Simple Passwords Remain Popular, Despite Risk of Hacking – NYTimes.com

If Your Password Is 123456, Just Make It HackMe

By ASHLEE VANCE

Published: January 20, 2010

Back at the dawn of the Web, the most popular account password was “12345.”

The New York Times

Today, it’s one digit longer but hardly safer: “123456.”

Despite all the reports of Internet security breaches over the years, including the recent attacks on Google’s e-mail service, many people have reacted to the break-ins with a shrug.

According to a new analysis, one out of five Web users still decides to leave the digital equivalent of a key under the doormat: they choose a simple, easily guessed password like “abc123,” “iloveyou” or even “password” to protect their data.

“I guess it’s just a genetic flaw in humans,” said Amichai Shulman, the chief technology officer at Imperva, which makes software for blocking hackers. “We’ve been following the same patterns since the 1990s.”

Imperva found that nearly 1 percent of the 32 million people it studied had used “123456” as a password. The second-most-popular password was “12345.” Others in the top 20 included “qwerty,” “abc123” and “princess.”

More disturbing, said Mr. Shulman, was that about 20 percent of people on the RockYou list picked from the same, relatively small pool of 5,000 passwords.

That suggests that hackers could easily break into many accounts just by trying the most common passwords. Because of the prevalence of fast computers and speedy networks, hackers can fire off thousands of password guesses per minute.

via Simple Passwords Remain Popular, Despite Risk of Hacking – NYTimes.com.

There are several password generation programs available that will make and remember random passwords for different sites and needs. I highly recommend them. The one I use is Roboform. You can read my blog entry about it here: Now What Was That Password Again?

Microsoft urges Windows XP users to ditch old Flash version

Microsoft has had it with old versions of Adobe Flash and has issued Security Advisory 979267 to urge users to either uninstall old versions, or upgrade to the latest. More specifically, the software giant is asking users ditch Flash Player 6.0 as the multimedia player plugin contains multiple bugs. Microsoft rarely issues security advisories on third-party products, but since this version of Flash originally came bundled with Windows XP, Microsoft feels it needs to warn its users. Adobe discontinued security support for Flash Player 6.0 in 2006; the current version is Flash 10.0.42.34.The advisory outlines Microsoft’s stance very clearly, making sure to emphasize that the vulnerabilities only occur with the combination of the old version of Flash and old version of Windows other supported versions of Windows do not include the Flash. “The Adobe Flash Player 6 was provided with Windows XP and contains multiple vulnerabilities that could allow remote code execution if a user views a specially crafted Web page. Adobe has addressed these vulnerabilities in newer versions of Adobe Flash Player. Microsoft recommends that users of Windows XP with Adobe Flash Player 6 installed update to the most current version of Flash Player available from Adobe.” The good news is that the advisory says Microsoft is “not aware of attacks that try to use the reported vulnerabilities or of customer impact at this time.”The security advisory was posted on Patch Tuesday, the same day Microsoft releases security patches for all of its software for the month. This month though, the company only posted a single bulletin, Microsoft Security Bulletin MS10-001. It affects all supported versions of Windows, but is only rated as “Critical” for Windows 2000, and “Low” for all later versions. As a result, the Adobe Flash flaw is slightly more serious and should take priority.

via Microsoft urges Windows XP users to ditch old Flash version.

Acer Recalls Notebook Computers Due to Burn Hazard

Acer Recalls Notebook Computers Due to Burn Hazard

WASHINGTON, D.C. – The U.S. Consumer Product Safety Commission, in cooperation with the firm named below, today announced a voluntary recall of the following products. Consumers should stop using recalled products immediately unless otherwise instructed.

Name of Product: Certain Acer Aspire-series Notebook Computers

Units: About 22,000

Manufacturer: Acer America Corporation, of San Jose, Calif.

Hazard: An internal microphone wire under the palm rest can short circuit and overheat. This poses a potential burn hazard to consumers.

Incidents/Injuries: Acer has received three reports of computers short circuiting, resulting in slight melting of the external casing. No incidents occurred in the United States. No injuries have been reported.

Description: The recalled notebook computer models are the Acer AS3410, AS3410T, AS3810T, AS3810TG, AS3810TZ and AS3810TZG. The computer’s screen size is about 13.3 inches measured diagonally. Not all units are affected. Consumers should contact Acer to determine if their unit is included in the recall.

Sold at: ABS Computer Technologies, D&H Distributing, Fry’s Electronics, Ingram Micro, Radio Shack, SED/American Express, Synnex Corporation, SYX Distribution, Tech Data Corporation and other retailers nationwide and Amazon.com from June 2009 through October 2009 for between $650 and $1,150.

Manufactured in: China

Remedy: Consumers should stop using the recalled notebook computers immediately and contact Acer to determine if their notebook is affected and to receive a free repair.

Consumer Contact: For additional information, contact Acer toll-free at (866) 695-2237 anytime, or visit the firm’s Web site at www.acer.com

via Acer Recalls Notebook Computers Due to Burn Hazard.

Those Green Doublelined Words on a Web Page

When you surf, do you see random words or phrases with double underlines? When you move your mouse over them, they display an advertisement related to the underlined words.

This feature, called in-text advertising, turns appropriate words in the browser window into links to the advertiser’s website. These sites work with various companies to link to its advertisers. The browsers support these types of ads and they are created in such a way that most ad-blockers won’t block them. You can try to ignore them by not moving your mouse over them and if you happen to click on one, it will take you away from the current page. Some advertisors will allow you to disable the ads but you’ll have to go company-by-company.  To do so, follow these steps.

Step 1

Point to the double-underlined words, but **don’t click**! You’ll see an advertisement open in a small window near your cursor.

Step 2

If the advertisement is from Vibrant, in the upper right corner of the box, click the question mark button. A new browser window will open pointing to the Vibrant in-text advertising page. If you’re using WOT (Web Of Trust), you’ll get a warning about the site. Continue anyway.

Step 3

Point to the Disable tab. Click “Click here to disable.” It will let you know that to disable, you’ll need to have cookies activated and if you ever clean out your browser cookies, you’ll have to redo these steps.

Step 4

The page should update to now say “Click here to enable.”

Step 5

Close the browser window.

I’ve looked at other advertisors to see how to disable their ads and haven’t found any thing yet. I’ll continue to search though, short of installing a 3rd party program to block these ads.

Follow

Get every new post delivered to your Inbox.

Join 218 other followers