|
FatCow posted:It's only going to get worse. The FCC wants you to be able to eventually reach 911 from basically any Internet connected device. The first testbed for non-voice based 911 is the text to 911 stuff that's rolling out now. there are police forces that already have sms shortcodes for contacting the police which sometimes leads to funny stories: http://vancouver.24hrs.ca/2014/04/21/skytrain-commuter-upset-by-text-a-cop-charges quote:A daily transit commuter with an unlimited messaging plan was still charged 10 cents each time he used Transit Police’s new text-a-cop number — so he will no longer be reporting crimes via SMS. they advertise it as a non-emergency number but suggest you use it if the train is too crowded and you cannot hit the panic button--all trains here are automated (100%) and regularly are unsupervised (and stupidly the system is likely internet-accessible, but that is a different post all together)
|
#
?
Dec 16, 2014 05:09
|
|
|
|
| # ? Jun 7, 2024 11:32 |
|
|
Powercrazy posted:It's ridiculous and dangerous for the public safety to treat literally everything as the worst case scenario. It's irresponsible and if judges/police/etc were actually culpable for their actions we would have a system in place that would solve the problem with a quickness. But WELP! yeah it's ahocking that the public doesn't know what's good for them
|
|
#
?
Dec 16, 2014 05:09
|
|
|
OSI bean dip posted:there are police forces that already have sms shortcodes for contacting the police I really really really wish that people would realize "internet-connected" is often going to end horribly
|
|
#
?
Dec 16, 2014 05:12
|
|
|
Captain Foo posted:I really really really wish that people would realize "internet-connected" is
|
|
#
?
Dec 16, 2014 05:13
|
|
|
Captain Foo posted:I really really really wish that people would realize "internet-connected" is often going to end horribly tell that to sony 
|
|
#
?
Dec 16, 2014 05:13
|
|
|
i should clarify that "internet-connected" or "internet-accessible" to means to me that with or without vpn access one probably could access to the scada controls. i only say this due to cursory searches on shodan for the transit agency in question revealed a telnet and ftp server that didn't make sense for their operations. i haven't and will not dare to find out if i am right  if you are aware of where i live please don't quote me on this and don't dare try and be a hero Lain Iwakura fucked around with this message at 05:21 on Dec 16, 2014 |
|
#
?
Dec 16, 2014 05:16
|
|
|
Captain Foo posted:I really really really wish that people would realize "internet-connected" is often going to end horribly i want to connect my fridge to tor, bithc
|
|
#
?
Dec 16, 2014 05:20
|
|
|
oh shi..
|
|
#
?
Dec 16, 2014 05:26
|
|
|
OSI bean dip posted:there are police forces that already have sms shortcodes for contacting the police quote:None of his other text messages had charges on them — Bawa has an unlimited province-wide texting plan — and he provided a copy of his bill to 24 hours as proof. do you have to pay extra to text people the next province over????
|
|
#
?
Dec 16, 2014 05:46
|
|
|
Remicks posted:do you have to pay extra to text people the next province over???? i think it depends on the carrier i have a plan that lets me text north america-wide without issues
|
|
#
?
Dec 16, 2014 05:47
|
|
|
Remicks posted:do you have to pay extra to text people the next province over???? yes canada still has cell providers in 2014 that charge extra for calling or texting outside a province. even though every major and nearly all minor us cell carriers ended "long distance" extra charges back around 1999.
|
|
#
?
Dec 16, 2014 06:03
|
|
|
OSI bean dip posted:i think it depends on the carrier text me
|
|
#
?
Dec 16, 2014 06:32
|
|
|
a cool thing about comcast voice service is that calling canada is included in standard unlimited long distance
|
|
#
?
Dec 16, 2014 06:36
|
|
|
ChickenOfTomorrow posted:text me i don't have your number i also have unlimited north america calling on the plan too. i managed to get 9 people to conference in on it before too. didn't try to go beyond that
|
|
#
?
Dec 16, 2014 06:47
|
|
|
Nintendo Kid posted:a cool thing about comcast voice service is that calling canada is included in standard unlimited long distance who do you call in Canada? are they nice?
|
|
#
?
Dec 16, 2014 06:48
|
|
|
OSI bean dip posted:i don't have your number lies, it's probably in canary.
|
|
#
?
Dec 16, 2014 07:00
|
|
|
jetz0r posted:lies, it's probably in canary. funny enough i originally planned to have phone number scraping within canary but it's too easy to have false positives
|
|
#
?
Dec 16, 2014 07:06
|
|
|
heh http://www.businessweek.com/articles/2014-12-15/verizons-new-encrypted-calling-app-plays-nice-with-the-nsa 
|
|
#
?
Dec 16, 2014 07:09
|
|
|
Remicks posted:heh quote:Seth Polansky, Cellcrypt's vice president for North America, disputes the idea that building technology to allow wiretapping is a security risk. "It's only creating a weakness for government agencies," he says. "Just because a government access option exists, it doesn't mean other companies can access it." I too want to be a Vice President for Verizon and not understand the concept of secure two-way communication. ate shit on live tv fucked around with this message at 07:23 on Dec 16, 2014 |
|
#
?
Dec 16, 2014 07:17
|
|
|
cypher, clipper, same difference really
|
|
#
?
Dec 16, 2014 07:32
|
|
|
OSI bean dip posted:i should clarify that "internet-connected" or "internet-accessible" to means to me that with or without vpn access one probably could access to the scada controls. i only say this due to cursory searches on shodan for the transit agency in question revealed a telnet and ftp server that didn't make sense for their operations. i haven't and will not dare to find out if i am right LOADING HACKING TOOLS...
|
|
#
?
Dec 16, 2014 07:41
|
|
|
So I decided to upgrade my site's certificate, when suddenly... Jesus christ, I'm such an idiot... I didn't have their cert installed in my browser so that's why that shows up. Welp, I'll leave this here as a testament to the stupidity of forums poster Computer Toucher. edit: Also I apparently can't remove attached images from posts lol. computer toucher fucked around with this message at 09:17 on Dec 16, 2014 |
|
#
?
Dec 16, 2014 09:04
|
|
|
computer toucher posted:Also I apparently can't remove attached images from posts lol. 
|
|
#
?
Dec 16, 2014 09:34
|
|
|
at least you didn't post a domain or username or something so there's that
|
|
#
?
Dec 16, 2014 09:35
|
|
|
computer toucher posted:So I decided to upgrade my site's certificate, when suddenly... the only way to get rid of it is to be banned
|
|
#
?
Dec 16, 2014 10:22
|
|
|
Need a last minute flight?  You can check in as them and change their seat.
|
|
#
?
Dec 16, 2014 10:46
|
|
|
"We appreciate your loyalty, and now look forward to your next flight with us - regardless if it was actually yours or not"
|
|
#
?
Dec 16, 2014 10:58
|
|
|
The email reply is worded as if they're talking to an old person who's never used a computer and had trouble working out what a new tab was; not someone who found a flaw that could destroy their entire business, nice.
|
|
#
?
Dec 16, 2014 11:12
|
|
|
The email reply is written like an automatic response because it probably is. They'd probably never have known about this if that person didn't go full disclosure. having this be lost forever in customer support robot's inbox would've been a just end
|
|
#
?
Dec 16, 2014 12:10
|
|
|
EMILY BLUNTS posted:at least you didn't post a domain or username or something so there's that Would you be interested in these php files that belong to a client? They're worth a few yuks, right?
|
|
#
?
Dec 16, 2014 12:22
|
|
|
I LIKE TO SMOKE WEE posted:Need a last minute flight? You Share, We Care
|
|
#
?
Dec 16, 2014 13:19
|
|
|
speaking of PBX misconfigurations, place I worked at once had something break on a patch and suddenly people could call our IVR, hit pound 9, and make outbound calls thanks avaya
|
|
#
?
Dec 16, 2014 14:15
|
|
|
uncurable mlady posted:speaking of PBX misconfigurations, place I worked at once had something break on a patch and suddenly people could call our IVR, hit pound 9, and make outbound calls hahahahahaha wow iirc you have to try fairly hard to enable that sort of behavior on an avaya system
|
|
#
?
Dec 16, 2014 15:00
|
|
|
OSI bean dip posted:i should clarify that "internet-connected" or "internet-accessible" to means to me that with or without vpn access one probably could access to the scada controls. i only say this due to cursory searches on shodan for the transit agency in question revealed a telnet and ftp server that didn't make sense for their operations. i haven't and will not dare to find out if i am right internet-accessible == w/o VPN from my point of view, the whole entire point of a VPN is that it provides you a secure tunnel to inside the corp network, and if it can't do that, 
|
|
#
?
Dec 16, 2014 15:01
|
|
|
I LIKE TO SMOKE WEE posted:Need a last minute flight? Say a local guy give a talk about this and other airlines that had terrible ticket security. South West's ticket bar codes\Qr codes are unencrypted and allow all sorts of fun times.
|
|
#
?
Dec 16, 2014 15:26
|
|
|
Captain Foo posted:internet-accessible == w/o VPN from my point of view, the whole entire point of a VPN is that it provides you a secure tunnel to inside the corp network, and if it can't do that, your network should be segmented enough that it would be impossible to get access to anything scada-related via vpn without the use of an intermediary host otherwise you'll end up like target where systems like point-of-sale machines are easily reachable to contractors who vpn in to make changes to hvac systems
|
|
#
?
Dec 16, 2014 16:07
|
|
|
OSI bean dip posted:your network should be segmented enough that it would be impossible to get access to anything scada-related via vpn without the use of an intermediary host 
|
|
#
?
Dec 16, 2014 16:12
|
|
|
Active666 posted:Say a local guy give a talk about this and other airlines that had terrible ticket security. South West's ticket bar codes\Qr codes are unencrypted and allow all sorts of fun times. aztec codes, and "neoreader" for ios and android can decode them they're plaintext with a signature
|
|
#
?
Dec 16, 2014 16:13
|
|
|
Cocoa Crispies posted:aztec codes, and "neoreader" for ios and android can decode them wouldnt the signature at least avoid tampering? or do they just ignore it
|
|
#
?
Dec 16, 2014 18:14
|
|
|
|
| # ? Jun 7, 2024 11:32 |
|
|
uncurable mlady posted:speaking of PBX misconfigurations, place I worked at once had something break on a patch and suddenly people could call our IVR, hit pound 9, and make outbound calls lmbo thank you for giving me yet another reason to be thankful for being rid of our avaya system
|
|
#
?
Dec 16, 2014 20:08
|
|
