Things That Would Not Have Happened On Safe

Was going to post this. Woke up this morning to discover that I’m part of one of the biggest password dumps ever! :sunglasses:

The HaveIBeenPwned blog post: Troy Hunt: The 773 Million Record "Collection #1" Data Breach

5 Likes

Now we have a winner !
Day is getting close when the amount of non compromised adress / password pairs is lower than compromised ones :slight_smile:

4 Likes

And when quantum cryptography comes in, no way to affect this collection :sunglasses:

2 Likes
2 Likes
1 Like

Yeah, just incredible, in a bad way!
Luckily my 2 main accounts aren’t affected, just one of my older accounts is.
The Password checked, accessed form the Nav top bar, is also really useful.

1 Like

I use KeePass and generate different, random passwords for all my sensitive accounts. I bat an eye at these breaches.

I do reuse passwords for my throwaway accounts, mostly for convenience. Not too catastrophic if those get compromised :smile: Actually, it’s not the first time my throwaways have been “pwned”, but no one’s tried to log into them, to my knowledge. There are just too many accounts in some of these breaches :slightly_smiling_face:

4 Likes

One of the downsides of having used different passwords for my accounts - forever - is that I don’t know which ones need changing. Fingers crossed, this hasn’t been an issue so far.

Yeah, I use LastPass, even though they had an issue a while ago, which has a built-in Security Checker that lets you know when you have accounts that the credentials need to be changed.

I know a lot of people like LastPass and it’s recommended by Troy Hunt in the article I linked (which makes me think he’s affiliated…), but I would never use it. For one, it has a history of security issues, as you’ve mentioned, while KeePass has successfully been audited. KeePass is also free and open source while LastPass isn’t. I avoid closed source, proprietary software as much as possible, especially for something so critical to my personal security. Finally, I would just never trust any browser extension with such sensitive data.

9 Likes

I see KeepassXC here and not LastPass: Tool Guides | Surveillance Self-Defense
See also Lessons | Security Education Companion

4 Likes

I actually use KeePassX, but if the EFF recommends XC then I would go with that. Great links by the way :+1:

3 Likes
2 Likes

Another censorship action in China.

3 Likes
1 Like
2 Likes

YouTube will filter the recommendations:

[…]
We’ll continue that work this year, including taking a closer look at how we can reduce the spread of content that comes close to—but doesn’t quite cross the line of—violating our Community Guidelines. To that end, we’ll begin reducing recommendations of borderline content and content that could misinform users in harmful ways—such as videos promoting a phony miracle cure for a serious illness, claiming the earth is flat, or making blatantly false claims about historic events like 9/11.
[…]
This change relies on a combination of machine learning and real people. We work with human evaluators and experts from all over the United States to help train the machine learning systems that generate recommendations. These evaluators are trained using public guidelines and provide critical input on the quality of a video.
[…]

Sure, the content itself is not deleted or blocked, but it may have big impacts in political subjects, where critical voices could be hidden/not recommended by default, if YouTube and it’s unknown “experts” think so.

1 Like

It’s been like that for quite a long time – the recommendation systems usually show you more of what you like, hiding things that you are ‘might not like’. Effectively this results in a hidden form of censorship, when important news about societal issues can be hidden from e.g. your Facebook feed because it’s unlikely you’ll click on it and generate revenue.

There was a great research on this problem from the MIT Media Lab, “Defending Internet Freedom through Decentralization”.

6 Likes

Been an awful lot of tweets today and marketing in general for keeping data safe and private. Maybe i’m hoping, but it feels like the beginning of buildup for more tangible product, am I wrong?

1 Like

More data vulnerability ugliness :

1 Like