Google cryptographer and all-round security expert Ben Laurie's been blogging some great security thinking lately. Today he's got a really fascinating, thoughtful piece about the problems of passwords:
So, where does this leave us? Users must have passwords, so why fight it? Why not admit that its where we have to be and make it a familiar (but secure) process, so that users can actually safely use passwords, phishing-free?
Do Passwords Scale?
The answer to this is deeply sad. It is because we have done a fantastic job on usability of passwords. They’re so usable that anyone will type their password anywhere they see the word “password” with a box next to it. Phishing is utterly trivial because we have trained the world to expect to be phished every time they see a new website.
Of course, we can fix this cryptographically - that’s easy. But let’s say we did that. How do we stop the user from ever typing their password into a phishable box from this day forward? So long as they only ever type the password into the crypto gadget that does the unphishable protocol, they are safe, no matter who asks them to log in. But as soon as they type it into a text box on a web page, they’re screwed.
So, this is why passwords are the worst usability disaster ever.
The most common way to die from taking a selfie is falling from a heights, followed by drowning. From Priceonomics: One-third of all people who met their demise in the midst of a selfie fell from heights — most commonly, a cliff or a building. In late August of 2015, for example, a 25 year-old […]
It’s no secret that license plate data is big business. Here’s a demo of how these companies gather data as they troll parking lots and public streets gathering indiscriminate license plate info, looking for matches on other databases.
The U.S. Consumer Product Safety Commission just released a very dry safety video about not blowing yourself up with fireworks for the holidays, so we made a peppier patriotic supercut.
If you’ve been blessed enough to avoid them yourself, you’ve definitely heard the horror stories. Late night, crushing out a ton of work, writing, coding, anything, then boom – your computer crashes. The battery blows, you spill water or coffee all over the place, or it just shuts down with no explanation, and you’re screwed. […]
You travel around a lot. It might be that jet set life from New York to LA to London to Tokyo, or it might be back and forth from the coffee shop to the office, or from the kitchen to the couch. Any which way, you’re mobile and that’s the way to live. When you […]
It’s 2016 and we like our technology really small. Our phones fit in our pockets, our remotes are lighter than ever, and even our cars seem to be shrinking. So your new drone shouldn’t be an exception. This Axis VIDIUS Drone is 21% off right now and it’s so little, your biggest problem won’t be […]