Here we go again — Internet Security Freakout! The New York Times reported late on Tuesday that a Russian gang of cybercriminals made off with 1.2 billion usernames and passwords from 420,000 websites around the world, (as well as 500 million email addresses), all with botnets and malware. The Milwaukee-based company Hold Security discovered the stolen data, but wouldn’t say which websites were affected due to confidentiality agreements with its clients. (Not helpful to the rest of us, Hold Security.)
Although snagging credentials off compromised websites was one big way the infohaul was reeled in, a few online observers have suggested that the Russian gang may have also bought chunks of the stolen data from other hackers. This may mean some of the information may be old and out of date, especially after the Heartbleed panic earlier this year when responsible folk went and changed all their passwords then, too. Other sites, like The Verge, The Wall Street Journal and Forbes have noted Hold Security was awfully quick to capitalize on the heist. (The Washington Post took a look at Hold Security itself and had some interesting observations.)
So what can you do to protect yourself? No one knows yet exactly which websites were affected, so let’s just assume it was All of Them. The Times posted some tips for dealing with the breach, so start there. And it may be time to break down and get a password-manager programs like LastPass or 1Password, as this sort of Massive Data Protection FAIL is unfortunately starting to become a regular occurence.
For happier news, we go to outer space, where the Rosetta probe from the European space agency has finally caught up with comet 67P/Churyumov-Gerasimenko after a 10-year chase. Rosetta is now orbiting the comet and sending back photos, and yes, the pictures are on its Facebook page — or rather the European Space Agency’s Facebook page. Good hunting, Rosetta!
Sharknado 2: The Second One, the sequel to last year’s unexpected pop-cult powerhouse, grabbed 3.9 million viewers on its original airing last Wednesday on the SyFy Channel and dominated trending topics lists. The film reportedly delivered one billion mentions in Twitter conversations throughout the day of its broadcast. The cameo-filled sequel was set in New York City and another sequel is on the way.
Some more good news: It’s now perfectly legal once again to unlock your mobile phone from the carrier you bought it from, so you can use it with another company’s compatible network after your contract runs out. President Obama signed the Unlocking Consumer Choice and Wireless Competition Act on August 1st. In other government-and-phones news, The Wall Street Journal is reporting that the Department of Transportation is considering a rule to ban cellphone voice calls on commercial flights to, within and from the United States. Here’s hoping!
In other law-enforcement matters, Google recently alerted authorities to illegal images in the account of a particular Gmail user after illegal child-pornography images were detected during an automatic scan. Google had discussed its efforts in stopping child porn with London’s Daily Telegraph last year, but the news of the arrest got some privacy advocates worried about what companies can do with your mail. (Google said this is the only crime it scans for in Gmail.) In addition to its own VideoID software, Google and other companies also use Microsoft’s PhotoDNA and Friend MTS’s Expose F1 forensic programs to scan for photos and videos depicting abuse.
It’s the height of summer and the hackers are gathering in Las Vegas for their annual Black Hat and DEF CON conventions. Black Hat started last weekend, and in addition to a demonstration about how USB devices have huge security issues, another consultant was preparing to show how the satellite communications gear on passenger gets could be hacked by going through the aircraft’s in-flight entertainment and onboard WiFi systems.
Meanwhile, another presentation at the conference dealt with spoofing signals in wireless key fobs to unlock cars. Corporate America, please pay attention, okay? That includes you, Wearable Computing Developers. That’s because the security firm Symantec got itself a $75 Raspberry Pi computer and wrote up a blog post describing how easy it is to track people with fitness monitors and other wearable tech through wireless protocols and other security holes in the apps and software.
Algorithms are everywhere. The Massachusetts Institute of Technology just announced that some of its researchers, along with scientists from Microsoft and Adobe, developed an algorithm that accurately reconstructs an audio signal from a video based on vibrations. In one experiment, the researchers were able to reconstruct intelligible speech from a potato-chip bag filmed 15 feet away from the camera and through soundproof glass.
The CEO of Verizon Wireless threw shade at the chairman of the FCC over a letter the agency sent to Big Red expressing concern over treatment of customers with unlimited plans. In a blog post, Verizon had outlined what it calls its Network Optimization policy, in which bandwidth for heavy users is scaled back during peak times on overcrowded sites. Verizon 3G hogs have been “optimized” for years, but the FCC only spoke up when the company recently announced it was also going to start throttling 4G LTE users this fall. Among other points in its rebuttal, Verizon said its practices were consistent with the reasonable network management definitions laid out in the 2010 Open Internet Order and other companies were doing the same thing. So there.
Comcast, which has not had a lot of good press lately, announced this week that it will be providing up to six months of free Internet access to low-income families as part of its Internet Essentials program. Requirements for the program include being in an area where Comcast has service and having at least one child eligible for the National School Lunch Program.
Let the frothing begin: the Re/Code site is now reporting that Apple’s iPhone 6 event will be on September 9th.
And finally, as millions noticed last Friday, Facebook suffered a major site outage. During this time, some concerned Facebook users called 911 and the Los Angeles’s Sheriff’s Department. Others took a more thoughtful approach and used the outage as an opportunity to study Web traffic. The Chartbeat blog found that Web traffic to news sites dropped 3 percent and showed how social media drives visitors to other sites. The countries affected by the outage included the United States, India and Chile, so it did not seem to be a worldwide crash.
That may seem like a big dent, but compare it to last year when Google took a dive: experts said world Internet traffic dropped by 40 percent. So in addition to keeping your password-manager program at the ready these days, you may also want to pack a book for those times when various parts of the Net are down. And don’t pester 911 because Facebook or Google crashing IS NOT AN EMERGENCY. Just think of it as an offline disco nap and take a break.