Nearly 5 million Google email accounts & passwords exposed, how?

These accounts were hacked because users tended to reuse their logins and passwords on other sites that had no automated anti-hijacking systems (or security features), e.g. extra loading time for login attempt (i.e. time delay increases total guessing time that will hamper the hack), locking accounts for failed login attempts, token requirement, login only from certain IP addresses, mobile phone authentication code, two steps authentication, and many more.

Parking such sensitive information in unsafe sites will allow hackers to initiate Brute Force Attacks such as password-guessing attack, and the time hackers succeed in their unrestricted attempts depends on the strength of the password (you can predict the amount of time it takes to guess a password [by Gibson Research Corp.]), e.g. stronger password such as: T_*1s+pq9_1 takes approximately 1.83 years to figure out if the guessing attempt is unrestricted by the server.

Fortunately, Google does invest significant effort to ensure user accounts are not compromised. That is why I prefer not to share my Google account and password with other service providers.

However, it’s really difficult to find out what are the security features provided by service providers, e.g. Yahoo, Facebook, Blogs, Forums, etc. There is no standardization of security requirement for service providers, and thus it’s difficult to decide which sites should be avoided.

The expectation that users are the ones who should constantly increase their password strength and frequently change them is flawed. It’s very improbable to change passwords frequently and increase the complexity of passwords. Human brain is not programmed to be that “dextrous”. There should be a better way to authenticate user identity. That will be the million dollar question.

Just a thought.

References

  1. Brute force attack (by System Administration Database)
  2. WordPress – All in one WP security and firewall

What I missed but can’t do…

I guess if you “grow up” (as in grow up can’t you!) in a society, you tend to conform to the norms in manners and behaviour that you lose your carefree self (one you missed the most). The older you get, the less fun and interesting life becomes. To make matter worst, there are rules and laws to punish those who divert too far from accepted behaviour. Those who stayed “eccentric” faces challenges of being accepted as part of society. Sometimes, the fear of incarceration place a pressure to conform. Here are some acceptable things to do that I missed.

1. Squat and sit everywhere I choose, especially when I’m physically exhausted. I don’t mind squatting/sitting beside walkways, pavements, staircase, etc….

2. Staring at people. What is so wrong in staring people, or being stared at? Why would it make a person uncomfortable? Ever wonder how performers feel being stared for hours? An alternative is just stare blankly for hours, and outcompete even the zombies in doing so.

3. Laugh out loud. Come on, laughters are contagious, they shouldn’t be made to feel as nuisance (well, except in library, other’s funeral etc. of course).

4. Climb. Climb trees and buildings (or any structural aspect of a building), rails etc. Just climb and jump and repeat that until you are exhausted.

5. Shout out loud. When was the last time we emptied our lung to a contented shout of happiness, frustration, anger, surprise etc? It felt so good just to be able to increase the decibel of our surrounding. Wouldn’t that be a kick if accompanied by crazy dance/move?

6. Sit and keep quiet for the longest time among friends or with company. Shut down and listen and then drift off by the sound of incoherent conversation in the background. It is sort of like “stoned” with company.

to be continued…..

Addicted to Yahoo thumbs?

What’s with, “Congratz, u got thumbs up for your comment, your answer, your pictures, etc.”. I just don’t care!

Probably that is why I’m getting more thumbs down than up. It really doesn’t matter to me much, whether I have ups or downs, but I couldn’t take it when I get this message, “comment hidden due to low rating”. What the hell? I would have preferred the old days when comments were screened by admin for inappropriateness. It had been fairer (or just) rather than being “censored” because what I said wasn’t agreeable to the majority.

How fortunate that not all sites subscribe to thumb down….

New Year resolution 2013

List of things to do:
1. Healthy lifestyle – exercise, healthy diet, less worries, be happy….
2. Positive aura – less worries, be happy, discount setbacks, count blessings, recognize self worth, receive constructive criticism….
3. Work smart – set realistic goals and prioritise, achieve goals with less amount of time without compromising commitments and responsibilities, identify bottlenecks and find solutions, overexertion compromise thinking, help and let help….
4. Family – if you can achieve the above, you will be able to love your family, friends and people more…..