News Posts matching "password"

Return to Keyword Browsing

Lenovo and Nok Nok Labs to Deliver Next Generation Strong Authentication

Nok Nok Labs, a company founded to transform online authentication for modern computing announced today a partnership with Lenovo, the world's largest PC vendor. Lenovo is working with Nok Nok Labs to develop a joint solution to the ongoing problems created by the reliance on weak or complex passwords. The companies will deliver a FIDO-ready solution to the market in early 2014 that meets the dual user demands of ease of use and increased security.

Launched in February 2013, the FIDO Alliance is developing a new industry open standard to address the lack of interoperability of existing authentication solutions and the problems users face with multiple usernames and passwords. This new open standard for strong authentication will enable websites and cloud applications to interface with a wide variety of existing and future FIDO-enabled devices and technologies.

Buffalo Unveils New, Secure USB Flash Drive

Buffalo Inc. has today announced the RUF3-PV Series Flash Drives which offer enhanced data and virus protection through the use of built-in password protection and anti-malware software (namely Trend Micro USB Security 2.0). Coming in black and red, these new drives measure 65 x 23 x 9 mm, they have a retractable connector, USB 3.0 support, and deliver read speeds of up to 70 MB/s.

The RUF3-PV line includes 8 GB, 16 GB and 32 GB models and is set to hit stores in mid-September.

Blizzard Servers Hacked, User Data Compromised

Online gaming giant Blizzard Entertainment reported unauthorized access to its servers. The security breach was detected earlier this week, and the company claims that the hackers may have accessed user data such as e-mail addresses of Battle.net users, their personal security questions, and information related to mobile and dial-in authentications.

Blizzard claims that the information compromised is not enough for anyone to gain access to the Battle.net accounts, and that there was no evidence to suggest that more vital bits of user data, such as real names, credit card information, or billing addresses were accessed. Users' Battle.net passwords, which are cryptographically-scrambled, may have been accessed. Since SRP (secure remote protocol) is used to protect the passwords, it is extremely difficult to unscramble them. Blizzard strongly recommends users to change their passwords as investigations into the security breach are on.Source: Shack News

Addonics CipherUSB Encrypts All Your Sensitive Data

Identity theft is something many students take for granted until it happens to them. Laptops and notebook computers are a potential gold mine for thieves unless you encrypt your data, according to Addonics Technologies. The CipherUSB from Addonics provides a simple and inexpensive way to encrypt data stored on flash drives, flash media, USB hard drives as well as Blu-ray, DVD or CD media.

A student's mobile device may include your resume, transcripts, school or internship applications, or financial records? Equally, administrators who use a laptop for their job, may have files such as human resources records, student applications, transcripts, research data or payroll information stored on their system. Should your laptop be lost or stolen, you want the data inside to be electronically inaccessible.

NVIDIA Forums Hack: Passwords Not Salted

A group of hackers that claimed responsibility for hacking NVIDIA forums (forums.nvidia.com), which goes by the name "Team Apollo," posted the first piece of its exploits on Pastebin (find it here). The user data dump contains details of every fifth user of the forums. From what we can tell looking at the pasted data (which is now very much in the public domain), the passwords found in the user tables are not salted. NVIDIA was less than honest about that part.

The passwords are stored as raw MD5 hashes, which can be fairly-easily decrypted (when compared to hashes with salt values). To make matters worse, certain MD5 decryption websites have large databases of pre-decrypted MD5 phrases, potentially making decryption these hashes easy. Or you could just use a CUDA-accelerated MD5 decryption tool, which munches through unsalted MD5 hash values at the speed of a small supercomputer. If you have an NVIDIA Forums account, and your passwords on other websites (forums, email accounts, banks) even remotely resemble that of your NVIDIA forums account, it is strongly recommended that you change your passwords on each of those other websites.

WD Enters Wireless Home Networking Market

Western Digital, the world's leader in external storage solutions and maker of the popular WD TV media player family, today unveils its first line of wireless home networking products, designed specifically to accelerate movies, video and gaming, delivering a premium high-definition entertainment experience. With the My Net family of powerful and easy-to-use home networking products, WD debuts its exclusive FasTrack technology that instantly detects entertainment traffic on the network and fast-forwards it to gaming consoles, media players, smart TVs, tablets, smartphones, computers and other Wi-Fi connected devices.

Possible Precedent: Accused Americans Can Be Forced To Decrypt Their Encrypted Data

The Fifth Amendment rules that nobody may be "compelled in any criminal case to be a witness against himself." Or, in other words, one has a right to avoid self-incrimination. Therefore, it's highly significant that Judge Robert Blackburn ordered a Peyton, Colorado woman accused of a being involved in a mortgage scam, to decrypt the hard disc drive of her Toshiba laptop no later than February 21. If not, she would face the consequences, including contempt of court. In a 10-page opinion, the judge wrote, "I find and conclude that the Fifth Amendment is not implicated by requiring production of the unencrypted contents of the Toshiba Satellite M305 laptop computer."

Password Security The Windows 8 Way

Windows 8 implements a radical new user interface called Metro for desktop PC's, which has so far received a mixed reception. However, there's many other changes under the hood and one of those is how password security is handled, which we look at here. It's a fact of life, that in today's modern world, we have to remember a plethora of passwords and PIN's, which can be daunting. This leads to security issues as users end up writing down passwords and/or create very insecure ones which can be easily guessed. Windows 8 aims to uphold strong password security, while at the same time, easing the burden on the user. Also, passwords can be obtained in various ways by miscreants, such as phishing, keylogging, guessing, and cracking. Windows addresses each of these problems in three main ways:

EA: New Online Gaming Content Codes Could Expire Before Even Being Used

If you're buying an Electronic Arts game, be prepared for the Online Pass that came with it to have already expired. This was the recent experience of a NeoGAF member who bought a brand new copy of Need for Speed: Hot Pursuit from Amazon, only to find that he got an error message saying that the code was either incorrect or no longer valid. Gaming website Joystick picked up on this and asked an EA advisor about this situation. It turns out that it's EA's corporate policy to have some of these codes expire, but that no one should be faced with this, as a rule. However, if they are, then they can get a new one for free, by either downloading it or getting it from EA directly. Checking the EULA shows that at the moment, there is only one game with this restriction. It's only Dragon Age 2 (packaged) which has a time-limited an Online Pass code and that it expires on March 31, 2012:

Windows 8 Secure Boot Feature: Not So Secure?

We have brought you the potential perils of the upcoming UEFI Forum-implemented - www.uefi.org - Windows 8 secure boot feature here, here and here. However, it appears that it may not be so 'secure' after all, since there appears to be a surefire way to circumvent it, at least for the moment, while it's in development.

Softpedia has scored an exclusive interview with security researcher Peter Kleissner, who has created various Windows (XP, Server 2003 etc) "bootkits", which allow OS infection at the highest privilege level, giving unrestricted access to the whole of the PC. His latest one, called Stoned Lite, shows how the Windows 8 secure boot process, still in development, can be subverted, as it stands. He is planning to release details of how the code works at the upcoming International Malware Conference (MalCon) - http://malcon.org - that will take place in India on November 25th. It appears that the real vulnerability exists in the legacy BIOS boot procedure, not in Microsoft's implementation of secure boot, as Kleissner said:
The problem with the legacy startup is that no one verifies the MBR, which makes it the vulnerable point. With UEFI and secure boot, all the boot applications and drivers have to be signed (otherwise they won’t be loaded). You can compare it to TPM, although Arie van der Hoeven from Microsoft announced that the secure boot feature is mandatory for OEMs who want to be UEFI certified. It is a good message that security is not an option.

Steam Hack More Severe Than Thought: Change Your Password NOW

Gabe Newell of Valve has issued a statement that the forum hack they experienced over the weekend actually goes much deeper than they thought. The criminals accessed the main database containing such goodies as user names, hashed and salted passwords, game purchases, email addresses, billing addresses and encrypted credit card information. Apparently, no personally identifying information was taken - but we await the result of the full investigation before breathing a sigh of relief. Due to this serious breach, TechPowerUp advises all Steam users to change their account password immediately. People starting up their Steam client will now see the following message from Gabe Newell about this:
Return to Keyword Browsing