The link below takes you to the best explanation I've seen on two recently disclosed LastPass security flaws. A few thoughts:
The Bookmarklet vulnerability is the more serious of the two problems, but its exploitation would be difficult – you'd have to be on a rogue or compromised site, and then use the bookmarklet to try to log into that site. Less than 1% of LastPass users use the bookmarklet. Still, I'd venture a guess that most exploits come via compromised sites, so maybe this is a bigger problem than it seems.
The One Time Password vulnerability would be unlikely to cause a problem, as someone would need to target you with your username, and even then the person would only have access to your encrypted data.
Most concerning is how long it took LastPass to disclose these vulnerabilities after they were patched- about 10 months. The LastPass blog post made it sound like the company was giving the researcher a chance to publish his findings first. Sounds like PR spin to me, with the company having no choice but to discuss the fixed problem after the researcher disclosed it publicly.
I've been using 1Password since the start of the year, but I was a devoted LastPass user prior to that. I fell into the “less than 1%” of users who used the bookmarklet. In fact, the bookmarklet is what I miss the most in 1Password, as it made browsing in Safari on iOS much easier.
Despite the way LastPass seems to be downplaying this, this one is a serious stumble that should give users pause. Still, I think a password manager like LastPass is a much better alternative to the way that most people handle passwords.
If you didn’t see the news today, Apple will be ceasing development of Aperture when the new OS X Photos app is released next year. At first blush, this seems like bad news for Aperture users. ApertureExpert has an interesting take on the news, however, that actually has me feeling hopeful for the future of the Photos app. The Photos app as a hub for your photos, with iOS-like extensions allowing any other app, including Lightroom, to interact with it? Count me in, if it comes to pass.
This is one if those tips that makes you wonder what else about iOS you don’t know. I had been doing this the hard way – tap and drag those tiny handles. Two finger tap doesn’t seem to work in all apps that I tried, and certainly is easier on an iPad.
Use a two-finger tap directly onto the paragraph to instantly select the entire paragraph or group of contiguous words.
Sometimes I complete tasks almost unintentionally, in a reactive manner. Someone might call me on the phone, for example, and the conversation takes care of a task that I had previously set up as an action in OmniFocus. I then need to hunt down the action to mark it as complete. If you use the OmniFocus search box, your search would only search the Perspective currently in focus. I wanted to create a quick and easy way to perform a universal search, so I could find my tasks more easily.
AgileBits released 1Password for Windows version 4 today. Some quick first impressions:
The browser extensions are the real sweet part of this update. As the AgileBits blog summarizes, “[y]ou can drill down to view vault items, search your vault, access your Favorites, change extension settings, and, of course, it’s still just a single click to open a new site, fill your credentials, and login.”
Folders and favorites now sync between platforms. If this was present in version 3, I missed it. I noticed for the first time today that folders created on my iPad and Mac were showing up in the Windows app. In the past, my Windows install sort of sat on an island of its own with respect to folders and favorites. No longer.
Multiple vaults. For some time, I’ve wanted to cull out rarely used passwords, and put them into a separate vault. I’ve held off, since using multiple vaults was cumbersome, if not impossible, on Windows. It’s easy now.
Watchtower support. On the Mac version, AgileBits introduced a feature that alerted you to sites where you had a login, and where the site had a security issue. That is now in the Windows app. Unfortunately (through no fault of 1Password), the list of sites is pretty long.
The Windows app still isn’t as visually appealing as the Mac or iOS apps.
I still can’t get universal unlock to work. Even if the Windows desktop app is open, I still need to login via the browser extension. This has been a problem for me going back to when I started with 1Password at version 3.
If you purchased 1Password for Windows in 2013 or later, the upgrade to version 4 is free.
A sign that you’re a true geek – you don’t name your car, but you name your computers. Someone shared a cartoon on Google+ recently of a guy naming his gear. I can no longer find that cartoon, but it did inspire me to name my computers and some other gear this weekend. On a Mac, this is in the Sharing section of System Preferences. On your iDevices, it is in the About section of the Settings app,
Somehow, gear seems to have more personality when you name it. My gear is named it after ski runs at Big Sky, Montana. My workhouse MacBook is no longer the bland “Evan’s MacBook,” but is now the hardworking “Iron Horse.” My old iMac is no longer the boring “Evan’s iMac,” but is the reliable and most senior “Papa Bear.” My media server is “Hollywood,” and so on. READ MORE
I typically don’t gush here about a service that I’ve just tried out for the first time, but I’ll make an exception for FileThis. I just read about it over on Lifehacker, and thought I’d give it a try. FileThis is a service that collects your bills in one place, so that you don’t have to sign into multiple online accounts. I just gave it a try, and this could be one of the biggest timesavers I’ve seen in years.
I just finished a several hour mediation (I’m a lawyer by day), during which I used Keynote as a presentation tool. The mediation happened in another lawyer’s office, so I had to take any technology with me that I planned to use. This was my first time to take presentation technology into a completely new environment, and I was very pleased with how things went.
I’m not only an amateur with respect to video and video editing, but I’m still cutting my teeth on Final Cut Pro X. As a result, I’m not exactly the most efficient editor out there. In particular, until recently I was very inefficient when applying color correction and audio qualities to multiple clips. I would go through each clip, one by one, and apply those settings, even if the settings were identical from clip to clip. Last night, I stumbled upon a better way, which is how you seasoned editors have probably been doing it all along.
Apple gave its annual keynote at the Worldwide Developers Conference yesterday, announcing a bevy of new features for both iOS and Mac OS X. I was actually most excited about the Mac stuff, but iOS received some much-needed love as well. The number of websites covering WWDC is overwhelming, but that won’t stop me from listing the features that got me the most excited.