excellent piece on the impact of metadata collecting on privacy. thank you.
Here’s something I simply don’t get. Why would you set your password to a phrase of personal significance? Why would you choose a favorite song, or singer, or whatever? Why do Christians set their password to im4given? Wouldn’t it maybe make sense to choose something hard to guess? I mean, if you chose something random like Hippo7black, it’s not terribly hard to remember unless you have the IQ of a hammer. You don’t have to go full throttle with h$67G_qQ or whatever.
As time goes by I am more and more convinced that I will never get a cell phone.
In Passpack, I have 107 accounts configured. Some of them are holding multiple passwords. A lot of sites – like newspapers and other services – have never been entered.
I can’t possibly remember that many “random” phrases.
Er, 'cepting I do, of course. TOTALLY RANDOM. waaaaaaay hard for you to guess. Don’t even bother.
So what’s your point? It’s necessary to set your password to ILUBieber, because you have 107 accounts? I only have two passwords for everything (not counting the digits you’re sometimes forced to add.) Neither one is anything even my most intimate friends would ever guess.
As time goes by I am more convinced that I’ll get rid of mine, once the contract is up. It’s awful convenient though, and it would be tough to give up on the addictive little buggers.
Another thought: do they still make dumb phones?
There’s no such thing as perfect security, and I don’t think it’s really feasible to protect yourself against a sufficiently dedicated attack aimed against you, personally.
But I don’t have to outrun the tiger, I just have to outrun you.
(Put another way: I always lock my bike up next to a nicer bike that is not locked up as securely. Yes, someone COULD still take my bike, but I have ensured that I am not the easiest or most attractive target.)
You’ve got it right: use a password manager. That way you only have to remember one hard-to-guess password, not a hundred. (xkcd’s correct horse battery staple example isn’t bad but takes a prohibitively long time to type on every touchscreen keyboard I’ve ever used – someone needs to design one whose password mode still autocompletes words but doesn’t store the words you’ve used or the order you used them in – and pronounceable passwords are easier to remember than gibberish while having more entropy than real words.)
And use two-factor authentication wherever possible.
Of course, you’re still pretty much fucked if someone steals your phone – again, I don’t think it’s possible to protect against a specific, targeted, sufficiently dedicated attack – but if you’re just trying to keep yourself insulated against the next big bulk attack, that’s very doable.
Memorability. We remember stuff based on the connections we have with it. Random stuff is way harder to remember.
See above: the part about the hammer.
asdadsas: I don’t have a cell phone either. But not having to worry that one is being tracked oneself doesn’t diminish the harm that comes from tracking being possible. I want it to be possible for authority to be questioned, and for secrets to be dug out and exposed, even if I am not going to be the one doing the questioning and the digging and the exposing. I am protected from intrusions not only by not having a cell phone (of course, my internet traffic that comes from computers not phones is just as bad except for the location information), but also by not participating in the kinds of thing that intelligence agencies and the powers that prop them up do not wish us to be doing. Still, I want those things to continue to be done by those braver than me–so not having a cell phone myself doesn’t help towards that larger goal.
(Not that you said not having a cell phone solves everything, but I just wanted to get that point off my chest)
And once one of those sites stores your password in plaintext and is hacked, your password for half of everything has been compromised.
Unsalted hash is enough. Rainbow tables for the win!
I saw google-cracking a password from its hash, by googling the hash. Quite often you get results.
Yes, although I’d consider “unsalted hash” to be close enough to unencrypted, these days.
That’s a reasonable assumption.
For example, google for this one. 482c811da5d5b4bc6d497ffa98491e38
The analysts could see that some users had the same password as Ton, and their password hints were known to be ‘punk metal’, ‘astrolux’ and ‘another day in paradise’. ‘This quickly led us to Ton Siedsma’s favourite band, Strung Out, and the password “strungout”,’ the analysts write.
So the the takeaway is:
- DO NOT USE A DICTIONARY WORD PASSWORD
- Lie on your password recovery answers.
And of course remember Mat Honan’s story.
Best (worst) hints are things like “username then 22”. Slightly better (worse) than “oldest sister”. Seen both.
This makes a lot of sense… for people with one password to remember.
But if you have 10, 20, or more (as most people do), it doesn’t work nearly as well as you suggest:
“Is my Google password Hippo7black or Hippo7blue? Hippo6blue? Oh, wait a minute, that’s my Yahoo password. I think my Google password is Georgia5charlie (or is it Georgia6charlie?).”
You’ve also suggested using only one or two passwords for all your sites. This is a great way to ensure that if any one of your credentials is hacked, then all your accounts are vulnerable.
Locations: A phone without GPS or CPU can still be triangulated. So shut it off (rely on voicemail) except in locations you’re ok about. The shutoff should somehow remove battery power from the phone. Each phone carries its own unique ID. While powered it could be spilling anything.
Passwords: nothing new here. Randoms for each site and use some kind of passworded ‘wallet’.
True, but I’m not interesting enough to present much of a target. If I was a prominent journalist I hope I would be more careful.