A neat little tidbit about Facebook security in this post from The Verge. Good Guy Facebook proactively scans lists of hijacked account and warns users if they appear on one of these lists. Facebook cross references credential dumps with its entire database of user credentials, then alerts any users that match to change their passwords. By…
Posts Tagged: security
How To: Hack Into OS X Lion
.
Yesterday one of two things happened, either a) I completely an entirely forgot my OS X login password or b) OS X refused to accept my password. I have no way of knowing which was the case, but regardless, I was unable to access my computer. I almost had a major meltdown, until Google informed me that OS X Lion is horribly…
Read more »
Assault on the Hash (or how to make secure your passwords)
.
In a recent episode of Build & Analyze Marco Armet (creator of Instapaper) explained that the standard practice of salting a hash is no longer a really good way to secure passwords. CPUs (and GPUs) are so fast that they can effectively guess your salt in a reasonable amount of time*. The solution, use bcrypt. Essentially, it’s an extremely slow…
Read more »
How To Use Your iPhone to Stalk Yourself
.
It looks like the privacy hippies were finally right about something, your mobile phone really is a pocket sized tracking device. Turns out that as of iOS 4.0, iPhones have been tracking your physical movements and logging it along with the phone’s backups. A small team of researchers have discovered these logs in iTune’s backup files,…
Read more »
Facebook Security Still Lacking
.
In October I blogged about a Firesheep, a Firefox plugin that highlights the inherent vulnerabilities in the way that Facebook and other websites handle sessions. TL;DR — Install the extension and with a click of a button you can capture un-encrypted Facebook sessions of any user using a WiFi network you’re connected to (read the full post for all the details). For research…
