Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!


Forgot your password?
Slashdot Deals: Deal of the Day - Pay What You Want for the Learn to Code Bundle, includes AngularJS, Python, HTML5, Ruby, and more. ×

Study Shows "Secret Questions" Are Too Easily Guessed 303

wjousts writes "Several high-profile break-ins have resulted from hackers guessing the answers to secret questions (the hijacking of Sarah Palin's Yahoo account was one). This week, research from Microsoft and Carnegie Mellon University, presented at the IEEE Symposium on Security and Privacy, will show how woefully insecure secret questions actually are. As reported in Technology Review: 'In a study involving 130 people, the researchers found that 28 percent of the people who knew and were trusted by the study's participants could guess the correct answers to the participant's secret questions. Even people not trusted by the participant still had a 17 percent chance of guessing the correct answer to a secret question.'" Schneier pointed out years ago how weird it is to have a password-recovery mechanism that is less secure than the password.

The Real Risks of Obama's BlackBerry 273

An anonymous reader writes "When the mainstream media first announced Barack Obama's 'victory' in keeping his BlackBerry, the focus was on the security of the device, and keeping the US president's e-mail communications private from spies and hackers. The news coverage and analysis by armchair security experts thus far has failed to focus on the real threat: attacks against President Obama's location privacy, and the potential physical security risks that come with someone knowing the president's real-time physical location. In this article, a CNET blogger digs into the real risks associated with the President carrying around a tracking device at all times."

"Summit meetings tend to be like panda matings. The expectations are always high, and the results usually disappointing." -- Robert Orben