Computer stuff

[Smith1776]

Smithers: I only use the free version of Bitwarden. It serves all my needs. Btw, i have to jump through some hoops with Veracrypt every time I upgrade the operating system, but luckily I don’t have to do that very often. Constrast with storing things in a Mac sparsebundle which eventually became unopenable for some reason. (Have never had a probem with a Mac DMG file, though. That’s probably what I’ll do more with the next computer).

Vinny: I don’t know the possibilities/probability, but it happened to my father. That’s enough for me.
I agree re: backups. Backups are extremely important and obviously easy to make.

Ahhhh gotcha.

Either way, this thread has me inspired to take information and technology security more seriously.

[yankees60]

At this point I'd not trust any cloud based password manager. Seems to easy for Vanguard to blame a breech in my account to me using a cloud based password manager to store my password for Vanguard.

I use KeyPass as a password manager. It's database, though, is kept in the cloud by me. However, it does require a master password to get into and it is in Business Dropbox, which is encrypted.

Should I have any concern for having my passwords in KeyPass under those conditions?

[Xan]

How does all this online protection affect productivity?

Two things I tolerate but think get in the way of any kind of productivity are keys and passwords.

I do use super strong passwords for anything related to $$$$$$$$.
…

I’m not being snarky when I say nothing affects productivity like having your identity stolen and your email wiped out.

I thought that Mac was going to obviate passwords with something called Passkeys but I haven’t really looked into it.
Passwords are a pain but I’m happy with Bitwarden handling most of that and Veracrypt for the really crucial stuff.

Tor is really about not being tracked and I don’t worry about that too much. My main concern is identity theft and .. theft.

Again what are the possibilities of what you describe as happening? Regarding email specifically. I'm still using Eudora, which I don't think has been updated since 2006. It's all on this computer, Dropbox, and multiple external hard drives. Therefore, how is anyone going to wipe out my email? I'd never trust my email exclusively to some cloud product. I want 100% control of it, which I do have.

My main point is that what are the probabilities of what you describe happening compared to how often people lose things because they have no backups of any form? It's far more likely that the need for a backup is going to come into play than what you describe happening.

I've discovered that most of my computer issues have been under my control and have never been compromised by anyone from the outside. Therefore I'm concentrating the bulk of my efforts towards protecting myself against me.

You're safe from having your email wiped, but of course email is the "keys to the kingdom" for logins to just about everything else, so it's worth having it secured from prying eyes.

If your Eudora hasn't been updated since 2006 then it's using /very/ outdated encryption when connecting to your mail server to download mail, and it may even be not using encryption at all, in which case anybody who finds themselves in the path between you and your mailbox (or can force his way into that path) can read everything.

Your ISP is perhaps the biggest risk here. In terms of privacy invasion the ISP could be doing it right now: they have a history of snooping on web page loads and injecting their own ads, for example. That was one of the reasons for the push to https everywhere. A rogue employee at the ISP could be reading your mail and stealing logins, perhaps doing password resets and intercepting the messages.

Of course if your mail is hosted at your ISP you're out of luck anyway regardless of your email client's encryption. I strongly recommend against using your ISP to host your email, not only because of this concern but because it makes it impossible to switch ISPs without losing your email address.

[dualstow]

At this point I'd not trust any cloud based password manager. Seems to easy for Vanguard to blame a breech in my account to me using a cloud based password manager to store my password for Vanguard.

I use KeyPass as a password manager. It's database, though, is kept in the cloud by me. However, it does require a master password to get into and it is in Business Dropbox, which is encrypted.

Should I have any concern for having my passwords in KeyPass under those conditions?

KeyPass - don’t know.
Like you, I don’t store brokerage passwords in the cloud. That’s where Veracrypt comes in handy. But the cloud (Bitwarden) is great for most of those 200 other passwords I keep.
Stick with Xan’s advice above on various matters.

Maybe this is also a good time to remind any iPhone users out there to be extra careful with your PIN. There are a lot of con artists out there eyeballing PINs in bars and on the street — don’t tell me you old geezers aren’t at the club every Saturday night — and if they get that, they can wreak havoc on iCloud, Apple Cash & Pay,etc.

[Smith1776]

Do you guys have a recommendation for a good webhosting service?

[Smith1776]

I just got AVG's VPN for when I'm in coffeeshops and stuff.

[Xan]

I just got AVG's VPN for when I'm in coffeeshops and stuff.

Personally, I would think that VPNs are more important when you're at home, when any connection made can be assumed to be yours. Any connection from a coffee shop or a hotel would not be automatically associated with a particular person.

Unless it's the coffee shop owner you're worried about. Presumably with TLS on pretty much all websites and email he wouldn't be able to see the content of what you're doing, but could perhaps see what sites you (or at least, people at his shop) are visiting, with some degree of certainty. A VPN does help with that.

[Smith1776]

I just got AVG's VPN for when I'm in coffeeshops and stuff.

Personally, I would think that VPNs are more important when you're at home, when any connection made can be assumed to be yours. Any connection from a coffee shop or a hotel would not be automatically associated with a particular person.

Unless it's the coffee shop owner you're worried about. Presumably with TLS on pretty much all websites and email he wouldn't be able to see the content of what you're doing, but could perhaps see what sites you (or at least, people at his shop) are visiting, with some degree of certainty. A VPN does help with that.

Noted!

Xan, question for you:

If I use TOR along with my AVG VPN, what order is the connection happening in? Is it:

Me -> VPN -> TOR -> Destination

or:

Me -> TOR -> VPN -> Destination

Happen to know? I've heard combining TOR and a VPN can actually weaken security rather than enhance it, but first I don't even know which order the transmission is happening in.

[Xan]

I just got AVG's VPN for when I'm in coffeeshops and stuff.

Personally, I would think that VPNs are more important when you're at home, when any connection made can be assumed to be yours. Any connection from a coffee shop or a hotel would not be automatically associated with a particular person.

Unless it's the coffee shop owner you're worried about. Presumably with TLS on pretty much all websites and email he wouldn't be able to see the content of what you're doing, but could perhaps see what sites you (or at least, people at his shop) are visiting, with some degree of certainty. A VPN does help with that.

Noted!

Xan, question for you:

If I use TOR along with my AVG VPN, what order is the connection happening in? Is it:

Me -> VPN -> TOR -> Destination

or:

Me -> TOR -> VPN -> Destination

Happen to know? I've heard combining TOR and a VPN can actually weaken security rather than enhance it, but first I don't even know which order the transmission is happening in.

Assuming your machine is set up to send all traffic through the VPN, it must be the former. There's the possibility that some traffic might not use the VPN, in which case Tor would still work. I don't think the latter option you outline would be possible at all.

[Smith1776]

Assuming your machine is set up to send all traffic through the VPN, it must be the former. There's the possibility that some traffic might not use the VPN, in which case Tor would still work. I don't think the latter option you outline would be possible at all.

Okay, understood. I clearly still have a lot to learn about networking.

[Smith1776]

Assuming your machine is set up to send all traffic through the VPN, it must be the former. There's the possibility that some traffic might not use the VPN, in which case Tor would still work. I don't think the latter option you outline would be possible at all.

Also, just to save myself from the embarrassment of everyone thinking that I'm a total dunce. I got the idea of the latter scenario from this wiki entry. I didn't just pull it out of thin air.

asdfadsfadsfec.jpg (88.84 KiB) Viewed 4857 times

Maybe I'm reading this wrong?

[dualstow]

I have read that Pegasus and other spyware takes stuff off your phone before you encrypt it.
I wonder what kind of stuff is going on inside a compromised desktop.

[Smith1776]

I have read that Pegasus and other spyware takes stuff off your phone before you encrypt it.
I wonder what kind of stuff is going on inside a compromised desktop.

The whole spyware, malicious software, hacking world is super fascinating. I always find myself captivated by stuff like that.

[whatchamacallit]

I have never used Tor but the comments made me interested in the question and I found a good explanation.

In short, you need a VPN provider to set it up to do You > Tor > VPN

https://www.comparitech.com/blog/vpn-privacy/tor-vpn/

[Smith1776]

I have never used Tor but the comments made me interested in the question and I found a good explanation.

In short, you need a VPN provider to set it up to do You > Tor > VPN

https://www.comparitech.com/blog/vpn-privacy/tor-vpn/

Great explanation. Thank you.

[Smith1776]

Georgia Tech graduates created this really cool visualization tool for common computer science data structures and algorithms. Check it out.

https://csvistool.com/

[Smith1776]

aaaaaaa.jpg (495.08 KiB) Viewed 4570 times

[Smith1776]

Maybe It's just a temporary thing where I need a "break" from using multiple monitors, but lately I've been feeling like I'm more productive with 1 monitor.

With multiple screens there seems to be a great deal more cognitive load as my brain tries to juggle multiple visual stimuli all at once. With 1 monitor I just focus on one thing at a time.

Kind of counterintuitive, but I'm liking it lately.

[boglerdude]

Whats the diff between two small monitors and one huge. 2+ is like "hackzorz!" which is fine. its ok to have fun.

Anyway I'm back to being That Guy, after 78yo father was here for a week and didnt tell me he can barely walk. Its because he's always refused to take the stairs or walk anywhere instead of driving. Ive resisted for years using the term "lazy" about anyone, but gettin close.