|
triple sulk posted:https://www.humankode.com/security/how-a-bug-in-visual-studio-2015-exposed-my-source-code-on-github-and-cost-me-6500-in-a-few-hours surely there's no actual reason to be uploading your aws keys even to a private repository other than laziness/stupidity, right
|
# ? Sep 1, 2015 02:06 |
|
|
# ? Jun 10, 2024 03:45 |
|
triple sulk posted:https://www.humankode.com/security/how-a-bug-in-visual-studio-2015-exposed-my-source-code-on-github-and-cost-me-6500-in-a-few-hours quote:The breach started with the Visual studio bug that published a repository as a public repository instead of a private repository. LMFAO
|
# ? Sep 1, 2015 02:08 |
|
triple sulk posted:https://www.humankode.com/security/how-a-bug-in-visual-studio-2015-exposed-my-source-code-on-github-and-cost-me-6500-in-a-few-hours they're doing a form of CPU mining, correct? so they have to be spending thousands to make like a few dollars
|
# ? Sep 1, 2015 02:11 |
|
theflyingorc posted:they're doing a form of CPU mining, correct? so they have to be spending thousands to make like a few dollars that's my assumption, can someone who knows about cpu mining and ec2 do an estimate based on the 6500 bill?
|
# ? Sep 1, 2015 02:16 |
|
amazon offers gpu-enabled ec2 instances as well, the g2 type, which are significantly more expensive but would still have a better rate of return (although still garbage against asic equipment) doesn't matter to these guys because they're not the ones getting billed by amazon
|
# ? Sep 1, 2015 02:27 |
|
Just-In-Timeberlake posted:Apparently you haven't been to the shithole known as LaGuardia Airport. Or San Francisco. Or Hong Kong. Or Tokyo. For major coastal cities, piling rock into the ocean is the only economical way to build an airport.
|
# ? Sep 1, 2015 02:27 |
|
yeah you should never ever publish your AWS key even to private repo. also lol at the claim it was a visual studio bug. definitely was programmers ducking up.
|
# ? Sep 1, 2015 02:33 |
|
Heresiarch posted:amazon offers gpu-enabled ec2 instances as well, the g2 type, which are significantly more expensive but would still have a better rate of return (although still garbage against asic equipment) sure, but it still seems like they're not going to be making that much unless they get people constantly, and even if i was a scammer i'd feel worse for costing a guy $1000 for every dollar I earn
|
# ? Sep 1, 2015 02:44 |
|
the secret is that theflyingorc posted:they get people constantly
|
# ? Sep 1, 2015 02:45 |
|
the aws key thing is so commonplace that amazon scrapes public repos looking for aws keys to auto-revoke. that is how stupid your average developer is
|
# ? Sep 1, 2015 02:51 |
|
I Greyhound posted:Or San Francisco. Or Hong Kong. Or Tokyo. well, that and the fact that it guarantees one or more flight paths that have much less worry about crashing into buildings when landing/taking off and something fucks up
|
# ? Sep 1, 2015 02:51 |
|
Dixie Cretin Seaman posted:how do you "attach" a colored coin to a commodity w/o some regulatory enforcement? what stops someone from coloring a coin with a commodity they don't own? i feel like these ideas are prevalent enough among bitcoiners that someone somewhere must have addressed this question, even in a half-assed way?
|
# ? Sep 1, 2015 02:53 |
Condiv posted:https://www.youtube.com/watch?v=fmFjmvwPGKU the proper term is Numismatic American
|
|
# ? Sep 1, 2015 03:01 |
|
ryde posted:the aws key thing is so commonplace that amazon scrapes public repos looking for aws keys to auto-revoke. that is how stupid your average developer is didn't an exchange put their 1password password in a github repo and have all their wallets robbed and they were forced to shut down?
|
# ? Sep 1, 2015 03:02 |
|
PleasureKevin posted:didn't an exchange put their 1password password in a github repo and have all their wallets robbed and they were forced to shut down? lol
|
# ? Sep 1, 2015 03:04 |
|
PleasureKevin posted:didn't an exchange put their 1password password in a github repo and have all their wallets robbed and they were forced to shut down?
|
# ? Sep 1, 2015 03:06 |
|
just took on a client who pushed loving everything to their private bitbucket, like internal documents regarding trade secrets and poo poo i should mention that i'm supposed to deal with the money, not the devops, but yeah it's common to a point where on my day 1 onboarding assay source control fuckups are like on page 2 of the stuff i check page 1 starts with "do you have money on site?", "is it locked? like, at all?" and "would it take me more than a minute to get to the money, even if it's locked" a non trivial number of clients can't even pass that, never mind fancy poo poo like coso, cobit and whatever else framework is relevant to their industry i've seen credit card number lists, entire employee information dbs and anything else you can think of get stuck on forward facing services it's that bad, and it's the same everywhere hail satan
|
# ? Sep 1, 2015 03:07 |
|
ryde posted:the aws key thing is so commonplace that amazon scrapes public repos looking for aws keys to auto-revoke. that is how stupid your average developer is ever-increasing-stare.gif
|
# ? Sep 1, 2015 03:08 |
|
surebet posted:just took on a client who pushed loving everything to their private bitbucket, like internal documents regarding trade secrets and poo poo How are we the dominant life form
|
# ? Sep 1, 2015 03:09 |
|
Ron Paul Atreides posted:How are we the dominant life form because our next closest rivals try to code all their financial software in javascript
|
# ? Sep 1, 2015 03:16 |
|
Ron Paul Atreides posted:How are we the dominant life form i really don't know i'm still cringe laughing at the guy who was running industrial auction where he made every effort to avoid taking debit/credit cards on site because fees so on a couple big days he'd ramp up decce six and a half figgies cash p sure i already mentioned my grand theft auto like driving to drop off the liability hot potato at the bank as soon as loving possible itt he also kept anywhere between "nice bottle of scotch" money to "nice brand new euro sports car" money in one of these things: like i'm 90% certain a single well placed kick will defeat the lock on those, never mind if you have a crowbar
|
# ? Sep 1, 2015 03:19 |
|
oh and no the doors were wide open all the way down to the street and we were desensitized to rando people just walking in because there was a huge "for rent" sign covering the front windows even though all the spaces in the place were rented out and aaaaaaaaaaaaaaa security through obscurity i guess, no one would expect anyone to do poo poo like that
|
# ? Sep 1, 2015 03:22 |
|
A former U.S. Secret Service agent charged with stealing more than $800,000 in bitcoins while investigating the Silk Road Internet drug emporium tried to change his identity after reaching an agreement to plead guilty, prosecutors said. A federal judge on Monday ordered Shaun Bridges to submit to electronic monitoring and a curfew after a prosecutor said Bridges sought to change his name and Social Security number and was found with illegal firearms, including an assault weapon. The government learned of the multiple attempts by Bridges to change his identity just hours before an otherwise routine hearing Monday in which he was scheduled to plead guilty to money laundering and obstruction of justice, prosecutor Kathryn Haun told U.S. District Judge Richard Seeborg in San Francisco. Haun told the judge that Bridges, who reached the plea deal in June, may try flee if allowed to remain free on bail and should be locked up while he awaits his sentencing in December.
|
# ? Sep 1, 2015 03:23 |
|
The Management posted:A former U.S. Secret Service agent charged with stealing more than $800,000 in bitcoins while investigating the Silk Road Internet drug emporium tried to change his identity after reaching an agreement to plead guilty, prosecutors said. holy poo poo are these people cartoons?
|
# ? Sep 1, 2015 03:34 |
|
Mido posted:holy poo poo are these people cartoons? almost threw up thinking someone would even as a desperate maneuver to save their life change their name from Carl Mark Force Five but thankfully just it's his chump of a partner
|
# ? Sep 1, 2015 03:38 |
|
i wonder what are some use cases for colored coins? oh neat they have a page on their site for that http://coloredcoins.org/inner-page-4-4/
|
# ? Sep 1, 2015 03:41 |
|
Good god we spent all this time spazzing out over Carl Mach Force IV when we should've been going nuts over bridges.
|
# ? Sep 1, 2015 04:11 |
|
CARL MARK FORCE IV sounds like a 80s supercomputer
|
# ? Sep 1, 2015 04:14 |
|
featuring 100 million bytes of on-line storage and 80 column teletype compatibility
|
# ? Sep 1, 2015 04:14 |
|
THE DAUPHIN
|
# ? Sep 1, 2015 04:24 |
|
maniacdevnull posted:CARL MARK FORCE IV sounds like a 80s supercomputer maybe he is
|
# ? Sep 1, 2015 04:27 |
|
surebet posted:oh and no the doors were wide open all the way down to the street and we were desensitized to rando people just walking in because there was a huge "for rent" sign covering the front windows even though all the spaces in the place were rented out and aaaaaaaaaaaaaaa lol The Management posted:A former U.S. Secret Service agent charged with stealing more than $800,000 in bitcoins while investigating the Silk Road Internet drug emporium tried to change his identity after reaching an agreement to plead guilty, prosecutors said. loooooooooooooooooooooooooooooooool
|
# ? Sep 1, 2015 04:29 |
|
Dixie Cretin Seaman posted:maybe he is IT'S THAT SCENE FROM MY NIGHTMARES
|
# ? Sep 1, 2015 04:29 |
|
"electronic monitoring" is the ankle gps transmitter thing, right
|
# ? Sep 1, 2015 04:30 |
|
Heresiarch posted:"electronic monitoring" is the ankle gps transmitter thing, right yup which in some deployments relies on the monitored persons telephone to alert the cops that the person is going places he shouldnt guess what happens when you dont pay your phone bill
|
# ? Sep 1, 2015 04:36 |
|
was this posted before? http://www.rollingstone.com/culture/features/the-rise-and-fall-of-a-bitcoin-kingpin-20150827
|
# ? Sep 1, 2015 05:13 |
|
Midjack posted:yup um yeah but isn't it like a daily check-in, where the bracelet-haver has a hookup by their bed that they connect the thing to every night? so at most the person has like 16 hours to get the gently caress outta dodge
|
# ? Sep 1, 2015 05:13 |
|
maybe some are like that, but my best fishmeching tells me that it's one of those proximity sensors that sends an alert when you leave a certain area
|
# ? Sep 1, 2015 05:24 |
|
if only we could track their location on THE BLOCKCHAIN
|
# ? Sep 1, 2015 05:28 |
|
|
# ? Jun 10, 2024 03:45 |
|
quote:Just three months earlier, when I met Karpeles here, the scene was considerably calmer. He was baking apple quiche, a recipe passed down from his grandmother. Scruffy and chipper, his dark hair pulled back in a loose ponytail, he wore baggy green pants and a flour-dusted black T-shirt with the words 'This Isn't Even My Final Form.' System of a Down played from his radio. Apples and bread crumbs covered the living-room table he otherwise used for his model train set. karpeles is satoshi is dorian nakamoto. it's all coming together
|
# ? Sep 1, 2015 06:00 |