• Welcome to the Off-Topic/Schweb's Lounge

    In addition to the Mac-Forums Community Guidelines, there are a few things you should pay attention to while in The Lounge.

    Lounge Rules
    • If your post belongs in a different forum, please post it there.
    • While this area is for off-topic conversations, that doesn't mean that every conversation will be permitted. The moderators will, at their sole discretion, close or delete any threads which do not serve a beneficial purpose to the community.

    Understand that while The Lounge is here as a place to relax and discuss random topics, that doesn't mean we will allow any topic. Topics which are inflammatory, hurtful, or otherwise clash with our Mac-Forums Community Guidelines will be removed.

How many IT professionals does it take to screw in a light bulb?

cptkrf

cptkrf


Joined
Dec 8, 2009
Messages
453
Reaction score
10
Points
18
Location
The same as Sheldon Cooper - East Texas
Your Mac's Specs
iMac 2014 i5 5k 32gb 1tb fusion, second TB display, 2014 MBA
If I had anything to do with an IT department now, the first questions at the monday morning meeting would be about security. Are all patches on, has every server been checked to see if one is missed, firewall up to date and so forth. Seeing the chaos of someone heisting a data file from just a game company, what is going to happen when a group penetrates the Federal Reserve or the core of a major bank. (You know. One that is Too Big To Fail.)

I have used an online trading company for years, and they have good security - at least on the customer end. My password there is massive and uses weird characters seldom seen outside of a programming script. And they tend to get paranoid if they see a different PC accessing the same account.

So, I needed to create an account at another one of the largest mutual and stock trading companies in the world. More to the point, they have a lot of my money. Everything went great until I fed it the new password that I had made up. One guaranteed to resist the cracking attempts of the new quantum computers that the hackers will soon have.

A problem. Error! No special characters are allowed! WTH? That is a security 101 item.

Ok, I'll brute force it by making a really long one.

Error! Sorry, passwords have to be twelve characters or less. That floored me. That is a security kindergarden no-no.

So, we have a company who does most of their business with customers via the Internet, holding a trillion dollars of customer's money (not all of that is mine) and requires their users create a password that would stand up against a single PC with a rainbow table for how long? 1 second? 5 seconds? 8 milliseconds?

An email to the company asking how long it had been since their chief security officer had gotten his GED has gone unanswered.

But my money is leaving them as fast as practicable.
 
vansmith

vansmith

Senior Member
Joined
Oct 19, 2008
Messages
19,924
Reaction score
559
Points
113
Location
Queensland
Your Mac's Specs
Mini (2014, 2018, 2020), MBA (2020), iPad Pro (2018), iPhone 13 Pro Max, Watch (S6)
There's a bank here (one of the largest as well) whose online password system requires that it be four letters and two numbers (at least at the time it did).

EDIT: Well, that seems to have changed. Their password page now suggests that you don't use 6 digit passwords (perhaps in an attempt to get people to move away from the old restrictions?).
 
S

Slydude

Well-known member
Staff member
Moderator
Joined
Nov 15, 2009
Messages
17,614
Reaction score
1,079
Points
113
Location
North Louisiana, USA
Your Mac's Specs
M1 MacMini 16 GB - Ventura, iPhone 14 Pro Max, 2015 iMac 16 GB Monterey
For the first few years that Safari was out one major bank had PC users run IE . Mac users were asked to run either IS for Mac which was dead at that point. Their other suggestion was version of netscape 4.something if I remember correctly. Also useless at that point.
 
louishen

louishen


Joined
Oct 22, 2007
Messages
8,967
Reaction score
287
Points
83
Location
London
Your Mac's Specs
Mac Mini Core i7 2012 | White 2009 MacBook 2 Ghz | 733 Mhz G4 Quicksilver
The quantum computers the hacker will soon have???

I don't think we'll see portable quantum computers anytime soon, you basically need a lab full of experts and all sorts of kit, so governments will be the first to realise them, and you can bet you cant just homebrew one up from available parts

Of course, once one can be created with enough working qubits brute force breaking of passwords will be child's play
 
OP
cptkrf

cptkrf


Joined
Dec 8, 2009
Messages
453
Reaction score
10
Points
18
Location
The same as Sheldon Cooper - East Texas
Your Mac's Specs
iMac 2014 i5 5k 32gb 1tb fusion, second TB display, 2014 MBA
louishen said:
The quantum computers the hacker will soon have???

I don't think we'll see portable quantum computers anytime soon, you basically need a lab full of experts and all sorts of kit, so governments will be the first to realise them, and you can bet you cant just homebrew one up from available parts

Of course, once one can be created with enough working qubits brute force breaking of passwords will be child's play
Click to expand...

Sorry. That part was just some heavy humor. I guess it was heavy on the serious and too light on the ha-ha part. None the less, a gang of serious crackers that gets ahold of a password file can find some pretty serious hardware to hammer on it with, even today.
 
XJ-linux

XJ-linux


Joined
Jul 2, 2007
Messages
3,494
Reaction score
204
Points
63
Location
Going Galt...
Your Mac's Specs
MacBookAir5,2:10.13.6-iMac18,3:10.13.6-iPhone9,3:11.4.1
IT and good judgement sometimes have a "oil and water" relationship. Regardless, any password is hackable, it's just a mater of time. You can significantly reduce the time with the application of more resources, which are secured easily enough with more money. If the right people want in, they'll get in. Complex passwords just narrow the group of people and organizations that can do as they please with the data you choose to allow others to steward at your behest.
 
dauber

dauber


Joined
Feb 14, 2008
Messages
443
Reaction score
13
Points
18
Location
Chicago
Your Mac's Specs
MacBook(3,1): C2D 2.2ghz, 4g RAM, 10.7.5; iMac(12,1): 2.5ghz i5, 16gb RAM, 10.9.1; iPhone5S iOS7.04
The Illinois Department of Labor web site will ONLY run on Internet Exploder. Nothing else.

BTW, should we be talking about breaking in via passwords? I thought discussing things that violate US law is forbidden on mac-forums.com.
 
vansmith

vansmith

Senior Member
Joined
Oct 19, 2008
Messages
19,924
Reaction score
559
Points
113
Location
Queensland
Your Mac's Specs
Mini (2014, 2018, 2020), MBA (2020), iPad Pro (2018), iPhone 13 Pro Max, Watch (S6)
No one is talking about methods of doing so and as such, the discussion is fine.
 
P

pendlewitch


Joined
Sep 10, 2011
Messages
1,823
Reaction score
51
Points
48
Location
Lancashire
Your Mac's Specs
MacBook Air M1 2020 Ventura 13.4.1 500Gb 8Gb. iPhone12, Watch 5, HomePods.
Anyway the answer is 3.

One to check the specs and compatibility and order it up;

one to install the bulb and get it up and running and

one to turn it off and then turn it back on again
 
dauber

dauber


Joined
Feb 14, 2008
Messages
443
Reaction score
13
Points
18
Location
Chicago
Your Mac's Specs
MacBook(3,1): C2D 2.2ghz, 4g RAM, 10.7.5; iMac(12,1): 2.5ghz i5, 16gb RAM, 10.9.1; iPhone5S iOS7.04
Which one of them documents the findings?
 

Shop Amazon


Shop for your Apple, Mac, iPhone and other computer products on Amazon.
We are a participant in the Amazon Services LLC Associates Program, an affiliate program designed to provide a means for us to earn fees by linking to Amazon and affiliated sites.
Top