Will online anything ever be safe? (1 Viewer)

[LAUNCH]

How would I remember some random made up password. What a pain it would be every time.I logged in

But I do want to be safer.

What is this double encryption thing you speqk of

http://lifehacker.com/5938565/heres-everywhere-you-should-enable-two-factor-authentication-right-now

Google's spam guru, Matt Cutts, put it best: two-factor authentication is a simple feature that asks for more than just your password. It requires both "something you know" (like a password) and "something you have" (like your phone). After you enter your password, you'll get a second code sent to your phone, and only after you enter it will you get into your account. Think of it as entering a PIN number, then getting a retina scan, like you see in every spy movie ever made. It's a lot more secure than a password (which is very hackable), and keeps unwanted snoopers out of your online accounts.

 

[Slapdash]

Great. So you're working this thread into a "#### the police" thread?

I'm posting articles relevant to the question of why we are less secure online. GFY.

 

[AcerFC]

How would I remember some random made up password. What a pain it would be every time.I logged in

But I do want to be safer.

What is this double encryption thing you speqk of

http://lifehacker.com/5938565/heres-everywhere-you-should-enable-two-factor-authentication-right-nowGoogle's spam guru, Matt Cutts, put it best: two-factor authentication is a simple feature that asks for more than just your password. It requires both "something you know" (like a password) and "something you have" (like your phone). After you enter your password, you'll get a second code sent to your phone, and only after you enter it will you get into your account. Think of it as entering a PIN number, then getting a retina scan, like you see in every spy movie ever made. It's a lot more secure than a password (which is very hackable), and keeps unwanted snoopers out of your online accounts.

thank you

 

[Bottomfeeder Sports]

It seems that every week we hear of a massive data breach. Retailers, hospitals, phones...

I'm not in security by any means, but it used to seem like buying something online or having information online was fairly safe minus a few rare security breaches. But now it's starting to seem like you're luckier if you find out your information hasn't been leaked.

Is this the new norm?

Yep! Need to stick to brick and mortar places like Target and Home Depot.

You missed the part after the part you bolded. I put it in red for easy reading.

I was replying to the first side of the "OR" which is why I highlighted that piece.

 

[Guest]

I'm just hoping Amazon stays safe.

 

[cstu]

Here's the thing, we put a certain amount of "trust" into these companies that provide services that such services are secure.

We also have no ability to negotiate, update, or otherwise change the Terms of Service that we are all forced to agree to to use these services. Often these Terms don't even allow us to sue afterward if there's a problem.

That should not be allowed. A company providing a service under such a broad blanket ToS agreement, in which the end user has no ability to negotiate the agreement, should be held fully liable for any breach of the service. If we started enforcing such an arrangement, then either these companies will start taking security seriously, or, stop providing services they cannot secure. And at least then it'd be on us to put our private information on there. All this corporate integration ("Everyone with an iPhone gets everything automatically put on the iCloud. No exceptions!") without the security to back it up is BS.

Everyone should watch "Terms and Conditions May Apply".

Interview with the director.

 

[NCCommish]

Not sure if this was the article, but it's similar to the one I read.

qeadzcwrsfxv1331 = was cracked in a minute.

The guy who really did the best was using a twenty five computer cluster. This guy has spent years just collecting words to use to do this. And if you don't make your first letter capped, your middle letters all lower case and you don't put numbers at the end most of the tools are useless. They used a combination of psych and brute force attacks. The average geek in the basement doesn't have those tools or skills. This is like the top .1% of hackers here. Do you really think that guy is trying to get into your email?

 

[NCCommish]

Here's the thing, we put a certain amount of "trust" into these companies that provide services that such services are secure.

We also have no ability to negotiate, update, or otherwise change the Terms of Service that we are all forced to agree to to use these services. Often these Terms don't even allow us to sue afterward if there's a problem.

That should not be allowed. A company providing a service under such a broad blanket ToS agreement, in which the end user has no ability to negotiate the agreement, should be held fully liable for any breach of the service. If we started enforcing such an arrangement, then either these companies will start taking security seriously, or, stop providing services they cannot secure. And at least then it'd be on us to put our private information on there. All this corporate integration ("Everyone with an iPhone gets everything automatically put on the iCloud. No exceptions!") without the security to back it up is BS.

If they made their sites as secure as you say they should you wouldn't use them. It would be incredibly tedious and time consuming for the consumer. Who by the way is really the security issue. When you use your dogs name for a password you create insecurity. When they force users to make totally random long passwords people whine and cry. Users are the biggest security weakness in the system.

 

[cstu]

Zuck: Yeah so if you ever need info about anyone at Harvard

Zuck: Just ask

Zuck: I have over 4,000 emails, pictures, addresses, SNS

[Redacted Friend's Name]: What? How'd you manage that one?

Zuck: People just submitted it.

Zuck: I don't know why.

Zuck: They "trust me"

Zuck: Dumb ####s

• Instant messages sent by Zuckerberg during Facebook's early days, reported by Business Insider (May 13, 2010)

 

[TheIronSheik]

Not sure if this was the article, but it's similar to the one I read.

qeadzcwrsfxv1331 = was cracked in a minute.

The guy who really did the best was using a twenty five computer cluster. This guy has spent years just collecting words to use to do this. And if you don't make your first letter capped, your middle letters all lower case and you don't put numbers at the end most of the tools are useless. They used a combination of psych and brute force attacks. The average geek in the basement doesn't have those tools or skills. This is like the top .1% of hackers here. Do you really think that guy is trying to get into your email?

Not worried about my email. I'm worried about the .1% hacker looking for the big score.

 

[Ditka Butkus]

Never was never will be....

 

[3C's]

Not sure if this was the article, but it's similar to the one I read.

qeadzcwrsfxv1331 = was cracked in a minute.

The guy who really did the best was using a twenty five computer cluster. This guy has spent years just collecting words to use to do this. And if you don't make your first letter capped, your middle letters all lower case and you don't put numbers at the end most of the tools are useless. They used a combination of psych and brute force attacks. The average geek in the basement doesn't have those tools or skills. This is like the top .1% of hackers here. Do you really think that guy is trying to get into your email?

Not worried about my email. I'm worried about the .1% hacker looking for the big score.

Exactly. My daughters check card was used to purchase an airline ticket and it pretty much drained her account (broke college kid). Since she was (likely) part of the Target breach my feeling is her number might have been grabbed from there.

 

[cstu]

Not sure if this was the article, but it's similar to the one I read.

qeadzcwrsfxv1331 = was cracked in a minute.

The guy who really did the best was using a twenty five computer cluster. This guy has spent years just collecting words to use to do this. And if you don't make your first letter capped, your middle letters all lower case and you don't put numbers at the end most of the tools are useless. They used a combination of psych and brute force attacks. The average geek in the basement doesn't have those tools or skills. This is like the top .1% of hackers here. Do you really think that guy is trying to get into your email?

Not worried about my email. I'm worried about the .1% hacker looking for the big score.

Exactly. My daughters check card was used to purchase an airline ticket and it pretty much drained her account (broke college kid). Since she was (likely) part of the Target breach my feeling is her number might have been grabbed from there.

This is why you don't use debit cards, period.

 

[3C's]

Not sure if this was the article, but it's similar to the one I read.

qeadzcwrsfxv1331 = was cracked in a minute.

The guy who really did the best was using a twenty five computer cluster. This guy has spent years just collecting words to use to do this. And if you don't make your first letter capped, your middle letters all lower case and you don't put numbers at the end most of the tools are useless. They used a combination of psych and brute force attacks. The average geek in the basement doesn't have those tools or skills. This is like the top .1% of hackers here. Do you really think that guy is trying to get into your email?

Not worried about my email. I'm worried about the .1% hacker looking for the big score.

Exactly. My daughters check card was used to purchase an airline ticket and it pretty much drained her account (broke college kid). Since she was (likely) part of the Target breach my feeling is her number might have been grabbed from there.

This is why you don't use debit cards, period.

When you're 18/19 and banks won't give you a credit card and away from home at college, check cards are an option to consider. It does come with risks but her bank has a zero liability policy if the fraud is reported in a timely manner. Biggest issue is being w/o the funds until the investigation completes. They're taking good care of her so far.

That said, now that she's older I've recommended going to an ATM card only for her savings/checking and getting a low limit CC for daily expenditures.

 

[jplvr]

Not sure if this was the article, but it's similar to the one I read.

qeadzcwrsfxv1331 = was cracked in a minute.

The guy who really did the best was using a twenty five computer cluster. This guy has spent years just collecting words to use to do this. And if you don't make your first letter capped, your middle letters all lower case and you don't put numbers at the end most of the tools are useless. They used a combination of psych and brute force attacks. The average geek in the basement doesn't have those tools or skills. This is like the top .1% of hackers here. Do you really think that guy is trying to get into your email?

Not worried about my email. I'm worried about the .1% hacker looking for the big score.

Exactly. My daughters check card was used to purchase an airline ticket and it pretty much drained her account (broke college kid). Since she was (likely) part of the Target breach my feeling is her number might have been grabbed from there.

This is why you don't use debit cards, period.

Really? ####. I'm screwed, I guess.

 

[NCCommish]

Not sure if this was the article, but it's similar to the one I read.

qeadzcwrsfxv1331 = was cracked in a minute.

The guy who really did the best was using a twenty five computer cluster. This guy has spent years just collecting words to use to do this. And if you don't make your first letter capped, your middle letters all lower case and you don't put numbers at the end most of the tools are useless. They used a combination of psych and brute force attacks. The average geek in the basement doesn't have those tools or skills. This is like the top .1% of hackers here. Do you really think that guy is trying to get into your email?

Not worried about my email. I'm worried about the .1% hacker looking for the big score.

Except the big score to guys like this aren't cc numbers. More like the Pentagon. Those CC breaches are organized crime using known security issues and phishing to gain access. Still mostly script kiddie work. And btw now it appears that those photo's were on phones and that someone just phished them to get the passwords. No real hacking skill needed.

 

[TheIronSheik]

Not sure if this was the article, but it's similar to the one I read.

qeadzcwrsfxv1331 = was cracked in a minute.

The guy who really did the best was using a twenty five computer cluster. This guy has spent years just collecting words to use to do this. And if you don't make your first letter capped, your middle letters all lower case and you don't put numbers at the end most of the tools are useless. They used a combination of psych and brute force attacks. The average geek in the basement doesn't have those tools or skills. This is like the top .1% of hackers here. Do you really think that guy is trying to get into your email?

Not worried about my email. I'm worried about the .1% hacker looking for the big score.

Except the big score to guys like this aren't cc numbers. More like the Pentagon. Those CC breaches are organized crime using known security issues and phishing to gain access. Still mostly script kiddie work. And btw now it appears that those photo's were on phones and that someone just phished them to get the passwords. No real hacking skill needed.

I'm not talking about that photo leak at all.

 

[Penguin]

Wait til the hackers find a way to break into the "Carrier IQ" data