Amazon Recommends Users Change Their Passwords

Who doesn’t have an Amazon account? If you do it may be worth changing your password as Amazon recommends users take the precaution after it discovered that some of their Amazon accounts could be found online.

Amazon discovered the leaked passwords were contained within a password list online, and while not exclusive to Amazon services, it has recommended that users change their passwords, even more, so if they use the same password on several sites. If your accounts email address was found to be on any of the lists then Amazon has taken the precaution to force a password reset on your account.

While many recommend against it, it’s common practice for people to use the same password and email combinations on several sites, thus increasing the chance that if one account is hacked, others will be compromised alongside.

While it’s recommended by some that we get rid of passwords altogether, alternative methods like biometric scanners for your fingerprints have been seen as easily bypassed and companies are even looking at using videos or selfies to access your accounts, a technique that has been met with mixed views. Would you prefer to access your account with a selfie or video of yourself or do you believe that the password still has a while to go if used correctly?

UPDATE: We were asked to remove the image, so one of our own, Robert Ainsworth, provided us with a copy of the email he received.

SilverStone ES01 PCI-E Remote PC Switch Kit

Introduction


There are many forms of being lazy, or maybe we should rather call it an extra comfort feature that expands your abilities. Today I’m taking a closer look at SilverStone’s ES01 expansion card which allows you turn your PC on and off as well as reset it remotely. This can either be used as an extra security feature or as a simple addition to the already existing methods. The ES01 is available as both a PCI and a PCI-Express card, so you can make it work in almost any system. I’ll be taking a closer look at the PCI-Express x1 version today.

SilverStone’s ES01 is a convenient remote switch kit designed to wirelessly turn your computer on or off as well as reset it. It uses the existing 2.4GHz standard with RF wireless technology which is known to work great and offer a great range. The ES01 remote kit is rated for a range of up to 20 meters which is quite cool and allows you to work the magic from afar.

The adapter comes with an included Y-cable which ensures that your computer case’s own power and reset buttons can be used concurrently with the ES01. You normally wouldn’t want to rely purely on a remote for such a crucial function, and you don’t need to. However, at the same time the ES01 it can be used without connecting the Y-cable to the chassis buttons in order to add another level of security besides BIOS passwords and software solutions to which the ES01 can be a good alternative. It will mostly be users with computers located in hard to reach areas or systems with special usage scenarios that will find the ES01 remote switch kit to be very handy, but it is up to you how you’d like to use it.

The expansion card in itself is a low profile card and it isn’t very long either. It will easily fit into even the smallest chassis and comes with an included low-profile bracket too. All it takes is two screws to switch from the normal to the low-profile bracket, so that’s a job quickly done if needed.

The remote control uses a common CR2025 Lithium manganese button battery with a 3V voltage. It has a maximum measured EIRP of 3.76dBm and naturally operates on the 2.4GHz band. It is about the size that you would know from your car key with remote functionality, but weighs far less. It also comes with a convenient ring for attachment to key rings, backpacks, purses, and more.

Feature Highlights

  • Control your computer from anywhere in the room using 2.4GHz RF remote
  • 2.4GHz receiver PCI or PCI-E card included
  • Works as far away as twenty meter
  • Includes power / reset switch Y cable
  • Includes optional low profile expansion slot cover

Specifications

Package and Accessories

The SilverStone ES01 comes in a fairly simple package which is fitting for a simple device. The front teases the remote capabilities which doesn’t leave much left to the imaginations. You instantly know what it’s for.

The rear of the box contains the specifications and functionality in several languages. Everything extra that you might want to know before you make the purchase.

Inside the box, we find the add-in card with y-cable attached, a low-profile expansion slot bracket for use in SFF chassis, the remote control and battery for it as well as a small manual.

Hacker Found Way into Any Facebook Account

An Indian hacker has found a remarkably simple way to access any Facebook user account. Thankfully, Anand Prakash, a security engineer from Bangalore, is a “white hat” hacker and immediately contacted Facebook about the loophole, granting him a $15,000 reward.

In a blog post – with the provocative title “How I could have hacked all Facebook accounts” – Prakash explained the process he used, including a proof-of-concept video. Effectively, he brute-forced the password reset code – a six-digit number which is sent to the user’s phone or e-mail – on Beta version of Facebook, which allowed him unlimited input attempts without locking him out. He was then able to set his own password with which he could fraudulently access other user’s accounts.

“Whenever a user Forgets his password on Facebook, he has an option to reset the password by entering his phone number/ email address on https://www.facebook.com/login/identify?ctx=recover&lwv=110 ,Facebook will then send a 6 digit code on his phone number/email address which user has to enter in order to set a new password,” Prakash wrote. “I tried to brute the 6 digit code on www.facebook.com and was blocked after 10-12 invalid attempts.”

“Then I looked out for the same issue on beta.facebook.com and mbasic.beta.facebook.com and interestingly rate limiting was missing on forgot password endpoints,” he added. “I tried to takeover my account (as per Facebook’s policy you should not do any harm on any other users account) and was successful in setting new password for my account. I could then use the same password to login in the account.”

According to his blog, Prakash discovered the vulnerability on 22nd February, and received his $15,000 reward from Facebook on 2nd March. Facebook is yet to confirm the veracity of Prakash’s blog post.

SilverStone Releases ES01 Remote PC Switch Kit

Have you ever wished to turn your computer on and off from afar, much in the same way that you do when you unlock your car with your remote key? Well you can’t have been the only one as SilverStone just released the ES01 that is just that. The SilverStone ES01 is a remote switch for your PC that allows you to turn it on and off from a distance of up to 20 meters.

The SilverStone ES01 is a 2.4GHz wireless computer power and reset remote switch and that in itself says most. The receiver is in the form of a PCI-Express card and SilverStone included both a normal and a low-profile expansion cover. While the PCI-Express bus is the normal connector these days, in the past it was the previous PCI slot that dominated the machines. SilverStone also released a normal PCI version, so make sure you get the right one for your system. This in return means that you should be able to use this card and remote control for pretty much any system you wish, new or old and small or big.

The included Y-cable for the power and reset buttons make sure that you don’t have to rely solely on this remote control and can continue to use your normal case buttons as you did before you installed this card.

As previously mentioned, the SilverSTone ES01 has a range of up to 20 meters and the interference should be minimal on this band, but objects that are in the way will effect the range. The ES01 has an Effective Isotropic Radiated Power (EIRP) of 2.76 dBm and the remote runs on a nomral CR2025 button battery.

The new SilverStone ES01 (SST-ES01-PCIe / SST-ES01-PCI) will be available around the world during this week and can be yours for a suggested end-user price of $14.96 USD

Amazon Passwords Could Have Been Leaked

It’s that time of the year again, when everyone goes crazy and starts buying ready for all the events and gift giving that is come over the next few months (some even preparing so much as to get some ordered for next year). Black Friday, one of the busiest shopping days of the year is upon us and with it a lot of people are looking and watching online stores waiting for that juicy one time deal they could quickly scope up before it all goes. To no surprise, Amazon is one of these online stores, so what does it mean when people started receiving emails asking them to change their passwords? That’s right another potential breach.

As reported by ZDNet, a selection of their readers received emails asking them to reset their password (the email was also sent via Amazons message centre, confirming that it came from a legitimate source). The reason given was that your password could have been stored on your device or transmitted in a way that exposed it to third parties.

Amazon continued to state they had corrected the issue, but that temporary passwords were being issued as a sign of caution.

Given recent hacks and breaches, it’s not surprising that Amazon is airing on the side of caution when it comes to people’s accounts, especially around this time of year.

NASA’s Mars Rover to Be Reset and Wiped

NASA is preparing to reset and wipe the flash memory in their Mars rover Opportunity. Opportunity is the older of the two rovers cruising around on Mars’ surface and has done so since 2004. With it’s general age and the harsh environment it operates in, but also the older technology in use, it is starting to show more and more problems. NASA’s engineers had to reset the rover with increasing frequency and during August they had to do it over a dozen of times alone.

Now they’ve had enough, and the flash has to be wiped. The rover uses the same type of flash as we do here on earth. But 10 years ago the automatic garbage collection functions, like TRIM, weren’t well developed yet and a lot of the flash has burned out. NASA’s engineers expect this to be the root of the trouble they’re having.

NASA will make a backup of everything stored on the flash, remotely to earth, and then wipe it clean. Then all the worn out cells in the flash memory will be marked as defective so they don’t get used any more. When that is done, all the data back will be flashed back to the rover before it gets another reset and reboot. While this sounds like a pretty serious memory surgery to some, all the rovers critical software is stored outside of the flash and won’t be affected. And looking at the technical point of it, a pretty ordinary task.

Still, I can’t help to think of the increased pulse and heart rate I get every time I have to re-flash an expensive piece of hardware, so I can only imagine that some of the NASA engineers are exited and nervous about the impending wipe. It’s still a pretty normal task for system admins, if you take away the part where they are located about 125 million miles away from the rover.

Opportunity has already set the record for most distance driven off-earth, and it looks like NASA hasn’t given up on it yet. There is still a lot of clay and shadows to be discovered on Mars.

Thank you cnet for providing us with this information

Image courtesy of cnet.

Sony Resets User Passwords Following Irregular Network Activity

A number of times in the news we have seen reports that Sony’s Playstation Network (PSN) security has been compromised and as a result the user names and passwords of many users, along with their personal information has been illegally accessed. Sadly it looks like the same thing may have happened yet again, but it seems that Sony may have shut the door on anything happening this time round.

Following Sony Europe’s move earlier this week to reset a large number of passwords as part of a ‘precautionary measure’, Sony’s America team has followed suit as they pick up activity on their network that doesn’t follow the usual pattern. Thankfully for the small number of users that have been affected, Sony may have got there just in time, but as always we will recommend that you keep your password safe, making sure that it is changed on a regular basis, but most of all – don’t make it easy to guess. Capitals and numbers mixed in will help to keep your account that bit more secure.

In order to keep a number of users from panicking that they cannot reset their password, a spokesperson for Sony stated:  “Note that if you have access to the email address and Date of Birth associated with the account, you will be able to reset it yourself. If you are missing one or both of those, then you will need to contact us for further assistance.”

Kotaku pushed Sony for a statement regarding the activity; Sony replied “We routinely monitor for irregular activity, and if such activity is detected, we may sometimes reset passwords of affected SEN accounts as a precautionary measure to protect consumers and their account information.”

Whilst Sony may have caught out any potential intruders, it looks like there are still a few creases within their security measures that need to be ironed out to yet again prevent anything like this happening again.

Source: Kotaku.com