Posts by GeoGreg 6 publicly visible posts • joined 5 May 2016
Back in the Olden Tymes (about 1989), NetHack was one of the first programs I built from source (on a Sun running SunOS 4.1.3). I learned all sorts of things about Makefiles and such. And it's not cheating if you learn it from reading the source! (Even when I played it frequently, I still never ascended a character.)
You are paralyzed. The grid bug bites! The grid bug bites! The grid bug bites! --More--
LastPass has published a blog post (less than 1 hour before I am writing this comment) in which they describe the problem as only affecting users of the Firefox plugin. They are pushing out a fix now, or users can download the latest plugin. Full post here:
https://blog.lastpass.com/2016/07/lastpass-security-updates.html/
Once via work (although I think it was a home system), and one via a comment on a friend's social media account. In both cases, people accepted Windows 10 upgrades that seemed (to them) to be mandatory, and subsequently found their systems not functional for their needs. I was using a Windows system recently and finding myself confronted with a modal Windows 10 upgrade dialog that had no obvious "not now" or "decline" button. If I remember, I was able to dismiss the dialog by pressing the good ol' ESC key.
Whether they intended to or not, Microsoft has deployed an upgrade tool that is confusing. I suspect many unwitting upgraders have purchased new equipment. It's almost as if the PC makers as well as Microsoft might be benefiting from this. At least, you might think so. I couldn't possibly comment.
I think it was about 20 years ago that I first read the advice to pick a good password and stick with it, probably from Schneier. I think the length of a "good password" has probably increased since then, but I believe the principle is the same. Pick something you can remember that is hard for others to guess, whether by brute force or by picking at your life details. For passwords I control, I use a strong multiword passphrase from a generator if I want to be able to remember it at the keyboard, and randomly-generated strings in a cross-platform password manager for credentials I just want to be able to copy/paste. I turn on 2FA if it's available. I don't store passwords that I don't control in my manager, as I don't want that responsibility in the event my manager is somehow compromised. I read many analyses before picking a password manager program that had the features I want. I think I've achieved a balance of security and convenience that works for me.
(Note: I specifically am not commenting on which safe I use, since this is about security principles, not particular software implementations. Schneier wrote his own manager, and there are many others.)
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2025
