this post was submitted on 01 Dec 2021
17 points (100.0% liked)

Technology

34874 readers
47 users here now

This is the official technology community of Lemmy.ml for all news related to creation and use of technology, and to facilitate civil, meaningful discussion around it.


Ask in DM before posting product reviews or ads. All such posts otherwise are subject to removal.


Rules:

1: All Lemmy rules apply

2: Do not post low effort posts

3: NEVER post naziped*gore stuff

4: Always post article URLs or their archived version URLs as sources, NOT screenshots. Help the blind users.

5: personal rants of Big Tech CEOs like Elon Musk are unwelcome (does not include posts about their companies affecting wide range of people)

6: no advertisement posts unless verified as legitimate and non-exploitative/non-consumerist

7: crypto related posts, unless essential, are disallowed

founded 5 years ago
MODERATORS
top 23 comments
sorted by: hot top controversial new old
[–] greensand@lemmy.ml 4 points 2 years ago (1 children)

Yeah, writing down your password on a piece of paper can be safer than in an (unencrypted) text file, as long as you hide it well enough

[–] SrEstegosaurio@lemmy.ml 2 points 2 years ago (2 children)

I bet that a piece of paper on your home is way more secure than a password stored in plain text

[–] Helix@feddit.de 3 points 2 years ago

yes, that is what they said.

[–] Zerush@lemmy.ml 1 points 2 years ago (2 children)

In this point Windows is more secure, because it stores the password encrypted in the HD in a second Keyring, most Linux stored them in plain text. Anyway, a current mistake is to use 12345 as password in all accounts.

[–] eyeballkid@lemmy.ml 1 points 2 years ago (1 children)

Nowadays most (maybe all) linux distributions use etc/shadow for passwords - passwords are encrypted, not plaintext.

[–] Zerush@lemmy.ml 1 points 2 years ago (2 children)

You can easy test it, go to your browser settings, to passwords and click on "See password". Doing this in Windows, it opens a Pop-up where you must put the system password before you can see the passwords stored. In last Linux I used (Kubuntu), I could see the passwords directly. Well, it was some time ago, maybe this has changed in last distros.

[–] sacredbirdman@lemmy.ml 1 points 2 years ago (1 children)

If you use Firefox, password manager stores its data encrypted (not in plain text). You can also turn on the master password requirement if you like.

[–] Zerush@lemmy.ml 1 points 2 years ago

Same in all other browsers, in Windows it's encrypted anyway in a second keyring, but the lack is, that, when they create a random password, you can't recover it in case of lost or the HD/PC goes to Valhalla. Same with all other password Manager (I know) Better and more secure to trust in a simple papernote or in your memory.

[–] eyeballkid@lemmy.ml 1 points 2 years ago (1 children)

I thought you were just writing about system passwords. I don't save website passwords in my browser - but I'm glad that windows users have a more secure option to do so.

[–] Zerush@lemmy.ml 0 points 2 years ago (1 children)

Yes, Microsoft is certainly an oligopoly that abuses its position with sometimes unethical practices and Windows by default is full of all kinds of spyware and not very respectful of user privacy (although with a little knowledge you can disable these bad habits), but in point security is impeccable and perhaps one of the most secure OS currently. Apparently MS has learned a lot from the past, precisely because it is the main target of the attacks as the majority OS is. The defenses he currently incorporates are among the best on the market.

[–] eyeballkid@lemmy.ml 1 points 2 years ago (1 children)

It makes sense that they would need to do so, given the end-user idiocy mentioned in your other comments on this post. I know plenty of technical users of Windows, but I also know everyone else in my life who uses Windows - the technically savvy users are a rounding error.

[–] Zerush@lemmy.ml 1 points 2 years ago

I think, that has nothing to do with the OS they use. A user with a basic tecnical knowledge can be secure in every OS, the user without isn't in none of them.

[–] racketlauncher831@lemmy.ml 1 points 2 years ago

Linux store what in plain text???

[–] poVoq@lemmy.ml 4 points 2 years ago (2 children)

Some good and some bad advise, but don't fall for the anti-virus shilling. The author works for SophosLabs and the article is hidden advertisement for anti-virus software.

Most anti-virus are snake-oil that increase and not decrease your risk and many are also collecting and selling your private data.

[–] Helix@feddit.de 2 points 2 years ago (1 children)

Most home users need Antivirus, though, since they don't know how to administrate their PC properly. Many download random stuff from the internet and don't think twice about executing, in fact they happily click away all warnings multiple times.

[–] poVoq@lemmy.ml 2 points 2 years ago

An up to date Windows with Windows Defender is sufficient for that though... or rather no amount of anti-virus is going to solve that problem.

In addition there have been several documented attacks that specifically used anti-virus features like automatic scanning of email attachments that would have been impossible without this additional software with deep system access.

[–] blank_sl8@lemmy.ml 1 points 2 years ago

Antivirus on Windows can stop real threats.

[–] Zerush@lemmy.ml 4 points 2 years ago (1 children)

All this of a secure Password, 2FA, VPN, AV etc. does not work, while

1 the user lacks common sense, as this is the largest security hole.

2 if the user has an account in a software or service that sells his data to third parties (surveillance advertising), which is the methode of most US softcompanies to create money, also FOSS.

3 thinking that exist 100% privacy and security if you goes online.

[–] Helix@feddit.de 3 points 2 years ago (1 children)

1 the user lacks common sense, as this is the largest security hole.

what we as top 5% IT professionals call "common sense" is completely different from what a "I'm not a computer person" person would call common sense.

[–] Zerush@lemmy.ml 1 points 2 years ago (1 children)

Seen in the Web

"I'm going to open this attachment in my mail, surely nothing happens"

"My 300 friends on Facebook are sure to rejoice, when I tell them that tomorrow I will travel to the Bahamas on vacation"

"Die of Envy, here the photo of my new home in....."

"I'm going to upload a photocopy of my ID and credit card to Google, so that I can watch this age restricterd video on YouTube".

"Call me in this number seen in my last post"

And worse

It is one thing to not be an IT specialist and another to not be an idiot.

[–] Helix@feddit.de 1 points 2 years ago

It is one thing to not be an IT specialist and another to not be an idiot.

Most people are idiots, by that measure.

[–] powerbling@lemmy.ml 3 points 2 years ago

Thanks, grat read!

[–] hello_lebbit@lemmy.ml 2 points 2 years ago

A pretty kekful read, might install a paid antivirus later idk