I used to have one password.It was the password to my Unix student account and it was in the mid nineties!
Since then, I must have dozens of passwords for work/home computers, websites, files, etc. Having a truly different password each time is almost impossible unless you use some kind of password safe application. Or you could use some kind of clever formula, I do emphasise on the “clever” because if your formula is to generate the same password with a simple variant at the end of it, a hacker who has access to more than one of your password could find out what that formula is quite easily.
Another issue is the username. Most security warnings are related to users having the same password, although it is indeed true, there is also an issue with using the same username everywhere. I would argue it is more important to start with a known username than a known password.
The recent ...
>>[READ MORE]
An action on Data Privacy
#51 - Posted on
13 October 2011 - Author: SM - Category: Security
The Inquirer recently ran a story about a group targeting Facebook and their use of your personal information. This group called “Europe Vs Facebook” claims that Facebook not only stores information about you even after you have deleted it, in other words it never really get deleted, but that they also create ghost profile of users who opted not to be on Facebook in the first place.
I find this very interesting because technically it is quite possible… Even if someone is not on Facebook their photo can be uploaded and their name tagged to it. It would require much more intelligence though to be able to correlate some information about that person discussed in Facebook mails/messages but it is in theory possible.
Although many people have wa...
>>[READ MORE]
Farewell Mr Jobs.
#50 - Posted on
6 October 2011 - Author: SM - Category: Misc
MOVA, ONLIVE, DIDO and a bit of magic (and maybe Aliens! ;)
#49 - Posted on
23 August 2011 - Author: SM - Category: Misc
This is a bit of an unusual post for this site because it is not directly related to IT Security, but I have recently watched a video of a lecture by Rearden CEO Steve Perlman that I found truly inspiring!
Steve Perlman is the Steve Job of Engineering.
He has participated/invented/funded many different cutting edge technologies and gave an overview of 3 of them in his lecture. What strikes me is how all those technologies are linked together even if isn’t necessarily obvious. It would be tempting to say it is all driven by his apparent interest in gaming but that would be too simplistic, it is driven by a desire to invent new technologies and not being afraid of rewriting the rules!
1. The first technology he spoke about is MOVA, which apparently rewrote the rules on how computer generated 3D characters were done (and more if you look...
>>[READ MORE]
New Dropbox Issues and a work around
#48 - Posted on
18 August 2011 - Author: SM - Category: Security, Guides
More issues have been found with Dropbox, they were major issues and the researchers worked with the vendor to fix them before going public.
Although they are now fixed they highlight the time bomb Dropbox is for enterprise users as usage convenience and security risk ignorance means sensitive information is likely to be transferred centrally on Dropbox from many different companies and user profiles.
The 3 security issues discussed in the this article were:
– Hash value spoofing to access other customer’s data
– Stealing Dropbox hostID to access other customer’s data
– Potential replay attack when providing other customer’s data hash combined with any valid host ID (i.e.: the attacker’s host ID) to get access to the corresponding data.
One key point made in the article is ...
>>[READ MORE]
RSS Feeds
My take on SANS 660, The HexFactor and Netwars
A job at GCHQ?
iOS 5 Vulnerabilities for iPad2 and iPhone 4S