Category Archives: Security

Heartbleed Bug – What to Do

I’ve been advising people to use 1Password for years now. Turns out that continues to be good advise. 1Password is immune to the latest security problem that’s affecting some 70% of all Internet sites.

Password Advise

While your data is safe within 1Password itself, there is a good chance websites you used were vulnerable and did not protect your username and password.

The knee jerk reaction to this news is to change all your passwords immediately. While I will be recommending you change your passwords, not all websites have been updated yet to protect against this vulnerability.

The best advice I can give you is to change your most important website passwords immediately, including your email, bank accounts, and other high value targets. This will provide your best defense against previous attacks.

After a few weeks, websites will have been upgraded with new SSL certificates, and you will be able to trust SSL again. At this point you should change all of your passwords again.

Print Friendly

Confidential Data Leaving on Workers Mobile Devices – Under-30-Year-Olds Don’t Care

A security cable attached to a Kensington Security Slot

More than half of employees admit to storing, sharing and working on corporate documents on their personal devices-and this number is growing.

If you think your BYOD policy telling employees that they can’t put sensitive data on their personal smartphones, laptops and tablets is keeping your company safe, think again. Few office workers are actually aware of their company’s BYOD policy.

These are the alarming findings from a recent survey of 4,000 office workers in the United States and United Kingdom, conducted by market researcher Ipsos Mori and commissioned by cloud collaboration platform provider Huddle.

The survey found that 73 percent of respondents in the United States are downloading personal software and apps onto corporate-owned tablets.

Now for the kicker: The security problem is only going to get worse as millennials flood the workplace. That’s because millennials, especially on the younger side of the generation, don’t really care about security or the stress it causes the IT department; they just want BYOD without restrictions.

The survey calls 18- to 24-year-olds the “gourmet chefs of security breach,” because they play loose with corporate documents. That’s not good, given that millennials will make up the majority of your workforce by 2015, according to the U.S.

Print Friendly

FBI is Remotely Activating Android Smartphone and Laptop Microphones

Image representing Android as depicted in Crun...

According to an article out in the Wall Street Journal this week, it appears that the FBI has been busy exploiting vulnerabilities in the Android operating system to spy on people.  Hopefully they’re just spying on the bad guys, but with things going as they have been lately, who knows?

According to the WSJ’s source, the FBI resorts to these tactics when they’re out of options, and “don’t have any other choice.” The tools used to gather the data are often installed remotely, using essentially phishing style links that injects essentially Trojan software when clicked by a suspect under surveillance. They can also be installed via physical access and a USB drive, the report says, and in all cases the FBI tries to ensure only “relevant data” are gathered by its hacking efforts, through the use of a screening team that checks for relevancy before handing information off to investigators working the case.

The FBI employs a number of hackers who write custom surveillance software, and also buys software from the private sector, former U.S. officials told the WSJ.

Print Friendly

Phil Zimmerman, Security Expert and Author of PGP, Gives A Primer On Encryption

Phil Zimmerman discusses PGP and his latest Secure Phone and Texting Company, Silent Circle.  What concerns should you have?  What requirements are there for using encryption?

What is the NSA doing with PRISM, and how does it affect us?

Zimmerman Part 1 

Part 2

Print Friendly