Of course. And using made-up answers is exactly what I do. But the vast majority of people don't think about this. They create a halfway-decent password then protect that password with "New York City" and "Fido."
This is the kind of thing made possible by the absolutely stupid policy of protecting unobtainable information (one's login password) with easily obtainable information (those "secret questions" to reset one's password, such as the city in which one was born, one's first pet, or the last four digits of one's CC or SSN).
If you choose a password that is strong enough, and you're careful enough not to leak it yourself somehow, your password is unobtainable and unguessable. It's as secure as possible. But it requires only a modicum of effort, perhaps a simple public records search, to figure out the answers to most "secret questions" that big companies like GoDaddy use to protect people's passwords. And yet this is how these companies protect your password. And now we see the results.
GoDaddy here is no more insane than any company that uses "secret questions" to guard users' passwords. I've pointed out to people for years that the idea of protecting a piece of information that is unobtainable (your password, if you're careful enough not to leak it yourself, and it's strong enough to not be guessable) with information that is easily obtainable with just a modicum of effort (e.g., your mother's maiden name, the city in which you were born, your first pet,
Maybe if word of this attack gets around other companies will switch to something more secure than easily-answerable "secret questions" to reset someone's password.
Regardless, it took 23-year-old Magnus Carlsen, a "grandmaster" Chess player since the age of 13 and new world Chess champion, just 71 seconds to defeat Gates in a friendly game of Chess on a Norwegian television show. It takes longer to heat up a cup of water in the microwave.
Thanks for that helpful comparison---without it, I would have had no clue how long 71 seconds actually is.
Three out of five PCLOB board members are in agreement: The NSA spy programs are illegal.
... Could this be the start of change to come?
Indeed. Expect the government to replace one PCLOB member.
Slashdot combines editor quality control and insight
Well that's news to me. We have quality control here?
"They don't want to endanger the space-farers or the public, and they can't let the industry get started and then have a Titanic-like scenario that puts an end to it all in the eyes of the public."
Right, because after the Titanic, there's never been another cruise ship. The very idea of sea travel came to an end in the eyes of the public!
Ten years now. Slashdot covered that story, too. Belkin has been on my boycott list ever since.
One-in-a-billion is a thousand times more likely than one-in-a-trillion odds, right? I'm still not anywhere likely to win that bet, though.
The article doesn't even have any odds/numbers. Yet the headline contains "far greater." And then ends with this:
Dr Perrillat said there are no known supervolcanoes that are in danger of erupting in the foreseeable future, and it would take at least a decade or so for the magma pressure within a caldera to build up to a point where an eruption is likely.
In other words, there's no story here. Researchers figured out that the volcanoes can go off on their own rather than being precipitated by an earthquake, and this somehow translated to "far greater" by the hack writers who wrote this story.
My main point was "vote with your dollars" against sleazeball behavior from companies like this. Some of their products may work fine, without incident, but that doesn't mean I want them to have a single dollar from me.
I always blast the software the router came with. Even router software from a company with an otherwise untarnished reputation I don't trust; if it's closed source, you may as well assume it has a backdoor in it.
But I will never give this company another dime for what they did back in 2003, and I will take every opportunity to inform people about that incident, so they may make the same decisions.
Wow, I've seen so many inventions claiming to "end the need for complex passwords" over the past twenty years that we've certainly ended the need for complex passwords by now, haven't we? Wait, we haven't?
On another topic, has the Voyager probe left the solar system again yet?
Never trust a product made by this company. "Belkin Routers Route Users to Censorware Ad", reported by Slashdot:
The Register has a story today about Belkin routers redirecting their users' network traffic. To me, this seems like the logical next step after top-level domain name servers piping ads to your browser. Now the routers themselves hijack the traffic they are supposed to, uh, route -- and you'll love where they send you instead. But it's OK because you can opt out. Incidentally, the Crystal Ball Award goes to Seth Finkelstein, who in 2001 quoted John Gilmore's famous aphorism about the internet, and asked "What if censorship is in the router?"
This company has been on my shitlist for ten years and always will be.
...global warming is supposed to be melting all this ice.
I have hardly ever known a mathematician who was capable of reasoning. -- Plato
