AbydosOne

1 hour ago, kacper6768 said:

Every time the 4k Video Downloader https://www.4kdownload.com program is launched, it checks the links

Let's back up... why do you want it to not check?

Just now, jetrock888 said:

Again I don't think you guys shouldn't work with them, raising money for kids was great, I am just annoyed I'm getting more than 1 email for a service I didn't even sign up for past the first step.

TBH, this is a pretty standard rate of emailing for a marketing push, especially when you're trying to "convert" someone who already showed interest. These aren't unsolicited if you started making an account, and they're reminding you to finish it.

If you have a problem with those emails, use the unsubscribe link in the email.

6 minutes ago, Tehkast said:

What is the biggest loss in tech that still upsets you a wee bit?

I went through three different Windows tablets over a 5-6 year span before I gave up on the concept and bought a convertible laptop.

1. Dell Venue 8 Pro ($200-ish): Win8 on 2GB of RAM was horrible. Screen got really discolored for some reason.
2. Microsoft Surface Pro 2 ($500-ish used): the battery management died so it always reported a full battery.
3. Asus Transformer T102HA ($300-ish): the CMOS battery died, so the clock wouldn't stay synchronized when it went to "sleep".

26 minutes ago, Lota_9 said:

I am trying to move some disk space over to the right of my C: drive for Windows so I can install some games.

You can only expand to the "right" in your drive. You'll need to use a disk partitioning software (with a preboot environment) in order to move your Windows install partitions over to the "left" into the unallocated space so you can expand to the "right".

22 minutes ago, adm0n said:

I think when you start using the microphone of the XM4s windows automatically switches you over to Bluetooth hands free audio, which has a vastly lower audio quality from what you are normally getting. And I'm not quite sure if there is a way to use the mic without it.

 

But besides that, the headphones doesn't support Bluetooth low latency mode, so you are likely getting 200ms+ audio delay on windows (android somehow manages fine without it though). So I'd recommend getting either a clip on mic and using them wired or getting a new dedicated headset.

11 minutes ago, wxkin said:

Thank you that's probably what's happening. I will get a new dedicated headset.

I've used my XM4s on Zoom calls on my laptop without issues... you should be able to change the audio and microphone inputs away from the "headset" settings to the other options.

6 minutes ago, Los_Jackal said:

Use \\[IP address]\Share Drive\ instead of \\TV-PC\Share Drive\.

Sometimes the local domain names don't get registered properly with your gateway, so IPs are the foolproof method.

Well, I'll be... IT got back to me...

Quote

Thanks for your interest in security, and for reaching out! Your password is not stored or accessible in plaintext. We conduct our audit on the encrypted hashes of the passwords through brute force, and if a matching hash is found then we know that password was weak. This process largely involves testing the known hashes of previously breached passwords from data leaks and common password patterns. For context, a hash is a one-way encryption of plaintext that creates a unique output (so if we find matching hashes, we know we’ve found a weak password).

They actually just dictionary/brute-forced it. That's actually kinda neat.

20 minutes ago, OhYou_ said:

if the server expects you to send it a hash to authenticate, then a hacker can simply send it the hash and get in. why would they need to brute force it.
there is no difference to what you are describing

This is different scenario than we're discussing.

If a bad actor had direct access to the server, we can surmise that encryption keys are either known or bypassed.

If I send encrypted plaintext of my password, bad actor now knows my plaintext password. If I send encrypted hash of my password, bad actor knows my hash, but not the text.

Either way, they can (in theory) use that password/hash to authenticate my account on this particular authentication system. The utility of knowing a password is to try it on different authentication systems. Assuming competent authentication design, the hashes will be salted to a particular application and submitting them to a different one will not result in a valid authentication (not saying there aren't incompetent ones out there).

My presumption is that AD servers store that password as a salted hash, and only ever receive a salted hash from the client via encrypted (TLS/SSL) channel (which seems logical, right?). So how does IT (functionally existing at the "direct access to server" point) know enough about the contents of my password for it to not pass audit if the plaintext is never sent to the AD server and (presumably) they didn't spend the time to brute-force unhash everyone's passwords?

Just now, OhYou_ said:

does it matter?

Encryption keys can be stolen; hash functions need to be brute-forced (there are some optimizations, which is why salting exists, but there's no universal reverse function by definition).

4 minutes ago, OhYou_ said:

your password is encrypted on your pc and sent to the server where it is decrypted back into cleartext. THEN it is hashed and compared to the stored hash.
it cannot be hashed on your pc because your pc is not the one verifying the password is the correct one

Hash algorithms are deterministic? If I hash my password or the AD server hashes my password, it's still the same hash... so why send encrypted-but-plaintext password when you could send encrypted-and-hashed password? Why have a remote cleartext step at all? All the server needs to do is compare the hashes, it doesn't need to know the original password string, right? Seems like a massive security hole to have cleartext passwords in RAM outside the client PC.

3 minutes ago, OhYou_ said:

sent to the server where its decrypted and verified

My understanding of password validation is that they compare the "encrypted"/hashed values. Passwords shouldn't ever be "decrypted", I'm pretty sure, especially if the "encryption" is a hash algorithm that is computationally very expensive to reverse.

3 minutes ago, Agall said:

Does your company have a 3rd party MFA software to log into your machine?

Nothing that runs before login, that I'm aware of. Obviously they have third-party permissions management, but I don't think it's low-level enough to get into the login process.

4 minutes ago, Agall said:

Effectively a keylogger to validate compliance before it reaches the DC?

Well that's not sketchy at all... maybe I should stop writing posts from my work computer lol

9 minutes ago, manikyath said:

also, if you have not changed your password since they implemented that strategy, they're doing something VERY fishy to figure out your password.

Yeah, this was the part that stands out. I haven't changed it since last June, and it didn't flag it then, so somehow they're accessing it in plaintext after the fact.

I emailed them back, just to see if someone would reach out to me about it (I doubt they will).

Lately, my corporate IT has taken it upon itself to "audit" our passwords and declare any as "being vulnerable to modern hacking techniques" (i.e. contain personally relevant strings, like, say, address number) needing to be changed.

I know exactly why my password doesn't pass muster (though work is the only place I use it, so IMO it's not that vulnerable, I'm just stubborn and our IT is notoriously not-competent), I'm just a little incensed that somehow IT can view passwords in plaintext!?

Does Active Directory not store hashed passwords? Is there a hashing algorithm that can extract substrings for comparison? ¹  Or is IT really so hypocritical as to actually store/unencrypt passwords in plaintext somewhere and then tell *us* to be more secure?

1 = The only way I could think this would be possible would be that the "hash" of the password would actually be a collection of hashes of various substrings when it's made, but I can't find an evidence that this is true.

3 minutes ago, PraisePuppy said:

Any and all help is needed as i have been thrown in the deep end and dont want to let him down

Hire an electrician before you hurt someone. There's no shame in admitting you don't know, and a bruised ego is better than a smoldering pile of ash.

37 minutes ago, Denteri said:

Do you have any idea what might be causing this?

Sounds like there's a short in the laptop and the brick is shutting down to prevent damage.

59 minutes ago, SetOutMode said:

I'm really not sure if this is a windows problem or a dock problem, but these two certainly don't seem to get along very well.

What does USBTreeView show for all three of them?

Actually, I saw this exact MO a week or two ago: make a simple post, get a few responses, make another post later that day, then go nuclear without provocation.

Just saying it's a pattern, not an incident.

3 minutes ago, Kid.Lazer said:

If you can find one of these devices (discontinued since last year, so probably ebay and the like) it basically tricks your PC into displaying one double-wide screen, then splits it off into 2 separate monitors. The downside being that windows snap features will not respect the screen split.

That still requires a DisplayPort input. My initial question is "why not just use an DP MST hub and two active DP->HDMI adapters?" The only usecase I see is for Macs, which don't support MST (for some reason)...

3 minutes ago, pJay_94 said:

Nope not for gaming, it's just browser, vscode and visual studio 

I'd get a DisplayLink adapter (not a knockoff one). They actually work pretty well for 2D stuff (I can even watch Youtube without issues on mine).

7 minutes ago, pJay_94 said:

Can anyone suggest me a HDMI adapter that can support to out display from both ports. 

Doesn't exist (practically). HDMI can only support one "display" worth of data at a time; HDMI splitters will just mirror one display onto two (identical) ones.

A USB-A to HDMI adapter may fit your needs if you aren't doing anything graphically intense on one of your extra displays.

1 hour ago, Aleph256 said:

So... What's the (probably obvious) thing I seem to have missed?

Make sure your port forwards are both UDP and TCP.

1 hour ago, Aleph256 said:

Do I actually need a domain name and can't just connect from an IP?

I don't believe you need a domain, but I think is somewhat integral to having a "true" crypto cert (which isn't really necessary for personal use).

1 hour ago, Aleph256 said:

Should I give up, buy a Pi and try again there?

To the credit of the PiVPN devs, it really does just work (much to my surprise, since the last time I tried to set up a VPN, it broke TrueNAS's VM IP configurations horribly).

1 minute ago, bikeman5 said:

bad experiences as in burning out speaker?

Burning out the amplifier. 

39 minutes ago, da na said:

If you only have 1 speaker (assuming it's in the middle),  I would actually recommend clipping both red and white into one of the red sockets and putting both black wires in "0", therefore you'll get both left and right channels out of the speaker. But, if you were only using one channel you would only need to connect the black (ground) wire from that channel.

I'd start with 6W and if that is too quiet go to 3W and then 1.5W if it's still too soft.

I've had extremely bad™ experiences with bridging amplified outputs together. I strongly recommend against this.

3 hours ago, Other James said:

Thanks Nvidia for sponsoring today's video. Enter for your chance to win your own 4080 Super https://gleam.io/E6Yvw/nvidia-rtx-4080-super-giveaway

Now that Lent's over I have somewhere to complain about this again: STOP TYING GIVEAWAYS TO XITTER. I refuse to support that platform and its owner. Your (Nvidia and AMD too) contestants are not your private viral marketing army, so stop treating us as such with the enticement of free stuff.

LTT needs to take them to task over these requirements/rules. Either they want to give out stuff to the community for free (no strings attached), or my participation in their "marketing schemes" must be materially compensated; none of this "chance" nonsense.

Protip though: you can just put @LinusTech (or any other big name you think of) in the box and it happily accepts it. Sorry not sorry.

6 minutes ago, Commander_Dork said:

I've heard about Vdevs

VDEVs are a part of ZFS, for clarification.

6 minutes ago, Commander_Dork said:

is it possible to have  Vdev with raid 0 on the drives and then have it backing up to another Vdev as well?

You could configure your OS to run periodic backups, but there isn't an inbuilt ZFS layout for that.

In spirit, it's like RAIDZ1/2/3, which have 1/2/3 disks of redundancy and read performance similar to pure RAID-0 (roughly scaling with (N - n), where N is number of disks and n is RAIDZ level). For more info, read up on Parity disks.