Credit where credit is due:

Nov. 12th, 2013 02:47 pm
theweaselking: (Default)
[personal profile] theweaselking
Facebook is doing something very clever. You've all heard about legendarily-incompetent company Adobe's most recent security breach? If not, short version: they lost 150 million sets of user data, poorly encrypted.

Well, what Facebook's done is grabbed the list, and for every email address in Adobe's database that has a Facebook account, they've tried the matching Adobe password against it. And if the passwords match, they've disabled the account and forced a password change. Because even though your Facebook password wasn't compromised, your Adobe password was and *you used the same password in both places*.

This is quite clever. Krebs notes that a couple of other sites are doing the same thing, and, really, more sites should.
Flat | Top-Level Comments Only

(no subject)

Date: 2013-11-12 07:51 pm (UTC)
From: [identity profile] pappy-legba.livejournal.com
For all the legitimate reasons to hate Facebook, their IT infrastructure is very good. Along with things like this, they're developing the Open Compute architecture (open-source alternatives to the sort of high-end network gear that Cisco usually has a near-monopoly on).

If only they would use their powers for good more often.

(no subject)

Date: 2013-11-13 02:32 am (UTC)
From: [identity profile] skington.livejournal.com
They're not allowed to. They've gone public.

(no subject)

Date: 2013-11-13 05:00 am (UTC)
From: [identity profile] franklanguage.livejournal.com

(no subject)

Date: 2013-11-16 09:56 pm (UTC)
From: [identity profile] lafinjack.livejournal.com
Got a similar email from Dreamhost last night.
Flat | Top-Level Comments Only

Profile

theweaselking: (Default)theweaselking
Page generated Mar. 4th, 2026 10:00 pm