|
Frozen Peach posted:Please tell me this is real it is
|
#
?
Jan 24, 2023 03:00
|
|
|
|
| # ? Mar 29, 2023 17:29 |
|
|
very real and very very funny
|
|
#
?
Jan 24, 2023 03:01
|
|
|
Frozen Peach posted:Please tell me this is real Also lol at that 90's style website with a webring appearing to have been created last year edit: her wikipedia entry is an interesting read too: https://en.wikipedia.org/wiki/Maia_arson_crimew mystes fucked around with this message at 03:14 on Jan 24, 2023 |
|
#
?
Jan 24, 2023 03:11
|
|
|
maia dot crimew dot gay
|
|
#
?
Jan 24, 2023 03:33
|
|
|
|
|
#
?
Jan 24, 2023 07:48
|
|
|
pseudorandom name posted:you don’t even have to go to the demon core, there’s a long history of scientists accidentally or deliberately infecting themselves with the diseases they were studying or treating to this day even. I was on a hike with some scientists last year and they were casually chatting about the time they aerosolized a set of brains full of prions and didn’t have any ppe. they were like “mmmm. that might have been a bad idea, but we won’t know for 30 years unfortunately”
|
|
#
?
Jan 24, 2023 11:56
|
|
|
El Mero Mero posted:to this day even. I was on a hike with some scientists last year and they were casually chatting about the time they aerosolized a set of brains full of prions and didn’t have any ppe. they were like “mmmm. that might have been a bad idea, but we won’t know for 30 years unfortunately” Part of my masters project involved making large quantities of carbon nanotubes through an arc process. At the end of the production step we just used to brush the powder containing all the nanotubes into a plastic tub from the sides of the reactor vessel, obviously tons of it was aerolised during this process though. For protection we taped a bin bag to the opening of the chamber and just tried not to breathe too much in. We were also somehow evaporating about 10 liters of toluene into the lab every day, even though we were supposed to be reclaiming it. After about 6 months of this the Uni suddenly realised what was happening and we all had to go and get our lung function tested, get fitted for full facemasks, and change our risk assessment forms to say that we were going to always use them from now on. I guess I'll find out how bad it was if I get lung cancer in a few decades.
|
|
#
?
Jan 24, 2023 12:32
|
|
|
Frozen Peach posted:Please tell me this is real Not only is it real, she makes excellent loving music on the side.
|
|
#
?
Jan 24, 2023 13:21
|
|
|
DJ Burette posted:Part of my masters project involved making large quantities of carbon nanotubes through an arc process. At the end of the production step we just used to brush the powder containing all the nanotubes into a plastic tub from the sides of the reactor vessel, obviously tons of it was aerolised during this process though. For protection we taped a bin bag to the opening of the chamber and just tried not to breathe too much in. We were also somehow evaporating about 10 liters of toluene into the lab every day, even though we were supposed to be reclaiming it. Carcinogen Nanotubes
|
|
#
?
Jan 24, 2023 13:37
|
|
|
cinci zoo sniper posted:it is https://twitter.com/Niah19bunny/status/1617533990394789892
|
|
#
?
Jan 24, 2023 13:52
|
|
|
security fuckup megathread 18.18: holy loving bingle
|
|
#
?
Jan 24, 2023 14:29
|
|
|
foreverially compromised, fully public and loving it
|
|
#
?
Jan 24, 2023 14:31
|
|
|
Oops https://techcrunch.com/2023/01/24/goto-customer-backups-stolen-lastpass/
|
|
#
?
Jan 24, 2023 14:40
|
|
|
your sister i take?
|
|
#
?
Jan 24, 2023 14:51
|
|
|
they call it lastpass because it’s the last place you want to see your passwords stored in
|
|
#
?
Jan 24, 2023 14:52
|
|
|
quote:GoTo said the intruders exfiltrated customers’ encrypted backups from these services — as well as the company’s encryption key for securing the data.
|
|
#
?
Jan 24, 2023 14:55
|
|
|
the second packet has hit lastpass
|
|
#
?
Jan 24, 2023 14:56
|
|
|
cinci zoo sniper posted:the second packet has hit lastpass
|
|
#
?
Jan 24, 2023 14:58
|
|
|
it's called lastpass because it's the last password vault you'll ever use e: more like lostpass!!!
|
|
#
?
Jan 24, 2023 15:05
|
|
|
rafikki posted:They got everything Oof. I just got a new computer and have been debating going a bit more enterprise with my passwords and nope. Back to keepass. Fake edit: figure ill ask is there a preferred version for newer windows hosts?
|
|
#
?
Jan 24, 2023 15:10
|
|
|
ZeusCannon posted:Oof. I just got a new computer and have been debating going a bit more enterprise with my passwords and nope. Back to keepass. if you only use windows, use the first-party client. for a cross-platform setup, keepassxc might situationally involve less hassle
|
|
#
?
Jan 24, 2023 15:18
|
|
|
i use strongbox for ios and macos, keepass on windows, and sync with sync.com worksforme syncing to ios requires a manual wifi sync, but the amount of new things i sign up for these days is close to zero, so i don't really need to update it that often
|
|
#
?
Jan 24, 2023 15:20
|
|
|
https://www.goto.com/blog/our-response-to-a-recent-security-incident quote:Our investigation to date has determined that a threat actor exfiltrated encrypted backups from a third-party cloud storage service related to the following products: Central, Pro, join.me, Hamachi, and RemotelyAnywhere. We also have evidence that a threat actor exfiltrated an encryption key for a portion of the encrypted backups. The affected information, which varies by product, may include account usernames, salted and hashed passwords, a portion of Multi-Factor Authentication (MFA) settings, as well as some product settings and licensing information. In addition, while Rescue and GoToMyPC encrypted databases were not exfiltrated, MFA settings of a small subset of their customers were impacted. looks like these weren't lastpass backups (yet)
|
|
#
?
Jan 24, 2023 15:29
|
|
|
I already encountered someone attempting to cope with stanning for LastPass for years essentially, "Is there a way to force our tenant to enforce new vault passwords to 1/100,000 collision entropy and reset vault passwords that don't satisfy?" buddy buddy it's dead, there is no saving this
|
|
#
?
Jan 24, 2023 15:37
|
|
|
you can't shift blame for LastPass's fuckups and cryptographic weaknesses on to the user
|
|
#
?
Jan 24, 2023 15:38
|
|
|
on yeah? hold my beer and watch this
|
|
#
?
Jan 24, 2023 15:50
|
|
|
cinci zoo sniper posted:if you only use windows, use the first-party client. for a cross-platform setup, keepassxc might situationally involve less hassle I use keepassxc and it's very nice
|
|
#
?
Jan 24, 2023 15:58
|
|
|
sb hermit posted:I use keepassxc and it's very nice same, my only gripe is that the browser plugin for it in chome specifically has problems with like, one or two websites i use regularly so i have to manually open it up and find the entry and plop it in weirdly the older browser plugin (the non-xc one) worked fine on those sites so idk what's going on
|
|
#
?
Jan 24, 2023 16:06
|
|
|
El Mero Mero posted:to this day even. I was on a hike with some scientists last year and they were casually chatting about the time they aerosolized a set of brains full of prions and didn’t have any ppe. they were like “mmmm. that might have been a bad idea, but we won’t know for 30 years unfortunately” Good news is, the lab boys say the symptoms of asbestos poisoning show a median latency of forty-four point six years, so if you're thirty or older, you're laughing. Worst case scenario, you miss out on a few rounds of canasta, plus you forwarded the cause of science by three centuries. I punch those numbers into my calculator, it makes a happy face.
|
|
#
?
Jan 24, 2023 16:26
|
|
|
Im gonna out myself as an idiot for a moment here and ask a probably dumb question. For the people syncing their keepass are you all using an associated token for the database to restrict access as well as the u/pw? Ive always been shy about syncing since duplicating the database always felt less secure.
|
|
#
?
Jan 24, 2023 16:37
|
|
|
the hits just keep coming in password manager landquote:Summary https://github.com/google/security-research/security/advisories/GHSA-mhhf-w9xw-pp9x
|
|
#
?
Jan 24, 2023 16:49
|
|
|
ZeusCannon posted:Im gonna out myself as an idiot for a moment here and ask a probably dumb question. I don't bother because I figured that if either device is compromised it's game over anyway but I guess it's an extra prevention against losing the vault file as long as you don't transfer the token between devices over the internet or something but I might be being stupid here and probably should
|
|
#
?
Jan 24, 2023 16:56
|
|
|
i used a key file along with a password when i used keepass and i made sure it was excluded from e: correction, i did back it up but i didn't sync it to the cloud in the open or sync it between devices Cold on a Cob fucked around with this message at 17:27 on Jan 24, 2023 |
|
#
?
Jan 24, 2023 17:18
|
|
|
post hole digger posted:the hits just keep coming in password manager land I feel like this happened in like 2015 or something as well
|
|
#
?
Jan 24, 2023 17:32
|
|
|
post hole digger posted:the hits just keep coming in password manager land surprised to see safari vulnerable, for all the downsides of built in pwm they're usually pretty good at not auto-filling the wrong page no? or am i just that naive? 
|
|
#
?
Jan 24, 2023 17:37
|
|
|
I'm pretty sure safari doesn't autofill at all, you need to take action to fill the field every time they probably mean that it will still offer to do that and do it if you say yes on insecure pages
|
|
#
?
Jan 24, 2023 17:41
|
|
|
haveblue posted:I'm pretty sure safari doesn't autofill at all, you need to take action to fill the field every time ah ok, gotcha. bitwarden also only does it that way, which tends to be more secure according to them, doesn't inject anything into the page then iirc
|
|
#
?
Jan 24, 2023 17:44
|
|
|
i still use the base keepass2 client despite not having a windows box anymore, just because it's the only one with the synchronize feature that lets me painlessly sync clients against a kdbx with zero chance of collisions thanks to its synchronize with file feature and changing things now would be more than 0 work  the only quirk i've noticed is tray icon not being there in wayland, but i open it by typing kee into the app launcher anyway
|
|
#
?
Jan 24, 2023 17:53
|
|
|
one time in second grade i was whittling, and i wasn't using proper knife technique and i cut the inside of my left leg then a bunch of old men fell over themselves to tell me that if i were a proper wood researcher i would've known better than to cut towards myself, that i was very stupid, and that if THEY had been whittling, they never would have done it the way that i did. oddly enough, many of those men were missing fingers. anyway, they were right, of course, but i still think that event said more about them than it did about me
|
|
#
?
Jan 24, 2023 18:18
|
|
|
|
| # ? Mar 29, 2023 17:29 |
|
|
what does that story have to do with security
|
|
#
?
Jan 24, 2023 18:19
|
|