Miscellaneous Tech News
-
@Dashrender said in Miscellaneous Tech News:
@mlnews said in Miscellaneous Tech News:
Hackers breach Quora.com and steal password data for 100 million users
Other stolen personal data includes names, email addresses, and direct messages.
Brace yourself for yet another massive data breach. Quora.com, a site where people ask and answer questions on a range of topics, said hackers breached its computer network and accessed a variety of potentially sensitive personal data for about 100 million users.
Man - we really need to move to a system that doesn't require websites to have any private data on them, or at least very little.
I really hope SQRL takes hold - getting rid of at least the password would be a great start.
I've heard of SQRL before. It's an interesting concept if nothing else...
https://www.grc.com/sqrl/sqrl.htm has a good explanation of it. -
@dafyre said in Miscellaneous Tech News:
@Dashrender said in Miscellaneous Tech News:
@mlnews said in Miscellaneous Tech News:
Hackers breach Quora.com and steal password data for 100 million users
Other stolen personal data includes names, email addresses, and direct messages.
Brace yourself for yet another massive data breach. Quora.com, a site where people ask and answer questions on a range of topics, said hackers breached its computer network and accessed a variety of potentially sensitive personal data for about 100 million users.
Man - we really need to move to a system that doesn't require websites to have any private data on them, or at least very little.
I really hope SQRL takes hold - getting rid of at least the password would be a great start.
I've heard of SQRL before. It's an interesting concept if nothing else...
https://www.grc.com/sqrl/sqrl.htm has a good explanation of it.Steve Gibson has been working on it for I don't know how many years now. While he's not the greatest person to take security advice from, he's an excellent programmer with a large support base which should eventually release a great tool in SQRL.
-
@travisdh1 said in Miscellaneous Tech News:
@dafyre said in Miscellaneous Tech News:
@Dashrender said in Miscellaneous Tech News:
@mlnews said in Miscellaneous Tech News:
Hackers breach Quora.com and steal password data for 100 million users
Other stolen personal data includes names, email addresses, and direct messages.
Brace yourself for yet another massive data breach. Quora.com, a site where people ask and answer questions on a range of topics, said hackers breached its computer network and accessed a variety of potentially sensitive personal data for about 100 million users.
Man - we really need to move to a system that doesn't require websites to have any private data on them, or at least very little.
I really hope SQRL takes hold - getting rid of at least the password would be a great start.
I've heard of SQRL before. It's an interesting concept if nothing else...
https://www.grc.com/sqrl/sqrl.htm has a good explanation of it.Steve Gibson has been working on it for I don't know how many years now. While he's not the greatest person to take security advice from, he's an excellent programmer with a large support base which should eventually release a great tool in SQRL.
Purely out of curiosity, what makes us feel he is a great programmer? That's pretty hard to judge even when a programmer works for you, let alone from the outside. Have you been to his website? Doesn't give a "real programmer" feel to it.
Dont' get me wrong, he might be amazing. But just from looking at his career and what his company has produced, none of it is necessarily tied to him. It's hard to tell if he's even been a programmer himself post 1980. He owns a company that makes software. Or at least founded it. But you can't tell if he's programming it.
-
@scottalanmiller said in Miscellaneous Tech News:
@travisdh1 said in Miscellaneous Tech News:
@dafyre said in Miscellaneous Tech News:
@Dashrender said in Miscellaneous Tech News:
@mlnews said in Miscellaneous Tech News:
Hackers breach Quora.com and steal password data for 100 million users
Other stolen personal data includes names, email addresses, and direct messages.
Brace yourself for yet another massive data breach. Quora.com, a site where people ask and answer questions on a range of topics, said hackers breached its computer network and accessed a variety of potentially sensitive personal data for about 100 million users.
Man - we really need to move to a system that doesn't require websites to have any private data on them, or at least very little.
I really hope SQRL takes hold - getting rid of at least the password would be a great start.
I've heard of SQRL before. It's an interesting concept if nothing else...
https://www.grc.com/sqrl/sqrl.htm has a good explanation of it.Steve Gibson has been working on it for I don't know how many years now. While he's not the greatest person to take security advice from, he's an excellent programmer with a large support base which should eventually release a great tool in SQRL.
Purely out of curiosity, what makes us feel he is a great programmer? That's pretty hard to judge even when a programmer works for you, let alone from the outside. Have you been to his website? Doesn't give a "real programmer" feel to it.
He's had lots of code freely available for longer than I can remember, go review it.
Ah, the website. Being a good programmer doesn't mean you're a good designer/artist. I'm with you on the website, it's just sad.
-
@travisdh1 said in Miscellaneous Tech News:
@scottalanmiller said in Miscellaneous Tech News:
@travisdh1 said in Miscellaneous Tech News:
@dafyre said in Miscellaneous Tech News:
@Dashrender said in Miscellaneous Tech News:
@mlnews said in Miscellaneous Tech News:
Hackers breach Quora.com and steal password data for 100 million users
Other stolen personal data includes names, email addresses, and direct messages.
Brace yourself for yet another massive data breach. Quora.com, a site where people ask and answer questions on a range of topics, said hackers breached its computer network and accessed a variety of potentially sensitive personal data for about 100 million users.
Man - we really need to move to a system that doesn't require websites to have any private data on them, or at least very little.
I really hope SQRL takes hold - getting rid of at least the password would be a great start.
I've heard of SQRL before. It's an interesting concept if nothing else...
https://www.grc.com/sqrl/sqrl.htm has a good explanation of it.Steve Gibson has been working on it for I don't know how many years now. While he's not the greatest person to take security advice from, he's an excellent programmer with a large support base which should eventually release a great tool in SQRL.
Purely out of curiosity, what makes us feel he is a great programmer? That's pretty hard to judge even when a programmer works for you, let alone from the outside. Have you been to his website? Doesn't give a "real programmer" feel to it.
He's had lots of code freely available for longer than I can remember, go review it.
Did YOU review it? If not, what's the basis for the claim?
And you are sure it's his, not his company's?
-
"Sure" meaning... it has his name on it, not just something his company released?
-
@scottalanmiller said in Miscellaneous Tech News:
@travisdh1 said in Miscellaneous Tech News:
@scottalanmiller said in Miscellaneous Tech News:
@travisdh1 said in Miscellaneous Tech News:
@dafyre said in Miscellaneous Tech News:
@Dashrender said in Miscellaneous Tech News:
@mlnews said in Miscellaneous Tech News:
Hackers breach Quora.com and steal password data for 100 million users
Other stolen personal data includes names, email addresses, and direct messages.
Brace yourself for yet another massive data breach. Quora.com, a site where people ask and answer questions on a range of topics, said hackers breached its computer network and accessed a variety of potentially sensitive personal data for about 100 million users.
Man - we really need to move to a system that doesn't require websites to have any private data on them, or at least very little.
I really hope SQRL takes hold - getting rid of at least the password would be a great start.
I've heard of SQRL before. It's an interesting concept if nothing else...
https://www.grc.com/sqrl/sqrl.htm has a good explanation of it.Steve Gibson has been working on it for I don't know how many years now. While he's not the greatest person to take security advice from, he's an excellent programmer with a large support base which should eventually release a great tool in SQRL.
Purely out of curiosity, what makes us feel he is a great programmer? That's pretty hard to judge even when a programmer works for you, let alone from the outside. Have you been to his website? Doesn't give a "real programmer" feel to it.
He's had lots of code freely available for longer than I can remember, go review it.
Did YOU review it? If not, what's the basis for the claim?
Some of it, yes. Been years ago now, when I actually knew enough about assembly to know what I was doing.
And you are sure it's his, not his company's?
The two are the same thing. He's to much of a control freak to run a company larger than he can control everything at. Gibson Research Corporation consists of less than 5 people (I don't remember the exact count.)
-
@travisdh1 said in Miscellaneous Tech News:
The two are the same thing. He's to much of a control freak to run a company larger than he can control everything at. Gibson Research Corporation consists of less than 5 people (I don't remember the exact count.)
That really means nothing good. Two main things...
- Control Freak doesn't make someone good at anything, it makes one unable to scale.
- No amount of your perception of him as being a bad businessman or manager really means that the code of his people reflects his ability to code, that's a misconception of coding.
So basically, we have no reason to feel he is good or bad at programming, and likely no reason to believe that he is or isn't actively programming. Basically we know nothing about the situation, just like any normal programmer, and shouldn't assign him great credit purely based on being famous.
-
@scottalanmiller said in Miscellaneous Tech News:
@travisdh1 said in Miscellaneous Tech News:
The two are the same thing. He's to much of a control freak to run a company larger than he can control everything at. Gibson Research Corporation consists of less than 5 people (I don't remember the exact count.)
That really means nothing good. Two main things...
- Control Freak doesn't make someone good at anything, it makes one unable to scale.
- No amount of your perception of him as being a bad businessman or manager really means that the code of his people reflects his ability to code, that's a misconception of coding.
So basically, we have no reason to feel he is good or bad at programming, and likely no reason to believe that he is or isn't actively programming. Basically we know nothing about the situation, just like any normal programmer, and shouldn't assign him great credit purely based on being famous.
I'll grant you that I went back and edited a previous post... I have looked at his code, and his code is good. I agree that everything else he has done is all trading on being well known, I'd argue it's well short of being famous tho.
-
@travisdh1 said in Miscellaneous Tech News:
@scottalanmiller said in Miscellaneous Tech News:
@travisdh1 said in Miscellaneous Tech News:
@scottalanmiller said in Miscellaneous Tech News:
@travisdh1 said in Miscellaneous Tech News:
@dafyre said in Miscellaneous Tech News:
@Dashrender said in Miscellaneous Tech News:
@mlnews said in Miscellaneous Tech News:
Hackers breach Quora.com and steal password data for 100 million users
Other stolen personal data includes names, email addresses, and direct messages.
Brace yourself for yet another massive data breach. Quora.com, a site where people ask and answer questions on a range of topics, said hackers breached its computer network and accessed a variety of potentially sensitive personal data for about 100 million users.
Man - we really need to move to a system that doesn't require websites to have any private data on them, or at least very little.
I really hope SQRL takes hold - getting rid of at least the password would be a great start.
I've heard of SQRL before. It's an interesting concept if nothing else...
https://www.grc.com/sqrl/sqrl.htm has a good explanation of it.Steve Gibson has been working on it for I don't know how many years now. While he's not the greatest person to take security advice from, he's an excellent programmer with a large support base which should eventually release a great tool in SQRL.
Purely out of curiosity, what makes us feel he is a great programmer? That's pretty hard to judge even when a programmer works for you, let alone from the outside. Have you been to his website? Doesn't give a "real programmer" feel to it.
He's had lots of code freely available for longer than I can remember, go review it.
Did YOU review it? If not, what's the basis for the claim?
Some of it, yes. Been years ago now, when I actually knew enough about assembly to know what I was doing.
And you are sure it's his, not his company's?
The two are the same thing. He's to much of a control freak to run a company larger than he can control everything at. Gibson Research Corporation consists of less than 5 people (I don't remember the exact count.)
I think today it's 3 - Steve and two people who handle support for SpinRite (mostly through email). I'm also guessing these two are likely part time.
-
@scottalanmiller said in Miscellaneous Tech News:
@travisdh1 said in Miscellaneous Tech News:
The two are the same thing. He's to much of a control freak to run a company larger than he can control everything at. Gibson Research Corporation consists of less than 5 people (I don't remember the exact count.)
That really means nothing good. Two main things...
- Control Freak doesn't make someone good at anything, it makes one unable to scale.
- No amount of your perception of him as being a bad businessman or manager really means that the code of his people reflects his ability to code, that's a misconception of coding.
So basically, we have no reason to feel he is good or bad at programming, and likely no reason to believe that he is or isn't actively programming. Basically we know nothing about the situation, just like any normal programmer, and shouldn't assign him great credit purely based on being famous.
I can't comment on how good or bad he is at programming - though I've had zero issues with any of his utilities.
His website - yep, he sucks at web design, and doesn't care enough to hire someone to make something nice. That said - so many sites today I think are just shit - so much crap out there in WP-land.As for - does he program - well, he claims he's the one doing in on his show, so assuming he's not lieing, we have that.
-
@Dashrender said in Miscellaneous Tech News:
That said - so many sites today I think are just shit - so much crap out there in WP-land.
.You aren't seriously comparing random WP sites to that, though. C'mon, it's ridiculous. Not casual "I just used a WP template" ridiculous, it's astoundingly bad. To the point, I'm not convinced he's in business. I think, from looking at the products on the site, that he gave up years ago on the company and just does podcasts and stuff.
-
@Dashrender said in Miscellaneous Tech News:
As for - does he program - well, he claims he's the one doing in on his show, so assuming he's not lieing, we have that.
I'm not looking for more than that. But needed at least him to have stated that he programs, rather than it being purely an assumption.
So many people call Steve Jobs a great programmer - but he never claimed to be and didn't have the first clue how to program.
-
-
@dafyre said in Miscellaneous Tech News:
@Dashrender said in Miscellaneous Tech News:
@mlnews said in Miscellaneous Tech News:
Hackers breach Quora.com and steal password data for 100 million users
Other stolen personal data includes names, email addresses, and direct messages.
Brace yourself for yet another massive data breach. Quora.com, a site where people ask and answer questions on a range of topics, said hackers breached its computer network and accessed a variety of potentially sensitive personal data for about 100 million users.
Man - we really need to move to a system that doesn't require websites to have any private data on them, or at least very little.
I really hope SQRL takes hold - getting rid of at least the password would be a great start.
I've heard of SQRL before. It's an interesting concept if nothing else...
https://www.grc.com/sqrl/sqrl.htm has a good explanation of it.The idea is awesome - but does have one huge drawback - making the end user ultimately responsible for their credentials. i.e. if you lose the top most key in the chain (think of it like a root CA's top most private key) then that identity is also lost.
From the tidbits he's talked about on the show - it seems like SRQL will make an original key - that will be used to make a child key, the original key will be printed/written down/etc, then deleted from the device.
In the case where you lose control of your child key, you use the original key to make a new child key, and because they share the same parent key, previously authenticated sites can follow the chain and setup the new public key for you at their site based on the new child key.
And on and on and on...
Steve's biggest issue in my opinion (with regards to SQRL) is that he's not releasing it until he thinks it's perfect - that whole 'first impression' thing. I guess I can see that a bit, I guess only time will tell if that was worth waiting for.
-
@scottalanmiller said in Miscellaneous Tech News:
@Dashrender said in Miscellaneous Tech News:
That said - so many sites today I think are just shit - so much crap out there in WP-land.
.You aren't seriously comparing random WP sites to that, though. C'mon, it's ridiculous. Not casual "I just used a WP template" ridiculous, it's astoundingly bad. To the point, I'm not convinced he's in business. I think, from looking at the products on the site, that he gave up years ago on the company and just does podcasts and stuff.
I think he stopped caring what the site looked like back in the 90's sure. I think nothing more than that. Frankly - I am surprised that Leo, his cohost, hasn't said something about the old style of the site.
Steve also hates JavaScript (is that the write way to type that?) His current site is done in all CSS, which he believes (or at least did in the past) was more secure and safe for end users. JavaScript itself isn't unsafe - it's just so fraking powerful, etc, etc... so don't read to much into my comment here - it's mostly my interpretation, and I leave plenty of room to not be representing him correctly.
-
@scottalanmiller said in Miscellaneous Tech News:
@Dashrender said in Miscellaneous Tech News:
As for - does he program - well, he claims he's the one doing in on his show, so assuming he's not lieing, we have that.
I'm not looking for more than that. But needed at least him to have stated that he programs, rather than it being purely an assumption.
So many people call Steve Jobs a great programmer - but he never claimed to be and didn't have the first clue how to program.
Awww - yeah, Steve Gibson claims to be coding regularly, specifically on SQRL - and eventually on SpinRite again.
-
@Dashrender said in Miscellaneous Tech News:
The idea is awesome - but does have one huge drawback - making the end user ultimately responsible for their credentials. i.e. if you lose the top most key in the chain (think of it like a root CA's top most private key) then that identity is also lost.
I will have to 100% agree with you here. We all know users are wonderful about backing things up and keeping them in secure places, right?
-
@Dashrender said in Miscellaneous Tech News:
Steve's biggest issue in my opinion (with regards to SQRL) is that he's not releasing it until he thinks it's perfect - that whole 'first impression' thing. I guess I can see that a bit, I guess only time will tell if that was worth waiting for.
There are some test implementations out there. I checked the Play store and there's a couple of SQRL apps that supposedly will work in that manner.
I think eventually, it's a good way to go. For IT folks -- or users that are comfortable with making good backups and keeping important things securely, it has potential now, if it would get some adoption behind it.
-
Apple Issues Security Fixes Across Mac, iOS