The certain amount of time is now too short for that to make a major diff
-- last year, a tech reporter downloaded a list of 16,000 encrypted passw
and was able to decipher 47% of them in a few hours. The article says th
"While Anderson's 47-percent success rate is impressive, it's miniscule w
compared to what real crackers can do, as Anderson himself made clear. To
the point, we gave them the same list and watched over their shoulders as
tore it to shreds. To put it mildly, they didn't disappoint. Even the lea
successful cracker of our trio—who used the least amount of hardw
only one hour, used a tiny word list, and conducted an interview througho
process—was able to decipher 62 percent of the passwords. Our top
snagged 90 percent of them."
e to work
That's pretty much how I made the leap 6 years ago — the only thi
ng I'd do
differently would be to use live CDs/DVDs to try out a bunch of different
distros, not believe claims that only the one with a big PR budget is
You might want to try BSD first if you're really concerned about security
Linux is being changed under-the-hood in ways that will make it easier fo
government orgs like the NSA to tamper with it without being caught, and
finding it less stable, so I'm thinking of switching to PC-BSD myself.
On Saturday, September 27, 2014 1:31:09 AM UTC-4, Cheryl wrote:
eir systems secure:(
Good luck with that. Few people have the time or fortitude to find
and read the legal fine print where companies spell that out. And it's
not like I'm going to not shop at HD, Target or Walmart because of their
Agree with the rest of your advice.
And most of all, make
Baah, I'll show you guys. Wait till I get the four
million pounds sterling that nice general from King
Nambu Nambu's tribe promised me. Right before I gave
him my bank account and routing numbers.
Such a nice general.
Darn shame the English deposed the king and burned
down the Parlaimentary building in Nigeria.
Christopher A. Young
Learn about Jesus
I wasn't referring to RFID, which is so incredibly stupid on a credit card.
How hard is it to actually swipe the card instead of waving it?
I was referring to Chip and PIN cards:
RIGHT! Democrats don't need to do that because they've already stolen
enough to fund their campaigns. Their main impetus is tossing the Great
Unwashed a few crumbs so the GU will continue to vote for them so they can
I think you may be missing the big picture here. Consider...
Now, with non RFID card. Bad guy sticks a gun in your face, demands you
go to an automatic teller, withdraw money and give it to him and if you
don't he is going to inflict serious harm on you.
Now, WITH RFID card. Bad guy steals code, makes a card, goes to automatic
teller and withdraws money ALL AT NO RISK TO YOU!
IOW, the good credit card folks are working hard to keep us safe.
|I have now had 5 cards wiped out because stores dont bother keeping their
I'm a contractor, shopping at HD at least once a week,
but I didn't know how seriously to take the latest breach.
It's been going on since Spring and I haven't had any
I'm curious what you've done. Did you have your cards
reissued? Is there a cost for that? Do you just call them
and say you've shopped at HD, and they'll sens you a card
with a new number?
On Thursday, September 25, 2014 9:48:55 AM UTC-4, Mayayana wrote:
Couple nights ago on the news they said that the first instances of
the stolen card info being used had just started to occur. Last week
they were showing it being offered in traunches on a website in Russia.
The trauches you could buy were named "American Sanctions 10, 11, 12, etc.
Gives you a good idea of who and what is behind it.
An interesting question is why the card issuers don't just send out
new cards. I can only speculate that they figure that will cost more
than all the time and money spent investigating and covering losses that
occur. But I would think it would be more cost effective to just issue
new cards. Maybe they are doing that, IDK. And unlike Bob, I don't
think it's such a big deal if they
issue me a new card. The only issue I see is having to change any online
places where you have it saved, use it for recurring charges, etc. Not
that much work, IMO.
We had new cards issued -- free of charge -- more than a decade ago by a
bank when we showed that purchases made supposedly with our card were
made at places where we were not at the time.
We had new cards issued more recently because we had used a card at
TJMaxx, which had suffered a data breach. Replacement cards were sent
without us requesting them -- and free of charge.
Haven't shopped at Target in ages.
Have shopped at HD within the last couple of months but haven't seen any
suspicious charges on our card.
We got "chipped" cards in preparation for a trip to Europe. I don't know
how much more complicated it would have been to make purchases with a
card without a chip.
We have a store-branded RFID-equipped MasterCard for our supermarket,
but that's the only place I've ever noticed that an RFID card can be used.
I read recently that Australia is on the way to "contactless" payments
-- payments using a smartphone rather than a card, for example.
Believe me, they suffer in lost sales. Home Depot and Target appear to have
been particularly lax and didn't even do some of the minimum system scanning
required by the Visa and MC. HD may suffer greivously because of that lack
of compliance. It has and will continue to cost them dearly in sales.
Egghead went out of business shortly after they experienced a massive
breach. Fortunately these massive attacks have awakened the industry from
its stupor and more companies are doing aggressive testing.
A new problem has begun to appear - people using your checking account
number to make electronic debits. Apparently the banks are pretty lax about
who they will allow to debit your account. Every time you write a check,
you hand out your account number to a potential hacker.
They've only recently decided to force them to acknowledge that they have
been compromised. That data has been kept quite secret for a long time and
its only through the efforts of independent security analysts like Brian
Krebs that they've been outed. He's the one that fingered Target and if you
recall, they denied, denied, denied for as long as they thought they could
get away with it.
It will never happen. In the US we only manage by crisis and now there have
been enough huge breaches that we'll move to a much safer "chipped card"
system. Merchants have long balked at paying the cost to upgrade their
systems but these latest mega breaches are forcing their hand. Europe's
card fraud rates have been much lower than ours because they went to chipped
cards years ago.
I use cash nowadays at stores and especially restaurants (where the card
leaves your physical possession - a real invitation to trouble). It used to
be that I wouldn't use cards on-line but retailers like Amazon seem to be
able to keep their card systems secure. Other than them, I only use sites
that take Paypal because I have a little keyfob code generator from them.
Stealing my password won't do a hacker much good because each transaction
requires a number generated from the keyfob. So far, so good!
Don't forget to thank the Supreme Court for deciding that money equals free
Its both parties, actually. Look at Obama, who campaigned on getting us out
of the Middle East but it hurling us right back into that
stinkhole/sinkhole. Russia, China, Saudi Arabia and Europe have the most to
lose from ISIS but they're quite content to let poor, dumb old Uncle Sam do
all the heavy lifting and fight their battles for them. How can we be
against welfare for US citizens while we funnel billions of dollars to
defend the interests of countries that wouldn't take the time to whizz on us
if we were on fire? Time for them to get off the US welfare rolls, too.
What a dolt Obama is.
All it takes, it seems, to get America worked up to a money-splurging frenzy
is to behead a few people. The terrorists must be laughing their asses off
at how little it takes to push us to into a blind revenge-driven fury. If
we let them alone they would not have a common enemy and would eventual
fight amongst themselves and take care of the problem for us. But NOOOO.
We've got to make the US a target that unifies every terrorist faction in
the world. So Obama's as dumb as a post and is doing exactly what he laced
into George Bush for doing. Obama took us out of the frying pan and into
It's a bitch, I agree. Its a great reason to go back to untrackable,
unhackable cash. Its also pretty hard to spend more money than you have
with cash. Cards make that a LOT easier to do since the pain doesn't come
until 30 days later. I still carry one card in my wallet for emergencies,
but I if I am going shopping, I make a list and go to the bank first. I've
found a number of places will give a 2 to 5% discount for cash.
| >I have now had 5 cards wiped out because stores dont bother keeping their
| They do bother.
I've also seen articles critical of Target's security. The
problem seems to be that they just don't have a lot to
lose, and like most individuals, they see security issues
as abstract until a problem happens.
I don't know of any reason they even need to store
credit card data. Once the payment has gone through
it's none of their concern. Which points to a second
unnecessary security risk: companies that hold data
they shouldn't for purposes of datamining.
Here's another one:
This wasn't just a successful hack. It was an fullscale
intrusion that wasn't noticed for 6 months.
| and you keep your RFID card where? oh, so you DO put it in an old Altoid
| metal box so it can't be scanned by others. ok.
I have one RFID charge card that I never asked for.
There's an icon on the back that indicates it. One
can then look at the card on edge to find a tiny bump.
I sliced open the bump and removed the tiny RFID chip,
with no noticeable damage to the card.
One can also use something like an aluminum cover.
I made a simple one by folding a piece of aluminum in
half, so that it fits in my wallet.
| One report was that the HD breach took place on cards used at the self
| check out machines.
| I don't use those aisles, myself.
Nor I. I'd be interested to see a link for that if you
find it. I was assuming that the break was into the
HomeOwnersHub.com is a website for homeowners and building and maintenance pros. It is not affiliated with any of the manufacturers or service providers discussed here.
All logos and trade names are the property of their respective owners.