0xD @ 0xD @infosec.pub

Posts

0

Comments

480

Joined

2 yr. ago

Good luck with that! It's basically just playing around with memory and some constructs inside it. The kernel docs for Linux suck balls though if you have no idea about that stuff and/or are new to kernel-level programming. That's where I learned to love the Microsoft documentation.

It will most probably take more time than be worth it for you, especially regarding the document templates.

So what are the optic nerves doing then? ;)

That is just standard and a completely sensible security measure for preventing people from tampering with an application. It cannot replace proper, server-side security measures but is a big step. Especially for stuff like banking applications.

Seeing is a chemical process as well! Ergo seeing is the same as addiction!

Thank you for your insight! Seems like there aren't many chemical processes in your thinking.

Luckily you're happy with just their tip in your ass!

https://www.nytimes.com/2023/10/30/world/middleeast/west-bank-settlers-palestinians-violence.html

You're really trying to make this more complicated than it is. Should they just call it NASA? NASA Streaming? NASA VOD?

It's just a catchy name.

Stop the insanity, there is no need to drive into conspiracies.

I'm not sure I follow you - if someone can compromise the key material on my phone that is protected by a different factor, then it doesn't matter whether the 2FA is server-side or not, it's compromised either way.

The fact that the poster is a prolific YouTube creator, so a primary source themselves.

You can do the exact same thing in Windows, just think of the SysInternals Suite and its power. It's just that people on Linux expect problems, while the overwhelming majority of people on Windows/MacOS is using their device expecting it to work and if it doesn't they go do something else or buy another device.

Also this completely untrue notion that you cannot fix Windows or play around with its internals is very prevalent, to the point that it's a meme, so people don't even try.

You're conveniently ignoring though that Israel has over the last decades made themselves basically synonymous with Jews worldwide and have been quick to hide their atrocities behind the word "antisemitism".

I'm not saying it's okay, but it's not far-fetched.

Exactly.

The goal is to allow a completely free and open-source deployment of an O365-like infrastructure in order to prevent being tethered to Microsoft, for example. The main use seems to be so that municipalities can set up something cheaply and quickly, without any licensing headaches.

But you don't?

Password managers really are not hard to use. Also there's stuff like the password manager built into iOS, for example, which you don't even have to think about.

My comment about threat modelling was that you do not seem to understand the purpose of password managers. A way bigger problem for the average person online is password reuse, not targeted attacks against password vaults. That is the problem they solve.

Marketing™️ I guess? :P

But probably because YOU don't have to fuck around with servers, for you it's just an upload of a function.

Something similar happened to me just last month with the person I called my "best friend".

He had been having personal issues for the past year that he can't figure out on his own, but he's generally someone who can't honestly take responsibility for himself and regards his opinion as the word of god, basically.

He has been putting me down often in the past, even though he said he "always looked up for me for the peace I found". I never really cared much for those words of his because I knew they came from a place of deep hurt.

However, he has not apologized once and at some point I started asking myself why I was calling this person my (best) friend. Well, after his last lashing out I just gave up and cut contact. I was trying a lot to help and understand him, but how do you help someone who went to 4 different therapists and called them all incompetent?

You don't. They have to figure out that they don't live in reality themselves, and I was not going to tolerate his disrespect anymore - I have enough other friends who treat me well, and my life honestly has not changed at all. He is not an interesting person anyway, all he can talk about are games, his pain and his delusions.

So what I'm trying to say is - cut your losses. This person, for whatever reason, does not want to gove you the respect you deserve, and that is alright. There are a lot of others who will, and those are the people you should put your energy into.

Instead of spinning up a classical server like Apache or IIS for what you need, you just write a single function that you can bind to an endpoint and just host that - the rest is abstracted away from you.

They are, just use a normal one (I use bitwarden) that you can access from everywhere and protect it with 2FA.

The goal is to have varied, secure passwords across everything.

Okay and now let's get into threat modelling and risk management.

What is the purpose of a password manager? What are the possible threats against them, and what are those against singular passwords for services? What is the risk of each of those?