Imprint9816

@Imprint9816@lemmy.dbzer0.com

• ⁨Comment⁩ on ⁨It's time to stop using SMS, here's why!⁩ ⁨⁨3⁩ ⁨days⁩ ago⁩:

  This is a silly response to say the least but since all you wanted is have the last word and not to have an actual discussion I won’t waste time.

• ⁨Comment⁩ on ⁨It's time to stop using SMS, here's why!⁩ ⁨⁨3⁩ ⁨days⁩ ago⁩:

  If you security isn’t your top priority when it comes to where you put your money I’m not sure what we are talking about.

  I’m telling people to “git gud” but, people here choose not to do the bare minimum and then complain that the bank, their parents probably choose for them when they were children doesnt meet their needs.

• ⁨Comment⁩ on ⁨It's time to stop using SMS, here's why!⁩ ⁨⁨4⁩ ⁨days⁩ ago⁩:

  I don’t know your specific circumstance but I highly doubt you only have one option for a bank or credit union. Time to adult some shit and do your research. Complaining on Lemmy will only get you so far.

• ⁨Comment⁩ on ⁨It's time to stop using SMS, here's why!⁩ ⁨⁨1⁩ ⁨week⁩ ago⁩:

  I’m not saying its easy or convenient but users here love to complain about issues while being complicit. I just find that annoying.

• ⁨Comment⁩ on ⁨It's time to stop using SMS, here's why!⁩ ⁨⁨1⁩ ⁨week⁩ ago⁩:

  Relax homie don’t pop a blood vessel. I know it can be frustrating to realize you have to take some personal responsibility for your privacy.

  You don’t have to use a bank at all, you opt for a credit union or a host of other options.

• ⁨Comment⁩ on ⁨It's time to stop using SMS, here's why!⁩ ⁨⁨1⁩ ⁨week⁩ ago⁩:

  A bank is a choice. You can always choose a different bank.

• ⁨Comment⁩ on ⁨It's time to stop using SMS, here's why!⁩ ⁨⁨1⁩ ⁨week⁩ ago⁩:

  Doubt.

• ⁨Comment⁩ on ⁨It's time to stop using SMS, here's why!⁩ ⁨⁨1⁩ ⁨week⁩ ago⁩:

  Don’t use that bank. Why are you staying with a bank that has terrible security practices?

• ⁨Comment⁩ on ⁨It's time to stop using SMS, here's why!⁩ ⁨⁨1⁩ ⁨week⁩ ago⁩:

  Folks, it being hard to get people to switch from SMS to a more secure messaging platform is not a critique of the video.

  Everyone knows its hard, its why videos like this that explain the benefits in simple terms is a useful tool.

• ⁨Comment⁩ on ⁨Alternative Mobile Front-ends: A list of privacy-respecting front-ends to popular online services, including social media, streaming and information services. All of the options here are mobile apps⁩ ⁨⁨1⁩ ⁨week⁩ ago⁩:

  Did people just forget what a frontend is?

• ⁨Comment⁩ on ⁨Privacy Guides is Hiring⁩ ⁨⁨3⁩ ⁨months⁩ ago⁩:

  Keep up the charade, need to slim the herd before the 1st round of interviews.

• ⁨Comment⁩ on ⁨Bitwarden has launched a new authenticator app⁩ ⁨⁨9⁩ ⁨months⁩ ago⁩:

  Lol OK. Seems like its to much for you to consider you poorly communicated your point anyway.

• ⁨Comment⁩ on ⁨Bitwarden has launched a new authenticator app⁩ ⁨⁨9⁩ ⁨months⁩ ago⁩:

  I think if people read that comment and think they are being called dumb, that’s completely on them and probably a good time to look themselves in the mirror.

  Nothing wrong with the design. Its literally just making thing easier at no cost to the user.

• ⁨Comment⁩ on ⁨Bitwarden has launched a new authenticator app⁩ ⁨⁨9⁩ ⁨months⁩ ago⁩:

  “Basically then it degrades to a very strong password that can’t easily be phished.”

  I’m disagreeing with this, in that you are still (hopefully) using 2FA with your vault. Therefore whatever your accessing in that vault whether its a TOTP token or a password is still protected by MFA and not just a “very strong password”.

  Putting a TOTP token inside a vault protected by a strong password and another form of authentication is no less secure then having it be separate from the vault.

• ⁨Comment⁩ on ⁨Bitwarden has launched a new authenticator app⁩ ⁨⁨9⁩ ⁨months⁩ ago⁩:

  Not really. You still should be use MFA to access the vault itself before you can even get to the Token.

• ⁨Comment⁩ on ⁨Bitwarden has launched a new authenticator app⁩ ⁨⁨9⁩ ⁨months⁩ ago⁩:

  Yes but you would still have 2FA.

  You would still be using 2fa to access your vault. So in effect anything in that vault has more then 2 factors of authentication as it requires MFA just to get to the password.

• ⁨Comment⁩ on ⁨Bitwarden has launched a new authenticator app⁩ ⁨⁨9⁩ ⁨months⁩ ago⁩:

  Yes but you would still have 2FA.

  You would still be using 2fa to access your vault. So in effect anything in that vault has more then 2 factors of authentication as it requires MFA just to get to the password.

• ⁨Comment⁩ on ⁨Bitwarden has launched a new authenticator app⁩ ⁨⁨9⁩ ⁨months⁩ ago⁩:

  This seems more like a user issue then a security issue. If you are avoiding this feature because you have to idiot proof your security against yourself, your probably going to be compromised at some point anyway.

  This seems easily avoidable by

  1. just have the vault timeout be set low and to logout.
  2. Not leaving your password manager unlocked and unattended (wtf are you thinking lol)
• ⁨Comment⁩ on ⁨Bitwarden has launched a new authenticator app⁩ ⁨⁨9⁩ ⁨months⁩ ago⁩:

  Seems a bit odd to roll this out without having the ability to import from other authenticators. Feels like a pretty basic feature.

• ⁨Comment⁩ on ⁨Bitwarden has launched a new authenticator app⁩ ⁨⁨9⁩ ⁨months⁩ ago⁩:

  Why do you think its not safe? If you trust bitwarden to protect your passwords what exactly do you think is going to happen?

  Even if bitwarden is compromised in someway, all that data is still encrypted and would still be highly unlikely to actually be accessed.

  The only risk is if you use a bad master password. Which is the biggest risk of using a password manager regardless.

• ⁨Comment⁩ on ⁨Standard notes: what about don’t put all your eggs in one basket rule?⁩ ⁨⁨9⁩ ⁨months⁩ ago⁩:

  You seem to be avoiding the fact component, which is they have proven through audits their security is what you would want in a service that hold your data and have decided to instead rely on one instance, that has nothing to do with the issue and your own feeling of how companies operate (FUD).

• ⁨Comment⁩ on ⁨Standard notes: what about don’t put all your eggs in one basket rule?⁩ ⁨⁨9⁩ ⁨months⁩ ago⁩:

  My point is Proton did something every legit business would do.

  If your threat model is such that governments are going after you, you should be aware enough to not create an email with an IP that identifies you.

• ⁨Comment⁩ on ⁨Standard notes: what about don’t put all your eggs in one basket rule?⁩ ⁨⁨9⁩ ⁨months⁩ ago⁩:

  Not every concern is but ones where concern is based solely on fear and hypotheticals are. This all eggs in one basket line of reasoning is FUD and has no real bearing in reality.

• ⁨Comment⁩ on ⁨Standard notes: what about don’t put all your eggs in one basket rule?⁩ ⁨⁨9⁩ ⁨months⁩ ago⁩:

  Proton can see my traffic. I already know that. Any vpn provider you use could. Its not that i trust proton implicitly its that i trust them more then my ISP that would be able to see it if i did not use a vpn. Couple that with their record of audits and im not sure what else you could expect from them.

• ⁨Comment⁩ on ⁨Standard notes: what about don’t put all your eggs in one basket rule?⁩ ⁨⁨9⁩ ⁨months⁩ ago⁩:

  It doesn’t matter what is being discussed, if its about proton the email incident gets brought up. Here is the deal. No major company is going to break the law for its users. Had the activist been using proton vpn to create and access their email Proton would not have had the info they were forced to give up. The takeaway from the story is bad opsec is usually what gets people caught.

  Whether you use Proton or someone else you will need to trust that service. If you don’t trust them, don’t use them. Its that simple, no need for conjured up FUD excuses.

• ⁨Comment⁩ on ⁨Standard notes: what about don’t put all your eggs in one basket rule?⁩ ⁨⁨9⁩ ⁨months⁩ ago⁩:

  If all your eggs are encrypted, having those eggs in one basket or five doesn’t matter from a security perspective. Its the same reason you wouldn’t split up your passwords to multiple password managers.

• ⁨Comment⁩ on ⁨Standard notes: what about don’t put all your eggs in one basket rule?⁩ ⁨⁨9⁩ ⁨months⁩ ago⁩:

  “All security is porous” is FUD pure reasoning and completely disregards the security audits Proton does to make sure its not anything like lastpass.

  You are also assuming if proton was breached that it means all encrypted data would be available to the malicious party which is also extremely unlikely.

• ⁨Comment⁩ on ⁨Standard notes: what about don’t put all your eggs in one basket rule?⁩ ⁨⁨9⁩ ⁨months⁩ ago⁩:

  This whole line of thinking seems to be based on FUD more then anything else.

  There is no evidence or reason to believe some major compromise of proton will happen.

• ⁨Comment⁩ on ⁨FOSS app store for iOS?⁩ ⁨⁨10⁩ ⁨months⁩ ago⁩:

  Why? FOSS apps can still charge money. Remember its free as in freedom not free as in free beer.

• ⁨Comment⁩ on ⁨Is Proton Unlimited Worth renewing?⁩ ⁨⁨1⁩ ⁨year⁩ ago⁩:

  You may want to check out AirVPN - great port forwarding implementation.

  Long history of being privacy respecting but they don’t do audits (which is a super big deal to some).

  Just make sure to use the wireguard client as their own client kind of sucks.