Atlantic Wired Password Tips

Atlantic Wire has five good password tips. Here’s the first:

Rule 1: Six characters is too always too short. The very easiest and the first thing all of Arss hackers did was guess your super weak six character passwords, via whats called a “brute force” attack. See, the most successful of the hackers, Jeremi Gosney, a password expert with Stricture Consulting Group, hacked 62 percent of the list in sixteen minutes because thats how easy it is to guess a code thats just six letters long.

via The Easiest Ways Not to Get Hacked – Rebecca Greenfield – The 

Attacking the Watchdog

The Verge reports on an ugly development, a company that had failed to secure its data threatening to sue the reporters who wrote about their failure. Sounds something like a SLAPP (Strategic Lawsuit Against Public Participation). If I were the judge on such a case, I would hesitate about 10 seconds before imposing Rule 11 sanctions on any lawyer bringing such a suit:

After being made aware of a large and potentially costly privacy breach exposing more than 170,000 records containing Social Security numbers and financial information, the two companies responsible for the blunder are threatening legal action against the journalists that uncovered it. The companies’ lawyers claim that by using “automated means” like the Wget command-line utility to download the records instead of an ordinary web browser, the “hackers” have violated federal cybersecurity law and should expect to be held liable for any financial damages that result.

via Telecom companies threaten to sue reporters for uncovering privacy breach with Google | The Verge.

Great Website for Lawyers: iPhone J.D.

iPhone J.D. is one of my favorite websites, and for good reason. Who else is consistently first with reports like this one, discussing a fantastic new lawyer-oriented app?

Review: Court Directory by Bloomberg BNA — contact information for U.S. judges, clerks of court, etc. – iPhone J.D..

New Kennedy-Mighell Report Podcasts

Dennis Kennedy links to two new Kennedy-Mighell Report podcasts:

#102 – Summer Vacation Technology

Summer and vacation seasons are approaching. Some prefer to completely disconnect on vacation, while others like to stay connected. Work aside, those who choose to stay connected can use technology to make their trips more manageable and stress free with travel apps, adapters, and travel-friendly cameras. In this episode of The Kennedy-Mighell Report, Dennis Kennedy and Tom Mighell discuss the intersection of technology and vacation, whether to connect or disconnect while traveling, and some of their favorite vacation and travel tech tips. In the second half of the show, your hosts will cover the accelerated speed of cloud-based interface updates and how to keep up.

#101 – Taking Advantage of Apps and Plug-ins

Dennis Kennedy and Tom Mighell enter the realm of apps and plug-ins. Also known as web extensions, browser apps, add-ons, and bookmarklets, these additions to web browsers are made to make your Internet browser experience more efficient. Learn your hosts’ favorite web extensions when browsing for leisure and for work, and how to manage your apps and plug-ins so they don’t slow down your browser speed. The second half of the episode turns toward Internet communication, more specifically, how Twitter users are creating hashtags to express their moods in posts and how this changes the meaning and use of the hashtag.

Consolidating Contacts Lists for Improved Security

A bad phishing experience prompted a CNET writer to come up with an interesting plan to consolidate contact lists to reduce the chance of similar problems:

The contact-list hijacking got me thinking about the best way to prevent a recurrence. Because part of my job is testing e-mail, I have more accounts than I need, including three different Gmail accounts, two Outlook.com accounts one the former Hotmail account, a Yahoo Mail account, and accounts with two different ISPs.

All the Web mail accounts had contact lists, although I had already deleted the addresses from Hotmail. In an attempt to reduce the overall risk, I ditched the duplicates and consolidated the contacts into a single address book. By removing the contact lists from the Web mail accounts and switching my primary address from Gmail to an ISP address, there would theoretically be only one point of access to the addresses.

In terms of functionality, theres not much difference between Web mail and ISP mail, although there are some trade-offs. For example, my ISPs mail system lacks Gmails options for managing your inbox and contact list. On the other hand, the ISP mail window is ad-free.

Some people claim Gmail and other Google services constitute a privacy threat, but most experts consider the risk minimal, especially compared to the privacy threats posed by such industries as banking and health care, not to mention the government.

To convert the Gmail, Yahoo Mail, and Outlook.com accounts to receive-only, I forwarded their incoming mail to the ISP account. I use the ISP address to reply to most messages and to send new messages, so that’s the only account that needs a contact list.

There’s no guarantee the ISP account wont be hacked at some time, but reducing the number of occurrences of each contact narrows the target for phishers.

via Deter phishing attacks by consolidating your contacts | How To – CNET.

The author goes on to explain how he went about reducing the risk. It seems like you could get a comparable security improvement by consolidating in the account you considered safest, not necessarily an ISP account.

Everything Old Is New Again: Golden Oldie Blog Articles

Some articles I wrote in the early days of lawyer blogging still have value, so here are links for those willing to check the archives:

Tech Gadgets and Workplace Etiquette?

Tell me about it:

“As mobile devices have become increasingly integrated into the workplace, they’ve helped us become more productive, but they also can serve as a round-the-clock distraction,” said John Reed, senior executive director of Robert Half Technology. “If you’re not fully engaged in a conversation or meeting, you may spend more time replying to emails than listening.”

Some examples of etiquette breaches included surfing while talking, leaving long voicemails for colleagues, using the wrong form of communication for a particular situation, and attempting to multitask during meetings by checking email or Facebook, or not silencing cell phones.

via Are Tech Gadgets Killing Workplace Etiquette? – Nextgov.com.

NSA Releases Book of Internet Search Techniques

The National Security Agency has released Untangling the Web: A Guide to Internet Research, a 643-page guide to online techniques. Despite its 2007 date, much of this information is still very useful. 

Improving research techniques is one of the biggest productivity boosters for most lawyers. Google, et al. make research seem so easy that few realize they are not getting the results they should get. This book is a great resource for those looking to upgrade their research skills.

Another use for this information: Testing your own website to make sure you are not inadvertently making available information you should not be.