Passwords are the bane of the security community. We are forced to rely on them, while knowing they’re only as secure as our operating systems, which can be compromised by spyware and malware. There are a number of common techniques used to crack passwords.
Dictionary attacks: These rely on software that automatically plugs common words into password fields. Password cracking becomes almost effortless with a tool like John the Ripper or similar programs.
Cracking security questions: When you click the “forgot password” link within a webmail service or other site, you’re asked to answer a question or series of questions. The answers can often be found on your social media profile. This is how Sarah Palin’s Yahoo account was hacked.
Simple passwords: When 32 million passwords were exposed in a breach last year, almost 1% of victims were using “123456.” The next most popular password was “12345.” Other common choices are “111111,” “1234567,” “12345678,” “123456789,” “princess,” “qwerty,” and “abc123.” Many people use first names as passwords, usually the names of spouses, kids, other relatives, or pets, all of which can be deduced with a little research.
Reuse of passwords across multiple sites: Reusing passwords for email, banking, and social media accounts can lead to identity theft. Two recent breaches revealed a password reuse
Read more…
In the world of cell phones, the iPhone can currently be considered the king. Tens of millions of people have these devices, which serve not only as phones but as game consoles, schedulers and mini Web browsers. A lot of people get online with their iPhones and then use programs called applications, or apps, to access popular programs like Twitter, Facebook and Google. There are also thousands of other apps available, and basically anyone can create one and sell it or give it away on the iTunes app store.
When you use a program on your regular computer, there is often an option that lets you block the program from storing information about you; for instance, to opt you out of receiving email alerts. A lot of iPhone apps do not have such a feature. In addition, it is easy for the owner of an app to trace your iPhone’s serial number, which ultimately leads back to you.
Some apps can also store the following: *The model of your iPhone *The operating system you use *The versions of the app you downloaded *Whether your phone is jail broken *When you log on or off of the app *Your current exact location
While there have been no high profile cases of identity theft occurring due to a malicious iPhone app, the technology is still pretty new and there is no telling what can happen in the future. T
Read more…
Contrary to what some might suggest, I’ve never thought it was a good idea to place your name on a “stop mail” list at the post office. Because some crack head postal employee now has a list of opportunities.
It’s the same thing with stopping delivery of your newspaper. Once you are on that list, it is known you are away.
The best case scenario for both issues is to have a trusted friend, family member or neighbor grab your mail and newspaper for you.
Never list your vacation plans on social media. The last thing you need to be doing on Facebook is telling the world you are 2000 miles away.
Put lights on timers to give your home the “lived in look”. ADT Pulse™ does all this form you.
Do all the fundamentals like invest in a home alarm system that sends an alert to local law enforcement that your house has been broken into. Studies show as many as 25% of all American homes are equipped with a home security system. Monitoring is generally a buck a day.
Set yourself up with home security cameras. Mine can be accessed from my iPhone and online. It’s kind of
Read more…
Whether you’re a road warrior or simply own multiple PCs and want access to all your data from anywhere, here are a few easy ways to do it, and one not so easy option.
All of these options are secure, as long as you don’t leave a remote PC logged into your account, or log in from a PC that is already infected with spyware or a virus. I only log in from trusted PCs like my own laptop.
LogMeIn gives you remote access to your PC or Mac from any other computer with an Internet connection, for free. Just install LogMeIn on the computer you want to access, and then log into your account from any other computer. You’ll be able to see your desktop and use all your applications, as if you were sitting right in front of your home computer, even if you’re across town, across the country, or across the world. LogMeIn Pro², a paid upgrade, adds additional features like file transfers and remote printing.
Orb is a free program that essentially turns your PC into a server. Once you’ve downloaded and installed Orb, you can use any Internet-connected device with a streaming media player (mobile phone, PDA, laptop) to log into mycast.orb.com and access all your digital media, anywhere, anytime. Orb is als
Read more…
Around 13,000 current and former students of Chapman University and its affiliate, Brandman University had their personal information exposed last week. The university said an electronic document containing sensitive information such as Social Security numbers, student identification numbers and financial aid information was discovered by a Chapman student on February 15th.
Chapman University discovered that the document had accidentally been placed in a nonsecure location.
Shari Waters, Chapman’s chief information officer, said in a statement released Tuesday that the university has found “no evidence that any personal data was appropriated or misused” and that the slip-up appeared to be an “isolated incident.”
Chapman University has contacted all of the students listed in the document and is offering identity protection service to the students
The Department of Defense proclaims, “The national security depends on our defense installations and facilities being in the right place, at the right time, with the right qualities and capacities to protect our national resources.” But by relying on Social Security numbers as primary identifiers, this same organization puts the identities of soldiers and their families at risk.
Last month, four West Point professors released a journal article arguing, “Despite the Defense Department’s recent advances in protecting personally identifiable information such as Social Security numbers, the military continues to have a ‘cultural disregard’ for PII.” The professors also pointed out that since the first digits of a Social Security number can be deduced based on birth year and location, restricting use to the last four digits does not adequately preclude identity theft.
In 2007, an Office of Management and Budget memo ordered agencies to eliminate all nonessential uses of Social Security numbers, and the Department of Defense is currently working on limiting its use of the numbers.
If you are a soldier or have a family member away on leave, there are two ways to protect yourself or your family member:
1. Place an “act
Read more…