Last night, on the Tumblr staff blog, Derek Gottfrid, the company’s vice president of product, posted an “important security update for iPhone/iPad users.” He instructed them to download a new version of the Tumblr app, and, more alarmingly, to “update your password on Tumblr and anywhere else you may have been using the same password.” At the end of the post, Gottfrid added an assurance: “Please know that we take your security very seriously and are tremendously sorry for this lapse and inconvenience.”
The problem, reported by The Register and only vaguely alluded to in Tumblr’s post, was that some versions of its app for the iPhone and iPad insecurely transmitted user log-ins in plain text—as this screenshot shows—allowing them to be potentially captured in transit by anyone else on the same Wi-Fi network. If you used the Tumblr iOS app on the open Wi-Fi network in Bryant Park, or at Starbucks, a savvy person sitting nearby could have picked up your password.
This is a very basic, and very stupid, mistake. Practically every other app on your phone that transmits log-in data made by a big tech company—Facebook, Gmail, Twitter, Dropbox—does so securely. Fortunately, Tumblr’s oversight seems unlikely to have caused much, if any, real harm: while users’ passwords were certainly exposed, and their account information certainly at risk, the chances of a password having been stolen, at an individual level, is relatively small, given that it still required someone to be sniffing around a Wi-Fi network at precisely the right time. (It is still a good idea for users of Tumblr’s app to change their passwords, just in case.)
The incident is a useful reminder, however, that if one of your passwords—and you should have many—hasn’t already been stolen, one will be. It doesn’t matter how long it is, or how closely it resembles an indecipherable alien language; someone who is not you will eventually obtain it, and there is nothing you can do about it. Some company that you exchange information with is going to reveal your password to someone else. Twitter dropped two hundred and fifty thousand passwords in February; Evernote saw fifty million accounts compromised in March; more than fifty million accounts were compromised at LivingSocial in April; and email addresses and passwords were stolen from the gaming publisher Ubisoft earlier this month.
Part of the dilemma is that we now have dozens or maybe hundreds of accounts littered across the Web, with our usernames and passwords acting as our fingerprints. But the bigger issue is that the password is a deeply flawed mechanism to begin with, even as it remains the foundation for how we do countless things online. Which is why one of the worst things anyone can do is to use the same password everywhere: it will be taken from somewhere, and then it will grant bad people access to anywhere. Every additional account, particularly if they all share the same password, increases one’s vulnerability.
The following advice is fairly rote by now, but it does not make it less true: the inevitability of having a password stolen makes a password manager like LastPass or 1Password a non-optional piece of software. It allows users to have innumerable passwords, all completely different, all virtually indecipherable. Even if the password for an account is stolen from a company’s servers, it means the thief probably won’t crack the others. And, with a password manager, changing passwords becomes trivial. It can be mildly annoying to live with, since you’ll likely no longer know any of your passwords, except for the master one that unlocks the manager, but it is less annoying than having your digital life turned inside out. (Though, like vaccines, password managers are not completely foolproof solutions.)
Additionally, a security feature offered by a growing number of companies, including Google, Facebook, and Twitter, offers another measure of protection that every user should take advantage of: two-factor authentication, in which a user trying to log in to his account from a new device needs a second, additional code, often transmitted to his phone via text message or app. To gain access, a thief would need to steal both your password and access to the second code.
As Mat Honan reported for Wired, the near future for information security—already applied in varying ways by Google and Facebook—will be some form of multiple-factor authentication, the use of several pieces of information to verify that a person really is whoever he or she claims to be. But, even then, not every company will take security as seriously as Google and Facebook. The safest policy is ultimately the most paranoid: trust each company that possesses your information as little as possible. Then, act accordingly.
Original Article
Source: newyorker.com
Author: Matt Buchanan
The problem, reported by The Register and only vaguely alluded to in Tumblr’s post, was that some versions of its app for the iPhone and iPad insecurely transmitted user log-ins in plain text—as this screenshot shows—allowing them to be potentially captured in transit by anyone else on the same Wi-Fi network. If you used the Tumblr iOS app on the open Wi-Fi network in Bryant Park, or at Starbucks, a savvy person sitting nearby could have picked up your password.
This is a very basic, and very stupid, mistake. Practically every other app on your phone that transmits log-in data made by a big tech company—Facebook, Gmail, Twitter, Dropbox—does so securely. Fortunately, Tumblr’s oversight seems unlikely to have caused much, if any, real harm: while users’ passwords were certainly exposed, and their account information certainly at risk, the chances of a password having been stolen, at an individual level, is relatively small, given that it still required someone to be sniffing around a Wi-Fi network at precisely the right time. (It is still a good idea for users of Tumblr’s app to change their passwords, just in case.)
The incident is a useful reminder, however, that if one of your passwords—and you should have many—hasn’t already been stolen, one will be. It doesn’t matter how long it is, or how closely it resembles an indecipherable alien language; someone who is not you will eventually obtain it, and there is nothing you can do about it. Some company that you exchange information with is going to reveal your password to someone else. Twitter dropped two hundred and fifty thousand passwords in February; Evernote saw fifty million accounts compromised in March; more than fifty million accounts were compromised at LivingSocial in April; and email addresses and passwords were stolen from the gaming publisher Ubisoft earlier this month.
Part of the dilemma is that we now have dozens or maybe hundreds of accounts littered across the Web, with our usernames and passwords acting as our fingerprints. But the bigger issue is that the password is a deeply flawed mechanism to begin with, even as it remains the foundation for how we do countless things online. Which is why one of the worst things anyone can do is to use the same password everywhere: it will be taken from somewhere, and then it will grant bad people access to anywhere. Every additional account, particularly if they all share the same password, increases one’s vulnerability.
The following advice is fairly rote by now, but it does not make it less true: the inevitability of having a password stolen makes a password manager like LastPass or 1Password a non-optional piece of software. It allows users to have innumerable passwords, all completely different, all virtually indecipherable. Even if the password for an account is stolen from a company’s servers, it means the thief probably won’t crack the others. And, with a password manager, changing passwords becomes trivial. It can be mildly annoying to live with, since you’ll likely no longer know any of your passwords, except for the master one that unlocks the manager, but it is less annoying than having your digital life turned inside out. (Though, like vaccines, password managers are not completely foolproof solutions.)
Additionally, a security feature offered by a growing number of companies, including Google, Facebook, and Twitter, offers another measure of protection that every user should take advantage of: two-factor authentication, in which a user trying to log in to his account from a new device needs a second, additional code, often transmitted to his phone via text message or app. To gain access, a thief would need to steal both your password and access to the second code.
As Mat Honan reported for Wired, the near future for information security—already applied in varying ways by Google and Facebook—will be some form of multiple-factor authentication, the use of several pieces of information to verify that a person really is whoever he or she claims to be. But, even then, not every company will take security as seriously as Google and Facebook. The safest policy is ultimately the most paranoid: trust each company that possesses your information as little as possible. Then, act accordingly.
Original Article
Source: newyorker.com
Author: Matt Buchanan
No comments:
Post a Comment