Security quotes of the week

For example, if the year is 2013 but the current month is less than the target month (say February), then the condition would return a result as if the current date lies before the August 2012 checkpoint value. In fact, this logic is simply flawed and incorrect. This error indirectly confirms our initial conclusion that the Shamoon malware is not the Wiper malware that attacked Iranian systems. Wiper is presumed to be a cyber-weapon and, if so, it should have been developed by a team of professionals. But experienced programmers would hardly be expected to mess up a date comparison routine.

Windows 8, set for release on 26 October, automatically deletes entries in the HOSTS file for specific domains. Try, for example, to prevent attempts to access Facebook.com, Twitter.com or ad servers such as ad.doubleclick.net by rerouting them to 127.0.0.1 by adding entries to the HOSTS file and the relevant entries will soon disappear from the HOSTS file as if by magic, leaving nothing but an empty line.

Most importantly, a series of leaks over the past few years containing more than 100 million real-world passwords have provided crackers with important new insights about how people in different walks of life choose passwords on different sites or in different settings. The ever-growing list of leaked passwords allows programmers to write rules that make cracking algorithms faster and more accurate; password attacks have become cut-and-paste exercises that even script kiddies can perform with ease.

As a Data Privacy Engineer at Google you will help ensure that our products are designed to the highest standards and are operated in a manner that protects the privacy of our users. Specifically, you will work as member of our Privacy Red Team to independently identify, research, and help resolve potential privacy risks across all of our products, services, and business processes in place today.