Shame they didn’t include traffic to security.stackexchange.com . I would have thought that would show a more noticeable change. Also would be interesting to see what tags there show the biggest increases
“Why bother posting this?” - that’s easy, because it might hit the front page of HN and someone from Google might see it and actually apply human reasoning to the problem.
For uk banking systems it is very likely that the passwords are stored symmetrically encrypted with the key stored in an HSM (based on my experience working as an IT security consultant in UK banks).
Whilst limiting passwords isn’t good, with storage in that way i’m nt sure I see many viable attacks on a 12 char random password.
Online brute force will hit the lockout on the site, and even assuming you could get access to the server hosting the encrypted passwords and HSM you cant decrypt the passwords (unless they have made some horrific setup errors), so the only offline attack is to try and brute force the encryption key, which is unlikely to be easy.
If you base off alpine, you can get useful containers quite a lot smaller than 100MB.
One example i use is an agent i deploy to kubernetes clusters to do some security scanning. The scripts are ruby and the image clocks in at 9MB compressed https://hub.docker.com/r/raesene/kaa-agent/tags/
Have you tried pocket? I used to keep a load of bookmarks but the problem was that after a while many of the source urls would die off. So something like pocket is very handy as it takes a copy of the page you're interested in.
Gotta say I disagree with this. I'd say what it means Is recognize that DNS security is important and treat it as such.
The reason I disagree is that if you use something like gmail or outlook.com for logins/ password resets there Is a nasty potential problem which Is if the provider locks you out of your account you could be completely stuffed.
There have been cases of people losing access to their accounts because of ToS breaches in the past. If that account is your login account for other systems you could also lose access to those.
Yeah go look on security stackexchange and you'll see it quite a bit, people just cargo cult the idea of obscurity == bad and don't consider the points made in OP's article
It's never a good sign for your argument when you have to resort to ad hominem attacks.... No real point I trying to respond if that's your track but remember this is just a discussion on a website, no need to start throwing around personal accusations, for which you have no evidence.
Might I suggest you take a break from the keyboard, perhaps go for a nice walk in the fresh air:)
Of course I can as it was my personal experience. On the other hand you made a general assertion about their actions which really needs a citation.
Reinstalling an os is a technical task, which requires some knowledge to do effectively. Having been doing this for 25 years or so, I can safely say it's easier now than it used to be...
So a company who doesn't have a monopoly should be restricted from changing their product because it didn't use to be that way....
Seems a bit harsh to me... if Microsoft still occupied the same kind of dominent position they did 15 years ago it would be a different story, but now there are a lot more viable alternatives
So your pc or fedora has a bug which prevents you changing os and it then follows that Microsoft have a monopoly power in PCs... Sorry I don't quite think that follows
But surely they're not closing off the pc platform, just potentially restricting what can happen on their OS. You can still use PCs with linux without any lock in. Long gone are the days when Microsoft was a monopoly on client computing devices, these days we have linux, Mac osx, chrome OS, Android, steamOS and iOS.
Several of these other platforms are already closed to one degree on another, with iOS probably being the most restrictive, so I'm not sure I see Microsoft as being dominent enough to warrant a claim of monopoly power any more