Ad: Manage updates with the Download App
  • CNET
  • All authenticity posts

authenticity

What LastPass security issue means for RoboForm (Q&A)

After LastPass reported a possible security breach and potential theft of some of its users' master passwords last week, we wondered what it meant for other password managers, such as RoboForm.

Both LastPass and RoboForm help you create and manage strong passwords to log into the increasing array of secure Web sites that we all juggle these days. But is there an inherent vulnerability in relying on a single service to keep track of all your passwords? Should RoboForm users be concerned about the possibility of a similar "anomaly" exposing any of their data?

To answer those questions and learn how RoboForm strives to keep its own customers' data secure, CNET recently spoke with Bill Carey, RoboForm's vice president of marketing.

Q: Bill, from what you may know of what happened at LastPass, what was your take on it? Carey: That's a good question. I don't think anybody really knows what happened yet. I'm not even sure LastPass really knows what happened yet. I've read some of the articles and I read their blog, and they said there was an anomaly. It appears someone had access to their servers for a certain amount of time and that there could've been a transfer of data. But I don't think it would be fair for me to comment on it because I'm not really sure what happened yet. But I appreciate that you're writing it from our standpoint because no one's really thinking about "well, who else is out there and what are they doing and how are they protecting [their data]."… Read more

WinRAR is a winner

WinRAR is a lightweight, flexible, and easy-to-use archiving utility that can unpack most archive formats, as well as compress to both RAR and ZIP. Free to try for 40 days ($29 for single license), WinRAR is definitely top dog in the compression category.

WinRAR's interface is about as simple as it gets. Start creating (or add to) an archive by dragging and dropping your files into the interface or by browsing through the Folder Tree side panel (when enabled). From there, the most common functions are laid out in the form of colorful, mostly intuitive icons, which can all … Read more

WinRAR is a winner

WinRAR is a lightweight, flexible, and easy-to-use archiving utility that can unpack most archive formats, as well as compress to both RAR and ZIP. Free to try for 40 days ($29 for single license), WinRAR is definitely top dog in the compression category.

WinRAR's interface is about as simple as it gets. Start creating (or add to) an archive by dragging and dropping your files into the interface or by browsing through the Folder Tree side panel (when enabled). From there, the most common functions are laid out in the form of colorful, mostly intuitive icons, which can all … Read more

Behind Comodo hack, an insecure Web (roundup)

A breach of the Internet's trust system arises from an outmoded method for assuring that a Web site is authentic, and it has browser makers rethinking their approach to security.

Comodo hack may reshape browser security A breach that let a hacker spoof digital certificates for Google.com, Yahoo.com, and other Web sites is prompting browser makers to rethink security. (Posted in Privacy Inc. by Declan McCullagh) April 4, 2011 4:00 a.m. PT

Comodo hacker says he's protesting U.S. policy The person (or persons) involved with high-profile intrusion into Comodo's network says he'… Read more

What the RSA breach means for you (FAQ)

RSA warned its customers yesterday that its network had been breached and data had been stolen that could affect customers using its popular SecurID token authentication technology. Although details are scarce, here's what we know so far.

What happened? Someone launched an "extremely sophisticated cyberattack" on RSA in the form of an Advanced Persistent Threat and data was stolen related to the SecurID technology, the company said in a statement on its Web site. APT attacks are often used for espionage, targeting source code and other information within a company or government agency. They typically involve knowledge … Read more

How to manage keychain clutter in OS X

The OS X keychain is a useful and secure way to save passwords, certificates, and other authentication information for applications, Web sites, and various other services. By default these are generally loaded into either the log-in keychain or the System kechain, depending on whether the service is user-oriented or a system setting such as Wi-Fi or VPN passwords.

Though the keychain is convenient, sometimes after extensive use it can become cluttered with numerous items. Generally this clutter does not harm anything, but sometimes it can result in odd problems such as the incorrect password being used for a service even … Read more

To fight spam, Google Apps adds e-mail signing

Google has made it possible for Google Apps customers to sign their outgoing e-mail using a technology called DomainKeys Identified Mail (DKIM) that makes it easier to ensure a sender is who he or she says he is.

Google has been using DKIM since 2008 to show Gmail users when incoming mail really is from PayPal and eBay--two major brand names often caught up in spoofed e-mails used in phishing attacks. Now the technology is available more broadly and for the e-mail Google Apps users send.

"Today...we're making it possible for all Google Apps customers to sign … Read more

Google makes it easier to authenticate e-mail

Google announced today that it is making it easy for organizations using Google Apps to authenticate outgoing mail so that recipients can rest assured that the messages are really from them and aren't spam.

Administrators of all editions of Google Apps can enable the DomainKeys Identified Mail technology for outgoing mail in the "Advanced Tools" tab of the control panel by checking several boxes. Gmail has supported e-mail signing standards since its inception in 2004, but implementation required more configuration and resources than that.

Functionally, this means fewer legitimate e-mail messages will be blocked by spam filters. … Read more

How to clear a network authentication hang in OS X

Generally when errors occur during authentication for network services such as file sharing or screen sharing in OS X the connection will either time out or immediately give a warning, but sometimes connections may hang when authenticating. When this happens the connection will not be established and the authentication window will remain on-screen as a floating window that will block other windows and show a continuous revolving activity indicator next to a "Connecting..." status message.

While the window usually has options for canceling the connection, the hang prevents these from being active and results in the only way … Read more

FaceTime not authenticating after hardware changes

If you choose to upgrade the hard drive on your system either for a faster drive or for one with more space, you may find Apple's new FaceTime videoconferencing application will no longer authenticate. When launched, the program will give an error stating "The server encountered an error processing registration. Please try again later."

This has been shown to happen when people have upgraded from magnetic hard drives to SSD drives, but may also happen with other hardware changes as well. The problem is because Apple uses a certificate system for authenticating your system with FaceTime, and … Read more