Brontoforumus Archive

Please login or register.

Login with username, password and session length
Advanced search  

News:


This board has been fossilized.
You are reading an archive of Brontoforumus, a.k.a. The Worst Forums Ever, from 2008 to early 2014.  Registration and posting (for most members) has been disabled here to discourage spambots from taking over.  Old members can still log in to view boards, PMs, etc.

The new message board is at http://brontoforum.us.

Pages: 1 ... 4 5 6 7 8 [9] 10 11

Author Topic: Computer security  (Read 24670 times)

0 Members and 1 Guest are viewing this topic.

Büge

  • won't give you fleaz
  • Tested
  • Karma: -65304
  • Posts: 10062
    • View Profile
Re: Computer security
« Reply #160 on: August 05, 2012, 08:56:57 PM »

Logged

Mongrel

  • Emoticon Knight-Errant
  • kodePunc Team
  • Tested
  • *
  • Karma: -65340
  • Posts: 17029
    • View Profile
Re: Computer security
« Reply #161 on: August 05, 2012, 09:19:06 PM »

If Karma ever comes back, remind me to +1 you for that.
Logged

TA

  • Tested
  • Karma: 29
  • Posts: 3219
    • View Profile
Re: Game News Dump
« Reply #162 on: August 09, 2012, 04:17:16 PM »

Logged
Do you understand how terrifying the words “vibrating strap on” are for an asexual? That’s like saying “the holocaust” to a Jew.

Beat Bandit

  • be entranced by my sexy rhythm
  • High-Bullshit
  • Tested
  • Karma: -65418
  • Posts: 4293
    • View Profile
Re: Re: Game News Dump
« Reply #163 on: August 09, 2012, 06:00:03 PM »

Better get myself kicked from the guild now to make sure.

P.S: we literally have a WoW forum.
Logged

Thad

  • Master of Karate and Friendship for Everyone
  • Admin
  • Tested
  • Karma: -65394
  • Posts: 12111
    • View Profile
    • corporate-sellout.com
Re: Re: Game News Dump
« Reply #164 on: August 09, 2012, 07:11:02 PM »

Pirates, as always...
Logged

  • Magic Gunner Miss Blue
  • Tested
  • Karma: -65461
  • Posts: 4300
    • View Profile
Re: Re: Game News Dump
« Reply #165 on: August 09, 2012, 09:36:43 PM »

....are completely worse off.

No seriously, WoW private servers are a joke. Any event anywhere in the world more complex than "hit dude with stick" is broken. Any boss with more than one phase, any event that relies on npcs talking before you can attack, anything at all that is not the most basic of basic fights is completely and utterly broken. This renders somewhat 60-70% of the game unplayable.
Logged

TA

  • Tested
  • Karma: 29
  • Posts: 3219
    • View Profile
Re: Re: Game News Dump
« Reply #166 on: August 10, 2012, 08:38:00 AM »

....are completely worse off.

No seriously, WoW private servers are a joke. Any event anywhere in the world more complex than "hit dude with stick" is broken. Any boss with more than one phase, any event that relies on npcs talking before you can attack, anything at all that is not the most basic of basic fights is completely and utterly broken. This renders somewhat 60-70% of the game unplayable.

Diablo 3.  Starcraft.  There's more to this than WoW.
Logged
Do you understand how terrifying the words “vibrating strap on” are for an asexual? That’s like saying “the holocaust” to a Jew.

Thad

  • Master of Karate and Friendship for Everyone
  • Admin
  • Tested
  • Karma: -65394
  • Posts: 12111
    • View Profile
    • corporate-sellout.com
Re: Re: Game News Dump
« Reply #167 on: August 10, 2012, 08:46:37 AM »

Yeah, I was referring specifically to Diablo 3 and the requirement that you use a (now-compromised) battle.net account to play a fucking single-player game.

I don't really see how any reasonable person could have assumed I meant to suggest that it's superior to play WoW without a battle.net account.
Logged

Brentai

  • https://www.youtube.com/watch?v=DnXYVlPgX_o
  • Admin
  • Tested
  • Karma: -65281
  • Posts: 17524
    • View Profile
Re: Re: Game News Dump
« Reply #168 on: August 10, 2012, 10:21:48 AM »

Ehh.  The "always-on" requirement is an entirely different, completely stupid issue, but the "battle.net registration" requirement isn't a problem unless you're actually planning to play Diablo 3 without ever playing multiplayer or using the auction house, in which case you've kind of missed the point.

I guess you could kind of reach in deep and bitch out Blizzard for specifically making a game that near-requires community interaction when they could have just made a 4p client-server game with a normal fucking drop rate and not dumped everybody into a central service they can't even keep secure, but that's a train that's way too hard to get offa once you're on.
Logged

  • Magic Gunner Miss Blue
  • Tested
  • Karma: -65461
  • Posts: 4300
    • View Profile
Re: Re: Game News Dump
« Reply #169 on: August 10, 2012, 11:26:08 AM »

Playing Diablo 3 with other people is also vastly superior to playing Diablo 3 solo.
Logged

Thad

  • Master of Karate and Friendship for Everyone
  • Admin
  • Tested
  • Karma: -65394
  • Posts: 12111
    • View Profile
    • corporate-sellout.com
Re: Re: Game News Dump
« Reply #170 on: August 10, 2012, 01:17:56 PM »

I guess you could kind of reach in deep and bitch out Blizzard for specifically making a game that near-requires community interaction when they could have just made a 4p client-server game with a normal fucking drop rate and not dumped everybody into a central service they can't even keep secure, but that's a train that's way too hard to get offa once you're on.

Er yes, that's kinda my point.  The LAN play issue has been discussed at some considerable length; it is not a new complaint.  It's just that this is the clearest, most objective reason yet why this was a legitimately terrible idea.
Logged

Thad

  • Master of Karate and Friendship for Everyone
  • Admin
  • Tested
  • Karma: -65394
  • Posts: 12111
    • View Profile
    • corporate-sellout.com
Re: Computer security
« Reply #171 on: August 14, 2012, 08:38:09 PM »

Ah hell, Rayman Origins is Ubi?  Guess I'll have to check out the Xbox version.

Actually, I've looked it up and it appears that the retail version of Origins is DRM-free and the Steam version has no third-party DRM.  So maybe I'll check out the PC version after all.
Logged

Thad

  • Master of Karate and Friendship for Everyone
  • Admin
  • Tested
  • Karma: -65394
  • Posts: 12111
    • View Profile
    • corporate-sellout.com
Re: Computer security
« Reply #172 on: August 21, 2012, 10:17:10 AM »

Ars: Why passwords have never been weaker—and crackers have never been stronger

tl;dr Increasing processing power and a much larger sample size of existing compromised passwords.

tl;dr the tl;dr: Everything that makes a password easier to remember makes it easier to guess.

Quote
So what can the average person do to pick a passcode that won't be toppled in a matter of hours? Per Thorsheim, a security advisor who specializes in passwords for a large company headquartered in Norway, said the most important attribute of any passcode is that it be unique to each site.

"For most sites, you have no idea how they store your password," he explained. "If they get breached, you get breached. If your password at that site is unique, you have much less to worry about."

It's also important that a password not already be a part of the corpus of the hundreds of millions of codes already compiled in crackers' word lists, that it be randomly generated by a computer, and that it have a minimum of nine characters to make brute-force cracks infeasible. Since it's not uncommon for people to have dozens of accounts these days, the easiest way to put this advice into practice is to use program such as 1Password or PasswordSafe. Both apps allow users to create long, randomly generated passwords and to store them securely in a cryptographically protected file that's unlocked with a single master password. Using a password manager to change passcodes regularly is also essential.

Given the sophistication of the crackers, anything less simply means your password is trivial to break.

As more and more people carry smartphones, this becomes a more and more feasible way to manage your passwords.  Of course, the problem then becomes what happens when you lose your phone -- if the master password is, itself, strong, then you're probably safe, but you just lost all your passwords unless you've got a backup somewhere (which itself represents one more point of failure in your security scheme).

Of course, "What happens if you lose your password?" isn't just about vulnerabilities in YOUR recovery scheme -- it doesn't fucking matter how strong your password is if somebody can just call in and bluff tech support into resetting it, as Mat Honan recently demonstrated.

The whole scheme is fucking broken, and we need to get off human-generated passwords entirely.  In the meantime, at least Google is offering two-factor authentication (is it still two-factor if you're using the same phone to store your password as you're using to receive the one-time key?) -- course, that doesn't protect your Google account from Google.
Logged

JDigital

  • Tested
  • Karma: 32
  • Posts: 2786
    • View Profile
Re: Computer security
« Reply #173 on: August 22, 2012, 12:36:55 AM »

I wish OpenID had caught on. Even though it's a single point of failure, your e-mail address is already a single point of failure because someone can password-reset all your accounts from there.

Lately there's a lot of sites taking Facebook login. As far as security goes, this is actually pretty good. Facebook offers two-factor authentication and has enough money riding on its data that you can bet they protect it.

But privacy-wise, it's perhaps not so good. You don't necessarily want every site to have your Facebook "basic data" (real name, profile picture, friends list, etc). And once you're reliant on Facebook for other sites, it's very hard to leave Facebook later on.
Logged

sei

  • Tested
  • Karma: 25
  • Posts: 2085
    • View Profile
Re: Computer security
« Reply #174 on: August 22, 2012, 02:35:59 PM »

OpenID, OAuth, Facebook login, and Google passport login are all things that small companies try to use to lower entry barriers.

Sometimes, they need info from one of those, but in a lot of cases, they're just trying to avoid making their users sign up for and remember yet another damned password.

Not saying I like it, though.
Logged

JDigital

  • Tested
  • Karma: 32
  • Posts: 2786
    • View Profile
Re: Computer security
« Reply #175 on: August 22, 2012, 11:07:02 PM »

Facebook login has significant advantages over OpenID.

Most people don't know that they have an OpenID provider. But everyone knows whether they have a Facebook account or not (and they probably have one).
Logged

Mongrel

  • Emoticon Knight-Errant
  • kodePunc Team
  • Tested
  • *
  • Karma: -65340
  • Posts: 17029
    • View Profile
Re: Computer security
« Reply #176 on: August 27, 2012, 06:33:12 AM »

Soooooo, you know how manufacturers always try to bundle their shit, right? You download program X and it asks if you also want software Y or toolbar Z, or to set such-and-such page as your homepage. The box is almost always "negative option", which means it's clicked for yes, and you have to de-click it.

So today there was a Flash update. I always set my updates to manual approval/installation, because if there's one thing I hate it's somebody putting something on my damn computer that I didn't say to put there. Sure enough there was a negative option choice to add McAfee. So I (de)selected, refusing the additional crap and downloading only the Flash update installer.

Only it installed McAfee anyway! Hey that's new! FUCK YOU ADOBE!
Logged

Thad

  • Master of Karate and Friendship for Everyone
  • Admin
  • Tested
  • Karma: -65394
  • Posts: 12111
    • View Profile
    • corporate-sellout.com
Re: Computer security
« Reply #177 on: August 27, 2012, 09:28:23 AM »

Ars: Critical flaw under active attack prompts calls to disable Java

The exploit hasn't been widely used yet but it's likely to be, and Java isn't patched frequently.

Exploit confirmed working on Win7 machines; other OS's are still under testing but given that it's Java odds are pretty good it'll work on other platforms too.
Logged

Mongrel

  • Emoticon Knight-Errant
  • kodePunc Team
  • Tested
  • *
  • Karma: -65340
  • Posts: 17029
    • View Profile
Re: Computer security
« Reply #178 on: August 27, 2012, 09:59:03 AM »

Woooooooo guess I better be extra careful allowing sites through NoScript for now. Can't really disable it entirely if I want to work on any of my Google Docs. Which I do. (or if I want to play Minecraft).
Logged

JDigital

  • Tested
  • Karma: 32
  • Posts: 2786
    • View Profile
Re: Computer security
« Reply #179 on: August 27, 2012, 01:30:10 PM »

This is why I like Opera's feature, "Enable plugins only on demand". With this setting, Flash/Java objects don't load until you click on them. You can also enable/disable this per-site and per-plugin, so for example you can allow Youtube to load flash normally while blocking other sites, and disable Java entirely.
Logged
Pages: 1 ... 4 5 6 7 8 [9] 10 11