Search
Search titles only
By:
Search titles only
By:
Forums
New posts
Search forums
What's new
New posts
Latest activity
Feedback
View Statistics
Members
Current visitors
Buy Sell Trade
WTB
Log in
Register
Search
Search titles only
By:
Search titles only
By:
New posts
Search forums
Menu
Install the app
Install
Reply to thread
Forums
Technology
Home Automation & Networking
OpenWRT compatible Router for 2024 in India
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Message
<blockquote data-quote="variablevector" data-source="post: 2516816" data-attributes="member: 121190"><p>I had 2FA with Google Auth turned on for all of my accounts. Password length matters in the context of how long someone running hashcat on a GPU cluster will take to crack it, but that obviously wasn't the vector they used to get me. </p><p></p><p>As for vpn, no, it was mullvad. Believing Windows Defender was 'good enough' is what got me into that mess. His laptop was fully updated and it still got infected. I later learned that he had possibly clicked on a spam email attachment. Obviously someone on this forum is unlikely to do that but for the average person who can make a mistake like that once in a while, you need more aggressive heuristic based detection and monitoring of network traffic, which defender doesn't do. I have Bitdefender installed on my dad's laptop now because that was the AV that finally detected it. </p><p></p><p>And no, it doesn't follow that just because someone was able to infect my dad's PC, they would therefore also be able to compromise my router. Look into the <a href="https://en.wikipedia.org/wiki/Swiss_cheese_model" target="_blank">Swiss Cheese Model Of Security</a>. Someone having access to an exploit that compromises one part of your network does not mean they have exploits for the others. Also, Openwrt has thousands of eyes looking over its source code, which in turn uses the Linux kernal, which possibly has tens of thousands of eyes on it. That is why it is *secure* for all the intents and purposes I care about.</p><p></p><p>This is a very good point, damn. I had probably logged into my gmail account on his laptop weeks ago and never logged out. It also explains how they were able to circumvent the 2FA.</p></blockquote><p></p>
[QUOTE="variablevector, post: 2516816, member: 121190"] I had 2FA with Google Auth turned on for all of my accounts. Password length matters in the context of how long someone running hashcat on a GPU cluster will take to crack it, but that obviously wasn't the vector they used to get me. As for vpn, no, it was mullvad. Believing Windows Defender was 'good enough' is what got me into that mess. His laptop was fully updated and it still got infected. I later learned that he had possibly clicked on a spam email attachment. Obviously someone on this forum is unlikely to do that but for the average person who can make a mistake like that once in a while, you need more aggressive heuristic based detection and monitoring of network traffic, which defender doesn't do. I have Bitdefender installed on my dad's laptop now because that was the AV that finally detected it. And no, it doesn't follow that just because someone was able to infect my dad's PC, they would therefore also be able to compromise my router. Look into the [URL='https://en.wikipedia.org/wiki/Swiss_cheese_model']Swiss Cheese Model Of Security[/URL]. Someone having access to an exploit that compromises one part of your network does not mean they have exploits for the others. Also, Openwrt has thousands of eyes looking over its source code, which in turn uses the Linux kernal, which possibly has tens of thousands of eyes on it. That is why it is *secure* for all the intents and purposes I care about. This is a very good point, damn. I had probably logged into my gmail account on his laptop weeks ago and never logged out. It also explains how they were able to circumvent the 2FA. [/QUOTE]
Insert quotes…
Verification
Post reply
Forums
Technology
Home Automation & Networking
OpenWRT compatible Router for 2024 in India
Top
Bottom