Posts by loops

Did you forget to take your medication again?

Re: So OTP is fine, but biometrics is better ?

I can't say for sure what this system entails, because of course, they haven't even decided yet, but most biometric systems don't work that way. In most systems, your face/fingerprint/whatever (voice being the obvious exception to this rule) never leaves your local device (phone, tablet, pc...). You authenticate biometrically locally, then a key-pair exchange authenticates to the remote service.

A large part of the reason for this is that nobody wants the hassle of securing biometric data nor being responsible for it when it leaks.

I'd be happy with that (my employer less so, unfortunately we're invested in MS).

Re: authenticator app

Not any more, not by default. Microsoft made their own Authenticator app the only way to Authenticate through the newish (15th September) "Registration Campaign" in Authentcation Methods in AAD/Entra/whatever they call it this week, even for TOTP, certainly for any newly registered accounts.

The generated QR code only works with the Microsoft app and it registers the app to the corresponding user account. You could see this for a few weeks after implementation, because you could see where people were authenticating from in Sentinel (yes - Sentinel was actually tracking personal devices!! since fixed), even when using TOTP, not push!

Interestingly, Microsoft have prevented you scanning the same QR code twice when one account registers through the "campaign" (so multiple people can no longer have the same TOTP code on their devices). More secure, but I bet we're not the only ones who have a real world use for this feature (we have a couple of generic shared accounts, so we want to have the same TOTP on multiple devices).

You can, of course, bypass all this by disabling the registration campaign - at which point the "use other autenticator" link appears again, and the QR codes are just generic TOTP codes rather than Microsoft specific codes.

The reason they're doing this is because they're pushing "Microsoft Managed MFA" and they can't enforce much if they don't control the app that people are authenticating with (+ they almost certainly upload a bunch of "telemetry" from every device the app is installed on, and then sell it - that's the age we live in).

Re: He needs an icon -->

Proof indeed that Musk simps are the most embarrassing people on the planet.

Re: Show us the stats

MacOS is predicted to be the dominant business endpoint in 2030.

Re: So what's the improvement in the store version?

None. They keep pushing everything to the Windows store because Windows Package Manager can access the store and they're pushing the Package Manager.

There's a major problem with this: any network administrator worth their salt will block the crappy Windows Store across their network.

In their wisdom they recently pushed Quick Assist to the Windows Store and then obsoleted the old (freely available) app. Microsoft support are now having to use Teams or Teamviewer, because nobody in enterprise can access the Quick Assist app any more.

And these people are supposed to be the intelligent ones.

Re: Ubiquiti's strategy...

"enterprise feature set"

Seriously? Their "pro" kit doesn't even allow you to list DHCP leases!

Re: Not again..

> Child abusers/exploiters cannot be reformed

Sexual offences have the lowest recidivism rates of any offence.

You can attribute that to the violence they face when in prison, the monitoring they're subject to on release, the rehabilitation courses they are forced to take when in prison (it's about the only crime where offenders are forced to undertake rehabilitation) or, more likely, a combination of the three.

But the evidence does strongly suggest that a majority are reformed compared to other criminals. The ones that do go on to reoffend tend to make the headlines of course.

Re: In a statement Gumtree told The Register: "We were made aware..."

AKA: In a statement Gumtree told The Register "Fuck off, and when you've fucked off, kindly fuck off again".