Register a SA Forums Account here!
JOINING THE SA FORUMS WILL REMOVE THIS BIG AD, THE ANNOYING UNDERLINED ADS, AND STUPID INTERSTITIAL ADS!!!

You can: log in, read the tech support FAQ, or request your lost password. This dumb message (and those ads) will appear on every screen until you register! Get rid of this crap by registering your own SA Forums Account and joining roughly 150,000 Goons, for the one-time price of $9.95! We charge money because it costs us money per month for bills, and since we don't believe in showing ads to our users, we try to make the money back through forum registrations.
 
  • Post
  • Reply
The Fool
Oct 16, 2003


CmdrRiker posted:

I don't understand. Quad9 is too stringent with filtering?

No, I mean literally founded by law enforcement.

One of the founding members of Quad9 is Global Cyber Alliance, two of the founding members of that organization are the City of London Police and the New York District Attorney.

To be honest, I like that organizations like that are behind a service that has the stated purpose of reducing cybercrime for everyone, it shows they are trying to be more proactive. But those two don't exactly have great track records for measured use of surveillance tools.

Adbot
ADBOT LOVES YOU

The Fool
Oct 16, 2003


SIGSEGV posted:

telegram is the one run by cryptocurrency poop touchers and that has the "custom" hand rolled encryption, right? anyone cracked that one yet out of national actors yet?

Also run by Russian nationals, so take that for what you will.

The Fool
Oct 16, 2003


my bitter bi rival posted:

6 months later, does anyone have a good explanation for the bloomberg story on supermicro? was it just shoddy journalism, or are there any theories about something more nefarious happening there? the companys stock still hasnt recovered.

I don't have a source handy, but the whole thing fizzled out from lack of evidence and multiple people coming forward saying that it isn't a real thing.

The Fool
Oct 16, 2003


It's also worth noting that neither of the authors of the bloomberg article have been active on twitter since shortly after it was published:
https://twitter.com/MichaelRileyDC/with_replies
https://twitter.com/jordanr1000/with_replies

The Fool
Oct 16, 2003


i didn't know telnet supported cert authentication

The Fool
Oct 16, 2003


BangersInMyKnickers posted:

ROT26 is twice as good

ROT26 is still a single pass, doing 2 passes of ROT13 is better.

The Fool
Oct 16, 2003


Is that the one that tried to ransom a 0-day last year?

I feel bad for them, seemed like they had some poo poo going on. Glad they're still around.

The Fool
Oct 16, 2003


Unless they're trying to pin drug charges on you

The Fool
Oct 16, 2003


Must be a day that ends in y

The Fool
Oct 16, 2003


Janitor Prime posted:

what is it you fucks

What loving rock are you living under

The Fool
Oct 16, 2003


Lutha Mahtin posted:

you could have the tv connect to a dummy network that is physically disconnected from the internet but then you're just wasting electricity because it probably tries to ping home 1000 times a minute

or, like my phone, sees that it doesn't have internet then disconnects from the network

which makes it really hard to configure devices over wifi

The Fool
Oct 16, 2003


Hed posted:

Thanks guys. No particular hatred of the RSA thing, just looking for alternatives because most of the links that turned up seemed outdated.

So I don't X/Y the poo poo out of this:

I'm really just looking for an off-premise hosted webmail provider (think Exchange or GSuite) that allows for 2FA with the ability for me to also authenticate against the same service for other applications, so using RADIUS or something like it so that users can use the same creds/factors for a custom web app or VPN auth or whatever. I see some people doing 2FA with Google Auth (which is fine) but would also want the ability to use a disconnected token option like RSA SecurID or similar. Buying two services would be fine, would just want as much hosted off-premise as possible.

I can take this to the grays if it gets super off topic

O365 + Azure MFA will check all of those boxes.

The Fool
Oct 16, 2003


This is timely, since I have a bunch of KPMG auditors running around the place right now.

The Fool
Oct 16, 2003


CRIP EATIN BREAD posted:

nah, i don't think windows computers should be used for anything that someones life depends on at all.

The Fool
Oct 16, 2003


The Fool
Oct 16, 2003


Kazinsal posted:

page torn from a notebook and stuffed in your wallet

This is better than lastpass

The Fool
Oct 16, 2003



And a large open source community

The Fool
Oct 16, 2003


I actually "own" a "spaceship" in that "game" because a friend of mine is a True Believer even though I have no interest in ever playing it.

The Fool
Oct 16, 2003


according to the "dark web" monitoring faq they host the data in house, but have some sort of partnership with SpyCloud

based entirely on the stupid animated console example on spyclouds api website I suspect the client does a query against the api which returns the "dark web" data, including hashed passwords.

The Fool
Oct 16, 2003


power botton posted:

its probably the same thing as everyone else - checking haveibeenpwned, and will coincidentally break just along with every other vendor once HIBP goes private

yeah, 1pass's watchtower service does this

The Fool
Oct 16, 2003


Cocoa Crispies posted:

how does 2fa work with a password manager

I can't speak to the others, but 1pass can be set to require a OTP when connecting a new device.

The Fool
Oct 16, 2003


Captain Foo posted:

2fa deez nuts

authentication method not found

The Fool
Oct 16, 2003


I have an internal site that I'm hosting in azure blob storage but I can't actually limit access to it because the "whitelist microsoft services" button doesn't include azure devops.

The Fool
Oct 16, 2003


It's also how you would run litestep or other shell replacement back in the day.

The Fool
Oct 16, 2003


Shaggar posted:

windows is the best os to run on any system

everyone says so, the very best

The Fool
Oct 16, 2003


Lain Iwakura posted:

go with ELK

you can find consultants who'll work with you and logrhythm is a sinking ship

Tangentially related to ELK, do you have opinions on Graylog?

e: link, https://www.graylog.org/

The Fool
Oct 16, 2003


Subjunctive posted:

the alerts are stored in the balls

You have some alerts on your face

The Fool
Oct 16, 2003


I'm not seeing how this is different than the hundred other exploits that allow jailbreaking.

The Fool
Oct 16, 2003


Tavis, about MS posted:

Perhaps that means they're supremely confident they completely understand all facets of the issue and have an airtight solution, and were just flexing by wasting the first 30 days of their embargo.

loving lol

The Fool
Oct 16, 2003


Wiggly Wayne DDS posted:

so they hit the deadline, technically?

Yeah, but if you read taviso's bugtracker, it's not a complete solution

The Fool
Oct 16, 2003


Tavis deleted comment 21

The Fool
Oct 16, 2003


infernal machines posted:

or just point your domain to o365 or gsuite and keep offline backups of the mailbox contents

you can take the address with you as long as you own the domain

Do this

Or Zoho if you're a poor

The Fool
Oct 16, 2003


The only meat I'd consider eyeballing doneness on is fish, everything else gets poked with the instant read thermometer.

The Fool
Oct 16, 2003


Xarn posted:

For a culture that is crazy about bbq, you guys sure don't seem capable of bbq.

Food safety is serious business. I didn't see any comments that indicated a lack of capability to bbq.

The Fool
Oct 16, 2003


go to hibp and take your pick: https://haveibeenpwned.com/

e: Chegg might be relevant to a student audience.


e2: vvvv- do that one

The Fool fucked around with this message at 23:58 on Aug 27, 2019

The Fool
Oct 16, 2003


Iirc, most of what you all listed happened in the last 2 ish years and now I want to go live in a bomb shelter somewhere

The Fool
Oct 16, 2003


my first impression is that the windows gui won't work unless you're logged in to your desktop with an admin account.



Can't even run-as admin

The Fool
Oct 16, 2003


pseudorandom name posted:

nice to see security apps aware that the Windows GUI isn't safe

yeah, but that's the opposite of safe

that dialog is the equivalent of telling me to log in as root in order to use the gui

The Fool
Oct 16, 2003


Implementation details are absolutely a contributing factor to a products overall quality

Adbot
ADBOT LOVES YOU

The Fool
Oct 16, 2003


add sneakers and the net to your movie list

  • 1
  • 2
  • 3
  • 4
  • 5
  • Post
  • Reply