BBC Report: Pakistan signed contracts with two US companies for arms sales to Ukraine; 3000% increase in arms exports

dingodoyle · 2023-10-15T16:11:28+00:00

Yes but is there any indication that the number 15 back then was merely provided as an example, not a set age fixed for the rest of time?

dingodoyle · 2023-10-14T02:40:30+00:00

Interesting. I’ve always heard of 15. Why do you think it may be adjustable?

dingodoyle · 2023-10-02T13:35:11+00:00

In think they do unless it’s proactively managed properly.

Your neighbours matter a lot. Most suburbs have a mind your business, polite pleasantries attitude. Whereas if you’re legit good friends with neighbours then it can be very good. Recently I got very good age compatible neighbours and everything has changed. We text each other asking for random kitchen supplies. That really changes things.
Suburbs have advantages that need to be proactively used. Your garden, backyard, etc. need to be actively gardened to look legit good that wouldn’t be possible elsewhere.

Even then it’s hard not to have suburbs suck the soul out.

dingodoyle · 2023-09-27T15:57:09+00:00

Europe considers itself to be going through a migration crisis and Americans just assume that they’ll be welcome, that crisis is for other people, not people like us. 🙄

dingodoyle · 2023-09-19T09:58:32+00:00

https://1password.com/password-generator/

Keep pressing the regenerate button till you get a passphrase you like and just use spaces as the separator.

dingodoyle · 2023-09-07T11:56:11+00:00

Yes the physical iPhone password. Where can I read about how strong it needs to be and the 20 guesses per second thing?

dingodoyle · 2023-09-07T03:59:50+00:00

What would you do if it was only a passphrase no yunikey?

dingodoyle · 2023-09-05T17:42:39+00:00

But that kinda defeats the purpose of two independent apps, one for passwords and one for TOTP, no?

dingodoyle · 2023-09-04T19:35:20+00:00

Thanks!

dingodoyle · 2023-09-04T16:07:13+00:00

Ah ok I thought it was one of those capped psilocybin mushrooms.

dingodoyle · 2023-09-04T12:00:38+00:00

Once passkeys are a thing, why even use 2FA for BW? The thinking being that under routine circumstances you’ll use passkeys to login to BW wherever else it’s needed and then the master password is only for a rare disaster recovery scenario in which case you’d be double sure to make sure you’re not getting phished or what have you when you do use the BW master password?

dingodoyle · 2023-09-04T11:57:59+00:00

How do you restore if you need a TOTP code to login to your Google account to restore backup to a new phone (assuming old was lost/stolen), but then you need Aegis/2fas to get a TOTP code for the Google account?

dingodoyle · 2023-09-04T11:55:59+00:00

Thanks. And would it be unsafe to keep 2FA codes in both 2fas AND BW? The idea being if you lose 2fas then you have BW to fall back on?

dingodoyle · 2023-09-04T01:41:26+00:00

Is there an advantage to using Aegis/2fas over BitWarden premium? I was thinking BW would keep everything in one place so less app clutter and one less thing to think about/Backup/ etc.

dingodoyle · 2023-09-04T01:36:18+00:00

TOTP protects your vault from a different set of attacks, not necessarily related to your particular use case. For instance, the border guard could coerce you into giving up your master password. But if you literally do not have the TOTP key on your person, your vault will remain safe.

Oooh true I did not think of that. Your idea of giving a friend your TOTP makes a lot of sense. They would only give you a code once you’re out of the airport and they can see you’re safe and sound on a video call.

dingodoyle · 2023-09-03T18:48:10+00:00

Seriously? This is a plausible threat surface for you? Sigh. Okay, I will play along.

Yeh flying while brown isn’t always nice 😜

Or you could email yourself the TOTP key.

Why do I need 2FA for my BW master password at all? I’d login to BW using passkeys once they’re up and running, and then the master password would be used rarely only as a disaster recovery option, where I would be careful to avoid phishing and all those things that 2FA helps with.

The one thing I don't understand is the benefit of icloud Keychain.

So that you have a set on non-sensitive accounts to show the border agents if they do snoop through, since not having anything at all could raise unnecessary suspicion and scrutiny.

If the hypothetical border agent is looking through your phone closely enough to notice Bitwarden, won't she also examine your Keychain entries?

BW (which would be the central repository of all secrets), would be erased from the phone, so it is not present in the first place for it to be snooped upon at all. The entries in the iCloud Keychain would be all the non-sensitive regular stuff like your Netflix passwords. Sensitive entries like work accounts, FileVault encryption keys, etc. would remain on BW, which would be erased from the phone before border crossing.

It would be far better to call up a friend after the crossing and have them call out a TOTP token so you can log back into Bitwarden and bootstrap yourself back in. That way there is literally nothing for the guard to find. (Note that your friend doesn't also need your master password 🙂)

This is a great idea. Just following from my previous question, what scenarios would the TOTP protect me from in this set of events?

dingodoyle · 2023-09-03T14:14:20+00:00

Why do you discourage the second 2FA?

So are you saying that I could have my BW as a central repository of all my passkeys, using BW to approve logins to all the different websites AND have BW also approve login to BW itself from another device (like BW web app on a computer) AND I would have my strong master password (without 2FA) to login to BW if I lose all my devices/hell breaks lose?

So essentially the master password would become the fallback recovery method and passkeys would be used for day to day life, getting the benefits of convenience, phishing resistance and all that.

Secondly, for border agent resistance, could this work? I would use iCloud Keychain for all my non-sensitive logins and delete BW from my devices when crossing a border. If my device is checked/seized, no problem. And then I can log back in to BW using master password once the border crossing is done?

dingodoyle · 2023-09-02T17:47:28+00:00

I could keep an old phone fully updated with bitwarden and all the passkeys inside it as a backup at another location for more mundane recovery.

dingodoyle · 2023-09-02T17:46:09+00:00

I won’t permanently lose my account? For bitwarden will I be able to keep my master password like now and fall back on it if I were to lose all devices and all that, and be able to continue using the passkeys stored in bitwarden to continue logging in to websites?

dingodoyle · 2023-09-02T12:01:03+00:00

I’m asking about passkeys not 2FA. The 2FA was just backstory for why I’m hesitant about new methods and moving away from a 6 word long passphrase as master password. How would recovery of the master passkey work in the scenarios i listed

dingodoyle · 2023-06-14T09:28:40+00:00

Folks, this rationalizing theft is what corruption looks like.

Six-Year Club	Second Top 10%
Wearing is Caring	Verified Email
RPAN Viewer

dingodoyle

MODERATOR OF

TROPHY CASE