Tag Archive
2.7 8.10 9.04 9.10 100th acquisition advertising amd aol apache apple assp ati beta black hole blog browser bug building business caching callback CAN-SPAM can spam act centos chrome clamwin code collider comments compression computer css datacenter delayed development digg documentation earth Edward W. Felten email encryption encyclopedia of life enery eu exploit family fatherhood fedora firefox first plugin folding@home free freeware game Gaming gaming_rig gimp google guides hardware header history home house HPN-SSH HTC icann IE image improvement Infoworld intel Internet ipv6 IT jail kubuntu ldap Leap Day lhc Linux locked files mac mail_server malware me memory microsoft misc money mouse moved Mozilla msdn mysql network solutions nvidia oem open-source os paint_shop_pro patch pc pentium phising phone php plugin post post-revision protocol ram RC record release review rollover safari samba scammers science SCP screenshots script script kiddies security SEO Series server service pack society software son Sony SP3 spam species squirellmail SSH storage stupidity styling sun svn tape tech Techozoic theme threaded tip tips ubuntu Unix update utility video card virtualization vista vlite vmware vsphere web weird WHS windows windows 7 wordpress work worm wsus XP xray
AOL Sucks no Really Sucks
It seems that AOL, which has sent me many a wonderful coaster for cold beverages, doesn’t really care about the security of they user base. As we all know AOL users aren’t known for their computer prowess and don’t need any more help giving away personal information. It’s been reported that AOL is truncating passwords to 8 characters even if a stronger 16 character password is used. This makes a brute force password attack much simpler for attackers. Although probably the easiest way to get AOL passwords is to simply ask the user for it in a crudely crafted email phish. Just because it looks like it comes from billing@aol.com doesn’t mean you should give them your first-born child if they ask for it.
Source: ITWire
