Breaking News
Comments
Newest First | Oldest First | Threaded View
Page 1 / 2   >   >>
DadOf3TeenieBoppers
User Rank
Rookie
re: Hack, ack!
DadOf3TeenieBoppers   6/18/2012 1:11:28 PM
NO RATINGS
Good banks will shut down your accounts after a half dozen or so attempts to unsuccessfully log in. So it doesn't matter if the computer can guess your password in 3 days. It only has six attempts before it gets locked out.

Paul A. Clayton
User Rank
CEO
re: Hack, ack!
Paul A. Clayton   6/16/2012 4:37:39 PM
NO RATINGS
MAC addresses are usually mutable. While such provides an additional secret that need not be remembered, it has the significant disadvantage of traveling over the network unencrypted (so if one knows that such is being used as the secret, the secret can be more easily discovered). Other system information is available for similar purposes and is not passed over the network unencrypted. Of course, if the device has persistent storage and the ability to run third-party software, then more complex mechanisms could be used.

Paul A. Clayton
User Rank
CEO
re: Hack, ack!
Paul A. Clayton   6/16/2012 4:17:01 PM
NO RATINGS
Unfortunately, a resourceful scammer could register a domain like mybank.cn or mybamk.com, which on casual inspection might be confused with mybank.com. One of the problems with password complexity is that different sites have different restrictions on length, allowed characters, and required characters. One site that I use requires at least one number (among other restrictions), reducing the ease of using a pass phrase (making the xkcd comic very apropos).

Embedded SW Dev
User Rank
Manager
re: Hack, ack!
Embedded SW Dev   6/15/2012 7:37:01 PM
NO RATINGS
I also worry about phone phishing. On occasion, my credit card has been compromised through no fault of my own. The first thing that happens is that my credit card company calls me to determine whether some charges are legitimate. The call comes from an 800 number not listed on my card, and if I don't answer, leave a message with that unknown 800 number. Then, they try to identify me by having me answer questions from my credit history, like "Did you ever live on Mickey Mouse Lane? What address?", as if I can remember the house number from 20 years ago. I always call them back via the number printed on the card, and they never understand why I'm concerned about calling random 800 numbers and entering my card number into a machine.

prabhakar_deosthali
User Rank
CEO
re: Hack, ack!
prabhakar_deosthali   6/9/2012 6:50:54 AM
NO RATINGS
Binding you secure operations to your computer ( registering and validation of the Mac address of your computers network card ) could be an added security for carrying out secure transactions. My broadband service provider does not allow me to use its broad band service from any other PC or Laptop. I can only use it from the computer whose Mac address has been registered with him. This is sometimes inflexible but always secure.

AussieNeil
User Rank
Rookie
re: Hack, ack!
AussieNeil   6/9/2012 4:52:19 AM
NO RATINGS
Excellent article Sylvie, which has encouraged some great suggestions above. For those using the Firefox browser, I can highly recommend the free add-on Noscript (noscript.net), which blocks scripts from running without your permission as well as greatly improving browsing security by blocking cross-site scripting, etc. For those that have Linkedin accounts (particularly if you have included a CV), if you haven't already changed your password, do so NOW and do it regularly until you hear from Linkedin that they have closed this vulnerability. The password hashes stolen from Linkedin did not use a salt in their generation, making them relatively easy to break. Regarding keep your (ever increasing list of) passwords secure, the universal password services are indeed excellent (well until the first service is cracked and those responsible have access to ALL your accounts). There is also nothing wrong with keeping your passwords written down provided they are kept in a secure location. (Remember, if they are stored on any network connected computer, attempts can be made to gain access them from anywhere in the world.) Remember, Moore's law means passwords get easier to crack as CPUs and graphics cards get more powerful, so keep your passwords hard to guess and change at least the important ones regularly.

I_B_GREEN
User Rank
Rookie
re: Hack, ack!
I_B_GREEN   6/8/2012 4:41:45 PM
NO RATINGS
also needs to be integrated with email and browser system or the linking of...

I_B_GREEN
User Rank
Rookie
re: Hack, ack!
I_B_GREEN   6/8/2012 4:40:00 PM
NO RATINGS
Ok this crap cost our economy billions of dollars in lost productivity cleaning up the messes made. Here is how to fix it... A pop up click blocker or embeded link blocker. Even if it just adds one more are you sure box that you must click twice on it will save the 90% that OCD'd clicked without thinking. Better...The embedded link blocker reads the intended site name verifies or flags the hidden link as being differnt than the one shown onthe screen. And if cross-site scripting is employed then it closes link before loading. reports cross-site scripting phishing attempts to a central security conglomerator and reporting system.

SylvieBarak
User Rank
Rookie
re: Hack, ack!
SylvieBarak   6/8/2012 1:33:55 AM
NO RATINGS
Why, yes, thank you, Frank. i promise to transfer you the 1 billion dollars we discussed soon.... but first, and I know this is trivial, considering all the money I'll soon be sending you, but could you forward me another $2000 in stamp duty? Thanks mate! ;) Lol.

old account Frank Eory
User Rank
Rookie
re: Hack, ack!
old account Frank Eory   6/8/2012 12:51:56 AM
NO RATINGS
Sylvie, what are you doing in Nigeria? Did you get that big check I sent you? LOL!

Page 1 / 2   >   >>


Flash Poll
Top Comments of the Week
Like Us on Facebook
EE Times on Twitter
EE Times Twitter Feed

Datasheets.com Parts Search

185 million searchable parts
(please enter a part number or hit search to begin)
EE Life
Frankenstein's Fix, Teardowns, Sideshows, Design Contests, Reader Content & More
Max Maxfield

Saddleback Sale – It's Happy Dance Time
Max Maxfield
Post a comment
It's no secret that I'm a huge fan of the products from Saddleback Leather. As I sit here at my desk, I'm wearing one of their 1¾" wide Tow Belts, upon which rests one of their Belt ...

Engineering Investigations

Air Conditioner Falls From Window, Still Works
Engineering Investigations
Post a comment
It's autumn in New England. The leaves are turning to red, orange, and gold, my roses are in their second bloom, and it's time to remove the air conditioner from the window. On September ...

David Blaza

The Other Tesla
David Blaza
5 comments
I find myself going to Kickstarter and Indiegogo on a regular basis these days because they have become real innovation marketplaces. As far as I'm concerned, this is where a lot of cool ...

Larry Desjardin

Engineers Should Study Finance: 5 Reasons Why
Larry Desjardin
47 comments
I'm a big proponent of engineers learning financial basics. Why? Because engineers are making decisions all the time, in multiple ways. Having a good financial understanding guides these ...