PARTNERs (Click Logo)


Special EVENTs

No afternoon game today Fri, Jun 1st
World Wide Pairs Fri, Jun 1st, @6:00pm - 10:00PM
Daytona Regional Mon, Nov 5th
Home

World Wide (!) Pairs Game

Friday Evening, June 1, 6 p.m.
 
Entry Fee: $8, includes book by Eric Kokish
You must sign up at Club, so we can order books

No Afternoon Game, Friday, June 1

logoSony's Unpardonable Sin Print E-mail
Pat Clark   
Wednesday, April 27, 2011
Sony Logo

You may have heard that Sony's Play Station website was "hacked" recently and that passwords, among other things, had been revealed. Even credit card information may have been compromised. Apparently, Sony kept this information "in the clear" rather than encrypted. This is unpar­don­able, if true.

For your information, The Daily Recap's passwords are encrpyted, and nobody, not even me, can read them. And we deliberately don't carry any real private information, such as street address, at all. We carry phone number, but it's at your option to provide it.

To change your password, or to remove any personal information, except your name, click on Edit My Profile which appears under your picture when you log in.

 

There's a lesson here: don't trust anybody with sensitive personal information and do not use the same password for multiple sites. At least be sure your most important sites, like banks, use unique passwords. Regarding credit cards, some people use a separate card for online purchases and keep it's credit line as low as possible. 

Hackers had attempted to penetrate The Daily Recap a year ago or so, but they were thwarted. Even so, I removed the online registration process for the protection of your privacy. There can be no guarantees that a site is invulnerable, but you can rest assured that protecting your information is very important to me.

Comments
Search
Howard   |2011-04-27 17:57:00
But... since our passwords are echoed in clear text, how can this be secure???
Pat  - There is some small risk   |2011-04-27 19:28:03
It is true that The Daily Recap password is transmitted from the user's computer to the Server in clear text. This is true whether or not the password is readable on the screen. The only way around this is to use encryption on the entire page (HTTPS) as banks do. This is not a free option for us: it costs $82 per year, minimum.

There are two risks involved with the way passwords are handled on The Daily Recap. The first is that an observer can visually see the password we type -- this is insignificant in our own homes. The other, as Howard correctly observes, is that the password is transmitted to the Server in clear text. I have previously taken steps to mitigate this, to some extent, using a technique I can't go into in a public forum. It is slightly more secure than typical sites.

Most sites transmit passwords back to the Server in clear text, by the way. If the HTTPS "prefix" (as opposed to mere HTTP) is not present on the login page of a site you visit, then this is the case.

The important aspect of this issue is that a passive hacker watching a stream of internet transmissions cannot recognize The Daily Recap passwords in the same way he would for typical websites.
Only registered users can write comments.

3.26 Copyright (C) 2008 Compojoom.com / Copyright (C) 2007 Alain Georgette / Copyright (C) 2006 Frantisek Hliva. All rights reserved."
 
< Prev   Next >
[ Back ]

Latest Comments

Free Lessons on Convention Cards
2.64 MPs/Game
A BIG Thank You

LOG IN

Click "Lost Login" below if you don't know your password or username. To register and gain full access to the site, contact any Director or Officer.

Most Read ARTICLEs, All Time

Who's Online

No users online

Statistics

Members: 556
News: 1006
Web Links: 4
Visitors: 837593

Admin Menu