|
The Aphasian posted:Sorry. I meant they will want something with the ability to follow different threads/posts/conversations in a format that allows a moderator to add and remove people as needed. Hmmm. WhatsApp definitely fits that bill for those features but obviously that won't work for that level of paranoia. Maybe download and try Telegram, I haven't used it in ages but it's very possible they added that functionality.
|
# ? Aug 11, 2019 08:22 |
|
|
# ? May 25, 2024 01:03 |
|
Telegram can definitely do group chats with mods, but I’m unsure about threading because I haven’t been on in a while.
|
# ? Aug 11, 2019 08:50 |
|
Telegram doesn’t do full encrypted moderated channels, just 1-to-1 chats. You get encrypted transport but not encrypted content like signal/WhatsApp/keybase
|
# ? Aug 11, 2019 08:57 |
|
You could take a look at zulip chat.
|
# ? Aug 11, 2019 15:11 |
|
Or you can get a set of one time pads, exchange them in person, and use what ever communication protocol you like.
|
# ? Aug 11, 2019 15:27 |
|
CLAM DOWN posted:What makes you think Discord or Slack are somehow anymore secure or safe than Facebook? Maybe use Telegram or something I dunno, not sure what you mean by "fb group setup" and this seems pretty paranoid.
|
# ? Aug 11, 2019 15:35 |
|
I'm going to suggest something that sounds like a joke, but if signal/telegram are non-starters, this is a real option. Microsoft Teams Only one person would need to have o365, everyone else can be added as guests. Data is encrypted on the servers and in transit. It has threaded conversations, owners have strong membership controls, and robust built-in file sharing and collaboration features.
|
# ? Aug 11, 2019 16:59 |
|
The Fool posted:I'm going to suggest something that sounds like a joke, but if signal/telegram are non-starters, this is a real option. If any of the team admins users is compromised and gets its mitts on the ediscovery roles all data is compromised tho, caveat emptor
|
# ? Aug 11, 2019 17:16 |
|
Arsenic Lupin posted:Discord is IIRC especially bad because they never delete anything. (On the server side.) Also closely tied into the Chinese government. They claim otherwise. Try reporting a message that is then deleted from the server and they'll claim they have no way to recover it and can't do anything.
|
# ? Aug 11, 2019 17:42 |
|
Glad to be wrong!
|
# ? Aug 11, 2019 18:02 |
|
Cup Runneth Over posted:They claim otherwise. Try reporting a message that is then deleted from the server and they'll claim they have no way to recover it and can't do anything. What they say they can't do and what they can actually do are two very completely different things.
|
# ? Aug 11, 2019 18:20 |
|
EVIL Gibson posted:What they say they can't do and what they can actually do are two very completely different things. Hence why I said "they claim"
|
# ? Aug 11, 2019 18:35 |
|
Cup Runneth Over posted:Hence why I said "they claim" arsenic took it as fact which was could cause issues.
|
# ? Aug 11, 2019 18:53 |
|
Cup Runneth Over posted:They claim otherwise. Try reporting a message that is then deleted from the server and they'll claim they have no way to recover it and can't do anything. This seems hilariously counter to them suspending/terminating your server if you don't delete spam content and keep it moderated Anecdotally, one of my friends requested their account be deleted with any contents associated with it, I still see a DM with them with everything including file uploads there, and the server they own still exists with no ownership changes. I found this slightly strange. Like they just renamed their usertag to 'deleted' and nothing else The Aphasian posted:What's the best option for a group of u.s. immigration lawyers looking to move off of Facebook? I'm suggesting Signal, but I think they want something more like the fb group setup. Tech skills vary too much for anything extremely niche, and they are using phones, macs, and pcs. If you actually want something against major bad + state actors, you WILL have to give them very serious lessons and education on how to change and improve their skills. Impotence fucked around with this message at 19:10 on Aug 11, 2019 |
# ? Aug 11, 2019 19:08 |
|
Biowarfare posted:Anecdotally, one of my friends requested their account be deleted with any contents associated with it, I still see a DM with them with everything including file uploads there, and the server they own still exists with no ownership changes. This is probably exactly what they do
|
# ? Aug 11, 2019 19:22 |
|
Cup Runneth Over posted:This is probably exactly what they do If you do a proxy examination of the traffic that comes over when listing the user, you could probably find that the UserID is still the original userid.
|
# ? Aug 11, 2019 19:50 |
|
That's not very GDPR compliant.
|
# ? Aug 11, 2019 20:48 |
|
Brian Krebs won't stop being Brian Krebs: https://twitter.com/blackroomsec/status/1160945544115707904?s=20
|
# ? Aug 12, 2019 18:47 |
|
Unless you end up in the kind of niche weirdo social networking via Tor, it might be a bit of an tough one. You might want to drop in an EFF office in person and ask if they have any suggestions aside from Signal. Slack and Discord 100% won't protect you from state actors who can just NSL them.
|
# ? Aug 12, 2019 19:07 |
|
This may be a bit babytown for this thread, but I'm sick to death of needing 40 passwords, using six and forgetting which one I used every time I get logged out of something. Any recommendations for good, cheap (free?) password managers that I can use on multiple devices?
|
# ? Aug 12, 2019 19:51 |
|
Terrorforge posted:This may be a bit babytown for this thread, but I'm sick to death of needing 40 passwords, using six and forgetting which one I used every time I get logged out of something. Any recommendations for good, cheap (free?) password managers that I can use on multiple devices? If you scroll back through the thread this is a recurring topic like every 5 pages. You're about to get blasted with takes though, so buckle up! Docjowles fucked around with this message at 20:00 on Aug 12, 2019 |
# ? Aug 12, 2019 19:56 |
|
Terrorforge posted:This may be a bit babytown for this thread, but I'm sick to death of needing 40 passwords, using six and forgetting which one I used every time I get logged out of something. Any recommendations for good, cheap (free?) password managers that I can use on multiple devices? Keepass for local DB. I like Keepass.
|
# ? Aug 12, 2019 20:00 |
|
CommieGIR posted:Brian Krebs won't stop being Brian Krebs: What?
|
# ? Aug 12, 2019 20:28 |
|
Terrorforge posted:This may be a bit babytown for this thread, but I'm sick to death of needing 40 passwords, using six and forgetting which one I used every time I get logged out of something. Any recommendations for good, cheap (free?) password managers that I can use on multiple devices? 1password is inexpensive and easy to use and consistently gets high marks from everyone. I particularly like it's implementation of shared vaults, which lets me share stuff like an Amazon Prime login or NYT account with family. The browser extension makes it trivial to add logins and you can put your data in a local cake vault for privacy and security. It also doesn't have the poor history of other password managers like LastPass. There are other free options folks can speak to, but it works great for me.
|
# ? Aug 12, 2019 20:29 |
|
Docjowles posted:You're about to get blasted with takes though, so buckle up! 1pass or KeePass, depending on needs and cloud aversion level.
|
# ? Aug 12, 2019 20:50 |
|
Terrorforge posted:This may be a bit babytown for this thread, but I'm sick to death of needing 40 passwords, using six and forgetting which one I used every time I get logged out of something. Any recommendations for good, cheap (free?) password managers that I can use on multiple devices? 1Password is pretty good. LastPass is really bad.
|
# ? Aug 12, 2019 20:56 |
|
The Fool posted:1pass or KeePass, depending on needs and cloud aversion level. And Operating System. If you want to use Keepass with IOS devices, good luck with that. Keepass does work beautifully in the cloud with Windows and Android, though. If you are going to go cloud, always use two factor authentication. If you want to spend a cubic rear end load of money, there's always CyberArk. It's a little overkill though, lol. tango alpha delta fucked around with this message at 21:03 on Aug 12, 2019 |
# ? Aug 12, 2019 21:00 |
|
I just assume that anyone with apple stuff is using the keychain and they are fine.
|
# ? Aug 12, 2019 21:02 |
|
How does Bitwarden compare to 1password (I'm already using Keepass)?
|
# ? Aug 12, 2019 21:54 |
|
I should have specified that when I said "use on multiple devices" I meant "I want to access it on my Android", so some form of cloud capability is mandatoryDocjowles posted:If you scroll back through the thread this is a recurring topic like every 5 pages. I straight up fuckin' forgot you can search threads. The Iron Rose posted:1password is inexpensive and easy to use and consistently gets high marks from everyone. I particularly like it's implementation of shared vaults, which lets me share stuff like an Amazon Prime login or NYT account with family. The browser extension makes it trivial to add logins and you can put your data in a local cake vault for privacy and security. You say "other free options". Just to be clear, you mean "other options, which are free", yes? 1pass itself is a paid subscription service with a free trial? tango alpha delta posted:And Operating System. If you want to use Keepass with IOS devices, good luck with that. How do I go cloud with KeePass? Just throw the database up on Dropbox or..?
|
# ? Aug 12, 2019 22:46 |
|
Terrorforge posted:
Yep, literally just that. Works seamlessly for me; I've been super happy with it.
|
# ? Aug 12, 2019 22:47 |
|
Terrorforge posted:How do I go cloud with KeePass? Just throw the database up on Dropbox or..? The android app has integration with the native android gdrive so if you use that it's totally transparent. Kassad posted:How does Bitwarden compare to 1password (I'm already using Keepass)? It's always seemed to me like bitwarden has the best of all feature lists -- free tier, cloud + local, open source, easy UI -- but they haven't been around that long. They did do a 3rd party security audit last year. But the lack of track record would make me wonder about not just the security but the business model. Are they gonna be around for the next ten years, is giving away the free service sustainable?
|
# ? Aug 12, 2019 23:07 |
|
I'm glad NIST lets companies contest their findingsquote:NOTE: the vendor disputes the significance of this finding; the discoverer was reportedly told that the Steam threat model excludes "Attacks that require physical access to the user's device" and "Attacks that require the ability to drop files in arbitrary locations on the user's filesystem" (which might apply to the attacker's ability to create links under HKLM\SOFTWARE\Wow6432Node\Valve\Steam\Apps).
|
# ? Aug 12, 2019 23:37 |
|
duz posted:What? Brian Krebs got angry about a guy who proved spamhaus was blocking scanners, then started doxxing the guy because he put a bad review on Kreb's book on Amazon.
|
# ? Aug 12, 2019 23:49 |
|
To be fair good luck being a windows program and defending against either of those short of killing yourself.
|
# ? Aug 13, 2019 00:10 |
|
apseudonym posted:To be fair good luck being a windows program and defending against either of those short of killing yourself. Yeah, if someone can put a DLL in the path you don’t expect, good night
|
# ? Aug 13, 2019 00:12 |
|
CommieGIR posted:Brian Krebs got angry about a guy who proved spamhaus was blocking scanners, then started doxxing the guy because he put a bad review on Kreb's book on Amazon. Think this was two separate incidents. Doxed notdan over spamhaus and also some other person who left a bad review
|
# ? Aug 13, 2019 02:52 |
|
Rufus Ping posted:Think this was two separate incidents. Doxed notdan over spamhaus and also some other person who left a bad review Ah, okay. Also he doxxed the wrong guy thinking he was notdan.
|
# ? Aug 13, 2019 03:12 |
Maybe doxxing people is a bad idea no matter why/who/where/what?
|
|
# ? Aug 13, 2019 10:01 |
|
|
# ? May 25, 2024 01:03 |
|
Mmm, please dox nazis all day, every day.
|
# ? Aug 13, 2019 12:15 |