2010/12/14

What's up with Gawker and why it's a big deal?

On Gawker's side:

Amateur security fuckups - plain and simple - these are all basic security failures

You shouldn't be storing encrypted passwords in the first place - even if the data is encrypted, what are you using for key management? - is all the data encrypted with the same key?  Why worry about that - DON'T STORE PASSWORDS.

When you store a hash, store a salted hash to avoid identifying people who have the same password and help to avoid the easy attacks

They didn't notify any of the affected users until days after twitter was already full of information about it

On users' side:
We all know you can't remember a million passwords - you have to use a password vault software and where possible use central authentication like facebook connect or OpenID.

You can't re-use passwords - look at the site - Gawker is a multi-million dollar enterprise and they are security fuckups - how many sites do you think may not be even encrypting passwords

Looks like it might be a good idea not to re-use email addresses either, since the problem cascades with using the email address to identify users fairly uniquely - this is where the whol system breaks down (see my paragraph later about infrastructure)

When you go to a site you rarely use like Gawker or an online forum where you need help with a question about bicycle repair - take the time to make a unique email address and password for the site instead of using a throwaway weak password you use for lots of unimportant sites.  Because even if all those sites are meaningless to you and your important accounts are secured with strong passwords, you still can be majorly inconvenienced when your email address cascades through the systems and the owners decide to desiable your account because a site like Gawker is hacked.  In addition, you'll have a good record of all these little accounts and be able to go back and check them.  If you've taken to using the same email address and password for all these little sites, you'll have trouble finding their details, but with a password vault they will all be there for you.


Other sites:
It's nice that you have a list of affected users' emails - the effort to disable all their accounts and require resets is a good one.  So far I've received notification from facebook, Digsby and LinkedIn.  If you could quantity that cost and bill it back to Gawker, that would be great - because now even users with unique secure passwords on different sites have been inconvenienced by the fact that they didn't want to also have to remember a million email addresses so they re-used their email address for a ton of sites.

Too bad lots of other sites won't run the email list through their systems and notify their users


On the infrastructure side:
More than ever, it's clear that we need sites (especially those which don't have the resources to follow basic security principles) to move to OpenID, facebook connect or whatever, and that users need better tools to manage their digital identities over thousands of sites.

Even with a password vault, we are already managing too many user ids, emails and passwords, all with varying standards for strength.

2 comments:

  1. Accessing the different sites from the single sign on through an secure authentication makes your transitions more secure and reliable.These transaction are creates its own database in the app in which it works.

    Regards Mike

    ReplyDelete
  2. This comment has been removed by a blog administrator.

    ReplyDelete