Connect with us

Tech News

How your passwords probably get hacked #KnowledgeIsPower

(TECH NEWS) While we all know that passwords can be hacked, it is rare that we know how they’re hacked.

Published

on

passwords dark web Chinese hacker blackmail apple

Ever wonder how passwords get stolen? I like to imagine a team of hackers like The Lone Gunmen from The X-Files, all crowded in some hideout conducting illegal computer business based on tips from rogue FBI Agents.

Turns out there’s a little more to hacking than waiting for Fox Mulder to show up with hints.

Most of the common tactics involve guessing passwords utilizing online and offline techniques to acquire entry. One of the main methods is a dictionary attack.

This method automatically tries everything listed in a small file, the “dictionary,” which is populated with common passwords, like 123456 or qwerty. If your password is something tragically simple, you’re out of luck in a dictionary attack.

To protect yourself, use strong single-use passwords for each individual account. You can keep track of these with a password manager, because no one is expecting you to remember a string of nonsensical numbers, letters, and characters that make up a strong password.

Of course, there are still ways for hackers to figure out even complex passwords. In a brute force attack, every possible character combination is tried. For example, if the password is required to have at least one uppercase letter and one number, a brute force attack will meet these specifications when generating potential passwords.

Brute force attacks also include the most commonly used alphanumeric combinations, like a dictionary attack. Your best bet against this type of attack is using extra symbols like & or $ if the password allows, or including a variety of variables whenever possible.

Spidering is another online method similar to a dictionary attack. Hackers may target a specific business, and try a series of passwords related to the company. This usually involves using a search “spider” to collate a series of related terms into a custom word list.

While spidering can be devastating if successful, this kind of attack is diverted with strong network security and single-use passwords that don’t tie in easily searchable personal information.

Malware opens up some more fun options for hackers, especially if it features a keylogger, which monitors and records everything you type. With a keylogger, all your accounts could potentially be hacked, leaving you SOL. There are thousands of malware variants, and they can go undetected for a while.

Fortunately, malware is relatively easy to avoid by regularly updating your antivirus and antimalware software. Oh, and don’t click on sketchy links or installation packages containing bundleware. You can also use script blocking tools.

The delightfully named (but in actuality awful) rainbow table method is typically an offline attack where hackers acquire an encrypted list of passwords. The passwords will be hashed, meaning it looks completely different from what you would type to log in.

However, attackers can run plaintext passwords through a hashtag algorithm and compare the results to their file with encrypted passwords. To save time, hackers can use or purchase a “rainbow table”, which is a set of precomputed algorithms with specific values and potential combinations.

The downside here is rainbow tables take up a lot of space, and hackers are limited to the values listed in the table. Although rainbow tables open up a nightmare storm of hacking potential, you can protect yourself by avoiding sites that limit you to very short passwords, or use SHA1 or MD5 as their password algorithms.

There’s also phishing, which isn’t technically hacking, but is one of the more common ways passwords are stolen. In a phishing attempt, a spoof email requiring immediate attention links to a fake login landing page, where users are prompted to input their login credentials.

The credentials are then stolen, sold, used for shady purposes, or an unfortunate combination of all the above. Although spam distribution has greatly increased over the past year, you can protect yourself with spam filters, link checkers, and generally not trusting anything requesting a ton of personal information tied to a threat of your account being shut down.

Last but certainly not least, there’s social engineering. This is a masterpiece of human manipulation, and involves an attacker posing as someone who needs login, or password, building access information. For example, posing as a plumbing company needing access to a secure building, or a tech support team requiring passwords.

This con is avoidable with education and awareness of security protocol company wide. And also you know, not providing sensitive information to anyone who asks. Even if they seem like a very trustworthy electrician, or promise they definitely aren’t Count Olaf.

Moral of the story? Your passwords will never be completely safe, but you can take steps to prevent some avoidable hacking methods.

Always have a single-use password for each account, use a password manager to store complex passwords, update malware, keep your eye out for phishing attempts, and don’t you dare make your password “passoword.”

Lindsay is an editor for The American Genius with a Communication Studies degree and English minor from Southwestern University. Lindsay is interested in social interactions across and through various media, particularly television, and will gladly hyper-analyze cartoons and comics with anyone, cats included.

Tech News

Tinder creators launch Ripple, a professional networking app void of pros

(TECH NEWS) Ex-Tinder employees have come together, backed by Match.com, to create a swipe-based professional network, but we don’t plan on giving it a second date.

Published

on

ripple app

In 2015, we discussed briefly the possibilities of taking the dating app’s and repurposing them for professional networking. What if finding professional connections was as easy as finding a date on Tinder? Tinder (executives) literally heard us because they have introduced a solution in their new mobile app called Ripple.

Not to be confused with Ripple the cryptocurrency, Ripple the app is a professional networking tool that literally feels like Tinder.

As it should, the former CTO, Director of Engineering, and Lead Designer of Tinder all make up the founders, along with Mike Presz from Match.com. People who make good dating platforms came together for a professional networking solution that they hope makes networking easier, more natural, and more modern. I took the liberty of signing up for a few days and experimented with the app and I have a few things to say about it…

The good?

Design. Design. Design. The app has a luxuriously simple UI, and is fabulously easy to use. If you even tried Tinder for six minutes, you’ll be able to use this app. The use of symbols, big images, and easy UI is great. The application navigates simply.

It’s fantastic. It’s minimal, it’s content oriented, the interest categories are so good (but they could be better – no interest in process improvements? Go learn about Six Sigma) LinkedIn should look it. The profile set up takes no time at all, about five minutes and you’re ready to go.

But that’s about it.

Everything that’s not good? Everything else.

This is probably because the app is new, but there is nothing going on for the US market. I saw a lot of European professionals and professional groups, but zero people in my area, a major US metropolitan area also called Dallas-Fort Worth. The lack of content and the lack of professionals means the app has nothing.

I can’t rate group experience or say I met the mentor of my professional dreams because no one is on it. Which leads me to ask: What’s next?

The branding, marketing, and advertising for this app are going to have to take off. This is a beautiful product, but the lack of content makes it a pretty dull use. I had to actively remind myself to use it, and I’m in a serial relationship with LinkedIn.

Basically, no second date for me with Ripple until they get… something to happen.

Continue Reading

Tech News

The cutest part of CES was Sony’s AI robot doggo, Aibo

(TECH NEWS) The Consumer Electronics Show revealed the technologies that are dominating and will dominate the market, with Sony’s AI puppers stealing the show.

Published

on

aibo sony ai doggo

One of the most endearing items to emerge from CES this year was Sony’s revamped robot dog, Aibo.

Aibo’s first unveiling in 1999 featured a blend of emergent Sony technology, such as their Memory Stick and companion operating system. By the time of its demise in 2006, the Aibo was equipped with a large vocabulary (it could speak 1,000 words) and could interact with an owner’s commands and motion. The computerized canine wasn’t limited to just the realm of their traditional counterparts, however – the 2006 model of the Aibo could take pictures from the eye-embedded camera system, play music, and write blogs.

Equipped with more personality and a better interactive capability with its environment, the 2018 Aibo looks more like a real dog as well.

Composed of 4,000 parts and OLED-screen eyes to more authentically mimic movements, Sony says it relies on sensor systems and embedded cameras akin to those in self-driving cars to provide as close to an authentic experience as they can. The cameras, located in nose and tail, allow the robot to learn its way around the house and to deliver it back to its charging station once the two-hour charge runs out.

Reviewers at CES noted that the updated version of the Aibo was very “puppy-likem” barking and scampering with unlimited energy.

The current model is also touch responsive on its head, back and under its chin, allowing the user to give “puppy love” in a way that mimics that of what real dogs like.

Perhaps proving that Aibo is capable of acting more and more like a real dog, the robot canine was unresponsive to commands from Sony CEO Kazuo Hirai on stage at its unveiling, prompting Hirai to return Aibo to Sony staff quickly.

Slated to go on sale in Japan later this year, the dog isn’t cheap, priced at nearly $1,800, but does find itself selling into a dedicated Aibo fanbase from its earlier issue and a consumer market which is hungrier and more accepting for interactive experiences of this type of poo-free pet ownership.

Continue Reading

Tech News

Lyft offers test rides in their autonomous cars – how’d it go?

(TECH NEWS) Lyft let passengers roll around Vegas in their self-driving cars, and surprisingly, no shocking viral videos resulted.

Published

on

lyft self driving cars

If you haven’t been paying attention to the progress of self-driving cars, you’re in for a shock – they’re closer to a daily reality than you might think. As part of this year’s CES conference, Lyft offered test rides in a handful of their autonomous cars, and the results were reportedly decent.

Unlike other companies’ public tests in the past, Lyft’s demonstrations consisted of normal passengers taking normal routes in Las Vegas; there was little in the way of preemptive route control, meaning that the tests were as authentic as possible. Passengers were able to board autonomous Lyfts from the Las Vegas convention center, with some testers traveling well over three miles with minimal operator interference.

The cars themselves are designed by Aptiv, which is a technology company heretofore unaffiliated with Lyft.

While both companies are aware of the potential for flaws and the need to iron them out before production begins en masse, test riders reported that the cars were able to anticipate and respond to a myriad of traffic conditions (for example, slowing down to allow a faster vehicle to merge); this bodes well for the 2020 goal that many autonomous car companies have set.

Naturally, there were a few kinks in the cars’ respective operations, including yellow light confusion and some other finessing issues, wherein the cars’ human operators had to intervene.

The technology behind self-driving cars is only part of the equation, however. As autonomous vehicles become more commonplace, cities will have to adapt to accommodate them.

This process will most likely include things like redefining road architecture, legislation regarding car use (at the moment, autonomous cars must always have a driver in them), and implementation of smart technology.

There’s also the matter of public perception. While most of the reports from the Lyft demo in Las Vegas were positive, the fact remains that plenty of people will be skeptical of new technology – as well they should be, since any emerging technology is bound to make a few bad headlines before it evens out.

How Lyft counters this perception will be key in determining the future of its autonomous fleet, and perhaps even the future of autonomous cars as a whole.

Continue Reading
Advertisement

The
American Genius
News neatly in your inbox

Join thousands of AG fans and SUBSCRIBE to get business and tech news updates, breaking stories, and MORE!

Emerging Stories