Recent content by Lob

  • Be sure to checkout “Tips & Tricks”
    Dear Guest Visitor → Once you register and log-in:

    This forum does not automatically send notices of new content. So if, for example, you would like to be notified by mail when Steve posts an update to his blog (or of any other specific activity anywhere else), you need to tell the system what to “Watch” for you. Please checkout the “Tips & Tricks” page for details about that... and other tips!

  1. Lob

    Secure Network On-the-Go or Lending to Strangers

    guest network, client isolation turned on. In theory she could be in space but nobody could hear her scream.... edit: buy the toy if you want the toy, not if you like the girl :D
  2. Lob


    Consider this; you're with a group of people and suddenly you're being chased by a zombie. You only need to outrun the slowest person..... That said, disable uPnP on your perimeter, enable client isolation on your network wherever possible and update whatever you can as soon as you can...
  3. Lob

    sso vs … not

    I think "Strong Authentication" is a must. We use smartcards and certificates to achieve this goal - which is very important for us when you consider both internal and external service authentication. It's especially important, in my opinion, when using Cloud-based services where we demand our...
  4. Lob

    ProtonMail "forced" to reveal users IP leading to arrest

    Indeed here in Switzerland, the legal process is clear; you need to come with concrete evidence that a criminal offence is being committed that would be prosecutable in a Swiss court. They don't entertain fishing expeditions with vague goals; that's an expensive journey of no reward....
  5. Lob

    FYI Using Google Voice instead of your mobile number for 2FA

    thanks, kwe, I am not seeing this. I have a verified phone number for my account but I can only delete it. It appears that the second factor can perhaps be to the phone number but the phone cannot be used in the password reset process - is that right? I am looking now.... Edit: "Recovery...
  6. Lob

    FYI Using Google Voice instead of your mobile number for 2FA

    Here's an interesting observation about Google which probably extends to GVoice..... If the attacker trying to take over your phone and your life is remotely skilled and motivated, he or she could simply get your Google account too. With MFA enabled, try logging in and then when the second...
  7. Lob

    Steve calls out Microsoft...

    While it might be possible to agree with @Steve in some ways, maybe the 25-year-old crap in some parts of Windows is actually very difficult to remediate without breaking something else. Clearly there were design decisions made many years ago when there was little Internet and mostly...
  8. Lob

    Browse Happy?

    did they have some kind of Norton badge proclaiming great website security or something?
  9. Lob


    @Steve mentioned this during the last show. I am now completing the joining of my two homes including synology boxes into a private network I can access anywhere. My media server at my holiday home connects into my windows server at home and plays movies across the link; yes, tailscale can have...
  10. Lob

    Spinrite 6.0 + IBM ThinkPad 600E - Freeze/Crash - Despair

    ship the device to @Steve :)
  11. Lob

    What do we think about [Project] Pegasus?

    It seems for some years now that an Israeli firm, NSO, has been selling their zero-click smartphone bugging software to vetted government bodies. The flaw was plugged some years ago in iOS 9.something but apparently is still present in modern OSes such as iOS 14.6. We should be worried for the...
  12. Lob

    Have you been referenced on Security Now!

    I never got mentioned on SN but my review of Smashing Security was mentioned at the end of episode 233.....
  13. Lob

    File Sync Recommendations?

    Relays. Saves some NAT forwarding......from what I see, the two devices cross-trust each other in some mutual authentication so having a connection broker relay doing some TURN/STUN-like function is OK from my point of view.....
  14. Lob

    File Sync Recommendations?

    I use SyncThing on two Synology NAS devices in two countries that works pretty well. It is open source and free plus uses TLS 1.3 for the transport encryption. Consider that a recommendation :)
  15. Lob

    Can you trust Apple’s iMessage encryption with your life?

    I frankly don't care. I will explain some reasons.... anything I submit onto any digital platform to share with someone else will potentially be copied somehow. Copy-paste, screenshot, photograph if I want to protect something, I will ensure a secret protects it and the counterparty will be...