Διαδικασία ανάκτησης κωδικού σε plaintext στην ύδρευση Θεσσαλονίκης - eyath.gr
👍︎ 109
📰︎ r/greece
💬︎
📅︎ Feb 01 2021
🚨︎ report
I’ve devised a new puzzle, it decodes to a plaintext string. [X-POST R/PUZZLES]
👍︎ 94
📰︎ r/codes
💬︎
👤︎ u/nobody5050
📅︎ Feb 15 2021
🚨︎ report
Plaintext password in hostadp.conf

I was lead to believe that having a plain text password in any file is just bad for security. I want to set up my raspberry pi 4 as a temporary AP and all the howtos I see tell me to write my password in plain text in the .conf file. What am I misunderstanding here?

EDIT: example: https://iot4beginners.com/wifi-extender-using-raspberry-pi/

👍︎ 16
💬︎
👤︎ u/Deskbot
📅︎ Feb 19 2021
🚨︎ report
I’ve devised a new puzzle. It decodes to a plaintext string.
👍︎ 27
📰︎ r/puzzles
💬︎
👤︎ u/nobody5050
📅︎ Feb 15 2021
🚨︎ report
Clubhouse user IDs, Chatroom IDs are transmitted in plaintext over the internet theverge.com/2021/2/14/22…
👍︎ 13
💬︎
👤︎ u/riffic
📅︎ Feb 14 2021
🚨︎ report
Is unencrypted LAN->LAN wireless traffic plaintext to those not on your network?

Scenario: I'm communicating with my router's management interface wirelessly, self-signed untrusted cert. Of course someone who is on my network will be able to view this communication as plaintext.

What about an individual who is not authenticated into my network? Can my neighbour, for instance, intercept these unencrypted packets and gather information? Or is my wireless network traffic ALWAYS encrypted with the SSID's preshared key, and thus only decryptable to those with the wireless credentials?

👍︎ 3
💬︎
📅︎ Feb 12 2021
🚨︎ report
Clubhouse user IDs, Chatroom IDs are transmitted in plaintext over the internet twitter.com/stanfordio/st…
👍︎ 17
📰︎ r/hackernews
💬︎
👤︎ u/qznc_bot2
📅︎ Feb 13 2021
🚨︎ report
Bitwarden Pro Tip: If you ever download a plaintext version of your vault, after you're done transferring it or reviewing it do NOT put it in your recycle bin to delete it. Instead use a secure file deletion program like BleachBit.

Let's say you want to download your vault to put it into an encrypted Cryptomator or Veracrypt container. Once if you copied it into that container then you've still got your plaintext vault file on your computer.

There are two things you can do with this file:

  1. Simply delete it, which will send it to your recycle bin and you can empty your recycle bin later.

  2. Remove the file with a dedicated shredding program like BleachBit or CCleaner

When you delete a file on your computer via recycle bin it isn't really "deleted". It is simply hidden from your view and if you put more things in your hard drive your computer now has permission to put new files in its place. Imagine a house that you don't want anymore, so you throw a big tarp over it that says, "This space is available for anyone that wants to tear it down and build a new house over this land." This is why if you've accidentally deleted something from your computer, as long as you stop immediately and go to a data recovery place they should easily be able to recover your deleted file.

What a shredding program does is write over your file with a bunch of 1's and 0's. In our house analogy this is like bulldozing the house and covering it with fresh grass over the destroyed land. Not only can the system put a new file in that place, but any remains of that file are gone too. You would need a digital forensics expert to even attempt to recover anything shredded and even then it's most likely impossible.

The passwords in your vault are only as secure as your vault is. If someone stole your hard drive and ran a recovery program they could potentially get your vault even if you emptied it from the recycle bin. Also even if your computer is password protected your files are still easily accessible unless you encrypt your drive which most people don't do.

👍︎ 51
📰︎ r/Bitwarden
💬︎
📅︎ Dec 29 2020
🚨︎ report
File encrypter and wiper for plaintext exports (Alternative to the new Encrypted Export feature)

First of all, I am so happy about the new release and don't mean to dog on the developers. They do amazing work and I am so thankful!!

That being said, like many have mentioned the encrypted export feature that was just emplemeneted misses the mark on two major points of an encrypted export. 1. To be able to import it when you loose access to your account (i.e. make a new account and import it). 2. To be able to recover the data without Bitwarden in case something were to happen to Bitwarden.

So it looks like I'm going to have to keep encrypting my raw text exports. Although instead of just complaining I took it upon myself to create a shell script that'll encrypt your exports using gpg symmetric encryption and also securely wipe the plain text export. (WARNING: Due to the underlying design of SSDs, a secure wipe can't be achieved with an SSD)

Here's the GitHub link https://github.com/yoseph1998/secure-encrypt. It's very easy to use, just run the shell script and specify the file you want to encrypt or decrypt. As a bonus I've also included instructions on how to setup an alias so you don't have find the file and run it, instead just type in the alias command. This will also work to encrypt or decrypt more than just a bitwarden export, any file really.

Hope this helps someone. (If you've got a suggestion or find some issues/bugs let me know. I'll be happy to fix it.)

👍︎ 9
📰︎ r/Bitwarden
💬︎
👤︎ u/yoseph1998
📅︎ Jan 21 2021
🚨︎ report
Clubhouse user IDs, Chatroom IDs are transmitted in plaintext over the internet theverge.com/2021/2/14/22…
👍︎ 39
📰︎ r/privacy
💬︎
👤︎ u/riffic
📅︎ Feb 14 2021
🚨︎ report
This is a new low, even for Logitech software. Trying to reset my password and the email only contains plaintext that looks like a button
👍︎ 253
📰︎ r/LogitechG
💬︎
👤︎ u/illBelief
📅︎ Nov 16 2020
🚨︎ report
Is there any scenario where a "collision attack" isn't defeated by putting a salt in front of the plaintext?

In the references I've read, all the uses of "collision attacks", whether classical collision attack or chosen-prefix collision attack, go like this: "Alice creates a 'good' document and an 'evil' document that have the same hash. Alice presents the 'good' document to Bob, who signs it by taking a hash of the document and signing the hash. Alice now swaps out the 'evil' document and Bob's signature will still appear valid."

But aren't these attacks trivially defeated if Bob adds a salt in front of the plaintext (randomly generated each time, not known to Alice before she submits her document), hashes the concatenation of the salt and the plaintext, and then signs the concatenation of the hash and the salt?

I know this is a much-discussed idea (e.g. https://www.iacr.org/archive/crypto2006/41170039/41170039.pdf ), but I don't understand why this doesn't make the issue of "collision attacks" completely moot. Is there any scenario where you can't defeat the "collision attack" just by generating a one-time salt, putting it in front of the content being hashed, and then storing the salt and the hash?

👍︎ 2
📰︎ r/crypto
💬︎
📅︎ Jan 21 2021
🚨︎ report
CotEditor - a free, open-source plaintext editor written in Swift, with syntax highlighting and more coteditor.com/
👍︎ 44
💬︎
📅︎ Dec 29 2020
🚨︎ report
Recommendations for Colornote replacement with ability to import notes from csv/plaintext

So, I have used Colornote for years and recently needed to export my notes. Colornote only lets you export one by one which is no good when you have thousands of notes. Anyway, I managed to extract the notes from the database db file, but I'm now wondering if there are any good note apps that might let me import a bunch of notes from like a csv file for example.

I like the layout/backup options of colornote, but no option to export all notes is a game over for me now.

Any recommendations greatly appreciated, cheers!

👍︎ 8
💬︎
📅︎ Dec 30 2020
🚨︎ report
Introduction | Plaintext Productivity plaintext-productivity.ne…
👍︎ 2
💬︎
📅︎ Feb 14 2021
🚨︎ report
Why are password hashes stored in plaintext? Couldn’t someone retrieve the passwords if they knew the hash function being used?

I am going through some web development tutorials and I notice that some of them advise to use SQL and store a hashed version of the user's password. But isn't this insecure because anyone with the hash function could take the hashed password and decrypt it into the password?

👍︎ 3
💬︎
📅︎ Jan 04 2021
🚨︎ report
If one plaintext was sent under many keys and intercepted, can the plaintext th be recovered?

The attacker has access to N ciphertexts of the same length. The attacker knows these were all encrypted from the same plaintext using randomly chosen keys. The attacker has no information about the keys, but does have some statistical information about the plaintext (i.e. they know it's english text, or machine code, but other than that they know nothing).

Is it feasible for the attacker to recover the plaintext for large values of N (many ciphertexts)? What, if any, symmetric encryption schemes are vulnerable to this kind of attack?

👍︎ 15
📰︎ r/crypto
💬︎
📅︎ Jan 09 2021
🚨︎ report
Slack tells Android users to update their passwords after logging PWs in plaintext. lifehacker.com/update-you…
👍︎ 5
💬︎
👤︎ u/gimmebeer
📅︎ Feb 10 2021
🚨︎ report
Δημιουργία λογαριασμού στο SEPENET - Στέλνουν username/pass μέσα στο mail, plaintext. Δεν έχουν ιδέα από cyber security ή είμαι παρανοϊκός;
👍︎ 79
📰︎ r/greece
💬︎
👤︎ u/hostolis
📅︎ Nov 09 2020
🚨︎ report
Plaintext Productivity: Still productive after all these years | Michael Descy web.archive.org/web/20200…
👍︎ 2
💬︎
📅︎ Feb 14 2021
🚨︎ report
Google and plaintext passwords

When using chrome password manager, you can check and see all your saved passwords. Is this the norm on password managers? And why is storing passwords in plaintext a big deal, if Google does it anyways?

👍︎ 4
💬︎
📅︎ Jan 08 2021
🚨︎ report
Plaintext Logfiles

Could you PLEASE provide logfiles in Plaintext?! Or did at least someone reverse engineer how these are serialized?

It is so annoying to figure out why I cant play the game with absolutely no information!

^(Lorem ipsum dolor sit amet, consetetur sadipscing elitr, sed diam nonumy eirmod tempor invidunt ut labore et dolore magna aliquyam erat, sed diam voluptua.)

👍︎ 3
📰︎ r/VALORANT
💬︎
👤︎ u/TheVadammt
📅︎ Jan 10 2021
🚨︎ report
We're not saying this is how SolarWinds was backdoored, but its FTP password 'leaked on GitHub in plaintext' theregister.com/2020/12/1…
👍︎ 31
💬︎
👤︎ u/jpc4stro
📅︎ Dec 16 2020
🚨︎ report
Cardinality of plaintexts and ciphertexts

I'm reading Cryptography Theory and Practice and the definition of a cryptosystem defines the set of plaintexts and ciphertexts to be finite. I would have imagined that these sets would be countable. Is there a reason they are defined to be finite?

👍︎ 10
💬︎
📅︎ Dec 25 2020
🚨︎ report
Mimikatz pulled my plex password in plaintext

So, I'm messing around with Mimikatz on my server. This server runs a few services, one of which is Plex. Running the command 'vault::list' it pulled the Plex password. Im not surprised by this itself but what I am surprised at is that the password is in plaintext.

This shouldn't be expected should it? This should be something on Plex's side that needs to be stored as a hash.

👍︎ 137
📰︎ r/PleX
💬︎
👤︎ u/red_dog007
📅︎ Aug 19 2020
🚨︎ report
Appears that VZN is storing plaintext wireless passwords, help confirming?

When I log into my VZN account at verizon.com, there's a link labeled 'FiOS Quantum Gateway'. The linked page, also on verizon.com, displays both the CSID and the plaintext password for all three of my internal wireless networks.

I was pretty shocked to see this. It occurred to me that the verizon.com server might be hitting an undocumented API on the gateway device to retrieve the passwords, but that means VZN has that access to that in real time and that the gateway itself is storing plaintext passwords.

I tried to open a ticket with the first-level support folks, and they just couldn't understand what I was talking about. I'm writing a summary of my findings to send over to the VZN security group at corporate and would appreciate it if one or more of you folks who have FiOS would check that page on verizon.com to see if your passwords are being displayed as well.

It isn't so much that the passwords are displayed, it's that the actual password is being stored, not a hash of the password. This is beyond negligence if it is true, and I can't come up with any scenario where it isn't.

Anyone else see this?

👍︎ 8
📰︎ r/verizon
💬︎
👤︎ u/perrydBUCS
📅︎ Dec 06 2020
🚨︎ report
Recieving Passwort in plaintext

I forgot my password for my cell provider, so I requested a new one. I then had to enter the answer to one of my security questions e.g. Where did you grow up. After answering I recieved my password as plaintext via sms.

Isn‘t this a major security flaw, because in order to send me my password they would have to store it in plaintext or encrypted?

Edit: After doing some research i found out the following. They have two options to „reset“ the password, from which you can choose.

  1. You can get a link to reset it via email.
  2. They will send your current passwort via sms if you answer the security question.
👍︎ 3
💬︎
👤︎ u/b9a4c81f36
📅︎ Dec 01 2020
🚨︎ report
[Help] Manjaro KDE - Mount SMB share on login without storing password in plaintext

Here's the goal. I've recently set up a TrueNAS SMB share where I want to save my Steam games to. I want to therefore mount the samba share somehow.

The problem with most mount options is that it requires either I enter my password manually, or I have passwords stored somewhere in plaintext on disk. Neither of these is acceptable. I can access the shares using Dolphin (the KDE file manager), and I have passwords saved in my KDE wallet, so I'd like to use this if possible to automatically mount.

I've looked into gvfs-mount, but this command is not available (even though I've got all the gvfs-* packages installed).

What is the best way to mount (or let a program access) a samba share automatically without saving passwords in plaintext on Manjaro KDE?

👍︎ 6
💬︎
📅︎ Jan 15 2021
🚨︎ report
[Showoff Saturday] ctrlxv.io, no-auth realtime clipboard for plaintext with Stripe integration ctrlxv.io/
👍︎ 3
📰︎ r/webdev
💬︎
👤︎ u/dag0310
📅︎ Jan 16 2021
🚨︎ report
I made ctrlxv.io, a no-auth realtime clipboard for plaintext with Stripe integration ctrlxv.io
👍︎ 6
📰︎ r/webdev
💬︎
👤︎ u/dag0310
📅︎ Jan 10 2021
🚨︎ report
Using the Caesar cipher to convert encrypted text into plaintext, but I'm not getting the right output.

Hi guys,

I'm back again, lol. For my homework I'm supposed to convert some encrypted text into plaintext. My textbook briefly mentions code encryption/decryption and gives one example for each process, so I just used the code in the example. I'm able to execute my program (no syntax errors or anything) but my output is still not coming out right. Here is the code I have:

code = input("Enter the coded text:  ")distance = int(input("Enter the distance value:  "))plainText = "  "for ch in code:    ordvalue = ord(ch)    cipherValue = ordvalue - distanceif cipherValue < ord('a'):        cipherValue = ord('z') - \         (distance - (ord('a') - ordvalue -1))    plainText += chr(cipherValue)print(plainText)

I have multiple code and distance sets to input, and each one shows the expected output. However, when I run the code, it's not totally right. For example, if I input Lipps${svph% for the code and 4 for the distance, the output is supposed to be: Hello world! Instead, I am getting this: ello^2world with a underlined addition sign after "world" (note that the 2 is raised and actually appears smaller than how I have it typed here; I tried to copy and paste it but it wouldn't let me). Does anyone know why this is happening?

**Update: I got it! I didn't need the if statement. Thank you to everyone who helped. I knew learning Python would be hard, but damn it really is a lot (at least for me, lol)

👍︎ 24
💬︎
📅︎ Oct 26 2020
🚨︎ report
Kudos to D&D Beyond for making gender a plaintext field! [OC]
👍︎ 3k
📰︎ r/DnD
💬︎
👤︎ u/0atman
📅︎ Apr 11 2020
🚨︎ report
Test for passwords stored in plaintext twitter.com/Laughing_Mant…
👍︎ 332
💬︎
👤︎ u/bharatsb
📅︎ Sep 22 2020
🚨︎ report
First programmer to write a game in plaintext
👍︎ 427
💬︎
📅︎ Sep 12 2020
🚨︎ report
British Airways fined £20m for Magecart hack that exposed 400k folks' credit card details to crooks - Airline was saving domain admin creds and card details alike in plaintext theregister.com/2020/10/1…
👍︎ 115
📰︎ r/technology
💬︎
👤︎ u/Loki-L
📅︎ Oct 16 2020
🚨︎ report
Anyone use Signal-JW? Seems to have more features people ask about often such as plaintext chat export, ability to lock app with custom password, etc.

I came across this fork and it really made me notice how much we're missing in standard signal.

https://johanw.home.xs4all.nl/Signal/signal-jw.html

https://github.com/johanw666/Signal-Android

👍︎ 5
📰︎ r/signal
💬︎
👤︎ u/iwal3
📅︎ Oct 20 2020
🚨︎ report
This payment page asking you to confirm hidden account number puts it out in plaintext
👍︎ 7
💬︎
📅︎ Dec 07 2020
🚨︎ report
Passwords being sent in plaintext via email.

This is more curiosity than anything, but a company today sent me an email for an account I have with my login details, however the password was also included in the email but in regular plaintext.

Is this a breach of GDPR / Data protection etc?

👍︎ 7
💬︎
👤︎ u/xHarryR
📅︎ Oct 23 2020
🚨︎ report
We're not saying this is how SolarWinds was backdoored, but its FTP password 'leaked on GitHub in plaintext' theregister.com/2020/12/1…
👍︎ 3
📰︎ r/devopsish
💬︎
👤︎ u/oaf357
📅︎ Dec 17 2020
🚨︎ report

Please note that this site uses cookies to personalise content and adverts, to provide social media features, and to analyse web traffic. Click here for more information.