Breaking News
Comments
Newest First | Oldest First | Threaded View
Page 1 / 2   >   >>
DadOf3TeenieBoppers
User Rank
Rookie
re: Hack, ack!
DadOf3TeenieBoppers   6/18/2012 1:11:28 PM
NO RATINGS
Good banks will shut down your accounts after a half dozen or so attempts to unsuccessfully log in. So it doesn't matter if the computer can guess your password in 3 days. It only has six attempts before it gets locked out.

Paul A. Clayton
User Rank
CEO
re: Hack, ack!
Paul A. Clayton   6/16/2012 4:37:39 PM
NO RATINGS
MAC addresses are usually mutable. While such provides an additional secret that need not be remembered, it has the significant disadvantage of traveling over the network unencrypted (so if one knows that such is being used as the secret, the secret can be more easily discovered). Other system information is available for similar purposes and is not passed over the network unencrypted. Of course, if the device has persistent storage and the ability to run third-party software, then more complex mechanisms could be used.

Paul A. Clayton
User Rank
CEO
re: Hack, ack!
Paul A. Clayton   6/16/2012 4:17:01 PM
NO RATINGS
Unfortunately, a resourceful scammer could register a domain like mybank.cn or mybamk.com, which on casual inspection might be confused with mybank.com. One of the problems with password complexity is that different sites have different restrictions on length, allowed characters, and required characters. One site that I use requires at least one number (among other restrictions), reducing the ease of using a pass phrase (making the xkcd comic very apropos).

Embedded SW Dev
User Rank
Manager
re: Hack, ack!
Embedded SW Dev   6/15/2012 7:37:01 PM
NO RATINGS
I also worry about phone phishing. On occasion, my credit card has been compromised through no fault of my own. The first thing that happens is that my credit card company calls me to determine whether some charges are legitimate. The call comes from an 800 number not listed on my card, and if I don't answer, leave a message with that unknown 800 number. Then, they try to identify me by having me answer questions from my credit history, like "Did you ever live on Mickey Mouse Lane? What address?", as if I can remember the house number from 20 years ago. I always call them back via the number printed on the card, and they never understand why I'm concerned about calling random 800 numbers and entering my card number into a machine.

prabhakar_deosthali
User Rank
CEO
re: Hack, ack!
prabhakar_deosthali   6/9/2012 6:50:54 AM
NO RATINGS
Binding you secure operations to your computer ( registering and validation of the Mac address of your computers network card ) could be an added security for carrying out secure transactions. My broadband service provider does not allow me to use its broad band service from any other PC or Laptop. I can only use it from the computer whose Mac address has been registered with him. This is sometimes inflexible but always secure.

AussieNeil
User Rank
Rookie
re: Hack, ack!
AussieNeil   6/9/2012 4:52:19 AM
NO RATINGS
Excellent article Sylvie, which has encouraged some great suggestions above. For those using the Firefox browser, I can highly recommend the free add-on Noscript (noscript.net), which blocks scripts from running without your permission as well as greatly improving browsing security by blocking cross-site scripting, etc. For those that have Linkedin accounts (particularly if you have included a CV), if you haven't already changed your password, do so NOW and do it regularly until you hear from Linkedin that they have closed this vulnerability. The password hashes stolen from Linkedin did not use a salt in their generation, making them relatively easy to break. Regarding keep your (ever increasing list of) passwords secure, the universal password services are indeed excellent (well until the first service is cracked and those responsible have access to ALL your accounts). There is also nothing wrong with keeping your passwords written down provided they are kept in a secure location. (Remember, if they are stored on any network connected computer, attempts can be made to gain access them from anywhere in the world.) Remember, Moore's law means passwords get easier to crack as CPUs and graphics cards get more powerful, so keep your passwords hard to guess and change at least the important ones regularly.

I_B_GREEN
User Rank
Rookie
re: Hack, ack!
I_B_GREEN   6/8/2012 4:41:45 PM
NO RATINGS
also needs to be integrated with email and browser system or the linking of...

I_B_GREEN
User Rank
Rookie
re: Hack, ack!
I_B_GREEN   6/8/2012 4:40:00 PM
NO RATINGS
Ok this crap cost our economy billions of dollars in lost productivity cleaning up the messes made. Here is how to fix it... A pop up click blocker or embeded link blocker. Even if it just adds one more are you sure box that you must click twice on it will save the 90% that OCD'd clicked without thinking. Better...The embedded link blocker reads the intended site name verifies or flags the hidden link as being differnt than the one shown onthe screen. And if cross-site scripting is employed then it closes link before loading. reports cross-site scripting phishing attempts to a central security conglomerator and reporting system.

SylvieBarak
User Rank
Rookie
re: Hack, ack!
SylvieBarak   6/8/2012 1:33:55 AM
NO RATINGS
Why, yes, thank you, Frank. i promise to transfer you the 1 billion dollars we discussed soon.... but first, and I know this is trivial, considering all the money I'll soon be sending you, but could you forward me another $2000 in stamp duty? Thanks mate! ;) Lol.

old account Frank Eory
User Rank
Rookie
re: Hack, ack!
old account Frank Eory   6/8/2012 12:51:56 AM
NO RATINGS
Sylvie, what are you doing in Nigeria? Did you get that big check I sent you? LOL!

Page 1 / 2   >   >>


Flash Poll
EE Life
Frankenstein's Fix, Teardowns, Sideshows, Design Contests, Reader Content & More
Engineer's Bookshelf
Caleb Kraft

The Martian: A Delightful Exploration of Math, Mars & Feces
Caleb Kraft
6 comments
To say that Andy Weir's The Martian is an exploration of math, Mars, and feces is a slight simplification. I doubt that the author would have any complaints, though.

The Engineering Life - Around the Web
Caleb Kraft

Surprise TOQ Teardown at EELive!
Caleb Kraft
Post a comment
This year, for EELive! I had a little surprise that I was quite eager to share. Qualcomm had given us a TOQ smart watch in order to award someone a prize. We were given complete freedom to ...

Design Contests & Competitions
Caleb Kraft

Join The Balancing Act With April's Caption Contest
Caleb Kraft
57 comments
Sometimes it can feel like you're really performing in the big tent when presenting your hardware. This month's caption contest exemplifies this wonderfully.

Engineering Investigations
Caleb Kraft

Frankenstein's Fix: The Winners Announced!
Caleb Kraft
8 comments
The Frankenstein's Fix contest for the Tektronix Scope has finally officially come to an end. We had an incredibly amusing live chat earlier today to announce the winners. However, we ...

Top Comments of the Week
Like Us on Facebook
EE Times on Twitter
EE Times Twitter Feed

Datasheets.com Parts Search

185 million searchable parts
(please enter a part number or hit search to begin)