|
Red_Fred posted:I've been using KeePass for several years without issue. However I recently changed to using an iPhone from Android and I'm finding the KeePass iOS apps to be a bit poo poo. The other gripe I have is automatic entry is clunky in KeePass which means I end up manually copy and pasting most of the time both in Windows and iOS. I only use Windows and iOS by the way. 1Password is great on IOS and MacOS. It kinda blows on both Android and Windows, and is still missing features like multiple repositories.
|
# ? Jul 13, 2017 15:03 |
|
|
# ? May 10, 2024 06:37 |
|
The only problem with 1Password is that it looks like they're getting rid of local repos altogether, and moving to a subscription-based cloud-only platform.
|
# ? Jul 13, 2017 16:54 |
|
anthonypants posted:The only problem with 1Password is that it looks like they're getting rid of local repos altogether, and moving to a subscription-based cloud-only platform. Which is dumb as gently caress.
|
# ? Jul 13, 2017 17:25 |
|
Lain Iwakura posted:Which is dumb as gently caress. Yep. I'm guessing they aren't going to bother adding multiple repo support or other things to make the Windows/Android local repo versions less lovely because of this. Would love to find something that supports multiple local repos, preferably that can be stored in OwnCloud that works on OSX/Windows/Android/IOS. I'm probably asking for too much.
|
# ? Jul 13, 2017 17:45 |
|
KeepAss is probably going to be your best bet. And it's open source, so you can write your own plugins for it!
|
# ? Jul 13, 2017 17:47 |
|
I don't know about the iOS app, but I've been using KeePass on macOS through Mono just fine (with the exception of some minor copy-paste issues that I haven't bothered to troubleshoot). It's nice having the same interface for both Windows and macOS.
|
# ? Jul 13, 2017 18:07 |
|
1password doesn't add a lot to the iOS experience, because iOS itself is locked down preventing tight integration. Keepass does it well enough; you will be copy-pasting either way. KP (Minikeypass) loads the DB from the dropbox app so getting your PWs onto iOS is pretty simple.
|
# ? Jul 14, 2017 13:53 |
|
Khablam posted:1password doesn't add a lot to the iOS experience, because iOS itself is locked down preventing tight integration. actually 1password is integrated with the share sheet now so you can use it in the browser and any app
|
# ? Jul 15, 2017 02:09 |
|
Khablam posted:1password doesn't add a lot to the iOS experience, because iOS itself is locked down preventing tight integration. This is true except their app doesn't play nice with Google Drive at the moment which is where I store my poo poo. Have to do this Safari hack to update my DB on iOS. Mad Wack posted:actually 1password is integrated with the share sheet now so you can use it in the browser and any app Argh don't tell me this! I just hosed around to get my KeePass browser integrated updated in Chrome on Windows. Related; how secure are the KeePass plugins?
|
# ? Jul 15, 2017 02:36 |
|
OpenSSL is poo poo. From VC++ 5.0 hacks, to BIG ENDIAN AMD64 support, it's real bad. Worse yet? They ignored Tavis. https://github.com/libressl-portable/openbsd/commit/91744d3deae1b0a448f936d107d1934c12510fee You can't ignore Tavis! You will regret this! Don't use OpenSSL if you can help it. Holy poo poo.
|
# ? Jul 16, 2017 18:16 |
|
ratbert90 posted:OpenSSL is poo poo.
|
# ? Jul 16, 2017 18:23 |
|
ratbert90 posted:BIG ENDIAN AMD64 "Remove support for big-endian i386 and amd64 posted:Before someone suggests the OpenSSL people are junkies, here is what they mention about this:
|
# ? Jul 16, 2017 18:48 |
|
https://software.intel.com/en-us/node/628878
|
# ? Jul 16, 2017 19:11 |
|
I have a laptop that was part of a research project at a university. The project is over, and I now have the laptop as a sort of 'bonus'. But, the security of the laptop is still managed remotely, somehow, by IT people at the university, and it leads to annoying features, like having to input passwords if I want to delete a file, or install a program. How can I disable these 'security features'?
|
# ? Jul 22, 2017 21:24 |
|
DavidAlltheTime posted:I have a laptop that was part of a research project at a university. The project is over, and I now have the laptop as a sort of 'bonus'. But, the security of the laptop is still managed remotely, somehow, by IT people at the university, and it leads to annoying features, like having to input passwords if I want to delete a file, or install a program. How can I disable these 'security features'? Wipe it.
|
# ? Jul 22, 2017 21:32 |
|
DavidAlltheTime posted:I have a laptop that was part of a research project at a university. The project is over, and I now have the laptop as a sort of 'bonus'. But, the security of the laptop is still managed remotely, somehow, by IT people at the university, and it leads to annoying features, like having to input passwords if I want to delete a file, or install a program. How can I disable these 'security features'?
|
# ? Jul 22, 2017 21:37 |
|
might also be worth checking if it's configured for AMT remote management too. If AMT is enabled, you may be able to reset or disable it in the BIOS/UEFI settings.
|
# ? Jul 24, 2017 04:33 |
|
Wrongo 1password cloud owns bones Janitoring my dropbox instance sucked
|
# ? Jul 24, 2017 13:15 |
|
So Android Pay is now available in Canada. What are people's thoughts on it from an actual security perspective? The benefits are that there's another layer of separation for identity theft and the like because the merchants never gain access to your actual credit card, with AP working as a sort of proxy for your cards. The only negatives I see are from a neo-luddite aversion to connecting even more of my life to my smartphone but this really comes down to just feelings and not actual facts and pros/cons in terms of security.
|
# ? Aug 27, 2017 18:56 |
|
Oysters Autobio posted:So Android Pay is now available in Canada. Ignore all of this and just remember that there is no liability shift to you unlike EMV.
|
# ? Aug 27, 2017 21:42 |
|
Lain Iwakura posted:Ignore all of this and just remember that there is no liability shift to you unlike EMV. I thought the (US) liability shift was to merchants who had not yet adopted EMV, not to consumers?
|
# ? Aug 27, 2017 22:30 |
|
Lain Iwakura posted:Ignore all of this and just remember that there is no liability shift to you unlike EMV. Sorry, I googled this and am still confused. How's liability shift relate to using Android Pay in Canada? All the links brought up the USA's current transition to chip and pin transactions and problems with it. In Canada we've transitioned to chips/pin a long time ago, and most merchants (maybe 95%+ in my experience) have chip enabled on their machines. I know this isn't the case in the USA. Oysters Autobio fucked around with this message at 22:50 on Aug 27, 2017 |
# ? Aug 27, 2017 22:46 |
|
DoctorTristan posted:I thought the (US) liability shift was to merchants who had not yet adopted EMV, not to consumers? Oysters Autobio posted:Sorry, I googled this and am still confused. How's liability shift relate to using Android Pay in Canada? The liability shift for EMV is strictly where EMV is used in a transaction; the shift is to the consumer in this case. In the case of RFID payments, regardless if it is via Android Pay or on a native card using Interac or credit--this also applies if you have that rare instance where you use stripe. Find an excuse to perform any transaction <$100 using RFID and don't worry about things. If the card becomes compromised as a result, you're off the hook. Under EMV, their excuse that the system is foolproof (it isn't) and that you've given up your PIN if the EMV mechanism is used during a transaction.
|
# ? Aug 28, 2017 01:41 |
|
Lain Iwakura posted:The liability shift for EMV is strictly where EMV is used in a transaction; the shift is to the consumer in this case. In the case of RFID payments, regardless if it is via Android Pay or on a native card using Interac or credit--this also applies if you have that rare instance where you use stripe. I'm really sorry again but I have read this a couple times, and am still confused how this relates to the pros/cons of digital wallets as it relates to security from identity theft or other fuckery. Are you saying that because the liability of RFID is not on the card user (right?), then it doesn't matter whether or not a card is compromised because you're just not on the hook for those payments? Wouldn't digital wallets add one more layer because it would be less likely that anyone could compromise your card in the first place because of that extra layer? Sorry to be so ignorant, if you've got a link or better resource for me to read up on because I'm still struggling to understand. I think I understand what you're saying about EMV cards, and liability shifting to merchants who don't offer EMV card options, but what does this all have to do with digital wallets? Oysters Autobio fucked around with this message at 02:41 on Aug 28, 2017 |
# ? Aug 28, 2017 02:37 |
|
[quote="“Oysters Autobio”" post="“475814141”"] I’m really sorry again but I have read this a couple times, and am still confused how this relates to the pros/cons of digital wallets as it relates to security from identity theft or other fuckery. Are you saying that because the liability of RFID is not on the card user (right?), then it doesn’t matter whether or not a card is compromised because you’re just not on the hook for those payments? Wouldn’t digital wallets add one more layer because it would be less likely that anyone could compromise your card in the first place because of that extra layer? Sorry to be so ignorant, if you’ve got a link or better resource for me to read up on because I’m still struggling to understand. I think I understand what you’re saying about EMV cards, and liability shifting to merchants who don’t offer EMV card options, but what does this all have to do with digital wallets? [/quote] I believe what is being said is this: That digital wallets have the liability of magnetic stripe transactions, while EMV chip cards shift the liability for theft to the cardholder. Even if your card is an EMV card, when you use Android/Apple/Samsung pay you aren’t using the EMV technology and don’t succumb to the EMV liability shift in the transaction. If you use RFID, you’ve effectively created (or not lost) a layer of legal protection. If you use EMV and somehow the transaction leads to your payment details being compromised, you’re default on the hook because you supplied your credentials. Please correct me if this is not the case.
|
# ? Aug 28, 2017 03:30 |
|
Grassy Knowles posted:I believe what is being said is this: This is exactly what I am talking about. Just use it and don't be worried about it--just do the normal thing of checking your statements for oddities.
|
# ? Aug 28, 2017 05:59 |
|
Oysters Autobio posted:So Android Pay is now available in Canada. In the US, either *pay is probably your most secure method of payment. Additionally since either also notifies you of any payments within a few seconds of them happening you get a few advantages: - you show the payment cleared on your side. Believe me, this is rarely useful but amazing when it is - if you were, somehow, cloned, any transaction you didn't do yourself would immediately show in your notifications, so you can instantly stop the card
|
# ? Aug 28, 2017 11:22 |
|
Are there any security concerns from Android Pay in terms of further personal information being stored on the smartphone? Talking about the usual malware, viruses etc. that may target Android Pay as an app itself. This is more of my concern here, though the whole liability shift is good to know regarding tap or no tap (can we confirm that liability shift is the same here in Canada?). I don't mean tinfoil levels of paranoia here about government or something, I just mean what happens if your app gets compromised with your cards on it? Oysters Autobio fucked around with this message at 15:05 on Aug 28, 2017 |
# ? Aug 28, 2017 15:03 |
|
Oysters Autobio posted:Are there any security concerns from Android Pay in terms of further personal information being stored on the smartphone? Talking about the usual malware, viruses etc. that may target Android Pay as an app itself. This is more of my concern here, though the whole liability shift is good to know regarding tap or no tap (can we confirm that liability shift is the same here in Canada?). Your phone is far more secure than your desktop, its fine really.
|
# ? Aug 28, 2017 15:20 |
|
Grassy Knowles posted:I believe what is being said is this: Pretty sure the Fair Credit Billing Act limits cardholder liability for fraud to $50 assuming the cardholder promptly notifies the credit card company of said fraudulent charges (within 60 days I believe), and most/all credit card companies have reduced that liability to $0 by policy. ApplePay, and I believe AndroidPay, use a separate number/token issued by the bank that bills against the same account but that token can only be used for NFC payments; it's not linked to the credit card but to the credit account underlying it. There's no link between the card and the *Pay token for there to be a swipe vs chip decision made, and even if your card is compromised, your NFC token will still work while they send you a new card. Basically, this has nothing to do with the EMV merchant/bank liability shift which was designed to break the chicken and the egg impasse where banks didn't want to deploy EMV chipped cards without merchants having readers, and merchants not wanting to buy new PoS hardware that supports EMV without chip cards being prevalent. (Also note the FCBA applies only to credit cards and not debit cards.)
|
# ? Aug 28, 2017 15:38 |
|
Oysters Autobio posted:Are there any security concerns from Android Pay in terms of further personal information being stored on the smartphone? Talking about the usual malware, viruses etc. that may target Android Pay as an app itself. This is more of my concern here, though the whole liability shift is good to know regarding tap or no tap (can we confirm that liability shift is the same here in Canada?). You're overthinking this. Why are you concerned about your card getting compromised? There is no liability shift to you and if you're responsible with your payment cards then you should be aware of misuse. Seriously. If you're typing your credit card number into various websites on a regular basis, you have more to worry about that than if you use a tap payment system. At least the tap payment system is standardised and controlled by the payment processor. You don't know if the merchant online as you enter your card is properly storing and transmitting information. Just use it and enjoy it; I certainly do.
|
# ? Aug 28, 2017 15:50 |
|
Oysters Autobio posted:Are there any security concerns from Android Pay in terms of further personal information being stored on the smartphone? Talking about the usual malware, viruses etc. that may target Android Pay as an app itself. This is more of my concern here, though the whole liability shift is good to know regarding tap or no tap (can we confirm that liability shift is the same here in Canada?). Card data is usually stored in a secured environment (or protected by a key stored there) such as Samsung's TrustZone. apseudonym posted:Your phone is far more secure than your desktop, its fine really. Absolutely this, even given that you're more likely to have an attacker with physical access to your phone.
|
# ? Aug 28, 2017 16:29 |
|
apseudonym posted:Your phone is far more secure than your desktop, its fine really. This. Unless you're running a rooted phone and installing a bunch of sketchy non-Play Store apps in which case stop doing that.
|
# ? Aug 28, 2017 22:43 |
|
pr0zac posted:This. Unless you're running a rooted phone and installing a bunch of sketchy non-Play Store apps in which case stop doing that. Android Pay refuses to work if it detects* a rooted phone right? * We don't have to get into the discussion on how workable that is.
|
# ? Aug 28, 2017 22:57 |
|
Lain Iwakura posted:Android Pay refuses to work if it detects* a rooted phone right? Yes*. pr0zac posted:This. Unless you're running a rooted phone and installing a bunch of sketchy non-Play Store apps in which case stop doing that. Then you're at worst the same as your desktop
|
# ? Aug 28, 2017 22:58 |
|
Lain Iwakura posted:You're overthinking this. Why are you concerned about your card getting compromised? There is no liability shift to you and if you're responsible with your payment cards then you should be aware of misuse. I've got no issues with tap systems, I use them on a regular basis with my card. I' m talking about specifically Android Pay, not tap systems.
|
# ? Aug 29, 2017 04:30 |
Is there a way to see an event log for Firefox? I am having an issue where every now and then, my browser will go through several redirects and take me to some spam website. This is a fresh install of Windows 10, so I am not sure what it could be. But the redirect is too quick for me to see what websites are there, and nothing shows up in the browser history, and I'm hoping that the first website on the redirect will clue me in a little bit. This also happens in Chrome as well. All of the websites I go to with regards to where the redirect ultimately ends up (searchlock nine times out of ten) tells me to remove malware, but every malware scanner I have tried comes up empty.
|
|
# ? Sep 24, 2017 02:48 |
|
See if there is anything weird looking with Hijackthis! DNS server compromised? Someone else will probably have better answer later...
|
# ? Sep 24, 2017 07:25 |
|
If you had a case of malware on your computer the browser shortcuts in your taskbar, start menu and desktop may have been altered to include a malicious url. Right-click the icon and go to the properties (if it's a pinned taskbar icon, right-click the Mozilla Firefox entry in the list that pops up). Then check in the Shortcut tab to see if the target doesn't have an url after the file path. E: Same goes for Chrome and IE et al., for some reason malware removal tools never fix these real simple things. Maybe they're afraid of false positives.
|
# ? Sep 24, 2017 15:44 |
|
|
# ? May 10, 2024 06:37 |
Geemer posted:If you had a case of malware on your computer the browser shortcuts in your taskbar, start menu and desktop may have been altered to include a malicious url. That isn't the issue. I don't think the issue is with my computer(s). I think it is my router, which is from Xfinity. I don't know how to troubleshoot a router having malware though.
|
|
# ? Sep 24, 2017 15:51 |