About HLOM
contents

Hyperlinkomatic Security

At the time of going to private beta, HLOM's security hasn't been fully tested. It's been built according to basic good security practices but real world pen-testing is yet to happen...

More news as it happens...

How Secure is HLOM?

For the time being HLOM is not secure place to store sensitive information. It is certainly 'tamper proof', but hasn't been sufficiently tested to be called 'secure'.

The notes field is not a good place to keep private passwords and logins. OK, the free accounts that things like newspapers insist on creating don't pose a threat to the security of your online identity, but details like PayPal logins really shouldn't be stored on HLOM.

During the beta phase of development we, the developers, will sometimes need to look at the data that you enter into HLOM. We'll undertake not to disclose that information to anyone outside of the development team, but just thought you should know...

Future plans do include building a secure, encrypted storage area for logins and passwords. We're not the kind of developers to take this kind of thing lightly; if we say secure, we mean really secure against really determined attacks from people with really devious minds. As you can imagine, that kind of security involves a lot of work, so it may take some time...

Using HLOM on public and shared computers

One of the key features of HLOM is the ability to access all those important links from any computer with a web connection.

If you happen to pop into a internet cafe, or borrow a friends PC to look something up on HLOM, there are two potential security weaknesses that are pretty much beyond our control and that you need to be aware of:

Browser login memory

When the browser prompts you for a user name and password there is checkbox marked 'remember password'. If this box is checked (and only if it is checked) the browser you are using will remember your password. And not necessarily just for you; it will allow anyone using that computer to access your account. It's fine to set your browser to remember on a personal PC that no one else has physical access to, just make sure that you don't allow publicly accessible PCs to remember your passwords.

Logging Out

Even if you close a the browser window that contains HLOM you are still logged in to your account. All very technical, but what it boils down to is this; you go to an internet cafe and log in to your HLOM account, do some surfing and then leave; the next customer on that PC, should they know how browsers work, will be able to go into your HLOM account and alter or delete your links.

The simple rule is you never leave a browser running on a public machine. Simply quit the browser; the next user will have to re-open it, and when they do they will no longer be able to access your account. (So long as you didn't allow the browser to remember your password - see above).

all feedback & comments on HLOM's documentation
is really very welcome indeed:
feedback@hyperlinkomatic.com

hyperlinkomatic.com
another really handy thing by
Vertebrate.co.uk
design with a spine