The latest news from United Kingdom’s major retail bankers says that if your online bank account has been compromised and you didn’t use any Internet computer security software such as antivirus and antispyware (e.g. Norton 360), you solely bear the responsibility for the loss, and they won’t compensate you a dime. A clause has been added to the newly updated Banking Code to make this very clear.
Every once in a while, I receive an email from a friend which doesn’t have a personal message but a link with inspiring thoughts and beautiful pictures intent on uplifting my day. Even though my friend does not share a word in the email, I still appreciate the fact that they thought of me.
Bite me, Blockbuster Online. Oh, and you too, Facebook.
About three years ago, I signed up for Netflix, Walmart DVD Online, and Blockbuster Online. I wanted to see which interface was better, and who was quicker about sending me DVDs in the mail. Netflix won, hands down.
Blockbuster has recently come out with an interesting idea, however, where you can rent online, as well as in the store. They have been pestering me to “come back” for years, and yesterday they sent me a free month. So I thought, what the heck. I’ll sign up, rent a few, and then cancel after 29 days.
I canceled after one. Here’s why:
We took a lot of flack over a post back in January that questioned the security of Apple’s Mac OS X. TechConsumers left various comments ranging from “For some reason unknown to me, no one can ever show me a situation where a user opens a e-mail and their Mac turns into a robot sending out hundreds of e-mails” to “Mac OS X *is* inherently safer. You have to be a major league Windows zombie not to know and accept that.”
Well, CanSecWest’s PWN 2 OWN contest has just shown that Mac OS X isn’t “inherently safer” and that clearly it is possible for a user to open an e-mail on a Mac and have it join a spam botnet.
So I joined MySpace about a week ago and was already annoyed at the way they sent me my password over email. But then, just a few days later, I got an email with my first MySpace message / friend request from someone named Riley whose profile picture is a girl in a swimsuit. Originally, her (or his?) profile showed the same city and state that I live in, though now it’s been changed to Greenville, Ohio. Here’s the text of the message:
Last month I picked on search engine Mahalo as an example of a company emailing its customers passwords. I mentioned how having your password floating around openly on mail servers can defeat the purpose of having a password in the first place. Mahalo’s founder and CEO, Jason Calacanis, joined the discussion and some good thoughts were shared from both sides of the issue.
Being that I’m studying for my bachelor’s degree in information technology security, I often find myself experimenting with certain computer security measures and countermeasures. Currently I’m enrolled in a class that focuses on computer and data forensics. Because of this, I have access to trials of some interesting computer forensics programs such as Access Data: Forensic Tool Kit (FTK) and Technology Pathways ProDiscover. Both of these are used by top computer forensics agencies for recovery and analysis of computer hardware and accessories.
Let’s face it; we all reuse the same password for login accounts all over the Internet. At best, some of us create a few passwords through which we rotate.
So why is it that some companies still insist on sending me my password via email right after I create my online account? The reason I have a password in the first place is so that it doesn’t flow back and forth openly in cyberspace only to reside peacefully on multiple mail servers.
