I was unintentionally shoulder-surfing on the Tube the other day when I noticed this:
As usual, blaming it on a “software glitch” / “computer malfunction”.
Whatever.
If only those poor systems (or their developers) had a voice…
The Personal Identification Number Code du jour for the wireless network of this Beirut restaurant is:
This is quite user-friendly, but is it good security?
It’s written with chalk, so presumably they change it every few days. That’s smart – it would require freeloaders to enter the restaurant, take a peek and then leave, every time the PIN changed – a pattern which would soon become obvious and get them caught.
There is no reason to hide the PIN from patrons, since they’re all on the same network anyway.
Sometimes simple solutions are perfectly adequate.
Not having the latest security updates for your web browser or plugins is detrimental to your online privacy and security.
Using Internet Explorer? Click the following link to update your software: https://browsercheck.qualys.com/
Using Firefox? Click the following link to update your plugins: https://www.mozilla.com/en-US/plugincheck/
This is what the web sites look like:
Qualys’ free browser security checker:
Firefox’s own PluginCheck page:
Kudos to Julien who pointed out the Qualys BrowserCheck tool.
It’s all supposed to be OK on the big bad Internet, because we have SSL. It’s really our only (first and last?) line of defence when it comes to having *some* degree of trust that we’re indeed talking to the website we think we are.
But:
kill any credibility the scheme ever had.
SSL has known issues we were prepared to live with, like:
But sloppy handling of certificates by multi-million dollar corporations that can’t be bothered to issue a proper certificate (Facebook?), and the poor handling of such situations by the main browsers in use today (IE8 & Firefox 3) put Internet users in impossible dilemmas.
Let’s say one wishes to securely connect to the regional website of Facebook in the United Kingdom.
Try visiting https://en-gb.facebook.com with IE8 and you get the following:
Do you see any information anywhere that helps you understand what’s going on? I don’t. And I call myself an IT professional.
So what is the poor user supposed to do?
Visiting https://en-gb.facebook.com with Firefox 3 is slightly better:
In this case Firefox is doing better than Internet Explorer because unlike IE8, Firefox allows the user to make an informed security decision.