Re: Security and our vehicles
How the hell would the car get a hold of any of that info. I think they are scrapping, is that the correct term, the internet. And it is really none of their bees’ wax!
toggle quoted message
Show quoted text
On Sep 7, 2023, at 13:32, Bob Gerard via groups.io <rowerbob@...> wrote:
? In a NYT article out today on what info car companies collect on us when we drive newer vehicles with all the bells and whistles is this example:
What might that data include? The full list is far too long to transcribe here, but it’s notable that, for instance, Nissan says it may collect:
Sensitive personal information, including driver’s license number, national or state identification number, citizenship status, immigration status, race, national origin, religious or philosophical beliefs, sexual orientation, sexual activity, precise geolocation, health diagnosis data, and genetic information.
Want to know what your kid is getting up to in the back seat on a date? ?Call Nissan…they probably know. ? ;-)
Bob
———
“People will come to?love their?oppression, to adore?the technologies?that undo their?capacity to think.
—Aldous?Huxley, Brave New?World
|
Re: Security and our vehicles
Similar (?same?) article bylined Associated Press in my local newspaper today. ?Info released yesterday by Mozilla Foundation which studied the topic since 2017. ?Nineteen automakers involved. ?They admitted to collecting, selling, storing, and releasing it all to any law enforcement agency who asks for it. No warrant required.
Includes add-on services in cars; Google Maps, OnStar, and Sirius XM, who are also collecting & selling & storing drivers AND passengers data. ?And it’s not just all your texts/emails/phone calls inside a car with a paired cell phone. ?The cars’ own microphones and cameras also record and photograph all sound and activity inside the car, too, even when your devices are not in use. ?I can’t think of a more apt quote than exactly what Bob used under his message.
toggle quoted message
Show quoted text
On Sep 7, 2023, at 1:32 PM, Bob Gerard via groups.io <rowerbob@...> wrote:
In a NYT article out today on what info car companies collect on us when we drive newer vehicles with all the bells and whistles is this example:
What might that data include? The full list is far too long to transcribe here, but it’s notable that, for instance, Nissan says it may collect:
Sensitive personal information, including driver’s license number, national or state identification number, citizenship status, immigration status, race, national origin, religious or philosophical beliefs, sexual orientation, sexual activity, precise geolocation, health diagnosis data, and genetic information.
Want to know what your kid is getting up to in the back seat on a date? ?Call Nissan…they probably know. ? ;-)
Bob
———
“People will come to?love their?oppression, to adore?the technologies?that undo their?capacity to think.
—Aldous?Huxley, Brave New?World
|
Security and our vehicles
In a NYT article out today on what info car companies collect on us when we drive newer vehicles with all the bells and whistles is this example:
What might that data include? The full list is far too long to transcribe here, but it’s notable that, for instance, Nissan says it may collect:
Sensitive personal information, including driver’s license number, national or state identification number, citizenship status, immigration status, race, national origin, religious or philosophical beliefs, sexual orientation, sexual activity, precise geolocation, health diagnosis data, and genetic information.
Want to know what your kid is getting up to in the back seat on a date? ?Call Nissan…they probably know. ? ;-)
Bob
———
“People will come to?love their?oppression, to adore?the technologies?that undo their?capacity to think.
—Aldous?Huxley, Brave New?World
|
macOS Ventura 13.5.2 (22G91) Update is now Available!
Haven’t updated yet. ?
Bob
———
“People will come to?love their?oppression, to adore?the technologies?that undo their?capacity to think.
—Aldous?Huxley, Brave New?World
|
Re: [Krebs on Security] Experts Fear Crooks are Cracking Keys Stolen in LastPass Breach
There are some who will claim that such thoughts are "political". Or have you forgotten the flak you received elsewhere for "people believe everything they read"
AG
Thursday, September 7, 2023, 6:50:45 AM, Brent via groups.io whodo678@... wrote:
toggle quoted message
Show quoted text
Exactly how is this not the right place? The thread and subject are being actively discussed on this list, with no suggestion to stop the thread by the admins. I suggested that government sponsored group was involved
|
Re: [Krebs on Security] Experts Fear Crooks are Cracking Keys Stolen in LastPass Breach
Exactly how is this not the right place?
The thread and subject are being actively discussed on this list, with no suggestion to stop the thread by the admins.
I suggested that government sponsored group was involved, and mentioned current activity that suggested a need for large quantities of money Someone else suggested a lesser group. Since it was 10 months since the break-ins were noticed, give it a couple of months before it was noticed. That means that they possibly used a brute force attach on a couple dozen encrypted accounts. With a strong password, it should take years to brute force one account. It happened way too fast to happen without government sponsored financing and support.
Brent
On my iPhone Xr
toggle quoted message
Show quoted text
On Sep 6, 2023, at 14:59, maclists <maclists@...> wrote:
?This is not really the right place, but take a look sometime at how many websites are suddenly disappearing and bank accounts being closed.
AG
Wednesday, September 6, 2023, 8:26:31 PM, Brent via groups.io whodo678@... wrote:
state sponsored group.
|
Re: [Krebs on Security] Experts Fear Crooks are Cracking Keys Stolen in LastPass Breach
This is not really the right place, but take a look sometime at how many websites are suddenly disappearing and bank accounts being closed.
AG
Wednesday, September 6, 2023, 8:26:31 PM, Brent via groups.io whodo678@... wrote:
toggle quoted message
Show quoted text
|
Re: [Krebs on Security] Experts Fear Crooks are Cracking Keys Stolen in LastPass Breach
I am no security expert, but with the power it must take to have accomplished those hacks and thefts, it sounds like a state sponsored group.?
Hmmm, Russia has been sanctioned because of it current aggressions and needs money.?
It sounds like the breaches came from those insiders not following security protocols, like working from home on a nonsecure device. I wonder if we could see an overview, if the to date thefts were all just “low lying fruit”.
toggle quoted message
Show quoted text
On Sep 5, 2023, at 18:54, Barbara Mende <barbara@...> wrote:
?
Whew! Glad I don't do crypto. Barbara
On Tuesday, September 5, 2023 at 09:30:30 PM EDT, Bob Gerard via groups.io <rowerbob@...> wrote:
For any of you who may have been LastPass users. ?Pay attention!
Krebs on Security has posted a new item.?In November 2022, the password manager service LastPass disclosed a breach inwhich hackers stole password vaults containing both encrypted and plaintextdata for more than 25 million users. Since then, a steady trickle ofsix-figure cryptocurrency heists targeting security-conscious peoplethroughout the tech industry has led some security experts to conclude thatcrooks likely have succeeded at cracking open some of the stolen LastPass
vaults.?
Bob ——— “The more I practice, the luckier I get.” - Source uncertain
|
Re: [Krebs on Security] Experts Fear Crooks are Cracking Keys Stolen in LastPass Breach
Why 1/27 (which is close to 4%, not 1). Why not 1/10 (10%)?
Otto
toggle quoted message
Show quoted text
On 6 Sep 2023, at 03:10, John Hay via groups.io <OceanCity@...> wrote:
I don't understand how a 256-bit encrypted file can be decrypted considering the following example.
Let's say you are one of the most powerful entities on earth and you devote as much power as the whole bitcoin mining infrastructure to breaking this encryption. Bitcoin manages about 267
hashes per second by consuming about 5% of the world's total electricity production. The cost of trying out an AES key is comparable to a hash. Let's further say you'll be happy with a 1/27
chance of success (almost 1%), so you'll need time to try about 1/27
of the 2128 possible keys. This will take 2128/27/267=254s≈6?108yr. That's over half a billion years. That is such a long while that in practical terms, it means it won't happen.
Can someone explain?
|
Re: [Krebs on Security] Experts Fear Crooks are Cracking Keys Stolen in LastPass Breach
It's not only LastPass though. Such breaches are a risk with everything "in the cloud".
AG
Wednesday, September 6, 2023, 3:30:26 AM, Bob Gerard via groups.io rowerbob@... wrote:
toggle quoted message
Show quoted text
In November 2022, the password manager service LastPass disclosed a breach
|
Re: [Krebs on Security] Experts Fear Crooks are Cracking Keys Stolen in LastPass Breach
Hi John, I can’t speak to the accuracy of your math, but you’re describing a brute-force attack. I believe that hackers would try less “expensive” attacks first, such as various permutations of dictionary words, commonly used passwords, etc. They do this because, believe it or not, some people use fairly simple, insecure passwords.
Stay Safe!
toggle quoted message
Show quoted text
On Sep 5, 2023, at 7:10 PM, John Hay via groups.io <OceanCity@...> wrote:
?
I don't understand how a 256-bit encrypted file can be decrypted considering the following example.?
Let's say you are one of the most powerful entities on earth and you devote as much power as the whole bitcoin mining infrastructure to breaking this encryption. Bitcoin manages about 267
?hashes per second by consuming about 5% of the world's total electricity production. The cost of trying out an AES key is comparable to a hash. Let's further say you'll be happy with a 1/27
?chance of success (almost 1%), so you'll need time to try about 1/27
?of the 2128?possible keys. This will take 2128/27/267=254s≈6?108yr. That's over half a billion years. That is such a long while that in practical terms, it means it won't happen.
Can someone explain?
Cheers,
John
|
Re: [Krebs on Security] Experts Fear Crooks are Cracking Keys Stolen in LastPass Breach
I don't understand how a 256-bit encrypted file can be decrypted considering the following example.?
Let's say you are one of the most powerful entities on earth and you devote as much power as the whole bitcoin mining infrastructure to breaking this encryption. Bitcoin manages about 267
?hashes per second by consuming about 5% of the world's total electricity production. The cost of trying out an AES key is comparable to a hash. Let's further say you'll be happy with a 1/27
?chance of success (almost 1%), so you'll need time to try about 1/27
?of the 2128?possible keys. This will take 2128/27/267=254s≈6?108yr. That's over half a billion years. That is such a long while that in practical terms, it means it won't happen.
Can someone explain?
Cheers,
John
|
On Sep 5, 2023, at 3:54 PM, Paul Lundgren <pflundgren021@...> wrote:
I suppose I’m asking for the impossible (pipe dream). I wonder if there is an app that scans my drive for software or peripheral compatibility / conflict issues. You could try: EtreCheckPro (free; additional features available for a fee) The first thing that I would do would be to restart my Mac in Safe Mode. If the problem is still there in Safe Mode, then it likely isn’t a software problem. Also, when folks upgrade to a new version of the Mac OS, and experience what you are experiencing, the first thing that I have them do is uninstall any third party stay-resident software, that is, anything that is running in the background. So…uninstall anything under Login Items Uninstall any fully interactive anti-virus utilities. Uninstall anything that changes the look of the Finder or the way that it works. etc. If this solves the problem, you can likely download an updated version of the problematic software for Ventura and it will work fine. If the above doesn’t help, sometimes reinstalling the OS using Recovery helps. __________________________________________________ Randy B. Singer Co-author of The Macintosh Bible (4th, 5th, and 6th editions) Essential But Hard To Find Macintosh Software and Advice __________________________________________________
|
Re: [Krebs on Security] Experts Fear Crooks are Cracking Keys Stolen in LastPass Breach
Whew! Glad I don't do crypto. Barbara
On Tuesday, September 5, 2023 at 09:30:30 PM EDT, Bob Gerard via groups.io <rowerbob@...> wrote:
For any of you who may have been LastPass users. ?Pay attention!
Krebs on Security has posted a new item.?In November 2022, the password manager service LastPass disclosed a breach inwhich hackers stole password vaults containing both encrypted and plaintextdata for more than 25 million users. Since then, a steady trickle ofsix-figure cryptocurrency heists targeting security-conscious peoplethroughout the tech industry has led some security experts to conclude thatcrooks likely have succeeded at cracking open some of the stolen LastPass
vaults.?
Bob ——— “The more I practice, the luckier I get.” - Source uncertain
|
Re: Seeking recommended 27" monitor
On Sep 5, 2023, at 7:49 AM, Peter Rasmusen <peter@...> wrote:
I thought maybe now you have had time to think about it :-) I’m assuming that you want a high resolution 4K monitor (instead of a 1080p monitor), and an IPS (in-plane switching) premium panel. YEYIAN ODRAZ 27” IPS Panel HDR 4K UHD Slim Bezel PC Gaming Monitor 3840x2160, 1 Billion Colors, Low Blue, 300cd/m2, 1000:1, 60Hz, 5ms, 16:9, 178°, G-Sync, FreeSync, DP/HDMI/USB, Speakers, VESA, Tilt $220 PHILIPS 288E2E 28" Frameless Monitor, 4K UHD 3840x2160 IPS, 120% sRGB, FreeSync, Height Adjustable, VESA, 4Yr Advance Replacement $250 (this one is currently on sale) ASUS TUF Gaming VG289Q1A 28” Monitor, 4K UHD (3840 x 2160), IPS, Adaptive-Sync/ FreeSync, Eye Care, DisplayPort HDMI, DCI-P3 HDR 10, Shadow Boost, Black $289 For only a few buck more you can get this genuine Samsung 32-inch monitor! SAMSUNG UJ59 Series 32-Inch 4K UHD (3840x2160) Computer Monitor, HDMI, Display Port, Eye Saver/Flicker Free Mode, FreeSync (LU32J590UQNXZA),Black $300 __________________________________________________ Randy B. Singer Co-author of The Macintosh Bible (4th, 5th, and 6th editions) Essential But Hard To Find Macintosh Software and Advice __________________________________________________
|
[Krebs on Security] Experts Fear Crooks are Cracking Keys Stolen in LastPass Breach
For any of you who may have been LastPass users. ?Pay attention!
Krebs on Security has posted a new item.?In November 2022, the password manager service LastPass disclosed a breach inwhich hackers stole password vaults containing both encrypted and plaintextdata for more than 25 million users. Since then, a steady trickle ofsix-figure cryptocurrency heists targeting security-conscious peoplethroughout the tech industry has led some security experts to conclude thatcrooks likely have succeeded at cracking open some of the stolen LastPass
vaults.?
Bob ——— “The more I practice, the luckier I get.” - Source uncertain
|
I suppose I’m asking for the impossible (pipe dream). I wonder if there is an app that scans my drive for software or peripheral compatibility / conflict issues.
Since upgrading to Ventura from Catalina two months ago, I have occasionally had a software crash which I suspect has to do with an incompatibility issue with some software or peripheral. The problem is that it seems to be random so I have no idea what exactly is causing the problem or where to look.
As an example. Yesterday, the Messages app would not open. No error – just no window. I could not force quit it. When I tried to restart, the Mac Mini would not restart – just got the spinning beach ball. Had to power down with the power button. After restarting, the Messages app opened as normal.
Random occasions, different apps, etc. Sometimes I get the message “App quit unexpectedly” and pressing the Report button I get the spinning beach ball. Restarting fixes everything for a few days. Since I have been wary or pressing the Report button, there are no Crash Reposts in the Console app.
Mac Mini M2
Ventura 13.5.1
Paul
|
On Sep 5, 2023, at 03:27, maclists <maclists@...> wrote:
One would expect any issues to occur with Windows and Apple devices, but not between two Apple products. Why not between Apple products? Have you not seen incorrect settings or corrupted plists? In the case of the OP of this thread, her issue is most likely that the macOS is to old to work with the iOS. I have the same issue with my MBP and iPhone. My work around is I backup/sync to my iCloud account. Unfortunately, I can’t sync my music, audiobooks, podcasts or movies, a lot of which is ripped from discs. The version of iTunes on my MBP has all the media, but on the iPhone the various media use a different Apple app, Music, Books, Podcasts, and Movies. I have currently switched to Libby a third party app to listen to new audiobooks.
|
Syncing various documents to back up and sync between Mac or iPhone or iPad <<and >> Mac or iCloud is built into the built-in apps. Why would you think otherwise? No app or syncing method syncs all documents or media, but then again, I don’t believe any third party app does either. And once you have backed up the first time, then you're just syncing. Brent On my iPhone Xr
On Sep 5, 2023, at 03:23, maclists <maclists@...> wrote:
?I don't have an iPhone to play with (my wife has one, but getting her to part with it long enough to make backups is not easy), but now I am curious whether iTunes for Mac and/or iTunes for Windows would make a backup of my iPad.
I usually use iMazing (both Mac and Windows) to make backups of Apple devices.
AG
Tuesday, September 5, 2023, 11:35:58 AM, Otto Nikolaus via groups.io otto.nikolaus@... wrote:
What do you mean by "what iTunes on both does”?
|
Re: my top bar stopped working
i should have mentioned i loathe the touch bar. displaying the functions in the menu bar is how i worked around it. ruth
On Tue, Sep 5, 2023 at 3:50?PM Lowell Ziegler < lziegler@...> wrote: You can try the recommendations in their article: ?
I know you restarted, but have you checked your settings? , possibly rushed, with fat thumbs, so please forgive ant typos
hi ellen,? do you mean your?touch bar on the?keyboard? you can replace most of the touch bar options in the control center found in system settings (was preferences). click on the ? in the menu bar go to system?settings?
in the control?center and choose whatever functions you'd want to see in the menu bar regards,? ruth??
all of a sudden nothing on my function bar on top row of my computer stopped working so I have no sound, light, etc. I restarted and it still doesn’t work. ay be time for a new comptuter but waiting for new ones to come out. any ideas? I have no sound either and cannot turn it on because the bar is not working.
Ellen
|
Brent
Bob Gerard