How To Disable Automatic Login In Linux Mint 13?

Posted on August 17, 2012 by Vinh Nguyen

Linux Mint (Photo credit: Wikipedia)

Sometimes, conveniency is the problem. So, the question is how do I disable automatic login for Linux Mint 13? When I tried to disable automatic login for Linux Mint 13 through graphical user interface and it failed to do just that. I scratched my head. Looked around the web and some Linux users suggested that I could totally edit the mdm.conf file. This was what I did and it worked. Here is how:

Open up a terminal
Do [sudo -i] and type in your sudo password (i.e., a user who has the authorization to become administrator through sudo command). By the way, do not use the square brackets in your command line as they’re there for clarity only.
Type in the command [cp -p -a /etc/mdm/mdm.conf /etc/mdm/mdm.conf-old]. What this command does is to create a copy of the file you about to edit. By doing this, you can recover the file when you completely mess up the original file. It’s a security measure that all Linux users should practice when editing an important file.
Type in the command [vim.tiny /etc/mdm/mdm.conf].
Hit letter [i] on the keyboard to enter editing mode.
Find the line which says AutomaticLoginEnable=true, and change the true part to false. It should look like this AutomaticLoginEnable=false. Make sure you know how to use vim.tiny OK? If not, try to edit the mdm.conf file with nano editor instead.
Also, find the line which says TimedLoginEnable=true, and change the true part to false. It should look like this afterward, TimedLoginEnable=false.
As you’re using vim.tiny editor, to save the new change of mdm.conf file, you must hit [Esc] key first, type in a colon second (i.e., [:]), type in [wq] right after the colon, and then hit enter key to save and exit the mdm.conf file. It should look like this [:wq].
Type [exit] and hit enter key in the terminal to exit root.
Type [exit] and hit the enter key again to exit the terminal altogether.

DNSCrypt, crypt your DNS request (linuxaria.com)
How to Disable Ubuntu’s Guest Session Account (howtogeek.com)
How to disable automatic log-in via the command line in OS X (reviews.cnet.com)
Install Mate 1.4 in Ubuntu 12.04, LinuxMint13 and Debian (unixmen.com)
Getting started with OpenStack on Fedora 17 (fedoraproject.org)
PostgreSQL – Local Connections as postgres | Knowledge Center | Rackspace Hosting (rackspace.com)
3 Shell Information Tools for Linux (linuxaria.com)
Desktop Linux (economist.com)
Linux Mint 13 “Maya”: A Very Stable Release With Long-Term Support (makeuseof.com)
8 Ways to Tweak and Configure Sudo on Ubuntu (howtogeek.com)

Forgot Your Mac OS X Lion Administrator Password? This Video Shows You How To Reset It Without The Need For Recovery Disk Or Partition.

Posted on May 21, 2012 by Vinh Nguyen

A Master padlock with “r00t” as password. Español: Un candado marca Master con “r00t” como contraseña. (Photo credit: Wikipedia)

I think I had written about how you could just boot a Mac into a single user mode to basically reset a password for any user, and by this I really mean any user (i.e., even for an administrator account). You probably would say “OK genius, I can just do that with booting into Mac the normal way, right?” If you remember an administrator password or a user password, then it should not be a problem for you to just boot into Mac normally and change the password. Nonetheless, in this case, I’m talking about a situation when you forget an administrator password specifically, therefore you can’t really use an administrator account to change a normal user password if you also forget the password for a normal user too. Also, when you don’t remember your administrator password, you can’t really update your Mac OS X to a newer version and do more with your administrator account. Unlike before of how I had written only of how to reset an administrator password or any user password on a Mac, this time around I made a video so you can follow my video step by step to reset a password for an administrator account on a Mac. So enjoy the video right after the break!

Security (wiki.archlinux.org)
The Practical Ways to Unlock Windows Vista Password (daniweb.com)
Yet Another Way You Shouldn’t Implement Password Recovery (codingkilledthecat.wordpress.com)
Don’t let your AIX passwords expire (ibm.com)
How to set up and use BlackBerry Password Keeper (helpblog.blackberry.com)
Forgot the administrator pswd of the active directory .help (daniweb.com)
Getting Locked Out of Your Android Phone (mycricket.com)
Recover the lost administrators password in Windows XP (s0ftit.wordpress.com)
Mac OS X leaking passwords of FileVault users (h-online.com)
How to reset MySQL ‘root’ password (Linux O.S) (gettechgo.wordpress.com)
Mac OS X log-in passwords are said to be at risk (theinformativereport.com)
Bug in Mac OS X 10.7.3 exposes passwords in plain text (9to5mac.com)
Security error in OS X 10.7.3 exposes passwords for legacy FileVault users (macworld.com)
Security error in OS X 10.7.3 exposes passwords for legacy FileVault users (networkworld.com)

Can Social Network Aid Hackers? Can Social Network Also Work Against Hackers?

Posted on May 4, 2012 by Vinh Nguyen

Social Network – Copertina (Photo credit: marcomassarotto)

Whether social network phenomenon will stay or fade away in the next ten years, nobody knows, but we do know that social network phenomenon will allow hackers to get to know their victims way easier and better than before. If one is not too careful about keeping secrets off of a social network, then such secrets have to be revealed, right? It does make sense! Especially, the web (e.g., social network, blog) is never a good place to keep secrets away from the world. Even worse, I don’t think hackers need to know your secrets to be able to hack you and more, because sometimes they can analyze your other freely available social network information and might come up with a hacking strategy that might just work against you beautifully. Sometimes, the victims aid the hackers tremendously by making unbelievable weak passwords, and such passwords might be the names of their dogs or cats or whatever that the hackers can peruse through a social network profile. In a sense, it’s a no brainer for hackers to check out social network profiles of their targets for easy luck, because it might be one of the quickest ways to figure out somebody really quick. What worse is that if a social network user is too careless about keeping confidential information of their workplace off of a social network, one might expect hackers will love that. In my opinion, it is easy to expect that some people out there will be too careless and reveal something that they should not reveal about a company that they work for while using a social network. This might be why some big corporations prefer their employees not to be too entrenched within a social network. After all, a social network can be a place where hackers can conduct their social engineering skill. Even the hackers themselves might be fooled by others in a social network, because social engineering does work beautifully against just about anybody who is not too careful. For an example, a lonely hacker might give away their important information such as real name easily to someone who has a sexy picture on his or her social network profile. In sum, I think social network web services have been and will always be teeming with hackers and victims.

Facebook buys retro sign from a true Hacker (mercurynews.com)
Can Somebody Form A Company Through Social Networking Only? (essayboard.com)
Five Easy Steps Detailing What You Must Do If Your FB Account Is Compromised (pharopromotions.wordpress.com)
why bother with new networks – social networks built on social networks? (ceoworld.biz)
The Social Networking Rub (socialmediaexplorer.com)
Facebook’s Hacker Square gets sign from man called ‘Hack’ (mercurynews.com)
Hacker Mitnick may sue AT&T over data breach (news.cnet.com)
Hackers have new resorted to new tactics to get victims (theinformativereport.com)
Is It OK For Social Network Users To Be Forced Into Revealing Their Private Profiles? (essayboard.com)
My NEW 24 letters password (sukalp.wordpress.com)
How to Change a Hotmail Password (tech-faq.com)
Hoax: IMPORTANT NOTICE FOR ALL !!!!!!!!!!!! Watch out for your wall! (zdnet.com)
Facebook hacker comes clean – Computerworld (247infotech.wordpress.com)
Keep Hackers Away (socialwebanalyst.com)
How To Avoid Getting Hacked on Twitter (techburgh.com)
Are you guilty of using ridiculously bad passwords? (bpwebnews.com)
The Dangers of Asking for Social Network Passwords (circleid.com)
SNOPA is a piece of legislation we can all get behind (technologytell.com)
The Rise Of The Visual Social Networks (viralblog.com)
Celebrities You Should Like on Facebook (popsugar.com)
Consumer Reports Roundtable: Who’s To Blame For Rising Privacy Problems on Social Networks? (socialtimes.com)
Which social networks should I use? (fanfaresocialmedia.wordpress.com)
Are we selling our souls to social networks? (newscientist.com)
Pros and Cons of Social Networking for Designers (skyje.com)
Best Practices for Social Networks: Don’t Recycle, Reboot (v3im.com)

What About Symantec’s Identity Safe App On Mac?

Posted on April 25, 2012 by Vinh Nguyen

Web browser (Photo credit: Wikipedia)

Mac users who use Norton Internet Security for Mac do not have the feature where they can save passwords securely so the passwords can later be autofilled into various web destinations that they frequently visit. Windows users who use Norton Internet Security do have this feature! Just recently, I’ve found out Symantec provides free Identity Safe app in Mac App Store, and so now Mac users have the option of using this app to save and retrieve their passwords with less hassle than before.

Unfortunately, Identity Safe app seems to be pretty crude! What I mean by this is that I think it only works with Safari web browser. I can’t really use it with Chrome and Firefox web browser. For an example, once installed the app, added a web destination with its proper credential, clicked on the app icon at the very top of the screen, clicked on the web destination under recent logins list, and a web destination would open in Safari web browser automatically with proper credential filled in (i.e., password and username). Of course, Identity Safe users can click on View All Logins within the Identity Safe app to view username and password for a specific web destination, and by doing this Identity Safe users can manually copy and paste the credential into a web destination with browsers that are not supported by Identity Safe app. This is a hassle of course!

Although I haven’t yet tried the import of logins for Safari, I’ve noticed a lot of app reviewers have complained that this app isn’t allowing to batch importing logins (i.e., can only import each login one by one as one has to approve the import for each login). If this is true, then the whole purpose of importing logins from Safari can be rather self-defeating since it will be so cumbersome to actually import hundreds of logins one by one. So, this is another hassle for using Identity Safe app.

Even though Symantec’s Identity Safe isn’t yet polished to my liking, I still think it does serve a purpose of safekeeping logins securely. Nonetheless, you have to trust Symantec in order for you to trust and use Identity Safe app. In my case, I do trust Symantec, therefore I don’t mind using this app. In my opinion though, there might be many other password/login apps that may provide better features in safekeeping one’s logins than Identity Safe app. Honestly though, if one doesn’t yet have a good app which helps securing logins on Mac, then I don’t see why one should not use Identity Safe app on Mac since it’s a free logins protection app from a trustworthy security company Symantec.

Norton’s Free Identity Safe Remembers All Your Passwords So You Don’t Have To (cultofmac.com)
Norton Identity Safe Beta, PC And Mobile Password Manager (ghacks.net)
Norton Identity Safe by Symantec Offers Secure Password Management in the Cloud & Mobile (vikitech.com)
Symantec’s Norton Identity Beta Offers Painless Password Management on Desktops and Mobile Devices [Downloads] (lifehacker.com)
Apple May Add Secure Password Suggestions to Safari with OS X Mountain Lion (macrumors.com)
Windows Login system (daniweb.com)
Spring Clean Your Digital Life (makingtimeformommy.com)
Symantec Launches Norton Identity Safe Beta [News] (makeuseof.com)
Dashlane, A New Password Manager For Windows and Mac (ghacks.net)
Current status of the “Browser Wars” (royal.pingdom.com)
Tech Tidbit: MacOS Keychain (thefamilyhelpdesk.com)
Security (wiki.archlinux.org)
Onion Browser brings encrypted mobile browsing to iOS (geek.com)
Symantec launches Norton Identity Safe in beta (geek.com)
Recover the lost administrators password in Windows XP (s0ftit.wordpress.com)
10 Tips To Make Your MAC More Secure Against Viruses And Trojans (thetechnologycafe.com)
RoboForm password manager for iPhone faces hurdles (download.cnet.com)
Safari autofill exploit exposed again (download.cnet.com)
Norton 2012 extends Insight to downloads (download.cnet.com)
Norton gets personal with One (download.cnet.com)
Norton One — the brand new product from Symantec (webdev360.com)
Symantec Releases Beta of Norton Identity (beast4romtheeast.wordpress.com)
LHDNM And Symantec Offer Best Practices On E-Filing and M-Filing (it-sideways.com)
Norton and Facebook Partner to Make the Web Safer (prnewswire.com)

Windows 8’s Newest Feature Yet, Picture Password

Posted on December 17, 2011 by Vinh Nguyen

Image via Wikipedia

Windows 8‘s newest feature yet that Windows 7 and other major operating systems won’t have is to allow users to sign into their accounts with picture password. Before you say, “Hey, that doesn’t seem to be that secure,” it turns out Microsoft is coupling touch gestures with picture password so it won’t be too easy as in just selecting the correct picture password. If I’m not straying too far from facts, then each user should be able to log in faster with picture password by gesturing with at least three different touch gestures on a specific picture password.

Administrators can turn off the picture password feature if they favor text password feature. To prevent hackers from illegally attaining easy remote login, Windows 8 automatically disables picture password for remote login. It makes sense, users should be able to have a way to log in to their accounts faster and less problematic but still be considered as secure as usual, and so Microsoft’s answer is picture password for local network only.

I’m hoping Microsoft would add one more layer of security such as simple pin number or face recognition or voice recognition just to make logging into one’s account would be even more secure. Of course, face and voice recognitions aren’t hard to hack, because hackers could always photo someone’s face and record someone’s voice to bypass face and voice password recognitions. This is why I think such additional password recognition measures are good only if these are coupling with each other in layers. This way hackers must attain more than one things to bypass the layers of authentication.

I think it’s a good thing if users don’t have to remember long text passwords, because they might write down long passwords and leave such passwords in obvious places that anyone could have access to their passwords, consequently defeating the whole purpose of strong passwords. I think Windows 8’s picture password feature might not be adequate in protecting users’ logins even though Windows 8 is coupling picture with touch gestures to create stronger picture password. This is why I emphasize that picture password and touch gesture combination as an authentication method for Windows 8’s new password feature might need one or more layers of authentication such as face recognition. As long the additional layers of authentication are accurate and fast to execute, I don’t see there will be a problem of allowing users to log into their accounts fast, safe, and easy.

Source: http://www.ghacks.net/2011/12/17/windows-8-to-support-picture-passwords/

cPanel forums have been hacked (brizoma.wordpress.com)
Microsoft details Windows 8′s new picture password feature (winrumors.com)
Windows 8 Tackles Password Fatigue With Pictures (mashable.com)
Windows 8 To Have Sweet Password Management (gizmodo.com.au)
Microsoft details Windows 8 picture passwords (slashgear.com)
Windows 8 Is Going to Have Some Super Sweet Password Management Features [Windows 8] (gizmodo.com)
Three Important Ways Windows 8 Provides Password Protection (pcworld.com)
Windows 8 aiming to take the pain out of managing passwords (news.cnet.com)
Windows 8 aims to take pain out of managing passwords (news.cnet.com)
Microsoft details its plans for identity protection on Windows 8 (liveside.net)
Microsoft goes in-depth on Windows 8’s picture passwords (electronista.com)
Password Security Is Broken (q-ontech.blogspot.com)
Dear User: Your Password Stinks, Love IT (biztechmagazine.com)
How To Use A Picture Password Or Pin As Your Windows Password (ghacks.net)
How to Create a Picture Password in Windows 8 (munirshahzad1971.wordpress.com)
LastPass Password Manager Now With Google Authenticator Support (ghacks.net)
Lumia Voice Recognition Good Enough for Texting (insideview.ie)
Six guidelines for registration and login usability (marketing.yell.com)
Password Improvements Coming To Windows 8 (ghacks.net)
Microsoft reveals its own password store for Windows 8 (winrumors.com)

Lion Played With Forever Spinning Beach Ball, The Beast Would Not Let Me Log In!

Posted on November 1, 2011 by Vinh Nguyen

Sigh, every time Mac OS X Lion roared, I cringed! The lion roared so much that I had brought the beast to the Genius Bar‘s beast masters, hoping the beast masters would tame the beast so I could get a good night’s sleep. I got the beast back, and it was a bliss for a short while. I was able to have good night’s sleep, knowing the lion would only roar happily with me in good times and not at me.

Unfortunately, as if the lion had forgot all about the beast masters, the lion went on roaring just two days after I had brought the beast back. This time the beast roared at me in manners that I could not know what to make of and why. At least, before I could understand the lion roared for the beast had bad logic (i.e., logic board). I thought the beast masters of Genius Bar had already got rid of such a disease for my lion and got it back to be a peace, loving, domesticable animal. Nope, I was very wrong, because this time the beast had none of me. The beast roared at me for hours if I had let the beast be.

I wasn’t much of a beast master! I had to shut the lion with hard kicks. Off the beast went into comas and out again just to roar at me in very strange manners. The beast rather played beach ball, roared at me in mocking ways, and prevented me to have a sensible conversation with the beast. Sometimes, I wished I’m a beast whisperer, so I could mold the beast to my will to which even the beast masters would have been jealous.

Sadly to say, I had to cripple the lion on purpose so the beast would be sensible again. Sure, it was cruel of me, but it was a necessary evil! I would not allow the lion to keep guard of the intruders, because a dog would have done a better job (i.e., no more FileVault 2). I would not allow the lion to play with toys that eventually would excite the beast to roar at me and not with me (e.g., not allowing lion to resume applications on startup or right after a restart, not allowing lion to switch graphic modes automatically such as from integrated to discrete mode). Hell, I couldn’t even trust the lion that it would not play with spinning beach ball when it was time to stop playing and let work (i.e., not allowing login screen to come up whenever the Lion goes to sleep).

It was painful to me to know that I had to be awful to my lion in ways that I had described above, but I got my bliss. It was more important to be bliss than not! So, if your lion needed to be straightened out, you could try to be rude to the beast!

For who doesn’t give a darn about little details of hating and loving between lion and myself, then here is the juicy part only! My mid 2010 MacBook Pro was replaced with a newer logic board by Apple after I brought it to Genius Bar at one of those Apple Stores. The machine came back and worked normally for two days, but then I found out I could not log into my machine and was presented with a forever spinning beach ball at the login screen. The mouse pointer worked as I could move it around using the trackpad, but that was about it. The spinning beach ball would keep on spinning, and I could forever wait to be logged into my account even though I had entered the right password.

Hard booting was how I’d tamed Lion temporary. Of course, performing a hard boot each time it happened wasn’t the answer. Luckily I was able to make my machine to run OK by crippling Mac OS X Lion’s full potential! By not allowing Lion to turn on a login screen and demand for password, I was able to get rid of that spinning beach ball. Now, I could just wake the machine up and use it normally, sacrificing the security aspect of a login screen — knowing anybody could just wake my machine up and use it without my knowledge.

What worse was that I could not use FileVault 2, because if I had done so the login screen would be back. FileVault 2 requires users to login no matter what to unlock the encrypted hard drive. This was why I had to turn off FileVault 2. I so wish I could use FileVault 2 so I could just turn off my machine to protect my data, because somebody had to know the password to unlock FileVault 2 to get to my data. FileVault 2 could protect my data from single mode user boot up method which could be done to become root at will and siphon the data away.

To ensure everything would work normally, now I would just run Lion in discrete mode which used NVIDIA graphic card only. Before Lion, Snow Leopard could just switch between Intel and NVIDIA cards without a single hitch. Crossing my fingers and hoping I would not have to visit Genius Bar again any time soon.