All Posts by Date or last 15, 30, 90 or 180 days.
also by Lloyd: diglloyd.com photography and WindInMyFace.com
Thank you for purchasing through links and ads on this site.
OWC / MacSales.com...
diglloyd Deal Finder...
Buy other stuff at Amazon.com...
Get up to 16x more storage and 2x the speeds of the original drive
Handpicked deals...

$6299.0 $4199
SAVE $2100


Sony A7R IV


Please order through this ad, thanks!
Ordering through BH Photo email notice will not give me credit and you know my review will be good!
Buy at B&H via site links to support Lloyd’s reporting!
√ B&H Photo PAYS THE SALES TAX FOR YOU More info...

UPDATE: Your Passwords are at Risk with OS X and iOS?

Research paper: Unauthorized Cross-App Resource Access on MAC OS X and iOS.

I previously reported on this monumentally dangerous security bug in All your passwords at risk with OS X and iOS, and Apple Sits on the Problem.

ArsTechnica covers the same issue in Serious OS X and iOS flaws let hackers steal keychain, 1Password contents.

Why has Apple sat on this for over six months, doing next to nothing?

MPG advice is to use 2-factor authentication on all sensitive accounts. That means a hardware token or something like Authy. Unfortunately, many institutions are badly in arrears on security, not even allowing strong passwords. And there is only piecemeal and inconvenient support for 2-factor authentication. Worse, each institution may do it its a different way. It’s awkward.

Well, it’s a lot worse than your own stuff

The internet and the Cloud have become a very dangerous place for not just money and privacy, but real physical things, like steel mills. Are nuclear power plants next? It’s a valid question. The Federal Government just lost 4 million or whatever sensitive employee records to China (allegedly). Tip of the tip of the iceberg without a doubt, in terms of security penetrations that are “sleepers” and what is not reported and not detected.

Recently I sat next to a CEO of a major company whose business is to staff and run major events all over the country (conventions, exhibits, etc), including all the IT work and information collection. I mentioned the massive and dangerous security issues cropping up today, the fact that governments and organized crime were involved, that real physical things could be shut down and destroyed, and this naive CEO jackass actually argued with me that his network was secure and it was just not an issue because his security folks were doing their job. His attitude was that I was a “sky is falling” reactionary worried about fantastically remote possibilities. That’s the state of denial today that still exists in corporate America.

But a loss of privacy or money pales in comparison to far worse possibilities, like shutting down the power grid for a few months, which could kill (by starvation and similar) millions. It’s no laughing matter, and only a gray swan probability. In fact, it is a certainty when war comes because a country can be taken down by computer, no bombs or bullets needed (electronically attack all dams, power plants, distribution centers, hospitals, etc, probably with sleeper compromises already in place and undetected). This country sits and waits for that to happen, with virtually nothing being done.


MacPerformanceGuide.com

diglloyd.com | Terms of Use | PRIVACY POLICY
Contact | About Lloyd Chambers | Consulting | Photo Tours
Mailing Lists | RSS Feeds | Twitter
Copyright © 2019 diglloyd Inc, all rights reserved.
Display info: __RETINA_INFO_STATUS__