alphapuggle

joined 2 years ago
[–] alphapuggle 3 points 3 hours ago

Entrapta is not with the horde, she's with science!

[–] alphapuggle 4 points 2 days ago

In the venn diagram between me and the target demographic the circles are not touching

[–] alphapuggle 9 points 2 days ago (5 children)

Binged the whole series from start to finish this weekend (first time watch) because of these posts

[–] alphapuggle 4 points 3 days ago

I'd settle for it being feasible to bike to work. I don't have to get paid the experience

[–] alphapuggle 2 points 3 days ago

To be fair, many of the things we do are bad for your heart

Live fast and leave a sexy corpse

[–] alphapuggle 15 points 3 days ago

Don't forget to support FOSS software you're using, including lemmy & your home instance

[–] alphapuggle 2 points 3 days ago

Likely not. I was required by my university to install it as the only possible MFA method. Text, totp, passkey, and security key all disabled

[–] alphapuggle 1 points 5 days ago

Looking forward to the results!

[–] alphapuggle 1 points 5 days ago (2 children)

Is this from the local connection or over RDP? The issue they're trying to point out seems to be that while it'll stop working for local sessions, RDP sessions will continue to accept the old password

[–] alphapuggle 3 points 5 days ago (4 children)

As far as I can tell, this applies after reconnecting to the domain controller and being able to pull new credentials. It's not 100% clear in the article, but

Old credentials continue working for RDP—even from brand-new machines.

Even after users change their account password, however, it remains valid for RDP logins indefinitely. In some cases, Wade reported, multiple older passwords will work while newer ones won’t. The result: persistent RDP access that bypasses cloud verification, multifactor authentication, and Conditional Access policies.

While the password change prevents the adversary from logging in to the Microsoft or Azure account, the old password will give an adversary access to the user’s machine through RDP indefinitely.

However

The mechanism that makes all of this possible is credential caching on the hard drive of the local machine. The first time a user logs in using Microsoft or Azure account credentials, RDP will confirm the password's validity online. Windows then stores the credential in a cryptographically secured format on the local machine. From then on, Windows will validate any password entered during an RDP login by comparing it against the locally stored credential, with no online lookup. With that, the revoked password will still give remote access through RDP.

Which makes it sound like it has to be logged in successfully first, directly contradicting the first quote.

Either way, it does appear to be an issue that an online device will accept expired passwords before it will pull new credentials from the inter/intranet

 

Edit: Conclusion at the bottom

I just sent my ThinkPad X13 Yoga Gen 2 in for service the other day, it hasn't yet reached the depot but I'm worried after seeing reviews online about Lenovo's customer service. I know people are definitely more likely to write a review if they have a bad experience than a good one.

The repair is just for the TrackPoint, which hasn't been really up to the old ThinkPads I've had (T23, T43, T61, T410, T460) and had recently stopped going to the right entirely. TrackPoints are the only reason I still buy ThinkPads and not something like a framework (and I don't think I can go back to non 2-in-1 laptop after this last one)

I also took the NVMe drive out and swapped it with one that had a fresh install of windows 11 on it so that I could use my data while it was sent in. Will they refuse to work on it if they have a non oem drive inside?

AFTER REPAIR EDIT: Just got it back from the warranty center! Instead of replacing just the TrackPoint module, they replaced the whole top cover & TrackPad (I did mention that it was having similar issues to them). Came with the factory plastic on it. They didn't try to short-change me in any way, didn't try to argue that it was normal or that it was wear and tear or anything like that. It works better they day it was new, and all of the scuffs that I had on the corners are now gone (so is my intel sticker but I can live with that).

In regards to the SSD being out, they didn't say anything or refuse service because of it. I was up front that I had been inside the device before I had sent it in, so YMMV, but all in all 10/10 experience

3
submitted 2 years ago by alphapuggle to c/truenas
 

Started an update for a minor version and it's been like 20 minutes and I have no display out from the nas and I can't access it over the network. This is the first update I've done on the system how long does this usually take and when should I try rebooting it?

view more: next ›