Latest news with #digitalLife
Forbes
27-07-2025
- Forbes
Why You Should Delete All Your Passwords In Google Chrome
It's time to make a change. There's a truism in cyber circles, that hackers don't break in, they log in. It's not new — users have been warned as such for years. But now more than ever your passwords are at high risk. And for most users, there's nothing more protecting your digital life. Your passwords are almost certainly included in multiple data breaches, especially given our habit of using the same username and password across multiple accounts. Hackers know this, and it makes their job easier as and when they target your accounts. Google, Microsoft and others are warning you to upgrade all your accounts to add passkeys. Microsoft is going even further, urging a billion users to delete passwords on their accounts. And you have just 5 days before it deletes passwords in its Authenticator smartphone app whether you like it or not. Now is the time to act on your passwords. While most people still don't use two-factor authentication (2FA), most that do still use SMS codes, even as government agencies warn that's little better than no 2FA at all. Use a top-tier authenticator app at a minimum for one 2FA, albeit passkeys are better. Meanwhile, we all need to save our passwords, to conveniently autofill them when required to access websites and apps. But if you're using your browser to store your passwords then you should make a change and stop doing that. And no browser is more widely used as a password manager than Chrome — across all platforms. Saving your passwords in Chrome is undoubtedly easy. But easy is rarely best when it comes to security. And while there may have been arguments for browser-based password management in the past, the password manager options are now so good that there's no excuse not to switch and delete the passwords stored in your browser. 'Do you use Google's Password Manager?' TechRadar asks. If so, 'you should reconsider.' While 'Google's free password manager has handy features like auto-filling passwords and alerting you about data breaches, there are significant downsides you can't ignore: It doesn't use zero-knowledge encryption, meaning Google could potentially access your passwords if they wanted to. Yikes!' The Freedom of the Press Foundation, PC Mag and even Android Police say the same. Especially now that 'Google has made it easier to move away from its password manager with a new 'Delete all data' option in the settings, allowing users to completely wipe their saved passwords before switching to a third-party password manager.' A standalone password manager should be protected by your trusted hardware security. That means Passwords on Apple or an app that uses strong passkey or app-based 2FA authentication. You also need to ensure there's zero-knowledge assurance, meaning your master password and your stored data is only ever available to you. That means a central password manager data breach can't compromise your own accounts. Clearly, if your device is compromised then your password app might be accessible as well. But it's more likely for your browser to be compromised than your device. That could be via a core browser compromise, a malicious extension or even a browser agent. There's no fire gap between your browser and your credentials. That is a risk. Per TechRadar, 'the security risks associated with web-based password management solutions cannot be overlooked. Google Password Manager is susceptible to malware attacks, including those exploiting vulnerabilities like JavaScript. This vulnerability increases the likelihood of unauthorized access to your sensitive information compared to standalone products that don't have the same exposure to web-based threats.' Google has upgraded its password repository — especially with device-level encryption. But there's still no fire gap between your public facing browser and your passwords. As TechRepublic explains, 'today's online landscape is fraught with many cyber threats, and only a dedicated password manager can offer advanced features like zero-knowledge encryption, cross-platform compatibility, travel mode, and secure password sharing and inheritance options for adequate security.' And while 'Google Password Manager can give you some basic protection and password management features, it still cannot be compared to dedicated password managers in many other areas beyond password storage and password generation.' As with VPNs, avoid all but top tier password managers from well-known, leading developers. The app should be part of your ecosystem — such as Apple's — or should be paid. Again just like VPNs free means risky. And you should ensure it ticks all the boxes — fully encrypted security, zero knowledge, authenticated access and a fire gap.
CBC
20-07-2025
- Business
- CBC
Digital contracts are the norm today. Is there still power in a written signature?
Some of the most powerful people in the world can be recognized by their signatures. Prime Minister Mark Carney's signature adorns Canadian currency, from his time as head of the Bank of Canada. And U.S. President Donald Trump regularly displays his oversized, sloping signature for the cameras with each new executive order. But these days, it's far more common for most of us to sign our names on a touch screen, or to simply click a box on an online form, than to sign your name with a pen on paper. Author Christine Rosen isn't happy about it. "We're actively choosing to go back to a way of life where a mark is the same as a signature. So it's a devolution in terms of our skills as human beings," she told The Sunday Magazine's Peter Mitton. Rosen's book The Extinction of Experience looks at how the onslaught of digital life is hollowing out real-life experiences, like the act of physically signing your name. "I fear that our willingness to suspend that small, everyday action is sort of symbolic of some of the other important things we've discarded in our haste to embrace digitally mediated forms of communication," she said. Despite their relative rarity in most people's lives today — and the legal ambiguity that came with the introduction of electronic signatures — written signatures still carry power as a personal artistic expression, whether you've carefully designed your own or paid a professional to do it for you. E-signatures around for decades E-signatures are just over 25 years old in the U.S. In June 2000, then-U.S. president Bill Clinton signed the Electronic Signatures in Global and National Commerce Act into law. The act allowed for electronic records, including digital versions of a signature, to be used for business transactions that earlier required a person's written signature for validation. In Canada, the Personal Information Protection and Electronic Documents Act, which became law in April 2000, outlines the use of e-signatures. Provinces and territories have followed suit with similar legislation. John Gregory, a retired lawyer in Toronto, says when Clinton signed that bill, some worried that the signature's "ceremonial function" might lose some of its power. "It makes you take it seriously. Oh, jeez, I'm signing this. This is important. I should know what I'm doing. Do I really agree to this?" said Gregory, who previously worked in the U.S. on developing government policies around what happens legally when paper trails become increasingly digital. While personal opinions on an e-signature's weight may vary, the law has since moved on. Gregory pointed to a 2017 case in Saskatchewan where a man who injured himself in a go-kart crash said a digital waiver he signed by checking a box shouldn't absolve the company who owned the track of any liability. The court ruled that, in fact, that check was as valid as a pen-and-paper signature. And, in 2024, Saskatchewan's Court of King's Bench upheld a decision that a thumbs-up emoji was confirmation of a contract between two agricultural companies. One of the companies involved asked the Supreme Court of Canada to rule on that decision; it's unclear if the Court will do so. Do young people care about signatures? Filomena Cozzolino, 27, styled her signature after her paternal grandmother, with whom she shares her name. "When I was maybe 12 or 13, I found one of her IDs and I wanted to try to copy her signature," said the publishing and creative writing student at Sheridan College in Mississauga, Ont. "Not only do we share a name, but we can share our signatures, since she's no longer here to share hers anymore." Some of her classmates had a more business-like approach to them. "I have very messy handwriting, actually, because I'm left-handed. So everything smudges and ... once I learned cursive, just went with the flow," said Mikayla Nicholls, 28. Zainab Bakjsh, 24, writes her signature in Arabic, which she says looks better and is easier to write than when she does it in English. But beyond that, she's not given it much thought. "It's just a signature. When I need to do something at the bank, or like renewing my health card, is probably the only time that I sign," she said. Boutique signature craft While the age of correspondence via fountain pen on parchment may be long gone, there's still a niche of people interested in using signatures as a personal flourish — and even a market if you're looking for a professional to craft one for you. "I believe that your signature is literally your face. I mean, regardless of your profession, you can impress people around you with this beautiful signature," said Elena Jovanovic, head calligrapher at Florida-based MySign Studio. The business crafts custom signatures for patrons, offering options in multiple script styles. Their calligraphers will then teach you how to draw them on your own. But it'll cost you, with services ranging from $100 to $200 US. "Many people around the world create their first signature during their teenage years and continue to use it throughout their lives. Typically, these signatures lack creativity and elegance," Jovanovic said. Sometimes patrons request certain artistic effects, such as adding a lion or butterfly to the signature. Other requests are more esoteric. Jovanovic recalled one customer who asked that they customize his signature by introducing a four-letter profanity into his surname — presumably only for the signature, and not as part of a legal name change. "And I was like, why not?" she said.
Yahoo
07-07-2025
- Yahoo
New phone safety features can help kids. But they only work if parents set them up
Keeping kids safe online can be a full-time job for parents. While good communication between parents and children is key, moms and dads should set kids up for success by placing parental controls on devices. Apple has a new software update; coming in September, iOS 26 expands tools that can help in the effort. For parents whose children have an iPhone, they can now play a role in deciding who their kids can text through Messages. If children want to communicate with a new phone number, they will need to get permission from their parents. It's a one-tap approval method for mom or dad, but gives parents a heads up that someone new may be entering their kids' digital life. Kids will also be able to send a parental approval request to chat, follow or friend users in any third-party apps (not developed by Apple) as well. Child Accounts have the user's age-range information. Now parents can share those details with app developers while keeping the child's birth date private. If developers receive the age information, they may better provide age-appropriate experiences for those users. Moms and dads can decide whether they want their kids' age range information shared with all apps or only those they select. Children cannot decide how their age range information is shared unless their parents allow them to do so. Whether or not a young person's account was set up as a Child Account, these age-appropriate protections will be enabled for all users 13 to 17. Web content filters, age ratings and Communication Safety will all be enacted on those accounts. Utah was the first state in the country to pass a bill requiring app stores to verify kids' ages. The state's App Store Accountability Act requires app stores — not individual apps — to seek parental consent before allowing minors to download apps. Each app on the App Store already shows its age rating based on information provided by developers. For parents, that's often a first check to help them decide whether the app would be appropriate for their child to download. Right now, those ratings are for ages 4+, 9+, 12+ and 17+. That leaves a big gap for teenagers. What may be appropriate for a 13 year old may not be for a 16 year old. Apple is helping by expanding age ratings by the end of the year, when you will see additional guidance for 4+ and 9+, but then 13+, 16+ and 18+. Since these age ratings are also used for parental control features like Screen Time and Ask to Buy, these differentiations will likely be helpful for many parents. Communication Safety is a feature that aims to stop kids from seeing nudity. If something explicit is detected in a photo or video a child receives or is trying to send, the image will be blurred. In the upcoming iOS 26 update, that capability will also apply to FaceTime. Apple says it will 'intervene' when nudity is detected in FaceTime video calls and will also blur out any nudity in Shared Albums in Photos. How do Android phones stack up against these parental controls? For those under 18, Google Messages triggers a sensitive content warning when it detects images that contain nudity. That prompts an Android device to blur those images and give helpful resources to users who receive that type of content. Parents can control the feature through Family Link for Supervised users. It's off by default for adults and unsupervised teen accounts, but users can turn it on in settings. This feature does not work for videos. Google Meet has an Acceptable Use Policy that prohibits nudity but only has the blurring capability in Messages. For now, apps in the Google Play Store follow the age ratings from the International Age Rating Coalition which are similar to those Apple has favored in the past. They break age categories into 3+, 7+, 12+, 16+ and 18+. When it comes to texting, parents of teens with Android phones can turn on 'Only allow calls and texts from phone contacts:' through Family Link. This blocks incoming texts from unknown numbers, but not outgoing ones. And worth noting: Android allows the incoming calls and text to go through if a child has reached out to that number within the past month. Giving parents more options to monitor how their kids spend time online is helpful. But while these companies grant the ability to have parental controls, they only work if moms and dads actually set them up. If parents haven't yet set up monitoring through Family Share for Apple or Family Link for Google, it's never too late to start.
