eBay database hacked, and why password managers are a good idea

eBay’s database containing their user’s login details was hacked into earlier this year, with the details only just being released to the public today.

Apparently, the passwords are “encrypted”, which ought to make people feel slightly better (*Lol, I hope they aren’t actually encrypted), but eBay users are being advised to change their passwords anyway.

You see, the vast majority of internet users have the same password for everything which is a really bad idea! If a large company such as eBay can be hacked and your personal details leaked, imagine what smaller and less secure companies & sites do with your password!

If you use a different password for each of your online identities however, and if one of those identities becomes compromised, the rest of your online accounts remain largely unaffected. The problem however, is that with an increasing number of online identities, it can become impossible to remember all of your different passwords. This is why it’s always a good idea to use a password manager. Essentially all of your passwords are long randomly generated strings, and these are saved on your local computer in a single encrypted file, protected by a master password. It might seem odd to have one ‘master password’ that gives access to everything, but the probability of a hacker physically accessing your machine is 1,000,000’s of times less likely than them trying to access your eBay account remotely, for example.

Additionally, online password managers such as Apple’s iCloud use industry-leading AES-256 encryption, which is good enough even for the NSA’s Top Secret documents. And if you use a long master password, your data is pretty safe.

* You might wonder why earlier I said that encrypting a password on a database is a bad idea. Encryption inherently means a reversible function, and for password storage this is entirely unnecessary. A one-way crypto hashing function is far safer and the preferred method for storing passwords in most cases. I can only hope that eBay used a strong hashing algorithm such as Bcrypt or SHA (with stretching+salting, of course), and god forbid not MD5! And if they did actually encrypt the passwords, I hope the encryption keys were stored somewhere safe and not in the database itself!

Mystery speedtest result

Speedtest.net result

Yes, this is a genuine Speedtest.net result, with a genuine internet connection. No proxy trickery or connected to the test server’s LAN. If only I had this at home…

Downloading stuff on this connection is insane though, I can download entire movies in literally seconds. The vast, vast majority of websites and servers simply can’t send data to me quick enough on this connection. Most downloads cap around 100 Mbps.

Apple iPhone Bumper

My free iPhone bumper arrived last week – Finally! I ordered it near the end of August, so it’s taken a good month to arrive…
The bumper itself is pretty good. It’s well made and pretty sturdy (as you’d expect from any apple product hopefully!). It does also protect the back of the iPhone, as the rubber bit slightly raises it off the desk when you put it down to prevent scratches to the back.

Slingbox died? – It’s probably the power supply

I returned from my holiday a few weeks ago and noticed that my Slingbox Solo was no longer connecting to the network.

The power light was lit, but the network light was blinking with a dim light every 5 seconds or so.

It turns out that my power supply had died. Luckily the box is still under the 2 year warranty (Thanks for the EU – Only 1 year in the US!). So I called Sling support and they agreed to send out a free replacement.

A week went by and still no replacement power adapter. I called again and asked them to chase the order. And unsurprisingly 2 days later the power supply arrived.

But this wasn’t the end. It turns out the replacement adapter was ALSO dead!! Sling Media obviously haven’t heard of something called ‘Quality Control’ – you know, where they test it to make sure it works before giving it to the consumer…

Another phone call later, and they agreed to send me out another adapter… We’re still waiting for that one.

UPDATE: the new supply arrived, and all works fine. I wonder how long this one will last?!