Category Archives: SHOWCASE

Time to Switch From Yahoo to Gmail?

by

Yahoo’s new owner, Verizon, recently revealed that all 3 billion Yahoo accounts have been compromised, greatly upping the admission of damage that Yahoo made before its sale to the telecom giant. So if you have a Yahoo account, it’s time to find another email service provider that will better protect your email privacy and security, and yes if you tied your yahoo account to secondlife then that was also compromised. Here’s my advice on how to switch to Gmail…

Moving Yahoo Mail to Gmail

If you have not changed your Yahoo password recently, it is 100% certain that hackers have the keys to it. Not Good. The recent revelation that hackers were able to compromise all of Yahoo’s THREE BILLION accounts is mind-blowing. It’s time to leave Yahoo Mail in the digital dustbin of history, and move to a new webmail provider.

You may be loathe to leave your contacts and emails behind. But don’t worry, you can take them with you! Google’s Gmail (my preferred email service for 12+ years) makes the process of importing contacts and mail from Yahoo (and other services) as simple as it can be. That isn’t exactly “dead simple,” but most users should be able to do it in just a few minutes.

The first thing you should do is change your Yahoo password to something extremely strong. Also, enable two-factor authentication if you haven’t already done so. With these changes, hackers would need both your password and your phone to get into your Yahoo account.

You want to keep control of your Yahoo account, even if you don’t actively use it. The reason is that abandoned account names are recycled by Yahoo. A bad guy could appropriate your old Yahoo handle and impersonate you. So don’t delete your Yahoo account, just lock it up for now.

 You should also disconnect any external services that are connected to your Yahoo account. To do this, from your Yahoo inbox page, click on the gear icon (upper-right), then on Settings. Click on Accounts to see all of the email accounts, social networks, cloud services, and other services connected to your Yahoo account. Go down the list and disconnect each one. This will eliminate your Yahoo account as a bad guy’s conduit to your other accounts.

Finally, if you have been using your Yahoo password on any other services, change those passwords. And stop re-using passwords — every account should have its own, unique, and strong password.

First, create a Google account if you don’t already have one. You can sign up here.

Just like Yahoo’s inbox page, the Gmail inbox page has a gear icon in the upper-right corner. Click on it and then click Settings. Next, click Accounts and Import, then click Import Mail and Contacts. Enter your Yahoo address (include the @yahoo.com part), press Continue, then click Agree to give the app permission to access your Yahoo account.

Next, select the import options you want: import contacts, import existing mail, and/or import new Yahoo mail for the next 30 days. Finally, click Start Import.

It may take a couple of days for Google to import all of your Yahoo mail, if your Yahoo inbox is very full. Another consideration is that Google only imports the mail that’s in your inbox, not drafts, sent email, or email saved in other folders. To import such items, you will need to manually move them to your Yahoo inbox, then let Google import them. To check the status of your import, look under Settings > Accounts and Import.

Google assigns a label to each imported email; it is your Yahoo username. If you want to recreate the folders you had on Yahoo, you can import what’s in your Yahoo inbox, then delete the Yahoo inbox’s contents. Rename the new Gmail label to Yahoo-Inbox. Move the next folder’s contents to the Yahoo inbox and import to Google again. Rename the Gmail label to match the Yahoo folder name, and repeat for each folder. It’s tedious, but it works.

Are you still using Yahoo Mail? Do you have a plan to switch to Gmail or another webmail service?It’s time to really rethink your options before it’s too late.

Don’t forget our 10th year Customer appreciation party coming up, there will be 10 hours of live music,fun and prizes don’t miss out be there!

Have a great week

Deuce Marjeta and the ZI Staff.

More Goodies in store for you on October 27th!

by

So you already know ZoHa Islands is celebrating its tenth year with an amazing lineup of TEN awesome live performances right??

Just wait til you see the TEN Amazing prized we have lined up for you too!  From gift cards from some amazing designers across the grid, subscription boxes, or maybe even getting a free week of tiers?  You don’t want to miss this super fun party or these prizes.  See Below for details!

Image result for prizes

There will be a prize given each hour for TEN hours straight!

“Cheeky Pea” Giftcard (Home Decor and Furnishings)

“The Loft” Giftcard  (Home Decor and Furnishings)

“Fancy Decor” Giftcard (Home Decor and Furnishings)

“+Half Deer+” Giftcard (Home Decor, Accessories)

“Jian” Giftcard (Home & Garden, Pets & Animals)

“Apple Fall” Giftcard (Home Decor and Furnishings/Homes)

November Subscription DecoCrate distributed by MadPea Productions

Cash prizes

Tier Credits in Various Amounts (More to come)

 

1PM – 2PM Mimi Carpenter
2PM – 3PM Wolfie Starfire
3PM – 4PM Winston Ackland
4PM – 5PM Melenda Mikael
5PM – 6PM Samm Qendra
6PM – 7PM Cryptic Harmony
7PM – 8PM Saramarie Philly
8PM – 9PM AM Forte
9PM – 10PM Alex Mays
10PM – 11PM Gibson

ZoHa Islands 10th Anniversary Fall Celebration!

by

ZoHa Islands is turning 10!  In celebration of this wonderful achievement in Second Life, we’d like to announce our annual fall celebration with a 10 hr performance, with 10 great live performers and 10 exciting prizes (TBA).

October 27th, 2017!! Mark them calendars!

Yes that’s a whole lot of 10’s and we are sure this will be a 10 of an event as well.  We hope to see you all there!

Here is a tease preview of a little bit of what we have in store for you who make ZoHa Islands the success it is today!

1PM – 2PM SLT 

MIMI CARPENTER

14054235_218543648547974_1322256833751850810_nKnown for her distinctively gentle, French lilt, Mimi Carpenter’s talent as a self-taught musician has graced the Second Life music scene for a decade. As her presence and talent grew, so too did her repertoire of covers and originals. Mimi’s extensive song list doesn’t just highlight the eclectic tastes and influences upon her development as an artist, which includes rock, indie and pop. The inclusion of English, French, and German language songs reflect the travels and experiences living throughout Europe and abroad.

So it should come as no surprise that a couple years ago Mimi chose not to limit herself to the acoustic guitar and began to incorporate piano to her sets. Mimi has branched out into sharing her music at real life venues in Germany, as well as posting some of her latest music to YouTube. Never one to settle and languish, Mimi’s shows continue to share her journey always moving forward in life and music. ~Written by Garrett Lutz~

s posting some of her latest music to YouTube. Never one to settle and languish, Mimi’s shows continue to share her journey always moving forward in life and music. ~Written by Garrett Lutz~

2PM – 3PM SLT 

WOLFIE STARFIRE

Wolfie Headshot

Wolfie Starfire

Wolfie Starfire, also known as Meg Groves in real life, is an up-and-coming artist who grew up surrounded by music, theatre, and art. She took interest in theatre at a young age, and aspired to be successful in the worlds of both music and film. She took many singing, acting and dance classes, and she dabbled in the film and commercial industries. Her desires are entirely based on some day becoming an acclaimed songwriter like Taylor Swift and an acclaimed singer and actress like Kristen Chenoweth. Meg is currently pursuing a BFA in Acting at Coastal Carolina University.

With her love of music firmly in tow (and hoping to share her music with others), Wolfie released her first album, Spark, which is a heartfelt blend of contemporary pop, country, and blues, with a musical ability that belies her young age. She has a gift for writing her own music and lyrics, which are inspirational, thoughtful and moving. This ensures that more than a few of her songs will get stuck in your head while you listen to each of her tracks.

Wolfie believes that music should tell a story or a lesson in life, which leads her to write songs that have real meaning and lyrics that others can relate to them. This makes sure that each song expresses how she feels, while still encouraging each listener to discover what each song can mean to themselves.

3PM – 4PM SLT 

WINSTON ACKLAND

graffiti-winston-2b

Winston Ackland

Premier Second Life live performer and real life music professional, Winston Ackland provides smiles with his clever original works and quirky adaptations of obscure covers. Somehow, it all makes sense as audiences relax in a comfortable atmosphere and enjoy innovative songs crafted from a blend of rock, blues, bossa nova, jazz and lounge. Winston is able to connect with in-world audiences like no other.

Simply put, Winston Ackland is a musical party with old friends you haven’t met yet.

Resume:
Accomplished RL musician for over 20 years. December of 2008, RL and SL merged when Winston’s cover of “Lithium” hit the big screen in 20th Century Fox Films blockbuster hit, “Marley and Me”, and again in the summer of 2012, when Winston’s cover of “Psycho Killer” was featured in Oliver Stone’s “Savages”.

4PM – 5PM SLT

MELENDA MIKAEL

 

Melenda Mikael’s love of singing started very young when she’d follow the sound of her grandmother’s singing throughout the house. Embarking in a life of singing from age six, Melenda started with choir, then progressed to musicals and singing competitions, where she earned the highest of praises, during her formative years. Growing up, she soaked up as much music everywhere she went. That diverse background is the reason that her shows in Second Life can run the gamut from Radiohead covers to jazz standards and Etta James. Some might characterize her as a quiet wallflower at first, and some may even find her voice to be tender as well. But make no mistake, Melenda’s voice is capable of belting out something powerful.

Continuing to sing, on and off, with several choir groups since growing up, Melenda has just recently made the leap to the live music scene here in Second Life. Currently, her shows are performed to backing tracks. But rest assured, she’s hard at work learning guitar, though she jokingly says one of the small road bumps is learning to tame an unwieldy, large guitar. She is forever grateful for the people that have helped gently push her down this path and she hopes that you enjoy the music. ~Written by Garrett Lutz~

 

5PM – 6PM SLT

SAMM QENDRA

Via Ms Qendrs’s Profile..such serne words.

Music is the way I speak
way i express my deepest emotions
when i sing , everything seems possible
When i sing , For once , theres only me in the universe where i can just be me
My musical Influence is LIFE
each and every bit of supports that i blessfully get in sl , is what keep me going ♥

6PM – 7PM SLT 

CRYPTIC HARMONY

8PM – 9PM SLT 

SARAMARIE PHILLY

14923900_10209119425720420_976362787_o

SaraMarie Philly

SaraMarie Philly was born and raised in Indiana (USA). Her parents both had factory jobs, but they also had a small rabbit farm. In college, she studied Voice, Piano, Clarinet and Violin at Indiana State University, and graduated from West Chester University in 2010 with a degree in Music Education.

Playing music for people creates a connection that goes beyond what can be expressed in conversation. For SaraMarie, it’s a way of sharing life experiences and expressing empathy for the experiences of the listener. These connections are what keep people interested in an artist’s music, and what keep an artist interested in sharing it. As a performer, connecting to the audience is important to her. In SL, singer/songwriter SaraMarie performs original and pop music covers, while playing guitar or piano.

In RL, Sara Tiemogo (SaraMarie Philly) released a CD in 2011. The songs were mixed and mastered by Grammy-nominated Producer, James Cravero. The CD is titled “Red” and has 12 fully produced original songs.

9PM – 10PM SLT 

AMFORTE CLARITY

amforte-masked-promo

AMForte Clarity

A storyteller, AMForte Clarity has captivated audiences with her tales of life and travels, experiences of being a Canadian living in the US and her daily challenges. She’s a singer/songwriter with an amazing voice and warmth of character that will make you think of her as more of a friend!

With influences that include U2, Nirvana, Radiohead, Alanis Morissette, Coldplay, Placebo, The Cranberries, and Elliott Smith, she plays mostly her own originals, and her cover tunes are songs she has taken and made her own.

10PM – 11PM SLT 

ALEX MAYS

alex2

Alex Mays

Alex Mays: Lead Vocal/Lead Guitar/Background
Genres: Rock/Blues/and so much more

Born and raised in rural North Carolina, Alex Mays grew up listening to his father play guitar and sing. At the age of ten his father gave him an acoustic guitar and started teaching Alex to play. He began learning his father’s favorites of old time rock and roll and country. By the age of 15, Alex began trying his hand at song writing and singing. He moved from his rural upbringing to Kalamazoo, Michigan at the age of 20. Alex began playing the Kalamazoo circuit and branched out into blues, jazz, and even tried his hand at bluegrass.

Alex Mays has been writing music for over 15 years. Styles ranging from Rock, Blues, Southern Rock and Jazz, Alex could never settle for one kind of music. Keeping music true and from the heart is his belief.

Now living in Kalamazoo, MI, Alex plays all over the world with different rhythm sections of choice. At his show you might also hear quite a range of styles, covers and originals.

11PM – 12PM SLT 

GIBSON

 

13880286_1074289675980172_7393211639457972283_n

                                      Gibson

A musician in real life for 20 plus years, Gibson is a singer/songwriter who plays piano and acoustic or electric guitar for his Second Life shows. You can find Gibson playing a number of genres of music, such as: Blues, Classic Rock, Pop and Today’s Hits. Gibson thrives in engaging with his audience, putting on an exciting and unique show each time he performs. This talented artist is a must see!

 

Does My Email or IP Address Reveal my Physical Location?

by

‘Can someone find a user’s identity (name, home address, etc.) simply by having their email or IP address or while playing in a game? I’m asking because I posted to an online forum, and both my email and IP address were displayed publicly. Does that give others the ability to find my actual geographic location? Can I be tracked down in any way?’ Read on to learn the answer to this common question…

Are You Invisible Online?

It’s true that your IP address is no secret. It’s a basic part of internet communication protocols to send your IP address whenever you connect to a website, send an email, make a forum/blog post, chat, play an online game, etc. Without your IP address, the computer on the other end wouldn’t know where to send the reply. Think of it as the return address on an envelope.

But that doesn’t mean that Evildoers can find your home address if they know your IP address. Knowing your IP address does NOT give anyone the power to hack into your computer, NOR does it reveal who or where you are. Typically, each time you go online (if you have dialup) or each time you start your computer (if you have cable, fiber or dsl) you will be assigned an IP address, randomly selected from a pool of IP’s assigned to your Internet Service Provider (ISP).

Finding the Physical Address for an IP Address

A person MIGHT be able to get a general idea of your geographic location, based on your IP address, by doing a lookup using a free Geo-IP database, but that will only tell them the physical location of your Internet Service Provider — not YOUR home address. Keep in mind that when you’re at work, your ISP might be your employer. (One easy way to find your current IP address is with the IP Chicken website.)

f you use a large regional or nationwide ISP, the IP lookup probably reveals nothing of interest — either the location of your ISP’s local switching facility, or a placeholder address that corresponds to the center of the town where you live. The IP address for most dialup users will be the location of the ISP’s central office. For AOL subscribers, your IP address lookup will always show the location as Dulles, Virginia — regardless of where you live. And if you’re connecting to a public wifi hotspot in an airport, library or coffee shop, the IP address will be associated with the wireless service provider – not you at all.

Bottom line: The address returned by an IP lookup *could* be within a few miles of your home, or it could be wrong by several orders of magnitude.

When The Law Comes A Knockin’

Of course there is an exception to every rule. If Joe or Jane User calls your ISP and wants to know who was using a certain IP address last Tuesday, the ISP will tell them to go away. But if an officer of the law hands your ISP a court order to reveal that information, they must do so. Your ISP’s logs will enable them to determine which customer was using a certain IP address on a certain date and time, and they must reveal that information if a court has found probable cause that a crime was committed by that person.

For the truly paranoid (or the criminally inclined) there are ways to surf the web anonymously. The Anonymizer service will act as a proxy between you and your ISP, and they claim that your information cannot be subpoenaed because they do not store it.

What About Email Addresses?

The same concepts apply to your email address. The part that follows the “@” sign is the domain name. This can be your ISP, your employer, a webmail provider, or an email forwarding service. Given the domain name, one can determine the owner’s physical location, but nothing personally identifying about the email user without a court order.

Of course, if your email address is something like Jsmith90210@acme-widgets.com, then you’re leaving little to the imagination of a determined hacker or stalker. Web-based email accounts are not truly anonymous, either. Even if you don’t provide your real name when signing up, they can capture your IP address and track you through your ISP if necessary. But again, a court order would be needed.

Other Considerations

It’s much more likely that you or your children will reveal your physical location the old fashioned way — by just blurting it out. Those who chat or play online games should be reminded often that they should never reveal any personal information, including their last name, phone number or home address. And of course, when you make an online purchase, you’re explicitly providing your home address to the merchant.

Oh, and if you have any spyware or viruses on your system, all bets are off. These things are designed to violate your privacy. If you need help with scanning your system for malware and other unwanted pests. See past article’s for details on how to protect yourself from those risks.

Thanks Bob for your insight to this article.

Have a Great Week

ZI Staff.

Here’s Why Your Password is Hackable

by

Over the past two decades, password rules have become more complicated and burdensome upon users. Users have coped with arbitrary, byzantine password rules by creating the most easily remembered passwords that comply with the rules, changing them when required in minor, predictable ways, and reusing compliant passwords on multiple online accounts. The results include lots of frustration and LESS security. Here’s how to do it right…

Everything You Know About Passwords is Wrong

A typical site now requires you to create a password at least 8 characters long that includes at least three or four types of characters: upper-case, lower-case, numeral, and special characters such as !, @, #, etc. In most cases, the resulting password is exactly 8 characters long, begins with an upper-case character, and ends with an exclamation point or the numeral “1.” Often it’s a recognizable name associated with the user, such as a child’s or pet’s name. If a password needs to be changed, it’s often only the last character that’s changed, and in a predictable fashion, i. e., “1” becomes “2,” “!” becomes “@,” etc.

Hackers know these official rules, and the de facto rules that users have created to comply with the least effort. They have hundred of billions of stolen passwords from which to figure out the rules, and they incorporate the rules in password-cracking software to make it more efficient. They also have massive computing power that can try billions of possible passwords per hour. The upshot is that most passwords actually in use can be cracked in a matter of hours.

One solution to human predictability is password-generating software that produces longer, more random passwords, and password-management software that remembers what site a password goes with. These functions may be combined in one software package, such as Roboform, Dashlane or LastPass.

But many sites deliberately thwart the use of password managers, either by forcing users to enter usernames and passwords on two separate screens or by adding code that blocks auto-filling of passwords. Apparently, the admins of such sites think a password encrypted and stored on a hard drive is as insecure as one written on a Post-It Note.

Another solution to remembering strong passwords is mnemonic – a sentence that’s easily remembered because it makes grammatical sense, and which contains the characters of a password that can be extracted by applying a simple rule. For instance, a password might be the first letters of the sentence, “My horse knows how to use 2 pink staple guns.” In fact, that whole sentence would make a virtually impenetrable password, if the official rules allowed spaces.

This geeky cartoon from XKCD.com illustrates the difference between passwords as they are and as they could be, if sysadmins allowed it. Following the official rules results in a password that’s easily cracked in 3 days, while the phrase, “correct horse battery staple” takes 550 years, far longer than any hacker cares to spend.

What About Those Password Strength Meters?

Research has found that users will create stronger passwords if they receive feedback about password strength as they create a password. But so-called “strength meters” often measure only compliance with rules instead of statistical strength, according to researchers at Carnegie-Mellon University. The CMU geeks have created a strength meter that uses a powerful neural network to calculate the true strength of a hypothetical password on the spot, and even explains what’s wrong with your password creation strategy. The rules they recommend are:

  • At least 12 characters per password
  • Capitalized and special characters in the middle of the password, not at ends
  • No names associated with pets or sports teams
  • No song lyrics
  • Avoid the word “love” in any language
  • Avoid patterns such as “123,” including keyboard patterns (“qwertyasdfg”)

I advise using a password generator/manager wherever possible. They’re getting better at circumventing the security-limiting roadblocks that some website owners think are important. If you prefer not to use password software, a memorable phrase is the next best thing. In the past, I’ve used the first sentence from the first paragraph of a certain page in an old book. For example, on page 67 of “The Autobiography of Benjamin Franklin,” I found the phrase “There are Croakers in every country.” It’s memorable, and it makes for a strong password. Or as mentioned above, you can apply a formula of your choosing to such a phrase.

What’s your password strategy? Do you use a password manager, a sticky note, or keep it in your head?

Have A Great Week

Deuce Marjeta and the ZI Team

[ALERT] Change Your Passwords… NOW

by

Zoha Islands Wants To Send Our Thoughts And Prayers To All The Victims Of Hurricane IRMA. With The Devastation Still Ongoing We Hope All Are Safe And Well….

 

And now on with this weeks blog.

A spammer’s database of 711 million email addresses and passwords, including email server admin credentials, Second Life information and access to your L$, has been discovered on a wide-open Web server in the Netherlands. It’s the biggest trove of stolen identities yet found. But what’s really interesting – and frightening – is how it’s being used to circumvent spam filters and infect victims with malware. Here’s what you need to know, and do…

This Spam-bot Probably

Has Your Email Credentials

The database was discovered by a Paris-based security researcher who goes by the online handle of “Benkow.” He or she has spent months analyzing the data and tracing how it has been used. Benkow says at least 100,000 email accounts have been infected with the Ursnif banking malware via the “On liner” spam-bot that compiled and uses this massive database.

Ursnif scans a victim’s system looking for bank account login credentials in particular, but it will steal anything that looks like login credentials to email, e-commerce, social media, and other accounts. Ursnif uses an unusual technique to infect victims’ systems.

Most malware spam employs a file attachment that triggers the download and execution of malware when it is opened. But many users are (finally) cautious about opening attachments, even if they appear to come from trusted contacts. So On liner embeds an invisible URL in each HTML message it sends. When the message is opened, the URL fetches a pixel-sized image from the spammer’s master server; the tiny image also goes unnoticed.

 

Along with the URLs request for the image, it also sends info about the target machine, including its operating system and device info. This data tells the spammer whether the target is vulnerable to the Windows-based Ursnif malware. If not, there’s no point in sending Ursnif to that target, and doing so might raise unwanted attention.

Weeks or months after sending the probing email to millions of targets, Onliner sends another email with a disguised attachment to the few thousand Windows targets it has identified. The attachment may be presented as an invoice or some other important document. If the attachment is opened, a JavaScript is triggered that downloads Ursnif malware to infect the victim.

But Wait… There’s More!

Another clever trick allows On-liner to evade email servers’ spam filters. Many filters rely, at least in part, on lists of domains known to host spammers. But with the login credentials of an email server’s administrator account, On-liner can exempt its spam from being filtered. The database Benkow discovered contains over 80 million email servers’ admin credentials.

The database includes the admin credentials of 80 million email servers, which are used to spam 630 million email accounts. Onliner has been infecting victims with credential-stealing malware, but it could switch to “botnet” malware that enslaves victims’ computers to send spam, participate in denial-of-service attacks, and other shenanigans.

Here’s another troubling aspect of this situation. If a hacker has access to a compromised email address and password, they can do what’s called credential surfing. Many people use the same login credentials for multiple online accounts. So a hacker may use your email credentials and attempt to gain access to your online banking, social media, Paypal, eBay or other popular sites.

What You Should Do

On-liner goes to unusual lengths to avoid detection by spam filters and security researchers. You cannot rely on your mail provider’s spam filters to keep you safe. You can check the Have I Been Pwned database to see if your email address was present in this spammer database. But don’t be surprised, and don’t panic if it does. In fact, you should ASSUME your email address and password have been compromised.

You, the end user of email, are still the best and last line of defense. Here’s what I recommend:

  • Never click on an attachment without verifying who sent it, and why.
  • Change your email password every three months at least.
  • Use strong passwords, and never reuse passwords on multiple online accounts.
  • Use two-factor authentication whenever possible.

Have A Great Week

Deuce Marjeta

And the Zoha Islands team