Tag Archive for 2024

| September 13, 2024
Comments Off on Passwords: Don’t Make These Mistakes to Stay Safe

Passwords: Don’t Make These Mistakes to Stay Safe

Passwords: Don’t Make These Mistakes to Stay SafeIn 2023, over 1.7 billion passwords were compromised. This number is over five times the population of the United States or an average of over 46,000 passwords per minute. Compromised records refer to personal data, such as passwords, that have been stolen or leaked, often through data breaches or hacking attacks. Chances are good that some of your credentials are out there. These compromised records often end up on the dark web. The dark web, a hidden part of the internet accessible only through specialized software, is known for its anonymity and is often used for illegal activities. Hackers use the dark web to buy, sell, trade, or steal data, as seen in the recent Rockyou2024 data leak. This makes it a popular marketplace for hackers to acquire compromised passwords and other sensitive information. Once hackers have the data, they engage in a process of guessing, information gathering, and tricking to commit identity theft. Each phase is designed to exploit the data that the attackers already possess.

The hackers try to guess your password

Don't Be Hacked! Avoid These Password MistakesHackers can launch a brute-force attack with just an email address. A brute force attack is an automated, trial-and-error method known as “password spraying.” In password spraying, a cyber attacker tries common passwords across many accounts, avoiding account lockouts and remaining undetected. For hackers, a list of passwords is merely a starting point. Bad actors employ a variety of tactics to decipher your credentials.

They try sequential number combinations – Hackers often try sequential number combinations. As the table below shows, most passwords share a common feature: sequential numbers, such as 12345. Avoid using these in your passwords as they make them predictable and easy to guess

NordPass top 5 worst passwords 2019 - 2023
20192020202120222023
0112345123456123456password123456
02123456123456789123456789123456admin
03123456789picture11234512345678912345678
04test1passwordqwertyguest123456789
05password12345678passwordqwerty1234
NordPass

Using sequential numbers is also a bad idea for the four-digit PIN of your debit card.

They guess common phrases – Hackers often guess common phrases. Therefore, avoid using common words or phrases. Common words or phrases in passwords are predictable and can be easily cracked. While they may be easy for you to remember, they are also among the first passwords that hackers will guess.

In lists of the most common passwords, the word “password” has consistently been in the top 10 for the past five years. Phrases such as “Admin,” “iloveyou,” “qwerty,” and “guest” frequently appear in the top 25.

substitutions in passwordsThey look for substitutions – Hackers often look for substitutions. Using common words with case and numerical substitutions in a password is risky. Attackers frequently use dictionary attacks. Dictionary attacks occur when the bad guys attempt common words, phrases, and predictable substitutions. Attackers often use common words with case and numerical substitutions, such as ‘4’ for ‘A,’ ‘3’ for ‘E,’ ‘1’ for ‘I,’ and ‘0’ for ‘O’.” Therefore, even with these substitutions, your password could still be relatively easy to crack. For example, they will try “password,” “Password,” “Pa$$word,” and “Passw0rd” too.

Next they gather information

They try pet and family names – Hackers often try pet and family names. In your passwords, do not use easily guessable information such as your pet’s, child’s, or spouse’s name. Bing warns that this kind of personal information can often be found on social media or through other means. This makes it easier for someone to guess your password. An attacker who has obtained some of your personal information may also check your family’s accounts to try to access your records.

They use significant dates – Hackers often use significant dates. Just like family names, it’s not good to use significant dates such as a birthday, anniversary, or a loved one’s birthday as passwords. These dates are easy to guess because they are memorable. Hackers can easily guess or discover special dates through social media. Hackers can also figure them out quite easily if they have access to your personal information.

Hackers try to trick you into giving them your passwords

trick you into giving them your passwordThey go phishing – Hackers often go phishing. Phishing is one of the easiest ways for attackers to obtain your credentials. They send out bogus emails disguised as legitimate ones. Malicious actors send phishing emails to trick you into revealing personal information (such as passwords and credit card numbers) through fake emails or websites.

Clicking on a phishing email will redirect you to a fake website. Once there, they will capture your user ID and password. Therefore, don’t open emails from unknown sources.

Job phishingJob phishing is a scam that takes advantage of the unemployed or those looking to change jobs. Job scammers may send emails or create fake job listings that require applicants to provide personal information or pay fees upfront. Be wary of job offers that seem too good or ask for sensitive information before an interview.

Hackers often use password reset questions – Have you ever registered your username and password with a company for tech support or some swag? And then later, did you receive an email asking if you requested a password change, even though you didn’t? It was probably a hacker.

Cybercriminals can use your password reset questions to change your password and lock you out of your account. For instance, if you suddenly find yourself unable to access your Facebook account, you may have been hacked.

One way to prevent this is by providing nonsensical answers to security questions. Instead of providing accurate information, provide quirky responses that only you would know. The next time your account asks where you were born, You could say Butterfly.

SPAM BotsThey create bots –If they have exhausted their resources, hackers have one final tool to break your code. They can create a bot. A phishing bot is a program that automatically sends fake emails or messages to trick people into revealing personal information. The bot can try every possible combination of user ID and password. Modern computers can be very fast at guessing passwords. Here’s a breakdown:

  • Faster guesses for simpler passwords: Hackers can very quickly try millions of simple passwords (like “password123”).
  • Slower guesses for stronger passwords: More complex passwords with a mix of uppercase and lowercase letters, numbers, and symbols take much longer to crack.

rb-

The key is to make it as difficult as possible for hackers by using strong passwords. Even with powerful computers, a strong password can take years to crack.

 

Related article

 

Ralph Bach has been in IT for a while and has blogged from the Bach Seat about IT, careers, and anything else that has caught my attention since 2005. You can follow me on Facebook or Mastodon. Email the Bach Seat here.

Category: Uncategorized | Tags: , ,
| September 6, 2024
Comments Off on What You Could do with the NVIDIA Record Loss this Week?

What You Could do with the NVIDIA Record Loss this Week?

Artificial intelligence bellwether stock NVIDIA (NVDA) announced its 2025 Q2 fiscal results on Tuesday. America’s second-largest public company ended the quarter with $30.04 billion in revenue. However, shares dropped 9.5%, leading to a $278.9 billion reduction in the company’s value.

What You Could do with the NVIDIA Record loss this week?

Analysts attribute NVIDIA’s stock decline to its Q3 revenue guidance of $32.5 billion, below the Wall Street ‘whisper number’ of $33 billion to $34 billion.

NVIDIA’s $278.9 billion loss is the largest single-day loss by a U.S. company, surpassing Meta’s $237 billion loss in February 2022.

Unexpected NVIDIA Q3 guidance

The unexpected Q3 guidance miss triggered a sell-off, likely driven by NVIDIA’s AI chips in trading systems, causing the $278.9 billion decline.

RB-

Sure, I could write about an AI Hype Cycle, a rickety economy, or a DOJ investigation with a 50/50 chance of a convicted felon becoming President. But it seemed more fun to put this loss into perspective:

  • A stack of $100 bills totaling $1 million would be about 43 inches tall (just over 3.5 feet). To put the enormity of NVIDIA's loss into perspective
  • Stacking $278.9 billion in $100 bills would reach approximately 189 miles, the distance from New York City to Washington, D.C.
  • It would also fill the Empire State Building 25 times over.

Or I could:

  • Buy Pebble Beach golf course for $3.2 Billion,
  • All 32 teams in the National Hockey League. The NHL can be got for $41.9 Billion, as well,
  • All 32 National Football League franchises. The entire NFL is worth $162 Billion,
  • End Homelessness in the U.S.
  • And still have cash on hand.

 

Related article

 

Ralph Bach has been in IT for a while and has blogged from the Bach Seat about IT, careers, and anything else that has caught my attention since 2005. You can follow me on Facebook or Mastodon. Email the Bach Seat here.

Category: Uncategorized | Tags: , , , , ,
| September 2, 2024
Comments Off on Labor Day 2024: Honoring Technology Workers

Labor Day 2024: Honoring Technology Workers

Labor Day 2024: Honoring Technology WorkersIn addition to honoring blue-collar workers, Labor Day also recognizes the vital role of technology workers. Traditionally associated with blue-collar labor, this day also acknowledges the essential role of technology workers who drive innovation and progress in our modern world. This year let’s shine a light on the growing unionization movement within the tech sector.

The Evolution of Labor Day

Labor Day originated in the late 19th century, during the height of the industrial age. At that time, labor unions fought for fair wages, reasonable working hours, and safer working conditions. Today, the labor landscape has evolved significantly, with technology workers at the forefront of this transformation.

The role of technology workers

The role of technology workers is multifaceted. Technology workers include developers, IT specialists, data scientists, and cybersecurity experts. These professionals drive modern innovations, ensuring smooth system operations, secure data, and continuous technological advancements.

Innovation and Progress: Tech workers drive many modern innovations we take for granted today. From developing cutting-edge software to creating sophisticated algorithms, their work has revolutionized industries such as healthcare, finance, and entertainment.

Adapting to Change: In the face of rapid technological evolution, tech workers must continually acquire new skills. This relentless pace necessitates a dedication to lifelong learning and a zeal for staying at the forefront of change. There is a growing trend of technology workers resorting to unionization to meet these challenges.

Remote Work and Flexibility: COVID-19 sped up remote work. As a result, tech workers adapted quickly. Their ability to work from anywhere has set a precedent for other industries, highlighting the importance of flexibility in the modern workplace.

Tech workers face a variety of challenges in today’s rapidly evolving industry. Some of the key issues they encounter include…

  1. Overwork is caused by talent shortages in high-skill jobs.
  2. Time-consuming and demanding continuous learning and development to maintain their jobs.
  3. New challenges from the shift to remote work in maintaining productivity, collaboration, and work-life balance.

The rise of Labor Day in the tech sector

However, despite their significant contributions, technology workers face unique challenges. Unionization is becoming an increasingly important tool for addressing these issues.

Burnout and Work-Life Balance: Tech jobs can be demanding, leading to burnout. Unions can help by advocating for better conditions. Long hours, tight deadlines, and the pressure to constantly innovate can also damage mental and physical health. Unions can advocate for better working conditions, reasonable hours, and mental health support.

Diversity and Inclusion: The tech industry has made strides in promoting diversity and inclusion, but work still needs to be done. Unions can be crucial in ensuring that technology workers from diverse backgrounds have equal opportunities and are treated fairly.

Job Security and Automation: As technology advances, there is a growing concern about job security. Automation and artificial intelligence have the potential to replace certain roles, making it essential for technology workers to continuously upskill and stay relevant in the job market. Unions can help negotiate retraining programs and job security measures.

Notable unionization efforts

Tech workers are increasingly unionizing. For instance, workers at companies like Google, Kickstarter, and Glitch have formed unions. These efforts are often met with resistance from management, but they represent a critical shift in the industry.

Alphabet Workers Union: In 2021, Google employees formed the Alphabet Workers Union, which aims to address issues such as pay disparity, harassment, and ethical concerns.
Kickstarter Union: Kickstarter employees successfully unionized in 2020, becoming one of the first tech companies to do so. Their union focuses on issues like job security, diversity, and fair wages.
Glitch Union: Software engineers at Glitch made history by signing a collective bargaining agreement, highlighting the growing unionization trend among tech workers.

The future of tech on Labor Day

Looking ahead, the role of technology workers will only become more critical. Emerging fields such as artificial intelligence, quantum computing, and biotechnology will require skilled professionals to navigate complex challenges and drive progress.

Sustainable Technology: Tech workers will help develop sustainable solutions for climate change. Their work will be instrumental in building a greener future, from creating energy-efficient systems to advancing renewable energy technologies.

Ethical Considerations: With great power comes great responsibility. Technology workers must consider the ethical implications of their work, ensuring that advancements are used for the greater good and do not perpetuate harm or inequality.

Global Collaboration: The tech industry is inherently global, with professionals collaborating across borders to solve complex problems. This interconnectedness fosters a spirit of cooperation and innovation, driving progress on a global scale.

Conclusion

Therefore, as we celebrate Labor Day, it’s important to recognize the contributions of technology workers and support their efforts to unionize. As we celebrate Labor Day, it’s important to recognize the invaluable contributions of technology workers and the growing movement of unionization within the tech sector. Their dedication, innovation, and resilience have shaped the modern world and will continue to drive progress in the years to come. Let’s honor their efforts and support them in overcoming the challenges they face, ensuring a brighter future for all.

Happy Labor Day to all the technology workers out there! Your hard work and ingenuity are truly appreciated.

 

Related article

 

Ralph Bach has been in IT for a while and has blogged from the Bach Seat about IT, careers, and anything else that has caught my attention since 2005. You can follow me on Facebook or Mastodon. Email the Bach Seat here.

Category: Uncategorized | Tags: , , ,
| August 22, 2024
Comments Off on Ultimate Guide to Eco-Friendly PC Disposal: Safe & Sustainable Solution

Ultimate Guide to Eco-Friendly PC Disposal: Safe & Sustainable Solution

PC Disposal: Safe & Eco-Friendly GuideIn 2023, around 68.3 million tons of old or unwanted gadgets, which include PCs, were thrown out.  The United States generated approximately 11.9 million tons of e-waste in 2022.  This figure places the US as the second-largest global generator of e-waste.  The United Nations estimates that less than 17.4% of these unwanted gadgets are recycled as e-waste.  Unfortunately, a staggering 83% of e-waste ends up in landfills.  In these landfills, discarded gadgets leach toxins into the Earth.  You can help stop this by practicing proper PC disposal.

E-Waste

This improper disposal of e-waste resulted in the leaching of flame retardants, PFAS, and heavy metals into the soil and groundwater.  Some of the most hazardous chemicals found in PCs include:

  • Mercury: Exposure can harm the nervous system, kidneys, and brain.  It can also cause developmental issues in children and affect adults’ cognitive abilities.
  • Some of the most hazardous chemicals found in PCsLead: Lead poisoning can result in anemia, kidney damage, and developmental delays in children.  It affects both the nervous system and cardiovascular health.
  • Lithium: High levels of lithium can cause nausea, tremors, and kidney damage.
  • Barium: Exposure to barium can lead to gastrointestinal issues, muscle weakness, and heart problems.
  • PFAS (per- and polyfluoroalkyl substances) are also present in PCs (PDF).  Their potential health effects include increased cholesterol levels, suppressed immune response, and risks of kidney and testicular cancer.

Proper PC disposal and your other end-of-life devices is critical to prevent the toxins in e-waste from contaminating the Earth.  Preparing for proper PC decommissioning involves several steps to ensure your personal data is safely removed and the device is prepared for its next phase, whether reuse, recycling, or disposal.  Here are the steps to follow when decommissioning a PC.

Your first step in PC disposal should be to back up all important documentsBack up your files

Your first step in PC disposal should be to back up all important documents, photos, videos, and other files saved on your computer.  You can use a USB stick, an external hard drive, or a cloud-based file-syncing service like Google Drive or iCloud.  Remember, it’s always better to back up too much information than too little

Transfer Software

You bought the software on your PC.  Ensure you have the install key to transfer any licensed software to the new computer.  Some applications offer a deactivation feature that allows you to transfer the license to a different PC.

If you’re giving your computer away, also make sure that you’ve signed out of iTunes, iCloud, and iMessage—there’s a chance your Apple ID data will remain on the drive after you reset it, and you don’t want anyone to gain access to your account.

When you wipe your hard drive it renders a computer completely free of personal information.Wipe your hard drive

After you back up the necessary files, you want to wipe the drive.  When you wipe your hard drive, it renders a computer completely free of personal information.  This is irreversible and will essentially make your computer a “blank slate,” so make sure you’re done with your computer before doing this.  Some tools to wipe your hard drive:

  • Darik’s Boot & Nuke is open-source and free.  It is probably the most popular program of this type.  However, it has not been updated since 2015.
  • KillDisk comes in two flavors: Free and Professional.  The free version only has one way to delete the data on a hard drive, but it’s still good enough for a decent hard drive wipe.
  • Apple includes Disk Utility in MacOS, which can wipe Apple’s hard drives.

Clean your PC

The last step in PC disposal is to remove any markings, asset tags, sticky notes, etc.  Next, use a lint-free cloth slightly dampened with soap and water or 70% rubbing alcohol or alcohol-based disinfectant spray to wipe down your device.  Avoid aerosol sprays and cleaning solutions that contain bleach or abrasives, and keep liquids and moisture away from any openings on the device.

CD and DVD Destruction

CDs and DVDs containing personal information should be physically destroyedCDs and DVDs containing personal information should be physically destroyed when no longer needed.  More giant paper shredders or specialized CD/DVD destruction hardware can accomplish this.  Document management firms like Shred-it offer optical disk destruction services.

rb-

There’s no “right way” to eliminate an old computer.  PC disposal options include re-purposing it for another use, selling or giving it away, or environmentally safe recycling.  Consider organizations like Computer Aid International, which refurbishes PCs and other digital devices to bridge the digital divide worldwide.  They even use solar power in areas with unreliable electricity, benefiting over 14.5 million people in 115 countries

 

Related article

 

Ralph Bach has been in IT for a while and has blogged from the Bach Seat about IT, careers, and anything else that has caught my attention since 2005.  You can follow me on Facebook or Mastodon.  Email the Bach Seat here.

Category: Uncategorized | Tags: , , , , , , , ,
| August 16, 2024
Comments Off on Protecting Your Email: How to Stay Safe

Protecting Your Email: How to Stay Safe

Protecting Your Email: How to Stay SafeNow is a good time to take steps to protect your email address.  The recent RockYou2024 data leak released 10 billion passwords, which are another part of your email.  Your email address can provide the bad guys with enough information to cause significant harm to your credit score, banking account, or career.

Is it Safe to Give Out Your Email Address?

WIs it Safe to Give Out Your Email Address?hile keeping your email address completely secret is nearly impossible, you must be cautious about who you share it with.  Only share your email address with trusted friends and business partners.  Create an email alias for general everyday browsing and shopping.  It will reduce junk mail and phishing risks.  You can create an email alias at:

What can they do with your Email address?

Our email inboxes contain a treasure trove of personal information that the bad guys can exploit.  With your email address, hackers can execute phishing attacks to obtain your login credentials, financial information, and contacts.  Here are some ways the bad guys can exploit your email address.

  1. Spoof Your Email Address: Hackers can spoof your email address to deceive others.  They create counterfeit sender addresses resembling yours to send fraudulent messages.
  2. Find Personal Information: A simple online search using your email address can reveal personal details like your name, friends, and workplace.
  3. Send Emails to Your Contacts: If hackers gain access to your email account, they can use it to send fraudulent emails to everyone in your contact list.
  4. Email virusesAccess Your Online Accounts: Logging into your email account allows hackers to access other online accounts linked to that email address.
  5. Steal Financial Information: Once hackers access your email, they can use phishing tactics to obtain your financial information.
  6. Blackmail You: Hackers can obtain your email address and password to access personal and potentially embarrassing information.
  7. Steal Your Identity: Hackers could potentially steal your identity if they access your email account and obtain personal documents like bank statements or tax records.

Steps to Stay Safe from Hackers

To protect your email address, minimize sharing it and consider the following:

  • Creating separate accounts for different purposes.  At the very least, individual email addresses should be provided for work and home.
  • Use strong, unique passwords.  For optimal security, strong, unique passwords are complex combinations of letters, numbers, and symbols that are long, not easily guessed, and not reused across multiple accounts.
  • A password manager can securely store passwords with strong encryption, two-factor authentication, and automatic lockout after inactivity.
  • Enable two-factor authentication for enhanced security.  Two-factor authentication is a security method requiring multiple credentials to verify identity.

If you have been hacked

Change your passwords immediately if you suspect unauthorized access to your email account.  Next, inform your contacts and monitor for signs of identity theft.  Another step is to freeze your credit at the credit bureaus.  When you place a security freeze, creditors cannot access your credit report.  This will keep them from approving any new credit account in your name, whether fraudulent or legitimate.  The big three credit bureaus are:

Last but not least, make sure your devices are protected against malware.

Related article

 

Ralph Bach has been in IT for a while and has blogged from the Bach Seat about IT, careers, and anything else that has caught my attention since 2005.  You can follow me on Facebook or Mastodon.  Email the Bach Seat here.

Category: Uncategorized | Tags: , , ,
« Older Entries   Recent Entries »