Framapiaf

0 message0 participant0 message aujourd’hui

MopsiI noticed a <a href="https://photog.social/tags/feature" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#feature</a> that every <a href="https://photog.social/tags/phone" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#phone</a> and <a href="https://photog.social/tags/laptop" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#laptop</a> should have but doesn't: Easy one click, or very feq click prevention of <a href="https://photog.social/tags/ScreenLock" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ScreenLock</a>. I am playing the flute and when I'm displaying sheet music on my laptop or on my phone if I have no other option, I can't touch the screen every few seconds. I'd like to set the screen to be always on, as easily as enabling location tracking or bluetooth.<a href="https://photog.social/tags/android" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#android</a> <a href="https://photog.social/tags/iOS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#iOS</a> <a href="https://photog.social/tags/smartphone" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#smartphone</a>

NiceMicro<a href="https://fosstodon.org/@peppe" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@peppe</a> thaks man... it feels good, as I'm on the suck train for a while now 😅 Since I've switched themes, LightDM stopped working, and I can't log in until I first log in on an other TTY in text mode... Apparently opening the <a href="https://fosstodon.org/tags/LightDM" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#LightDM</a> greeter settings app screwed everything up? Now I'm looking for an alternative, but nothing else seem to support a "switch user" type feature?<a href="https://fosstodon.org/tags/justLinuxThings" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#justLinuxThings</a> I guess...smh<a href="https://fosstodon.org/tags/Linux" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Linux</a> <a href="https://fosstodon.org/tags/ArchLinux" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ArchLinux</a> <a href="https://fosstodon.org/tags/ScreenLock" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ScreenLock</a> <a href="https://fosstodon.org/tags/SSDM" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#SSDM</a> <a href="https://fosstodon.org/tags/DisplayManager" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#DisplayManager</a>

Arcturax 🦇Edit : NOPE! Turns out this issue is deeper and more mysterious, Steam is NOT at fault!Had that "fan spin up and machine gets hot" issue on linux again. This time I've tracked it down! First tried HTOP, nothing on CPU. Then NVTOP, BINGO, GPU is pushed to 100%. But what?Turns out it was steam! When my machine goes into lock, nothing until screen goes into sleep and then BAM, 100% GPU. I send a sigkill to steamwebhelper and GPU drops and stays normal until I unlock and relock screen and it goes dark agian.Going to Steam File->Settings->Interface and turning off "Enable GPU accelerated rendering in web views" seemed to fix it. The restart of steam didn't, but exiting steam fully, then restarting it did. Now I don't get that problem. I'll keep monitoring it,but that might be the fix!<a href="https://chitter.xyz/tags/linux" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#linux</a> <a href="https://chitter.xyz/tags/fedora" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#fedora</a> <a href="https://chitter.xyz/tags/kde" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#kde</a> <a href="https://chitter.xyz/tags/steam" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#steam</a> <a href="https://chitter.xyz/tags/screenlock" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#screenlock</a> <a href="https://chitter.xyz/tags/bug" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#bug</a>

Erik van StratenPasskey/password bug: iOS 18.3.1Ook in iOS versie 18.3.1 is de eerder door mij gemelde iCloud KeyChain (*) kwetsbaarheid nog niet gerepareerd (eerder schreef ik hierover, Engelstalig: <a href="https://infosec.exchange/@ErikvanStraten/113821443334366419" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://infosec.exchange/@ErikvanStraten/113821443334366419</a>).(*) Tegenwoordig is dat de app genaamd "Wachtwoorden" (of "Passwords").De kwetsbaarheid bestaat indien:• De eigenaar een "passcode" (pincode of wachtwoord) gebruikt om de iPhone of iPad te ontgrendelen - en er GÉÉN biometrie is geconfigureerd;ofwel:• De gebruiker wel biometrie kan gebruiken om het scherm te ontgrendelen, doch in 'Instellingen' > 'Touch ID en toegangscode' de instelling "Autom. invullen wachtw." is UITgezet.Zie onderstaande screenshots (Engelstalig in <a href="https://infosec.exchange/@ErikvanStraten/113821443334366419" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://infosec.exchange/@ErikvanStraten/113821443334366419</a>). Meer info ziet u door op "Alt" in de plaatjes te drukken.Probleem: iedereen met toegang tot de ontgrendelde iPhone of iPad kan dan, *zonder* opnieuw lokaal te hoeven authenticeren:1) Op elke website inloggen waarvan het user-ID en wachtwoord in iCloud Keychain zijn opgeslagen;2) Met passkeys op enkele specifieke websites inloggen (waaronder <a href="https://account.apple.com" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://account.apple.com</a> en <a href="https://icloud.com" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://icloud.com</a>), namelijk als volgt:a) Open de website; b) Druk op "Inloggen"; c) Druk op de "x" rechts bovenaan de pop-up die verschijnt (in de onderste schermhelft); d) Druk kort in het veld waar om het e-mailadres gevraagd wordt; e) Druk op de knop "gebruik passkey".Risico: uitlenen van een unlocked iDevice (o.a. aan kinderen) maar ook diefstal nadat de passcode is afgekeken. Of als de dief geen passcode heeft, als deze wacht tot de eerstvolgende iOS/iPadOS kwetsbaarheid bekend wordt waarbij de schermontgrendeling omzeild kan worden.Als u ze nog niet gezien heeft, bekijk in elk geval de eerste van de volgende twee video's van Joanna Stern (van de Wall Street Journal): <a href="https://youtube.com/watch?v=QUYODQB_2wQ" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://youtube.com/watch?v=QUYODQB_2wQ</a> <a href="https://youtube.com/watch?v=tCfb9Wizq9Q" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://youtube.com/watch?v=tCfb9Wizq9Q</a><a href="https://infosec.exchange/tags/TouchID" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#TouchID</a> <a href="https://infosec.exchange/tags/FaceID" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#FaceID</a> <a href="https://infosec.exchange/tags/Passkeys" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Passkeys</a> <a href="https://infosec.exchange/tags/iCloudKeychain" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#iCloudKeychain</a> <a href="https://infosec.exchange/tags/Passwords" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Passwords</a> <a href="https://infosec.exchange/tags/PadswordsApp" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#PadswordsApp</a> <a href="https://infosec.exchange/tags/Wachtwoorden" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Wachtwoorden</a> <a href="https://infosec.exchange/tags/WachtwoordenApp" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#WachtwoordenApp</a> <a href="https://infosec.exchange/tags/Biometrie" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Biometrie</a> <a href="https://infosec.exchange/tags/Passcode" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Passcode</a> <a href="https://infosec.exchange/tags/iOS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#iOS</a> <a href="https://infosec.exchange/tags/iPadOS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#iPadOS</a> <a href="https://infosec.exchange/tags/iPhone" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#iPhone</a> <a href="https://infosec.exchange/tags/iPad" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#iPad</a> <a href="https://infosec.exchange/tags/iDevice" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#iDevice</a> <a href="https://infosec.exchange/tags/ScreenLock" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ScreenLock</a> <a href="https://infosec.exchange/tags/ScreenUnlock" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ScreenUnlock</a> <a href="https://infosec.exchange/tags/SchermVergrendeling" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#SchermVergrendeling</a> <a href="https://infosec.exchange/tags/SchermOntgrendeling" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#SchermOntgrendeling</a> <a href="https://infosec.exchange/tags/SchermOntgrendelCode" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#SchermOntgrendelCode</a> <a href="https://infosec.exchange/tags/PINcode" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#PINcode</a> <a href="https://infosec.exchange/tags/Kwetsbaarheid" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Kwetsbaarheid</a> <a href="https://infosec.exchange/tags/Vulnerability" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Vulnerability</a> <a href="https://infosec.exchange/tags/OngeautoriseerdeToegang" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#OngeautoriseerdeToegang</a> <a href="https://infosec.exchange/tags/IdentiteitsFraude" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#IdentiteitsFraude</a> <a href="https://infosec.exchange/tags/Inloggen" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Inloggen</a> <a href="https://infosec.exchange/tags/Stern" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Stern</a> <a href="https://infosec.exchange/tags/JoannaStern" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#JoannaStern</a> <a href="https://infosec.exchange/tags/WSJ" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#WSJ</a>

Erik van Straten<a href="https://techhub.social/@Cyberbeni" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@Cyberbeni</a> : I'd not underestimate the number of users who do not use biometrics.However, I just managed to reproduce the vulnerability *with* biometrics (Touch ID) enabled. It happens when I go toSettings" —> "Touch ID & Passcode"and disable "Password AutoFill" (see the relevant Settings screenshots below).BTW I've only tested iPads and iPhones with TouchID (as I don't have access to Apple devices equipped with FaceID).I just reproduced this on an iPhone SE2 with iOS 18.1.1 in Safari, then updated iOS to 18.2.1: it still reproduces.It also works in Edge, Firefox and Firefox Focus, but (interestingly) not in Chrome (all for iOS of course).Note: disabling Password Autofill may not be what the typical user does; I ran into it while experimenting with passkeys.But then again, that setting is DISABLED if the user has not configured biometrics, and it, IIRC, cannot be enabled in that situation.<a href="https://infosec.exchange/@ryanrowcliffe" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@ryanrowcliffe</a> <a href="https://hachyderm.io/@rmondello" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@rmondello</a> <a href="https://infosec.exchange/tags/TouchID" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#TouchID</a> <a href="https://infosec.exchange/tags/FaceID" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#FaceID</a> <a href="https://infosec.exchange/tags/Passkeys" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Passkeys</a> <a href="https://infosec.exchange/tags/Biometrics" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Biometrics</a> <a href="https://infosec.exchange/tags/Passcode" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Passcode</a> <a href="https://infosec.exchange/tags/iOS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#iOS</a> <a href="https://infosec.exchange/tags/iPadOS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#iPadOS</a> <a href="https://infosec.exchange/tags/ScreenLock" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ScreenLock</a> <a href="https://infosec.exchange/tags/ScreenUnlock" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ScreenUnlock</a>

Recherches récentes

Options de recherche

Administré par :

Statistiques du serveur :

#screenlock