ALERT: Don't save passwords in Firefox or don't lend your laptop

ALERT: Don't save passwords in Firefox or don't lend your laptop

http://blog.lxxm.com/blogview.asp?logID=904&cateID=10

There is a critical difference between keeping encoded passwords and showing 
them directly. However, it seems Firefox developers has been ignoring it. It 
is alerted here that if you lend your laptop with your account, you are 
letting the user to view all of your passwords kept in your Firefox. To 
check it, click Tools->Options->Privacy (Big Tab)-> Passwords(Small Tab) -> 
View Saved Passwords(Button) -> Passwords Saved(Default Tab) -> Show 
Passwords -> Yes . Then you will hate Firefox to give such a convenience 
silently!

At least until the current version 1.5.0.6, Firefox makes users expose to 
the very risk. It 's nothing to do with program techniques. Hope Firefox 
developers could save me the risk in the next update. It hurts not only the 
reputation of itself but also its recommenders including google and us, 
lxxm.com. 


0
freerow
8/27/2006 6:22:09 AM
mozilla.support.firefox 24319 articles. 10 followers. Post Follow

115 Replies
2281 Views

Similar Articles

[PageSpeed] 35
Get it on Google Play
Get it on Apple App Store

freerow wrote:
> ALERT: Don't save passwords in Firefox or don't lend your laptop
> 
> http://blog.lxxm.com/blogview.asp?logID=904&cateID=10
> 
> There is a critical difference between keeping encoded passwords and showing 
> them directly. However, it seems Firefox developers has been ignoring it. It 
> is alerted here that if you lend your laptop with your account, you are 
> letting the user to view all of your passwords kept in your Firefox. To 
> check it, click Tools->Options->Privacy (Big Tab)-> Passwords(Small Tab) -> 
> View Saved Passwords(Button) -> Passwords Saved(Default Tab) -> Show 
> Passwords -> Yes . Then you will hate Firefox to give such a convenience 
> silently!
> 
> At least until the current version 1.5.0.6, Firefox makes users expose to 
> the very risk. It 's nothing to do with program techniques. Hope Firefox 
> developers could save me the risk in the next update. It hurts not only the 
> reputation of itself but also its recommenders including google and us, 
> lxxm.com. 
> 
> 
Not if you set the Master Password for the Software Security Devices, 
happily provided by the Firefox developers for this purpose, they can't.
0
Brian
8/27/2006 6:44:27 AM
freerow wrote:
> ALERT: Don't save passwords in Firefox or don't lend your laptop
> 
> http://blog.lxxm.com/blogview.asp?logID=904&cateID=10
> 
> There is a critical difference between keeping encoded passwords and showing 
> them directly. However, it seems Firefox developers has been ignoring it. It 
> is alerted here that if you lend your laptop with your account, you are 
> letting the user to view all of your passwords kept in your Firefox. To 
> check it, click Tools->Options->Privacy (Big Tab)-> Passwords(Small Tab) -> 
> View Saved Passwords(Button) -> Passwords Saved(Default Tab) -> Show 
> Passwords -> Yes . Then you will hate Firefox to give such a convenience 
> silently!
> 
> At least until the current version 1.5.0.6, Firefox makes users expose to 
> the very risk. It 's nothing to do with program techniques. Hope Firefox 
> developers could save me the risk in the next update. It hurts not only the 
> reputation of itself but also its recommenders including google and us, 
> lxxm.com. 

If you would read the manual you would know that passwords are encrypted 
if you set the master password for Firefox. So the feature you require 
has existed for a long time in Firefox.

Also if you would have any technical knowledge in the area of security, 
you would know that without such a password, it would be impossible to 
store encrypted data in a secure way (because if Firefox is able to read 
the passwords in plain text, anyone can write a modified version of 
Firefox that would print out the passwords, if there wouldn't be a GUI 
for it already). Requiring user to type a password is designed to 
prevent this.
0
Aggro
8/27/2006 8:41:17 AM
freerow wrote:
> ALERT: Don't save passwords in Firefox or don't lend your laptop
> 
> http://blog.lxxm.com/blogview.asp?logID=904&cateID=10
> 
> There is a critical difference between keeping encoded passwords and showing 
> them directly. However, it seems Firefox developers has been ignoring it. It 
> is alerted here that if you lend your laptop with your account, you are 
> letting the user to view all of your passwords kept in your Firefox. To 
> check it, click Tools->Options->Privacy (Big Tab)-> Passwords(Small Tab) -> 
> View Saved Passwords(Button) -> Passwords Saved(Default Tab) -> Show 
> Passwords -> Yes . Then you will hate Firefox to give such a convenience 
> silently!
> 
> At least until the current version 1.5.0.6, Firefox makes users expose to 
> the very risk. It 's nothing to do with program techniques. Hope Firefox 
> developers could save me the risk in the next update. It hurts not only the 
> reputation of itself but also its recommenders including google and us, 
> lxxm.com. 
> 
> 
Set master password.  This will prevent someone from looking at your 
passwords.  Of course it is also a king sized pain in the backside... 
That's security for you.
If your laptop has WinXP, you might set up a guest account and password 
your usual logon...
0
Ron
8/27/2006 9:21:55 AM
freerow wrote:
> ALERT: Don't save passwords in Firefox or don't lend your laptop
> 
> http://blog.lxxm.com/blogview.asp?logID=904&cateID=10
> 
> There is a critical difference between keeping encoded passwords and showing 
> them directly. However, it seems Firefox developers has been ignoring it. It 
> is alerted here that if you lend your laptop with your account, you are 
> letting the user to view all of your passwords kept in your Firefox. To 
> check it, click Tools->Options->Privacy (Big Tab)-> Passwords(Small Tab) -> 
> View Saved Passwords(Button) -> Passwords Saved(Default Tab) -> Show 
> Passwords -> Yes . Then you will hate Firefox to give such a convenience 
> silently!
> 
> At least until the current version 1.5.0.6, Firefox makes users expose to 
> the very risk. It 's nothing to do with program techniques. Hope Firefox 
> developers could save me the risk in the next update. It hurts not only the 
> reputation of itself but also its recommenders including google and us, 
> lxxm.com. 
> 
> 


Why would I lend my laptop to someone?
0
Moz
8/27/2006 9:37:36 AM
freerow wrote:
> ALERT: Don't save passwords in Firefox or don't lend your laptop
> 
> http://blog.lxxm.com/blogview.asp?logID=904&cateID=10
> 
> There is a critical difference between keeping encoded passwords and showing 
> them directly. However, it seems Firefox developers has been ignoring it. It 
> is alerted here that if you lend your laptop with your account, you are 
> letting the user to view all of your passwords kept in your Firefox. To 
> check it, click Tools->Options->Privacy (Big Tab)-> Passwords(Small Tab) -> 
> View Saved Passwords(Button) -> Passwords Saved(Default Tab) -> Show 
> Passwords -> Yes . Then you will hate Firefox to give such a convenience 
> silently!
> 
> At least until the current version 1.5.0.6, Firefox makes users expose to 
> the very risk. It 's nothing to do with program techniques. Hope Firefox 
> developers could save me the risk in the next update. It hurts not only the 
> reputation of itself but also its recommenders including google and us, 
> lxxm.com. 
> 
> 

In addition to the other replies addressing the Master Password, I have
another thought on this.

Who cares if I can see your passwords if you loaned me your "laptop with
your account"?

If you have done that, and have not set the Master Password, then I can
log on to those sites anyway, even if I can't "see" the passwords.

If I have access to your FF profile, then I also have access to your
email accounts, all the documents you have written/saved within your
account, and anything else you may not have considered.

What if you had stored all your credit card information in a file?  How
about your tax return?  Is that less sensitive than your passwords?
After all, that "only" contains everything that an ID thief would need,
all in one spot.

Seems to me the smart thing to do would be to password protect your OS
account & set up another account for me, without admin rights, of course.

Then I don't have access to saved passwords at all, or any other
information stored in your account.

But then, if I really wanted access to your account, I could pull the
drive & mount it on another system as a data drive.  Remember, you gave
me physical possession of the laptop.  The only thing that would prevent
access to your files, in that case, would be encrypting your home directory.

Rather than a hyped-up "security" scare, this would really fall under
basic computer security practices, wouldn't it?  It sure does in my mind.

I think the headline should be "Don't lend your laptop to people you
don't trust!".  Well, duh.

-- 
Alex
0
Alex
8/27/2006 10:01:36 AM
Alex are right that I should change the title to "don't let anybody 
untrusted use your laptop for any few seconds, with FF." OK?

I tried the master password function. I don't know who could not be bored by 
being required to enter it every session of FF.

I just want to say, such a default setting is hated by me.  I have to alert 
everybody I'd recommended to use FF that it has a silent and default 
convenience that anyone could view the kept passwords  with just a few 
seconds of occupation of the desk/laptop. Maybe it is because that I am a FF 
user common enough to trust the default setting.

Alex wrote:
> In addition to the other replies addressing the Master Password, I have
> another thought on this.
>
> Who cares if I can see your passwords if you loaned me your "laptop with
> your account"?
>
> If you have done that, and have not set the Master Password, then I can
> log on to those sites anyway, even if I can't "see" the passwords.
>
> If I have access to your FF profile, then I also have access to your
> email accounts, all the documents you have written/saved within your
> account, and anything else you may not have considered.
>
> What if you had stored all your credit card information in a file?  How
> about your tax return?  Is that less sensitive than your passwords?
> After all, that "only" contains everything that an ID thief would need,
> all in one spot.
>
> Seems to me the smart thing to do would be to password protect your OS
> account & set up another account for me, without admin rights, of course.
>
> Then I don't have access to saved passwords at all, or any other
> information stored in your account.
>
> But then, if I really wanted access to your account, I could pull the
> drive & mount it on another system as a data drive.  Remember, you gave
> me physical possession of the laptop.  The only thing that would prevent
> access to your files, in that case, would be encrypting your home 
> directory.
>
> Rather than a hyped-up "security" scare, this would really fall under
> basic computer security practices, wouldn't it?  It sure does in my mind.
>
> I think the headline should be "Don't lend your laptop to people you
> don't trust!".  Well, duh.
>
> -- 
> Alex 


0
freerow
8/27/2006 5:06:25 PM
"freerow" <freerow@gmail.com> wrote in
<news:YKqdnV5ttou7TGzZnZ2dnUVZ_tGdnZ2d@mozilla.org>:

> Alex are right that I should change the title to "don't let
> anybody untrusted use your laptop for any few seconds, with FF."
> OK?
>
> I tried the master password function. I don't know who could not
> be bored by being required to enter it every session of FF.

Giving other people physical access to your computer and expecting to
maintain security is a lost cause, especially if something as trivial
as typing a master password once per session is too boring for you.

If I were going to lend my computer to people, I'd at least create a
guest account for them to use.

-- 
�Q�
0
ISO
8/27/2006 6:18:12 PM
freerow wrote:
> Alex are right that I should change the title to "don't let anybody 
> untrusted use your laptop for any few seconds, with FF." OK?

Not OK.

> I tried the master password function. I don't know who could not be bored by 
> being required to enter it every session of FF.
> 
> I just want to say, such a default setting is hated by me.  I have to alert 
> everybody I'd recommended to use FF that it has a silent and default 
> convenience that anyone could view the kept passwords  with just a few 
> seconds of occupation of the desk/laptop. Maybe it is because that I am a FF 
> user common enough to trust the default setting.

This is like blaiming GPS-system for poor security if it can be easily 
stolen when you give keys to your car to a stranger.

If user gets local access to your computer that user can do anything 
with. Install trojans, rootkits, hack your Windows/Linux passwords, look 
all the passwords there are saved by any browser, *unless* you have 
encrypted the data with a password you need to type to get access to it. 
This password can usually be set for example just for Firefox passwords, 
or a folder or a harddrive, depending on your OS or third party software 
if they allow it.

If you still argue with me, I challenge you to write an open source 
software than is able to use passwords from a while, without asking 
master password from a user when launched and still make it impossible 
for a user to read that password by modifying the source code of the 
program and compiling custom binary. It doesn't matter whether you can 
program or not, because that task is impossible anyway. Same rules apply 
to closed software but it takes a little more time since you have to 
write the encryption code yourself.

Just to prove the case, here is a list of many freeware software that 
can be used to retrieve passwords saved by IE:
http://www.google.com/search?hl=en&lr=&q=email+password+recover+windows+freeware&btnG=Search

Here is how to do it with Opera:
http://my.opera.com/Tamil/blog/show.dml/89479

Firefox point is not to make it easy for an attacker as it already is 
easy for attacker. The point is to make it easy for the user, unless the 
user requires heavy protection, when user can choose to use master 
password.
0
Aggro
8/27/2006 7:05:25 PM
freerow wrote:
> ALERT: Don't save passwords in Firefox or don't lend your laptop
> 
> http://blog.lxxm.com/blogview.asp?logID=904&cateID=10
> 
> There is a critical difference between keeping encoded passwords and showing 
> them directly. However, it seems Firefox developers has been ignoring it. It 
> is alerted here that if you lend your laptop with your account, you are 
> letting the user to view all of your passwords kept in your Firefox. To 
> check it, click Tools->Options->Privacy (Big Tab)-> Passwords(Small Tab) -> 
> View Saved Passwords(Button) -> Passwords Saved(Default Tab) -> Show 
> Passwords -> Yes . Then you will hate Firefox to give such a convenience 
> silently!
> 
> At least until the current version 1.5.0.6, Firefox makes users expose to 
> the very risk. It 's nothing to do with program techniques. Hope Firefox 
> developers could save me the risk in the next update. It hurts not only the 
> reputation of itself but also its recommenders including google and us, 
> lxxm.com. 
> 
> 

I'm not gonna beat a dead horse about the master password.

but there is a file, (can't locate it now, even with saved passwords on 
this machine) that has all the saved passwords.  hack the file, get the 
passwords.

Somebody else mentioned to pull your laptop HDD and use it as a data drive.

Use BartPE or any Preinstall Environment disk to copy files from the 
disk.  Some Linux rescue CDs and floppies can read NTFS partitions... 
FAT32's been around long enough, anyone can read that.


The safest thing to do, is NEVER EVER save passwords, in ANYTHING!

the OS has passwords saved, it has to.  but NOTHING ELSE should save 
passwords.  that way, if they hack into your account, they still can't 
get any data or email or anything.

Please consider thinking about all aspects before posting bogus alerts.

otherwise, have a good day.
0
Tim
8/27/2006 8:31:24 PM
freerow wrote:

> Alex are right that I should change the title to "don't let
> anybody untrusted use your laptop for any few seconds, with
> FF." OK?
> 
> I tried the master password function. I don't know who could
> not be bored by being required to enter it every session of FF.
> 
> I just want to say, such a default setting is hated by me.  I
> have to alert everybody I'd recommended to use FF that it has a
> silent and default convenience that anyone could view the kept
> passwords  with just a few seconds of occupation of the
> desk/laptop. Maybe it is because that I am a FF user common
> enough to trust the default setting.

Nice use of Microsoft Outlook Express' top-posting behavior.
Saves everyone the trouble of not having to figure out what the
hell you are responding to.

But as everyone here has already pointed out, it was you who
breached security. Going through all that again would be beating
a dead horse. You have already demonstrated that you don't want
to take responsibility for the physical security of your system
by blaming your software.

The master password feature of Firefox is not an all or nothing
feature. You can turn it on and you can turn it off. If you
don't want to deal with it on a regular basis, leave it off,
except when it becomes necessary, such as when you blithely give
access to your account on your laptop to someone just smart
enough to know that they can take advantage of your passwords.
You know, someone like a 13-year-old pimple popper.
-- 
regards
0
Penguiniator
8/27/2006 10:58:43 PM
This is a multi-part message in MIME format.
--------------050006040408000205010308
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit

_freerow_ spoke thusly on 27/08/2006 2:22 AM:
> ALERT: Don't save passwords in Firefox or don't lend your laptop
> 
> http://blog.lxxm.com/blogview.asp?logID=904&cateID=10

Use the attached userChrome.css script to hide the "Show Passwords" button.

For more info on userChrome.css, see 
<http://www.mozilla.org/support/firefox/edit>.
-- 
Chris Ilias
mozilla.test.multimedia moderator
Mozilla links <http://ilias.ca>
(Please do not email me tech support questions)

--------------050006040408000205010308
Content-Type: text/css;
 name="userChrome.css"
Content-Transfer-Encoding: base64
Content-Disposition: inline;
 filename="userChrome.css"

I3RvZ2dsZVBhc3N3b3JkcyB7IGRpc3BsYXk6bm9uZSAhaW1wb3J0YW50OyB9
--------------050006040408000205010308--
0
Chris
8/28/2006 12:31:34 AM
> Alex wrote:
>> In addition to the other replies addressing the Master Password, I have
>> another thought on this.
>>
>> Who cares if I can see your passwords if you loaned me your "laptop with
>> your account"?
>>
>> If you have done that, and have not set the Master Password, then I can
>> log on to those sites anyway, even if I can't "see" the passwords.
>>
>> If I have access to your FF profile, then I also have access to your
>> email accounts, all the documents you have written/saved within your
>> account, and anything else you may not have considered.
>>
>> What if you had stored all your credit card information in a file?  How
>> about your tax return?  Is that less sensitive than your passwords?
>> After all, that "only" contains everything that an ID thief would need,
>> all in one spot.
>>
>> Seems to me the smart thing to do would be to password protect your OS
>> account & set up another account for me, without admin rights, of course.
>>
>> Then I don't have access to saved passwords at all, or any other
>> information stored in your account.
>>
>> But then, if I really wanted access to your account, I could pull the
>> drive & mount it on another system as a data drive.  Remember, you gave
>> me physical possession of the laptop.  The only thing that would prevent
>> access to your files, in that case, would be encrypting your home 
>> directory.
>>
>> Rather than a hyped-up "security" scare, this would really fall under
>> basic computer security practices, wouldn't it?  It sure does in my mind.
>>
>> I think the headline should be "Don't lend your laptop to people you
>> don't trust!".  Well, duh.
>>
>> -- 
>> Alex 
> 
> 
freerow wrote:
 > Alex are right that I should change the title to "don't let anybody
 > untrusted use your laptop for any few seconds, with FF." OK?
 >
 > I tried the master password function. I don't know who could not be 
bored by
 > being required to enter it every session of FF.
 >
 > I just want to say, such a default setting is hated by me.  I have to 
alert
 > everybody I'd recommended to use FF that it has a silent and default
 > convenience that anyone could view the kept passwords  with just a few
 > seconds of occupation of the desk/laptop. Maybe it is because that I 
am a FF
 > user common enough to trust the default setting.
 >

Please bottom post in this group.

Using a master password is definitely annoying, but if you can't 
maintain physical security over your computer, then it is a reasonable 
precaution to take, at some inconvenience.  Consider the lack of 
convenience of not being able to determine your own passwords, and an 
example.  The Id and password retention and form-filling feature is a 
convenience, which you do NOT have to use.  If you don't want your 
passwords visible to anyone who uses your computer, either set up a 
logon for guests on XP or NT/2k, or use the master password.  Firefox 
wasn't written JUST for you, and the vast majority of users don't have a 
problem with this.
0
Ron
8/28/2006 1:14:02 AM
0. Thanks for css of Chris Ilias. I'll recommend it to my friends if it is 
applied smoothly.
1. I understand what the technical point is. Although almost all talk a lot 
on it, it is not my point.
2. I don't like the button to conveniently view passwords. My friends don't 
like it too. It may involve some cultural factors. No matter what, I hope 
firefox developers could know our preference and consider dropping the 
button, as default. I think nobody of you really need the button to view 
your own passwords.
3. In some society/circumstance, to view passwords in others' FF 
conveniently and to crack the saved passwords technically are two totally 
different types of behaviors. The ends are same. But the psychological 
pressure are significantly different. Developers'd better consider such 
factors.

"Aggro" <spammerdream@yahoo.com> 
y7GdnTBWWaprcWzZnZ2dnUVZ_s6dnZ2d@mozilla.org...
> freerow wrote:
>> Alex are right that I should change the title to "don't let anybody 
>> untrusted use your laptop for any few seconds, with FF." OK?
>
> Not OK.
>
>> I tried the master password function. I don't know who could not be bored 
>> by being required to enter it every session of FF.
>>
>> I just want to say, such a default setting is hated by me.  I have to 
>> alert everybody I'd recommended to use FF that it has a silent and 
>> default convenience that anyone could view the kept passwords  with just 
>> a few seconds of occupation of the desk/laptop. Maybe it is because that 
>> I am a FF user common enough to trust the default setting.
>
> This is like blaiming GPS-system for poor security if it can be easily 
> stolen when you give keys to your car to a stranger.
>
> If user gets local access to your computer that user can do anything with. 
> Install trojans, rootkits, hack your Windows/Linux passwords, look all the 
> passwords there are saved by any browser, *unless* you have encrypted the 
> data with a password you need to type to get access to it. This password 
> can usually be set for example just for Firefox passwords, or a folder or 
> a harddrive, depending on your OS or third party software if they allow 
> it.
>
> If you still argue with me, I challenge you to write an open source 
> software than is able to use passwords from a while, without asking master 
> password from a user when launched and still make it impossible for a user 
> to read that password by modifying the source code of the program and 
> compiling custom binary. It doesn't matter whether you can program or not, 
> because that task is impossible anyway. Same rules apply to closed 
> software but it takes a little more time since you have to write the 
> encryption code yourself.
>
> Just to prove the case, here is a list of many freeware software that can 
> be used to retrieve passwords saved by IE:
> http://www.google.com/search?hl=en&lr=&q=email+password+recover+windows+freeware&btnG=Search
>
> Here is how to do it with Opera:
> http://my.opera.com/Tamil/blog/show.dml/89479
>
> Firefox point is not to make it easy for an attacker as it already is easy 
> for attacker. The point is to make it easy for the user, unless the user 
> requires heavy protection, when user can choose to use master password. 


0
freerow
8/28/2006 8:17:26 AM
freerow on 28/08/2006 wrote:

>  I don't like the button to conveniently view passwords. My friends don't like it too. It may involve some cultural factors. No matter what, I hope firefox developers could know our preference and consider dropping the button, as default. I think nobody of you really need the button to view your own passwords.

I like it and have used that function for various reasons on several 
occasions.  As has been pointed out there is a master password you can set 
which is blatantly in your face when you turn remembering passwords on and 
to not use that if your PC is in an unsafe environment or you lend your 
lap top out is reckless to say the least.

-- 
Rob

http://www.flickr.com/photos/canopus_archives/
0
Canopus
8/28/2006 11:02:33 AM
freerow wrote:

> I think nobody of you really need the button to view 
> your own passwords.

I have needed it. For example I have a password for a certain website, 
which I have forgotten since I used it, but password manager remembers 
it for me. Recently I installed a software that uses features from their 
server and works with the same username and password.
0
Aggro
8/28/2006 5:04:32 PM
Most firefox users are technical enough to check manuals while most of
IE users are too blind to try anything other than default.  That is the
result of  the fact IE takes most percents of the market. A common user
is never blant to ignore details other than default setting, I think.
That is why software are provided and upgraded. They are presumed to be
lazy. What they need is just the inconvenience of being cracked rather
than the pure security with inconvenient usage.

Canopus wrote:
> freerow on 28/08/2006 wrote:
>
> >  I don't like the button to conveniently view passwords. My friends don't like it too. It may involve some cultural factors. No matter what, I hope firefox developers could know our preference and consider dropping the button, as default. I think nobody of you really need the button to view your own passwords.
>
> I like it and have used that function for various reasons on several
> occasions.  As has been pointed out there is a master password you can set
> which is blatantly in your face when you turn remembering passwords on and
> to not use that if your PC is in an unsafe environment or you lend your
> lap top out is reckless to say the least.
> 
> -- 
> Rob
> 
> http://www.flickr.com/photos/canopus_archives/

0
lixiaoxu
8/28/2006 5:15:30 PM
Aggro wrote:
> freerow wrote:
> 
>> I think nobody of you really need the button to view your own passwords.
> 
> I have needed it. For example I have a password for a certain website, 
> which I have forgotten since I used it, but password manager remembers 
> it for me. Recently I installed a software that uses features from their 
> server and works with the same username and password.

I have needed mine as well. I dont always remember to write down a new 
password when I create it - and then  I require it in another format. 
The view passwords button has been a godsend on several occasions.
0
Moz
8/28/2006 9:29:33 PM
>> freerow wrote:
>>> Alex are right that I should change the title to "don't let anybody 
>>> untrusted use your laptop for any few seconds, with FF." OK?
>> Not OK.
>>
>>> I tried the master password function. I don't know who could not be bored 
>>> by being required to enter it every session of FF.
>>>
>>> I just want to say, such a default setting is hated by me.  I have to 
>>> alert everybody I'd recommended to use FF that it has a silent and 
>>> default convenience that anyone could view the kept passwords  with just 
>>> a few seconds of occupation of the desk/laptop. Maybe it is because that 
>>> I am a FF user common enough to trust the default setting.
>> This is like blaiming GPS-system for poor security if it can be easily 
>> stolen when you give keys to your car to a stranger.
>>
>> If user gets local access to your computer that user can do anything with. 
>> Install trojans, rootkits, hack your Windows/Linux passwords, look all the 
>> passwords there are saved by any browser, *unless* you have encrypted the 
>> data with a password you need to type to get access to it. This password 
>> can usually be set for example just for Firefox passwords, or a folder or 
>> a harddrive, depending on your OS or third party software if they allow 
>> it.
>>
>> If you still argue with me, I challenge you to write an open source 
>> software than is able to use passwords from a while, without asking master 
>> password from a user when launched and still make it impossible for a user 
>> to read that password by modifying the source code of the program and 
>> compiling custom binary. It doesn't matter whether you can program or not, 
>> because that task is impossible anyway. Same rules apply to closed 
>> software but it takes a little more time since you have to write the 
>> encryption code yourself.
>>
>> Just to prove the case, here is a list of many freeware software that can 
>> be used to retrieve passwords saved by IE:
>> http://www.google.com/search?hl=en&lr=&q=email+password+recover+windows+freeware&btnG=Search
>>
>> Here is how to do it with Opera:
>> http://my.opera.com/Tamil/blog/show.dml/89479
>>
>> Firefox point is not to make it easy for an attacker as it already is easy 
>> for attacker. The point is to make it easy for the user, unless the user 
>> requires heavy protection, when user can choose to use master password. 
> 
> 
freerow wrote:
 > 0. Thanks for css of Chris Ilias. I'll recommend it to my friends if 
it is
 > applied smoothly.
 > 1. I understand what the technical point is. Although almost all talk 
a lot
 > on it, it is not my point.
 > 2. I don't like the button to conveniently view passwords. My friends 
don't
 > like it too. It may involve some cultural factors. No matter what, I 
hope
 > firefox developers could know our preference and consider dropping the
 > button, as default. I think nobody of you really need the button to view
 > your own passwords.
 > 3. In some society/circumstance, to view passwords in others' FF
 > conveniently and to crack the saved passwords technically are two 
totally
 > different types of behaviors. The ends are same. But the psychological
 > pressure are significantly different. Developers'd better consider such
 > factors.
 >
 > "Aggro" <spammerdream@yahoo.com>
 > y7GdnTBWWaprcWzZnZ2dnUVZ_s6dnZ2d@mozilla.org...

Please bottom post in this group!

First, if you don't like the button, don't use it.  If you don't want 
your passwords to be visible, then use the master password.
Not sure what 'cultural factors' you mean.  They are MY passwords, and I 
often want to see them for various reasons.  Because YOU don't want to 
see yours, does that mean I shouldn't be able to see mine?

Seems to me you want to have the software take the burden of security 
off your hands.  Sorry, but in the end, it is the user who must be 
responsible for security.
0
Ron
8/29/2006 1:18:30 AM
On 29.08.2006 03:18 am, CET - what odd quirk of fate caused  Ron Hunter 
to generate the following:? :

>
>>> freerow wrote:
>>>
>>>> Alex are right that I should change the title to "don't let anybody 
>>>> untrusted use your laptop for any few seconds, with FF." OK?
>>>
>>> Not OK.
>>>
>>>> I tried the master password function. I don't know who could not be 
>>>> bored by being required to enter it every session of FF.
>>>>
>>>> I just want to say, such a default setting is hated by me.  I have 
>>>> to alert everybody I'd recommended to use FF that it has a silent 
>>>> and default convenience that anyone could view the kept passwords  
>>>> with just a few seconds of occupation of the desk/laptop. Maybe it 
>>>> is because that I am a FF user common enough to trust the default 
>>>> setting.
>>>
>>> This is like blaiming GPS-system for poor security if it can be 
>>> easily stolen when you give keys to your car to a stranger.
>>>
>>> If user gets local access to your computer that user can do anything 
>>> with. Install trojans, rootkits, hack your Windows/Linux passwords, 
>>> look all the passwords there are saved by any browser, *unless* you 
>>> have encrypted the data with a password you need to type to get 
>>> access to it. This password can usually be set for example just for 
>>> Firefox passwords, or a folder or a harddrive, depending on your OS 
>>> or third party software if they allow it.
>>>
>>> If you still argue with me, I challenge you to write an open source 
>>> software than is able to use passwords from a while, without asking 
>>> master password from a user when launched and still make it 
>>> impossible for a user to read that password by modifying the source 
>>> code of the program and compiling custom binary. It doesn't matter 
>>> whether you can program or not, because that task is impossible 
>>> anyway. Same rules apply to closed software but it takes a little 
>>> more time since you have to write the encryption code yourself.
>>>
>>> Just to prove the case, here is a list of many freeware software 
>>> that can be used to retrieve passwords saved by IE:
>>> http://www.google.com/search?hl=en&lr=&q=email+password+recover+windows+freeware&btnG=Search 
>>>
>>>
>>> Here is how to do it with Opera:
>>> http://my.opera.com/Tamil/blog/show.dml/89479
>>>
>>> Firefox point is not to make it easy for an attacker as it already 
>>> is easy for attacker. The point is to make it easy for the user, 
>>> unless the user requires heavy protection, when user can choose to 
>>> use master password. 
>>
>>
>>
> freerow wrote:
> > 0. Thanks for css of Chris Ilias. I'll recommend it to my friends if 
> it is
> > applied smoothly.
> > 1. I understand what the technical point is. Although almost all 
> talk a lot
> > on it, it is not my point.
> > 2. I don't like the button to conveniently view passwords. My 
> friends don't
> > like it too. It may involve some cultural factors. No matter what, I 
> hope
> > firefox developers could know our preference and consider dropping the
> > button, as default. I think nobody of you really need the button to 
> view
> > your own passwords.
> > 3. In some society/circumstance, to view passwords in others' FF
> > conveniently and to crack the saved passwords technically are two 
> totally
> > different types of behaviors. The ends are same. But the psychological
> > pressure are significantly different. Developers'd better consider such
> > factors.
> >
> > "Aggro" <spammerdream@yahoo.com>
> > y7GdnTBWWaprcWzZnZ2dnUVZ_s6dnZ2d@mozilla.org...
>
> Please bottom post in this group!
>
> First, if you don't like the button, don't use it.  If you don't want 
> your passwords to be visible, then use the master password.
> Not sure what 'cultural factors' you mean.  They are MY passwords, and 
> I often want to see them for various reasons.  Because YOU don't want 
> to see yours, does that mean I shouldn't be able to see mine?
>
> Seems to me you want to have the software take the burden of security 
> off your hands.  Sorry, but in the end, it is the user who must be 
> responsible for security.

yepp, Ron.... write your PIN on your ATM-Card but please.... write it 
backwards ;-)

reg
0
squaredancer
8/29/2006 10:53:14 AM
On 27.08.2006 08:22 am, CET - what odd quirk of fate caused  freerow to 
generate the following:? :

>ALERT: Don't save passwords in Firefox or don't lend your laptop
>
>http://blog.lxxm.com/blogview.asp?logID=904&cateID=10
>
>There is a critical difference between keeping encoded passwords and showing 
>them directly. However, it seems Firefox developers has been ignoring it. It 
>is alerted here that if you lend your laptop with your account, you are 
>letting the user to view all of your passwords kept in your Firefox. To 
>check it, click Tools->Options->Privacy (Big Tab)-> Passwords(Small Tab) -> 
>View Saved Passwords(Button) -> Passwords Saved(Default Tab) -> Show 
>Passwords -> Yes . Then you will hate Firefox to give such a convenience 
>silently!
>
>At least until the current version 1.5.0.6, Firefox makes users expose to 
>the very risk. It 's nothing to do with program techniques. Hope Firefox 
>developers could save me the risk in the next update. It hurts not only the 
>reputation of itself but also its recommenders including google and us, 
>lxxm.com. 
>
>
>  
>
do what I do...
write your logins (or print them out when a site sends the confirmation) 
and file them next to your desk!  Saves a lot of hassle when the CIA 
comes knocking, as they don't have to break your furniture.... and FF 
doesn't have any "saved" passwords if (and when) you are stoopeed enough 
to lend-out your comp 8-)

reg
0
squaredancer
8/29/2006 10:58:11 AM
squaredancer on 29/08/2006 wrote:

>do what I do...
>write your logins (or print them out when a site sends the confirmation) 
>and file them next to your desk!  Saves a lot of hassle when the CIA comes 
>knocking, as they don't have to break your furniture.... and FF doesn't 
>have any "saved" passwords if (and when) you are stoopeed enough to 
>lend-out your comp 8-)

Ah, the ultimate in security!  Don't use a master password, write them all 
down and keep them next to your PC.  Better still, use just one password 
write it on a sticky note and stick it to your monitor ;-)

-- 
Rob

http://www.flickr.com/photos/canopus_archives/
0
Canopus
8/29/2006 12:37:47 PM
On 29.08.2006 02:37 pm, CET - what odd quirk of fate caused  Canopus to 
generate the following:? :

> squaredancer on 29/08/2006 wrote:
>
>> do what I do...
>> write your logins (or print them out when a site sends the 
>> confirmation) and file them next to your desk!  Saves a lot of hassle 
>> when the CIA comes knocking, as they don't have to break your 
>> furniture.... and FF doesn't have any "saved" passwords if (and when) 
>> you are stoopeed enough to lend-out your comp 8-)
>
>
> Ah, the ultimate in security!  Don't use a master password, write them 
> all down and keep them next to your PC.  Better still, use just one 
> password write it on a sticky note and stick it to your monitor ;-)
>
naaa!  the *ultimate* (as disclosed here some time ago) is to write the 
logins *UNDERNEATH* the keyboard.... no-one (but *no-one* ) thinks to 
look there!

reg
0
squaredancer
8/29/2006 9:19:31 PM
squaredancer wrote:
> On 29.08.2006 03:18 am, CET - what odd quirk of fate caused  Ron Hunter 
> to generate the following:? :
> 
>>
>>>> freerow wrote:
>>>>
>>>>> Alex are right that I should change the title to "don't let anybody 
>>>>> untrusted use your laptop for any few seconds, with FF." OK?
>>>>
>>>> Not OK.
>>>>
>>>>> I tried the master password function. I don't know who could not be 
>>>>> bored by being required to enter it every session of FF.
>>>>>
>>>>> I just want to say, such a default setting is hated by me.  I have 
>>>>> to alert everybody I'd recommended to use FF that it has a silent 
>>>>> and default convenience that anyone could view the kept passwords  
>>>>> with just a few seconds of occupation of the desk/laptop. Maybe it 
>>>>> is because that I am a FF user common enough to trust the default 
>>>>> setting.
>>>>
>>>> This is like blaiming GPS-system for poor security if it can be 
>>>> easily stolen when you give keys to your car to a stranger.
>>>>
>>>> If user gets local access to your computer that user can do anything 
>>>> with. Install trojans, rootkits, hack your Windows/Linux passwords, 
>>>> look all the passwords there are saved by any browser, *unless* you 
>>>> have encrypted the data with a password you need to type to get 
>>>> access to it. This password can usually be set for example just for 
>>>> Firefox passwords, or a folder or a harddrive, depending on your OS 
>>>> or third party software if they allow it.
>>>>
>>>> If you still argue with me, I challenge you to write an open source 
>>>> software than is able to use passwords from a while, without asking 
>>>> master password from a user when launched and still make it 
>>>> impossible for a user to read that password by modifying the source 
>>>> code of the program and compiling custom binary. It doesn't matter 
>>>> whether you can program or not, because that task is impossible 
>>>> anyway. Same rules apply to closed software but it takes a little 
>>>> more time since you have to write the encryption code yourself.
>>>>
>>>> Just to prove the case, here is a list of many freeware software 
>>>> that can be used to retrieve passwords saved by IE:
>>>> http://www.google.com/search?hl=en&lr=&q=email+password+recover+windows+freeware&btnG=Search 
>>>>
>>>>
>>>> Here is how to do it with Opera:
>>>> http://my.opera.com/Tamil/blog/show.dml/89479
>>>>
>>>> Firefox point is not to make it easy for an attacker as it already 
>>>> is easy for attacker. The point is to make it easy for the user, 
>>>> unless the user requires heavy protection, when user can choose to 
>>>> use master password. 
>>>
>>>
>>>
>> freerow wrote:
>> > 0. Thanks for css of Chris Ilias. I'll recommend it to my friends if 
>> it is
>> > applied smoothly.
>> > 1. I understand what the technical point is. Although almost all 
>> talk a lot
>> > on it, it is not my point.
>> > 2. I don't like the button to conveniently view passwords. My 
>> friends don't
>> > like it too. It may involve some cultural factors. No matter what, I 
>> hope
>> > firefox developers could know our preference and consider dropping the
>> > button, as default. I think nobody of you really need the button to 
>> view
>> > your own passwords.
>> > 3. In some society/circumstance, to view passwords in others' FF
>> > conveniently and to crack the saved passwords technically are two 
>> totally
>> > different types of behaviors. The ends are same. But the psychological
>> > pressure are significantly different. Developers'd better consider such
>> > factors.
>> >
>> > "Aggro" <spammerdream@yahoo.com>
>> > y7GdnTBWWaprcWzZnZ2dnUVZ_s6dnZ2d@mozilla.org...
>>
>> Please bottom post in this group!
>>
>> First, if you don't like the button, don't use it.  If you don't want 
>> your passwords to be visible, then use the master password.
>> Not sure what 'cultural factors' you mean.  They are MY passwords, and 
>> I often want to see them for various reasons.  Because YOU don't want 
>> to see yours, does that mean I shouldn't be able to see mine?
>>
>> Seems to me you want to have the software take the burden of security 
>> off your hands.  Sorry, but in the end, it is the user who must be 
>> responsible for security.
> 
> yepp, Ron.... write your PIN on your ATM-Card but please.... write it 
> backwards ;-)
> 
> reg
Doesn't everyone?  Grin.
I used to carry a list of phone numbers, only they weren't phone 
numbers, the last 4 were PIN numbers, although some of the numbers 
really were legitimate phone numbers.
0
Ron
8/29/2006 11:36:55 PM
Canopus wrote:
> squaredancer on 29/08/2006 wrote:
> 
>> do what I do...
>> write your logins (or print them out when a site sends the 
>> confirmation) and file them next to your desk!  Saves a lot of hassle 
>> when the CIA comes knocking, as they don't have to break your 
>> furniture.... and FF doesn't have any "saved" passwords if (and when) 
>> you are stoopeed enough to lend-out your comp 8-)
> 
> Ah, the ultimate in security!  Don't use a master password, write them 
> all down and keep them next to your PC.  Better still, use just one 
> password write it on a sticky note and stick it to your monitor ;-)
> 

I use just one password, when possible.  I HATE sites that make up one 
for me and it is something like 'Pbd18AQ0z'.  Numbers like that WILL 
have to be written down, which negates the value of the password in the 
first place.
0
Ron
8/29/2006 11:38:43 PM
squaredancer wrote:
> On 29.08.2006 02:37 pm, CET - what odd quirk of fate caused  Canopus to 
> generate the following:? :
> 
>> squaredancer on 29/08/2006 wrote:
>>
>>> do what I do...
>>> write your logins (or print them out when a site sends the 
>>> confirmation) and file them next to your desk!  Saves a lot of hassle 
>>> when the CIA comes knocking, as they don't have to break your 
>>> furniture.... and FF doesn't have any "saved" passwords if (and when) 
>>> you are stoopeed enough to lend-out your comp 8-)
>>
>>
>> Ah, the ultimate in security!  Don't use a master password, write them 
>> all down and keep them next to your PC.  Better still, use just one 
>> password write it on a sticky note and stick it to your monitor ;-)
>>
> naaa!  the *ultimate* (as disclosed here some time ago) is to write the 
> logins *UNDERNEATH* the keyboard.... no-one (but *no-one* ) thinks to 
> look there!
> 
> reg
I like the postit note on the monitor idea.
0
Ron
8/29/2006 11:40:00 PM
squaredancer on 29/08/2006 wrote:

>>Ah, the ultimate in security!  Don't use a master password, write them  
>>all down and keep them next to your PC.  Better still, use just one  
>>password write it on a sticky note and stick it to your monitor ;-)
>>
>naaa!  the ultimate (as disclosed here some time ago) is to write the 
>logins UNDERNEATH the keyboard.... no-one (but *no-one* ) thinks to look 
>there!

And don't forget to also post all your passwords, usernames and 
registration codes on your web site as a back-up precaution :)

-- 
Rob

http://www.flickr.com/photos/canopus_archives/
0
Canopus
8/29/2006 11:43:40 PM
Ron Hunter on 30/08/2006 wrote:

>Doesn't everyone?  Grin.
>I used to carry a list of phone numbers, only they weren't phone numbers, 
>the last 4 were PIN numbers, although some of the numbers really were 
>legitimate phone numbers.

I used to do that, but, I lost my phone somewhere between Turkey and 
Georgia two weeks ago.  I'm not sure what was worse, loosing my phone 
numbers, my PINs or the �40 odd top up credit.

-- 
Rob

http://www.flickr.com/photos/canopus_archives/
0
Canopus
8/30/2006 1:02:35 AM
On 30.08.2006 01:43 am, CET - what odd quirk of fate caused  Canopus to 
generate the following:? :

> squaredancer on 29/08/2006 wrote:
>
>>> Ah, the ultimate in security!  Don't use a master password, write 
>>> them  all down and keep them next to your PC.  Better still, use 
>>> just one  password write it on a sticky note and stick it to your 
>>> monitor ;-)
>>>
>> naaa!  the ultimate (as disclosed here some time ago) is to write the 
>> logins UNDERNEATH the keyboard.... no-one (but *no-one* ) thinks to 
>> look there!
>
>
> And don't forget to also post all your passwords, usernames and 
> registration codes on your web site as a back-up precaution :)
>
yeah man.... that's *goooood* :-)  (but don't forget the URLs that they 
belong to)

reg
0
squaredancer
8/30/2006 10:29:45 AM
In message <YKqdnV5ttou7TGzZnZ2dnUVZ_tGdnZ2d@mozilla.org> "freerow"
<freerow@gmail.com> wrote:

>I tried the master password function. I don't know who could not be bored by 
>being required to enter it every session of FF.

If security is "boring" then perhaps you shouldn't be using a computer.

-- 
Is it my imagination, or do buffalo wings taste like chicken? 
0
DevilsPGD
8/30/2006 6:12:56 PM
DevilsPGD wrote:
> In message <YKqdnV5ttou7TGzZnZ2dnUVZ_tGdnZ2d@mozilla.org> "freerow"
> <freerow@gmail.com> wrote:
> 
>> I tried the master password function. I don't know who could not be bored by 
>> being required to enter it every session of FF.
> 
> If security is "boring" then perhaps you shouldn't be using a computer.
> 

I don't find it 'boring', but it is often a PITA.  Life would be so much 
simpler if everyone were trustworthy, now wouldn't it?
0
Ron
8/30/2006 7:20:33 PM
Ron Hunter wrote:
> DevilsPGD wrote:
>> In message <YKqdnV5ttou7TGzZnZ2dnUVZ_tGdnZ2d@mozilla.org> "freerow"
>> <freerow@gmail.com> wrote:
>>
>>> I tried the master password function. I don't know who could not be 
>>> bored by being required to enter it every session of FF.
>>
>> If security is "boring" then perhaps you shouldn't be using a computer.
>>
> 
> I don't find it 'boring', but it is often a PITA.  Life would be so much 
> simpler if everyone were trustworthy, now wouldn't it?

that was the '80s.

get with the times, it's the 21st century.  :)

thank all the scripters, hackers, and virus writers for our mindset now. 
  Thank them once for me, too!  :)
0
Tim
8/31/2006 1:11:30 AM
In message <4NGdnZjonZSceGjZnZ2dnUVZ_sednZ2d@mozilla.org> Ron Hunter
<rphunter@charter.net> wrote:

>DevilsPGD wrote:
>> In message <YKqdnV5ttou7TGzZnZ2dnUVZ_tGdnZ2d@mozilla.org> "freerow"
>> <freerow@gmail.com> wrote:
>> 
>>> I tried the master password function. I don't know who could not be bored by 
>>> being required to enter it every session of FF.
>> 
>> If security is "boring" then perhaps you shouldn't be using a computer.
>> 
>
>I don't find it 'boring', but it is often a PITA.  Life would be so much 
>simpler if everyone were trustworthy, now wouldn't it?

Sure.  Paying bills can be a PITA.  So can showing up for work every
morning.  Such is life... No?

-- 
Oh well, I guess this is just going to be one of those lifetimes.
0
DevilsPGD
8/31/2006 11:23:06 PM
DevilsPGD wrote:
> In message <4NGdnZjonZSceGjZnZ2dnUVZ_sednZ2d@mozilla.org> Ron Hunter
> <rphunter@charter.net> wrote:
> 
>> DevilsPGD wrote:
>>> In message <YKqdnV5ttou7TGzZnZ2dnUVZ_tGdnZ2d@mozilla.org> "freerow"
>>> <freerow@gmail.com> wrote:
>>>
>>>> I tried the master password function. I don't know who could not be bored by 
>>>> being required to enter it every session of FF.
>>> If security is "boring" then perhaps you shouldn't be using a computer.
>>>
>> I don't find it 'boring', but it is often a PITA.  Life would be so much 
>> simpler if everyone were trustworthy, now wouldn't it?
> 
> Sure.  Paying bills can be a PITA.  So can showing up for work every
> morning.  Such is life... No?
> 

Only if you let it be a PITA.  Showing up for work can be an adventure 
in itself, or be a path to enlightenment, or just darn plain 
interesting, it all depends on what you want it to be.
0
Moz
9/1/2006 1:04:41 AM
Moz Champion (Dan) Spoke Thus and So about This and That:
> DevilsPGD wrote:
>> In message <4NGdnZjonZSceGjZnZ2dnUVZ_sednZ2d@mozilla.org> Ron Hunter
>> <rphunter@charter.net> wrote:
>>
>>> DevilsPGD wrote:
>>>> In message <YKqdnV5ttou7TGzZnZ2dnUVZ_tGdnZ2d@mozilla.org> "freerow"
>>>> <freerow@gmail.com> wrote:
>>>>
>>>>> I tried the master password function. I don't know who could not be 
>>>>> bored by being required to enter it every session of FF.
>>>> If security is "boring" then perhaps you shouldn't be using a computer.
>>>>
>>> I don't find it 'boring', but it is often a PITA.  Life would be so 
>>> much simpler if everyone were trustworthy, now wouldn't it?
>>
>> Sure.  Paying bills can be a PITA.  So can showing up for work every
>> morning.  Such is life... No?
>>
> 
> Only if you let it be a PITA.  Showing up for work can be an adventure 
> in itself, or be a path to enlightenment, or just darn plain 
> interesting, it all depends on what you want it to be.
I prefer to think of work as a fun way to earn enough money so that I 
can play.

"Work to Live Not Live to Work"

-- 
from the bottom of the RockPile
0
Skree
9/1/2006 1:10:57 AM
Ron Hunter wrote:

> I used to carry a list of phone numbers, only they weren't phone 
> numbers, the last 4 were PIN numbers, although some of the numbers 
> really were legitimate phone numbers.

I did that with the office safe combination.

-- 
Cheers, Bev (Happy Linux User #85683, Slackware 10.2)
====================================================================
"We thought about one of those discount store caskets, but, frankly,
  we were worried about the quality."          -- mortuary commercial

0
The
9/1/2006 5:52:18 AM
Moz Champion (Dan) wrote:
> freerow wrote:
>> ALERT: Don't save passwords in Firefox or don't lend your laptop
>>
>> http://blog.lxxm.com/blogview.asp?logID=904&cateID=10
>>
>> There is a critical difference between keeping encoded passwords and 
>> showing them directly. However, it seems Firefox developers has been 
>> ignoring it. It is alerted here that if you lend your laptop with your 
>> account, you are letting the user to view all of your passwords kept 
>> in your Firefox. To check it, click Tools->Options->Privacy (Big 
>> Tab)-> Passwords(Small Tab) -> View Saved Passwords(Button) -> 
>> Passwords Saved(Default Tab) -> Show Passwords -> Yes . Then you will 
>> hate Firefox to give such a convenience silently!
>>
>> At least until the current version 1.5.0.6, Firefox makes users expose 
>> to the very risk. It 's nothing to do with program techniques. Hope 
>> Firefox developers could save me the risk in the next update. It hurts 
>> not only the reputation of itself but also its recommenders including 
>> google and us, lxxm.com.
>>
> 
> 
> Why would I lend my laptop to someone?

What about a program like Cryptainer to protect your passwords.  It is 
free for personnel use and has 128 bit encryption and you can pay for it 
if you want even higher encryption and more space.
0
Dan
9/7/2006 12:15:41 PM
Dan wrote:
> Moz Champion (Dan) wrote:
>> freerow wrote:
>>> ALERT: Don't save passwords in Firefox or don't lend your laptop
>>>
>>> http://blog.lxxm.com/blogview.asp?logID=904&cateID=10
>>>
>>> There is a critical difference between keeping encoded passwords and 
>>> showing them directly. However, it seems Firefox developers has been 
>>> ignoring it. It is alerted here that if you lend your laptop with your 
>>> account, you are letting the user to view all of your passwords kept 
>>> in your Firefox. To check it, click Tools->Options->Privacy (Big 
>>> Tab)-> Passwords(Small Tab) -> View Saved Passwords(Button) -> 
>>> Passwords Saved(Default Tab) -> Show Passwords -> Yes . Then you will 
>>> hate Firefox to give such a convenience silently!
>>>
>>> At least until the current version 1.5.0.6, Firefox makes users expose 
>>> to the very risk. It 's nothing to do with program techniques. Hope 
>>> Firefox developers could save me the risk in the next update. It hurts 
>>> not only the reputation of itself but also its recommenders including 
>>> google and us, lxxm.com.
>>>
>> 
>> 
>> Why would I lend my laptop to someone?
> 
> What about a program like Cryptainer to protect your passwords.  It is 
> free for personnel use and has 128 bit encryption and you can pay for it 
> if you want even higher encryption and more space.

Why not protect them with a Master Password? Any site where I want my 
password protected goes under the umbrella of the Master Password. A 
casual user can't get to my passwords without the Master Password and if 
I lended my laptop to someone, they'd not be able to get to them.

Once I have signed in with the master password, it is signed into for 
all sites that are protected with it.

-- 
http://www.mozilla.org/products/firefox/
The memory management on the PowerPC can be used to frighten small 
children. - Linus Torvald
0
Tonya
9/7/2006 2:59:44 PM
Tonya Marshall wrote:
> Dan wrote:
>> Moz Champion (Dan) wrote:
>>> freerow wrote:
>>>> ALERT: Don't save passwords in Firefox or don't lend your laptop
>>>>
>>>> http://blog.lxxm.com/blogview.asp?logID=904&cateID=10
>>>>
>>>> There is a critical difference between keeping encoded passwords and 
>>>> showing them directly. However, it seems Firefox developers has been 
>>>> ignoring it. It is alerted here that if you lend your laptop with 
>>>> your account, you are letting the user to view all of your passwords 
>>>> kept in your Firefox. To check it, click Tools->Options->Privacy 
>>>> (Big Tab)-> Passwords(Small Tab) -> View Saved Passwords(Button) -> 
>>>> Passwords Saved(Default Tab) -> Show Passwords -> Yes . Then you 
>>>> will hate Firefox to give such a convenience silently!
>>>>
>>>> At least until the current version 1.5.0.6, Firefox makes users 
>>>> expose to the very risk. It 's nothing to do with program 
>>>> techniques. Hope Firefox developers could save me the risk in the 
>>>> next update. It hurts not only the reputation of itself but also its 
>>>> recommenders including google and us, lxxm.com.
>>>>
>>>
>>>
>>> Why would I lend my laptop to someone?
>>
>> What about a program like Cryptainer to protect your passwords.  It is 
>> free for personnel use and has 128 bit encryption and you can pay for 
>> it if you want even higher encryption and more space.
> 
> Why not protect them with a Master Password? Any site where I want my 
> password protected goes under the umbrella of the Master Password. A 
> casual user can't get to my passwords without the Master Password and if 
> I lended my laptop to someone, they'd not be able to get to them.
> 
> Once I have signed in with the master password, it is signed into for 
> all sites that are protected with it.
> 
All true, however, some sites choose to encode their passwords into the 
cookie for that site, rendering this aspect of security ineffective. 
Other sites code their password to not be captured by browsers, or at 
least attempt to.  Any way you look at it, passwords are a pain in the 
backside, but regrettably necessary in these days of mistrust and 
dishonesty.
0
Ron
9/7/2006 3:21:13 PM
Ron Hunter wrote:
> Tonya Marshall wrote:
>> Dan wrote:
>>> Moz Champion (Dan) wrote:
>>>> freerow wrote:
>>>>> ALERT: Don't save passwords in Firefox or don't lend your laptop
>>>>>
>>>>> http://blog.lxxm.com/blogview.asp?logID=904&cateID=10
>>>>>
>>>>> There is a critical difference between keeping encoded passwords 
>>>>> and showing them directly. However, it seems Firefox developers has 
>>>>> been ignoring it. It is alerted here that if you lend your laptop 
>>>>> with your account, you are letting the user to view all of your 
>>>>> passwords kept in your Firefox. To check it, click 
>>>>> Tools->Options->Privacy (Big Tab)-> Passwords(Small Tab) -> View 
>>>>> Saved Passwords(Button) -> Passwords Saved(Default Tab) -> Show 
>>>>> Passwords -> Yes . Then you will hate Firefox to give such a 
>>>>> convenience silently!
>>>>>
>>>>> At least until the current version 1.5.0.6, Firefox makes users 
>>>>> expose to the very risk. It 's nothing to do with program 
>>>>> techniques. Hope Firefox developers could save me the risk in the 
>>>>> next update. It hurts not only the reputation of itself but also 
>>>>> its recommenders including google and us, lxxm.com.
>>>>>
>>>>
>>>>
>>>> Why would I lend my laptop to someone?
>>>
>>> What about a program like Cryptainer to protect your passwords.  It 
>>> is free for personnel use and has 128 bit encryption and you can pay 
>>> for it if you want even higher encryption and more space.
>>
>> Why not protect them with a Master Password? Any site where I want my 
>> password protected goes under the umbrella of the Master Password. A 
>> casual user can't get to my passwords without the Master Password and 
>> if I lended my laptop to someone, they'd not be able to get to them.
>>
>> Once I have signed in with the master password, it is signed into for 
>> all sites that are protected with it.
>>
> All true, however, some sites choose to encode their passwords into the 
> cookie for that site, rendering this aspect of security ineffective. 
> Other sites code their password to not be captured by browsers, or at 
> least attempt to.  Any way you look at it, passwords are a pain in the 
> backside, but regrettably necessary in these days of mistrust and 
> dishonesty.


Fine and dandy folks but no one has answered my question.
Why would I lend my laptop to someone?
0
Moz
9/7/2006 5:57:53 PM
In message <hLidnXunV5o_wJ3YnZ2dnUVZ_tGdnZ2d@mozilla.org> "Moz Champion
(Dan)" <moz.champion@sympatico.ca> wrote:

>Fine and dandy folks but no one has answered my question.
>Why would I lend my laptop to someone?

Because most people don't have the balls to say no if a casual
acquaintance or friend asks to check their email and you have a computer
right in front of you.

-- 
This signature was randomly selected
0
DevilsPGD
9/7/2006 6:47:14 PM
DevilsPGD wrote:
> In message <hLidnXunV5o_wJ3YnZ2dnUVZ_tGdnZ2d@mozilla.org> "Moz Champion
> (Dan)" <moz.champion@sympatico.ca> wrote:
> 
>> Fine and dandy folks but no one has answered my question.
>> Why would I lend my laptop to someone?
> 
> Because most people don't have the balls to say no if a casual
> acquaintance or friend asks to check their email and you have a computer
> right in front of you.
> 


They want to check THEIR email, they check it on THEIR computer, not mine.

Thats like saying I should loan my car to someone because they have to 
get someplace and didnt bring theirs. Nonsense.

I wouldnt expect anyone to loan ME their computer (or their car for that 
matter) so why would I loan mine out?




Besides, just how many people do YOU know that know all their settings 
off by heart so they CAN check their email? name of ISP. name of server, 
port number, authentication settings, email user name, so on and so 
forth, AND one or two passwords?  Most people DONT remember their email 
password in the first place (they write it down or let the computer 
remember it) let alone all that other datum.
So, to me, 'loan me your computer so I can check my email' is almost 
pure nonesense.

I'm no slouch when it comes to setting up email programs, and I have a 
pretty darn good memory as well, but I know that I wouldnt remember all 
the settings to use for even one of my accounts.
0
Moz
9/7/2006 7:59:44 PM
Moz Champion (Dan) wrote:
> DevilsPGD wrote:
>> In message <hLidnXunV5o_wJ3YnZ2dnUVZ_tGdnZ2d@mozilla.org> "Moz Champion
>> (Dan)" <moz.champion@sympatico.ca> wrote:
>> 
>>> Fine and dandy folks but no one has answered my question.
>>> Why would I lend my laptop to someone?
>> 
>> Because most people don't have the balls to say no if a casual
>> acquaintance or friend asks to check their email and you have a computer
>> right in front of you.
>> 
> 
> 
> They want to check THEIR email, they check it on THEIR computer, not mine.
> 
> Thats like saying I should loan my car to someone because they have to 
> get someplace and didnt bring theirs. Nonsense.
> 
> I wouldnt expect anyone to loan ME their computer (or their car for that 
> matter) so why would I loan mine out?
> 
> 
> 
> 
> Besides, just how many people do YOU know that know all their settings 
> off by heart so they CAN check their email? name of ISP. name of server, 
> port number, authentication settings, email user name, so on and so 
> forth, AND one or two passwords?  Most people DONT remember their email 
> password in the first place (they write it down or let the computer 
> remember it) let alone all that other datum.
> So, to me, 'loan me your computer so I can check my email' is almost 
> pure nonesense.
> 
> I'm no slouch when it comes to setting up email programs, and I have a 
> pretty darn good memory as well, but I know that I wouldnt remember all 
> the settings to use for even one of my accounts.

I'm with you, Dan. I wouldn't lend my laptop.

When family comes to my house and stays for awhile, then they should 
have access to their webmail but they don't need my master password to 
access it.

-- 
http://www.mozilla.org/products/firefox/
The memory management on the PowerPC can be used to frighten small 
children. - Linus Torvald
0
Tonya
9/7/2006 11:54:11 PM
Moz Champion (Dan) wrote:

> Fine and dandy folks but no one has answered my question.
> Why would I lend my laptop to someone?
you're in a work environment and you have to load your laptop to your 
secretary or the boss, or someone else.

-- 
Pic of the Day:
http://img132.imageshack.us/my.php?image=droppedmysoaplo2.gif
0
gwtc
9/8/2006 12:51:06 AM
Moz Champion (Dan) wrote:
> DevilsPGD wrote:
>> In message <hLidnXunV5o_wJ3YnZ2dnUVZ_tGdnZ2d@mozilla.org> "Moz Champion
>> (Dan)" <moz.champion@sympatico.ca> wrote:
>>
>>> Fine and dandy folks but no one has answered my question.
>>> Why would I lend my laptop to someone?
>>
>> Because most people don't have the balls to say no if a casual
>> acquaintance or friend asks to check their email and you have a computer
>> right in front of you.
>>
> 
> 
> They want to check THEIR email, they check it on THEIR computer, not mine.
> 
> Thats like saying I should loan my car to someone because they have to 
> get someplace and didnt bring theirs. Nonsense.
> 
> I wouldnt expect anyone to loan ME their computer (or their car for that 
> matter) so why would I loan mine out?
> 
> 
> 
> 
> Besides, just how many people do YOU know that know all their settings 
> off by heart so they CAN check their email? name of ISP. name of server, 
> port number, authentication settings, email user name, so on and so 
> forth, AND one or two passwords?  Most people DONT remember their email 
> password in the first place (they write it down or let the computer 
> remember it) let alone all that other datum.
> So, to me, 'loan me your computer so I can check my email' is almost 
> pure nonesense.
> 
> I'm no slouch when it comes to setting up email programs, and I have a 
> pretty darn good memory as well, but I know that I wouldnt remember all 
> the settings to use for even one of my accounts.

But this is about Firefox, not an email program.  So the friend doesn't 
have set up any parameters, nor configure your email client; all they 
need to know is their logon and password for the http Webmail access of 
their ISP.  Doing that is the same as letting someone use your computer 
to browse to a Web page.  Are you saying you'd never let a guest in your 
house use your computer to access the Internet?

Besides, if you want to be paranoid about it, create a "plain" profile, 
put a shortcut on the desktop and say:  "Sure.  Just click here and 
it'll launch a browser and you can type in your Webmail address."  Then 
they're not even in /your/ profile so whatever they do won't be of any 
danger to you.  You can simply delete the "plain" profile afterwards and 
whatever they did is *gone*.

-- 
Ed Mullen
http://edmullen.net
http://mozilla.edmullen.net
http://abington.edmullen.net
Any clod can have the facts, but having opinions is an art. - Charles McCabe
0
Ed
9/8/2006 12:58:54 AM
In message <y_-dnWvwA-bSXZ3YnZ2dnUVZ_vednZ2d@mozilla.org> Ed Mullen
<ed@edmullen.net> wrote:

>But this is about Firefox, not an email program.  So the friend doesn't 
>have set up any parameters, nor configure your email client; all they 
>need to know is their logon and password for the http Webmail access of 
>their ISP.  Doing that is the same as letting someone use your computer 
>to browse to a Web page.  Are you saying you'd never let a guest in your 
>house use your computer to access the Internet?

Even so, the whole point of this thread was that someone can easily
access passwords once they have access to the physical PC for a few
seconds.

-- 
They say you shouldn't say anything about the dead unless it's good.

"He's dead. Good."
0
DevilsPGD
9/8/2006 1:38:30 AM
DevilsPGD wrote:
> In message <y_-dnWvwA-bSXZ3YnZ2dnUVZ_vednZ2d@mozilla.org> Ed Mullen
> <ed@edmullen.net> wrote:
> 
>> But this is about Firefox, not an email program.  So the friend doesn't 
>> have set up any parameters, nor configure your email client; all they 
>> need to know is their logon and password for the http Webmail access of 
>> their ISP.  Doing that is the same as letting someone use your computer 
>> to browse to a Web page.  Are you saying you'd never let a guest in your 
>> house use your computer to access the Internet?
> 
> Even so, the whole point of this thread was that someone can easily
> access passwords once they have access to the physical PC for a few
> seconds.
> 

That may be a key part of the thread but it's not /all/ that has been 
said, and I was responding to one specific notion:  The paranoiac level 
of abhorrence of the idea of letting someone else use your computer.  I 
don't think anyone ever suggested giving someone your laptop to take 
away from your home (or oversight) for a lengthy period of time.  I 
described specifically the opposite:  a situation of a friend using your 
PC "... in your house ..."

Further, I was trying to counter the notion that a "friend" using my PC 
in that situation should be assumed to be not trustworthy enough to use 
it as I described.  If that's true for those in this thread who seem 
staunchly opposed to it, then I think they might need to rethink their 
definition of "friend."  Or at least the criteria they use in choosing them.

But, ultimately, "whatever."  Different strokes, etc.

-- 
Ed Mullen
http://edmullen.net
http://mozilla.edmullen.net
http://abington.edmullen.net
Too many freaks, not enough circuses.
0
Ed
9/8/2006 2:44:00 AM
Ed Mullen wrote:
> Moz Champion (Dan) wrote:
>> DevilsPGD wrote:
>>> In message <hLidnXunV5o_wJ3YnZ2dnUVZ_tGdnZ2d@mozilla.org> "Moz Champion
>>> (Dan)" <moz.champion@sympatico.ca> wrote:
>>>
>>>> Fine and dandy folks but no one has answered my question.
>>>> Why would I lend my laptop to someone?
>>>
>>> Because most people don't have the balls to say no if a casual
>>> acquaintance or friend asks to check their email and you have a computer
>>> right in front of you.
>>>
>>
>>
>> They want to check THEIR email, they check it on THEIR computer, not 
>> mine.
>>
>> Thats like saying I should loan my car to someone because they have to 
>> get someplace and didnt bring theirs. Nonsense.
>>
>> I wouldnt expect anyone to loan ME their computer (or their car for 
>> that matter) so why would I loan mine out?
>>
>>
>>
>>
>> Besides, just how many people do YOU know that know all their settings 
>> off by heart so they CAN check their email? name of ISP. name of 
>> server, port number, authentication settings, email user name, so on 
>> and so forth, AND one or two passwords?  Most people DONT remember 
>> their email password in the first place (they write it down or let the 
>> computer remember it) let alone all that other datum.
>> So, to me, 'loan me your computer so I can check my email' is almost 
>> pure nonesense.
>>
>> I'm no slouch when it comes to setting up email programs, and I have a 
>> pretty darn good memory as well, but I know that I wouldnt remember 
>> all the settings to use for even one of my accounts.
> 
> But this is about Firefox, not an email program.  So the friend doesn't 
> have set up any parameters, nor configure your email client; all they 
> need to know is their logon and password for the http Webmail access of 
> their ISP.  Doing that is the same as letting someone use your computer 
> to browse to a Web page.  Are you saying you'd never let a guest in your 
> house use your computer to access the Internet?
> 
> Besides, if you want to be paranoid about it, create a "plain" profile, 
> put a shortcut on the desktop and say:  "Sure.  Just click here and 
> it'll launch a browser and you can type in your Webmail address."  Then 
> they're not even in /your/ profile so whatever they do won't be of any 
> danger to you.  You can simply delete the "plain" profile afterwards and 
> whatever they did is *gone*.
> 

Right you are. If my computer is in use its by someone I trust 
implicitely and its not out of sight.   IMHO, a guest isnt there to read 
email, they are there to visit. If they cant be away from their email 
for that long, they have a problem.

When I go on vacation, or visits, long or short, I either take my own 
computer or I go without. I wouldnt ask someone to use their computer 
anymore than I would ask to use their car - nor would I expect them to 
provide usage of such.

Where do you draw the line? Do you just hand over the keys to the family 
car if a guest at your house has to run an errand? I dont. I usually 
offer to drive them somewhere if they absolutely have to go, but I dont 
loan my car - and I dont loan my computer. Any of them.
0
Moz
9/8/2006 3:30:26 AM
gwtc wrote:
> Moz Champion (Dan) wrote:
> 
>> Fine and dandy folks but no one has answered my question.
>> Why would I lend my laptop to someone?
> you're in a work environment and you have to load your laptop to your 
> secretary or the boss, or someone else.
> 

If I was in such a work environment, I wouldnt be. Does that answer your 
question?

My computer is MY computer, its not the boss's, nor the secretary's. I 
am responsible for what goes on on my computer. The only people who use 
it without my oversight are the technicians fixing it.

Do you hand over your keys to your car, just because someone needs a 
vehicle and they havent got theirs? Would you give your boss your house 
keys for the weekend? I wouldnt.
0
Moz
9/8/2006 3:48:48 AM
Moz Champion (Dan) wrote:
> Ed Mullen wrote:
>> Moz Champion (Dan) wrote:
>>> DevilsPGD wrote:
>>>> In message <hLidnXunV5o_wJ3YnZ2dnUVZ_tGdnZ2d@mozilla.org> "Moz Champion
>>>> (Dan)" <moz.champion@sympatico.ca> wrote:
>>>>
>>>>> Fine and dandy folks but no one has answered my question.
>>>>> Why would I lend my laptop to someone?
>>>>
>>>> Because most people don't have the balls to say no if a casual
>>>> acquaintance or friend asks to check their email and you have a 
>>>> computer
>>>> right in front of you.
>>>>
>>>
>>>
>>> They want to check THEIR email, they check it on THEIR computer, not 
>>> mine.
>>>
>>> Thats like saying I should loan my car to someone because they have 
>>> to get someplace and didnt bring theirs. Nonsense.
>>>
>>> I wouldnt expect anyone to loan ME their computer (or their car for 
>>> that matter) so why would I loan mine out?
>>>
>>>
>>>
>>>
>>> Besides, just how many people do YOU know that know all their 
>>> settings off by heart so they CAN check their email? name of ISP. 
>>> name of server, port number, authentication settings, email user 
>>> name, so on and so forth, AND one or two passwords?  Most people DONT 
>>> remember their email password in the first place (they write it down 
>>> or let the computer remember it) let alone all that other datum.
>>> So, to me, 'loan me your computer so I can check my email' is almost 
>>> pure nonesense.
>>>
>>> I'm no slouch when it comes to setting up email programs, and I have 
>>> a pretty darn good memory as well, but I know that I wouldnt remember 
>>> all the settings to use for even one of my accounts.
>>
>> But this is about Firefox, not an email program.  So the friend 
>> doesn't have set up any parameters, nor configure your email client; 
>> all they need to know is their logon and password for the http Webmail 
>> access of their ISP.  Doing that is the same as letting someone use 
>> your computer to browse to a Web page.  Are you saying you'd never let 
>> a guest in your house use your computer to access the Internet?
>>
>> Besides, if you want to be paranoid about it, create a "plain" 
>> profile, put a shortcut on the desktop and say:  "Sure.  Just click 
>> here and it'll launch a browser and you can type in your Webmail 
>> address."  Then they're not even in /your/ profile so whatever they do 
>> won't be of any danger to you.  You can simply delete the "plain" 
>> profile afterwards and whatever they did is *gone*.
>>
> 
> Right you are. If my computer is in use its by someone I trust 
> implicitely and its not out of sight.   IMHO, a guest isnt there to read 
> email, they are there to visit. If they cant be away from their email 
> for that long, they have a problem.
> 
> When I go on vacation, or visits, long or short, I either take my own 
> computer or I go without. I wouldnt ask someone to use their computer 
> anymore than I would ask to use their car - nor would I expect them to 
> provide usage of such.

I never expect a host to provide me with anything:  I'm a guest, I 
politely ask and if the host cannot (for whatever reason) accommodate 
me, that's ok. However, I have a good friend who is a computer security 
consultant.  when I visit his house he gives me access to the Net via 
his LAN, OR, lets me use one of their PCs.  When he and his wife visit 
us, I do the same.  We are "friends."  That (to us) has an implicit 
level of trust.

> 
> Where do you draw the line? Do you just hand over the keys to the family 
> car if a guest at your house has to run an errand? 

Actually, not to everyone, but, yes, I would (and have, and do) with 
people I trust.  The problem I have with this thread is the 
generalizations.  "a guest" is a phrase that contains no descriptives, 
does not quantify nor qualify the situation so that we can have a 
meaningful discussion about the issue.  That's why I'm describing 
specific examples and people.  If we just keep talking in the abstract, 
well, sure:  I'll agree that if I don't know my "guest", have no idea of 
the integrity of my "friend" that, yep, I'd be an idiot to let them have 
at my keyboards or my car keys.  But my point is, if that's how little I 
can trust the people I invite into my life (and house) well, I'm 
apparently a completely inept judge of character.

> I dont. I usually 
> offer to drive them somewhere if they absolutely have to go, but I dont 
> loan my car - and I dont loan my computer. Any of them.

Again, you use the word "loan."  Good enough term to describe handing a 
trusted friend the keys to one of my cars.  (Note the qualification 
"trusted," alright?)  Ok, no problem with semantics there. I trust them, 
they are insured, I am insured, it's just a car, no problem.

But if they ask to log onto one of my systems to check their Web mail? 
I'm not making a "loan" in the same sense.  They can't take the computer 
  off for four hours (or days or weeks, assuming they have a Cray at 
their disposal) to hack my encrypted files.  (By the way, just out of 
curiosity, can any of the alarmists in this thread cite some 
authoritative references on how long it would take, using what kind of 
hardware resources, to crack a Blowfish 448-bit encrypted file?)

Good grief.  This is silly. Sure, take the bald and simple premise: 
"Don't lend you laptop to someone!"  Well, ok.  If that's all the info 
I've got on the issue, if that's all you're going to tell me about the 
conditions, yeah, I'll agree.  But that's how I've differed in my posts. 
  I've indicated specific circumstances and in those I /would/ be 
comfortable "lending" my PC.

I am discriminate as to who I invite into my home.  No, I don't just 
lend my cars to someone I just met.  That is my point.  I've gotten more 
specific than the original "Omigod!  Don't ever let anyone use your 
computer!!!"

Hey, you don't trust your "friends" that much? No problem.  Don't let 
'em use your computer, your car, and, God forbid, don't let them drink 
Coca Cola in your house! The same guy who used my LAN, my PCs, and my 
car spilled a Coke on my carpet.  I'm still trying to get the damed 
stain out!

Sorry, I think this discussion has been ill-defined, paranoiac, and so 
much FUD.  We wouldn't accept such sloppiness in a tech support inquiry. 
  We're always asking:  "Well, under what circumstances did that happen? 
What /kind/ of extensions (friends) are you using?  Are you using any 
...."  etc.

Ok, I've spent my 3.3 cents (adjusted for inflation). Enough.

-- 
Ed Mullen
http://edmullen.net
http://mozilla.edmullen.net
http://abington.edmullen.net
Do people in France use American ticklers?
0
Ed
9/8/2006 5:30:13 AM
Moz Champion (Dan) wrote:
> gwtc wrote:
>> Moz Champion (Dan) wrote:
>>
>>> Fine and dandy folks but no one has answered my question.
>>> Why would I lend my laptop to someone?
>> you're in a work environment and you have to load your laptop to your 
>> secretary or the boss, or someone else.
>>
> 
> If I was in such a work environment, I wouldnt be. Does that answer your 
> question?
> 
> My computer is MY computer, its not the boss's, nor the secretary's. I 
> am responsible for what goes on on my computer. The only people who use 
> it without my oversight are the technicians fixing it.
> 
> Do you hand over your keys to your car, just because someone needs a 
> vehicle and they havent got theirs? Would you give your boss your house 
> keys for the weekend? I wouldnt.

Dan. IF you are in a work environment where you are an employee of a 
company, AND you are using a company provided laptop, it ain't YOUR 
computer.  It, and all the bits on the hard drive are the property of 
the company.

-- 
Ed Mullen
http://edmullen.net
http://mozilla.edmullen.net
http://abington.edmullen.net
Any clod can have the facts, but having opinions is an art. - Charles McCabe
0
Ed
9/8/2006 5:32:01 AM
Moz Champion (Dan) wrote:
> Ed Mullen wrote:
>> Moz Champion (Dan) wrote:
>>> DevilsPGD wrote:
>>>> In message <hLidnXunV5o_wJ3YnZ2dnUVZ_tGdnZ2d@mozilla.org> "Moz Champion
>>>> (Dan)" <moz.champion@sympatico.ca> wrote:
>>>>
>>>>> Fine and dandy folks but no one has answered my question.
>>>>> Why would I lend my laptop to someone?
>>>>
>>>> Because most people don't have the balls to say no if a casual
>>>> acquaintance or friend asks to check their email and you have a 
>>>> computer
>>>> right in front of you.
>>>>
>>>
>>>
>>> They want to check THEIR email, they check it on THEIR computer, not 
>>> mine.
>>>
>>> Thats like saying I should loan my car to someone because they have 
>>> to get someplace and didnt bring theirs. Nonsense.
>>>
>>> I wouldnt expect anyone to loan ME their computer (or their car for 
>>> that matter) so why would I loan mine out?
>>>
>>>
>>>
>>>
>>> Besides, just how many people do YOU know that know all their 
>>> settings off by heart so they CAN check their email? name of ISP. 
>>> name of server, port number, authentication settings, email user 
>>> name, so on and so forth, AND one or two passwords?  Most people DONT 
>>> remember their email password in the first place (they write it down 
>>> or let the computer remember it) let alone all that other datum.
>>> So, to me, 'loan me your computer so I can check my email' is almost 
>>> pure nonesense.
>>>
>>> I'm no slouch when it comes to setting up email programs, and I have 
>>> a pretty darn good memory as well, but I know that I wouldnt remember 
>>> all the settings to use for even one of my accounts.
>>
>> But this is about Firefox, not an email program.  So the friend 
>> doesn't have set up any parameters, nor configure your email client; 
>> all they need to know is their logon and password for the http Webmail 
>> access of their ISP.  Doing that is the same as letting someone use 
>> your computer to browse to a Web page.  Are you saying you'd never let 
>> a guest in your house use your computer to access the Internet?
>>
>> Besides, if you want to be paranoid about it, create a "plain" 
>> profile, put a shortcut on the desktop and say:  "Sure.  Just click 
>> here and it'll launch a browser and you can type in your Webmail 
>> address."  Then they're not even in /your/ profile so whatever they do 
>> won't be of any danger to you.  You can simply delete the "plain" 
>> profile afterwards and whatever they did is *gone*.
>>
> 
> Right you are. If my computer is in use its by someone I trust 
> implicitely and its not out of sight.   IMHO, a guest isnt there to read 
> email, they are there to visit. If they cant be away from their email 
> for that long, they have a problem.
> 
> When I go on vacation, or visits, long or short, I either take my own 
> computer or I go without. I wouldnt ask someone to use their computer 
> anymore than I would ask to use their car - nor would I expect them to 
> provide usage of such.
> 
> Where do you draw the line? Do you just hand over the keys to the family 
> car if a guest at your house has to run an errand? I dont. I usually 
> offer to drive them somewhere if they absolutely have to go, but I dont 
> loan my car - and I dont loan my computer. Any of them.

I routinely use the computers of relatives when I visit.  Not friends, 
but relatives, and they use mine.  I also allow friends to use my 
computers, supervised.  They (friends, and relatives) also sometimes use 
my car.  Perhaps you need to either be more careful of who you call 
friends, or work on trust issues.  Not everyone is out to get you.
Thinks on my computers which are not something I want others to see are 
encrypted.  Just basic security, not paranoia.
0
Ron
9/8/2006 8:02:18 AM
Moz Champion (Dan) wrote:
> gwtc wrote:
>> Moz Champion (Dan) wrote:
>>
>>> Fine and dandy folks but no one has answered my question.
>>> Why would I lend my laptop to someone?
>> you're in a work environment and you have to load your laptop to your 
>> secretary or the boss, or someone else.
>>
> 
> If I was in such a work environment, I wouldnt be. Does that answer your 
> question?
> 
> My computer is MY computer, its not the boss's, nor the secretary's. I 
> am responsible for what goes on on my computer. The only people who use 
> it without my oversight are the technicians fixing it.
> 
> Do you hand over your keys to your car, just because someone needs a 
> vehicle and they havent got theirs? Would you give your boss your house 
> keys for the weekend? I wouldnt.

I have had bosses I wouldn't give my house keys to, but mainly I think I 
could trust most of them.  I have relatives, and one friend who have 
keys to my house, and have for decades.  I trust them.  If I didn't, 
then they wouldn't have keys.  It is sad that you don't have anyone you 
can trust.
0
Ron
9/8/2006 8:08:13 AM
Ron Hunter wrote:
> Moz Champion (Dan) wrote:
>> Ed Mullen wrote:
>>> Moz Champion (Dan) wrote:
>>>> DevilsPGD wrote:
>>>>> In message <hLidnXunV5o_wJ3YnZ2dnUVZ_tGdnZ2d@mozilla.org> "Moz 
>>>>> Champion
>>>>> (Dan)" <moz.champion@sympatico.ca> wrote:
>>>>>
>>>>>> Fine and dandy folks but no one has answered my question.
>>>>>> Why would I lend my laptop to someone?
>>>>>
>>>>> Because most people don't have the balls to say no if a casual
>>>>> acquaintance or friend asks to check their email and you have a 
>>>>> computer
>>>>> right in front of you.
>>>>>
>>>>
>>>>
>>>> They want to check THEIR email, they check it on THEIR computer, not 
>>>> mine.
>>>>
>>>> Thats like saying I should loan my car to someone because they have 
>>>> to get someplace and didnt bring theirs. Nonsense.
>>>>
>>>> I wouldnt expect anyone to loan ME their computer (or their car for 
>>>> that matter) so why would I loan mine out?
>>>>
>>>>
>>>>
>>>>
>>>> Besides, just how many people do YOU know that know all their 
>>>> settings off by heart so they CAN check their email? name of ISP. 
>>>> name of server, port number, authentication settings, email user 
>>>> name, so on and so forth, AND one or two passwords?  Most people 
>>>> DONT remember their email password in the first place (they write it 
>>>> down or let the computer remember it) let alone all that other datum.
>>>> So, to me, 'loan me your computer so I can check my email' is almost 
>>>> pure nonesense.
>>>>
>>>> I'm no slouch when it comes to setting up email programs, and I have 
>>>> a pretty darn good memory as well, but I know that I wouldnt 
>>>> remember all the settings to use for even one of my accounts.
>>>
>>> But this is about Firefox, not an email program.  So the friend 
>>> doesn't have set up any parameters, nor configure your email client; 
>>> all they need to know is their logon and password for the http 
>>> Webmail access of their ISP.  Doing that is the same as letting 
>>> someone use your computer to browse to a Web page.  Are you saying 
>>> you'd never let a guest in your house use your computer to access the 
>>> Internet?
>>>
>>> Besides, if you want to be paranoid about it, create a "plain" 
>>> profile, put a shortcut on the desktop and say:  "Sure.  Just click 
>>> here and it'll launch a browser and you can type in your Webmail 
>>> address."  Then they're not even in /your/ profile so whatever they 
>>> do won't be of any danger to you.  You can simply delete the "plain" 
>>> profile afterwards and whatever they did is *gone*.
>>>
>>
>> Right you are. If my computer is in use its by someone I trust 
>> implicitely and its not out of sight.   IMHO, a guest isnt there to 
>> read email, they are there to visit. If they cant be away from their 
>> email for that long, they have a problem.
>>
>> When I go on vacation, or visits, long or short, I either take my own 
>> computer or I go without. I wouldnt ask someone to use their computer 
>> anymore than I would ask to use their car - nor would I expect them to 
>> provide usage of such.
>>
>> Where do you draw the line? Do you just hand over the keys to the 
>> family car if a guest at your house has to run an errand? I dont. I 
>> usually offer to drive them somewhere if they absolutely have to go, 
>> but I dont loan my car - and I dont loan my computer. Any of them.
> 
> I routinely use the computers of relatives when I visit.  Not friends, 
> but relatives, and they use mine.  I also allow friends to use my 
> computers, supervised.  They (friends, and relatives) also sometimes use 
> my car.  Perhaps you need to either be more careful of who you call 
> friends, or work on trust issues.  Not everyone is out to get you.
> Thinks on my computers which are not something I want others to see are 
> encrypted.  Just basic security, not paranoia.


Nothing paranoic about it.

I simply dont lend my computer to others, nor my car.

You may if you wish, I dont.
0
Moz
9/8/2006 9:58:34 AM
Ed Mullen wrote:
> Moz Champion (Dan) wrote:
>> gwtc wrote:
>>> Moz Champion (Dan) wrote:
>>>
>>>> Fine and dandy folks but no one has answered my question.
>>>> Why would I lend my laptop to someone?
>>> you're in a work environment and you have to load your laptop to your 
>>> secretary or the boss, or someone else.
>>>
>>
>> If I was in such a work environment, I wouldnt be. Does that answer 
>> your question?
>>
>> My computer is MY computer, its not the boss's, nor the secretary's. I 
>> am responsible for what goes on on my computer. The only people who 
>> use it without my oversight are the technicians fixing it.
>>
>> Do you hand over your keys to your car, just because someone needs a 
>> vehicle and they havent got theirs? Would you give your boss your 
>> house keys for the weekend? I wouldnt.
> 
> Dan. IF you are in a work environment where you are an employee of a 
> company, AND you are using a company provided laptop, it ain't YOUR 
> computer.  It, and all the bits on the hard drive are the property of 
> the company.
> 

I knew you were going to bring that up. If the computer is supplied by 
the company, then it isnt mine is it?

MY computer is the one I purchased (or received as a gift), not one on 
loan from a business or an organization. Its mine, period.

I never said anything about a computer that is effectively on loan to me 
(belonging to the company) I said I wouldnt loan MY computer to others, 
emphasis on MY.

I worked in several offices in which we all 'shared' computer resources, 
or at other times when we all had an individual machine 'assigned' to us 
for official purposes. Tho we each took personal 'care' of the machines, 
I never considered the one on my desk to be 'mine', it was simply the 
one I was using.
0
Moz
9/8/2006 10:05:48 AM
Ron Hunter wrote:
> Moz Champion (Dan) wrote:
>> gwtc wrote:
>>> Moz Champion (Dan) wrote:
>>>
>>>> Fine and dandy folks but no one has answered my question.
>>>> Why would I lend my laptop to someone?
>>> you're in a work environment and you have to load your laptop to your 
>>> secretary or the boss, or someone else.
>>>
>>
>> If I was in such a work environment, I wouldnt be. Does that answer 
>> your question?
>>
>> My computer is MY computer, its not the boss's, nor the secretary's. I 
>> am responsible for what goes on on my computer. The only people who 
>> use it without my oversight are the technicians fixing it.
>>
>> Do you hand over your keys to your car, just because someone needs a 
>> vehicle and they havent got theirs? Would you give your boss your 
>> house keys for the weekend? I wouldnt.
> 
> I have had bosses I wouldn't give my house keys to, but mainly I think I 
> could trust most of them.  I have relatives, and one friend who have 
> keys to my house, and have for decades.  I trust them.  If I didn't, 
> then they wouldn't have keys.  It is sad that you don't have anyone you 
> can trust.


Its not a matter of trust. Where did you get that from?

I dont loan my computer, my car or my house to anyone. Thats it simply. 
They are mine.

Why do you assume its because I dont trust people? Nothing of the sort.

0
Moz
9/8/2006 10:12:46 AM
Ron Hunter wrote:
> Canopus wrote:
>> squaredancer on 29/08/2006 wrote:
>>
>>> do what I do...
>>> write your logins (or print them out when a site sends the 
>>> confirmation) and file them next to your desk!  Saves a lot of hassle 
>>> when the CIA comes knocking, as they don't have to break your 
>>> furniture.... and FF doesn't have any "saved" passwords if (and when) 
>>> you are stoopeed enough to lend-out your comp 8-)
>>
>> Ah, the ultimate in security!  Don't use a master password, write them 
>> all down and keep them next to your PC.  Better still, use just one 
>> password write it on a sticky note and stick it to your monitor ;-)
>>
> 
> I use just one password, when possible.  I HATE sites that make up one 
> for me and it is something like 'Pbd18AQ0z'.  Numbers like that WILL 
> have to be written down, which negates the value of the password in the 
> first place.

I hope you have that master password in a very safe and encrypted place 
on your hard disk with at least 128 bit encryption and that it is a very 
complicated password that you change every once in a while for good 
measure.  In addition, I would make sure that you memorize the master 
password and if you need to write it down then you secure the written 
master password in a good safe.

http://www.microsoft.com/athome/security/privacy/password_checker.mspx

<check the strength of your current master password>
0
Dan
9/8/2006 12:24:06 PM
Moz Champion (Dan) wrote:
> Ron Hunter wrote:
>> Moz Champion (Dan) wrote:
>>> gwtc wrote:
>>>> Moz Champion (Dan) wrote:
>>>>
>>>>> Fine and dandy folks but no one has answered my question.
>>>>> Why would I lend my laptop to someone?
>>>> you're in a work environment and you have to load your laptop to 
>>>> your secretary or the boss, or someone else.
>>>>
>>>
>>> If I was in such a work environment, I wouldnt be. Does that answer 
>>> your question?
>>>
>>> My computer is MY computer, its not the boss's, nor the secretary's. 
>>> I am responsible for what goes on on my computer. The only people who 
>>> use it without my oversight are the technicians fixing it.
>>>
>>> Do you hand over your keys to your car, just because someone needs a 
>>> vehicle and they havent got theirs? Would you give your boss your 
>>> house keys for the weekend? I wouldnt.
>>
>> I have had bosses I wouldn't give my house keys to, but mainly I think 
>> I could trust most of them.  I have relatives, and one friend who have 
>> keys to my house, and have for decades.  I trust them.  If I didn't, 
>> then they wouldn't have keys.  It is sad that you don't have anyone 
>> you can trust.
> 
> 
> Its not a matter of trust. Where did you get that from?
> 
> I dont loan my computer, my car or my house to anyone. Thats it simply. 
> They are mine.
> 
> Why do you assume its because I dont trust people? Nothing of the sort.
> 

Err, well, then, pray, why not?

-- 
Ed Mullen
http://edmullen.net
http://mozilla.edmullen.net
http://abington.edmullen.net
The trouble with doing something right the first time is that nobody 
appreciates how difficult it was.
0
Ed
9/8/2006 4:25:37 PM
Moz Champion (Dan) wrote:
> Ron Hunter wrote:
>> Moz Champion (Dan) wrote:
>>> gwtc wrote:
>>>> Moz Champion (Dan) wrote:
>>>>
>>>>> Fine and dandy folks but no one has answered my question.
>>>>> Why would I lend my laptop to someone?
>>>> you're in a work environment and you have to load your laptop to 
>>>> your secretary or the boss, or someone else.
>>>>
>>>
>>> If I was in such a work environment, I wouldnt be. Does that answer 
>>> your question?
>>>
>>> My computer is MY computer, its not the boss's, nor the secretary's. 
>>> I am responsible for what goes on on my computer. The only people who 
>>> use it without my oversight are the technicians fixing it.
>>>
>>> Do you hand over your keys to your car, just because someone needs a 
>>> vehicle and they havent got theirs? Would you give your boss your 
>>> house keys for the weekend? I wouldnt.
>>
>> I have had bosses I wouldn't give my house keys to, but mainly I think 
>> I could trust most of them.  I have relatives, and one friend who have 
>> keys to my house, and have for decades.  I trust them.  If I didn't, 
>> then they wouldn't have keys.  It is sad that you don't have anyone 
>> you can trust.
> 
> 
> Its not a matter of trust. Where did you get that from?
> 
> I dont loan my computer, my car or my house to anyone. Thats it simply. 
> They are mine.
> 
> Why do you assume its because I dont trust people? Nothing of the sort.
> 
I assume it is a trust issue because in order to have such a policy, 
there must be a reason (given that most people DO these things).  It 
seems to lead to a trust or lack of trust situation.
0
Ron
9/9/2006 7:36:59 AM
Dan wrote:
> Ron Hunter wrote:
>> Canopus wrote:
>>> squaredancer on 29/08/2006 wrote:
>>>
>>>> do what I do...
>>>> write your logins (or print them out when a site sends the 
>>>> confirmation) and file them next to your desk!  Saves a lot of 
>>>> hassle when the CIA comes knocking, as they don't have to break your 
>>>> furniture.... and FF doesn't have any "saved" passwords if (and 
>>>> when) you are stoopeed enough to lend-out your comp 8-)
>>>
>>> Ah, the ultimate in security!  Don't use a master password, write 
>>> them all down and keep them next to your PC.  Better still, use just 
>>> one password write it on a sticky note and stick it to your monitor ;-)
>>>
>>
>> I use just one password, when possible.  I HATE sites that make up one 
>> for me and it is something like 'Pbd18AQ0z'.  Numbers like that WILL 
>> have to be written down, which negates the value of the password in 
>> the first place.
> 
> I hope you have that master password in a very safe and encrypted place 
> on your hard disk with at least 128 bit encryption and that it is a very 
> complicated password that you change every once in a while for good 
> measure.  In addition, I would make sure that you memorize the master 
> password and if you need to write it down then you secure the written 
> master password in a good safe.
> 
> http://www.microsoft.com/athome/security/privacy/password_checker.mspx
> 
> <check the strength of your current master password>

Don't use a master password.  My computer is pretty much secure in the 
physical sense, and there aren't any really critical things that I do on 
it that would require that much security.  Some things aren't stored, as 
a matter of course, such as credit card numbers, etc.  Other passwords 
are encrypted by the application.  I have seen password hacking programs 
for just about all the Microsoft applications, but then I don't have 
anything sensitive on MS applications.  Those few things I want secure 
are encrypted by 256 bit encryption, with a passphrase with 
misspellings.  I am sure that the CIA or NSA could decrypt them, in a 
few years if they really wanted to.
0
Ron
9/9/2006 7:42:25 AM
Ron Hunter wrote:
> Dan wrote:
>> Ron Hunter wrote:
>>> Canopus wrote:
>>>> squaredancer on 29/08/2006 wrote:
>>>>
>>>>> do what I do...
>>>>> write your logins (or print them out when a site sends the 
>>>>> confirmation) and file them next to your desk!  Saves a lot of 
>>>>> hassle when the CIA comes knocking, as they don't have to break 
>>>>> your furniture.... and FF doesn't have any "saved" passwords if 
>>>>> (and when) you are stoopeed enough to lend-out your comp 8-)
>>>>
>>>> Ah, the ultimate in security!  Don't use a master password, write 
>>>> them all down and keep them next to your PC.  Better still, use just 
>>>> one password write it on a sticky note and stick it to your monitor ;-)
>>>>
>>>
>>> I use just one password, when possible.  I HATE sites that make up 
>>> one for me and it is something like 'Pbd18AQ0z'.  Numbers like that 
>>> WILL have to be written down, which negates the value of the password 
>>> in the first place.
>>
>> I hope you have that master password in a very safe and encrypted 
>> place on your hard disk with at least 128 bit encryption and that it 
>> is a very complicated password that you change every once in a while 
>> for good measure.  In addition, I would make sure that you memorize 
>> the master password and if you need to write it down then you secure 
>> the written master password in a good safe.
>>
>> http://www.microsoft.com/athome/security/privacy/password_checker.mspx
>>
>> <check the strength of your current master password>
> 
> Don't use a master password.  My computer is pretty much secure in the 
> physical sense, and there aren't any really critical things that I do on 
> it that would require that much security.  Some things aren't stored, as 
> a matter of course, such as credit card numbers, etc.  Other passwords 
> are encrypted by the application.  I have seen password hacking programs 
> for just about all the Microsoft applications, but then I don't have 
> anything sensitive on MS applications.  Those few things I want secure 
> are encrypted by 256 bit encryption, with a passphrase with 
> misspellings.  I am sure that the CIA or NSA could decrypt them, in a 
> few years if they really wanted to.

You would say not to use a master password even if it is greater than 20 
digits and includes numbers, letters and special characters.  Oh yeah, 
and Cryptainer is not a Microsoft program and has 128 bit encryption and 
even greater 256+ bit encryption if you pay money for it.  I certainly 
would not store credit card numbers and am referring to passwords for 
email and more mundane things.
0
Dan
9/10/2006 4:12:50 AM
Dan <Dan@user.nec> wrote in
<news:37SdneQIoZIkDZ7YnZ2dnUVZ_s6dnZ2d@mozilla.org>:

> Oh yeah, and Cryptainer is not a Microsoft program and has 128 bit
> encryption and even greater 256+ bit encryption if you pay money
> for it.

In case anyone's interested, KeePass is FOSS and uses 256-bit keys (and
SHA-256 for the master password).

<http://keepass.sourceforge.net/features.php>

-- 
�Q�
0
ISO
9/10/2006 5:39:25 AM
�Q� wrote:
> Dan <Dan@user.nec> wrote in
> <news:37SdneQIoZIkDZ7YnZ2dnUVZ_s6dnZ2d@mozilla.org>:
> 
>> Oh yeah, and Cryptainer is not a Microsoft program and has 128 bit
>> encryption and even greater 256+ bit encryption if you pay money
>> for it.
> 
> In case anyone's interested, KeePass is FOSS and uses 256-bit keys (and
> SHA-256 for the master password).
> 
> <http://keepass.sourceforge.net/features.php>
> 

That sounds like a good program and thanks for posting about KeePass.  I 
will investigate it more in the future.
0
Dan
9/10/2006 10:02:49 AM
Ed Mullen wrote:
> Moz Champion (Dan) wrote:
>> Ron Hunter wrote:
>>> Moz Champion (Dan) wrote:
>>>> gwtc wrote:
>>>>> Moz Champion (Dan) wrote:
>>>>>
>>>>>> Fine and dandy folks but no one has answered my question.
>>>>>> Why would I lend my laptop to someone?
>>>>> you're in a work environment and you have to load your laptop to 
>>>>> your secretary or the boss, or someone else.
>>>>>
>>>>
>>>> If I was in such a work environment, I wouldnt be. Does that answer 
>>>> your question?
>>>>
>>>> My computer is MY computer, its not the boss's, nor the secretary's. 
>>>> I am responsible for what goes on on my computer. The only people 
>>>> who use it without my oversight are the technicians fixing it.
>>>>
>>>> Do you hand over your keys to your car, just because someone needs a 
>>>> vehicle and they havent got theirs? Would you give your boss your 
>>>> house keys for the weekend? I wouldnt.
>>>
>>> I have had bosses I wouldn't give my house keys to, but mainly I 
>>> think I could trust most of them.  I have relatives, and one friend 
>>> who have keys to my house, and have for decades.  I trust them.  If I 
>>> didn't, then they wouldn't have keys.  It is sad that you don't have 
>>> anyone you can trust.
>>
>>
>> Its not a matter of trust. Where did you get that from?
>>
>> I dont loan my computer, my car or my house to anyone. Thats it 
>> simply. They are mine.
>>
>> Why do you assume its because I dont trust people? Nothing of the sort.
>>
> 
> Err, well, then, pray, why not?
> 


Because they are mine? You can borrow my clothes, my tv, my money, heck 
even my toothbrush (I wouldnt use it on return tho <g>), but not my car, 
my computer (s) or my house.

Do you understand the implications of "one man - one kit" as used in the 
military? My computer/car/house are that 'kit'. I take care of it, no 
one else and I dont expect anyone else to do it for me.

I dont have an 'easy' answer for it. Its tied up in who I am, and what 
those things mean to me.



0
Moz
9/10/2006 10:31:17 AM
Ron Hunter wrote:
> Moz Champion (Dan) wrote:
>> Ron Hunter wrote:
>>> Moz Champion (Dan) wrote:
>>>> gwtc wrote:
>>>>> Moz Champion (Dan) wrote:
>>>>>
>>>>>> Fine and dandy folks but no one has answered my question.
>>>>>> Why would I lend my laptop to someone?
>>>>> you're in a work environment and you have to load your laptop to 
>>>>> your secretary or the boss, or someone else.
>>>>>
>>>>
>>>> If I was in such a work environment, I wouldnt be. Does that answer 
>>>> your question?
>>>>
>>>> My computer is MY computer, its not the boss's, nor the secretary's. 
>>>> I am responsible for what goes on on my computer. The only people 
>>>> who use it without my oversight are the technicians fixing it.
>>>>
>>>> Do you hand over your keys to your car, just because someone needs a 
>>>> vehicle and they havent got theirs? Would you give your boss your 
>>>> house keys for the weekend? I wouldnt.
>>>
>>> I have had bosses I wouldn't give my house keys to, but mainly I 
>>> think I could trust most of them.  I have relatives, and one friend 
>>> who have keys to my house, and have for decades.  I trust them.  If I 
>>> didn't, then they wouldn't have keys.  It is sad that you don't have 
>>> anyone you can trust.
>>
>>
>> Its not a matter of trust. Where did you get that from?
>>
>> I dont loan my computer, my car or my house to anyone. Thats it 
>> simply. They are mine.
>>
>> Why do you assume its because I dont trust people? Nothing of the sort.
>>
> I assume it is a trust issue because in order to have such a policy, 
> there must be a reason (given that most people DO these things).  It 
> seems to lead to a trust or lack of trust situation.

Its not a lack of trust. Its not a matter of trusting someone to 'bring 
it back' or 'to treat it right' or somesuch.
0
Moz
9/10/2006 10:36:25 AM
Dan wrote:
> Moz Champion (Dan) wrote:
>> freerow wrote:
>>> ALERT: Don't save passwords in Firefox or don't lend your laptop
>>>
>>> http://blog.lxxm.com/blogview.asp?logID=904&cateID=10
>>>
>>> There is a critical difference between keeping encoded passwords and 
>>> showing them directly. However, it seems Firefox developers has been 
>>> ignoring it. It is alerted here that if you lend your laptop with 
>>> your account, you are letting the user to view all of your passwords 
>>> kept in your Firefox. To check it, click Tools->Options->Privacy (Big 
>>> Tab)-> Passwords(Small Tab) -> View Saved Passwords(Button) -> 
>>> Passwords Saved(Default Tab) -> Show Passwords -> Yes . Then you will 
>>> hate Firefox to give such a convenience silently!
>>>
>>> At least until the current version 1.5.0.6, Firefox makes users 
>>> expose to the very risk. It 's nothing to do with program techniques. 
>>> Hope Firefox developers could save me the risk in the next update. It 
>>> hurts not only the reputation of itself but also its recommenders 
>>> including google and us, lxxm.com.
>>>
>>
>>
>> Why would I lend my laptop to someone?
> 
> What about a program like Cryptainer to protect your passwords.  It is 
> free for personnel use and has 128 bit encryption and you can pay for it 
> if you want even higher encryption and more space.

What about truecrypt also free open source (sourceforge).
Open source is the future.
0
Mr
9/10/2006 12:28:00 PM
Moz Champion (Dan) wrote:

> Because they are mine? You can borrow my clothes, my tv, my money, heck 
> even my toothbrush (I wouldnt use it on return tho <g>), but not my car, 
> my computer (s) or my house.
> 

you didn't mention your wife.  So, we can borrow her. Send her my way, 
I need some house cleaning done! ;-)

-- 
Pic of the Day -- Yes, eating requires protective gear:
http://img157.imageshack.us/my.php?image=bigburgerle2.jpg
0
gwtc
9/10/2006 1:59:42 PM
gwtc wrote:

> Moz Champion (Dan) wrote:
> 
>> Because they are mine? You can borrow my clothes, my tv, my money, 
>> heck even my toothbrush (I wouldnt use it on return tho <g>), but not 
>> my car, my computer (s) or my house.
>>
> you didn't mention your wife.  So, we can borrow her. Send her my way, I 
> need some house cleaning done! ;-)

You know, gwtc, Anthony Quinn (Inuk) made a good point in The Savage 
Innocents:

   (http://www.imdb.com/title/tt0053244/)

Inuk contended that everytime that he lent his (dog)sled to someone, 
he got it back in some state of disrepair. Whenever someone /used/ his 
wife, on the other hand, there was no such problem.

Ron ;)
0
Ron
9/10/2006 2:15:15 PM
"�Q�" <boxcars@gmx.net> wrote in message
> In case anyone's interested, KeePass is FOSS and uses ...

Free Open-Source Software (FOSS)

Something new to look for because the words
free   and   free download    often turn out to be anything but free.


0
David
9/10/2006 9:57:31 PM
> 
> "Aggro" <spammerdream@yahoo.com> 
> y7GdnTBWWaprcWzZnZ2dnUVZ_s6dnZ2d@mozilla.org...
>> freerow wrote:
>>> Alex are right that I should change the title to "don't let anybody 
>>> untrusted use your laptop for any few seconds, with FF." OK?
>> Not OK.
>>
>>> I tried the master password function. I don't know who could not be bored 
>>> by being required to enter it every session of FF.
>>>
>>> I just want to say, such a default setting is hated by me.  I have to 
>>> alert everybody I'd recommended to use FF that it has a silent and 
>>> default convenience that anyone could view the kept passwords  with just 
>>> a few seconds of occupation of the desk/laptop. Maybe it is because that 
>>> I am a FF user common enough to trust the default setting.
>> This is like blaiming GPS-system for poor security if it can be easily 
>> stolen when you give keys to your car to a stranger.
>>
>> If user gets local access to your computer that user can do anything with. 
>> Install trojans, rootkits, hack your Windows/Linux passwords, look all the 
>> passwords there are saved by any browser, *unless* you have encrypted the 
>> data with a password you need to type to get access to it. This password 
>> can usually be set for example just for Firefox passwords, or a folder or 
>> a harddrive, depending on your OS or third party software if they allow 
>> it.
>>
>> If you still argue with me, I challenge you to write an open source 
>> software than is able to use passwords from a while, without asking master 
>> password from a user when launched and still make it impossible for a user 
>> to read that password by modifying the source code of the program and 
>> compiling custom binary. It doesn't matter whether you can program or not, 
>> because that task is impossible anyway. Same rules apply to closed 
>> software but it takes a little more time since you have to write the 
>> encryption code yourself.
>>
>> Just to prove the case, here is a list of many freeware software that can 
>> be used to retrieve passwords saved by IE:
>> http://www.google.com/search?hl=en&lr=&q=email+password+recover+windows+freeware&btnG=Search
>>
>> Here is how to do it with Opera:
>> http://my.opera.com/Tamil/blog/show.dml/89479
>>
>> Firefox point is not to make it easy for an attacker as it already is easy 
>> for attacker. The point is to make it easy for the user, unless the user 
>> requires heavy protection, when user can choose to use master password. 
> 
> 
On 8/28/2006 1:17 AM Pacific Time, freerow wrote thusly:
> 0. Thanks for css of Chris Ilias. I'll recommend it to my friends if it is 
> applied smoothly.
> 1. I understand what the technical point is. Although almost all talk a lot 
> on it, it is not my point.
> 2. I don't like the button to conveniently view passwords. My friends don't 
> like it too. It may involve some cultural factors. No matter what, I hope 
> firefox developers could know our preference and consider dropping the 
> button, as default. I think nobody of you really need the button to view 
> your own passwords.
> 3. In some society/circumstance, to view passwords in others' FF 
> conveniently and to crack the saved passwords technically are two totally 
> different types of behaviors. The ends are same. But the psychological 
> pressure are significantly different. Developers'd better consider such 
> factors.

Personally, I love the "view passwords" button and vote to leave it in. 
  It was most useful for me when I had to recreate some of my files 
after a hard drive crash.  And, I am the only one who uses my computer.

Barbara
0
Barbara
9/10/2006 11:07:43 PM
Moz Champion (Dan) wrote:
> Ed Mullen wrote:
>> Moz Champion (Dan) wrote:
>>> Ron Hunter wrote:
>>>> Moz Champion (Dan) wrote:
>>>>> gwtc wrote:
>>>>>> Moz Champion (Dan) wrote:
>>>>>>
>>>>>>> Fine and dandy folks but no one has answered my question.
>>>>>>> Why would I lend my laptop to someone?
>>>>>> you're in a work environment and you have to load your laptop to 
>>>>>> your secretary or the boss, or someone else.
>>>>>>
>>>>>
>>>>> If I was in such a work environment, I wouldnt be. Does that answer 
>>>>> your question?
>>>>>
>>>>> My computer is MY computer, its not the boss's, nor the 
>>>>> secretary's. I am responsible for what goes on on my computer. The 
>>>>> only people who use it without my oversight are the technicians 
>>>>> fixing it.
>>>>>
>>>>> Do you hand over your keys to your car, just because someone needs 
>>>>> a vehicle and they havent got theirs? Would you give your boss your 
>>>>> house keys for the weekend? I wouldnt.
>>>>
>>>> I have had bosses I wouldn't give my house keys to, but mainly I 
>>>> think I could trust most of them.  I have relatives, and one friend 
>>>> who have keys to my house, and have for decades.  I trust them.  If 
>>>> I didn't, then they wouldn't have keys.  It is sad that you don't 
>>>> have anyone you can trust.
>>>
>>>
>>> Its not a matter of trust. Where did you get that from?
>>>
>>> I dont loan my computer, my car or my house to anyone. Thats it 
>>> simply. They are mine.
>>>
>>> Why do you assume its because I dont trust people? Nothing of the sort.
>>>
>>
>> Err, well, then, pray, why not?
>>
> 
> 
> Because they are mine? You can borrow my clothes, my tv, my money, heck 
> even my toothbrush (I wouldnt use it on return tho <g>), but not my car, 
> my computer (s) or my house.
> 
> Do you understand the implications of "one man - one kit" as used in the 
> military? My computer/car/house are that 'kit'. I take care of it, no 
> one else and I dont expect anyone else to do it for me.
> 
> I dont have an 'easy' answer for it. Its tied up in who I am, and what 
> those things mean to me.
> 
> 
> 
Ahhh, phallic symbols.  Grin.
Now I understand!
0
Ron
9/11/2006 12:18:31 AM
David McRitchie wrote:
> "�Q�" <boxcars@gmx.net> wrote in message
>> In case anyone's interested, KeePass is FOSS and uses ...
> 
> Free Open-Source Software (FOSS)
> 
> Something new to look for because the words
> free   and   free download    often turn out to be anything but free.
> 
> 
That is definitely something to keep in mind but there are some good 
free programs like Adaware SE and SpywareBlaster.
0
Dan
9/11/2006 1:08:07 AM
Barbara wrote:

> Personally, I love the "view passwords" button and vote to leave it in. 
>  It was most useful for me when I had to recreate some of my files after 
> a hard drive crash.  And, I am the only one who uses my computer.
> 
> Barbara
Oh a big positive yes.  I have over 200 in mine, and I can't remember 
the user names and passwords for them all.  Its a good idea to have a 
view button.

-- 
Pic of the Day -- Yes, eating requires protective gear:
http://img157.imageshack.us/my.php?image=bigburgerle2.jpg
0
gwtc
9/11/2006 4:59:26 AM
Dan wrote:
> David McRitchie wrote:
>> "�Q�" <boxcars@gmx.net> wrote in message
>>> In case anyone's interested, KeePass is FOSS and uses ...
>> Free Open-Source Software (FOSS)
>>
>> Something new to look for because the words
>> free   and   free download    often turn out to be anything but free.
>>
>>
> That is definitely something to keep in mind but there are some good 
> free programs like Adaware SE and SpywareBlaster.

I think the key is to do your research before downloading/installing a
"free" program.

For that matter, I do a lot of research before I *buy* any software,
just to find out if it really works the way they claim it does, the
extent of any bugs, the level of support I can expect, problems with
specific hardware, etc.

Yes, there are some very good, reputable, free, closed source programs
out there, as you referenced above.  There are also many questionable
ones as well.

If I do not know about or have not been referred to a program by a
trusted source, then I would definitely search the web for reference to
the program, to ensure it is not malicious, adware, or otherwise
undesirable.

I have found that, usually, if it is an undesirable program, it will not
be difficult to find references to that fact on the web.  As the old
saying goes: "Bad news travels fast."  I think it travels twice as fast
on the web.  :-)

-- 
Alex
0
Alex
9/11/2006 9:35:27 AM
Alex wrote:
> Dan wrote:
>> David McRitchie wrote:
>>> "�Q�" <boxcars@gmx.net> wrote in message
>>>> In case anyone's interested, KeePass is FOSS and uses ...
>>> Free Open-Source Software (FOSS)
>>>
>>> Something new to look for because the words
>>> free   and   free download    often turn out to be anything but free.
>>>
>>>
>> That is definitely something to keep in mind but there are some good 
>> free programs like Adaware SE and SpywareBlaster.
> 
> I think the key is to do your research before downloading/installing a
> "free" program.
> 
> For that matter, I do a lot of research before I *buy* any software,
> just to find out if it really works the way they claim it does, the
> extent of any bugs, the level of support I can expect, problems with
> specific hardware, etc.
> 
> Yes, there are some very good, reputable, free, closed source programs
> out there, as you referenced above.  There are also many questionable
> ones as well.
> 
> If I do not know about or have not been referred to a program by a
> trusted source, then I would definitely search the web for reference to
> the program, to ensure it is not malicious, adware, or otherwise
> undesirable.
> 
> I have found that, usually, if it is an undesirable program, it will not
> be difficult to find references to that fact on the web.  As the old
> saying goes: "Bad news travels fast."  I think it travels twice as fast
> on the web.  :-)
> 

:-)  I agree that it is always helpful to research the program before 
installing it on your computer.
0
Dan
9/11/2006 10:17:23 AM
gwtc wrote:
> Moz Champion (Dan) wrote:
> 
>> Because they are mine? You can borrow my clothes, my tv, my money, 
>> heck even my toothbrush (I wouldnt use it on return tho <g>), but not 
>> my car, my computer (s) or my house.
>>
> 
> you didn't mention your wife.  So, we can borrow her. Send her my way, I 
> need some house cleaning done! ;-)
> 

1 My wife passed away several years ago
2 You dont 'own' people, slavery is illegal
3 You cant loan what you dont own
4 My wife would have had YOU doing the cleaning anyway
0
Moz
9/11/2006 11:50:22 AM
Moz Champion (Dan) wrote:
> gwtc wrote:
>> Moz Champion (Dan) wrote:
>>
>>> Because they are mine? You can borrow my clothes, my tv, my money, 
>>> heck even my toothbrush (I wouldnt use it on return tho <g>), but not 
>>> my car, my computer (s) or my house.
>>>
>>
>> you didn't mention your wife.  So, we can borrow her. Send her my way, 
>> I need some house cleaning done! ;-)
>>
> 
> 1 My wife passed away several years ago

Sorry to hear that.

> 2 You dont 'own' people, slavery is illegal

Actually, it's not.  Read the amendment again.

> 3 You cant loan what you dont own

People do this often.  Haven't you ever borrowed a tool that was yours 
to begin with?  Grin.

> 4 My wife would have had YOU doing the cleaning anyway

Sounds like MY wife....

0
Ron
9/11/2006 12:31:02 PM
Moz Champion (Dan) wrote:
> gwtc wrote:
>> Moz Champion (Dan) wrote:
>>
>>> Because they are mine? You can borrow my clothes, my tv, my money, 
>>> heck even my toothbrush (I wouldnt use it on return tho <g>), but not 
>>> my car, my computer (s) or my house.
>>>
>>
>> you didn't mention your wife.  So, we can borrow her. Send her my way, 
>> I need some house cleaning done! ;-)
>>
> 
> 1 My wife passed away several years ago
> 2 You dont 'own' people, slavery is illegal
> 3 You cant loan what you dont own
> 4 My wife would have had YOU doing the cleaning anyway

I am sorry for your lose of your wife and Dan is a good name.  <aside: 
Daniel means God is our judge>
0
Dan
9/11/2006 1:20:34 PM
Moz Champion (Dan) wrote:
> gwtc wrote:
>> Moz Champion (Dan) wrote:
>>
>>> Because they are mine? You can borrow my clothes, my tv, my money, 
>>> heck even my toothbrush (I wouldnt use it on return tho <g>), but not 
>>> my car, my computer (s) or my house.
>>>
>>
>> you didn't mention your wife.  So, we can borrow her. Send her my way, 
>> I need some house cleaning done! ;-)
>>
> 
> 1 My wife passed away several years ago

sorry to hear about that.

> 2 You dont 'own' people, slavery is illegal

I'm not talking about slavery

> 3 You cant loan what you dont own

sure you can.  I do it all the time, even in the stock market.

> 4 My wife would have had YOU doing the cleaning anyway
house cleaning in womans work [woops, ducking now] ;-)

-- 
Pic of the Day -- Toothache Problems?
http://img204.imageshack.us/my.php?image=cocainedropshb1.jpg
0
gwtc
9/11/2006 4:21:38 PM
Alex <akfromak@gmail.com> wrote in
<news:iLKdnUngH8R_sJjYnZ2dnUVZ_tGdnZ2d@mozilla.org>:

> Yes, there are some very good, reputable, free, closed source
> programs out there, as you referenced above.  There are also many
> questionable ones as well.
>
> If I do not know about or have not been referred to a program by a
> trusted source, then I would definitely search the web for
> reference to the program, to ensure it is not malicious, adware,
> or otherwise undesirable.
>
> I have found that, usually, if it is an undesirable program, it
> will not be difficult to find references to that fact on the web.
> As the old saying goes: "Bad news travels fast."  I think it
> travels twice as fast on the web.  :-)

This is all very good advice.  If still not sure after searching the
web, alt.comp.freeware is a good place to ask for more info.

-- 
�Q�
0
ISO
9/11/2006 7:15:25 PM
Ron Hunter wrote:
> Moz Champion (Dan) wrote:
>> gwtc wrote:
>>> Moz Champion (Dan) wrote:
>>>
>>>> Because they are mine? You can borrow my clothes, my tv, my money, 
>>>> heck even my toothbrush (I wouldnt use it on return tho <g>), but 
>>>> not my car, my computer (s) or my house.
>>>>
>>>
>>> you didn't mention your wife.  So, we can borrow her. Send her my 
>>> way, I need some house cleaning done! ;-)
>>>
>>
>> 1 My wife passed away several years ago
> 
> Sorry to hear that.
> 
>> 2 You dont 'own' people, slavery is illegal
> 
> Actually, it's not.  Read the amendment again.

Canadian/British law is much clearer on the subject

> 
>> 3 You cant loan what you dont own
> 
> People do this often.  Haven't you ever borrowed a tool that was yours 
> to begin with?  Grin.

I dont

> 
>> 4 My wife would have had YOU doing the cleaning anyway
> 
> Sounds like MY wife....
> 
0
Moz
9/11/2006 10:24:30 PM
Dan wrote:
> Moz Champion (Dan) wrote:
>> gwtc wrote:
>>> Moz Champion (Dan) wrote:
>>>
>>>> Because they are mine? You can borrow my clothes, my tv, my money, 
>>>> heck even my toothbrush (I wouldnt use it on return tho <g>), but 
>>>> not my car, my computer (s) or my house.
>>>>
>>>
>>> you didn't mention your wife.  So, we can borrow her. Send her my 
>>> way, I need some house cleaning done! ;-)
>>>
>>
>> 1 My wife passed away several years ago
>> 2 You dont 'own' people, slavery is illegal
>> 3 You cant loan what you dont own
>> 4 My wife would have had YOU doing the cleaning anyway
> 
> I am sorry for your lose of your wife and Dan is a good name.  <aside: 
> Daniel means God is our judge>


'cept I spell it Danyael <g>
0
Moz
9/11/2006 10:25:15 PM
gwtc wrote:
> Moz Champion (Dan) wrote:
>> gwtc wrote:
>>> Moz Champion (Dan) wrote:
>>>
>>>> Because they are mine? You can borrow my clothes, my tv, my money, 
>>>> heck even my toothbrush (I wouldnt use it on return tho <g>), but 
>>>> not my car, my computer (s) or my house.
>>>>
>>>
>>> you didn't mention your wife.  So, we can borrow her. Send her my 
>>> way, I need some house cleaning done! ;-)
>>>
>>
>> 1 My wife passed away several years ago
> 
> sorry to hear about that.
> 
>> 2 You dont 'own' people, slavery is illegal
> 
> I'm not talking about slavery
> 
>> 3 You cant loan what you dont own
> 
> sure you can.  I do it all the time, even in the stock market.

I dont

> 
>> 4 My wife would have had YOU doing the cleaning anyway
> house cleaning in womans work [woops, ducking now] ;-)
> 

Another who simply wouldnt make it in the military <g>
0
Moz
9/11/2006 10:26:15 PM
Moz Champion (Dan) wrote:
> gwtc wrote:
>> Moz Champion (Dan) wrote:
>>> gwtc wrote:
>>>> Moz Champion (Dan) wrote:
>>>>
>>>>> Because they are mine? You can borrow my clothes, my tv, my money, 
>>>>> heck even my toothbrush (I wouldnt use it on return tho <g>), but 
>>>>> not my car, my computer (s) or my house.
>>>>>
>>>>
>>>> you didn't mention your wife.  So, we can borrow her. Send her my 
>>>> way, I need some house cleaning done! ;-)
>>>>
>>>
>>> 1 My wife passed away several years ago
>>
>> sorry to hear about that.
>>
>>> 2 You dont 'own' people, slavery is illegal
>>
>> I'm not talking about slavery
>>
>>> 3 You cant loan what you dont own
>>
>> sure you can.  I do it all the time, even in the stock market.
> 
> I dont
> 
>>
>>> 4 My wife would have had YOU doing the cleaning anyway
>> house cleaning in womans work [woops, ducking now] ;-)
>>
> 
> Another who simply wouldnt make it in the military <g>
hey, I am currently in the military, and I get my underlings to do the 
grunt work.

-- 
Pic of the Day -- Toothache Problems?
http://img204.imageshack.us/my.php?image=cocainedropshb1.jpg
0
gwtc
9/12/2006 12:35:37 AM
gwtc wrote:
> Moz Champion (Dan) wrote:
>> gwtc wrote:
>>> Moz Champion (Dan) wrote:
>>>> gwtc wrote:
>>>>> Moz Champion (Dan) wrote:
>>>>>
>>>>>> Because they are mine? You can borrow my clothes, my tv, my money, 
>>>>>> heck even my toothbrush (I wouldnt use it on return tho <g>), but 
>>>>>> not my car, my computer (s) or my house.
>>>>>>
>>>>>
>>>>> you didn't mention your wife.  So, we can borrow her. Send her my 
>>>>> way, I need some house cleaning done! ;-)
>>>>>
>>>>
>>>> 1 My wife passed away several years ago
>>>
>>> sorry to hear about that.
>>>
>>>> 2 You dont 'own' people, slavery is illegal
>>>
>>> I'm not talking about slavery
>>>
>>>> 3 You cant loan what you dont own
>>>
>>> sure you can.  I do it all the time, even in the stock market.
>>
>> I dont
>>
>>>
>>>> 4 My wife would have had YOU doing the cleaning anyway
>>> house cleaning in womans work [woops, ducking now] ;-)
>>>
>>
>> Another who simply wouldnt make it in the military <g>
> hey, I am currently in the military, and I get my underlings to do the 
> grunt work.
> 

You dont iron your own shirts? polish your own shoes? do your own laundry?
In basic you didnt do the 'station jobs', the cleaning, the upkeep of 
the barracks? You didnt do KP?

You did the house cleaning then, why not now?
0
Moz
9/12/2006 2:50:16 AM
Moz Champion (Dan) wrote:
> gwtc wrote:
>> Moz Champion (Dan) wrote:
>>> gwtc wrote:
>>>> Moz Champion (Dan) wrote:
>>>>> gwtc wrote:
>>>>>> Moz Champion (Dan) wrote:
>>>>>>
>>>>>>> Because they are mine? You can borrow my clothes, my tv, my 
>>>>>>> money, heck even my toothbrush (I wouldnt use it on return tho 
>>>>>>> <g>), but not my car, my computer (s) or my house.
>>>>>>>
>>>>>>
>>>>>> you didn't mention your wife.  So, we can borrow her. Send her my 
>>>>>> way, I need some house cleaning done! ;-)
>>>>>>
>>>>>
>>>>> 1 My wife passed away several years ago
>>>>
>>>> sorry to hear about that.
>>>>
>>>>> 2 You dont 'own' people, slavery is illegal
>>>>
>>>> I'm not talking about slavery
>>>>
>>>>> 3 You cant loan what you dont own
>>>>
>>>> sure you can.  I do it all the time, even in the stock market.
>>>
>>> I dont
>>>
>>>>
>>>>> 4 My wife would have had YOU doing the cleaning anyway
>>>> house cleaning in womans work [woops, ducking now] ;-)
>>>>
>>>
>>> Another who simply wouldnt make it in the military <g>
>> hey, I am currently in the military, and I get my underlings to do the 
>> grunt work.
>>
> 
> You dont iron your own shirts? polish your own shoes? do your own laundry?
> In basic you didnt do the 'station jobs', the cleaning, the upkeep of 
> the barracks? You didnt do KP?
> 
> You did the house cleaning then, why not now?
No, I went from being a Civilian Instructor right to a Civilian 
Officer.  I don't do any of that stuff, not even in my life.  I always 
get someone else to do it.

-- 
Pic of the Day -- Toothache Problems?
http://img204.imageshack.us/my.php?image=cocainedropshb1.jpg
0
gwtc
9/12/2006 5:15:28 AM
gwtc wrote:

> No, I went from being a Civilian Instructor right to a Civilian 
> Officer.  I don't do any of that stuff, not even in my life.  I always 
> get someone else to do it.
> 

Then you were never truly in the military.
0
Moz
9/12/2006 9:53:27 AM
�Q� wrote:
> Alex <akfromak@gmail.com> wrote in
> <news:iLKdnUngH8R_sJjYnZ2dnUVZ_tGdnZ2d@mozilla.org>:
> 
>> Yes, there are some very good, reputable, free, closed source
>> programs out there, as you referenced above.  There are also many
>> questionable ones as well.
>>
>> If I do not know about or have not been referred to a program by a
>> trusted source, then I would definitely search the web for
>> reference to the program, to ensure it is not malicious, adware,
>> or otherwise undesirable.
>>
>> I have found that, usually, if it is an undesirable program, it
>> will not be difficult to find references to that fact on the web.
>> As the old saying goes: "Bad news travels fast."  I think it
>> travels twice as fast on the web.  :-)
> 
> This is all very good advice.  If still not sure after searching the
> web, alt.comp.freeware is a good place to ask for more info.
> 

Thanks for the suggestion.  I appreciate it.
0
Dan
9/12/2006 10:30:29 AM
Moz Champion (Dan) wrote:
> gwtc wrote:
> 
>> No, I went from being a Civilian Instructor right to a Civilian 
>> Officer.  I don't do any of that stuff, not even in my life.  I always 
>> get someone else to do it.
>>
> 
> Then you were never truly in the military.

Just what IS  a 'Civilian Officer' anyway.  We had civilian instructors 
in the USAF, but none of them were considered 'officers'.
0
Ron
9/12/2006 12:53:42 PM
Ron Hunter wrote:
> Moz Champion (Dan) wrote:
>> gwtc wrote:
>>
>>> No, I went from being a Civilian Instructor right to a Civilian 
>>> Officer.  I don't do any of that stuff, not even in my life.  I 
>>> always get someone else to do it.
>>>
>>
>> Then you were never truly in the military.
> 
> Just what IS  a 'Civilian Officer' anyway.  We had civilian instructors 
> in the USAF, but none of them were considered 'officers'.
Thats what I am.  A Civilian Officer.  I'm not fully in the Military, 
but I'm a civilian and I'm in the Military.

I better change this to OT as someone we all know must be fuming by now.

-- 
Pic of the Day -- What a CyberStud looks like:
http://img89.imageshack.us/my.php?image=cyberstudnc6.jpg
0
gwtc
9/12/2006 2:08:22 PM
gwtc wrote:
> Moz Champion (Dan) wrote:
>> gwtc wrote:
>>
>>> No, I went from being a Civilian Instructor right to a Civilian 
>>> Officer.  I don't do any of that stuff, not even in my life.  I 
>>> always get someone else to do it.
>>>
>>
>> Then you were never truly in the military.
> I am.  I'm a part of the Canadian Military.
> 


You are not. You may be employed by the military but you are NOT in the 
military.
0
Moz
9/12/2006 2:13:12 PM
Moz Champion (Dan) wrote:
> gwtc wrote:
> 
>> No, I went from being a Civilian Instructor right to a Civilian 
>> Officer.  I don't do any of that stuff, not even in my life.  I always 
>> get someone else to do it.
>>
> 
> Then you were never truly in the military.
I am.  I'm a part of the Canadian Military.

-- 
Pic of the Day -- What a CyberStud looks like:
http://img89.imageshack.us/my.php?image=cyberstudnc6.jpg
0
gwtc
9/12/2006 2:14:48 PM
Moz Champion (Dan) wrote:
> gwtc wrote:
>> Moz Champion (Dan) wrote:
>>> gwtc wrote:
>>>
>>>> No, I went from being a Civilian Instructor right to a Civilian 
>>>> Officer.  I don't do any of that stuff, not even in my life.  I 
>>>> always get someone else to do it.
>>>>
>>>
>>> Then you were never truly in the military.
>> I am.  I'm a part of the Canadian Military.
>>
> 
> 
> You are not. You may be employed by the military but you are NOT in the 
> military.
I have a Military number, therefore, I am in the military

-- 
Pic of the Day -- What a CyberStud looks like:
http://img89.imageshack.us/my.php?image=cyberstudnc6.jpg
0
gwtc
9/12/2006 2:22:28 PM
gwtc wrote:
> Moz Champion (Dan) wrote:
>> gwtc wrote:
>>> Moz Champion (Dan) wrote:
>>>> gwtc wrote:
>>>>
>>>>> No, I went from being a Civilian Instructor right to a Civilian 
>>>>> Officer.  I don't do any of that stuff, not even in my life.  I 
>>>>> always get someone else to do it.
>>>>>
>>>>
>>>> Then you were never truly in the military.
>>> I am.  I'm a part of the Canadian Military.
>>>
>>
>>
>> You are not. You may be employed by the military but you are NOT in 
>> the military.
> I have a Military number, therefore, I am in the military
> 
Service Number is what I'm looking for

-- 
Pic of the Day -- What a CyberStud looks like:
http://img89.imageshack.us/my.php?image=cyberstudnc6.jpg
0
gwtc
9/12/2006 2:35:16 PM
gwtc wrote:
> gwtc wrote:
>> Moz Champion (Dan) wrote:
>>> gwtc wrote:
>>>> Moz Champion (Dan) wrote:
>>>>> gwtc wrote:
>>>>>
>>>>>> No, I went from being a Civilian Instructor right to a Civilian 
>>>>>> Officer.  I don't do any of that stuff, not even in my life.  I 
>>>>>> always get someone else to do it.
>>>>>>
>>>>>
>>>>> Then you were never truly in the military.
>>>> I am.  I'm a part of the Canadian Military.
>>>>
>>>
>>>
>>> You are not. You may be employed by the military but you are NOT in 
>>> the military.
>> I have a Military number, therefore, I am in the military
>>
> Service Number is what I'm looking for
> 


Just because you have a military number, that doesnt mean you are IN the 
military.

You are a civilian employee of the military, and thats it. IN the 
military, a man/woman learns how to take care of him/herself, his/her 
quarters and his/her gear, and that means doing what you so callously 
term as 'womans work'.
IN the military you take care of yourself, all your equipment AND your 
work area, as well as your living quarters - and you are expected to do 
it yourself.

IN the military you are expected to be deployed to almost anywhere, on 
very little notice, and to be able to function with a minimum of support 
once there. This means YOU have to be responsible enough to clean and 
maintain your living quarters as well as your work place whereever they 
may be.

For my money, almost any soldier (or airman or seaman) in the military 
is worth much more than you, because they CAN do those things, that you 
get OTHERS to do for you. You would be a discredit to the uniform.

0
Moz
9/12/2006 2:49:38 PM
Moz Champion (Dan) wrote:
> gwtc wrote:
>> gwtc wrote:
>>> Moz Champion (Dan) wrote:
>>>> gwtc wrote:
>>>>> Moz Champion (Dan) wrote:
>>>>>> gwtc wrote:
>>>>>>
>>>>>>> No, I went from being a Civilian Instructor right to a Civilian 
>>>>>>> Officer.  I don't do any of that stuff, not even in my life.  I 
>>>>>>> always get someone else to do it.
>>>>>>>
>>>>>>
>>>>>> Then you were never truly in the military.
>>>>> I am.  I'm a part of the Canadian Military.
>>>>>
>>>>
>>>>
>>>> You are not. You may be employed by the military but you are NOT in 
>>>> the military.
>>> I have a Military number, therefore, I am in the military
>>>
>> Service Number is what I'm looking for
>>
> 
> 
> Just because you have a military number, that doesnt mean you are IN the 
> military.
> 
> You are a civilian employee of the military, and thats it. IN the 
> military, a man/woman learns how to take care of him/herself, his/her 
> quarters and his/her gear, and that means doing what you so callously 
> term as 'womans work'.
> IN the military you take care of yourself, all your equipment AND your 
> work area, as well as your living quarters - and you are expected to do 
> it yourself.
> 
> IN the military you are expected to be deployed to almost anywhere, on 
> very little notice, and to be able to function with a minimum of support 
> once there. This means YOU have to be responsible enough to clean and 
> maintain your living quarters as well as your work place whereever they 
> may be.
> 
> For my money, almost any soldier (or airman or seaman) in the military 
> is worth much more than you, because they CAN do those things, that you 
> get OTHERS to do for you. You would be a discredit to the uniform.
> 
I don't wear a uniform, never have and never will.  I get others to do 
things for me.  And I have a rank of 2nd Lt, yet I'm a civilian 
officer. I don't care what you think I am or are not, you just don't 
know everything.  I am in the Military regardless of what you think.

-- 
Pic of the Day -- What a CyberStud looks like:
http://img89.imageshack.us/my.php?image=cyberstudnc6.jpg
0
gwtc
9/12/2006 4:19:32 PM
gwtc wrote:
> Moz Champion (Dan) wrote:
>> gwtc wrote:
>>> gwtc wrote:
>>>> Moz Champion (Dan) wrote:
>>>>> gwtc wrote:
>>>>>> Moz Champion (Dan) wrote:
>>>>>>> gwtc wrote:
>>>>>>>
>>>>>>>> No, I went from being a Civilian Instructor right to a Civilian 
>>>>>>>> Officer.  I don't do any of that stuff, not even in my life.  I 
>>>>>>>> always get someone else to do it.
>>>>>>>>
>>>>>>>
>>>>>>> Then you were never truly in the military.
>>>>>> I am.  I'm a part of the Canadian Military.
>>>>>>
>>>>>
>>>>>
>>>>> You are not. You may be employed by the military but you are NOT in 
>>>>> the military.
>>>> I have a Military number, therefore, I am in the military
>>>>
>>> Service Number is what I'm looking for
>>>
>>
>>
>> Just because you have a military number, that doesnt mean you are IN 
>> the military.
>>
>> You are a civilian employee of the military, and thats it. IN the 
>> military, a man/woman learns how to take care of him/herself, his/her 
>> quarters and his/her gear, and that means doing what you so callously 
>> term as 'womans work'.
>> IN the military you take care of yourself, all your equipment AND your 
>> work area, as well as your living quarters - and you are expected to 
>> do it yourself.
>>
>> IN the military you are expected to be deployed to almost anywhere, on 
>> very little notice, and to be able to function with a minimum of 
>> support once there. This means YOU have to be responsible enough to 
>> clean and maintain your living quarters as well as your work place 
>> whereever they may be.
>>
>> For my money, almost any soldier (or airman or seaman) in the military 
>> is worth much more than you, because they CAN do those things, that 
>> you get OTHERS to do for you. You would be a discredit to the uniform.
>>
> I don't wear a uniform, never have and never will.  I get others to do 
> things for me.  And I have a rank of 2nd Lt, yet I'm a civilian officer. 
> I don't care what you think I am or are not, you just don't know 
> everything.  I am in the Military regardless of what you think.
> 

You are an insult to the uniform. Getting others to do your personal work.
I will have nothing more to do with you.
0
Moz
9/12/2006 9:32:29 PM
Moz Champion (Dan) wrote:
> gwtc wrote:
>> I don't wear a uniform, never have and never will.  
> You are an insult to the uniform. 
do you not read

-- 
Pic of the Day -- What a CyberStud looks like:
http://img89.imageshack.us/my.php?image=cyberstudnc6.jpg
0
gwtc
9/12/2006 10:24:40 PM
On 10.09.2006 16:15, CET - what odd quirk of fate caused  Ron Lopshire 
to generate the following:? :

> gwtc wrote:
> 
>> Moz Champion (Dan) wrote:
>>
>>> Because they are mine? You can borrow my clothes, my tv, my money, 
>>> heck even my toothbrush (I wouldnt use it on return tho <g>), but not 
>>> my car, my computer (s) or my house.
>>>
>> you didn't mention your wife.  So, we can borrow her. Send her my way, 
>> I need some house cleaning done! ;-)
> 
> 
> You know, gwtc, Anthony Quinn (Inuk) made a good point in The Savage 
> Innocents:
> 
>   (http://www.imdb.com/title/tt0053244/)
> 
> Inuk contended that everytime that he lent his (dog)sled to someone, he 
> got it back in some state of disrepair. Whenever someone /used/ his 
> wife, on the other hand, there was no such problem.
> 
> Ron ;)
...... but if I remember correctly, there was some *serious* damage done 
to that guy who wouldn't "use" his wife....

reg
0
squaredancer
9/12/2006 11:07:43 PM
gwtc wrote:

> Ron Hunter wrote:
>> Moz Champion (Dan) wrote:
>>> gwtc wrote:
>>>
>>>> No, I went from being a Civilian Instructor right to a Civilian 
>>>> Officer.  I don't do any of that stuff, not even in my life.  I 
>>>> always get someone else to do it.
>>>
>>> Then you were never truly in the military.
>> 
>> Just what IS  a 'Civilian Officer' anyway.  We had civilian instructors 
>> in the USAF, but none of them were considered 'officers'.
>> 
> Thats what I am.  A Civilian Officer.  I'm not fully in the Military, 
> but I'm a civilian and I'm in the Military.
> 
> I better change this to OT as someone we all know must be fuming by now.

We have Warrant Officers in the Navy (or maybe it's the Army).  I was 
told by one that NOBODY knows what they do but everybody knows they can 
hurt you real bad if they want to.

-- 
Cheers, Bev (Happy Linux User #85683, Slackware 10.2)
============================================================
If trees could scream, would we be so cavalier about cutting
them down?  We might, if they screamed all the time, for
no good reason.                                 - Jack Handy
0
The
9/13/2006 12:04:44 AM
Moz Champion (Dan) wrote:

> Just because you have a military number, that doesnt mean you are IN
> the military.
> 
> You are a civilian employee of the military, and thats it. IN the 
> military, a man/woman learns how to take care of him/herself, his/her
> quarters and his/her gear, and that means doing what you so
> callously term as 'womans work'. IN the military you take care of
> yourself, all your equipment AND your work area, as well as your
> living quarters - and you are expected to do it yourself.

You're trying to tell me that Ike cleaned his own toilet?  HAH!

-- 
Cheers, Bev (Happy Linux User #85683, Slackware 10.2)
************************************************
          Horn broken.  Watch for finger.
0
The
9/13/2006 12:08:26 AM
The Real Bev wrote:
> Moz Champion (Dan) wrote:
> 
>> Just because you have a military number, that doesnt mean you are IN
>> the military.
>>
>> You are a civilian employee of the military, and thats it. IN the 
>> military, a man/woman learns how to take care of him/herself, his/her
>> quarters and his/her gear, and that means doing what you so
>> callously term as 'womans work'. IN the military you take care of
>> yourself, all your equipment AND your work area, as well as your
>> living quarters - and you are expected to do it yourself.
> 
> You're trying to tell me that Ike cleaned his own toilet?  HAH!
> 

When he went thru West Point he did
0
Moz
9/13/2006 12:29:57 AM
gwtc <TheNewGWTC@4iVWMRLYahp.U7yjsIFfetn> wrote in
news:-LadnSeneJL9I5vYnZ2dnUVZ_sednZ2d@mozilla.org: 

>>>> No, I went from being a Civilian Instructor right to a
>>>> Civilian Officer.  I don't do any of that stuff, not even
>>>> in my life.  I always get someone else to do it.
>>>>
>>>
>>> Then you were never truly in the military.
>> 
>> Just what IS  a 'Civilian Officer' anyway.  We had civilian
>> instructors in the USAF, but none of them were considered
>> 'officers'. 
> Thats what I am.  A Civilian Officer.  I'm not fully in the
> Military, but I'm a civilian and I'm in the Military.

What country?  In the US, you can be one or the other, but not 
both.

-- 
}:-)       Christopher Jahn
{:-(       http://home.comcast.net/~xjahn/Main.html

Never test for an error condition you don't know how to handle. 
0
Christopher
9/13/2006 1:28:37 AM
Christopher Jahn wrote:
> gwtc <TheNewGWTC@4iVWMRLYahp.U7yjsIFfetn> wrote in
> news:-LadnSeneJL9I5vYnZ2dnUVZ_sednZ2d@mozilla.org: 
> 
>>>>> No, I went from being a Civilian Instructor right to a
>>>>> Civilian Officer.  I don't do any of that stuff, not even
>>>>> in my life.  I always get someone else to do it.
>>>>>
>>>> Then you were never truly in the military.
>>> Just what IS  a 'Civilian Officer' anyway.  We had civilian
>>> instructors in the USAF, but none of them were considered
>>> 'officers'. 
>> Thats what I am.  A Civilian Officer.  I'm not fully in the
>> Military, but I'm a civilian and I'm in the Military.
> 
> What country?  In the US, you can be one or the other, but not 
> both.
> 


He claims it in Canada, but he is quite mistaken.

The Department of National Defence, frequently referred to by its 
acronym DND, is the department within the government of Canada with 
responsibility for Canada's military, the Canadian Armed Forces. DND is 
the largest federal department in terms of personnel/employees and 
budget; there are 62,000 members of the Canadian Forces regular force, 
23,000 members of the Canadian Forces primary reserve force, and 
approximately 22,000 civilian DND support employees. Departmental 
spending in 2004 was about C$14 billion.

Even Statistics Canada purposedly EXCLUDES civilians when showing such 
as Military pay rates
http://www40.statcan.ca/l01/cst01/govt16a.htm

The following site ascribes one of the current views of military and 
civilian integration within the DND - while dated, it shows there is a 
clear distinction between the military components and the civilian 
components of DND
http://www.forces.gc.ca/site/minister/eng/pm/mndintegrated.html
0
Moz
9/13/2006 1:47:16 AM
Moz Champion (Dan) wrote:

> The Real Bev wrote:
>> Moz Champion (Dan) wrote:
>> 
>>> Just because you have a military number, that doesnt mean you are IN
>>> the military.
>>>
>>> You are a civilian employee of the military, and thats it. IN the 
>>> military, a man/woman learns how to take care of him/herself, his/her
>>> quarters and his/her gear, and that means doing what you so
>>> callously term as 'womans work'. IN the military you take care of
>>> yourself, all your equipment AND your work area, as well as your
>>> living quarters - and you are expected to do it yourself.
>> 
>> You're trying to tell me that Ike cleaned his own toilet?  HAH!
> 
> When he went thru West Point he did

Ah.  I would assume there was a difference between the duties of a 
student and a general, you just didn't make it clear that that's what we 
were talking about.

Carry on...

-- 
Cheers, Bev (Happy Linux User #85683, Slackware 10.2)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
Why is it so hot and what am I doing in this handbasket?
0
The
9/13/2006 2:37:22 AM
gwtc <TheNewGWTC@4iVWMRLYahp.U7yjsIFfetn> wrote in
news:9cKdnaCHq4mCQJvYnZ2dnUVZ_tGdnZ2d@mozilla.org: 

> I don't wear a uniform, never have and never will.  I get
> others to do things for me.  And I have a rank of 2nd Lt, yet
> I'm a civilian officer. I don't care what you think I am or
> are not, you just don't know everything.  I am in the Military
> regardless of what you think. 

The DoD disagrees with you.  According to them, you are an 
employee of the Military, but you are not part OF the military; 
you are a civilian with certain authorities.  

The President of the United States is a Civilian Officer, as is 
the Secretary of Defense.  Neither are "the military," but both 
hold command positions over it.

The primary difference has to do with how you acquire your job 
and title, and how you are terminated from service.  In the 
military, you could lose your job, but still be in the service: 
as a civilian officer, you can simply be fired.

-- 
}:-)       Christopher Jahn
{:-(       http://home.comcast.net/~xjahn/Main.html

.... bleakness ... desolation ... plastic forks ... 
0
Christopher
9/13/2006 2:45:06 AM
The Real Bev wrote:
> Moz Champion (Dan) wrote:
> 
>> The Real Bev wrote:
>>> Moz Champion (Dan) wrote:
>>> 
>>>> Just because you have a military number, that doesnt mean you are IN
>>>> the military.
>>>>
>>>> You are a civilian employee of the military, and thats it. IN the 
>>>> military, a man/woman learns how to take care of him/herself, his/her
>>>> quarters and his/her gear, and that means doing what you so
>>>> callously term as 'womans work'. IN the military you take care of
>>>> yourself, all your equipment AND your work area, as well as your
>>>> living quarters - and you are expected to do it yourself.
>>> 
>>> You're trying to tell me that Ike cleaned his own toilet?  HAH!
>> 
>> When he went thru West Point he did
> 
> Ah.  I would assume there was a difference between the duties of a 
> student and a general, you just didn't make it clear that that's what we 
> were talking about.
> 
> Carry on...

Actually when Ike went through Hudson High he cleaned *everyone's* 
toilet when his name hit the duty roster :-)

Rinaldi
-- 
Re graphics: A picture is worth 10K words -- but only those to describe
the picture.  Hardly any sets of 10K words can be adequately described
with pictures.
0
Rinaldi
9/13/2006 3:30:24 AM
Moz Champion (Dan) wrote:
> Christopher Jahn wrote:
>> gwtc <TheNewGWTC@4iVWMRLYahp.U7yjsIFfetn> wrote in
>> news:-LadnSeneJL9I5vYnZ2dnUVZ_sednZ2d@mozilla.org:
>>>>>> No, I went from being a Civilian Instructor right to a
>>>>>> Civilian Officer.  I don't do any of that stuff, not even
>>>>>> in my life.  I always get someone else to do it.
>>>>>>
>>>>> Then you were never truly in the military.
>>>> Just what IS  a 'Civilian Officer' anyway.  We had civilian
>>>> instructors in the USAF, but none of them were considered
>>>> 'officers'. 
>>> Thats what I am.  A Civilian Officer.  I'm not fully in the
>>> Military, but I'm a civilian and I'm in the Military.
>>
>> What country?  In the US, you can be one or the other, but not both.
>>
> 
> 
> He claims it in Canada, but he is quite mistaken.

No, I don't claim to be in Canada, I AM Canadian and I AM in Canada. 
And no, I'm not mistaken, I AM in Canada. .

> 
> The Department of National Defence, frequently referred to by its 
> acronym DND, is the department within the government of Canada with 
> responsibility for Canada's military, the Canadian Armed Forces. DND is 
> the largest federal department in terms of personnel/employees and 
> budget; there are 62,000 members of the Canadian Forces regular force, 
> 23,000 members of the Canadian Forces primary reserve force, and 
> approximately 22,000 civilian DND support employees. Departmental 
> spending in 2004 was about C$14 billion.
> 
> Even Statistics Canada purposedly EXCLUDES civilians when showing such 
> as Military pay rates
> http://www40.statcan.ca/l01/cst01/govt16a.htm
> 
> The following site ascribes one of the current views of military and 
> civilian integration within the DND - while dated, it shows there is a 
> clear distinction between the military components and the civilian 
> components of DND
> http://www.forces.gc.ca/site/minister/eng/pm/mndintegrated.html

Well, I don't fall into any of those categories of what they're 
talking about.  I started out as a Civilian Volunteer Instructor, then 
I became a Civilian Instructor Officer, and now I'm getting paid for it.

PS: before the mozilla.org sheriff gets anal because of all this off 
topic discussion, I'm moving this over to the mozilla.general newsgroup.

-- 
A bartender is sitting behind the bar on a typical day, when the door 
bursts open and in come four exuberant blondes. They come up to the 
bar, order five bottles of champagne and ten glasses, take their order 
over and sit down at a large table.  The corks are popped, the glasses 
are filled and they begin toasting and chanting, "51 days, 51 days, 51 
days!" Soon, three more blondes arrive, take up their drinks and the 
chanting grows. "51 days, 51 days, 51 days!"  Two more blondes show up 
and soon their voices are joined in raising the roof. "51 days, 51 
days, 51 days!" Finally, the tenth blonde comes in with a picture 
under her arm.  She walks over to the table, sets the picture in the 
middle and the table erupts.  Up jumps the others, they begin dancing 
around the table, exchanging high-fives, all the while chanting "51 
days, 51 days, 51 days!"  The bartender can't contain his curiosity 
any longer, so he walks over to the table.  There in the center is a 
beautifully framed . . . to be continued!
0
gwtc
9/13/2006 7:44:19 AM
Christopher Jahn wrote:
> gwtc <TheNewGWTC@4iVWMRLYahp.U7yjsIFfetn> wrote in
> news:-LadnSeneJL9I5vYnZ2dnUVZ_sednZ2d@mozilla.org: 
> 
>>>>> No, I went from being a Civilian Instructor right to a
>>>>> Civilian Officer.  I don't do any of that stuff, not even
>>>>> in my life.  I always get someone else to do it.
>>>>>
>>>> Then you were never truly in the military.
>>> Just what IS  a 'Civilian Officer' anyway.  We had civilian
>>> instructors in the USAF, but none of them were considered
>>> 'officers'. 
>> Thats what I am.  A Civilian Officer.  I'm not fully in the
>> Military, but I'm a civilian and I'm in the Military.
> 
> What country?  In the US, you can be one or the other, but not 
> both.
> 
I said I'm in Canada.  What they do in the US is not the same as they 
do in Canada.  As I said, I'm a civilian officer in the military, and 
the U.S. does have many positions just like mine.  As a matter of fact 
so does England, Scotland, Australia, New Zealand, and many, many 
other countries.

PS: I'm moving this over to the general newsgroup.

-- 
A bartender is sitting behind the bar on a typical day, when the door 
bursts open and in come four exuberant blondes. They come up to the 
bar, order five bottles of champagne and ten glasses, take their order 
over and sit down at a large table.  The corks are popped, the glasses 
are filled and they begin toasting and chanting, "51 days, 51 days, 51 
days!" Soon, three more blondes arrive, take up their drinks and the 
chanting grows. "51 days, 51 days, 51 days!"  Two more blondes show up 
and soon their voices are joined in raising the roof. "51 days, 51 
days, 51 days!" Finally, the tenth blonde comes in with a picture 
under her arm.  She walks over to the table, sets the picture in the 
middle and the table erupts.  Up jumps the others, they begin dancing 
around the table, exchanging high-fives, all the while chanting "51 
days, 51 days, 51 days!"  The bartender can't contain his curiosity 
any longer, so he walks over to the table.  There in the center is a 
beautifully framed . . . to be continued!
0
gwtc
9/13/2006 7:44:27 AM
Christopher Jahn wrote:
> gwtc <TheNewGWTC@4iVWMRLYahp.U7yjsIFfetn> wrote in
> news:9cKdnaCHq4mCQJvYnZ2dnUVZ_tGdnZ2d@mozilla.org: 
> 
>> I don't wear a uniform, never have and never will.  I get
>> others to do things for me.  And I have a rank of 2nd Lt, yet
>> I'm a civilian officer. I don't care what you think I am or
>> are not, you just don't know everything.  I am in the Military
>> regardless of what you think. 
> 
> The DoD disagrees with you.  According to them, you are an 
> employee of the Military, but you are not part OF the military; 
> you are a civilian with certain authorities.  
> 

I don't care what the DoD says.  I'm not American.  This is Canada.

If Canada was to go to war tomorrow, I would be put into "active" 
duty.  But, I would only replace someone in an office position in my 
area.  I wouldn't go and fight.


> The President of the United States is a Civilian Officer, as is 
> the Secretary of Defense.  Neither are "the military," but both 
> hold command positions over it.
> 
> The primary difference has to do with how you acquire your job 
> and title, and how you are terminated from service.  In the 
> military, you could lose your job, but still be in the service: 
> as a civilian officer, you can simply be fired.
> 
Yes, I can lose my job tomorrow.  But I can go to another unit and 
start there.  Yes, I can be fired, but I'm still in the military.  Or, 
I can quit tomorrow if I wanted to.

PS: I'm moving this to the general group.

-- 
A bartender is sitting behind the bar on a typical day, when the door 
bursts open and in come four exuberant blondes. They come up to the 
bar, order five bottles of champagne and ten glasses, take their order 
over and sit down at a large table.  The corks are popped, the glasses 
are filled and they begin toasting and chanting, "51 days, 51 days, 51 
days!" Soon, three more blondes arrive, take up their drinks and the 
chanting grows. "51 days, 51 days, 51 days!"  Two more blondes show up 
and soon their voices are joined in raising the roof. "51 days, 51 
days, 51 days!" Finally, the tenth blonde comes in with a picture 
under her arm.  She walks over to the table, sets the picture in the 
middle and the table erupts.  Up jumps the others, they begin dancing 
around the table, exchanging high-fives, all the while chanting "51 
days, 51 days, 51 days!"  The bartender can't contain his curiosity 
any longer, so he walks over to the table.  There in the center is a 
beautifully framed . . . to be continued!
0
gwtc
9/13/2006 7:44:29 AM
The Real Bev wrote:
> Moz Champion (Dan) wrote:
> 
>> Just because you have a military number, that doesnt mean you are IN
>> the military.
>>
>> You are a civilian employee of the military, and thats it. IN the 
>> military, a man/woman learns how to take care of him/herself, his/her
>> quarters and his/her gear, and that means doing what you so
>> callously term as 'womans work'. IN the military you take care of
>> yourself, all your equipment AND your work area, as well as your
>> living quarters - and you are expected to do it yourself.
> 
> You're trying to tell me that Ike cleaned his own toilet?  HAH!
> 
He wasn't always a general, so I suspect that he cleaned a LOT of 
toilets in his day.
0
Ron
9/13/2006 12:54:04 PM
On 13.09.2006 04:37, CET - what odd quirk of fate caused  The Real Bev 
to generate the following:? :

> Moz Champion (Dan) wrote:
> 
>> The Real Bev wrote:
>>
>>> Moz Champion (Dan) wrote:
>>>
>>>> Just because you have a military number, that doesnt mean you are IN
>>>> the military.
>>>>
>>>> You are a civilian employee of the military, and thats it. IN the 
>>>> military, a man/woman learns how to take care of him/herself, his/her
>>>> quarters and his/her gear, and that means doing what you so
>>>> callously term as 'womans work'. IN the military you take care of
>>>> yourself, all your equipment AND your work area, as well as your
>>>> living quarters - and you are expected to do it yourself.
>>>
>>>
>>> You're trying to tell me that Ike cleaned his own toilet?  HAH!
>>
>>
>> When he went thru West Point he did
> 
> 
> Ah.  I would assume there was a difference between the duties of a 
> student and a general, you just didn't make it clear that that's what we 
> were talking about.
> 
> Carry on...
> 
11 years of (british) army *NEVER* showed a *single* officer nor 
sergeant major (WO2) clean *ANYTHING* - not even their teeth, some of 
those stinkers!

reg
0
squaredancer
9/13/2006 3:00:14 PM
squaredancer wrote:
> On 13.09.2006 04:37, CET - what odd quirk of fate caused  The Real Bev 
> to generate the following:? :
> 
>> Moz Champion (Dan) wrote:
>>
>>> The Real Bev wrote:
>>>
>>>> Moz Champion (Dan) wrote:
>>>>
>>>>> Just because you have a military number, that doesnt mean you are IN
>>>>> the military.
>>>>>
>>>>> You are a civilian employee of the military, and thats it. IN the 
>>>>> military, a man/woman learns how to take care of him/herself, his/her
>>>>> quarters and his/her gear, and that means doing what you so
>>>>> callously term as 'womans work'. IN the military you take care of
>>>>> yourself, all your equipment AND your work area, as well as your
>>>>> living quarters - and you are expected to do it yourself.
>>>>
>>>>
>>>> You're trying to tell me that Ike cleaned his own toilet?  HAH!
>>>
>>>
>>> When he went thru West Point he did
>>
>>
>> Ah.  I would assume there was a difference between the duties of a 
>> student and a general, you just didn't make it clear that that's what 
>> we were talking about.
>>
>> Carry on...
>>
> 11 years of (british) army *NEVER* showed a *single* officer nor 
> sergeant major (WO2) clean *ANYTHING* - not even their teeth, some of 
> those stinkers!
> 
> reg

Those single officers who lived by themselves had to clean up and do the 
  housework. As well, in training they did such. Simply because you 
never say them at it doesnt make it an absolute.
0
Moz
9/14/2006 7:44:58 AM
Ron Hunter wrote:
> The Real Bev wrote:
>> Moz Champion (Dan) wrote:
>>
>>> Just because you have a military number, that doesnt mean you are IN
>>> the military.
>>>
>>> You are a civilian employee of the military, and thats it. IN the 
>>> military, a man/woman learns how to take care of him/herself, his/her
>>> quarters and his/her gear, and that means doing what you so
>>> callously term as 'womans work'. IN the military you take care of
>>> yourself, all your equipment AND your work area, as well as your
>>> living quarters - and you are expected to do it yourself.
>>
>> You're trying to tell me that Ike cleaned his own toilet?  HAH!
>>
> He wasn't always a general, so I suspect that he cleaned a LOT of 
> toilets in his day.


And before he was married, he did his own housework as well
0
Moz
9/14/2006 7:45:36 AM
On 14.09.2006 09:44, CET - what odd quirk of fate caused  Moz Champion 
(Dan) to generate the following:? :

> squaredancer wrote:
> 
>> On 13.09.2006 04:37, CET - what odd quirk of fate caused  The Real Bev 
>> to generate the following:? :
>>
>>> Moz Champion (Dan) wrote:
>>>
>>>> The Real Bev wrote:
>>>>
>>>>> Moz Champion (Dan) wrote:
>>>>>
>>>>>> Just because you have a military number, that doesnt mean you are IN
>>>>>> the military.
>>>>>>
>>>>>> You are a civilian employee of the military, and thats it. IN the 
>>>>>> military, a man/woman learns how to take care of him/herself, his/her
>>>>>> quarters and his/her gear, and that means doing what you so
>>>>>> callously term as 'womans work'. IN the military you take care of
>>>>>> yourself, all your equipment AND your work area, as well as your
>>>>>> living quarters - and you are expected to do it yourself.
>>>>>
>>>>>
>>>>>
>>>>> You're trying to tell me that Ike cleaned his own toilet?  HAH!
>>>>
>>>>
>>>>
>>>> When he went thru West Point he did
>>>
>>>
>>>
>>> Ah.  I would assume there was a difference between the duties of a 
>>> student and a general, you just didn't make it clear that that's what 
>>> we were talking about.
>>>
>>> Carry on...
>>>
>> 11 years of (british) army *NEVER* showed a *single* officer nor 
>> sergeant major (WO2) clean *ANYTHING* - not even their teeth, some of 
>> those stinkers!
>>
>> reg
> 
> 
> Those single officers who lived by themselves had to clean up and do the 
>  housework. As well, in training they did such. Simply because you never 
> say them at it doesnt make it an absolute.

oh boy - you ain't just got but *NO* idea of the world!

Single officers "live in" - that is, in the "Officers' Mess", where thay 
have nice innovations called "Batmen" - never heard of them, have you 
(or rather, you choose to ignore them).
In training, they may have had to clean their teeth (didn't we all??)... 
but certainly *NOT* in the unit!
And in the field?  manno, thos twits couldn't even spread out a 
ground-sheet, let alone make a rain-cover from one!
Their "reason" for that??  "So that we have time to do our job of 
commanding"  Hah!

reg
0
squaredancer
9/14/2006 7:17:19 PM
squaredancer wrote:
> On 14.09.2006 09:44, CET - what odd quirk of fate caused  Moz Champion 
> (Dan) to generate the following:? :
> 
>> squaredancer wrote:
>>
>>> On 13.09.2006 04:37, CET - what odd quirk of fate caused  The Real 
>>> Bev to generate the following:? :
>>>
>>>> Moz Champion (Dan) wrote:
>>>>
>>>>> The Real Bev wrote:
>>>>>
>>>>>> Moz Champion (Dan) wrote:
>>>>>>
>>>>>>> Just because you have a military number, that doesnt mean you are IN
>>>>>>> the military.
>>>>>>>
>>>>>>> You are a civilian employee of the military, and thats it. IN the 
>>>>>>> military, a man/woman learns how to take care of him/herself, 
>>>>>>> his/her
>>>>>>> quarters and his/her gear, and that means doing what you so
>>>>>>> callously term as 'womans work'. IN the military you take care of
>>>>>>> yourself, all your equipment AND your work area, as well as your
>>>>>>> living quarters - and you are expected to do it yourself.
>>>>>>
>>>>>>
>>>>>>
>>>>>> You're trying to tell me that Ike cleaned his own toilet?  HAH!
>>>>>
>>>>>
>>>>>
>>>>> When he went thru West Point he did
>>>>
>>>>
>>>>
>>>> Ah.  I would assume there was a difference between the duties of a 
>>>> student and a general, you just didn't make it clear that that's 
>>>> what we were talking about.
>>>>
>>>> Carry on...
>>>>
>>> 11 years of (british) army *NEVER* showed a *single* officer nor 
>>> sergeant major (WO2) clean *ANYTHING* - not even their teeth, some of 
>>> those stinkers!
>>>
>>> reg
>>
>>
>> Those single officers who lived by themselves had to clean up and do 
>> the  housework. As well, in training they did such. Simply because you 
>> never say them at it doesnt make it an absolute.
> 
> oh boy - you ain't just got but *NO* idea of the world!
> 
> Single officers "live in" - that is, in the "Officers' Mess", where thay 
> have nice innovations called "Batmen" - never heard of them, have you 
> (or rather, you choose to ignore them).
> In training, they may have had to clean their teeth (didn't we all??)... 
> but certainly *NOT* in the unit!
> And in the field?  manno, thos twits couldn't even spread out a 
> ground-sheet, let alone make a rain-cover from one!
> Their "reason" for that??  "So that we have time to do our job of 
> commanding"  Hah!
> 
> reg


I've been with many junior officers, in the (British) Army, Royal 
Marines and even the SAS, and not a one of them had a batman.

While they all knew of the '90 day wonders' that some military 
institutions were putting out, none of them were such. Anyone of that 
nature wouldnt even get INTO SAS, let alone graduate.

In the Canadian Military, our officers were REQUIRED to keep their own 
rooms in the mess, both before they 'moved out' and afterwards, the only 
areas cleaned by the civilian staff were the common areas (lounge, mess, 
conferance/ward rooms). Even on our ships, Officers were responsible for 
their own private quarters/bunks and if they didnt share with the crew, 
even the heads.

Most junior Officers arent accorded a Batman until they reach the rank 
of Captain, and that could take six or even 12 years (peacetime 
promotion). There were exceptions.


I've met officers from all over the world, from many varied nations, and 
most of them didnt have Batmen either.

0
Moz
9/15/2006 7:20:48 AM
Reply:

Similar Artilces:

I Don't Like Firefox... Don't Understand It!!!
Name: Barbara Fickes Email: msbarbpa48atyahoodotcom Product: Firefox Summary: I Don't Like Firefox... Don't Understand It!!! Comments: Please delete this off my page and i would like to have my Original Internet back. Sorry for your troubles. Thank you very much. Sincerely, Barbara Fickes Browser Details: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.1) Gecko/2008070208 YFF3 Firefox/3.0.1 From URL: http://hendrix.mozilla.org/ ...

I love Firefox! But I just got a new computer with Windows 7, and half the time Firefox wouldn't work for about 3 weeks. It's working now, but I don't know for how long. Please make sure you are comp
Name: Product: Firefox Summary: I love Firefox! But I just got a new computer with Windows 7, and half the time Firefox wouldn't work for about 3 weeks. It's working now, but I don't know for how long. Please make sure you are compatible with Windows 7. Thank you. Comments: See above. Browser Details: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.9) Gecko/20100824 Firefox/3.6.9 From URL: http://hendrix.mozilla.org/ Note to readers: Hendrix gives no expectation of a response to this feedback but if you wish to provide one you must BCC (not CC) the sen...

i'm not happy that Firefox 2 doesn't work with Flash, and you don't even list it as a known issue
Name: kb Product: Firefox Summary: i'm not happy that Firefox 2 doesn't work with Flash, and you don't even list it as a known issue Comments: doesn't sound loke good DevTest before release if you haven't listed the problems with Flash. I have to close Firefox and resort to IE. So IE, is still widely used on my computer since Firefox continues to not work all the time. Browser Details: Mozilla/5.0 (Windows; U; Win 9x 4.90; en-US; rv:1.8.1.11) Gecko/20071127 Firefox/2.0.0.11 ...

superreview granted: [Bug 340083] Crash [@ nsSVGPathGeometryFrame::GetCanvasTM] with image in title in defs : [Attachment 224205] don't create frames for content we don't handle, don't invalidate nond
Robert O'Callahan (Novell) <roc@ocallahan.org> has granted superreview: Bug 340083: Crash [@ nsSVGPathGeometryFrame::GetCanvasTM] with image in title in defs https://bugzilla.mozilla.org/show_bug.cgi?id=340083 Attachment 224205: don't create frames for content we don't handle, don't invalidate nondisplay content https://bugzilla.mozilla.org/attachment.cgi?id=224205&action=edit ...

superreview granted: [Bug 333579] Firefox crash with Window-Eyes and DHTML/AJAX : [Attachment 228812] Two fixes for image map a11y: 1) Don't walk into maps so that areas don't show twice in a11y tree,
neil@parkwaycc.co.uk <neil@httl.net> has granted Aaron Leventhal <aaronleventhal@moonset.net>'s request for superreview: Bug 333579: Firefox crash with Window-Eyes and DHTML/AJAX https://bugzilla.mozilla.org/show_bug.cgi?id=333579 Attachment 228812: Two fixes for image map a11y: 1) Don't walk into maps so that areas don't show twice in a11y tree, 2) Don't refer to |this| in area constructor, Init() from outside as other accessibles do https://bugzilla.mozilla.org/attachment.cgi?id=228812&action=edit ------- Additional Comments from neil@parkwaycc.co....

superreview requested: [Bug 333579] Firefox crash with Window-Eyes and DHTML/AJAX : [Attachment 228812] Two fixes for image map a11y: 1) Don't walk into maps so that areas don't show twice in a11y tre
Aaron Leventhal <aaronleventhal@moonset.net> has asked neil@parkwaycc.co.uk <neil@httl.net> for superreview: Bug 333579: Firefox crash with Window-Eyes and DHTML/AJAX https://bugzilla.mozilla.org/show_bug.cgi?id=333579 Attachment 228812: Two fixes for image map a11y: 1) Don't walk into maps so that areas don't show twice in a11y tree, 2) Don't refer to |this| in area constructor, Init() from outside as other accessibles do https://bugzilla.mozilla.org/attachment.cgi?id=228812&action=edit ...

I don't know why paging, sorting doesn't work in firefox
Hi. I have a gridview and paging and soring enabled but I tested on IE it works perfectly fine but when I load it on Firefox, the page link and sort link don't work at all. I don't know what the problem is. Anybody knows how to make them work on Firefox?  Hi:   It seems your problem is solved here: http://forums.asp.net/p/1183698/2015763.aspx#2015763   This post will be closed. ThanksSincerely,Allen ChenMicrosoft Online Community SupportPlease remember to mark the replies as answers if they help and unmark them if they provide no help....

My Firefox don't save password and iGoogle
Name: Bogdan Email: bogdans_1989atyahoodotcom Product: Firefox Summary: My Firefox don't save password and iGoogle Comments: When I close the Firefox and reopen it, my auto remember password didn't work...also the iGoogle lose his settings... What can I do? Browser Details: Mozilla/5.0 (Windows; U; Windows NT 5.1; ro; rv:1.9.0.11) Gecko/2009060215 Firefox/3.0.11 From URL: http://hendrix.mozilla.org/ Note to readers: Hendrix gives no expectation of a response to this feedback but if you wish to provide one you must BCC (not CC) the sender for them to see it. ...

superreview granted: [Bug 245619] Don't bother converting result of scripts into a string when the caller doesn't care about the value. : [Attachment 150056] Don't convert the result to a string if t
Brendan Eich <brendan@mozilla.org> has granted Johnny Stenback <jst@mozilla.jstenback.com>'s request for superreview: Bug 245619: Don't bother converting result of scripts into a string when the caller doesn't care about the value. http://bugzilla.mozilla.org/show_bug.cgi?id=245619 Attachment 150056: Don't convert the result to a string if the caller doesn't care about the return value. http://bugzilla.mozilla.org/attachment.cgi?id=150056&action=edit ------- Additional Comments from Brendan Eich <brendan@mozilla.org> Duh, thanks. r+sr=me....

Make Thunderbird prompt to save changes to attachment files, so people don't loose the hours spent editing them (most don't know abt saving to disk first)
Name: Gordon Yeow Email: gordonyeowatgmaildotcom Product: Thunderbird Summary: Make Thunderbird prompt to save changes to attachment files, so people don't loose the hours spent editing them (most don't know abt saving to disk first) Comments: Less IT-savvy people may simply open an attachment file to edit, and expect the changes to stick when they saved. So potentially many hours are being lost since Thunderbird doesn't prompt to save changes to the email when the "saved" attachment is closed. I noticed that Outlook Express similarly doesn't prompt...

if i don't want you, i don't want you!
Name: patrick lamb Email: mixtecalatmsndotcom Product: Firefox Summary: if i don't want you, i don't want you! Comments: I am tired of removing your hidden files from my system. I have tried your browser several times thinking maybe I have misjudge you. But,have found you are nothing but garbage and spyware. I am one of the orignators of $STRING! and am pissed off. Browser Details: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1) ; MS Internet Explorer) From URL: http://hendrix.mozilla.org/ Note to...

I don't know why my code don't work(it's for shopping cart)
I wrote this code for shopping cart.I used c lass for it and i want to store orders in cache.the customer username is in a session.customer select the product from a datalist.but and I want to show the orders in gridview .but when I select some product and go to the page that gridview is in it (shopping cart page)I could,t see any thing.please look at my code and see if I wrote my code incorrect.thanks for your helping me.-------------------------------------------------------------------------  //the code for add product to shopping cart(products are in data list)protected void order(o...

'yahoo mail beta' and 'Wordpress' login don't work anymore after update to firefox 2.0.0.5
Hi, I'm running Windows vista home premium and after the update to 2.0.0.5 i cannot login anymore to the Yahoo mail beta, that meas that the login page keeps reloading every second so i don't have the change to type in my loginname and password. I'm also running two sites on wordpress but i cannot login to both of them eighter. here is the problem that i can login but the screen keeps retrning to the login screen. This is also since the update. I also updated my java to 6V2 so that should not be the problem i guess.... If someone can help me, that would be great!...

I don't like the new firefox. it won't let me copy and paste words and it crashed.
Name: Angel Chan Email: angelc5959atyahoodotcom Product: Firefox Summary: I don't like the new firefox. it won't let me copy and paste words and it crashed. Comments: Disappointed..... Browser Details: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.13) Gecko/2009073022 Firefox/3.0.13 From URL: http://hendrix.mozilla.org/ Note to readers: Hendrix gives no expectation of a response to this feedback but if you wish to provide one you must BCC (not CC) the sender for them to see it. ...

Web resources about - ALERT: Don't save passwords in Firefox or don't lend your laptop - mozilla.support.firefox

Resources last updated: 1/17/2016 4:55:39 PM