Blessed be Facebook for using this real-world example to 100% back up Naked Security when we proselytize about the evils of password reuse. And if you're worried that Facebook's mining of breached Adobe customer records and quarantining of users is Big Brother-ish, fear not: the company didn't have to store passwords in clear text or pull any other boneheaded security move to know just what its customers' reused passwords are.
Chet and Duck are here with their weekly roundup of news, opinion, advice and research.
Take a listen to our weekly 15-minute podcast on computer security - Chet Chat Episode 123.
November's Patch Tuesday includes updates not just from Microsoft, but Adobe and Google as well. Critical patches for Internet Explorer, Chrome and Adobe Flash Player lead the way this month.
Every time we've written about the Google Wi-Spy saga, we've said, "Betcha this won't be the last of it."
Still isn't...Brazil is the latest country to put the hard word on Google.
November's patch Tuesday is coming up this week, and Microsoft's usual "announcement that doesn't say an awful lot" is out to help us prepare.
What we do know is that the latest TIFF image zero-day vulnerability *isn't* fixed yet...
Which pets make the best/worst passwords?
How many times did Google make the same coding blunder?
Find out this and more in our one-minute wrapup of the week's security lessons!
Would-be bug hunters can earn $300 - $5000 thanks to Microsoft and Facebook, who have announced that they will now work together to offer cash rewards to white hats who discover flaws in popular software applications as well as across the web at large.
The term refers to telling customers what you're not allowed to tell customers: namely, that you've been served with a subpoena for data, with attendant gag order, sometime during a given time span. This passive method of informing-by-omission is done by an ISP telling customers when the subpoena *hasn't* been served - a maneuver now legal, albeit untested in court, and Apple's one of the first big-name tech companies to try it.
What a coincidence! A Facebook hoax claming that images can infect your computer...and then a Microsoft zero-day that uses images to infect your computer.
Chet and Duck talk you through the latest news...
Microsoft is warning about a brand new security hole that could let criminals get control of your computer through booby-trapped image files.
Four months ago, the Android platform was stirred, if not shaken, by a pair of code verification holes.
Turns out there was a third one, now fixed in Android 4.4, better known as Kit Kat.
Paul Ducklin looks at what we can learn from it...
Learn how cryptanalysts think, and why cryptographers feel such terrible dismay when companies that really ought to know better make mammoth mistakes.
Paul Ducklin deconstructs the data leaked in Adobe's latest megabreach...
A touch of fun but with a serious side - and only a minute to watch it.
Give our weekly "60 Second Security" video a whirl today...
A new survey from Ernst & Young discovered that 96% of the 1,909 executives questioned felt that their companies were unprepared for a cyber attack, but only 23% of the companies placed security awareness in their top two priorities.
It's easier than tracking our eyeballs, and as it turns out, our mouse movements and hovers correlate quite well to where our gazes wander. That, of course, is a tasty way to amass a few more oceans' worth of data about Facebook users and how much time we look at those nice, revenue-producing ads.
Microsoft just published its January-to-June 2013 Security Intelligence Report.
The results seem to PROVE that you should get rid of Windows XP as soon as you can.
Paul Ducklin checks the strength of the "proof"...
Adobe originally estimated that the breach affected around 2.9 million users. As it turns out the number is actually 38 million, with the information taken including Adobe IDs, encrypted passwords, customer names, encrypted debit and credit card numbers, expiry dates and customer order details.
Not everyone was happy about Apple's terms and conditions when it introduced dictation to OS X: speech-to-text was done in the cloud, so Apple got to listen to what you were saying.
OS X Mavericks changes that - though apparently more for performance than privacy...
By popular demand, the Chet Chat has gone back to a weekly format, so your favourite security podcast will now be appearing twice as frequently!
Listen to Chet and Duck in the latest episode...
Is that a gun, or are you just upgrading the printer? What if your iPhone has a bug in the lock that locks the lock screen? Will Chrome's continuing support for XP make us safer, or merely lazier?
It'll only take 60 seconds to find out the answers!