Tech News Today 516

From The Official TWiT Wiki
Jump to: navigation, search
Tech News Today
Episode 516

Contents

Tech News Today 516: All hash, no salt

LinkedIn has a horrible day, will Facebook disappear? IPv6 rends the Internet in twain, and more.

Submit and vote on story coverage at technewstoday.reddit.com

Hosts

News Fuse


Discussion Stories

  • Millions of LinkedIn passwords reportedly leaked online
  • An Update on LinkedIn Member Passwords Compromised
  • LinkedIn Twitter Account: We see no security breach... so far... but here's how to change your password just in case
  • Updating Your Password on LinkedIn and Other Account Security Best Practices
    • Norweigan IT website Dagens IT reports 6.5 million encrypted LinkedIn passwords posted to a Russian hacker site. Security researcher Per Thorsheim posted to Twitter that the attackers have posted the encrypted passwords to get help with cracking
    • LinkedIn posted on Twitter: "Our team is currently looking into reports of stolen passwords. Stay tuned for more."
    • twitter user: "after getting the list of @LinkedIn hashes and hashing my old pwd with no salt there is a match for the hash in the list." (other ppl claim the same) LinkedIn on Twitter: "Our team continues to investigate, but at this time, we're still unable to confirm that any security breach has occurred. Stay tuned here."
    • LinkedIn unsalted hashes use SHA-1 encryption.
    • 150M LinkedIn users, 300k decrypted p/ws as of midday, small # of users but still big breach
    • UPDATE LinkedIn official confirmed that "some of the passwords that were compromised correspond to LinkedIn accounts" and said an investigation is continuing. The company has begun notifying users known to be affected and has also implemented enhanced security measures that include hashing and salting current password databases.
    • linkedin: Members that have accounts associated with the compromised passwords will notice that their LinkedIn account password is no longer valid.
    • These members will also receive an email from LinkedIn with instructions on how to reset their passwords. There will not be any links in these emails. For security reasons, you should never change your password on any website by following a link in an email. These affected members will receive a second email from our Customer Support team providing a bit more context on this situation and why they are being asked to change their passwords.
  • LinkedIn’s iOS app collects and transmits names, emails and notes from your calendar, in plain text
  • Your iPhone calendar isn't private—at least if you use the LinkedIn app
    • LinkedIn iOS app collects full meeting notes and details from your device’s calendar and sends them back to the company in plain text, without permission from user, although calendar sharing is opt-in
    • discovered by Skycure Security researchers Yair Amit and Adi Sharabani
    • once enabled the app reads the data from user’s calendars, notes, details, 5 days out when you open the app.
    • LinkedIn response: ""we need to send information about your calendar events to our servers so we can match people with LinkedIn profiles" - Joff Redfern, Mobile Product Head.
    • Android app already updated with better explanation of how they use data (We do not store any calendar information on our servers)
    • Android & iOS apps to no longer send calendar meeting notes back to its servers when calendar integration is enabled
  • Internet lights up with new IPv6 connections
  • IPv6 Day: Only the Biggest Change to the Internet Since Its Inception
  • IPv6: Trillions of new net addresses now possible
  • What to Expect for IPv6 Launch Day
  • Many major ISPs and Internet companies permanently turned on IPv6 today.
  • So what?
    • IPv4 doesn't go away. It will operate in parallel for the foreseeable future.
    • IPv4's 4.3 billion addresses are almost all gone though. IPv6 expands the limit to 2^128 addresses—more than 340 trillion, trillion, trillion.
    • IPv6-enabled systems quadrupled over the past three years.
    • ISPs including AT&T, Comcast, Time Warner Cable, Free Tellecom, KDDI (Japan), Free Telecom (France), Internode, and XS4ALL (Netherlands) will turn on IPv6, and more importantly, leave it on
    • If you have an IPv6-enabled machine, no more tunelling. You'll get native IPv6 addressing.
    • Networking vendors such as Cisco and D-Link will enable IPv6 by default for their home network devices.
    • Google, Microsoft, Facebook, and Yahoo will turn on IPv6 for their main sites and keep it on.
    • Go to http://test-ipv6.com/ if you want to test your readiness
  • Facebook Will Disappear in 5 to 8 Years: Analyst
  • Facebook Seeks to Boost Revenue From Mobile Ads
    • "In 5-8 years they are going to disappear in the way that Yahoo has disappeared," Eric Jackson, founder of Ironfire Capital. **"Yahoo is still making money, it's still profitable, still has 13,000 employees working for it, but it's 10% of the value that it was at the height of 2000."
    • Jackson says FB is 2nd gen of web co. 1st gen was web portals (Yahoo, Google), 2nd gen is social web, 3rd gen is mobile platform
    • Jackson's theory, you can't make transition in generations, historically companies fail
    • marketers can now pay individually for "sponsored stories," the company's only mobile-ad product. With "sponsored stories," marketers pay Facebook to republish positive messages that users post about their brand.
    • Previously, mobile ads on the social network could only be purchased through a premium ad package that included mobile

Randomizer


Calendar

Obit


INCOMING

Email

"Hey Tom, Iyaz, Sarah, Jason & Guest

Tom was discussing the limitations of Windows RT on ARM chips, but I have to point this out. Almost all the limitations of Windows RT are around the desktop. You've been able to buy x86 Windows tablets for years. So why haven't they sold if they're fully functioning tablets? Well, turns out, no one wants to use a desktop interface on a tablet. So while Windows RT can't run desktop apps, I don't think anyone cares at all.

Tom wasn't the only person to say this, though, which I think is interesting. Several tech news sites have made similar comments about not being able to fully utilize the desktop, even though for years they've criticized Windows tablets for using a desktop interface. Very interesting, if you ask me.

Love the show, Jacob"


"Panasonic is introducing a TOUGHPAD to go along with their TOUGHBOOK laptops. I've used the laptops and, while not the best performance, they are incredibly durable. Now they are going into the tablet business.

Our sales rep sent the attached as a PowerPoint and told me it is public information, so I'm not violating an NDA.

Obviously, this is for a niche but I thought you might want to check it out - ALibertarian"

Sponsors

Squarespace

  • ad times: :52-1:06 and 6:12-7:32

Production Information

  • Edited by: Jason
  • Notes:
Info.png This area is for use by TWiT staff only. Please do not add or edit any content within this section.
Personal tools