The OFFICIAL tech stuff thread
-
@tigger said in The OFFICIAL tech stuff thread:
@Jam said in The OFFICIAL tech stuff thread:
Conversing with people who are responsible for these security policy issues, when you can find them, is worse than trying to talk to a wall.
In order to log into my banking site, I have to use a user ID and Passcode and then a code generated by an RSA token associated with my account.
Why must I change the passcode every 3 months. I remember about 20 more than passcodes as it is without changing any of them!
My investment house used to use a User ID and Passcode and then on the next page you had to pick one of about 50 images and then type the caption. So I chose a bunch of red grapes and the caption was Pinot Noir. Then one day, they went back to User ID and passcode on the same page and eliminated the images. I bitched like a mad-man to no avail.
Banking (company)
Banking (private)
ATM (company)
ATM (private)
Investment house (Me)
Investment house (wife)
SSN Gov ID
Northwell Health
NYU Langone Health
Quest Diagnostic
Bioreference Labs
Sunset Labs
Honeywell thermostats
Honeywell alarm system(s)
Digital door locks
various old-school combination keyless padlocks
Various and sundry customer VPN logins including VMWare Horizon accounts (also RSA token-protected)
Verizon business accounts
Verizon private accounts
The list goes on.I’m a fucking boomer! I do not reuse passcodes.
How the fuck wilI I remember all of this shit when I actually get old!!!Often you can just talk them into bypassing all security and doing what you want, so it’s really twice stupid.
Mostly you have to convince them you’re the right person so they don’t eat a loss from fraud.
https://i.imgur.com/hX2CMMZ.jpg
Never go full Lithu-
TwainNo editing is gonna save you now-
Wingmannhttp://s3.amazonaws.com/rrpa_photos/72217/DSC_2528.JPG
http://s3.amazonaws.com/rrpa_photos/20416/PTOB 101_resize.jpg
-
@Kilemall said in The OFFICIAL tech stuff thread:
@tigger said in The OFFICIAL tech stuff thread:
@Jam said in The OFFICIAL tech stuff thread:
Conversing with people who are responsible for these security policy issues, when you can find them, is worse than trying to talk to a wall.
In order to log into my banking site, I have to use a user ID and Passcode and then a code generated by an RSA token associated with my account.
Why must I change the passcode every 3 months. I remember about 20 more than passcodes as it is without changing any of them!
My investment house used to use a User ID and Passcode and then on the next page you had to pick one of about 50 images and then type the caption. So I chose a bunch of red grapes and the caption was Pinot Noir. Then one day, they went back to User ID and passcode on the same page and eliminated the images. I bitched like a mad-man to no avail.
Banking (company)
Banking (private)
ATM (company)
ATM (private)
Investment house (Me)
Investment house (wife)
SSN Gov ID
Northwell Health
NYU Langone Health
Quest Diagnostic
Bioreference Labs
Sunset Labs
Honeywell thermostats
Honeywell alarm system(s)
Digital door locks
various old-school combination keyless padlocks
Various and sundry customer VPN logins including VMWare Horizon accounts (also RSA token-protected)
Verizon business accounts
Verizon private accounts
The list goes on.I’m a fucking boomer! I do not reuse passcodes.
How the fuck wilI I remember all of this shit when I actually get old!!!Often you can just talk them into bypassing all security and doing what you want, so it’s really twice stupid.
Mostly you have to convince them you’re the right person so they don’t eat a loss from fraud.
Thankfully, I have never been able to convince anyone to bypass security and I can be very persuasive.
I did have am amusing experience once during a verification process.
Here goes . . .
And I guaranty that you will be entertained . . .
I went through a rather laborious oral/verbal authentication process with a financial institution and my patience was running very thin after about ten minutes.
I was asked my date of birth, which I provided . . .
Then I was immediately asked how old was i?“You fucking moron, I yelled! You just asked me my fucking birthday and now you want to know how old I am? What kind of a jerk are you, you idiot!!!”
“Sir, please calm down.”
“I’m not calming the fuck down you jackass! I’ve had about as much of you as I can stomach, asshole!”
"Sir, please . . . "
“The reason we ask how old a person is, just after asking their date of birth is that most scammers can’t answer the question without having to pause and try and compute the age of the person they are impersonating . . . and this has actually been a good way to know whether one is speaking to the right person.”
Pause . . .
More pause . . .
“Actually make sense,” says I.
“I guess I failed the test then?” -
@Kilemall said in The OFFICIAL tech stuff thread:
@tigger said in The OFFICIAL tech stuff thread:
@Jam said in The OFFICIAL tech stuff thread:
Conversing with people who are responsible for these security policy issues, when you can find them, is worse than trying to talk to a wall.
In order to log into my banking site, I have to use a user ID and Passcode and then a code generated by an RSA token associated with my account.
Why must I change the passcode every 3 months. I remember about 20 more than passcodes as it is without changing any of them!
My investment house used to use a User ID and Passcode and then on the next page you had to pick one of about 50 images and then type the caption. So I chose a bunch of red grapes and the caption was Pinot Noir. Then one day, they went back to User ID and passcode on the same page and eliminated the images. I bitched like a mad-man to no avail.
Banking (company)
Banking (private)
ATM (company)
ATM (private)
Investment house (Me)
Investment house (wife)
SSN Gov ID
Northwell Health
NYU Langone Health
Quest Diagnostic
Bioreference Labs
Sunset Labs
Honeywell thermostats
Honeywell alarm system(s)
Digital door locks
various old-school combination keyless padlocks
Various and sundry customer VPN logins including VMWare Horizon accounts (also RSA token-protected)
Verizon business accounts
Verizon private accounts
The list goes on.I’m a fucking boomer! I do not reuse passcodes.
How the fuck wilI I remember all of this shit when I actually get old!!!Often you can just talk them into bypassing all security and doing what you want, so it’s really twice stupid.
Mostly you have to convince them you’re the right person so they don’t eat a loss from fraud.
Do bureaucrats really care though? They don’t eat the fraud, we do.
-
-
@Gators1 said in The OFFICIAL tech stuff thread:
@Kilemall said in The OFFICIAL tech stuff thread:
@tigger said in The OFFICIAL tech stuff thread:
@Jam said in The OFFICIAL tech stuff thread:
Conversing with people who are responsible for these security policy issues, when you can find them, is worse than trying to talk to a wall.
In order to log into my banking site, I have to use a user ID and Passcode and then a code generated by an RSA token associated with my account.
Why must I change the passcode every 3 months. I remember about 20 more than passcodes as it is without changing any of them!
My investment house used to use a User ID and Passcode and then on the next page you had to pick one of about 50 images and then type the caption. So I chose a bunch of red grapes and the caption was Pinot Noir. Then one day, they went back to User ID and passcode on the same page and eliminated the images. I bitched like a mad-man to no avail.
Banking (company)
Banking (private)
ATM (company)
ATM (private)
Investment house (Me)
Investment house (wife)
SSN Gov ID
Northwell Health
NYU Langone Health
Quest Diagnostic
Bioreference Labs
Sunset Labs
Honeywell thermostats
Honeywell alarm system(s)
Digital door locks
various old-school combination keyless padlocks
Various and sundry customer VPN logins including VMWare Horizon accounts (also RSA token-protected)
Verizon business accounts
Verizon private accounts
The list goes on.I’m a fucking boomer! I do not reuse passcodes.
How the fuck wilI I remember all of this shit when I actually get old!!!Often you can just talk them into bypassing all security and doing what you want, so it’s really twice stupid.
Mostly you have to convince them you’re the right person so they don’t eat a loss from fraud.
Do bureaucrats really care though? They don’t eat the fraud, we do.
Banks are the least forgiving employers, ever.
Pretty much any unscheduled downtime, an IT employee is getting fired.
-
What moron at CrowdStrike thought this was a good idea:
CrowdStrike faces backlash as ‘thank you’ gift cards are blocked
$10 UberEats vouchers sent to people who helped after global IT outage are flagged as potential fraud
Sending people who probably didn’t sleep for 96 hours because of your companies fuckup a $10 gift voucher would be the definition of adding insult to injury. Those $10 gift vouchers being blocked for fraud when people tried to redeem them…
-
Secure Boot is completely broken on 200+ models from 5 big device makers
Keys were labeled “DO NOT TRUST.” Nearly 500 device models use them anyway.
tl;dr Hundreds of computer models have their secure boot installations protected by a single key. That key was uploaded to GitHub and “encrypted” with a four digit password that was trivially brute forced.
Edit: bottom of that article lists the devices affected.
-
Ex-Twitter dev reminisces about finding 700 unused Nvidia GPUs after takeover — forgotten cluster was ‘powered on and idle’
-
Record-Breaking $75 Million Ransom Paid To Dark Angels Gang
You may not have heard of these ransomware criminals, but according to threat intelligence researchers, they’ve hit a $75 million ransom payday. Meet the Dark Angels.
-
I picked the wrong career. I could have worked out of Finland where they couldn’t find me because it doesn’t exist and got rich!
-
Logitech’s ‘Forever Mouse’ Might Require a Monthly Subscription
Just what the market has been crying out for: A mouse that accumulates decades of dust and gunk in its internals and that you have to pay a monthly subscription for.
I wonder if fast scroll speed is disabled unless you get the premium subscription. Maybe mouse-wheel click too.
-
BMW has been doing this shit and sadly people keep buying it. We need to push back against that kind of pricing.
-
Stupid
-
@Zeppelin said in The OFFICIAL tech stuff thread:
Stupid
Particularly on something as commoditized as a mouse. I had to look at what mouse I’m using, it’s this one:
I certainly never bought it; It must have came free with a computer I bought in the last 5 years. It has 6400 DPI, 7 buttons and RGB lighting and I’ve never had a complaint with it but, it’s so cheap it was thrown in with something else. Amazon Egypt are still selling them for $13.50.
-
Greed
-
@Gators1 said in The OFFICIAL tech stuff thread:
BMW has been doing this shit and sadly people keep buying it. We need to push back against that kind of pricing.
If I remember right BMW had that controversy lately where you had to pay a sub to activate your heated seats (even though everything required to do that was actually already in the car, that you already paid for).
People freaked out and the company backpedaled iirc.
-
I didn’t see where they backed off it but may have missed it. When Adobe went to subscription pricing I was kinda pissed. I met an Adobe salesperson in the hotel lounge and gave them an earful. Maybe I am becoming a commie?
-
@Gators1 said in The OFFICIAL tech stuff thread:
I didn’t see where they backed off it but may have missed it. When Adobe went to subscription pricing I was kinda pissed. I met an Adobe salesperson in the hotel lounge and gave them an earful. Maybe I am becoming a commie?
No. Just old and cranky.
-
@Gators1 said in The OFFICIAL tech stuff thread:
I didn’t see where they backed off it but may have missed it. When Adobe went to subscription pricing I was kinda pissed. I met an Adobe salesperson in the hotel lounge and gave them an earful. Maybe I am becoming a commie?
BMW drops plan to charge a monthly fee for heated seats
BMW’s microtransaction experiments have not always been successful.
-
why not just drive an older car and customize it to what you like.
Ex-Twitter dev reminisces about finding 700 unused Nvidia GPUs after takeover — forgotten cluster was 'powered on and idle'
