Cisco's new Connect Cloud service is supposed to provide browser-based and remote network management features to users of some of its "Smart Wi-Fi" consumer routers. It's a pretty promising free set of features, and should impress anyone who likes to keep a close eye on their home wireless network with products like Spiceworks or Nmap. It includes such features as parental controls, media prioritization, and device management, and users can access it while at home or remotely via their mobile device.

Unfortunately it's had a pretty rough beginning.

Continue reading →

Passwords are supposed to protect files from unauthorised access, but the sad fact is that just about any password can eventually be cracked. That’s bad news if you’re looking for bulletproof protection, but should you suddenly forget a password you might be grateful that your file isn’t as secure as you might have thought.

Password-recovery tools are plentiful, but freebies are thin on the ground. Many of these don’t even work, but one that does -- within certain limits of file format and password length -- is Free Word and Excel Password Recovery Wizard 2.09.

Continue reading →

Google's fifth "Transparency Report" shows that the emperors of the world wear no clothes. The search and information giant started releasing the data two years ago, offering a small peek into the bombardment of user information requests that world governments make -- everything from non-copyrighted YouTube video take-downs, to search result link removals, to, most alarmingly, private citizen emails and information.

But what is most alarming about these requests? Many are not even for serious matters of national security. Most are down right requests to silence, censor, track, and or monitor dissident internal political groups and political opponents. In some, it is the outright censorship of non-violent organizations, ideas, or even the requested silence of whistle-blowers pointing out corruption. Google's own policy analyst, Dorothy Chou, sees a disturbing trending rise, particularly from "Western democracies not typically associated with censorship".

Continue reading →

LastPass has released a major new update for its secure password manager, LastPass 2.0, and the big addition is the extension of its Secure Notes feature.

As well as safely protecting simple text information, the new release also allows you to add confidential documents, PDF files and images as attachments to your secure notes. As with all other stored data, these will be locally encrypted to keep them safe from snoopers. And of course the attachments will then be synced to any location where you log in to your account, so they’ll be available anywhere.

Continue reading →

At a time when password breaches like the one at LinkedIn are once more making the news, there's plenty of good advice around about how to select a strong password as opposed to the sort of stereotyped easy-to-remember-but-stupendously-easy-to-guess password that turns up again and again in dumped lists of hacked passwords.

So if your favorite, much-used password (or something very like it) is in the following list, it might be a good idea to stop reading this now, go to the link on how to select a strong password and use it as a basis for changing all your passwords to something safer (then come back and think about the PINs you use). The list is abstracted from one compiled by Mark Burnett, representing the most-used passwords in a data set of around 6 million:

Continue reading →

With the recent announcements of password breaches at LinkedIn, and warnings from Google about state-sponsored attacks on Gmail accounts, it seems like a good idea now to review some password security basics. Then there is report today that someone hacked presidential candidate Mitt Romney's Dropbox and Hotmail.

In this post, we’re going to take a look at a rather low-tech solution to a decidedly high-tech problem: How to guard against password reset attacks, and where to securely store the answers to your password reset questions.

Continue reading →

This morning when I logged into LinkedIn I was greeted with several front page references to the reported hacking of the site, and instructions for changing my password, which I did immediately. This is a good time to change all of your social media passwords, making sure you create a fresh password that is hard to guess and unique to each site. It is not unusual for malicious parties who grab a bunch of passwords from one site to try those same passwords on other sites.

Over 6.5 million account passwords showed up on a Russian forum in SHA-1 (hashed) format to prove that the hackers had indeed succeeded in penetrating LinkedIn. There is a good chance that if the hacker(s) achieved access to LinkedIn passwords then they also know the corresponding LinkedIn usernames, i.e. the matching email address of the account owner.

Continue reading →

If you manage one or more PCs then you’ll know it can be difficult to make sure they’re all being used as you might like. Should someone want to conceal files from you, say, then if they zip them up and password-protect the archive then there’s very little chance of you ever finding out.

It doesn’t have to be that way, though, not if you install Passware Encryption Analyzer Free, a simple tool that will scan whatever areas of a PC you define and highlight almost any encrypted or password-protected files.

Continue reading →

You’ve downloaded an interesting new application, and you’re eager to try it out. So it’s hardly a surprise if, when you’re presented with a lengthy and complex licence agreement, you’ll just choose the “Agree” option without even reading it.

Ignoring the EULA does mean you’re missing out on some potentially interesting information, though, as a program’s agreement could reveal how installing it might result in you receiving targeted advertising, spam, or having personal information shared with third parties. Of course you’ll need to pick out these more interesting clauses from the background noise, but if you find that a problem then you can always get a little help from BrightFort’s EULAlyzer.

Continue reading →

In a move that is sure to rankle web advertisers, Microsoft late Thursday disclosed that Internet Explorer will have "Do Not Track" functionality on by default. This will prevent browser data crucial to behavioral and targeted advertising from being sent to third parties and could seriously disrupt the advertising industry in general.

Microsoft is vowing to move ahead despite the complaints of the industry. "While some people will say that this change is too much and others that it is not enough, we think it is progress and that consumers will favor products designed with their privacy in mind over products that are designed primarily to gather their data", IE vice president Dean Hachamovitch says.

Continue reading →

If you feel you’d like to be a little more anonymous online then installing a free VPN client is generally a good place to start. But there’s a snag: even though the VPN service know you’re concerned about your internet privacy, they’ll often still ask you to create an account, provide your email address and maybe other details, too.

SecurityKISS takes a simpler approach. There’s no “signing up”, no forms to fill in, no personal information required at all: just download and install the OpenVPN-based client and you’re ready to go.

Continue reading →

Venture-backed startup Safe Shepherd is a service we can really get behind. Users sign up and enter their personal information (personal names or aliases, email addresses, phone numbers, mailing addresses, etc.) into a profile, and Safe Shepherd locates that information on data broker websites and then erases it.

It helps protect your information against sites like BeenVerified.com, Radaris, Spokeo, and RapLeaf, which scrape whatever data they can find and sell it to marketers, or even worse, to potential identity thieves.

Continue reading →

Now, finally, the tide of public opinion on Internet privacy begins to flow in the other direction. Consumers are becoming more hesitant to share their data and are less tolerant when those with access to their data violate trust. That presents a tremendous threat to some of the titans of our day -- and an equally monstrous opportunity for others. Apple, Google, are you listening?

Honestly, I’m amazed that the issue was ever able to germinate and flower, particularly here in the United States, a country that distinguishes itself on the right to privacy. And a country that spent much of the last century wringing its collective hands over the Orwellian nightmare that awaited us down the road of technological advancement.

Continue reading →

The ever-present need for security means that every account that you have online, and probably on your computer as well, needs to be protected with a username and password. If you have taken the wise step of ensuring that all of your passwords are different, this will undoubtedly mean that you have an incredible number of passwords to remember.

Sticky Password is a free tool that can store all of your passwords in a secure database and save you having to remember them by automatically filling in login information for you. Sticky Password 6.0 has just been released and there’s a lot to look forward.

Continue reading →

LastPass.com, developer of the LastPass family of password-storage products, has released a new free app for iPhone, iPad and iPod touch. LastPass Wallet is designed to give iOS users a taster of the LastPass feature set by providing a tool for viewing, creating and managing secure notes, one of the service’s lesser known features.

The app provides templates for users to quickly create notes for sensitive personal information often found in the user’s wallet or purse, such as credit card details, passport number and wireless passwords.

Continue reading →