dslreports logo
 
    All Forums Hot Topics Gallery
spc
uniqs
26
lorennerol
Premium Member
join:2003-10-29
Seattle, WA

2 recommendations

lorennerol to antdude

Premium Member

to antdude

Re: Google Declares War on the Password

The title should be "Google declares war on web anonymity"

I don't think they give a rat's @ss about security; it's all about knowing every move everyone makes on the web in order to monetize it.
OZO
Premium Member
join:2003-01-17

1 recommendation

OZO

Premium Member

And that's exactly what they're doing...
NoHereNoMo
join:2012-12-06

NoHereNoMo

Member

Well, the best security systems involve a challenge based on (1) something you have (or are) and (2) something you know. The first could be a device or something else to--supposedly--"prove" who you are (retina scan, fingerprint reader ..."ring"?). Of course, the second could still be a password (or PIN). (However, would this actually make your accounts et al "hack-proof"?)

(At least, if the first were in use here, then one might not jump to the conclusion that someone "unavailable" is a "guy"? )

AVD
Respice, Adspice, Prospice
Premium Member
join:2003-02-06
Onion, NJ

AVD

Premium Member

Microsoft can lock a computer if a bluetooth enabled phone goes out of range.
Kearnstd
Space Elf
Premium Member
join:2002-01-22
Mullica Hill, NJ

Kearnstd to NoHereNoMo

Premium Member

to NoHereNoMo
said by NoHereNoMo:

Well, the best security systems involve a challenge based on (1) something you have (or are) and (2) something you know. The first could be a device or something else to--supposedly--"prove" who you are (retina scan, fingerprint reader ..."ring"?). Of course, the second could still be a password (or PIN). (However, would this actually make your accounts et al "hack-proof"?)

(At least, if the first were in use here, then one might not jump to the conclusion that someone "unavailable" is a "guy"? )

I guess the hard part is how does a biometric device report its scan to the related security package. And could that be man in the middled. aka someone records a legit input and then fools into taking a directly fed data stream.

While the password grows ever weaker as computing grows ever stronger and most people do not use complex passwords because they have to be remembered.

social engineering will likely grow in popularity as a form of hacking. Why brute it when you can gain access right through the side doors.
TheMG
Premium Member
join:2007-09-04
Canada
MikroTik RB450G
Cisco DPC3008
Cisco SPA112

1 recommendation

TheMG

Premium Member

said by Kearnstd:

social engineering will likely grow in popularity as a form of hacking. Why brute it when you can gain access right through the side doors.

Social engineering already is the most popular way to obtain passwords and also the easiest.

It's scary how effective a little social engineering can be and how easily people fall into the trap.

For instance, the classic method of sending emails pretending to be legitimate ones, with a link to a fake website for the user to log in. As long as you can get past the spam filters, you're guaranteed to get quite a few hits.