I’ve seen several people recently discussing how LastPass protects your LastPass master password and your encrypted site password data (a.k.a., your vault). If what some of those people were saying were true, then LastPass wouldn’t be as secure as I thought it was. This gave me pause, since I use LastPass to store all my… Read More »
Those of us who help create and maintain “the internet” that everyone benefits from are now tasked with helping the world recover with one of the biggest, if not the biggest, security holes in the history of the internet. To be certain they aren’t vulnerable, users need to change their passwords at every site that… Read More »
Don’t use a self-signed SSL certificate for your web site. Way to go, Incapsula!
See my previous articles on this topic. The email identity thief who has been using my email address on-line for years, who apparently goes by the name Diallo Mamadou Oury in real life, has just posted this inexplicable comment on my blog. I posted a response, but I somehow doubt he’ll read or respond to… Read More »
I have no idea why Diallo Mamadou Oury, who lives in Dakar, Senegal, insists on using my email address to sign up for services and web sites all over the Internet (previous postings). But since he apparently feels entitled to share my personal information without my consent, I have no compunctions about sharing his. Here’s… Read More »
For some inexplicable reason, some guy who identifies himself as Mamadou Diallo, a.k.a. Bouba Diallo, has been creating accounts all over the internet using my email address for over two years now. I’ve written about this several times before. It’s still going on… I just got email indicating that he created a Yahoo! account (“m.diallo76”)… Read More »
The privacy of our email is protected by the Electronic Communications Privacy Act, passed in 1986, which requires law-enforcement officials to obtain a warrant to intercept and read private email. However, the law has a critical flaw: it does not require a warrant for emails “left on servers” for more than 180 days. This made… Read More »
For a while now, the web browser vendors and major purveyors of targeted internet advertising have been working on a proposal for allowing users to prevent web sites from tracking their online activity and using it to “customize their web browsing experience,” a.k.a., displaying targeted advertisements which are, theoretically, tailored to the person viewing them.… Read More »
A recent security breach exposed the plaintext usernames and passwords of almost 100,000 members of IEEE, the Institute of Electrical and Electronics Engineers. The usernames and passwords were discovered by a researcher in 100GB of log files inadvertently left open to the public on an IEEE FTP server. Leaving aside for the moment how incredible… Read More »
UPDATE [2013-02-13]: According to this article on Craigslist, as of February 10, 2013, they have implemented and are testing the idea I described below for fixing the problem described in this posting. I recently placed a for-sale ad on Craigslist. I anonymized my email address in the ad, which means that the published email address… Read More »