THE latest and surely the greatest .......

[ericm979]

I've also learned a bit more about passwords, and believe mine should be random enough to make them tough to hack.
(No words or sequences involved...)

When a web site gets breached and the password hashes are stolen, the attackers or people they sell the hashes to use programs that streamline the process of guessing the passwords that were used to generate the hashes. An account with a known password is worth more on the markets where these things are sold. The guesser programs are very sophisticated and use advanced cryptography to make the guesses go as fast as possible. They work off a dictionary of words in different languages and add modifications as well (i.e password123, pa55w0rd, etc). The guesser programs now also try strings of random characters. I don't know about you but I can't remember a truly random string more than 6-8 characters long. That is no longer secure against these types of attacks.

Really what you should be using is a password manager program which generates long random passwords for each account/web site/etc.

But the risk with bluetooth toothbrushes and the like is not getting your accounts or the devices hacked. It's the surveillance capitalism where the toothbrush company mines the data they receive and sells it. This isn't just a problem for toothbrushes, it's a problem for all kinds of devices. There are now tons of data broker companies who aggregate this kind of data from many sources to get a fuller picture of what you do and when, and then sell that to advertisers and the government.

 

[California]

But the risk with bluetooth toothbrushes and the like is not getting your accounts or the devices hacked. It's the surveillance capitalism where the toothbrush company mines the data they receive and sells it. This isn't just a problem for toothbrushes, it's a problem for all kinds of devices. There are now tons of data broker companies who aggregate this kind of data from many sources to get a fuller picture of what you do and when, and then sell that to advertisers and the government.

Yep. When I was setting up my first cell phone a few years ago, reading reviews and advice, I found a flashlight app (turns on the camera flash led) that was recommended against. The install required allowing access to everything on the phone. Photos, email, everything. Completey un-needed for a simple flashlight. No thanks! I wonder how many apps have similar capability.

More recently I saw an Amazon review for something that uses your wifi to control lights or something simple, that the reviewer noticed continually uploads massive quantities of data, uploading for hours. It must be scouring everything on that wifi system to generates so much traffic. He discarded the device.

Don't expect privacy if you have a cell phone or home wifi. For businesses, "There are those that have been hacked, and those who don't know they have been hacked". This likely applies to personal gear as well.

 

[JasperFrank]

Where we are......

 

[JasperFrank]

While working in the computer repair sector, sometimes we would get a repair and the owner didn't tell us what the sign-in passwords were. And sometimes they just didn't remember it. Once we got all our cracking tools worked out, we stopped bothering to call the owner to get the password. It was easier, and less time consuming to just crack it, do the repair, and tell the owner what the password was/is.

 

[JethroB]

While working in the computer repair sector, sometimes we would get a repair and the owner didn't tell us what the sign-in passwords were. And sometimes they just didn't remember it. Once we got all our cracking tools worked out, we stopped bothering to call the owner to get the password. It was easier, and less time consuming to just crack it, do the repair, and tell the owner what the password was/is.

I remember those similar days with an IBM S/36. The Sysop/administrator could see every user’s password. She would get upset when people used ‘dirty’ words.

I had an Excel spreadsheet password cracker in it’s early days. I think I got it off a Compuserve bulletin board back before Al Gore invented the Internet. It came in handy when someone quit or got fired and refused to hand over the passwords. Holding onto their final paycheck did the trick if necessary.