passwords

Time Warner Cable says data from 320K customers stolen

Time Warner Cable store in NYC, May 26, 2015.   REUTERS/Mike Segar
Internet and cable TV provider Time Warner Cable Inc. today revealed that up to 320,000 customers may have had their email passwords stolen.

Read the rest

Intel futurist Brian David Johnson heads to ASU's Center for Science and the Imagination

maxresdefault

Brian David Johnson (previously) is the futurist and theorist who used design fiction to help the company think about how its products would work in the future (I wrote him a story about the painful death of passwords). Read the rest

Paypal rolls out the welcome mat for hackers

online_payment (2)

It's not bad enough that Paypal is prone to shutting down your account and seizing your dough if you have a particularly successful fundraiser -- they also have virtually no capacity to prevent hackers from changing the email address, password and phone numbers associated with your account, even if you're using their two-factor authentication fob. Read the rest

Payment system security is hilariously bad

056c026d-1c66-4d42-9fae-a8e96df290c5-1020x910

In Shopshifting: The potential for payment system abuse, Karsten Nohl and Fabian Bräunlein showed attendees at Hamburg's Chaos Communications Congress just how poor the security in payment terminals is, and demonstrated several attacks that would let them harvest card numbers and PINs, make undetectable phantom charges and refunds to merchant accounts, and commit other mischief. Read the rest

Save 75% on elite password protection from Sticky Password

No need to struggle with remembering long and complicated passwords, Sticky Password is your password management and form filler solution, available for Mac, Windows, iOS, and Android. This lifetime Sticky Password Premium subscription protects your online identity by providing strong encrypted passwords for all your accounts, managed by a single master password known by you, and only you.

Strong, unique passwords, whenever and wherever you need themAutomatically log-in to recognized sitesCreated by the team behind AVG AntivirusChoose between cloud-based or local storageFill out forms instantlyUnbeatable security Support for all your devicesIntuitive interface

Get a Sticky Password Premium: Lifetime Subscription for only $25 in the Boing Boing Store Today Read the rest

3.3 million Hello Kitty website accounts leaked

056c026d-1c66-4d42-9fae-a8e96df290c5-1020x906

Last week, security researcher Chris Vickery discovered a database containing 3.3 million accounts from Sanriotown, a commercial Hello Kitty fansite operated by Sanrio, Hello Kitty's corporate owners. Read the rest

Israeli company's product can (allegedly) pwn any nearby mobile phone

056c026d-1c66-4d42-9fae-a8e96df290c5-1020x909

The Interapp from Tel Aviv's Rayzone Group is an intrusion appliance that uses a cache of zero-day exploits against common mobile phone OSes and is marketed as having the capability to infect and take over any nearby phone whose wifi is turned on. Read the rest

US State Department staffer sexually blackmailed women while working at US embassy

Phishing_Login

Michael C. Ford has pleaded guilty to accusations that he spent at least two years coercing at least 75 women into sending him naked photos of themselves and other women he demanded that they covertly photograph in dressing rooms and changing rooms. Ford worked at the US embassy in London while committing his crimes. Read the rest

How to stay safe online

safety-illustration-narrow

The scale and virulence of internet harassment often lingers in the news, but three women who have faced down the bullies are sharing their guide to staying safe online.

The advice is eminently sensible, well thought-out and derives, sadly, from all-too-familiar experience.

Feeling overwhelmed? Don’t have time to read the whole thing? Start with these three steps:

Set up two step verification Create unique, complex passwords Remove potential doxxing information

Created by Feminist Frequency's Anita Sarkeesian, Women, Action & the Media founder Jaclyn Friedman and Saying Abortion Aloud author Renee Bracey Sherman, the guide was made necessary by "the failure of social media services to adequately prevent and deal with the hateful targeting of their more marginalized users."

As this guide details, forcing individual victims or potential targets to shoulder the costs of digital security amounts to a disproportionate tax of in time, money, and emotional labor. It is a tax that is levied disproportionately against women, people of color, queer and trans people and other oppressed groups for daring to express an opinion in public.

Even if you're an old hand with the online safety basics, the miscellaneous tips are still unexpected and useful. For example, did you know can use free, throwaway VOIP numbers from Google to conceal your real cell number? Read the rest

Vtech breach dumps 4.8m families' information, toy security is to blame

image_thumb11

Vtech is a ubiquitous Hong Kong-based electronic toy company whose kiddy tablets and other devices are designed to work with its cloud service, which requires parents to set up accounts for their kids. 4.8 million of those accounts just breached, leaking a huge amount of potentially compromising information, from kids' birthdays and home addresses to parents passwords and password hints. Read the rest

France declares state of emergency, gives government Web-blocking, device search powers

France's National Assembly  lit with the colors of the French flag in Paris, Nov. 19, 2015, to honor victims of terrorist attacks. [Reuters]

In the wake of the Paris attacks, the French National Assembly has declared a state of emergency with sweeping powers, without any substantial debate. Included in the bill are the power to order the nation's ISPs to block websites without any judicial review or court order, and for authorities to seize and search electronic devices without a warrant.

Read the rest

Hospitals are patient zero for the Internet of Things infosec epidemic

mri

As I have often noted, medical devices have terrifyingly poor security models, even when compared to the rest of the nascent Internet of Things, where security is, at best, an afterthought (at worst, it's the enemy!). Read the rest

13 million passwords compromised in webhost hack

reset
The web-hosting service 000Webhost stored user passwords as plain text. We know this because 13 million of them were exposed in a five-month old hack whose consequences are only now becoming clear. Read the rest

Sixth grader sells artisanal Diceware passwords

IMG_2455-e1445538863131

11 year old Mira Modi, daughter of privacy journalist Julia Angwin, has a startup through which she hand-generates secure Diceware passwords for $2, which she mails in sealed letters through the USPS, "which cannot be opened by the government without a search warrant." Read the rest

Putting your kettle on the Internet of Things makes your wifi passwords an open secret

ikettle_2_7962a3df-6887-47bc-b430-33e8ad963e2e_grande

The $150 Smarter Ikettle lets you start your water boiling from anywhere in the world over the Internet -- and it also contains long-term serious security vulnerabilities that allow attackers to extract your wifi passwords from it. Read the rest

Thrust/parry/counter: the history of Web authentication

dd6

A beautiful piece of writing by Schabse presents the history of Web authentication as a series of conversational gambits and ripostes between someone who wants to let users prove their identity online, and someone who wants to impersonate those users. It's a great way to present a subject that's both esoteric and vital, and I've never seen it before. Read the rest

Mayor of Stockton, CA detained by DHS at SFO, forced to give up laptop password

I-do-not-consent-stickerB

Mayor Anthony R. Silva was on his way back from a mayor's conference in China when the DHS border guards confiscated his laptop and phones and detained him, telling him he would not be allowed to leave until he gave them his passwords. He has still not had his devices returned. Read the rest

Previous PageNext page