It seems like a reasonable solution to me. And if they're well-armed, it will also be quite secure.
On Tue, Mar 30, 2021 at 3:25 PM Steve Jones <thatoneguyst...@gmail.com> wrote: > Im am unopposed to this > > On Tue, Mar 30, 2021 at 2:49 PM Mike Hammett <af...@ics-il.net> wrote: > >> Well right, but there's not really any way around that, short of having a >> bunch of midgets you keep stacked in the basement with passwords written on >> their foreheads and you summon them by yelling the name of the site or >> service you need the password for. >> >> >> >> ----- >> Mike Hammett >> Intelligent Computing Solutions <http://www.ics-il.com/> >> <https://www.facebook.com/ICSIL> >> <https://plus.google.com/+IntelligentComputingSolutionsDeKalb> >> <https://www.linkedin.com/company/intelligent-computing-solutions> >> <https://twitter.com/ICSIL> >> Midwest Internet Exchange <http://www.midwest-ix.com/> >> <https://www.facebook.com/mdwestix> >> <https://www.linkedin.com/company/midwest-internet-exchange> >> <https://twitter.com/mdwestix> >> The Brothers WISP <http://www.thebrotherswisp.com/> >> <https://www.facebook.com/thebrotherswisp> >> >> >> <https://www.youtube.com/channel/UCXSdfxQv7SpoRQYNyLwntZg> >> ------------------------------ >> *From: *"Mathew Howard" <mhoward...@gmail.com> >> *To: *"AnimalFarm Microwave Users Group" <af@af.afmug.com> >> *Sent: *Tuesday, March 30, 2021 2:42:19 PM >> *Subject: *Re: [AFMUG] Ubiquiti played fast and loose with the truth? >> >> I think Steve's point is that if you have all of your stuff stored in one >> place, if somebody gets access to that place, they have all your stuff. >> Whether that place is Lastpass, a TXT file or a forehead isn't particularly >> important. >> >> On Tue, Mar 30, 2021 at 2:23 PM Mike Hammett <af...@ics-il.net> wrote: >> >>> Right, I read that. That doesn't mean anything. It could have just as >>> well said that they were previously stored in a TXT file on the desktop or >>> written backwards on the SysAdmin's forehead. >>> >>> >>> >>> ----- >>> Mike Hammett >>> Intelligent Computing Solutions <http://www.ics-il.com/> >>> <https://www.facebook.com/ICSIL> >>> <https://plus.google.com/+IntelligentComputingSolutionsDeKalb> >>> <https://www.linkedin.com/company/intelligent-computing-solutions> >>> <https://twitter.com/ICSIL> >>> Midwest Internet Exchange <http://www.midwest-ix.com/> >>> <https://www.facebook.com/mdwestix> >>> <https://www.linkedin.com/company/midwest-internet-exchange> >>> <https://twitter.com/mdwestix> >>> The Brothers WISP <http://www.thebrotherswisp.com/> >>> <https://www.facebook.com/thebrotherswisp> >>> >>> >>> <https://www.youtube.com/channel/UCXSdfxQv7SpoRQYNyLwntZg> >>> ------------------------------ >>> *From: *"Steve Jones" <thatoneguyst...@gmail.com> >>> *To: *"AnimalFarm Microwave Users Group" <af@af.afmug.com> >>> *Sent: *Tuesday, March 30, 2021 2:18:41 PM >>> *Subject: *Re: [AFMUG] Ubiquiti played fast and loose with the truth? >>> >>> from the sounds of it thats how they gained the access >>> >>> Adam says the attacker(s) had access to privileged credentials that were >>> previously stored in the LastPass >>> <https://en.wikipedia.org/wiki/LastPass> account of a Ubiquiti IT >>> employee, and gained root administrator access to all Ubiquiti AWS >>> accounts, including all S3 data buckets, all application logs, all >>> databases, all user database credentials, and secrets required to forge >>> single sign-on (SSO) cookies. >>> >>> On Tue, Mar 30, 2021 at 2:10 PM Mike Hammett <af...@ics-il.net> wrote: >>> >>>> I don't know that LastPass really had anything to do with it, other >>>> than that's where someone stored a password. >>>> >>>> >>>> >>>> ----- >>>> Mike Hammett >>>> Intelligent Computing Solutions <http://www.ics-il.com/> >>>> <https://www.facebook.com/ICSIL> >>>> <https://plus.google.com/+IntelligentComputingSolutionsDeKalb> >>>> <https://www.linkedin.com/company/intelligent-computing-solutions> >>>> <https://twitter.com/ICSIL> >>>> Midwest Internet Exchange <http://www.midwest-ix.com/> >>>> <https://www.facebook.com/mdwestix> >>>> <https://www.linkedin.com/company/midwest-internet-exchange> >>>> <https://twitter.com/mdwestix> >>>> The Brothers WISP <http://www.thebrotherswisp.com/> >>>> <https://www.facebook.com/thebrotherswisp> >>>> >>>> >>>> <https://www.youtube.com/channel/UCXSdfxQv7SpoRQYNyLwntZg> >>>> ------------------------------ >>>> *From: *"Steve Jones" <thatoneguyst...@gmail.com> >>>> *To: *"AnimalFarm Microwave Users Group" <af@af.afmug.com> >>>> *Sent: *Tuesday, March 30, 2021 2:06:13 PM >>>> *Subject: *Re: [AFMUG] Ubiquiti played fast and loose with the truth? >>>> >>>> hahaha, lastpass. I like to keep all eggs in a single basket, that way >>>> when i have both hands in the cookie jar, all a guy need to do is walk off >>>> with the basket and make an omelette >>>> >>>> On Tue, Mar 30, 2021 at 1:59 PM Cameron Crum <cc...@murcevilo.com> >>>> wrote: >>>> >>>>> We are shocked. SHOCKED I say! >>>>> >>>>> On Tue, Mar 30, 2021 at 1:18 PM Robert Andrews <i...@avantwireless.com> >>>>> wrote: >>>>> >>>>>> I guess I should have not just put in a link without commenting... >>>>>> >>>>>> So: >>>>>> >>>>>> Why am I surprised? >>>>>> >>>>>> On 03/30/2021 11:15 AM, Robert Andrews wrote: >>>>>> > >>>>>> https://krebsonsecurity.com/2021/03/whistleblower-ubiquiti-breach-catastrophic/ >>>>>> > >>>>>> > >>>>>> >>>>>> -- >>>>>> AF mailing list >>>>>> AF@af.afmug.com >>>>>> http://af.afmug.com/mailman/listinfo/af_af.afmug.com >>>>>> >>>>> -- >>>>> AF mailing list >>>>> AF@af.afmug.com >>>>> http://af.afmug.com/mailman/listinfo/af_af.afmug.com >>>>> >>>> >>>> -- >>>> AF mailing list >>>> AF@af.afmug.com >>>> http://af.afmug.com/mailman/listinfo/af_af.afmug.com >>>> >>>> -- >>>> AF mailing list >>>> AF@af.afmug.com >>>> http://af.afmug.com/mailman/listinfo/af_af.afmug.com >>>> >>> >>> -- >>> AF mailing list >>> AF@af.afmug.com >>> http://af.afmug.com/mailman/listinfo/af_af.afmug.com >>> >>> -- >>> AF mailing list >>> AF@af.afmug.com >>> http://af.afmug.com/mailman/listinfo/af_af.afmug.com >>> >> >> -- >> AF mailing list >> AF@af.afmug.com >> http://af.afmug.com/mailman/listinfo/af_af.afmug.com >> >> -- >> AF mailing list >> AF@af.afmug.com >> http://af.afmug.com/mailman/listinfo/af_af.afmug.com >> > -- > AF mailing list > AF@af.afmug.com > http://af.afmug.com/mailman/listinfo/af_af.afmug.com >
-- AF mailing list AF@af.afmug.com http://af.afmug.com/mailman/listinfo/af_af.afmug.com