|
Dixie Cretin Seaman posted:1password has a lastpass-style subscription where they host your vault (when you make your new vault your computer locally generates an authorization key that you need to enter the first time you need to authorize a new machine to download your encrypted vault. from there you use your vault password to decrypt and by default it keeps local encrypted copy of your vault in case you lose internet access). i think the non-subscription software is still sold and lets you use dropbox or icloud accounts for hosting your vault instead is the hosted vault accessible thru the web or do you still need their software to do it?
|
# ? Nov 3, 2017 00:08 |
|
|
# ? May 22, 2024 19:04 |
|
RFC2324 posted:keep rear end portable doesn't need to be installed? good point. this might be workable (technically against the rules to download and run anything even if there's no install but oh loving crackers i'm tired of these rules lastpass is just easier though because I know at least dropbox is proxied off to inaccessibility on the 'net machines at work, i don't know what other cloud storage services are (probably all of them)
|
# ? Nov 3, 2017 00:10 |
|
i desperately want a new job because of bullshit like this (ok this time it's not impacting my work but 99% of the time you bet it does) but i'd miss all the tiny little bennies of working at this stupid place, like flexible schedule and being totally ok with t-shirt and jeans and boat shoes or whatever
|
# ? Nov 3, 2017 00:16 |
|
Ciaphas posted:is the hosted vault accessible thru the web or do you still need their software to do it? you can get your passwords through their website but personally that makes me uneasy. there's also browser extensions
|
# ? Nov 3, 2017 00:44 |
|
more armv8.3 news https://events.linuxfoundation.org/sites/events/files/slides/slides_23.pdf
|
# ? Nov 3, 2017 01:21 |
|
is lastpass that bad if you don't install the browser plugin, which i was already not doing because it gets in slapfights with chrome/safari/whatevers own password autofill
|
# ? Nov 3, 2017 01:42 |
|
if you're working someplace with an airgapped network they probably have a policy that says they monitor the internet facing stuff too, so be cautious accessing your passwords lest your employer record them and lose them in the inevitable breach
|
# ? Nov 3, 2017 01:50 |
|
Phobeste posted:is lastpass that bad if you don't install the browser plugin, which i was already not doing because it gets in slapfights with chrome/safari/whatevers own password autofill people will try to bargain literally anything as opposed to taking minor action
|
# ? Nov 3, 2017 01:52 |
|
Phobeste posted:is lastpass that bad if you don't install the browser plugin, which i was already not doing because it gets in slapfights with chrome/safari/whatevers own password autofill depends does "whoops, lastpass hosed up their security and now an attacker could potentially have all your passwords" count as bad? because that's happened more than once
|
# ? Nov 3, 2017 02:58 |
|
https://twitter.com/TwitterGov/status/926267806261407744 https://twitter.com/sarahjeong/status/926271887046361088 pseudorandom name fucked around with this message at 03:36 on Nov 3, 2017 |
# ? Nov 3, 2017 03:23 |
|
Bulgogi Hoagie posted:https://twitter.com/lukasstefanko/status/926084558273044481 Adrian is right and iOS security is overblown .
|
# ? Nov 3, 2017 03:57 |
|
pseudorandom name posted:https://twitter.com/TwitterGov/status/926267806261407744 legend
|
# ? Nov 3, 2017 04:43 |
|
the amount of journalists on twitter who are blown away that a single person at a tech company has the power to shut down any account how do they even remember to breathe and apparently that includes the guy who runs attrition.org https://twitter.com/attritionorg/status/926293099822833664 anthonypants fucked around with this message at 04:56 on Nov 3, 2017 |
# ? Nov 3, 2017 04:54 |
|
Thanks Ants posted:magento seems alright someone in COBOL told me magento caches queries by writing them to a table then exec (select qyery_text from table_of_shame...) if that's alright I'm OK with being not alright somewhere else
|
# ? Nov 3, 2017 05:10 |
|
cis autodrag posted:Grey forum Firefox thread is advocating using insecure branch "waterfox" again because dammit the new version of Firefox broke their extension to "unfuck the ui" clearly should have stuck with Opera 12
|
# ? Nov 3, 2017 05:10 |
|
Bulgogi Hoagie posted:https://twitter.com/lukasstefanko/status/926084558273044481 nobody wanted to own one
|
# ? Nov 3, 2017 05:11 |
|
Munkeymon posted:nobody wanted to own one
|
# ? Nov 3, 2017 05:13 |
|
Munkeymon posted:nobody wanted to own one
|
# ? Nov 3, 2017 05:17 |
|
anthonypants posted:the amount of journalists on twitter who are blown away that a single person at a tech company has the power to shut down any account Hi, I also have root.
|
# ? Nov 3, 2017 05:46 |
|
Whoa 1 person led to an 11 minute downtime for 1 account? are you friggin serious?
|
# ? Nov 3, 2017 05:50 |
|
Kawasaki Nun posted:Whoa 1 person led to an 11 minute downtime for 1 account? are you friggin serious? You seem to be disillusioned as to how many people have judge, jury & executioner (root) access over all the things you use daily.
|
# ? Nov 3, 2017 06:17 |
|
SeaborneClink posted:You seem to be disillusioned as to how many people have judge, jury & executioner (root) access over all the things you use daily. think of all the people who have commit access on a public software repo who could cause widespread havoc across the internet think of all the people who single-handedly have the power to take down an entire cloud compute region this is not new and it is not going away anytime soon and you are beyond naive if this is news to you
|
# ? Nov 3, 2017 06:59 |
|
this isn't even unique to computers, either. anyone can throw a match into a folder warehouse. hell, there's several people around the globe that can just up and end civilization.
|
# ? Nov 3, 2017 07:20 |
|
Truga posted:hell, there's several people around the globe that can just up and end civilization. how many of them are twitter support staff?
|
# ? Nov 3, 2017 07:32 |
|
i don't think trump would go nuclear over getting banned from twitter, but i also didn't think he'd win so who knows. gives a new meaning to hack the planet tho. steal trump's acc, get him banned, bathe in nukular hellfire.
|
# ? Nov 3, 2017 09:53 |
|
infernal machines posted:how many of them are twitter support staff? 3
|
# ? Nov 3, 2017 09:55 |
|
I think a lot of people just inherently trust tech companies to not do these types of mistakes and assume that there's enough competency that one disgruntled employee cannot shut the entire place down. Like they just could not believe a system like that would not have been fixed in the first place. It's a good thing people start to realize this is misplaced trust and that the actual things are much worse and less competently set up than they think.
|
# ? Nov 3, 2017 11:22 |
|
see also: belief that chinese wall policies and similar information insulation can actually be successfully applied to the it side of investment banks and similar all these momentous long-term trades have the potential to scroll by the screens of a lot of people, and little can be done about it
|
# ? Nov 3, 2017 11:33 |
|
Thanks Ants posted:magento seems alright ugh one of my companies does e-commerce infrastructure and dealing with magento’s API stuff is ridiculous and flaky. same but less so with bigcommerce. the only one that seems to be built by sentient beings is shopify, which is happily where all the action is anyway
|
# ? Nov 3, 2017 11:51 |
|
SeaborneClink posted:You seem to be disillusioned as to how many people have judge, jury & executioner (root) access over all the things you use daily. I think op needs to become disillusioned, they aren’t there yet. what systems require more than a single employee to disable an account? I can’t think of any I know of outside of possibly banks (but I suspect they are equally vulnerable).
|
# ? Nov 3, 2017 11:54 |
|
MononcQc posted:I think a lot of people just inherently trust tech companies to not do these types of mistakes and assume that there's enough competency that one disgruntled employee cannot shut the entire place down. Like they just could not believe a system like that would not have been fixed in the first place. when i mentioned to a friend that maybe keeping a backup of her gmail poo poo locally might be a good idea (she uses a standard gmail account for work) as while the chances are astronomically low, google could at any time delete all her mail and there's nothing anyone could do about it. she straight up said "no, no, that can't be possible", and refused to be convinced otherwise, despite claiming that if that were to happen, she's turbofucked. i guess it's never going to happen so it doesn't matter, but i'd be stressed the gently caress out living on the edge like that.
|
# ? Nov 3, 2017 12:16 |
|
I got my own host name to use in a e-mail address (hosted by google) so that if poo poo hits the fan I can at least start running my own mail server and not vanish off the face of the earth with it for just that reason. I also haven't figured out a full backup solution, but from time to time I sync a full snapshot of my e-mail account from thunderbird with a local save just in case.
|
# ? Nov 3, 2017 12:26 |
|
pseudorandom name posted:https://twitter.com/TwitterGov/status/926267806261407744 In this week's episode: Twitter discovers the concept of "insider risk".
|
# ? Nov 3, 2017 12:42 |
|
anthonypants posted:think of all the things at work one of your computer janitors could do that would shut down your company a recent favourite at work was someone obliterating two thousand mailboxes because of a mistyped command in powershell, at 4:30 on a Friday afternoon. Microsoft's response was "those mailboxes are gone - don't even try getting them back" Three days (including the weekend) and the guys had restored every email, through commvault somehow.
|
# ? Nov 3, 2017 13:23 |
|
Ciaphas posted:good point. this might be workable (technically against the rules to download and run anything even if there's no install but oh loving crackers i'm tired of these rules Ciaphas posted:i desperately want a new job because of bullshit like this (ok this time it's not impacting my work but 99% of the time you bet it does) why are you accessing clown hosted poo poo at work from a work machine? could you perhaps be.... the security fuckup? O_o
|
# ? Nov 3, 2017 15:20 |
|
pseudorandom name posted:https://twitter.com/TwitterGov/status/926267806261407744 So what are the repercussions for this support guy? He has basically just made a personal attack on the POTUS. Good luck getting on an airplane.
|
# ? Nov 3, 2017 17:05 |
|
Subjunctive posted:I think op needs to become disillusioned, they aren’t there yet. in most systems, a single employee can close an account, but customers are rarely exposed to that because if you want them to close your account then you're probably gonna get transferred between a few different people as they throw discounts at you and try to talk you out of it and purposely waste your time in hopes that you'll give up
|
# ? Nov 3, 2017 17:08 |
|
MausoleumExtremist posted:So what are the repercussions for this support guy? He has basically just made a personal attack on the POTUS. no s/he didn't
|
# ? Nov 3, 2017 17:10 |
|
|
# ? May 22, 2024 19:04 |
|
duTrieux. posted:no s/he didn't you know he's going to take it as a personal attack anyway I hope the next guy does something harder to undo like changing the password and associated email
|
# ? Nov 3, 2017 17:12 |