People Are Actually Using a Joke Dating Site That Matches People Based on Their Passwords

Excerpt from this article:

Finding love has never been easier—at least if you judge by the sheer number of dating apps available on the internet today. But it’s just as hard as it’s always been to find your real soulmate, someone who really understands your quirks (and may even share them), someone who shares your passions, and your password.

Wait, what?

Advertisements

Your Mother’s Maiden Name Is Not a Secret

Excerpt from this article:

Security questions are astonishingly insecure: The answers to many of them are easily researched or guessed, yet they can be the sole barrier to someone gaining access to your account. The cryptology and security expert Bruce Schneier once described them as an “easier-to-guess low-security backup password that sites want you to have in case you forget your harder-to-remember higher-security password.”

There has been no shortage of incidents demonstrating these questions’ vulnerabilities. In 2005, Paris Hilton’s T-Mobile account was hacked by a teenager who, like anyone who searched “Paris Hilton Chihuahua” on the internet, knew the answer to “What’s your favorite pet’s name?” In 2008, Sarah Palin’s Yahoo account was hacked by a college student who reset her password using her birth date, ZIP code and the place where she met her spouse.

How many of us can answer the premillennial “What city were you in to celebrate the year 2000?” or “What year did you take out your first mortgage?” And how many Indian- or Brazilian-born users went to a high school without a mascot, or grew up on a street with no name? How many of our mothers never changed their names?

The other main type of security question asks for a subjective answer. Such questions imagine lives punctuated by distinct firsts and bests and filled with enduring favorites, but favorites and bests and even firsts can change when people maintain accounts for decades. At some point, both factual and subjective security questions become archaeological. “In what month did you meet your significant other?” requires a framing question: Whom were you with when you set up this account?

A 2015 study by Google engineers found that only 47 percent of people could remember what they put down as their favorite food a year earlier — and that hackers were able to guess the food nearly 20 percent of the time, with Americans’ most common answer being pizza.

 

‘I Forgot My PIN’: An Epic Tale of Losing $30,000 in Bitcoin

Excerpt from this article:

The problem was, I was the thief, trying to steal my own bitcoins back from my Trezor. I felt queasy. After my sixth incorrect PIN attempt, creeping dread had escalated to heart-pounding panic—I might have kissed my 7.4 bitcoins goodbye.

I barely slept that night. The little shuteye I managed to get was filled with nightmares involving combinations of the numbers 1, 4, and 5. It wasn’t so much the $8,000 that bothered me—it was the shame I felt for being stupid enough to lose the paper and forget the PIN. I also hated the idea that the bitcoins could increase in value and I wouldn’t have access to them. If I wasn’t able to recall the PIN, the Trezor would taunt me for the rest of my life.

Be ‘very concerned’ about cell phone searches at U.S. border, says privacy czar

Truck traffic

Excerpt from this article:

New Democrat MP Nathan Cullen asked if that means no Canadian should cross the border with a phone, laptop or tablet unless they have “great comfort” with a U.S. border official inspecting the contents.

“Yes, as a matter of law,” Therrien said, though he acknowledged officers would not have time to inspect everyone’s devices, given the huge numbers of people that cross the border daily.

Therrien agreed with Cullen’s suggestion that nothing in law could prevent U.S. border officials from peeking at a senior Canadian official’s “playbook” on a trade negotiation.

Cullen said one of his constituents was denied entry to the U.S. on health-related grounds because information on the person’s phone indicated a prescription for heart medication.

 

As ‘Game of Thrones’ Returns, Is Sharing Your HBO Password O.K.?

Excerpt from this article:

The seventh season of “Game of Thrones” returns on Sunday, and if you’re like a significant chunk of HBO’s viewership, you can watch it thanks to the login credentials tracing back to your friend’s ex-boyfriend’s parents.

But if you listened to the headlines after a court decision last July, you might fear a SWAT team could bust down your door in the middle of your illicit “Veep” episode. Countless news sites reported that sharing your password would be a “federal crime,” while others suggested you might “go to jail” for it.

The less hysteric truth is more complicated but experts largely agree: You are in very little danger of legal trouble by sharing your password or using a shared one. The laws remain murky, but the government is unlikely to prosecute you, and the streaming video services have shown no desire to go after customers.

(We’re not saying you should use someone else’s password. As an ethical issue, it’s probably a good idea to pay for it. The same goes for news.)

A short investigation into the mysterious tweets from press secretary Sean Spicer

Excerpt from this article:

One possibility is that they are passwords, tweeted out as whoever is behind the account gets used to the new security procedures governing it. There are a lot of theories out there on how it might have happened. By far the most likely is that of the Guardian’s Alex Hern, who identified one possible way that could happen, if the @PressSec account has two-factor authentication activated.

Two-factor authentication provides an extra layer of security for password-protected accounts, and it would be good for the official account of the press secretary for the White House to have it. In fact, it would be good for anyone with a Twitter account to have it. According to a brand-new Pew report on cybersecurity, about 52 percent of Americans have used two-factor at some point to manage an account.

In case you are one of the 48 percent of Americans who haven’t used it, here’s how it works: In addition to entering in a password, two-factor requires users to enter in a randomly generated code that changes with each login, usually sent to your phone through either an app or a text message. For Twitter, those codes are sent via text by default, from a number that should look familiar to any longtime Twitter users: 40404.