Password Pity

This Company Wants to Replace Half-Baked Passwords With the Rhythm of Your Heart

Spiffy nails, too.

Have you reached such a fever pitch of password-related frustration that if you have to reset your iCloud account on more time, you might hurl your laptop out the window? (This reporter sure has!) Well, here’s a promising development, courtesy of the Verge. A company called Bionym has produced a wristband, called the Nymi, which turns your heart’s electrical activity into a kind of universal key that can replace your half-baked workstation login.

Ultimately, the goal is for it to unlock your front door, pay for your coffee, and replace all your impossibly difficult passwords, as well. Read More

I'll Tumbl For You

Tumblr Asked You to Reset Your Password Because of a Pretty Embarrassing Security Hole

eeeeeeesh (Photo by Andrew Burton/Getty Images)

Last night, Tumblr product VP Derek Gottfrid posted a rather alarming communique to its users, far from the usual omg-we’re-just-so-darn-happy-to-announce gushing. “We have just released a very important security update for our iPhone and iPad apps addressing an issue that allowed passwords to be compromised in certain circumstances¹. Please download the update now,” the post read, emphasis theirs. Read More

Planet GOOG

Google Thinks the Solution to Weak Passwords Is to Put a Ring on It

Any excuse to use a pic of Queen Bey. (Photo: Shallow Nation)

If you think malware is the biggest threat to Internet security, perhaps you should think back to the last time you actually used a good, strong password. Two Google researchers recently submitted a paper to the IEEE Security & Privacy Magazine that argues that weak passwords are actually a bigger threat to online security than any of that malware embedded in those crappy porn sites you frequent.

Google’s proposed solution to the Great Password Scare of 2012-2013? Literally put a ring on it. Read More

Hack Hack Hack Hack It Apart

Even Literal Rocket Scientists Can’t Keep Their Social Security Numbers Safe

Someday, Bre Pettis. Someday. (Photo: flickr.com/usnavy)

Maybe Mat Honan is right–for all the importance we place on them, passwords don’t really work worth a damn. Many privacy breaches skip straight to the goodies, like social security and credit card numbers. The latest illustration: Reuters reports that NASA is telling employees that a laptop packed with personal information was lifted from a (locked) car.

Apparently there’s so much information “that must be reviewed and validated,” it could take as long as 60 days to notify everyone involved.

Free credit monitoring for everyone! Read More

Linkages

Booting Up: The Queen’s Tablet Edition

(Photo: Phone Arena)

Gmail has improved its search capabilities, making it possible to now search for emails by size or specific date parameters. This should make finding all those embarrassing emails you sent to your ex even easier. [Gmail Blog]

NY Senator Charles Schumer proposed an initiative yesterday that would create two new high school diplomas that focus on promoting high-tech industries. Gotta start ‘em young? [Press Connects]

The Queen of England prefers the Galaxy Note over the iPad for some unknown reason. [CNET]

Here’s something to alarm you before 9 a.m.: Mat Honan, the Wired writer who was famously hacked, on why passwords are basically useless in protecting your personal information. [Wired]

Americans are too prudish to get into the spirit of fancy butt-washing Japanese toilets. :( [Priceonomics]

Twitter Uh Oh

Twitter, on Asking Everyone to Reset Passwords: Whoops, Our Bad

(Photo: Maximum PC)

Those who received an email from Twitter warning that they should reset their passwords might greet this admission in Twitter’s status blog with some irritation. Twitter admits: yeah, they kind of screwed that up.

Don’t get too mad, though–Twitter only had our best interests at heart. It’s just that in a fairly normal investigation of compromised accounts, someone at Twitter HQ may have gotten a little carried away: Read More

Flame I'm Gonna Live Forever

Russia’s Kaspersky Lab Cracks Password Attached to Alleged U.S. Cyber Weapon

What Flame did to Iranian computers. (Image: William Warby, Flickr)

The Cold War is over and Russia and America are getting along. So surely the Men in Black behind the United States’ cyber weapons program based at Area 51 or wherever will not be too concerned that a Russian researcher cracked an encoded password associated with the now infamous, allegedly American-made Flame malware.

Symantec and Kaspersky recently teamed to pick apart Flame’s command and control systems, discovering at least three previously unknown infectious scripts in the process. The researchers also discovered a great deal about how the weapons were assembled and launched against enemy targets, but were left with a hashed passcode they couldn’t break. They put out a call for help but didn’t need the assistance of anyone outside either outfit, after all: Read More