CNET to the Rescue: Fixing Epsilon's boo-boo

Security reporter Elinor Mills joins us today to discuss the large data breach at marketing services company Epsilon, which most likely landed your e-mail address in a hacker's database.

Rafe Needleman Former Editor at Large
Rafe Needleman reviews mobile apps and products for fun, and picks startups apart when he gets bored. He has evaluated thousands of new companies, most of which have since gone out of business.
Rafe Needleman
5 min read

Is your e-mail address safe? Probably not. Marketing company Epsilon suffered a breach last week, and the names and e-mail addresses of customers of major online sites, like Chase, TiVo, and Target were revealed. How did this happen, and what can you do about it? Our guest, CNET News security reporter Elinor Mills, explains.

If you have a tech question for CNET to the Rescue, e-mail rescue@cnet.com. No question is too basic, so if you've got a tech problem that's been getting under your skin, please call us and we'll try our best to help you out.

Watch this: CNET to the Rescue Ep.41: Band-Aids for the Epsilon boo-boo


Episode 41: Fixing Epsilon's boo-boo

Road tests
Rafe's Synology DS411Slim: update, month #2: Yep, it's still making thumbnails.

The desktop "Trebuchette:" What's not to love?

Elinor just got LastPass.

Today's Special topic: Security
Your homework reading:
Were you affected by Epsilon data breach?
Who is Epsilon and why does it have my data?

Topics discussed:

  • What is Epsilon?
  • What happened and when?
  • Who are the bad guys?
  • Who is affected?
  • What does it mean to you and me?
  • What is "spear phishing"
  • Are we sure an e-mail list breach is all that went wrong?
  • What should we do to be safe? (Elinor: "To best protect against the espionage threat, people affected by the breach should change their passwords and their e-mail addresses, or use throw-away or site specific e-mail addresses that services like Cotse.net offer that allow users anonymity but allow them to trace spam back to a particular Web site breach.")

Listener questions
Steven Plummer: Currently I have a Windows machine and want to move to a Mac. Should I pay the extra to have the folks at Best Buy move my data? I have been using MS Money for my home banking. What is a good Mac program for home banking?

Rafe: First of all, I'm not giving any dude at a superstore access to my data for anything. Move it yourself. One easy way is to set up Dropbox and use the cloud to sync your data. Another is to copy your data onto a removable hard drive and then use that. When you're done, re-purpose the hard drive as a Time Machine backup.

Apple also explains how to use networking to mount your XP drive on your Mac.

As far as Mac-based home banking, You might want to stick with MS Money via Windows on your Mac in Boot Camp or a virtual machine. Quicken for the Mac is under-featured. Or look at online solutions, including your bank's.


Jason the Instructional Designer: My latest two-year AT&T contract is expiring and I'm looking to upgrade to my first smartphone. I'm looking at the Samsung Focus, since I love the Windows Phone 7 interface, and the Motorola Atrix 4G, for it's Nvidia dual-core goodness. Which one do I go with? My biggest worry is if I go with the single-core Focus, am I gonna regret not having the Atrix's extra core a couple months down the line? I'd really appreciate your insight.

Kent says: Don't worry about dual-core phones. They currently take up more battery life anyway, and at the moment the Atrix's HSDPA high-speed feature is not turned on. There are plenty of non-dual-core phones that are fast enough. Eventually the move to dual-core will be a big deal, and devs will start writing dual-core apps. But it's not necessary today.

Bonnie: Since he's just getting his first smartphone, I'd say that it's not necessary to get one with a dual-core processor, and I'd say that for the average consumer. Today's single-core devices are already pretty zippy, so it can handle tasks like e-mail, casual browsing, multimedia, etc., with no problem. I think dual-core processors will be more of a consideration when Android Ice Cream is released, since the OS will be better optimized to take advantage of the chipset.


Michael Hlas, Minnesota: I recently ruined a pair of earbuds by winding them in my pocket. This caused the left earbud to not work unless i held the wire in a certain direction. So that made me wonder, what is the best way to store earbuds in your pocket without ruining them?

Donald Bell: I use a Cooley-inspired cable winding technique (shown in the second half of this video).

Josh Lowensohn: Buy a carrying case. Old camera film roll cases work pretty well for wrapping then stuffing. The hard part is finding one in today's digital age.

Rafe: The key isn't the winding, which is easy, it's the unwinding, and the stress you put on the cable when you're trying to un-kink it.


Mike: I loved and totally miss MusicMatch Jukebox. It was the easiest and best to use for MP3 supertagging. I'm not sure how they did it, but it was seemingly the only program on the market that built-in album artwork into the actual MP3 file. It wouldn't store a bunch of "folder" and "thumbnail" jpegs all over your drive. I no longer have the option to run an old Windows XP machine. Are there any decent MP3 tagging solutions out there, free or paid, that are just as easy to use to batch rename MP3 file names and permanently attach album artwork without the need of external folder and thumbnail JPG files?

Donald Bell says: Try Tuneup.


J.R. Pitts: I'm a couple days behind, so you've probably already heard this, but one thing to be aware of is that when you extend a wireless network through a repeater, your bandwidth drops in half for each repeater. So someone connecting to the repeater would get 1/2 the bandwidth of someone connecting to the router directly. If you placed an additional repeater connected using it (going through both repeaters to get back to the router), your bandwidth would drop to 1/4th the direct to router connection.

This doesn't invalidate the solution presented, as they are assuredly using Wireless-G or higher, and so half the bandwidth is still going to be more than what their Internet service is, just a point to be aware of.


Phil Barter: I purchased a camera on EBay and bought a 3 year option from SquareTrade, about 2 years later I had issues, I contacted SquareTrade and they fixed it with no questions asked. They are very reasonable on their yearly cost