ETrade password security, or lack of

by chris on August 6, 2014

etrade baby 150x150 ETrade password security, or lack ofEvery week we read about different security breaches, like this week’s one where Russian hackers have amassed over a billion passwords.

A Russian crime ring has amassed the largest known collection of stolen Internet credentials, including 1.2 billion user name and password combinations and more than 500 million email addresses, security researchers say.

Thinking that it was time to change some passwords on various accounts that I use, I discovered something that I find quite alarming.

ETrade’s password policy, or lack of.

They only allow letters and numbers.

They don’t allow punctuation.

They don’t allow special characters.

They don’t recognize the difference between uppercase and lowercase characters.

etrade password 300x207 ETrade password security, or lack of

The SANS Institute’s recommendation for a strong password is the following:

Contain at least three of the five following character classes:

    Lower case characters
    Upper case characters
    Numbers
    Punctuation
    “Special” characters (e.g. @#$%^&*()_+|~-=\`{}[]:”;’<>/ etc)

ETrade only allows three of the five, and really only checks for two. If your password is “PasSworD123″, ETrade will accept “password123″.

ETrade’s response to this is to use the free two-factor authentication that they offer. While this is indeed helpful, I feel that it’s rather misleading and a bit deceitful to not alert their customers that their password really isn’t as secure as one might believe. Nowhere do they mention that your password isn’t checked for case sensitivity.

They should also do a much better job of promoting the two-factor authentication. The main login screen doesn’t mention it at all.

ETrade isn’t the only company with a poor password policy. Charles Schwab secretly truncates passwords down to 8 characters and also doesn’t care if your entered password is case accurate.

For now your best choice is to use the free two-factor authentication. Beware though that you can easily enable this with ETrade and they don’t really give you ANY instructions on how to use it. It’s not hard but it’s different and not intuitive.

{ Comments on this entry are closed }

Kasabian – ’48:13′

by chris on July 3, 2014

 Kasabian   48:13 Kasabian   48:13
Kasabian seems to be one of those bands that you sometimes find certain people making fun of. “They only had one good album.” I do disagree but do think each progressive release has been weaker. Here are their albums, listed in order of release, and the tracks I think are worth adding to any music library.

Kasabian (self titled) [2004]
Club Foot
Processed Beats
Reason Is Treason
I.D.
L.S.F.
Butcher Blues

West Ryder Pauper Lunatic Asylum [2009]
Underdog
Fire

Empire [2010]
Empire
Shoot The Runner
By My Side
Stuntman

Velociraptor! [2011]
Days Are Forgotten

Now with Kasabian’s latest album, ’48:13′, I don’t hear a single song that makes me want to go back to it. It all seems incredibly forgettable, led by opening track “Bumbleee” and its predictable lyrics:

“Gettin’ a message… A message for me
I’m caught up in love, and I’m in ecstasy
What can I do now, when nothing’s the same?
And all that i know, I wanna do it again
Life is so simple when you are with me
‘Cause when we’re together, I’m in ecstasy”

A couple tracks might be “ok”, such as ‘Stevie’, but they won’t get more than a random play from me via shuffle mode and sure won’t do anything to dispel the bands haters.

{ Comments on this entry are closed }

I listen to Seattle’s KEXP streaming radio fairly regularly and even when I’m not I like to know what they’re playing. I use GeekTool to display KEXP’s “Now Playing” song on my Mac Desktop.

curl -silent 'http://kexp.org/playlist/miniplaylist' | perl -l -0777 -ne 'print $1 if /<title.*?>\s*(.*?)\s*<\/title/si' | perl -MHTML::Entities -le 'while(<>) {print decode_entities($_);}'

For Spotify, I have this script:

DATA=$(osascript -e 'tell application "System Events"
set myList to (name of every process)
end tell
if myList contains "Spotify" then
tell application "Spotify"
if player state is stopped then
set output to ""
else
set trackname to name of current track
set artistname to artist of current track
set albumname to album of current track
if player state is playing then
set output to trackname & " | " & artistname & " | " & albumname
else if player state is paused then
set output to ""
end if
end if
end tell
else
set output to ""
end if')
echo $DATA | awk -F new_line '{print $1}'
echo $DATA | awk -F new_line '{print $2}'

There are a few places within the code where you can customize what appears if Spotify is paused or stopped. I have those set to be empty. (“”)

{ Comments on this entry are closed }

‘Stereo’, an iTunes music player replacement app for album art fans

June 18, 2014

Stereo is a new music player from Appothecary. Stereo is currently at version 0.3.1 and is offered at “an introductory price” of $1.99, down from $3.99. It’s designed to be a simple iTunes music player replacement designed to put importance on album covers. The interface is barebones and puts the album covers front and center. There […]

Read the full article →

Thoughts on Apple’s acquisition of Beats

May 28, 2014

Beats Music is really no different than Pandora, Spotify, Rdio. Sure they all have their own recommendation methods but in the end they are quite similar. None of them has done anything groundbreaking. Pandora has a rather limited library and has been living off of its Genome Project since its inception. Spotify’s apps are interesting […]

Read the full article →

Brace/Choir

May 8, 2014

Brace/Choir is a trancerock quartet founded in Berlin, Germany in 2006. Musically, the band channels a dark, minimalist psychedelia to resurrect such classic themes as death, birth, rebirth, heartbreak, multiple personality disorder, and identity theft. Brace/Choir communicates in an ur-language of rock and roll, taking turns singing the alternately mantra-like and narrative texts. Band members […]

Read the full article →

Like Herding Cats

March 5, 2014

Like Herding Cats released a self-titled debut EP on December 13th, 2013. The record was edited and mixed by Mod at Mod Alien Music Studios (guitarist and songwriter for Elefant, Ape Fight, DMT Frequencies) and mastered by Alan Douches at West West Side Studios (Sufjan Stevens, Beach House, Kurt Vile). The five-song EP, running 17 […]

Read the full article →

See how little musicians are making from streaming services

February 14, 2014

aux.tv has an article displaying just how much little musicians are making from streaming services such as Spotify and Pandora. Musicians have posted pictures of checks they are receiving for as little as .01¢. Cracker’s 1993 alternative hit “Low” has been streamed over 1.1 million times. Their payment: $16.89. .01¢ is quite ridiculous. I could […]

Read the full article →

How much do live gigs pay bands?

February 14, 2014

SFWeekly has an article on how much bands make these days. “Perhaps, while standing inside a club, sipping a beer, and staring up at the stage, you’ve wondered: What is that band making for this show? You know you paid $15 (or $25, or $40) to get in, but how much will the band see […]

Read the full article →

Music streaming service updates (Spotify, Rdio, Beats)

January 20, 2014

Beats Music has gone live: The iPhone app for Beats Music went live in Apple’s iTunes app store ahead of its official launch on Tuesday morning. Beats will also be available on Android. There is a 7-day free trial, which is nowhere near long enough to hook someone who is already knee deep in another […]

Read the full article →