Sunday, April 21, 2013

like Jonah, will be swallowed whole, and spat back teeth and bones

New JIRA going around, and this one is plainly...crackheaded. Here's the text of the complaint (because I can't honestly call this a requested feature):
With the rash of accounts being hacked lately, it still surprises me how easy it is to purchase Lindens through the viewer if you happen to have PIOF. You only need to click in the upper right hand corner and fill in any amount, and as long as it's approved, the transaction will be processed. First off, I no longer see the point of having PIOF in the profile, but can make people more of a target.

Second, what I propose is that when you click on purchase Lindens, a second window will pop up asking you to enter ANOTHER password [separate] from your Second Life password to confirm the order. While it is an extra step, it still doesn't make purchasing Lindens difficult, making your personal info a tad bit more secure.
I realize how frustrating getting our accounts hacked--in any world--can be. It feels invasive, it feels as if we've lost our safe havens, and it is genuinely hurtful and angering. I get that. I've been hacked, so believe me, I get that.

But this won't help. Let me say that again because it sounds vaguely important: THIS. WILL NOT. HELP ANYONE.

In fact, it's only going to make the program worse. Say Ms. Paine actually pushes this through, via some incomprehensible act of Linden. What happens? Everyone gets a second password to choose.

In the interests of public disclosure, the worst password of all time--that's remained on the worst passwords lists for at least two years running, if not longer: password. I'm not even kidding. Past that, the next five worst passwords? 123456, 12345678, abc123 (or its "hipper" variant, abcd1234), querty, monkey, and letmein.

That's not even bringing up the other standards, lower on the list--the ones that start with god and move to sexy and make us all glad we live in a culture where eight-letter passwords are the norm, not three-letter ones.

I'm not saying this to be funny in the least. Some folks on the internet order the extra bushel of dumb to go with their dumb; it happens because not everyone is bright (which includes bright people). In general, people just don't think these things through, and that's not even just an idiot factor--everyone has moments where they react blindly, and rarely in good ways.

To make this personal, I consider myself fairly internet-savvy--but when the Gawker family of blogs was hacked, I had to scramble to protect the rest of my data. Why? Because I used the same damn passwords for about 75% of my accounts.

Even now, years after the incident, I still have my password-protection program of choice yell at me when I choose a password for one site that I've used for something else. Which means yes, I'm still making those bonehead mistakes.

But let's go back to the JIRA--how would having a second password save most people? With programs like Secondlife Money Hack distressingly easy to find, plus people using simplistic--and easily guessed--passwords, how would a second password save anyone? Average Jill or Joe on the grid--or, in the grid's case, average BIGTEXANSTEVE or sexiigirlii9518 on the grid--is going to be told they need two passwords. I guarantee you that at least eighty percent of everyone given this boon will wrack their brains for a solid week before having the a-ha moment--they'll supplement their perfect password--"sexmoneygod111"--with their new protect-everything super-sekrit password--"1234512345"--and everything will be fine!

Tell me again how this solves the problem.

Tell me again how this even addresses the basic problem, which I guarantee you, is not payment info on file. (And if you read that even halfway seriously, from her JIRA description, you realize she's also sidewise saying that payment info on file should be dropped from the SL bio anyway, because of "targeting".)

I fully grant, I don't get a lot of the people out in the world, any world, and I certainly don't always understand the things they view as extreme problems. But this? Even just restricting things to Second Life, alone, this isn't even in the top five problems SL has! It's not even in the top fifty!

You want to know how to stop the rash of hacked accounts? Make the accounts harder to access for the criminals, not the account holders. If you really want to protect account information, attach everything to an individually-generated keyfob account number which rotates every eight days and can only be accessed by the account holder answering three security questions every time they want to make a transaction.

Because that would work. (Though again, I guarantee you people would bitch about it, because most people want things simple. Point; click; access; move on with our lives. But that's the trade-off, innit? We can either have ultimate security systems which are arcane to use, difficult to hack, and impenetrable for non-accountholders...Or we can have the point-and-click world. We seem to want the point-and-click world, and that's fine--we just have to accept that that comes with certain security flaws.)

Come back and talk to me when you figure out a way to protect SL info that doesn't make it harder for people to buy things on the grid, and I'll likely tell you you may have come up with something that will work. Because ultimately, too many of us want the convenience of buying Lindens on a whim, whether that's what we should want or not. And no amount of secondary passwording is going to make it any less easy for criminal types to do criminal things on the net.

No comments: