trick jailbreakers into installing SSH by bundling it with some other third-party application offered through underground App Stores like Cydida or Icy. By masquerading as something innocent like a wallpaper-changer or ringtone bundle, a hacker could easily set up a number of jailbreakers with SSH without the victims even being aware that it has been installed. Although we haven't heard of anything like this happening yet, if we thought of it then you can bet that the hackers out there have thought of it too.

Changing the Root Password

The best protection is to simply change your iPhone root password. That will keep you safe from the current iPhone malware...as least for now. Here's how:

1. Install the MobileTerminal application from Cydia.
2. Reboot your iPhone.
3. Launch MobileTerminal and type in the command: passwd
4. At the prompt which asks for the "Old Password," type in: alpine
5. At the new password prompt, type in a new password of your choosing, making sure to pick something strong.
6. Re-enter the password to confirm.
7. You'll then be returned to the Mobile$ prompt which means the change was successful.
8. Now you'll need to change the password for the secondary admin. Type in the command login root.
9. Again, you're prompted for the old password. Type in alpine.
10. Now type in the command passwd
11. You'll then go through the change password routine a second time, entering in alpine as the old password, creating a new password and then re-entering it to confirm.
12. When you are finished, close the application.

Note: these instructions assume you are running iPhone OS 3.0 or higher.

These days, everyone wants to build their own iPhone applications, but not everyone knows how write the code necessary in order to create them. Fortunately, there are now a number of tools that allow non-developers the ability to create their own iPhone apps without knowing programming or scripting. Some are general-purpose app builders designed for small businesses while other target specific needs, like apps for musicians or for eBook authors. Still others let developers familiar with simpler programming languages like HTML write apps using the code they know and then will transform that code into an iPhone application which can be submitted to the iTunes Store.

Below we've listed 13 different tools that let you create your own iPhone applications, none of which require knowledge of Objective C, the programming language used to build apps for the iPhone OS .

What it Does: Sweb Apps offers an online service which lets anyone build their own iPhone apps even if they don't know how to code. Designed with small business owners in mind, the company offers pre-created templates which you can customize with different background images and your own custom icons if desired. Otherwise, you're welcome to use the graphics provided by the company's own image library. After picking the category for your app (Restaurant, Retail, Business, etc.), you choose the buttons you want to include (Menu, Directions, Map, etc.). You can even create a mobile storefront where Sweb Apps manages your inventory. 

How Much it Costs: The company offers four-, six- and eight-button packages, which all include a one-time set-up fee of $50 per button. Then there is a $25 monthly hosting fee applied to every application going forward

Our coverage: Build Your Own iPhone App with New Service from Sweb Apps and Sweb Apps 2.0: Build Your Own Mobile Storefront for the iPhone

2. AppIncubator

What it Does: Think you have a great idea for an iPhone app but not the skills to build it yourself. Like Apple says: "there's an app for that!" The AppIncubator iPhone App from MEDL Mobile lets you submit your ideas which the company's development team will then build into apps for you. App submissions can be sent in via the iPhone app or by way of the company website. Once received, you go online to use the company's "storyboard" tool to sketch out in more detail how you imagine the app working.

How Much it Costs: Using the service or downloading the iPhone app itself is free, but MEDL Mobile takes a cut of the profits after the app goes live in the iTunes App Store. 25% of the total revenue is shared with you and the company keeps the rest.

Our coverage: This iPhone App Helps You Make iPhone Apps

3. Kanchoo

Kanchoo is another platform that allows content producers to create native iPhone applications, this one is designed for news organizations. To use the service, you provide the company with an iPhone application icon, a splash screen (in .png format) and a description of your application which will be used in the iTunes App Store. Then, using their online tools, you build your app by uploading the content which can consist of either photos or news articles.

How Much it Costs: Basic account holders pay $88 for creation of their iPhone application and submission to the iTunes App Store along with a $28 per month fee for bandwidth and hosting.

4. AppBreeder

What it Does: AppBreeder is another DIY app builder service, similar to SwebApps. Where SwebApps offers categories to choose from, AppBreeder offers "App-Kits." These are pre-defined collections of app settings which include gadgets, icons, and behavioral elements. There are kits for a wide range of industries including everything from real estate to legal and bands to restaurants. You use the kits as a jumping off point to start building your app and then add or remove gadgets as your needs require. After building your app, you can then publish it to the iTunes App Store. However, AppBreeder isn't just limited to the iPhone - it also lets you publish apps for Blackberry and Android devices as well. (Note: the company's website says that "due to sudden demand spike" AppBreeder's build and publishing tools will be unavailable until Nov. 30th.) 

How Much it Costs: AppBreeder offers different packages depending on whether your app will be ad supported or ad-free and which platforms you plan to distribute it on. Ad supported apps are free, iPhone web apps are $9.95 - 14.95, native iPhone apps are $29.95, and the iPhone/Blackberry/Android app package is $39.95 - 49.95.

5. MyAppBuilder

What it Does: MyAppBuilder is a service that creates iPhone applications designed to help you sell your content. Whether that's books, music, videos, etc., the service turns any content into an app. You can also use MyAppBuilder to create custom quizzes, apps that are fed by Twitter pages, or you can turn your blog into an app by way of its RSS feed. To use the online app builder, you login to the service's "Control Panel" where you submit details about your app including content, features, flow, and image files. The company then uses this information to create an app for you which is sent back to you for review. After you approve the app, MyAppBuilder submits it to the iTunes App Store on your behalf.

How Much it Costs: The service is available for a fee of $29 per month. There is also a $20 processing fee to compile your data, put it in the appropriate format, and submit it to the App Store for review.

6. BuildAnApp

What it Does: BuildAnApp is another DIY cross-platform app builder designed for small businesses, community groups and professional service organizations. Using the web-based service, you can pick and choose from the company's customizable templates to create apps for the iPhone, Blackberry, or Windows Mobile platforms. As with Sweb Apps, creators can use their own graphics or choose images from the company's own online gallery. A special feature of this service is its ability to house an email distribution list that will notify end users to download the application once it becomes available. (Note: this service is currently in private beta testing right now. You can sign up here to be notified when it's available).

How Much it Costs: The company says pricing has not yet been determined but will be "competitive" with similar services.

7. eBookApp

What it Does: The eBook App Maker is a service specifically designed to create iPhone apps from eBooks. The app builder supports nearly all digital formats including PDF, Doc, Zip, CHM, HTML, TXT, FB2, PDB, PRC, Mobi, PDB, MHT, RTF. eBook creators can also specify various fonts and sizes, can add images and notes, can lock the orientation to landscape or portrait, and more.

How Much it Costs: The company's site doesn't publicly list its pricing but offers a "request a quote" form instead.

8. GameSalad

What it Does: GameSalad is a downloadable tool for creating games without needing to know programming or scripting. Using the company's visual editing software, you can create games which can then be published to both the web and to the iPhone. GameSalad offers a suite of "interactions" and attributes which you can add into your game to create the action. You can also drag-and-drop art files and sound files from your computer into the game builder, too. As you create the game, you can tweak the various elements during the building process and can preview what the game looks like before compiling it. 

How Much it Costs: The company offers a basic, free version of GameSalad which lets you publish to the web, but not the iPhone. For iPhone games, there are two versions available: the Express version for $99/year and the Pro version for $1999/year.

Our coverage: Gendai Games Launches GameSalad Beta

9. MobileRoadie

What it Does: Mobile Roadie is an application builder that lets bands create their own custom iPhone applications which can include content like photo galleries, streaming music files, YouTube videos, upcoming concert listings, lyrics, news, Twitter and RSS feeds, and even interactive features like a "wall" where fans can post comments and photos.  The app can also link to Ticketmaster and LiveNation ticket sales information and to the band's album(s) on iTunes.

How Much it Costs: There is a $499 set up fee for Mobile Roadie followed by a $29/month fee for the first 100 installs. To get rid of the 1 cent per install fee, bands can choose to host their own content instead.

10. MobBase

What it Does: Similar to Mobile Roadie, MobBase is also an app creation tool designed for bands. Without needing programming skills, musicians can create apps that include videos, images, bios, band news, streaming playlists, concert schedules and links for music purchases. The tool, offered by MixMatchMusic,

How Much it Costs: Applications are $20 dollars to activate. Free apps are priced at $15 dollars a month for the first 500 installs with $5 dollars per additional 1000 downloads. Paid apps cost $20 dollars per month for the first 500 installs and $6 dollars per month for each additional 1000. MobBase does not take any application sales fees in regards to revenue share. The company also receives 5% of purchased music downloads.

11. Rhomobile

What it Does: Rhomobile does require that you know how to code, but only HTML and Ruby, not the Objective C required for building iPhone apps. Developers can build any application and then use Rhomobile to deploy their app anywhere - including the iPhone, Blackberry, Windows Mobile, Symbian, or Android marketplaces.

How Much it Costs: The Rhodes framework is free for developers who open source their applications under GPLv3. Commercial Rhodes licenses are also available at $500 per application and commercial RhoSync server licenses are available based upon the planned number of users connected to the server.

12. PhoneGap

What it Does: Like Rhomobile above, PhoneGap is also an open source development tool for building mobile apps. Also like PhoneGap, you do need to know how to code, but this time, you just need to know HTML and Java as opposed to the iPhone's Objective C. With this tool, you can build apps for iPhone, Blackberry, and Android while also taking advantage of the phones' native features like geolocation, the accelerometer, sound and more.

How Much it Costs: PhoneGap is completely open source and free to use.

Our coverage: PhoneGap: People's Choice Winner at Web 2.0 Expo Launch Pad

13. RedLaser

What it Does: Red Laser is an iPhone application that lets you scan barcodes with your iPhone in order to compare the in-store price with other online deals. However, with the latest version of the application, RedLaser 2.2, you can create your own custom barcode scanning apps. To do so, first download the updated application from the iTunes App Store, then visit www.redlaser.com/apps from the iPhone's web browser. Follow the instructions on the page to set up your own application - you'll need to fill in data like the URL of the site you want to compare prices with, the URL for the app icon, etc. When complete, tap the "build app" button. The completed app can then be added to your homescreen. Although this app is designed more for personal use and not resale, it's still worth checking out if you want to create your own barcode scanning application without needing to know how to code.

How Much it Costs: RedLaser is available on the iTunes App Store for $1.99.

Update!

While this post was by no means meant to be a definitive list, it's amazing the response it's received in both the comments and via email. So many people have asked "how could you forget.. this company or that?" OK, Appcelerator was an oversight, but as far as the others, they just weren't on my radar. Here's a few of the ones that received multiple mentions:

• TapLynx: A DIY solution for building apps without coding.
• MobileAppLoader: Another DIY solution for building iPhone apps without code.
• MobileStoreMaker: A DIY solution for making a mobile storefront for iPhone.
• Appcelerator: Like Rhomobile and PhoneGap, you do need to code, but you don't need to know Objective C. Instead, you can build iPhone apps with HTML, JavaScript, CSS, Python, PHP and Ruby instead.

• MobiOne: An iPhone emulator that lets you build iPhone apps by coding them using your web development skills.
• Appanda: A system that lets you build apps through RSS, links and manual uploads. Still in beta.

However, there are tons of others, too. Really - tons! Hop into the comments section to see even more suggestions from their users and fans.

Without sufficient anti-virus and malware protection programs installed, social networking users can easily become victims to these ever-evolving attacks. However, the best way to avoid becoming a victim yourself is to be aware of what's out there and what sorts of things you should avoid. Below are the best practices which you should use on Facebook and Twitter in order to keep yourself safe.

The Problem with Malicious Links

One of the most common vectors for attacks are malicious links posted either to Twitter or to your Facebook wall. In the past, such as with the malware known as Kooface, the troublesome links could be easily identified because they would often use a consistent phrase followed by a URL. For example, in August, Koobface was posting links that read "my home video :)" which was followed by a URL and then a random component on the end such as "HA-HA-HA!!", "W.O.W.", "WOW", "L.O.L.", "LOL", ";)" or "OMFG!!!"

Although the end piece changed from tweet to tweet, the message itself remained the same. However, security researcher Costin Raiu of Kaspersky Lab tells us that easy-to-identify messages are not as common anymore. Today, it's much harder to identify malicious links thanks to two newer techniques being used by hackers. Below those two newer methods are described in more detail as is the tried-and-true method of spreading malware via email.

Method 1: Hijacking Twitter's Trending Topics

The first technique, which really became popular in August of this year, involves hackers creating Twitter new accounts and then posting messages related to whatever trending, or "hot," topic was being heavily discussed on Twitter at that time. This would allow the post to be aggregated in Twitter search results where unsuspecting users would click on the included link. The text accompanying the link would be intriguing to those interested in the subject, enticing them to click through.

Method 2: Hijacking Legitimate Accounts

The second technique involves infiltrating legitimate accounts through phishing attempts and other methods so that the hacker essentially has control over a "real" account. After control has been established, if on Twitter, the hacker will then tweet out links that redirect users to malware-infected sites. Because the tweets come from an account that already has an established set of followers, those reading the tweets assume it's safe and don't hesitate to click the links.

After infecting the account of a Facebook user, malware often uses that particular person's account to spread, too. As with the malicious links on Twitter, because it appears that the links posted are from a trusted friend, other users don't realize that the posted link is harmful.

On Facebook, one of the most problematic malware programs is Koobface, a particular type of malicious software that sees 20 to 30 new variations per day. Despite the number of variants out there, Koobface's M.O. is relatively consistent: it tricks people into clicking links. These links appear on social networks like Facebook and Twitter, but also on MySpace, hi5, Bebo, Friendster, and others.

Method 3: Dangerous Email

A third method to encourage social networking users to click on infected links is the old but still effective technique of sending out spoofed email. Hackers can create email messages that appear to be sent from a social networking site. The messages prompt you to "update your account" or open an attachment containing your new password among other things.

Image Credit: Last Watchdog

Image Credit: Last Watchdog

Although many users are now wary of email, these techniques are still being seen in the wild, so it's clear that to some extent they still work.

How To Stay Safe

There are a number of best practices that you should follow in order to stay safe and avoid infection. They are as follows:

1. Don't assume a link is "safe" because it's from a friend: As noted above, your friend's account may be infected. You should never assume that a link is safe just because a friend tweeted it or posted it to your wall. Use your common sense. If it doesn't sound like something they would say, be wary, don't click. If you're unsure, try to contact them through another channel and see if the link is legit.
2. Don't assume Twitter links are safe because Twitter is now scanning for malware: In August, Twitter partnered with Google to use Google's Safe Browsing API, a technology that checks URLs against Google's blacklist. This prevents spammers from posting malicious URLs to Twitter, but it does NOT prevent them from posting shortened URLs which direct users to those same malicious sites. It's better than no protection at all, but it's not going to keep you entirely safe.
3. Don't Assume Bit.ly Links are Safe: Earlier this year, Twitter's default URL-shortening service Bit.ly, began warning users of malware. Bit.ly also uses Google's Safe Browsing API along with two other blacklists to identify malicious links. Although the service doesn't prevent users from posting these links, it will warn upon clicking that the site being linked to is infected. However, as Raiu tells us, this is not 100% effective either. Kaspersky has identified a number of malicious links which Bit.ly did not block. However, you can assume that Bit.ly is generally safer than the other URL-shortening services because it uses this technology and because the hackers are generally avoiding this service at the moment because of its built-in protection. But it is not completely safe - nothing ever is.
4. Use an up-to-date web browser: Kaspersky recommends using the latest version of your web browser and keeping it up-to-date with the necessary patches. That means Internet Explorer users should be on IE8 - and since this browser is attacked the most, it's critical that you make sure it stays updated as needed. Firefox is the second most attacked browser, but fortunately, it has a self-updating feature built in. Google Chrome is also good because it has a self-updating feature as well as another security feature that runs plugins in "sandboxes," or restricted environments. If an attacker was able to exploit the browser and run malicious code, it would be isolated to this sandbox and would not able to effect the entire machine. Opera and Safari are also good browsers and should be kept current, too.
5. Keep Windows up-to-date: As always, Windows users should make sure their systems are current with the latest patches from Microsoft. Automatic updates should be turned on.
6. Keep Adobe Reader and Adobe Flash up-to-date: At the moment, Adobe Reader and Flash are the two most targeted programs by hackers. A lot of malware specifically goes after known vulnerabilities within Adobe's software. In addition, a common method of attack, such as that used by Koobface, is to redirect a victim to a malware-infested site where the user is prompted to update their Flash player or Adobe Reader in order to see the website content. NEVER do this. Always go to Adobe's site on your own to download the latest version or update the software on your computer using its own built-in update mechanisms.
7. Don't assume you're safe because you use a Mac: While it's true that Mac users are less targeted than Windows users, they are not immune to malware, despite what those commercials may say. Although Apple did include some malware protection in their latest operating system, it only protects users from two trojans; you cannot count on it alone to protect you. There are a couple of hundred of trojans currently in the wild that specifically target Mac machines, according to Kaspersky. In fact, there may even be as many as a thousand, but researchers are unable to identify all of them because Mac users don't typically run anti-virus software which is how much of the data is collected. These days, when a user clicks an infected link, the malicious web page will now sometimes identify whether that user is coming from a Windows or Mac machine and then display the appropriate version of the trojan accordingly. A particular family of trojans known as "DNS Changer" trojans are the most common ones used to attack Mac machines. The only way to really be sure that you're protected against these malicious programs is to run anti-malware software on your Mac, but most Mac users won't do so, preferring to take their chances since their risk is lower.
8. Be wary of email messages from social networks: Because email addresses can be "spoofed" by hackers, you can't assume that an email from Facebook or Twitter is really from those the site it claims to be from. As always, you should never open attachments you were not expecting to receive and you should be wary of clicking on links - especially if you're being told to "update your account." If you do click on a link and are taken to a web page that asks you to log into the site, DON'T DO IT. It would be handing over your password to the hackers. Instead, you should always access the sites directly by typing in their URL in your browser or clicking a saved link in your Favorites.

It's Not Just a Matter of Common Sense Anymore

As the above best practices show, a lot of the things you can do to protect yourself from malware are the same as they have been in the past - keep your computer and browser up-to-date, don't open attachments, etc. However, malware is trickier to identify these days thanks to social networking sites. It now uses the trusted identities of your friends in order to lull its victims into a false sense of safety. You can no longer simply assume that because someone you know posted a link, it's automatically safe. You can't even assume that the networks themselves are safe, either. They're not always scanned for malware-laden links, and when they are, such as is the case with Twitter, it's not a 100% effective method.

Security researchers are actively working on better ways to fight this problem - for example, Kaspersky just announced their "Krab Krawler" project which will help keep their blacklists current by scanning for malicious links on Twitter, but it's not a tool that end-users can download to protect themselves; it's only one of many methods that security firms use to collect data about the malware on the internet. The best way to stay safe is to follow through with all the best practices - not just one or two. Malware isn't ever going away, so everyone must do their own part in order to stay safe on the web.

But what can be done? It's not like you can just quit Facebook, right? No - and you don't have to either. You just need to take a few precautions.

The problem in implementing these privacy options is that they're just too confusing for most non-tech savvy people to handle. And often, folks don't want to bother to take the time to learn. To simplify the process, we're offering five easy steps you can take today to help make your Facebook experience safer, more secure, and more private.

Step 1: Make Friend Lists

Yes, it will take some time, especially if you're connected to a couple hundred friends already. But this step, while not the quickest, is fairly simple. And it will be one of the most useful things you can do on Facebook.

Friend lists, like they sound, are lists for categorizing your friends into various groups. The nice thing about this feature is that once you set these lists up, you won't have to do it again. We suggest that you put your work colleagues and professional acquaintances into a friend list designated "work," personal friends you're not very close with into a list called "Acquaintances," and people you're related to into a list called "Family." Those three main categories will separate out the groups of "friends" who you may want to hide some information from.

To create a friend list, click on "Friends" at the top of the Facebook homepage. In the left-hand column, click "Friends" again under the "Lists" section. Now you'll see a button at the top that says "Create New List". Click it. In the pop-up that appears, you can name your list and pick members. If you've ever shared an application with your friends, the process of doing this will be very familiar.

When you've finished making lists, you'll be able to use them when selecting who can see what (or who can't!) when configuring the security settings described below.

Step 2: Who Can See What on Your Profile

At the top right of Facebook, there's a menu that many people probably ignore: "Settings." But this menu is now going to become your best friend. To get started, hover your mouse over the Settings menu and click "Privacy Settings" from the list that appears. On the next page, click "Profile." This takes you to a page where you can configure who gets to see certain information on your profile.

Before making changes, think carefully about the sorts of things you want public and the things you want private. Should "everyone" get to see photos you're tagged in? Or would you like to limit this only to those you've specifically chosen as Facebook friends?

Underneath each section on this page (basic info, personal info, status, etc.), you can designate who gets to see that particular bit of information. For anyone not using custom lists (see step 1), the best thing to enter here is "Only Friends." Anything else opens up your profile information to people you may or may not know. For example, choosing "Everyone" makes that info public, "Friends of Friends" lets your friends' friends see it, "My Networks and Friends" opens up your info to anyone in your networks - that means anyone in your city, your high school, your college, a professional organization you listed, etc.

You can also block certain groups from seeing these sections, too. On any item that offers an "Edit Custom Settings" option, you can click that link to display a pop-up box where you can choose people or lists to block (see where it says "Except these people"). If you haven't made custom lists as explained in step 1 above, you can enter individual names here instead. (Sorry, mom, dad, boss - this is where you get blocked.)

Step 3: Who Can See Your Address and Phone Number

Did you list your address and phone number on Facebook? While that's a handy feature, you may not want everyone you friended to have this information. To access this configuration page, you follow the same steps as above in step 2 to display the Profile Privacy page. You'll notice that the page has two tabs at the top - click on the one that reads "Contact information."

As previously described above, you can again use the drop-down lists provided to designate who gets to see what and/or block certain people or lists from viewing this information. The sections on this page include "IM Screen Name," "Mobile Phone," "Other Phone," "Current Address," "Website," and your email.

Step 4: Change Who Can Find You on Facebook via Search

Sick of getting friend requests from old high school pals? While for some the beauty of Facebook is that it lets you reconnect with everyone you ever knew throughout your life, others find this intrusive and annoying. You're not friends with any of these people anymore for a reason, right?

As it turns out, you can still enjoy Facebook without some folks ever knowing or finding you thanks to the search privacy settings.

Click on the "Settings" menu on Facebook's homepage and then click "Search" on the following page. You'll be taken to a Search Privacy page where you can specify who gets to find you on Facebook. Want to be wide open? Change the "Search Visibility" drop-down box to "Everyone." Want to keep it a little more limited? Select "My Networks and Friends," "Friends of Friends," or "My Networks and Friends of Friends" instead. Don't want anyone finding you on Facebook? Change it to "Only Friends." That means only the people who you've already friended can find you in a Facebook search.

On this page, you can also configure what information displays when your info is returned as a search result (e.g. your profile picture, your friend list, etc.). In addition, you can check and uncheck the boxes for network-based searches too. For example, if you don't want anyone from high school to find you, uncheck the box next to "people in high school networks."

Step 5: Stop Sharing Personal Info with Unknown Applications

Remember when we told you about what Facebook quizzes know about you? Using Facebook's default settings, you're unknowingly sharing a plethora of personal information (and your friends' info too!) with various Facebook applications and the developers who created them. The problem is so bad that the ACLU recently created their own Facebook Quiz to demonstrate how much information an app has access to.

It's time to take back control! From the Facebook homepage, hover your mouse over the "Settings" menu and choose "Privacy Settings" from the drop-down list. On the next page, click "Applications" then click the tab that reads "Settings" which is next to the "Overview" tab. (Oh, and if you want to really be freaked out, read that overview!)

On this page, you can check and uncheck boxes next to your personal information (picture, education history, wall, religious views, etc.). This controls what the applications your friends are using can see about you. Yes, your friends' apps can see your personal info if you don't make this change! Believe it or not, you don't have the same control over your own apps. The best you can do is head over to the Applications page and delete the apps you're not using anymore. (Use the "X" to remove them.) You see, once you authorize an application, you're telling it that it's OK to access any information associated with your account that it requires to work. While some developers may only pull what's actually required, many others just pull in everything they can. Scary, isn't it?

Conclusion

While this is by no means a comprehensive guide to Facebook security and privacy, these five steps can help you get started in creating a safer, more secure, and more private environment on the social network.

However, if you choose not to take any precautions, then you'll only have yourself to blame when an errant wall post or naughty photo makes its way online and straight into Grandma's News Feed, or worse, your boss's. These days, it's better to be safe than sorry, so go ahead and delve into those settings!

Unfortunately, there seemed to be a problem with the new security feature: it wasn't working...or at least, so it seemed. As it turns out, the problem was that users weren't informed as to how to properly activate the anti-phishing protection, an issue that points to a poor implementation of what could and should have been a major breakthrough in mobile computing technology.

Although Apple touted the anti-phishing protection back in March when they announced their 3.0 update, the new feature didn't actually materialize until this month when the company released the OS 3.1 iPhone/iPod Touch software. According to Apple, the anti-phishing protection feature will display an on-screen warning message when you attempt to visit a known malicious website.

Once the update was released, security researchers and other Apple enthusiasts began testing the new technology. The results were immediately disappointing. "I've not been able to get it to block anything," Michael Sutton, vice president of research at security firm Zscaler was quoted as saying. He had been testing the feature using known phishing websites identified by the anti-phishing database hosted at PhishTank. The Mac Security Blog also found after extensive testing that it simply "does not seem to work." MacWorld, however, found that the feature worked sometimes, but the inconsistency hinted that the technology was not "ready for public consumption," they reported.

What gives? Did Apple really release a broken feature? Were they even aware of the problem? Blogger Jim Dalrymple of The Loop decided to go straight to the source: he asked Apple.

Apple Says "You're Doing it Wrong"

Apparently, this was not a case of the anti-phishing technology being broken. It was a case of everyone simply "doing it wrong." As it turns out, in order for Safari's anti-phishing database to update, there are a few particular steps that need to be followed, explained an Apple spokesperson. After updating the phone to the OS 3.1 update, users need to do the following:

1. Launch the Safari web browser.
2. Connect to a Wi-Fi network.
3. Charge the iPhone with the screen off.

The spokesperson added that for "most users" this process should happen automatically when they charge their phone. We would have to disagree. "Most users" don't launch the Safari browser prior to charging their device - if anything, they close down any open applications before plugging in the phone to charge.

Poorly Implemented, Poorly Explained

If you follow the above steps, the feature will work. However, most users will never know to do this unless they happen to closely follow technology news and blogs. The general mainstream population - the very demographic Apple so craftily attracts via their billion dollar marketing campaigns - expects things to "just work." That is the Apple promise, after all.

Yet even on Apple's own website where they detail the various new features in the OS 3.1 update, there is no mention as to how the anti-phishing protection should be utilized. It simply lists that the feature exists. A helpful link to a "how to" guide would seem appropriate here or, at the very least, a footnote.

Having to perform the somewhat unintuitive steps to get the anti-phishing protection feature to function properly seems like an unusual miss for a company who generally makes things simple and straightforward. Why does it need Wi-Fi, for example? Apple claims that the Wi-Fi connectivity is required so as not to incur any additional data fees for the end user. But launching the browser? We almost wonder if it wouldn't have made better sense for Apple to implement the feature in the new iTunes update instead. The desktop software could retrieve the updated anti-phishing database from the internet upon launch and could then sync it to the iPhone or iPod Touch the next time it was plugged in. That would also alleviate another common problem with the current implementation - if the phone isn't plugged in long enough, the update won't complete and users will only be partially protected. On the other hand, the inclusion of the database via a sync would have ensured that all the data was copied over to the phone.

In the end, though, Graham Cluley, a senior technology consultant at Sophos, reminds us that maybe we shouldn't be too hard on Apple. "Many other smartphones don't offer even the most elementary form of anti-phishing protection to their users," he says. That may be true but, unfortunately, the way Apple chose to deliver their anti-phishing protection feature means that most iPhone users won't be protected either.