Weekly output: phone plans, Nvidia keynote, passkey adoption, Bending Spoons buys AOL, SpaceX simplifying Starship lander, Internet luminaries on the open Web

This is not going to be a great week for normal sleep cycles: Tuesday, I will wake up at around 4 a.m. to spend a 15-plus hour shift working as an election officer for Arlington, and then Wednesday I’m off to Dulles Airport for this year’s final business trip across the Atlantic. I’m departing for Web Summit in Lisbon several days early because the organizers of another conference, the Mozilla Festival, offered a press pass and a travel stipend to cover that event in Barcelona. I’ve heard good things about this conference over the years, so accepting an invitation to spend a few days in one of my favorite cities in Europe was an easy call.

In addition to what you see below, Patreon readers got a detailed recap of how this past week’s event-packed schedule left its own series of dents in my calendar.

10/28/2025: The Best Cell Phone Plans, Wirecutter

This was going to be a modest update to the guide that I’ve been maintaining since 2014, but T-Mobile jacking up prices while AT&T and Verizon inflicted more modest rate hikes led to us dethroning T-Mo on cost grounds and handing our “for most people” pick to AT&T, which has advanced its own 5G network considerably.

10/28/2025: In DC, Nvidia CEO Touts New AI Partnerships, Goes a Little MAGA, PCMag

Heading into Nvidia’s conference, I was worried that CEO Jensen Huang would go into the weeds about the finer points of GPU architecture. Instead, he used this nearly two-hour keynote to jump from topic to topic without getting into too much detail about any of them–and kept coming back to opportunities to praise President Trump.

10/29/2025: Passkey Adoption Sees Striking Progress, With One Obvious Leader, PCMag

I struggled to get this written at the end of a long workday, resulting in my getting some nuances wrong that required updating the post the next morning.

11/1/2025: Serial Dot-Com Purchaser Bending Spoons to Buy AOL, But Why?, PCMag

Writing about AOL in 2025 makes me feel so old, but as one of PCMag’s graybeards I had to cover the news of Bending Spoons buying the company that once ruled the online world. I got to this story a day after it broke, so I turned that lag into an opportunity to expand the piece with some quotes from a publicist for that Italian firm and from a podcast interview of its CEO Luca Ferrari last year

11/1/2025: After Elon Tantrum, SpaceX Now Prepping ‘Simplified’ Starship-Based Lunar Lander, PCMag

Since I wrote about Elon Musk’s childish reaction to NASA’s understandable concern over the pace of its Human Landing System work, I had to reach for a keyboard to cover SpaceX’s grown-up corporate response.

11/1/2025: ‘The Truth Is Paywalled.’ Internet Vets Lament the State of the ‘Open’ Web, PCMag

This Monday-evening panel was one of the first items on my calendar this week, but having event after event after event follow it led to me not writing it up until Thursday night. Once again, it was a serious treat to hear some of the Internet’s founding figures talk about the state of the thing they invented.

#AmericaOnline #AOL #ArtemisIII #ATT #BendingSpoons #BrewsterKahle #CindyCohn #Dashlane #FoundationForAmericanInnovation #HumanLandingSystem #JensenHuang #Nvidia #NvidiaGTCDC #passkeyExport #passkeys #phonePlans #smartphonePlans #SpaceX #TMobile #unlimitedData #verizon #VintCerf

Well #PasswordManagers were not as secure as we all thought.
All Password Managers that use a browser add-on/plugin for auto-fill functionality are susceptible to #ClickJacking security vulnerabilities that could be exploited to steal account credentials.
It works on all of them:
#LastPass
#Bitwarden
#iCloudPasswords
#Enpass
#1Password
#NordPass
#ProtonPass
#Keeper
#Dashlane
& yes even the one I use #KeePassXC
Some have pushed out updates.

More info: https://marektoth.com/blog/dom-based-extension-clickjacking/

#CyberSecurityNews

Passwortmanager sind angreifbar. Das fand Marek Tóth heraus und berichtete darüber auf der #DefCon33:
https://marektoth.com/blog/dom-based-extension-clickjacking/
Die von Tóth aufgedeckten Schwachstellen ermöglichen es Hackern, sensible Daten aus Passwort-Managern zu stehlen, darunter Kreditkartendaten, Namen, Adressen und Telefonnummern, wenn ein Opfer eine bösartige Website besucht. Darüber hinaus können Hacker, wenn eine anfällige Website, auf der Ihre Passwort-Manager-Anmeldedaten gespeichert sind, eine Cross-Site-Scripting-Schwachstelle (XSS) oder eine Subdomain-Übernahme aufweist, diese ausnutzen, um Anmeldedaten (Benutzernamen und Passwörter), 2FA-Codes und Passkeys zu stehlen.
Nach Updates gelten inzwischen folgende Passwortmanager als sicher: #Bitwarden #Dashlane, #Keeper, #NordPass, #ProtonPass & #RoboForm.

#infosec #passwortmanager #2FA#security #privacy #BeDiS

#Zeroday #Clickjacking #exploit impacts several #passwordmanagers

https://www.ghacks.net/2025/08/21/zero-day-clickjacking-exploit-impacts-several-password-managers/?utm_source=mas.to&utm_medium=social&utm_campaign=&utm_term=&utm_content=&utm_referrer=https%3A%2F%2Fmas.to%2F%40KNTRO&utm_id=&utm_creative=&utm_channel=mastodon_organic&utm_platform=desktop&utm_location=argentina&utm_language=es-ar&utm_variant=

#Zero_Day #Password #Passwords #PasswordManager #0day #0_day #MarekTóth #Tóth #1Password #Bitwarden #Dashlane #Enpass #iCloudPasswords #Keeper #LastPass #LogMeOnce #NordPass #ProtonPass #RoboForm #Cybersecurity #Socket #KeePass

Dashlane password manager will end its free service on September 16, 2025. Users must then switch to a premium subscription or export their data.

https://www.webpronews.com/dashlane-to-end-free-password-manager-plan-on-september-16-2025/

#dashlane #passwordmanager