github.com GitHub - Wither-Bane/eyeware: 'The Lord of the Rings'-based diceware (passphrase generator) list
'The Lord of the Rings'-based diceware (passphrase generator) list - Wither-Bane/eyeware
Discussion of passwords, password managers, biometrics, CAPTCHAs, secret questions, MFA/2FA/2SV, or other factors related to user authentication.
Members
195
Posts
7
Active Today
1
Created
2 yr. ago
-
Passwords @infosec.pub activistPnk @slrpnk.net Apacer SSD forced itself into read-only mode -- how can this be reversed? Anyone know what pw Apacer uses?
cross-posted from: https://slrpnk.net/post/21033639
The background is here. In short, an SSD with the “Apacer” brand froze itself into read-only mode, presumably due to reaching a point of poor reliability.
The data on the drive is useless. It was part way through installing linux when it happened. I would like to reverse that switch to make one last write operation (to write a live linux distro), which thereafter can be read-only.
I have heard some speculation that the manufacturer uses password to impose read-only mode. If true, then the password would be in the drive’s firmware. Does anyone know what Apacer uses for this password?
-
Passwords @infosec.pub evenwicht @lemmy.sdf.org A Large-Scale Real-World User Study of reCAPTCHAv2 finds 819 million hrs of human time has been spent on reCAPTCHA in 13 yrs
arxiv.org Dazed & Confused: A Large-Scale Real-World User Study of reCAPTCHAv2Since about 2003, captchas have been widely used as a barrier against bots, while simultaneously annoying great multitudes of users worldwide. As their use grew, techniques to defeat or bypass captchas kept improving, while captchas themselves evolved in terms of sophistication and diversity, becomi...
From the article:
“In terms of cost, we estimate that – during over 13 years of its deployment – 819 million hours of human time has been spent on reCAPTCHA, which corresponds to at least $6.1 billion USD in wages. Traffic resulting from reCAPTCHA consumed 134 Petabytes of bandwidth, which translates into about 7.5 million kWhs of energy, corresponding to 7.5 million pounds of CO₂. In addition, Google has potentially profited $888 billion USD from cookies and $8.75-32.3 billion USD per each sale of their total labeled data set.”
This means when a CAPTCHA serves as a barrier between people and an essential public transaction, people are being forced into involuntary uncompensated servitude. I believe this is a human rights issue.
-
Passwords @infosec.pub evenwicht @lemmy.sdf.org Related community: [email protected]
Since this community discusses CAPTCHA (see sidebar), I thought I should plug a community I just started. [email protected] is not about CAPTCHA in general, but it has the sole purpose of collecting situations where people are forced to solve a CAPTCHA in the public sector.
-
Passwords @infosec.pub coffeeClean @infosec.pub knowing when to trust a login page on a Cloudflare site
cross-posted from: https://infosec.pub/post/10262373
Question for people willing to visit Cloudflare sites:
How do you determine whether to trust a login page on a CF site? A sloppy or naïve admin would simply take the basic steps to putting their site on Cloudflare, in which case the authentication traffic traverses CF. Diligent admins setup a separate non-CF host for authentication.
Doing a view-source on the login page and inspecting the code seems like a lot of effort. The source for the lemmy.world login page is not humanly readable. It looks as if they obfuscated the URLs to make them less readable. Is there a reasonably convenient way to check where the creds go? Do you supply bogus login info and then check the httpput headers?