Linked by Howard Fosdick on Sat 10th Nov 2012 07:28 UTC
Bugs & Viruses If you want to ensure you have adequate passwords but don't have the time or interest to study the topic, there's a useful basic article on how to devise strong passwords over at the NY Times. It summarizes key points in 9 simple rules of thumb. Also see the follow-up article for useful reader feedback. Stay safe!
Thread beginning with comment 542277
To view parent comment, click here.
To read all comments associated with this story, please click here.
RE[20]: make 'm long
by kwan_e on Tue 13th Nov 2012 08:41 UTC in reply to "RE[19]: make 'm long"
kwan_e
Member since:
2007-02-18

Clearly you haven't a fucking clue what you're talking about if that's the conclusion you came to.


I haven't a fucking clue what you were talking about because you kept switching back and forth between theoretical and actual attacks.

Reply Parent Score: 2

RE[21]: make 'm long
by Laurence on Tue 13th Nov 2012 11:46 in reply to "RE[20]: make 'm long"
Laurence Member since:
2007-03-26

I haven't a f--king clue what you were talking about because you kept switching back and forth between theoretical and actual attacks.

I never did such thing.

You were the one playing devils advocate with theoretical attacks on the method I was suggesting to generate passwords and kept responding why such attacks don't currently exist.

I always focused on attacks that are already in use today - and you'd know that if you bothered to read the f--king links I provided.

so don't you even dare blame me because you're too technologically inept to hold even the most basic conversation on pen testing. After all, you said yourself you're ignorant to such matters at the start of this discussion - pity you didn't stop to listen to someone more experienced than yourself instead of acting like a prick.

But, at least I should be grateful as it's egotistical novices like yourself that keep me employed - and trust me when I say that I get paid well to fix the f--k ups that you pseudo-techies make ;)

Edited 2012-11-13 11:50 UTC

Reply Parent Score: 2

RE[21]: make 'm long
by Laurence on Tue 13th Nov 2012 12:48 in reply to "RE[20]: make 'm long"
Laurence Member since:
2007-03-26

I probably should apologize for the crappy tone of me recent posts. But in all seriousness, the confusion is entirely at your end. You kept confusing the different stages of the process and raising hypothetical arguments of attacks (which you're somehow now blaming me for?)

If you did a little research into this you'd see the circular arguments you keep raising, and then when you started accusing me of the above, well it's no wonder I lost my temper.

I'm sure you've had similar arguments with people where they've failed to grasp basic concepts then accused you of switching contexts because they were incapable of wrapping their heads around the basic theory you were trying to outline.

You don't strike me as unintelligent, so this clearly isn't beyond you; however the arguments you raise made little sense. So I really do suggest you do a little reading up on security blogs (and I mean ones written by respected pen testers - there's a lot of idiots out there who publish grossly misleading (and often down right inaccurate) information). It's scary just how sophisticated some attacks are (which is why I'm a huge advocate of using key based systems to do away with passwords; and using automatic firewalling for the few systems that are dependent on password authentication).

Even just outside of my main job, I do some freelance consultancy and it's pretty alarming just how many servers are exposed to easy attacks due to the administrators running default config (eg no adaptive firewalling, chroot sandboxing, user separation, insecure daemon defaults (eg server tokens enabled in apache) and running local daemon listener on 0.0.0.0).

Security is quite an in-depth and highly specific subject, so it grinds my gears when bad / outdated advice is given so publicly, or when good advice is ignored (particularly if it appears to be ignored purely out of pride).

Anyway, rant over ;)

Reply Parent Score: 2