[opensuse] Thunderbird asks for passwords too many times.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Hi, I have several accounts defined in Thunderbird. It keeps the passwords for all of them, protected with a master password. When I start Thunderbird, the sequence goes like this (from recent memory): a) it pops up several message boxes, asking for the password of each mail account. Instead of waiting for the master password before starting connecting to the accounts. Often, once the master password is entered, the sessions with the ISP have timed out, and the connections fail; then Thunderbird asks if it should retry. Another bunch of dialogs to close. This has been hapening for years. b) it asks for the master password - but in several message boxes. It is expected to prompt for that password - but once! Since a few months back, it asks several times. Before it asked just once. So my procedure is to enter the master password, once, then close all other password requests, for the accounts and the master. It is a nuisance. But the master password prompt does not respond to the ESC key. I have to click on cancel, or tab-enter. Two keys. And this happens on two computers at least, so I doupbt it is misconfiguration on my part, but... who knows :-? MozillaThunderbird-38.3.0-70.65.1.x86_64 (updated minutes ago). - -- Cheers Carlos E. R. (from 13.1 x86_64 "Bottle" (Minas Tirith)) -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.22 (GNU/Linux) iF4EAREIAAYFAlYTwgoACgkQja8UbcUWM1z8SwD7BNiW7TybrKvCbZYsZXNkC8ED S4qy/y0976ubcCckFyEBAIHblSJ9wDVdYzFbwVp/llm/qPTNnprYseDwZMbKv5T/ =2PjI -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
Hi, Am 06.10.2015 um 14:43 schrieb Carlos E. R.:
I have several accounts defined in Thunderbird. It keeps the passwords for all of them, protected with a master password.
When I start Thunderbird, the sequence goes like this (from recent memory):
a) it pops up several message boxes, asking for the password of each mail account.
Instead of waiting for the master password before starting connecting to the accounts.
Often, once the master password is entered, the sessions with the ISP have timed out, and the connections fail; then Thunderbird asks if it should retry. Another bunch of dialogs to close.
This has been hapening for years.
Interesting since this did never and still does not happen for me.
b) it asks for the master password - but in several message boxes.
It is expected to prompt for that password - but once! Since a few months back, it asks several times. Before it asked just once.
This is known upstream ... but https://bugzilla.mozilla.org/show_bug.cgi?id=1180374 Wolfgang -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 On 2015-10-06 14:54, Wolfgang Rosenauer wrote:
Hi,
Am 06.10.2015 um 14:43 schrieb Carlos E. R.:
I have several accounts defined in Thunderbird. It keeps the passwords for all of them, protected with a master password.
When I start Thunderbird, the sequence goes like this (from recent memory):
a) it pops up several message boxes, asking for the password of each mail account.
Instead of waiting for the master password before starting connecting to the accounts.
Often, once the master password is entered, the sessions with the ISP have timed out, and the connections fail; then Thunderbird asks if it should retry. Another bunch of dialogs to close.
This has been hapening for years.
Interesting since this did never and still does not happen for me.
Well, I'd be interested in knowing how to stop those. If it doesn't happen for you, there is possibly something I can do ;-) But it might just be how my ISP responds.
b) it asks for the master password - but in several message boxes.
It is expected to prompt for that password - but once! Since a few months back, it asks several times. Before it asked just once.
This is known upstream ... but
Mmm. Yes. That's it. I started having the issue before I started using the calendar. And, in one computer I had to remove it, because it crashed Th right at the start. I have to try again, see if today's update changed things. Would a "me too" in that bugzilla help? - -- Cheers / Saludos, Carlos E. R. (from 13.1 x86_64 "Bottle" (Minas Tirith)) -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.22 (GNU/Linux) iF4EAREIAAYFAlYTxogACgkQja8UbcUWM1zLXgD/YfFDUkyyn1xu3roE7DRw7vnh ZhWznP5V03yG2v6ubvMA/3f0r+Ze2cKBLAJgqDFs6M/D3zbTz099rvcgW3VaJn3R =48G4 -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On 2015-10-06 15:03, Carlos E. R. wrote:
On 2015-10-06 14:54, Wolfgang Rosenauer wrote:
a) it pops up several message boxes, asking for the password of each mail account.
Interesting since this did never and still does not happen for me.
Well, I'd be interested in knowing how to stop those. If it doesn't happen for you, there is possibly something I can do ;-)
But it might just be how my ISP responds.
I just updated the desktop machine. I started TH, let it alone for a minute or two, and when I came back there was a single master password request, and no mail account prompt boxes. However, when I entered the master password, I got two or three popups from mail accounts about timeouts, should I retry? Instead of just retrying silently. The difference in this installation is that I had to disable the calendar plugin. Well, actually the "provider for google calendar", it caused crashes on start. -- Cheers / Saludos, Carlos E. R. (from 13.1 x86_64 "Bottle" at Telcontar)
On 10/06/2015 07:54 AM, Wolfgang Rosenauer wrote:
This has been hapening for years. Interesting since this did never and still does not happen for me.
Strange indeed, I have no less than 10 e-mail accounts and 2 calendar (lightning) accounts in the same tbird (just updated as well). I've never seen this behavior -- but I do NOT use a master password. When I attached my eGroupware calendars through lightning, it seems I did have to enter twice, but it has been fine since. Amazingly enough I have no new complaints with the latest updates of firefox-esr and MozillaThunderbird. Wolfgang gets the credit and kudos... Carlos, I would probably blow away whatever sqlite table or profile file contains the password stuff and let them be re-created. Re enter all your passwords once and tell ff/tb to remember them and don't bother with a master password (as long as you have physical control over the computer). It looks like something in your profile has become corrupt. I have gotten to where I have to keep my mail account credentials in keepassx (I never have to use them, so I had better store them so I don't completely forget them...) You should enter them once and never have to enter them again. -- David C. Rankin, J.D.,P.E. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On 10/11/2015 10:01 AM, David C. Rankin wrote:
On 10/06/2015 07:54 AM, Wolfgang Rosenauer wrote:
This has been hapening for years. Interesting since this did never and still does not happen for me.
Strange indeed,
snipped
Amazingly enough I have no new complaints with the latest updates of firefox-esr and MozillaThunderbird.
snipped
Carlos, I would probably blow away whatever sqlite table or profile file contains the password stuff and let them be re-created. Re enter all your passwords once and tell ff/tb to remember them and don't bother with a master password (as long as you have physical control over the computer).
It looks like something in your profile has become corrupt.
Perhaps, it sounds like a reasonable possibility to me, but it's not in the password files. I tried to recreate them and it made no difference, TB still asks for the master password multiple times (if it is not entered right away). Accrding to - http://kb.mozillazine.org/Transferring_data_to_a_new_profile_-_Thunderbird#S... the key files are 3 - key3.db, cert8.db and signons.txt (in the .thunderbird folder). I shut down TB, added the .bak extension to the three files and restarted TB. The files were re-created and I had to re-enter the pop mail account passwords. I then re-set the master passowrd. After re-starting TB there is no change, it still asks for the master password multiple times. I am generally very happy with TB, this problem is a minor annoyance. If not for this thread, I would have gone on just entering the master password and closing the extra dialogs without even googling for an answer. Gustav. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 On 2015-10-11 13:22, Gustav Degreef wrote:
I am generally very happy with TB, this problem is a minor annoyance. If not for this thread, I would have gone on just entering the master password and closing the extra dialogs without even googling for an answer.
Yes, that's the situation exactly. - -- Cheers / Saludos, Carlos E. R. (from 13.1 x86_64 "Bottle" (Minas Tirith)) -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.22 (GNU/Linux) iF4EAREIAAYFAlYalKIACgkQja8UbcUWM1zSEQEAmuD+/nGVoy3FW2uPwFi7gQWE Ptu/pIXRBnF3InMV9uEA/jg+Oo+kEAhc4R70SoFopvQ6E5rRq4qbx+0KAJ5bnO1R =Wqxg -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On 10/11/2015 04:01 AM, David C. Rankin wrote:
I have no less than 10 e-mail accounts and 2 calendar (lightning) accounts in the same tbird (just updated as well). I've never seen this behavior -- but I do NOT use a master password. When I attached my eGroupware calendars through lightning, it seems I did have to enter twice, but it has been fine since.
I have 14 email accounts and 5 calendars. I too have never encountered this problem. I think it has to do with the use of Master password. Like David I don't use a master password. Like Linda, I don't see the point. Maybe its the dinosaur in me, but I recall the whole "Single sign-on" debate where the objection was to having to keep entering passwords for each and every application. And yes I use a password manager so I don't have to go though all that with web based application. My policy is that *I* should be the one on control of the computer, not the computer in control and continually making demands of me, disrupting my work-flow and chain of thought with authentication demands. The people building tablets and phones have the right idea. The password management is built right in! -- A: Yes. > Q: Are you sure? >> A: Because it reverses the logical flow of conversation. >>> Q: Why is top posting frowned upon? -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On 10/11/2015 04:01 AM, David C. Rankin wrote:
I have gotten to where I have to keep my mail account credentials in keepassx (I never have to use them, so I had better store them so I don't completely forget them...) You should enter them once and never have to enter them again.
I duplicate mine off-line as well -- A: Yes. > Q: Are you sure? >> A: Because it reverses the logical flow of conversation. >>> Q: Why is top posting frowned upon? -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 On 2015-10-11 10:01, David C. Rankin wrote:
Carlos, I would probably blow away whatever sqlite table or profile file contains the password stuff and let them be re-created. Re enter all your passwords once and tell ff/tb to remember them and don't bother with a master password (as long as you have physical control over the computer).
I can not guarantee that. The master password has to stay.
It looks like something in your profile has become corrupt.
The behaviour has been the same for years, since I remember, even on new installs on different computers. The only recent difference, and there is a bugzilla on this upstream, is that there are several prompts for the master password. In Firefox, I have seen instances of asking for the master password, hitting cancel because you do not want to enter that site credentials (you may even not know which of the multiple tabs want the password), and Firefox not accepting the situation, asking for the master password dozens of times, not allowing one to continue. - -- Cheers / Saludos, Carlos E. R. (from 13.1 x86_64 "Bottle" (Minas Tirith)) -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.22 (GNU/Linux) iF4EAREIAAYFAlYalEEACgkQja8UbcUWM1x3nQD/aYf3C1vm1xfUu9HTY0TvWYHV 6W8hm3Uz/OdnoOKn+6IA/jxw0hSxxXEcaWZSDCsnN/Oyz5HlJWBnhV8Af3aw6IO4 =c7i+ -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
a) it pops up several message boxes, asking for the password of each mail account.
Often, once the master password is entered, the sessions with the ISP have timed out, and the connections fail; then Thunderbird asks if it should retry. Another bunch of dialogs to close.
This has been hapening for years. ==== You have a login password to your computer. Is it subject to
Carlos E. R. wrote: people prying around on it when you aren't around? I.e. do you 'need' a password for your email accounts? In the current Tbird, unless you configure it otherwise (at the loss of some functionality), *all your messages* are already downloaded to your local computer in your Thunderbird profile folder (on windows they put it in the *roaming folder* that would be synchronized back to the server on logout and resync'ed to your computer when you login -- that's on *windows*), Anyway they didn't used to encrypt them, so if some one had access to your computer, they could look in your profile and read all your 'read' messages. The old Tbird used to leave IMAP messages on the server by default, but starting in TB3, it wanted to do global indexing and sorting across mailboxes. The writer of my fav extension (threadvis) had to keep his own database on your computer of how notes connected (the references). so the threading could be displayed even though most of the folder contents wasn't on the local computer. But with TB3, he threw out his DB and went to relying on the downloaded cache that TB3 created from then on. I was going to readapt the older version to the newer TB, but the newer TB kept crashing more often... so still at TB2.
b) it asks for the master password - but in several message boxes.
--- FF does the same if your restore a session... if you were in the middle of any secure sessions, it asked for your pw so it could reconnect to the secure resource.
It is expected to prompt for that password - but once! Since a few months back, it asks several times. Before it asked just once.
---- well FF did it once for each site, so if you had 10 windows open on 3 sites, and restarted saving tabs, it would come up and ask for the master PW 3 times usually before you could enter it once... though if the net was slow, and you entered the master PW quickly, then the other windows might not come up. Maybe they optimized connecting on tbird or it's default "cached" connections was raised so it connects to more boxes in parallel, thus hitting the need for the master-pw more quickly. Note, cached connections is in the advanced properties for an account. I go back and forth sometimes with many sometimes few. Since I gave up trying to read email via IMAPS over my dedicated, closed network connection to my server, (rest of house is on separate 1Gb connection that goes through switches, but I wanted to try 10Gb -- and 10Gb switches are pretty expensive -- especially if you want them to support bonding/teaming (which I did when I first set it up, only to realize the HW wasn't fast enough to keep up with 1-10Gb connection, let alone 2 -- but it's still the case that the connection between my desktop(Win) and server(Lin) is a single cable w/no intervening switches) I find tbird can handle many more parallel connections to dovecot, so I have the limit set to about 40-50 for now. Whereas before, with only 3-5 connections, Tbird would be so slow opening each connection that it would timeout... Ug. (this was after I'd disabled SSL, and I guess the TLS implementation wasn't as well tested/optimized?) So....who knows...maybe they raised the number of parallel connects to compensate for slower authentication? -linda -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 On 2015-10-10 01:16, Linda Walsh wrote:
Carlos E. R. wrote:
a) it pops up several message boxes, asking for the password of each mail account.
Often, once the master password is entered, the sessions with the ISP have timed out, and the connections fail; then Thunderbird asks if it should retry. Another bunch of dialogs to close.
This has been hapening for years. ==== You have a login password to your computer. Is it subject to people prying around on it when you aren't around?
I.e. do you 'need' a password for your email accounts?
Wait. It is asking for the passwords of mail accounts outside of my computer, at my ISP, gmail, etc. Thus they are important passwords. And mail account passwors are sensitive material nowdays: a reply to a mail can be used to verify things, like some automatic business transactions. Or they mail you a password, or a confirmation link... Quite sensitive. They are used as a kind of remote personal ID.
The old Tbird used to leave IMAP messages on the server by default, but starting in TB3, it wanted to do global indexing and sorting across mailboxes.
It can be disabled - and on my laptop, I do so, to reduce bandwidth and conserve battery.
b) it asks for the master password - but in several message boxes. --- FF does the same if your restore a session... if you were in the middle of any secure sessions, it asked for your pw so it could reconnect to the secure resource.
It is expected to prompt for that password - but once! Since a few months back, it asks several times. Before it asked just once.
---- well FF did it once for each site, so if you had 10 windows open on 3 sites, and restarted saving tabs, it would come up and ask for the master PW 3 times usually before you could enter it once... though if the net was slow, and you entered the master PW quickly, then the other windows might not come up.
Try entering it just once, and cancel all other prompts. You will see that the first entry is accepted and works for all sessions. This is just bad programming. When the code decides to prompt for the master password, it simply doesn't query other instances or threads or whatever if somebody is already asking for the master password. Then they could just raise that window, or do nothing but wait silently. Same when asking for an account password. Before polling any imap/pop, it should check that it has the password for it, and if it is not there, not try to connect to the site at all. Then, prompt for the master password, if set; if not set or if the user cancels, then proceed with the connection and prompt for the site password when the imap server asks for it and we definitively know we don't have it stored. I suspect that the password controls were just hacked somewhat temporarily, make do, instead of a full thought design :-/
I find tbird can handle many more parallel connections to dovecot, so I have the limit set to about 40-50 for now. Whereas before, with only 3-5 connections, Tbird would be so slow opening each connection that it would timeout... Ug. (this was after I'd disabled SSL, and I guess the TLS implementation wasn't as well tested/optimized?)
So....who knows...maybe they raised the number of parallel connects to compensate for slower authentication?
I wonder how happy my ISP is about that... :-? - -- Cheers / Saludos, Carlos E. R. (from 13.1 x86_64 "Bottle" (Minas Tirith)) -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.22 (GNU/Linux) iF4EAREIAAYFAlYYTnkACgkQja8UbcUWM1zApgD/QogeZsHqjIWAKDKhYCtmz1yk OZj9Gut2qHC2/NeJFM4A/0UZhU/DbrjTuVLhxK6pU93yyU3e9aNfeApgvrUbAXmJ =QbzK -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On 10/09/2015 07:32 PM, Carlos E. R. wrote:
I.e. do you 'need' a password for your email accounts? Wait. It is asking for the passwords of mail accounts outside of my computer, at my ISP, gmail, etc. Thus they are important passwords.
What Linda was asking wasn't "do you need to protect your email accounts with a password" but "When you are logged on to your computer and using Thunderbird, do you need to enter passwords every time or can you simply let Thunderbird remember the passwords for you"? You seem to be saying that entering the passwords every time is an inconvenience, that the 'master' password should facilitate it. Linda and I are saying that the real "master" password is when you log on to the computer. This is "inside" the computer. -- A: Yes. > Q: Are you sure? >> A: Because it reverses the logical flow of conversation. >>> Q: Why is top posting frowned upon? -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 On 2015-10-10 16:06, Anton Aylward wrote:
Linda and I are saying that the real "master" password is when you log on to the computer.
No way. A login password in Linux does not protect access when the machine is not booted properly. Anybody booting from another system could read the mail account passwords without any effort. Or read them from a system backup media. The master password on Mozilla products encrypts the passwords. I don't know how strong that encryption is, but it is at least a deterrent for a casual looker. But I suspect it is quite safe. - -- Cheers / Saludos, Carlos E. R. (from 13.1 x86_64 "Bottle" (Minas Tirith)) -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.22 (GNU/Linux) iF4EAREIAAYFAlYZH4oACgkQja8UbcUWM1xnKAD/TJMvnl5mhmc0d/bv/9STie75 Jy84456M7qiL3WV32ZMA/iaXqbNZoBUKEV9767U+Bg3pl/GKqXWDOtOahiAgr+H8 =hrS/ -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On 10/10/2015 10:24 AM, Carlos E. R. wrote:
The master password on Mozilla products encrypts the passwords. I don't know how strong that encryption is, but it is at least a deterrent for a casual looker. But I suspect it is quite safe.
That is not so, the passwords for each account are still encrypted. -- A: Yes. > Q: Are you sure? >> A: Because it reverses the logical flow of conversation. >>> Q: Why is top posting frowned upon? -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On 10/06/2015 08:43 AM, Carlos E. R. wrote:
Hi,
I have several accounts defined in Thunderbird. It keeps the passwords for all of them, protected with a master password.
When I start Thunderbird, the sequence goes like this (from recent memory):
a) it pops up several message boxes, asking for the password of each mail account.
Instead of waiting for the master password before starting connecting to the accounts.
Often, once the master password is entered, the sessions with the ISP have timed out, and the connections fail; then Thunderbird asks if it should retry. Another bunch of dialogs to close.
This has been hapening for years.
Well DUH! Mine does none of that. I log on to the computer and T[Bird comes up in one window, firefox in another, a bunch of Konsoles in another. All the email accounts are brought up; it happens that most of them are IMAP ... no wait, all of them at the T'bird level are IMAP, the POP ones get dealt with by a local aka-mailhub with dovecot. I entered the passwords when I set up the various IMAP accounts and told the T'Bird to remember them. http://en.flossmanuals.net/thunderbird/ch014_account-set-up/_booki/thunderbi... So I get none of this nonsense! As Linda points out, I log in to the computer. that's the gateway, threshold, hurdle, whatever you choose to view it as. The computer is there for my convenience. Its not there to make life more awkward ever time I use it. What about, you ask, passwords for web sites? Well guess what? There are many tools and utilities for remembering those. The whole point of this modern day and age is that we're drowning in demands for authentication, and not just at the computer. So we automate it. Are you really so paranoid as to require this process? I suspect not, otherwise you wouldn't be asking about it.
And this happens on two computers at least, so I doupbt it is misconfiguration on my part, but... who knows :-?
Well it *is* a configuration issue. IIR when you enter the password, on the form there is a check-box to tell the system to remember it. But it may be you have that turned off? http://kb.mozillazine.org/Password_not_remembered_%28Thunderbird%29#No_check... -- A: Yes. > Q: Are you sure? >> A: Because it reverses the logical flow of conversation. >>> Q: Why is top posting frowned upon? -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 On 2015-10-10 16:02, Anton Aylward wrote:
I entered the passwords when I set up the various IMAP accounts and told the T'Bird to remember them.
But you did not define a master password. - -- Cheers / Saludos, Carlos E. R. (from 13.1 x86_64 "Bottle" (Minas Tirith)) -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.22 (GNU/Linux) iF4EAREIAAYFAlYZHTsACgkQja8UbcUWM1yr7wEAnxVF3+B6o1UTkiZHRv2Gcz4D jayutJYQenAigx9a/I4A/2S/6cL8BNtNs5YHncjsrp7GMxOBRzl80MlmMEQq+XKi =/ctJ -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On 10/10/2015 10:14 AM, Carlos E. R. wrote:
On 2015-10-10 16:02, Anton Aylward wrote:
I entered the passwords when I set up the various IMAP accounts and told the T'Bird to remember them.
But you did not define a master password.
Irrelevant. I can turn the master password on and off (Edit -> preferences -> security) and it makes no difference. The individual account passwords are remembered. Did you check http://kb.mozillazine.org/Password_not_remembered_%28Thunderbird%29#No_check... All the master password amounts to is another hurdle. The point Linda and I are making is that in this context its not needed. This is not a shared machine at an internet café, is it? You are not sharing this with someone without using a different Profile? If the individual passwords were remembered they should not be popping up. If you have master password enabled then, as you implied, they should wait for that. That you get individual pop-ups means they are not being individually remembered. The calendar plug-in issue is a diversion. Turning master password on and off here, with the plugin in installed makes no difference. The individual passwords on my system are remembered. http://kb.mozillazine.org/Master_password#Removing_your_master_password -- A: Yes. > Q: Are you sure? >> A: Because it reverses the logical flow of conversation. >>> Q: Why is top posting frowned upon? -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 On 2015-10-10 16:28, Anton Aylward wrote:
If the individual passwords were remembered they should not be popping up.
No. They are remembered. I cancel all those prompts, and only enter the master password on one of the multiple boxes, and then Thunderbird proceeds successfully with mail, because it remembers the passwords and now has access to them. The prompts for the mail accounts pop up because Th has no access to them till the master password is entered. Instead of waiting silently for this, it asks for the account password. This is simply bad coding. - -- Cheers / Saludos, Carlos E. R. (from 13.1 x86_64 "Bottle" (Minas Tirith)) -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.22 (GNU/Linux) iF4EAREIAAYFAlYZIisACgkQja8UbcUWM1zdvwEAj//eZzqs44NWi+l37No0gskI Z9ht2xQkxaoM33J6Wy4BAIP0KE4CcCCpoCWO8tdcc/d0lbZgK9Mkytw6fpdp/Cc8 =zMSx -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On 10/10/2015 10:35 AM, Carlos E. R. wrote:
On 2015-10-10 16:28, Anton Aylward wrote:
If the individual passwords were remembered they should not be popping up.
No.
They are remembered.
I cancel all those prompts, and only enter the master password on one of the multiple boxes, and then Thunderbird proceeds successfully with mail, because it remembers the passwords and now has access to them.
The prompts for the mail accounts pop up because Th has no access to them till the master password is entered. Instead of waiting silently for this, it asks for the account password. This is simply bad coding.
The fact that it happens for you but not for me when I turn on master password, despite my calendar plugin, leads me to believe it is a configuration problem on your part, not coding, not a bug. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On 10/10/2015 10:35 AM, Carlos E. R. wrote:
The prompts for the mail accounts pop up because Th has no access to them till the master password is entered. Instead of waiting silently for this, it asks for the account password. This is simply bad coding.
The fact that it happens for you but not for me when I turn on master password, despite my calendar plugin, leads me to believe it is a configuration problem on your part, not coding, not a bug. I have a master password set and multiple pop accounts on TB. I get multiple pop ups for the master password if I do not enter the master
On 10/10/2015 04:44 PM, Anton Aylward wrote: password right when TB starts. But all of the pop ups are for the master password, I never get dialogs to enter the passwords to individual pop accounts. It has been happening for several years (multiple TB versions), but only for the master password - in my case. Gustav.
-- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 On 2015-10-10 22:47, Gustav Degreef wrote:
But all of the pop ups are for the master password, I never get dialogs to enter the passwords to individual pop accounts. It has been happening for several years (multiple TB versions), but only for the master password - in my case. Gustav.
This might depend on what the dialog with the mail server is. Just a hunch. - -- Cheers / Saludos, Carlos E. R. (from 13.1 x86_64 "Bottle" (Minas Tirith)) -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.22 (GNU/Linux) iF4EAREIAAYFAlYZiboACgkQja8UbcUWM1yRuQD/V/nnGd5hJPgHiOScRmVEvAIC HBhWQ0A4sopNi54ijbIA/321GMAoVBY6LJ8F0WzTlvAukJRRS03jATDDz0TMU1Qu =hmeZ -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 On 2015-10-10 16:02, Anton Aylward wrote:
On 10/06/2015 08:43 AM, Carlos E. R. wrote:
What about, you ask, passwords for web sites? Well guess what? There are many tools and utilities for remembering those. The whole point of this modern day and age is that we're drowning in demands for authentication, and not just at the computer. So we automate it.
Are you really so paranoid as to require this process? I suspect not, otherwise you wouldn't be asking about it.
You are missing the point. Thunderbird is set to remember all those account passwords. But instead of having them stored in clear, they are protected with a master password (you obviously don't). Till one enters that master password, Thunderbird can not access the account password. This is as intended, so far. When it gets to this point, it asks for the account passwords, and also for the master password. It should only ask for the master password, and then only once. This is simply bad programming, not a bug. - -- Cheers / Saludos, Carlos E. R. (from 13.1 x86_64 "Bottle" (Minas Tirith)) -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.22 (GNU/Linux) iF4EAREIAAYFAlYZHpcACgkQja8UbcUWM1zfOQEAkUO8UANxpFrAD+1jI047acTt WrdSDkEMr7v1pLzNTlYA/0V+7bPw4EVGKkNDW1DNVGwxA07VPalrV4yTYw0n4+9o =EJwi -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On 10/10/2015 10:20 AM, Carlos E. R. wrote:
You are missing the point.
Thunderbird is set to remember all those account passwords. But instead of having them stored in clear, they are protected with a master password (you obviously don't).
What makes you think they are stored in the clear, even without a master password? If you look at the files under your Profile you'll see 'signons.sqlite'. The account information is kept there. There are various tools you can use to inspect that file, but you will see a table 'moz_logins' with an entry for each account. The passwords are there encrypted. They are encrypted whether or not you use a master password!
Till one enters that master password, Thunderbird can not access the account password. This is as intended, so far.
If you do not have a master password then mozilla can still access that table and those passwords and still decrypt them. That's how I have my system set up.
When it gets to this point, it asks for the account passwords, and also for the master password. It should only ask for the master password, and then only once.
This is simply bad programming, not a bug.
I think it is a configuration problem on your system. Wy don't you try unsetting your master password and see it you still get demands for individual accounts? -- A: Yes. > Q: Are you sure? >> A: Because it reverses the logical flow of conversation. >>> Q: Why is top posting frowned upon? -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
Hi, Am 10.10.2015 um 16:41 schrieb Anton Aylward:
On 10/10/2015 10:20 AM, Carlos E. R. wrote:
What makes you think they are stored in the clear, even without a master password?
If you look at the files under your Profile you'll see 'signons.sqlite'. The account information is kept there.
There are various tools you can use to inspect that file, but you will see a table 'moz_logins' with an entry for each account. The passwords are there encrypted.
They are encrypted whether or not you use a master password!
hmm, they are more obfuscated. Everyone with access to your Mozilla directory can read them. Probably not easily but still. All you need to decrypt the passwords is in the profile. With a master password this is not the case. People can copy your whole profile but cannot decrypt the passwords w/o brute force password attacks. Wolfgang -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 On 2015-10-10 16:41, Anton Aylward wrote:
On 10/10/2015 10:20 AM, Carlos E. R. wrote:
There are various tools you can use to inspect that file, but you will see a table 'moz_logins' with an entry for each account. The passwords are there encrypted.
http://securityxploded.com/thunderbirdpassdecryptor.php Or simply: https://support.mozilla.org/en-US/questions/1005341 Anybody can read it.
I think it is a configuration problem on your system.
Wy don't you try unsetting your master password and see it you still get demands for individual accounts?
It doesn't. - -- Cheers / Saludos, Carlos E. R. (from 13.1 x86_64 "Bottle" (Minas Tirith)) -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.22 (GNU/Linux) iF4EAREIAAYFAlYZJRgACgkQja8UbcUWM1zwGgD6AjfGMFbkquFAtFZ4ONeqQsmb fI6tmcpB6lJci7cI+g4BAIEGriPelVl4wMJKRuroQHVyuMmuHUavkbXQqSB4HoCE =GxPj -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On 10/10/2015 10:47 AM, Carlos E. R. wrote:
http://securityxploded.com/thunderbirdpassdecryptor.php
Or simply:
https://support.mozilla.org/en-US/questions/1005341
Anybody can read it.
Read on and it tells you that there are tools for reading/decrypting the master password as well. So its all a sham. As in, it presents an inconvenience (even when it works properly, it still slows down the workflow and you have to enter the password) but doesn't actually offer any security. So: why bother with it in the first place? I'm not a fan of 'security theatre'. -- A: Yes. > Q: Are you sure? >> A: Because it reverses the logical flow of conversation. >>> Q: Why is top posting frowned upon? -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
Op 10-10-15 om 20:35 schreef Anton Aylward:
On 10/10/2015 10:47 AM, Carlos E. R. wrote:
http://securityxploded.com/thunderbirdpassdecryptor.php
Or simply:
https://support.mozilla.org/en-US/questions/1005341
Anybody can read it.
Read on and it tells you that there are tools for reading/decrypting the master password as well.
Hi, I do have almost the same problem as Carlos. Whan I start TB I get three boxes asking for the master password. I enter that password in one box, and cancel the rest. Everything works fine then. About recovering the master-pasword : that tool does it with brute force. If you read about "FireMaster" it says at a point : if you remember some part of the password, give that, or else the "recovery" could take hours or days. Of course anyone with physical access to your computer could steal your password-file and "recover" the master-password on his own computer. And then come back later the use it. FWIW, Koenraad. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On 10/10/2015 04:07 PM, Koenraad Lelong wrote:
About recovering the master-pasword : that tool does it with brute force. If you read about "FireMaster" it says at a point : if you remember some part of the password, give that, or else the "recovery" could take hours or days.
I think I saw mention that the encryption used was DES3, which we know is subject to "cheap" brute force attacks, and very likely, since the NSA required it to be crippled, to algorithmic attacks that have not been well publicised.
Of course anyone with physical access to your computer could steal your password-file and "recover" the master-password on his own computer. And then come back later the use it.
Or hire a botnet to crack it. I'd say "why didn't they choose a more secure algorithm?" Heck, there are many available! The answer is there in Koenraad's post. Anyone with access to your computer, certainly physical access, almost certainly electronic access, can just steal your profile. I'm sure there are many other ways to hijack your email as well. If you use gmail, the incentive to breach Google's email services are very great. The same probably goes for many of the major national-level service providers as well, Rogers, Verizon, AT&T ... And if the <strike>Stasi</strike> state security police (by whatever name in your provinciality) decide they need to access your email, then don't imagine for a moment that your ISP is going to prevent them. What was that about PGP? You're going to send PGP *encrypted* messages to the list? There's a point where using PGP self-identifies you as a type the state police should be taking a closer look at. I asked earlier "how paranoid are you?" The corollary is "how paranoid do you need to be?" -- A: Yes. > Q: Are you sure? >> A: Because it reverses the logical flow of conversation. >>> Q: Why is top posting frowned upon? -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 On 2015-10-11 15:35, Anton Aylward wrote:
I asked earlier "how paranoid are you?" The corollary is "how paranoid do you need to be?"
I'm basically worried about nosy-parker types. - -- Cheers / Saludos, Carlos E. R. (from 13.1 x86_64 "Bottle" (Minas Tirith)) -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.22 (GNU/Linux) iF4EAREIAAYFAlYalb0ACgkQja8UbcUWM1xqlQD/e1RC5sNZdniEElfyLeAnfwUS ZpnOHO4xAnpIUCm0OBMBAJxl7VMJZKY18nt0yDr51snTsQ1ka09BVAgQz9KMbJm1 =d3tu -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On 10/11/2015 01:00 PM, Carlos E. R. wrote:
On 2015-10-11 15:35, Anton Aylward wrote:
I asked earlier "how paranoid are you?" The corollary is "how paranoid do you need to be?"
I'm basically worried about nosy-parker types.
Could you be more specific? That broad a category probably takes in everyone on this list and every other opensuse list as well! We wouldn't be here if we weren't curious and inquisitive. heck, when I sign in at some hotels and B&Bs I look at who else had registered, not because I expect to see anyone I might know, but just because. Same with all the badges on the table when I sign in at conferences and trade shows. I read notices and want ads, not that I expect to see anything I want or jobs I can do. Some people read obituaries. Some read reviews of books they are unlikely to read. Some people "window shop' or even look in the stores at goods they are unlikely to buy and couldn't afford anyway (think fast, red cars). But suppose you turn your machine off or log out or have a password protected screen saver when you walk away from the machine, so the casual passer by can't see what's there. The kind of person that would make off with your hard drive, crack your password to log in, or hack through your firewall and -- somehow despite closed ports -- into your desktop machine, targeting you in particular, is clearly a different person. You are being targeted. There is some object to all that effort, not just a passer-by type "nosy-parker". I can turn off my machine (etc, etc) as a defence against "nosy-parker" types. But if someone has deliberate intent, they are willing to go to extreme, "non-casual" lengths to obtain my email and or email passwords, that is something else. that requires a more "paranoid" attitude. Some security professionals say about themselves "I'm paid to be paranoid". These are the people that assume they or their employers are being targeted, and looking at the reports in the media they are justified in going to extreme lengths. Looking at this thread and the troubles people have I conclude these things: a) having passwords on your email accounts, no matter what tools you use to access those accounts, be it Thunderbird, a webmail interface or some other mail user agent, is perfectly reasonable. The accounts are "out there on the net" b) having a password or other identification & authentication method to log into your computer and so restricting access to your personal settings is perfectly reasonable c) as with (a), having passwords on other web based applications that you access though your web browser is perfectly reasonable d) for (a) and (c), making use of a password store that automatically (aka 'make the computer do the work') deals with identification and authentication is quite reasonable. Especially as it implements a "single sign-on". Corollary to (d) Some systems, some applications, integrate this. They are useful only so far as they work properly. e) the master password system for Thunderbird doesn't work properly. Thunderbird, as well as Firefox, can remember individual account identification & authentication, but this "single sign-on" is already under (a). If every application I used demanded authentication over and over again I'd get very frustrated. Part of the appeal of tablet/phone systems is that they do the "single sign-on" very well. Late models do biometrics well Lets not pretend that that stealing the storage (be it your hard drive or your phone/tablet) won't give the criminal perpetrator your information! On my tablet I use AquaMail and recommend it! YMMV. -- A: Yes. > Q: Are you sure? >> A: Because it reverses the logical flow of conversation. >>> Q: Why is top posting frowned upon? -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On 2015-10-11 20:01, Anton Aylward wrote:
On 10/11/2015 01:00 PM, Carlos E. R. wrote:
On 2015-10-11 15:35, Anton Aylward wrote:
I asked earlier "how paranoid are you?" The corollary is "how paranoid do you need to be?"
I'm basically worried about nosy-parker types.
Could you be more specific?
That broad a category probably takes in everyone on this list and every other opensuse list as well! We wouldn't be here if we weren't curious and inquisitive.
I'm curious, yes, but I have never tried to get the password of another person, nor look at his email, even when I have access. I'm very careful of what I do with another person computer (or phone). Before opening certain areas, I look at the face of the other person for confirmation, for instance.
heck, when I sign in at some hotels and B&Bs I look at who else had registered, not because I expect to see anyone I might know, but just because. Same with all the badges on the table when I sign in at conferences and trade shows. I read notices and want ads, not that I expect to see anything I want or jobs I can do. Some people read obituaries. Some read reviews of books they are unlikely to read.
But that information is "open". Maybe "nosy-parker" doesn't mean what I thought - after all, English is not my first language ;-)
Looking at this thread and the troubles people have I conclude these things:
a) having passwords on your email accounts, no matter what tools you use to access those accounts, be it Thunderbird, a webmail interface or some other mail user agent, is perfectly reasonable. The accounts are "out there on the net"
b) having a password or other identification & authentication method to log into your computer and so restricting access to your personal settings is perfectly reasonable
Yes, but "b" does not protect access to data on the disk when the system is not running. I consider that any password stored in files should itself be protected by encryption, because passwords are always sensitive material. It may not stop a motivated targeted attack, but it does stop most of the mild attempts.
c) as with (a), having passwords on other web based applications that you access though your web browser is perfectly reasonable
d) for (a) and (c), making use of a password store that automatically (aka 'make the computer do the work') deals with identification and authentication is quite reasonable. Especially as it implements a "single sign-on".
Corollary to (d)
Some systems, some applications, integrate this. They are useful only so far as they work properly.
e) the master password system for Thunderbird doesn't work properly. Thunderbird, as well as Firefox, can remember individual account identification & authentication, but this "single sign-on" is already under (a).
It works, with some nuisance caveats. -- Cheers / Saludos, Carlos E. R. (from 13.1 x86_64 "Bottle" at Telcontar)
On 10/11/2015 01:01 PM, Anton Aylward wrote:
I asked earlier "how paranoid are you?" The corollary is "how
paranoid do you need to be?"
I'm basically worried about nosy-parker types. Could you be more specific?
That broad a category probably takes in everyone on this list and every other opensuse list as well! We wouldn't be here if we weren't curious and inquisitive.
chuckling..... If anybody wanted to decipher my mail (content wise), they would be one sick puppy when they were done. Linux, various open-source project and lists, C, shell, etc.. they would never look at another mail again... If you always follow the rule that you never put anything in an e-mail you wouldn't feel comfortable sitting across the table and defending, then there is little to worry about. It takes very little to use the tools widely available to capture packets. If somebody was hell-bent on capturing/spoofing/cracking your communications with your ISP to get your mail password, there isn't much you can do about it. The security is set by your ISP, whether you use a master password or simply have your password stored by tbird "ain't gonna make much difference." (I think without a master password, your password is hashed in a Berkeley db_185 database -- somebody can confirm or correct) Regardless whether you gpg all your e-mails, the authentication will simply be what your ISP provides. For me, TLS, SSL, etc. along with sane use of e-mail is more than good enough to let me sleep easy at night. I worry a heck of a lot more about the secure sites I reach with my browser than I worry about e-mail -- and for those the only thing that stores the passwords is the grey goo between my ears... to the extent it can... -- David C. Rankin, J.D.,P.E. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On 10/13/2015 07:00 AM, David C. Rankin wrote:
If you always follow the rule that you never put anything in an e-mail you wouldn't feel comfortable sitting across the table and defending, then there is little to worry about.
It takes very little to use the tools widely available to capture packets. If somebody was hell-bent on capturing/spoofing/cracking your communications with your ISP to get your mail password, there isn't much you can do about it. The security is set by your ISP, whether you use a master password or simply have your password stored by tbird "ain't gonna make much difference."
(I think without a master password, your password is hashed in a Berkeley db_185 database -- somebody can confirm or correct)
For me, setting a master password has only one real use. That is to prevent someone who gets hands on access to my laptop from being able to read my passwords (both for TB and Firefox). It's only of use when I stay in hotels (and that is a fair amount because of work). And I also figure that if the laptop is stolen, then it buys me some time so that I can change my passwords. Gustav -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On 10/13/2015 02:15 AM, Gustav Degreef wrote:
For me, setting a master password has only one real use. That is to prevent someone who gets hands on access to my laptop from being able to read my passwords (both for TB and Firefox). It's only of use when I stay in hotels (and that is a fair amount because of work). And I also figure that if the laptop is stolen, then it buys me some time so that I can change my passwords.
Having a laptop stolen is a perfectly reasonable risk scenario. My question is this: Why don't you just encrypt the drive or at the very least the data partition. There are many perfectly good mechanisms for this. Alternatively, in the mobile setting, strip down the 'laptop' (or use a cheapie burner from Goodwill) and use a USB stick as your /home. Remove the USB stick when no using the laptop. Rather than play yes-but games over this, I'm sure other members of the list can offer variations on this theme which are going to be quite viable. I'd be surprised if many of those were from people actually using them in situations similar to yours. I know from my own experience that I can fir a basic running opensuse system on a 16G stick, and I can get quality (e,g, Kingston, SanDisk) stick of that size for about $10 or less. Running a LiveUSB system from a stick isn't going to be as fast as the laptop's embedded drive, especially if that is a SSD! But its secure. Lower quality 32G sticks are about $5 on eBay, but you'll need to run an error check! I see 64G sticks for $12 or so. YMMV. Right now I have a Aegis Secure Key 3.- that the company has given me to evaluate. This is a USB3 device with a secure PIN access that uses AES 'hardware' encryption. It is bootable . The PIN can be up to 16 digits. It has admin mode and user mode. Each has their own PIN. These things are not cheap, http://www.apricorn.com//products/hardware-encrypted-drives/aegis-secure-key... but if you want security, especially at the corporate level, then this does not seem unreasonable. A 30G system on a bootable encrypted stick that can be used with a briner cheapie laptop or the hotels PC in their "office centre" or a "internet café"... for $200 ... The risk/Return threat abatement ratio seems quite reasonable to me. Of course if anyone is willing to offer a way to implement a bootable encrypted system using the basic tools for a regular Kingston 32G stick costing, what? $15 http://www.amazon.com/Kingston-Digital-32GB-DataTraveler-Drive/dp/B0041Q38QM than let us know about it and the details. If I get permission I'll let you guys know about the report on the Capricorn Aegis. Of course there is another way, one that is particularly effective if you need to cross borders and worry about the people at the border crossings confiscating your equipment. Take a 'virgin'/burner/ laptop that has nothing significant on it, not even 'erased/recoverable (even by the NSA) stuff, or possibly acquire a burner at your destination: no passwords, no contents beyond the default installation. Memorize two long passwords or passphrases: one to your Dropbox account, the second to your password vault in that Dropbox account. When you’re at your destination, install Dropbox, install Bittorrent Sync, open your vault and retrieve the key to your Bittorrent Sync and sit back and watch as your home folder (or whatever folders you put in BT Sync) is synced to your computer. Before going back, let BT Sync finish syncing, then wipe the machine before leaving. This way, nothing crosses the border but two passwords in your head. Nothing physical, nothing written down, nothing on the hard drive. If you really want to be smart about it, you might take something like Raspberry Pi as the 'engine', since it can be more minimalist. -- A: Yes. > Q: Are you sure? >> A: Because it reverses the logical flow of conversation. >>> Q: Why is top posting frowned upon? -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On 10/13/2015 02:15 AM, Gustav Degreef wrote:
For me, setting a master password has only one real use. That is to prevent someone who gets hands on access to my laptop from being able to read my passwords (both for TB and Firefox). It's only of use when I stay in hotels (and that is a fair amount because of work). And I also figure that if the laptop is stolen, then it buys me some time so that I can change my passwords. Having a laptop stolen is a perfectly reasonable risk scenario.
My question is this:
Why don't you just encrypt the drive or at the very least the data partition.
There are many perfectly good mechanisms for this. I've thought about it, but I don't have the expertise to do it and have not had the time to look into it. Alternatively, in the mobile setting, strip down the 'laptop' (or use a cheapie burner from Goodwill) and use a USB stick as your /home. Remove the USB stick when no using the laptop. A month and a half back I bought a Samsung T1, 256 GB external USB SSD. I activated it on a MS machine, then used gparted to repartition it (/,/home, swap, etc). I installed OS 13.2 and it runs reasonably fast on several laptops. I can boot directly into the system and I am playing with it for when I travel. Cost me about $100 and it runs much faster
On 10/13/2015 03:18 PM, Anton Aylward wrote: than a persistent live USB stick - with 13.1 on it. Gustav -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On 10/13/2015 12:05 PM, Gustav Degreef wrote:
On 10/13/2015 03:18 PM, Anton Aylward wrote:
Having a laptop stolen is a perfectly reasonable risk scenario.
My question is this:
Why don't you just encrypt the drive or at the very least the data partition.
There are many perfectly good mechanisms for this.
I've thought about it, but I don't have the expertise to do it and have not had the time to look into it.
its not difficult. There are many good HOW-TO guides for this out there.
Alternatively, in the mobile setting, strip down the 'laptop' (or use a cheapie burner from Goodwill) and use a USB stick as your /home. Remove the USB stick when no using the laptop.
A month and a half back I bought a Samsung T1, 256 GB external USB SSD.
Wow. Good for you. Sounds delicious!
I activated it on a MS machine, then used gparted to repartition it (/,/home, swap, etc). I installed OS 13.2 and it runs reasonably fast on several laptops. I can boot directly into the system and I am playing with it for when I travel. Cost me about $100 and it runs much faster than a persistent live USB stick - with 13.1 on it.
I wonder why the SSD is faster than a similar (or even small) USB stick, given the underlying media technology? I can see that, if the host supports it, a USB3 drive is going to be faster than a USB2 stick. No argument there. If its still 'playable' , then you can/could reformat it as encrypted. Having a encrypted system/swap/home etc and an encrypted boot is straight forward. It's well documented out there :-) However I've found a couple of attempts to even encrypt the boot, if you are willing to experiment: http://www.pavelkogan.com/2014/05/23/luks-full-disk-encryption/ http://www.pavelkogan.com/2015/01/25/linux-mint-encryption/ It should be applicable to Suse. -- A: Yes. > Q: Are you sure? >> A: Because it reverses the logical flow of conversation. >>> Q: Why is top posting frowned upon? -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On 2015-10-13 18:24, Anton Aylward wrote:
On 10/13/2015 12:05 PM, Gustav Degreef wrote:
I wonder why the SSD is faster than a similar (or even small) USB stick, given the underlying media technology?
Two reasons. One, that SATA can send data faster than USB2, and without an intermediary. On the other hand, the SSD is designed for lots of writing, at random; if the writing is sequential, speed is not that great (depends on brand/model). A rotating disk on USB writes faster than a USB stick... -- Cheers / Saludos, Carlos E. R. (from 13.1 x86_64 "Bottle" at Telcontar)
On Tue, Oct 13, 2015 at 1:37 PM, Carlos E. R.
On 2015-10-13 18:24, Anton Aylward wrote:
On 10/13/2015 12:05 PM, Gustav Degreef wrote:
I wonder why the SSD is faster than a similar (or even small) USB stick, given the underlying media technology?
Two reasons. One, that SATA can send data faster than USB2, and without an intermediary. On the other hand, the SSD is designed for lots of writing, at random; if the writing is sequential, speed is not that great (depends on brand/model).
A rotating disk on USB writes faster than a USB stick...
I think the real reason is simply money. They put better parts in SSD than in thumb drives. Even the USB3 Sandisk thumb drives I buy are "slow". Greg -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
Le 13/10/2015 19:42, Greg Freemyer a écrit :
I think the real reason is simply money. They put better parts in SSD than in thumb drives. Even the USB3 Sandisk thumb drives I buy are "slow".
I'm investigating usb3 pen drives and do not find real one at an affordable price. The solution may be an ssd with usb3 / sata interface - not that bigger than pen drive jdd -- When will a Label sign her!!? https://www.youtube.com/watch?t=94&v=BeMk3WRh8QI -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
Le 13/10/2015 19:51, jdd a écrit :
I'm investigating usb3 pen drives and do not find real one at an affordable price. The solution may be an ssd with usb3 / sata interface - not that bigger than pen drive
I forgot to mention than this was to have an openSUSE on external device, a good way to use on travel (to keep important parts with me) jdd -- When will a Label sign her!!? https://www.youtube.com/watch?t=94&v=BeMk3WRh8QI -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On 10/13/2015 01:42 PM, Greg Freemyer wrote:
I think the real reason is simply money. They put better parts in SSD than in thumb drives. Even the USB3 Sandisk thumb drives I buy are "slow".
No, there is some "technology" behind it. * SATA and eSATA are 'star wired' whereas SB are bus wired. If you have any other USB device around it will slow down (aka convey slowest speed) all otehr USB devices. * SATA and eSTAT are autonomous devices whereas USB are CPU controlled. Disks have a long history of being 'smart' and often integrated with some kind of DMA so that many blocks can ba transfered all at once. With the move to 4K and 4K file systems this can be accelerated. USB isn't actually a character by character device like a UART but it is more demanding of the CPU than a disk. -- A: Yes. > Q: Are you sure? >> A: Because it reverses the logical flow of conversation. >>> Q: Why is top posting frowned upon? -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On 2015-10-13 19:54, Anton Aylward wrote:
On 10/13/2015 01:42 PM, Greg Freemyer wrote:
I think the real reason is simply money. They put better parts in SSD than in thumb drives. Even the USB3 Sandisk thumb drives I buy are "slow".
No, there is some "technology" behind it.
* SATA and eSATA are 'star wired' whereas SB are bus wired.
In theory, yes. But, one, it is irrelevant when you are testing with a single device on the machine. And two, most modern computers do not implement an USB hub, but actually separate interfaces on each socket. Easy to test: read from one flash device on one use port, write to an external rotating disk on another port. It does not go at half the usb rated speed, but at near the rated speed.
* SATA and eSTAT are autonomous devices whereas USB are CPU controlled.
Depends on what controller you have. There is a cheaper one that is as you say, and another, more expensive one, which is autonomous. -- Cheers / Saludos, Carlos E. R. (from 13.1 x86_64 "Bottle" at Telcontar)
"Carlos E. R."
Depends on what controller you have. There is a cheaper one that is as you say, and another, more expensive one, which is autonomous.
I only know traditionally the USB2 controller was the biggest determinant of how fast a usb device would be. I guess that would still be the case today. Greetings, X. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On 2015-10-13 21:20, Xen wrote:
"Carlos E. R." <> schreef:
Depends on what controller you have. There is a cheaper one that is as you say, and another, more expensive one, which is autonomous.
I only know traditionally the USB2 controller was the biggest determinant of how fast a usb device would be. I guess that would still be the case today.
Well, for USB2 on reasonably powerful computers, USB can handle near the rated maximum speed, which is 480 Mbit/s (https://en.wikipedia.org/wiki/USB#Transmission_rates). Assuming the CPU load is not too big and that there are no more devices plugged to the same bus. From the wikipedia: +++-------------- The theoretical maximum data rate in USB 2.0 is 480 Mbit/s (60 MB/s) per controller and is shared amongst all attached devices. Some chipset manufacturers overcome this bottleneck by providing multiple USB 2.0 controllers within the southbridge. According to routine testing performed by CNet, write operations to typical Hi-Speed (USB 2.0) hard drives can sustain rates of 25–30 MB/s, while read operations are at 30–42 MB/s;[128] this is 70% of the total available bus bandwidth. For USB 3.0, typical write speed is 70–90 MB/s, while read speed is 90–110 MB/s.[128] Mask Tests, also known as Eye Diagram Tests, are used to determine the quality of a signal in the time domain. They are defined in the referenced document as part of the electrical test description for the high-speed (HS) mode at 480 Mbit/s.[129] According to a USB-IF chairman, "at least 10 to 15 percent of the stated peak 60 MB/s (480 Mbit/s) of Hi-Speed USB goes to overhead—the communication protocol between the card and the peripheral. Overhead is a component of all connectivity standards".[130] Tables illustrating the transfer limits are shown in Chapter 5 of the USB spec. For isochronous devices like audio streams, the bandwidth is constant, and reserved exclusively for a given device. The bus bandwidth therefore only has an effect on the number of channels that can be sent at a time, not the "speed" or latency of the transmission. --------------++- -- Cheers / Saludos, Carlos E. R. (from 13.1 x86_64 "Bottle" at Telcontar)
"Carlos E. R."
On 2015-10-13 21:20, Xen wrote:
"Carlos E. R." <> schreef:
Depends on what controller you have. There is a cheaper one that is as you say, and another, more expensive one, which is autonomous.
I only know traditionally the USB2 controller was the biggest determinant of how fast a usb device would be. I guess that would still be the case today.
Well, for USB2 on reasonably powerful computers, USB can handle near the rated maximum speed, which is 480 Mbit/s (https://en.wikipedia.org/wiki/USB#Transmission_rates). Assuming the CPU load is not too big and that there are no more devices plugged to the same bus.
I meant not the host controller, but the device controller. Some devices can do 45MB/s while others stick at 30MB/s, or whatever. And usb sticks I guess are notorious for being slow even when they could be fast. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On Tue, Oct 13, 2015 at 1:54 PM, Anton Aylward
On 10/13/2015 01:42 PM, Greg Freemyer wrote:
I think the real reason is simply money. They put better parts in SSD than in thumb drives. Even the USB3 Sandisk thumb drives I buy are "slow".
No, there is some "technology" behind it.
* SATA and eSATA are 'star wired' whereas SB are bus wired.
If you have any other USB device around it will slow down (aka convey slowest speed) all otehr USB devices.
* SATA and eSTAT are autonomous devices whereas USB are CPU controlled.
Disks have a long history of being 'smart' and often integrated with some kind of DMA so that many blocks can ba transfered all at once. With the move to 4K and 4K file systems this can be accelerated.
USB isn't actually a character by character device like a UART but it is more demanding of the CPU than a disk.
From http://www.digitaltrends.com/computing/what-is-usb-3-1-when-will-it-be-relea... == The biggest improvement for the USB 3.1 standard is a boost in data
Anton, I think you underestimate the improvements of USB-3 over USB-2. There is also USB 3.1, but I don't have any of those devices yet. transfer bandwidth of up to 10 gigabits per second. The new SuperSpeed USB specification in Generation 2 of USB 3.1 delivers improved data encoding and efficiency, doubling the speed of the Generation 1 standard (5Gbps). == Back to USB-3 and my real world experience: I am a "heavy" USB-3 user. On my lab machine right now I have a 10-port USB-3 hub. Similar to http://amzn.com/B00GSLMTQ8 Connected to it are 2 (USB-3 <--> SATA) adapters. These are the adapters: http://www.frys.com/product/7157332?site=sr:SEARCH:MAIN_RSLT_PG In the adapters I have 2 1TB SSD drives. http://www.frys.com/product/8144495?site=sr:SEARCH:MAIN_RSLT_PG I also have 2 1.5TB USB-3 drives plugged into ithe hub. I semi-routinely copy 100GB of data from one of those drives to another. I also do large scale binary searches of the data. Let me assure you that from a performance perspective USB-3 is close to SATA. What is not close is a 16GB Sandisk USB-3 Thumb drive, nor any other thumb drive I have used. Thumb drives simply have slow electronics and it has nothing to do with the USB-3 interface. Greg -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On 10/13/2015 05:25 PM, Greg Freemyer wrote:
Anton,
I think you underestimate the improvements of USB-3 over USB-2.
I am glad to be corrected, especially when its done with such solid, experienced real world experience so succinctly presented.
There is also USB 3.1, but I don't have any of those devices yet.
I don't even have the range of USB3 devices you go onto mention :-(
Thumb drives simply have slow electronics and it has nothing to do with the USB-3 interface.
And not, as I was led to believe by others, that the USB3 was like the early USB on my older machines out of the Closet of Anxieties, a shared bus controller. Thank you. -- A: Yes. > Q: Are you sure? >> A: Because it reverses the logical flow of conversation. >>> Q: Why is top posting frowned upon? -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
Le 13/10/2015 23:25, Greg Freemyer a écrit :
Thumb drives simply have slow electronics and it has nothing to do with the USB-3 interface.
I had a brief occasion to test a very fast usb3 pen drive that conducted me to start large testing. These tests are not very good right now. That said I test cheap devices, not professional ones as you seems to do. very cheap - in the 10-20€ range - Chinese usb3 128Gb pen drives are fakes (not even usb3 connector - I had them refunded, several tests). A 30€ pen drives is not able to write on usb3 connector but write (slow) on usb2 and *read* very fast in usb3 (partially refunded). on my main computer, 5 years old, with no native usb3, a pci express usb3 card perform randomly, sometime well, sometime not at all. I have two usb3 external hubs, none of them perform well (from local dealer) when it works usb3 is amazing, but it don't seems to be really mainstream now (and same results in openSUSE and windows 10). jdd -- When will a Label sign her!!? https://www.youtube.com/watch?t=94&v=BeMk3WRh8QI -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On 10/13/2015 05:25 PM, Greg Freemyer wrote:
On Tue, Oct 13, 2015 at 1:54 PM, Anton Aylward
wrote: On 10/13/2015 01:42 PM, Greg Freemyer wrote:
I think the real reason is simply money. They put better parts in SSD than in thumb drives. Even the USB3 Sandisk thumb drives I buy are "slow".
No, there is some "technology" behind it.
* SATA and eSATA are 'star wired' whereas SB are bus wired.
If you have any other USB device around it will slow down (aka convey slowest speed) all otehr USB devices.
* SATA and eSTAT are autonomous devices whereas USB are CPU controlled.
Disks have a long history of being 'smart' and often integrated with some kind of DMA so that many blocks can ba transfered all at once. With the move to 4K and 4K file systems this can be accelerated.
USB isn't actually a character by character device like a UART but it is more demanding of the CPU than a disk.
Anton,
I think you underestimate the improvements of USB-3 over USB-2.
There is also USB 3.1, but I don't have any of those devices yet.
From http://www.digitaltrends.com/computing/what-is-usb-3-1-when-will-it-be-relea... == The biggest improvement for the USB 3.1 standard is a boost in data transfer bandwidth of up to 10 gigabits per second. The new SuperSpeed USB specification in Generation 2 of USB 3.1 delivers improved data encoding and efficiency, doubling the speed of the Generation 1 standard (5Gbps). ==
Back to USB-3 and my real world experience:
I am a "heavy" USB-3 user. On my lab machine right now I have a 10-port USB-3 hub. Similar to http://amzn.com/B00GSLMTQ8
Connected to it are 2 (USB-3 <--> SATA) adapters.
These are the adapters: http://www.frys.com/product/7157332?site=sr:SEARCH:MAIN_RSLT_PG
In the adapters I have 2 1TB SSD drives.
http://www.frys.com/product/8144495?site=sr:SEARCH:MAIN_RSLT_PG
I also have 2 1.5TB USB-3 drives plugged into ithe hub. I semi-routinely copy 100GB of data from one of those drives to another. I also do large scale binary searches of the data.
Let me assure you that from a performance perspective USB-3 is close to SATA. What is not close is a 16GB Sandisk USB-3 Thumb drive, nor any other thumb drive I have used.
Thumb drives simply have slow electronics and it has nothing to do with the USB-3 interface.
Greg
Oh, and I just noticed: In USB3 mode, with proper USB3 cabling, you are transferring data over the two USB3 pairs, while in USB2 mode you are using the original 'singleton' cable for switching direction. Have I explained that properly? Greg, will all your USB3 stuff even work with USB2 cables? Heck, I know my tablet charges over twice as fast with the USB3 cable over the USB2. Perhaps ther's something more to it? -- A: Yes. > Q: Are you sure? >> A: Because it reverses the logical flow of conversation. >>> Q: Why is top posting frowned upon? -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On 2015-10-14 17:39, Anton Aylward wrote:
Heck, I know my tablet charges over twice as fast with the USB3 cable over the USB2. Perhaps ther's something more to it?
Curious. If you check the wikipedia page on USB, you will see that there are sections talking about the standards defining power and charger adaptors over USB. For faster charging than the default, there has to be a negotiation. USB3 implements a 900 mA mode (the default is 500 mA). But there are other modes reaching up to 5A. https://en.wikipedia.org/wiki/USB#Power -- Cheers / Saludos, Carlos E. R. (from 13.1 x86_64 "Bottle" at Telcontar)
On 10/14/2015 01:44 PM, Carlos E. R. wrote:
On 2015-10-14 17:39, Anton Aylward wrote:
Heck, I know my tablet charges over twice as fast with the USB3 cable over the USB2. Perhaps ther's something more to it?
Curious.
If you check the wikipedia page on USB, you will see that there are sections talking about the standards defining power and charger adaptors over USB. For faster charging than the default, there has to be a negotiation.
USB3 implements a 900 mA mode (the default is 500 mA). But there are other modes reaching up to 5A.
Curious indeed. With the USB3 cable, according to the meter, its never UNDER 900,A and usually around 1300-1500mA. With the USB2 cable its around 600mA. There is the line in that chart "Battery Charging" which goes up to 1500mA. Perhaps that its; I *am* talking about charging the battery in the tablet, after all. And this is from a dedicated wall-wart, not a laptop or computer. -- A: Yes. > Q: Are you sure? >> A: Because it reverses the logical flow of conversation. >>> Q: Why is top posting frowned upon? -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 On 2015-10-14 22:24, Anton Aylward wrote:
And this is from a dedicated wall-wart, not a laptop or computer.
Those may give up to 3 A. There is a standard for those gadgets, too. The wikipedia talks a bit about it. - -- Cheers / Saludos, Carlos E. R. (from 13.1 x86_64 "Bottle" (Minas Tirith)) -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.22 (GNU/Linux) iF4EAREIAAYFAlYe3fwACgkQja8UbcUWM1xlNwD+NqLnDkSn/rXWpv/0XXY3Ajm5 y/IgjEw2TRtZnYJdsJwA/11NsxIyKd+409I4mWbmiF2//7cLRtMj4mJjCMAr4ytl =k5zf -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On Wed, Oct 14, 2015 at 11:39 AM, Anton Aylward
On 10/13/2015 05:25 PM, Greg Freemyer wrote:
On Tue, Oct 13, 2015 at 1:54 PM, Anton Aylward
wrote: On 10/13/2015 01:42 PM, Greg Freemyer wrote:
I think the real reason is simply money. They put better parts in SSD than in thumb drives. Even the USB3 Sandisk thumb drives I buy are "slow".
No, there is some "technology" behind it.
* SATA and eSATA are 'star wired' whereas SB are bus wired.
If you have any other USB device around it will slow down (aka convey slowest speed) all otehr USB devices.
* SATA and eSTAT are autonomous devices whereas USB are CPU controlled.
Disks have a long history of being 'smart' and often integrated with some kind of DMA so that many blocks can ba transfered all at once. With the move to 4K and 4K file systems this can be accelerated.
USB isn't actually a character by character device like a UART but it is more demanding of the CPU than a disk.
Anton,
I think you underestimate the improvements of USB-3 over USB-2.
There is also USB 3.1, but I don't have any of those devices yet.
From http://www.digitaltrends.com/computing/what-is-usb-3-1-when-will-it-be-relea... == The biggest improvement for the USB 3.1 standard is a boost in data transfer bandwidth of up to 10 gigabits per second. The new SuperSpeed USB specification in Generation 2 of USB 3.1 delivers improved data encoding and efficiency, doubling the speed of the Generation 1 standard (5Gbps). ==
Back to USB-3 and my real world experience:
I am a "heavy" USB-3 user. On my lab machine right now I have a 10-port USB-3 hub. Similar to http://amzn.com/B00GSLMTQ8
Connected to it are 2 (USB-3 <--> SATA) adapters.
These are the adapters: http://www.frys.com/product/7157332?site=sr:SEARCH:MAIN_RSLT_PG
In the adapters I have 2 1TB SSD drives.
http://www.frys.com/product/8144495?site=sr:SEARCH:MAIN_RSLT_PG
I also have 2 1.5TB USB-3 drives plugged into ithe hub. I semi-routinely copy 100GB of data from one of those drives to another. I also do large scale binary searches of the data.
Let me assure you that from a performance perspective USB-3 is close to SATA. What is not close is a 16GB Sandisk USB-3 Thumb drive, nor any other thumb drive I have used.
Thumb drives simply have slow electronics and it has nothing to do with the USB-3 interface.
Greg
Oh, and I just noticed:
In USB3 mode, with proper USB3 cabling, you are transferring data over the two USB3 pairs, while in USB2 mode you are using the original 'singleton' cable for switching direction.
Have I explained that properly?
Greg, will all your USB3 stuff even work with USB2 cables?
Heck, I know my tablet charges over twice as fast with the USB3 cable over the USB2. Perhaps ther's something more to it?
For my lab machine with all the USB-3 I just connected both my keyboard and my mouse to the 10-port USB-3 hub. They are both USB-2 devices. I then initiated about a 50GB file copy (files are 4GB each so 12 or 13 files) between the 2 SSDs I mentioned before. I moved my mouse in a circle while the first 10GB of data transferred so I had USB-2 continuously using the bus during the transfer. For that first 10GB the transfer rate was about 120 MB/sec (That is about 7GB/minute, so the first 10GB took about 90 seconds to transfer.). Note that is 2 direction traffic, so that is about 2.4 Gbit/second. That's about 50% of the claimed throughput for USB-3. I saw no speed change after I quit moving the mouse. I don't know where the bottleneck is that keeps the transfer from running faster. Probably in the USB-3 bus itself. Please note I have purchased multiple USB-3 hubs. In the higher port count hubs, only the Anker has performed flawlessly. If anyone is thinking of duplicating a setup like mine I strongly recommend using an Anker brand hub: http://www.amazon.com/dp/B00GSLMTQ8/ref=cm_sw_su_dp Greg -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 On 2015-10-14 22:24, Greg Freemyer wrote:
I saw no speed change after I quit moving the mouse. I don't know where the bottleneck is that keeps the transfer from running faster. Probably in the USB-3 bus itself.
Or the SSD itself. There is a limit to sustained write speed. - -- Cheers / Saludos, Carlos E. R. (from 13.1 x86_64 "Bottle" (Minas Tirith)) -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.22 (GNU/Linux) iF4EAREIAAYFAlYe4FgACgkQja8UbcUWM1w4cgD/fIjioQTGpfWIwaCSCIIbCmOM 4OmFVBiRnp3UwSUmQmwA/R0ovFUUfkPyso6zPPMZg2tyi+2fRWSijKeUwkmRWNxv =zX84 -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On Wed, Oct 14, 2015 at 7:08 PM, Carlos E. R.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
On 2015-10-14 22:24, Greg Freemyer wrote:
I saw no speed change after I quit moving the mouse. I don't know where the bottleneck is that keeps the transfer from running faster. Probably in the USB-3 bus itself.
Or the SSD itself. There is a limit to sustained write speed.
You must be right. I've got quite a bit of data to move around overnight so I thought I start up 2 simultaneous big transfers at the same time. I've got 2 SSDs sending data to / from rotating media. I'm seeing 350 MB/sec aggregate traffic on the USB-3 bus. That's 3.5 Gbits/sec. That's the fastest I've ever noticed data going across that bus. fyi: I just bought a new Anker USB-hub (7-port this time), so it could be that this hub is faster than the one I was using a couple days ago. Greg -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On Sat, Oct 17, 2015 at 11:06 PM, Greg Freemyer
On Wed, Oct 14, 2015 at 7:08 PM, Carlos E. R.
wrote: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
On 2015-10-14 22:24, Greg Freemyer wrote:
I saw no speed change after I quit moving the mouse. I don't know where the bottleneck is that keeps the transfer from running faster. Probably in the USB-3 bus itself.
Or the SSD itself. There is a limit to sustained write speed.
You must be right.
I've got quite a bit of data to move around overnight so I thought I start up 2 simultaneous big transfers at the same time.
I've got 2 SSDs sending data to / from rotating media. I'm seeing 350 MB/sec aggregate traffic on the USB-3 bus.
That's 3.5 Gbits/sec. That's the fastest I've ever noticed data going across that bus.
fyi: I just bought a new Anker USB-hub (7-port this time), so it could be that this hub is faster than the one I was using a couple days ago.
Greg
This thread triggered me to go get a USB-3.1 card. (I actually bought the ASUS X99-Deluxe Motherboard with an included USB-3.1 card. This will be my new "lab" machine.) I have an internal SSD on the sata cable. I'm doing my first test copy of 80GB from a USB connected SSD to a SATA connected SSD. The USB connected SSD is connected to one of the USB-3.1 ports. I am getting 330 MB/sec transfers (roughly 20GB/min). Note that external USB device was still a SATA<-->USB-3 adapter with a SSD in it, so 5 Gbit/sec is the theoretical max speed of that adapter, so I'm seeing a little over 60% of theoretical max speed in this setup doing a pure sequential read. Next I need to get a USB 3.1 sata dock. I just ordered one of these: http://www.amazon.com/gp/product/B0116I8DWG It will be interesting to see what kind of speeds I get out of that. Greg -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On Mon, Nov 2, 2015 at 4:25 PM, Greg Freemyer
On Sat, Oct 17, 2015 at 11:06 PM, Greg Freemyer
wrote: On Wed, Oct 14, 2015 at 7:08 PM, Carlos E. R.
wrote: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
On 2015-10-14 22:24, Greg Freemyer wrote:
I saw no speed change after I quit moving the mouse. I don't know where the bottleneck is that keeps the transfer from running faster. Probably in the USB-3 bus itself.
Or the SSD itself. There is a limit to sustained write speed.
You must be right.
I've got quite a bit of data to move around overnight so I thought I start up 2 simultaneous big transfers at the same time.
I've got 2 SSDs sending data to / from rotating media. I'm seeing 350 MB/sec aggregate traffic on the USB-3 bus.
That's 3.5 Gbits/sec. That's the fastest I've ever noticed data going across that bus.
fyi: I just bought a new Anker USB-hub (7-port this time), so it could be that this hub is faster than the one I was using a couple days ago.
Greg
This thread triggered me to go get a USB-3.1 card. (I actually bought the ASUS X99-Deluxe Motherboard with an included USB-3.1 card. This will be my new "lab" machine.) I have an internal SSD on the sata cable.
I'm doing my first test copy of 80GB from a USB connected SSD to a SATA connected SSD. The USB connected SSD is connected to one of the USB-3.1 ports.
I am getting 330 MB/sec transfers (roughly 20GB/min). Note that external USB device was still a SATA<-->USB-3 adapter with a SSD in it, so 5 Gbit/sec is the theoretical max speed of that adapter, so I'm seeing a little over 60% of theoretical max speed in this setup doing a pure sequential read.
Next I need to get a USB 3.1 sata dock. I just ordered one of these:
http://www.amazon.com/gp/product/B0116I8DWG
It will be interesting to see what kind of speeds I get out of that.
Greg
I have the new USB 3.1 dock. It is the same speed as my old USB 3.0 dock. I haven't tried any multi-transfer activity, so in that mode USB 3.1 may be faster, but for a simple point-to-point copy, it is not worth buying. Greg -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On Thu, Nov 5, 2015 at 2:16 PM, Greg Freemyer
On Mon, Nov 2, 2015 at 4:25 PM, Greg Freemyer
wrote: On Sat, Oct 17, 2015 at 11:06 PM, Greg Freemyer
wrote: On Wed, Oct 14, 2015 at 7:08 PM, Carlos E. R.
wrote: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
On 2015-10-14 22:24, Greg Freemyer wrote:
I saw no speed change after I quit moving the mouse. I don't know where the bottleneck is that keeps the transfer from running faster. Probably in the USB-3 bus itself.
Or the SSD itself. There is a limit to sustained write speed.
You must be right.
I've got quite a bit of data to move around overnight so I thought I start up 2 simultaneous big transfers at the same time.
I've got 2 SSDs sending data to / from rotating media. I'm seeing 350 MB/sec aggregate traffic on the USB-3 bus.
That's 3.5 Gbits/sec. That's the fastest I've ever noticed data going across that bus.
fyi: I just bought a new Anker USB-hub (7-port this time), so it could be that this hub is faster than the one I was using a couple days ago.
Greg
This thread triggered me to go get a USB-3.1 card. (I actually bought the ASUS X99-Deluxe Motherboard with an included USB-3.1 card. This will be my new "lab" machine.) I have an internal SSD on the sata cable.
I'm doing my first test copy of 80GB from a USB connected SSD to a SATA connected SSD. The USB connected SSD is connected to one of the USB-3.1 ports.
I am getting 330 MB/sec transfers (roughly 20GB/min). Note that external USB device was still a SATA<-->USB-3 adapter with a SSD in it, so 5 Gbit/sec is the theoretical max speed of that adapter, so I'm seeing a little over 60% of theoretical max speed in this setup doing a pure sequential read.
Next I need to get a USB 3.1 sata dock. I just ordered one of these:
http://www.amazon.com/gp/product/B0116I8DWG
It will be interesting to see what kind of speeds I get out of that.
Greg
I have the new USB 3.1 dock. It is the same speed as my old USB 3.0 dock. I haven't tried any multi-transfer activity, so in that mode USB 3.1 may be faster, but for a simple point-to-point copy, it is not worth buying.
Greg
Not only is that Unitek USB 3.1 dock not fast, it is not reliable. In the last 24 hours I had it disconnect from my computer twice. As I said before, I'm a heavy USB-3 user and disconnects like that are something I both notice and find unacceptable. I'm returning it to Amazon. Greg -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On 11/06/2015 03:43 PM, Greg Freemyer wrote:
On Thu, Nov 5, 2015 at 2:16 PM, Greg Freemyer
wrote: On Mon, Nov 2, 2015 at 4:25 PM, Greg Freemyer
wrote: On Sat, Oct 17, 2015 at 11:06 PM, Greg Freemyer
wrote: On Wed, Oct 14, 2015 at 7:08 PM, Carlos E. R.
wrote: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
On 2015-10-14 22:24, Greg Freemyer wrote:
I saw no speed change after I quit moving the mouse. I don't know where the bottleneck is that keeps the transfer from running faster. Probably in the USB-3 bus itself.
Or the SSD itself. There is a limit to sustained write speed.
You must be right.
I've got quite a bit of data to move around overnight so I thought I start up 2 simultaneous big transfers at the same time.
I've got 2 SSDs sending data to / from rotating media. I'm seeing 350 MB/sec aggregate traffic on the USB-3 bus.
That's 3.5 Gbits/sec. That's the fastest I've ever noticed data going across that bus.
fyi: I just bought a new Anker USB-hub (7-port this time), so it could be that this hub is faster than the one I was using a couple days ago.
Greg
This thread triggered me to go get a USB-3.1 card. (I actually bought the ASUS X99-Deluxe Motherboard with an included USB-3.1 card. This will be my new "lab" machine.) I have an internal SSD on the sata cable.
I'm doing my first test copy of 80GB from a USB connected SSD to a SATA connected SSD. The USB connected SSD is connected to one of the USB-3.1 ports.
I am getting 330 MB/sec transfers (roughly 20GB/min). Note that external USB device was still a SATA<-->USB-3 adapter with a SSD in it, so 5 Gbit/sec is the theoretical max speed of that adapter, so I'm seeing a little over 60% of theoretical max speed in this setup doing a pure sequential read.
Next I need to get a USB 3.1 sata dock. I just ordered one of these:
http://www.amazon.com/gp/product/B0116I8DWG
It will be interesting to see what kind of speeds I get out of that.
Greg
I have the new USB 3.1 dock. It is the same speed as my old USB 3.0 dock. I haven't tried any multi-transfer activity, so in that mode USB 3.1 may be faster, but for a simple point-to-point copy, it is not worth buying.
Greg
Not only is that Unitek USB 3.1 dock not fast, it is not reliable. In the last 24 hours I had it disconnect from my computer twice. As I said before, I'm a heavy USB-3 user and disconnects like that are something I both notice and find unacceptable.
I'm returning it to Amazon.
Greg
You might want to takea look at this. Not as pretty but... http://www.amazon.com/dp/B00C93JPNY?psc=1 -- Ken Schneider SuSe since Version 5.2, June 1998 -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On Sat, Nov 7, 2015 at 8:21 AM, Ken Schneider - openSUSE
On 11/06/2015 03:43 PM, Greg Freemyer wrote:
On Thu, Nov 5, 2015 at 2:16 PM, Greg Freemyer
wrote: On Mon, Nov 2, 2015 at 4:25 PM, Greg Freemyer
wrote: On Sat, Oct 17, 2015 at 11:06 PM, Greg Freemyer
wrote: On Wed, Oct 14, 2015 at 7:08 PM, Carlos E. R.
wrote: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
On 2015-10-14 22:24, Greg Freemyer wrote:
> I saw no speed change after I quit moving the mouse. I don't know > where the bottleneck is that keeps the transfer from running > faster. Probably in the USB-3 bus itself.
Or the SSD itself. There is a limit to sustained write speed.
You must be right.
I've got quite a bit of data to move around overnight so I thought I start up 2 simultaneous big transfers at the same time.
I've got 2 SSDs sending data to / from rotating media. I'm seeing 350 MB/sec aggregate traffic on the USB-3 bus.
That's 3.5 Gbits/sec. That's the fastest I've ever noticed data going across that bus.
fyi: I just bought a new Anker USB-hub (7-port this time), so it could be that this hub is faster than the one I was using a couple days ago.
Greg
This thread triggered me to go get a USB-3.1 card. (I actually bought the ASUS X99-Deluxe Motherboard with an included USB-3.1 card. This will be my new "lab" machine.) I have an internal SSD on the sata cable.
I'm doing my first test copy of 80GB from a USB connected SSD to a SATA connected SSD. The USB connected SSD is connected to one of the USB-3.1 ports.
I am getting 330 MB/sec transfers (roughly 20GB/min). Note that external USB device was still a SATA<-->USB-3 adapter with a SSD in it, so 5 Gbit/sec is the theoretical max speed of that adapter, so I'm seeing a little over 60% of theoretical max speed in this setup doing a pure sequential read.
Next I need to get a USB 3.1 sata dock. I just ordered one of these:
http://www.amazon.com/gp/product/B0116I8DWG
It will be interesting to see what kind of speeds I get out of that.
Greg
I have the new USB 3.1 dock. It is the same speed as my old USB 3.0 dock. I haven't tried any multi-transfer activity, so in that mode USB 3.1 may be faster, but for a simple point-to-point copy, it is not worth buying.
Greg
Not only is that Unitek USB 3.1 dock not fast, it is not reliable. In the last 24 hours I had it disconnect from my computer twice. As I said before, I'm a heavy USB-3 user and disconnects like that are something I both notice and find unacceptable.
I'm returning it to Amazon.
Greg
You might want to takea look at this. Not as pretty but...
That's still USB-3. I'm getting about 70% of max theoretical for USB-3 (5 Gbit/sec). I was looking for a bump up by going to USB 3.1 (10 Gbit/sec theoretical). Greg -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On 10/13/2015 01:37 PM, Carlos E. R. wrote:
On 2015-10-13 18:24, Anton Aylward wrote:
On 10/13/2015 12:05 PM, Gustav Degreef wrote:
I wonder why the SSD is faster than a similar (or even small) USB stick, given the underlying media technology?
Two reasons. One, that SATA can send data faster than USB2, and without
Gustav said:
A month and a half back I bought a Samsung T1, 256 GB external USB SSD.
Not SATA. USB. He didn't say USB2 or USB3. He didn't say rotating media. He also didn't mention what kind of applications he was running. Some streaming applications (music, video for example) will present different loads to the random read/write of development cycles. -- A: Yes. > Q: Are you sure? >> A: Because it reverses the logical flow of conversation. >>> Q: Why is top posting frowned upon? -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On Tue, 13 Oct 2015, Gustav Degreef wrote:
On 10/13/2015 03:18 PM, Anton Aylward wrote:
My question is this:
Why don't you just encrypt the drive or at the very least the data partition.
There are many perfectly good mechanisms for this.
I've thought about it, but I don't have the expertise to do it and have not had the time to look into it.
LUKS is a default scheme for Linux, of course. I don't know how to use TrueCrypt for Linux yet, but I believe both Grub and cryptsetup support it. Normally on Windows you could / might just use a TrueCrypt hidden partition, and put PortableApps in there. You'd put your email program in there and no one would even know you had email on the machine ;-). They would know you have TrueCrypt though. Either because there is a boot prompt (for a fully encrypted system) or because the program is installed on your system. On Linux it is much harder; there is no portable apps, to begin with. Thunderbird wants to sit in a certain place, and it all has to be in the FHS (Filesystem Hierarchy Standard). Mostly you have to compile it differently to use other locations (?). I also don't really know how Linux really handles mounting crypted filesystems (block devices) at boot and how you can postpone that for certain things you want at a later stage (but there is also no GUI for that, unless you use TrueCrypt for these block devices or containers). And TrueCrypt is unmaintained and doesn't play well with KDE at least (I think it is a GTK application, and it tries to use Nautilus for instance to open locations, and the icon is also not scalable, etc.). In Windows you could have an extra partition and it would prompt you to mount it at log-in. Such a thing doesn't happen in Linux and I don't know how to achieve it. I also don't really know how to prevent those other volumes from being prompted at boot, but that's just me. Then there is also eCryptFS which is an option when you install your computer (e.g. OpenSUSE, probably, also). eCryptFS only encrypts your home folder (by default) using a file-based or file-level encryption format. It is also possible (I still believe) to use a block-level home directory (mounted from e.g. a LUKS container) and I have a tutorial on that but it seems to fck up a bit with the newest mount.luks (complains about nonsensical things). But the downside to that is that you have to specify the maximum size of your home directory in advance. Linux is not as good as well with the no-information-leak thing, I cannot really get Linux up to par with Windows, no matter how much time I have invested in it already. In Windows it would just be easy... But the thing Anton writes in the other mail is very well possible. It doesn't take much to get even an encrypted boot partition and I have one now (on Ubuntu) but the downside is, the Grub prompt is ugly and not user friendly. The upside is only that there are no visible initrd (initramfs) files available to any suspecting member of the human species. I would suggest just sticking to Windows :P if you want real security in that area. But LUKS (for the entire drive) and eCryptFS (for the home directory) are easy second-hand-best solutions that are also available to you. An encrypted "boot partition" with TrueCrypt is effortless, for instance, on Windows. And the prompt is also much nicer. eCryptFS just uses your user password to encrypt (basically) so perhaps that is the best solution for you here. It is possible to set up eCryptFS behind the fact, but I have never done so yet. Something that would be ideal (as indicated) would be the ability to locate your home directory (for a current user) on an USB stick, but in that case I would rather encrypt the whole thing (or the home directory) and then sync to that stick so my data is also on there. It's what they call a "traveler stick" and you can use it with TrueCrypt but it is more oriented towards Windows users. You would truecrypt-encrypt either the entire stick (partition) or you would make a block-file container that contained the volume cq. data with TrueCrypt files available for installation from the visible partition. Normally people use FAT32 for such data sticks though, for interoperability, but that has its limitations. Regards, X. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On 10/13/2015 01:22 PM, Xen wrote:
Thunderbird wants to sit in a certain place, and it all has to be in the FHS (Filesystem Hierarchy Standard).
I don't see your point. Its a long standing convention that binaries/executable go in <whatever>/bin and libraries in <whatever>/lib. (or "lib64" on mixed 32/64 but systems) The normal <whatever> is "/usr", for user applications an "/' for system code needed at boot. The convention gets extended to include /usr/local and /opt/kde3 for example. Many people follow this with their own applications in ~/bin and ~lib. There is nothing magical about this, but to many of us it makes more sense than having binaries and libraries in ad-hoc (aka chaotic, random) places like some Windows systems. I disagree with Hisham Muhammad. Conventions and consistency are important. Even Hisham Muhammad accepts that, though he differs on what they should be. The basics of this convention go back, in my expedience, to version 6 UNIX of the early/mid 1970s Yes, there are going to be people who ignore or are ignorant of the FHS. Yes Microsoft tries to organize things sensibly despite what many vendors and developers end up doing. But the coherency with UNIX/Linux was good and when it wasn't there was always pressure for things like The Great Renaming and The etc Coherency project. Some things, X11 is a good example, "grandfather" oddities such as having code in /etc/X11 that dynamically determines (or sets depending on how you look at it) the configuration to be used when the X server starts for a particular user. So sometimes things have to be taken with a bit of squint. That you can't see how to make something like Thunderbird a portable (aka put it on a USB stick) app says more about you and your lack of understanding of shell programming than any limitation of Linux.
echo $PATH /home/anton/bin:/usr/local/bin:/usr/bin:/bin:/usr/bin/X11:/usr/X11R6/bin:/usr/games file $(which thunderbird) /usr/bin/thunderbird: symbolic link to `../lib64/thunderbird/thunderbird.sh'
If I want to run Thunderbird off a USB stick 9and have, once just to show I could) I'd add to my path the location on the USB stick and edit the copy of thunderbird.sh there appropriately. The script is pretty smart, looking at where its being executed, so location the appropriate libraries is taken care of anyway.
It is also possible (I still believe) to use a block-level home directory (mounted from e.g. a LUKS container) and I have a tutorial on that but it seems to fck up a bit with the newest mount.luks (complains about nonsensical things).
But the downside to that is that you have to specify the maximum size of your home directory in advance.
That doesn't make sense the way you've written it. If you mean that the size of the 'container' you are encrypting has to be defined beforehand and them put your file system in there, so what? If I use a disk partition or LVM LE I have to define the size as well. if you are talking about having a file that you do the crypt/LUKS thing on and have to determine the size of the file, how is this different? Yes, its a 'downside' that when I partition a disk the size of the container is 'fixed'. Bo-Ho! Go cry somewhere else. -- A: Yes. > Q: Are you sure? >> A: Because it reverses the logical flow of conversation. >>> Q: Why is top posting frowned upon? -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
Anton Aylward
On 10/13/2015 01:22 PM, Xen wrote:
I don't see your point.
There is nothing magical about this, but to many of us it makes more sense than having binaries and libraries in ad-hoc (aka chaotic, random) places like some Windows systems. I disagree with Hisham Muhammad.
I have no clue who Hisham Muhammad is, except that I can find him on the web. But if you disagree with him, then it stands to reason that I would like this thought :P.
Yes, there are going to be people who ignore or are ignorant of the FHS. Yes Microsoft tries to organize things sensibly despite what many vendors and developers end up doing. But the coherency with UNIX/Linux was good and when it wasn't there was always pressure for things like The Great Renaming and The etc Coherency project.
Oof, old school mechanics I've never heard of. You'd start to think Unix/Linux would have a history :P.
That you can't see how to make something like Thunderbird a portable (aka put it on a USB stick) app says more about you and your lack of understanding of shell programming than any limitation of Linux.
No it tells a tale of me wanting you to do it for me.
If I want to run Thunderbird off a USB stick 9and have, once just to show I could) I'd add to my path the location on the USB stick and edit the copy of thunderbird.sh there appropriately. The script is pretty smart, looking at where its being executed, so location the appropriate libraries is taken care of anyway.
Thanks, that is good info, now I won't need to do it myself :P.
But the downside to that is that you have to specify the maximum size of your home directory in advance.
That doesn't make sense the way you've written it.
If you mean that the size of the 'container' you are encrypting has to be defined beforehand and them put your file system in there, so what?
If I use a disk partition or LVM LE I have to define the size as well. if you are talking about having a file that you do the crypt/LUKS thing on and have to determine the size of the file, how is this different?
The difference is that you don't understand me.
Yes, its a 'downside' that when I partition a disk the size of the container is 'fixed'.
Hardly so, but then I use thin LVM nowadays :P. LOL!.
Bo-Ho! Go cry somewhere else.
Why, I like to cry along with you :) <3. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On 2015-10-13 18:05, Gustav Degreef wrote:
On 10/13/2015 03:18 PM, Anton Aylward wrote:
On 10/13/2015 02:15 AM, Gustav Degreef wrote:
Why don't you just encrypt the drive or at the very least the data partition.
There are many perfectly good mechanisms for this. I've thought about it, but I don't have the expertise to do it and have not had the time to look into it.
Well, yast does it, automatically. Two or three methods: a) Encrypt only /home or /data, or more, but not the system. b) encrypt all. Case 'b' means encrypt the entire disk, save a small /boot, and place LVM there. root, system, swap, go on top of the LVM. -- Cheers / Saludos, Carlos E. R. (from 13.1 x86_64 "Bottle" at Telcontar)
On 10/13/2015 08:18 AM, Anton Aylward wrote:
Alternatively, in the mobile setting, strip down the 'laptop' (or use a cheapie burner from Goodwill) and use a USB stick as your /home. Remove the USB stick when no using the laptop.
I'd worry more about losing the USB stick than someone getting their grubby paws on my laptop ;-) -- David C. Rankin, J.D.,P.E. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On 10/13/2015 06:45 PM, David C. Rankin wrote:
On 10/13/2015 08:18 AM, Anton Aylward wrote:
Alternatively, in the mobile setting, strip down the 'laptop' (or use a cheapie burner from Goodwill) and use a USB stick as your /home. Remove the USB stick when no using the laptop.
I'd worry more about losing the USB stick than someone getting their grubby paws on my laptop ;-)
I keep a number of flat things in my wallet. This includes a credit card shaped "swiss army knife" and a credit card USB from a vendor trade show. I also have a card with a number of goodly capacity SDHC chips and a card adaptor clipped into it. OK, so that's not USB, but I can pick up a USB adaptor for the cards like teh one I have in my case at a dollar store or any computer outlet. heck, I've seen them in sections of supermarkets! So how about we stop playing this "I've got a hole in my bucket dear liza" excuse game. https://www.youtube.com/watch?v=xzm9urjQbWU -- A: Yes. > Q: Are you sure? >> A: Because it reverses the logical flow of conversation. >>> Q: Why is top posting frowned upon? -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On 10/13/2015 08:34 PM, Anton Aylward wrote:
So how about we stop playing this "I've got a hole in my bucket dear liza" excuse game. https://www.youtube.com/watch?v=xzm9urjQbWU
Deal, Then, I won't even mention the theory that the world rests on the back of a giant turtle... -- David C. Rankin, J.D.,P.E. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On 10/13/2015 09:54 PM, David C. Rankin wrote:
Then, I won't even mention the theory that the world rests on the back of a giant turtle...
And it's turtles all the way down! ;-) -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On 10/13/2015 09:57 PM, James Knott wrote:
On 10/13/2015 09:54 PM, David C. Rankin wrote:
Then, I won't even mention the theory that the world rests on the back of a giant turtle...
And it's turtles all the way down! ;-)
No, dear, its People. This is the IT business. It's people, people, people all the way down. People designed the hardware and software and architecture. People wrote the code and created the factories that built the equipment. people wrote the advertising copy and did the selling. People use the systems. People managed the budget for all this. People decided what other people would and would not do in all of this. people, and yes we know who in particular, f***d up the configuration of systems. Its people, people, people, not turtles, all the way down. Perhaps it turtles elsewhere, like those shiny things in the night sky, but not in the IT business! And not in politics either! -- A: Yes. > Q: Are you sure? >> A: Because it reverses the logical flow of conversation. >>> Q: Why is top posting frowned upon? -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On 10/13/2015 10:06 PM, Anton Aylward wrote:
And it's turtles all the way down! ;-)
No, dear, its People. This is the IT business. It's people, people, people all the way down.
That turtles all the way down was something I read in a Carl Sagan book, where he said someone claimed it was "turtles all the way down". ;-) -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 14/10/15 12:16, James Knott wrote:
On 10/13/2015 10:06 PM, Anton Aylward wrote:
And it's turtles all the way down! ;-)
No, dear, its People. This is the IT business. It's people, people, people all the way down.
That turtles all the way down was something I read in a Carl Sagan book, where he said someone claimed it was "turtles all the way down". ;-)
See also Yertle the Turtle by Dr Suess: http://www.spunk.org/texts/prose/sp000212.txt - -- Bob Williams System: Linux 3.16.7-7-desktop Distro: openSUSE 13.2 (x86_64) with KDE Development Platform: 4.14.3 Uptime: 06:00am up 7:55, 3 users, load average: 0.16, 0.05, 0.06 -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iEYEARECAAYFAlYePpYACgkQ0Sr7eZJrmU4aKACdGCB1jmU4GVe113iPCOC2eosG Q5UAniW5jOnaaBf3mSCpA5MounhSBi08 =JY57 -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On 10/14/2015 07:16 AM, James Knott wrote:
On 10/13/2015 10:06 PM, Anton Aylward wrote:
And it's turtles all the way down! ;-)
No, dear, its People. This is the IT business. It's people, people, people all the way down.
That turtles all the way down was something I read in a Carl Sagan book, where he said someone claimed it was "turtles all the way down". ;-)
Yes, I have the book; he said it was a little old lady. Wait, was it Sagan or Feynman? Some myths are viral. Pratchett played this up and it became a myth in its own right, but he mixed in other sources as well, hence the elephants. With the elephants - enough elephants beyond a critical point, provided they are of the same size - you don't need so many turtles, and turtles, being independent creatures who only come together to mate, would be difficult to keep stacked up. In fact even having two of them stacked would be difficult to get by the British censors in children's books. -- A: Yes. > Q: Are you sure? >> A: Because it reverses the logical flow of conversation. >>> Q: Why is top posting frowned upon? -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On Tue, 13 Oct 2015, Anton Aylward wrote:
I keep a number of flat things in my wallet. This includes a credit card shaped "swiss army knife" and a credit card USB from a vendor trade show.
I also have a card with a number of goodly capacity SDHC chips and a card adaptor clipped into it. OK, so that's not USB, but I can pick up a USB adaptor for the cards like teh one I have in my case at a dollar store or any computer outlet. heck, I've seen them in sections of supermarkets!
I'd have no idea where to buy that. Probably Amazon then. There is usually a shortage of more rare items in this country. Sometimes something is available on any Amazon nearby (UK, DE) and they won't ship to my country. And sometimes, often times, amateur resellers then provide such service through 2nd hand marketplaces, but not always. "Then move abroad, Dear Henry, Dear Henry" I cant, dear Liza, dear Liza. "Then make sure you are born in another country, dear Henry Dear Henry" But still, I wouldn't want my entire /home or even my local /home/user to be on a different device. The problem is there might always be a time where the two are separated for whatever reason and not because you want it. I could put an SD card in this laptop, for instance, but I don't want to buy another one. All of them are at home. Not again spending money on that :(. I try to put everything on the cloud now, it is cheaper and more safe. They can steal everything from me physically and routinely do, but they can't touch my internet accounts yet.
So how about we stop playing this "I've got a hole in my bucket dear liza" excuse game. https://www.youtube.com/watch?v=xzm9urjQbWU
Nice game, btw. Shame they didn't see how the stone can easily be wetted by putting the stone in the bucket while lowering it in to the well. So the circle is not really complete. Dumbasses ;-). And where did she get that axe? Does she always keeps axes in her hind pocket? -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On 10/14/2015 06:13 AM, Xen wrote:
I'd have no idea where to buy that. Probably Amazon then.
Try eBay and Alibaba, then dear Henry. Their far eastern vendors seem to have no problems shipping and most of these items were free shipping. While I have had no problems with the things I've ordered coming into the country, you may if you order prohibited goods (such as ivory or other plant or animal products interdicted for your country) or things classed as 'dangerous' (chemicals, weapons, blades above a certain size). Some countries restrict the importation of literature that they deem 'offensive' (e.g. about sex) or 'subversive' (about politics or 'The Anarchists Cook-Book' for example. But the kind of things like small technology, wallets, clothing ... None of that should be a problem. Searching eBay and Alibabab is quite another matter! -- A: Yes. > Q: Are you sure? >> A: Because it reverses the logical flow of conversation. >>> Q: Why is top posting frowned upon? -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On 10/14/2015 06:13 AM, Xen wrote:
But still, I wouldn't want my entire /home or even my local /home/user to be on a different device.
Once again history and experience trumps your view of things! Having separate 'spindles' for different parts of the storage offers a good degree of parallelism for a number of reasons. Drives tend to be smart devices, they have their own buffers and caches and can work fairly autonomously. Even the old PDP disk controllers that used a single DMA channel into memory could set up seek and buffer operations of more than one disk simultaneously. Now we have SATA as the basic drive interface, and each SATA channel is independent. They can work autonomously. Depending on your hardware they *may* be able to carry out transfers either in parallel or interleaved. Yes, having huge drives means that most people using PCs for desktop think it simpler to have one drive; many don't even partition that. Certainly Windows did not have a heritage of putting user data on a different spindle or partition! Certainly back in the PDP/11 days, having a separate spindle for Swap speeded up the roll-in/roll-out. And having a separate spindle for /tmp speeded up many operations, since memory limitations meant that in-core caching of intermediate files and sort buffers wasn't practical. While some of that is not an issue with today's virtual memory and larger internal memory, it does raise issues of where the best position for expensive fast store such as SSD should be. As ever, there is a trade-off between memory and its speed/cost and 'external' storage and its speed/cost. Separating code and data has always been a good principle. That is one reason we have a separate /home branch at all. Having it as a separate partition can make upgrades and backups simpler as well. Having it as a separate 'spindle' (aka 'drive' aka 'device') also offers a degree of parallels - efficiency and performance - as well as maintainability. This has long been demonstrated. There are many variations of this which manifest as the forms of RAID. -- A: Yes. > Q: Are you sure? >> A: Because it reverses the logical flow of conversation. >>> Q: Why is top posting frowned upon? -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On 2015-10-14 14:42, Anton Aylward wrote:
Yes, having huge drives means that most people using PCs for desktop think it simpler to have one drive; many don't even partition that. Certainly Windows did not have a heritage of putting user data on a different spindle or partition!
On the contrary. On Windows 3, it was trivial to place "Documents" on another "disk". It is rather difficult on W7, at least as a global setting for all users. Back on MsDOS times, on computers with two floppies, as was mine, it was also typical to have the system on on one disk, perhaps "the" application, and the data files on the other. And the system/application disk could have the write tab in disable position, thus impeding damage by virii. -- Cheers / Saludos, Carlos E. R. (from 13.1 x86_64 "Bottle" at Telcontar)
On 10/14/2015 09:02 AM, Carlos E. R. wrote:
On 2015-10-14 14:42, Anton Aylward wrote:
Yes, having huge drives means that most people using PCs for desktop think it simpler to have one drive; many don't even partition that. Certainly Windows did not have a heritage of putting user data on a different spindle or partition!
On the contrary. On Windows 3, it was trivial to place "Documents" on another "disk". It is rather difficult on W7, at least as a global setting for all users.
I had some slight experience with XP on the laptop my father gave me when he upgraded. I tried setting the user space, "Desktop" etc, on a "D:" partition, but it was amazingly awkward. many applications seemed to assume it was on C: quite regardless of what the settings were!
Back on MsDOS times, on computers with two floppies, as was mine, it was also typical to have the system on on one disk, perhaps "the" application, and the data files on the other. And the system/application disk could have the write tab in disable position, thus impeding damage by virii.
LOL! Then there were macroviruses in things like the documents! -- A: Yes. > Q: Are you sure? >> A: Because it reverses the logical flow of conversation. >>> Q: Why is top posting frowned upon? -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On 2015-10-14 15:46, Anton Aylward wrote:
On 10/14/2015 09:02 AM, Carlos E. R. wrote:
Back on MsDOS times, on computers with two floppies, as was mine, it was also typical to have the system on on one disk, perhaps "the" application, and the data files on the other. And the system/application disk could have the write tab in disable position, thus impeding damage by virii.
LOL! Then there were macroviruses in things like the documents!
Not yet, not at that time :-) As far as I remember, virii at that time were of two classes: boot sector, or tag at the end of an executable. You could detect the second type just by looking at the changed size of the executable. And when they were active, available RAM size changed, somewhat. Macro virii depended on the targets using the same application with macros, and there were not that many. -- Cheers / Saludos, Carlos E. R. (from 13.1 x86_64 "Bottle" at Telcontar)
On 10/14/2015 09:02 AM, Carlos E. R. wrote:
Back on MsDOS times, on computers with two floppies, as was mine, it was also typical to have the system on on one disk, perhaps "the" application, and the data files on the other. And the system/application disk could have the write tab in disable position, thus impeding damage by virii.
Remember the sys command, which would make a floppy bootable? You'd use that bootable floppy for apps, without installing the full DOS on it. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On 2015-10-15 13:21, James Knott wrote:
On 10/14/2015 09:02 AM, Carlos E. R. wrote:
Back on MsDOS times, on computers with two floppies, as was mine, it was also typical to have the system on on one disk, perhaps "the" application, and the data files on the other. And the system/application disk could have the write tab in disable position, thus impeding damage by virii.
Remember the sys command, which would make a floppy bootable? You'd use that bootable floppy for apps, without installing the full DOS on it.
Yes. I had a bunch of boot disks, one or several per application, often with different boot choices. -- Cheers / Saludos, Carlos E. R. (from 13.1 x86_64 "Bottle" at Telcontar)
Again you misunderstand me. You keep thinking I am this stupid turd.
Well, I am! But only in Anton land ;-).
:) <3. :P lol puke.
Anton Aylward
On 10/14/2015 06:13 AM, Xen wrote:
Once again history and experience trumps your view of things! Having separate 'spindles' for different parts of the storage offers a good degree of parallelism for a number of reasons.
Duh what do you think I am. Not that I've always *had* separate drives, but my current computer at home (did) have 2 separate (SATA/IDE) disks. And I prefer, or did prefer at the time, to keep data on an external SATA drive and just backed up to an identical size USB drive. Windows may try to store all user data on the same system drive. But essentially what I've always done and many I think is to relocate that data (and you can easily now, with those libraries) to a separate partition. I have always favoured a separate data partition, even if it was on the same drive. So there was always at minimum a C: and a D: in my system, and, when it was easier to achieve, also a subst for E: and F: and so on for various "sub mounts" or sub partitions. But the main point of Linux and the problems it has with /home is that /home is not only data, but also configuration. So you won't have a user if you put it on an external drive and then disconnect that: that was the point. I was talking about USB and SD cards only, really. What I do in Windows, well, I'm still not "out" with it. eruit zijn, to have made up your mind. The problem is that there are at least three levels of storage. There is personal information (the self), collective information (the group) and universal information (the all). At the same time, there is a division in creative and consumptive. Consumptive information is usually universal, or, the other way around, universal information is almost always consumptive (it is those movies and music made by others). Universal information is typically something you want to share among the people on your computer/network/systems. Personal information you typically want to keep private. Collective information can be projects you are working on; and the information you have researched for these projects. This information is not personal because it results from research, anyone could apply it. Nevertheless it could be more or less private. So you have at least three types of storage: - personal information, secrets, agenda, contact details, phone numbers, letters you've written - projects and creative pursuits - stuff you download Ideally what you want is for there to be a way that you can layer these things on top of each other if they need be. Because now you have like a 3x5 matrix in a certain way. "video", for instance, can be in various stages. You can have personal video that you have not shared yet with anyone. Microsoft allows for this by adding various locations to their libraries. I have typically always used, because that was the easiest, the system C: drive user folders as a storage space for un-managed or un-archived or un-organised files that I create on the fly, so to speak. I'm not really good at cleaning up or tidying my home, so to speak, I have always let things get to be a mess. But once in a while I would set a few hours apart and clean up the mess and move everything to "persistent" storage in the sense of an organized tree of data, and often times I would spend a lot of time trying to reorganize that. Lately I have had --- censor ---. So I've had like those multiple levels, but projects fell in between, I did not have a dedicated location for that. I just kept them with my personal files, and sometimes stored them on the big data when they got bigger or whatever. So you could also have three levels of pictures: those you shoot yourself, or want to keep private, those that are shared among peers, and those you just download off the web. In a Linux system that would be: accessible by owner, accessible by group, and accessible by all system accounts. That is basically the idea. But it is rather hard to accomplish when there is not a thought-out plan for it yet. It really needs something of development to get something nice that way. For instance, you could have a network share from a network harddisk device that is just public for reading. That contains your collections. Then on the same n-a-s you could have stuff shared with certain users. Then your private stuff could also be on the NAS or you could keep it locally and sync it elsewhere. But how are you going to access these various layers? Are you going to make a home user "videos" folder that contains "me", "us" and "all" ? Are you going to let Microsoft show you an overview of all these sources? I guess that works... well. Enough. For now. Maybe you want a system where there is another dimension apart from a hierarchy; you want a switch that changes the context and changes the view of that folder accordingly. It would be a virtual folder sourcing from different places. Nevertheless this only pertains to information, not configuration. Configuration is that which on Linux typically resides in dot files. Now what you *can* do is .... use an overlay filesystem to combine external or remote or different volumes into the /home, not mounted on top of it, but rather perhaps together with it. I only know about aufs, but it is not available in SuSE. (OverlayFS doesn't work). On the other hand... well. Caches for instance, .cache and all that. They are rather sensitive information in a certain way so usually you'd really want them to be eCryptFS-sed and all that. But .mozilla contains firefox data as well and .thunderbird I think contains your mail store. That's not configuration but data (roaming data on Windows). Caches are in "local" on Windows. So what you gonna do. Cache fits perfectly on a home / root system, so you can just make sure all default folders are created on the root fs. Then you make sure your documents/pictures/videos etc point to another destination. Or are overlayed with aufs for example. Then you also move .thunderbird or whatever to the other source, or perhaps change thunderbird config to do that, but a symlink might do fine. [[ With aufs it is very easy to get a default setting of: folders are created on one device, but a folder that is available from another device will kept (be kept) updated on that other device/volume. So anything you move to that other device (you need to mount the sources first somewhere, which I use /mounts/ for these days) will stay on that other device and not be written to the default device. ]] It is all rather difficult. For instance when I tried to mount /usr to /mounts/user and then bind mount it to /usr, my system would not boot (Ubuntu) or at least it would not find /usr in time. In Windows I don't deal with complexities; I just arrange drive letters and volumes tied to them. Currently I am trying to discover how I can manually/automatically can keep my personal files synced across a cloud. OwnCloud is not really good yet, particularly the user interface could need destruction and more destruction and then burning it and maybe finally a phoenix will arise from the ashes. I have never seen such a bad music player, for example. A local VP... provider is building their own OwnCloud solution that they will sell (provide as a service) most likely based on OwnCloud but with their own user interface that they design. Because they kinda agreed with me that the base default user interfase is rather lacking. I don't know what Synology is doing and How I can really use that. I can hardly install synology software on some VP..x.
Yes, having huge drives means that most people using PCs for desktop think it simpler to have one drive; many don't even partition that. Certainly Windows did not have a heritage of putting user data on a different spindle or partition!
Most of my friends probably did that though. There is really nothing much sitting in the way of that. Now, you can change the base location of the libraries. For instance, my pictures etc. now point to d:\home\pictures, for now. This allows me to create smaller system images for backup and restoration of the system bare. But, and this was the point with /home, my user is also in that system image and I would not really want it to be outside of that, because user configuration is also configuration. That's why I go to pains with that "aufs" and try to find ways to keep configuration data in /home on the rootfs, but all other data (excluding caches, perhaps) on another sources/volumes/devices. In other words, I don't *just* want /home to be somewhere else. That wouldn't work, because you don't have a system without /home. Except for /root, that is not on that volume, if you were to separate it. /home is not really a very good candidate for externalising it. So I create /data or /store (still fiddling with that) and put my files on there. And I externalize (so to speak) THAT. But it is troublesome so if I don't have time for all that, I still do /home on a separate volume. To my great pain, in a way. I recently forgot to backup /home because I didn't remember it was on a separate thing. Not intuitive to me.... and stupidity of LVM perhaps.
Certainly back in the PDP/11 days, having a separate spindle for Swap speeded up the roll-in/roll-out. And having a separate spindle for /tmp speeded up many operations, since memory limitations meant that in-core caching of intermediate files and sort buffers wasn't practical. While some of that is not an issue with today's virtual memory and larger internal memory, it does raise issues of where the best position for expensive fast store such as SSD should be. As ever, there is a trade-off between memory and its speed/cost and 'external' storage and its speed/cost.
Yeah well, you don't really have to explain the basics like that. No one in his right mind would use Linux if he didn't understand the basics. Except for the poor people who get directed that way by others.
Separating code and data has always been a good principle. That is one reason we have a separate /home branch at all. Having it as a separate partition can make upgrades and backups simpler as well. Having it as a separate 'spindle' (aka 'drive' aka 'device') also offers a degree of parallels - efficiency and performance - as well as maintainability.
That is pretty much a "duh" for me. But you forget that home combines config and data. It is also very difficult for me to contain and locate data from sources such as wikis and web interfaces. Do you have any info on that? A best practice or whatever? Stuff under /var/lib is usually root writable. Or owned by www-data or whatever. It creates problems. DokuWiki (something I use) can run into great big permission problems that you can't solve. Unless you reinstall it. OwnCloud puts information under /var/lib/owncloud or whatever or even /usr/share/owncloud. And by default it does not want you to write to its data store by external actions. Which is quite a problem because its ability to import data is extremely limited. And owncloud can be (and is) a nice interface to a data store you manage yourself. So you want the data store to be within your own control, and then give that cloud solution ACCESS TO THAT. AND NOT BE THE ONLY OWNER OF IT. The funky thing about owncloud currently is that although it says you CANNOT or MAY not access the data directly, and if you do, its permissions get fcked up, eventually it automatically fixes those permissions. At least the permissions in its own database. Don't know about file (filesystem) permissions yet. It is a trouble. I want it to create files that are owned by the www-data GROUP and writable by that group but owned by a different user ideally, or for me to be able to easily convert it to my own user (without needing to be root). And I never know how to do that, because options or solutions are never available in a GUI, and I have limited time (or mostly, also, limited energy). For what you know, I might not be the most healthy person on earth, you know. And most people aren't, who like things to be easy and are not superhumans who can accomplish any seeming impossible or hard goal. So anyway I will just be symlinking owncloud locations to my own data storage so that owncloud only maintains backups, or caches, or metadata, or all that stuff. But it is terribly difficult that I have to do everything myself. And these people do not think about this stuff in advance. So you are always fighting your battles just alone, very little cooperation from others, because there appear to be no like-minded people. "Where two or three are gathered in my name." But if you are all alone. Well. Yeah. I cry. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On 10/14/2015 10:10 AM, Xen wrote:
So you have at least three types of storage:
- personal information, secrets, agenda, contact details, phone numbers, letters you've written - projects and creative pursuits - stuff you download
Indeed. Easy enough with Linux. Whether a specific 'folder' (aka directory) is on a separate (or separately mountable) device or not is arbitrary. the same can go for files. If you haven't learnt just how capable symlinks are at building your 'matrix', then get up to speed. Your access control problems are really an issue of understanding set theory. Once you do, then the 'groups' mechanism is amazingly capable. its actually simpler than access control lists as per 'attributes'. Try 'man 5 attr' -- A: Yes. > Q: Are you sure? >> A: Because it reverses the logical flow of conversation. >>> Q: Why is top posting frowned upon? -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On Wed, 14 Oct 2015, Anton Aylward wrote:
On 10/14/2015 10:10 AM, Xen wrote:
So you have at least three types of storage:
- personal information, secrets, agenda, contact details, phone numbers, letters you've written - projects and creative pursuits - stuff you download
Indeed. Easy enough with Linux.
Whether a specific 'folder' (aka directory) is on a separate (or separately mountable) device or not is arbitrary. the same can go for files.
If you haven't learnt just how capable symlinks are at building your 'matrix', then get up to speed.
Now the real question is whether you *really* believe that I'm as stupid as you portend me to be, or whether you just pretend that you think I am. ;-). Portend is probably a different word. You know what I mean. Portray perhaps. A mixture of portray and pretend. ;-).
Your access control problems are really an issue of understanding set theory. Once you do, then the 'groups' mechanism is amazingly capable. its actually simpler than access control lists as per 'attributes'.
I'm currently trying to have an NFS mount not have rwxrwxrwx. It is amazingly difficult. Just lack of Knowledge i would Assume, but still, it is not easy to discover here. I have never mounted nfs before. The mount works, it's just that every monkey on this system can delete everything. I think. Maybe it is just something like umask. Let me try that. Oh it just copies the permissions from the server. How to do THIS now. The users on the server are different. Pfff, more thinking and more headache, really. Regards.
Try 'man 5 attr'
Sorry, my computer crashed when I did that.
Q: Are you sure? A: Yes.
-- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On 2015-10-14 19:49, Xen wrote:
I'm currently trying to have an NFS mount not have rwxrwxrwx.
Now that's strange, I never got those. The visible permissions are controlled at the server machine, not at the client. And it is just about changing the permissions there. And once you mount the share at the client, it is just like a normal, local, directory, so just change them. -- Cheers / Saludos, Carlos E. R. (from 13.1 x86_64 "Bottle" at Telcontar)
On Wed, 14 Oct 2015, Carlos E. R. wrote:
On 2015-10-14 19:49, Xen wrote:
I'm currently trying to have an NFS mount not have rwxrwxrwx.
Now that's strange, I never got those.
The visible permissions are controlled at the server machine, not at the client. And it is just about changing the permissions there.
Yes that's what I said at the end, how convenient for you to have missed that. Make me look like a moron again. Heh? ;-).
And once you mount the share at the client, it is just like a normal, local, directory, so just change them.
Aye, I figured that. But. The issue is. I am having to think up a strategy where the remote group policy coincides with the local group policy, that's one. But on the remote system there are two user groups: users at 50, and administrators at 101 or something. Error, users at 100. And any additional group you add gets 65536+. I wanted to use or abuse the staff group for something at 50, but that won't work since the remote system won't have that. So first I will need probably to mirror the 65536 group locally. Just give it a name. "Friends". Or "Home". Or "Trusted". Then, apparently, the remote umask, at least for samba shares, is set to .... zero. So that's where the rwxrwxrwx comes from. I will first have to change everything to rwxrwxr-x. At least for folders. Then, these remote users don't exist locally. What to do. I can create them. I can also sync my remote user UID with the local one. I don't know, I was going to ask on the Syn forum but it takes time to do that and get an answer, if any. If it was a samba share all files would just have a single owner. Which would make it easy to create or control access from mhere. Then, if samba mounted, the effective samba user would be the one changes on the remote filesystem would be attributed to. So that is easy in that regard. Now I'm having to.... decide or devise whether... you know. The remote files may have various owners. If I want any process to operate on these shares as a whole (say a cloud software for the web) it must (a) preserve ownership and (b) be part of a group that has write access (for instance). But I don't think it will play nice. It wants to have its own store etc. In the remote system, files are created using the logged-in user. But in this cloud thing, they are created with www-data. You don't have access to it, normally. Open source, yay. Never thinking about real use cases. That's of course because the cloud users are not real system users. But they are on the remote system. Much better, in that regard, I think.... I don't want to use samba because I perceive the performance and reliability will be much better with NFS in other regards. But this having to sync users is a problem. For instance, I don't even *want* my remote user to exist on the local system. But now they are really just numerics, and in any case, nonsense. It is the same with extracting (with root user) a tarball on a different system. The users will be "garbled". These users must stay different. At the same time I want the entire share (this one) to be accessible just under my default user in the local system. With samba this is possible. That would greatly ease or alleviate the problems with getting it to work with the cloud thing. I don't want these systems to be "as one" :(. What use do I have for those remote users. The remote collection is not user owned anyway, more group owned. A shared thing, even if I'm the only person currently :P. As I have been for numerous decades. But anyway. A person has the right to believe right. What you'd get then with remote access is that the owner of something might change (not common, but possible). The only way out of that is to have the cloud thing use real users and then make the users the same as well. Buh... Even if I didn't use a cloud I would still need to have users for those files. Maybe I just shouldn't try to export or expose my collection in this way. Why require 2 diffent cloud interfaces, right. So what you do is create a dedicated share for the *current* collection (the cloud thing) and use it as as data store for that. Or, you use that dedicated share as a backup of it, which is the same thing really. Now with NFS you STILL need to have identical users. Either the local system will write to it and the remote system won't (I'm the one using the mount) and the remote system will see unknown users as owners. Or, ..well. I guess it should not be changed on the remote host (the real host). This is nearly impossible to get right. Even if I get local capacity I want it to be synced to a backup share. But then collections will differ and diverge. I guess that's unavoidable, they are two different systems. I have to go do something else though. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
Btw, I am downloading a file from the NFS share through the other machine, ie. through the machine that mounts the share. A 300K/s file transfer (at the end, that is to say, at my end) requires about 600K/s up and 300K/s down at the NFS server. That means it TRIPLES the amount of bandwidth required. How is that for an inefficient protocol? I don't know. I can check with Smaba, although I'd rather not. I thought this was going to be reasonably efficient. But this way there is no point to it. It chokes the upload limit of the NFS server without effort. Well, the nfs mount is now just added as a directory to the cloud thing, works reasonably well except or apart from the low transfer speeds. And the high requirements. Regards, xx. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On 10/14/2015 04:25 PM, Xen wrote:
That means it TRIPLES the amount of bandwidth required. How is that for an inefficient protocol? I don't know.
Are you running TCP or UDP? Soft mount or hard mount? What are you buffer sizes? What are your cache timeouts? What are directory cache sizes? What are you cache share settings across users? Are you using the NFSACL sideband protocol? Are you doing file locking? What protocol are you using for that? If you Ethernet interface can do DMA you'd be better of configuring NFS to use rDMA. NFS is very flexible. The downside to that is that you have to pay attentions. I've mounted trans-Atlantic file systems with a 56K pike in the way and still got useful work done, editing config files and doing system administration. There are better protocols for bulk file transfer than NFS. -- A: Yes. > Q: Are you sure? >> A: Because it reverses the logical flow of conversation. >>> Q: Why is top posting frowned upon? -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On 10/14/2015 03:06 PM, Xen wrote:
I am having to think up a strategy where the remote group policy coincides with the local group policy, that's one.
But on the remote system there are two user groups: users at 50, and administrators at 101 or something. Error, users at 100.
And any additional group you add gets 65536+.
RTFM. As I said, the name mapper daemon (runs on both server and client) takes care of mapping SO LONG AS ENTITIES EXIST. If, for example, you have a 'managers' group on one and not the other, it will need to be mapped to 'nobody'. http://users.suse.com/~sjayaraman/nfs4_howto.txt Yes it really is that trivial. of course you could simply have the /etc/passwd and /etc/group on all machines. -- A: Yes. > Q: Are you sure? >> A: Because it reverses the logical flow of conversation. >>> Q: Why is top posting frowned upon? -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 On 2015-10-14 21:06, Xen wrote:
On Wed, 14 Oct 2015, Carlos E. R. wrote:
Then, apparently, the remote umask, at least for samba shares, is set to
Samba? Yesterday you said NFS. They are very different, regarding permissions and users. - -- Cheers / Saludos, Carlos E. R. (from 13.1 x86_64 "Bottle" (Minas Tirith)) -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.22 (GNU/Linux) iF4EAREIAAYFAlYe59wACgkQja8UbcUWM1w7CAD/Z3F5JpvQq6mLEOlM0iBABI2u tpVm39zpn7J1Q9fzhj4BAIXlRmTicsbRGosEWDOsrOzgHuGfc1Uns+xJVAa+IIvA =HLcf -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
"Carlos E. R."
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
On 2015-10-14 21:06, Xen wrote:
On Wed, 14 Oct 2015, Carlos E. R. wrote:
Then, apparently, the remote umask, at least for samba shares, is set to
Samba? Yesterday you said NFS. They are very different, regarding permissions and users.
Not really sure what you're responding to, sorry. I know I made a comparison between NFS and Samba. Samba won't transmit permissions (I think) and will just mount under the user you supplied for the samba share, ie. all the files will probably have that (remote) user. Or maybe even the local user, I don't know. It's not like you can see in Windows. I believe in Linux mounting a samba share means setting its explicit user. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
Il 15. 10. 15 20:10, Xen ha scritto:
"Carlos E. R."
schreef: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
On 2015-10-14 21:06, Xen wrote:
On Wed, 14 Oct 2015, Carlos E. R. wrote:
Then, apparently, the remote umask, at least for samba shares, is set to
Samba? Yesterday you said NFS. They are very different, regarding permissions and users.
Not really sure what you're responding to, sorry. I know I made a comparison between NFS and Samba. Samba won't transmit permissions (I think) and will just mount under the user you supplied for the samba share, ie. all the files will probably have that (remote) user.
Or maybe even the local user, I don't know. It's not like you can see in Windows. I believe in Linux mounting a samba share means setting its explicit user.
It depends whether or not the server providing the CIFS share has Linux integration capabilities, i.e. the Windows 2008 Unix interoperability components. My preferred choice was to install the NFS services or (years ago) an equivalent third-party product, this in order to minimize the components loaded in the clients and the configuration requirements. In this phase I have only "pure" Linux environments :-) (excluding a few winware VMs :-( ) so this is now a problem I'm happy to have behind me.... -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On 10/15/2015 11:56 AM, Marco wrote:
Il 15. 10. 15 20:10, Xen ha scritto:
"Carlos E. R."
schreef: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
On 2015-10-14 21:06, Xen wrote:
On Wed, 14 Oct 2015, Carlos E. R. wrote:
Then, apparently, the remote umask, at least for samba shares, is set to
Samba? Yesterday you said NFS. They are very different, regarding permissions and users.
Not really sure what you're responding to, sorry. I know I made a comparison between NFS and Samba. Samba won't transmit permissions (I think) and will just mount under the user you supplied for the samba share, ie. all the files will probably have that (remote) user.
Or maybe even the local user, I don't know. It's not like you can see in Windows. I believe in Linux mounting a samba share means setting its explicit user.
It depends whether or not the server providing the CIFS share has Linux integration capabilities, i.e. the Windows 2008 Unix interoperability components. My preferred choice was to install the NFS services or (years ago) an equivalent third-party product, this in order to minimize the components loaded in the clients and the configuration requirements. In this phase I have only "pure" Linux environments :-) (excluding a few winware VMs :-( ) so this is now a problem I'm happy to have behind me....
My preference was always to use Samba, and PREVENT the use of CIFS management of server side permissions, as these caused more problems than they solved. (Some file invariably became owned by the last person to touch it, bringing entire shops to a screeching halt). Managing permissions on the Samba server generally worked out better. Once you figure out Samba for your mixed environments, you find that in most cases it works well enough for even you all-linux environments. Especially in the days when you had to coordinate all your user numbers across all NFS user machines. I understand those issues are behind us now, but they certainly colored the issue back in the day. -- _____________________________________ ---This space for rent--- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
Il 15. 10. 15 21:45, John Andersen ha scritto:
On 10/15/2015 11:56 AM, Marco wrote:
Il 15. 10. 15 20:10, Xen ha scritto:
"Carlos E. R."
schreef: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
On 2015-10-14 21:06, Xen wrote:
On Wed, 14 Oct 2015, Carlos E. R. wrote:
Then, apparently, the remote umask, at least for samba shares, is set to Samba? Yesterday you said NFS. They are very different, regarding permissions and users. Not really sure what you're responding to, sorry. I know I made a comparison between NFS and Samba. Samba won't transmit permissions (I think) and will just mount under the user you supplied for the samba share, ie. all the files will probably have that (remote) user.
Or maybe even the local user, I don't know. It's not like you can see in Windows. I believe in Linux mounting a samba share means setting its explicit user.
It depends whether or not the server providing the CIFS share has Linux integration capabilities, i.e. the Windows 2008 Unix interoperability components. My preferred choice was to install the NFS services or (years ago) an equivalent third-party product, this in order to minimize the components loaded in the clients and the configuration requirements. In this phase I have only "pure" Linux environments :-) (excluding a few winware VMs :-( ) so this is now a problem I'm happy to have behind me....
My preference was always to use Samba, and PREVENT the use of CIFS management of server side permissions, as these caused more problems than they solved. (Some file invariably became owned by the last person to touch it, bringing entire shops to a screeching halt).
Managing permissions on the Samba server generally worked out better.
Once you figure out Samba for your mixed environments, you find that in most cases it works well enough for even you all-linux environments.
Especially in the days when you had to coordinate all your user numbers across all NFS user machines. I understand those issues are behind us now, but they certainly colored the issue back in the day.
Btw for my new file servers I'm trying to move away from NFS and SAMBA and I'm experimenting glusterfs, on top of which NFS and CIFS are still viable options whenever required. I admit that glusterfs has some childhood problems, however it is robust (here it survived after potentially catastrophic failures) ensuring high-availability and data replication even on WANs, avoiding me the issues I did have with DRBD (split brain, etc etc). -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On 10/15/2015 02:12 PM, Marco wrote:
I'm experimenting glusterfs, on top of which NFS and CIFS are still viable options whenever required
Had to google it. Very Interesting. -- After all is said and done, more is said than done. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On 16/10/15 00:45, John Andersen wrote:
On 10/15/2015 02:12 PM, Marco wrote:
I'm experimenting glusterfs, on top of which NFS and CIFS are still viable options whenever required Had to google it. Very Interesting.
Hi We built a cifs cluster on OCFS2 from our teacher's documentation: http://linuxcostablanca.blogspot.com.es/2014/07/samba4-cluster-for-ad-drbd-o... which seems more supported in openSUSE than glusterfs. Suse charge for HA documentation so you're on your own but we got a good exam project out of it at least. But with cloud, all this messing with endless ha configuration is more or less <attempt at joke> redundant -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On 10/14/2015 01:49 PM, Xen wrote:
On Wed, 14 Oct 2015, Anton Aylward wrote:
Now the real question is whether you *really* believe that I'm as stupid as you portend me to be, or whether you just pretend that you think I am.
No, the real question is are you a figment of the collective unconsciousness of the whole forum membership, a subliminal need for a troll now that Aaron is no longer here for us to vilify.
Try 'man 5 attr'
Sorry, my computer crashed when I did that.
Well that proves it. -- A: Yes. > Q: Are you sure? >> A: Because it reverses the logical flow of conversation. >>> Q: Why is top posting frowned upon? -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On 10/14/2015 01:49 PM, Xen wrote:
Just lack of Knowledge i would Assume, but still, it is not easy to discover here. I have never mounted nfs before. The mount works, it's just that every monkey on this system can delete everything.
I think.
Maybe it is just something like umask. Let me try that.
Oh it just copies the permissions from the server. How to do THIS now. The users on the server are different. Pfff, more thinking and more headache, really.
RTFM. $ apropos nfs shows up idmapd (8) - NFSv4 ID <-> Name Mapper and rpc.idmapd (8) - NFSv4 ID <-> Name Mapper Of course if the names on the server and the client are the same there isn't a problem :-) That's not as dumb as it sounds if you make use of a networked ID database service like Yellow pages or a LDAP service in a mixed Linux/Windows setting. Both of which are extensively documented. And then there's kerboros .... -- A: Yes. > Q: Are you sure? >> A: Because it reverses the logical flow of conversation. >>> Q: Why is top posting frowned upon? -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 On 2015-10-13 07:00, David C. Rankin wrote:
I worry a heck of a lot more about the secure sites I reach with my browser than I worry about e-mail -- and for those the only thing that stores the passwords is the grey goo between my ears... to the extent it can...
A guy with access to your email password can request from many websites they reset your password, using your email as a confirmation. And yes, the master password (which is encryption, not access block), buys some time to change them if stolen. - -- Cheers / Saludos, Carlos E. R. (from 13.1 x86_64 "Bottle" (Minas Tirith)) -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.22 (GNU/Linux) iF4EAREIAAYFAlYc6nMACgkQja8UbcUWM1w/nAD9HOhd5eJ5wzLwSZGjDKPmUeWA pIAekYW/54b8YLbDaaAA/Ru1MpDgQJnEPmOSa6+Ei/Dph7mkJfQxHFdQKI2SSNGS =6VJR -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On 10/13/2015 07:26 AM, Carlos E. R. wrote:
And yes, the master password (which is encryption, not access block), buys some time to change them if stolen.
And how are you going to find out *early enough for it to matter* that your passwords have been stolen, if the MitM Bad Guy is intercepting your mail? Remember, he can change the passwords too? By then its too late for *you* to change them. I think your arguments here, Carlos, are inadequate and optimistic. Why don't you simply work on securing the machine better? Why not encrypt the drive/partition? -- A: Yes. > Q: Are you sure? >> A: Because it reverses the logical flow of conversation. >>> Q: Why is top posting frowned upon? -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 On 2015-10-13 15:41, Anton Aylward wrote:
On 10/13/2015 07:26 AM, Carlos E. R. wrote:
Why don't you simply work on securing the machine better? Why not encrypt the drive/partition?
And I do. But I don't see why you are against using a master password. It is an available feature. The issue is solving its problems, not to stop using it. - -- Cheers / Saludos, Carlos E. R. (from 13.1 x86_64 "Bottle" (Minas Tirith)) -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.22 (GNU/Linux) iF4EAREIAAYFAlYdFNoACgkQja8UbcUWM1zGQgD/RqLc9jNtiTq8ijsqqgjlPJuF 5XbUOxAURdgN9LFUmpABAIiDYpEvgVxHHuYdFlxewXYWySiqG3OQvcVWHXE73x4a =csGq -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On 10/13/2015 10:27 AM, Carlos E. R. wrote:
On 2015-10-13 15:41, Anton Aylward wrote:
On 10/13/2015 07:26 AM, Carlos E. R. wrote:
Why don't you simply work on securing the machine better? Why not encrypt the drive/partition?
And I do.
But I don't see why you are against using a master password. It is an available feature. The issue is solving its problems, not to stop using it.
If you are encrypting the whole drive/partition then using the master password a) offers no meaningful benefit The encryption of the drive/partition is going to be a lot stronger! b) is obviously an inconvenience. We're back to the "single sign-on' issue however you dress it up. You are living with a context where there are multiple demands for your password disrupting your work-flow. The whole point of password stores is "One password to rule them all" We can see this with the Google Universe. If you are saying that you *LIKE* having all these disruptions, having to do the identification/authentication at ache instance, logging in to each application, then that's a different matter. Its back to "how paranoid are you?" I consider myself pretty professionally paranoid about computer security, but I think the case you're presenting is based on the same kind myth than medicines should taste bad. Security doesn't have to be an inconvenience, and the fact you raised this at all makes it clear that it is an inconvenience to you. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On 10/13/2015 04:27 PM, Carlos E. R. wrote:
On 2015-10-13 15:41, Anton Aylward wrote:
On 10/13/2015 07:26 AM, Carlos E. R. wrote:
Why don't you simply work on securing the machine better? Why not encrypt the drive/partition?
And I do.
But I don't see why you are against using a master password. It is an available feature. The issue is solving its problems, not to stop using it.
+1 Gustav -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On 10/13/2015 06:26 AM, Carlos E. R. wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 A guy with access to your email password can request from many websites they reset your password, using your email as a confirmation.
And yes, the master password (which is encryption, not access block), buys some time to change them if stolen.
- -- Cheers / Saludos,
Carlos E. R.
For what it is worth, I would still really like to understand the technical bug causing all the pw prompts to appear. There has to be a reason. Last time I recall jacking with the tbird source (tbird 24), there is only about 200 Meg to fool with to find the answer. Any body familiar enough with the code to know where in maze of competing calls and mix of compiled and scripted code this is likely to be located? -- David C. Rankin, J.D.,P.E. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On 2015-10-14 03:59, David C. Rankin wrote:
On 10/13/2015 06:26 AM, Carlos E. R. wrote:
For what it is worth, I would still really like to understand the technical bug causing all the pw prompts to appear. There has to be a reason. Last time I recall jacking with the tbird source (tbird 24), there is only about 200 Meg to fool with to find the answer.
Yes... -- Cheers / Saludos, Carlos E. R. (from 13.1 x86_64 "Bottle" at Telcontar)
On 10/13/2015 01:00 AM, David C. Rankin wrote:
I worry a heck of a lot more about the secure sites I reach with my browser than I worry about e-mail -- and for those the only thing that stores the passwords is the grey goo between my ears... to the extent it can...
Given the evidence of breaches this last year or so ... it is very clear that many sites have exceedingly poor password practices, not requiring adequately strong passwords, limiting the character set. mapping to upper case, discarding the extra characters of longer passwords and more. perhaps the greatest sin is not having irreversibly encrypted passwords so that they cab be 'retried' for you convenience! BAH HUMBUG! This is a much more generic and universal risk that stealing a password. -- A: Yes. > Q: Are you sure? >> A: Because it reverses the logical flow of conversation. >>> Q: Why is top posting frowned upon? -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
participants (17)
-
Anton Aylward
-
Bob Williams
-
buhorojo
-
Carlos E. R.
-
Carlos E. R.
-
David C. Rankin
-
Greg Freemyer
-
Gustav Degreef
-
James Knott
-
jdd
-
John Andersen
-
Ken Schneider - openSUSE
-
Koenraad Lelong
-
Linda Walsh
-
Marco
-
Wolfgang Rosenauer
-
Xen