CEO Kent Lawson explores “the dark side” of hackers — a scary reality that many of us choose to ignore. He says many people ask, “Why would any hacker want to steal information from me? I don’t have anything that interesting to steal. I’m sure I’m safe.” Unfortunately, usually the first indication we get that we are a victim of identity theft is when we get our bank statement. Read on for a step-by-step look at how victims — maybe YOU one day — are targeted, as well as security steps to implement NOW!
Online privacy and security have become a central part of our new digital reality, so it was a great honor to track down Leonardo Cervera, the man responsible for the first “Data Privacy Day” event in the United States. We chatted about data privacy and his overall background and interest in keeping people safer online, we learned more about his book focused on keeping children safe online, and heard his views on proposed “Do Not Track” federal legislation, among other issues. As Cervera states, “Data Protection Days are a great opportunity to reach out to the general audience, not only to specialists, and to join forces at national, regional, and international levels, to foster a societal debate around data privacy issues.”
Researchers from the Security Group at the University of Cambridge Computer Laboratory conducted a study on two recently hacked websites that also had their password hashes stolen. The two sites appeared to have a lot of overlapping customers and shared email addresses, and the Cambridge study discovered that, of the passwords that were cracked, 76% of people used the same password on both sites. This blog post on InfoWorld points out that “many people choose the same password they use at work for personal websites [but] in these times, not a single day passes without some major password hacking incident becoming public.”
Google has announced a “two-factor authentication” feature that will give people the choice of adding another layer of password security by typing in a second, short-lived password in addition to their regular account password. This Wired.com post explains the new security feature in detail, explaining that it “should help prevent hackers from getting into sensitive accounts, like Gmail, by snooping passwords or by exploiting security breaches, like the one that recently exposed the email addresses and passwords of Gawker Media commenters — a huge problem since many users reuse the same password over and over.”
The Commerce Department is now tasked with developing an identity management system for individuals on the Internet, and one of the objectives clearly is to facilitate Internet commerce. This week, CEO Kent Lawson writes about the inherent privacy implications of having one master login identity. How do you feel about a national Internet ID?
You are putting your online privacy at serious risk if you ever log in to a website that doesn’t encrypt your user name or password. A dating website called PlentyofFish.com is suffering from a massive security breach after it has been accused of failing to take this basic security step. Members’ emails, usernames, and passwords were all allegedly compromised in a brazen story that includes possible extortion and blackmail.
According to this Wired.com article, there is a newly discovered security flaw that is affecting only older Amazon.com accounts that have not had their passwords changed in the past several years. The security flaw allows users to log in with passwords that resemble, but do not match, their actual password.
A California man has admitted to hijacking the passwords of many women’s Facebook accounts, scanning the victims’ sent folders for compromising photographs, then posting those photos on their profile and/or sending the photos to the victims’ email list. Many of us rely on simple passwords for social networking sites and photo-sharing sites, so read on to learn effective strategies for stronger password protection and other ways to keep you and your family safer online.
A California man has admitted to hijacking the passwords of many women’s Facebook accounts, scanning the victims’ sent folders for compromising photographs, then posting those photos on their profile and/or sending the photos to the victims’ email list. The Washington Post reports that one victim told authorities the intrusion felt like “virtual rape,” and “Facebook should have caught his activities more quickly.”
A computer programmer has allegedly figured out how to break into Amazon.com’s cloud computing network to effectively hack into other people’s computers. According to news agency Reuters, the researcher uses specialized software to “test 400,000 potential passwords per second using Amazon’s high-speed computers.” For better protection against hackers, remember not to use simple passwords to secure your network.
Be careful what you text in California. A new law says police officers do not need a search warrant to search your phone, potentially stripping privacy rights to your text messages, phone records, emails, photos, videos, and anything else you keep on your smartphone. But what about the Fourth Amendment, you ask? Exactly. If you haven’t password-protected your smartphone, now may be the time to take the extra step.