Link: http://titssn.net

A serious state of security - The loss of one’s private information and its effects
Reposted from my forum post on June 21st 2006

Over the past year we have seen a tremendous growth in the proliferation of threats and attacks aimed at the human intelligence level. These threats have been growing at an alarming rate and it is surely due to a lack of knowledge and awareness of the general public. Gone are the days when we have to worry about viruses, worms and hacking being a major pain and something we all feared, now the phishing scams and social engineering methods has become the primary household name showing its nasty head to consumers and businesses alike. It is only through knowledge and awareness of these issues that we will beat these methods of infection and propagation.

While talking to people on a daily basis, it is very clear that the general public tends to shun a blind eye to these issues and thinks that it will not and cannot affect them as individuals. While this is surely not the case and is one of the (if not the) main reasons why these high profile and very cunning methods of human attacks are so much a high risk, people simply do not take these threats seriously today and I will try to shed some light on these issues as i’ve done so over the past few years.

Over the past 2 years we have seen and heard more and more about “phishing” and what it is and the methods of attacks. While consulting with the FBI’s cybercrime division and talking to them about the ways in which they address these issues, they have been overwhelmed by people who have fallen victims of these scams and it’s just a matter of simple common sense. A “phishing attack” can only be successful if the intended recipient is not aware of such a scam or is tempted by the “too good to be true” offer presented.

Why would someone want to invest millions of dollars in you and you’ve never met them, never heard of nor seen anything about them and they throw these millions at you with a mere $25,000 investment on your part. Surely that would catch the attention of anyone looking to get past that life of always being broke or always wanting to take their lives to the next level but was always financially strapped down or stressed out.

Ask yourself, why is the president of such a major organization or country want me of all people to do business with and for them and not have to commit to any signed agreements stating the terms and conditions of the deal.

Why is this major financial institution located in some far region of the world choose me to be the one to work this deal for them, this surely seems odd and should be a cause for concern but yet still, unchecked, they buy into the scam and get burnt. Some people have invested thousands of money into these false deals and it’s after the fact that they realize the severity of their doing.

Common sense should have stepped up and said hey, wait a minute, do I know these guys, what do they want with me and why are they asking me for this payment to buy into such a sweet deal, hmmm, this is suspect.

Instead, the opposite happens and you see the $25,000 vs. the millions that are presented in the offer. Hell yea, of course it’s human nature to see the vastness of the offer vs. the small percentage of the buy in payment. If someone came to me right here and now with that very same offer and I knew of and about them i’d do my lil research and then by all means i’m almost sure i’d buy into it. But this is far from the case. You will not find a phish that extravagant locally or nationally because there are so many ways that you can look into that situation to know if it’s legit or not, sometimes the deal is so sweet and looks so good and even after researching it it’s still a hoax, so what do you do.

Do not get suckered by these offers and these too good to be true deals.

If someone came to you and told you they were selling you a 10 million dollar winning lottery ticket for $25,000 what would you do?

We need to think about these things and weigh in on the validity and chance it takes to make such a move.

I’ve seen too many people burned by this and it’s always the same story over and over. The FBI gets so many of these cases that they have to tackle them in bulk due to how many they are.

So, what is “phishing” and why is it so prevalent today with such high success levels?

Phishing is a method of deception by means of appealing to the human intelligence by presenting something of value that is not legitimate or true.

I’m sure everyone by now has gotten some kind of email from financial institution stating that their account need to be verified or updated and that they need to log into the server to do so. When logging into what you think is the financial institutions server you’re actually logging into somewhere else or someone else’s server. This being the case your information is now in the hands of someone other than yourself who can use it for any means necessary and thus you’re just been “phished”.

So that’s in essence the real overview and look on the phishing scene.

Next we have the social engineering techniques which are very similar to “phishing” but can also come in the physical form.

Someone comes to your place of business and tells you they are the CEO of the company from headquarters in DC and they are here to meet with the rest of the management team and they need access to your network, infrastructure or office. This normally gets people arouse due to the fact that he/she is the CEO and you don’t want to mess with that person or else, so this person comes in under false pretenses and gains the access to internal private and confidential business information and property that should never be given out to anyone outside of the company. By the time you catch a with what is going on that person has gathered all the needed information and left with it, now that information is being circulated on the internet and your company is being sued and dragged through the legal system for that reason.

Who is to be blamed?
What went wrong?
Could this be avoided, if so, how?

These are valid questions to a real life issue that happens on a daily basis. A helpdesk representative gets a phone call from someone claiming to be the CTO or CIO or some other C-level executive of the company. He is traveling and for some reason cannot log into the network and so he’s calling the helpdesk to have them unlock his account and help him through the log in process. The helpdesk individual knows the name of the executive and so tries to validate the credentials that person is using to gain access to the network. If this is a person that has done his homework he may know the login name but not the password and so he most certainly tell the helpdesk support rep the login info but states that he can’t remember his password. Now the helpdesk person feels this info is good because the login username is correct and so that person should be who they are and so he/she proceeds to ask for some additional information such as full name, address, last 4 digits of the social security number or the employees unique company ID #.

All these information can be had by various means and so this is nothing for a person performing a social engineering attack to gain access to. So validating all the info the helpdesk rep now changes the password and helps the user to gain access to the network and its resources. Being a C-Level executive you can just imagine the access and information available to he/she once they are logged in and authenticated on the network.

I’ve seen organizations where the helpdesk gets so scared when a C-level executive calls in with a support issue that they just need the name and some info in order to quickly expedite the support issue and get that person on the way. This is wrong and presents many critical vulnerabilities and should be addressed immediately.

Social engineering like phishing can be stopped and mitigated by user awareness and knowledge. Policies, practices and measures can and should be put in place to offset these methods of attacks. Companies should spend more time going over scenarios like these in order to get the support people alert and proactive to these issues.

Identity Theft

Wow, now this is a growing issue that is even a bigger problem due to the arrogance of users thinking they are not affected nor will they be affected by this issue.  Most of the victims i’ve spoken to had no clue they were victims of such an attack until years after when the person who did the wrongs simply missed a payment or 2 and now you’re caught smack dead in the middle of the scheme of things. At that point it is already too late because you have been victimized for years and now that you’ve found out about it is way too late, the damage has been done. The most unfortunate part about the Identity theft issue is the fact that the information will still remain on your credit for the full term of the cycle and you have to hope to God that the person was keeping up on their payments and so the credit standing was good.

I recently met a lady that just found out that she was the victim of an identity theft scam after years of being used by someone else, fortunately for her that person was keeping up to date and current on the payments and so that was generating good things for her report. How she came to find out about the theft is one of the credit card companies called her asking to make payment arrangements for a past due balance she had and when she continued to deny the claims she came to find out the sad truth about the whole situation. There was a car, an apartment, credit cards and other things in her name and she had no idea about it.

Let me tell you how bad this can get and for how long you can be screwed by such a nasty issue, yet still, there are simply ways for protecting yourself from things like this. These days with the privacy issues and concerns surrounding the selling and use of your private information it is so easy to find or get information on or about you on the internet that it’s not even funny. Don’t worry about the information, worry about the use and abuse of it. It’s like worrying about doing online shopping and using your bankcard and credit card online when the banks all have that very same information online and that’s where the accounts were opened and are kept.

I recommend a credit monitoring service for you, your spouse, your children (yes, your children as well) and anyone with a valid social security number. These credit monitoring services do a very good job of keeping you alerted and updated on any happenings with your social security number and credit. I personally use Credit Expert and I have found them to be very good, very quick to alert and very detailed as to who, what , where, why and when anything affects my social security number and credit. I highly recommend the service which is a yearly fee but it is very much worth it and should be looked into.

When you think about the long term effects and heartaches that presents itself from a identity theft case the yearly fee associated with these services is well worth it. Go get it NOW. There are quite a few good ones available but they differ in offers and benefits. With Credit Expert I get a free credit report every 30 days if I want it, I can log in and have a look at what is on my credit, who I have credit with (if any), what are my reported balances and the contact information for the creditor. I have found this to be a very valuable and needed resource and I recommend it.

How can my identity be gained, lost or acquired?

There are more ways to lose your identity than it is to prevent it from being lost, as I said before, don’t worry about losing it, worry about the use and abuse of it. Someone having your private information such as your employer, a company that you did business with, a place you went to apply for a job and had to fill out an application form that had all your info, a utility company that you had to subscribe to for their service, so many ways of giving your information out, don’t worry about the info, worry about the use or abuse.

I remember seeing an article in 2005 where a nursing assistant had a patient in the hospital and he though the guy was going to die and so he took the patients information and started using it, he got credit cards and other things in the name of the patient and was doing good until the patient didn’t die and so after coming out of the hospital a few months later the patient started to see strange things and collection notices coming to him. After contacting the authorities and turning the matter over to them and they conducted an investigation they found out it was the nursing assistant, wow.

Don’t worry about the information, worry about the use and abuse.

I had started writing this article a few months ago after seeing what happened with that patient due to the theft from the nursing aid but with all the things that were going on I was just consumed in consulting issues with people who were affected or became so afraid of these issues that they don’t even want to face the reality of it.

I am sure by now everyone has heard about the data loss issue of the 26 million U.S. VA members which has sparked a whole sleuth of privacy issues, regulations and laws at the highest levels. This should not have come as a surprise to people because over the past year we have seen data breaches and identity theft problems at the highest levels of government and business. Everyday there is a new breach reported from some major financial institution or organization and with that comes the fears about what will happen next. The biggest problem with this is, how long ago did the theft/loss actually occur?

You’re being advised of the breach now but how long ago did it happen and to what extent of breach did the victim actually get. While that is the bad part of the situation the better part that saves us from the real effects of these issues is the alerting and monitoring services like Credit Expert, True Credit, Equifax and the other credit bureaus. They will alert you of any possible use of your social security number way before the company that was breached discloses the loss of the data depending on the use of the information that was lost. In some breach cases the information is never used but it’s better to be safe than sorry. I implore you to look into these services for yourselves as the time from alert to major impact on your credit is just a matter of you stopping the issue.

My next look at this issue will go into the methods of securing your data that in the event of data loss it is secured.

A few articles of reference.
IRS Laptop Lost With Data on 291 People
Laptop theft compromises Hotels.com customer data
VA data loss could prompt federal privacy law
VA to Recall All Agency Laptops
Personal data on millions of U.S. veterans stolen
Phishing scam uses PayPal secure servers
Trojan horse captured data on 2,300 Oregon taxpayers from infected gov’t
PC
Congress to Look at NSA Database of US Phone Calls

And I leave you with one of my favorite security quote as of lately, Don’t fear IT, Fear the “G” (Google)

~Brett A. Scudder~
The IT Security Attaché

Link: http://titssn.net

Good day to you,

As we approach yet another Christmas day and the soon to come New Year, we are reminded yet again of the continued blessings and good will of the season. TITSSN would like to wish our members, customers, clients, associates, friends, peers, families and the rest of the world, a festive, peaceful and secure Christmas and a Merry New Year when it comes.

May the joys of the season and the good cheer spread through our hearts and rest well with those around us as we celebrate this Christmas and usher in a new year in peace, love, unity and togetherness.

While we enjoy the season in many ways, we should be very vigilant of the increased threats and security risks as the use of the internet is very heavy during this time for spreading the festive emotions of the season.
While we are willing to spread the good cheer, please ensure it is not marred by malicious codes and/or harmful contents thus making it a valuable experience for all.

When it doubt, reach out.

We apprecilove your business and support and look forward to serving you even more in 2009.

Thank you and have a great day,

~Brett A. Scudder~
The IT Security Attaché
President/CEO/Chairman/Founder/Security Architect
TITSSN ~The IT Security Suite Network~

Link: http://titssn.net

Good day to you,

On December 1st 2008, TITSSN will initiate a major promotional campaign to promote our Secure Minds Initiative across the 3 primary social networking sites LinkedIn, Facebook and MySpace, in an effort to gather broader visibility/support of the cause. In 2005 TITSSN initiated its Community Outreach Program that created a more personal access and information for/about its security professional members in their local communities so that the needed information/awareness/education/resources for/about IT Security could be effectively disseminated to its residents.

Over the past three years we have integrated this program more deeply into our network as our beliefs in being a physical presence in times of need provides a more comforting and valuable feeling for people. People developed a sense of comfort in talking about their security issues/fears/concerns which in turn allowed us to relay the message of safe internet usage practices and the issues file sharing and illegal downloading of applications, movies and music presented.

As a result of the successes gathered from the Community Outreach Program, we decided to take this a step further and enacted the Adopt an Institution Program in 2006 to create a more seamless integration of this technical knowledge and resources into our educational institutions. As a part of our Adopt an Institution Program, we launched an industry IT Security Scholarship program in 2006 which is geared towards providing financial aid specifically towards IT Security professionals in the institutions that we adopted. In working with the administrative staff and technology teachers we selectively pick students who we see are heading towards higher levels of expertise in the security space and award them with a scholarship that will help towards the financial burdens of getting the training, education and becoming certified. Through our partnership with training and certification leaders such as Training Capital and Netcom we extend these opportunities to these institutions and scholarship winners.

We understood that this needed high level education and awareness was being provided at the college and university levels but there was something critical missing from the converged network, our youths in middle/high schools. These are people who have just as much access to internet connected resources as much as everyone else and in some cases (if not most) they are unmonitored and unprotected while in the home who are developing a sense of style to become tomorrow’s parents, professionals, business executives and educators. These are the people with curious minds who have downloaded malicious codes and other compiled malware/spyware kits and started playing with them in an effort to see what they do and how much of a problem they could really cause.

Over the years we have seen these curious minds creating major issues/impacts on the global technology sector rendering some companies/organizations helpless as they tried to defend against the newly created threats and new waves of attacks/exploits. These young curious minds are craving for a piece(s) of the technology resources/infrastructure and if not nurtured to understand what they are and how to choice between being on the good or bad side then we’re in for a very hectic future riddle with nonstop problems and critical effects from these young creative and curious minds.

As a part of our Adopt an Institution Program, we launched an industry IT Security Scholarship program in 2006 which is geared towards providing financial aid specifically towards IT Security professionals in the institutions that we adopted. In working with the administrative staff and technology teachers we selectively pick students who we see are heading towards higher levels of expertise in the security space and award them with a scholarship that will help towards the financial burdens of getting the training, education and becoming certified. Through our partnership with training leaders such as Training Capital and Netcom we extend the training and certification opportunities to these institutions and scholarship winners.

No one knows how much this is problem more than we do as we’re the ones being called in to fix the issues, explain how they happened, what are the impact(s) and how to fix/mitigate them going forward and putting the needed technology and resources in place to block/stop/prevent them from happening again. TITSSN’s advantage in the IT Security space is that we work with everyone and does not care if it is a home user, consumer, small business, educational, government or enterprise, our mission is to deliver the needed security to every device with internet connectivity and help with the education and awareness of how to properly use these resources to be safer and more secure while maintaining the full user experience of the World Wide Web. The more devices come into the technology space with these connectivity features is the more ways in which the bad guys can exploit them and use them to create severe issues with critical impacts/effects.

This is an issue in the home, schools, business places and everywhere that the internet presents its access/resources and with this access/resource should be the associate knowledge/education/awareness as to what it is and the problems it presents and why it is very important to stay on top of them.
Do not be naïve to these issues, the internet is here to stay and is the future of our connected/converged world and it is only going to get worse unless we start the education and awareness early.

In 2007 TITSSN decided to take this initiative to a more formal level and started working on the Secure Minds Initiative and how to integrate it into the school system which we further launched in 2008 as a featured program/initiative. The mission of the Secure Minds Initiative is to create an educated/aware resilient global network of IT Security Minded people who can secure and protect themselves from IT/Internet threats. The year 2008 was a very rough one for our network as we had major changes in our local chapters across the US that removed key leadership members and we had to create quick responsive backing and support for those chapters. This created a bottleneck for us and so we didn’t get to launch a few key programs as we had planned but will be doing so in early 2009 as we’ve restructured the network and is now fully functional and running full speed on all processors.

Now that we have this program and its mission embedded into the networks initiative, we have reached out to our network (vendors, consultants, VARs, business owners/executives, technology advisors, educators, mentors, professionals) with a request to help in the adoption, support and promotion of this initiative and we are very happy at the receptive responses so far.

The contributions gathered have and are being used in our community outreach programs to host and sponsor IT Security specific events, scholarships, forums and groups as we work to disseminate the message of why IT Security is a critical issue that needs to be addressed today for a safer and secure future tomorrow.

So it is with this mindset that we call on you to help in this initiative by joining us on either LinkedIn http://www.linkedin.com/e/gis/1397757, Facebook http://apps.facebook.com/causes/164545?recruiter_id=22179324 or MySpace http://www.causes.com/myspace/causes/164538?e=00fd116d&recruiter_id=33080893 as we build on it.

This initiative will hit every major social network by the end of the year so look forward to seeing much more info on it as we continue to contribute toward its mission.

Thank you and have a great day,

~Brett A. Scudder~
The IT Security Attaché
President/CEO/Chairman/Founder
TITSSN ~The IT Security Suite Network~

Link: http://titssn.net

Good day to you,

For the people that are close to me and know me in person they will tell you that I am not a stranger to life threatening or life changing issues. I always use these issues as a measure of my resilience, receptiveness, leadership and professionalism as with every challenge/issue I become stronger as a person. We all go through challenges everyday and in so doing come out one way or the other, you win or you lose. It is not every day that a life changing issue is taken to the level where one actually has a change in their lives because of it and this week has been an empowering week of challenges and issues that I must say have once again changed my life and my perceived view on some personal things.

I will honestly say this is for the better but will require making a personal sacrifice that I have long been trying to steer away from but I now know that to reach that new height/level I must do this to get past it. I feel that personal empowerment coming on but this issue is blocking me from reaching out and grasping it with both hands but now I have to do what I have feared for a long time, let go and grab on to that new inner power and get ready for a new year with many more challenges and issues.

I see all problems as challenges and with every challenge comes the power to tackle it but whether you win or lose is up to you and how much you fight the challenge and want to win. For me, I always over come my challenges one way or another and in the end I weigh in on the battle to see if what I lost (if I lost anything) was worth the gain. Sometimes we tend to analyze things too much and in the end we lose the battle not to the actions but to the thoughts and mental powers that it took to overcome them.

As I look forward to a new year I am reminded of the question my 7yrs old son once asked me last year. He said,

Daddy, what does a new year mean for you, do you get older, taller or smarter or what?

Well, I was more surprised at the question rather than answering it but I said to him, well, I know I will get older by a number because that’s what each new year brings and I may get taller because I am still growing but, while all these things are happening I am hoping to get much smarter in the process by filling my brain with the knowledge, info and resources needed to maintain being smarter while getting older and taller.

I now move forward with my overcoming this challenge and looking forward to a new year and many more.

~Brett A. Scudder~
The IT Security Attaché

Link: http://titssn.net

Season’s Greetings everyone.

TITSSN wishes everyone in the US a safe, secure, peaceful and happy Thanksgiving holiday season. It is a great time of year where family and friends get together to spend time and have some relaxing moments. It is also that time of the year where Black Friday and Cyber Monday presents hackers and other criminal elements the opportunity to target and make successful attacks on those who are not alert and aware of their tricks.

Please practice safe and secure internet usage during this time as the levels of attacks and exploits are very high. Be careful when opening greeting cards and other forms of holiday cheer as the effects may be severe. When sharing those holiday pics online, be sure to know how and where you’re adding them so as not to attract any unneeded profiling or stalking predators. Please keep in mind that some networks are more public than you think so what you’re sharing and with who may be bigger than you think.

When accepting IMs, ensure that it is from someone you know and that the person is indeed sending you the attachment and it’s not just coming from s compromised system. Send a quick response back saying "hey, are you trying to send me a file(s)?" to help verify that someone is on the other end that did initiate the transfer.

When opening emails with attachments, please check the recipients info carefully and validate that it is from someone you know. Trusted people/senders are also a high risk if not properly verified.

When opening links to other websites in those emails, please check to see that the link does refer to the correct destination/site and not some other site that may lead to a drive-by-download of malicious codes and threats.

When in doubt, reach out.

This is just a message of safety/security education and awareness from your friendly and concerned IT Security friends at TITSSN.

Have a safe and secure holiday season.

~TITSSN~

Link: http://www.htc.com/us/product.aspx?id=71530

Good day to you,

What can I say but wow, this is a very nice device and I finally found some quality time to play with it.

Coming from the HTC Mogul to this gave me some uncomfortable feelings with the device but I must say, it is still a sweet device to have and hold till the next best one comes long.

The touch, the feel, the loaded apps and new functions/features. Oh yea, forget all that, my most favorite app/feature so far is the Opera Mobile browser with tabbed browsing. Yep, now you can have 3 simultaneous websites open and working while running on the high speed 3G connectivity of the data network.
What I love about it.

The faster processor - Qualcomm® MSM7501A™ 528 MHz
Windows Mobile® 6.1 Professional
The additional built in memory. ROM: 512 MB - RAM: 288 MB
The support for 16GB memory sticks.
The built in GPS and navigation system.
The new build in apps and services.
TouchFLO™ 3D - Touch-sensitive navigation control - Motion G-sensor
Connectivity - Bluetooth® 2.0 with Enhanced Data Rate and A2DP for stereo wireless headsets - Wi-Fi® : IEEE 802.11 b/g - HTC ExtUSB™ (11-pin mini-USB 2.0 and audio jack in one)
Sprint’s Network Dual-band (800/1900MHz), CDMA2000 1xEVDO Rev. A/1xRTT and IS-95A/B voice or data with up to 1.8 Mbps up-link and 3.1 Mbps down-link
Built in active directory domain support and enrollment.\
The 2.8-inch TFT-LCD flat touch-sensitive screen with 480x640 VGA resolution.
Tabbed browsing through the Opera Browser.
Integration of the top 3 IM clients/services.
Video Out so I can do presentations from my phone (i’ve been waiting for this one for a while).
Internet sharing, printing and faster network processing speeds.
The addition of the YouTube player will get a lot of attention even more than the Sprint TV.
An more….

I love the part where the device asks if you want to run it in Activesync or file storage mode when you connect it to a PC. Sometimes I just need the storage piece and not the activesync functions/features but you couldn’t do that before but now you can. Simply a well needed feature and I’m so glad they added it.

My disappointment comes in a few issues.

1. The screen should have been bigger. Too much space used up by the top keys when visibility was most essential. The HTC logo and navigation key took up needed screen space on the front and that’s one thing I loved about the iPhone, lots of screen space to see and manipulate viewing.
2. The changed up the speaker and now it sounds like the cheap ear pieces you get on the streets.
3. When using the TouchFLO the system is slowed significantly. If this was supposed to be the base of the device they should have enhanced it more for it to run more smoothly.
4. The message icon in the TouchFLO setting only shows up to 99+ message alerts. I like to see my actual numbers.
5. The keys are smaller than those of the Mogul where you get the extra line of keys from. The Mogul had 4 lines of keys which was quite fine for those with slightly bigger fingers than others and now they packed even more into the keyboard so the keys are flat and smaller making it harder to type on.
6. The device slide open from the left which is kind of awkward as sliding from the right is more suitable for a right hander like myself.

Anyway, I just wanted to give you guys an update as I wanted to release the review over the past weekend. I will release it by Wednesday if my schedule permits. As you can see from the first image, they came out a little bigger than expected because of the skin that was used and so I have to redo all 30+ of them to smaller sizes.

Here are a few images of the device in use.

The TouchFLO Home Page/Today Screen





The Default Windows Mobile Today Screen - some of my app plug-ins are on
there as well.



The Device Info/Specs.




The Weather - very important as i’m always on the road and need constant
weather alerts and updates.


The settings and config page.


The Internet.


The Start Menu.


Instant Messengers - AIM, YIM and Windows Live Messenger - all configurable
from one screen.


Opera Mobile - in tabbed view.


Opera Mobile - 3 tabs limit.


Storage Encryption is still available and I hope everyone uses it.


The device when opened.



Thank you,

~Brett A. Scudder~

Link: http://titssn.net

Come on now MySpace, 10 characters long password restriction is ridiculous these days, please give us more.

Can you imagine that, MySpace has a 10 characters limit for passwords. I was working on my MySpace page today (it’s been a while, a year to be exact) and decided to change my passphrase. Well, lo and behold the dreadful red flag came up saying I cannot use more than 10 characters. I was like (well let’s just say the words that came out are not appropriate for this publicly viewed board (laughing out loud and hysterically)).

Who wouldn’t want to secure their social networking site/page in a serious way with a long passphrase (notice I said passphrase and not password)?

My current passphrase doesn’t fit in. It’s too long and goes like this, I-L0v3_My-m0mm4- s0_ much-1t=hurt$-:-). Try logging into 10 sites for the day with that and see how it feels. I once got an reply from a site saying it was too complex but I’ve never gotten one that said it wasn’t secure enough.

Hey MySpace, wake up and smell the security issues here, extend the character set please so that I may properly protect my account/information with my secure passphrase.

Can you believe it?

That reminds me, my web hosting company is the same but even worse, they allow 7 characters for account passwords (i’m shaking like a leaf at the thought of someone hacking my account with such absurd password policies). I pray to God that he protects those 7 precious characters for me please. I need to elevate this issue immediately. I had planned to in the beginning but got consumed by so many other issues it got lost in the wind. I must revisit these issues this week and check out my other critical websites to see if they are possessed with this flaw.

I will also sign a new internet bill that state the minimum character set for account password should be 15 characters. Now we’re talking.
If my account is hacked or compromised due to the inability of the web hosting provider who is to blame?

I’m off to write this new bill and send it to the president elect for him to sign off on it. I am sure he will agree since his wireless account was recently hacked. He probably had some kind of account limitation as well that led to an easy hacking of his account. So sad.

Geez.

Greetings Mr. President elect sir, may I have a word or two :-).

~Brett A. Scudder~