Internet Explorer 8 – Does Not Remember Password

Problem: Internet Explorer 8 won’t remember the user’s password information for a website

Symptoms:

User starts IE8, types in “salesforce” in the address bar, which automatically brings him to to Salesforce.com. He clicks on the Login link, enters his Username and Password, checks off the box that says “Remember User Name”, and goes about his work. Afterwards, he closes out IE8 and then reopens it later on. He proceeds to Salesforce.com again, but it takes him to the login page and prompts for the password (User Name field is already populated). It should remember his password and log him in automatically.

Solution:

I added salesforce.com to the list of websites to be always allowed to use cookies (in the Per Site Privacy Actions in the Privacy tab of Internet Options). The change did not work. Next, I tried deleting all browsing history and made sure the “Preserve Favorites website data” was checked off (Press the Delete button under Internet Options –> General Tab –> Browsing history) and the “Delete browsing history on exit” option was NOT checked off . This too, did not work.

What did work was deleting all the salesforce.com bookmarks from the user’s Favorites!

Spyware On Every Android (And Possibly Blackberry) Phone Out There

Per Gizmodo – Spyware on every Android (and possibly Blackberry and Nokia) phone out there…

If you have any decently modern Android phone, everything you do is being recorded by hidden software lurking inside…

Carrier IQ’s software is installed in your phone at the deepest level. You don’t know it’s there. You are never warned this is happening. You can’t opt-in and you certainly can’t opt-out.

The commercial spyware sits between the user and the applications in the phone so, no matter how secure and private your apps are, the spyware intercepts anything you do. From your location to your web browsing addresses and passwords to the content of your text messages.

This even happens using a private Wi-Fi connection instead of the carrier 3G or 4G connection.

Read more on Gizmodo –> Your Android Phone Is Secretly Recording Everything You Do.

ID Theft – And So It Begins…

I’ve written about ID theft before. Never thought I’d experience it, first hand. But I guess it’s bound to happen to everyone, the way they’re hacking nowadays. Found out yesterday, some wonderful slime ball walked into an Apple Store last week, used my SS# and driver’s license# to open a couple of AT&T Mobile Wireless lines, in my name. He also bought a couple of iPhones but paid in cash. I found out because I received a bill from AT&T for the two lines, along with two Welcome packets, thanking me for choosing AT&T.

I’ve never been an AT&T Wireless customer, nor have I ever been in an Apple Store [until today].

Based on the info that was used, I kinda got the feeling some financial institution I deal with had their servers hacked, and info stolen.

HuffPost – Texas Exposes Private Records: State Accidentally Releases 3.5 Million Personal Records

Epsilon e-mail Marketing Breach

By now, you may have heard of the security breach at mass email marketing company Epsilon, where the names and email addresses of thousands, if not millions, of people have been stolen. The current list of companies include:

  • 1-800-Flowers
  • AbeBooks
  • Ameriprise Financial
  • Barclays Bank
  • Best Buy
  • Brookstone
  • Citibank
  • Disney Destinations
  • Hilton Worldwide
  • JP Morgan Chase
  • Kroger
  • Lacoste
  • Marriott International
  • McKinsey Quarterly
  • New York & Company
  • Robert Half
  • Target
  • Tivo
  • US Bank
  • Verizon
  • Walgreens

The warning emails are starting to role in. This one from Target:

When will it become Standard Operating Procedure, and an industry standard, if you are storing customer info, to store it in an encrypted database! It can’t be that difficult!! The money you are spending on the resulting PR, could probably have been used to secure the database.

I blame, not only Epsilon, but also the companies that dealt with Epsilon for not making it a requirement that the customer info be encrypted.

NYT-China Tightens Censorship of Electronic Communications

SecureID firm, RSA, has it’s servers hacked

Man, security is getting tougher. When the servers at a well known security firm get hacked, we need to rethink our security protocols and business practices. From Sophos/Naked Security:

Hackers have broken into the servers of RSA, the security division of EMC, and stolen information related to the company’s SecurID two-factor authentication products.

Read the full story @ Sophos.com…Security firm RSA warns that its servers have been hacked | Naked Security.

Obama Eyeing Internet ID for Americans – Tech Talk – CBS News

President Obama is planning to hand the U.S. Commerce Department authority over a forthcoming cybersecurity effort to create an Internet ID for Americans, a White House official said here today.

If it weren’t for the Wikileaks debacle (nice security there guys!), the fact that government programs can’t be financed properly (Social Security, Medicare, the Postal Service!), I’d say ok, let’s give it a try. But not with this government. Me no trusty.

But they say:

Schmidt stressed today that anonymity and pseudonymity will remain possible on the Internet. “I don’t have to get a credential if I don’t want to,” he said. There’s no chance that “a centralized database will emerge,” and “we need the private sector to lead the implementation of this,” he said.

Yeah right. But ultimately, we won’t have much of a choice if you want to do business online.

Read more…Obama Eyeing Internet ID for Americans – Tech Talk – CBS News.

Computerworld – Microsoft Cloud Service Hit With Data Breach

Get used to it. Moving things to the “Cloud” is becoming more popular. So will the data breaches…

Company data belonging to customers of Microsoft’s hosted business suite BPOS has been accessed and downloaded by other users of the software.

Read more…Microsoft BPOS cloud service hit with data breach – Computerworld.

Spam Taking Advantage of Gawker Hack

We know that Gawker Media had it’s databases hacked, releasing millions of usernames and passwords.

Now spammers/hackers are taking advantage of that story to send out spam emails like this:

Beware…