|
"My password contains a confession to the crime I am being charged with, therefore it is protected by the fifth amendment."
|
# ¿ Jan 25, 2016 08:28 |
|
|
# ¿ Apr 25, 2024 12:20 |
|
Is that the sort of thing where you're vulnerable because you're running a Symantec product? You'd be safer with nothing?
|
# ¿ Apr 29, 2016 18:37 |
|
Mustache Ride posted:Jesus tapdancing christ, why is everyone so loving angry in these threads? Yeah I don't get it either, I have to wade through 10 posts of bile but I usually learn a thing or get a suspicion confirmed.
|
# ¿ May 1, 2016 08:07 |
|
Boris Galerkin posted:This thread was nice and informal but now it sucks. Yep.
|
# ¿ May 2, 2016 08:49 |
|
flosofl posted:It's bad, but not as terrible as I thought. Turn off auto update features. Keepass doesn't have an auto update, it's an update check. It's a vulnerability, but it doesn't seem that bad: quote:Until the version check has been switched to HTTPS update notifications should be taken with a grain of salt. To be on the safe side, new releases should be downloaded only directly from Keepass’s secured Sourceforge page: https://sourceforge.net/projects/keepass/ edit: and also the issue is resolved (http://keepass.info/help/kb/sec_issues.html#updsig): quote:Resolution. In order to prevent a man in the middle from making KeePass display incorrect version information (even though this does not imply a successful attack, see above), the version information file is now digitally signed (using RSA-4096 and SHA-512). KeePass 2.34 and higher only accept such a digitally signed version information file. Furthermore, the version information file is now downloaded over HTTPS. The above is indicated and linked from the article that you linked to. C'mon, man. doctorfrog fucked around with this message at 00:26 on Jul 28, 2016 |
# ¿ Jul 28, 2016 00:23 |
|
I say this as an outsider who doesn't know much, but it seems like you have to balance minimizing risk with butthole-tight/no compromises security with just getting on with your life.
|
# ¿ Jul 28, 2016 19:50 |
|
Forgall posted:I'm also confused about purpose of those glyphs, but also about calling lastpass "hash-based password generator". "Most of our clientele are compulsive gamblers, and it looks like a cool slot machine. Really communicates that Web 2.0 feel to have our web app respond dynamically to user input! Way to grow the brand!"
|
# ¿ Nov 8, 2016 17:52 |
|
This thread in general doesn't seem to care for "middle ground." The approach seems to start with "most secure, almost regardless of practicality," and only be dragged kicking and screaming back toward usability with security tradeoffs. It might seem like an extreme position, but given the history of information security, it kinda makes sense. In the end, this thread is less about winning arguments as it is knowing the risks and accepting as few of them as possible. I mostly lurk here because even if I don't see the practicality in everything that someone like OSI might say (for example, I use VeraCrypt for my personal stuff which he has zero trust for), I become a bit less ignorant. It's that or the woodchipper, I guess.
|
# ¿ Nov 22, 2016 21:06 |
|
flosofl posted:Except AV. gently caress AV. That's if you can get anyone to give a poo poo.
|
# ¿ Nov 23, 2016 06:15 |
|
Curious, what's the thread's personal policy or advisement for physical password storage, as inscribed a notebook or something? As in, having a hard copy backup of at least your password database password and suitable instructions for use so your next-of-kin can unlock your cat pics when you're quite dead? Is it "don't do it, under any circumstances, you idiot," "safety deposit box only," "folded up in a sock drawer," in the easily lock-picked fire safe, etc.
|
# ¿ Dec 7, 2016 19:54 |
|
Boris Galerkin posted:I'm on vacation right now and I'm going to need to print some documents this week. What's the general safest way to get these PDFs onto a public computer to print if I don't have a USB stick with me? I'd rather not log into my email or any accounts. I was thinking just putting it on Dropbox, getting the share links, printing it and then deleting them from Dropbox? Mediafire, IIRC, lets you set a password and temporary share links for files. Or (maybe) it did last time I used it years ago. I've been using a paid Dropbox account that lets you do time-limited public links (free account doesn't).
|
# ¿ Dec 31, 2016 23:07 |
|
I wonder if phone/device development will evolve a border-catapult facility that's more friendly than a factory reset. I also wonder: are there any software robot-things that you can download and run from your hotel connection that will automate creating a fake user on a laptop, populating it with plausible user and internet activity and accounts, etc.? Or would that just be a silly toy?
|
# ¿ Mar 15, 2017 00:31 |
|
I read this thread because of how little I know about infosec and try to glean what I can. For me, IoT is like that undercoating you didn't want on your car, except that it also breaks your car's functionality, has security holes that let people roll down the windows to access its interior trouble-free or stop the engine remotely, and if it works properly at all, mostly just allows a megacorporation to vacuum your supposedly anonymized driving metadata into its gigantic profile crunching interior, which will eventually be stolen by Russian hackers and then stolen back by the NSA or something, which eventually links you to a terrorist group.
|
# ¿ Apr 7, 2017 18:03 |
|
Furism posted:Talking about Veracrypt... Is it just me or is it less stable than TrueCrypt? I've had crashes, volumes that don't mount until a reboot, or the GUI sometimes getting stuck (not hanging, just not being able to minimize it away) and I could swear it's a bit longer than TC to mount a drive. It's much slower to mount in my experience (reasons? I dunno), and if you keep trying to interact with the window when it's mounting, Windows might think it's not responding. I've had it crash only when I'm being impatient and repeatedly trying to bring it up. I've also had issues with automatically remounting when restoring from standby, so I just manually remount stuff now.
|
# ¿ Jun 9, 2017 21:55 |
|
https://www.youtube.com/watch?v=_JNGI1dI-e8
|
# ¿ Sep 10, 2017 02:54 |
|
Potato Salad posted:^ Xpost from meme thread Like, is this a new gilded age of corporate/rich person impunity, or am I just getting more to the age where I notice it more and my bile just rises faster?
|
# ¿ Nov 22, 2017 06:49 |
|
Password fantasy chat: What about some biometric password thing where if you feel like you're in trouble, the combination of vitals that forms the password won't line up? Like, "here's my body's state when I'm a free person," and that's your password.
|
# ¿ Jan 24, 2018 01:05 |
|
A sustained, 30-day orgasm is my password.
|
# ¿ Jan 24, 2018 01:29 |
|
Boris Galerkin posted:Replace? Why not buttcoins and banner ads? https://arstechnica.com/information-technology/2018/02/salon-to-ad-blockers-can-we-use-your-browser-to-mine-cryptocurrency/
|
# ¿ Feb 14, 2018 08:12 |
|
says here you share a lot of genetic traits with the golden state killer, welcome to the police department
|
# ¿ Jun 8, 2018 06:04 |
|
|
# ¿ Apr 25, 2024 12:20 |
|
I wonder if uninstalling facetime actually removes the fuckin' thing or just hides the icon.
|
# ¿ Jan 29, 2019 04:56 |