Facebook Fails To Protect 600,000 Accounts Each Day?

According to redtape.msnbc.msn.com, about 600,000 Facebook accounts could be compromised each day.  It’s a huge number in anyway you look at.  Each day bring anew the possibility of more people’s Facebook accounts are going to be compromised, and these people will have to worry about what the hackers will do to their lives.

Digital life is no longer isolated in the digital world!  In fact, digital life can be pretty much effective in enhancing one’s real life or vice versa.  Imagine if someone has your Facebook account credential and is able to log into your Facebook to change strict privacy settings to everyone can see settings for personal information, it can be quite embarrassing and at times troubling.

Here is a worse imaginative situation, what if someone pretends to be you using your Facebook credential to post child pornography?  Will the police and other bodies of authorities go after you or the true culprit?  As you can see, it’s quite scary indeed!

This is why I think it’s so important for people like us to be paranoid about our computer security at all times.  Do not let your guard down for one moment!  So, in regarding to securing your Facebook credential, it’s not stopping just at tightening up your Facebook’s privacy settings and changing weak password to strong one, but it’s more of the whole nine yards.

The whole nine yards?  It’s more of making sure the computer you are on is free of Trojans and malware and viruses and rootkits.  It’s more of making sure the computer network you are on is secure and requiring known users to enter latest and strongest encrypted/algorithmic passphrase before they can use the network.  It’s more of making sure securing one’s email accounts with strongest passwords so hackers cannot easily obtain the email accounts’ credentials, otherwise hackers can use these email accounts to reset passwords for your other important online accounts.  It’s more of making sure keeping your many passwords safe and secure, and it’s best to encrypt your passwords and store encrypted passwords in encrypted hard drives — you don’t have to lose passwords and yet prevent hackers from easily obtaining these passwords.  It’s more of making sure not to download strange software and communicate with strange people and open up strange emails and click on strange links in emails and click on strange links in instant messengers and so on.  Oh my, it’s more of a lot more, but I think you get the gist!

Anyhow, Facebook users best to change password at least once a month, and make sure password is strong enough to beat dictionary brute force cracking password method and memorable/unique enough so you don’t have to forget it.  It’s hard to create such password, but it’s worth it in the end!  Once log into Facebook, make sure change the privacy settings to stricter settings.  Don’t forget to remove applications that you are not trusting from having permission to interact with your Facebook account.  An example would be do not allow strangers to view your mobile numbers.

If you have a Facebook account, you must maintain it.  Even if you do not maintain it, you still have to make sure you visit it once a month at the least.  This way you can be sure your Facebook account is alright and isn’t doing something malicious without your knowledge.

OK, let me backtrack a bit, don’t try to install unknown antivirus software and computer security software, because these software might be malware themselves.  It’s best to use well known computer security software such as Norton of Symantec.  I’m sure there are other great computer security software out there, but I don’t have them at the top of my head at the moment, and so you have to do some research!

Let end this post by me saying more of the same, if you know how to make it super hard for hackers to hack your Facebook account, then you’re halfway success in preventing hackers from hacking many other accounts of yours, assuming you’re as devoted to securing other accounts the same way you have with your Facebook account.  Why halfway?  The other half is rest on the shoulders of the web service providers and various factors that are outside of your control.  If the web service providers lack in security measures, hackers don’t have to hack you but they can just hack the web service providers directly and obtain your credentials along with every other user who uses the same web service providers.

Mac OS X Lion’s Bug Allows Hackers To Change Administrators’ Passwords

Whoever owns a Mac should read this article “Mac OS X Lion flaw allows unauthorized password changes.”  I’ve known for a long time that as long you have a physical access to Mac, you can boot into single user mode by doing a reboot and then holding down the command key + s combination, consequently allowing you or someone else who doesn’t need to know your password to become root at will.  As root, you or someone can definitely change any user’s password, including the administrator’s password.  Now, the flaw that the article I’d mentioned of provides an additional security flaw for Macs.

To mitigate the flaw that the article had mentioned of for Mac OS X Lion, Mac users should not create an account for strangers or allow guest account to be active, or the flaw will allow hackers to change administrator’s password at will.  In addition to that, Mac users should not visit unsafe websites for now, because hackers can trick Mac users to download exploits that will exploit password change flaw — allowing hackers to change Mac users’ passwords at will when they finally have a remote backdoor to Mac machines.  Lastly, it’s best for Mac users to activate Filevault 2.  This way, only trusted users can unlock a Mac, and at the same time Filevault 2 protects a Mac from the security issue of having someone or a stranger to boot a Mac into single user mode, effectively disabling someone from becoming root at will.

Source:  http://www.zdnet.com/blog/hardware/mac-os-x-lion-flaw-allows-unauthorized-password-changes/14883

Can’t Change Your Mac’s Master Password?

Can’t change your Mac’s master password for some reason?  Perhaps you can’t remember your Mac’s master password and want to reset it, but you can’t do it since you don’t remember it in the first place.  Don’t worry, I’ve a solution for you!

First, make sure you’ve not turned on your Firevault, so go turn it off if you have it on.  To turn off your Firevault, go to System Preferences >> Security >> Firevault.

It’s time for us to delete some files so you can change your Mac’s master password once again.  Open up a terminal, and then switch to an admin account.  As an admin you need to do [sudo -i] to become root.  As root, you need to go into /Library/Keychains/.

Don’t go into the wrong /Library/Keychains/ directory!  To know if you’re in the right /Library/Keychains/ directory, execute the command [pwd] in your terminal, and if you see the return value is /Library/Keychains/, then it’s OK.  If you’re seeing something like /Users/yourname/Library/Keychains/, then you’re in the wrong directory and you need to get out of there.

Assuming that you’re in the right Library directory, execute the command [ls], and you will see two files with the names of FileVaultMaster.cer and FileVaultMaster.keychain.  Execute the command [rm FileVaultMaster.cer FileVaultMaster.keychain].  Restart your machine, and log in with your admin account.  Go to System Preferences >> Security >> Filevault and from here you can reset your Mac’s master password, and it will work this time!

Good luck!