Re: Chaniging focus: security ouitside a password manager

On 03/04/18 01:07, rhkra...@gmail.com wrote: > the plaintext passwords would > disappear from RAM (except to the extent that (iiuc) there are (NSA) ways to > recover the contents of RAM if power is restored to the machine fairly > quickly). I'm not sure you actually need to be the NSA for

Re: install archived debian from minimal / network-console image

On Tue, Apr 3, 2018 at 12:11 PM, basti wrote: > hello, i need to install debian squeeze because newer versions have > different errors for example bug #699667. That particular bug is fixed in jessie and later. If you have any other issues, please report bugs about them. > kernel 3.16 and newer

LXC/systemd log messages

Hi all, I'm seeing lots of these on my containers: systemd[1]: .(service|slice|scope|mount): Failed to reset devices.list: Operation not permitted Searching the web reveals similar problems with unprivileged containers, but mine are (as far as I know) privileged; I haven't really investigated

install archived debian from minimal / network-console image

hello, i need to install debian squeeze because newer versions have different errors for example bug #699667. kernel 3.16 and newer had problems with sata bus and no hdd was found. i can't found a download link for kernel 3.8.12-1 in a debian version. my question is, what is the right url for

Re: Chaniging focus: security ouitside a password manager (was: Re: Password Manager opinions and recommendations)

Am 02. Apr, 2018 schwätzte rhkra...@gmail.com so: moin moin, Just continuing to think (or maybe not think ;-) about password managers / password security, changing the focus slightly (I think) but keeping the same thread. I'm now thinking about the security (or vulnurability) of passwords

Re: Chaniging focus: security ouitside a password manager

rhkra...@gmail.com writes: >* during copy and paste operations, the plaintext password could > remain on the C "stack". thus making it vulnurable: Some notes: > > (1) I've read about at least one password manager that, somehow, > deletes the plaintext password from the copy and paste

Re: Invalid UTF-8 byte? (was: Re: utf)

Hi, On Mon, 2 Apr 2018 08:37:54 -0400 rhkra...@gmail.com wrote: > A few weeks ago, I was looking for a byte that, in UTF-8, would be a > totally invalid byte (not an invalid sequence of bytes). At the time, > I tried some googling, but it looked rather hopeless (maybe it was my > googling that

Re: changing local domain name

On Sat 31 Mar 2018 at 19:40:02 (+0100), Joe wrote: > On Sat, 31 Mar 2018 10:15:48 -0500 > David Wright wrote: > > > On Sat 31 Mar 2018 at 12:35:08 (+0100), Joe wrote: > > > > > > If you lease a public domain name, there is no real > > > difficulty about using it also

Re: utf

On 02/04/18 19:39, Andre Majorel wrote: On 2018-04-02 08:00 +1200, Ben Caradoc-Davies wrote: Why? UTF (especially UTF-8) is vastly superior for all purposes: I wouldn't say that. UTF-8 breaks a number of assumptions. For instance, 1) every character has the same size, 2) every byte sequence is

Re: What is the universal (world wide) understanding behind degaussing harddisks?

On 03/04/18 02:08, Roberto C. Sánchez wrote: Also, the ATA enhanced erase is, as far as I know, the best option for wiping an SSD. +1. It may also erase things like reserved space and bad blocks that are not visible via the block device and thus immune to shred. ATA security erase is the

Re: Re: Módulo Banco do Brasil não funfa

Marcelo, boa tarde. Os telefones estão no site http://www.bb.com.br/pbb/pagina-inicial/atendimento/canais-de-atendimento#/ Segue anexo o print. []'s Em 2 de abril de 2018 08:52, Marcelo Laia escreveu: > De fato, com o Debian Burst não rola. Por um descuido, exclui

Re: What is the universal (world wide) understanding behind degaussing harddisks?

Michael Stone writes: > The main reasons to look at degaussing or other methods of destruction > are 1) for extremely sensitive data, 2) for drives which are broken > (it's quite possible for something to be too broken to overwrite, but > not too broken to extract data) or 3) because it's >

Re: Unknown Systemd version

On Mon 02 Apr 2018 at 18:16:15 (+0200), Laurent Lyaudet wrote: > I'm using Stretch. I do security updates daily. > On 29th of march, I had an update for systemd : > > 2018-03-29 21:53:53 startup archives unpack > 2018-03-29 21:53:59 upgrade libsystemd0:amd64 232-25+deb9u2 232-25+deb9u3 >

Re: Invalid UTF-8 byte? (was: Re: utf)

Thanks, again, to Henrique and tomas for the followups! On Monday, April 02, 2018 02:40:55 PM to...@tuxteam.de wrote: > On Mon, Apr 02, 2018 at 03:18:38PM -0300, Henrique de Moraes Holschuh wrote:

Re: Invalid UTF-8 byte? (was: Re: utf)

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Mon, Apr 02, 2018 at 08:40:55PM +0200, to...@tuxteam.de wrote: > On Mon, Apr 02, 2018 at 03:18:38PM -0300, Henrique de Moraes Holschuh wrote: > > On Mon, 02 Apr 2018, rhkra...@gmail.com wrote: > > > The wikipedia article is rather interesting, in a

Re: All of my enoX interfaces are mapped to eth0

On Mon 02 Apr 2018 at 11:34:40 (-0400), David Parker wrote: > I don't normally set IP addresses on interfaces which I know to be offline, > so perhaps my methodology here was flawed. In this case, I set IP > addresses on eno2, eno3, and eno4 to test whether or not they were actually > discrete

Re: Invalid UTF-8 byte? (was: Re: utf)

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Mon, Apr 02, 2018 at 03:18:38PM -0300, Henrique de Moraes Holschuh wrote: > On Mon, 02 Apr 2018, rhkra...@gmail.com wrote: > > The wikipedia article is rather interesting, in a quick skim, I learned > > some > > interesting things about UTF-8,

Re: Chaniging focus: security ouitside a password manager (was: Re: Password Manager opinions and recommendations)

Thanks to tomas, Roberto, and likcoras! All good points! I'm embarrassed to admit that I hadn't thought (at least to the best of my recent recollection) of the need to encrypt swap--that's something I'll want to deal with soon. On Monday, April 02, 2018 09:15:08 AM to...@tuxteam.de wrote: >

Re: Invalid UTF-8 byte? (was: Re: utf)

On Mon, 02 Apr 2018, rhkra...@gmail.com wrote: > The wikipedia article is rather interesting, in a quick skim, I learned some > interesting things about UTF-8, especially the property of self- > synchronization. Yes, UTF-8 is a brilliant design. > I had trouble reading that large table--but if

Re: Re: Módulo Banco do Brasil não funfa

De fato, com o Debian Burst não rola. Por um descuido, exclui alguns arquivos da /var/log (nunca façam isso, use o logrotate) e o sistema não deu boot. Tive que instalar do zero (formatei a partição /). Instalei o warsaw e não sobe com o root. # uname -a Linux marcelo 4.15.0-2-amd64 #1 SMP Debian

Re: What is the universal (world wide) understanding behind degaussing harddisks?

Curt writes: > I guess the only means of verifying whether your data has been > effectively destroyed is by attempting to recover it; as the > threat-scenarios spoken about here (by individuals) generally posit > attackers (corporate or governmental) with more resources at their > disposal than

Re: Invalid UTF-8 byte? (was: Re: utf)

Thanks to tomas and Henrique! The wikipedia article is rather interesting, in a quick skim, I learned some interesting things about UTF-8, especially the property of self- synchronization. I had trouble reading that large table--but if I simply take the red boxes at face value, maybe there are

Re: What is the universal (world wide) understanding behind degaussing harddisks?

On Monday, April 02, 2018 09:40:40 AM Turritopsis Dohrnii Teo En Ming wrote: > The foremost question which I want to ask is, what is the universal > (world wide) understanding behind degaussing hard drives? ... > All these was last Friday. In the midst of our argument over the > cellular network

Re: What is the universal (world wide) understanding behind degaussing harddisks?

On Mon, Apr 02, 2018 at 05:10:41PM +, Curt wrote: I took a hammer once to an old hard drive; frankly, I don't know whether I killed it or not. But they don't call 'em "hard" drives for nothin', I'll tell ya that. The hammer method is far more satisfying with glass platters. :)

Re: What is the universal (world wide) understanding behind degaussing harddisks?

On Mon, Apr 02, 2018 at 11:23:29AM -0500, John Hasler wrote: The equipment required for degaussing isn't very special (though it *does* require an AC magnet). You need to match the strength of the equipment to the media in use. Modern hard disks need fairly strong fields to fully erase, and

Re: Unknown Systemd version

On 2018-04-02 18:16 +0200, Laurent Lyaudet wrote: > I'm using Stretch. I do security updates daily. > On 29th of march, I had an update for systemd : > I checked that there was no security update for Systemd. > Moreover, if I look at one package in particular, let's say libsystemd0, > the update

Re: What is the universal (world wide) understanding behind degaussing harddisks?

On 2018-04-02, John Hasler wrote: > Mike Stone writes: >> Degaussing a hard drive will render it inoperative. It's also >> relatively hard to do/requires special equipment. (Just waving a >> refrigerator magnet around isn't going to do it.) > > The equipment required for

Fwd: Invitación Lección Magistral de Jesús M. González Barahona - Fuenlabrada, 6.4 a las 19:00

Hola. Reevío esta información por si hay algún interesado que esté cerca del sitio donde se realizará este evento y pueda aprovecharlo. Saludos. Mensaje reenviado Asunto: Invitación Lección Magistral de Jesús M. González Barahona - Fuenlabrada, 6.4 a las 19:00

Unknown Systemd version

Hello, I'm using Stretch. I do security updates daily. On 29th of march, I had an update for systemd : 2018-03-29 21:53:53 startup archives unpack 2018-03-29 21:53:59 upgrade libsystemd0:amd64 232-25+deb9u2 232-25+deb9u3 2018-03-29 21:53:59 status triggers-pending libc-bin:amd64 2.24-11+deb9u3

Re: What is the universal (world wide) understanding behind degaussing harddisks?

Mike Stone writes: > Degaussing a hard drive will render it inoperative. It's also > relatively hard to do/requires special equipment. (Just waving a > refrigerator magnet around isn't going to do it.) The equipment required for degaussing isn't very special (though it *does* require an AC

Re: apt{-cache,-get,itude} show wrong version of package after update

On Mon 02 Apr 2018 at 10:53:07 (+0200), Jean-Baptiste Thomas wrote: > The reason why it failed is that it looked for Packages.xz which > did not exist on my mirror. The reason why my mirror did not > have a Packages.xz file is that it was made with the version of > debmirror in Debian 8, which

Re: What is the universal (world wide) understanding behind degaussing harddisks?

Degaussing a hard drive will render it inoperative. It's also relatively hard to do/requires special equipment. (Just waving a refrigerator magnet around isn't going to do it.) Degaussing should be understood as a final step before discarding equipment. (And, for what it's worth, it's not a

Re: All of my enoX interfaces are mapped to eth0

I don't normally set IP addresses on interfaces which I know to be offline, so perhaps my methodology here was flawed. In this case, I set IP addresses on eno2, eno3, and eno4 to test whether or not they were actually discrete interfaces, or if they were all somehow mapped to the one interface

Re: What is the universal (world wide) understanding behind degaussing harddisks?

On Mon, Apr 02, 2018 at 09:40:40PM +0800, Turritopsis Dohrnii Teo En Ming wrote: > Good evening from Singapore! > > The foremost question which I want to ask is, what is the universal > (world wide) understanding behind degaussing hard drives? > [Snip long and entertaining problem description] >

Re: Chaniging focus: security ouitside a password manager

On 04/02/2018 10:07 PM, rhkra...@gmail.com wrote: >* during copy and paste operations, the plaintext password could remain on > the C "stack". thus making it vulnurable: Some notes: This is a semi-valid concern, depends on your usage patterns. For example, some browsers may expose a JS API

Re: trabalho, por que você usa Debian?

Bom dia, Uso o debian desktop (trabalho e pessoal) e servidores pela estabilidade e pela simplicidade dos repositórios, uma vez que somente com os mirror's contrib, main e non-free(infelizmente), ou seja, 3 linhas e vc tem um S.O. funcional. Para aqueles que querem as últimas versões tem o

What is the universal (world wide) understanding behind degaussing harddisks?

Good evening from Singapore! The foremost question which I want to ask is, what is the universal (world wide) understanding behind degaussing hard drives? I work for No Secrets Agency (NSA) Pte Ltd (fictitious company name used). My sales manager Edward Joseph Snowden (fictitious individual name

Re: utf

On Mon, Apr 02, 2018 at 07:43:23AM +, Curt wrote: > The thought provoked in my neurological matter was why there are other > locales at all if UTF8 (the locale of this here .homie machine, BTW) is > "vastly superior for all purposes". > > That leaves no purposes remaining whatsoever for the

Re: Chaniging focus: security ouitside a password manager (was: Re: Password Manager opinions and recommendations)

On Mon, Apr 02, 2018 at 09:07:16AM -0400, rhkra...@gmail.com wrote: > > The first two situations that come to mind include: > >* during copy and paste operations, the plaintext password could remain on > the C "stack". thus making it vulnurable: Some notes: > > (1) I've read about

Re: Chaniging focus: security ouitside a password manager (was: Re: Password Manager opinions and recommendations)

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Mon, Apr 02, 2018 at 09:07:16AM -0400, rhkra...@gmail.com wrote: > Just continuing to think (or maybe not think ;-) about password managers / [...] I don't know of the others (I never felt the need for a PW manager myself) but... >* during

Chaniging focus: security ouitside a password manager (was: Re: Password Manager opinions and recommendations)

Just continuing to think (or maybe not think ;-) about password managers / password security, changing the focus slightly (I think) but keeping the same thread. I'm now thinking about the security (or vulnurability) of passwords during "normal" usage--I mean, I'm thinking about the times when

Re: Invalid UTF-8 byte? (was: Re: utf)

On Mon, 02 Apr 2018, rhkra...@gmail.com wrote: > A few weeks ago, I was looking for a byte that, in UTF-8, would be a totally > invalid byte (not an invalid sequence of bytes). At the time, I tried some > googling, but it looked rather hopeless (maybe it was my googling that was > hopeless).

Re: Invalid UTF-8 byte? (was: Re: utf)

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Mon, Apr 02, 2018 at 08:37:54AM -0400, rhkra...@gmail.com wrote: > On Monday, April 02, 2018 03:39:05 AM Andre Majorel wrote: > > > Why? UTF (especially UTF-8) is vastly superior for all purposes: > > I wouldn't say that. UTF-8 breaks a number of

Invalid UTF-8 byte? (was: Re: utf)

On Monday, April 02, 2018 03:39:05 AM Andre Majorel wrote: > > Why? UTF (especially UTF-8) is vastly superior for all purposes: > I wouldn't say that. UTF-8 breaks a number of assumptions. For > instance, > 1) every character has the same size, > 2) every byte sequence is a valid character, A few

Re: utf

On 02/04/18 19:43, Curt wrote: > The thought provoked in my neurological matter was why there are other > locales at all if UTF8 (the locale of this here .homie machine, BTW) is > "vastly superior for all purposes". There's more to the locale than the character set - things like default language,

Re: apt{-cache,-get,itude} show wrong version of package after update

>> What I'd like to know now is : what prevents apt-get from >> downloading the Packages file from the mirror ? Wget can ! > > Move all the files out of /var/lib/apt/lists/ so that apt-get update > has to download fresh copies. That should get you back on track. > > By all means take the

Multitasca suau quan es copien fitxers

No sé si és cosa de Debian en concret, però m'ha semblat que amb Debian (i no amb Ubuntu), quan copies un gran volum de dades a una memòria USB, mentrestant la interfície d'escriptori no respon bé, és a dir que al ratolí se li encalla el moviment, i s'encallen totes les tasques de les aplicacions

Re: utf

On 2018-04-01, Cindy-Sue Causey wrote: > On 4/1/18, Ben Caradoc-Davies wrote: >> On 02/04/18 02:05, mess-mate wrote: >>> howto change the system utf to eu character set ? >> >> Why? UTF (especially UTF-8) is vastly superior for all purposes: >>

Re: utf

On 2018-04-02 08:00 +1200, Ben Caradoc-Davies wrote: > On 02/04/18 02:05, mess-mate wrote: > >howto change the system utf to eu character set ? > > Why? UTF (especially UTF-8) is vastly superior for all purposes: I wouldn't say that. UTF-8 breaks a number of assumptions. For instance, 1) every