|
trustr
|
#
?
May 3, 2016 01:35
|
|
|
|
| # ? Jun 1, 2024 09:44 |
|
|
Midjack posted:the usb interface appears similar to the ones i've pulled up so I guess it's an industry standard but as a card skimmer
|
|
#
?
May 3, 2016 02:45
|
|
|
Tayter Swift posted:trustr there is no such thing as irony https://www.facebook.com/TrustRApp/
|
|
#
?
May 3, 2016 02:49
|
|
|
woo i get to post something i heard on the local news for once http://www.tbo.com/news/business/tampa-international-to-conduct-new-audit-after-potential-security-breach-20160502/ quote:A consultant working in the airport’s computer system to upgrade business intelligence software in 2014 and 2015 shared his user name and password with people in foreign countries who logged into the system dozens of times from places like Mumbai and Pradesh, India, United Arab Emirates and Kashmir, India. i too dream of one day farming out all of my work to third world contractors for pennies 
|
|
#
?
May 3, 2016 14:43
|
|
|
OpenSSL regressed Lucky 13, meet the new padding oracle attack same as the old one: https://mta.openssl.org/pipermail/openssl-announce/2016-May/000072.html
|
|
#
?
May 3, 2016 15:57
|
|
|
i didn't think anyone was still using openssl.
|
|
#
?
May 3, 2016 15:59
|
|
|
Midjack posted:the usb interface appears similar to the ones i've pulled up so I guess it's an industry standard
|
|
#
?
May 3, 2016 16:04
|
|
|
Shaggar posted:i didn't think anyone was still using openssl.
|
|
#
?
May 3, 2016 16:12
|
|
|
hosed up if true
|
|
#
?
May 3, 2016 16:12
|
|
|
Shaggar posted:hosed up if true
|
|
#
?
May 3, 2016 16:14
|
|
|
Bhodi posted:I never understood this from an aesthetic perspective; you could easily make atms that are just flat plexiglass with a slot that fits a CC exactly. Why don't they design the atms to both look futuristic and remove the ability to attach skimmers to it without people noticing? Instead they're going in the other direction, attaching increasingly large and ridiculous multi-colored shields which are indistinguishable from skimmers themselves cost, durability, accessibility, repairability, etc
|
|
#
?
May 3, 2016 16:16
|
|
|
Cocoa Crispies posted:cost, durability, accessibility, repairability, etc
|
|
#
?
May 3, 2016 16:18
|
|
|
Shaggar posted:hosed up if true shaggar was right
|
|
#
?
May 3, 2016 16:33
|
|
|
Bhodi posted:it smells to me more like bandaids rather than a concern incorporated into the base design, you can use the same materials, you just need to make everything flush How is the user supposed to know the slot is supposed to be flush? There's lots of different ATM designs all around the world, and I bet there are cases where even a bank of multiple ATM's at a bank have slightly different form factors. This isn't a problem that can be solved with any change in physical form factor because the user has to know what the ATM should look like before they can tell if it's been modified. So you'd need to do something like showing a picture of the card slot on the screen and telling the user to check to make sure the card slot looks the same as the picture. Solving the pin entry being recorded is a slightly harder problem, but making the plastic hardware that surrounds the input pad thinner would make it harder for someone to hollow them out to insert a camera. ErIog fucked around with this message at 16:44 on May 3, 2016 |
|
#
?
May 3, 2016 16:37
|
|
|
anthonypants posted:there are people using openssl on windows server, right now I put ours behind an IIS reverse proxy because gently caress Apache/OpenSLL. schannel 4 lyfe
|
|
#
?
May 3, 2016 16:45
|
|
|
ErIog posted:How is the user supposed to know the slot is supposed to be flush? There's lots of different ATM designs all around the world, and I bet there are cases where even a bank of multiple ATM's at a bank have slightly different form factors. well, they would if we weren't already accustomed to weirdly shaped shields. which was my point
|
|
#
?
May 3, 2016 16:48
|
|
|
I always yank at the card slot vigorously before any transaction
|
|
#
?
May 3, 2016 16:50
|
|
|
Parallel Paraplegic posted:I always yank at the card slot vigorously before any transaction
|
|
#
?
May 3, 2016 16:51
|
|
|
Parallel Paraplegic posted:I always yank at the card slot vigorously before any transaction uh text me?
|
|
#
?
May 3, 2016 16:55
|
|
|
some ATMs show a photo/diagram of what the ATM is supposed to look like on the screen, I wonder if it's a good measure
|
|
#
?
May 3, 2016 17:19
|
|
|
hackbunny posted:some ATMs show a photo/diagram of what the ATM is supposed to look like on the screen, I wonder if it's a good measure lol if u think
|
|
#
?
May 3, 2016 17:35
|
|
|
anthonypants posted:agreed but i believe the libressl folks are more worried about getting a functional implementation right now than porting it everywhere the correct choice is schannel
|
|
#
?
May 3, 2016 17:56
|
|
|
BangersInMyKnickers posted:I put ours behind an IIS reverse proxy because gently caress Apache/OpenSLL. schannel 4 lyfe
|
|
#
?
May 3, 2016 17:56
|
|
|
hackbunny posted:some ATMs show a photo/diagram of what the ATM is supposed to look like on the screen, I wonder if it's a good measure 
|
|
#
?
May 3, 2016 17:59
|
|
|
https://medium.com/@rhuber/imagemagick-is-on-fire-cve-2016-3714-379faf762247quote:There are multiple vulnerabilities in ImageMagick, a package commonly used by web services to process images. One of the vulnerabilities can lead to remote code execution (RCE) if you process user submitted images. The exploit for this vulnerability is being used in the wild.
|
|
#
?
May 3, 2016 18:05
|
|
|
there are always vulnerabilities in ImageMagick. sandbox that poo poo for christ's sake.
|
|
#
?
May 3, 2016 18:09
|
|
|
Wiggly Wayne DDS posted:https://medium.com/@rhuber/imagemagick-is-on-fire-cve-2016-3714-379faf762247 https://imagetragick.com/
|
|
#
?
May 3, 2016 18:36
|
|
|
i make all my gifs with imagemagick.
|
|
#
?
May 3, 2016 18:38
|
|
|
Wheany posted:i make all my gifs with imagemagick. imagemagick makes terrible gifs
|
|
#
?
May 3, 2016 18:42
|
|
|
i switched to GraphicsMagick years ago and am secure in the knowledge that less people use it so i probably will not find out about security vulnerabilities and feel safe
|
|
#
?
May 3, 2016 19:15
|
|
|
imagemagick allowed me to make huge.jpg back in 2001 
|
|
#
?
May 3, 2016 19:15
|
|
|
OSI bean dip posted:imagemagick allowed me to make huge.jpg back in 2001 you monster
|
|
#
?
May 3, 2016 19:16
|
|
|
Parallel Paraplegic posted:i switched to GraphicsMagick years ago and am secure in the knowledge that less people use it so i probably will not find out about security vulnerabilities and feel safe brb running afl on graphicsmagick
|
|
#
?
May 3, 2016 19:16
|
|
|
Malloc Voidstar posted:lmao fight me irl
|
|
#
?
May 3, 2016 19:18
|
|
|
Wheany posted:fight me irl i use a weird workflow of imagemagick+pngquant+gifsicle to avoid that and make hq gifs the only other thing i know that has similar quality is photoshop (it's worse)
|
|
#
?
May 3, 2016 19:23
|
|
|
I wonder if mrtg and other visualization tools still have imagemagik bundled deps
|
|
#
?
May 3, 2016 19:27
|
|
|
OSI bean dip posted:imagemagick allowed me to make huge.jpg back in 2001 you son of a bitch
|
|
#
?
May 3, 2016 19:28
|
|
|
i use ffmpeg to make gifs
|
|
#
?
May 3, 2016 19:30
|
|
|
this is extremely my poo poo
|
|
#
?
May 3, 2016 19:36
|
|
|
|
| # ? Jun 1, 2024 09:44 |
|
|
Parallel Paraplegic posted:i switched to GraphicsMagick years ago and am secure in the knowledge that less people use it so i probably will not find out about security vulnerabilities and feel safe my only open source contribution of the last like 5 years was an RCE fix in graphicsmagick that i found because i was doing OSI bean dip posted:brb running afl on graphicsmagick that
|
|
#
?
May 3, 2016 19:40
|
|
