rinze @ rinze @infosec.pub

https://rinzewind.org/

---

Read more

Posts

9

Comments

47

Joined

2 yr. ago

That I don't know. I store the TOTP keys into an app on my phone an into a separated KeePass DB that's different from my regular one. Two copies of that is good enough to let me sleep at night.

Wealthsimple and Questrade seem to support TOTP but I’m not sure if you can still bypass it with SMS. I don’t think so but I haven’t dug into it.

Questrade allows TOTP, SMS and some other methods, but you can select which ones you want to enable. I have only TOTP and it works as expected.

You can generate a code grid and remove SMS altogether.

I wish I had known about Power Delete Suite. I nuked my posts / comments by hand :-(

In case it's useful to more people: https://github.com/j0be/PowerDeleteSuite

But surely someone must think of the children!

I trust there won't be a hack and all that will get leaked.

Yes, these things are never dead. They just come back under a different name / pretensions until they pass.

I just spent a while today deleting all my posts and comments. At this point they'll probably have plenty of copies of it, but at least the content is not up for them anymore.

Just trying to see if I can survive without an account there (the "forum fediverse", if that makes sense, is getting better and better) and then it'll go to the same place my Twitter and Facebook handles went a while ago.

I created my account in Spain around 2009, moved to Canada in 2014 and came back to Spain late last year. Never had a problem with this :-?

I created an account a few months ago but I've barely used it. DDG provides pretty much everything I search for. This might be because I don't typically do very "esoteric" searches, but for now I don't see the need for a paid service. Most of the times, tweaking the query so that it looks for a specific source is good enough.

I'd love if DDG had a system to remove entire domains entirely from the results, though.

Came here to post a similar comment zedeus made in another thread:

Nitter is dead.

I still checked some Twitter accounts from people that were interesting to me and didn't migrate to Mastodon. One less thing to worry about, I guess.

Where's that? I just ran a test search but I can't see it :-?

Yes, I'm aware those filters exist, but I'm asking about the practical implications of the set up I mentioned in the post.

There was a very nice episode of the Odd Lots podcast about this: https://www.bloomberg.com/news/articles/2023-12-07/huawei-mate-60-pro-chip-breakthrough-shocks-computing-world?srnd=oddlots

Damn. I knew this was a huge problem in Europe, but I didn't know this happened in Canada too.

Here's the Wikipedia article on this type of fraud: https://en.wikipedia.org/wiki/Missing_trader_fraud

I moved back to Spain after 9 years abroad. I discovered this country runs on WhatsApp. Not a chance this will change in the short term.

The way it's written fits very well with the madness that's AWS, though.

Yes. And on Microsoft Teams that triggers a chat call.

This is what I do: I have 3 KeepassXC databases (regular passwords, "security" questions, TOTP tokens) each with a different password.

Honestly, no idea. I just froze mine and haven't requested anything since. I guess the worst that will happen is that your request will get rejected because your credit is frozen and you'll have to unfreeze it (you can do that only for N days / weeks, so you don't have to re-freeze) and request your CC again.