|
not at all security related really but i bought the cheap VPS plan on a cheap poo poo-tier hosting provider just to see if it's acceptable for a dinky little website project i'm doing and this guy was on the order confirmation page and i think you guys should meet him:
|
#
?
May 10, 2016 14:43
|
|
|
|
| # ? Jun 3, 2024 17:17 |
|
|
i'm the pee plug
|
|
#
?
May 10, 2016 14:47
|
|
|
flakeloaf posted:well i don't think windows defender hasn't done this recently so it may not be a terrible idea trigger warning that linkedin link pls
|
|
#
?
May 10, 2016 15:04
|
|
|
flakeloaf posted:well i don't think windows defender hasn't done this recently so it may not be a terrible idea They fixed it inside 3 days I believe through the sig update channel. It was stupid and there's still issues with the scanning/heuristic engine running under the system context so that could still come back to bite them in the rear end again but they also do things like aggressively tracking of hosts/urls distributing malware and kill the connection before any payload can come in so its not completely worthless.
|
|
#
?
May 10, 2016 15:05
|
|
|
something like google's safe browsing but on things that aren't http? i certainly wouldn't say it's worthless, but whether it's worth more or less than any other desktop av 
|
|
#
?
May 10, 2016 15:09
|
|
|
https://twitter.com/troyhunt/status/730034943657574409 quite the breach, if i do say so myself. https://motherboard.vice.com/read/rosebuttboard-ip-board quote:Hunt obtained the data, which includes usernames, email addresses, IP addresses, and passwords hashed with the notoriously weak MD5 algorithm, along with a salt for some 107,303 accounts, and verified its authenticity.
|
|
#
?
May 10, 2016 15:09
|
|
|
flakeloaf posted:something like google's safe browsing but on things that aren't http? It's definitely hard to quantify the impact since it will kick in before any of the browser-based protections and there's bound to be overlap but it will also check any HTTP connection so if a dedicated process is trying to phone back to a known malware host it will kill the connection. the default config for every single install effectively becomes a honeypot that will feed back infection data to map malware networks which is useful
|
|
#
?
May 10, 2016 15:14
|
|
|
Rooney McNibnug posted:https://twitter.com/troyhunt/status/730034943657574409 MD5 passwords so at least it isn't TBC's site
|
|
#
?
May 10, 2016 15:15
|
|
|
BangersInMyKnickers posted:They fixed it inside 3 days I believe through the sig update channel. It was stupid and there's still issues with the scanning/heuristic engine running under the system context so that could still come back to bite them in the rear end again but they also do things like aggressively tracking of hosts/urls distributing malware and kill the connection before any payload can come in so its not completely worthless. so keep eset then probably?
|
|
#
?
May 10, 2016 15:20
|
|
|
Truga posted:i'm the pee plug  judging by the file names he's called "server mannequin" which makes this even creepier
|
|
#
?
May 10, 2016 15:21
|
|
|
CRIP EATIN BREAD posted:i just switched to a credit union and they enforce passwords 6-10 characters long. That's still better than AMEX, which has CASE INSENSITIVE passwords...
|
|
#
?
May 10, 2016 15:28
|
|
|
So does battle.net but at least they use 2fa we live on a planet where it's harder to break into a warcraft account than a bank account
|
|
#
?
May 10, 2016 15:34
|
|
|
a forum focused around “extreme anal dilation and anal fisting,” according to security researcher Troy Hunt.
|
|
#
?
May 10, 2016 15:47
|
|
|
Sulfrasta posted:so keep eset then probably? or go MSE and find some other tool that will do IP/URL blacklisting I guess
|
|
#
?
May 10, 2016 15:55
|
|
|
flakeloaf posted:So does battle.net but at least they use 2fa yeah well nobody has money in their bank account
|
|
#
?
May 10, 2016 15:55
|
|
|
BangersInMyKnickers posted:yeah well nobody has money in their bank account 
|
|
#
?
May 10, 2016 16:09
|
|
|
Rooney McNibnug posted:https://twitter.com/troyhunt/status/730034943657574409 pounded in the butt by their own sql injection
|
|
#
?
May 10, 2016 16:57
|
|
|
Parallel Paraplegic posted:not at all security related really but i bought the cheap VPS plan on a cheap poo poo-tier hosting provider just to see if it's acceptable for a dinky little website project i'm doing and this guy was on the order confirmation page and i think you guys should meet him: Parallel Paraplegic posted:
I see you've met our mascot, Pozzie the Unpatched Server
|
|
#
?
May 10, 2016 16:58
|
|
|
lotta bug chasers itt
|
|
#
?
May 10, 2016 16:59
|
|
|
Rooney McNibnug posted:https://twitter.com/troyhunt/status/730034943657574409 leave kirk johnson alone!!
|
|
#
?
May 10, 2016 17:11
|
|
|
Chris Knight posted:pounded in the butt by their own sql injection 
|
|
#
?
May 10, 2016 17:19
|
|
|
Chris Knight posted:pounded in the butt by their own sql injection a secfuck indeed
|
|
#
?
May 10, 2016 18:11
|
|
|
Rooney McNibnug posted:https://twitter.com/troyhunt/status/730034943657574409 https://twitter.com/troyhunt/status/730035057960751104 https://twitter.com/troyhunt/status/730036184651431937 also As the film ends, the camera reveals that "Rosebutt" is the trade name of the sled on which the eight-year-old Kane was playing on the day that he was taken from his home in Colorado
|
|
#
?
May 10, 2016 18:23
|
|
|
https://blog.cylance.com/know-the-truth-signatures-and-multi-av-scannersquote:Contrary to competitors, reporters and bloggers who’ve never seen, much less used, our products, we don’t use or rely on signatures or multi-AV scanners or traditional AV scanners. Period. Full stop. someone at cylance seems mad about people calling them out for their dumb tactics
|
|
#
?
May 10, 2016 18:27
|
|
|
OSI bean dip posted:https://blog.cylance.com/know-the-truth-signatures-and-multi-av-scanners they are just taunting the wrath of taviso, aren't they
|
|
#
?
May 10, 2016 18:53
|
|
|
Captain Foo posted:they are just taunting the wrath of taviso, aren't they would he even be able to get a copy of the thing with how NDA-happy they are? this "verify but don't talk to anyone about it" tactic reeks of bullshit
|
|
#
?
May 10, 2016 18:58
|
|
|
OSI bean dip posted:someone at cylance seems mad about people calling them out for their dumb tactics reads like bitcoin bingo
|
|
#
?
May 10, 2016 19:07
|
|
|
BangersInMyKnickers posted:would he even be able to get a copy of the thing with how NDA-happy they are? this "verify but don't talk to anyone about it" tactic reeks of bullshit eh, should be a put up or shut up thing for them, but it won't be
|
|
#
?
May 10, 2016 19:11
|
|
|
flakeloaf posted:we live on a planet where it's harder to break into a warcraft account than a bank account it's very clear exactly why this is imo
|
|
#
?
May 10, 2016 19:13
|
|
|
OSI bean dip posted:https://blog.cylance.com/know-the-truth-signatures-and-multi-av-scanners has anyone ever used the phrase FUD outside of defending a scam?
|
|
#
?
May 10, 2016 19:20
|
|
|
flakeloaf posted:well i don't think windows defender hasn't done this recently so it may not be a terrible idea
|
|
#
?
May 10, 2016 19:21
|
|
|
vOv posted:turns out videoing yourself stealing credentials and using them to log into a server without authorization can lead to criminal charges quote:"... the CMS Levin logged in to had also been retired and replaced with one that ran WordPress." that is a strange thing to brag about.
|
|
#
?
May 10, 2016 19:22
|
|
|
uninterrupted posted:has anyone ever used the phrase FUD outside of defending a scam? I use it to describe the pitch from every single DCS salesman I've ever met. Industrial controls is a open sewer of a tech sector
|
|
#
?
May 10, 2016 19:28
|
|
|
Sulfrasta posted:that is a strange thing to brag about. the other day i was walking behind two guys talking about how their new company site was WordPress because it was "the best in the industry" and i just kinda burst into quiet snickering
|
|
#
?
May 10, 2016 19:29
|
|
|
http://www.dailydot.com/politics/encryption-crypto-wars-police-indiana-charles-cohen-interview/ there are too many gems in this article to individually quote but rest assured its not a zero-sum article
|
|
#
?
May 10, 2016 19:35
|
|
|
Sharktopus posted:it's very clear exactly why this is imo see how pizzas often get to you faster than an ambulance would
|
|
#
?
May 10, 2016 19:36
|
|
|
relevant http://fortune.com/2016/05/10/pornhub-bug-bounty-program-hackerone/
|
|
#
?
May 10, 2016 19:38
|
|
|
Ulf posted:i was going through this yesterday and thank you for trying so that i did not have to 5000? Lol try like 3. What's that you forgot your password? Well lets verify your identity via 5 static questions with 3 possible answers each.
|
|
#
?
May 10, 2016 19:47
|
|
|
Malloc Voidstar posted:a forum focused around “extreme anal dilation and anal fisting,” according to security researcher Troy Hunt. He actually goes by Mike.
|
|
#
?
May 10, 2016 19:53
|
|
|
|
| # ? Jun 3, 2024 17:17 |
|
|
gonadic io posted:see how pizzas often get to you faster than an ambulance would ur my new fav poster
|
|
#
?
May 10, 2016 19:55
|
|