"The net is getting a little safer for Google users Thursday, as the
company is unveiling an option for Google users to lock down their
accounts with more than just a password.
Starting Thursday all Google users can choose to turn on a so-called
΄two-factor authentication‘ feature, which will require them to type
in a special, short-lived second password in addition to their normal
password to get into their account. Users will be able to get the
codes via SMS or a phone call, or use smart phone apps for Android,
iPhone and Blackberry to generate the codes."
On Thu, 10 Feb 2011 15:35:55 -0500, Quaalude wrote:
> "The net is getting a little safer for Google users Thursday, as the
> company is unveiling an option for Google users to lock down their
> accounts with more than just a password.
>
> Starting Thursday all Google users can choose to turn on a so-called
> ΄two-factor authentication‘ feature, which will require them to type
> in a special, short-lived second password in addition to their normal
> password to get into their account. Users will be able to get the
> codes via SMS or a phone call, or use smart phone apps for Android,
> iPhone and Blackberry to generate the codes."
>
> http://www.wired.com/threatlevel/201...ogle-security/
WHO to trust...?...GOOGFLE with more Tech on you...or...your long,
complex password...?
> On Thu, 10 Feb 2011 15:35:55 -0500, Quaalude wrote:
>
>> "The net is getting a little safer for Google users Thursday, as the
>> company is unveiling an option for Google users to lock down their
>> accounts with more than just a password.
>>
>> Starting Thursday all Google users can choose to turn on a so-called
>> ΄two-factor authentication‘ feature, which will require them to type
>> in a special, short-lived second password in addition to their normal
>> password to get into their account. Users will be able to get the
>> codes via SMS or a phone call, or use smart phone apps for Android,
>> iPhone and Blackberry to generate the codes."
>>
>> http://www.wired.com/threatlevel/201...ogle-security/
>
> WHO to trust...?...GOOGFLE with more Tech on you...or...your long,
> complex password...?
>
> NO BRAINER...
>
> THANKS
On Thu, 10 Feb 2011 17:18:07 -0500, hierophant wrote:
> On Thu, 10 Feb 2011 15:46:14 -0500, DasFox wrote:
>
>> On Thu, 10 Feb 2011 15:35:55 -0500, Quaalude wrote:
>>
>>> "The net is getting a little safer for Google users Thursday, as the
>>> company is unveiling an option for Google users to lock down their
>>> accounts with more than just a password.
>>>
>>> Starting Thursday all Google users can choose to turn on a so-called
>>> ΄two-factor authentication‘ feature, which will require them to type
>>> in a special, short-lived second password in addition to their normal
>>> password to get into their account. Users will be able to get the
>>> codes via SMS or a phone call, or use smart phone apps for Android,
>>> iPhone and Blackberry to generate the codes."
>>>
>>> http://www.wired.com/threatlevel/201...ogle-security/
>>
>> WHO to trust...?...GOOGFLE with more Tech on you...or...your long,
>> complex password...?
>>
>> NO BRAINER...
>>
>> THANKS
>
> Exactly so, DasFox, exactly so. ;)
This TFA is full of PROBLEMS...NOOBS learn...WHY add coplxity when
secure PASSWORDS solve the non-problem...?
"DasFox" wrote in message news:ij25ej$678$1@news.mixmin.net...
> On Thu, 10 Feb 2011 15:46:14 -0500, DasFox wrote:
>
[All of heirophant's reply snipped]
>> On Thu, 10 Feb 2011 15:35:55 -0500, Quaalude wrote:
>>> http://www.wired.com/threatlevel/201...ogle-security/
>>> [Google adds two-factor authentication]
>>
>> WHO to trust...?...GOOGFLE with more Tech on you...or...your long,
>> complex password...?
You're right, should be a no brainer. Unfortunately, many people, obviously
yourself included, do not understand.
> This TFA is full of PROBLEMS... NOOBS learn...WHY add coplxity when
> secure PASSWORDS solve the non-problem...?
Because secure passwords are not enough. See in the article where it
specifically mentions that this is protection from keyloggers? Or did you
not actually understand the article?
With single factor authentication the attacker must compromise:
the computer you are on
This is a short target list.
With the basic two factor authentication like that being introduced, the
attacker must compromise
the computer you are on
the cell phone network
at the same time, by the same adversary. This is at least twice as
difficult.
By using the installed application on your phone, the attacker must
compromise:
the computer you are on
the smartphone you are using
at the same time, by the same adversary. This is even more difficult.
It is certainly possible to debate the complexities, but compromising two
devices is significantly more difficult than compromising one.
While the difference may not mean much to you, obviously you don't care
about security, the difference is some environments can be substantial. For
examples of these environments, again just read the article "Government
agencies, banks, ..."
Maybe if you made any effort to understand security, you might eventually
understand the reasons you are wrong so often.
Joe
On Thu, 10 Feb 2011 19:42:54 -0800, Joseph Ashwood wrote:
> "DasFox" wrote in message news:ij25ej$678$1@news.mixmin.net...
>
>> On Thu, 10 Feb 2011 15:46:14 -0500, DasFox wrote:
>>
> [All of heirophant's reply snipped]
>>> On Thu, 10 Feb 2011 15:35:55 -0500, Quaalude wrote:
>>>> http://www.wired.com/threatlevel/201...ogle-security/
>>>> [Google adds two-factor authentication]
>>>
>>> WHO to trust...?...GOOGFLE with more Tech on you...or...your long,
>>> complex password...?
>
> You're right, should be a no brainer. Unfortunately, many people, obviously
> yourself included, do not understand.
I am TECH, TECH understands...you're not talking to some NOOb from
NOOBLAND...
>> This TFA is full of PROBLEMS... NOOBS learn...WHY add coplxity when
>> secure PASSWORDS solve the non-problem...?
>
> Because secure passwords are not enough. See in the article where it
> specifically mentions that this is protection from keyloggers? Or did you
> not actually understand the article?
Keyloggers...?...FALSE diversion...from you AND GOOGLE...how many are
keylogged for Gmail accounts...MINOR...
> With single factor authentication the attacker must compromise:
> the computer you are on
> This is a short target list.
>
> With the basic two factor authentication like that being introduced, the
> attacker must compromise
> the computer you are on
> the cell phone network
> at the same time, by the same adversary. This is at least twice as
> difficult.
BUT you have given GOOGLE tons of personal information...FOR
WHAT...?...Subvert a Keylogger...?...LOL...PASS...
> By using the installed application on your phone, the attacker must
> compromise:
> the computer you are on
> the smartphone you are using
> at the same time, by the same adversary. This is even more difficult.
>
> It is certainly possible to debate the complexities, but compromising two
> devices is significantly more difficult than compromising one.
This I KNOW...
> While the difference may not mean much to you, obviously you don't care
> about security,
LIE...WHO put up the article...YOU...?...NO...This 'Fox did...so much
for that GARBAGE-LIE...
> the difference is some environments can be substantial. For
> examples of these environments, again just read the article "Government
> agencies, banks, ..."
Use GMAIL...?...Smoking much crack tonight...?
> Maybe if you made any effort to understand security, you might eventually
> understand the reasons you are wrong so often.
> Joe
Maybe if you weren't in ATTACK mode, you wouldn't LIE so much...
On Thu, 10 Feb 2011 19:42:54 -0800, Joseph Ashwood wrote:
> ecause secure passwords are not enough. See in the article where it
> specifically mentions that this is protection from keyloggers? Or did you
> not actually understand the article?
There is no mention of keyloggers specifically. The issue raised is
the use of public terminals where "password-stealing trojans" could
snag both password and username.
If your information is important enough for you to require TFA, then
it certainly should not be accessed via any public terminal.
<basic TFA snipped>
> While the difference may not mean much to you, obviously you don't care
> about security, the difference is some environments can be substantial. For
> examples of these environments, again just read the article "Government
> agencies, banks, ..."
>
> Maybe if you made any effort to understand security, you might eventually
> understand the reasons you are wrong so often.
> Joe
Joe, have you thought that your condescending tone brings no value to
this conversation?
I can distinctly remember seeing you make several boneheaded mistakes
on sci.crypt. Much like the one you made here.
Were you pleased to have been spoken to in the condescending way that
you were? How much do you think that approach lent itself to your
corrective action and to the health of the thread and the newsgroup?
-- heremypants@hushmail.com http://heremypants.weebly.com/
A pack of automatons is now savaging sci.cry in a premeditated flood*
of semi-relevant squamasious slotica, redolent from vestiges of*
turgid dogma. *Devolved and smarmy, they dramatically dilute the*
ubiquitous harmony. For example, see sci.crypt.research from March*
2000 where a similar flood has obscured somnial conveyances. Even apt*
and glib retractions have failed to squelch this marauding pollutant.*
A bleak future yawns before us in the face of such wanton
dispersants.*
The stultifying effect creates a quandry for sycophants and*
dilettantes, alike! Is it better to withdraw into safety or to brave*
the virtual talus fields unshod? But simply dawdling is no answer.*
Memorize the variagated nomenclature of chortles, but avoid the
scree.*
Elaborate embellishments grow as convoluted crenulations in ways that*
surprise even the most credulous amongst our underlings. Resplendent*
with chronisms, *Das blurts out, "You are now free to vacate with me!*
Come along, all of you." He looks at the nebulous expectations that*
flood like presentient clouds. They chatter to him like pernicity*
avails mnemoniacs. The residual structures that sink deeply into his*
care are subsumed before they balloon to encompass the soporific*
interstitials, while manifesting a pseudo-ventricular sponson four*
inches to the right of his smile.*
"DasFox" wrote in message news:ij2hic$kcf$1@news.mixmin.net...
On Thu, 10 Feb 2011 19:42:54 -0800, Joseph Ashwood wrote:
>> You're right, should be a no brainer. Unfortunately, many people,
>> obviously
>> yourself included, do not understand.
> I am TECH, TECH understands...
Well first, its debatable whether or not you are even tech, or even what
tech would mean, maybe if you understood the realities. As for
understanding, you have made every effort to make it clear you do not
understand.
> Keyloggers...?...FALSE diversion...from you AND GOOGLE...how many are
> keylogged for Gmail accounts...MINOR...
So basically, your answer to the major question, is no, you did not
understand.
> BUT you have given GOOGLE tons of personal information...FOR
> WHAT...?...Subvert a Keylogger...?...LOL...PASS...
This is where you once again show you did not understand. To start with, no
additional personal information disclosure is necessary, so you are
completely incorrect. Maybe if you bothered understanding anything, you
might get somewhere.
>> It is certainly possible to debate the complexities, but compromising two
>> devices is significantly more difficult than compromising one.
> This I KNOW...
Then you have the foundation to understand that two factor authentication is
more secure, the problem being that even though you show a tiny glimmer of
possibly understanding at least something:
> LIE...WHO put up the article...YOU...?...NO...This 'Fox did...so much
> for that GARBAGE-LIE...
You then stick your fingers in your ears and scream LALALALA to make sure
you never understand anything.
>>"Government
>> agencies, banks, ..."
> Use GMAIL...?...Smoking much crack tonight...?
I think you'd be quite surprised at who uses gmail. I know of multiple
financial services companies using gmail for their corporate (technically
limited partnerships) email. Maybe if you tried actually understanding . . .
I don't see any reason to continue this conversation, it has been shown
clearly that you are not understanding anything involved. If you actually
try to understand maybe you'll make progress. Instead, I'll end by quoting
myself, because its accurate:
>> Maybe if you made any effort to understand security, you might eventually
>> understand the reasons you are wrong so often.
Joe
"hierophant" wrote in message
news:ij2iki$3v3$1@news.eternal-september.org...
On Thu, 10 Feb 2011 19:42:54 -0800, Joseph Ashwood wrote:
>>[Some stuff]
> Joe, have you thought that your condescending tone brings no value to
> this conversation?
So to summarize your issue with what I wrote, you don't understand what is
being talked about, and don't even understand such basic terms as TFA (which
actually means The ****ing Article) so you have a problem with me.
> I can distinctly remember seeing you make several boneheaded mistakes
> on sci.crypt. Much like the one you made here.
Well that's a direct statement. Name several.
Now, for those of you reading that don't feel like reading hierophant's
reply, he may or may not provide. I will of course provide a direct rebuttal
to each of the "several" but fundamentally they are likely to be very
similar to the first sentence I wrote here ("So to summarize...").
> Were you pleased to have been spoken to in the condescending way that
> you were?
Not really, i would rather that those that refuse to understand reality not
require frequent adjustment. I commonly ignore them, but it seemed to be my
turn.
> How much do you think that approach lent itself to your
> corrective action and to the health of the thread and the newsgroup?
We seem to be generally taking turns pointing out the [incorrectness] of
DasFox, it was my turn. So how it lent itself was simply a matter of
pointing out reality, sometimes people don't like reality, that does not
change the fact that it is reality.
Joe
On Fri, 11 Feb 2011 21:01:51 -0800, Joseph Ashwood wrote:
> "DasFox" wrote in message news:ij2hic$kcf$1@news.mixmin.net...
>
> On Thu, 10 Feb 2011 19:42:54 -0800, Joseph Ashwood wrote:
>
>>> You're right, should be a no brainer. Unfortunately, many people,
>>> obviously
>>> yourself included, do not understand.
>
>> I am TECH, TECH understands...
>
> Well first, its debatable whether or not you are even tech, or even what
> tech would mean, maybe if you understood the realities. As for
> understanding, you have made every effort to make it clear you do not
> understand.
>
>> Keyloggers...?...FALSE diversion...from you AND GOOGLE...how many are
>> keylogged for Gmail accounts...MINOR...
>
> So basically, your answer to the major question, is no, you did not
> understand.
>
>> BUT you have given GOOGLE tons of personal information...FOR
>> WHAT...?...Subvert a Keylogger...?...LOL...PASS...
>
> This is where you once again show you did not understand. To start with, no
> additional personal information disclosure is necessary, so you are
> completely incorrect. Maybe if you bothered understanding anything, you
> might get somewhere.
>
>>> It is certainly possible to debate the complexities, but compromising two
>>> devices is significantly more difficult than compromising one.
>
>> This I KNOW...
>
> Then you have the foundation to understand that two factor authentication is
> more secure, the problem being that even though you show a tiny glimmer of
> possibly understanding at least something:
How can you debate I am Tech if you admit you don't KNOW WHAT Tech
means...?
>> LIE...WHO put up the article...YOU...?...NO...This 'Fox did...so much
>> for that GARBAGE-LIE...
>
> You then stick your fingers in your ears and scream LALALALA to make sure
> you never understand anything.
LIE...AGAIN...getting old...I didn;t become TECH by birth...
>>>"Government
>>> agencies, banks, ..."
>> Use GMAIL...?...Smoking much crack tonight...?
>
> I think you'd be quite surprised at who uses gmail. I know of multiple
> financial services companies using gmail for their corporate (technically
> limited partnerships) email. Maybe if you tried actually understanding . . .
Maybe you ought to EARN some money and let them know of Google's
EVIL...wow...
> I don't see any reason to continue this conversation, it has been shown
> clearly that you are not understanding anything involved. If you actually
> try to understand maybe you'll make progress. Instead, I'll end by quoting
> myself, because its accurate:
>>> Maybe if you made any effort to understand security, you might eventually
>>> understand the reasons you are wrong so often.
> Joe
On Fri, 11 Feb 2011 21:01:57 -0800, Joseph Ashwood wrote:
> "hierophant" wrote in message
> news:ij2iki$3v3$1@news.eternal-september.org...
>
> On Thu, 10 Feb 2011 19:42:54 -0800, Joseph Ashwood wrote:
>>>[Some stuff]
>> Joe, have you thought that your condescending tone brings no value to
>> this conversation?
>
> So to summarize your issue with what I wrote, you don't understand what is
> being talked about, and don't even understand such basic terms as TFA (which
> actually means The ****ing Article) so you have a problem with me.
I have a problem understanding why a professional would act with such
immaturity, lack of responsibility and cast such a poor shadow on his
profession and himself by acting out with such cruelty. DasFox may not
be the brightest among us but no one deserves your ungracious
attitude.
>> Were you pleased to have been spoken to in the condescending way that
>> you were?
>
> Not really, i would rather that those that refuse to understand reality not
> require frequent adjustment. I commonly ignore them, but it seemed to be my
> turn.
Your turn? As what? The neighborhood bully?
>> How much do you think that approach lent itself to your
>> corrective action and to the health of the thread and the newsgroup?
>
> We seem to be generally taking turns pointing out the [incorrectness] of
> DasFox, it was my turn. So how it lent itself was simply a matter of
> pointing out reality, sometimes people don't like reality, that does not
> change the fact that it is reality.
> Joe
You weren't pointing out realities, you were kicking sand in the face
of someone of lesser talent and experience. You have admitted as much.
But this is no matter. There are gobs of ego driven miscreants on
Usenet; it is my turn to point out _that_ reality of you to you. ;)
"hierophant" wrote in message
news:ij5bou$d24$1@news.eternal-september.org...
> I have a problem understanding why a professional would act with such
> immaturity, lack of responsibility and cast such a poor shadow on his
> profession and himself by acting out with such cruelty. DasFox may not
> be the brightest among us but no one deserves your ungracious
> attitude.
"He's a moron be nice" doesn't fly around here. One of the necessary
assumptions in cryptography is that people will bet their life on it,
because invariably someone does. Would you ever say "He's a moron let him
operate on me?" I know I wouldn't.
>> Not really, i would rather that those that refuse to understand reality
>> not
>> require frequent adjustment. I commonly ignore them, but it seemed to be
>> my
>> turn.
> Your turn? As what? The neighborhood bully?
My turn to exactly what I said, adjust his refusal to understand reality.
> You weren't pointing out realities, you were kicking sand in the face
> of someone of lesser talent and experience. You have admitted as much.
No, you seem to be the one insisting that somehow his "not [] the brightest
among us" somehow entitles him to being handled differently. I insist on
treating him exactly the same way I would treat anyone else who made the
same statements.
> But this is no matter. There are gobs of ego driven miscreants on
> Usenet; it is my turn to point out _that_ reality of you to you. ;)
It doesn't take an ego to see that he is wrong, it only takes being honest
to say that his views do not in any way reflect reality.
Now what we really see is that you made a direct accusation about seeing me
"make several boneheaded mistakes" and a direct request that you support
your viewpoint. You have failed to provide even one example.
> Now we know who you are and who I am.
Yes we most certainly do. One of us has insisted on dealing with reality,
the other refuses to deal with the real issue instead insisting on making
unsupported accusations, and maintains an insistence that somehow "being
less intelligent" means we should allow them to pretend.
If you would care to actually support even a single one of your accusations
with something intelligent, I will of course reply. If there is no
intelligence involved, there's no point in me replying again.
Joe
On Fri, 11 Feb 2011 21:01:57 -0800, Joseph Ashwood wrote:
Joe, have you considered that regardless your, my, DasFox' and all the
lurkers, our hearts beat as one? We may come from different abilities
and post in different forms. What value is there in denying either the
greatest of us or the least?
-- heremypants@hushmail.com http://heremypants.weebly.com/
On 11-02-12 3:12 AM, Joseph Ashwood wrote:
> "hierophant" wrote in message
> news:ij5bou$d24$1@news.eternal-september.org...
>> Your turn? As what? The neighborhood bully?
>
> My turn to exactly what I said, adjust his refusal to understand reality.
>
>> You weren't pointing out realities, you were kicking sand in the face
>> of someone of lesser talent and experience. You have admitted as much.
>
> No, you seem to be the one insisting that somehow his "not [] the
> brightest among us" somehow entitles him to being handled differently. I
> insist on treating him exactly the same way I would treat anyone else
> who made the same statements.
As someone who has "lesser talent and experience" myself, I want to be
corrected when I say something stupid. I'm here to learn, not to boast
about fictitious skills.
What leads me to get particularly annoyed at DasFox is that even though
I would never label myself as a "TECH" (or whatever), I actually do know
this stuff better than he does. But more importantly, his response to
being corrected is to dismiss and label those from whom he could learn.
I don't know if there is a community in which his self-declared
"TECHnical" prowess is respected. But if he is going to cross-post to
sci.crypt his technical assertions will be scrutinized just like anyone's.
>> Now we know who you are and who I am.
It's interesting that heirophant should say that to Joe. That is exactly
what DasFox said to me when I told him that someone claiming technical
status should know the difference between a brute force attack and a replay.
It seems like we have a community of people or puppets who make
unfounded claims and then act like they are the victims of some
persecution when they are told that they have been talking nonsense.
There's nothing wrong with ignorance, but ignorance coupled with extreme
arrogance is really nasty.
> If you would care to actually support even a single one of your
> accusations with something intelligent, I will of course reply. If there
> is no intelligence involved, there's no point in me replying again.
I agree with Joe here. I really shouldn't have taken the bait on this
whole thing. But somehow I do let myself get sucked in.
Cheers,
-j
--
Jeffrey Goldberg http://goldmark.org/jeff/
I rarely read HTML or poorly quoting posts
Reply-To address is valid
On 12/02/2011 9:04 PM, hierophant wrote:
> On Fri, 11 Feb 2011 21:01:57 -0800, Joseph Ashwood wrote:
>
> Joe, have you considered that regardless your, my, DasFox' and all the
> lurkers, our hearts beat as one? We may come from different abilities
> and post in different forms. What value is there in denying either the
> greatest of us or the least?
Wake up dick-head!
When someone claims to be an expert in a hard science (one that deals
with exacting facts and mathematical proofs) he had better be able to
back it up.
No one here has a problem with people who don't know it all, they only
have a problem with people who think they know it all but clearly don't.
The reason is simple and has already been stated - people bet their life
on crypto.
How does your warm touchy-feely idea respond to DasFox when his idiocy
gets someone robbed or blackmailed or even killed? Are his "feelings"
more important than that?
hierophant <heremypants@hushmail.com> wrote in
news:ij5pg0$4bf$1@news.eternal-september.org:
> On Fri, 11 Feb 2011 21:01:57 -0800, Joseph Ashwood wrote:
>
> Joe, have you considered that regardless your, my, DasFox'
> and all the lurkers, our hearts beat as one? We may come
> from different abilities and post in different forms. What
> value is there in denying either the greatest of us or the
> least?
Because the least of you - and it's a close race between you and
Dasfox to see who is the very least - continue to run your
idiotic mouths off spewing misinformation.
And you can't speak for anyone but yourself, and certainly not
'all the lurkers', you simpering and pretentious twit.
On 11-02-12 5:04 AM, hierophant wrote:
> On Fri, 11 Feb 2011 21:01:57 -0800, Joseph Ashwood wrote:
>
> Joe, have you considered that regardless your, my, DasFox' and all the
> lurkers, our hearts beat as one? We may come from different abilities
> and post in different forms. What value is there in denying either the
> greatest of us or the least?
When someone comes in boastfully labeling themselves as a "TECH"
(whatever that is supposed to mean) and actively insults everyone who he
perceives as having lesser skills them himself, and finally dismisses
and rejects any form of instruction or correction, I would say that
people have been remarkably polite to him.
As I said in another post on this question, there is nothing wrong with
ignorance (I've got a lot of that), it is ignorance coupled with extreme
arrogance that is going to provoke rebuke.
Cheers,
-j
--
Jeffrey Goldberg http://goldmark.org/jeff/
I rarely read HTML or poorly quoting posts
Reply-To address is valid
On Fri, 11 Feb 2011 21:01:57 -0800, Joseph Ashwood wrote:
> Joe, have you considered that regardless your, my, DasFox' and all the
> lurkers, our hearts beat as one? We may come from different abilities
> and post in different forms. What value is there in denying either the
> greatest of us or the least?
.... and if we all hold hands in a big circle, the sun will shine upon us
out of jesus's ******* ... and there'll be no more war, right?
"our hearts beat as one" are you ****ing serious?
If you don't like me, don't ****ing x-post into apas.
On Sat, 12 Feb 2011 10:30:13 -0600, Jeffrey Goldberg wrote:
> As someone who has "lesser talent and experience" myself, I want to be
> corrected when I say something stupid. I'm here to learn, not to boast
> about fictitious skills.
I have no qualms with this, it is the way that the correction is
attempted not the correction itself.
Joe is being hateful because it pumps up his ergo. He adnmits to it,
it is a serious character flaw and I hope it haunts him until he is
corrected.
Which reviewing his posting history will be about as soon as his
protιgι Ari Silverstein (Frank Camper).
> What leads me to get particularly annoyed at DasFox is that even though
> I would never label myself as a "TECH" (or whatever), I actually do know
> this stuff better than he does. But more importantly, his response to
> being corrected is to dismiss and label those from whom he could learn.
You only see what he types not the learning curve he has taken for
several years. You have a snapshot of DasFox, I have his history; I
now him personally and you do not. You're wrong. Stand corrected.
>>> Now we know who you are and who I am.
>
> It's interesting that heirophant should say that to Joe. That is exactly
> what DasFox said to me when I told him that someone claiming technical
> status should know the difference between a brute force attack and a replay.
Point?
> It seems like we have a community of people or puppets who make
> unfounded claims and then act like they are the victims of some
> persecution when they are told that they have been talking nonsense.
> There's nothing wrong with ignorance, but ignorance coupled with extreme
> arrogance is really nasty.
>
>> If you would care to actually support even a single one of your
>> accusations with something intelligent, I will of course reply. If there
>> is no intelligence involved, there's no point in me replying again.
>
> I agree with Joe here. I really shouldn't have taken the bait on this
> whole thing. But somehow I do let myself get sucked in.
>
> Cheers,
>
> -j
On Sun, 13 Feb 2011 02:52:00 +1000, David Eather wrote:
> On 12/02/2011 9:04 PM, hierophant wrote:
>> On Fri, 11 Feb 2011 21:01:57 -0800, Joseph Ashwood wrote:
>>
>> Joe, have you considered that regardless your, my, DasFox' and all the
>> lurkers, our hearts beat as one? We may come from different abilities
>> and post in different forms. What value is there in denying either the
>> greatest of us or the least?
>
> Wake up dick-head!
> On Fri, 11 Feb 2011 21:01:51 -0800, Joseph Ashwood wrote:
>
>> "DasFox" wrote in message news:ij2hic$kcf$1@news.mixmin.net...
>>
>> On Thu, 10 Feb 2011 19:42:54 -0800, Joseph Ashwood wrote:
>>
>>>> You're right, should be a no brainer. Unfortunately, many people,
>>>> obviously
>>>> yourself included, do not understand.
>>
>>> I am TECH, TECH understands...
>>
>> Well first, its debatable whether or not you are even tech, or even what
>> tech would mean, maybe if you understood the realities. As for
>> understanding, you have made every effort to make it clear you do not
>> understand.
>>
>>> Keyloggers...?...FALSE diversion...from you AND GOOGLE...how many are
>>> keylogged for Gmail accounts...MINOR...
>>
>> So basically, your answer to the major question, is no, you did not
>> understand.
>>
>>> BUT you have given GOOGLE tons of personal information...FOR
>>> WHAT...?...Subvert a Keylogger...?...LOL...PASS...
>>
>> This is where you once again show you did not understand. To start with, no
>> additional personal information disclosure is necessary, so you are
>> completely incorrect. Maybe if you bothered understanding anything, you
>> might get somewhere.
>>
>>>> It is certainly possible to debate the complexities, but compromising two
>>>> devices is significantly more difficult than compromising one.
>>
>>> This I KNOW...
>>
>> Then you have the foundation to understand that two factor authentication is
>> more secure, the problem being that even though you show a tiny glimmer of
>> possibly understanding at least something:
>
> How can you debate I am Tech if you admit you don't KNOW WHAT Tech
> means...?
>
>>> LIE...WHO put up the article...YOU...?...NO...This 'Fox did...so much
>>> for that GARBAGE-LIE...
>>
>> You then stick your fingers in your ears and scream LALALALA to make sure
>> you never understand anything.
>
> LIE...AGAIN...getting old...I didn;t become TECH by birth...
>
>>>>"Government
>>>> agencies, banks, ..."
>>> Use GMAIL...?...Smoking much crack tonight...?
>>
>> I think you'd be quite surprised at who uses gmail. I know of multiple
>> financial services companies using gmail for their corporate (technically
>> limited partnerships) email. Maybe if you tried actually understanding . . .
>
> Maybe you ought to EARN some money and let them know of Google's
> EVIL...wow...
For the record, I don't use gmail and try to avoid Google where I can.
But once again I find myself in a position to actually defend them.
Quote:
All in all it doesn't sound so bad and Google have been widely praised
for deploying the technology - but everyone seems to be missing the
elephant in the room - WHY THE HELL would anyone ever trust Google
with their phone numbers? END QUOTE
OK, I get it. But WHY THE HELL would anyone ever use gmail if they
don't trust Google with their phone numbers? Emails are a lot more
privacy sensitive than phone numbers. Unlike with their emails Google
can't listen to your phone calls (though I wouldn't be too sure about
that with Android )
Talking about the elephant in the room, how can anyone miss such
obvious conclusion? Looks like all the genius' in the crypto world in
this thread sure did.
Gmail already handles tons of very sensitive data. Nobody was forced
to sign up for their free services. If we all were mature and
responsible custoners like we claim to be (don't we?) there wouldn't
be a problem with Google at all. So, for all the trusting gmail
customers Google now rolled out a feature that improves security and
yes, privacy!
If you can show me where in the TOS they say they are going to sell
the phone number to cold calling agencies I take it all back...
> On Sat, 12 Feb 2011 02:02:05 -0500, DasFox wrote:
>
>> On Fri, 11 Feb 2011 21:01:51 -0800, Joseph Ashwood wrote:
>>
>>> "DasFox" wrote in message news:ij2hic$kcf$1@news.mixmin.net...
>>>
>>> On Thu, 10 Feb 2011 19:42:54 -0800, Joseph Ashwood wrote:
>>>
>>>>> You're right, should be a no brainer. Unfortunately, many people,
>>>>> obviously
>>>>> yourself included, do not understand.
>>>
>>>> I am TECH, TECH understands...
>>>
>>> Well first, its debatable whether or not you are even tech, or even what
>>> tech would mean, maybe if you understood the realities. As for
>>> understanding, you have made every effort to make it clear you do not
>>> understand.
>>>
>>>> Keyloggers...?...FALSE diversion...from you AND GOOGLE...how many are
>>>> keylogged for Gmail accounts...MINOR...
>>>
>>> So basically, your answer to the major question, is no, you did not
>>> understand.
>>>
>>>> BUT you have given GOOGLE tons of personal information...FOR
>>>> WHAT...?...Subvert a Keylogger...?...LOL...PASS...
>>>
>>> This is where you once again show you did not understand. To start with, no
>>> additional personal information disclosure is necessary, so you are
>>> completely incorrect. Maybe if you bothered understanding anything, you
>>> might get somewhere.
>>>
>>>>> It is certainly possible to debate the complexities, but compromising two
>>>>> devices is significantly more difficult than compromising one.
>>>
>>>> This I KNOW...
>>>
>>> Then you have the foundation to understand that two factor authentication is
>>> more secure, the problem being that even though you show a tiny glimmer of
>>> possibly understanding at least something:
>>
>> How can you debate I am Tech if you admit you don't KNOW WHAT Tech
>> means...?
>>
>>>> LIE...WHO put up the article...YOU...?...NO...This 'Fox did...so much
>>>> for that GARBAGE-LIE...
>>>
>>> You then stick your fingers in your ears and scream LALALALA to make sure
>>> you never understand anything.
>>
>> LIE...AGAIN...getting old...I didn;t become TECH by birth...
>>
>>>>>"Government
>>>>> agencies, banks, ..."
>>>> Use GMAIL...?...Smoking much crack tonight...?
>>>
>>> I think you'd be quite surprised at who uses gmail. I know of multiple
>>> financial services companies using gmail for their corporate (technically
>>> limited partnerships) email. Maybe if you tried actually understanding . . .
>>
>> Maybe you ought to EARN some money and let them know of Google's
>> EVIL...wow...
>
> For the record, I don't use gmail and try to avoid Google where I can.
> But once again I find myself in a position to actually defend them.
>
> <https://www.privacyinternational.org/blog/google-2-factor-authentication-gmail-just-cell-number-grab>
>
> from the article above:
>
> Quote:
> All in all it doesn't sound so bad and Google have been widely praised
> for deploying the technology - but everyone seems to be missing the
> elephant in the room - WHY THE HELL would anyone ever trust Google
> with their phone numbers? END QUOTE
>
> OK, I get it. But WHY THE HELL would anyone ever use gmail if they
> don't trust Google with their phone numbers? Emails are a lot more
> privacy sensitive than phone numbers. Unlike with their emails Google
> can't listen to your phone calls (though I wouldn't be too sure about
> that with Android )
>
> Talking about the elephant in the room, how can anyone miss such
> obvious conclusion? Looks like all the genius' in the crypto world in
> this thread sure did.
>
> Gmail already handles tons of very sensitive data. Nobody was forced
> to sign up for their free services. If we all were mature and
> responsible custoners like we claim to be (don't we?) there wouldn't
> be a problem with Google at all. So, for all the trusting gmail
> customers Google now rolled out a feature that improves security and
> yes, privacy!
>
> If you can show me where in the TOS they say they are going to sell
> the phone number to cold calling agencies I take it all back...
You may receive a"bespoke" targeted ad or marketing ploy on your
cellphone via text or image perhaps? Some may not mind this, or even
welcome it. It may not be possible in the future to prove or trace
where a database has been sold to, or made available to.
> For the record, I don't use gmail and try to avoid Google where I can.
> But once again I find myself in a position to actually defend them.
>
> <https://www.privacyinternational.org/blog/google-2-factor-authentication-gmail-just-cell-number-grab>
>
> from the article above:
>
> Quote:
> All in all it doesn't sound so bad and Google have been widely praised
> for deploying the technology - but everyone seems to be missing the
> elephant in the room - WHY THE HELL would anyone ever trust Google
> with their phone numbers? END QUOTE
>
> OK, I get it. But WHY THE HELL would anyone ever use gmail if they
> don't trust Google with their phone numbers? Emails are a lot more
> privacy sensitive than phone numbers. Unlike with their emails Google
> can't listen to your phone calls (though I wouldn't be too sure about
> that with Android )
>
> Talking about the elephant in the room, how can anyone miss such
> obvious conclusion? Looks like all the genius' in the crypto world in
> this thread sure did.
Let's not forget that at least one of them have corporate cutomers who
they have either advised to us Gmail or have refused to counsel them
on Google's ever growing anti-privacy stature.
> Gmail already handles tons of very sensitive data. Nobody was forced
> to sign up for their free services. If we all were mature and
> responsible custoners like we claim to be (don't we?) there wouldn't
> be a problem with Google at all. So, for all the trusting gmail
> customers Google now rolled out a feature that improves security and
> yes, privacy!
>
> If you can show me where in the TOS they say they are going to sell
> the phone number My first thought is that this is a ploy by google
> to cold calling agencies I take it all back...
My first thought on this was Google wants to:
1) capture and associate cellphone #s to gmail addresses 2) reduce
spam 3) reduce automated account creation by capcha-solving services.
Pretty clever really, and they were able to spin it as a "security"
feature that requires that you give up private and personally
identifying information (antisecurity). ;)
If Google really wanted to provide two-factor authentication without
forcing users to give up _more_ privacy, they could use used a
computer-based application, an instant message, a secondary email, or
any other communication channel.
-- heremypants@hushmail.com http://heremypants.weebly.com/
On Thu, 10 Feb 2011 17:18:07 -0500, hierophant wrote:
> On Thu, 10 Feb 2011 15:46:14 -0500, DasFox wrote:
>
>> On Thu, 10 Feb 2011 15:35:55 -0500, Quaalude wrote:
>>
>>> "The net is getting a little safer for Google users Thursday, as the
>>> company is unveiling an option for Google users to lock down their
>>> accounts with more than just a password.
>>>
>>> Starting Thursday all Google users can choose to turn on a so-called
>>> ΄two-factor authentication‘ feature, which will require them to type
>>> in a special, short-lived second password in addition to their normal
>>> password to get into their account. Users will be able to get the
>>> codes via SMS or a phone call, or use smart phone apps for Android,
>>> iPhone and Blackberry to generate the codes."
>>>
>>> http://www.wired.com/threatlevel/201...ogle-security/
>>
>> WHO to trust...?...GOOGFLE with more Tech on you...or...your long,
>> complex password...?
>>
>> NO BRAINER...
>>
>> THANKS
>
> Exactly so, DasFox, exactly so. ;)
They will try any way they can to prevent you from opting out, they
want to know as much as they can about you and everyone, for the
purposes of "national security" etc. I cannot see any legal pressure
on Google from the US Govt. at least not at the moment, in fact
they're "friends", if their recent collaboration in the Recorded
Future project is anything to go by, but the relationship could
change, yes.
<http://www.wired.com/dangerroom/2010/07/exclusive-google-cia/>
--
For a "quiet interlude"; take a 'Lude.
On Sun, 13 Feb 2011 01:48:54 -0500, Nathan See wrote:
> On Sun, 13 Feb 2011 01:48:03 -0500, katio wrote:
>
>> On Sat, 12 Feb 2011 02:02:05 -0500, DasFox wrote:
>>
>>> On Fri, 11 Feb 2011 21:01:51 -0800, Joseph Ashwood wrote:
>>>
>>>> "DasFox" wrote in message news:ij2hic$kcf$1@news.mixmin.net...
>>>>
>>>> On Thu, 10 Feb 2011 19:42:54 -0800, Joseph Ashwood wrote:
>>>>
>>>>>> You're right, should be a no brainer. Unfortunately, many people,
>>>>>> obviously
>>>>>> yourself included, do not understand.
>>>>
>>>>> I am TECH, TECH understands...
>>>>
>>>> Well first, its debatable whether or not you are even tech, or even what
>>>> tech would mean, maybe if you understood the realities. As for
>>>> understanding, you have made every effort to make it clear you do not
>>>> understand.
>>>>
>>>>> Keyloggers...?...FALSE diversion...from you AND GOOGLE...how many are
>>>>> keylogged for Gmail accounts...MINOR...
>>>>
>>>> So basically, your answer to the major question, is no, you did not
>>>> understand.
>>>>
>>>>> BUT you have given GOOGLE tons of personal information...FOR
>>>>> WHAT...?...Subvert a Keylogger...?...LOL...PASS...
>>>>
>>>> This is where you once again show you did not understand. To start with, no
>>>> additional personal information disclosure is necessary, so you are
>>>> completely incorrect. Maybe if you bothered understanding anything, you
>>>> might get somewhere.
>>>>
>>>>>> It is certainly possible to debate the complexities, but compromising two
>>>>>> devices is significantly more difficult than compromising one.
>>>>
>>>>> This I KNOW...
>>>>
>>>> Then you have the foundation to understand that two factor authentication is
>>>> more secure, the problem being that even though you show a tiny glimmer of
>>>> possibly understanding at least something:
>>>
>>> How can you debate I am Tech if you admit you don't KNOW WHAT Tech
>>> means...?
>>>
>>>>> LIE...WHO put up the article...YOU...?...NO...This 'Fox did...so much
>>>>> for that GARBAGE-LIE...
>>>>
>>>> You then stick your fingers in your ears and scream LALALALA to make sure
>>>> you never understand anything.
>>>
>>> LIE...AGAIN...getting old...I didn;t become TECH by birth...
>>>
>>>>>>"Government
>>>>>> agencies, banks, ..."
>>>>> Use GMAIL...?...Smoking much crack tonight...?
>>>>
>>>> I think you'd be quite surprised at who uses gmail. I know of multiple
>>>> financial services companies using gmail for their corporate (technically
>>>> limited partnerships) email. Maybe if you tried actually understanding . . .
>>>
>>> Maybe you ought to EARN some money and let them know of Google's
>>> EVIL...wow...
>>
>> For the record, I don't use gmail and try to avoid Google where I can.
>> But once again I find myself in a position to actually defend them.
>>
>> <https://www.privacyinternational.org/blog/google-2-factor-authentication-gmail-just-cell-number-grab>
>>
>> from the article above:
>>
>> Quote:
>> All in all it doesn't sound so bad and Google have been widely praised
>> for deploying the technology - but everyone seems to be missing the
>> elephant in the room - WHY THE HELL would anyone ever trust Google
>> with their phone numbers? END QUOTE
>>
>> OK, I get it. But WHY THE HELL would anyone ever use gmail if they
>> don't trust Google with their phone numbers? Emails are a lot more
>> privacy sensitive than phone numbers. Unlike with their emails Google
>> can't listen to your phone calls (though I wouldn't be too sure about
>> that with Android )
>>
>> Talking about the elephant in the room, how can anyone miss such
>> obvious conclusion? Looks like all the genius' in the crypto world in
>> this thread sure did.
>>
>> Gmail already handles tons of very sensitive data. Nobody was forced
>> to sign up for their free services. If we all were mature and
>> responsible custoners like we claim to be (don't we?) there wouldn't
>> be a problem with Google at all. So, for all the trusting gmail
>> customers Google now rolled out a feature that improves security and
>> yes, privacy!
>>
>> If you can show me where in the TOS they say they are going to sell
>> the phone number to cold calling agencies I take it all back...
>
> You may receive a"bespoke" targeted ad or marketing ploy on your
> cellphone via text or image perhaps? Some may not mind this, or even
> welcome it. It may not be possible in the future to prove or trace
> where a database has been sold to, or made available to.
What's the biggest asset of dotcom and now web2.0 companies? Their
userbase!
You think Google would risk it all, and the legal consequences? Of
course we are reminded of the wlan debacle.
According to their "joking" Schmidt they won't cross that "creepy
line" (yet?). I think selling phone numbers collected solely for
protecting an email account is way beyond that creepy line.
They might try one day like they did with buzz and wlan sniffing. But
if there is an outcry they'll back down. In the future the legal
pressure on Google from both USA and EU will increase as MS loses
traction and market share.
Based on all this I conclude as long as it's not in their TOS nothing
like that will ever happen. In the case that our senses of freedom
and privacy further erode, through governments, propaganda, laws and
pervasive corporations like Google and becomes reality there will be
a way to opt out.
On Fri, 11 Feb 2011 00:49:06 -0500, hierophant wrote:
> On Thu, 10 Feb 2011 19:42:54 -0800, Joseph Ashwood wrote:
>
>> ecause secure passwords are not enough. See in the article where it
>> specifically mentions that this is protection from keyloggers? Or did you
>> not actually understand the article?
>
> There is no mention of keyloggers specifically. The issue raised is
> the use of public terminals where "password-stealing trojans" could
> snag both password and username.
What a failed straw grab. Never mind little facts like the hugely vast
majority of your "password-stealing trojans" actually BEING key loggers, or
anything...
On Sun, 13 Feb 2011 01:56:48 -0500, hierophant wrote:
> On Sun, 13 Feb 2011 01:48:03 -0500, katio wrote:
>
>> For the record, I don't use gmail and try to avoid Google where I can.
>> But once again I find myself in a position to actually defend them.
>>
>> <https://www.privacyinternational.org/blog/google-2-factor-authentication-gmail-just-cell-number-grab>
>>
>> from the article above:
>>
>> Quote:
>> All in all it doesn't sound so bad and Google have been widely praised
>> for deploying the technology - but everyone seems to be missing the
>> elephant in the room - WHY THE HELL would anyone ever trust Google
>> with their phone numbers? END QUOTE
>>
>> OK, I get it. But WHY THE HELL would anyone ever use gmail if they
>> don't trust Google with their phone numbers? Emails are a lot more
>> privacy sensitive than phone numbers. Unlike with their emails Google
>> can't listen to your phone calls (though I wouldn't be too sure about
>> that with Android )
>>
>> Talking about the elephant in the room, how can anyone miss such
>> obvious conclusion? Looks like all the genius' in the crypto world in
>> this thread sure did.
>
> Let's not forget that at least one of them have corporate cutomers who
> they have either advised to us Gmail or have refused to counsel them
> on Google's ever growing anti-privacy stature.
>
>> Gmail already handles tons of very sensitive data. Nobody was forced
>> to sign up for their free services. If we all were mature and
>> responsible custoners like we claim to be (don't we?) there wouldn't
>> be a problem with Google at all. So, for all the trusting gmail
>> customers Google now rolled out a feature that improves security and
>> yes, privacy!
>>
>> If you can show me where in the TOS they say they are going to sell
>> the phone number My first thought is that this is a ploy by google
>> to cold calling agencies I take it all back...
>
> My first thought on this was Google wants to:
>
> 1) capture and associate cellphone #s to gmail addresses 2) reduce
> spam 3) reduce automated account creation by capcha-solving services.
>
> Pretty clever really, and they were able to spin it as a "security"
> feature that requires that you give up private and personally
> identifying information (antisecurity). ;)
>
> If Google really wanted to provide two-factor authentication without
> forcing users to give up _more_ privacy, they could use used a
> computer-based application, an instant message, a secondary email, or
> any other communication channel.
Use a prepaid non contract cellphone?
Also there are Plenty of really cheap cellphones available, so get one
and ONLY use it for things like this. Do NOT use it to store or
phone/text etc people etc you know or could be connected to you. ONLY
switch it on and use it away from home/work/friends etc etc locations
= No GeoTagging and/or the like
Just discovered that you can use a landline or mobile
And thinking about it more if you set either/both to block your
number before you make contact, you "should" be OK ?
--
A Billion for a Billion
On Sat, 12 Feb 2011 16:24:24 -0500, Prinzip Gavrilo wrote:
> On Fri, 11 Feb 2011 21:01:57 -0800, Joseph Ashwood wrote:
>
>> Joe, have you considered that regardless your, my, DasFox' and all the
>> lurkers, our hearts beat as one? We may come from different abilities
>> and post in different forms. What value is there in denying either the
>> greatest of us or the least?
>
> ... and if we all hold hands in a big circle, the sun will shine upon us
> out of jesus's ******* ... and there'll be no more war, right?
>
> "our hearts beat as one" are you ****ing serious?
>
> If you don't like me, don't ****ing x-post into apas.
Google Introduces Two Factor Authentication 
Linear Mode
