I reported a web site security hole to CVS three different ways. They fixed the hole, but they couldn’t be bothered to acknowledge any of my reports. This is not OK.
How I avoid forgetting my YubiKey at work or at home using Tasker and AutoNotification from João Dias on Android, and systemd, udev and Notify from Kevin Bedi on Linux.
Early on November 21, 2018, I along with an undetermined number of other Amazon customers received the following email from Amazon: This breach notification lacked most of the information expected to be included in a breach notification from any reputable company, including: How was the information disclosed? For how long was the information accessible? How… Read More »
TL;DR After less than 24 hours of using the “Cash App” from Square, I conclude that the people who built, maintain, and support the app are incompetent, and it has therefore earned on my list of apps and services I will never use again. I have removed the app from my phone, and if anyone… Read More »
You know how sometimes you encounter something that is so terrible and appalling that you feel you just have to tell other people about it? Well, for me, today is one of those days. But look, I’m a nerd who writes email software and likes to write raw HTML. If the terms “SMTP” and “MIME”… Read More »
[The technique described here is obsolete. Please see this update.] I’ve recently started using a YubiKey NEO for two-factor authentication for sites that support it.1 Because I am using my YubiKey for more and more sites, I tend to leave it plugged in whenever I am in front of a computer for an extended period… Read More »
As I wrote recently, Netgear introduced a severe bug into their router firmware around seven months ago, making all newer firmware releases since then unusable for many router owners. In the intervening time, numerous severe security holes in their routers have been publicized and patched by them. However, those of us who are running into… Read More »
Almost 11 years ago, back in August 2007, I opined passionately here on my blog, “Why I will no longer buy from Netgear“. Alas, I recently failed to heed my own advice, and I’m sorry to say that the results have been somewhat predictable. Last September, I found myself in need of a new router… Read More »
A legitimate email from AT&T does its level best to masquerade as a phishing email.
The Equifax breach is a big deal. There are things you need to do right now to protect yourself.