by
Jeffrey Goldberg
When a large number of websites are discovered to have been vulnerable, as is the case with websites running recent versions of Drupal, people need clear and unambiguous advice that you can act on. And so, our clear and unambiguous advice is: If you have a username and password on a site which has been using Drupal for its content management, you …
Continue reading
by
Jeffrey Goldberg
A new security bug, commonly known as Shellshock (Officially CVE-2014-6271, is bad. It is fair to say that a large number of servers (particularly web servers) were vulnerable to serious attack for some time. It is likely that many still are, and we are unlikely to learn about most of them.
Continue reading
by
Jeffrey Goldberg
I have said it before, and I’ll say it again: 1Password and Knox cannot provide complete protection against a compromised operating system. There is a saying (for which I cannot find a source), “Once an attacker has broken into your computer [and obtained root privileges], it is no longer your computer.” So in principle, there is nothing that …
Continue reading
by
Jeffrey Goldberg
iOS 8 has an incredible feature coming called App Extensions, and we’re thrilled to say we have a 1Password extension ready for developers to use right in their apps! In apps that gain support for our extension, you will no longer have to copy and paste passwords from 1Password. Yes, it really is a game changer, and you can see it in action for …
Continue reading
by
Jeffrey Goldberg
When you use a password manager, you are putting a great deal of valuable and sensitive information in one place. The expression, putting all your eggs in one basket is apt. When you put all your very valuable eggs in one basket, it is absolutely fit and proper to ask how secure that basket is.
Continue reading
by
Jeffrey Goldberg
For the third time this year, there is yet another flaw in an underlying security technology used across the net: the recently fixed OpenSSL bugs announced on June 5. For our customers, we are happy to report that 1Password is not affected by bugs in SSL implementations, nor do these bugs require that most people change passwords.
Continue reading