Miscellaneous Tech News
-
New Windows 10 build silences Cortana, brings passwordless accounts
The latest Insider build of Windows 10, 18309, expands the use of a thing that Microsoft has recently introduced: passwordless Microsoft accounts. It's now possible to create a Microsoft account that uses a one-time code delivered over SMS as its primary authenticator, rather than a conventional password.
-
Huawei debuts yet another MacBook-looking laptop: The $999 Matebook 13
It's less powerful but more portable and affordable than the Matebook X Pro.
The 13-inch, 2160×1440 touchscreen reaches up to 300 nits in brightness, and it has a 3:2 aspect ratio, reducing the amount of scrolling you'll have to do. Huawei called out the notebook's 14.9mm thickness, its 88-percent screen-to-body ratio, and how it's about 6 percent smaller than the new MacBook Air. That difference is negligible to me and will likely be to many others as well. In the short time I had with the Matebook 13, it seemed to be a well-made, thin, and relatively light device, weighing 2.8 pounds.
-
@mlnews said in Miscellaneous Tech News:
Huawei debuts yet another MacBook-looking laptop: The $999 Matebook 13
It's less powerful but more portable and affordable than the Matebook X Pro.
The 13-inch, 2160×1440 touchscreen reaches up to 300 nits in brightness, and it has a 3:2 aspect ratio, reducing the amount of scrolling you'll have to do. Huawei called out the notebook's 14.9mm thickness, its 88-percent screen-to-body ratio, and how it's about 6 percent smaller than the new MacBook Air. That difference is negligible to me and will likely be to many others as well. In the short time I had with the Matebook 13, it seemed to be a well-made, thin, and relatively light device, weighing 2.8 pounds.
How has Huawei not been sued out of the US if they are infringing on Apple's design so much?
/s -
@scottalanmiller said in Miscellaneous Tech News:
@Dashrender said in Miscellaneous Tech News:
I don't expect to see the price drop much in the future. They want to a be a high end only type device, like Lexus or Rolex (don't bash me and say those aren't high end brands).
Want to be and are aren't the same things, though.
Well - it's more in the eye of the consumer than anyone - and the consumer is currently saying they are pretty top notch, they are (or at least were) saying it based on sales.
Time will tell if they maintain it or not.
-
@DustinB3403 said in Miscellaneous Tech News:
New Windows 10 build silences Cortana, brings passwordless accounts
The latest Insider build of Windows 10, 18309, expands the use of a thing that Microsoft has recently introduced: passwordless Microsoft accounts. It's now possible to create a Microsoft account that uses a one-time code delivered over SMS as its primary authenticator, rather than a conventional password.
yeah - now it's evey easier to hack people.
And apparently the NIST has been bought off to reduce their stance on SMS 2FA
https://blog.vasco.com/authentication/sms-authentication/ -
@Dashrender no one said it was a stepped improvement. They also have biometrics (face, fingerprint) as well as pin options.
They are working to remove the password complexity requirement and put something else in place of it.
-
Which ideally if they could come up with a Correct Horse Shoe Battery Staple algorithm and generate random passwords based on dictionary words they likely would be better off.
But how can one trust that the computer and ISO isn't compromised at installation time or to make sure that algorithm hasn't been cracked. . .
-
@DustinB3403 said in Miscellaneous Tech News:
Which ideally if they could come up with a Correct Horse Shoe Battery Staple algorithm and generate random passwords based on dictionary words they likely would be better off.
But how can one trust that the computer and ISO isn't compromised at installation time or to make sure that algorithm hasn't been cracked. . .
Secure boot and hash verification.
-
@JaredBusch said in Miscellaneous Tech News:
@DustinB3403 said in Miscellaneous Tech News:
Which ideally if they could come up with a Correct Horse Shoe Battery Staple algorithm and generate random passwords based on dictionary words they likely would be better off.
But how can one trust that the computer and ISO isn't compromised at installation time or to make sure that algorithm hasn't been cracked. . .
Secure boot and hash verification.
That was my point, the solution already exists. But no one has implemented said algorithm in their systems.
-
People don't want to use generated passwords if they can avoid it.
The push OTP is an awesome idea - my only criticism was they pushing to SMS, and not the app.
-
@Dashrender said in Miscellaneous Tech News:
People don't want to use generated passwords if they can avoid it.
The push OTP is an awesome idea - my only criticism was they pushing to SMS, and not the app.
Well the issue is that a password generated by a person generally just sucks. If the process of passwords were to be changed, one such option would be to use randomly generated passwords like CHSBS.
-
@DustinB3403 said in Miscellaneous Tech News:
@Dashrender said in Miscellaneous Tech News:
People don't want to use generated passwords if they can avoid it.
The push OTP is an awesome idea - my only criticism was they pushing to SMS, and not the app.
Well the issue is that a password generated by a person generally just sucks. If the process of passwords were to be changed, one such option would be to use randomly generated passwords like CHSBS.
That's great - I suppose you could force people to use the passwords that systems make for them - not allowing them to change them to something that the user themself's want. That just means they'll write it down and potentially write it directly on the computer - I guess the hackers can't read it at least.
-
@Dashrender and to that same point, how many times has a user changed their password only to forget it and need it changed again. Or write it down when they change it and have arbitrary requirements like in the CHSBS example?
-
@DustinB3403 said in Miscellaneous Tech News:
@Dashrender and to that same point, how many times has a user changed their password only to forget it and need it changed again. Or write it down when they change it and have arbitrary requirements like in the CHSBS example?
I'm all for getting rid of passwords - just don't use SMS as a part of the fix.
-
@Dashrender said in Miscellaneous Tech News:
@DustinB3403 said in Miscellaneous Tech News:
@Dashrender and to that same point, how many times has a user changed their password only to forget it and need it changed again. Or write it down when they change it and have arbitrary requirements like in the CHSBS example?
I'm all for getting rid of passwords - just don't use SMS as a part of the fix.
I like using Chrome's built-in password manager and generator. So long as you can use Chrome, you don't need to know the password. If you need to know it, you can always go in and check.
-
I use lastpass for almost everything. It's nice for things like websites, but it would be a pain for things like computer logins.
-
@Donahue said in Miscellaneous Tech News:
I use lastpass for almost everything. It's nice for things like websites, but it would be a pain for things like computer logins.
As far as I know, nothing works for computers logins - at least regarding an automated way to enter the information.
Pulling the info out of Lastpass is generally easy enough though - I get it on my phone when I'm not at my own computer.
-
@Donahue said in Miscellaneous Tech News:
I use lastpass for almost everything. It's nice for things like websites, but it would be a pain for things like computer logins.
I use KeePass for personal stuff and LastPass at work. For work, it's fine and has functionality which is great for work. But personally I couldn't use it as it's solely accessible from a browser.
KeePass I can access from my phone, desktop, laptop tablet and pretty much everything else.
-
@DustinB3403 said in Miscellaneous Tech News:
@Donahue said in Miscellaneous Tech News:
I use lastpass for almost everything. It's nice for things like websites, but it would be a pain for things like computer logins.
I use KeePass for personal stuff and LastPass at work. For work, it's fine and has functionality which is great for work. But personally I couldn't use it as it's solely accessible from a browser.
KeePass I can access from my phone, desktop, laptop tablet and pretty much everything else.
I use Lastpass from my phone - there's an app.
Assuming you're in a GUI on your desktop - what do you care if you're using the browser or a native app?
-
@Dashrender said in Miscellaneous Tech News:
@DustinB3403 said in Miscellaneous Tech News:
@Donahue said in Miscellaneous Tech News:
I use lastpass for almost everything. It's nice for things like websites, but it would be a pain for things like computer logins.
I use KeePass for personal stuff and LastPass at work. For work, it's fine and has functionality which is great for work. But personally I couldn't use it as it's solely accessible from a browser.
KeePass I can access from my phone, desktop, laptop tablet and pretty much everything else.
I use Lastpass from my phone - there's an app.
Assuming you're in a GUI on your desktop - what do you care if you're using the browser or a native app?
Just functionality wise it feels like it's lacking.