- Comms
- Law
- Medic
- News
- Opinion
- Threat Watch
- Training
- Warrior Tools
- Accessories
- Ammo
- Body Armor
- Books
- Clothing
- Commo
- Gear
- Handguns
- Holsters
- Knives
- Long Guns
- ACC
- Accuracy International
- Barrett
- Benelli
- Beretta
- Blaser
- Bushmaster
- Custom
- CZ
- Desert Tactical Arms
- DPMS
- FN
- Forums
- HK
- IWI
- Kel-Tec Long Guns
- LaRue
- LWRC
- McMillan
- Mosin Nagant
- Mossberg
- Para
- Remington
- Rock River Arms
- Ruger Long Guns
- Sabre Defense
- Sako
- SIG Sauer
- SKS
- Smith & Wesson Long Guns
- Springfield
- Styer
- Weatherby
- Wilson Combat
- Winchester
- Magazines
- Maintenance
- Navigation
- Optics
- Sights
- Tech
- Warriors
Posts Tagged password
Police Can’t Force Your Password
From EFF:
The Pennsylvania Supreme Court issued a forceful opinion today holding that the Fifth Amendment to the U.S. Constitution protects individuals from being forced to disclose the passcode to their devices to the police. In a 4-3 decision in Commonwealth v. Davis, the court found that disclosing a password is “testimony†protected by the Fifth Amendment’s privilege against self-incrimination.
LastPass Servers Compromised
From Ars Technica:
LastPass officials warned Monday that attackers have compromised servers that run the company’s password management service and made off with cryptographically protected passwords and other sensitive user data. It was the second breach notification regarding the service in the past four years.
In an e-mail to reporters, Ars resident password expert Jeremi Gosney said the real-world risks the breach posed to end users was minimal. He based his assessment on the LastPass response to the breach and the system that was in place when it happened. He paid particular attention to the 100,000-round hashing routine, which he said was among the strongest he has ever seen.
Password Security Compromised On Andriod
Posted by Brian in News, Threat Watch on 26/Nov/2014 07:01
From ArsTechnica:
Clark agreed that any Android-based password manager that uses the OS clipboard is susceptible. He strongly recommends that people stop using any app setup that works this way. Many apps use standalone browsers, browser extensions, or software keyboards to enter credentials into login fields. There is no evidence they are susceptible to sniffing. The reason ClipCaster takes special aim at LastPass, Clark said, is simple. It just happened to be the manager he installed on his phone. There are no reports that password managers running on iOS or Windows Phone are vulnerable. But there can be way to know for sure, since Ars is unaware of the any comprehensive study testing the security of managers on those platforms.
1.2 Billion Passwords Stolen by Gang in Russia
Posted by Brian in News, Threat Watch on 14/Aug/2014 12:58
From USA Today:
Security researchers say a Russian crime ring has pulled off the largest known theft of confidential Internet information, including 1.2 billion username and password combinations and more than 500 million email addresses.
Spy Apps For the Individual
Posted by Brian in Comms, News, Threat Watch on 6/Nov/2013 13:26
The Cyber Security Industrial Complex
Posted by Gary in Comms, News, Threat Watch on 10/Dec/2011 14:07
From: MIT
A claim by Wikileaks that documents it released last week provide evidence of a “secret new industry” of mass surveillance was as breathless as previous pronouncements from Julian Assange’s organization. But the material does provide a stark reminder that our online activities are easily snooped upon, and suggests that governments or police around the world can easily go shopping for tools to capture whatever information they want from us.
The take-home for ordinary computer users is that the privacy and security safeguards they use—including passwords and even encryption tools—present only minor obstacles to what one researcher calls the “cyber security industrial complex.”
“There is no true privacy in any computing systems against determined government-level surveillance,” says Radu Sion, a computer scientist at Stony Brook University who directs its Network Security and Applied Cryptography Laboratory. He says that as computing systems become more complex, and reliant on components from many different suppliers, the number of vulnerabilities that can be exploited by attackers and surveillance tools will grow.
Zeus Trojan Targets Government and Military Workers
Posted by Gary in Comms, Threat Watch on 17/Nov/2010 17:38
From: Angela Moscaritolo
A new campaign of the password-stealing Zeus trojan is targeting workers from government and military departments in the United States and United Kingdom, according to security researchers at Websense. The trojan is being distributed through spoofed emails claiming to come from the U.S. National Intelligence Council. The bogus messages contain subject lines such as “Report of the National Intelligence Council.” The emails aim to lure users into downloading a document about the “2020 project,” which actually is Zeus. — AM