|
OSI bean dip posted:To be honest, your suggestion of having an OS that you can boot into that is there for in case you have to show something on your workstation to a border guard or whatever. It would be far simpler to just reinstall a fresh OS with nothing on it and then just access whatever is valuable via a remote session. At least then you will not have to be as concerned about your data being stolen and there will be nothing of value to extract from the machine. I don't travel with my main computer mainly because it's full of crap and instead I just keep a spare machine on hand for this very reason. Or do a clean install on the hard disk and boot from a Windows to Go USB drive that has all your porn on it.
|
#
¿
Feb 9, 2016 20:45
|
|
|
|
| # ¿ May 3, 2024 07:17 |
|
|
apseudonym posted:Nah, not really. yeah really
|
|
#
¿
Feb 27, 2016 04:51
|
|
|
doctorfrog posted:Just generally speaking, is it likely possible to remotely switch on a webcam (either permanently soldered to a laptop screen or connected to a desktop PC via USB) and not also switch on the little light that says it's activated? With most of the modules in laptops and USB cameras the LED isn't controllable separately from the camera. I wouldn't sweat it unless you have reason to suspect hardware tampering. Cell phones are a different story though. The tape is good so you don't turn it on accidentally though.
|
|
#
¿
Jun 12, 2016 02:11
|
|
|
OSI bean dip posted:I believe some drivers dictate the webcam LED just an FYI. There has been some research into this in the past Some did, more didn't when we were looking at them.
|
|
#
¿
Jun 12, 2016 04:47
|
|
|
OSI bean dip posted:If the drive is sketchy, use it on a machine you should tag as "brown" and copy files manually. The brown machine should not run Windows just to reduce attack surface and you should never access the drives with a privileged account. You might also do the copy booted into an os running from an optical disk and don't connect to a network after you access the suspect volumes.
|
|
#
¿
Aug 6, 2016 19:52
|
|
|
Shroom King posted:I have Webroot SecureAnywhere as my AV but this thread encouraged me to download Microsoft Security Essentials. So far, they play nice together. I guess 2 AV programs are better than one? Phishing is getting tricked into disclosing your credentials to an imposter. If you can't tell the difference you'll copy your password right off the paper into the wrong website.
|
|
#
¿
Jan 28, 2017 19:33
|
|
|
Subjunctive posted:As long as the binary is compiled from unmodified code. And anybody bothered to look at the source in the first place.
|
|
#
¿
Feb 4, 2017 06:53
|
|
|
Crotch Fruit posted:I mean I agree I wouldn't install McAfee, but I also definitely would not pay more to activate the trial of whatever crappy AV came on a new PC and I wouldn't want anything else to either. If someone really wants to insist on having paid AV, I assume your ISPs version of McAfee is the same as actually subscribing to McAfee, which would just be even more stupid since you're already paying for it. If someone insists on paid av they should pay for it, not you. And the only people you should listen to for dumb requests like that should be paying you and giving you a computer anyway.
|
|
#
¿
Mar 15, 2018 12:58
|
|
|
uguu posted:Isn't bitlocker only for professional and enterprise on vista? I have home premium. I know there are lots of ways around the problem, but I'd like to keep the drive as is, frozen in time, if possible. Can you image it onto some other media and encrypt that drive with your package of choice?
|
|
#
¿
Mar 22, 2020 16:10
|
|
|
Your easiest answer is probably a cheap safe, honesty.
|
|
#
¿
Mar 22, 2020 20:42
|
|
|
uguu posted:Initially I wanted to encrypt the disk as is and have it be bootable, so that it would remain as I last left it. Get the last working Truecrypt from Gibson, it should work on Vista.
|
|
#
¿
Mar 23, 2020 00:45
|
|
|
Space Gopher posted:There is absolutely no reason to use Truecrypt to create new encrypted volumes. Use Veracrypt instead. He said veracrypt didn't install, for his purposes Truecrypt is good enough.
|
|
#
¿
Mar 23, 2020 00:54
|
|
|
Rufus Ping posted:imo copy the disk contents somewhere else, reformat the disk using your new PC and enable encryption (it will probably use ext4+LUKS), then copy the files back. Give up on vista, which you should have forgotten existed in 2009 This is really the best option unless you just gotta keep vista to interface with some hosed up hardware from 15 years ago.
|
|
#
¿
Mar 23, 2020 02:17
|
|
|
rabidcowfromhell posted:This seems wrong but I'm not smart enough to dispute it.... The author is not considering that username=email address for many things and that emails are easy to harvest or guess as well as that login attempts can be heavily automated. Since the 25 most common passwords are about 10% of the passwords revealed in breaches, that implies that using an easy to remember (and likely commonly used) password drastically increases the chances that your account will be broken into quickly once your email is out there. There is an argument to be made that foregoing a strong password that you are unlikely to remember in favor of an easier to remember password that isn't common like "dog's name + inseam measurement + first car model" increases usability more than it decreases security but the answer to that, like all password complexity debates, is "use a password manager and don't worry about it."
|
|
#
¿
Sep 13, 2020 19:34
|
|
|
rabidcowfromhell posted:I should have mentioned that this was a reply to me suggesting people use a password manger
|
|
#
¿
Sep 13, 2020 19:40
|
|
|
Saukkis posted:Bigger problem is when you change your password and get your account locked repeatedly because of your cellphone of email client hammering the old password. I thought every email client in the last 25 years was smart enough to stop automatic retrieval attempts after a failed login and wait for user interaction though I guess if the user just mashes "RETRY" there's not much you can do.
|
|
#
¿
Sep 13, 2020 20:32
|
|
|
22 Eargesplitten posted:I'm on Linux, can I just run rm /rf ~ instead? If you’re running Linux you already owned yourself way harder than any joke suggestions we make here would.
|
|
#
¿
Nov 23, 2020 20:47
|
|
|
zaepg posted:Ok. Yeah. I changed my password and got up to date on 2 step security. Out of curiosity , is it possible for other tenants on my wireless network to pick up personal information? Is a wired connection more secure. Wireless traffic is easier to snoop since radio goes everywhere while a wire is harder to physically tap. But I expect your game and most websites that aren’t completely scamtastic to use TLS or similar to encrypt the connection, including your login, so even if an attacker has all your traffic they’ll still have to decrypt it. Given what you posted it’s far more likely one of the other sites that you reused the password on got popped and someone took the password and email from there and tried popular sites until they got lucky. Get a password manager (Keepass, Bitwarden, 1password, etc) and take this opportunity to change every password to a unique strong password for each website. Turn on two-factor authentication anywhere it’s offered.
|
|
#
¿
Jan 9, 2021 22:35
|
|
|
Cup Runneth Over posted:this site is impossible to use for me because I use a different vanity email address for almost every website Doing that greatly lessens the need for it, since the paired email/password from one site can’t compromise another one.
|
|
#
¿
Jan 10, 2021 02:02
|
|
|
alexandriao posted:(is it ok to ask this question here?) Yes, you take advantage of fast unthrottled bidirectional connections available at data centers to download torrents quickly as well as seed them back to the rest of the torrent pool.
|
|
#
¿
Feb 24, 2021 04:51
|
|
|
alexandriao posted:Yes, but how much can I treat it like a vps. Is it just that they're designed for seeding, or is there a totally different access model or setup that prevents me using it as a vps -- is there any reason why I shouldn't do that? It’s just a computer. If you set it up as a seed box it probably just has stuff to support doing that like a torrent client and networking services in addition to a bare bones OS. If you can ssh into it you can probably reconfigure it to do whatever you want. If you didn’t set it up yourself but instead you’re renting a “seed box” as a turnkey setup from a hosting provider then you may not have the privileges you need to change it drastically.
|
|
#
¿
Feb 24, 2021 07:28
|
|
|
ChickenWing posted:Sorry, should have qualified - what does using a non-corporate VPN do? Like, is there any real reason for me, an average joe who is not a whistleblower or confidential source or policitcally important person, to subscribe to Joe's Logless VPN Hut? Properly deployed (those words are doing a lot of work) VPNs are good for protecting your traffic against eavesdropping by people on the network between you and the VPN endpoint, such as a cafe's wireless network. Yeah okay everyone is using TLS these days but even with that an observer can still see what sites you visit and maybe you don't want that for whatever reason, like you're a whistleblower at Theranos and don't want Holmes's goon squad to shake down the cafe to see if you were on WhatsApp while you were there. If you are running your DNS over the VPN or have your own DNS on your LAN you can also use a VPN to shield your traffic from your ISP if you're concerned about them being hostile or datamining your traffic (again even if your content is encrypted they can see what sites you visit). However, as noted above you are ultimately typing your login into your bank's website and even if you're "anonymously" browsing there are a number of techniques that can be used to track your browser. So a VPN is helpful but certainly not a 100% privacy solution on its own.
|
|
#
¿
Feb 24, 2021 22:25
|
|
|
Zorak of Michigan posted:My current setup is that I have a main Keepass database, which is on Dropbox, protected by a frankly suboptimal but easy to type passphrase and also by a key file. The keyfile is definitely not on Dropbox, nor is it in cloud backups. If my house ever burns down and I leave without my phone, I'm pretty well screwed. The passphrase for my Authy account, which has all my 2FA seeds in it, is in a separate Keepass database which is also not in cloud storage nor cloud backups. It exists only on my desktop PC, my phone, and my iPad. Unless I'm missing something, I'm safe unless someone gets hold of one of those devices long enough to brute force my password before I notice that there's a problem and start changing passwords. Granted, the resulting password changes would suuuuuuck. Keyfile in a safe deposit box if you have one, or encrypted and given to your attorney or a friend or family member whom you would trust not to lose or try to crack it is an enhancement to this scheme, though depending on your circumstances you may not have any of those or wish to expend the resources to get them.
|
|
#
¿
Mar 5, 2021 04:26
|
|
|
|
| # ¿ May 3, 2024 07:17 |
|
|
Pile Of Garbage posted:If you're in this category then leaving poo poo like encryption keys or MFA recovery codes in a safe deposit box or with an attorney offers no more protection than leaving them on a piece of paper or a HDD at home. Zorak of Michigan posted:If my house ever burns down and I leave without my phone, I'm pretty well screwed. Key file held off premises addresses house burning down with phone in it.
|
|
#
¿
Mar 5, 2021 15:58
|
|