Quake3World.com Forums
     General Discussion
        The Pentagon's Weapons Are 'Easily Hacked' With 'Basic Tools


Post new topicReply to topic
Login | Profile | | FAQ | Search | IRC




Previous topic | Next topic 
Topic Starter Topic: The Pentagon's Weapons Are 'Easily Hacked' With 'Basic Tools

Arrr?
Arrr?
Joined: 09 Feb 2001
Posts: 34455
PostPosted: 10-10-2018 10:23 PM           Profile   Send private message  E-mail  Edit post Reply with quote


https://motherboard.vice.com/en_us/arti ... gao-report

Quote:
That’s the finding of a new report from the Government Accountability Office (GAO)—a non-partisan agency that investigates issues at Congress’ request. In a report published on Tuesday, the GAO found “mission-critical cyber vulnerabilities in nearly all weapon systems that were under development.” According to the report, software-enabled functions that are “potentially susceptible to compromise” include targeting missiles and flying aircraft.

I'm not surprised in the least. Not changing default passwords seems to be the norm in Washington. :rolleyes:




Top
                 

Just another Earthling
Just another Earthling
Joined: 20 Jul 2001
Posts: 11083
PostPosted: 10-11-2018 11:56 AM           Profile Send private message  E-mail  Edit post Reply with quote


Ah, the mention of passwords :paranoid:

I have been meaning to change mine just 'cause it's time and I should do it routinely. One of my passwords is from 'dial-up' days.



_________________
Hit my WWW and make the world spin :D


Top
                 

Risen From The Ashes
Risen From The Ashes
Joined: 03 Aug 2000
Posts: 26760
PostPosted: 10-13-2018 01:33 PM           Profile Send private message  E-mail  Edit post Reply with quote


Whiskey 7 wrote:
Ah, the mention of passwords :paranoid:

I have been meaning to change mine just 'cause it's time and I should do it routinely. One of my passwords is from 'dial-up' days.


Just switch to lastpass, it's free and integrates/syncs with all browsers and Android/iPhone. Every website I have an account on has a completely different and randomised password to every other site, all I have to remember is my master password. So if one site gets compromised it doesn't matter, they can't then login to my email or other sites I have an account on :up:.

https://www.lastpass.com/




Top
                 

Arrr?
Arrr?
Joined: 09 Feb 2001
Posts: 34455
PostPosted: 10-13-2018 01:50 PM           Profile   Send private message  E-mail  Edit post Reply with quote


Yeah I worry about password managers. Some store passwords on a server that can be hacked, some use browser extensions which can break during an update, others have just gone out of business and stopped updating their software. I worry...




Top
                 

Risen From The Ashes
Risen From The Ashes
Joined: 03 Aug 2000
Posts: 26760
PostPosted: 10-13-2018 03:51 PM           Profile Send private message  E-mail  Edit post Reply with quote


Lastpass uses end-to-end encryption. E.g., your device encrypts all the data with your password before sending it to their servers, then your device decrypts all the data from their server with your password. They don't store your raw passwords just the garbled ones. Obviously if someone was to hack them they could push out a rogue version of the app/browser extension that stole your master password when you entered it, but I doubt it.. stop being paranoid :p

(Lastpass does let you export your passwords to a CSV or something if you want a fully offline backup, which is worth doing every so often)




Top
                 

Cool #9
Cool #9
Joined: 01 Dec 2000
Posts: 42386
PostPosted: 10-14-2018 05:11 AM           Profile   Send private message  E-mail  Edit post Reply with quote


Transient wrote:
Yeah I worry about password managers. Some store passwords on a server that can be hacked, some use browser extensions which can break during an update, others have just gone out of business and stopped updating their software. I worry...


It's one of the reasons why I still use Keepass. It stores passwords in a local database that's under your own control.
My Keepass database is protected with both a password and a 256 bit private key (file). I put the database in Dropbox and keep the private key file on my own devices. That way the DB is synced across all devices and even if Dropbox is hacked, they'd still need my private key and the password to open the database.




Top
                 
Quake3World.com | Forum Index | General Discussion


Post new topic Reply to topic


cron
Quake3World.com
Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group