Categories
Computing Security

Changing my passwords and the danger of old websites

I received a notification yesterday that a forum I frequented many years ago had been hacked and the user database with plain text passwords had been downloaded. Not a great start to my day, but fortunately it didn’t have as major an impact on my security as it might have done before I started using LastPass.

The username and password combination was one that I kept in rotation for various websites back in the day (there’s probably a few other forums that I no longer visit with the same login details) and in fact I still use the username frequently, it is the domain name of this website. The associated email address is one I still operate but is not my primary address and is not the one associated with any of my important online accounts.

However as a result of the breach I have undertaken the task of clearing out LastPass of any redundant entries, also in a bout of paranoia I later changed the password associated with my online banking as it has never been changed since I first set up the account. I don’t believe there was any risk at all regarding my bank account, but you can never be too careful and I was imagining a cascade of minor identity thefts which escalated to the point of being able to access my bank account. Fortunately my bank has two-factor authentication set up on any transfers out of the account so even then it would be extremely difficult to actually make off with any money.

lloydsbank_password_policy

Unfortunately they do not allow spaces, hyphens or special characters in the password and it is restricted to a maximum of 15 characters so the password I chose was not as secure as I’d have liked it to be.

There’s a few lessons to be learned from this going forward.

  1. The most important of which is as with other breaches of this kind this highlights the danger represented by reusing passwords (and also usernames possibly) across different sites.
  2. Websites will quite often become neglected and unused, but if left up on the internet will become more and more vulnerable, and breaches of security and leaks of important data can occur.
Categories
Microsoft

MS-DOS Mobile for Windows phone

Amongst the swathe of unfunny April’s Fools jokes from corporations yesterday was a pretty detailed and humorous one (well at least for computer geeks like me) from Microsoft.

MS-DOS Mobile, a new app designed to bring the C:\ prompt to Windows phones.

msdos_mobile

The blurb on Lumia Conversations about the release of this app brought a smile to my face.

Daniel Glass who led design on the project, said:

“Turning our back on graphics was hugely liberating. We’ve dropped the resolution, and in doing so re-discovered our roots.”

“The inspiration for the graphical design is Courier New meets film noir.”

A lot of work has gone into this app, you can browse the directory structure, launch apps, play a game of Rock, Paper, Scissors against Cortana and there’s even a camera app offering fantastic low resolution modes.

DOS-2015-04-02 12_25_23Z

Via Thurrot

Categories
Computing Surveillance

NSA: We lack the capability to search our own email

ProPublica reports that the NSA Says It Can’t Search Its Own Emails

“There’s no central method to search an email at this time with the way our records are set up, unfortunately,” NSA Freedom of Information Act officer Cindy Blacker told me last week.

The system is “a little antiquated and archaic,” she added.

This is either beautifully ironic or utter mendacity.
Via BoingBoing

Categories
Computing Microsoft

RT @MicrosoftShow: Why Microsoft’s cloud matters:…

RT @MicrosoftShow: Why Microsoft’s cloud matters: Hint the reason begins with “A” but it ain’t Azure – GigaOM dlvr.it/3YbYNF

Categories
Computing Microsoft

Could the Xbox One emulate the 360?

There will not be any backward compatibility for the Xbox 360 on the Xbox One. Unusual position for Microsoft as typically they are all about the compatibility with older versions of their products. However in this case it makes sense as the hardware is significantly different between the two systems.

But I do have a thought about this. Given that the Xbox One is running three operating systems could the hypervisor in the new console run an emulated version of the Xbox 360 operating system?

It would not be a simple task to accomplish this but I believe it is within the realm of possibility. Even back in 2011 people were talking about creating an Xbox 360 emulator on a PC, and there is apparently now a working Xbox 360 emulator available for both PC and Mac.

Categories
Computing Microsoft

Windows Server 2012 in production

As part of setting up the new office for my company I needed to set up a server to act as a RODC in what would effectively be a branch office until the rest of the company moved in sometime later.

This gave me the perfect opportunity to use Windows Server 2012 in a production environment and as such gain some real world experience with the new OS in preparation for sitting the 70-417 exam to gain my MCSA: Windows Server 2012 certification.

I had previously downloaded a trial version of Server 2012 but after a failed attempt to install it as a VM on VmWare’s ESXi 4.1 I didn’t do much more with it lacking the resources and time. I have since found a method that would enable it, also for Windows 8 which could be useful for our developers who may need to be coding applications for Windows 8 and need test environments.

Installation on our new Dell R620 could have been easier, but this was not the fault of Windows at all. The server arrived sometime yesterday and without a disc so I’d assumed that the OS had come pre-installed. It had not, which caused a little panic. But once I actually received the Windows Server 2012 disc from our suppliers and then pre-configured the server for the OS (which was somewhat straightforward but didn’t work as it should in my opinion) it was very quick and straightforward to install Server 2012.

My experiences were pretty much as described here
http://workinghardinit.wordpress.com/2012/08/24/how-to-deploy-windows-server-2012-on-dell-uefi-nownotes-from-the-field/

Categories
Computing

Child of the 90s | Internet Explorer

Categories
Microsoft

Alex Clare – Too Close

Watch Alex Clare’s music video for “Too Close” – the song featured in the Internet Explorer (the browser you loved to hate) TV commercial.

It is pretty damn cool.

Categories
Computing Microsoft

Windows Blue is Microsoft’s future low-cost OS with yearly updates

http://www.theverge.com/2012/11/28/3693368/windows-blue-update-low-cost

Categories
Computing Microsoft

Built a Windows Server 2012 lab for free using Windows Azure

Having joined the Windows Server 2012 Early Experts study group I felt that I needed some real hands on experience with the new operating system. Having neither the time nor the spare resources at work to set up a new server I followed Keith Mayer’s advice to leverage the three month free trial for Windows Azure to build a Windows Server 2012 VM. Download Keith’s guide here.

Not only do I now get a chance to test the new features of Server 2012 but also gain an understanding of the Windows Azure platform and how it might be utilised to create a hybrid cloud infrastructure.