Your email. Your bank account. Your address and credit card number. Photos of your kids or, worse, of yourself, naked. The precise location where you’re sitting right now as you read these words. Since the dawn of the information age, we’ve bought into the idea that a password, so long as it’s elaborate enough, is an adequate means of protecting all this precious data. But in 2012 that’s a fallacy, a fantasy, an outdated sales pitch. And anyone who still mouths it is a sucker—or someone who takes you for one.

No matter how complex, no matter how unique, your passwords can no longer protect you.. (Wired Magazine: Kill the Password: Why a String of Characters Can’t Protect Us Anymore)

In a shocking article written by a person who can only be called a computer superuser, he explains why Internet security has finally become a myth

First off, most of us commit fundamental mistakes with passwords. Some people even use "password" or "123456" as their password. This means the bad guys hardly even have to guess. They'll try those first and be correct often enough to make it worth their while.

We're told passwords need to be long and random and include upper- and lower-case letters, numbers, and even punctuation to be safe, but with the processing power available using today's personal computers, cracking even elaborate passwords is possible. 

And even where a password is long and effective at thwarting even automated guessing, the bad guys can simply get on the phone and trick a customer service person into giving it up. All they need is one or two facts about you. Sometimes the bad guys bluff their way into an account with no information at all! They change the password and then rummage around for information they can use to bluff their way in more easily to some of your other accounts.

One mistake many of us make (and sometimes are forced to make) is to log into some site using our Facebook or Twitter login. This linking of accounts has made it much easier for the baddies to take over or modify to their benefit everything you value online, obtaining credit card numbers, your bank account login and pin, If they are pranksters, they could log into your Facebook account and leave offensive racist or sexist posts.

Back to passwords for a sec. The usual advice was not to reuse passwords on multiple sites and to make them long and hard to guess. They also told us not to write them down. I'm reminded of that poster you often see in print shops: "You want it good and cheap and fast? Pick two and call me back." Even one long and elaborate password would be hard to recall without writing it down, but most of us have at least a half dozen sites requiring passwords. It's become impossible to follow the best password advice.

But what about fingerprint or iris scanning? They have a big problem. There are ways to copy and use them. If a crook or prankster figures out how to duplicate your fingerprint or iris pattern, you're screwed. At least you can change a password.

Even if all that stuff worked, there are so many ways to go around the front end straight to back end of a computer system. A baddie can install software to record information over a period of time that could be short or long and then use that information to the detriment of one or hundreds of thousands of people. For example, it could collect credit card numbers given to an online merchant and then sell them to the highest bidder or, if he's a prankster, dump them on any of the sites where password trading goes on.

You can find out more about this topic by pursuing the link following the italicized paragraphs at the top.

Tags: internet, password, security

Views: 541

Reply to This

Replies to This Discussion

Me too, Gallup's Mirror - I'd like to know anything I can understand (sorry to limit you in that way).  However, if you need me to abandon Windows, then that will be a slow painful experience for us both!

My eyes glaze over whenever the "solution" to any computer problem turns out to be switching away from the most widely-used computer OS around, having to learn a bunch of new apps to do what I have already learned to do efficiently, and all to exist on what might as we be another planet. 

My eyes glaze over whenever the "solution" to any computer problem turns out to be switching away from the most widely-used computer OS around, having to learn a bunch of new apps to do what I have already learned to do efficiently, and all to exist on what might as we be another planet.

We're looking at this from a security perspective so let's start with this aspect:

The Linux distribution 'Ubuntu 12' has 62 known security vulnerabilities of which 14 are rated 'High' severity.* Ubuntu 12 was released nine months ago on April 26, 2012.

Windows 8 has 1,332 known security vulnerabilities of which 896 are rated 'High' severity. Windows 8 was released three months ago on October 26, 2012.

This has been the case since the very beginning: Microsoft makes deeply flawed software and charges big money for it. Add the cost of a security suite, which is a must-have for Windows, and the cost goes up even higher. Ubuntu is free of charge and so are most of the thousands of software applications it runs.

It's worth noting that in the Linux ecosystem bugs and flaws are trumpeted widely upon discovery and patches are typically released within days or even hours, with some rare exceptions. Microsoft prefers to keep security flaws quiet (meaning the 1,332 flaws likely represent an incomplete but rapidly-growing list) and typically releases patches in weeks or months, or sometimes not at all.

I mean this reply to inform rather than to persuade. If you like Windows, use Windows, and may Gosh bless you. But have no illusions from a security perspective: Windows is a very old joke among the hacker and infosec subcultures. And those are only the cost and security considerations. The privacy implications (or lack thereof) will knock your socks off.

If the idea of switching is unappealing because it seems difficult or time-consuming: reconsider that assessment because it's really not. The level of change we're talking about is roughly equivalent to a driver switching from one type of car to another: like going from a station wagon to an armored Lamborghini.

*Ubuntu 12 includes LibreOffice and many other applications. Windows comes as a standalone product. They are rated for security as shipped. If we allow for this difference the number of 'High' severity security flaws in Ubuntu 12 as a standalone operating system drops to zero.

Bloody hell, I'm so close to being convinced...

Here's another nudge.

HiCube Infosec, a security research firm based in India, recently released year-end data tabulating the number of variant malware samples it received from around the world in 2012. There were over 38 million for Windows, an increase of 90% from 2011. In contrast, there are 35 known instances of malware targeting Ubuntu Linux, on which perhaps another thousand variants are based, all of which are now patched.

Does it emulate Windows well enough that I can run all my most useful software on it?

Good question... Gallup's Mirror?

There is an Windows emulator called Wine on it but it isn't always the perfect solution. It does run a lot of programs but also a lot that doesn't run. You never know until you try.

There are plenty of free alternatives for MS Office like Libre or Open office, fully featured programs (for free I may add). Linux Mint (an offshoot of Ubuntu) boasts 40731 packages in it's library that are free to download. The library is similar to a free app store built in to Ubuntu/Mint.

The turn side is that Linux/Ubuntu is an entirely different operating system. There are plenty of similarities with Windows but there is also greatly different approaches which need some familiarising.

Linux (Mint is the operating system of choice for me if you are going to give something a spin) recognizes that people are hesitant to change operating systems. For that purpose they have created a downloadable distribution (short distro) that will run from CD, DVD or USB stick so you can give it a spin before you even install it.

All flavours of Linux that I am aware of are free to download at: http://distrowatch.com/ I suggest you start with Linux Mint or Ubuntu.

There is specialized Linux distros for medical use, musicians, hackers, Windows Vista lookalikes, and I have even glanced a Christian version of Linux somewhere. Take your pick, burn a CD or two and try some out. Use common sense when installing and multi booting. Word of caution, multi boot with Windows 8 is currently still poorly supported.

I hope this was informative for you.

The program that most concerns me because it's unique is ThumbsPlus. Originally a program designed to create thumbnail gallery pages for large numbers of photos, so many features ;have been added to it that it's become indispensable. I so wish it were on Mac, and I even asked the developer (Cerious Software) when a Mac version would be available and they basically it would not be feasible. What's makes it so valuable to me? I shoot huge quantities of photos in sets. ThumbsPlus makes it easy to perform multiple operations on each photo on a batch basis. I can rotate the ones that need rotating while making color adjustments, sharpening them, watermarking them, renaming them, and more, all in one pass.

I had a Mac for a while assuming there must be a Mac program that could do what ThumbsPlus could do in as easy and friendly a way.

No. So I'm a pro photographer who uses a PC, not a Mac. If ThumbsPlus doesn't run flawlessly on Linux, not interested.

@Unseen

ThumbsPlus 7 has a rating of 'Gold' in Wine, which should mean Linux would run it well, although I wouldn't bet the farm on it.

Otherwise, you could use VirtualBox to run it. Conceptually VirtualBox allows you to install complete operating systems to run under Linux as though they are software applications. Once done, Linux can thus run anything that operating system is capable of running.

That is: switch to Linux, install Virtual Box, install Windows, then install ThumbsPlus on Windows.

It's more elegant than it sounds. The screen grab below shows the VirtualBox manager on my Linux PC and several of the operating systems I've installed. They all run on Linux without any problems. Note the instances of Windows XP and Windows 7.

I hope this was informative for you.

Fantastic!

I love Linux Mint. But it has a downside: no direct easy upgrade from one release to the next. The recommended approach is wiping the old release and doing a fresh installation of the new. I understand their reasoning for this but it's still a pain.

I'm still running Mint 10 (four versions outdated) on my netbook for this reason: I'm a lazy, lazy man. Mint still releases patches for it, so it's not that big a deal, but I do prefer to have the latest and greatest. 

Does it emulate Windows well enough that I can run all my most useful software on it?

Generally you can find Linux-based substitutes for popular Windows-based software. For the more esoteric there are other options such as Wine or VirtualBox. I elaborated on the latter a bit further on in this thread.

I invite you (or anyone else) to post a list of Windows applications here if you like. Then we can see if there are Linux equivalents.

RSS

Forum

A relapse.....

Started by Belle Rose in Small Talk 20 minutes ago. 0 Replies

How do you cure Insanity???

Started by Belle Rose in Advice. Last reply by Belle Rose 1 hour ago. 59 Replies

The Elephant in the Room...

Started by Belle Rose in Small Talk. Last reply by Belle Rose 1 hour ago. 16 Replies

Blog Posts

How did that happen?

Posted by Belle Rose on December 19, 2014 at 4:36am 6 Comments

Pabst Blue Ribbon to the rescue!

Posted by Ed on December 15, 2014 at 9:33pm 0 Comments

Services we love!

We are in love with our Amazon

Book Store!

Gadget Nerd? Check out Giz Gad!

Advertise with ThinkAtheist.com

In need a of a professional web site? Check out the good folks at Clear Space Media

© 2014   Created by umar.

Badges  |  Report an Issue  |  Terms of Service