Saturday, November 27, 2010

Blogger, Layered Security, And You

One of the biggest problems with Blogger, right now, is how we allow Blogger programs to run, on our computers.

Whether a problem involves Blogger / Google logins, commenting, Stats, Template Designer, or the Dynamic Templates, Blogger writes the code - and we run the code - when we allow the code to run, without interference.

If we want our computers to remain under our control, and not become part of one or more worldwide collection of computers controlled by hackers, we have to be selective about what code we allow to run on our computers.

In the computer security world, this security policy is called "Deny by default, allow by exception."

We are protected by filters, which block both cookies and scripts, in various places.
  • On our networks.
  • In applications, on our computers.
  • In our browsers.
Long ago, this was called "layered security", and was a good thing, since it helped us to keep our computers under our control. Each layer backs up the other layer, in preventing malware from being installed, or from running, on a protected computer.

Layered security is still a good thing, in general. With Blogger becoming both easier to use, and more full of features, Blogger programs, running on our computers, is more susceptible to damage from filter interference. Cookies and scripts, to be useful, must be properly permitted, by our computers.

When we have a problem with using BloggerThese are all problems with Blogger, possibly caused by layered security, improperly implemented on our computers or our networks. And most of these problems are ones that we need to fix, by learning how to control the filtering.

Similar to problems with filtered cookies or scripts is the decision that some blog owners make, to clear cookies / scripts when restarting the browser. Whether the cookies were never created, or deleted when the browser was closed - if the cookies don't exist when needed, or can't be accessed when needed, an application like Stats or Template Designer won't work properly.

Every layer in the security strategy must be properly configured, to work with the other layers. Both cookies and scripts must be carefully considered, in the settings for each layer.
URL changes - from "" to a custom domain, and from "" to a country code alias - will cause problems with any domain based filters.

Most layered security is domain specific - and any filter which references "" will need to similarly reference any non "" domain to which your computer is subject. If you are located close to an international border, you may need to reference any nearby countries, as well.

And as you install add-ons, and change various settings, keep track of what you change - and be selective of what you install. Don't let yourself be forced to sacrifice an elephant, to make your Blogger application work, later.

Dude, hit me with a comment!