Andrew Libby on 7 Jan 2017 04:54:59 -0800


[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] XKCD: Team Chat



On 1/7/17 7:43 AM, Rich Kulawiec wrote:
> On Fri, Jan 06, 2017 at 03:34:31PM -0500, Greg Helledy wrote:
>> Basically, it's a way to get you to turn over all your company's internal
>> communications and data to the people behind the Slack site?
> 
> And to anyone who hacks their site.  (The larger they become, the more
> attractive target they'll become.  The more attractive the target they
> become, the more resources will be available to attack them.  Why hack the
> communications/data of one company when you can hack 492 at once?)
> 
> And to anyone who acquires a dump of all the data from an insider.
> (If they have N staff with access to that data, then you are betting
> that N out of N of them can't be bought or blackmailed or seduced or
> tricked or anything else.  You have to win that bet N times.  You have
> to continue to win it N times as N gets larger.  An attacker only has to
> win once.)
> 

This is precisely why I don't use any of those fancy password management
services.  To my stuffs, you need to specifically attack me and break
the method I use to keep my passwords secure (gnupg).  It's less
efficient than just clicking submit in a browser with a plugin that
manages it all.

Only semi-related to the topic here is that I gave up on remembering
passwords, but at least now I use super long (16 - 32 characters) and
every password I use is different and completely random.  My experience
is that banks are the worst and reject much punctuation.  Banks....

Sorry for the topical meandering.

Andy

___________________________________________________________________________
Philadelphia Linux Users Group         --        http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion  --   http://lists.phillylinux.org/mailman/listinfo/plug