(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
Fwd: Timing attack vulnerability in most Zeus server-sides
[SECURITY] [DSA 3379-1] miniupnpc security update

Watch out, NSA. Mira Modi is helping everyone use better passwords. (credit: Julia Angwin)

We now live in a world where a New York City sixth grader is making money selling strong passwords. Earlier this month, Mira Modi, 11, began a small business at dicewarepasswords.com, where she generates six-word Diceware passphrases by hand.

Diceware is a well-known decades-old system for coming up with passwords. It involves rolling actual six-sided dice as a way to generate truly random numbers that are matched to a long list of English words. Those words are then combined into a non-sensical string ("ample banal bias delta gist latex") that exhibits true randomness and is therefore difficult to crack. The trick, though, is that these passphrases prove relatively easy for humans to memorize.

"This whole concept of making your own passwords and being super secure and stuff, I don’t think my friends understand that, but I think it’s cool," Modi told Ars by phone.

Read 18 remaining paragraphs | Comments

[SECURITY] [DSA 3377-1] mysql-5.5 security update
Internet Storm Center Infocon Status