Embedded Systems Conference
Breaking News
Comments
Newest First | Oldest First | Threaded View
Page 1 / 2   >   >>
DadOf3TeenieBoppers
User Rank
Author
re: Hack, ack!
DadOf3TeenieBoppers   6/18/2012 1:11:28 PM
NO RATINGS
Good banks will shut down your accounts after a half dozen or so attempts to unsuccessfully log in. So it doesn't matter if the computer can guess your password in 3 days. It only has six attempts before it gets locked out.

Paul A. Clayton
User Rank
Author
re: Hack, ack!
Paul A. Clayton   6/16/2012 4:37:39 PM
NO RATINGS
MAC addresses are usually mutable. While such provides an additional secret that need not be remembered, it has the significant disadvantage of traveling over the network unencrypted (so if one knows that such is being used as the secret, the secret can be more easily discovered). Other system information is available for similar purposes and is not passed over the network unencrypted. Of course, if the device has persistent storage and the ability to run third-party software, then more complex mechanisms could be used.

Paul A. Clayton
User Rank
Author
re: Hack, ack!
Paul A. Clayton   6/16/2012 4:17:01 PM
NO RATINGS
Unfortunately, a resourceful scammer could register a domain like mybank.cn or mybamk.com, which on casual inspection might be confused with mybank.com. One of the problems with password complexity is that different sites have different restrictions on length, allowed characters, and required characters. One site that I use requires at least one number (among other restrictions), reducing the ease of using a pass phrase (making the xkcd comic very apropos).

Embedded SW Dev
User Rank
Author
re: Hack, ack!
Embedded SW Dev   6/15/2012 7:37:01 PM
NO RATINGS
I also worry about phone phishing. On occasion, my credit card has been compromised through no fault of my own. The first thing that happens is that my credit card company calls me to determine whether some charges are legitimate. The call comes from an 800 number not listed on my card, and if I don't answer, leave a message with that unknown 800 number. Then, they try to identify me by having me answer questions from my credit history, like "Did you ever live on Mickey Mouse Lane? What address?", as if I can remember the house number from 20 years ago. I always call them back via the number printed on the card, and they never understand why I'm concerned about calling random 800 numbers and entering my card number into a machine.

prabhakar_deosthali
User Rank
Author
re: Hack, ack!
prabhakar_deosthali   6/9/2012 6:50:54 AM
NO RATINGS
Binding you secure operations to your computer ( registering and validation of the Mac address of your computers network card ) could be an added security for carrying out secure transactions. My broadband service provider does not allow me to use its broad band service from any other PC or Laptop. I can only use it from the computer whose Mac address has been registered with him. This is sometimes inflexible but always secure.

AussieNeil
User Rank
Author
re: Hack, ack!
AussieNeil   6/9/2012 4:52:19 AM
NO RATINGS
Excellent article Sylvie, which has encouraged some great suggestions above. For those using the Firefox browser, I can highly recommend the free add-on Noscript (noscript.net), which blocks scripts from running without your permission as well as greatly improving browsing security by blocking cross-site scripting, etc. For those that have Linkedin accounts (particularly if you have included a CV), if you haven't already changed your password, do so NOW and do it regularly until you hear from Linkedin that they have closed this vulnerability. The password hashes stolen from Linkedin did not use a salt in their generation, making them relatively easy to break. Regarding keep your (ever increasing list of) passwords secure, the universal password services are indeed excellent (well until the first service is cracked and those responsible have access to ALL your accounts). There is also nothing wrong with keeping your passwords written down provided they are kept in a secure location. (Remember, if they are stored on any network connected computer, attempts can be made to gain access them from anywhere in the world.) Remember, Moore's law means passwords get easier to crack as CPUs and graphics cards get more powerful, so keep your passwords hard to guess and change at least the important ones regularly.

I_B_GREEN
User Rank
Author
re: Hack, ack!
I_B_GREEN   6/8/2012 4:41:45 PM
NO RATINGS
also needs to be integrated with email and browser system or the linking of...

I_B_GREEN
User Rank
Author
re: Hack, ack!
I_B_GREEN   6/8/2012 4:40:00 PM
NO RATINGS
Ok this crap cost our economy billions of dollars in lost productivity cleaning up the messes made. Here is how to fix it... A pop up click blocker or embeded link blocker. Even if it just adds one more are you sure box that you must click twice on it will save the 90% that OCD'd clicked without thinking. Better...The embedded link blocker reads the intended site name verifies or flags the hidden link as being differnt than the one shown onthe screen. And if cross-site scripting is employed then it closes link before loading. reports cross-site scripting phishing attempts to a central security conglomerator and reporting system.

SylvieBarak
User Rank
Author
re: Hack, ack!
SylvieBarak   6/8/2012 1:33:55 AM
NO RATINGS
Why, yes, thank you, Frank. i promise to transfer you the 1 billion dollars we discussed soon.... but first, and I know this is trivial, considering all the money I'll soon be sending you, but could you forward me another $2000 in stamp duty? Thanks mate! ;) Lol.

old account Frank Eory
User Rank
Author
re: Hack, ack!
old account Frank Eory   6/8/2012 12:51:56 AM
NO RATINGS
Sylvie, what are you doing in Nigeria? Did you get that big check I sent you? LOL!

Page 1 / 2   >   >>


Radio
LATEST ARCHIVED BROADCAST
Overview: Battle-hardened veterans of the electronics industry have heard of the “connected car” so often that they assume it’s a done deal. But do we really know what it takes to get a car connected and what its future entails? Join EE Times editor Junko Yoshida as she moderates a panel of movers and shakers in the connected car business. Executives from Cisco, Siemens and NXP will share ideas, plans and hopes for connected cars and their future. After the first 30 minutes of the radio show, our listeners will have the opportunity to ask questions via live online chat.
Flash Poll
Like Us on Facebook

Datasheets.com Parts Search

185 million searchable parts
(please enter a part number or hit search to begin)
Special Video Section
LED lighting is an important feature in today’s and future ...
Active balancing of series connected battery stacks exists ...
After a four-year absence, Infineon returns to Mobile World ...
A laptop’s 65-watt adapter can be made 6 times smaller and ...
An industry network should have device and data security at ...
The LTC2975 is a four-channel PMBus Power System Manager ...
In this video, a new high speed CMOS output comparator ...
The LT8640 is a 42V, 5A synchronous step-down regulator ...
The LTC2000 high-speed DAC has low noise and excellent ...
How do you protect the load and ensure output continues to ...
General-purpose DACs have applications in instrumentation, ...
Linear Technology demonstrates its latest measurement ...
10:29
Demos from Maxim Integrated at Electronica 2014 show ...
Bosch CEO Stefan Finkbeiner shows off latest combo and ...
STMicroelectronics demoed this simple gesture control ...
Keysight shows you what signals lurk in real-time at 510MHz ...
TE Connectivity's clear-plastic, full-size model car shows ...
Why culture makes Linear Tech a winner.
Recently formed Architects of Modern Power consortium ...
Specially modified Corvette C7 Stingray responds to ex Indy ...