Tag: security

Strong passwords, stronger extortionists

I’ve posted before about passwords, specifically about the large number of extremely weak passwords revealed by the Adobe hackers. I recently saw a story on the BBC web site about a password that the security forces couldn’t crack. Here’s the article:

Man jailed for refusing to give police USB stick password

The password was $ur4ht4ub4h8, apparently a play on words relating to a chapter of the Koran. Next time some piece of software insists your password must include a mix of upper and lower case letters you can tell it to go take a hike.

If the password was so uncrackable, you may wonder, how come it’s in the article? Well as usual the security of your password is only part of the story, the authorities have many ways of extorting your passwords out of you, as this article describes:

David Miranda feels ‘invaded’ after password disclosure

The moral of the story, if there is one, might be that however secure your data is, you yourself are more easily hacked.

There goes the neighbourhood

Imagine if your neighbourhood was one where criminals blatantly plied their trade down your street, banging on your door at all hours of the day and night and extorting money from you, breaking into houses and taking credit cards, stealing your money to pay for terrorism and other inhuman activities. Imagine that that some of the products you buy compounded the problem because the vendors published all your personal information without checking with you first. Worse, if you called the police, they wouldn’t be able to do anything, because the criminals live in a different neighbourhood where the local law enforcement don’t give a damn. You’d probably like to move, right?

Unfortunately we all live in this neighbourhood, it’s called cyberspace. Every day I am subjected to phishing attacks. Every day I am compelled to use software that is about as secure as a broken padlock. Facebook makes public things that I am sure I never agreed to (but then who can read those pages of tiny print with all the get out clauses). Flickr is determined to give all my photos away unless I constantly tell it not to. More and more of my intellectual property is somewhere ‘in the cloud’ where levels of security are an unknown and there are no guarantees that i can access my own work when I need it.

Maybe we should all wake up a little and realise that we live in a dangerous neighbourhood. Apparently 1.9 million people who had their password stolen from Adobe were using the password 123456. 

http://www.bbc.co.uk/news/technology-24821528

Not, of course, that a ‘stronger’ password would have done any of these people any good if it was stolen anyway. In the end, the more you live on line, the more of your life you have given away for good.