MySpace password breach

There’s a story going around that someone is trying to sell a collection of┬áSEVERAL HUNDRED MILLION MySpace passwords (and that it’s the same person who is selling 100+ million LinkedIn passwords). As with the LinkedIn case, this may be a data breach from months or even years ago.

Still, if you have a MySpace account, or if you’ve re-used a MySpace password elsewhere, this might be a good time to change your password.

2016 AccessU

I spent most of last week at the John Slatin AccessU conference, an annual digital accessibility conference held on the St. Edwards University campus in Austin. This post will be a somewhat haphazard collection of observations from the conference, but it may serve as sort of a followup to the web accessibility post from a couple of months ago.

There were several people at the conference with visual impairments. Two in particular stand out in my mind, as they were in several of the sessions I attended. One of them used a service animal (German Shepherd, I think), and the screen of his laptop was remarkably smudged (because, why would he care?). The other fellow used a collapsible cane, and he typically only opened his laptop far enough to get his hands on the keyboard. I’m not sure their laptop screens ever actually came on (which probably helped the battery life). The second fellow said he works part-time as an accessibility tester for Knowbility (the group that organizes the conference).

There was another fellow there who was sighted but had no arms (born that way, I presume). I didn’t see him use a computer, but I’ve seen pictures of other people who don’t have the use of their arms. They grasp a stick or pencil in their teeth and use that to type (that must take a lot of┬ápatience).

And there was a woman with diminished vision who gave a presentation demonstrating how she uses a computer. She uses a combination of a screen reader and a magnification tool. She uses the magnification tool to set the screen in reverse video mode for high contrast. Her demonstration was particularly interesting, because the computer she was using had trouble connecting to the wireless network, and then it wanted to run Windows updates. She got some help and rolled with it pretty well, but it was instructive to see what a barrier it was to be faced with poorly-presented error messages.

The third day of the conference I attended a mobile accessibility bootcamp presented by Paul J Adam, and that was really interesting. The presenter said that people with visual impairments favor iOS over Android, and it turns out that it’s by a pretty wide margin: in a July 2015 survey of over 2500 screenreader users, about 70% use an iOS device as their primary platform (compared to around 21% using Android).

As one of the exercises in the mobile accessibility bootcamp, I tried using a native app on my Android phone with the Talkback screen reader, and it was a real struggle. Some of that was my unfamiliarity with screen readers in general and Talkback in particular, but some of it was probably poor accessibility in the app (and that’s likely pretty common).

If you ever visit Austin, the St. Edwards campus is really nice (the Sorin Oak is particularly impressive), and Pinthouse Pizza has really good beer.

May 2016 security updates for Microsoft and Adobe (updated)

Adobe and Microsoft have released updates to several of their products. Many of these updates address critical vulnerabilities. Here are the fascinating security bulletins:

Update (14 May): Adobe released another Flash player update.

Software updates for Microsoft, Adobe, WordPress

It was the second Tuesday of the month this week, so Microsoft has released updates to its products. Microsoft characterizes some of these updates as critical. Here’s the April 2016 Microsoft security bulletin.

Adobe has updated its April 2016 security bulletin from last week’s out-of-band announcement. The updated bulletin adds some new items that need updates.

WordPress has released version 4.5. That looks like more of a feature update than a security update. Still, if you host your own wordpress blog, you should probably update. (If, like me, your wordpress blog is hosted on the servers, you don’t need to do anything.)

And if you happen to run SAMBA on Linux (or similar), you need to run your updates, too. There’s a new man-in-the-middle exploit called Badlock which is getting some attention.