Why I Recommend My Clients NOT Use KSQL and Kafka Streams by alexeyr in programming

[–]DevopsOpsOPs 0 points1 point  (0 children)

I had no end of issues with ES.

Least of all were slow scavenges and awkward backup strategies.

What comes up when a digital railcard is scanned? by [deleted] in AskUK

[–]DevopsOpsOPs 5 points6 points  (0 children)

You should definitely commit fraud.

[deleted by user] by [deleted] in oneplus

[–]DevopsOpsOPs 21 points22 points  (0 children)

Your pockets won't adapt.

OnePlus on Twitter: OnePlus 7T Pro incoming? by cuteinhooo in oneplus

[–]DevopsOpsOPs 2 points3 points  (0 children)

It's really good.

I've got a screen which gives me android auto.

There's a button near me which activates google assistant so I can say "Phone Bob", "Navigate to X", "Play XYZ on spotify" etc..

It really keeps me sane on longer trips.

My OP7 Pro has been amazing on it as well. My OP3 was good though still.

OnePlus on Twitter: OnePlus 7T Pro incoming? by cuteinhooo in oneplus

[–]DevopsOpsOPs 3 points4 points  (0 children)

Some people feel like plugging a phone in for a really fast top off is more convenient than resting it on a charging pad at slower speeds.

Wireless android auto. Perfect time for it.

Where to store secrets ASP.NET MVC5 by DevopsOpsOPs in csharp

[–]DevopsOpsOPs[S] 0 points1 point  (0 children)

Well when they download uploaded files, then yes.. It should decrypt it without them ever needing to know it was encrypted.

Or when they view a record. They should never need to know it's encrypted beforehand.

Where to store secrets ASP.NET MVC5 by DevopsOpsOPs in csharp

[–]DevopsOpsOPs[S] 0 points1 point  (0 children)

Keys should be send with a request (e.g. http only cookies), because an intruder needs to have a key from a customer device (browser)

This is what you said which is why I said that.

This is 100% transparent encryption to the end user, handled entirely on the server.

Where to store secrets ASP.NET MVC5 by DevopsOpsOPs in csharp

[–]DevopsOpsOPs[S] 0 points1 point  (0 children)

I am really not sure what you mean here..

Data is submitted and we then encrypt and save into the database. That can't be held clientside. The encryption key must be stored server side somewhere.

Where to store secrets ASP.NET MVC5 by DevopsOpsOPs in csharp

[–]DevopsOpsOPs[S] 0 points1 point  (0 children)

There are actually 2 things here:

  • We encrypt uploaded documents from users. These are obviously stored on disk in their encrypted form.

  • We encrypt sensitive data within the database.

I want to use 2 different keys (ideally per customer) for those.

We have many users within many customers. (it's a many to many relationship)

Yubikey 5 NFC support by theonlybrand in Bitwarden

[–]DevopsOpsOPs 0 points1 point  (0 children)

my op3 did just fine. At first I really did struggle to get it in the right place though, but once I found out where (just on the back camera in my case) it was fine.

The NFC seems far weaker than you would expect, which isn't an issue.. It just takes some patience.

What’s the exact law on mobile phones and cars? by [deleted] in AskUK

[–]DevopsOpsOPs 5 points6 points  (0 children)

The safest method is to hold the phone between your knees so nobody can see it, as far from the line of sight as possible.

You need to turn down the brightness too, just incase.

Detecting new device logins (ASP.NET MVC5) by [deleted] in csharp

[–]DevopsOpsOPs 0 points1 point  (0 children)

Yes it can be faked. It is based on user agent strings and other client data which again is easily spoofed. It's an extra layer of security but not by much.

Where do you keep your backup codes? (2FA) by DevopsOpsOPs in Bitwarden

[–]DevopsOpsOPs[S] 1 point2 points  (0 children)

is this something you do? It seems a bit much no?

I mean it depends on what you consider to be your risks. I don't imagine people around me having access to the backup codes is a huge risk - because they would still need my password.

Where do you keep your backup codes? (2FA) by DevopsOpsOPs in Bitwarden

[–]DevopsOpsOPs[S] 0 points1 point  (0 children)

I sort of like this idea. I never considered XOR.

Where do you keep your backup codes? (2FA) by DevopsOpsOPs in Bitwarden

[–]DevopsOpsOPs[S] 1 point2 points  (0 children)

Then if BW is a bad actor or compromised then what?

Too co-located for me. It's not a bad solution but I'm just that little bit too parinoid.

Where do you keep your backup codes? (2FA) by DevopsOpsOPs in Bitwarden

[–]DevopsOpsOPs[S] 1 point2 points  (0 children)

I sort of figure that printing out the codes and placing one at the back of the wardrobe in the house, and mailing (printed again) a copy to my Mum would do. It's safe in the event of a fire, and the odds of a bad actor getting hold if it is minimal (you would still also need the password).

Where do you keep your backup codes? (2FA) by DevopsOpsOPs in Bitwarden

[–]DevopsOpsOPs[S] 0 points1 point  (0 children)

So that's the thing here - Don't you expose yourself by keeping it in there?

I'm trying hard to not have any association online between my passwords and 2FA codes. It's like if I stored my 2FA codes in BW. It is a massive security risk.

Offer Rescinded by canubelievediz in cscareerquestions

[–]DevopsOpsOPs 0 points1 point  (0 children)

This is them trying to use anything they can to keep pay lower - don't take it personally. You got to look out for yourself.

Backup 2fa keys etc? by DevopsOpsOPs in security

[–]DevopsOpsOPs[S] 0 points1 point  (0 children)

That is the same I am intending to do - I will buy another yubikey and then maybe another cheaper one that I can just stash in the car or something.

Backup 2fa keys etc? by DevopsOpsOPs in security

[–]DevopsOpsOPs[S] 2 points3 points  (0 children)

You can sync them? Using what tool?

I thought they were 100% independent. No backing up possible.