Archive for the ‘Security’ Category

What does your ISP with your ID and password ?

août 17, 2006

For your ISP these data aren´t a secret since he notifies them to you. But what does « ISP » mean ? Is it a set of trusted employees or a galaxy of external suppliers out of control ?

I came to these questions when I was reached by phone for a broadband offer. The commercial do his speech and at one moment he starts to check my identity asking to me if my ID and my password are really mine ! Of course this offer come from my ISP, so I should not be surprised. But I´m not sure that my ISP performs his marketing offer in his wall, or whether he has delegated the task to some external call center. I think that the latter is most likely true.

The real point here is that requiring credentials for an identity checking isn´t necessary.

My password in clear

août 17, 2006

With Gnome, the login proceeds in two steps, two screens: first, your username, and second, your password. Under Ubuntu these two screens are exactly the same excepted the field name (« username » and « password »): If you don´t pay attention but you have typed incorrectly your password, you return to the first screen after the warning dialog box, and at this point, you type your password in the username field, hence it appears in clear.

Not really important at home, but it could be embarrassing in an office. Anyway, as a default setting, a single screen would have been better. Moreover, the system seems to be unable or not configured to catch where stands the error: the dialog box says « either-either » is wrong.