Yeah a little pricey but not crazy expensive at all and totally worth it.
No problem, I had actually forgotten all about them, so thanks for the reminder! I was looking into them a while back for this very application but I ultimately went with an encrypted password manager on cloud storage instead. Might have to give them another look-see...:)
A text file, encrypted locally with a long password (something I can remember easily, but quite long) and then uploaded to Google Docs for easy access anywhere that I have the decryption software. If I need a password, I just open that file up and copy / paste the password needed - then close it again. If I make a change to a password I can just change it once and that populates to all the other locations where my Google Docs are stored, but it is fully and safely encrypted the whole time.
I even have an app for my phone in case I need it, but there is three factor authentication: my phone's login, a short PIN for the app, and then my full encryption password.
Just FYI, KeePass does basically the same thing for you, but in a user-friendly, searchable, generally-less-mucking-around-required database. Pop the encrypted database file into Google Docs or Dropbox or somewhere and boom, you're done.
I suppose one benefit of using a text file would be that you could theoretically use it on some new system that didn't have a KeePass client yet...if your encryption/decryption client worked on the new system, that is.
What I use is a text file on a thumb drive also backed up on several local drives.
The text file contains the first half or so of the password, enough to remind me of what the password is should I forget. The rest is stored in my brain.
For rarely used passwords and places I will put a hint under the half pass.
I am trying to get away from these long 20 character passwords though... I really wish some one would invent a better system. Maybe a thumb drive that combines storage and a thumb print scanner in one package.
I like KeyPass because the same database file can be used in my Android phone and on me PC. I don't want to use a cloud based password storage as that might be a vulnerability. I also like that KeyPass allows you to use more than just a password to protect the database, you can also have it use a keyfile. So it turns into something you know (the password) and something you have (the keyfile on a USB key). Then you just need to keep the database synchronized between the different systems you use it on. That could be a problem if you add passwords very frequently, but in my useage it has not been a problem. KeePassDroid is a nice Android version.
My dually-encrypted KP database is the one and only sensitive file I entrust to Dropbox, since even if someone gets it, they'll have to crack both the keyfile and the passphrase to get anything out of it. That does a lovely job of keeping your database in sync for you, since Dropbox clients are pretty much everywhere:)
So, do you put the keyfile in your Dropbox folder, or no? If so, how is that more secure than using a password? Otherwise, do you just manually move it to different devices with a thumb drive or email, or what?
I don't, but opinions vary on this. For me it's no big deal to transfer the keyfile offline to any device that I would want to use, but 90% of the time it's one of two devices (phone, laptop). I always have my phone with me, so I always have my keyfile with me too if I need access from a different device...I suppose if I accidentally dropped both of them off a mountain somewhere, then I'd be hooped until I could get home again and grab the keyfile from my secure backups:)
AS to the how, well bluetooth works *sometimes* for small file transfers, and if the bluetooth is wonky, I break out my connection cable. I also have a slick little cable that lets me plug a USB thumb drive into my android phone, so it's easy to push a file to a thumb drive, then use the thumb drive to put it wherever you like...also works great for photos / music / etc.
I store my keepass database on dropbox, this way it is accessible from my iphone, ipad and all my laptops and desktops. Any changes I make are synchronized between devices automatically.
Keepass will auto fill in websites with plugins like KeeFox for Firefox, or launch Putty.
I don't even know what my Slashdot, eBay or Amazon passwords are, as they are all about 64 random characters each.
If you choose to go this route, it makes sense to have a very strong passphrase, as such, my passphrase exceeds 128 bits. A key file is also an excellent option.
Why not both? KeePass allows you to do that.
I also use KeePass (despite how silly the name looks when it's not properly capitalized:) but I use both a strong passphrase and a keyfile, then keep the KP database on Dropbox. The keyfile is manually transferred to any computer or device that I want to access Keepass from, so even if someone scrapes my DropBox, they can crack away at the database all they want, they still don't have the keyfile needed to decrypt it... I guess if someone gets my phone or laptop, they'll have the keyfile and a copy of the KP database, but still not my (pretty strong) passphrase.
The Windows 8 start screen is way better than the start menu from previous iterations. The "type to launch" behavior is effectively the same as the start menu (actually faster and more robust) but the added screen real estate makes it easier to find programs if you need to actually look through the list for something.
Safe to assume that you don't know how to use Windows, much less Windows 8, if you're still carrying on with that idiotic position.
Nice shill, but no, it's not. If I want a Mickey Mouse interface I'll go to the Disney website, thanks.
The only thing that's saving Windows 8 is the availability of third party software that fixes the damn interface. Just because I have a 24" monitor doesn't mean I want to use all of it to select and open a single program...and even then, I'd still have to side-scroll to get to ones I don't use often. And 'type to launch' is a better approach, seriously? The only reason it might be considered as such is because nobody can find what they're looking for any other way...so it's a pre-emptive fix for a problem that they knew they'd have.
On a side note, I would be very curious to see the total Windows 8 installed base compared to the installed base for all of the Start Menu add-on programs. As it stands, this comparison of adoption rates between Windows 7 and Windows 8 is more than a little enlightening. And this is in an era where everyone has to have the latest 'shiny'...apparently you just can't shine up Windows 8 enough to make up for the Start screen, but you know how hard it is to polish a turd...which is a shame, because under the hood, Windows 8 has quite a lot going for it. Now if only I could find the hood-release lever:)
A virtual gift card is not the same thing a a virtual currency.
Precisely. A currency can be exchanged for other forms of currency, whereas the value on a gift card can only be exchanged for specific goods and/or services.
Transfers from 1 -> 2, 2 -> 3, and 3 -> 4 need not involve a bank at all.
In theory this might be true but in practice cash is very tracable. US currency has serial numbers. You get your money from the bank. You buy food at a restaurant. The restaurant deposits it in the bank. There might be an extra hop or two if you're lucky but the number of hops without passing a bank is minimal. If you don't believe me, try to pass off a counterfit bill. The secret service is extremely good at tracing backwards the route it took to get to the bank and can usually do it in only a couple hops. Smaller bills might get passed back and forth a bit more but even a place like walmart rarely gives back $20 bills as change except for a tiny bit of cashback but the majority goes straight back to the bank.
No. Just...don't.
Trust me, "But it was for science!" doesn't hold a lot of water in the back rooms...
Major Vulnerability In Tinder Dating App Allowed User Tracking
On reading this headline, I thought this was some app used by scientists to compute carbon dating on tinder found in archeological digs...strangely specific, but I could see it existing. Not a huge user base for it, though, so why the fuss about user tracking? And why bother? "Both of them are in the lab...now they're at the dig site...now they're at the bar. Repeat."
Clearly my hopes for scientific stories on Slashdot are overly optimistic...:(
Microsoft still has the Windows monopolistic, dictate what the market wants philosophy. Microsoft is unable to function in a marketspace where they are not the monopolistic bully in the room.
This. Windows 8 Start Screen, anyone?
This is hardly new behaviour for MS lately. It's like they're deliberately sabotaging all of their flagship products.
I guess if you're big enough, you can do that kind of thing...for a while, anyways. Trouble is, once the avalanche starts, it's awful hard to stop it again...
In a statement to the Washington Post, Verizon said it was investigating the report and that the customer rep was misinformed.
"We treat all traffic equally, and that has not changed," the statement read. "Many factors can affect the speed of a customer’s experience for a specific site, including that site’s servers, the way the traffic is routed over the Internet and other considerations. We are looking into this specific matter, but the company representative was mistaken. We’re going to redouble our representative education efforts on this topic."
Here come the whips and chains...hate to be a Verizon rep right about now...
Touch screens. There's your problem. They are a very poor choice for an interface in an environment where you can't devote 100% of your eyesight to it.
Not only for the attention issues...in my experience, touchscreens rarely last long in colder regions. I've lost a couple of good GPS units that way: by leaving them in the vehicle over winter. And good luck using this thing with gloves! AFAIK, you can't get multi-touch without a capacitive screen, and capacitive screens don't respond to gloved hands...or even very well to chilled fingers.
It's no good - they'll just be stymied by lenseless cameras, you can't shine lasers at *every* visible pinhole... or at least doing so gets really expensive and potentially dangerous. Hey, there we go: limo-bus weenie roasts! Just poke a bunch of thumbtack holes in your hot dog and let the anti-camera lasers cook it for you.
MS seems intent to ignore the simple fact that people do not want the same UI for devices they use differently. People want a touch interface for touch devices, and a desktop UI for desktop devices. You don't use a hammer to cut a 2x4. This seems so simple that a 4 year old could figure it out. Why, 10+ years later, is MS still trying to cram a "one UI to rule them all" agenda down consumer's throats that have repeatedly rejected it?
Excellent point! This is also why the dasboard of a car and the dashboard of a jet fighter don't look the same...
I fail to see how it's an issue. You run a program that uploads data, and your issue is that it eats up your bandwidth? Seems like a non-issue to me!
Except for the fact that DropBox is also 'a program that uploads data', yet they (most sensibly) implemented a user-controllable bandwidth limiter on their desktop client right from day one. Most people don't care if it takes a half hour or three hours to upload that folder full of jpgs, but they do care (very much) if they lose their internet connection entirely while the folder is uploading. Even if it only takes ten minutes at full bandwidth, that tends to piss people off...and is completely unacceptable in a business environment.
It just boggles the mind that Google, ostensibly a top-notch service provider, hasn't figured this out yet...
Well, I wouldn't go so far as to say that...but the trend is definitely towards MS territory, at least.
"Here's a shiny mobile platform, completely open! Oh, and to effectively use it, you'll just have to agree to this list of conditions and restrictions to get access to our API's, kk? What!?! It's still open, we just dictate how and when and where our stuff is used...and hey, 3/4 of the ecosystem for this platform is dependant on these API's, so c'mon, what're you waiting for..."
I guess linux isn't open becasue I can put Windows kernel code in it.
Indeed, but would you then try to claim that the Windows code is open source, because you put it on an open platform? Also, are you only allowed to put your Windows kernel on a specific distro?
Android base (AOSP) is open. Android with Google is not. Simple, really.
For the same reason anarcho-capitalism doesn't work: if you make it completely free and uncontrolled, people will fuck it up and balkanize because that's how we are.
AOSP still exists and is under a less restrictive license. If you don't like Google's restrictions on the parts that are explicitly proprietary, use just AOSP-derived firmware like Cyanogen.
Oh, I don't disagree...but then that is, by definition, not an 'open' design. It's a closed fork of an originally open design.
It's like if someone took Debian and mandated certain repositories, Firefox and a KDE interface out of the box, and hey, if you want to use our repositories at all, you can't change that. Sure you can go ahead and roll your own, the core system is still open, but you're not allowed to tweak our distribution. Sure you can add other repositories, install Chrome, etc. but you *have* to keep Firefox available and use KDE, at least initially.
Sorry, that philosophy is not compatible with the term 'open source'. Sure, open source has its challenges, but that's part of the culture.
Slashdot Mirror
They probably know. It's not about money (they've been getting record profits), it's about control.
...pun intended?
Oh that is a nice thing!!!
Thank you!!!
Yeah a little pricey but not crazy expensive at all and totally worth it.
No problem, I had actually forgotten all about them, so thanks for the reminder! I was looking into them a while back for this very application but I ultimately went with an encrypted password manager on cloud storage instead. Might have to give them another look-see... :)
...that would be a security risk.
Security through obscurity? Has this site taught you nothing?!? :)
A text file, encrypted locally with a long password (something I can remember easily, but quite long) and then uploaded to Google Docs for easy access anywhere that I have the decryption software. If I need a password, I just open that file up and copy / paste the password needed - then close it again. If I make a change to a password I can just change it once and that populates to all the other locations where my Google Docs are stored, but it is fully and safely encrypted the whole time.
I even have an app for my phone in case I need it, but there is three factor authentication: my phone's login, a short PIN for the app, and then my full encryption password.
Just FYI, KeePass does basically the same thing for you, but in a user-friendly, searchable, generally-less-mucking-around-required database. Pop the encrypted database file into Google Docs or Dropbox or somewhere and boom, you're done.
I suppose one benefit of using a text file would be that you could theoretically use it on some new system that didn't have a KeePass client yet...if your encryption/decryption client worked on the new system, that is.
What I use is a text file on a thumb drive also backed up on several local drives.
The text file contains the first half or so of the password, enough to remind me of what the password is should I forget. The rest is stored in my brain.
For rarely used passwords and places I will put a hint under the half pass.
I am trying to get away from these long 20 character passwords though... I really wish some one would invent a better system. Maybe a thumb drive that combines storage and a thumb print scanner in one package.
Youy mean like this?
Yeah, they're a bit pricey, but not totally out of the ballpark for the concerned user :)
I like KeyPass because the same database file can be used in my Android phone and on me PC. I don't want to use a cloud based password storage as that might be a vulnerability. I also like that KeyPass allows you to use more than just a password to protect the database, you can also have it use a keyfile. So it turns into something you know (the password) and something you have (the keyfile on a USB key). Then you just need to keep the database synchronized between the different systems you use it on. That could be a problem if you add passwords very frequently, but in my useage it has not been a problem. KeePassDroid is a nice Android version.
My dually-encrypted KP database is the one and only sensitive file I entrust to Dropbox, since even if someone gets it, they'll have to crack both the keyfile and the passphrase to get anything out of it. That does a lovely job of keeping your database in sync for you, since Dropbox clients are pretty much everywhere :)
So, do you put the keyfile in your Dropbox folder, or no? If so, how is that more secure than using a password? Otherwise, do you just manually move it to different devices with a thumb drive or email, or what?
I don't, but opinions vary on this. For me it's no big deal to transfer the keyfile offline to any device that I would want to use, but 90% of the time it's one of two devices (phone, laptop). I always have my phone with me, so I always have my keyfile with me too if I need access from a different device...I suppose if I accidentally dropped both of them off a mountain somewhere, then I'd be hooped until I could get home again and grab the keyfile from my secure backups :)
AS to the how, well bluetooth works *sometimes* for small file transfers, and if the bluetooth is wonky, I break out my connection cable. I also have a slick little cable that lets me plug a USB thumb drive into my android phone, so it's easy to push a file to a thumb drive, then use the thumb drive to put it wherever you like...also works great for photos / music / etc.
I use Keepass.
I store my keepass database on dropbox, this way it is accessible from my iphone, ipad and all my laptops and desktops. Any changes I make are synchronized between devices automatically.
Keepass will auto fill in websites with plugins like KeeFox for Firefox, or launch Putty.
I don't even know what my Slashdot, eBay or Amazon passwords are, as they are all about 64 random characters each.
If you choose to go this route, it makes sense to have a very strong passphrase, as such, my passphrase exceeds 128 bits. A key file is also an excellent option.
Why not both? KeePass allows you to do that.
I also use KeePass (despite how silly the name looks when it's not properly capitalized :) but I use both a strong passphrase and a keyfile, then keep the KP database on Dropbox. The keyfile is manually transferred to any computer or device that I want to access Keepass from, so even if someone scrapes my DropBox, they can crack away at the database all they want, they still don't have the keyfile needed to decrypt it... I guess if someone gets my phone or laptop, they'll have the keyfile and a copy of the KP database, but still not my (pretty strong) passphrase.
Meh. It's secure enough for my needs :)
Do they really expect $20million in annual revenue from WhatsApp to grow to cover that $16billion?
The question is, how does Facebook ever hope to recover the cost?
Apparently the personal data of 450 million users is worth approximately $35 per user to them...are targeted ads really that lucrative?
The Windows 8 start screen is way better than the start menu from previous iterations. The "type to launch" behavior is effectively the same as the start menu (actually faster and more robust) but the added screen real estate makes it easier to find programs if you need to actually look through the list for something.
Safe to assume that you don't know how to use Windows, much less Windows 8, if you're still carrying on with that idiotic position.
Nice shill, but no, it's not. If I want a Mickey Mouse interface I'll go to the Disney website, thanks.
The only thing that's saving Windows 8 is the availability of third party software that fixes the damn interface. Just because I have a 24" monitor doesn't mean I want to use all of it to select and open a single program...and even then, I'd still have to side-scroll to get to ones I don't use often. And 'type to launch' is a better approach, seriously? The only reason it might be considered as such is because nobody can find what they're looking for any other way...so it's a pre-emptive fix for a problem that they knew they'd have.
On a side note, I would be very curious to see the total Windows 8 installed base compared to the installed base for all of the Start Menu add-on programs. As it stands, this comparison of adoption rates between Windows 7 and Windows 8 is more than a little enlightening. And this is in an era where everyone has to have the latest 'shiny'...apparently you just can't shine up Windows 8 enough to make up for the Start screen, but you know how hard it is to polish a turd...which is a shame, because under the hood, Windows 8 has quite a lot going for it. Now if only I could find the hood-release lever :)
A virtual gift card is not the same thing a a virtual currency.
Precisely. A currency can be exchanged for other forms of currency, whereas the value on a gift card can only be exchanged for specific goods and/or services.
Amazon Coins are not convertible to cash, therefore they're not a currency.
Transfers from 1 -> 2, 2 -> 3, and 3 -> 4 need not involve a bank at all.
In theory this might be true but in practice cash is very tracable. US currency has serial numbers.
You get your money from the bank. You buy food at a restaurant. The restaurant deposits it in the bank.
There might be an extra hop or two if you're lucky but the number of hops without passing a bank is
minimal. If you don't believe me, try to pass off a counterfit bill. The secret service is extremely good
at tracing backwards the route it took to get to the bank and can usually do it in only a couple hops.
Smaller bills might get passed back and forth a bit more but even a place like walmart rarely gives back
$20 bills as change except for a tiny bit of cashback but the majority goes straight back to the bank.
No. Just...don't.
Trust me, "But it was for science!" doesn't hold a lot of water in the back rooms...
Major Vulnerability In Tinder Dating App Allowed User Tracking
On reading this headline, I thought this was some app used by scientists to compute carbon dating on tinder found in archeological digs...strangely specific, but I could see it existing. Not a huge user base for it, though, so why the fuss about user tracking? And why bother? "Both of them are in the lab...now they're at the dig site...now they're at the bar. Repeat."
Clearly my hopes for scientific stories on Slashdot are overly optimistic... :(
Microsoft still has the Windows monopolistic, dictate what the market wants philosophy. Microsoft is unable to function in a marketspace where they are not the monopolistic bully in the room.
This. Windows 8 Start Screen, anyone?
This is hardly new behaviour for MS lately. It's like they're deliberately sabotaging all of their flagship products.
I guess if you're big enough, you can do that kind of thing...for a while, anyways. Trouble is, once the avalanche starts, it's awful hard to stop it again...
From (one of) TFA:
In a statement to the Washington Post, Verizon said it was investigating the report and that the customer rep was misinformed.
"We treat all traffic equally, and that has not changed," the statement read. "Many factors can affect the speed of a customer’s experience for a specific site, including that site’s servers, the way the traffic is routed over the Internet and other considerations.
We are looking into this specific matter, but the company representative was mistaken. We’re going to redouble our representative education efforts on this topic."
Here come the whips and chains...hate to be a Verizon rep right about now...
Look at football, in 2014 a guy admits to being gay, brouhaha ensues. Certainly there are other gay men in football, but they're on the DL.
On the Defensive Lineman?? O_o
Touch screens. There's your problem. They are a very poor choice for an interface in an environment where you can't devote 100% of your eyesight to it.
Not only for the attention issues...in my experience, touchscreens rarely last long in colder regions. I've lost a couple of good GPS units that way: by leaving them in the vehicle over winter. And good luck using this thing with gloves! AFAIK, you can't get multi-touch without a capacitive screen, and capacitive screens don't respond to gloved hands...or even very well to chilled fingers.
I'm sure it's fine for Beverly Hills, though...
It's no good - they'll just be stymied by lenseless cameras, you can't shine lasers at *every* visible pinhole... or at least doing so gets really expensive and potentially dangerous. Hey, there we go: limo-bus weenie roasts! Just poke a bunch of thumbtack holes in your hot dog and let the anti-camera lasers cook it for you.
Err...ouch?
This is also why the dasboard of a car and the dashboard of a jet fighter don't look the same...
Insensitive clod. I have gone to huge expense to have my jet fighter modified to have a gear lever and steering wheel. I was so confused before.
How're those antilock brakes working out for you? :)
MS seems intent to ignore the simple fact that people do not want the same UI for devices they use differently. People want a touch interface for touch devices, and a desktop UI for desktop devices. You don't use a hammer to cut a 2x4. This seems so simple that a 4 year old could figure it out. Why, 10+ years later, is MS still trying to cram a "one UI to rule them all" agenda down consumer's throats that have repeatedly rejected it?
Excellent point! This is also why the dasboard of a car and the dashboard of a jet fighter don't look the same...
I fail to see how it's an issue. You run a program that uploads data, and your issue is that it eats up your bandwidth? Seems like a non-issue to me!
Except for the fact that DropBox is also 'a program that uploads data', yet they (most sensibly) implemented a user-controllable bandwidth limiter on their desktop client right from day one. Most people don't care if it takes a half hour or three hours to upload that folder full of jpgs, but they do care (very much) if they lose their internet connection entirely while the folder is uploading. Even if it only takes ten minutes at full bandwidth, that tends to piss people off...and is completely unacceptable in a business environment.
It just boggles the mind that Google, ostensibly a top-notch service provider, hasn't figured this out yet...
Google = Apple with that closed stance
Well, I wouldn't go so far as to say that...but the trend is definitely towards MS territory, at least.
"Here's a shiny mobile platform, completely open! Oh, and to effectively use it, you'll just have to agree to this list of conditions and restrictions to get access to our API's, kk? What!?! It's still open, we just dictate how and when and where our stuff is used...and hey, 3/4 of the ecosystem for this platform is dependant on these API's, so c'mon, what're you waiting for..."
I guess linux isn't open becasue I can put Windows kernel code in it.
Indeed, but would you then try to claim that the Windows code is open source, because you put it on an open platform? Also, are you only allowed to put your Windows kernel on a specific distro?
Android base (AOSP) is open. Android with Google is not. Simple, really.
Just rated several of king's games 1-star, no idea if that helps, but made me feel better.
Nice one. I'm scanning the ratings and flagging 1-star protests such as yours as 'Helpful'.
Every little bit helps...
For the same reason anarcho-capitalism doesn't work: if you make it completely free and uncontrolled, people will fuck it up and balkanize because that's how we are.
AOSP still exists and is under a less restrictive license. If you don't like Google's restrictions on the parts that are explicitly proprietary, use just AOSP-derived firmware like Cyanogen.
Oh, I don't disagree...but then that is, by definition, not an 'open' design. It's a closed fork of an originally open design.
It's like if someone took Debian and mandated certain repositories, Firefox and a KDE interface out of the box, and hey, if you want to use our repositories at all, you can't change that. Sure you can go ahead and roll your own, the core system is still open, but you're not allowed to tweak our distribution. Sure you can add other repositories, install Chrome, etc. but you *have* to keep Firefox available and use KDE, at least initially.
Sorry, that philosophy is not compatible with the term 'open source'. Sure, open source has its challenges, but that's part of the culture.