Tag: passwords

Public Service Internet monthly newsletter (June 2022)

Digital Literacy for Seniors

We live in incredible times with such possibilities that is clear. Although its easily dismissed reading how Paypal wrote the crypto playbook, seeing the incredible insecurity of smart locks,  and is Bluesky going anywhere soon?

To quote Buckminster Fuller “You never change things by fighting the existing reality. To change something, build a new model that makes the existing model obsolete.

You are seeing aspects of this with the FT mentioning Mastodon, The right to repair research and the Lumous system identifying all those hidden camera in hotels.

Our password-less future is one step closer

Ian thinks: Everyone is throwing their weight behind FIDO and its looks extremely useful. Finally something which is user friendly, easy to use and secure.

Can you really trust that mental health app?

Ian thinks: Mozilla’s research into those apps many people used during the pandemic and varies lockdowns is simply a horror story. There has to be a better solution which doesn’t rely on misplaced trust?

Period tracking apps are tracking you

Ian thinks: On a similar note to the previous one, the consumer reports article is full of very useful tips to protect you. These are good for almost every single app I would say.

Dove uses deep fakes to really tell the story

Ian thinks: Dove’s self esteem project is consistently doing great things for society. Deep faked mothers talking to their daughters while sitting next to their real mothers is just incredible and so well thought out.

Proton taking on Google with a privacy edge

Ian thinks: Andy Yen Proton’s CEO gave a talk in the European Parliament hinting at this announcement. Taking on Google with a non surveillance business model is intriguing as scale isn’t as critical for success?

The time is now says PublicSpaces

Ian thinks: The Dutch collation, Publicspaces had their 2nd conference in May and a good number of the English language sessions are well worth your time. Always challenging and full of good threads to tug on.

Literacy, the forgotten side of our digital world

Ian thinks: This is a sobering and some what recently forgotten side of the digital revolution. If left to market forces, I can’t see things getting any better. Only a public service internet can really make the difference.

Regulating Algorithms?

Ian thinks: Although the register adds a level of snark to the idea, there is something which does speak true. Regulating algorithms could really provide a level of trust, comfort and agency which just doesn’t exist right now.

Education to promote agency?

Ian thinks: I love these projects explaining and educating diverse communities to take control of the technologies to avoid being the disadvantaged by them.

Learning the lessons of the past for the future of the internet

Ian thinks: In the middle of the hype, there is very little looking back and learning the lessons of previous generations. Dare I say it, those who don’t learn their history are doomed to repeat it.

Find the archive here

Why is Slack storing passwords in plain text on Android devices?

https://mas.to/@cubicgarden/105712244073779967

I posted about Slack’s bug on mastodon. I knew this was going to be a pain the ass changing all those passwords, even with them all sitting in my password manager and most using 2fa.

However some of the users of Mastodon asked the question, why does the Slack app store the passwords on the device at all?

I thought about this and they are right. The app connects to a remote server and should request the user login. Once logged in, it should provide some kind of secure key/cookie/hash on the device not the actual password. On top of this, it certainly shouldn’t be in the form of plaintext.

Mistake, bug or not, this should not happen.

Compromised passwords and your idenity online

So I just recently downloaded the Skype 2.0 beta which supports Video chat. And deceided to go try it out, but oh no… I cant login. Whats going on I started to wonder, its not like I got the wrong username and password because I've been using Keepass for quite some time now, plus Skype saves the password if you want it to anyway. So i'm wondering what the hecks going on. 1min of searching later I find Skype Passwords Compromised?

So generally if you registered for share.skype.com then your at risk. Well thats me, after my little dabble with there developers area. Now I cant access my skype address and because I moved house and changed broadband account I cant actually retrieve my changed password. So in other words, the user cubicgarden on skype is not going to be me anytime soon. Yeah I'm pretty bitter about it all.

Something simular happened with my old cubicgarden Bloglines account a while ago and let me tell you about the frustrating emails I sent trying to prove I was the user of that account. It was insane to say the least. If Skype like Bloglines dont accept that as the registered owner of cubicgarden.com I would choose cubicgarden as a username then I'm once again stuck. There has got be a better way to do Identity online? Talking of which Dick Hardt (Sxip identity) talk at web 2.0 is interesting to say the least. I really see the need for something like sxip, as relying on your email or even a url for a id is sucky to say the least. Geez even using a hash in a FOAF file would be better than email and a url.

Can I also just say, this is another example of company's leaking your online identity. Privicy and security online, well what do you make of that improbulus?

Comments [Comments]
Trackbacks [0]