1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Other What's ruining your life right now?

Discussion in 'General' started by TheMusician, 28 Oct 2009.

  1. Fingers66

    Fingers66 Kiwi in London

    Joined:
    30 Apr 2010
    Posts:
    8,664
    Likes Received:
    906
    Just over 30 years ago, ending up in the UK after some world travels, no one would give me a bank acoount. I went to every bank in London and, in the end, a building society gave me an account after I had to source a letter from my NZ bank saying that I had been a customer there for 5 years. Not one was interested in my UK passport, drivers license, NI number, rental agreement, work contract, employer references etc.

    It has got better but, as always with banks, process progress is glacial whilst progress in fancy "apps" and false advertising is speedy.
     
  2. liratheal

    liratheal Sharing is Caring

    Joined:
    20 Nov 2005
    Posts:
    11,678
    Likes Received:
    1,253
    Phone apps can eat my asshole, seriously. Why anyone wants anything on something so easily lost or stolen that goes anywhere near their finances boggles my mind. MFA, sure, but banking apps? Eugh.

    One of the banks I'm with here has seven different apps to manage the same account, depending on what you want to do Of which I think three need different passwords. Or a web page that appears to have been built by scanning dot matrix printouts.

    The other one has a similar number of apps, a slightly slicker web page, but the English version shows how much attention they actually paid to their applications or web pages. It's so bad I opt for the German version - But since my phone is in English, the app auto-selects the language and has no ability to be changed manually.

    The order will be executed if disposition is positive.

    That's a common sentence in their world, apparently.

    Honestly it's enough to make me want to buy a fire proof safe and store money under my bed :/
     
  3. Almightyrastus

    Almightyrastus Rule #9

    Joined:
    21 Mar 2002
    Posts:
    5,734
    Likes Received:
    407
    We had similar difficulties after I first imported my wife from The Netherlands. We had to get her driving licence swapped over to a UK one (which was VERY easy to do) before a bank would even begin to start looking into anything for her. It became easier when the lovely woman who was trying to sort things for her realised that I had been banking with them for years, had a substantial credit card with them (even if it was empty at the time, gods I miss those days), and we were sharing the same address. Once all that went through she was sorted.
     
  4. Byron C

    Byron C Probably isn't Hitler, but definitely a muppet

    Joined:
    12 Apr 2002
    Posts:
    6,321
    Likes Received:
    1,304
    Laughs in Monzo.

    Honestly though, if someone nefarious gets their hands on my phone I am screwed, banking app or no banking app. The amount of private information that can be accessed from a modern smartphone is mind-boggling. There's a reason I was really reluctant to switch back to Android, a platform notorious for its fragmentation and utter lack of security/OS updates and fixes.

    In fact you don't even need physical access to my actual phone to do it. All an impostor has to do is fool EE: "Update your address, sir? Sure, you passed security checks, no problem. Oh you lost your phone when you were moving? Let's send a new SIM card to your new address and invalidate the one you lost.". Pretty much any password reset process or two factor authentication is 100% moot when someone can intercept your text messages.

    One of my biggest downfalls is the convenience of my Google account. There are only a few sites/services for which it does not have a stored password. I'd love to extricate myself from that dependence, but I don't trust a third-party company to keep my passwords safe - ironically, in that specific context I trust Google more than I do someone like LastPass. And I can't currently buy a Mooltipass because they've suspended sales until the new BLE model is finished.
     
  5. mrlongbeard

    mrlongbeard Well-Known Member

    Joined:
    31 Jan 2010
    Posts:
    1,875
    Likes Received:
    312
    I opened a new bank account (TSB) 2 years ago, did it all online without leaving my chair and had a cheque book and cards delivered within a week.

    Before that the last account I opened was 20+ years ago so buggery know what hoops I may have had to jump through.
     
  6. liratheal

    liratheal Sharing is Caring

    Joined:
    20 Nov 2005
    Posts:
    11,678
    Likes Received:
    1,253
    Oh, absolutely, it's why my phone is as sanitized as I can make it while still retaining the required functions - MFA, phone, text, email and, unfortunately, whatsapp.

    It's crossed my mind, more than once, to retire this phone to MFA duties and getting one of those Nokia banana phones for the functions I actually require from a phone. What puts me off is needing to then remember to charge the damnable "phone" at home.

    I've entertained, more than once, building an android based device that is dumb to all phone queries and runs purely for MFA functionality - But I could never find a way to make it pocket sized enough that I'd consider carrying it as well as a more old fashioned phone.

    The closest I could come up with was a media player that was small enough to consider - But the absurd cost of the unit, plus needing to get wise to custom flashing a version of Android.. Bleh.
     
  7. Byron C

    Byron C Probably isn't Hitler, but definitely a muppet

    Joined:
    12 Apr 2002
    Posts:
    6,321
    Likes Received:
    1,304
    If there was a way to do two-factor authentication without the need for an internet connection (whether a home connection or a cellular connection) it would be good. I know there are lots of options out there such as YubiKey and similar, but there's very little support for them from what I can see. Plus there's always the risk of losing a physical key for which there is no backup (short of a second device stored in a secure location); internet or SMS-based 2FA solves that problem neatly, but then we're back to the same weaknesses.

    TBH I think for the vast majority of people a password manager, protected by a good password, and 2FA is probably 'good enough'. If you're careful with personal information and follow good digital security hygiene, then you are unlikely to be specifically targeted if you don't have a public profile. If you are unlucky enough to be specifically targeted then nothing will stop someone who is really dedicated; the best you can do is limit your attack surface ahead of time.

    I would just like to get to the point where I am not reliant on handing my passwords over to Someone On The Internet, even if that 'Someone' is someone who exists only to manage passwords.
     
  8. bawjaws

    bawjaws Well-Known Member

    Joined:
    5 Dec 2010
    Posts:
    3,827
    Likes Received:
    584
    Yeah, I opened a current account with <a major UK bank> last year and it was all done online and the whole thing was completed from start to finish within about 10 days.
     
  9. Gareth Halfacree

    Gareth Halfacree WIIGII! Staff Administrator Super Moderator Moderator

    Joined:
    4 Dec 2007
    Posts:
    13,607
    Likes Received:
    2,627
    That'd be RFC 6238. The overwhelming majority of my second factors use that, and work fine without an internet connection or SMS. Steam, GitHub, Amazon, bunch of random cryptocurrency exchanges, Google, Dropbox, Twitter, Nintendo, my UK Government Gateway account, Guild Wars 2, Cloudflare...
     
  10. Byron C

    Byron C Probably isn't Hitler, but definitely a muppet

    Joined:
    12 Apr 2002
    Posts:
    6,321
    Likes Received:
    1,304
    I knew you might have a few things to say about this subject :thumb:

    Do you use a hardware module to support that? If so, which one do you use? Happy to do some reading into this, if you have any pointers :).
     
  11. Gareth Halfacree

    Gareth Halfacree WIIGII! Staff Administrator Super Moderator Moderator

    Joined:
    4 Dec 2007
    Posts:
    13,607
    Likes Received:
    2,627
    I've played around with it on a variety of platforms, including an MSP430 watch, but it's literally just an app on my phone. Scan the QR code with the camera to sync, confirm it's worked by typing in the current code, job done - no internet connection required or desired. (One exception: Steam Guard uses its own TOTP implementation, so I need the Steam app for that - but, again, it doesn't need to be online to generate a code.)
     
  12. Byron C

    Byron C Probably isn't Hitler, but definitely a muppet

    Joined:
    12 Apr 2002
    Posts:
    6,321
    Likes Received:
    1,304
    Wait... I've got four 2FA apps on my phone: Blizzard Authenticator, Microsoft Authenticator, Google Authenticator, and Authy. Five, if you count Steam's app. Both Authy and Google Authenticator implement RFC 6238, and I did not realise that that's an offline thing - I assumed it needed an internet connection...

    I guess what I really want then is a smartphone-free implementation. Adoption of Fido U2F/Fido2 looks to be pretty slow, so I don't think that's going to be a solution any time soon. I guess at least if I can move passwords off my Google account into physical hardware then I at least won't have both passwords and 2FA dependent on the same account (reducing your attack surface and all that).
     
  13. liratheal

    liratheal Sharing is Caring

    Joined:
    20 Nov 2005
    Posts:
    11,678
    Likes Received:
    1,253
    I looked into Yubikey and came to much the same conclusion. I could use it for a lot of things, but with banks and some digital distributor platforms locking **** to their own MFA device meaning I'd still need MFA apps on the phone? Yeah it pretty quickly got thrown in the "sod that" pile.

    Absolutely, there are more ways into most things than just your password and MFA device (Something my girlfriend doesn't get, given how much paperwork she tries to just throw out with huge amounts of personal information on..) and anyone dedicated enough will get in.

    However, I don't believe most people are interesting enough to get someone dedicated to nicking their stuff, but to leave it all on a phone that can be casually lost, and picked up by anyone? Oof. Does not fill me with joy-joy feelings.

    See, I like the concept of things like Keepass where it's on you to sync the database to devices you need it on rather than using, for example, BitWarden - But I've been more annoyed by Keepass than perhaps I should have been. I looked into the doodad that @Gareth Halfacree uses, the Mooltipass(?), but the physical device control aspect made my thumbs hurt before I even picked it up.
     
  14. Gareth Halfacree

    Gareth Halfacree WIIGII! Staff Administrator Super Moderator Moderator

    Joined:
    4 Dec 2007
    Posts:
    13,607
    Likes Received:
    2,627
    I mean, you're always going to need some electronic device - unless you're very quick with your sums and have a pretty good memory for numbers, I guess.

    You've options, though: Yubikeys can do HOTP, but they can't do TOTP because there's no RTC on it - so you need a separate app running on something to provide the time. For standalone devices, there's Protectimus One if you can get past the terrible Transformer-knockoff name, Token2, SafeNet OTP 110, Swivel...

    The biggest problem with any of those is that they only hold a single code at a time - meaning you'd need a physical dongle for every service you have TOTP 2FA on. In my case, that's a pretty hefty pocketful. I believe the SafeID/Diamond can hold multiple codes, though the specs sheet 404s so I can't confirm that. The Nitrokey Pro 2 holds up to three HOTP and 15 TOTP codes, but doesn't have a screen - so you can only use it on devices you can physically plug it into.

    You could always roll your own, of course. This library is for TOTP on any Arduino-compatible microcontroller, and this one's pure C for any microcontroller at all. This £14.10 M5Stick-C has a built-in display, RTC, and batteries - combine the two and you've your own TOTP dongle. (Cheaper bought direct, too.) There's also the Texas Instruments EZ430-Chronos programmable watch, and the hard work's already been done - though, again, that particular hack only supports a single code.
    Depends how you're using it: as a USB HID device, there's a bit of scrolling (but not much - hold the wheel and scroll to skip through your list letter-by-letter, release the wheel and scroll to go entry-by-entry); if you use the Favourites menu, there's less; and if you use Moolticute there's none at all - you don't even need to touch the wheel. It pops up "hey, I know this website," you knock twice on the desk with your knuckles, you're logged in.

    At the moment, though, there's no Moolticute for mobile devices - something that's being addressed as part of the run-up to launching the new Mooltipass Mini BLE, which includes Bluetooth connectivity and an on-board battery.
     
    Byron C likes this.
  15. Byron C

    Byron C Probably isn't Hitler, but definitely a muppet

    Joined:
    12 Apr 2002
    Posts:
    6,321
    Likes Received:
    1,304
    This is what I'm waiting for, the Mooltipass Mini BLE. From what I read on Reddit last night, it looks like they're aiming to get the crowdfunder launched this month. Might be the first one I ever pledge to.
     
  16. The_Crapman

    The_Crapman Don't phone it's just for fun.

    Joined:
    5 Dec 2011
    Posts:
    5,174
    Likes Received:
    1,758
    Solicitors. Absolute ****ing retards. Heard back from the insurers one lucky old me got a locum, probably paid on a per case basis, saw "hernia" and "nerve damage" and fired off template "Hernia Decline 02". In the responce is the fantasatic line "we are of the opinion that you have unfortunately suffered common and recognised complications of the type of treatment you underwent". So they think that forgetting to put in the mesh is a "common and recognised complication"??? Oh yes I went in for a lung transplant, they took my old ones out but forgot to put the new ones in, but apparently it's a common and recognised complication :rollingeyes:
    [​IMG]

    Clearly hasn't read my VERY detailed timeline i sent, or any review notes from the assistant adfter the HOUR LONG call we had, in which he very much grasped that it wasn't the procedural operation that caused the problem, but that it wasn't done correctly, there were failings in other procedures like checklists not being done and records falsified and was then ignored by doctors for months while the hernia got worse.

    If i have to track down the surgeon and slowly insert a white hot poker through his groin so he can experience a fraction of the pain i've had to endure, someone will ****ing pay.

    Oh and in the despairing rage that took over me after reading the classic line, I think I dislocated the tip of my right ring finger as I balled up my fists into the paper. Once I'd calm d down and stopped crying it hurt like hell and now has a good amount of trigger finger. Just great.

    Oh and I managed to overheat and kill my Dremel a couple of days ago so I've had to buy a new one as there's things I still need it for. Seeing as it'll be used for extended periods for buffing etc I've gone for the 4000 instead of another 3000, could have done without the expense alone, let alone the added £30 for the higher model, but **** it. Gonna get used.
     
    Last edited: 2 Jul 2020
  17. xaser04

    xaser04 Ba Ba Ba BANANA!

    Joined:
    27 Jun 2008
    Posts:
    2,214
    Likes Received:
    182
    HMRC updated the (trade) tariff to reflect changes coming in for the EU VN FTA. Not too bad you think? Yeah, helps when they communicate the change..

    Slight (big) issue for any business that sends its own declarations to CHIEF (customs system) when the codes its expecting to receive don't match what you send...

    Cue 2,000 declarations all failing and now need to manually amended and re-sent on top of the system changes that actually need to be performed (reclassifying multiple seasons worth of articles and loading whole new sections to the tariff schema (duty rates etc) all within a day.

    Oh and to top it all off they reverted the change half way through today only to revert it AGAIN at around 4PM... When you are trying to rapidly update your customs warehouse systems to align with the changes, only to find your test declarations are failing due to the codes changing back its time to start throwing things!

    Don't worry though they have a new customs system coming next year.... ****!
     
  18. DeadP1xels

    DeadP1xels Social distancing since 92

    Joined:
    30 Nov 2009
    Posts:
    5,607
    Likes Received:
    445
    Lost a monitor at work early in the week, not a big deal, I had a triple monitor setup so can manage on two... totally forget one of the remaining monitors also likes to go for breaks now and then refusing to turn back on... achieved 75% my usual output this week. I’ve flagged it to the IT department who should fix it for next week so next week I’ll play catch-up.

    I hadn’t realised how much screen real estate improved my workflow. I love my 34” ultra wide when working at home but i was always after more real estate with my 27” 24” Samsung setup. Switching just squeezed the resolution of both onto one so I was never any further forward... It has got me thinking on how I can Improve my workflow from home setup as well now but options are slim.

    49 ultra wide is expensive as hell... not even sure my work laptop is capable of the resolution to run it.

    Second 34 - Potentially too wide, I’m aiming to push for a 1.5m desk of which two 34 inches will span 1.6M...

    Cheapo mismatched 22/24 - not quite the right resolution, but will do the job

    Edit: Oh and I’ve been awake since 2am because my son woke up and is loving life. I feel like complete ****
     
    Last edited: 3 Jul 2020
  19. Byron C

    Byron C Probably isn't Hitler, but definitely a muppet

    Joined:
    12 Apr 2002
    Posts:
    6,321
    Likes Received:
    1,304
    Not really 'ruining', but driving me crazy because I feel like I'm going round in circles today.

    Problem: I need to be able to access the internet from an old Power Mac
    Solution: Hook it up to the network then.
    Problem: The hideously outdated version of Internet Explorer on OS X 10.1 is unusable on today's modern web
    Solution: Install TenFourFour browser
    Problem: Can't download TenFourFour because browser is unusable
    Solution: Transfer via USB
    Problem: Filesystem compatibility shenanigans
    Solution: Figure out that writing to HFS in Linux needs root
    Problem: TenFourFour only supports OS X 10.4 and up
    Solution: Install OS X 10.4
    Problem: No DVD burner on anything except the Mac, so no easy way to transfer
    Solution: Use USB again
    Problem: File is too large for compatible filesystems

    scratches head, makes cup of tea....

    Solution: Mac OS X is *nix-like, yes? Use SCP in a terminal to transfer files then.
    Problem: Modern SSH/SCP Linux clients don't support the outdated key exchange methods or ciphers used on OS X 10.1
    Solution: Use the Mac to SCP files from the Linux box
    Problem: OS X 10.1 doesn't support the key exchange methods and ciphers used in modern Linux systems
    Solution: Track down the command-line arcana required in order to use older key exchange methods & ciphers in a modern SSH/SCP client

    And that's where I'm at right now, the OS X 10.4 Tiger ISO has just finished transferring to the old Mac via SCP. I get the feeling that actually installing OS X 10.4 will start a whole new round of shenanigans... EDIT: Of course it didn't work, did it? Couldn't unzip because of some... disk... filesystem... stuff... I forget the actual error message... This means I'll have to uncompress the ISO on my Linux machine and transfer the uncompressed ISO... DOUBLE EDIT: OK fine, it's not an ISO, it's a DMG, and it's really not compressed all that much. This should only take another 15 minutes or so then...

    At least I learned something today: If you want to piss around with older Macs then the first thing to do is get OS X Tiger installed so you can have a browser that actually works!
     
    Last edited: 11 Jul 2020
  20. Mr_Mistoffelees

    Mr_Mistoffelees The Cat Lies Down on Broadway

    Joined:
    26 Aug 2014
    Posts:
    2,681
    Likes Received:
    837
    Nope, too much like hard work...
     
    IanW and Byron C like this.

Share This Page