urashid

About

Username
urashid
Joined
Visits
96
Last Active
Roles
member
Points
221
Badges
0
Posts
128

Reactions

151Like0Dislike14Informative

  • New MacBook Air threatens both MacBook and MacBook Pro with Function Keys

    urashidurashid
    It seems like a lot of commenters here think 12" MacBook should be cheaper because they give more importance to specs, computing power, expansion options, etc.

    But there is another category of people who choose MB because it is smaller, lighter, cooler, quieter, and frankly, "cuter."  They actually prefer a computer that is less computer-y and more a work of art.  And they don't mind paying more for that.

    As Andy Rooney once said, "It has recently come to my attention that when you don't want something in something, it costs extra." :)
    dewmemacplusplusrandominternetperson

  • Apple Watch Series 4: Should you upgrade?

    urashidurashid
    I have a Series 0, so pretty much a no brainer if I base it on features/specs. However, my Apple Watch still meets all my needs and looks great. Tough decision. In reality, if I do upgrade, it will be for the looks. The polished stainless steel, the display, the watchfaces not available on the older watch.
    watto_cobra

  • Inside iOS 12: AutoFill gives password manager apps on your iPhone a big boost

    urashidurashid
    @Soli, sorry for having triggered you but I would think that an ex-NASA engineer (I am referring to Randall Monroe, author of XKCD) probably knows a little bit (no pun intended) about computers and cryptography.  However, let me try to answer your concerns:

    1) I don't have 500 passcodes, you must use a lot more websites than I do. (A quick check of my password manager shows 126 logins. You win.)

    2) In cryptography, everybody uses bits, not characters.  If someone is trying guess your password, sure they think in terms of characters.  But if someone is trying to use computing power to break your password, they are only thinking in terms of bits.  And there are millions more of this kind.

    3) You said the magic phrase, "password complexity."
    I wish I could somehow convince you that just making passwords more complex does not make them more secure (in fact, they can work against security concerns because of how humans handle complexity).

    I know you won't take my word for it, but maybe you have more regard for NIST?


    (Oh look, they have the same graphic from xkcd.  Sorry, my bad :wink: ).

    StrangeDays

  • Inside iOS 12: AutoFill gives password manager apps on your iPhone a big boost

    urashidurashid
    Soli said:
    urashid said:
    One more tip:  Never store actual passwords in password managers.  Only store clear hints that make sense to you but cannot be deciphered by others.  Its a dangerous world out there, take care of your secrets.
    How do you create hints for randomly generated 64-character passcodes?
    This is another myth that randomly generated passcodes are somehow more secure.  As xkcd 936 explains, "Through 20 years of effort, we've successfully trained everyone to use passwords that are hard for humans to remember but easy for computers to guess"





    StrangeDayswatto_cobra

  • Inside iOS 12: AutoFill gives password manager apps on your iPhone a big boost

    urashidurashid
    Tribruin said:
    urashid said:
    I must be in the minority, but i never use password autofill or understand why people use it.  So if someone is able to get into my device, suddenly they have access to ALL my logins?  It Seems like such a breach of security protocol.

    So how do remember individual passwords for every site you visit? If you aren't using a password managers, you likely using either weak passwords, or re-using passwords over and over again. Chance are you are less secure than someone using a password manage. 

    For someone to access my passwords (I use 1Password), they would have to know my computer password (or iPhone PIN) PLUS my 1Password master password. Good luck with that. Even Keychain is not as secure. While it does prompt for a password (or FaceID/TouchID authentication), it is using the same authentication as my computer/phone. 1Password is a separate authentication process. 
    Please re-read my answer and tell where I said I don't use password managers.  I am talking about the autofill feature that everyone is raving about.  I find that to be a major breach of security protocol.

    And it's not just a matter of someone breaking into your computer.  There are dozens of exploits that leverage autofill to siphon off user information. Here is a Quora answer from an AgileBits (maker of 1Password) employee which begins with "If you are using a password manager with automatic auto-fill, switch off that behavior. It is a (mis)feature that is dangerous and is actively being exploited."


    One more tip:  Never store actual passwords in password managers.  Only store clear hints that make sense to you but cannot be deciphered by others.  Its a dangerous world out there, take care of your secrets.

    SpamSandwich