|
there are those very thin lines, where a joke goes on too long, then for a second it gets funny again, then it goes on for way way too long, and youre not coming back to make it funny again anytime soon. forget it. unless you bring it up at like a dinner in 3 years. thats funny as gently caress.
|
#
?
Apr 1, 2017 12:04
|
|
|
|
| # ? May 16, 2024 10:17 |
|
|
spankmeister posted:So, is the Safari plugin fixed? nobody uses safari, so no need to wait on apple
|
|
#
?
Apr 1, 2017 14:03
|
|
|
Powaqoatse posted:there are those very thin lines, where a joke goes on too long, then for a second it gets funny again, then it goes on for way way too long, and youre not coming back to make it funny again anytime soon. forget it. the lorne michaels quotient
|
|
#
?
Apr 1, 2017 14:06
|
|
|
flakeloaf posted:the lorne michaels quotient thats accurate as gently caress
|
|
#
?
Apr 1, 2017 15:18
|
|
|
Carbon dioxide posted:It's the most wonderful time of the year again, folks. gently caress this.
|
|
#
?
Apr 1, 2017 17:22
|
|
|
It’s Your Man Jeff, 9 Times this is how you carry a joke over the edge and back and forth again
|
|
#
?
Apr 1, 2017 17:54
|
|
|
Powaqoatse posted:It’s Your Man Jeff, 9 Times Not James don't care
|
|
#
?
Apr 1, 2017 19:13
|
|
|
Hi James, I'm James.
|
|
#
?
Apr 1, 2017 20:09
|
|
|
OSI bean dip posted:so how many lastpass apologists do we have left? Tried 1password. Apparently theres no support whatsoever on linux. The browser extensions require that the desktop app also be installed. So lastpass it is then
|
|
#
?
Apr 1, 2017 21:49
|
|
|
is keepass so bad that you'd use last pass over it? i find lastpass's garbage user interface more offensive than their terrible security, keepass can't be worse, can it?
|
|
#
?
Apr 1, 2017 22:20
|
|
|
minivanmegafun posted:is keepass so bad that you'd use last pass over it? i find lastpass's garbage user interface more offensive than their terrible security, keepass can't be worse, can it? keepass x is great. also easier to run on Linux in my experience.
|
|
#
?
Apr 1, 2017 22:31
|
|
|
https://www.youtube.com/watch?v=97biyPDXnto
|
|
#
?
Apr 1, 2017 22:53
|
|
|
the krypto key
|
|
#
?
Apr 1, 2017 23:11
|
|
|
lol Cisco how do you use 32 bit signed timestamps ityool 2017 http://www.cisco.com/c/en/us/support/docs/field-notices/642/fn64291.html
|
|
#
?
Apr 1, 2017 23:21
|
|
|
OSI bean dip posted:so how many lastpass apologists do we have left? if you haven't managed to generalize the way tavis devastates most things he looks at into a far more dire view than "lol, lastpass seems like a pos" you may not be paying enough attention what i mean to say is, you are likely just as hosed as any lastpass user
|
|
#
?
Apr 1, 2017 23:35
|
|
|
Progressive JPEG posted:Tried 1password. Apparently theres no support whatsoever on linux. The browser extensions require that the desktop app also be installed. it works fine under wine (ive been doing this for years)
|
|
#
?
Apr 1, 2017 23:46
|
|
|
Cybernetic Vermin posted:if you haven't managed to generalize the way tavis devastates most things he looks at into a far more dire view than "lol, lastpass seems like a pos" you may not be paying enough attention generalizing anything to literally all software is kind of a ridiculous mindset
|
|
#
?
Apr 1, 2017 23:47
|
|
|
you are just resisting the obvious here, all software is hosed, the idea of achieving security through education, individual hard work and expertise is doomed in a future where the average programmer is some shithead hired off the street, we need to burn everything to the ground and start again
|
|
#
?
Apr 1, 2017 23:49
|
|
|
Cybernetic Vermin posted:you are just resisting the obvious here, all software is hosed, the idea of achieving security through education, individual hard work and expertise is doomed in a future where the average programmer is some shithead hired off the street, we need to burn everything to the ground and start again Ok well you can start by getting off the internet forever
|
|
#
?
Apr 1, 2017 23:54
|
|
|
Shia le beouf is finding it pretty hard to hide his latest performance art project from 4chan http://www.newyorker.com/magazine/2017/04/03/trolls-protest-shia-labeoufs-anti-trump-protest-art?mbid=social_twitter quote:"We might be able to do trigonometry with shadows on the flag,” another person wrote. One of the trolls quickly found a clue: a photo of LaBeouf, taken days earlier, at a diner in Greeneville, Tennessee. More opsec then infosec but still pretty impressive
|
|
#
?
Apr 2, 2017 00:01
|
|
|
OSI bean dip posted:so how many lastpass apologists do we have left? Progressive JPEG posted:Tried 1password. Apparently theres no support whatsoever on linux. The browser extensions require that the desktop app also be installed.
|
|
#
?
Apr 2, 2017 00:36
|
|
|
Captain Foo posted:Ok well you can start by getting off the internet forever snark aside i do literally believe that the next decade will have to bring a more constrained programming model for public-facing software, and it will have to be actual constraints, as we are not about to overcome human weaknesses in these areas as the number of people employed doing the work keeps skyrocketing hackers are winning wars and elections at this point it is misunderstanding the situation to laugh about the other guys software of choice turning out to not be entirely secure
|
|
#
?
Apr 2, 2017 00:41
|
|
|
am i insane for just using keepass and then saving the passwords in the browser store? i mean, I've never thought 'god this copy and paste is so hard when i have to do it literally once per devicei have, if only someone could automate it for me!", do i just not have enough passwords or devices or something?
|
|
#
?
Apr 2, 2017 02:03
|
|
|
Cybernetic Vermin posted:snark aside i do literally believe that the next decade will have to bring a more constrained programming model for public-facing software, and it will have to be actual constraints, as we are not about to overcome human weaknesses in these areas as the number of people employed doing the work keeps skyrocketing Your operating system is a piece of poo poo.
|
|
#
?
Apr 2, 2017 02:03
|
|
|
Powerful Two-Hander posted:am i insane for just using keepass and then saving the passwords in the browser store? i mean, I've never thought 'god this copy and paste is so hard when i have to do it literally once per devicei have, if only someone could automate it for me!", do i just not have enough passwords or devices or something? yes because browser stores are notoriously insecure. Firefox used to store in clear text
|
|
#
?
Apr 2, 2017 02:20
|
|
|
CrazyLittle posted:yes because browser stores are notoriously insecure. Firefox used to store in clear text how else would you store it without requiring a master password
|
|
#
?
Apr 2, 2017 03:24
|
|
|
use your operating system's secure keychain or equivalent
|
|
#
?
Apr 2, 2017 05:11
|
|
|
CrazyLittle posted:yes because browser stores are notoriously insecure. Firefox used to store in clear text Firefox used to store it with strong encryption but had to change cause they got too many complaints from people losing their passwords cause users are idiots. Now they use easily reversible encryption unless you set a master password. They've never stored in plaintext afaik
|
|
#
?
Apr 2, 2017 05:30
|
|
|
At least they're ramming sync down everyones throat so a copy of the keystore is backed up in the butt
|
|
#
?
Apr 2, 2017 05:52
|
|
|
pr0zac posted:Firefox used to store it with strong encryption but had to change cause they got too many complaints from people losing their passwords cause users are idiots. Now they use easily reversible encryption unless you set a master password. They've never stored in plaintext afaik I think you're confusing Firefox Sync with local password storage. afaik, the local password storage has always been unencrypted unless you set a master password.
|
|
#
?
Apr 2, 2017 05:56
|
|
|
pseudorandom name posted:I think you're confusing Firefox Sync with local password storage. afaik, the local password storage has always been unencrypted unless you set a master password. If you're not using a master password then I doubt you expect your passwords to be all that secure considering you can just press two buttons to display them all in plaintext on screen.
|
|
#
?
Apr 2, 2017 12:38
|
|
|
don't forget that those passwords are almost always transmitted to a remote server anyways even warning you that it's a non-https connection to that server is a very recent thing
|
|
#
?
Apr 2, 2017 12:45
|
|
|
vOv posted:how else would you store it without requiring a master password Chrome uses Windows CryptoAPI to encrypt the password store and ties it to your windows user account even if you don't have a sync passphrase set. I think this means any other app run under that account can also access it but it's better than nothing I guess.
|
|
#
?
Apr 2, 2017 13:20
|
|
|
pr0zac posted:Firefox used to store it with strong encryption but had to change cause they got too many complaints from people losing their passwords cause users are idiots. Now they use easily reversible encryption unless you set a master password. They've never stored in plaintext afaik Cocoa Crispies posted:don't forget that those passwords are almost always transmitted to a remote server anyways i dont use Firefox sync for passwords, that was an obviously bad idea but i assumed the locally saved ones were tied to the windows account ir something...though yeah that text has gotta get decrypted at some point. time to dehumanize i guess \/  \/
|
|
#
?
Apr 2, 2017 13:34
|
|
|
i use keefox, it works. have autofill disabled tho
|
|
#
?
Apr 2, 2017 15:16
|
|
|
Cybernetic Vermin posted:if you haven't managed to generalize the way tavis devastates most things he looks at into a far more dire view than "lol, lastpass seems like a pos" you may not be paying enough attention Though it's a bit quirky from a UI standpoint, this is something I like about using KeePass and the way it supports browser extensions. The vault has its own HTTP API (optional plugin for the official client, built in to KeePassXC) that listens only on localhost and is connected to by the browser extension with AES encryption. The extension has to ask for access in general, then also for access to each individual password and I can either approve or deny once or always. The quirky part is that the popup when it's looking for a password tends to show up underneath all other windows and doesn't even bother to flash the taskbar icon, so I still find myself getting frustrated at it not auto-filling a password until I realize why. Even if the extension developer went full rogue there is no ability for them to list the contents of the database, nor would they be able to access the passwords I consider truly important unless I had inadvertently selected "always allow" on them. The attack surface is as limited as it can be while still being useful.
|
|
#
?
Apr 2, 2017 15:28
|
|
|
Powerful Two-Hander posted:i dont use Firefox sync for passwords, that was an obviously bad idea Firefox Sync used to use strong crypto which required you to pair new devices with an existing client to do the key exchange, but users were too stupid to understand the concept and thought Sync was a backup mechanism and got mad when they lost everything when they deleted all their Firefox installs so Mozilla changed it to just derive the key from your Sync password because we can't have nice things
|
|
#
?
Apr 2, 2017 18:44
|
|
|
Truga posted:i use keefox, it works. have autofill disabled tho aren't these things going to be susceptible to the same kind of browser plugin bugs?
|
|
#
?
Apr 2, 2017 18:53
|
|
|
pseudorandom name posted:I think you're confusing Firefox Sync with local password storage. afaik, the local password storage has always been unencrypted unless you set a master password. it was encrypted but with a fixed key if there was no master password to use instead, going back to 1998
|
|
#
?
Apr 2, 2017 18:53
|
|
|
|
| # ? May 16, 2024 10:17 |
|
|
Theris posted:Chrome uses Windows CryptoAPI to encrypt the password store and ties it to your windows user account even if you don't have a sync passphrase set. I think this means any other app run under that account can also access it but it's better than nothing I guess.
|
|
#
?
Apr 3, 2017 02:44
|
|