Tag: hacker
September 24, 2009 by
Jason
The revised Vesik method involves typing nonsense characters into a password input box when using a public PC and then rearranging some of the letters to form your actual password with the mouse. If the PC contains a hardware keylogger or is infected with a software keylogger, rearranging a password in this way will usually suffice to obscure your credentials. Most hackers will concentrate on the 99% of users who type in their passwords at Internet cafés in the usual way.
One proposal sent in by many, many, many readers was a variation on a single theme. Namely, keep your sign-in information on a USB flash drive or memory stick, then copy and paste the info into the appropriate fields when you’re required to use a public PC or other unsecured computer.
Unfortunately, many keyloggers capture any information you place into the Windows Clipboard. I tested the copy-and-paste technique using the All In One Keylogger from RelyTec. (For more info, see the vendor’s site.) The program easily captured the sign-in IDs and passwords entered, whether I used the standard menu options (Edit, Copy and Edit, Paste) or the keyboard shortcuts Ctrl+C and Ctrl+V.
Read More»
Posted in Computer, Software | 2 Comments »
You can see whether your current passwords you do use more than one, right? are rated “strong” by using Microsoft’s online Password Checker. I bet you’ll be unpleasantly surprised by the results.
The three keys to strong passwords are length, randomness, and use of different types of characters. Each additional character multiplies the potential combinations a brute-force attack must try.
Random passwords use upper- and lower-case letters, numbers, and symbols. When at least three of these four categories are used, an eight-character password should suffice in most instances. According to the FrontLine security site, such a password would take a century or more to crack by a hacker using a single PC. The eight-character standard is also the minimum the Microsoft Password Checker deems “strong.” Of course, the more characters in your password, the safer you’ll be.
If you wish to create your own password, use a sentence or phrase you can recall easily and then tweak it for each account. Read More»
Posted in Computer | No Comments »
The disclosure of a back door allowing bad guys to repeatedly guess Gmail passwords should remind us all to protect our accounts with long and strong character strings.
There’s a straightforward way to protect your online accounts use signin phrases that are easy for you to remember but hard for others to guess.
The latest vulnerability affecting Gmail accounts was recently revealed by security researcher Vicente Aguilera DĂaz in a posting on the Full Disclosure security list. (Aguilera previously revealed a Gmail flaw known as session-riding, which Google subsequently fixed, as reported by WS contributing editor Scott Spanbauer)
According to Aguilera’s new security alert, Google allows anyone with a Gmail account to guess another Gmail user’s password 100 times every two hours, or 1,200 times per day. No “captcha” keeps hacker bots from guessing passwords in this way. Worst of all: If a hacker controls, say, 100 Gmail accounts, 120,000 guesses can be made per day. Because Gmail accounts are free, many hackers control far more than 100 accounts, of course. Read More»
Posted in Internet, Software | No Comments »
October 22, 2008 by
Jason A new, or rather a newly revised threat may be coming to a browser near you. It’s called Clickjacking and it can affect all browsers. It first appeared a few years ago but little was heard of it after the first warnings. It looks like it might be back though the threat level is still quite low at the moment but these things can quickly spiral out of control. Here’s how it works. If a hacker can get access to a website they can fiddle with buttons and graphics so that if you click on what appears to be a legitimate link what actually happens is you are directed to a phoney or fake site where you unwittingly enter personal details, or in a worse case scenario, clicking the link downloads malicious software onto your PC. Of course the same kind of thing can be found on less reputable websites.
Microsoft and Mozilla have released fixes in the past but there is a way to stop clickjacking in its tracks, on Firefox at least, and that’s to install an add-on called No-Script. This creates a white list of trusted sites by blocking any attempt to run an unapproved or suspicious script within a web page. Read More»
Posted in Firefox, Software | 1 Comment »
October 10, 2008 by
Jason
Ever thought of becoming an actual “hacker”? This article shows how to change a computer password and do other things using a command prompt. A command prompt is a command using the special built-in program that comes with every computer which allows you to do almost anything on a computer.
1. Open Command Prompt. If you don’t know how, open the Start menu, go to Programs (or on Windows 2000 and up, all programs), go to Accessories, then you’ll see Command Prompt, click it.
2. You’ll see a black screen pop up.
3. Type in: “Net User”
4. It will then show you a detailed little chart of all the User Accounts on the computer.
5. Choose which account you want to hack.
6. Say it says the user accounts are: Owner, Administrator, John, Alice, Christopher, and Guest. Read More»
Posted in Computer | 1 Comment »
By default, the about:config preference UI automatically detects localized preferences and displays the localized setting. But if you are a hacker working on customizing the default settings, this can be very confusing. This little extension “fixes” the default behavior to display the chrome URI of the localized .properties file.
Works with Firefox 2 -> 2.0.0.* Read More»
Posted in Firefox | No Comments »
Loading ...
