Top security tips for everyday computer use

For those of us who have been around computers for decades (I used my first computer in 1976!) there are some things users do to stay secure digitally speaking that seem obvious. But, those things are not necessarily obvious to new users or even those who have been using computers for a while but nobody has mentioned before. So, here are some tips:

1. Keep your system and software updated

Updates fix security vulnerabilities that hackers find and exploit. So, make sure your computer is set to update its operating system automatically. Similarly, antivirus software, web browsers, and all your applications should be regularly checked for updates. Sometimes they do this automatically, but not always. It’s also worth checking your hardware, like printers and routers, for updates to the built-in software that runs those.

2a Use a strong password

It’s important to use strong passwords ones that cannot be easily guessed or generated by software. Do this for all your accounts. There are huge lists of hacked passwords on the internet and software can easily run through simple passwords and find the weak ones.

2b Use a password manager

A good password manager such as 1password or KeePass, can help you generate strong passwords and manage them securely.

2c Don’t use the same password more than once

Don’t use the same password on different sites, if one site is compromised, then your password on those other sites will be compromised too.

2d Use two-factor authentication

Enable two-factor authentication (2FA) on your important accounts (email, banking, social media). With 2FA or MFA, instead of just using your username and password to login, you have to enter a PIN, or one-time passcode, from a trusted device, like your phone, which is sent to you via SMS or from an authenticator app on your phone. Even if a hacker gets your password, they cannot login without the passcode. Make sure you store a 2FA backup code in case you lose your phone.

3. Be wary of phishing attacks, online scams, and dodgy phone calls

Never click a link in an email or open an unknown attachment even if you think you know who it came from. There are lots of ways fake emails, websites, online messages, and even phone callers will try to trick you into entering login and other details into a dodgy site. Be more than cautious of anyone asking or trying to persuade you into giving out a password, PIN, date of birth or other details. Don’t be suckered by con artists and social engineering where someone contacts you and claims to be from Microsoft, Amazon, Google, or IT support etc. Nobody from any company will call you to help with your computer, ever.

4. Install & maintain security software

Windows and other operating systems often have inbuilt antivirus and firewalls, make sure they’re running and kept up to date. There’s generally no need to install a third-party antivirus on Windows computers and it will be set to keep itself updated by default.

5. Backup your important data regularly

Keep a copy of your documents, photos, and other files on an external drive or in cloud storage (Google Drive, OneDrive, Dropbox, iCloud). This means you don’t lose your data if your computer is stolen or fails, or you get snagged by ransomware. Better still, use two external drives and keep one in a different room from your computer and one in a different building, if you can and used cloud storage too.

Bonus tip: Be cautious on public Wi-Fi

Hackers can sometimes intercept your computer or logins if you’re connecting to an unsecured network in a hotel, cafe, or other site. If you’re out and about, use a VPN, like ExpressVPN, to hide your connection. It’s best to avoid logging into banking or sensitive accounts on public Wi-Fi unless you really have to. Even then, there’s always the option of using your phone as a personal hotspot instead of connecting to public Wi-Fi, but remember that will use up your phone data.

It’s worth adding that you might imagine a site to be unimportant and so not worry about 2FA or strong passwords. But, hackers hoping to steal your identity and then gain access to your bank account and other important sites can use tiny pieces of information they glean from hacked logins to your less important sites.

Glossary

Antivirus Software – A program designed to detect, prevent, and remove malicious software (malware) from a computer.

Authentication – The process of verifying a user’s identity before granting access to a system or account.

Authenticator app – A mobile phone app that generates a one-time password or PIN as part of 2FA, that you enter after username and password, as an extra security layer. Google, Authy, MS Authenticator are the well-known ones, but some password managers have an inbuilt authenticator app too.

Backup – A copy of important files stored separately (e.g., on an external drive or in cloud storage) to prevent data loss.

Baiting – Offering something tempting (e.g., a free USB drive infected with malware) to lure victims into compromising security.

Browser – A software application (e.g., Firefox, Chrome, Edge) used to access and navigate the internet.

Cloud Storage – Online storage services (e.g., Google Drive, Dropbox, OneDrive) that allow users to save and access files from any internet-connected device.

Encryption – A security measure that scrambles data so that only authorized users can read it.

Firewall – A security system that monitors and controls incoming and outgoing network traffic to block threats.

Hacker – More properly, a cracker. A person who attempts to gain unauthorized access to systems or data, often for malicious purposes.

Hardware – The physical components of a computer (e.g., motherboard, processor, memory, hard drive).

Malware – Malicious software designed to harm or exploit a computer, including viruses, spyware, and ransomware.

Multi-Factor Authentication (MFA) – A security method requiring multiple verification steps (e.g., password + phone code, and passcode device) to access an account. Banks often enforce username-password login, with 2FA, but also require a one-time passcode from a digital device, like a USB stick or keypad they provide.

Operating System (OS) – The software that manages a computer’s hardware and software (e.g., Windows, macOS, Linux).

Password Manager – A tool that securely stores and generates strong passwords for different accounts.

Phishing – A cyberattack where hackers send fake emails or messages to trick users into revealing sensitive information.

PIN (Personal Identification Number) – A short numeric code used for security (e.g., banking or unlocking devices).

Pretexting – Creating a fabricated scenario (e.g., pretending to be IT support) to trick a victim into providing information.

Public Wi-Fi – Wireless internet networks in public places (e.g., cafes, airports, hotels) that can be insecure.

Ransomware – A type of malware that locks or encrypts a user’s files and demands payment to restore access.

Router/Modem – A hardware device that connects a local network (home or office) to the internet.

Scareware – Displaying fake security alerts to trick users into downloading malicious software.

Social engineering – We used to call this a con, or confidence trick. It’s a manipulation technique that exploits human psychology to trick people into revealing confidential information or taking harmful actions.

Software – Programs and operating systems that run on a computer.

Spam – Unwanted or unsolicited messages, usually advertising or scams, often sent in bulk via email.

Spyware – Malicious software that secretly gathers information about a user’s activities.

Tailgating (Piggybacking) – Physically following an authorized person into a secure area without proper credentials.

Two-factor Authentication (2FA) – A security feature that requires two forms of verification before logging in (e.g., password + SMS code).

Virtual Private Network (VPN) – A service that encrypts internet traffic and hides a user’s location to improve privacy and security.

Vulnerability – A weakness in software or hardware that can be exploited by attackers.

Windows Defender – Microsoft’s built-in security tool that protects against viruses and malware.

Wi-Fi – A wireless network that allows devices to connect to the internet.

Why I am not using REDNote

REDNote, also known as Xiaohongshu (Little Red Book), is a Chinese social media platform. It was launched in 2013. It has hundreds of millions of users. REDNote is a bit like Instagram and focuses on lifestyle topics such as travel, fashion, and beauty. Well used and well liked by young women in China, apparently.

When the US looked like it was about to ban TikTok, American users signed up for REDNote in huge numbers. Interestingly, for a brief moment before TikTok was reinstated in the US, there were some cross-cultural revelations as many Americans interacted and encountered people from China online, perhaps for the first time. Indeed, given that unlike TikTok, REDNote prioritizes content tailored to user interests over follower-based algorithms, it has fostered those cultural exchanges as Chinese users welcome American newcomers, helping them adapt to the platform.

I was curious about the app’s safety credentials and asked a security expert friend of the blog, Adam Stewart, whether I should sign up for REDNote and see what all the fuss is about and he simply said “Avoid!”

Now, despite my usual eagerness to try any new social media outlet, I was on Plurk even before Twittr [sic], I have taken Adam’s advice and not downloaded the REDNote app and not signed up for an account; the T&Cs are in Mandarin so that was something of a barrier anyway as my Mandarin is not as good as my Cantonese, and that’s non-existent. Meanwhile. Adam, being a security expert did install the app, but on a burner phone, and ran some network and security test to see exactly what this app is doing.

“REDnote connects out to various China servers,” Adam told me.” Also, some streams are not encrypted and some don’t do proper certification checks.”

This sounds worrying, to say the least. All those new American users perhaps unwittingly sharing data from their phones with servers unknown in China. Given the political landscape of that country, I’d also want to know whether the Chinese government or other agents have hooks in those third-party servers. Indeed, given that all technology there is potentially monitored and subject to governmental oversight under China’s cybersecurity laws, it is reasonable to assume that the government could indeed have access to any of your harvested data via those third-party servers if it needed to get hold of it. At the very least, there is the potential for any data on any app in China to be accessible to the government.

Perhaps the warning signs were already there. In December 2022, the government of Taiwan banned public sector employees from using Xiaohongshu on official devices due to national security concerns. But, REDNote is yet to face the same scrutiny as TikTok from privacy advocates and security experts. It has to be said that its data policies and transparency may not align with what those e outside China would consider acceptable. If you must use the app, I’d advise reviewing all the permissions and avoid sharing sensitive information on the platform.

Of course, it’s worth adding that TikTok and REDNote are not particularly special in collecting data, hundreds of the apps we all use every day collect data, sometimes without us really knowing. Moreover, if that data is not end-to-end encrypted and you’re based in a rogue state or even the land of the free, governments can easily compel companies to hand over their users’ data. Your privacy could be compromised in an instant by almost any app.

You might think that using a Virtual Private Network on your phone would offer some protection. VPNs are useful in many contexts such as connecting to public Wi-Fi hotspots. But, as Adam points out, apps like REDNote and others tend to link to your phone number and use it for registration so having a VPN won’t help with where that data ends up and how it is linked to you individually.

If you feel you can’t live without REDNote at least consider the following security advice when installing:

Review the permissions it requests – Block or disable any with which you’re not comfortable, such as microphone, contacts, location.

Use a burner phone – Because the app hooks into your phone number, perhaps use a secondary non-mission-critical phone or a secondary SIM.

Use a disposable or non-critical email account – Don’t link the app to your other social media or main email account(s), especially not mission-critical ones or work accounts.

Consider carefully the things you share on the app – If you don’t want it on the internet, don’t put it on the internet. Something us ancient net users have been saying for decades, long before the web, social media, and apps.

Stay up to date with developments – Keep up with the tech news and especially any stories about data breaches or hacks, it might be too late once an app is breached or there is an issue, but you might be able to salvage some privacy or security, if you’re aware of what’s happening.

Oh, and one more thing. People often ask “why are you worried about privacy, if you’ve got nothing to hide?” A good response is to ask them why they have frosted glass for their bathroom windows!

This article is intended for informational purposes only and does not constitute legal nor formal cybersecurity advice. Readers are encouraged to consult with experts for specific guidance.

What is social media like these days?

Here’s a quick summary to explain the feels on the various social media as I perceive them:

Twttr – Trolls, babebots, bigotry
Threads – Engagement bait, passive-aggressive putdowns
Facebook – Parochial whinging
LinkedIn – Needy networking
Mastodon – Mastodon discussions
BlueSky – Friendly chat, sharing, info

Guess where my focus is, right now. I know it’s what you make it, but it feels like BlueSky is the place to be, especially as there has been a big influx from other socials in the last week or so. Lots of the old gang from the early days of socials are reaching BlueSky now

Sciencebase social links

Social Media

BlueSkyMastodon | Facebook

Photography

Instagram | GuruShots | 500pxImagingStorm

Music

BandCamp | Spotify | AppleMusic

Incidentally, you can easily get to my other social media pages. All you have to do is use a link like this – https://sciencebase.com/social – but swap the word social in the link for whichever service you are hoping to find me on.

For example swap the term social for  mastodon: https://sciencebase.com/mastodon and that will take you straight to my Mastodon page.

It works for all the above and these:

SoundCloud, Vimeo | Twitter/X

LinkedIn, Spotify, Discord, Quora, Bandlab

MediumYoutube, Google Scholar | RefraktThreads

Tumblr, Paragraph, TikTok, Reddit, PixelFed

I’ve even set one for Notepin, although all I’ve published there is a link pointing back to this page! Click through to see what I mean…it’s possible I might add other material. It’s US$11 per annum if you upgrade to be able to post photos etc

If you have control of redirects on your own website, you can use your domain as your own link shortener.


Meanwhile, just for fun, I asked ChatGPT to come up with some inspirational words to encourage you, dear reader, to follow me on social media…so here those words, take your pick with regard to which one persuades you to follow me, hahaha!

Join me on my social media journey and stay updated on all of my latest adventures!

Let’s connect and share our passions together on Mastodon, Facebook, Instagram, and more!

Life’s too short to not follow your favorite artists and creators. Join me on my social media platforms and let’s make the most of every moment.

Social media is all about building meaningful connections. Follow me on my various accounts and let’s create something special together.

From music to art to everyday musings, you never know what you’ll find on my social media pages. Join me and see for yourself!

Join my social media community and never miss a beat. We’ll stay connected and inspired together.

Social media isn’t just about likes and follows – it’s about creating real connections with real people. Join me and let’s make something beautiful.

ChatGPT then adds “Remember to keep your message authentic and true to your personality, and don’t be afraid to inject a little humour or personality into your writing. Good luck!” If I were to be authentic and true to my personality I definitely wouldn’t use words like “journey” or say anything quite so pretentious as to talk of “meaningful connections”. If you want to follow me, please do, that’s the message, plain and simple.

PickBait

So much of what shows up on social media, Threads in particular, it seems, is what might be referred to as “engagement bait”. It’s often inane or perhaps an inflammatory comment, it could be a boring or open-ended question, a reboots of stuff from other places that might be years old, some cliched statement with no qualification, for instance. It all seems like a rather pathetic and lame attempt to boost one’s reach and gain attention, to get interactions for the sake of interaction. I won’t embarass anyone by sharing examples, they’re endless anyway and it would take weeks.

The phrase “engagement bait” is itself a bit lame though. There must be a better phrase. “Interaction bait” is one alternative, but just as inept. We need something closerto “clickbait”. Perhaps “likeBait” or thinking of Donkey in Shrek, “PickMeBait”…or to abbreviate that “PickBait”. That’s it, PickBait!

Pah! Are we there yet?

What did you do during the Facebook downtime, Daddy?

In a recent incident that caught the attention of billions of users, a major social media platform (Facebook) experienced a widespread outage, leaving users unable to access their accounts for several hours. Many of them quickly migrated to their other social media accounts to gripe. Of course, as such disruption unfolds, initially users will perceive it as an individual issue, a problem with their phone or PC. We all occasionally get “session expired” notifications but are able to log back in to our apps, many people faced with this tried and were then told their password was incorrect and 2FA systems failed. It soon became apparent that this was a system-wide problem affecting all Facebook users.

The incident highlights an important lesson in recognizing systemic failures. Often, when faced with technical difficulties, individuals may assume that the issue lies with their own devices or accounts. However, as demonstrated in this case, persistent problems affecting numerous users indicate a broader issue with the platform itself.

The implications of such a widespread outage extend beyond inconvenience for users. First off, imagine not being able to use your social media and having to interact with the real world, chatting face-to-face with other humans, listening to bird song, smelling the roses, going for a walk in the fresh air!?!?!?! Whatever next?

Social media platforms do play a significant role in our lives and in modern communication, commerce, and information dissemination in general. When these platforms experience downtime on such a large scale, it disrupts not only individual users but also businesses, organizations, and even governments that rely on them for all kinds of activities including meeting social and healthcare needs in many instances.

Such incidents underscore the importance of strong infrastructure and contingency planning for technology companies. In an increasingly digital world, ensuring the reliability and resilience of their online services is important. Companies must invest in putting backup measures in place, in proactive monitoring systems, and rapid response protocols to minimize the impact of potential outages and so be in a position to resume normal service quickly. I mean, imagine having to spend more than an hour talking to other people face-to-face or taking a long walk, like maybe a mile or more!

What’s a skeuomorph, anyway?

A skeuomorph, derived from the Greek skeuos, meaning container or tool, and morphe, meaning shape, refers to a design element retaining attributes of older structures that are redundant in the current form. These elements serve to imbue novelty with familiarity, aiding users in understanding new devices or systems.

They’re not solely functional; aesthetic considerations often prompt their use. There are lots of examples: pottery adorned with imitation rivets reminiscent of metal pots, lightbulbs mimicking candle flames complete with a flickering effect, and software calendars and address books resembling their paper counterpartsplanners.

There are also auditory skeuomorphs, such as clicking sounds when you tap a “button” on a touchscreen. Indeed, the notion of buttons on a touchscreen is also an example of a skeuomorph. Another familiar auditory skeuomorph is the faked sound of a camera shutter moving in a device, such as a phone or digital camera, both of which lack a conventional, physical shutter.

Skeuomorph design cues have a practical and aesthetic component often helping to bridge the gap between an old familiar device and the present system with the aim of improving the user experience.

There are countless other examples of skeuomorphs:

The tiny, non-functional handle on a glass maple syrup bottle.

Embellishments on stone buildings reminiscent of construction features on wooden buildings

The graphical user interface of modern computing, which commonly emulates switches, toggles, dials, and buttons of conventional electrical and electronic devices. The file and folder symbols resembling pieces of paper and filing cabinets. Even the floppy disk icon that is used to represent the Save function. Screen-based typewriter keys that also click like a typewriter when tapped. An envelope symbol to represent email

Vinyl and other plastics patterned to resemble their earlier wooden counterparts in various areas, vehicle trim, flooring, furniture, wall coverings

Pushbutton telephones designed with a fake dial to resemble an earlier type of telephone. Dialtone sounds on digital phones that no longer require a dialtone for technological reasons

Electric kettles with the design of stove-top kettles

Velcro fastenings with a fake buckle overlay

Mock Tudor architecture

Faux leather

Distressed furniture

Fake stone facades and brick veneers

Artificial flowers and fake plastic trees

Animal print fabrics

Artificial turf

Leatherette

Scented fabric softeners, scented candles, air fresheners, perfumes, scents, eau de cologne

 

 

What’s a link shortener, anyway?

I posted a survey about the likelihood of users clicking a charity or fundraising link that had been shortened with a tool like tinyURL, bit.ly or j.mp, or buff.ly. To my surprise, there was a comment from one follower telling me that he didn’t know what a link shortener was.

Well, link shorteners are online tools that convert long website addresses, (URLs) into shorter, more manageable links. These shortened URLs redirect users to the original, longer URL when clicked. Many sites, like Amazon, Twitter, Wikipedia, and Youtube, have link shorteners to allow you to copy and share a shortened version of an internal link from their services.

I’ve discussed previously how you can use your own web domains to shorten URLs and I do this a lot so that my social media links follow this format: sciencebase.com/social

Link shorteners serve several purposes:

Space-saving: Shortened URLs are particularly useful in platforms with character limits, such as Twitter, where every character counts towards the overall limit. They allow users to share links without worrying about exceeding character constraints.

Improved readability: Long URLs can be cumbersome and difficult to share, especially in printed materials or verbally. Shortened URLs are more concise and easier to transmit.

Tracking and analytics: Many URL shorteners offer tracking features, allowing users to monitor the number of clicks, geographic location of users, and referral sources. This data can be valuable for analysing the effectiveness of your link sharing.

Customization: Some URL shorteners offer the option to customize the shortened link with a branded or memorable alias.

So, those are the benefits, but there are some drawbacks too:

Loss of control: When you shorten a URL using a third-party service, you are essentially relying on that service to redirect users to the correct destination. If the service experiences downtime or discontinues its operations, your shortened links will no longer work.

Security risks: Shortened URLs can obscure the destination, making it easier for malicious actors to disguise harmful or phishing links. Users may be hesitant to click on shortened links from unknown sources due to security concerns. This was the origin of my question regarding charity links.

In time, we discover ourselves

I was discussing, with my photographer friend, Andy, the endless and inevitably futile task of chasing likes and shares for one’s creative output online. He’s a relative newbie to social media and this quest for some kind of validation having only taken up photography and joined social media several years ago.

Me? I’ve probably wasted decades chasing something that doesn’t exist, posting endless photos to some, but ultimately insufficient acclaim, sharing songs and instrumentals on all kinds of platforms and reaping scant reward in terms of listens and that zero-probability chance of being discovered.

I suppose I am reasonably Zen about it all, especially after so long. There was a time, at least, when my science writing had some traction. This website was getting 20000 unique viewers every day at one point. I had 54000+ Twitter followers back in the day, and it helped my book Deceived Wisdom reach the giddy heights of an Amazon bestseller for a couple of weeks, ranking higher than contemporaneous publications from Prof Brian Cox and Sir David Attenborough, which was certainly gratifying. You will notice, it’s something I am still talking about more than a decade later.

I’ve ranked fairly well for some of my photos, songs, websites, and writing, have even won a few awards for all of those things, with the exception of the music, admittedly. I’ve had reach and traction, and I’ve had those much-vaunted likes and shares. If this were a working-life sentence, you could say I’ve done my time. Well, not quite, I’m still working and still hankering for more of that elusive acclaim, hankering to somehow be discovered. But, by whom and to what end?

My photographer friend had something quite profound to say, it was rather philosophical, although in his response during our discussion, he shrugged it off with a flippant lol. But, it wasn’t a thought to be shrugged, hence this blog post. His comment in the context of this vain hope of being discovered got me thinking…this is what he said:

I think over time we discover ourselves

After I’d drafted this post, Andy and I talked a little more. “We all like validation,” he said. “Social media exists because of it. But is it a hunger that can ever be satisfied? The question I ask myself is what’s the real joy in photography?”

For me, the joy is in being there, trying to get the shot. The selection and editing is a secondary thing. The sharing a nice shot and getting a few likes is tertiary. While we were chatting, Andy chipped in with an update on his garden birds. “Just saw a Goldcrest in the magnolia tree,” he told me. “I resisted the urge to grab the camera and rush outside in the vain hope of a picture, but instead enjoyed a few moments watching it through the binoculars.”

Andy added that a moment like that in photography helps bring some Zen into one’s life. “When you look through the viewfinder and all that exists in the world is what you can see. That’s totally in the moment,” he told me. He added that then there are all the awful failed photos and missed opportunities with Goldcrests, for instance. “That helps you deal with disappointment and also helps instil a sense of patience.”

Speaking of patience, patience is an inbuilt app that can help with your photography, as I wrote here some time ago.

I must claw back some of my integrity here. I have not spent the last twenty years solely craving likes and shares for my creative output on social media. I have been enjoying the creativity, the learning, and, of course, the earning a living through some of it. And, more to the point, regarding the more arty stuff, the photography and the music have been unpaid hobbies, as opposed to the writing being a paid one. And, in addition to that there has always been the fun of chatting with so many different people online over the years, when you’re a freelance working from a home office, that feels kind of important when there’s not so many opportunities to chat offline during the working day.

They’re hobbies with an output, you might say, an image, a tune, but critically they are hobbies that have led to great friendships. Friendships with fellow photographers, such as Andy, with my singing mates in choir, with the people in my band, and with several others that I’ve shared a stage with over the years or performed alongside from the theatrical pit. It’s still all happening, it’s always a blast. People sometimes even tell me they like it, amazingly…in the offline world. The fun and friendships are far more important than the ephemeral accolades of online.

Is it time? Have I discovered myself, Andy?

My Light, My Sky – AI artwork for a song

I realise there’s a lot of ongoing debate regarding generative AI tools, especially those that have putatively been trained on copyright material without permission from the creators. It’s generally impossible to know what work has been used as source data for the likes of Dall-E, ChatGPT, and MidJourney etc, unless you work in their back office, presumably. However, I do know that some of my copyright material, books, potentially website content, photos, and perhaps even some of my music, will have been used to train various AIs over the last few years.

AI generated artwork with sullen sky, mountains, a central tree and a weird river
AI-generated artwork with sullen sky, mountains, a central tree and a weird river

I think there needs to be some kind of permission system in place and a royalty/payback system to compensate artists and creators for the use of the output as training data. I suspect that horse has bolted, as it were, and neither of those things will come to pass. Meanwhile, I feel that given that a lot of my content is likely to have been used to train AIs, I’m almost justified in clawing something back from those AIs.

In this case, I have used a couple of tools to generate an image as artwork for my latest song, My Light, My Sky, the origins of which and the development thereof I mentioned here recently.

First, I asked ChatGPT to come up with a prompt for an image AI to help me generate some Hipgnosis-type artwork for my song. My initial prompt to ChatGPT told it to “act as an expert in album artwork” and to “give me a prompt to use with a generative AI for creating images”. I added the lyrics from my song as part of the initial prompt and this is what ChatGPT came back with:

Generate an album cover in the style of Hipgnosis that captures the essence of a journey, the intertwining elements of water, dreams, and loss. Incorporate surreal and symbolic imagery such as raindrops turning into streams, rivers flowing to the sea, and scenes of introspection. Use a color palette that conveys both the beauty and melancholy of the lyrics. Ensure that the cover evokes a sense of mystery, emotion, and the passage of time. Consider including elements like shattered dreams, reflections, and a connection to the sea as central motifs.

I then used that prompt in Img2Go’s AI Creator Studio to get it to produce an appropriate image to which I could add the song title and my name. It looks rather evocative and Hipgnosis-like although that tree that looks like a Cedar of Lebanon or a chink of broccoli is reminiscent of Yes album artist Roger Dean.

I ran the AI a second time and got a similarly evocative image, but without the tree. I imagined this one as the back of the record sleeve for my putative 7-inch. I added the lyrics to the graphic:

A couple more iterations with some minor tweaks to the prompt that ChatGPT had given me generated some amusing images with silhouetted figures. In one, a woman is seen standing up to her waist in water and carrying an umbrella. This is quite a nice idea for an album cover…very Hipgnosis, very Magritte. The ludicrous notion of being soaked up to the waist but protecting one’s upper half from the rain with an umbrella! The album might have been entitled “Staying Dry” or “Underwater” or something…

Another version of the same prompt, simply adding the word umbrella to the end generated this: