Re: OK, I'll Try This Again. Locksmith Wanted (wifi).
It's called 1 Password. And it works!!! On Apr 27, 1:49 pm, Tina K. penguir...@gmail.com wrote: On 2011/04/27 10:12, Len Gerstel so eloquently wrote: And, to make this more topical, how much better of a password is: gre5^#$dkl(dfdlq!94NdKRlfl‡Ò˝vt456wy^^9G53MJUlo0!! as a password vs: P4ssW0rD Well if there is any such thing as a 'leet speak' dictionary attack, the former is a much better password than the latter. Tina -- iMac 20 USB 2 1.25GHz G4 2GB RAM GeForceFX5200 Ultra 64MB VRAM 10.4.11 PB G4 15 HR-DLSD 1.67GHz G4 2GB RAM Radeon 9700 128MB VRAM 10.4.11 Mac Pro Mid-2010 2.8 GHz QC 6 GB RAM Radeon HD 5770 1GB VRAM 10.6.7 -- You received this message because you are a member of G-Group, a group for those using G3, G4, and G5 desktop Macs - with a particular focus on Power Macs. The list FAQ is at http://lowendmac.com/lists/g-list.shtml and our netiquette guide is at http://www.lowendmac.com/lists/netiquette.shtml To post to this group, send email to g3-5-list@googlegroups.com For more options, visit this group at http://groups.google.com/group/g3-5-list
Re: OK, I'll Try This Again. Locksmith Wanted (wifi).
On Apr 26, 5:35 pm, Bruce Johnson john...@pharmacy.arizona.edu wrote: Hey look! 8-) it's sn0w1ng Macintoshes outside! is AS SECURE as anything RPG will generate, because while it's true that a truly random password string is more secure against cracking, the passphrase chosen is secure enough. And more importantly, I NEVER need to write it down The bestest, mostest random password RPG will ever give you is USELESS if the method of cracking in doesn't involve cracking the password, but a social engineering attack, a MITM attack, a keylogger, etc. Far too many people fetishize long, random passwords as teh shizzle of computer security, when they're not (and there's not a whole lot of evidence that they've been all that good at preventing compromise in the first place, mainly because of the human element). Yep. From my user perspective -- every time a system forces me to have a long randomized password, it guarantees that I have written it down on a little yellow sticky somewhere.If it forces me to change passwords every few weeks, it triples the likelihood that the password is scribbled down somewhere next to one of my desks. Jeff Walther -- You received this message because you are a member of G-Group, a group for those using G3, G4, and G5 desktop Macs - with a particular focus on Power Macs. The list FAQ is at http://lowendmac.com/lists/g-list.shtml and our netiquette guide is at http://www.lowendmac.com/lists/netiquette.shtml To post to this group, send email to g3-5-list@googlegroups.com For more options, visit this group at http://groups.google.com/group/g3-5-list
Re: OK, I'll Try This Again. Locksmith Wanted (wifi).
On Apr 27, 2011, at 11:59 AM, t...@io.com wrote: On Apr 26, 5:35 pm, Bruce Johnson john...@pharmacy.arizona.edu wrote: Hey look! 8-) it's sn0w1ng Macintoshes outside! is AS SECURE as anything RPG will generate, because while it's true that a truly random password string is more secure against cracking, the passphrase chosen is secure enough. And more importantly, I NEVER need to write it down Far too many people fetishize long, random passwords as teh shizzle of computer security, when they're not (and there's not a whole lot of evidence that they've been all that good at preventing compromise in the first place, mainly because of the human element). Yep. From my user perspective -- every time a system forces me to have a long randomized password, it guarantees that I have written it down on a little yellow sticky somewhere.If it forces me to change passwords every few weeks, it triples the likelihood that the password is scribbled down somewhere next to one of my desks. And, to make this more topical, how much better of a password is: gre5^#$dkl(dfdlq!94NdKRlfl‡Ò˝vt456wy^^9G53MJUlo0!! as a password vs: P4ssW0rD When someone hacks into the Sony Playstation Network and steals 77 million, yes 77,000,000 user names, passwords, security questions, addresses, birth dates and possibly CC information. Not to mention all the other large scale hacks recently. -- You received this message because you are a member of G-Group, a group for those using G3, G4, and G5 desktop Macs - with a particular focus on Power Macs. The list FAQ is at http://lowendmac.com/lists/g-list.shtml and our netiquette guide is at http://www.lowendmac.com/lists/netiquette.shtml To post to this group, send email to g3-5-list@googlegroups.com For more options, visit this group at http://groups.google.com/group/g3-5-list
Re: OK, I'll Try This Again. Locksmith Wanted (wifi).
On Wed, Apr 27, 2011 at 12:12 PM, Len Gerstel lgers...@gmail.com wrote: And, to make this more topical, how much better of a password is: gre5^#$dkl(dfdlq!94NdKRlfl‡Ò˝vt456wy^^9G53MJUlo0!! as a password vs: P4ssW0rD When someone hacks into the Sony Playstation Network and steals 77 million, yes 77,000,000 user names, passwords, security questions, addresses, birth dates and possibly CC information. Not to mention all the other large scale hacks recently. I am confused. Why would the Sony Playstation Network have the password to anyone's Wi-Fi router? The only place I use a ridiculously long, sorta random password is my router Wi-Fi. Mostly because I'm never ever going to enter it again after I set things up. :-) But to each their own. It's your data network whatever ... -irrational john -- You received this message because you are a member of G-Group, a group for those using G3, G4, and G5 desktop Macs - with a particular focus on Power Macs. The list FAQ is at http://lowendmac.com/lists/g-list.shtml and our netiquette guide is at http://www.lowendmac.com/lists/netiquette.shtml To post to this group, send email to g3-5-list@googlegroups.com For more options, visit this group at http://groups.google.com/group/g3-5-list
Re: OK, I'll Try This Again. Locksmith Wanted (wifi).
On 2011/04/27 10:12, Len Gerstel so eloquently wrote: And, to make this more topical, how much better of a password is: gre5^#$dkl(dfdlq!94NdKRlfl‡Ò˝vt456wy^^9G53MJUlo0!! as a password vs: P4ssW0rD Well if there is any such thing as a 'leet speak' dictionary attack, the former is a much better password than the latter. Tina -- iMac 20 USB 2 1.25GHz G4 2GB RAM GeForceFX5200 Ultra 64MB VRAM 10.4.11 PB G4 15 HR-DLSD 1.67GHz G4 2GB RAM Radeon 9700 128MB VRAM 10.4.11 Mac Pro Mid-2010 2.8 GHz QC 6 GB RAM Radeon HD 5770 1GB VRAM 10.6.7 -- You received this message because you are a member of G-Group, a group for those using G3, G4, and G5 desktop Macs - with a particular focus on Power Macs. The list FAQ is at http://lowendmac.com/lists/g-list.shtml and our netiquette guide is at http://www.lowendmac.com/lists/netiquette.shtml To post to this group, send email to g3-5-list@googlegroups.com For more options, visit this group at http://groups.google.com/group/g3-5-list
Re: OK, I'll Try This Again. Locksmith Wanted (wifi).
On 2011/04/26 12:26, Yersinia so eloquently wrote: So there IS an easy way to name and secure my little network? If so, I would greatly appreciate it if one of you wifi locksmiths could provide me with step-by-step instructions. Here is the equipment list: Router: US Robotics MAXg, Model 5461. Computers: 1. G4 Quicksilver 867. Tiger 10.4.11. This is the one I use the most to go online. It picksup from the downstairs router using a Belkin 54g USB Network Adapter/Ralink Wireless Utility driver, version 1.2.8.0u. (Note to Kris Tilford: I saw your posts about this awhile back, but I didn't then, and still do not need or want to upgrade it.) 2. G3/800 iBook. Tiger 10.4.11, has built in Airport. I use this to go online a lot and may soon possibly be using it online as much or more than the QS. 3. G4 1.5 GHz Mac Mini. Tiger 10.4.2. I usually don't go online with this machine (it's my dedicated Sims Box), but it does have built-in Airport and on infrequent occasions I do pop open Dashboard (to look at the weather widget) or Safari for a quick informational surf to a Sims forum. 4. My BF's work PC laptop (running Windoze XP) also needs to be able to occasionally join. There is also a small but definite possibility I may play with trying to get my pre-OS X Macs in on it, so it would be NICE if this would work between 7.5.5 and 9.2.2. If you download the manual for your router it should have instructions for password protecting your network (or maybe you have a printed manual?). IIRC the classic Mac OS' only support 802.11b and WEP encryption, which as previously mentioned is less secure than WPA but better than nothing. Tina -- iMac 20 USB 2 1.25GHz G4 2GB RAM GeForceFX5200 Ultra 64MB VRAM 10.4.11 PB G4 15 HR-DLSD 1.67GHz G4 2GB RAM Radeon 9700 128MB VRAM 10.4.11 Mac Pro Mid-2010 2.8 GHz QC 6 GB RAM Radeon HD 5770 1GB VRAM 10.6.7 -- You received this message because you are a member of G-Group, a group for those using G3, G4, and G5 desktop Macs - with a particular focus on Power Macs. The list FAQ is at http://lowendmac.com/lists/g-list.shtml and our netiquette guide is at http://www.lowendmac.com/lists/netiquette.shtml To post to this group, send email to g3-5-list@googlegroups.com For more options, visit this group at http://groups.google.com/group/g3-5-list
Re: OK, I'll Try This Again. Locksmith Wanted (wifi).
On Apr 26, 2011, at 11:26 AM, Yersinia wrote: So there IS an easy way to name and secure my little network? If so, I would greatly appreciate it if one of you wifi locksmiths could provide me with step-by-step instructions. Here is the equipment list: Router: US Robotics MAXg, Model 5461. USR has a nice easy-peasy tutorial here: http://www.usr.com/support/5461/5461-ug/tutor8.html Just select the defaults of WPA2 and WPA (PSK), and TKIP AES. Choose a good passphrase mixing letters and numbers: Hey it's sn0w1ng Macintoshes outside! Voila' all done. Now on each of your macs and pcs tell them to forget the connection and re-establish it, entering the passphrase as above. Your old OS 9 machines may work, but 8 and 7 probably not. Use a wired connection for those. It means you need to be within about 100 meters (cable run) of the router. Unless your name is Trump, this is a limitation you're unlikely to reach in the typical dwelling :-) -- Bruce Johnson University of Arizona College of Pharmacy Information Technology Group Institutions do not have opinions, merely customs -- You received this message because you are a member of G-Group, a group for those using G3, G4, and G5 desktop Macs - with a particular focus on Power Macs. The list FAQ is at http://lowendmac.com/lists/g-list.shtml and our netiquette guide is at http://www.lowendmac.com/lists/netiquette.shtml To post to this group, send email to g3-5-list@googlegroups.com For more options, visit this group at http://groups.google.com/group/g3-5-list
Re: OK, I'll Try This Again. Locksmith Wanted (wifi).
On Apr 26, 2011, at 3:39 PM, Bruce Johnson wrote: On Apr 26, 2011, at 12:23 PM, peterh...@cruzio.com wrote: Just select the defaults of WPA2 and WPA (PSK), and TKIP AES. Choose a good passphrase mixing letters and numbers: Hey it's sn0w1ng Macintoshes outside! OTOH, use a passphrase which is a substring of an instance of a Gibson Research Corporation pseudo-random number generator output. A single call to GRC's p-RNG will give you enough characters for: 1) the SSID, 2) the WPA passphrase, and 3) the router password. All adding vastly more complexity without increasing the security one little bit. In fact, nonsense like this usually REDUCES security, because it guarantees that the password gets written down somewhere. IMO, this is security theatre, not security. I have relatively easy (1 and a half steps up from password but not a whole lot more) as the setup on my router. FWIW, I have that info taped to the top of my router at home. If someone is already inside my house with evil intent (bwwaahhahaha), having my router's password taped to it is the least of my worries. Len And, no, it can not be seen from outside. -- You received this message because you are a member of G-Group, a group for those using G3, G4, and G5 desktop Macs - with a particular focus on Power Macs. The list FAQ is at http://lowendmac.com/lists/g-list.shtml and our netiquette guide is at http://www.lowendmac.com/lists/netiquette.shtml To post to this group, send email to g3-5-list@googlegroups.com For more options, visit this group at http://groups.google.com/group/g3-5-list
Re: OK, I'll Try This Again. Locksmith Wanted (wifi).
On 2011/04/26 13:39, Bruce Johnson so eloquently wrote: On Apr 26, 2011, at 12:23 PM,peterh...@cruzio.com wrote: Just select the defaults of WPA2 and WPA (PSK), and TKIP AES. Choose a good passphrase mixing letters and numbers: Hey it's sn0w1ng Macintoshes outside! OTOH, use a passphrase which is a substring of an instance of a Gibson Research Corporation pseudo-random number generator output. A single call to GRC's p-RNG will give you enough characters for: 1) the SSID, 2) the WPA passphrase, and 3) the router password. All adding vastly more complexity without increasing the security one little bit. In fact, nonsense like this usually REDUCES security, because it guarantees that the password gets written down somewhere. It doesn't have to be complex. Using a random generator such as RPG and an *encrypted* password repository such as Pastor, PasswordWallet, Keychain Access, 1Password, etc… provides good security without having to resort to memorizing or writing them down. Granted Pastor's RC4 encryption algorhythem isn't the strongest in the world, but it is free and should be sufficient unless you are trying to protect national security data. Tina -- iMac 20 USB 2 1.25GHz G4 2GB RAM GeForceFX5200 Ultra 64MB VRAM 10.4.11 PB G4 15 HR-DLSD 1.67GHz G4 2GB RAM Radeon 9700 128MB VRAM 10.4.11 Mac Pro Mid-2010 2.8 GHz QC 6 GB RAM Radeon HD 5770 1GB VRAM 10.6.7 -- You received this message because you are a member of G-Group, a group for those using G3, G4, and G5 desktop Macs - with a particular focus on Power Macs. The list FAQ is at http://lowendmac.com/lists/g-list.shtml and our netiquette guide is at http://www.lowendmac.com/lists/netiquette.shtml To post to this group, send email to g3-5-list@googlegroups.com For more options, visit this group at http://groups.google.com/group/g3-5-list
Re: OK, I'll Try This Again. Locksmith Wanted (wifi).
On 4/26/11 3:03 PM, Bruce Johnson wrote: On Apr 26, 2011, at 11:26 AM, Yersinia wrote: So there IS an easy way to name and secure my little network? If so, I would greatly appreciate it if one of you wifi locksmiths could provide me with step-by-step instructions. Here is the equipment list: Router: US Robotics MAXg, Model 5461. USR has a nice easy-peasy tutorial here: http://www.usr.com/support/5461/5461-ug/tutor8.html Just select the defaults of WPA2 and WPA (PSK), and TKIP AES. Yeah, the tutorial was VERY easy to understand, thank you, Bruce. (Tina: my original attempt to secure my router was to (try to) do what the manual said, but I had problems and now, over a year later, I don't know where the manual is anymore). However, after I Googled to find out what all the security options in the tutorial actually meant (enough anyway: I cannot claim to REALLY understand wifi/wifi security tech: if I did, I wouldn't have this issue. Anyway, I decided I didn't want those defaults. I want to use WEP open because it's best for my Trailing Edge equipment. I don't want to even try WPA2 because I'm scared sh*tless I'll end up locking myself out of my own network. Hell, I locked myself out on my own porch in the dead of winter! :-{ See, when my BF originally got his wireless brick he couldn't get in on HIS G4 Quicksilver (running 10.4.3 at the time, don't know if he updated it since then or not; I did put the 10.4.11 update on his flash drive at some point some time after that but don't know if he used it). Well I recall him grumbling about WPA2 and being pissed off saying I thought I read somewhere that Tiger DID support WPA2! or something like that...and there was some PITA crap he had to go through so he could use his own wifi, and my iBook's Airport will NOT join his brick wifi when I'm at his house unless he gives me this dongle-ish thingie to plug into one of the USB ports (and my iBook DOES have 10.4.11 on it). Well, that's why I don't want to taste any of the various flavors of WPA. OK, though, thought I'd be OK after all when I did eventually did find instructions at the US Robotics site on how to set up WEP, and it even took me to the page to do it. Problem is, THAT is NOT simple. I didn't understand and/or know where to look for the info it asks for and didn't have the time to write it all down so I can do more Google and look up stuff later. :-( I don't know nearly enough about any of this to keep from really screwing up. Thank you all anyway, though. -- You received this message because you are a member of G-Group, a group for those using G3, G4, and G5 desktop Macs - with a particular focus on Power Macs. The list FAQ is at http://lowendmac.com/lists/g-list.shtml and our netiquette guide is at http://www.lowendmac.com/lists/netiquette.shtml To post to this group, send email to g3-5-list@googlegroups.com For more options, visit this group at http://groups.google.com/group/g3-5-list
Re: OK, I'll Try This Again. Locksmith Wanted (wifi).
On Apr 26, 2011, at 1:34 PM, Tina K. wrote: It doesn't have to be complex. Using a random generator such as RPG and an *encrypted* password repository such as Pastor, PasswordWallet, Keychain Access, 1Password, etc… provides good security without having to resort to memorizing or writing them down. Sigh. Never EVER EVER rely on a single encrypted source to remember important stuff like passwords. A plain text (as in written on a piece of paper!) backup, locked securely away is important. What if something happens to the encrypted file? You're SOL. (and that goes 10X higher if you're a compamny and it was the root password for the 'Accounts Receivable' DB.) Hey look! 8-) it's sn0w1ng Macintoshes outside! is AS SECURE as anything RPG will generate, because while it's true that a truly random password string is more secure against cracking, the passphrase chosen is secure enough. And more importantly, I NEVER need to write it down The bestest, mostest random password RPG will ever give you is USELESS if the method of cracking in doesn't involve cracking the password, but a social engineering attack, a MITM attack, a keylogger, etc. Far too many people fetishize long, random passwords as teh shizzle of computer security, when they're not (and there's not a whole lot of evidence that they've been all that good at preventing compromise in the first place, mainly because of the human element). This is why banks (among other reasons like people using 'password' for their passwords) have moved to multi-factor authentication. you need to enter your username/password AND the little picture needs to be correct; or they use RSA dongles. (themselves hacked at a higher level. RSA *claims* that SecurID is ok, but I'll wager there was a mass need for pants dry-cleaning there...http://www.schneier.com/blog/archives/2011/03/rsa_security_in.html) -- Bruce Johnson University of Arizona College of Pharmacy Information Technology Group Institutions do not have opinions, merely customs -- You received this message because you are a member of G-Group, a group for those using G3, G4, and G5 desktop Macs - with a particular focus on Power Macs. The list FAQ is at http://lowendmac.com/lists/g-list.shtml and our netiquette guide is at http://www.lowendmac.com/lists/netiquette.shtml To post to this group, send email to g3-5-list@googlegroups.com For more options, visit this group at http://groups.google.com/group/g3-5-list
Re: OK, I'll Try This Again. Locksmith Wanted (wifi).
On Tue, Apr 26, 2011 at 5:50 PM, Yersinia yersi...@myfairpoint.net wrote: Anyway, I decided I didn't want those defaults. I want to use WEP open because it's best for my Trailing Edge equipment. I don't want to even try WPA2 because I'm scared sh*tless I'll end up locking myself out of my own network. Hell, I locked myself out on my own porch in the dead of winter! :-{ To repeat for what it's worth, you simply can NOT permanently lock yourself out of your network. The worst you can do is forget and lose all the router passwords and need to go through the hassle of resetting the router back to the factory defaults so you can go redo the entire configuration process for the router and all your systems. Extremely tedious, yes. A bricking of the router, no. In the more likely scenario where you remember the admin password to your router you can just plug an ethernet cable into your router (if you haven't already) and then logon to router and change the Wi-Fi security password to whatever you like. Again, tedious and annoying but no more than that. As long as you have physical access to your router you can always configure it, one way or another. So don't worry about more than a potential temporary lockout as a worst case scenario. WEP is better than nothing. But it is just a screen door. Most folks are either polite or easily discouraged and so won't breech a screen door which is what Bruce's rational is counting on. But if you have both a screen door and metal door with a security lock why not use the stronger one? Why even bother with the one in a million risk of encountering someone with no manners? I'm just sayin' ... Of course, the other reason to use WPA2 is for those using 802.11n, which is NOT the case here. The reason you would want to use WPA2 with AES encryption with 802.11n is because if you don't then the protocol requires the router to limit the connection to 802.11g speeds. Or at least that's what I've been told. Seems a rather odd requirement to me, but it also strikes me a foot pushing on the butt attempt to move people to a better security protocol. -irrational john -- You received this message because you are a member of G-Group, a group for those using G3, G4, and G5 desktop Macs - with a particular focus on Power Macs. The list FAQ is at http://lowendmac.com/lists/g-list.shtml and our netiquette guide is at http://www.lowendmac.com/lists/netiquette.shtml To post to this group, send email to g3-5-list@googlegroups.com For more options, visit this group at http://groups.google.com/group/g3-5-list
Re: OK, I'll Try This Again. Locksmith Wanted (wifi).
On 2011/04/26 16:35, Bruce Johnson so eloquently wrote: On Apr 26, 2011, at 1:34 PM, Tina K. wrote: It doesn't have to be complex. Using a random generator such as RPG and an*encrypted* password repository such as Pastor, PasswordWallet, Keychain Access, 1Password, etc… provides good security without having to resort to memorizing or writing them down. Sigh. Never EVER EVER rely on a single encrypted source to remember important stuff like passwords. A plain text (as in written on a piece of paper!) backup, locked securely away is important. What if something happens to the encrypted file? You're SOL. (and that goes 10X higher if you're a compamny and it was the root password for the 'Accounts Receivable' DB.) Even a plain text printout of your passwords locked 'securely' away is not completely infallible. I use PasswordWallet and 1Password, both have all the same passwords and they are each backed up three times over, once offsite. Hey look!8-) it's sn0w1ng Macintoshes outside! is AS SECURE as anything RPG will generate, because while it's true that a truly random password string is more secure against cracking, the passphrase chosen is secure enough. And more importantly, I NEVER need to write it down The bestest, mostest random password RPG will ever give you is USELESS if the method of cracking in doesn't involve cracking the password, but a social engineering attack, a MITM attack, a keylogger, etc. Yep, you can't eliminate human mistakes completely. But we do the best we can, trying not to fall for phish attacks, locking the screen when walking away from the machine, being smart about what where you download something, etc… Strong random character passwords are only one ingredient in the security pie. Far too many people fetishize long, random passwords as teh shizzle of computer security, when they're not (and there's not a whole lot of evidence that they've been all that good at preventing compromise in the first place, mainly because of the human element). Correct me if I'm wrong, but it is my impression that the longer the password the longer it takes to crack. This is why banks (among other reasons like people using 'password' for their passwords) have moved to multi-factor authentication. you need to enter your username/password AND the little picture needs to be correct; or they use RSA dongles. (themselves hacked at a higher level. RSA*claims* that SecurID is ok, but I'll wager there was a mass need for pants dry-cleaning there...http://www.schneier.com/blog/archives/2011/03/rsa_security_in.html) I would say that some forms of multi-factor authentication can actually hinder security. My CU switched to using login name, password, and personal information challenge. This has forced me to use the same phrase for all the questions because my favorite movie changes over time, I don't remember my first teacher's name, my mother's maiden name is public record, and so on. IMO this is much more of a hindrance than strong random passwords. Tina -- iMac 20 USB 2 1.25GHz G4 2GB RAM GeForceFX5200 Ultra 64MB VRAM 10.4.11 PB G4 15 HR-DLSD 1.67GHz G4 2GB RAM Radeon 9700 128MB VRAM 10.4.11 Mac Pro Mid-2010 2.8 GHz QC 6 GB RAM Radeon HD 5770 1GB VRAM 10.6.7 -- You received this message because you are a member of G-Group, a group for those using G3, G4, and G5 desktop Macs - with a particular focus on Power Macs. The list FAQ is at http://lowendmac.com/lists/g-list.shtml and our netiquette guide is at http://www.lowendmac.com/lists/netiquette.shtml To post to this group, send email to g3-5-list@googlegroups.com For more options, visit this group at http://groups.google.com/group/g3-5-list