|
The guy in the original thread was talking about RDP so not remote assistance. Still I dunno if I'd trust your average user to install OpenSSH or openvpn on Windows and keep on top of updating it regularly.
|
#
?
Feb 3, 2017 17:01
|
|
|
|
| # ? May 15, 2024 21:00 |
|
|
wyoak posted:The guy in the original thread was talking about RDP so not remote assistance. Still I dunno if I'd trust your average user to install OpenSSH or openvpn on Windows and keep on top of updating it regularly. this is why i was telling shaggar that he's just as dumb as the grey but just like his other autistic posts where he types with erect dick about microsoft and all its glory, he'll write another six post diatribe about how the company has a solution that works best above all else don't respond to him Lain Iwakura fucked around with this message at 17:06 on Feb 3, 2017 |
|
#
?
Feb 3, 2017 17:04
|
|
|
rdp has nothing to do with teamviewer and also cant be used for remote assistance as it would override the user's active session. We were discussing your bizarre hated of teamviewer and your inconsistent views on security
|
|
#
?
Feb 3, 2017 17:05
|
|
|
also I'm litterrally saying that the Microsoft solution (remote assistance) does not work here so idk where you're getting pro-Microsoft stuff from. I wish remote assistance worked cause it would make 3rd party things irrelevant, sure.
|
|
#
?
Feb 3, 2017 17:07
|
|
|
i dunno saying something as general as "never trust a 3rd party" seems a bit paranoid and the endgame there is actively vetting crypto algos and only using software that you've compiled yourself using those algos (also using a compiler you wrote yourself)
|
|
#
?
Feb 3, 2017 17:10
|
|
|
the thread was about persistent remote access, in which case teamviewer is stupid given the thousands of users that had computers hacked through no fault of their own besides installing teamviewer in server mode
|
|
#
?
Feb 3, 2017 17:10
|
|
|
Perplx posted:the thread was about persistent remote access, in which case teamviewer is stupid given the thousands of users that had computers hacked through no fault of their own besides installing teamviewer in server mode well, they probably were reusing passwords too
|
|
#
?
Feb 3, 2017 17:15
|
|
|
why are you people responding to ms stymie
|
|
#
?
Feb 3, 2017 17:16
|
|
|
wyoak posted:i dunno saying something as general as "never trust a 3rd party" seems a bit paranoid and the endgame there is actively vetting crypto algos and only using software that you've compiled yourself using those algos (also using a compiler you wrote yourself) yeah its security through brand favoritism Perplx posted:the thread was about persistent remote access, in which case teamviewer is stupid given the thousands of users that had computers hacked through no fault of their own besides installing teamviewer in server mode ive never used teamviewer for persistent remote access but id put it in the same category as opening rdp or ssh to the world.
|
|
#
?
Feb 3, 2017 17:16
|
|
|
Perplx posted:the thread was about persistent remote access, in which case teamviewer is stupid given the thousands of users that had computers hacked through no fault of their own besides installing teamviewer in server mode If you need remote access to your computer and TeamViewer running in a persistent state is the only way you can do it, you should not be accessing your computer remotely.
|
|
#
?
Feb 3, 2017 17:24
|
|
|
Shaggar posted:ive never used teamviewer for persistent remote access but id put it in the same category as opening rdp or ssh to the world. the problem with teamviewer isn't technical, it's social. rdp or ssh or whatever is specific to that machine, meaning somebody would have to specifically target you. teamviewer (and other 3rd-party services) create a single point of failure. what's easier, doing a mass port scan and targeting individual machines or breaching a single system with direct access to hundreds or thousands of machines?
|
|
#
?
Feb 3, 2017 17:28
|
|
|
wyoak posted:i dunno saying something as general as "never trust a 3rd party" seems a bit paranoid and the endgame there is actively vetting crypto algos and only using software that you've compiled yourself using those algos (also using a compiler you wrote yourself) do you use lastpass
|
|
#
?
Feb 3, 2017 17:29
|
|
|
Munkeymon posted:is the chrome remoting extension bad in the same ways as TeamViewer?
|
|
#
?
Feb 3, 2017 17:39
|
|
|
chrome thing requires a PIN that you set on the computer, so it's probably secure but I couldn't find any real description of its security when I looked
|
|
#
?
Feb 3, 2017 17:42
|
|
|
i had to help my sister with a thing a week ago & used teamviewer  it was just an app she opened and then closed and deleted after, i dont think she even has admin rights on her macbook did i gently caress up bigtime?
|
|
#
?
Feb 3, 2017 17:42
|
|
|
Powaqoatse posted:i had to help my sister with a thing a week ago & used teamviewer I don't care about TeamViewer use for one time connections where you are helping someone but it is arrogant to suggest it is usable for persistent access.
|
|
#
?
Feb 3, 2017 17:45
|
|
|
Powaqoatse posted:i had to help my sister with a thing a week ago & used teamviewer
|
|
#
?
Feb 3, 2017 17:44
|
|
|
Powaqoatse posted:i had to help my sister with a thing a week ago & used teamviewer
|
|
#
?
Feb 3, 2017 17:44
|
|
|
ok thx 
|
|
#
?
Feb 3, 2017 17:46
|
|
|
duTrieux. posted:you spe and no I don't use lastpass, but I do in fact use products that I myself did not compile from source.
|
|
#
?
Feb 3, 2017 17:54
|
|
|
what's the thread favorite for a password manager these days?
|
|
#
?
Feb 3, 2017 17:55
|
|
|
Phone posted:what's the thread favorite for a password manager these days? little notebook next to the computer
|
|
#
?
Feb 3, 2017 17:55
|
|
|
duTrieux. posted:you spe mass port scans are way way easier especially w/ access to botnets.
|
|
#
?
Feb 3, 2017 17:59
|
|
|
Phone posted:what's the thread favorite for a password manager these days?
|
|
#
?
Feb 3, 2017 18:00
|
|
|
whichever you use, don't let your password manager hook into your browser
|
|
#
?
Feb 3, 2017 18:03
|
|
|
anthonypants posted:1password's good, but more importantly what operating systems do you need your password manager to run on win10 OS X sierra iOS 10 (probably gonna be Android by the end of the year)
|
|
#
?
Feb 3, 2017 18:12
|
|
|
since i need win 10/fedora/anroid, ive settled with keepass file in a onedrive folder
|
|
#
?
Feb 3, 2017 18:17
|
|
|
Shaggar posted:openssh has had plenty of vulnerabilities in the past and the idea you're presenting that because its linux its immune to attacks is absolutely retarded openssh isn't a linux toolset, pls don't disparage a good software as such, that its often installed on linux machines doesn't make it linux any more than it being often installed on windows makes it windows it also hasn't had a vulnerability that would allow an arbitrary attacker to get shell since definitely 2002 and MAYBE 2003 you might be getting it mixed up with openssl which is a completely different project and is actually a linux and very bad vulnerability wise
|
|
#
?
Feb 3, 2017 18:32
|
|
|
yeah. it's not like in the past five years there haven't been any rdp rces
|
|
#
?
Feb 3, 2017 18:40
|
|
|
Phone posted:what's the thread favorite for a password manager these days? keep rear end
|
|
#
?
Feb 3, 2017 19:51
|
|
|
and by favorite, i mean "the first one i tried"
|
|
#
?
Feb 3, 2017 19:52
|
|
|
Wheany posted:keep rear end
|
|
#
?
Feb 3, 2017 20:16
|
|
|
Wheany posted:keep rear end
|
|
#
?
Feb 3, 2017 20:30
|
|
|
Microsoft Is Good At Security https://isc.sans.edu/diary/Windows+SMBv3+Denial+of+Service+Proof+of+Concept+%280+Day+Exploit%29/22029 http://www.kb.cert.org/vuls/id/867968 quote:A "Proof of Concept" (PoC) Exploit causing a blue screen of death on recent Windows version was released on Github earlier today. The exploit implements an SMBv3 server, and clients connecting to it will be affected. An attacker would have to trick the client to connect to this server. It isn't clear if this is exploitable beyond a denial of service. To be vulnerable, a client needs to support SMBv3, which was introduced in Windows 8 for clients and Windows 2012 on servers.
|
|
#
?
Feb 3, 2017 20:32
|
|
|
Wheany posted:and by favorite, i mean "the first one i tried"
|
|
#
?
Feb 3, 2017 20:41
|
|
|
CLAM DOWN posted:Microsoft Is Good At Security
|
|
#
?
Feb 3, 2017 20:48
|
|
|
Shaggar posted:mass port scans are way way easier especially w/ access to botnets. botnets 
|
|
#
?
Feb 3, 2017 22:15
|
|
|
my business partner wants to move our clients to an active monitoring platform, pulsewave. it works well enough, but it's a cloud hosted system and the system agent has the ability to run commands on the system. i keep having the same argument explaining why we cannot use it for our clients in law/lobbying.
|
|
#
?
Feb 3, 2017 22:19
|
|
|
what are the regulatory constraints? windows update has the ability to execute commands given server instruction, as do all browsers with a decent update model
|
|
#
?
Feb 3, 2017 22:21
|
|
|
|
| # ? May 15, 2024 21:00 |
|
|
Subjunctive posted:what are the regulatory constraints? windows update has the ability to execute commands given server instruction, as do all browsers with a decent update model same, don't doubt there's some crazy regulatory thing around lawyer stuff I don't know, am interested in what it is tho
|
|
#
?
Feb 3, 2017 22:31
|
|