Your email. Your bank account. Your address and credit card number. Photos of your kids or, worse, of yourself, naked. The precise location where you’re sitting right now as you read these words. Since the dawn of the information age, we’ve bought into the idea that a password, so long as it’s elaborate enough, is an adequate means of protecting all this precious data. But in 2012 that’s a fallacy, a fantasy, an outdated sales pitch. And anyone who still mouths it is a sucker—or someone who takes you for one.
No matter how complex, no matter how unique, your passwords can no longer protect you.. (Wired Magazine: Kill the Password: Why a String of Characters Can’t Protect Us Anymore)
In a shocking article written by a person who can only be called a computer superuser, he explains why Internet security has finally become a myth
First off, most of us commit fundamental mistakes with passwords. Some people even use "password" or "123456" as their password. This means the bad guys hardly even have to guess. They'll try those first and be correct often enough to make it worth their while.
We're told passwords need to be long and random and include upper- and lower-case letters, numbers, and even punctuation to be safe, but with the processing power available using today's personal computers, cracking even elaborate passwords is possible.
And even where a password is long and effective at thwarting even automated guessing, the bad guys can simply get on the phone and trick a customer service person into giving it up. All they need is one or two facts about you. Sometimes the bad guys bluff their way into an account with no information at all! They change the password and then rummage around for information they can use to bluff their way in more easily to some of your other accounts.
One mistake many of us make (and sometimes are forced to make) is to log into some site using our Facebook or Twitter login. This linking of accounts has made it much easier for the baddies to take over or modify to their benefit everything you value online, obtaining credit card numbers, your bank account login and pin, If they are pranksters, they could log into your Facebook account and leave offensive racist or sexist posts.
Back to passwords for a sec. The usual advice was not to reuse passwords on multiple sites and to make them long and hard to guess. They also told us not to write them down. I'm reminded of that poster you often see in print shops: "You want it good and cheap and fast? Pick two and call me back." Even one long and elaborate password would be hard to recall without writing it down, but most of us have at least a half dozen sites requiring passwords. It's become impossible to follow the best password advice.
But what about fingerprint or iris scanning? They have a big problem. There are ways to copy and use them. If a crook or prankster figures out how to duplicate your fingerprint or iris pattern, you're screwed. At least you can change a password.
Even if all that stuff worked, there are so many ways to go around the front end straight to back end of a computer system. A baddie can install software to record information over a period of time that could be short or long and then use that information to the detriment of one or hundreds of thousands of people. For example, it could collect credit card numbers given to an online merchant and then sell them to the highest bidder or, if he's a prankster, dump them on any of the sites where password trading goes on.
You can find out more about this topic by pursuing the link following the italicized paragraphs at the top.
Well, just google on this search string:
underage porn strict liability
What you suggest flies in the face of "Burden of Proof". Maybe in your country you are guilty until proven innocent?
The net is filled with scare tactics, deceptions and disinformation. Look up aspartame or sucralose and you will find sites galore proclaiming the evils of these products. Similar with why you should be vegetarian or why atheists are Satan worshipping animals without morals, etc. etc.
To throw in a random little fact to underline the point. Did you know that the word gullible isn't listed in dictionaries?
Point is, don't believe everything that your read and if you do read it, fact check everything.
If you want a count on how easily people are convinced because it is written, follow @GoogleFacts on Twitter to get an idea. 700.000+ believe, without question, that NEWS is an acronym for North East West South.
I found the word "gullible" in both dictionary.com and merriam-webster.com. I stopped checking dictionaries after that. Are you passing along some sort of urban legend?
Believe me, the laws regarding underage porn really are draconian and do pretty much invert the normal burden of proof. Whenever the safety of children is involved, it seems the normal rules fly right out the window.
My apologies Unseen,
Gullible is a word like any other. It is a joke that gives you three choices, you are either gullible and you take my word for it, you use your common sense and you dismiss me as a liar or you don't trust your common sense and you look it up.
I understand your position but I would rather hear it directly from a prosecutor or lawyer who is specialized in that area or the law book dealing with these matters.
In my opinion there is a lot of scare tactics because so much abuse goes unreported and unpunished. The more scared people are the fewer will be tempted by the idea to try it. Much like the music industry in which U.S. woman who was sued by the American recording industry for illegally downloading music in 2006 has been ordered shell out $1.5 million.
Scare tactics whipping up lots of media attention. Now we don't hear to much about people being sued for downloading music.
So the woman had to shell out $1.5 million or the industry was punished for suing her to the tune of $1.5 million?
The music industry does now and then sue people for huge amounts of money and there really is no defense other than "I didn't do it." If it's a scare tactic, it doesn't work. Almost everyone violates copyright from time to time and some people do it very frequently.
The real problem is that child safety has little to do with it. Prosecuting someone for possession of child porn does not rescue the child nor punish the producer of the porn. Another problem is that teen porn is also called "child" porn and teens sexting each other are in danger of unjustifiably harsh penalties. The whole issue needs to be severely revised.
I think Unseen means that if a prosecutor proves in criminal court that you had child pornography stored on your computer, he has met the standard to convict you for possessing it. Thus your defense is conceding the content was on your computer and then proving someone else stored it there without your knowledge. In a way that really is a reversal of the burden of proof.
The conviction rate for possession of child pornography is 90%. If charged, even in the unlikely event you are acquitted, just the accusation is enough to ruin your reputation even if you really are innocent of the crime.
I have really never believed in the power of having a password because for one thing anyone who wanted to get at my information would be a total moron and very sorry to have wasted their time. I have no money or assets. The other thing is all the things I put on Facebook are pretty mundane and no one cares about them anyway. My passwords are only even on all these sites and stuff because in order to use the site you have to have one. Except for my bank of course which has more then one level of security.
Hi Sarah. I don't know how it is in the USA but for sure in the UK identity theft is a big problem. It doesn't matter if you have no assets - what matters is that you don't have a bad credit rating. An identity thief can rack up bills and debts in your name, take out loans, offer security etc. The first you hear of it is when a debt collection agency starts to pester you. It is much harder to prove that the loan, or merchandise, or whatever, had nothing to do with you.
Identity theft is big business these days. Date of birth is a big deal, as is social security number. If that is added to your address, then you are very exposed. The easy thing you can do re the date of birth, is always put a false year on your public media (facebook etc).
Identity thieves don't want your money or assets, they want your credit rating.
not to worry even the worst credit company in the world would not offer me a credit card I screwed up my credit rating all by myself but don't worry when the debt collection agency pesters me I don't answer the calls. I'm not deliberately a bad person, but when I was younger I just didn't know what I was doing and now I've ruined my credit for good...sigh
Identity theft is only a big problem to the people it happens to. Is it different in the UK?
Any crime is only a big problem to the people it happens to.