I've read anecdotally that Wordpress is pretty flawed from a security standpoint, and I'm wondering if any of the issues in this article have been patched in the four years since it was published (there have been a lot of updates since then). And if so, what are the current concerns about WP security? Anything a site owner like me should be concerned about, or watching for?
To the law people out there: I work for a small company that recently signed up with a new health insurance company. For various reasons I declined the coverage, but I am getting bombarded by requests for personal information. Here's the actual latest message that I received after I informed them that I do not wish to participate: Hi C13, For any employees at Small Company to get health insurance, you need to complete your application. All employees must complete an application, regardless of whether accepting or waiving coverage. [more inside]
I've used the Chrome browser with the LastPass extension for years, and for years it's been set to refuse automatic access to accounts such as Facebook, metafiilter, GMAIL, etc, unless I type in the master LastPass password. Suddenly, this has changed, and Chrome refuses to forget my passwords....it's driving me nuts! [more inside]
I need to put the fear of God into some foolish, negligent users. I'm looking for examples of organizations that were hit with some kind of horrible malware (like CryptoLocker) or had sensitive data stolen -- all because of a really stupid action by an employee. [more inside]
My Instagram was hacked into earlier today, and both the password and associated email were changed. [more inside]
Trying to track down a short science fiction story involving compromised (in the infosec sense) wireless audio implants. [more inside]
For at least the immediate future I'll need pass through security in a federal courthouse without the benefit of employee ID, which means going through a metal detector. I need a durable, metal-free belt (leather or otherwise) that fits standard 35mm belt loops and looks reasonably presentable in a casual-end-of-business-casual environment. Thanks!
My fiancé and I have a flight out of JFK at 7am on April 8th. I got a weird email from our airline (JetBlue) last night, warning us to get to the airport even earlier because of longer wait times at security checkpoints. [more inside]
My work computer is 5 years old and is not responding well to the latest Office upgrade. It only has 4 GB RAM and my tech guy tells me that I need a new laptop. So, yay, but I have been using this laptop for everything for 5 years and I want to make sure that all my personal info and passwords are cleared before turning it in. So, how do I do this? (oh, it's a Latitude E6510, if that matters)
I know there are a lot of good programs that will allow you to encrypt part or even all of the files/folders on a portable HDD. I am looking for a simple way to password protect the whole HDD so that if it is attached to any computer, a password is needed to access it. I know that is not as 'good' as encryption', but that is all I need. TIA.
I'm interested in getting a home security camera. Please advise. [more inside]
I lost a Chromebook that I was signed into with my main Google account. What steps, if any, should I take to ensure that nobody gains access to my account or data? [more inside]
My wife is turning 65 in a couple of months,, and is receiving a deluge of offers and advertisements for private companies offering drug plans, part D coverage, supplemental coverage, part B coverage, etc, etc, etc, etc. On a daily basis. It's overwhelming. How in the hell is anyone supposed to make sense of this shit and make an informed decision?
A stranger's Facebook Ads account was somehow connected to my personal Facebook profile. How do I disconnect it? [more inside]
Looking for something simple that will let me see on my phone a) that the garage door is closed (its usually dark in there) and b) capture video (and audio would be awesome) when motion triggered of our cats scrapping at home. I'm thinking this would be 3 cameras, if something is easier to manage a set of cameras thats a plus. Would love something that alerts me to motion, then I get to see the video hoping for a crazy match. Suggestions?
My friend, on SSI disability, is approaching retirement. She thinks, why don't I just drop one for the other? I have earned benefits; that I will soon be eligible for; why not accept? Aren't they based on the same numbers? Wouldn't my SS benefits be based on the same earnings that the SSI were? Given that I was unable to work after being disabled?
We're concerned that neighborhood malcontents might be trying to hurt our dog. More inside. [more inside]
I know there have been a million shows like this before, but I'm looking for a particular show where a team of people were hired to test security and reveal vulnerabilities. [more inside]
I have a Dropbox account that syncs to my work computer. It has a personnel folder. Occasionally, work staff need access to my laptop, like install programs. How can I give these tech-savvy staffers access to admin-level privileges on this machine while securing the personnel subfolder? In my ideal solution, they could log in under my username and access most Dropbox files, but they (or I or anyone) accessing the personnel folder would have to enter a password. Is this possible?
On my Google Dashboard, it says I have an insane number of views for my "Google Sites". I don't know what this is or why this would be the case or even what "sites" are. I have tried using the developer module to research this, but honestly it is over my head. Can anyone help? Thanks in advance.
I have personal tables I'm using within the Wordpress database for my own data storage and manipulation purposes. How can I protect these *most easily* from sql injections and/or whatever other evil lurks? [more inside]
What can I do to make my iPhone more secure? Difficulty level: 1984. [more inside]
I'm worried I've done something deeply stupid and potentially made my PC vulnerable. Full details below the fold. [more inside]
I'm writing an article about climate change in relation to terrorism for my college newspaper and came across a Wired article which said: Then there’s the fact, says [Joshua] Busby, that framing climate change as a military issue could lead to military solutions, not environmental ones. (more from the article in the extended explanation section) So my question: what would be some effective ways to defend his argument? Can anyone cite instances in history that would support this? I can't seem find anyone else who shares his sentiment. [more inside]
My MacBook Pro was stolen last night. The disk was encrypted with FileVault and the login passwords were non trivial (good enough for petty thieves though probably not hackers skilled in the art). I told iCloud to lock it down and erase it on first contact. Will the thief and his friends be able to do anything with this machine, or is it just a paperweight at this point? [more inside]
Best security software for my new Windows 10 laptop? Any other advice to ensure my computer's life gets off to a good start? [more inside]
First world problem: Went to go pack for Holiday flight today. Opened an order I placed from Macy's.com and somebody left the hard tag sensor on it... sigh. I don't have time to take skirt and receipt into the store before flight. Can I pack this in my bag I'm checking so I can bring it into Macy's when I get there? Or do you think it will set off some kind of security thing when they scan it? I'm overthinking, as usual! Pic attached [more inside]
I've been using Thunderbird a very long time. It's mostly great, but it's tied to my single work computer. The address book, complete with recipient photos; send messages; archived messages in a huge set of folders. What's a good web-based alternative? (Hint: not Gmail.) [more inside]
We've had at least two instances of people who are not supposed to be in the apartment building being in the building since we moved in July. One in late October; one yesterday/today. I don't know what, if anything, I need to be doing right now, both from a perspective of "I like my apartment building being secure" and a mental health perspective. So many words inside because what do I do, oh god. [more inside]
I have a writing forum on proboards, it has the qwebirc chat app on it and a new member can't get it to work, is it an issue with one of them? [more inside]
I'm the Churchwarden (basically, lay person responsible for physical plant) for an Episcopal congregation in inner-city Chicago. I need to replace a door. For this, I need the help of the hivemind. [more inside]
Please recommend a trail / security camera setup to help capture various critters in our back yard, and which can double as a security camera. Details / requirements inside. [more inside]
Like many people, I've accumulated a stash of documents that are important to me and my family in some way (deeds, birth certificates, marriage certificate, passports) and some are difficult/impossible to replace (immigration paperwork, ancestral information). Right now they all sit in a plastic Tupperware box on the bottom shelf of an IKEA bookshelf. I was thinking that maybe they should be a little better secured. Is a safety deposit box the right answer or a safe? I'm having a hard time choosing. [more inside]
I'm scheduled to visit Brussels from Wed-Sun this week, and given the high alert and reports that seem to suggest shops, public places and events will be shut, I'm concerned that I've picked about the worst possible time. [more inside]
The Wordpress blog that I manage is being attacked from Tor nodes. Is there anything that I can do about it? [more inside]
My 13 year old daughter has just started boarding school. When she leaves her phone unattended for even a minute, one of her roommates snatches the phone and uses it to send lurid "sexts" to a boy my daughter likes. My daughter is now facing disciplinery action for these messages. How can she protect her phone? Passcodes she forgets, or tells someone. I've looked at fingerprint ID, facial recognition and other methods but they all come up lacking. What do you guys suggest? She has an iPhone 4s.
Comcast is offering me a deal that includes security. I can get out of my existing home security for it. It's a very basic ADT - and they're pretty scummy too to deal with. I wanted to hear (hopefully) from the people who have used them or chose not to use them. I'm looking for deal breakers; things they don't do or that they should be doing. [more inside]
I'm looking for resources/explanations of how to tell if someone is intercepting my SSL traffic. [more inside]
Small office seeks a four camera + DVR setup for security. Not hidden cameras. Best options, best values? Things to watch out for?
I downloaded gmailnotifier from gmailnotifier.com and setting it up, it requested my password. Obviously it needs this information but how can I be sure that it won't abuse it? How do you know what software to trust? [more inside]
Our PTA wants to get a Square reader for the stuff we sell at fundraisers. Are there any potential pitfalls we should be aware of? [more inside]
Should I attempt to re-key every lock in our new house, or buy new deadbolts and knobs? We're talking about two entry way doors, two external security doors, and one driveway gate with a deadbolt on it. There are a mix of different brands in the existing hardware. [more inside]
Do you know of a "lifetime" subscription or membership or purchase that you recommend or that seems interesting or a good deal? (An opportunity to pay once and reap ongoing benefits/dividends indefinitely.) In this modern era of low job security, I think I'd like knowing I'll always have a few Nice Things (or simply just reliable things) regardless of what financial turbulence the future may bring, so I'm curious what might be out there along those lines. [more inside]
Just got a huge promotion (equivalent of Partner at one of the Big Four Professional Service firms). I want to give an individual surprise gift back to each of the team of computer hackers / security gurus who I lead and who helped me get here. Ideas? [more inside]
My laptop has a smartcard reader (writer?). I'd like to use this but it seems they are the domain of government IT and corporate enterprise solutions - I can't find much info to help a curious hobbiest get started or do anything with it. Is there smartcards-for-dummies info out there? What fun (or security-related) things could I do with a smartcard reader? [more inside]
I have a new role where I will soon have to speak to IT Directors about Information Security. Good general primers out there to get me started on Infosec? [more inside]
I have a database table with sensitive (read as personal, non-financial) information inside our office locked-down network that I need to expose to users on a website. What's the best way for me to expose this data without exposing us to unnecessary risk? [more inside]
Our windows have pretty standard screens on them. We'd like to open our bedroom windows at night in the summer, but we worry about our indoor cat accidentally popping them out and escaping. Are there screens that are extremely hard to remove from inside? [more inside]
Where do you go to find the most up-to-date news on Android security issues--especially the current Stagefright problems? [more inside]
I help a nonprofit manage their WordPress.org site. I am looking for recommendations for services that backup, update, and secure WordPress sites. [more inside]