![]() Researchers at the Department of Computer Science of the ETH Zurich in Zurich, Switzerland reviewed the security of MEGA and found significant issues in how it uses cryptography. The research went one step further, finding that an attacker could insert malicious files into the storage, passing all authenticity checks of the client. A Swiss team of researchers has just proved those claims wrong.Īnd that's not all. ![]() Using a strong and unique password will ensure that your data is protected from being hacked and gives you total confidence that your information will remain just that – yours.”īut there's a problem. MEGA does not have access to your password or your data. “All your data on MEGA is encrypted with a key derived from your password in other words, your password is your main encryption key. It says it couldn't decrypt your stored files, even if it wanted to. If possible, enable two-step verification on your online accounts (on Facebook it is called Login Approvals) to harden your account security.MEGA, the cloud storage provider and file hosting service, is very proud of its end-to-end encryption. Get out of the bad habit of using the same password on multiple websites, and consider acquiring a decent password manager instead. It would be relatively easy for a scammer to spam out emails claiming to come from Netflix which might pretend to link to the real Netflix website, but in reality take users to a bogus site instead.Īnd, if those users are indeed in the habit of reusing their passwords across the net, then they have not just handed over their credentials to someone who might want to watch the latest episodes of “House of Cards” or “Orange is the New Black”, but also their email, Amazon, PayPal, and other accounts. The danger of asking users via email to reset their passwords by clicking on a link is… well, isn’t that precisely what phishing attacks do all the time? Personally I prefer Facebook’s approach of asking you to reset your password at next login, rather than the manner in which Netflix has emailed some of its customers. For your protection, no one can see you on Facebook until you finish.Īnd here is the email that Brian Krebs reports is being sent to some of its customers: ![]() To secure your account, you’ll need to answer a few questions and change your password. Facebook was not directly affected by the incident, but your Facebook account is at risk because you were using the same password in both places. Recently, there was a security incident on another website unrelated to Facebook. ![]() Here is the message that some Facebook users are seeing: Human apathy and lack of awareness being what it is, it’s great to see companies like Netflix and Facebook proactively take steps to protect their users – examining the contents of some of the recent mega-breaches, and comparing them to their own user databases.Īnd, where they believe a password might be being reused, informing the user that it’s high time for a password reset.Īs security blogger Brian Krebs reports, notifications are already being seen by Facebook and Netflix users… and it wouldn’t be a surprise if other big internet firms jumped on the bandwagon. Sites like LinkedIn, Tumblr and MySpace have all suffered at the hands of hackers, who are selling user information and passwords for the millions of users on the dark web.Īnd, as even Facebook CEO Mark Zuckerberg knows all too well, many internet users are guilty of committing the sin of using the same password on different websites. The reason for the mandatory password reset is that recent weeks have seen a series of revelations about so-called mega-breaches. Facebook and Netflix have not suffered a data breach.īut it’s quite possible that they are asking you to change your password. But it’s quite possible that they are asking you to change your password.ĭon’t panic. Facebook and Netflix have not suffered a data breach.
0 Comments
Leave a Reply. |