close
  • Di chevron_right

    Any groupware you could advice?

    paulfree14 · pubsub.movim.eu / digital-life · Thursday, 10 August, 2017 - 22:54 edit

I'm looking for great floss that helps teams to collaborate. Is there any groupware you could advice?

  • Di chevron_right

    We not only need free software but free infrastructure

    paulfree14 · pubsub.movim.eu / digital-life · Monday, 7 August, 2017 - 10:25 edit

In this moment most of our online interactions pass through sever organized by companies with capitalistic interest. ...well and the interest of creating a good service. But still are they mostly organized through strict hierchical orga structure. The problem with this is that the power is not fair distributed. Thought it might be of interest to start building up the own infrastructure?

And I asume there are enough ppl interested in. A good start would be to get a discourse running with some folks through the fediverse as there are already +1 mio using it. Anyone in here interested?

  • Di chevron_right

    p2p server support via webtorrent

    paulfree14 · pubsub.movim.eu / digital-life · Tuesday, 1 August, 2017 - 23:35

why don't we share server costs via torrent? like ppl viewing a website sharing this data with other ppl just started to view the webside. And you even don't need fast upload rates as you can just have many small packages being distributed. Is there any argument speaking against that, beside the one it's under development?

check out #webtorrent if you haven't already https://webtorrent.io/ #p2p #server #internet #torrent

  • Di chevron_right

    Briar: new end to end secure chat app

    Supernova · pubsub.movim.eu / digital-life · Monday, 24 July, 2017 - 15:08

This looks promising.

  • link

    Briar

    Secure messaging, anywhere

  • 2 Comments

  • 24 July, 2017 Timothée Jaussoin

    Is it, again, another solution to do end to end encryption chat between devices? :p

  • person

    25 July, 2017 Supernova

    Yes, with the twist that (from what they claim) you have to meet in person to scan the other person's key. Seems to be targeted to journalists, activists, other groups who want secure communications.

  • Di chevron_right

    2FA (two factor authentication) done right?2FA (two factor authentication) done right?

    Supernova · pubsub.movim.eu / digital-life · Wednesday, 19 July, 2017 - 02:29 edit · 2 minutes

This is a follow-up on my previous post on people using social engineering to hijack someone's cell phone number to get their 2FA SMS messages. Original post is here

I could have named this post: Most sites do 2FA wrong; 2FA via SMS isn't true 2FA; A better 2FA

Anyway, yes I started out doing 2FA via SMS messages because that is what most websites prompt you to do, register your phone number to get a code via SMS to use as 2FA. I thought it was a great idea, until I read how easy it is for anyone to call your cell phone provider and "steal" your phone number and associate it with another physical phone. So they don't even need the phone that "you have", they just need your phone number. Not good! (I'm not even going to get into intercepting your SMS messages on the network).

But there is hope. Using an authenticator application on your phone, someone would truly need to steal your physical device for any chance at intercepting your 2FA method. Even if they do steal your phone number, they don't have the app on your phone. This seems much more secure.

Even before switching to an authenticator app I was getting annoyed by SMS 2FA. Most annoying would be sitting at a login screen for a minute or two just waiting for an SMS message to arrive. And sometimes the SMS wouldn't even arrive and I'd have to click "I didn't get the SMS" and try again. Such a waste of time. Authenticator apps are much quicker, the number is generated instantly.

If you have looked into these apps you have probably read about Google Authenticator and Microsoft Authenticator. I've used the Google one and it was fine, but I have since gone Google free on my Android, but there is another option that I have found is excellent called Duo Authenticator. It does present a warning about Google services not being installed but it works just fine. (If I remember correctly I used the Yalp Store app to download Duo from the Google Play Store without a google account). There are also some open source authenticator apps on FDroid but I haven't tried those.

The only thing that concerns me now is what happens if I upgrade my phone or lose it and need to replace it? If anyone knows please comment, I'll have to read up on that. Do I need to log into each website using my old 2FA app, then update the 2FA settings to my new phone?

How do you use 2FA?

  • Di chevron_right

    Welcome, what would you like to discuss?

    Supernova · pubsub.movim.eu / digital-life · Friday, 2 June, 2017 - 13:09 edit

I have created this new community called "Digital Life" as a space to post and discuss about aspects of coping with modern technology in our every day lives. I came to Movim looking for a more secure and focused way to socialize without being blasted by ads and news stories some analytics intelligence thinks I want to see. I want to be more secure and thoughtful about my online presence and what corporations or agencies can see and know about me.

So I am thinking about posting about some topics and hoping to get some discussion and tips from you about what you have done to manage your digital life. What do you want to talk about? Some ideas I want to throw out there to get more perspective on are:

  • Online opsec
  • email provider options and management
  • using vpn
  • syncing your data between multiple devices
  • going google/apple/facebook/whatever free
  • alternative application markets
  • digital currency
  • alternative operative systems
  • encryption

So look for my first topic post soon, and comment here if there is anything specific you would like to see posted.

-Supernova

  • Groups

    Official Movim Pod, hosted in Amsterdam - The Netherlands

  • Pictures 1 image

  • visibility