5 stories
·
0 followers

Career Prosecutor Torches Bill Barr In Epic Resignation Editorial

1 Share
Ouch, that's gonna leave a mark.

Read the whole story
Share this story
Delete

White House guts infosec team, “posturing itself to be compromised” again

1 Share
Photograph of the White House on a sunny day.

Enlarge / The White House is kicking its information security team to the curb. (credit: Prasit photo / Getty Images)

An internal White House memo published today by Axios reveals that recent changes to the information operations and security organizations there have left the security team in tumult, with many members headed for the door. And the chief of the White House's computer network defense branch—who wrote the memo after submitting his resignation—warned that the White House was likely headed toward another network compromise and theft of data.

The White House Office of the Chief Information Security Officer was set up after the 2014 breach of an unclassified White House network by Russian intelligence—a breach discovered by a friendly foreign government. But in a July reorganization, the OCISO was dissolved and its duties placed under the White House Office of the Chief Information Officer, led by the new CIO Roger L. Stone. Stone pulled from the ranks of the National Security Council where he was deputy senior director for resilience policy. (Stone is not related to indicted Republican political consultant Roger J. Stone.)

The resulting changes have put an emphasis more on convenience than security. The Office of Administration at the White House has reportedly been purging information security staffers while responsibility for cybersecurity is outsourced from the streamlined IT operations team. In August, White House CISO Joe Schatz left the White House for a tech consulting job. And according to the memo, senior security experts have been leaving en masse since then as the White House has become increasingly hostile to the information security team.

Read 4 remaining paragraphs | Comments

Read the whole story
Share this story
Delete

The Punishment Urban Meyer Should Have Received

1 Share
Kevin C. Cox/Getty

The college football season starts next week, and, as has become all too customary of late, most of the chatter is not about the impressive feats we’re going to be seeing on the field, but the bleak events taking place off of it. I refer to the goings-on in Columbus, where the people who run the Ohio State University just embarrassed themselves, the program and the school by slapping coach Urban Meyer’s wrist with a wet piece of spaghetti.

If you haven’t followed this blow by blow, here’s a good timeline of events. The long and short of it is that Zach Smith, an assistant to Meyer over the years at both OSU and the University of Florida, is accused of twice physically accosting his ex-wife, Courtney, in 2009 and 2015. In the 2015 incident, which happened while Smith was at OSU, he was arrested on felony charges of domestic violence and felonious assault. Courtney Smith didn’t press charges, but the couple divorced the next year.

At OSU media day in late July, Meyer was asked what he knew about all this and when. He said the 2009 incident as reported “wasn’t actually what happened,” and that the 2015 incident was basically made up (“I don’t know who creates a story like that,” he said to the media, which is not quite up there with “Total Witch Hunt!” but which, you know, ain’t good).

Read more at The Daily Beast.

Read the whole story
Share this story
Delete

Index Card Holder for Internet Passwords

2 Comments and 5 Shares

When the Web was new (I climbed on board in 1995) like everyone else, I started accumulating passwords. Slowly at first, but with two websites to manage and a fondness for on-line shopping, by 1999, I was pinning scraps of paper to my bulletin board, jotting in notebooks, tucking them into my wallet, in various files in the filing cabinet, and, oh heck, just sticking Post-Its to my computer monitor. And more times than I’d like to admit, I forgot to write them down at all. I knew some people who kept their passwords straight by using the same one for everything, but that seemed to me an invitation to hackers.

About ten years ago, I started noting each password on its own 4 x 6 inch index card, then filing it alphabetically by service (e.g., Amazon.com under “A”) in a little box that looks just like my grandmother’s cookie recipe box.

Call it the Grandma’s Recipe Box Solution to Password Management.

On each index card I note:

Name of Service (e.g., Amazon.com)
My password
My username
My email address for this account
Any other relevant information

Now that I’m still on-line in 2014 and managing a plethora of websites, a batch of blogs, two YouTube channels, Vimeo, three Twitter accounts, and do my banking on-line, use PayPal, and have not set foot in a shopping mall in more time than I can remember, I have accumulated a prodigious stack of index cards. But my little plastic index card holder, with its alphabetical tabs, is still right here by my desk, doing the job.

I have found that there are several advantages to this method:

1. I can keep all my passwords at my fingertips (so when it’s time to check my bank balance or tweet or shop on-line, if I cannot recall the one I need password, I just pluck it out);

2. Filing the cards alphabetically allows me to plunk one back in quickly (and find it again just as
quickly);

3. I can use longer and more varied passwords without having to remember them nor go through the hoops of waiting for it to be resent to my email, and then having to click on some link to confirm;

4. If I need to change a password, I just pluck out the card, note the change, and put it back;

5. When I had to cancel one of my email accounts, I was able to whip through the stack of index cards to see which accounts needed updating;

6. It’s cheap and after 10 years the plastic index card holder still looks like new;

7. Its small enough to stash in a locked drawer;

8. Finally, should anything happen to me, my family knows where to retrieve all my passwords to put my affairs in order. That’s a gruesome thought, but a realistic one. Last I checked, no one gets off this planet alive (except astronauts, and only temporarily).

-- C.M. Mayo

Advantus 4 x 6 Index Card Holder, 300 card capacity
$7

Oxford Index cards, 4 x 6, White, 100 Cards per Pack
$8

Oxford Index Card Guides, 4 x 6, Cut Tabs, 25-Set
$4

Read the whole story
Share this story
Delete
1 public comment
josephwebster
3987 days ago
reply
For casual users (i.e. almost everybody) this is a terrific idea. Simple, easy to maintain, hard to lose. Of course the main caveat here is that this is strict for home use - NEVER work or mobile - and the rolodex lives next to the computer and never leaves.
Denver, CO, USA
christophersw
3986 days ago
I am less concerned with the "mobile" problem than you are. We need to think about the threat vectors. The big concern with passwords is not physical theft (that does happen, no doubt), but that a provider will leak your password and info in a major breach, and then hackers will harvest that info to log in all over. The easy way to fix that is to not reuse passwords. Reuse is the key - not complexity, not portability, not physical theft. Focus on eliminating reuse - which this does nicely.

All Adobe Updates

15 Comments and 31 Shares
ALERT: Some pending mandatory software updates require version 21.1.2 of the Oracle/Sun Java(tm) JDK(tm) Update Manager Runtime Environment Meta-Updater, which is not available for your platform.
Read the whole story
Share this story
Delete
14 public comments
oyerista
4257 days ago
reply
There's an update from Adobe..
In my shoes
warrenfparker67
4257 days ago
reply
Yep.
Washington, District of Columbia
claudinec
4260 days ago
reply
Oh yes.
Melbourne, Australia
Michdevilish
4260 days ago
reply
Adobe, adobe
Canada
tedder
4260 days ago
reply
this.
Uranus
attackofhubris
4260 days ago
reply
Hah. Silly adobe.
Fayette-nam
jrgifford
4260 days ago
reply
Yup.
Cleveland Heights, OH
jorunn
4260 days ago
reply
<3
mrobold
4260 days ago
reply
No comment necessary.
Orange County, California
BN
4260 days ago
reply
When your software is a laughing stock, that means you should give up.
danatnr
4260 days ago
reply
The only thing missing is the offer to download McAfee security.
Ohio
cluebcke
4260 days ago
It'd be worth it if they through in an Ask Toolbar as well
jasonbirch
4260 days ago
reply
Adobe. Almost as bad as Oracle/Java...
Nanaimo, Canada
TheRomit
4260 days ago
reply
Yup, nailed it.
santa clara, CA