Posts by chris 27 6 publicly visible posts • joined 30 Jun 2009
I have two APs, one in my ISP router and a separate TP Link device, both with the same SSID and security settings. Most of my devices roam between these devices without issues. My N10 however completely drops the wifi connection when the TP Link AP is powered up. If I power it off, then a get a pretty solid signal to my ISP router.
I've not bothered to investigate if the N10 has issues with multiple access points or if it's a compatiblity issue with the TP Link and N10.
If you have a phone with a pre-installed version of facebook, you can clear the data for the app (under settings) and it will no longer have your credentials to login to the filthy malware pedlar's servers.
something like (depending on version):
settings -> apps -> filthbook -> clear data
Check out some of the screen rotate apps on the market that will rotate the home screen for you. I use one by sugarmintcandy, not the greatest app in the world, but mighty useful and really simple.
My landscape dock for my galaxy nexus now rotates the home screen automatically when inserted after the update to 4.0.4, it could be the same bug if you have 4.0.3 or 4.0.2 on the S3.
I can maybe see where they were coming from with this ... it would make users think a little more. You could argue that password masking is security through obscurity.
A few years ago, I amazed someone at a clients IT dept by sniffing their password off the wire (html form based authentication) - they thought the masked password was encrypted. This is the part of the puzzle that the users probably don't understand. “I can't read it on the screen, it most be secure.”
That said, I still think removing it would be a really *bad* idea. It would create a few really large problems, rather than the comparably small problems we currently have.
I can imagine people using high powered telescopes through windows etc. Never a good thing.
I wonder how many people use html forms to authenticate over their unencrypted home wireless network? *Most* sites now seem to use SSL/TLS for the authentication process at least, but some probably still exist. For example your password for your register comments doesn't appear to be submitted over a secure connection: action="http://comments.theregister.co.uk/2009/06/30/masked_passwords_usability/"
------
A couple of replies to comments (I've given up reading all of them!)
------
@Anonymous Coward Posted Tuesday 30th June 2009 08:23 GMT
You have described another security issue, using the same password on two accounts. This has nothing to do with password masking. If I sniff your password off the wire, how is masking it on screen going to help?
@ChrisInBelgium
* 40 passwords? More a symptom of your infrastructure than a issue with passwords. Maybe centralising some of the user accounts would help.
* password lock out - stops password brute forcing. 3 is maybe too few attempts, it depends on what you are protecting. Brute forcing is the security threat that this control is trying to protect you from.
* Coding your own encryption algorithms is not a recommended practice.
@Mike Peachey
@By Anonymous Coward Posted Tuesday 30th June 2009 08:48 GMT
@Peter Kay
Good examples guys!
@Gilbert George
I used to have a tool, forget it's name (maybe winspy) that would work on any input box. Really useful! I may check that tool out.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2025
