Shared Links (weekly) June 4, 2023

Shared Links (weekly) June 4, 2023

Linked: 8-Character Passwords Can Be Cracked in Less than 60 Minutes
|

Linked: 8-Character Passwords Can Be Cracked in Less than 60 Minutes

So, best practices?

– use complex passwords.
– use each complex password on exactly one website. (Do NOT reuse).
– use a password manager to keep track of all those passwords.
– Use multi-factor authentication when available, as an extra step beyond your password.

Linked: A Hacker Group Has Been Framing People for Crimes They Didn’t Commit

Linked: A Hacker Group Has Been Framing People for Crimes They Didn’t Commit

It’s easy, though incorrect, to dismiss worrying about hacking on the basis that “I have nothing to hide” so if someone gets our information, it’s not that big of a deal. And, in fact, someone getting your credit card information might not really end up being that big of a deal to you when it’s the credit card company that has to do all the hard work to fix it. For a consumer, it might just be some inconvenience. But the real danger to me has always been the risk of someone manipulating your data and causing issues. Imagine someone hacking the DMV and marking you as someone whose driver’s license has been suspended, or hacking your phone’s GPS, indicating you were somewhere you were not.

Or, a hacker fabricating a plot to overthrow the government:

Linked: Malicious QR Codes – The Digital Slip & Fall
|

Linked: Malicious QR Codes – The Digital Slip & Fall

Sarah makes a valid point. Sure, during the COVID pandemic it’s nice that you can go into a restaurant and scan a QR code to view the menu instead of handling physical menus. I worked in a restaurant kitchen in college, I know how nasty some menus can get. On the other hand, are we teaching people to trust something they shouldn’t trust?

Linked: Federal Law Won’t Protect Your Organization from Bad User Access Control Practices
|

Linked: Federal Law Won’t Protect Your Organization from Bad User Access Control Practices

If you’ve seen references to a court ruling sort of redefining the Computer Fraud and Abuse Act recently, or even if you haven’t, this paragraph from the folks at McGuire Woods boils down the real life implications pretty well.

Shared Links (weekly) May 2, 2021

Shared Links (weekly) May 2, 2021