AceSecurityDesk – Think you’re using strong passwords for your vital tech? You might want to think again.
@acenewsservices
Ace Press News From Cutting Room Floor: Published: Nov.21: 2023: 7News: TELEGRAM Ace Daily News Link https://t.me/+PuI36tlDsM7GpOJe
A global password manager says 70 per cent of Australians’ passwords can be cracked in less than a second.
Researchers from NordPass have compiled a list of the most-used passwords in 2023.
They did so in partnership with independent researchers specialising in cybersecurity incidents.
The boffins crunched 6.6TB of data across 35 countries to come up with the most commonly used passwords.
At the top of the list in Australia? “Banned”.
The usual suspects also crack Australia’s top 20, with “123456”, “password” and “abc123” among the most common in 2023.
NordPass’ study revealed Australians use the weakest passwords on their streaming accounts, and the strongest on their bank accounts.
“This could be associated with people jointly managing shared (streaming) accounts and using easy-to-remember passwords for convenience,” said NordPass chief technology officer Tomas Smalakys.
Smalakys said internet users loved passwords associated with online games, movies or fiction.
“While ‘Starwars29’ is ranked among the most common passwords in Australia, ‘Aladdin66’ is trending in Taiwan and ‘Supermario12’ in Austria,” he said.
“The password ‘gtasanadreas123’ was also popular in Mexico.”
In the five years of conducting the research, “123456” was the most commonly used password for four of those years.
Australia’s top 20 list:
1. banned
2. 123456
3. admin
4. password
5. 1234
6. qwerty123
7. 12qwasZX
8. 12345
9. 12345678
10. qwerty
11. Qwerty123
12. 123456789
13. Starwars29
14. welcome11
15. ********
16. Deadman01
17. Password1
18. 111111
19. Password
20. abc123
NordPass tips for better cybersecurity
1. Create long and complex passwords
“123456 just doesn’t cut it anymore,” Smalakys said.
“Easy-to-guess passwords essentially equal unlocked house doors.”
2. Adopt a password manager
Using a third-party password management system can help protect from hackers targeting information from your browser.
3. Start adopting passkeys
Passkeys are considered the future of online authentication, but they won’t be completely replacing passwords just yet.
4. Stay vigilant
Be cautious of what you download or click on, to avoid malware hidden in things such as phishing emails.
Editor says …Sterling Publishing & Media Service Agency is not responsible for the content of external site or from any reports, posts or links and thanks for following as always appreciate every like, reblog or retweet and comment thank you
AceBreakingNews – In a surprising move, Apple has announced today that it will adopt the RCS (Rich Communication Services) messaging standard. The feature will launch via a software update “later next year” and bring a wide range of iMessage-style features to messaging between iPhone and Android users.
Apple’s decision comes amid pressure from regulators and competitors like Google and Samsung. It also comes as RCS has continued to develop and become a more mature platform than it once was.
RCS brings iMessage-style features to cross-platform texts
In a statement to 9to5Mac, an Apple spokesperson said that the company believes RCS will offer better interoperability for cross-platform messages.
Later next year, we will be adding support for RCS Universal Profile, the standard as currently published by the GSM Association. We believe RCS Universal Profile will offer a better interoperability experience when compared to SMS or MMS. This will work alongside iMessage, which will continue to be the best and most secure messaging experience for Apple users.
RCS brings many iMessage-style features to cross-platform messaging between iPhone and Android devices. This includes things like read receipts, typing indicators, high-quality images and videos, and more.
Apple’s implementation of RCS will also give users the ability to share their location with other people inside text threads, the company says. Unlike regular SMS, RCS can work over mobile data or Wi-Fi as well.
But at the same time, iMessage isn’t going anywhere. It will continue to be the messaging platform used for all communication between iPhone users. RCS will simply supplant SMS and MMS and exist separately from iMessage when available. SMS and MMS will also continue to be available as a fallback when needed, Apple says.
This is not Apple opening up iMessage to other platforms. Instead, it’s the company adopting RCS separately from iMessage.
Apple also reiterates that iMessage is far more secure and privacy-friendly than RCS. iMessage is end-to-end encrypted, and Apple just took that up a notch with Advanced Data Protection for Messages in iCloud. Meanwhile, Apple says that RCS does not currently support encryption that is as strong as iMessage.
Apple’s decision to adopt RCS follows years of pressure from some of its competitors, including Samsung and Google. Until today, the company resisted that pressure and instead doubled down on iMessage. It has, however, rolled out some improvements to the SMS experience between iPhone and Android devices.
For example, Apple added better support for Tapbacks in iOS 16 for conversations between iPhone and Android users. With iOS 17, Apple also brought features such as threaded replies and message editing to iPhone users (but not Android users) in SMS group chats.
Finally, Apple says it will work with the GSMA members on ways to further improve the RCS protocol. This particularly includes improving the security and encryption of RCS messages. Apple also told 9to5Mac that it will not use any sort of proprietary end-to-end encryption on top of RCS. Its focus is on improving the RCS standard itself.
For comparison’s sake, Google’s implementation of end-to-end encryption is part of the Messages app on Android rather than the RCS spec itself.
9to5Mac’s Take
We’ve come a very long way since Tim Cook’s rebuttal of RCS back in 2022. At the time, Cook said that Apple hadn’t heard from many users “asking us to put a lot of energy” into bringing RCS support to the iPhone. “Buy your mom an iPhone,” Cook said when asked about the lackluster SMS experience.
Later that year, a report from Bloomberg said that Apple was not considering – at least at that time – adding RCS support to iPhone.
The elephant in the room is impending legislation in the European Union that could’ve ultimately required Apple to open up iMessage. Apple has pushed back against this legislation, the Digital Markets Act, arguing that iMessage is not big enough in Europe to qualify as a “gatekeeper service.”
Just last week, it was reported that Apple is set to appeal to the European Union about the inclusion of its App Store and iMessage services in the Digital Markets Act. Nonetheless, Apple is getting ahead of any potential regulatory problems with today’s announcement.
When RCS support launches later next year, the limitations of SMS and MMS will no longer haunt (most) messaging conversations between iPhone and Android users. Availability can still vary from carrier to carrier, but all three major US carriers support RCS, as do the vast majority of other carriers around the world.
Editor says …Sterling Publishing & Media Service Agency is not responsible for the content of external site or from any reports, posts or links and thanks for following as always appreciate every like, reblog or retweet and comment thank you
AceBreakingNews – Chinese tech stocks in Hong Kong plummeted on Friday shortly after a massive decline in Alibaba Group shares that followed the online retailer’s announcement to scrap plans to spin off its cloud business.
@acenewsservices
Ace Press News From Cutting Room Floor: Published: Nov.18: 2023: RT Business News: TELEGRAM Ace Daily News Link https://t.me/+PuI36tlDsM7GpOJe
Alibaba Group’s Hong Kong shares dropped 10% a day after the e-commerce giant said it would shelve its planned cloud spinoff due to major uncertainties over US restrictions on exports of chips used in artificial intelligence (AI) applications.
The Hang Seng Index, which represents the 30 largest technology companies listed in Hong Kong, shed 2.12%, or 378.63 points, to close at 17,454.19. Meanwhile, the Hang Seng China Enterprises Index lost 2.33%.
Alibaba’s shares are down close to 15% year-to-date, underperforming the broader Hang Seng index’s 11.2% decline in the same period.
Alibaba Group, once the most valuable in the Asian stock markets, was worth around $830 billion at its peak in October 2020. However, after the major online retailer took center-stage in Beijing’s technology sector crackdown its value dropped to less than one-fourth of that amount. The devaluation had been also exacerbated by a slowdown in Chinese economic growth.
The company’s latest announcement, which underscores a reversal of its ambitious plans to carve out the cloud business as part of the biggest restructuring in Alibaba’s 24-year history, comes amid increasing concerns over US export restrictions.
Earlier this week, similar worries were raised by Chinese tech giant Tencent which said that the curbs would force it to seek domestically produced alternatives.
Washington introduced curbs on its most advanced computing chips used for artificial intelligence and chip-making equipment in 2022 with the aim of stalling China’s ability to manufacture and develop advanced semiconductors that boost its military capabilities. The list of restrictions has since been expanded, and a number of Chinese tech firms were blacklisted.
Editor says …Sterling Publishing & Media Service Agency is not responsible for the content of external site or from any reports, posts or links and thanks for following as always appreciate every like, reblog or retweet and comment thank you
AceBreakingNews – This morning Optus’s chief executive Kelly Bayer Rosmarin faced a grilling about the telco’s unprecedented network outage which left 10 million customers without access to phone and internet services: Here’s a look at what she had to say.
Optus CEO Kelly Bayer Rosmarin fronted the Senate inquiry following the outage. (ABC News: Simon Beardsell)none
During the hearing we learned more about what caused the outage, as well as revelations like the fact Optus deals with “millions” of cyber attacks every year.
@acenewsservices
More than 200 calls to triple-0 failed during the outage
“There were 228 triple-0 calls that were unable to go through, and we have done welfare checks on all of those 228 calls,” Ms Bayer Rosmarin said.
“Thankfully, everybody is OK.”
Ms Bayer Rosmarin said Optus’s technical teams were still investigating why some triple-0 calls failed, because they should have worked despite the outage.
“We don’t run the triple-0 system, we participate in the triple-0 system,” she said.
“The triple-0 system is meant to be able to pick up the traffic when we have an outage like this.”Greens senator Sarah Hanson-Young questioned the Optus CEO during Friday’s hearing.
Senator Sarah Hanson-Young, who is chairing the inquiry, accused Ms Bayer Rosmarin of “wanting to share the blame around”.
However, the CEO insisted “the triple-0 system itself should have helped our customers during the outage”.
Thousands of customers are in compensation talks
Ms Bayer Rosmarin said so far 8,500 customers and small businesses had reached out to Optus to ask for compensation.
She said $36,000 had already been “applied” to customers, and about $430,000 was also under discussion.
When asked whether this had been paid as cash refunds or given as in-kind services, the chief executive said she did not know the details and took the question on notice.
Ms Bayer Rosmarin also said she had no details on the “veracity of the claims” or the specifics.
“I don’t want to make any commitments on what we’re going to pay,” she said.
Kelly Bayer Rosmarin faced a range of questions during the hearing in Canberra today.(ABC News: Simon Beardsell)
However, Ms Bayer Rosmarin indicated Optus was reluctant to pay out compensation for losses more broadly because it would have “far-reaching” consequences for the entire telco industry and other service providers.
“There is no precedent for telcos or other essential providers covering consequential loss,” she said.
“We would welcome being part of that conversation, but don’t see it as our place to lead that.”
Resignation rumours? Optus’s CEO says she hasn’t heard them
“We are aware that Optus experienced a network outage after the upgrade when a significant increase in addresses being propagated through their network triggered preset fail-safes,” SingTel said.
“However, the upgrade was not the root cause.”Optus chief executive Kelly Bayer Rosmarin.(ABC News: Billy Cooper)
When grilled about this, Ms Bayer Rosmarin said Singtel and Optus were working together, and that any reports blaming the Singaporean company for the outage were based on a misunderstanding.
“[The root cause of the issue] was that Cisco routers hit a fail-safe mechanism, which meant that each one of them independently shut down. That was triggered by the upgrade on the Singtel international peering network,” she said.
“That was misinterpreted by media as the root cause being the Singtel upgrade. But the trigger was the Singtel upgrade, and the root cause was the routers.”
Got that?
Cisco said it was continuing to support Optus and provide technical advice.
Cyber attack was a genuine worry for six hours
It took Optus technicians several hours last Wednesday morning to understand what was causing the outage and how to fix it, the inquiry heard.
One of the key lines of investigation was whether the outage was caused by “malicious” activity.
Ms Bayer Rosmarin said there were some “strange coincidences” that made executives worry it could have been a cyber attack.
“For example, when we had the cyber incident [hack in 2022], was the last time the Singtel board was in town — and they were in town again,” she said.
Customers seen outside an Optus shopfront in Gungahlin, ACT, after the outage on Wednesday November 8.( ABC News: Toby Hunt )
Optus’s director of networks Lambo Kanagaratnam said the possibility of the outage being caused by a cyber attack was ruled out by 10:20am.
During the hearing, Optus’s leadership revealed the telco deals with “millions of cyber attacks” every year.
“It’s an ongoing threat and issue that we have to deal with all the time,” Mr Kanagaratnam said.
Senior Optus staff have back-up SIM cards for emergencies
Optus’s most senior staff revealed they carry back-up SIM cards to use if they lose coverage, the inquiry heard.
Mr Kanagaratnam said he carried a back-up SIM from Vodafone, while the chief executive carries two.
“We used to have Vodafone, but now we have Telstra, we vary it,” she told the inquiry.
Router ‘failsafe’ that caused outage not detected in reviews, CEO says
The Senate inquiry unveiled more details about what Optus believes caused the outage. It’s pretty technical, but here’s a brief overview.
According to Optus’s written submission, the outage occurred because roughly 90 “PE routers” — which are used to link different network areas together — took themselves offline at the same time.
The routers went AWOL to “protect themselves” after a software upgrade at STiX, one of Optus’s international networks.
Optus said the issue was caused by the routers’ factory settings, essentially pointing the finger at the company that provided the routers, Cisco.
In a statement, Cisco said: “We can confirm that Cisco routers performed as configured and we continue to advise the customer and provide relevant support.”
The inquiry was also told that no-one at Optus saw this coming.
Ms Bayer Rosmarin said the “specific risk that caused this outage was not identified in any of our reviews”.
“Even though we’d done very detailed reviews … we did not have an articulated clear risk that each one of our 90 routers would independently shut itself down at the same time, using a failsafe on those Cisco routers that our team was not aware of,” she said.
Lack of direct communication with customers was deliberate, CEO says
During the outage, many of you wrote to the ABC frustrated about the lack of direct updates from Optus.
Ms Bayer Rosmarin responded to this criticism today, saying getting the message out via the media, rather than contacting customers directly, was intentional.
She said Optus released a statement at 6:33am AEDT notifying customers of the outage, and also posted an update on social media 6:47am.
Senator Karen Grogan pointed out that most Optus customers would not have been able to read the statement, given it was published online.
In response, Ms Bayer Rosmarin said this was why Optus prioritised doing interviews across radio, print and TV media.
She also said Optus did not want to comment publicly on the cause of the outage until they had investigated it thoroughly.
“I appreciate how frustrating it was for all our customers not to know what the issue was or when it would be resolved, but it’s not because we were withholding information … it’s because we ourselves did not know what the issue was,” she said.
Editor says …Sterling Publishing & Media Service Agency is not responsible for the content of external site or from any reports, posts or links and thanks for following as always appreciate every like, reblog or retweet and comment thank you
Contacting Optus: Message Optus anytime (24/7) via My Optus app remains the easiest way to contact Optus, or call on 133 937.
Who we can help
Individual consumers An individual consumer is a person who uses a telecommunications provider’s services for personal purposes. Most providers only allow one person to be listed as the account holder of a residential account.
Small businesses and not-for-profits Generally, a small business or not-for-profit consumer has up to $3,000,000 annual turnover and no more than 20 full-time employees. We take into account if employees are permanent, casual, and if employment is seasonal or voluntary.
How we can help
Whilst service providers do not offer a fault-free service, there may be remedies available to you when a product does not perform as expected.
These remedies will vary based on individual circumstances but may include refunds for the time you were unable to use the service, compensation, or in some circumstances a release from contract.
We will take a careful approach to considering whether compensation is appropriate. The amount of compensation awarded will be proportionate to the extent of the harm suffered. It is likely most awards of compensation for non-financial loss will be modest.
If you have contacted Optus and are unhappy with its response to your complaint, we may be able to help.
We deal with compensation claims for:
financial loss caused by a breach of an obligation a telco owes a consumer
non-financial loss where an individual has suffered:
embarrassment or humiliation caused by a privacy breach
unusual amounts of stress or inconvenience.
Types of claims for losses
We deal with claims for compensation such as:
lost business profit due to connection delays or network faults
costs of having to pay for alternative services when a telco does not supply agreed services
the costs of repairing a telco’s damage to property
the costs of protecting someone’s safety after a telco discloses a consumer’s personal information, for example an unlisted number or address.
breach of privacy rights resulting in injury to your feelings or humiliation
where an unusual amount of physical inconvenience, time taken to resolve a situation, or interference with an individual’s peace of mind has occurred because of a telco’s action or inaction.
We do not deal with claims for compensation:
for the costs of making a complaint to the Telecommunications Industry Ombudsman
for loss of business reputation
made to penalise a telco.
When assessing your compensation claim, we will consider what steps you took to protect your interests and minimise any losses.
You can only get compensation for losses directly caused by the telco
We assess claims by first determining if there was a breach by the telco. Then we consider the impact of the breach on you.
For financial loss, you will need to give us evidence to show the loss. This will vary depending on the loss you are claiming for.
Faulty services
The Australian Consumer Law sets out consumer guarantees for goods and services and the rights you have when something fails to perform as expected.
When assessing complaints, the TIO assesses whether these guarantees have been met, the extent of the failure and what remedies may be fair and reasonable in the circumstances.
Remedies
The remedy you are entitled to will depend on whether the failure to comply with the guarantee is a major or minor failure.
If your product or service fails to meet a consumer guarantee, your right to a remedy may depend on the type of failure. Some possible remedies that may apply are:
refund
repair
replacement or exchange
compensation
cancellation of contract.
Minor failures can usually be remedied within a reasonable amount of time.
Major failures apply when there is a clear breach, and a product or service cannot be fixed or remedied within a reasonable time.
As telco’s do not offer a fault free service, a one-off outage is unlikely to be considered a major failure which would constitute a cancellation of contract under the ACL.
When we handle complaints about faulty services, we consider what is fair and reasonable in the circumstances having regard to the law, relevant industry codes, guidelines, and good practice.
Compensation amounts
The amount of compensation for financial loss we can award
We can direct a telco to pay you up to $100,000 in compensation. If we estimate the value of the claim is likely to exceed $100,000, we may decide not to handle a complaint because a court or tribunal is more appropriate for your claim.
If you want to make a claim for financial loss, you should be able to show us the loss with supporting information.
The amount of compensation for non-financial loss we can award
The limits on the amount of compensation we can award are:
A maximum of $100,000 for complaints about privacy rights
A maximum of $1,500 for all other complaints.
You can find more information about how we handle complaints about faulty services and compensation in the links below.
Editor says …Sterling Publishing & Media Service Agency is not responsible for the content of external site or from any reports, posts or links and thanks for following as always appreciate every like, reblog or retweet and comment thank you
You must be logged in to post a comment.