Category: Tech & Tools

Has my email address been hacked?

Update 16 Jan 2019

Security researcher Troy Hunt reports a huge leak of 773m leaked email addresses, including 21m unique email/password combos. This will be one of the biggest bubbles in the data-leak-top-list right away.

What to do now?

  1. Check your email addresses in the HIBP database (“Have I Been Pawned”) if they appear in any so-far discovered leak, including this one.
  2. Put your email address in the free HIBP notification service which will inform you in case your email address will be affected from future leaks.
  3. If in doubt about any specific password, check your passwords if they appear in any discovered leak. (Normally, you should NEVER, NEVER EVER post any password anywhere on the net, but Troy Hunt employs the concept of k-anonymity which makes sure that no clear-text will ever be revealed to any third party -not even the HIBP service itself. In the end, it is a matter of trust.)
  4. If not already in place, go ahead and use a password manager like BitWarden, LastPass, or 1Password.

Beyond that, you should consider using unique yet easy to remember passwords for every single service you use. This will save you hours of work and some sleepless nights easily, just in case 🙂

More

Unsplash

Unsplash is a dream for webdesigners, a nightmare for stock photo providers. High quality photographs under Creative Commons Zero license, which basically means “do whatever you want“.

First impression: Very good image quality, professional content structure, appealing presentation, and a considerable number of images actually being available. That makes it a much better choice compared to offers with a similar approach.

More

Generate and remember secure passwords easily

Security in the internet age has long been neglected by the majority of users, even though their data has been at risk or even exposed not only recently. Nevertheless, many users struggle to use password managers in order to use strong and unique passwords for all services they use. You recognize yourself? Then there is good news for you: Even without using a password manager, it is quite easy to generate and remember secure and unique passwords for everyday use. Just follow the steps below and instantly use passwords complying with all standards which experts recommend for strong passwords.

    • At least 12 characters long
    • No words which can be found from a dictionary
    • No personal information
    • Should contain lower case letters, upper case letters, numbers, plus special characters
    • Unique for every website/service used

You can easily create and memorize passwords complying with these requirements by creating an individual rule.

(more…)

More

Protect your privacy (WOT edition)

The browser plugin Web of Trust (WOT) claimed to protect your privacy. Instead, WOT recorded your internet usage from your browser, performed poor anonymization of this data and then sold it. Consequently, the private lives of millions of users have been compromised. Their account balances, their travel, their families, many things have been exposed.

Problem is: most browser add-ons are capable of monitoring your activities and noone knows what happens to the data they record. This is a wide field, but focusing on the WOT scandal and browser extensions, you can protect yourself.

  • Delete any blocker/tracking add-on with commercial background, e.g. AdBlock (Plus), Ghostery, WOT etc.
  • Instead, use open source or trusted-source add-ons like uBlock Origin (open source, Chrome, Firefox), Privacy Badger (by Electronic Frontier Foundation, Chrome, Firefox) and HTTPS everywhere (by Electronic Frontier Foundation, Chrome, Firefox).

Besides, you should use a password manager like KeePass (open source) or LastPass in order to use secure and different passwords for all websites / services you use!

If you think you’re safe, think again.

More

The current state of Blockchain

…it seems the hype cycle did it again 🙂 The Blockchain keeps on being hyped so hard these days. There is no conference and no techtalk where some “blockchain evangelists” would NOT try to talk you into their super-duper project. I’m still waiting for a proof of concept, an actual product or at least platform which can be used by private individuals beyond some appealing but lab-style experiments.

To my knowledge, there is only two types of use secenarios for blockchain and distributed ledger technologies right now: firstly, tokens/currencies (which are basically worthless if you ask me due to carrying no real value beyond cloudy promises, and the absence of any regulation). Secondly, transactional systems, where the technology can be used in some closed-shop internal use cases in cross-border-banking to ease some of the problems which come with cross-border, multi-currency transactions.

But beyond that: nothing. I’d say the “valley of despair” shouldn’t be far 😉

More
RC