Remove ads, unlock a dark mode theme, and get other perks by upgrading your account. Experience the website the way it's meant to be.

Internet Security and Safety Guide • Page 3

Discussion in 'Technology Forum' started by aranea, Oct 11, 2016.

  1. Whatjuliansaid

    News on once the clouds are gone. Prestigious

    I hate having a windows phone. Is there anything that I can get that lets me send messages without encryptions that I haven't heard of yet?
     
  2. aranea

    Trusted Prestigious

    I know of WhatsApp, not sure about any others.
     
  3. Whatjuliansaid

    News on once the clouds are gone. Prestigious

    I could've sworn that became compromised at some point and changed.
     
  4. SmithBerryCrunch

    Trusted Prestigious

    Whatjuliansaid likes this.
  5. Whatjuliansaid

    News on once the clouds are gone. Prestigious

  6. iCarly Rae Jepsen

    run away with me Platinum

  7. armistice

    Captain Vietnam: Bestower of Tumors

    WhatsApp Retransmission Vulnerability | tobi.rocks

    Author seems kind of douchey. He is technically right, but he makes it seem significantly easier than it is and the recipient still gets notified which makes it virtually worthless as an exploit. Pretty sure WhatsApp has two-factor now as well, so, yea...WhatsApp is still way better than unencrypted SMS. It's actual biggest flaw is that it is closed-source. And again, as always, if you need the guarantee of security, speak face to face in a room with no tech.
     
    Whatjuliansaid likes this.
  8. Whatjuliansaid

    News on once the clouds are gone. Prestigious

    Is telegram a secure messaging app to use?
     
  9. armistice

    Captain Vietnam: Bestower of Tumors

    Is your new phone Windows as well? If not use Signal. There still isn't any great Windows app that I am aware of. I'd pick Threema or Sicher before Telegram though.
     
  10. Whatjuliansaid

    News on once the clouds are gone. Prestigious

    What about IM+ I read an old thread saying that's okay. My friend told me telegram has a backdoor so I'm gonna uninstall it. I've heard of threema, will check it out.

    And yea, it's just a newer one that I had laying around but at least it's battery is removable. Hopefully I can upgrade soon or I might just start using an old android one of my parents has if I really need it.

    Appreciate the tips, if you do hear of anything good let me know.
     
  11. armistice

    Captain Vietnam: Bestower of Tumors

    Looks like adware to me haha. Idk I've never heard of it. I'd probably avoid it. When in doubt:

    Comparison of instant messaging clients - Wikipedia

    Green is good. Red is bad. Without getting into the cryptography you kind of just have to balance how much you want a feature and how much you like the daily use of the app. Something completely uncrackable until the end of time is still only going to be used by weirdos if it's front end is a bash shell.
     
    Whatjuliansaid likes this.
  12. Whatjuliansaid

    News on once the clouds are gone. Prestigious

    I really need to take a class on this stuff sometime, I'll trust your opinion on what you suggested though. I really don't need much other than to send basic texts though, other features are just perks.
     
  13. armistice

    Captain Vietnam: Bestower of Tumors

    Don't spend money on it. Anyone looking to get into tech should use the internet. Comp sci teachers are some of the worst teachers I ever had. There's plenty of open courses or just...youtube. Depends on what you're interested in. Modern cryptography is hard to talk about because it's an intersection of mathematics, data processing algorithms, information theory, and to a somewhat lesser degree electronic engineering all within the contexts of security and anonymity. But again, it just depends where you feel compelled to learn. It just takes the will and the time.
     
    Whatjuliansaid and Jason Tate like this.
  14. aranea

    Trusted Prestigious

    armistice likes this.
  15. CarolLA78

    Newbie

    Looks like this might be hotting up in cyberspace, this was an interesting piece on the chances of being hacked. Anyone else feel we are living in interesting/worrying times?
     
  16. devenstonow

    Noobie

    meh, chances of being hacked aren't really going up, it's just that it's all more visible/in the public eye more.


    good password + 2FA wherever you can is pretty much all you need
     
  17. gurlytech1

    Newbie

    Most definitely. My yahoo account was a relic but I think the worst part about that situation was Yahoo not disclosing the hack for many years after. Who wouldn't feel violated? Privacy is a huge concern. If it's not our bank accounts it's our email? Worrying times indeed.
     
  18. aranea

    Trusted Prestigious

    armistice likes this.
  19. CarolLA78

    Newbie


    Yeah privacy is on my mind as well, in part due to hacks and also due to recent world events.

    I've been reading up on it, anyone tried anything like this Best VPNs For Privacy - Secure Thoughts?
     
  20. aranea

    Trusted Prestigious

     
  21. Whatjuliansaid

    News on once the clouds are gone. Prestigious

    So it's safe to use what'sapp again and the backdoor thing was bs?
     
  22. aranea

    Trusted Prestigious

  23. Jason Tate Feb 25, 2017
    (Last edited: Feb 25, 2017)
    It's weird how this is being reported. Like, that github just puts every site that uses any version or part of CloudFlare in a document (including this one), and we weren't affected at all (I confirmed this with CloudFlare themselves). So, that seems very misrepresentative of the actual scale. And, even if someone directly had access to the database here, they couldn't get anyone's password anyway. I have fun with password-based KDF.

    More info for those curious:
    Incident report on memory leak caused by Cloudflare parser bug
     
    lightning13 likes this.
  24. armistice

    Captain Vietnam: Bestower of Tumors

    Yea the vuln is essentially a MitM attack. SSL/TLS payloads could be read by attackers, but if the security of the data wasn't dependent on SSL/TLS then security is preserved.

    Also yes it was super weird. Like the first response by CF seemed like they were blaming Google. It looked like it was going to be a clusterfuck for a bit there. The SHA-1 collision story has much wider implications. I'm guessing there are a lot of business-critical IPSEC tunnels out there still using it.
     
    lightning13 and Jason Tate like this.