Digital privacy

A solution for safely remembering your password

PasswordCard is a customizable solution for picking and remembering passwords similar to the charts banks have been using for online banking login. Here is how it works:

  1. The Web site uses a reference key to generate a PasswordCard. In this example it is 3139514585bbbd70. You can safely write your key down and store it somewhere. If someone gets hold of it, they cannot guess your passwords.
  2. The PasswordCard features a grid of random code divided in columns of symbols and lines of different colours:

    You can download that PasswordCard and print it on paper to carry with you.
  3. When you need a password, just remember the symbol and the colour that determin where your password begins. To make it even harder to crack, you could be reading the random code in other ways than from top left to bottom right. You could for example read it in diagonal or in Zig zag. The point is to pick a pattern for each password that you can easily remember.
    For example an 8 character password, from clover column and pink line, from top left to bottom right reads:
    MWqvp9YF

Should your PasswordCard get lost or stolen, the person who gets their hands on it will still be missing four informations to read the password:

  • password length
  • symbol column
  • colour line
  • reading direction

With your key code, you can go on the Web site any time and extract the same key to print again.

Share

Digital privacy
Encryption
Security

Comments (0)

Permalink

A new audio format that brings nothing new

In an article titled Is The World Ready For The Successor of the MP3? Wired.com reports about MusicDNA, a format developed by german firm BACH Technology. From the title it sounded like the article would be talking about a new audio file format. Disappointingly, the successor of 19 year-old MP3 turns out to be… MP3, with extended upgradeable tags.

The sales pitch is that MusicDNA would be reverse-compatible with current MP3 players, and the format would include upgradeable additional info like lyrics, album cover and newsfeed.

What’s worse, since MusicDNA gets information downstream from the labels, what tells us that the labels are not able to collect information upstream? That would be a good way for them to monitor the end users, whom I am sure would be thrilled to use anything that has a backdoor.

A lot of music library management applications now have the option to fetch song, album and artist info as soon as a file is played, not to mention scrobbling. Why not work along those lines and instead improve the performance of data compression? MP3 is by far one of the worst destructive compression formats.

Labels should make it easier for users to purchase digital music online. I am writing from one of the most economically dynamic countries on the European continent, and yet options are still limited from here. This is why I am still getting my music through purchasing second-hand CD’s on Amazon and ripping them… in OGG Vorbis.

Share

DRM
Digital privacy
Economic sustainability
Internet
Multimedia
Social networking

Comments (0)

Permalink

British anti-leaking guidelines document leaked

Following several cases of data irresponsibility, namingly government officials “losing” unencrypted classified information, the British Ministry of Defence compiled a document outlining how to prevent confidential information from being leaked to the Internet.
Problem is, that very document has just been leaked to the Internet.
Bummer!

Share

Data irresponsibility
Encryption

Comments (0)

Permalink

simple reasons as to why Windows Live sucks

I’ve started using my Microsoft Hotmail Windows Live account again, and it didn’t take a hard look to find 2 reasons why it is vastly inferior to Google Mail:

  1. Informations are passed on a transparent HTTP connection. Gmail uses encrypted HTTPS all session long.
  2. Windows Live allow me to search keywords in ONE message at a time. Gmail allows me to search keywords in the frickin’ thousands of email I have been getting since opening my account.

Way to go Microsoft, Bing! must be a big threat to Google if you’ve put the same attention to detail in developing it.

Update: last week, Microsoft reported that thousands of Hotmail accounts were exposed over a phishing attack. I know better than to click on an email link to log into my account, so it seems that many of those exposed accounts were used to corrupt the Hotmail network, including my own account. I got about 20 spam mail allegedly sent by contacts, and 10 mail sending failure notices to contacts from my Hotmail list. I proceeded to change my password, and it now seems that the Hotmail spam filter is temporarily disabled, letting all the junk mail reach my inbox. I’m sure this is prompting a lot of long time Hotmail users to move to a more serious provider like gMail or Yahoo.

Update: Turns out my vacation reply has somehow been activated, featured the same text I’ve seen on and on, and was set to reply to every incoming mail (which according to Microsoft makes me more vulnerable):

Dear friend,
how were you going? I would like to introduce you an really good space,there are mainly run various kinds of famous electornic products, it’s true charm pioneer.Now the company is under promotion, all of the products are sold nearly as the same as their cost.
Charmpioneer renders the best service to customers, and provides you with original products which are very cheap, but good-quality.
It is really a good opportunity for taking action, let’s go,just do it, and you will fall in love with it.

The web address: (www.)brcian.com

Update: Now I noticed that my contact list has completely dissapeared whenever I connect with an IM client.

Share

Bloatware
Cybercriminality
Data irresponsibility
Digital privacy
Economic sustainability
Encryption
Google
Internet
Messaging
Migration
Phishing
Security
Spam
Vulnerability

Comments (0)

Permalink

U.S. Department of Defense to teach migrating to open-source software

I have written about the United States National Security Agency contributing to information security (with its release of the SHA cryptographic hash functions) and a set of modifications that can be applied to Unix-like operating systems, such as Linux and BSD.

Now, the United States Defense Information Systems Agency (a division of the Department of Defense), has started running seminars on migrating to open-source software. That’s a pretty strong endorsement for open-source.

Read more on Cnet.com.

Share

Digital privacy
Economic sustainability
Encryption
Migration
Open
Security
Vulnerability

Comments (0)

Permalink