Announcement

Collapse
No announcement yet.

Article - Four best practices for Web Browser Security on your Linux Workstation

Collapse
This topic is closed.
X
X
Collapse
 
  • Page of 3
  • Filter
  • Time
  • Show
Clear All
new posts
Previous 1 2 3 template Next
    #1

    Article - Four best practices for Web Browser Security on your Linux Workstation

    I found this article and though it worth linking here:

    https://www.linux.com/news/linux-wor...ux-workstation

    I do have a disagreement on the recommendation for chrome/chromium as a parallel browser (read the article). My distrust of anything google(r)ish will prevent me from using their tools. I would use some other browser.

    I found the rest of the article, particularly the idea of separating the types of access between two browsers to be workable, but perhaps cumbersome. My system can certainly support simultaneous browser operations, but the need to make conscious choices about which to use will stop some people from doing this.
    Kubuntu 24.04 64bit under Kernel 6.9.3, Hp Pavilion, 6MB ram. All Bow To The Great Google... cough, hack, gasp.
    Tags: None
    • Top
    • Bottom
    #2
    I've been dividing my web activity between two browsers for quite a while. I use Vivaldi and FF. FF I use for less secure purposes.


    Sent from my iPhone using Tapatalk
    "A nation that is afraid to let its people judge the truth and falsehood in an open market is a nation that is afraid of its people.”
    – John F. Kennedy, February 26, 1962.
    • Top
    • Bottom

    Comment

      #3
      They forgot the most important one: use good passwords.
      • Top
      • Bottom

      Comment

        #4
        But, but, but, my password has always been "123456789". You mean I should change it? It's never been a problem before.

        I suppose I can use "quertyuiop", they'll never crack that one!

        [EDIT] I tried it, but my bank keeps telling me it is already in use and that I should use numbers AND punctuation characters in my password.
        So now I use "my-bank-won't-speak-2-me".

        Perhaps I should really use "I'm2stupid4computers"? What do you think? Too complicated?
        Last edited by TWPonKubuntu; Apr 12, 2018, 01:05 PM.
        Kubuntu 24.04 64bit under Kernel 6.9.3, Hp Pavilion, 6MB ram. All Bow To The Great Google... cough, hack, gasp.
        • Top
        • Bottom

        Comment

          #5
          The longer the password the better. Many password input parsers won't allow spaces or some special keys. Thus, "my bank won't speak 2 me" is an excellent password but usually not accepted. There is an excellent cartoon that illustrates the stupidity of it all.

          Click image for larger version Name: password_strength.png Views: 2 Size: 90.8 KB ID: 643509
          "A nation that is afraid to let its people judge the truth and falsehood in an open market is a nation that is afraid of its people.”
          – John F. Kennedy, February 26, 1962.
          • Top
          • Bottom

          Comment

            #6
            Your bank is telling you that a password is already in use? By you?
            • Top
            • Bottom

            Comment

              #7
              Removing my tongue from where it was firmly implanted in my cheek...

              GG: I read XKCD comics daily, along with Dilbert...

              whatthefunk: nope, couldn't get the bank to accept "qwertyuiop". Somebody else must be using it...

              For the record, I don't even have a bank account for which a password might be needed. Life was simpler when we buried our money in the back yard... Back when money was worth something.

              Seriously, there are many ways to create a rather long password AND be able to remember it without writing it on a sticky pad on the monitor.

              Not so seriously, what was your name again? I don't remember.
              Kubuntu 24.04 64bit under Kernel 6.9.3, Hp Pavilion, 6MB ram. All Bow To The Great Google... cough, hack, gasp.
              • Top
              • Bottom

              Comment

                #8
                Originally posted by TWPonKubuntu View Post
                ....

                Seriously, there are many ways to create a rather long password AND be able to remember it without writing it on a sticky pad on the monitor.
                There were 400 work stations at the dept of revenue, where I retired from. 95% of them had their login password written on a sticky note and plastered to their monitor, or under their keyboard. The tricky ones pasted it on the underside of one of their desk drawers. It was never a problem to locate it. 4.999% kept their passwords on a paper tucked into their wallet or purse. A very few kept it in their memory.

                Originally posted by TWPonKubuntu View Post
                Not so seriously, what was your name again? I don't remember.
                So, you've aged beyond your 70th birthday too, eh? So sad.
                "A nation that is afraid to let its people judge the truth and falsehood in an open market is a nation that is afraid of its people.”
                – John F. Kennedy, February 26, 1962.
                • Top
                • Bottom

                Comment

                  #9
                  Originally posted by GreyGeek View Post
                  ...
                  So, you've aged beyond your 70th birthday too, eh? So sad.
                  Not quite there yet (close, but no cigar), but I lost brains cells in my youth and could never find them again...

                  I can understand why those 19.996 people kept them in a wallet... I've done that until the paper was unreadable...
                  Kubuntu 24.04 64bit under Kernel 6.9.3, Hp Pavilion, 6MB ram. All Bow To The Great Google... cough, hack, gasp.
                  • Top
                  • Bottom

                  Comment

                    #10
                    Originally posted by TWPonKubuntu View Post
                    Not quite there yet (close, but no cigar), but I lost brains cells in my youth and could never find them again...

                    I can understand why those 19.996 people kept them in a wallet... I've done that until the paper was unreadable...
                    Or like me ... forgot you kept them there!
                    "A nation that is afraid to let its people judge the truth and falsehood in an open market is a nation that is afraid of its people.”
                    – John F. Kennedy, February 26, 1962.
                    • Top
                    • Bottom

                    Comment

                      #11
                      Originally posted by TWPonKubuntu View Post
                      ...

                      GG: I read XKCD comics daily, along with Dilbert...
                      I'd read XKCD daily too if I could... but since it is only published on Mondays, Wednesdays and Fridays, I just haven't been able to figure out how...
                      If you think Education is expensive, try ignorance.

                      The difference between genius and stupidity is genius has limits.
                      • Top
                      • Bottom

                      Comment

                        #12
                        Remember the missing brain cells, everyday is a new experience I get to read the same comics three or four times a day. life is good!
                        Last edited by TWPonKubuntu; May 10, 2017, 09:40 PM.
                        Kubuntu 24.04 64bit under Kernel 6.9.3, Hp Pavilion, 6MB ram. All Bow To The Great Google... cough, hack, gasp.
                        • Top
                        • Bottom

                        Comment

                          #13
                          Originally posted by TWPonKubuntu View Post
                          whatthefunk: nope, couldn't get the bank to accept "qwertyuiop". Somebody else must be using it...
                          Thats either really good or really bad. If they don't accept that password because its a terrible password, thats good. If they don't accept that password because another user is using it, they have questionable developers. There is no reason why two users can't have the same password.
                          • Top
                          • Bottom

                          Comment

                            #14
                            Originally posted by whatthefunk View Post
                            Thats either really good or really bad. If they don't accept that password because its a terrible password, thats good. If they don't accept that password because another user is using it, they have questionable developers. There is no reason why two users can't have the same password.
                            Only the former makes any sense. They wouldn't compare users' passwords as they would be encrypted as they are stored anyway, wouldn't they be? I would expect a bank to use a high level of caution. i bet they have a list of "dumb" passwords and/or rules that exclude "abcdefgh", "password", and other really bad ideas.

                            I read once long ago that the best password was four random words, but it seemed to me like a simple dictionary attack would be successful.

                            I take a long (8 letters or more) word that's meaningful to me, like a nickname or pet name for one of my kids. Then I substitute a couple symbols and numbers in a way I can remember, like "@" instead of "o" or "1" for "i". That way I end up with a strong password but one I can still remember at this age

                            Please Read Me
                            • Top
                            • Bottom

                            Comment

                              #15
                              Originally posted by whatthefunk View Post
                              Thats either really good or really bad. If they don't accept that password because its a terrible password, thats good. If they don't accept that password because another user is using it, they have questionable developers. There is no reason why two users can't have the same password.
                              Yes, technically, it should be possible, however...

                              In a real life situation (not a joke like this one), the bank should never acknowledge that a submitted password already exists, that breaks security and makes it easier to break their security. In this hypothetical case (joke), all I would need to do is find the account name which matches the password. Admittedly that is not easy, but a malefactor would be half way there after being told that a password already is in the system.

                              That is why many worms will use a list of those common passwords and do an attack by trying all of the passwords on the list in a attempt to find someone dumb enough to use a common password.

                              I used "qwertyuiop" as a joke because it is one of the most common passwords being used, along with "123456", 'password" and similar bonehead simple passwords.

                              Not preaching, just clarifying for future "newbies" on the forum.
                              Last edited by TWPonKubuntu; May 11, 2017, 09:31 AM.
                              Kubuntu 24.04 64bit under Kernel 6.9.3, Hp Pavilion, 6MB ram. All Bow To The Great Google... cough, hack, gasp.
                              • Top
                              • Bottom

                              Comment

                              Previous 1 2 3 template Next
                              Working...
                              X