How LastPass is Handling a Security Breach the Right Way

I’m just as tired as you are of reading about security breaches, data being stolen and hackers sitting smugly behind their screens. Unfortunately, we’re not going to see a dip in the number of these crimes any time soon. The state of security within many companies is frankly deplorable. Corporations we have trusted for years are suddenly finding themselves in the number one spot on everyone’s “list.” Often, though, it’s not the actual breach of information that disturbs us – it’s the way a company handles the problem which gets our knickers in a knot. Just take a look at Sony…

Sony knew there was an issue several days before telling anyone, an oversight which is now causing them much more grief than the actual dilemma of stolen data. Let’s face it: we all know that hackers are out there stealing everything they can get their hands on. We hate them, right? We rant, curse and scream on a daily basis about the prevalence of online theft. But what we loathe even more than the bad guys are the companies who aren’t honest with us – and who aren’t very speedy at telling us they have a problem.

Earlier today, password manager LastPass openly admitted that they had possibly suffered a breach of data – nearly as fast as they discovered it. In order to maintain the safety of their customers, the business quickly disabled master passwords, forcing users to log in via offline mode. Everyone was then prompted to change their master password in order to resume normal operations. This was done as a precaution, folks. Yes, it likely inconvenienced you for a moment or two. However, isn’t taking that step just in case better than finding out later that some idiot now has control of your bank and credit card accounts?

This company absolutely handled the matter the right way. They aren’t even sure at this point that anything was taken at all. They simply found a possible problem, reported it to you immediately and took preventative steps to help you stay secure. What more could you ask for? Please don’t answer that by asking for impenetrable security. That’s never going to happen, y’all.

Nothing is perfect, not even security. The response from the LastPass team is daggone close, though.

Sony Knew Software Was Outdated Months Ago

During testimony at a Congressional hearing earlier today, Dr. Gene Spafford of Purdue University stated that Sony knew months ago that its software was outdated. Approximately three months before more than 100 million users had their information stolen by hackers, the company was informed by security experts that its version of Apache Web Server was seriously out of date. This version was unpatched and had no firewall protection of any kind.

Dr. Spafford spoke during a hearing with the House Subcommittee on Commerce, Manufacturing and Trade. Sony was also invited to attend but declined. In a letter to the committee, the company stated that it has now added “automated software monitoring and enhanced data security and encryption to its systems in the wake of the recent security breaches.”

Excuse me for pointing out the obvious, but Sony made these moves just a smidgen too late, don’t you think? Had it been actively monitoring its software all along, these colossal data breaches may never have occurred, and more than 100 million people wouldn’t have their information at risk. Any company – especially one that deals with credit card numbers and identifying personal information – has a duty to its customers to protect them by making sure that its Web site and service is as secure as could possibly be.

I cannot help but be outraged by this. I was not (thank the Lord) a PlayStation Network member. However, it doesn’t take much to set me off when a company is so obviously negligent. Heck yes, it has taken steps to correct the problem. Too bad that it’s not nearly enough to make up for the lack of security to begin with.

It’s bad enough that Sony never knew its software was outdated – or chose to ignore the fact. It’s far worse that it was told in a public place on more than one occasion by educated consumers and continued to do nothing. Was the company hoping to save money by not purchasing new software? If so, I think it’s safe to say that particular choice just bit it in the butt in a very large way.

Sony Playstation Breach Shows How Vulnerable You Are

Sony finally owned up to what was already clear several days ago: Playstation Network incurred a massive breach of user data. Over seventy-seven million user accounts are impacted in what is quite possibly the largest data breach ever. The FBI is on notice and one United States Congressman is accusing Sony of “taking too long to report the breach.” Whoever hacked the Sony Playstation Network likely has access to your username and password, your date of birth, your name, your address and your credit card information. They even have the answers to your security questions.

This data breach should put us all on notice – it’s becoming harder to know who to trust with your data. The problem is bigger than Sony. It proves just how vulnerable you really are. Canceling your credit card right away and adding a “high risk” alert to your credit file might help mitigate the short term damage. You can cancel your mother’s maiden name, or your first pet’s name, or the model of your first car.

Even if your username and password are unique at every site, you likely use the same security questions and answers. After all, how many different security questions do you see? We are asked our mother’s maiden name, our first girlfriend’s first name, our first job, and even what type of car we drive. Thinking back on the last five websites I signed up with, the security questions were almost identical at each one. Now those criminals know the answers to those supposed security boosts – along with all of your other personally identifying information. They can freely access nearly anything you’ve registered for online and they also have the power to assume your identity with brand new accounts.

Let’s dig a little deeper into what this means from a security standpoint. Imagine if you will a C-level executive with GE or Ford who happens to be enjoy gaming on the Playstation Network. Can you even imagine the potential for havoc once data theives access thier various online accounts? We’re talking possible repercussions of a massive scale, y’all. Down on main street, where business owners are struggling to survive and thrive, those who had their information stolen could end up seeing a bankruptcy judge in the near future. An unlucky teen’s parents may end up with a mountain of credit card debt they cannot escape from.

If our trust is violated by a huge corporation like Sony – or any of the other 2,447 companies who had a data compromise since 2005 – who can we trust?

New PlayStation Device Rumors Strengthen

This is a guest post written by community member Craighton Miller.

Since its release 2004 the PlayStation Portable hasn’t really changed much. With only a couple of tweaks by changing the size of the unit and internal components it has largely stayed the same. Though, that may all change in a couple months, in a recent interview with The New York Times, a high level executive revealed some hints of the companies new device that will hit the market in April.

Sony’s gaming chief, Kazuo Hirai, hinted in the interview towards the rumored Android-powered PlayStation device. Kazuo Hirai, acknowledged in the interview that they are facing major competition from iOS and Android. Although the mobile gaming boom is on an up rise Kazuo Hirai added, “The games being played on Android and Apple platforms are fundamentally different from the world of immersive games that Sony Computer Entertainment, and PlayStation aims for.”

Kazuo Hirai is right for the most part, smartphone gaming is very different from what the PlayStation portable platform has to offer. Needless to say the mobile gaming landscape is changing quickly at an increasing rate.

Gaming developer, Epic Games released its Unreal Development Kit for iOS last September and one of the premiere games made from the development kit, Infinity Blade has made a deep impact on the way games can be created on the iPhone.

One of the big questions on anyone’s mind is the utilization of touchscreens. Kazuo Hirai told The New York Times that touchscreens are only efficient for some games, but he argues that having physical controls lets you immerse yourself deeper in the games that are being played.

Based off of statements from Sony over the last couple of months, one can clearly guess that the new device will be Andorid based, and would have its own device-specific games and even its own network store.

Although, we can assume the device is Android powered it is still unclear if it will be a phone or just gaming device. Though those rumors are unclear Kazuo Hirai, stressed that Sony wants to keep PlayStation’s strengths intact.

Google TV Vs. Apple TV

Add to iTunes | Add to YouTube | Add to Google | RSS Feed

This is Google TV. I am more than grateful to the team at Google for sending this unit to me, and for showing me how I can help all of YOU win one for yourself. I have to tell you – this piece of hardware is simply stunning. The quality is far beyond what I had expected. Besides, what could be cooler than watching YouTube videos on a big screen television?

Google TV is a new platform for television that combines your normal TV programming with a full web browser, Android apps and a simple way to search through all of it. It’s even easy to switch between TV and the web without having to change inputs on your television set.

With Google Chrome and Adobe Flash Player 10.1, Google TV lets you access everything on the web. Watch your favorite web videos, view photos, play games, check fantasy scores, chat with friends, and do everything else you’re accustomed to doing online.

If you’re a video producer like I am, you’re going to love this. Google TV gives web video stars the change to be a TV star. Google TV users can even bookmark your YouTube channel onto their TV home screen. This makes your content appear one click away from whatever they are already watching.

Google TV will come pre-loaded with apps like Netflix, Twitter, CNBC, Pandora, Napster, NBA Game Time, Amazon Video On Demand and Gallery. Starting early next year, apps from Android Market will work on Google TV as well. As I already said in the video above, the quality and clarity of this Sony television is just – fantastic. I cannot imagine anything better to surf the web with, including my beloved Mac Pro and dual 30″ monitors. This TV set puts those to shame. Seriously.

I’m sure you are ready to know how you can win one of these for yourself, aren’t you? Google is graciously giving YOU the chance to win. The contest ends on December 22nd, so you’ll have to hurry. 100 people will win a 46″ Sony Google Internet TV on January 20th.

To enter, simply create a video describing why you’re excited about watching the Internet on TV. You can upload your entry as soon as you’re ready – and please make sure you’ve read the official contest rules. Your video cannot be longer than one minute, so be creative with your time – and good luck to everyone!

Thanks again to Google. This Sony in my office is now my new best friend. Why are YOU excited about Google TV?