security

WOOHOO! PASS Fixes Password Vulnerabilities, Voting Restrictions

, ,
12 Comments
Great news this morning – PASS turned the ship around in 24 hours. Late last night, PASS President Tom LaRock announced: Voting deadlines have been extended until October 14th If you didn’t get a ballot email, you can still vote, but you have to update your PASS profile by Oct 5th The password vulnerabilities are fixed, and in the process of being tested Go change your SQLPASS.org password right now. This kills two birds with one stone: you’ll become eligible to vote, and less eligible for hacking. If you use that same password, go change it in every other place you use…
Read

The Bigger #PASSVotes Problem: Your Password Was Shared.

, ,
84 Comments
I wasn’t originally going to share this, but given how PASS is handling the things that you do know about, it’s time for you to know the even worse story. In this June’s NomCom election, when you signed in to vote, your PASS login credentials were shared with a third party. I tweeted it at first because I was so shell-shocked – this just couldn’t possibly be happening, and it had to be a misinterpretation on my part. After that initial discovery, we took the vulnerability reporting privately to PASS. Volunteer Andy Warren (@SQLAndy – SQLAndy.com) led the charge, working with…
Read

Will Microsoft Read Your Azure-Hosted Data Too?

, ,
3 Comments
Last week we learned that Microsoft will read your email if they believe you’re sharing their trade secrets. This isn’t illegal – if you sign up for Hotmail, you agree to terms & conditions that give Microsoft the right to poke through your stuff. The case against this blogger appears pretty solid, which makes me wonder – how many bloggers did Microsoft pursue before they settled on this guy? Are they batting a thousand with their investigations, or were there other email-reading incidents that went unreported because they didn’t find enough evidence to win a case? With free email, chat,…
Read

Hi. I’m Brent.

That's me, Brent.

I live in Las Vegas, Nevada. I'm on an epic life quest to have fun and make a difference.

I co-founded Brent Ozar Unlimited to help make your SQL Server go faster. I also maintain sp_Blitz® and the open source First Responder Kit repo.

My current car collection includes a 1986 Ferrari 328 GTS, a 1964 Porsche 356, a 1971 VW Type 3 Squareback, and more.

profile for Brent Ozar on Stack Exchange, a network of free, community-driven Q&A sites