|
hackbunny posted:just my luck, I get out of kitty jail just in time for the thread to be disappeared <> Great stuff! Keep us posted because I haven't seen this pop up in the infosec media anywhere yet.
|
# ? Jan 16, 2017 23:39 |
|
|
# ? May 15, 2024 20:31 |
|
repost from the other thread When Constant-Time Source Code May Not Save You tl;dr: a specific 32-bit implementation of Curve25519 on 64-bit Windows is vulnerable to a timing attack because multiplications with negative coefficients take more time than those with positive coefficients thanks to a standard library function provided by MSVC 2015
|
# ? Jan 16, 2017 23:44 |
|
Cool post, and keep us updated. This seems bizarrely inept. I'm just wondering what the significance of being a freemason and targeting freemasons was. Is freemasonry different in Italy compared to the US? In my area they seem to be guys who hang out once a week and help sponsor kids/families to the Shriner's hospital. Honestly, they seem like Elks with less pancake breakfasts.
|
# ? Jan 16, 2017 23:51 |
|
I am very interested in that hackbunny post, cool stuff!
|
# ? Jan 17, 2017 00:09 |
|
flosofl posted:Cool post, and keep us updated. This seems bizarrely inept. Well, from what I've heard freemasons in the US are fairly benign but it Europe they are more like an old boys network where elites meet to do backhanded deals and politics or w/e idk. Much more elite and secretive in any case. I suppose not much more sinister than any exclusive club like a country club or something but you get the idea. Now, in Italy there was a big scandal about a lodge called Propaganda Due where a lot of rich and powerful were members. The lodge was far right and actively undermining the state by ordering assassinations and causing banks to collapse and whatnot. They basically wanted to overthrow the government. After a few scandals where they were implicated they got kicked out of the masons but kept operating independently. Finally in the 80's they were disbanded. Read the wikipedia page if you want to learn more. Silvio Berlusconi was a member btw.. So yeah, Italy has some history with the masons.
|
# ? Jan 17, 2017 00:11 |
|
Captain Foo posted:I am very interested in that hackbunny post, cool stuff!
|
# ? Jan 17, 2017 00:11 |
|
Shaggar posted:its a tsa lock so its not gonna work to begin with. Might as well make it easy for the user if security isn't possible The drugs fridge at work is 'secured' with a tsa lock
|
# ? Jan 17, 2017 00:14 |
|
geonetix posted:welcome back thread! Captain Foo posted:I am very interested in that hackbunny post, cool stuff! a good day for the secfuck thread
|
# ? Jan 17, 2017 00:15 |
|
Deep Dish Fuckfest posted:set it to something like "february 31" and no one will ever be able to guess it. it's genius 4/20/69, the combination for my luggage
|
# ? Jan 17, 2017 00:16 |
|
The biggest threat to "cyber" is NOT the Russians (or the NSA). http://arstechnica.com/information-technology/2017/01/whos-winning-the-cyber-war-the-squirrels-of-course/ quote:So far, however, the damage done by cyber attacks, both real (Stuxnet's destruction of Iranian uranium enrichment centrifuges and a few brief power outages alleged to have been caused by Russian hackers using BlackEnergy malware) and imagined or exaggerated (the Iranian "attack" on a broken flood control dam in Rye, New York), cannot begin to measure up to an even more significant cyber-threat—squirrels.
|
# ? Jan 17, 2017 00:34 |
|
flosofl posted:The biggest threat to "cyber" is NOT the Russians (or the NSA). I want to know Backhoe's score.
|
# ? Jan 17, 2017 00:36 |
|
flosofl posted:The biggest threat to "cyber" is NOT the Russians (or the NSA). Good to see that the one weirdo cutting fiber lines in the SF Bay Area has a pretty dece score with 15
|
# ? Jan 17, 2017 00:42 |
|
Subjunctive posted:I want to know Backhoe's score. when i worked at an isp, three years in a row and approximately in the same spot affecting the same fiber line, we'd have a backhoe dig up our link between our data centre in edmonton to a town in northern alberta. it happened like clockwork around the beginning of october backhoes are a menace
|
# ? Jan 17, 2017 00:50 |
|
was there anything special about october?
|
# ? Jan 17, 2017 00:56 |
|
OSI bean dip posted:when i worked at an isp, three years in a row and approximately in the same spot affecting the same fiber line, we'd have a backhoe dig up our link between our data centre in edmonton to a town in northern alberta. it happened like clockwork around the beginning of october I remember in the mid 90s when a backhoe in St Louis took out almost all of MCI's (remember them?) physical fiber that connected the East of the Mississippi ATM network to the West of the Mississippi ATM network. We ended up moving to Frame Relay with a different provider shortly after that.
|
# ? Jan 17, 2017 01:00 |
|
a backhoe once took out the major phone related fiber Verizon had between Mass and Maine so most of the pstn in maine and parts of NH was down for like 13 hrs cause when they spliced it the first time they did it backwards. backhoes need to be stopped.
|
# ? Jan 17, 2017 01:07 |
|
altho technically I think the fiber was owned by rcn so the backwards splicing was their gently caress up
|
# ? Jan 17, 2017 01:09 |
|
geonetix posted:welcome back thread! also quote:Swan holds up train by waddling on the track for two miles
|
# ? Jan 17, 2017 01:14 |
|
so what happened to the thread, anyway
|
# ? Jan 17, 2017 01:31 |
|
fibre cut talk from a few years back https://www.theguardian.com/world/2011/apr/06/georgian-woman-cuts-web-access quote:An elderly Georgian woman was scavenging for copper to sell as scrap when she accidentally sliced through an underground cable and cut off internet services to all of neighbouring Armenia, it emerged on Wednesday.
|
# ? Jan 17, 2017 01:32 |
|
there's a reason the 1-800-DIG-RITE or whatever is in your area is free / subsidized by the utilities flosofl posted:I remember in the mid 90s when a backhoe in St Louis took out almost all of MCI's (remember them?) physical fiber that connected the East of the Mississippi ATM network to the West of the Mississippi ATM network. We ended up moving to Frame Relay with a different provider shortly after that. I think I remember this incident
|
# ? Jan 17, 2017 01:45 |
|
yeah, I remember nanog-l going apeshit. it was very exciting
|
# ? Jan 17, 2017 01:49 |
|
flosofl posted:The biggest threat to "cyber" is NOT the Russians (or the NSA). the russian version of this adds "moose and" to the "squirrel" category
|
# ? Jan 17, 2017 01:59 |
|
Shinku ABOOKEN posted:*that mcrib is back comic but with secfuck is back instead* that kid is back on the escalator again!
|
# ? Jan 17, 2017 02:16 |
|
hackbunny posted:just my luck, I get out of kitty jail just in time for the thread to be disappeared <> awesome post! but it does seem that they are "serious criminals" (if guilty) so i dunno what you mean by that one sentence
|
# ? Jan 17, 2017 02:46 |
|
Powaqoatse posted:awesome post! It's being used in the sense of "They weren't taking it seriously" Or just replace "serious" with "competent"
|
# ? Jan 17, 2017 03:15 |
|
gah of course sorry
|
# ? Jan 17, 2017 03:16 |
|
vOv posted:so what happened to the thread, anyway I don't know what you're talking about friend vOv
|
# ? Jan 17, 2017 03:29 |
|
i put the thread in my underwear for a bit, so everyone remember to wash your hands!
|
# ? Jan 17, 2017 03:44 |
|
Winkle-Daddy posted:this is an interesting and cool post. keep us updated on the details because I've not seen much but ~Trump News~ over this way. This, please never stop posting hack bunny
|
# ? Jan 17, 2017 03:53 |
|
also please dont troll negrotown (i hope thats what it was)
|
# ? Jan 17, 2017 04:00 |
|
Powaqoatse posted:also please dont troll negrotown (i hope thats what it was) No and shut up
|
# ? Jan 17, 2017 05:34 |
|
flosofl posted:Cool post, and keep us updated. This seems bizarrely inept. fun fact: they kept the information stolen from other freemasons in a folder (or category, I should reread the report) called "BROS". spankmeister gave a good summary of freemasons in italy and their historical significance Powaqoatse posted:but it does seem that they are "serious criminals" (if guilty) so i dunno what you mean by that one sentence inexperienced and super cocky is what I mean some gossip: it seems the sister's defense will throw the brother under the bus. italian press is inadvertently playing into their hand by being good ol sexists: they aren't a criminal enterprise but "an engineer and his sister", he is "a nuclear engineer" while she's painted mostly as a healthy eating freak and marathon runner, completely glossing over her considerable professional and academic resume and personal investment in the crime. one article in particular is this whole funny little sketch, where she comes to jail with a bag of expensive designer clothes and as soon as she has to leave it unguarded to go to her first hearing, the lot is stolen. she shakes her head, gets on the phone with a friend, and tells her in a controlled but exasperated tone to bring her a couple changes of the cheapest, ugliest clothes she can find. curtains, polite tittering from the dames some technical details: contacts in the italian malware research community have shared a recent sample of eyepyramid (the official name of the malware - author given! - and an obvious reference to the all seeing eye). I'm very rusty re. reverse engineering as I haven't done it professionally in years, and only rarely recreationally, but I can tell a few things beyond a shade of doubt:
I said that it would be obvious it was written in vb.net even if it didn't use the vb.net runtime library, and I'll explain why. let's look at a typical routine, messily and partly incorrectly decompiled by dotpeek: C# code:
initially I thought this bizarre code pattern (repeated over and over) was a form of code flow obfuscation. it doesn't make sense though, because if you can alter code flow, why do it in this very specific, deterministic way that isn't terribly hard to undo? why a try/catch and a switch? well, thanks to my past experience with visual basic (my first "serious" language!), I soon recognized it as "on error resume next", a notorious error non-handling construct that just throws any errors away. on classic vb, "on error resume next" actually produces more efficient code, as it omits error checks. on a platform like .net where errors are reported through structured exception handling, always, the compiler has to emit... that. mark position, catch exception, switch on current position, goto next statement. the above function simplifies to a more palatable: C# code:
C# code:
other telltale signs of vb.net are the many reference variables, which are illegal in c# but not in vb (dotpeek can only decompile to c#): C# code:
Powaqoatse posted:also please dont troll negrotown (i hope thats what it was) nein tyrante e: unbroke tables hackbunny fucked around with this message at 06:31 on Jan 17, 2017 |
# ? Jan 17, 2017 06:24 |
|
lol it all seems so heavily petty and quaint so much half-effort in the name of chasing bigger personal aspirations, all within a sociopolitical construct foreign to me
|
# ? Jan 17, 2017 06:33 |
|
hackbunny posted:fun fact: they kept the information stolen from other freemasons in a folder (or category, I should reread the report) called "BROS". spankmeister gave a good summary of freemasons in italy and their historical significance I see they went to the Ross Ulbricht School of Covering Your Tracks.
|
# ? Jan 17, 2017 06:59 |
|
https://twitter.com/DaveManouchehri/status/819746837544452096
|
# ? Jan 17, 2017 07:04 |
|
i like how i also like how they have a banner at the top of the page for a recall notice on a different model
|
# ? Jan 17, 2017 07:12 |
|
I have had my Samsung washer leak from having a sock in the gasket. I cannot wait to have it gush all over the floor when it gets owned or gets a faulty update.
|
# ? Jan 17, 2017 07:53 |
|
Did you try de4dot? (and then ilspy)
|
# ? Jan 17, 2017 07:54 |
|
|
# ? May 15, 2024 20:31 |
|
Kazinsal posted:they charge you fifteen bucks to wrap your bag with a pound of cling wrap the last time I visited Miami there was a huge fiasco over this http://www.miamiherald.com/news/local/community/miami-dade/article40311909.html
|
# ? Jan 17, 2017 08:56 |