Register a SA Forums Account here!
JOINING THE SA FORUMS WILL REMOVE THIS BIG AD, THE ANNOYING UNDERLINED ADS, AND STUPID INTERSTITIAL ADS!!!

You can: log in, read the tech support FAQ, or request your lost password. This dumb message (and those ads) will appear on every screen until you register! Get rid of this crap by registering your own SA Forums Account and joining roughly 150,000 Goons, for the one-time price of $9.95! We charge money because it costs us money per month for bills, and since we don't believe in showing ads to our users, we try to make the money back through forum registrations.
 
  • Post
  • Reply
The Fool
Oct 16, 2003


this isnt the woodworking thread

Adbot
ADBOT LOVES YOU

dpkg chopra
Jun 9, 2007

Fast Food Fight

Grimey Drawer
just a normal second grader hanging around old men and their wood

dpkg chopra
Jun 9, 2007

Fast Food Fight

Grimey Drawer

The Fool posted:

this isnt the woodworking thread

log4jo

rjmccall
Sep 7, 2007

no worries friend
Fun Shoe
always use adze blockers

haveblue
Aug 15, 2005


Toilet Rascal

rjmccall posted:

always use adze blockers

extra important when using edge

mystes
May 31, 2006

The Fool posted:

what does that story have to do with security
It think it's probably an allegory

Although as someone who has managed to cut my hand with a knife in a way requiring stitches twice in my life I'm not 100% sure.

ZeusCannon
Nov 5, 2009

BLAAAAAARGH PLEASE KILL ME BLAAAAAAAARGH
Grimey Drawer
Thanks for the replies was very curious.


Cold on a Cob posted:

i used a key file along with a password when i used keepass and i made sure it was excluded from backups and syncing in case i lost control of the encrypted db

e: correction, i did back it up but i didn't sync it to the cloud in the open or sync it between devices

The new windows machine i have has taught me to despise onedrive. Theres no way i can find to exclude specific files from being backed up. Its all or nothing which is loving stupid.

So i turned that poo poo off

Grace Baiting
Jul 20, 2012

Audi famam illius;
Cucurrit quaeque
Tetigit destruens.




goto considered ownedfull

Achmed Jones
Oct 16, 2004



rjmccall posted:

always use adze blockers

jesus christ man

Captain Foo
May 11, 2004

we vibin'
we slidin'
we breathin'
we dyin'

rjmccall posted:

always use adze blockers

well done

cinci zoo sniper
Mar 14, 2013




https://www.bloomberg.com/news/articles/2023-01-24/riot-games-says-source-code-stolen-as-part-of-cyberattack

league of legends has gone open source as well

Shaggar
Apr 26, 2006
Nap Ghost
oh no! not the source code to the one map

rjmccall
Sep 7, 2007

no worries friend
Fun Shoe
yeah i’m pretty sure lol could actually go open source and it wouldn’t hurt them at all, it’s not like any of their company value is in the technical achievements of the game engine

hobbesmaster
Jan 28, 2008

Shaggar posted:

oh no! not the source code to the one map

this is aram erasure

windows hello.jpg
Jan 13, 2023
If you use Bitwarden Cloud, Security -> Keys -> set KDF iterations to 600000 -> re-login to all devices

https://palant.info/2023/01/23/bitwarden-design-flaw-server-side-iterations/

Feisty-Cadaver
Jun 1, 2000
The worms crawl in,
The worms crawl out.

rjmccall posted:

yeah i’m pretty sure lol could actually go open source and it wouldn’t hurt them at all, it’s not like any of their company value is in the technical achievements of the game engine

makes it easier for cheaters to find exploits

or potentially run private servers and enable all skins, etc

but yeah there are no amazing technical achievements in that engine to put it mildly

BlankSystemDaemon
Mar 13, 2009

windows hello.jpg posted:

If you use Bitwarden Cloud, Security -> Keys -> set KDF iterations to 600000 -> re-login to all devices

https://palant.info/2023/01/23/bitwarden-design-flaw-server-side-iterations/
How the gently caress can you, in the year whenever-the-gently caress-this-was-made-let-alone-since, not base the number of iterations of a key derivation function on how fast a CPU is, by measuring the the number of iterations it can do within a few seconds?

Powerful Two-Hander
Mar 9, 2004

Mods please change my name to "Tooter Skeleton" TIA.



LoL

SlowBloke
Aug 14, 2017

ZeusCannon posted:

Im gonna out myself as an idiot for a moment here and ask a probably dumb question.

For the people syncing their keepass are you all using an associated token for the database to restrict access as well as the u/pw? Ive always been shy about syncing since duplicating the database always felt less secure.

Depending on the keepass database importance, i set up a yubikey to execute a challenge as MFA on critical ones. KeepassXC does it natively (guide at https://keepassxc.org/docs/#faq-yubikey-2fa) on win/mac/linux, keepassium does it on ios/ipados.

Chris Knight
Jun 5, 2002

And I'm only saying this because I care.

There are a lot of decaffeinated brands on the market today that are just as tasty as the real thing.


Fun Shoe

windows hello.jpg posted:

If you use Bitwarden Cloud, Security -> Keys -> set KDF iterations to 600000 -> re-login to all devices

https://palant.info/2023/01/23/bitwarden-design-flaw-server-side-iterations/
200,001 PEBKAC iterations

cinci zoo sniper
Mar 14, 2013




https://habr.com/ru/news/t/712888/

yandex has gone open source too

cinci zoo sniper
Mar 14, 2013




i know i should've figured out an indexing joke, but it's 1am

infernal machines
Oct 11, 2012

And, for an instant, she stared directly into those soft blue eyes and knew, with an instinctive mammalian certainty, that the exceedingly rich were no longer even remotely human
https://twitter.com/TheChowderhead/status/1617599107098628097

post hole digger
Mar 21, 2011

lol that is awesome

bob dobbs is dead
Oct 8, 2017

I love peeps
Nap Ghost
total over the years was 8 after this past f16 thing iirc

f16 one was pretty insignificant but challenger 2 thing and the chinese armor piercing ammo thing was pretty nontrivial

mystes
May 31, 2006

lol

BlankSystemDaemon
Mar 13, 2009
there's also a cute dog further down the thread

hobbesmaster
Jan 28, 2008


I think 2 or 3 were “only” ITAR export violations but…

bob dobbs is dead posted:

total over the years was 8 after this past f16 thing iirc

f16 one was pretty insignificant but challenger 2 thing and the chinese armor piercing ammo thing was pretty nontrivial

to be clear, someone did actually post detailed top secret technical information about modern British tank armor to win a forum argument

Buff Hardback
Jun 11, 2019



BlankSystemDaemon posted:

How the gently caress can you, in the year whenever-the-gently caress-this-was-made-let-alone-since, not base the number of iterations of a key derivation function on how fast a CPU is, by measuring the the number of iterations it can do within a few seconds?

because the number of rounds used for pbkdf2 needs to be consistent on all clients so you can’t just say “3.34 seconds of iterations”

Pollyanna
Mar 5, 2005

Milk's on them.


BlankSystemDaemon posted:

there's also a cute dog further down the thread


YEAAAAAAAAAHHHHH!!!!!!!

Kitfox88
Aug 20, 2007

Anybody lose their glasses?

hobbesmaster posted:

I think 2 or 3 were “only” ITAR export violations but…

to be clear, someone did actually post detailed top secret technical information about modern British tank armor to win a forum argument

yeah loving absolute king

post hole digger
Mar 21, 2011

hobbesmaster posted:

to be clear, someone did actually post detailed top secret technical information about modern British tank armor to win a forum argument

I respect that person sooo much.

hobbesmaster
Jan 28, 2008

post hole digger posted:

I respect that person sooo much.

Volmarias
Dec 31, 2002

I'm sure I'll think of something.

What a wonderfully weird and dumb time to be alive.

Kesper North
Nov 3, 2011

EMERGENCY POWER TO PARTY
I'm still amazed that the playerbase managed 3 classified leaks in one week

Subjunctive
Sep 12, 2006

✨sparkle and shine✨

windows hello.jpg posted:

If you use Bitwarden Cloud, Security -> Keys -> set KDF iterations to 600000 -> re-login to all devices

https://palant.info/2023/01/23/bitwarden-design-flaw-server-side-iterations/

thanks, I’ve had an account for 3 years and was at 100K, moved to 500K

dpkg chopra
Jun 9, 2007

Fast Food Fight

Grimey Drawer


Presented without comment.

cinci zoo sniper
Mar 14, 2013




dpkg chopra posted:



Presented without comment.

what

Achmed Jones
Oct 16, 2004



wow im really starting to dislike the internet*

*more

Adbot
ADBOT LOVES YOU

Wombot
Sep 11, 2001

dpkg chopra posted:



Presented without comment.

FIST YOUR ETHERNET

  • 1
  • 2
  • 3
  • 4
  • 5
  • Post
  • Reply