News

BOARD OF DIRECTORS 2018 – 2019

Ben Cheng Charles Low Jacky Ng SC Leung Sang Young Edmon Chung Chester Soong May Yeung Edwin Chu Posts of the board directors are to be confirmed asap. 

Read more

[明報專訊] 為何密碼不能重用?

為何密碼不能重用?為了資料的安全,電腦專家常說不要重覆使用密碼,但當我協助母親大人在手機安裝不同應用程式(App),並開設新戶口時,她都會向我抱怨太多密碼,根本記不下,然後問為什麼每次也要用不同的密碼,用單一密碼不是更方便等。理論上,每次你開一個新戶口,在設立密碼時,系統都會進行單向加密,簡單解釋是系統並不會把整組密碼,完完整整放在資料庫上,若運用得當,密碼亦難以從單向加密的字串變回完整的密碼。 理論安全 實際上卻未必 可是,並不是每個IT系統也做足該做的事,也有系統錯誤地把整個密碼存在資料庫,一旦駭客取得資料庫,而你又把同一組密碼用於銀行或其他聊天室上,駭客就可以輕易登入你那些戶口。 哪麼如果我一直以來都是重用密碼可以怎麼辦?首先把重要的的戶口更改成其他不重複使用的密碼。重要戶口是指銀行,電郵以及通訊軟件等。銀行密碼的重要性我相信大家很清楚,只是較年長的人為了方便管理自己的密碼,往往忽略電郵和通訊軟件被黑客駭入的重要性。很多時候,電郵是重設密碼的重要渠道,獲得你的電郵登入資訊等同獲得很多其他服務的密碼,因為電郵可以直接重設的密碼,而通訊軟件如Facebook等被駭入,則可能被人利用散播病毒,甚至是行騙,而最後受害更可能是你最親的父母、子女或是親朋好友。 密碼失竊 不可掉以輕心 另外,不要以為密碼大規模失竊很少有,其實不時都能在新聞上,看到個人資料被偷取的個案,密碼被偷亦不少。想查閱大型戶口洩漏事件,可試試這個網站 https://haveibeenpwned.com ,而用家只要將自己的電郵輸入到這個網站裏,便可以查到用此電郵註冊的服務,有沒有曾被駭客盜取或者洩漏過戶口資料。一旦發現自己的電郵註冊的服務曾經在洩漏名單上,請更改密碼,避免有人以洩漏的密碼登入你的電郵,更改不同服務的密碼。 若有能力做好以上兩個提點,聰明的讀者更可以走多一步,幫戶口開啟雙重認證。這就像是銀行保安編碼器,利用多一重一次性密碼,減低其他人進入你戶口的機會,這種一次性密碼可透過 SMS 或者驗證碼產生器獲得,而現時已有不少服務供應商提供雙重認證功能,例如Apple ID、Google、Microsoft等,詳情可以到各個服務上查閱。 希望大家學會保護自己,否則最後損失的都是你和你身邊的人。 文:楊婉翔(香港互聯網協會幹事)

Read more

NOTICE OF AGM 2018

FOR ISOC HK MEMBERS ONLY Notice of AGM and Election The Annual General Meeting (AGM) of Internet Society Hong Kong Limited will be held on 17-Dec-2018 (Monday). The Election of the Board of Directors will be held in the AGM. Five seats of the Board will be opened for election, with four seats for full member…

Read more

IOT SECURITY AND PRIVACY HACKATHON- Workshops and Speakers

Event details: Date: Dec 1 (Sat), 2018 Time: 10:00 – 18:00 Venue: 1/F, Eaton Hotel, 380 Nathan Road, Jordan Fee: Free of charge; free snacks and beverage will be provided during lunch break Language: Cantonese; materials in English More information of the event: https://www.isoc.hk/news/iot-security-and-privacy-hackathon/ Workshop description and Speakers’ bio: Introduction to IoT Security and Privacy Evaluation…

Read more

IoT Security and Privacy Hackathon

            Join the IoT (Internet of Things) Security Hackathon– you will learn and apply the following skills: IoT Protocols and Security Testing Security Vulnerabilities of IoT Devices Static Analysis of Firmware and Walkthrough of How a Router Expliot is Discovered Bruteforce Technique This is a full day event in which…

Read more

Events Supported by ISOC HK– September 2018

ISOC HK is supporting the following events: EduTECH Asia 2018 (9-10 Oct, 2018) Seminar on “Surviving the Sino-US Trade Dispute: Enhancement of Government Support to SMEs” (15 Oct, 2018) Hong Kong Towards Faster Payment Conference (16 Oct, 2018) R

Read more

Important: KSK Rollover

Please read the below message from HKIRC Subject: ALERT: Urge Action on Root Zone Key Signing Key (KSK) Change (KSK Rollover scheduled on 11 Oct 2018) – 中文版本隨英文之後 – Dear Sir/Madam, We are writing to inform you of the schedule of root zone key signing key (“KSK”) change to be conducted by The Internet Corporation…

Read more

Events Supported by ISOC HK– August 2018

ISOC HK is supporting the following events: Information Security Summit Build a Secure Cyberspace Seminar Cybersecurity Consortium The Information Security Summit 2018 is a regional event with the aim to give participants from the Asia Pacific region an update on the latest development, trends and status in information security. Overseas and Local Experts from the industry will…

Read more

Recruitment For Research Intern

Internet Society Hong Kong (ISOC HK) is looking for part-time interns to conduct preliminary research for developing an index to measure open data in Hong Kong. The interns are expected to work under the supervision of project researcher and coordinator to implement assigned tasks according to the research plan on a tight schedule. We welcome…

Read more

GDPR Hands-On Workshop 2018

ISOC-HK brings you the Practical Hands-on EU-GDPR Workshop led by European cyber security expert Ms. Anett Madi-Nator. The 1-Day workshop takes a problem-solving approach to address the GDPR compliance issue with case study from EU enterprises. The Workshop will provide a multi-dimensional exposure to the problem, rather than a purely legal and compliance perspective. You…

Read more