Jump to content
Killersites Community


  • Content Count

  • Joined

  • Last visited

  • Days Won


Everything posted by LSW

  1. Python is becoming the world’s most popular coding language https://www.economist.com/graphic-detail/2018/07/26/python-is-becoming-the-worlds-most-popular-coding-language 😶... 😐... ☺️... Interesting comparison for sure. This link comes from Nathan House of StationX who brought it up in his blog who goes on to explain the use of Python in the hacking community: The World’s Most Popular Coding Language? Reasons to Get to Grips with Python… https://www.stationx.net/the-worlds-most-popular-coding-language-reasons-to-get-to-grips-with-python/
  2. Why Do All Websites Look the Same? https://medium.com/s/story/on-the-visual-weariness-of-the-web-8af1c969ce73
  3. Google launches reCAPTCHA v3 that detects bad traffic without user interaction https://www.zdnet.com/article/google-launches-recaptcha-v3-that-detects-bad-traffic-without-user-interaction/
  4. I am posting this as I feel it is an important issue. You may not have heard of it or simply not really know what it is about. Briefly, the Net Neutrality rules state that High-speed Internet is a utility that all Americans have equal right too. My Internet has to be the same speed as yours. If this is removed, it will mean, for example, that my ISP could charge services for speed. You may watch Netflix at high-speed because they paid for it and Hulu did not so it keeps buffering and snagging etc. Another form of this is poor people get slow speed internet (remember that from the 80's?) while rich people can afford high-speed Internet. The claim is that it will make new jobs, but how often is that the fact? The truth is the ISP and others stand to make lots of money serving the richer and the poorer will get a poorer internet experience. This is coming to a vote soon. Trump wants it gone and it is an Obama legacy. Whether it is to wipe away another Obama legacy, or to increase the wealth of his big business buddies or if Trump really believes it will make new jobs, I do not believe it to be a win for the people and most people do not seem to believe so either. The Internet is now a human right and all should have equal access to it in my opinion. I cannot support ending Net Neutrality anymore than I could support censorship like the Great Firewall of China. If you are an American, read these and do your own investigation and then if you agree, sign a petition or call/write your congressional and house representatives and let them know you do not agree. The vote is before the Holidays. Burger King explains Net Neutrality The New Net Neutrality Rules (From 2016) What Net Neutrality Rules Say I'm on the FCC. Please stop us from killing net neutrality A Lump of Coal in the Internet’s Stocking: FCC Poised to Gut Net Neutrality Rules Most Americans Support the Net Neutrality Rules that Trump’s FCC Wants to Kill Investigate it yourself and make an informed decision as to if you think it will benefit the people. Just please do it soon.
  5. LSW

    What Is Seo?

    Don't we have all the buzz words down on that last one. Locking the thread. it IS 5 YEARS old, I think it has been answered often enough.
  6. Windows Built-in Antivirus Gets Secure Sandbox Mode – Turn It ON https://thehackernews.com/2018/10/windows-defender-antivirus-sandbox.html
  7. LSW

    How Secure are our Passwords

    From Computerphile on Youtube: Password Cracking How to Choose a Password From Seeker on Youtube: Building Digital Labyrinths To Hide Your Password How Hackers Really Crack Your Passwords
  8. I plan to add future posts to this as I come across anything worthwhile. As computers grow faster the ability to crack passwords improves. If you are still using 8 character passwords, it can be cracked in minutes. Add to that the eventual use of quantum computers by governments and one day maybe all of us... ANY password will be cracked in minutes. A computer can compare pre-listed common hashes at about 350 Billion a second. Also stay away from dictionary words. There are two primary attack types: Brute force: The attacker will just run his computer through combinations (a, ab, abc, abc1, abc2, etc.), literally using brute force of computing power to try every possible comination and for a average computer 8 characters is childs play. Dictionary attack: This is running through common words and includes modifying them (horse, Horse, h0rse, H0rse, H0r$3, etc.). Again, a really easy way to attack. So here are a few suggestions from me: The longer the password, the better. You really should be using 12 characters at a minimum and I would suggest more like 14 - 18/20. Use a password manager so you need not remember them all and can use randomly generated gibberish. Move away from Passwords and use Passphrases. Lyrics, Poem lines, Quotes, etc. These can be complete with spaces and you need not have special characters or numbers. It would also be more easily remembered than "C9bgTkYhd9dr". You can type them without dealing with special characters that can be a pain on a mobile device and you have really long lengths. Stay away from dates, those can be guessed like wedding date, kids birthdays etc. Stay away from pets or their names, breeds, etc. Stay away from children's information. Stay away from favorite things like authors, bands, hobbies as these may be guessed as well. Maybe use other uncommon languages, I have used Potawattomee, Tklinget, Gaelic. You need not even know the language, use a dictionary and see how your favorite animal is called in Gaelic "Winter Horse" in Gaelic will not be quickly broken, there are at least 4 forms of Gaelic, so I have to break not only what you like, but Irish, Scottish, Nova Scotian gaelic or Whales? And the name may include weird character groupings and special characters. If you remember what it was in English you can just look it up to remind yourself again. Never ever repeat passwords for other sites. Make each unique. Never give it out... to anyone. Hope you decide to get more secure and get some ideas from what I post here in the future. LSW
  9. LSW

    The Issue of Net Neutrality

    Vermont’s Net Neutrality Law Spurs Lawsuits https://www.meritalk.com/articles/vermonts-net-neutrality-law-spurs-lawsuits/
  10. LSW

    Current Threats

    Tumblr Patches A Flaw That Could Have Exposed Users’ Account Info https://thehackernews.com/2018/10/tumblr-account-hacking.html If you used tumblr, this would be a good time to change your password to a strong passphrase. LSW
  11. LSW

    Current Threats

    The following threads will be updated info on current threats to you. For now you must scroll down to find the newest until we find a better way.
  12. LSW

    Mobile Style Sheet

    Really there is no need for a separate CSS for mobile devices. Just make all your CSS use flexible sizing using %. This way it will downsize to fit the screen whether it be cell phone, tablet, monitor or TV. This is a basic of accessible web design for all users and not just mobile users.
  13. LSW

    Current Threats

    Tens of Millions of U.S. Voter Records for Sale https://www.bleepingcomputer.com/news/security/tens-of-millions-of-us-voter-records-for-sale/
  14. LSW

    Patch Tuesday Updates (Windows)

    To go along with this month's M$ patches, Adobe has released some as well. Adobe Releases Security Patch Updates for 11 Vulnerabilities https://thehackernews.com/2018/10/adobe-security-updates.html
  15. For those of you who have never noticed, the second Tuesday of the month is so called "Patch Tuesday" where Microsoft pushes out it's patches and updates. I will be posting notifications here as a reminder when there are important ones released. Remember that one of the base ways to protect yourself from malware and hackers is to keep all your software and Operating System (OS) up to date.
  16. LSW

    Patch Tuesday Updates (Windows)

    Microsoft October Patch Tuesday Fixes 12 Critical Vulnerabilities https://thehackernews.com/2018/10/microsoft-windows-update.html
  17. LSW

    Cybersecurity News

    Adobe News Adobe Releases Security Patch Updates for 11 Vulnerabilities [10/10/2018] Flash You should really block Flash on your browsers, it is a serious vulnerability for you. Adobe Issues Patch for Actively Exploited Flash Player Zero-Day Exploit [6/8/2018] (Unpatched) Adobe Flash Player Zero-Day Exploit Spotted in the Wild [1/2/2018] Hackers Use New Flash Zero-Day Exploit to Distribute FinFisher Spyware
  18. LSW

    Cybersecurity News

    Please bare with me as I figure out how best to handle the articles for easy viewing. As for now, I am closing this Topic in order to create replies that deal with each possible subject and will just edit that topic with new articles as I get them. If you have an article you feel should be added, just let me know.
  19. LSW

    Current Threats

    From Now On, Only Default Android Apps Can Access Call Log and SMS Data https://thehackernews.com/2018/10/android-app-privacy.html 👍 Maybe a little late, but good call!
  20. LSW

    Current Threats

    Google Forced to Reveal Exposure of Private Data https://www.databreachtoday.com/google-forced-to-reveal-exposure-private-data-a-11587
  21. LSW

    Current Threats

    Google+ is Shutting Down After a Vulnerability Exposed 500,000 Users' Data https://thehackernews.com/2018/10/google-plus-shutdown.html
  22. How to Start a Career in Cybersecurity: All You Need to Know https://thehackernews.com/2018/10/cybersecurity-jobs-salary.html
  23. LSW

    How Do You Programmers Type?

    Mine is more a hybrid 5 finger hunt and peck, first two fingers of each hand and one thumb. I typed alright in high school, then 25 years in Germany doing the German keyboard and then back to 12 years on an English keyboard. I learned typing in English, but I learned coding in German. So typing emails I am faster, but typing in code, I still find myself going for the German keys on US keyboards so much more hunt and peck. I have a good speed for a modified two finger typer. Have you ever heard this joke?: A boy stands in the study door watching his father peck away on a laptop. He then finds his mother in the kitchen typing away like a storm with all 10 fingers. He grunts and his mom looks up and asks him what he is grunting about. "I thought you were good at typing. But dad is better, he only needs two fingers." Cheers!
  24. SSO is almost everywhere, and once embedded it is as hard to dig out as a tick. It is a battle I have been fighting the last year, those in charge want things easy for the employees and the employees don't want to have to remember lots of passwords. I get it. But I get paid to worry, and what I see is an attacker breaking the SSO password and now having access to all the applications our employees use, many of which have access to both personal Personally Identifiable Information (Pii) as well as Health information. So the issue is really simple, the user need only remember one password and the attacker need only break one password to have the keys to the kingdom. Social logins are the same way. SSO is simply easier for you isn't it? But now Facebook has lost 50 mil. tokens that can be used to get into those users other sites. They can now breach your twitter account, facebook account, Google account and what else? If I can now get in your Google account, I can reset things, I can change your telephone number to mine, have your second authorization come to my phone. Ask yourself, is my mobile phone number available on my accounts? Ever heard of SIM Switching? I can call a mobile phone host, create an account and say "I want to come to you, please switch my telephone number" and usually with little to no checking of authorization they will activate your number in my new phone, now I can get access to any account attached with that phone number, I can even empty your bank account. So what is more important to you? Your security or your ability to quickly switch between facebook and twitter etc. without logging in again? Experts' View: Avoid Social Networks' Single Sign-On https://www.databreachtoday.com/blogs/experts-view-avoid-social-networks-single-sign-on-p-2670