Welcome to Steve Gibson's Blog

  • Be sure to checkout “Tips & Tricks”
    Dear Guest Visitor → Once you register and log-in:

    This forum does not automatically send notices of new content. So if, for example, you would like to be notified by mail when Steve posts an update to his blog (or of any other specific activity anywhere else), you need to tell the system what to “Watch” for you. Please checkout the “Tips & Tricks” page for details about that... and other tips!

    /Steve.
  • Larger Font Styles
    Guest:

    Just a quick heads-up that I've implemented larger font variants of our forum's light and dark page styles. You can select the style of your choice by scrolling to the footer of any page here. This might be more comfortable (it is for me) for those with high-resolution displays where the standard fonts, while permitting a lot of text to fit on the screen, might be uncomfortably small.

    (You can permanently dismiss this notification with the “X” at the upper right.)

    /Steve.

Steve

Steve

(as in GRC)
Staff member
Feb 1, 2019
350
1
894
66
Southern CA, USA
www.grc.com
To receive notifications of future blog updates, move up one level by
clicking this link, then click the Watch/Unwatch button above/right.

Technically, I've been maintaining a blog for many years. But the term “maintenance” suggests being a far more active blogger than I've ever been. I've always had a WordPress blog, but there was so much overlap with what these forums can do, that it made no sense to have both. So I've moved my “Blog” here, where it belongs.

As you may have already noticed, the “Blog” concept has gradually broadened to include additional features, such as the “Work & Progress Tracking” thread, and likely other things in the future. So it's really going to more like “Steve's Hangout.” We'll see how it develops. And to that end, I'll endeavor to periodically post updates for all who care about what's going on, what I'm up to, what's next, and what plans I have.

And, as the note above reminds: You can control future eMail notifications using the Watch/Unwatch button above.
 
  • Like
Reactions: nostromov, 2jcm, TravisWalton and 30 others
Barry Wallis

Barry Wallis

Magician in Training
Sep 16, 2020
271
101
Oceanside, CA
barrythecook.wordpress.com
iSecurityGuru said:
Looking forward to your blog, Steve. I’ve subscribed to it via RSS.

I‘ve played around with Steve’s SQRL app for Windows to see how it works. But I have yet to integrate SQRL into my life. I would love to use SQRL on this blog, if the SQRL app platform of my choice is ready.
Click to expand...
It definitely works fine on Windows. What is the platform of you r choice?
 
iSecurityGuru

iSecurityGuru

Terence Kam
Sep 25, 2020
20
7
Sydney, Down Under (Australia)
iSecurityGuru.com
Barry Wallis said:
It definitely works fine on Windows. What is the platform of you r choice?
Click to expand...

I agree that Steve’s SQRL app works great in Windows 10.

But thanks to Microsoft losing control on their QA process, I’ve decided to stop using Windows 10 and switch to macOS instead. I’m looking forward to Apple releasing their Apple Silicon Mac before the end of the year.

I use iPadOS/iOS.

I don’t use Android, Chrome. I use Firefox on my Mac, but it is not my main browser.
 
  • Like
Reactions: wls and Mike in Cambridge
iSecurityGuru

iSecurityGuru

Terence Kam
Sep 25, 2020
20
7
Sydney, Down Under (Australia)
iSecurityGuru.com
I‘m thinking, maybe there needs to be a way to fund development of SQRL apps using crowdfunding. I’ve talked to a business associates who is in the app business about SQRL. Unfortunately, it is very hard to make a business case to develop SQRL apps.

Developing good quality apps requires a hefty commitment of time and effort. Ideally, the app developers for SQRL are paid for their time to focus solely on developing the best quality SQRL apps.

Maybe crowd-funding is the answer?
 
P

PHolder

Well-known member
Sep 16, 2020
609
2
292
Ontario, Canada
iSecurityGuru said:
maybe there needs to be a way to fund development of SQRL apps
Click to expand...

Okay, we have SQRL forums for a reason, and that reason is not to pollute these forums with SQRL related posts. Please take this discussion to the SQRL forums at https://sqrl.grc.com/

Also Terence, could I please request you reconsider the length of your signature, to try and keep the signal to noise ratio down. I think you could probably manage with, say, three lines total, one of which would be a link. Surely all those other interesting ways to reach you are all listed on just one "about you" page somewhere.
 
  • Like
Reactions: nostromov and Barry Wallis
A

AlanD

Well-known member
Sep 18, 2020
208
72
Rutland UK
It works for me, although you have to sign up for TestFlight and then apply for an invitation. It is not yet available in the Apple Store.
 
Todd

Todd

New member
Sep 27, 2020
2
0
Love the nice shiny new forums you got here Steve!

Suggestion: I'm one of those people who care about security but not so much that I spend many hours each week reviewing the latest trends, issues, hacks, etc... Rather, I look to people I trust and who are much smarter than I to get a handle on the latest security issues/news.

It would be awesome if you could keep an up-to-date list of security related software you use that people like me could reference.

I have been using LastPass ever since you reviewed it a while back but in recent times I have been concerned about it's stakeholders and the changing of the guard. Do you still use it? If not, what do you use? These are the kinds of questions that could be answered by a 'living' document that you keep updated and your followers could use as a reference.

Thanks for all you do!
 
Steve

Steve

(as in GRC)
Staff member
Feb 1, 2019
350
1
894
66
Southern CA, USA
www.grc.com
Todd...
Time has shown that I'm no good at maintaining living documents. I'm FAR better at storing dead documents. Just look at my site! But, seriously... What you're suggesting is a thankless effort. And it's not that I need thanks... it's that I always have new and more interesting things to do. And they capture my attention completely. If I can figure out how to maintain living documents after I'm dead, then you've got yourself a deal! (y)
 
  • Like
  • Haha
Reactions: nostromov, Red, Alex Ilin and 9 others
Todd

Todd

New member
Sep 27, 2020
2
0
LOL! Ok, fair enough. Maybe you and Leo can discuss the state of password managers in an upcoming Security Now episode.

And it would not be a thankless endeavor! I got 5 bucks I can Paypal you right now!! :)
 
O

oldpeculier

New member
Sep 30, 2020
1
3
Todd said:
I have been using LastPass ever since you reviewed it a while back but in recent times I have been concerned about it's stakeholders and the changing of the guard. Do you still use it? If not, what do you use? These are the kinds of questions that could be answered by a 'living' document that you keep updated and your followers could use as a reference.
Click to expand...

Hi Todd

Like you, I have been a long time user of LastPass but for the same reasons, decided to move elsewhere about 2 years ago.
I decided on Bitwarden, an open source password manager with desktop, web browser & mobile versions.
Bitwarden has a clean interface and is simple and easy to navigate. It has a free forever version for up to 2 users or premium versions for teams & enterprise.
I have been really pleased with the switch to Bitwarden.

Bitwarden is committed to regular cadence of security audits of their source code & platforms, the latest one completing in July 2020.

There are plenty of very positive reviews on password manager review sites. Worth checking out Bitwarden's website for more details.
 
  • Like
Reactions: danlock, Keezer and internet
P

propolis

New member
Sep 30, 2020
1
0
oldpeculier said:
Like you, I have been a long time user of LastPass but for the same reasons, decided to move elsewhere about 2 years ago.
I decided on Bitwarden, an open source password manager with desktop, web browser & mobile versions.
Click to expand...
I switched to Bitwarden about a year ago and then discovered and switched to Strongbox (https://strongboxsafe.com/personal/). It is macOS and iOS only so won't find favour with Steve or Leo but it is built on the KeePass database, is open source and is firmly TNO as by default the database is not stored in a public cloud. Personally I do store it in an iCloud folder so that I can sync passwords between my Mac and iPhone and but then I'm ok with that. But if you don't trust Apple's cloud then you could use Syncthing for decentralised syncing - another of Steve's favourites.
 
Happenstrance

Happenstrance

Member
Sep 30, 2020
5
1
PHolder said:
Okay, we have SQRL forums for a reason, and that reason is not to pollute these forums with SQRL related posts. Please take this discussion to the SQRL forums at https://sqrl.grc.com/
Click to expand...
I have to say I was confused why the SQRL forums are completely separate from these, requiring me to register here (which felt like re-registering) instead of existing as a subforum category. It just seems a duplication of effort.
 
You must log in or register to reply here.
Top Bottom
  • This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn more…