Wednesday - Dec 29, 2010
How many online accounts do you have that require passwords? I stopped counting at fifty–banking, airlines, e-mail, health care, credit cards, Linkedin, Facebook, Amazon…the list goes on.
Passwords are what stand between you and giving anyone access to your personal information. But if you’re like most people, the passwords you choose barely challenge even the laziest cyber-criminal.
Recently, Gawker Media, purveyor of Internet gossip and other pop culture fare, was hacked. A group named “Gnosis” claimed responsibility. It also claimed to have stolen over a million e-mail addresses and passwords of Gawker members and staff.
The Wall Street Journal obtained of some of the data and ran an analysis on over 188,000 passwords. What’s the most common password? Here’s a hint: You may even use it yourself. Answer: 123456.
(If that’s yours, change it immediately!)
The runner up wasn’t much more creative: password.
In third place was this clever octet: 12345678.
Are these passwords indicative of ones commonly used for say, an online banking account? Or are they indicative of the casual way people treat their Gawker membership? I suspect it’s the latter.
These days, security-minded sites require strong passwords with a handful of letters, a pinch of numbers and maybe a capital letter or symbol thrown in for really secret sites.
Gawker didn’t require any of that from its members and now the media hipsters are probably very embarrassed by the unoriginality of their fans. But it gets worse.
An analysis by Forbes revealed that Gawker’s staffers are equally as unsecurityminded. (Is that a word?). Forbes’ forensics revealed that Gawksters used “either common dictionary words or slight variations thereof.” One had the gall to use his own name followed by “1″.
I fully admit to being as lazy as the next guy in devising new passwords. But take note all you hackers: I definitely don’t use a simple string of letters or numbers.
Here’s the moral of this story: To your growing list of New Years’ Resolutions, add this one: Review your passwords. My gift to you: Tips for choosing secure passwords. Cheers.
Wednesday - Dec 22, 2010
When I was a kid there was a toy called the Visible Man–basically a transparent plastic model that revealed the skeletal structure, muscles, circulatory system and other parts of the body. I begged Santa Claus (or was it my parents?) to give it to me for Christmas. But much to my disappointment it wasn’t among the presents I got. Maybe that’s why I didn’t become a doctor.
For today’s wired kids, there’s no need for parents to spend a cent on this human model. The other day Google Labs released its latest marvel just in time for the holidays.
Body Browser is the 21st version of the Visible Man, except in this case it’s a woman. Equal time, I suppose. Not only can you strip away her skin to reveal all of her internal organs and systems, but you can search for body parts, zoom into the 3D model and undoubtedly do all kinds of other things I haven’t yet discovered.
To use Body Browser, you’ll need a web browser with WebGL support. Don’t worry what this is exactly. Once you land on the site, you’ll be prompted to download Google’s Chrome browser that includes this plug-in. It’s worth the effort. Happy browsing and Happy Holidays!
Monday - Dec 13, 2010
I hate spam. Not the canned luncheon meat; the junk e-mail messages that clog my Inbox. I’ve had the same e-mail address since 1995, so you can imagine how many mailing lists I’m on and how much spam I receive. Despite using two spam filters–one on the mail server and another with Outlook–hundreds of messages still manage to sneak through every day.
So it was great news to learn that Oleg Nikolaenko, a 23-year-old Russian, had been apprehended by the FBI while attending an auto show in Las Vegas. Why? Because Nikolaenko has been called the “King of Spam.” Investigators claim that he’s been responsible for as much as one-third of the world’s spam, sending out 10 billion–yes, BILLION–messages a day.
Nikolaenko accomplished this dastardly deed by creating a vast botnet–an army of over 500,000 computers that he secretly commandeered (yours could be a soldier in the Russian’s army), using them to spam the world with pitches for phony products, like counterfeit Rolex watches. Jody M. Smith, the Rolex scammer. paid Nikolaenko to send out his messages; he was apprehended last year and helped authorities nail Nikolaenko.
The international sting operation reads like a good spy story. If you’re a fan of the genre, read how it went down in the Wall Street Journal.
Nikolaenko is now under Federal indictment for violating the CAN-SPAM Act, America’s anti-spam law. He’s being held without bail and faces a $250,000 fine and three years in prison. But given how much money this guy has already raked in from his spam operation–a least $465,000 according to the FBI, and probably much, much more–it’s just a slap on the wrist.
If Nikolaenko is convicted and sent to the pen, my advice to prison officials: Don’t give this guy access to a computer. My advice to you: Watch the video to get tips on protecting your computer from being Shanghaied into a botnet.
