|
Your donations keep RPGWatch running!
RPGWatch Forums » General Forums » Tech Help » This week in computer security

Default This week in computer security

March 4th, 2019, 19:34
Unrelated much but just so you know.
Facebook tried and is trying to stop privacy legislations all over the world:
https://www.theguardian.com/technolo…aws-investment
Social network targeted legislators around the world, promising or threatening to withhold investment
Yea, all your answers to security questions about an account should belong to Facebook and it should be able distibute them to 3rd parties without any penalty.

Here's hope this blackmailer/hating platform that started as a positive company to keep people connected then ended up as big brother gets banned worldwide.
--
Toka Koka
joxer is offline

joxer

joxer's Avatar
The Smoker
RPGWatch Donor
Original Sin 1 & 2 Donor

#361

Join Date: Apr 2009
Posts: 19,929
Mentioned: 110 Post(s)

Default 

March 5th, 2019, 00:14
Btw certain home cisco routers have a critical bug with a known exploit; patch is available so if you have a cisco product upgrade (or check for upgrade):
https://www.zdnet.com/article/hacker…rv215-routers/
you is offline

you

Lazy_dog
RPGWatch Donor
Original Sin 2 Donor

#362

Join Date: Oct 2006
Location: usa - boston
Posts: 6,373
Mentioned: 37 Post(s)

Default 

March 7th, 2019, 06:44
On the positive side (you remember the positive side, right?) - it looks like PGP is coming to authentication: https://www.w3.org/2019/03/pressrele…authn-rec.html

If I understand that right, websites don't keep your password anymore. Instead, they keep your public key. The actual authentication is done on your PC/phone/internet-aware-mattress via whatever method you like (I'll leave the mattress' method of ID up to your imagination). Every website gets its own key pair.

I haven't looked yet on what happens if the device that has your keys goes missing.
--
The very powerful and the very stupid have one thing in common: instead of altering their views to fit the facts, they alter the facts to fit their views….
-- Doctor Who in "Face of Evil"
Zloth is online now

Zloth

Zloth's Avatar
I smell a… wumpus!?

#363

Join Date: Aug 2008
Location: Kansas City
Posts: 6,028
Mentioned: 17 Post(s)
+1:

Default 

March 7th, 2019, 13:09
I didn't read the standard but it sounds like a good start; I guess they will have you answer a security question; you encrypt it with your private key and they decrypt it with your public key?

Wonder how they deal with key loggers and if it will make people more vulnerable once the private key is lost ?

Originally Posted by Zloth View Post
On the positive side (you remember the positive side, right?) - it looks like PGP is coming to authentication: https://www.w3.org/2019/03/pressrele…authn-rec.html

If I understand that right, websites don't keep your password anymore. Instead, they keep your public key. The actual authentication is done on your PC/phone/internet-aware-mattress via whatever method you like (I'll leave the mattress' method of ID up to your imagination). Every website gets its own key pair.

I haven't looked yet on what happens if the device that has your keys goes missing.
Last edited by you; March 7th, 2019 at 21:09.
you is offline

you

Lazy_dog
RPGWatch Donor
Original Sin 2 Donor

#364

Join Date: Oct 2006
Location: usa - boston
Posts: 6,373
Mentioned: 37 Post(s)

Default 

March 7th, 2019, 17:09
"seriously, update your Chrome installs… like right this minute."

https://www.androidauthority.com/goo…ty-963311/amp/

A pretty extreme vulnerability - could grant access to all your data, and pwn your system. Might actually be worth making a newsbit for this one.
--
"Orwell was almost exactly wrong in a strange way. He thought the world would end with Big Brother watching us, but it ended with us watching Big Brother." Alan Moore
Ripper is offline

Ripper

Ripper's Avatar
Ngikufisela iwela

#365

Join Date: Nov 2014
Posts: 7,690
Mentioned: 49 Post(s)
+1:

Default 

March 8th, 2019, 21:08
And when you update it - update it again as there was (I think) a second flaw and a second patch


Originally Posted by Ripper View Post
"seriously, update your Chrome installs… like right this minute."

https://www.androidauthority.com/goo…ty-963311/amp/

A pretty extreme vulnerability - could grant access to all your data, and pwn your system. Might actually be worth making a newsbit for this one.
you is offline

you

Lazy_dog
RPGWatch Donor
Original Sin 2 Donor

#366

Join Date: Oct 2006
Location: usa - boston
Posts: 6,373
Mentioned: 37 Post(s)
+1:
RPGWatch Forums » General Forums » Tech Help » This week in computer security
Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

All times are GMT +2. The time now is 04:20.
Powered by vBulletin® Version 3.8.11
Copyright ©2000 - 2019, vBulletin Solutions Inc.
vBulletin Security provided by DragonByte Security (Pro) - vBulletin Mods & Addons Copyright © 2019 DragonByte Technologies Ltd.
User Alert System provided by Advanced User Tagging (Lite) - vBulletin Mods & Addons Copyright © 2019 DragonByte Technologies Ltd.
Copyright by RPGWatch