Link | 2,880 Posted March 24, 2021 Share Posted March 24, 2021 2 hours ago, Code Monkey said: If you try and go from Open Office to Office 365, it will convert completely fine. I always have a hard time explaining this to my corporate users that try and tell me it all works fine when they use Word so therefore it must be Open Office that has the problem. No, it isn't, it's Word inserting the poor formatting. Theoretically, that’s just great. Practically speaking, when MS Office is what you have at work in a corporate environment, all of that means zip and zilch. Taking a document back and forth or sharing with coworkers is quite unpleasant. 2 Link to comment Share on other sites More sharing options...
Gloves | 12,260 Administrator · Posted March 24, 2021 Share Posted March 24, 2021 2 hours ago, Code Monkey said: What would be even more secure is to use a password manager and allow it to automatically assign you 60 character alphanumeric random passwords which you don't even need to remember. This is what I do, and I do suggest it. Sadly many websites have pretty shit proprietary password logic which makes me concerned for their overall security, such as "No special characters" or "Between 8 and 16 characters", or the dreaded "At least 1 capital letter, one number, and 1 special character". I get what they're going for, but it creates a need for layman users to create memorable passwords which incorporate forced "security" logic and leads to passwords like "!Password1", which is incredibly easy to crack. Where I can help it, most of my passwords look something like this: hfqN!niKHP@zRE9Gg3a79NhF6oQzNPASB9y&@NbB 1 1 Link to comment Share on other sites More sharing options...
Murray | 2,484 Posted March 24, 2021 Share Posted March 24, 2021 Does VGS have SSL? 2 Link to comment Share on other sites More sharing options...
Code Monkey | 2,131 Posted March 24, 2021 Share Posted March 24, 2021 28 minutes ago, Gloves said: This is what I do, and I do suggest it. Sadly many websites have pretty shit proprietary password logic which makes me concerned for their overall security, such as "No special characters" or "Between 8 and 16 characters", or the dreaded "At least 1 capital letter, one number, and 1 special character". I get what they're going for, but it creates a need for layman users to create memorable passwords which incorporate forced "security" logic and leads to passwords like "!Password1", which is incredibly easy to crack. Where I can help it, most of my passwords look something like this: hfqN!niKHP@zRE9Gg3a79NhF6oQzNPASB9y&@NbB The password length is the worst. All password hashes are the exact same length so if they're forcing a maximum length on you, then they're storing your password in their database as plain text and they're worried about space. Otherwise if they're hashing it anyway, there's no reason to have a maximum character limit. Link to comment Share on other sites More sharing options...
arch_8ngel | 1,597 Posted March 24, 2021 Share Posted March 24, 2021 1 hour ago, Code Monkey said: On an encrypted storage medium? Absolutely zero. The FBI were even unable to recover encrypted user data without the encryption key when the owner of Lavabit refused to provide it. https://www.theguardian.com/world/2013/oct/03/lavabit-ladar-levison-fbi-encryption-keys-snowden If you're using a proper online manager, it is absolutely impossible for your information to get leaked. Those leaks only happen from insecure storage. The total loss comment wasn't about passwords -- it was about the practical risk of losing backed-up data at home. Unless you live in CA wildfire country, the practical risk of total loss from a house fire is pretty low, or else homeowner's insurance would be WAY more expensive. Versus online services that are hacked by major state actors on a seemingly regular basis. Link to comment Share on other sites More sharing options...
Code Monkey | 2,131 Posted March 24, 2021 Share Posted March 24, 2021 (edited) 20 minutes ago, arch_8ngel said: The total loss comment wasn't about passwords -- it was about the practical risk of losing backed-up data at home. Unless you live in CA wildfire country, the practical risk of total loss from a house fire is pretty low, or else homeowner's insurance would be WAY more expensive. Versus online services that are hacked by major state actors on a seemingly regular basis. That's how I answered it, Lavabit was an email server. If you keep your data on a properly encrypted storage medium, it is literally impossible for someone to hack it. The actors get hacked because someone gets into their email (which is easy) and in there they find 20 different "forgot password" emails with access to all of their online accounts. Or they make their password "password." Or they lay their phone down at a party and someone picks it up, goes to their iCloud storage and adds another user in there. It's always user error. Their accounts aren't actually getting hacked at the server level, that's just something the media writes because they don't know the difference or don't care. You know the recent Nintendo leak? Do you know how that happened? They didn't get into any servers, someone hacked an employee's email and most of the ROM files they recovered from that leak are from email attachments. It's taking so long to discover it all because people have to literally go into each .eml file and look at each attachment individually to figure out what it is. There are thousands. Edited March 24, 2021 by Code Monkey Link to comment Share on other sites More sharing options...
Lincoln | 230 Posted March 24, 2021 Share Posted March 24, 2021 (edited) Apple products are generally more secure than windows machines. Even so, you should have some sort of AV. I dont know if mac os has a good default or not but most 3rd party options on windows are basically malware themselves. If you're going to run windows in a vm or dual boot or however it works now, windows' built in AV is solid. Get a good browser like firefox and an adblocker plugin- ublock plus is the gold standard. This is essential, web ads are a significant attack vector for modern environments. Beyond that, being smart is your best defense. Dont click links in unsolicited messages, dont run apps you aren't familiar with, dont share your passwords, etc. You probably don't need a vpn. If you insist, basically anything but nordvpn. Keep copies of anything important in multiple places. Your local computer, web storage, off site physical storage. The idea being losing access or integrity in any single source isn't catastrophic. Keeping only online copies of things is terrible advice. Thats just someone else's computer you currently have permission to use, and that can change for no good reason. Edited March 24, 2021 by Lincoln 2 1 Link to comment Share on other sites More sharing options...
a3quit4s | 4,355 Posted March 24, 2021 Share Posted March 24, 2021 (edited) 2 hours ago, Gloves said: This is what I do, and I do suggest it. Sadly many websites have pretty shit proprietary password logic which makes me concerned for their overall security, such as "No special characters" or "Between 8 and 16 characters", or the dreaded "At least 1 capital letter, one number, and 1 special character". I get what they're going for, but it creates a need for layman users to create memorable passwords which incorporate forced "security" logic and leads to passwords like "!Password1", which is incredibly easy to crack. Where I can help it, most of my passwords look something like this: hfqN!niKHP@zRE9Gg3a79NhF6oQzNPASB9y&@NbB I'm with this except I'm cheap and don't pay for last pass so if I have to enter a password into a browser that isn't on my phone arggghhhhh Edited March 24, 2021 by a3quit4s Link to comment Share on other sites More sharing options...
a3quit4s | 4,355 Posted March 24, 2021 Share Posted March 24, 2021 (edited) 1 hour ago, Murray said: Does VGS have SSL? From Amazon Certificate Manager! This is likely so the termination can be handled on the application load balancer since many other tenants likely occupy the same instance or instances that VGS does! Edited March 24, 2021 by a3quit4s Link to comment Share on other sites More sharing options...
arch_8ngel | 1,597 Posted March 24, 2021 Share Posted March 24, 2021 (edited) 41 minutes ago, Code Monkey said: That's how I answered it, Lavabit was an email server. If you keep your data on a properly encrypted storage medium, it is literally impossible for someone to hack it. The actors get hacked because someone gets into their email (which is easy) and in there they find 20 different "forgot password" emails with access to all of their online accounts. Or they make their password "password." Or they lay their phone down at a party and someone picks it up, goes to their iCloud storage and adds another user in there. It's always user error. Their accounts aren't actually getting hacked at the server level, that's just something the media writes because they don't know the difference or don't care. You know the recent Nintendo leak? Do you know how that happened? They didn't get into any servers, someone hacked an employee's email and most of the ROM files they recovered from that leak are from email attachments. It's taking so long to discover it all because people have to literally go into each .eml file and look at each attachment individually to figure out what it is. There are thousands. I understand that social engineering attacks of one sort or another are the weak link, most of the time. -- using "hacking" in a very broad sense in the above comment. I guess i'm just not on the wavelength of what matters to you guys on this part of the conversation (saving to cloud vs physical backup), since to me the only "digital data" that really matters is banking and brokerage data -- which isn't really on my system anyway, though I'll definitely save backups of monthly statements. Anything work related, for me, is backed up on work servers, and can't legally be in the cloud somewhere anyway. And family pictures, etc -- they're in the cloud automatically on most phones, but aren't really something I care about someone stealing if there was a data breach. But even for those -- the risk of catastrophic loss if they're backed up at home is pretty low. EDIT: I'll certainly grant that if you live in CA wildfire country then the risk of total loss to fire is a more plausible concern than it is to the rest of us, though. Edited March 24, 2021 by arch_8ngel Link to comment Share on other sites More sharing options...
Gloves | 12,260 Administrator · Posted March 24, 2021 Share Posted March 24, 2021 57 minutes ago, a3quit4s said: I'm with this except I'm cheap and don't pay for last pass so if I have to enter a password into a browser that isn't on my phone arggghhhhh I use Dashlane, personally. Link to comment Share on other sites More sharing options...
JamesRobot | 6,027 Events Team · Posted March 24, 2021 Share Posted March 24, 2021 Press the windows button + the period button to use emojis from your PC. Link to comment Share on other sites More sharing options...
CMR | 538 Posted March 25, 2021 Share Posted March 25, 2021 I wouldn't bother with an antivirus software. It's just going to make your PC slower than it already is if you're a windows user. 1 Link to comment Share on other sites More sharing options...
Daniel_Doyce | 491 Posted March 25, 2021 Share Posted March 25, 2021 10 hours ago, Code Monkey said: Are your disconnected hard drives in the same house? A single fire would wipe it all out. Yes. I do have a separate thumb drive in a different location with all the files I really consider important, though. When you get down to it, it's surprising how little is truly essential 1 Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now