• ve2mrx



    Viewing 15 replies - 1 through 15 (of 155 total)
    • in reply to: Desktop or Laptop? What’s your choice? #2563923

      My choices:
      Daily driver: 15″ ThinkPad P-series with appropriate dock, 27″ 2k monitor, and mouse. Unplug the two dock cables and off you go!

      Think Station Tower with dual 24″ monitor, keyboard and mouse for the virtual servers and occasional gaming. Plenty of storage, memory and CPU power for the VMs and a chonky GPU for CAD and gaming, both occasional.

      Each purchased with a purpose in mind: Portable-ish laptop for on-the-go power computing, and a tower for fixed raw power. The Thunderbolt 3 dock makes the line blurry!

      • This reply was modified 3 months, 3 weeks ago by ve2mrx. Reason: Clarified the meaning of a sentence
    • in reply to: Dynamic or Static? Which do you choose? #2550874

      I use DHCP reservations in my router. DHCP hands out the IP I selected to the MAC address that asks for it for the devices where it matters. The others are assigned from the DHCP pool.

      So, I don’t have to configure and maintain static IPs but I still have fixed addresses for servers, scanners and printers!

      The best of both worlds!


      1 user thanked author for this post.
    • in reply to: Twitter accounts are 80% bots, expert says #2477430

      Ultimately, every website must stop relying on username/password combinations, which are inherently weak, and move to multifactor authentication (MFA) using secure tokens.

      Right, if the goal is to protect the account from other people. But in this scenario, the person abusing the account has the MFA credentials. I imagine that it isn’t that hard to distribute the codes to multiple machines when you have access to the token as would happen in a post farm…

      The only solution would be to limit to 3 logins at once (computer, tablet, phone) when MFA is active. And don’t make it too annoying or people will reduce their use! (But not bots!)

      My 0.02$


      2 users thanked author for this post.
    • in reply to: I have Outlook and can no longer connect to Gmail #2455088

      Exactly. And this app password cannot be used to take over the account, can be disabled by the account owner easily and is used only in the app it was installed in.

      Think of it as a rights-limited delegated account access that is limited to fetching and sending emails. If your workflow can’t tolerate this level of security, don’t use app passwords and find something that is recent enough to use Oath/2! It’s been out for a while now!

      The goal is to eliminate the use of full-access account credentials to log into email that can be stolen and used in account take-over. The app password generated prevents this and isn’t peppered all over the place (used by one known app), limiting who has access to it (hopefully used over TLS!).

      Sure, it is less secure, but it isn’t as much at risk as your account management password…


    • in reply to: I have Outlook and can no longer connect to Gmail #2452704

      Reading this, I can only picture a lonely server in a closet with a bunch of obsolete kit all over, lost somewhere in the basement of some building… Hopefully, it wasn’t walled-in! 😉


    • in reply to: The annoyances of the default behavior in Teams #2447933

      What annoys me the most is when you have an app that forces you to log in using your Microsoft account just so you have the extreme privilege of unticking the Start on boot checkbox!

      Skype, I’m looking at you!

      So I simply remove the autostart with the very useful tool Autoruns from Microsoft. Way more powerful than the in-box tools!


    • I’m surprised nobody mentioned Yubikey yet…

      I have two and I love their integration with websites. It allows you to enter the 2FA with a single touch of the key. Above all, they can store securely OTP keys  and with the companion app (mobile/computers) you can generate 2FA codes. Since you keep the key with you, it is never stored on the phone or computer!


    • This is why they also push for “PINs”, as those are unique to the machine they are set on. Think of PINs as local machine passwords.


      • This reply was modified 1 year, 4 months ago by ve2mrx. Reason: Clarified PINs
    • Using a non-changeable “password”? Bad idea. Especially DNA, it’s spread everywhere! Every hair or dead skin cell you lose can compromise your access!


      1 user thanked author for this post.
    • It took me some digging and reading before trusting HIBP with my passwords too! But I do now!


    • First, I am against password-less logon like Microsoft is pushing. That would be removing one factor.

      Second, I cheat at OTP activation by recording the otp:// url in my password manager. This way, I can activate more than one token for backup. As long as I don’t reuse passwords, keep my password manager safe and don’t lose my 2FA sources, someone at the other end of the world can’t log in.

      Of course, I don’t use SMS 2FA for anything I care about… Oh, I use none of those online password managers! Only local ones (sync’d by encrypted file).


    • in reply to: From remote? From local? #2441014

      I just wanted to add that there is a version called Lenovo Commercial Vantage for Lenovo business computers without the “fluff”. It is also manageable from Group Policy. Use it if your machine is supported!


      1 user thanked author for this post.
    • in reply to: From remote? From local? #2440908


      Lenovo Vantage is purposely delayed while the update team monitors the early deployment of updates. Updates are first published on the support website, then to Vantage database about two weeks later if everything looks fine. The idea is to only install good updates automatically.


      2 users thanked author for this post.
    • in reply to: Will your flip phone work tomorrow? #2427558

      Just a reminder : our increasing use of wireless “phones” causes a huge pressure in reallocating radio spectrum for mobile wireless device use. Every new bit open to reallocation is fought over in auction, and the scarcity causes reallocated bands to be used next to essential radio bands or services essential today like airplane radio-altimeters.

      The only sustainable solution to our growing number of mobile devices is to re-use the spectrum already allocated in faster and more efficient ways, meaning using less spectrum for the same data volume. This means de-commissioning less efficient systems and replacing them with better ones. So, rely on 4th generation GSM (4G) instead of the 3rd generation.

      With the 5th generation, millimetre wave links will help manage high density use (short-range very fast) by making coverage very local. This will allow re-use of frequencies in more zones within an area, reducing spectrum pressure, with generally faster links (all at the expense of higher energy use, unfortunately).

      Today, the best of both worlds is having a device using 4G until the performance of 5G is desired, and switching on-the-fly.

      Martin, hamradio operator since 1992

      Wireless isn’t magic, and far from simple! I prefer wired links whenever practical!

      2 users thanked author for this post.
    • in reply to: Will your flip phone work tomorrow? #2427260

      Of course, ALL 3G devices are affected in those ideas. IoT, alarms, cars, hobby projects, and phones…

      If it’s oldish and uses wireless phone technology, it’s worth checking if it uses 3G or newer!


    Viewing 15 replies - 1 through 15 (of 155 total)