In the wake of the celebrity photo breach, the media is humming with stories disparaging the safety of the cloud. Many longtime cloud critics are crowing, "I told you so!" and waiting for the world to go back to on-premises solutions only.
News flash: 1) the cloud was never touted as being perfectly secure and 2) the cloud will continue to grow and grow. The number of servers in your physical environment will shrink over time. Security doesn't sell solutions -- features and pricing do. Features are cheaper in the cloud.
It might be time to change some of your passwords - again. But if you've used a Gmail password that's unique from other accounts, you might not have to worry.
A list of almost 5 million combinations of Gmail addresses and passwords was posted online on Tuesday. But the passwords seem to be old, and they don't appear to actually belong to Gmail accounts. Instead, it seems that many of the passwords were taken from websites where users used their Gmail addresses to register, according to some of the leak's victims as well as security experts.
When Apple announced that the Apple Watch would be able to use Apple Pay, the company's new mobile payment initiative, many wondered how secure the payments would be if the device lacked the security of Touch ID, which is used in the iPhone 6's implementation. Now, several members of the press have confirmed how the system works.
You can be forgiven if the FIDO Alliance is not on your radar screen. It was launched barely 18 months ago, to help solve the “password crisis” online; but it’s already proven to be one of most influential security bodies we’ve yet seen.
The typical Internet user has dozens of accounts and passwords. Not only are they a pain in the rear, poor passwords practices are increasingly implicated in fraud and terrible misadventures like the recent “iCloud Hack” which exposed celebrities’ personal details.
Talk about finding a needle in a haystack.
The Defense Advanced Research Projects Agency says it wants to develop sophisticated code that can find faults in key algorithms used to anchor major software packages that for example implement hash tables or conduct password checks.