I was reading one of my favorite comics the other day (Xkcd) and it really hit home with me.

(They usually do, it’s odd, the creator and I must be kindred spirits or somthing)

It’s about password strength, and really underlines the power of, well powers.

This really underlines the point, that when possible, it’s by FAR safer to have a longer, password, regardless of how many special characters are used. In the end, the power of length trumps all the complication of case sensitivity and substitutions. I don’t even need to explain much further into detail, because xkcd has illustrated that point so well. For years I’ve been trying to explain just this thing to people, and it was summed up into a nice little 6 panel piece.

So I’m blasting it out to those who care about security, and a way they could “Salt” this method to services that support longer passwords. Salting passwords is a way to make each password for every service you use different. With a method like the one above, you could “salt” your password using either the service name, or type, or a word you could remember that is associated to that service.

Like for yahoo, your password could be correcthorseyahoostaple and Hotmail could be corecthorsehotmailstaple . This way if one password is compromised via logging or other keystroke capturing methods (Spy Cam Video?) Your other passwords would be relativity safe, so hopefully you could change them before the attacker compromised all the services you use. Even better, would be to change up the word order, or use association. Like correcthorsejunkmailstaple  or yahoocorrecthorsestaple…

Really just food for thought… too bad that many services out there, especially the really important ones it seems, likes to limit you to a maximum of around 12 chars.

Chat rooms and message boards allow criminals to share information and recruit help building and carrying out online scams. Panda Labs researchers discoveries included Fake ATMs selling for $35,000, card cloners from $1,000 to as little as $200 and stolen banking credentials from $80 to $700 – the more expensive accounts come with a guaranteed balance of $80,000 or more. Criminals run their operations by using specialized online stores, accessible with a user name and password. While usually advertised through underground forums and chat rooms, some, more bold thieves are promoting themselves on social networks like Twitter and Facebook. When it comes to initiating a sale however, they drop to a more secure, (anonymous) form of communication like online messaging clients and generic e-mail accounts. Payments usually go through Western Union, WebMoney and other online disbursement systems, the report said.

Inventory is growing and prices are dropping on the cyber crime black market, according to a new report from security firm Panda Labs.

From the PDF: Overview of Cybercrime organization.

CEO of Facebook Mark Zuckerberg’s Facebook fan page seems to have been hacked, with the hacker posting this message:

“Let the hacking begin: If facebook needs money, instead of going to the banks, why doesn’t Facebook let its users invest in Facebook in a social way? Why not transform Facebook into a ‘social business’ the way Nobel Price winner Muhammad Yunus described it? http://bit.ly/fs6rT3 What do you think? #hackercup2011″

Facebook has yet to make a statement in regards to the hack, but if they can’t keep Zuckberg’s Facebook Fan page safe, how much should we rely on Facebook’s security?

What do you think? Chime in the comments and let me know!

Get notified anytime someone accesses your facebook account. Simply use this shortcut to go to your account security settings in facebook. http://r4d.us/fblockdown and then go to “Account Security” then Choose “Yes” and check the SMS box if you want to get a text message anytime someone logs in to your facebook account from an unknown computer. (You then will need to authorize each computer first by logging out, and back in at each pc)

Now the Next time you log in, Facebook will ask you to authorize the computer.

Now if a hacker logs into your facebook account from an unknown computer / location,
you will be notified instantly!

Step 1: Enable the new feature in Account Security

Step 2: Log Off, and then log back in to Facebook

Step 3: Verify: Under Account Security you should now see your computer Listed.

Now if anyone attempts to access your facebook from an unauthorized source, you will be notified!

Microsoft Drops Win2k, XP SP2 in July

Microsoft offers support for five years and extended support for another five years for their Windows platforms. It will soon be time for Windows 2K and Windows XP SP2, in fact, It’s July 13.

But don’t worry, the self-help online support like the Knowledge Base articles (Kb-#### articles), FAQs, troubleshooting tools, and other resources will be around for at least a year longer. But paid support, support assistance, and MOST importantly, security updates will be discontinued on July 13.

This means that if you’re not hanging with at least SP3, you are running a serious security risk to yourself!

To Check what Service Pack you are running, simply press the Win Key and Pause at the same time (Win + Pause/Break). A box like the following will appear and show information about your system. If you’re not running SP3 on Windows XP, I recommend going to Microsoft Update right away and getting the free update to Service Pack 3.

Ok, listen up, everyone should change their password on facebook right away! A russian hacker by the name of Kirllos is selling facebook accounts on the cheap! He used a combination e-mail phishing scam,  Iphone App, and probbably the other “usual” means of stealing facebook accounts.  Remember getting that Fake Farmville Gift? Wondered why they were doing that? Now you know!

How to protect yourself?

You can’t change what’s done, but he’s selling them cheap while they are still valid. Some accounts have already been confirmed stolen. If your account was stolen, you still have hope. By simply changing your password, the access to your account will no longer be valid and they will not be able to access your account. To change your password, click on Account in the upper right, and then Account Settings, (Or click here https://register.facebook.com/editaccount.php)

Please hurry, and change your password. Use the share links at the bottom of this post to spread this to everyone you know! Don’t let your friends accounts get stolen!!!

Really, this is getting out of hand! I’m tired of getting Facebook requests from apps like “Feed” or “Farm Ville Free Coins or gifts” or other stupid apps that try to trick you!

Let’s beat these guys to the punch, I’ve created a group on Facebook called FBAPPS-You-should-block and anyone can join, and add the app urls that we should block.

Simply click on block after clicking the link we provide. If we are missing a bad app to block just drop us the Link to block it and we’ll post it!

This could save you a lot of headaches down the road! Check it out….

Here’s the link to the Fan Page: http://www.facebook.com/pages/FBAPPS-You-should-block/286166424512?v=wall

Oh, and they will never bother you about or send you wasted messages, just join the group, visit once a week or two and block a few new submitted apps, and your done! No more viral apps spreading or nagging you! Got a friend who always asks you to add weird unheard of apps? Point them to our site, and hopefully we can put this behind us!

How to spot fake farmville gifts on facebook…

This guide targets something that I have been meaning to address for a long time now. Although the intentions of people sending these gifts are probably good, I think that many people are fooled into believing that they are helping their friends and neighbors out by sending fake farmville gifts. I understand that it is very confusing to distinguish which gifts are actually real farmville gifts and which ones are fake, so my intention is to assist you in making that differentiation before sending the fake gifts to friends, accepting them, or even posting them on a friends wall. These gift apps on facebook that were created with the sole intention of fooling players of the farmville game, even use the actual pictures of the real farmville, to make it hard to tell which is real.

As you can see in the picture above, these all look like actual gifts that can be used in the farmville game, but they are all fake. The only thing that you can do with these gifts is look at them on your wall, therefore slowing down and cluttering facebook for no reason.

I have had many friends and neighbors asking where to find their gifts that were recieved from these gift apps, because they wanted to use them in the game “farmville”. The answer is that you cannot, they are in no way affiliated with the actual Farmville application.

Here are some of the fake farmville gift apps.

I’m sure that many your farmville friends and neighbors are unaware that these gifts that they are sharing with you are fake, and their intentions are truly pure, so please share this page with them in the comments when they share one of thesegifts with you. If we all work together and get the word out, we will inform many people of the fact that the gifts are not real, and we will then have less fake gifts to delete from our walls and less fake gifts to ignore.

Tip to spot them quickly: If you hover over the link and it is not http://apps.facebook.com/farmville/ (Ie ends with farmville-vfaflkasd ramdom jibberish or if farmville is mispelled)

Click on The Facebook Icon below to share this story with your friends on Facebook!