View Single Post
Old 06-19-2011, 11:41 PM   #12
Darth Avlectus
If Sunday you're free...
 
Darth Avlectus's Avatar
 
Join Date: Dec 2006
Location: Why don't you come with me...
Posts: 4,267
Current Game: Poisoning pigeons in the park.
Quote:
Originally Posted by Liverandbacon View Post
What should scare people is how so many companies, especially technology ones, which you'd expect to have more security know-how, leave important information under such weak protection. Given how common password reuse is, even a simple list of usernames and passwords is quite valuable to certain people. And if a bunch of skiddies can get in this many places, you can bet your ass that the professional crackers working in the interests of foreign governments or organized crime can reach even more.
Yeah. And actually there are tools out there alerting you to google analytics trackers in various websites wherever you go. Not surprisingly in my area several people got infected, as there has been some hackers sneaking through stuff through google searchbar tools in web browsers.

Also, banking online w/ online social networking = bad idea. At least all with the same email address. I'd say if anyone can, change your IP if at all possible, and use dynamic IP thereafter.

Quote:
Hopefully all this activity will be a wake up call to both companies and users.
Seconded.


Quote:
This. Also, people need to stop reusing the same password on everything, especially stuff they care about. Even on the stuff that doesn't matter, the closest I'd ever get to reusing a password would be having a 4-8 character prefix or suffix common to multiple sites and services, with the main portion of the password different.
One of my pals online says F*** you synonyms and alternate identities and yet he has had his identity stolen and his cards fraudulently used. So consider the source.


Quote:
Websites and services themselves also need to stop ****ing about with "no symbol" rules, lack of case sensitivity, and worst of all, maximum password lengths. It's not that hard to make a password system that can handle symbols, both cases of letters, and long passwords, and it seriously improves security. I know someone whose insurance company doesn't allow case-sensitivity or symbols, and has a 10 character password maximum. I would switch companies in that situation. If they're that clueless security wise with website security, god knows what their general network security is like. I wouldn't want to entrust all my insurance information to a company like that.
I refuse to bank online anymore. I miss being able to buy stuff, but this really is all for the best.


We'll murder them all, amid laughter and merriment...except for the few we take home to experiment!

"I cant see S***! --YOU GO TO HELL!" --Tourettes guy
Darth Avlectus is offline   you may: quote & reply,