Police Shooting In Salt Lake: Dillon Taylor, 20, Shot Dead — Because He Was Wearing Headphones?
Read more at http://www.inquisitr.com/1412236/dillon-taylor-police-shooting/#QUOAtb0gHIcmXZL6.99

 

Dillon Taylor, 20, was shot dead by police in Salt Lake City, Utah, Monday night after he failed to respond to police commands — because he was listening to music through headphones. Taylor’s brother, who was with Taylor at the time of the police shooting, says that his brother was unarmed and was trying to do what police told him to do when they shot him twice in the chest.

Police in Salt Lake City have refused to disclose whether or not a weapon was found on or near Dillon Taylor, nor have they said what actions Taylor may have taken that led police to shoot and kill him outside a 7-11 convenience store at 2102 State Street in Salt Lake City Monday.

Police were responding to reports of a man brandishing a gun, and Taylor reportedly fit the description they were given. Police confronted him along with his brother Jerrail Pete Taylor, 22, and a cousin, Adam Thayne. While police say that the other two men cooperated with the officers who stopped them, Salt Lake police Sergeant Darin Sweeten said that Dillon Taylor appeared “visibly upset.”

Taylor was subject to an outstanding warrant for allegedly violating probation. His brother had served time on a robbery charge. But Sweeten said that the officers who confronted the three men were not aware of the warrant on Dillon Taylor, or that they even knew who he was at the time of the shooting.

Jerrail Taylor said that his younger brother simply became confused because he couldn’t hear what police were telling him to do, and that confusion led to his death.

“We’re walking out of the 7-11 with a drink, when the cops show up and start harassing us with guns,” the older Taylor brother said, adding that Dillon wasn’t aware of the cops until they encircled him with guns leveled.

“He couldn’t hear them, so he just kept walking. They had guns pointed at his face. That’s when he turned off the music. I saw them point guns at my brother’s face, and I knew what was going to happen,” Jerrail told the Salt Lake Tribune newspaper.

When officers instructed Dillon to lie on the ground, he attempted to comply, but the officers fired at him from close range before he had a chance, Jerrail Taylor said. “He got confused, he went to pull up his pants to get on the ground, and they shot him.”

Witnesses said that Taylor was seen reaching for his waistband, suggesting that the police thought that the act of Dillon Taylor adjusting his pants was actually an attempt to reach for a weapon.

But did Dillon Taylor have a gun or not?

“We are not ready to release any information about a weapon being involved or not being involved at this time,” said Sweeten.

Jerrail Taylor said that none of the three men were in possession of firearms. Adam Thayne said police claimed they mistook Dillon’s cell phone for a gun.

“They said they thought his phone was a gun is what they told my cousin but I don’t even think he brought his phone out,” Thayne said. “His hands were empty.”

Both parents of the Taylor brothers died five years ago and their aunt, Gina Thayne, took over the care of the then-teenagers.

“It’s been a roller coaster for the last five years with these kids,” she said. “It seems like every time they take two steps forward to try and straighten things up, they go three steps back.”

Dillon Taylor was engaged and his fiancé was three months pregnant with the couple’s first child.

Read more at http://www.inquisitr.com/1412236/dillon-taylor-police-shooting/#QUOAtb0gHIcmXZL6.99

 

Thieves using mysterious high-tech remote to burglarize cars

Thieves using mysterious high-tech remote to burglarize cars

Shocked to learn how data brokers are watching you?

 http://www.cbsnews.com/news/shocked-to-learn-how-data-brokers-are-watching-you/

UPS says 51 retail stores breached by malware: Associated Press

UPS says 51 retail stores breached by malware: Associated Press

Groups claim insurance discrimination in new forms

AP Photo: Rich Pedroncelli

 

In this Aug. 11, 2014, photo, Charis Hill, who has a rare form of arthritis that affects the spine, poses in Capitol Park in Sacramento, Calif. Hill has health insurance under one of the new plans offered through the health care law, could not afford the medication required for her condition because of the plan's high copays. As a result she's has had to get financial assistance from the drug manufacturer. Hill says riding her bike helps manage her arthritic condition. Advocates for patients with serious health problems say that one of the main goals of the new health care law is being undermined.

 

  By RICARDO ALONSO-ZALDIVAR of Associated Press

 

WASHINGTON (AP) — Ending insurance discrimination against the sick was a central goal of the nation's health care overhaul, but leading patient groups say that promise is being undermined by new barriers from insurers.

The insurance industry responds that critics are confusing legitimate cost-control with bias. Some state regulators, however, say there's reason to be concerned about policies that shift costs to patients and narrow their choices of hospitals and doctors.

With open enrollment for 2015 three months away, the Obama administration is being pressed to enforce the Affordable Care Act's anti-discrimination provisions. Some regulations have been issued; others are pending after more than four years.

More than 300 patient advocacy groups recently wrote Health and Human Services Secretary Sylvia Mathews Burwell to complain about some insurer tactics that "are highly discriminatory against patients with chronic health conditions and may ... violate the (law's) nondiscrimination provisions."

Among the groups were the AIDS Institute, the American Lung Association, Easter Seals, the Epilepsy Foundation, the Leukemia & Lymphoma Society, the National Alliance on Mental Illness, the National Kidney Foundation and United Cerebral Palsy. All supported the law.

Coverage of expensive drugs tops their concerns.

The advocates also say they are disappointed by how difficult it's proved for consumers to get a full picture of plans sold on the new insurance exchanges. Digging is often required to learn crucial details such as drugs covered, exact copayments and which doctors and hospitals are in the network.

Washington state's insurance commissioner, Mike Kreidler, said "there is no question" that discrimination is creeping back. "The question is whether we are catching it or not," added Kreidler, a Democrat.

Kansas' commissioner, Sandy Praeger, a Republican, said the jury is out on whether some insurers are back to shunning the sick. Nonetheless, Praeger said the administration needs to take a strong stand.

"They ought to make it very clear that if there is any kind of discrimination against people with chronic conditions, there will be enforcement action," Praeger said. "The whole goal here was to use the private insurance market to create a system that provides health insurance for all Americans."

The Obama administration turned down interview requests.

An HHS spokeswoman said the department is preparing a formal response to the advocates and stressed that today's level of consumer protection is far superior to what existed before President Barack Obama's law, when an insurance company could use any existing medical condition to deny coverage.

The law also takes away some of the motivation insurers have for chasing healthy patients. Those attracting a healthy population must pay into a pool that will reimburse plans with a higher share of patients with health problems. But that backstop is under attack from congressional Republicans as an insurer "bailout."

Compounding the uncertainty is that Washington and the states now share responsibility for policing health plans sold to individuals.

Although the federal government is running insurance markets in 36 states, state regulators are still in charge of consumer protection. A few states refuse to enforce any aspect of the law.

Kreidler said the federal government should establish a basic level of protection that states can build on. "We're kind of piecemealing it right now," he said.

Much of the concern is about coverage for prescription drugs. Also worrisome are the narrow networks of hospitals and doctors that insurers are using to keep premiums down. Healthy people generally shop for lower premiums, while people with health problems look for access to specialists and the best hospitals.

Before Obama's overhaul, insurance plans sold on the individual market could exclude prescription coverage. Now the debate is over what's fair to charge patients.

Some plans are requiring patients to pay 30 percent or more for drugs that go for several thousand dollars a month. HIV drugs, certain cancer medications, and multiple sclerosis drugs are among them.

Although the law sets an overall annual limit on what patients are required to pay, the initial medication cost can be a shock.

California resident Charis Hill has ankylosing spondylitis, a painful, progressive form of spinal arthritis. To manage it, she relies on an expensive medication called Enbrel. When she tried to fill her prescription the pharmacy wanted $2,000, more than she could afford.

"Insurance companies are basically singling out certain conditions by placing some medications on high-cost tiers," said Hill. That "is pretty blatant discrimination in my mind."

Hill, a biking advocate from the Sacramento area, has been able to get her medication through the manufacturer's patient assistance program.

The insurance industry trade group America's Health Insurance Plans says there's no discrimination because patients have many options on the insurance exchanges. Gold and platinum plans feature lower cost-sharing, but have higher premiums. Standard silver plans generally require patients to pay a greater share of medical bills, but some have fairly robust drug coverage.

"There are plans on the exchanges that are right for people who have these health conditions," said Brendan Buck, a spokesman for the group.

For 2015, the administration says it will identify plans that require unusually high patient cost-sharing in states where Washington is running the exchange. Insurers may get an opportunity to make changes. Regulators will collect and analyze data on insurers' networks.

"People who have high cost health conditions are still having a problem accessing care," said law professor Timothy Jost of Washington and Lee University in Virginia. "We are in the early stages of trying to figure out what the problems are, and to what extent they are based on insurance company discrimination, or inherent in the structure of the program."

AP Business Writer Tom Murphy in Indianapolis contributed to this report.

Online:
Letter to health secretary: http://tinyurl.com/kknjbuf

5 factors that influence your home's resale value

5 factors that influence your home's resale value

IRS failed to do background checks on contractors

Getty Images: Andrew Harrer, Bloomberg

A sign identifies the Internal Revenue Service building in Washington, D.C.

  By STEPHEN OHLEMACHER of Associated Press

               

WASHINGTON (AP) — The IRS failed to do background checks on some private contractors who handled confidential taxpayer information, exposing more than a million taxpayers to an increased risk of fraud and identity theft, a government investigator said Thursday.

 

In one case, the IRS gave a printing contractor a computer disk with names, addresses and Social Security numbers of 1.4 million taxpayers, but didn't require a background check for anyone who worked on the job, said a report by the Treasury inspector general for tax administration.

In another case, to transport sensitive documents the IRS used a courier who previously had spent 21 years in prison on arson and other charges. In other cases, contractors underwent background checks but weren't required to sign agreements not to disclose sensitive information, the report said.

"Allowing contractor employees access to taxpayer data without appropriate background investigations exposes taxpayers to increased risk of fraud and identity theft," the inspector general, J. Russell George, said.

IRS policy requires contractors with access to confidential taxpayer information to undergo background checks, though the policy wasn't always followed, the report said. About 10,000 private contractors have access to such information.

The report did not examine whether any of the private contractors misused taxpayer information. But the issue of identity theft has been gaining attention at the IRS and elsewhere.

In recent years the IRS has reported a big jump in thieves trying to fraudulently claim tax refunds using stolen Social Security numbers.

In 2012, the IRS issued $4 billion in fraudulent tax refunds to people using stolen identities, according to an inspector general's report released last year. That same year, the IRS blocked more than $12 billion in fraudulent refunds from going to identity thieves.

In a statement, the IRS said it takes seriously its responsibility to protect taxpayer information, "and we expect the same from our contractors."

The agency said it was committed to ensuring that all contractors with access to sensitive information undergo thorough background checks. Also, the IRS said it issued more explicit guidance over a year ago to ensure that contractors submit nondisclosure agreements.

"The IRS is committed to clarifying policies and procedures to ensure appropriate security provisions are included in all appropriate solicitations and contracts," the agency said.

George's investigators reviewed 34 IRS contracts that were active in May 2013. They found five contracts in which no background checks were required, even though contractors had access to confidential information, which is labeled "sensitive but unclassified." The contracts were for courier, printing, document recovery and sign language interpreter services.

The document recovery contract was to salvage sensitive documents and personal belongings of IRS employees after a single-engine plane crashed into an IRS office building in Austin, Texas, in 2010. An IRS employee in the building was killed in the crash.

George's report said background checks were required as part of 12 contracts, but workers were allowed access to sensitive information before the checks were completed.

Investigators also identified 20 contracts in which workers did not sign agreements not to disclose sensitive information.

Colgate Total Ingredient Linked to Hormones, Cancer Spotlights FDA Process: Bloomberg

Colgate Total Ingredient Linked to Hormones, Cancer Spotlights FDA Process: Bloomberg

Check out this great MSN video - Swimming with whale sharks in the Philippines

Check out this great MSN video - Swimming with whale sharks in the Philippines

15 diseases doctors often get wrong

15 diseases doctors often get wrong

The worst airlines in America

The worst airlines in America

Diabetes drug could increase lifespan: Study

Diabetes drug could increase lifespan: Study

Obamacare fines look less likely as exemptions swell

Obamacare fines look less likely as exemptions swell

To stop security breaches, kill the username and password

You don't have to be an online security expert to know that usernames and passwords are not cutting it. It's time to completely re-think how we manage our online identities.

• by Tim Stevens
  @Tim_Stevens
• August 7, 2014 1:56 PM PDT

For decades we've been tought that, when it comes to important stuff, putting all of it in one place is a bad idea. Spread your investments around, keep copies of important documents in as many places as possible, and always, always have a backup -- multiple, if possible.

That becomes a problem when we talk about spreading our personal information all over the Internet. That, as it turns out, is a very bad idea. As I write this, we're gradually learning more about what may be the largest data breach in history: 1.2 billion records allegedly exposed, over 500 million accounts impacted, covering some 420,000 individual websites worldwide. That's very, very bad, but it all pales in comparison to the depressing knowledge that this won't be the last.

The simple truth is this: there is nothing you can do to truly protect yourself from attacks like this. Changing your passwords won't save you, because your data was probably exposed weeks or months before anyone found out. Choosing secure passwords helps, as does using different ones for every site you visit. You can also use multiple email addresses, even different physical aliases and addresses for online shopping. But, so long as the sites you use keep proving vulnerable, some segment of your data will always be at risk.

The simple truth is this: there is nothing you can do to truly protect yourself from attacks like this.

So, if there's nothing you can do to properly prevent this, is the situation hopeless? Right now, yeah, it is. But it doesn't have to stay that way. It's time for a major re-think of online authentication. It's time to stop putting our eggs in every basket, because securing all those baskets is a fool's game.

Let's say you're shopping for something. You find it at an online retailer you think you can trust, add it to your cart. You click to check out. To get the thing to you they need an address, so you type that in. You'll also need to get updates on the order, so you provide your email, and of course a password. They'll probably want a credit card, too. All that gets stored in some database somewhere.

A week or two goes by and it's time to shop for something else, something completely differ
ent. You find it at another store, add it in to another basket, and click on another checkout button. What happens next? The same exact process. Address, email, password, credit card -- all the same data, now duplicated across two retailers.

Over the years you've probably done this dozens, maybe hundreds of times, spreading your info far and wide. Some sites need more -- birth dates, Social Security numbers -- some less, each site protecting it in different ways, relying on different levels of encryption, different firewall policies, all administrated by disparate IT groups. Some are well-trained, well-staffed, and on top of their game. Some are limping by with too few people and too little knowledge.

Eventually, one of those sites is going to get compromised. It really doesn't matter which, because you've now provided some basic subset of information across them all. Any copy is as good as any other. Your data is out there, exposed.

Your data is only as safe as the weakest place you store it.

The Internet is a web of disparate systems, networks connecting to networks, initially designed for redundancy and resiliency in the case of global war. But, when it comes to security and protecting your personal information, its structure is more like a chain: your data is only as safe as the weakest place you store it. In this most recent series of breaches, there were allegedly more than 420,000 weak links.
The solution is to stop the duplication. Kill the username and password and create a central system for managing identity and personal data. Take responsibility of managing your data out of the hands of every little retailer, Web forum, social network, and online entity out there.

This is not a new idea. Far from it. The OpenID standard, for example, is basically the same concept, and there were others before. Meanwhile, the government has proposed its own solution, lovingly titled National Strategy for Trusted Identities in Cyberspace (NSTIC). OpenID found a fair bit of success when it comes to straightforward authentication tasks, but it's never been a player when it comes to online retail. Recently, major online identity companies like Janrain and Facebook have withdrawn support. (Facebook has launched its own authentication service, Facebook Connect.)

NSTIC seems almost destined to fail for one simple reason: nobody trusts the US government.

The government's system, meanwhile, is currently in limited trials and pilot programs, mostly thanks to federal mandates. It seems almost destined to fail for one simple reason: nobody trusts the US government. NSTIC was initially proposed in 2010, before all those juicy NSA revelations. Now, any federal attempt at aggregating your personal info would be looked upon with derision -- despite the government already knowing plenty.

So, what's the solution? The core concepts proposed by the above solutions are sound: standardize and centralize the handling of online identity. Create a single mechanism for identifying who you are, a mechanism that the entire industry can develop and work to secure. Generate a centralized authentication system, a series of providers that would manage your identity similar to how ISPs currently deliver your email.

Google Authenticator Nicole Cozma/CNET

Imagine the same situation as before: you're shopping online. You find a hot new pair of shoes, click to check out. The site prompts you for an ID. It'd be something like an email address, something uniquely identifying you, but it wouldn't be anything you use for communication. You type that in and another window pops up, asking for proof that you are who you say you are. This could be a number of different forms, including a synchronized number generator running on your phone (like Google Authenticator), a physical smartcard that you slot into your computer, even a fingerprint scanner. But, never just a password. That notion, of a random string protecting all of your information, is more dated than a dial-up modem.

Once you prove you are who you say you are, you then grant access to the shopping site. The site would request what it wants, maybe your address and phone number for shipping purposes, and you would approve or deny that request. Crucially, that retailer would never store that information. It would be granted access to that data for the duration of the order, and once completed, that access would be revoked. All payments could even be handled in the same way, so that instead of you spreading your credit card number far and wide, the retailers would pass a dollar amount back to your authentication provider. It'd be then up to you to authorize the charge.

With digital orders the process gets even simpler. If there's nothing to ship there's no need to hand over any of your personal information. If an email needs sending, the retailer could pass that message on to the identifier you provided earlier, and your authentication provider would then make sure it gets passed along. If you hadn't authorized that retailer to send you messages, it would never hit your inbox.
Retailers would never need to see your email address, never see to your credit card number, and while they would have access to your physical address, they wouldn't be allowed to store it.

Isn't this creating a single point of failure?

No. This wouldn't need to be one magical server sitting in a bunker surrounded by barbed wire, armed guards, and menacing dogs with sharpened teeth and spiked collars. This would be a series of protocols and standards, developed by the industry and implemented across it. As far as your browser is concerned, it doesn't matter whether the Web page you're viewing came through Apache or IIS. And, as far as your email client is concerned, it doesn't matter whether the sender was on Gmail or a custom SMTP server.

The Internet runs on a few basic standards. This would be the development, and adoption, of a few more.

Wouldn't hackers focus all their effort on breaking this system?

Sure. However, by greatly reducing the number of places where your information is stored, and by limiting the means of access to it, the task of securing your data becomes infinitely easier. Right now, every retailer is doing things their own way, and it's painfully clear that many of them are doing a pretty poor job of it.

Would this stop all hacks?

Nope. Even if a retailer only has access to your physical address for a few days that would be enough time for a hacker to crack their systems and request it as well. And, we've seen that fingerprint scanners can be fooled and other forms of two-factor authentication defeated. Additionally, it would always be possible to set up a fake site and trick users into authenticating against it.

There will always be vulnerabilities, but implementing a system like this across the industry would reduce risk in a huge way. Stealing a username and password through a phishing attack is relatively easy. Lifting your fingerprint and creating a copy of your finger, or stealing your wallet to get your digital identification card, is an awful lot more complicated.

Aren't two-factor auth systems already providing this?

Sure, to some degree, but how many smartcards do you want to carry around? How many authenticator apps do you want to install on your phone? Even if everyone implements two-factor authentication, the same problem still exists, just under another layer of security.

Why would any retailer choose to implement this?

This definitely takes a lot of power away from retailers, but think about this: would you buy anything from an online retailer that wasn't using secure transactions? It didn't take long for the green lock signifying a valid SSL certificate to become commonplace, and once a framework was put in place, it wouldn't take long for this to do the same.

Who would pay for it?

Data breaches are expensive, and only getting more so. In 2013 the average cost of a data breach was estimated to be $3.1 million dollars. Last year, that climbed to $3.5 million. The aggregate costs from this most recent data breach are likely to number in the billions. That's more than enough incentive for the companies involved, particularly the banks, which not only eat the cost of bogus transactions, but have to print and ship and manage new credit cards every time. (There's a reason why your latest credit card feels a lot more flimsy than your last one.)

Who would implement it?

This would take a massive, industry-wide effort to implement. Developing the standards alone would likely be months, possibly years of active wrangling in some standards body or another. Then, authentication providers would need to be created, likely with banks and major online companies like Google doing the heavy lifting. Finally, the retailers would need to adopt it, a rollout that would take time and money -- but less money than yet another breach.

Is this realistic?

That depends on one thing: your continued tolerance for these breaches. Are you okay with getting a new credit card every few months, changing each and every auto-pay account every time? Are you okay with going through and swapping out passwords whenever a breach like this occurs? Are you okay with spreading your personal information far and wide and entrusting it with, well, everyone?

If so, then no, this will never happen. This isn't something the government can mandate across the industry, because it needs to be global. And, this isn't something the industry is likely to start without considerable demand, because the retailers sure do like having easy access to all of your information whenever they want it.

So, it's up to you. Let the industry know that you're done with passwords and maybe, finally, the industry will listen.

The guide to password security (and why you should care)

Find out how your password security can be compromised, and how to create and manage secure passwords.

• by Sharon Profis
   
   May 10, 2012 12:55
• Updated: August 6, 2014 3:20 PM PDT

presented by

http://www.cnet.com/videos/link/2233184006/

Reports of a massive security breach circulated this week. There are a lot of questions about the extent of this alleged breach, but if you're concerned that your password and credentials have been taken, we recommend updating your passwords. Here's our advice for creating a strong password you can actually remember.

How are passwords exposed?

Before we dive into the how-tos of creating secure passwords, it's important to understand why you need a supersecure password to begin with. After all, you might be thinking, "Who would want to hack little old me?"
There are a few ways your account passwords can be compromised.

1. Someone's out to get you. Enemies you've created, exes from your past, a nosy mother, an intrusive spouse -- there are many people who might want to take a peek into your personal life. If these people know you well, they might be able to guess your e-mail password and use password recovery options to access your other accounts. (Can you tell I'm speaking from experience?)
2. You become the victim of a brute-force attack. Whether a hacker attempts to access a group of user accounts or just yours, brute-force attacks are the go-to strategy for cracking passwords. These attacks work by systematically checking all possible passphrases until the correct one is found. If the hacker already has an idea of the guidelines used to create the password, this process becomes easier to execute.
3. There's a data breach. Every few months it seems another huge company reports a hacking resulting in millions of people's account information being compromised. And with the recent Heartbleed bug, many popular websites were affected directly.

What makes a good password?

Although data breaches are out of your control, it's still imperative to create passwords that can withstand brute-force attacks and relentless frenemies. Avoiding both types of attacks is dependent on the complexity of your password.

Ideally, each of your passwords would be at least 16 characters, and contain a combination of numbers, symbols, uppercase letters, lowercase letters, and spaces. The password would be free of repetition, dictionary words, usernames, pronouns, IDs, and any other predefined number or letter sequences.

Related tutorials

• Mastering the art of passwords
• The 10 password commandments
• How to check password strength

The geeky and security-savvy community evaluates password strength in terms of "bits," where the higher the bits, the stronger the password. An 80-bit password is more secure than a 30-bit password, and has a complex combination of the aforementioned characters. As a result, an 80-bit password would take years longer to crack than a 30-bit password.

Ideal passwords, however, are a huge inconvenience. How can we be expected to remember 80-bit (12-character) passwords for each of our various Web accounts?

Creating secure passwords

In his guide to mastering the art of passwords , Dennis O'Reilly suggests creating a system that both allows you to create complex passwords and remember them.

For example, create a phrase like "I hope the Giants will win the World Series in 2013!" Then, take the initials of each word and all numbers and symbols to create your password. So, that phrase would result in this: IhtGwwtWSi2013!

The next option is to use a password generator, which come in the form of offline programs and Web sites. The best choice here would be to use an offline generator, like the appropriately named Random Password Generator, so that your created passwords can't be intercepted.

While you experiment with different passwords, use a tool like How Secure is my Password? to find out if it can withstand any cracking attempts. This particular Web site rates your password's strength based on how long it would take to crack. If it's too easy, the meter will let you know what elements you can add (or remove) to strengthen it.

Check the strength of your passwords at the How Secure Is My Password site, which indicates how difficult your password is to crack, and whether it's on the site's common-password list. Screenshot by Eric Franklin/CNET

Microsoft offers its own online strength checker, and promises that the form is completely secure. Mac users can use the built-in Password Assistant to check their passwords' security.

Enable two-step-verification

Any time a service like Facebook or Gmail offers "two-step verification," use it. When enabled, signing in will require you to also enter in a code that's sent as a text message to your phone. Meaning, a hacker who isn't in posession of your phone won't be able to sign in, even if they know your password.

You only have to do this once for "recognized" computers and devices. Here's how to set up two-step verification for many popular websites.

Keeping track of secure passwords

If you follow one of the most important commandments of passwords, you know that you absolutely must have a unique password for every service you use. The logic is simple: if you recycle the same password (or a variation of it), and a hacker cracks one account, he or she will be able to access the rest of your accounts.

Obviously, you can't be expected to memorize dozens of crazy, 16-character-long passwords.

This guide thoroughly explores the different options for managing your passwords, including things like storing them on a USB drive, and even writing them down. Although it's ultimately up to you, he presents a strong argument for using the ol' sticky note method.

Using a password manager

 Password managers store all of your passwords for you and fill out your log-in forms so that you don't have to do any memorizing. One of the most secure and intuitive password managers is LastPass.

The LastPass password vault in Chrome. LastPass Inc.

LastPass is unique in that it is made of two parts, coupling an offline program with a browser plug-in. All encryption and decryption happens on your computer so that your data doesn't travel over the Internet and is not stored on any servers.

As you create new accounts or change your passwords, LastPass will ask you if you'd like to create them using its password generator, which is designed to generate hard-to-crack passwords.

If you choose those routes, you'll still have to remember at least one thing: your master LastPass password. Do be sure to make it extra-secure and composed of at least 12 characters to ensure that it's not vulnerable to any brute-force attacks.

It's worth noting, however, that just like any software, LastPass is vulnerable to security breaches. In 2011, LastPass experienced a security breach , but users with strong master passwords were not affected.

4 signs you have the wrong health plan

4 signs you have the wrong health plan

New Jersey officer probed for criticizing Obama

Joshua Roberts: Reuters

President Barack Obama speaks about new sanctions imposed on Russia as he departs the White House in Washington July 29, 2014.

           

  By Associated Press

 

HELMETTA, N.J. (AP) — A New Jersey police officer is under investigation after he was videotaped making comments about President Barack Obama and the Constitution.

 

Part-time Officer Richard Recine was called to the Helmetta town hall Monday because resident Steve Wronko was seen videotaping. Wronko insisted he had a constitutional right to make the recording.

On the tape, the officer says Obama has "decimated" the Constitution and "if he doesn't follow the Constitution, we don't have to."

Police Director Robert Manney tells the Courier News of Bridgewater (http://mycj.co/1pDSYxx) he's spoken to the officer and the comments were an "embarrassment." Manney says the investigation should be completed swiftly.

Recine earns an hourly wage while collecting a $79,000 pension after retiring from the Franklin police department in 2006. The Associated Press was unable to locate a phone listing for him.
___
Information from: Courier News (Bridgewater, N.J.) , http://www.mycentraljersey.com

Teach Google Now new voice commands

Free Android app Commandr helps you carry out common phone tasks using a few spoken commands and Google Now.

• by Sarah Mitroff
   
  August 4, 2014 3:27 PM PDT

 

Josh Miller/CNET   

                                     

Google Now is great for getting directions, checking the weather, looking up the definition of a word, or just searching the Web, but that's no longer all it can do. With the help of an app called Commandr for Google Now, you can toggle Wi-Fi on or off, pause your music, or ask your phone to read your text messages out loud, all by speaking a few simple voice commands.

Commandr plugs into Google Now's voice assistant to let you control your phone by speaking to it, and it's particularly helpful for when you can't use your screen, like when you're driving. It works by reading the text that Google transcribes when you speak in Google Now's voice search.

The app debuted at the beginning of July 2014, but was a bit limited at the get-go. After you launched Google Now, you had to say "note to self" first, then the command you wanted. Just a few weeks after launching, an update changed that, and now you can simply state your desired command, such as "GPS On" or "Raise volume." Here's how to get started, and a few ways you can use it.

Step 1: Set up the app

After you've downloaded and installed Commandr, go through the app's short setup process. You get two choices here: You can either give the app accessibility access on your phone so it can listen your commands, or you can use a limited version of Commandr that requires you to say "note to self" before each command.

If you choose the former, Commandr walks you through a short set-up process to activate the accessibility service on your phone in the settings menu. Just so you know, accessibility services are often used for apps or with built-in features designed for those with visual or hearing impairments.

This is the list of pre-installed Commandr commands. Screenshot by Sarah Mitroff/CNET

Step 2: Pick your commands

After you're all set up, it's time to pick which commands you want to use. Tap the Built-in Commands section of the home screen, and you'll get a list of pre-installed commands that you can turn on or off. A few examples of built-in choices are:

• Toggling your flashlight on or off
• Turning Bluetooth, Wi-Fi, or cellular data on or off
• Skip to the next song (skips to the next track, but only in Google Play Music)
• Read your unread SMS messages out loud
• Lowering your phone's system or ringtone volume

With each command, the app tells you the exact phrase say to execute it -- they aren't difficult to remember, but it's helpful to know the magic words. You can customize the phrase as well, to fit whatever makes sense for you.

Commandr's developer, Ryan Senanayake, is working on adding new commands to the app, and you can help by voting for suggestions that other users have submitted to show which commands are most popular. You can view and vote for the latest contenders by tapping "Vote for New Commands" at the bottom of the Built-in Commands page. If there's a command you'd like added that's not already on that list, just tap the "Suggest a New Command" button to submit it.

You can vote for new commands, and submit your own ideas. Screenshot by Sarah Mitroff/CNET

Step 3: Open Google Now

Now that you've picked the commands you want to use with Commandr, the next time you want your phone to carry out that action, launch Google Now the way you normally would, either by swiping up from the bottom of your screen or saying "OK Google" while on your home screen.
When the Google Now dashboard appears, say "OK Google" to launch voice search and then speak your command. Your phone should then do what you ask, whether that's turning on your flashlight or pausing your music. That's all there is to it.

U.S. Homeland Security contractor reports computer breach

A view shows the United States Investigations Services, or USIS, headquarters in Falls Church, Virginia January 26, 2014.

Posted on msn.com 8/6/2014
           

 By Reuters

 

WASHINGTON (Reuters) - A company that performs background checks for the U.S. Department of Homeland Security said on Wednesday it was the victim of a cyber attack, adding in a statement that "it has all the markings of a state-sponsored attack."

 

The computer breach at Falls Church, Virginia-based US Investigations Services (USIS) probably involved the theft of personal information about DHS employees, according to the Washington Post, which first reported the story.

DHS has suspended all work with the company amid an investigation by the FBI, the Post reported. A U.S. government official confirmed to Reuters that the FBI is investigating the breach.

The Office of Personnel Management has also suspended work with USIS out of an abundance of caution, it said, adding that government officials do not believe the breach has affected non-DHS employees.

“Our forensic analysis has concluded that some DHS personnel may have been affected, and DHS has notified its entire workforce” of the attack, department spokesman Peter Boogaard was quoted by as saying by the newspaper.

"We are working collaboratively with OPM and DHS to resolve this matter quickly and look forward to resuming service on all our contracts with them as soon as possible," USIS said in the statement on its website.

"We will support the authorities in the investigation and any prosecution of those determined to be responsible for this criminal attack," it said.

"Experts who have reviewed the facts gathered to-date believe it has all the markings of a state-sponsored attack," the company said.

USIS says it is the biggest commercial provider of background investigations to the federal government, has over 5,700 employees and provides services in all U.S. states and territories, as well as abroad.

(Reporting by Eric Walsh; Editing by Eric Beech)

Thieves using mysterious high-tech remote to burglarize cars

Thieves using mysterious high-tech remote to burglarize cars

Mortgage-rule changes could affect short-sellers

Mortgage-rule changes could affect short-sellers

Report: Russian hackers steal 1.2B passwords

Reuters: Pawel Kopczynski

               

The word 'password' is pictured on a computer screen in this picture illustration taken in Berlin

Original May 21, 2013. Posted on ms.com 8/5/2014 

         

 By Associated Press

 

NEW YORK (AP) — Russian hackers have stolen 1.2 billion user names and passwords in a series of Internet heists affecting 420,000 websites, according to a report published Tuesday.

 

The thievery was described in a New York Times story based on the findings of Hold Security, a Milwaukee firm that has a history of uncovering online security breaches.

Hold Security didn't immediately respond to inquiries from The Associated Press.

The identities of the websites that were broken into weren't identified by the Times, which cited nondisclosure agreements that required Hold Security to keep some information confidential.
The reported break-ins are the latest incidents to raise doubts about the security measures that both big and small companies use to protect people's information online.

Security experts believe hackers will continue breaking into computer networks unless companies become more vigilant.

"Companies that rely on usernames and passwords have to develop a sense of urgency about changing this," Avivah Litan, a security analyst at the research firm Gartner told the Times.

Retailer Target Corp. is still struggling to win back its shoppers' trust after hackers believed to be attacking from Eastern Europe stole 40 million credit card numbers and 70 million addresses, phone numbers and other personal information last winter.

Alex Holden, the founder and chief information security officer of Hold Security, told the Times that most of the sites hit by the Russian hackers are still vulnerable to further break-ins. Besides filching 1.2 billion online passwords, the hackers also have amassed 500 million email addresses that could help them engineer other crimes, according to Hold Security.

So, far little of the information stolen in the wave of attacks appears to have been sold to other online crooks, according to the Times. Instead, the information is being used to send marketing pitches, schemes and other junk messages on social networks on Twitter, the newspaper said.

The breadth of these break-ins should serve as a chilling reminder of the skullduggery that has been going undetected on the Internet for years, said John Prisco, CEO of another security firm, Triumfant.

"This issue reminds me of an iceberg, where 90 percent of it is actually underwater," Prisco said in an emailed statement. "That's what is going on here... So many cyber breaches today are not actually reported, often times because companies are losing information and they are not even aware of it."

5 bedtime snacks that'll help you sleep better

5 bedtime snacks that'll help you sleep better

9 secrets debt collectors don't want you to know

9 secrets debt collectors don't want you to know

Your guide to picking the best watermelon

Your guide to picking the best watermelon

Law changed to allow 'unlocking' cellphones

 

Reuters: Enrique De La Osa

A woman using her mobile phone.

  ANNE FLAHERTY of Associated Press

 

WASHINGTON (AP) — It just got a little easier to swap cellphone providers.

President Barack Obama signed a bill into law on Friday making it legal once again to unlock a cellphone without permission from your wireless provider, so long as the service contract has expired.

Copyright law prohibits circumventing digital locks on technological devices. But for several years, cellphones were granted an exemption by government copyright lawyers as a way of making it easier for consumers to change carriers and recycle old phones. Then under industry pressure, the Library of Congress — which oversees copyright law — agreed to let the exemption lapse as of January 2013, infuriating consumer advocates who say phone owners should be able to do whatever they want with a device once a contract expires.

"Our laws should not prohibit consumers from carrying their cell phones to a new network, and we should promote and protect competition in the wireless marketplace," said Sen. Patrick Leahy, D-Vt., chairman of the Judicairy Committee and co-sponsor of the bill.

Wireless providers have said digital locks on cellphones protect their business model: phones are often sold at a steep discount in exchange for long-term service contracts. If a consumer doesn't want to be tied to a particular carrier, they can always pay the higher price of a device that's already unlocked, industry officials say.

The Library of Congress agreed with that logic in its latest ruling. But public backlash was fierce and several wireless providers responded by outlining a set of voluntary industry standards for unlocking. Consumer advocates said the process remained slow and cumbersome. They wanted tech-savvy consumers to be able to unlock phones by themselves or use a third-party, which the new legislation allows.

The bill doesn't apply to other wireless devices such as tablets, but directs the Library of Congress to consider whether consumers should be allowed to unlock those as well.

The legislation is only effective until the Library of Congress issues its next ruling, most likely in late 2015. But consumer advocates hope that the popular legislation will be enough to convince the federal office that it should continue to allow unlocking.

CTIA-The Wireless Association, which represents major wireless providers including AT&T, Sprint Corporation, T-Mobile USA, U.S. Cellular and Verizon Wireless, said in a statement: "Even though the vast majority of Americans enjoy upgrading to new devices once their contract terms are fulfilled, we recognize that some consumers may want to unlock their devices to move to another carrier." It noted, however, that even though the phone is unlocked it might not work on other carriers because platforms and spectrum holdings vary.

Lake mysteriously shows in drought-torn Tunisia - GrindTV.com

Lake mysteriously shows in drought-torn Tunisia - GrindTV.com

5 easy (and beautiful!) summer party punches to impress your friends

5 easy (and beautiful!) summer party punches to impress your friends

Record-setting drought intensifies in parched California -

Record-setting drought intensifies in parched California -