From owner-freebsd-questions@freebsd.org Thu Jul 15 21:54:46 2021 Return-Path: Delivered-To: freebsd-questions@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id B4C42651BEC for ; Thu, 15 Jul 2021 21:54:46 +0000 (UTC) (envelope-from rwmaillists@googlemail.com) Received: from mail-wm1-x334.google.com (mail-wm1-x334.google.com [IPv6:2a00:1450:4864:20::334]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "smtp.gmail.com", Issuer "GTS CA 1O1" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4GQp7T53pgz4cfB for ; Thu, 15 Jul 2021 21:54:45 +0000 (UTC) (envelope-from rwmaillists@googlemail.com) Received: by mail-wm1-x334.google.com with SMTP id f190so3015869wmf.4 for ; Thu, 15 Jul 2021 14:54:45 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:from:to:subject:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=rZwRVNzqMoj1bSU/1O3tN88X2PCZMKq/WdxZMcDWVcI=; b=CNuudN/wKZGIkXRok+9qvExRYXnJ7m52wm9U81N7mnqHwDMGru75V/Sr5WpUXAzY4v CdpoeTwYWwX4gAnjTm6VEm4tHzsaP5iYjBrqtcX7iVvdO4a6X6vD3B+WzCZHmQpct4K0 YPT90RSlVNOVLSzS/EjPYMQY3Ux/vd4HInQXOxTfDpvhJUO1v14SKSqDbMdP89g2On/u /kDvGvYGIP0Zp3g2yxO2XeUQTq/e6Wbyyxknydp1qOdRFAUEHwiRkt53wO7ZnPkZgi8A zeZU45BWBg1E7lMaauoorJMa/ZtbVvVwgHpugt8IXIOEh0U9Y7pATeDHSIP3jpyoYf7a GUlQ== X-Gm-Message-State: AOAM532ZA25oC2hzsP9z/wugLmm64exnzi9Mnk1Ogp9mQnLBqnrSe1x9 e0MkK0OVuDcyPlBMW5hrWLPQV6wlohggqQ== X-Google-Smtp-Source: ABdhPJzp1wFvjEv5glRZPBC6Aj0be+mB5M9WTNZIDSHZHCjI/5Lb5MUNR55nOaPEBDvEs6NN21u7RA== X-Received: by 2002:a05:600c:22d2:: with SMTP id 18mr6788080wmg.63.1626386083631; Thu, 15 Jul 2021 14:54:43 -0700 (PDT) Received: from gumby.homeunix.com (host-92-1-116-226.as13285.net. [92.1.116.226]) by smtp.gmail.com with ESMTPSA id p2sm5974631wmg.6.2021.07.15.14.54.43 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 15 Jul 2021 14:54:43 -0700 (PDT) Date: Thu, 15 Jul 2021 22:54:42 +0100 From: RW To: freebsd-questions@freebsd.org Subject: Re: What the hell starts pulseaudio?! Message-ID: <20210715225442.3ccef0ae@gumby.homeunix.com> In-Reply-To: References: <5b18f5de-7aae-a226-88cd-a210507d5c5@gmail.com> <72194e9f-261c-c3da-996-f8e1bcad2164@gmail.com> <20210715063116.85e42de5c276f40c8920ee2c@sohara.org> <20210715105229.50fee7b3@archlinux> <23e852c3-b9f4-3e7a-777c-50ff3c222f16@gmail.com> <20210715112546.61525c25b44bb93c10b87f21@sohara.org> <5d8e1ddf-92d1-48a6-0b76-04e2a81077f7@kicp.uchicago.edu> <20210715163245.658c4b29@gumby.homeunix.com> <65457cf2-37d2-5050-fa59-8926ea240baa@kicp.uchicago.edu> <20210715182442.722507f6@archlinux> <20210715211628.13cf80fb@gumby.homeunix.com> <20210715223007.3f8ed5db@archlinux> X-Mailer: Claws Mail 3.17.8 (GTK+ 2.24.33; amd64-portbld-freebsd12.2) MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit X-Rspamd-Queue-Id: 4GQp7T53pgz4cfB X-Spamd-Bar: --- X-Spamd-Result: default: False [-4.00 / 15.00]; RCVD_VIA_SMTP_AUTH(0.00)[]; FREEMAIL_FROM(0.00)[googlemail.com]; R_SPF_ALLOW(-0.20)[+ip6:2a00:1450:4000::/36]; TO_DN_NONE(0.00)[]; RCVD_COUNT_THREE(0.00)[3]; DKIM_TRACE(0.00)[googlemail.com:+]; DMARC_POLICY_ALLOW(-0.50)[googlemail.com,quarantine]; NEURAL_HAM_SHORT(-1.00)[-1.000]; SUBJECT_ENDS_EXCLAIM(0.00)[]; RECEIVED_SPAMHAUS_PBL(0.00)[92.1.116.226:received]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+]; FREEMAIL_ENVFROM(0.00)[googlemail.com]; ASN(0.00)[asn:15169, ipnet:2a00:1450::/32, country:US]; SUBJECT_HAS_QUESTION(0.00)[]; DWL_DNSWL_NONE(0.00)[googlemail.com:dkim]; ARC_NA(0.00)[]; RBL_DBL_DONT_QUERY_IPS(0.00)[2a00:1450:4864:20::334:from]; R_DKIM_ALLOW(-0.20)[googlemail.com:s=20161025]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; FROM_HAS_DN(0.00)[]; TO_MATCH_ENVRCPT_ALL(0.00)[]; NEURAL_HAM_LONG(-1.00)[-1.000]; MIME_GOOD(-0.10)[text/plain]; PREVIOUSLY_DELIVERED(0.00)[freebsd-questions@freebsd.org]; RCPT_COUNT_ONE(0.00)[1]; SPAMHAUS_ZRD(0.00)[2a00:1450:4864:20::334:from:127.0.2.255]; RCVD_IN_DNSWL_NONE(0.00)[2a00:1450:4864:20::334:from]; RCVD_TLS_ALL(0.00)[]; MAILMAN_DEST(0.00)[freebsd-questions] X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 15 Jul 2021 21:54:46 -0000 On Thu, 15 Jul 2021 22:45:47 +0200 Ralf Mardorf wrote: > On Thu, 2021-07-15 at 22:30 +0200, Ralf Mardorf wrote: > > On Thu, 15 Jul 2021 21:16:28 +0100, RW via freebsd-questions wrote: > > > On Thu, 12 Mar 2020 22:13:47 -0400, edwardp@gmx.com stated: > > > https://www.bleepingcomputer.com/news/security/google-to-force-oauth-in-g-suite-to-increase-security/ > > > > If this information is correct, it applies to G Suite accounts. > > > > It doesn't specifically mention individual Gmail accounts. > > Lets be honest here. It is no longer a question of "if" but rather > "when" will Google & Microsoft and then all of the other carriers > follow suit and limit access to their products only by apps employing > OAuth2 access. I'm not sure about gmail. When you enable 2FA it disables the use of the main password from mail clients, but you can still get an autogenerated random "app password" to use instead. App passwords can't be used for anything else but accessing mail servers and they can be made arbitrarily long. oauth2 looks to be only marginally more secure since its secret can be read by a cracker or malware just as easily as an app password can. Oauth2 protects against the case where an attacker has intercepted the connection and got around TLS, which seems the lesser case to me. I don't see any good reason for gmail to ban app passwords.