Tag Archives: Security

Three more bloggers have weighed in with an analysis of the 62,000 passwords that LulzSec released recently. These three analyses take a look at the structure of the passwords and have some interesting details that I hadn’t seen before. Aviv … Continue reading →

I just saw a reference to one of my favorite papers on computer security. It’s Ken Thompson’s Turing Award Lecture, Reflections on Trusting Trust. In it he describes what the Jargon File calls a truly moby hack: the insertion of … Continue reading →

A while ago I wrote about the developing ‘scandal’ involving Dropbox’s supposed admission that they could read your data. As I remarked at the time, no one with an ounce of sense ever thought otherwise but the question did remain … Continue reading →

A week ago I wrote about the analysis of the Gawker passwords. Now Troy Hunt has provided a similar analysis based on the SonyPictures.com compromise. He looked at 37,608 accounts from the LulzSec torrent and analyzed the passwords for Length … Continue reading →

No sooner had I pushed my Bad Passwords post than I stumbled on this post by Marc Bevand over at Zorinaq. Bevand reports that VISA’s Verified by VISA authentication system forces users to select weak passwords (this may not be … Continue reading →

Alternative title: Good Grief. It’s absolutely incredible how clueless people still are about password security. You would think that anyone using the Web today would be aware of the numerous compromises that involve weak passwords. Apparently not. Over at Naked … Continue reading →

I’ve written a couple of posts about LastPass recently, both with praise for the way they are handling a potential security event. One might think that I’m a satisfied customer or even an investor but, in fact, I’d never heard … Continue reading →

Yesterday, I blogged about a company, LastPass, that takes security seriously and has well thought out procedures in place to protect its users. LastPass is a small company run by relatively young people who have perhaps a decade’s experience in … Continue reading →

By now, even the non-Geeks among us have heard of the Sony PSN and Online Entertainment break ins and the subsequent loss of personal information and perhaps credit card numbers of over a 100 million Sony customers. Sony admitted that … Continue reading →

Just as I predicted in my Two Tales post, Apple has responded to the consolidated.db brouhaha. And just as predicted by the serious commenters on the issue, Apple was not tracking users but merely caching data that helps with location … Continue reading →