Jump to content

Thread to complain bout stuff


Spacetraindriver

Recommended Posts

On 8/15/2018 at 12:21 AM, TheSaint said:

a new startup capacitor for $20.

 

On 8/15/2018 at 12:21 AM, TheSaint said:

they came out that afternoon and got it fixed. $950.

***

On 8/14/2018 at 11:31 PM, tater said:

A $15 part at the bottom

 

On 8/14/2018 at 11:31 PM, tater said:

$388.

Check and mate, capitalism! :D
https://en.wikipedia.org/wiki/Labor_theory_of_value

Link to comment
Share on other sites

8 minutes ago, tater said:

the product should not have failed in 18 months.

When the product costs just 15/(15+388) = 3.7% of total sum, they could even give it for free.
Like you are paying (388+15)/18 = 22.4 USD/month for having your dishes washed, and this is even not the price of material goods, but the price of their labor.

(I understand, they are brazen)

Edited by kerbiloid
Link to comment
Share on other sites

1 hour ago, kerbiloid said:

 

***

 

Check and mate, capitalism! :D
https://en.wikipedia.org/wiki/Labor_theory_of_value

In my case, it wasn't so much labor theory as it was supply and demand. It was the middle of July. IIRC, like half of the cost was a "Peak Season Surcharge". What killed me wasn't so much that they charged an exorbitant amount of money (trust me, I am all for capitalism), it was that if I had been home I could have saved an exorbitant amount of money.

Link to comment
Share on other sites

Guess what! After an attempt to hack my Steam account, somebody's now trying to hack my YOUTUBE ACCOUNT! 

I got a notification requesting a password change, and obviously I haven't requested a password change at all. I believe they are doing this so that if I type in a new password, they can then see it and use it to gain access. The IP is coming from Texas. 

But why, just why, are people trying to get into my accounts this week? 

Link to comment
Share on other sites

6 hours ago, The_Cat_In_Space said:

Guess what! After an attempt to hack my Steam account, somebody's now trying to hack my YOUTUBE ACCOUNT! 

I got a notification requesting a password change, and obviously I haven't requested a password change at all. I believe they are doing this so that if I type in a new password, they can then see it and use it to gain access. The IP is coming from Texas. 

But why, just why, are people trying to get into my accounts this week? 

Its all one attack, you arn't being targeted by multiple hackers that have just decided to pick you this week.

I had an attempt on my ebay and paypal accounts not long ago. You already know what to do, change passwords, activate 3-factor authentication where possible (eg: text authentication for steam account).

Tip-top-tip: if an account records your telephone number, check it hasnt been changed. After I had secured my ebay account I noticed that it had been altered. I dont know why, although I can guess, but I almost missed it.

And if you are feeling dilligent, contact whoever the account is with (steam, ebay etc.) and let them know that an attempt has been made and that the most recent account updates (you securing your login details) are legit.

Link to comment
Share on other sites

7 hours ago, The_Cat_In_Space said:

But why, just why, are people trying to get into my accounts this week? 

Because they decided to check other services with your username, or (more likely) because a bot got around to it today and it's going through it's list of sites.
Expect this to happen every now and then, it's the nature of the internet. My home server weathers (and auto-firewalls) dozens of bot-generated cracking attempts per day, and it's the epitome of obscure.
No big deal if your passwords (and password recovery systems) and/or 2FA are strong. And do not reuse passwords, especially with the same username.

<complaint>
IMO "password recovery" systems are a security risk in general, particularly as a great many sites still use "secret answers" that are easily scraped from publicly accessible information.
Just remember your damn (complex and unique) passwords already... Or use a decent password manager.
Account recovery via phone call and stupid questions (which anyone who has access to your garbage can answer anyway) is even worse, as it is ripe for social engineering attacks. Many banks still allow this, mine included.
</complaint>

Edited by steve_v
Link to comment
Share on other sites

34 minutes ago, The Minmus Derp said:

I. HATE. HACKERS!

You know what I think is worse? Those people that ring up old folks and tell them that their computers have been compromised and use a load of garbage language that is very alarming like "criminals have gained access to your personal information you need to install our software now" or "criminal activity has been detected on your computer and the authorities informed" and then charge them a lot of money (often after asking how much they can afford and then surprise! They juuuuuuust have enough money to be able to pay for this lifesaving service! How convenient!)

I hope every single one of them trips on their front doorstep and breaks both their ankles.

That goes triple for auto-popup ads for similar "services" that autoplay a voiceover that "warns" you of all of the above, AND calls up a "login" window and the window cant be closed and keeps playing the damn voiceover unless you hit escape and close the window in the half-second before the login box pops back up.

I even had one of these that was coded so insidiously that it kept playing the audio voiceover even after I closed the tab AND shutdown the browser! I mean Im almost impressed by the ingenuity of deception that these people have. 

 

I know its hard to believe anyone falls for those but if you arn't "into" computers like we all are, how would you know what is or is not legit? It isnt fair to expect everyone to have a minimum competence in everything.

For the 1 in 10,000 people that these ads hook, it must be a terrifying and very expensive experience.

Its literally the equivalent of a doctor telling you that you have a rare and dangerous disease but luckily he has this total cure for this heavy but just about affordable price. Oh and that happens too.

I dont think anyone would shed any tears if these people took an accidental fall down some long steep stairs. Made of concrete.

 

Edited by p1t1o
Link to comment
Share on other sites

43 minutes ago, p1t1o said:

That goes triple for auto-popup ads for similar "services" that autoplay a voiceover that "warns" you of all of the above, AND calls up a "login" window and the window cant be closed and keeps playing the damn voiceover unless you hit escape and close the window in the half-second before the login box pops back up.

Introducing you to NoScript. Block and unblock everything at your ease.

Link to comment
Share on other sites

1 hour ago, p1t1o said:

Its like an arms race with these things though.

It blocks absolutely every single thing, even the CSS if necessary.

On default, apart from a really small number of very common sites, everything is blocked. Then you just handpick from it which one do you trust and which one you don't. It does take a lot of gut feeling though if you weren't very sure !

Or you could disable the blocking temporarily, ex. when accessing ticket payment or banking account. (yeah they'll block them by default too, it's not in the very common group. you can add exceptions though.)

________

Oh, and for my complaint today :

Our TV's "sound volume down" button has stopped working.

On the remote and on the TV set itself.

It hasn't been working on the remote for a while after a spill; but I just discovered that the one on the TV set doesn't either.

And given the way how I discovered them, it's... not ideal...

Edited by YNM
Link to comment
Share on other sites

1 minute ago, YNM said:

It blocks absolutely every single thing, even the CSS if necessary.

On default, apart from a really small number of very common sites, everything is blocked. Then you just handpick from it which one do you trust and which one you don't. It does take a lot of gut feeling though if you weren't very sure !

Or you could disable it temporarily, ex. when accessing ticket payment or banking account. (yeah they'll block them by default too, it's not in the very common group.)

Hmmm...thing is, if managing it approaches the same level of inconvenience as the thing it stops, what use is it?

Popups are not a security issue for me, so convenience is all. 

Sounds like a nuclear option, but I'll still check it out when Im home.

Link to comment
Share on other sites

7 minutes ago, p1t1o said:

Hmmm...thing is, if managing it approaches the same level of inconvenience as the thing it stops, what use is it?

Stops you from being swallowed whole by anything that's out there.

Many scripts on the .net are shared though. There's an option to allow anything that has an (exact) matching url source with the url you're using. Combined, this means that a simple website with, say, akamai or amazon or gstatic cdn, maybe plus facebook,twitter and youtube will work after a few clicks.

And if you visit sites frequently this means you don't have to bother with them again.

And the backbone of Internet is still html, css and php. They're not actually blocked (unless it shows signs of XSS).

12 hours ago, The_Cat_In_Space said:

But why, just why, are people trying to get into my accounts this week ?

Someone in the other side is not doing their security properly.

Just change the password to something you won't hold for long or hasn't used anywhere else. If the attempt stops you could change to a password that you know to be "safe" and that's it.

I know password reuse is not good, but the password formulation I use gives extra-excellent strength at many password strength evaluator.

Link to comment
Share on other sites

18 minutes ago, YNM said:

Stops you from being swallowed whole by anything that's out there.

If we are just talking unwanted pop-ups, I like to think I have the minimum level of savvy required to avoid this even with an unprotected computer, largely because not very much sensitive data passes through my machine though and the contents of my harddrive is largely replaceable. Passwords/logins are obviously sensitive but I tend not to spurt them out whilst up to my armpits in dodgy websites.

Unless there is a risk I am not understanding?

***

The best, and most common, advice I have heard for password security is to make them all different (natch) and unreasonably unguessable (eg: 459546FsfgsFhGfd#f+d8gf7f8*Fpd? - probably overkill but you get the idea) but keep them saved in a text file on your desktop for easy access.

Because if someone can suck that text file straight from your desktop, you have much larger problems to worry about than someone hacking your amazon.

Link to comment
Share on other sites

1 hour ago, p1t1o said:

The best, and most common, advice I have heard for password security is to make them all different (natch) and unreasonably unguessable (eg: 459546FsfgsFhGfd#f+d8gf7f8*Fpd? - probably overkill but you get the idea) but keep them saved in a text file on your desktop for easy access.

You know about Windows Update right ? :wink:

Can't trust that no one is sweeping by my devices in these day and age of continuous .net connection (which arguably makes any privacy effort futile but eh, I only needed the feel of effort).

My formulation is very simple - I'm a man who remember site addresses to the last character. Think if I was to say more than this members here will just blow off my covers ! XD

Though if you insist on keeping a list of your passwords I'd bet on something that has end-to-end encryption. So just own 2 numbers and 2 chat service account with end-to-end encryption to your own, and feel free to dump everything in there.

Edited by YNM
Link to comment
Share on other sites

13 hours ago, The_Cat_In_Space said:

But why, just why, are people trying to get into my accounts this week? 

Is how things works. An attacker chooses a victim, and focus on him/her until the possibilities are exhausted. 

Somehow, you fits on the attacker's profile. Perhaps the password you used on Steam, I don't know. He will keep poking you until he succeeds or there's nothing more to try.

It's not you. It's just the way they do "business". :/ 

Edited by Lisias
ouch, my English sucks sometimes. =/
Link to comment
Share on other sites

1 hour ago, p1t1o said:

The best, and most common, advice I have heard for password security is to make them all different (natch) and unreasonably unguessable (eg: 459546FsfgsFhGfd#f+d8gf7f8*Fpd? - probably overkill but you get the idea) but keep them saved in a text file on your desktop for easy access.

Easy access for anyone that have access to your computer, physically or remotely. ;-)

Never save passwords this way, unless you have a old Palm. They are excellent password keepers - until the battery dies. :D 

Link to comment
Share on other sites

13 minutes ago, Lisias said:

An attacker chooses a victim, and focus on him/her until the possibilities are exhausted.

They won't pick you until someone screwed up.

 

Link to comment
Share on other sites

25 minutes ago, Lisias said:

Is how things works. An attacker chooses a victim, and focus on him/her until the possibilities are exhausted. 

Somehow, you fits on the attacker's profile. Perhaps the password you used on Steam, I don't know. He will keeping poking you until he succeeds or there's nothing more to try.

It's not you. It's just the way they do "business". :/ 

Its worth noting that the "attacker" is probably an automated bot that is "attacking" several thousand accounts at once. Its not personal. Its just that this week, your number came up.

 

32 minutes ago, YNM said:

My formulation is very simple - I'm a man who remember site addresses to the last character. 

That is some kind of superpower and if I could do that I certainly wouldnt need that text file!

32 minutes ago, YNM said:

Can't trust that no one is sweeping by my devices in these day and age of continuous .net connection (which arguably makes any privacy effort futile but eh, I only needed the feel of effort).

Truedat, if you have data that is truly confidential and it isnt air-gapped, you cant complain if it is ever compromised.

 

 

12 minutes ago, Lisias said:

Easy access for anyone that have access to your computer, physically or remotely. ;-)

Never save passwords this way, unless you have a old Palm. They are excellent password keepers - until the battery dies. :D 

Thats like saying getting into my house is easy if you have the key, and what I mean is, if they have a key, no point in making the door stronger.

If someone has physical or remote access to your computer, no password is safe anyway, no matter how it is stored. Even the palm tablet wont save you. You are already past the point of "trying to be secure", the horse has bolted, the call is coming from inside the house.

Physical access and true remote access are the most serious, but also most rare type of attack. I dont need landmine sweepers on my car.

 

 

Edited by p1t1o
Link to comment
Share on other sites

27 minutes ago, YNM said:

They won't pick you until someone screwed up.

People screws up everywhere, every time. Security is like Freedom - you only have yours if you fight for the other's. One single stand-up guy breaking the chain ruins everything.

I used to work on a company that sells tracking services consolidated (and automatically file complains for refunds when applicable). One day, one client asked by mail how we store passwords - well, I answered imprecisely "we use a message digest and a salt". Then the client asked about the Digest we are using, I refused to answer. I said I would prefer to review our proceedings under any security standard he chooses and tell him the result, but I would not be disclosing any implementation for third parties - much less on a insecure channel and without NDA.

Boy, Hell broke loose. The guy phoned my boss complaining, and he ordered me to answer. BY MAIL. (sigh).

Well, I replied with a 15 page email describing every single digest algorithm from Earth (and some more from Mars), and said that we use one of them. If by any chances he have any restrictions for some of them, I asked him to enumerate them so we could change if by some means we were being using it. :D 

Well, I don't work there anymore - but you probably guessed that.

Uneducated, rich and persuasive clients are the first security flaw of any business. The second is leaving developers. These two guys are the worst security nightmare I ever had on my life.

Edited by Lisias
typos, what else? =P
Link to comment
Share on other sites

12 minutes ago, p1t1o said:

Thats like saying getting into my house is easy if you have the key, and what I mean is, if they have a key, no point in making the door stronger.

Buy a dog. :) 

 

12 minutes ago, p1t1o said:

If someone has physical or remote access to your computer, no password is safe anyway, no matter how it is stored. Even the palm tablet wont save you. You are already past the point of "trying to be secure", the horse has bolted, the call is coming from inside the house.

It's all about reducing the chances. People have access to your computer all the time. Your computer is broken? You don't know how to repair it? Well, the guy you will hire to fix it will have access to all your data. Including the password file.

You don't have the slightest idea stuff I find on second hand hard-drives. :) You will screw up sooner or later. So secure yourself as you were going to do that today.

About the Palm, you don't know it. They are not tablets, they were handhelds - most of them don't have any connection capability but a wire for syncing to a host. And the best of them didn't even had storage, all is kept on RAM. You wipe the thing (or the battery dies), everything is gone for good. Point. Elegant devices for a more civilized age.

Link to comment
Share on other sites

38 minutes ago, p1t1o said:

Thats like saying getting into my house is easy if you have the key, and what I mean is, if they have a key, no point in making the door stronger.

"If the door is closed, there's always a window open".

Physical security usually depends on people not bothering, not because it's actually "safe".

Virtual security ? Eh. I mean, apart from a few algorithms...

27 minutes ago, Lisias said:

People screws up everywhere, every time.

Would have been fun !

27 minutes ago, Lisias said:

The second is leaving developers.

I wonder about that myself - the "security threat" imposed is like that of a retired bank employee isn't it ?

Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
×
×
  • Create New...