Loss of Privacy

Simple tips for better web password security from Sophos Labs on Vimeo.

Graham Cluley, senior technology consultant at Sophos, explains a simple way of creating a complex hard-to-guess password – and how you should never use the same password on different sensitive websites.

Filmed in a mysterious corner of Sophos’s offices in Abingdon, Oxfordshire.

Learn more on Graham Cluley’s blog at http://www.sophos.com/blogs/gc/g/2009/03/10/password-website/

Feel free to embed this video on your own websites/blogs/etc.. If you prefer, it’s also available on YouTube at http://www.youtube.com/watch?v=VYzguTdOmmU

The recent RockYou hack has revealed, once again, why it’s so easy to do such things. People used predictable passwords despite the vast amount of warnings not to.

Sensitive login credentials – stored in plain text – were left exposed because of a SQL injection bug in RockYou’s website. RockYou admitted the breach, which applied to user password and email addresses for widgits it developed, and pledged to improve security in order to safeguard against future problems.

From over 32 million passwords, the results were, sadly, not surprising. The top ten were:

1. 123456
2. 12345
3. 123456789
4. Password
5. iloveyou
6. princess
7. rockyou
8. 1234567
9. 12345678
10. abc123

While the top ten shouldn’t surprise you, the fact that over fifty percent of the passwords used regular names, slang, and common dictionary words should. Even worse, the admins stored the information in plain text, something that should never be done. Hashing the passwords is not difficult, yet RockYou failed to do such a basic task. RockYou also didn’t have simple security protocols in places, such as minimum password length, and alphanumeric passwords.

Users should be looking to create more difficult passwords or suffer the consequences of further breaches.

I’m a Photographer, Not a Terrorist! is inviting all photographers and those who support photographers to Trafalgar Square this Saturday for a mass photo gathering to defend public photography.

Following a series of high profile detentions under s44 of the terrorism act including 7 armed police detaining an award winning architectural photographer in the City of London, the arrest of a press photographer covering campaigning santas at City Airport and the stop and search of a BBC photographer at St Pauls Cathedral and many others. PHNAT feels now is the time for a mass turnout of Photographers, professional and amateur to defend our rights and stop the abuse of the terror laws.

There’s no excuse for harassing photographers. If you’re in London or can easily get there, please go and support photographers.

A woman was rescued after six days, buried under the rubble, thanks to his unwavering love and desire to find her.

My choice for a donation would be DirectRelief International. One of my favorite sites on the internet, reddit, has partnered with them. Go give a couple of bucks now.