Comments by "XSportSeeker" (@XSpImmaLion) on "Lawrence Systems" channel.

  1. Bitwarden is quickly becoming the Signal of password managers, kudos to the team! Not trying to jinx it, just credit where it's due. xD
    22
  2. ROFL, I was also going to ask if Lawrence tested or tried Twingate, but it seems this is a very tight knit community... and I do agree with his position that it's not an open source solution. Not quite there yet but I am in the process of building a TrueNAS Scale from an old PC here, and looking up how exactly I'm going to open this up to the void... :P Might go for Tailscale or Headscale then...
    5
  3. Aegis here too! I kinda went in blind... wanted to get away from big tech companies, and wanted something open source and different to brands of other stuff I was using at the time. I had Google Authenticator, Microsoft Authenticator, and even Lastpass Authenticator in the past (dodged that bullet), but I wanted something from F-droid, and Aegis was the first one I tried. There are a few others that I hear are fine too. I hadn't even heard about the app before, so that shift was kind of a bet, but I'm glad it worked out. But yeah! Has been working perfectly since then, I've nothing to complain. The new Google Authenticator feature is pretty interesting in theory, but it's also very weird. It's... convenient to be able to store keys in the cloud and use in multiple devices, but it kinda goes countersense to the idea that ToTP is something you have on a device alone. Major thing about this type of 2FA is that it cannot be stolen online, because it's confined in one device. You have to have access to the device to get it. I guess this point has become weaker now with the whole authentication cookie problem. But then, security auditors found out that Google was transmitting and storing the whole thing in plaintext... man, that's just on a whole other level of defeating the purpose...
    4
  4. Nice, needed that info simple and easy. I'll be soon moving my drives into a new NAS-type enclosure because my old desktop isn't cutting it anymore, and this answers how to do it if I can't (and probably won't) use the SATA TrueNAS is currently in.
    2
  5. Been meaning to buy a new NAS enclosure to run TrueNAS instead of keeping using and old desktop also because of power efficiency, plus a bump in performance... but still wasn't quite there considering spinning down drives. Will see about wake on lan instead perhaps. I don't need it running all the time. Just that my old desktop is just too old. xD Intel Haswell. I did the whole stupid thing upgrading it before considering to get something new... the PSU was blown so I got a new one, procured RAM for it, got a new network card because the integrated ethernet was behaving weirdly... and then my power bill came and holy sh*t. xD
    1
  6. Thanks for sharing this, answered a lot of questions I had, I was hoping to see the vulnerability demonstrated. Crazy too. I knew session tokens could be exploited, but I didn't know it was this easy. Silly of me, I just assumed there there was something about cookies and session tokens that tied it to the machine itself so it couldn't be stolen and used elsewhere like that.... Need to rethink some stuff and take this in context now... Let me put a question up here, if anyone knows the answer and cares to share, just put it up. I'm kinda anxiously waiting for Thunderbird's redesign launch to try again to switch away from webmail. Would switching to it have interfered in any way for the Linus attack? Say if everyone there used a client like Thunderbird instead of webmail, would that have changed the scenario? Or doesn't matter at all? I dunno if Thunderbird uses something like session tokens to remain connected... There also isn't a good way to prevent this without losing the convenience of not having to login every single time, right? Like, you can block all cookies, but then you have to login everytime. Does the session token gets created anyways when you login and then you remain vulnerable to the attack as long as you are still logged in the same session?
    1
  7. Yep, different situations, different requirements, and different pros and cons. I got a tiny router/PC type thing and put OPNsense in it just to experiment a bit, I have nowhere near the requirements (or knowledge) most people here have, so much so that I'm now just considering a regular Wi-fi router running a custom version of OpenWRT to do the same job. Probably in a way that I'll just understand what is happening better. It's like, right after I got this whole project going, I got myself a portable access point, started using it, and realized how much you can already do with OpenWRT alone. So I'm kinda scaling back, and then I'll use the tiny PC for something else. Different needs.
    1