I recently got back from a tax seminar in Vegas and this year a good 45 minutes was spent on computer security, it used to be maybe 5 minutes just talking about passwords. This time they talked about passwords alright but said even what used to be considered good ones are not good enough. 30-60 characters is good enough. All kinds of sensitive networks require us to change passwords every 60 to 90 days now. They said forget trying to get all weird with random numbers or names. Use fairly large phrases about literally anything like Iwillpersonallykillallhackers. Then in 60 days change it to Mypitbullisgoingtokillallhackers, then mymotherisreallygoingtokillallhackers. I guess I don't like hackers...Add some numbers and special characters to it. One of the presenters has 70 passwords using a password manager. Here's one article about them:

Best free password managers

We were told that the most popular passwords right now are still password, 12345678 and admin. Gee how clever. All this talk about the Russians hacking us? Podesta's (Clintons' campaign manager) password for his emails was...wait for it...password.

What was really disturbing was the seminar included a half hour talk by an IRS CID guy. Those are like federal marshals with a badge, a gun and everything else. He talked about the Dark Web, about how you can't access it with our usual browsers, you have to be clever enough to find the special hackers browser for that. He then showed some screen grabs of actual postings. It was basically white letters on a back background. None of this colorful advertising and pretty websites we're used to seeing.

The first slide was a guy selling one name with an address, birthday and SSN for $4. Then he had a post with 10,000 names with all that info for $500. Then he asked how many had tax firms with over 1,000 clients and a bunch of hands went up. He shows a posting where someone is selling a CPA firms entire cloned hard drive with over 2,800 clients on it plus the firms own internal accounting info. This isn't just names and SSN's this is tax returns, employer stuff, everything. This gem was going for $4,000.

How was this acquired? By hacking into the remote service they were using for some staff members to work at home. It took some months to clone the whole hard drive using that method. Luckily the feds were monitoring the whole thing and busted them when the time was right.

I'm telling you, this was a very sobering talk especially if you have any kind of business using the internet.

Bob

Biab/RB latest build, Win 11 Pro, Ryzen 5 5600 G, 512 Gig SSD, 16 Gigs Ram, Steinberg UR22 MkII, Roland Sonic Cell, Kurzweil PC3, Hammond SK1, Korg PA3XPro, Garritan JABB, Hypercanvas, Sampletank 3, more.