Social Site Formspring Says 420k User Password Hashes Posted Online

Hackers broke into a development server at Formspring, a social Q&A site, and made off with the password hashes for 420,000 users and later posted them online. The company has reset all of the users’ passwords and said it also has changed the way that it handles passwords.Formspring officials said on Tuesday that they had discovered the incident that morning and later discovered that some of the hashes had been posted online. The company decided to reset the passwords for all of its users.

Google Adds Full Flash Sandbox to Chrome 21

Attackers have spent the last few years learning the ins and outs of Adobe Flash, looking for all of its weak spots, unintended behaviors and any other oddities that will enable them to exploit it. That’s been a profitable investment for them, but browser manufacturers and Adobe have been taking steps to change that, with the latest one being Google’s decision to place Flash in a full sandbox inside of Chrome.

Some of the nation’s largest wireless carriers say they last year collectively received some 1.3 million requests from law enforcement for customers’ phone records – a number that continues to rise. The information shared with police includes geolocation information, content of text messages, wiretaps and aggregated cell tower activity for a specific block of time.

UPDATED–In the wake of the Flame malware attack, which involved the use of a fraudulent Microsoft digital certificate, the software giant has reviewed its certificates and found nearly 30 that aren’t as secure as the company would like and has revoked them. Microsoft also released its new updater for certificates as a critical update for Windows Vista and later versions as part of today’s July Patch Tuesday.

The FTC is nearing completion of its investigation into allegations that Google used a special technique to circumvent the privacy settings on Safari to enable better tracking of users, even when tracking was disabled by the user. The decision may cost Google millions of dollars in fines, but it’s not clear whether that will serve as any kind of deterrent for a company that brings in tens of billions of dollars in revenue each year.