Accurate, Focused Research on Law, Technology and Knowledge Discovery Since 2002

Category Archives: PC Security

Getting a password manager is the most important way to improve your online security

Washington Post – “…After testing password managers that work across browsers and devices, I recommend one called Dashlane. It’s the one simple enough that you’re likely to stick with it, though its features are neck and neck with rivals 1Password and LastPass, which are also fine choices.

Dashlane, used by 10 million people, is free to try on a single device. You pay a subscription to make it securely sync up your passwords (and other secrets such as credit card details and ID numbers) across your computer, phone and tablet. At $3.33 per month, Dashlane happens to be the most expensive of the three, but like the Apple of the password game, its design and customer service are worth it.

Dashlane also has been largely free of drama over its own security. You would be right to wonder how safe it is to keep all your password eggs in one basket. All three of these companies keep your passwords encrypted behind a password they don’t know — so that even if they get hacked, the data is mostly useless. They never send your password over the Internet. In 2015, LastPass reported it was breached, though it reported that no passwords were stolen. There are no security guarantees, but I buy the argument that it’s okay to keep your eggs in one basket if it’s more secure than the basket you build on your own.

The biggest hurdle is changing your habits. With a password manager, you don’t memorize passwords — you retrieve them from an app. Let that sink in: You won’t remember your Gmail password anymore, but you’ll be better off because now your password can be a long bunch of gobbledygook that’s harder to crack…”

Whistleblower’s guilty plea and unmistakable trail of watermarks

Axios: “Reality Winner has pleaded guilty: “All of my actions I did willfully, meaning I did so of my own free will,” she told a court on Tuesday, per the New York Times‘ report. The former Air Force linguist earned the distinction of being the first person prosecuted by the Trump administration on charges of… Continue Reading

NYT: ‘Firefox Is Back. It’s Time to Give It a Try.’

As a decade long user of Firefox I am not sure why users have been so averse to dropping Chrome – perhaps this New York Times review will help you make the switch now: “Tech Review: After testing Firefox for the last three months, I found it to be on a par with Chrome in… Continue Reading

Federal Cybersecurity Risk Determination Report and Action Plan

NextGov: “Many federal agencies don’t know how hackers are targeting them, can’t tell when hackers steal large amounts of their data and aren’t efficiently spending the cybersecurity money they have, according to a report and action plan released last week. Roughly three-quarters of federal agencies’ cybersecurity programs are currently “at risk” or “at high risk,”… Continue Reading

UK – Internet Safety Strategy green paper

“The Internet Safety Strategy looks at how we can ensure Britain is the safest place in the world to be online. The Strategy considers the responsibilities of companies to their users, the use of technical solutions to prevent online harms and government’s role in supporting users. The consultation covered various aspects of online safety including:… Continue Reading

Beginning July 2018 Chrome will mark all HTTP sites as “not secure”

Google Chromium Blog: “For the past several years, we’ve moved toward a more secure web by strongly advocating that sites adopt HTTPS encryption. And within the last year, we’ve also helped users understand that HTTP sites are not secure by gradually marking a larger subset of HTTP pages as “not secure”. Beginning in July 2018… Continue Reading

36 indicted in global cybercrime ring that stole $530M

DOJ: “A federal indictment was unsealed today charging 36 individuals for their alleged roles in the Infraud Organization, an Internet-based cybercriminal enterprise engaged in the large-scale acquisition, sale, and dissemination of stolen identities, compromised debit and credit cards, personally identifiable information, financial and banking information, computer malware, and other contraband. Following the return of a… Continue Reading

Cybersecurity: Legislation, Hearings, and Executive Branch Documents

CRS – Cybersecurity: Legislation, Hearings, and Executive Branch Documents, Rita Tehan, Information Research Specialist. May 12, 2017. [FAS] “Cybersecurity vulnerabilities challenge governments, businesses, and individuals worldwide. Attacks have been initiated against individuals, corporations, and countries. Targets have included government networks, companies, and political organizations, depending upon whether the attacker was seeking military intelligence, conducting diplomatic… Continue Reading

Summary Report on Audits of Security Controls for TSA Information Technology Systems at Airports

DHS OIG – Summary Report on Audits of Security Controls for TSA Information Technology Systems at Airports, December 30, 2016. OIG-17-14. “Our previous reports identified numerous deficiencies in security controls for TSA’s IT systems and equipment at airports. These deficiencies included inadequate physical security for TSA server rooms at airports, unpatched software, missing security documentation,… Continue Reading

Report – Fostering The Advancement of the Internet of Things

Department of Commerce Internet Policy Task Force & Digital Economy Leadership Team report, Fostering the Advancement of the Internet of Things, January 2017. “The Internet of Things (IoT) – in which connected devices are proliferating at an unprecedented rate–is a technological development that is transforming the way we live and do business. IoT continues the… Continue Reading

Regulating Software When Everything Has Software

Ohm, Paul and Reid, Blake Ellis, Regulating Software When Everything Has Software (November 16, 2016). George Washington Law Review, Vol. 84, No. 6, 2016. Available for download at SSRN: https://ssrn.com/abstract=2873751 “This Article identifies a profound, ongoing shift in the modern administrative state: from the regulation of things to the regulation of code. This shift has… Continue Reading

Data Breach Incidents, Causes, and Response

Data Breach Incidents, Causes, and Response, 12/12/2016“In October and November of 2012 the Society of Corporate Compliance and Ethics and the Health Care Compliance Association conducted a survey among compliance professionals to better understand the impact and frequency of data breaches. At the time breaches were very much in the news, just as they are today. To assess whether and… Continue Reading