Register Guidelines E-Books Search Today's Posts Mark Forums Read

Go Back   MobileRead Forums > E-Book General > News

Notices

Reply
 
Thread Tools Search this Thread
Old 10-15-2020, 12:10 PM   #16
j.p.s
Wizard
j.p.s ought to be getting tired of karma fortunes by now.j.p.s ought to be getting tired of karma fortunes by now.j.p.s ought to be getting tired of karma fortunes by now.j.p.s ought to be getting tired of karma fortunes by now.j.p.s ought to be getting tired of karma fortunes by now.j.p.s ought to be getting tired of karma fortunes by now.j.p.s ought to be getting tired of karma fortunes by now.j.p.s ought to be getting tired of karma fortunes by now.j.p.s ought to be getting tired of karma fortunes by now.j.p.s ought to be getting tired of karma fortunes by now.j.p.s ought to be getting tired of karma fortunes by now.
 
Posts: 3,218
Karma: 55950793
Join Date: Apr 2011
Device: pb360
Quote:
Originally Posted by Deskisamess View Post
And as Data wonders...
And whether it is attached to the rest of you or not. (e.g. Minority Report)
j.p.s is offline   Reply With Quote
Old 10-15-2020, 12:55 PM   #17
DiapDealer
Grand Sorcerer
DiapDealer ought to be getting tired of karma fortunes by now.DiapDealer ought to be getting tired of karma fortunes by now.DiapDealer ought to be getting tired of karma fortunes by now.DiapDealer ought to be getting tired of karma fortunes by now.DiapDealer ought to be getting tired of karma fortunes by now.DiapDealer ought to be getting tired of karma fortunes by now.DiapDealer ought to be getting tired of karma fortunes by now.DiapDealer ought to be getting tired of karma fortunes by now.DiapDealer ought to be getting tired of karma fortunes by now.DiapDealer ought to be getting tired of karma fortunes by now.DiapDealer ought to be getting tired of karma fortunes by now.
 
DiapDealer's Avatar
 
Posts: 22,926
Karma: 131479326
Join Date: Jan 2010
Device: Nexus 7, Kindle Fire HD
Quote:
Originally Posted by Uncle Robin View Post
Bitwarden does ok for me - I doubt there's much about my life that interests Five Eyes enough to bother cracking the 12-25 character passwords it generates for each website I use. Remembering the master passphrase is much easier than trying to decipher the drunken spider's scrawl that would be any handwritten list I might create.
Yep. I use Bitwarden (with biometrics that allow me to avoid having to type the master password on my phone) in conjunction with two-factor authentication (Yubikey wherever possible, otherwise authenticator app) on sites where any sensitive personal data is stored. One can even host the Bitwarden server/database on their own in-house hardware if they're extra particular (I'm not).

But all the precautions in the world might not help when someone gets their hands on hardware (either though outright theft or employee negligence)

I control what I can control, and honestly don't worry a lot about the rest (except for being very particular about the number of sites that I will purchase anything from).

I had an account with B&N a long, long time ago, but I've heard nothing from them about this breach. More than likely, that's because I was registered using an email address that's no longer active, and very probably using a credit card I no longer have. *shrug*
DiapDealer is online now   Reply With Quote
Old 10-15-2020, 01:09 PM   #18
twowheels
Wizard
twowheels ought to be getting tired of karma fortunes by now.twowheels ought to be getting tired of karma fortunes by now.twowheels ought to be getting tired of karma fortunes by now.twowheels ought to be getting tired of karma fortunes by now.twowheels ought to be getting tired of karma fortunes by now.twowheels ought to be getting tired of karma fortunes by now.twowheels ought to be getting tired of karma fortunes by now.twowheels ought to be getting tired of karma fortunes by now.twowheels ought to be getting tired of karma fortunes by now.twowheels ought to be getting tired of karma fortunes by now.twowheels ought to be getting tired of karma fortunes by now.
 
twowheels's Avatar
 
Posts: 1,600
Karma: 10465040
Join Date: Nov 2010
Device: Kobo Clara HD, iPad Pro 10", iPhone SE 2020
I tried Yubikey for a while, but found it to be too annoying due to not working in all browsers, on all OSes, so I gave up on that and just use TOTP now.

I use KeePass for my password databases, with multiple databases to segregate the risk a bit if one is compromised. I sync the databases myself, and don't use browser plugins for auto-filling the fields.

This works for me, though a few "security features" of some websites make it very difficult at times, for example sites that won't let you paste into the password field, or sites that accept one long password when changing your password, but then won't let you type the same password when trying to log in, or sites that say "you have to use special characters, but not that one!" meaning that I have to generate a few times to get one that'll pass, or sites that have stupidly short maximum lengths, like 8-12 characters (when NIST suggests 12 as the minimum), or even special character requirements at all, they should just require LONG passwords, without any complexity rules since complexity rules actually reduce the possible entropy and reduce the size of the search space for brute force attacks.
twowheels is offline   Reply With Quote
Old 10-15-2020, 01:31 PM   #19
DiapDealer
Grand Sorcerer
DiapDealer ought to be getting tired of karma fortunes by now.DiapDealer ought to be getting tired of karma fortunes by now.DiapDealer ought to be getting tired of karma fortunes by now.DiapDealer ought to be getting tired of karma fortunes by now.DiapDealer ought to be getting tired of karma fortunes by now.DiapDealer ought to be getting tired of karma fortunes by now.DiapDealer ought to be getting tired of karma fortunes by now.DiapDealer ought to be getting tired of karma fortunes by now.DiapDealer ought to be getting tired of karma fortunes by now.DiapDealer ought to be getting tired of karma fortunes by now.DiapDealer ought to be getting tired of karma fortunes by now.
 
DiapDealer's Avatar
 
Posts: 22,926
Karma: 131479326
Join Date: Jan 2010
Device: Nexus 7, Kindle Fire HD
I've not run into any snags with Yubikey yet. Of course I only ever use one browser on only 2 OSes. Plus I rarely have emergencies where I absolutely NEED to easily access all of my stuff away from the home/work environment. Also, Yubikey is typically only one of my 2FA options. If I ever run into an emergency where I need to access my stuff with uncooperative OSes/software, there's still the authenticator app backup.
DiapDealer is online now   Reply With Quote
Old 10-18-2020, 08:07 PM   #20
GeorgeYellow
Member
GeorgeYellow began at the beginning.
 
Posts: 17
Karma: 10
Join Date: Nov 2017
Device: B&N Nook
So, more days later and a number of NOOK/BnCloud features are still not working, or working intermittently.

For example, Search on an author like "Patterson" will never complete.

Synchronization still seems to be spotty.

More interesting seems to be the lack of notice - if a service drops and a handful of people notice, will it ever come back?
GeorgeYellow is offline   Reply With Quote
Old 10-19-2020, 06:54 AM   #21
fjtorres
Grand Sorcerer
fjtorres ought to be getting tired of karma fortunes by now.fjtorres ought to be getting tired of karma fortunes by now.fjtorres ought to be getting tired of karma fortunes by now.fjtorres ought to be getting tired of karma fortunes by now.fjtorres ought to be getting tired of karma fortunes by now.fjtorres ought to be getting tired of karma fortunes by now.fjtorres ought to be getting tired of karma fortunes by now.fjtorres ought to be getting tired of karma fortunes by now.fjtorres ought to be getting tired of karma fortunes by now.fjtorres ought to be getting tired of karma fortunes by now.fjtorres ought to be getting tired of karma fortunes by now.
 
Posts: 11,685
Karma: 124462310
Join Date: May 2009
Location: 26 kly from Sgr A*
Device: T100TA,PW2,PRS-T1,KT,FireHD 8.9,K2, PB360,BeBook One,Axim51v,TC1000
Quote:
Originally Posted by GeorgeYellow View Post

More interesting seems to be the lack of notice - if a service drops and a handful of people notice, will it ever come back?
Hard to tell since the people whose job is to notice--the tech media and trade press--didn't notice until the fifth day. Or noticed but didn't think it was worth reporting. Even then the trade press didn't say a word until after everybody else, down to local TV stations, had reported. They were scooped by Goodereader of all places.

Doesn't speak well of Nook's relevance.

As is, some folks are still waiting to hear from Daunt.
Not the best example of corporate leadership.
fjtorres is offline   Reply With Quote
Old 10-19-2020, 12:08 PM   #22
Fiat_Lux
Addict
Fiat_Lux ought to be getting tired of karma fortunes by now.Fiat_Lux ought to be getting tired of karma fortunes by now.Fiat_Lux ought to be getting tired of karma fortunes by now.Fiat_Lux ought to be getting tired of karma fortunes by now.Fiat_Lux ought to be getting tired of karma fortunes by now.Fiat_Lux ought to be getting tired of karma fortunes by now.Fiat_Lux ought to be getting tired of karma fortunes by now.Fiat_Lux ought to be getting tired of karma fortunes by now.Fiat_Lux ought to be getting tired of karma fortunes by now.Fiat_Lux ought to be getting tired of karma fortunes by now.Fiat_Lux ought to be getting tired of karma fortunes by now.
 
Fiat_Lux's Avatar
 
Posts: 311
Karma: 4000000
Join Date: Jan 2012
Location: Gimel
Device: tablets
Quote:
Originally Posted by pwalker8 View Post
It's correct that you shouldn't use the same password for different sites. Pass that, most individuals don't need CIA level security.
Back in the 1950's, that would have been the case.

Today, any self-respecting hacker worthy of the name, has a toolchain that is equal to what is available to any TLA.

Defining security threats, and threat models is more important than it has been in the past. However, the starting point should be that the resources that were once exclusive to TLAs with an extremely high budget, are now available to virtually anybody who has the forwithall to utilize them. That means that one needs to assume that the CIA is the least competent threat to one's security, not the most competent.

###

Rephrasing.
If somebody wants to target you, they can get more data about you today, from commercial vendors, than the entire range of Five Eye Intelligence Agencies, plus the Chinese Intelligence Agencies, alongside their puppet states, plus the Russian Intelligence Agencies could have obtained about you, as recently as five years ago.

If your concern is drive-by attacks, the tools used today are from nation-state TLAs.
Fiat_Lux is offline   Reply With Quote
Old 10-19-2020, 12:15 PM   #23
Fiat_Lux
Addict
Fiat_Lux ought to be getting tired of karma fortunes by now.Fiat_Lux ought to be getting tired of karma fortunes by now.Fiat_Lux ought to be getting tired of karma fortunes by now.Fiat_Lux ought to be getting tired of karma fortunes by now.Fiat_Lux ought to be getting tired of karma fortunes by now.Fiat_Lux ought to be getting tired of karma fortunes by now.Fiat_Lux ought to be getting tired of karma fortunes by now.Fiat_Lux ought to be getting tired of karma fortunes by now.Fiat_Lux ought to be getting tired of karma fortunes by now.Fiat_Lux ought to be getting tired of karma fortunes by now.Fiat_Lux ought to be getting tired of karma fortunes by now.
 
Fiat_Lux's Avatar
 
Posts: 311
Karma: 4000000
Join Date: Jan 2012
Location: Gimel
Device: tablets
Quote:
Originally Posted by fjtorres View Post
Sensible.

As is, IT thinking on passwords has been evolving and many are rethinking their user system security policies. Biometrics are filtering down to phones and fairly cheap tablets and PCs. Fingerprint readers and, yes, facial recognition, are replacing passwords as the key authentication systems at the user level, even if PIBS and passwords remain as a "security blanket". Even security fobs and keys are coming to PCs.

At the corporate level security fobs, keys, and cards and biometrics are the minimum at most well run places and have been for decades.

There's too much compute power out there for even the hardiest password to be trusted for mission critical security.
The problem with biometric authentication, is that once you've lost that, you not only have no protection, but are assured that you will never be able to protect anything again.

The only long term result of biometric authentication, is that nothing will be authenticated, or securable.
Fiat_Lux is offline   Reply With Quote
Old 10-19-2020, 12:42 PM   #24
pwalker8
Grand Sorcerer
pwalker8 ought to be getting tired of karma fortunes by now.pwalker8 ought to be getting tired of karma fortunes by now.pwalker8 ought to be getting tired of karma fortunes by now.pwalker8 ought to be getting tired of karma fortunes by now.pwalker8 ought to be getting tired of karma fortunes by now.pwalker8 ought to be getting tired of karma fortunes by now.pwalker8 ought to be getting tired of karma fortunes by now.pwalker8 ought to be getting tired of karma fortunes by now.pwalker8 ought to be getting tired of karma fortunes by now.pwalker8 ought to be getting tired of karma fortunes by now.pwalker8 ought to be getting tired of karma fortunes by now.
 
Posts: 6,782
Karma: 51010656
Join Date: Dec 2006
Location: Atlanta, GA
Device: iPad Pro, iPad mini, Kobo Aura, Amazon paperwhite, Sony PRS-T2
Quote:
Originally Posted by Fiat_Lux View Post
Back in the 1950's, that would have been the case.

Today, any self-respecting hacker worthy of the name, has a toolchain that is equal to what is available to any TLA.

Defining security threats, and threat models is more important than it has been in the past. However, the starting point should be that the resources that were once exclusive to TLAs with an extremely high budget, are now available to virtually anybody who has the forwithall to utilize them. That means that one needs to assume that the CIA is the least competent threat to one's security, not the most competent.

###

Rephrasing.
If somebody wants to target you, they can get more data about you today, from commercial vendors, than the entire range of Five Eye Intelligence Agencies, plus the Chinese Intelligence Agencies, alongside their puppet states, plus the Russian Intelligence Agencies could have obtained about you, as recently as five years ago.

If your concern is drive-by attacks, the tools used today are from nation-state TLAs.

The 50's were before my time, but ever since online started, the computer security issue is the same as every day security issues, useless someone has a strong reason to go after you, you just need enough security to discourage the casual thief. So, you hide your valuables and don't leave your car door unlocked, even though someone could break out your window, or pop the lock.

Unless someone has a reason to think that you have something worth stealing, as long as you have a good firewall at home and keep the firmware up to date, you don't have much to worry about. There is simply too much low hanging fruit with people who don't have firewalls or don't keep their firmware up to date. When you are using public WiFi, then VPN is a good idea.

Hackers either go after targets of opportunity (i.e. totally unprotected machines at the airport, Starbucks or some such thing), or machines that might yield significant value, such as a large corporation. It's like a co-worker once commented about someone who bragged about having a gun in every room in case of home invasion. If you have to worry that much, then you live in the wrong neighborhood. People who do that sort of thing usually do it because it makes them feel good, not because it's actually needed.

I've been online since the early 80's. In all that time, I've never been hacked and I've never had a virus. It's just a case of taking normal precautions and not doing something stupid. I've had firewalls since I built my own on a unix box back in the 90's (the firewall on the typical router is fine now) and I've used anti-virus since Norton was state of the art. I don't click on links in e-mails. Just simple stuff.
pwalker8 is offline   Reply With Quote
Old 10-19-2020, 01:25 PM   #25
DNSB
Bibliophagist
DNSB ought to be getting tired of karma fortunes by now.DNSB ought to be getting tired of karma fortunes by now.DNSB ought to be getting tired of karma fortunes by now.DNSB ought to be getting tired of karma fortunes by now.DNSB ought to be getting tired of karma fortunes by now.DNSB ought to be getting tired of karma fortunes by now.DNSB ought to be getting tired of karma fortunes by now.DNSB ought to be getting tired of karma fortunes by now.DNSB ought to be getting tired of karma fortunes by now.DNSB ought to be getting tired of karma fortunes by now.DNSB ought to be getting tired of karma fortunes by now.
 
DNSB's Avatar
 
Posts: 8,620
Karma: 39207287
Join Date: Jul 2010
Location: Vancouver
Device: Kobo Forma, Clara HD, Nexus 7 HD, iPad Pro, Tolino epos
Quote:
Originally Posted by pwalker8 View Post
I've been online since the early 80's. In all that time, I've never been hacked and I've never had a virus. It's just a case of taking normal precautions and not doing something stupid. I've had firewalls since I built my own on a unix box back in the 90's (the firewall on the typical router is fine now) and I've used anti-virus since Norton was state of the art. I don't click on links in e-mails. Just simple stuff.
I will admit that during my IT career, I have made a few dollars cleaning up computers belonging to those who didn't see why they needed antimalware software since "they were careful about which websites they visited and never clicked on links in emails from unknown persons".

To me, the definition of low hanging fruit was one genius who had a telco modem with two LAN ports. One of them was wired to his wireless router but he decided to plug his computer into the second LAN port bypassing the router since "I thought it would be faster". You can probably guess what happened when an unpatched Windows computer was exposed directly to the Internet.
DNSB is offline   Reply With Quote
Old 10-19-2020, 02:14 PM   #26
DiapDealer
Grand Sorcerer
DiapDealer ought to be getting tired of karma fortunes by now.DiapDealer ought to be getting tired of karma fortunes by now.DiapDealer ought to be getting tired of karma fortunes by now.DiapDealer ought to be getting tired of karma fortunes by now.DiapDealer ought to be getting tired of karma fortunes by now.DiapDealer ought to be getting tired of karma fortunes by now.DiapDealer ought to be getting tired of karma fortunes by now.DiapDealer ought to be getting tired of karma fortunes by now.DiapDealer ought to be getting tired of karma fortunes by now.DiapDealer ought to be getting tired of karma fortunes by now.DiapDealer ought to be getting tired of karma fortunes by now.
 
DiapDealer's Avatar
 
Posts: 22,926
Karma: 131479326
Join Date: Jan 2010
Device: Nexus 7, Kindle Fire HD
Quote:
Originally Posted by DNSB View Post
You can probably guess what happened when an unpatched Windows computer was exposed directly to the Internet.
Hung an unused NT server directly on the internet back in the late 90s just as a test. Pretty sure someone was knocking on the door after about 20 minutes. There was a fully functional ftp server (full of warez content) operating inside of 12 hours.
DiapDealer is online now   Reply With Quote
Old 10-19-2020, 05:20 PM   #27
fjtorres
Grand Sorcerer
fjtorres ought to be getting tired of karma fortunes by now.fjtorres ought to be getting tired of karma fortunes by now.fjtorres ought to be getting tired of karma fortunes by now.fjtorres ought to be getting tired of karma fortunes by now.fjtorres ought to be getting tired of karma fortunes by now.fjtorres ought to be getting tired of karma fortunes by now.fjtorres ought to be getting tired of karma fortunes by now.fjtorres ought to be getting tired of karma fortunes by now.fjtorres ought to be getting tired of karma fortunes by now.fjtorres ought to be getting tired of karma fortunes by now.fjtorres ought to be getting tired of karma fortunes by now.
 
Posts: 11,685
Karma: 124462310
Join Date: May 2009
Location: 26 kly from Sgr A*
Device: T100TA,PW2,PRS-T1,KT,FireHD 8.9,K2, PB360,BeBook One,Axim51v,TC1000
Quote:
Originally Posted by Fiat_Lux View Post
The problem with biometric authentication, is that once you've lost that, you not only have no protection, but are assured that you will never be able to protect anything again.

The only long term result of biometric authentication, is that nothing will be authenticated, or securable.
Well, if they cut your finger off you'll have a bigger problem than accessing your PC.
Current biometrics are a transition phase before they get around to DNA and brainwave logins.

No security is perfect.

But unless you're a politician's relative, there's a limit to how far the bad buys will go to steal your credit card info. They prefer low hanging fruit like businesses that don't patch known VPN vulnerabilities for 18 months.
fjtorres is offline   Reply With Quote
Old 10-19-2020, 05:25 PM   #28
fjtorres
Grand Sorcerer
fjtorres ought to be getting tired of karma fortunes by now.fjtorres ought to be getting tired of karma fortunes by now.fjtorres ought to be getting tired of karma fortunes by now.fjtorres ought to be getting tired of karma fortunes by now.fjtorres ought to be getting tired of karma fortunes by now.fjtorres ought to be getting tired of karma fortunes by now.fjtorres ought to be getting tired of karma fortunes by now.fjtorres ought to be getting tired of karma fortunes by now.fjtorres ought to be getting tired of karma fortunes by now.fjtorres ought to be getting tired of karma fortunes by now.fjtorres ought to be getting tired of karma fortunes by now.
 
Posts: 11,685
Karma: 124462310
Join Date: May 2009
Location: 26 kly from Sgr A*
Device: T100TA,PW2,PRS-T1,KT,FireHD 8.9,K2, PB360,BeBook One,Axim51v,TC1000
Quote:
Originally Posted by DiapDealer View Post
Hung an unused NT server directly on the internet back in the late 90s just as a test. Pretty sure someone was knocking on the door after about 20 minutes. There was a fully functional ftp server (full of warez content) operating inside of 12 hours.
Anything in there worth compromising one's ethics?

Today it wouldn't last 12 seconds with all the robotools scanning out there.
fjtorres is offline   Reply With Quote
Old 10-19-2020, 06:49 PM   #29
DNSB
Bibliophagist
DNSB ought to be getting tired of karma fortunes by now.DNSB ought to be getting tired of karma fortunes by now.DNSB ought to be getting tired of karma fortunes by now.DNSB ought to be getting tired of karma fortunes by now.DNSB ought to be getting tired of karma fortunes by now.DNSB ought to be getting tired of karma fortunes by now.DNSB ought to be getting tired of karma fortunes by now.DNSB ought to be getting tired of karma fortunes by now.DNSB ought to be getting tired of karma fortunes by now.DNSB ought to be getting tired of karma fortunes by now.DNSB ought to be getting tired of karma fortunes by now.
 
DNSB's Avatar
 
Posts: 8,620
Karma: 39207287
Join Date: Jul 2010
Location: Vancouver
Device: Kobo Forma, Clara HD, Nexus 7 HD, iPad Pro, Tolino epos
Quote:
Originally Posted by fjtorres View Post
Well, if they cut your finger off you'll have a bigger problem than accessing your PC.
Perhaps one of those fingerprint scanners that also check blood oxygen level and pulse?
DNSB is offline   Reply With Quote
Old 10-19-2020, 07:08 PM   #30
fjtorres
Grand Sorcerer
fjtorres ought to be getting tired of karma fortunes by now.fjtorres ought to be getting tired of karma fortunes by now.fjtorres ought to be getting tired of karma fortunes by now.fjtorres ought to be getting tired of karma fortunes by now.fjtorres ought to be getting tired of karma fortunes by now.fjtorres ought to be getting tired of karma fortunes by now.fjtorres ought to be getting tired of karma fortunes by now.fjtorres ought to be getting tired of karma fortunes by now.fjtorres ought to be getting tired of karma fortunes by now.fjtorres ought to be getting tired of karma fortunes by now.fjtorres ought to be getting tired of karma fortunes by now.
 
Posts: 11,685
Karma: 124462310
Join Date: May 2009
Location: 26 kly from Sgr A*
Device: T100TA,PW2,PRS-T1,KT,FireHD 8.9,K2, PB360,BeBook One,Axim51v,TC1000
Quote:
Originally Posted by DNSB View Post
Perhaps one of those fingerprint scanners that also check blood oxygen level and pulse?
I was thinking of touch typing problems minus the finger.
fjtorres is offline   Reply With Quote
Reply

Thread Tools Search this Thread
Search this Thread:

Advanced Search

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Barnes & Noble Book in my T1? MickeyC Sony Reader 6 11-25-2014 04:43 PM
Conflict between Barnes & Noble and Simon & Schuster continues charmian News 14 03-24-2013 11:48 PM
[Old Thread] Problem reading converted EPUB & PDB on Barnes & Noble eReader webfolk Calibre 3 01-09-2012 10:08 PM
Neo Barnes & Noble from the UK Fith BeBook 5 04-26-2010 05:20 PM
Barnes & Noble mycart Introduce Yourself 5 02-03-2010 12:14 PM


All times are GMT -4. The time now is 12:03 PM.


MobileRead.com is a privately owned, operated and funded community.