Latest posts of: db90h - DonationCoder.com
Welcome Guest.   Make a donation to an author on the site August 05, 2015, 05:28:59 AM  *

Please login or register.
Or did you miss your validation email?


Login with username and password (forgot your password?)
Why not become a lifetime supporting member of the site with a one-time donation of any amount? Your donation entitles you to a ton of additional benefits, including access to exclusive discounts and downloads, the ability to enter monthly free software drawings, and a single non-expiring license key for all of our programs.


You must sign up here before you can post and access some areas of the site. Registration is totally free and confidential.
 
Your Support Funds this Site: View the Supporter Yearbook.
   
  Forum Home Thread Marks Chat! Downloads Search Login Register  
  Show Posts
      View this member's profile 
      donate to someone Donate to this member 
Pages: [1] 2 3 4 5 6 ... 20 Next
1  DonationCoder.com Software / Android Apps / Re: WhenLast (Android app) - v1.82 - Feb 10, 2015 on: March 09, 2015, 04:59:43 AM
Makes me remember, almost time to file my taxes Wink.

Nice mobile app work Mouser. Glad you are proficient in this space.
2  Main Area and Open Discussion / Living Room / Re: Use a unique password for this site on: March 08, 2015, 09:15:04 AM
2FA is the solution to many problems, but is imperfect in some ways itself. It encourages weak passwords, since you've got 2FA to back it up.

My friend Steve Gibson is working on SQRL, as many of you know, which does help a lot with this password mess.

We'll end this thread here, and hope DC goes full SSL when the site is refactored -- which I'm sure he'll do to save money, if nothing else. He's paying way too much as-is. It's just a lot of work, but will be a good learning experience, and he's more than capable.
3  Main Area and Open Discussion / Living Room / Re: Use a unique password for this site on: March 07, 2015, 05:00:29 PM
Yea, that's why I send my mail on post cards.

It's a simple security thing. Easier to secure everything than cherry-pick. That's all.

Surely certain portions will be broken as necessary, man-in-the-middle attacks from a legit CA, etc.. the NSA will always have their ways.

But security isn't about 'criminals', it's about online safety and privacy, especially for those who live in countries where their political affiliation this year could cost them their life the next.
4  Main Area and Open Discussion / Living Room / Re: Use a unique password for this site on: March 07, 2015, 11:37:52 AM
Yea, rainbow tables are the term you are looking for Wink. They are, again, hopefully, neutralized by appropriately salting the hashed password.

Certainly your operation is safe and warning caps removed in good reason.

A single password manager introduces a single point of failure, but is otherwise good advice.

The entirety of web traffic will be encrypted in time, whether it be via HTTP 5 or simple prudence.
5  Main Area and Open Discussion / Living Room / Re: Use a unique password for this site on: March 07, 2015, 11:08:10 AM
Still I prefer SSL, LOL.

The idea of everything I type, even drafts, going straight to any server plaintexxt... Well, it bothers me.

DC is fine here since SMF is designed to operate w/o SSL by hashing the password on the client side. They don't use SSL on their own site.

However, it's not 'fine' as to where are in society today, so it's just something to think about as the site is refactored someday.
6  Main Area and Open Discussion / Living Room / Re: 10th Anniversary - long time member check-in thread on: March 06, 2015, 11:58:37 PM
Well I think I've already spent my good will, accidentally.

Still, I wish nothing but the best for mouser and his friends. I hope you guys succeed and harbor no grudges against my dumb ass for having to say something about the lack of https by default on logins, which I guess doesn't matter much since client-side hashing is apparently done by SMF javascript.
7  Main Area and Open Discussion / Living Room / Re: Use a unique password for this site on: March 06, 2015, 11:50:10 PM
I still don't get what the big deal is, or why you're freaking out about it. It's pretty obvious that you're not going to have an encrypted connection if you don't use https.

Logins where credentials are supplied are presumed to at least have SSL encryption by industry standard.

I'm not freaking out.

If SMF hashes the password on the client side before sending it unencrypted, then you're not bad off.

But if you don't understand what I was concerned about, then you aren't trying very hard Wink. Not everyone even knows what HTTPS is.
8  Main Area and Open Discussion / Living Room / Re: Use a unique password for this site on: March 06, 2015, 11:47:28 PM
.delme. this post. or thread. I wasn't attacking you guys, but please, be reasonable, and acknowledge it as an issue that needs addressing sooner or later.
9  Main Area and Open Discussion / Living Room / Re: Use a unique password for this site on: March 06, 2015, 11:45:46 PM
BTW, I have converted my entire SMF based forum to SSL, FWIW...  Doesn't have the mods yours has, but...

EDIT: Oh, ok, if it hashes the passwords on the client side, that helps Wink
10  Main Area and Open Discussion / Living Room / Re: Use a unique password for this site on: March 06, 2015, 11:43:54 PM
@Deozaan: That is not the default address, unless maybe you use that HTTPEverywhere extension.

It defaults to HTTP.

So sorry to have brought this up. It's legit though.
11  Main Area and Open Discussion / Living Room / Re: Use a unique password for this site on: March 06, 2015, 11:30:10 PM
If I could delete this topic, I would.. so am requesting you do .. for your privacy while you fix it.
12  Main Area and Open Discussion / Living Room / Re: Use a unique password for this site on: March 06, 2015, 11:28:47 PM
Oh I feel like shit, why did I have to reveal that...

I just want to support you, please understand that. This could have come back to bite you much harder. Oh well. You are not blameless, it's your server. Keep it as secure as you want, I'll just remember no SSL here Wink
13  Main Area and Open Discussion / Living Room / Re: Use a unique password for this site on: March 06, 2015, 11:16:15 PM
Recommend you issue a statement explaining the situation (you know it in detail) and recommended guidance. Stay ahead of it. No breach happened. No damage known to be done.

EDIT: Man, I hate i mentioned this, I am just so SSL aware right now, I couldn't help it -- especially since i just had to change a bunch of passwords, because it's hard, in practice, to use a unique password on *every* site. I reserve unique ones for mission critical sites.
14  Main Area and Open Discussion / Living Room / Re: Use a unique password for this site on: March 06, 2015, 11:13:53 PM
Well, that's true, in part, but since one would HOPE that any modern server would store their passwords in hashed format, not plaintext. The purpose of the hash, as you know, is to prevent it from being reversed back to it's plaintext. Thus, if they get breached, they get no passwords.

Still, it is best practices to use different passwords, for other reasons, not that one in particular.

Please don't get defensive about this, you can delete this thread, I won't mention it again. Very sorry. Trying to help, came out wrong I guess. Wanted people to realize.
15  Main Area and Open Discussion / Living Room / Re: Use a unique password for this site on: March 06, 2015, 11:05:18 PM
Gosh, I hated to be the one to notice and report this, but how could I not?

It's no biggie, so long as your password here is not used anywhere else, which is standard procedures.

Still, I prefer 100% SSL on *all* pages. I took this bold experiment myself. It was bold because Google treats you as a new domain and the CPU overhead can increase. My results were fine, as were Google's when they did the same to all their servers a while back.
16  Main Area and Open Discussion / Living Room / Use a unique password for this site on: March 06, 2015, 10:58:29 PM
If you logout or open an ingognito tab, you may notice the login prompt in the upper left.

What you don't see is any SSL encryption.

EDIT: Since SMF hashes on the client side using javascript, you're fine, though of course all your information is still sent to the server plaintext.
17  Main Area and Open Discussion / Living Room / Re: 10th Anniversary - long time member check-in thread on: March 06, 2015, 10:28:06 PM
Oh, no, that was truly meant as courage. Agreed on leaving it as-is though. I am no farther along in socioeconomic status than you, probably you farther than me. FWIW.
18  Main Area and Open Discussion / Living Room / Re: 10th Anniversary - long time member check-in thread on: March 06, 2015, 10:20:05 PM
You know, there is something to be said for simply surviving, as an adult/site/business, for 10 years in this world.

Especially for someone who has put themselves 'out there', as mouser has.

Believe me when I say that it comes with more drawbacks than rewards, and takes true courage.
19  Main Area and Open Discussion / Living Room / Re: 10th Anniversary - long time member check-in thread on: March 06, 2015, 10:09:11 PM
Bibbity bobbidy boo
I'm currently eating a shoe
My life, it sucks
Who gives two fucks?
And with that, off you can screw
[not really but i had to rhyme]

Good thing you posted that 'not really' in small font on the next page Wink.

Life sucks for almost everyone right now. The reasons are complex.

For some, they suck more than others, but in those cases, you just have to make due with whatever unfair or unjustice was bestowed upon you. Can't wallow in it. Easier said than done, I know. Believe me.
20  Main Area and Open Discussion / Living Room / Re: 10th Anniversary - long time member check-in thread on: March 06, 2015, 09:05:26 PM
Figured I'd post this, just to remember who the real 'enemy' is. Oldie, some may have seen it, but so funny every time -- to those who get it. It really is like this (or worse in many cases).

<a href="http://www.youtube.com/watch?v=BKorP55Aqvg" target="_blank">http://www.youtube.com/watch?v=BKorP55Aqvg</a>
21  Main Area and Open Discussion / Living Room / Re: 10th Anniversary - long time member check-in thread on: March 06, 2015, 08:13:44 PM
Quote from: mouser
Server costs are still through the roof -- but changing servers is such a hassle though, and when the servers run smoothly i'm loathe to change anything..

On this, you gotta bite the bullet man. I can't tell you how many hours I've spent refactoring my server infastructure just to save costs or improve security. Sometimes I've taken a hit for it, but that's business.

If you're locked in, add up half the savings from one year, and I bet you could hire someone to 'unlock' you Wink.

Just don't go too cheap, no 'shared cloud server' crap smiley
22  Main Area and Open Discussion / Living Room / Re: 10th Anniversary - long time member check-in thread on: March 06, 2015, 08:06:05 PM
Refreshed the page and got your answers.

Also noticed that the primary login didn't seem SSL encrypted by default either! DIdn't check if I could manually do it, it should have default.

Maybe we can work something out in the future, a business arrangement that requires us to neither agree nor be friends, just produce, do the customer right, and earn a living at the same time. Who knows. I'll brainstorm.
23  Main Area and Open Discussion / Living Room / Re: 10th Anniversary - long time member check-in thread on: March 06, 2015, 07:58:25 PM
Amen. Especially when there is real evil out there ... even here in the USA. I mean, really - any differences we had, which I'l take the blame for, are pretty petty.
24  Main Area and Open Discussion / Living Room / Re: 10th Anniversary - long time member check-in thread on: March 06, 2015, 07:49:58 PM
I've always been here. My regrets are only that I couldn't do more to help mouser, because I believe his heart is purer than most, and that I made mistakes that alienated us.

I think mouser+Bitsum could do a lot together. I just wish I knew a way to make it work. I would guess mouser also has a full time job these days? Not me, I struggle by with what I can. I tried a 'stable job', turns out most corporations are crazier than anyone you'll meet in any asylum ;p.
25  DonationCoder.com Software / ProcessTamer / Re: Process Tamer and Process Lasso on: March 06, 2015, 07:44:30 PM
Oh no, not this. I hate this not because of 'competition', but because I can't be friends with a competitor. And mouser is a great person and friend.

Process Lasso is what it is. Maintained frequently, come a long way. Lots of time and energy has went into it. Lots of functions. I've made Process Lasso my sole purpose in life for 10 years. Lasso is written in C++, so is as lightweight as anything.

Mouser's Process Tamer is more narrowly focused, as he said. Better system tray notifications.

Lasso is designed in a way such that running Tamer (or similar software) along side it will not impede it's functionality, at least with default settings. I can't say the same is true for other software.
Pages: [1] 2 3 4 5 6 ... 20 Next
DonationCoder.com | About Us
DonationCoder.com Forum | Powered by SMF
[ Page time: 0.034s | Server load: 0.1 ]


Share on Facebook
submit to reddit