I’ve been keeping an eye on this scene for a while now, eagerly awaiting the release of Fusée Gelée from Kate Temkin since she revealed the capabilities of the flaw. I’m a huge fan of releases like these that let you have more control over the system that you purchased, whether it be rooting an Android device, jailbreaking an Apple one, or getting Custom Firmware running on a Nintendo 2/3DS. I like those processes because it opens the platform to more customization, & not because of the ability to pirate games. Unfortunately, that part almost always follows when these techniques get released, which ends up giving users who want more open platforms a bad name.
A post by Brian Krebs on his site, https://krebsonsecurity.com prompted me to write up a post as well.
He accurately recommends not answering those Social Networking questionnaires that ask for things like “What was your first car?” or “What was your favorite teacher’s name?”, with accurate (or even ANY) details. I’m sure for many people, it’s already too late, so there is definitely another alternative: Go back to any site where you did answer these common questions, & change the answers to something else, i.e.: the answer to a different question, or just garbage text. See below for an example:
What is the name of your favorite band?
New York Yankees
Up)43!z*mP9*KXe!dChC*XLP4(mKAX)z (A random password, generated from DuckDuckGo: password 32 strong)
While the second answer may be a bit of overkill, if you are using a password manager, it’s not that hard to just make note of the Security Question answer if needed in the future.
I think I may have already posted about Password Manager options, but possibly time to take another look at what’s out there, & write up some of the ones that stand out to me. I started with Dashlane, but have since moved to KeePass (Specifically KeePassXC) due to the number of recent breaches of various companies. Using KeePass puts me in control of where I store my password databases.