Security Fuckup Megathread - v13.69 - plugins may violate privacy

The Something Awful Forums > Discussion > Serious Hardware/Software Crap > YOSPOS > Security Fuckup Megathread - v13.69 - plugins may violate privacy

«‹›216 »

spankmeister: Jun 15, 2008

hackbunny posted:

just my luck, I get out of kitty jail just in time for the thread to be disappeared <>

italy is currently being rocked by a bizarre scandal of the cyber persuasion. the occhionero siblings, entrepreneurs in the finance sector, freemasons and by all accounts smart people (he's a nuclear engineer, she's a chemistry phd), are found to be conducting a multi-year spearfishing campaign against politicians, entrepreneurs and... other freemasons. their spyware appears to have been entirely developed in-house, and it's been active since at least 2011. kaspersky describes it as "amateurish" but I've gotten my hands on a recent sample and it appears to have been developed by someone who, if not a cybercriminal, has at least an idea of how malware analysis is done and how to slow it down. well, at least the anti-analysis protection and obfuscation was, and I know it's not a commercial framework because the few unobfuscated strings are unique to the malware

on the other hand, the occhionero siblings made huge, gigantic opsec blunders, and I argue that they had outside help with the malware development, because they clearly aren't serious criminals. consider the strongest piece of evidence against them: the malware exfiltrates data by sending e-mails and uses a commercial component to do so, which requires a license code to unlock. not only the malware contains said license code, but italian police asked the fbi for help, the fbi obtained the name of the licensee, and it was the occhionero brother: the guy had virtually embedded his real name in his phishing malware

on the other other hand, when the police came to arrest them, the brother rebooted the bitlocker-encrypted computer and now refuses to provide the password, while the sister locked her smartcard by entering the wrong pin several times. it's not going to help them much because the amount of evidence against them is impressive: they didn't just embed personally identifying information in the malware, they also hosted the c&c server on their company's website, and they talked about their dirty business on regular cleartext phone calls, that the police duly wiretapped

all considered, the campaign wasn't terribly successful. of about 18000 targets, only about 10% are estimated to have been compromised

the motive is still a mystery. insider trading seems to be the current consensus

the malware samples I've seen raise some extremely obvious red flags when run in the simplest of the automated analysis tools, and they're clearly part of a shared lineage dating back years, so it's a little amazing to me that it took so long for it to be noticed

Great stuff! Keep us posted because I haven't seen this pop up in the infosec media anywhere yet.

# ? Jan 16, 2017 23:39

Adbot: ADBOT LOVES YOU

# ? May 15, 2024 20:31

McGlockenshire: Dec 16, 2005; GOLLOCKS!

repost from the other thread

When Constant-Time Source Code May Not Save You

tl;dr: a specific 32-bit implementation of Curve25519 on 64-bit Windows is vulnerable to a timing attack because multiplications with negative coefficients take more time than those with positive coefficients thanks to a standard library function provided by MSVC 2015

# ? Jan 16, 2017 23:44

Proteus Jones: Feb 28, 2013

hackbunny posted:

Cool post, and keep us updated. This seems bizarrely inept.

I'm just wondering what the significance of being a freemason and targeting freemasons was. Is freemasonry different in Italy compared to the US? In my area they seem to be guys who hang out once a week and help sponsor kids/families to the Shriner's hospital. Honestly, they seem like Elks with less pancake breakfasts.

# ? Jan 16, 2017 23:51

Captain Foo: May 11, 2004; we vibin'
we slidin'
we breathin'
we dyin'

I am very interested in that hackbunny post, cool stuff!

# ? Jan 17, 2017 00:09

spankmeister: Jun 15, 2008

flosofl posted:

Cool post, and keep us updated. This seems bizarrely inept.

I'm just wondering what the significance of being a freemason and targeting freemasons was. Is freemasonry different in Italy compared to the US? In my area they seem to be guys who hang out once a week and help sponsor kids/families to the Shriner's hospital. Honestly, they seem like Elks with less pancake breakfasts.

Well, from what I've heard freemasons in the US are fairly benign but it Europe they are more like an old boys network where elites meet to do backhanded deals and politics or w/e idk. Much more elite and secretive in any case. I suppose not much more sinister than any exclusive club like a country club or something but you get the idea.

Now, in Italy there was a big scandal about a lodge called Propaganda Due where a lot of rich and powerful were members. The lodge was far right and actively undermining the state by ordering assassinations and causing banks to collapse and whatnot. They basically wanted to overthrow the government. After a few scandals where they were implicated they got kicked out of the masons but kept operating independently. Finally in the 80's they were disbanded. Read the wikipedia page if you want to learn more.

Silvio Berlusconi was a member btw..

So yeah, Italy has some history with the masons.

# ? Jan 17, 2017 00:11

Thanks Ants: May 21, 2004; #essereFerrari

Captain Foo posted:

I am very interested in that hackbunny post, cool stuff!

# ? Jan 17, 2017 00:11

Loving Africa Chaps: Dec 3, 2007; We had not left it yet, but when I would wake in the night, I would lie, listening, homesick for it already.

Shaggar posted:

its a tsa lock so its not gonna work to begin with. Might as well make it easy for the user if security isn't possible

The drugs fridge at work is 'secured' with a tsa lock

# ? Jan 17, 2017 00:14

Aquarium of Lies: Feb 5, 2005; sad cutie

she/her; Taco Defender

geonetix posted:

welcome back thread!

Captain Foo posted:

I am very interested in that hackbunny post, cool stuff!

a good day for the secfuck thread

# ? Jan 17, 2017 00:15

BangersInMyKnickers: Nov 3, 2004; I have a thing for courageous dongles

Deep Dish Fuckfest posted:

set it to something like "february 31" and no one will ever be able to guess it. it's genius

4/20/69, the combination for my luggage

# ? Jan 17, 2017 00:16

Proteus Jones: Feb 28, 2013

The biggest threat to "cyber" is NOT the Russians (or the NSA).

http://arstechnica.com/information-technology/2017/01/whos-winning-the-cyber-war-the-squirrels-of-course/

quote:

So far, however, the damage done by cyber attacks, both real (Stuxnet's destruction of Iranian uranium enrichment centrifuges and a few brief power outages alleged to have been caused by Russian hackers using BlackEnergy malware) and imagined or exaggerated (the Iranian "attack" on a broken flood control dam in Rye, New York), cannot begin to measure up to an even more significant cyber-threat�squirrels.

That was the message delivered at the Shmoocon security conference on Friday by Cris "SpaceRogue" Thomas, former member of the L0pht Heavy Industries hacking collective and now a security researcher at Tenable. In his presentation�entitled, "35 Years of Cyberwar: The Squirrels Are Winning"�SpaceRogue revealed the scale of the squirrelly threat to worldwide critical infrastructure by presenting data gathered by CyberSquirrel 1, a project that gathers information on animal-induced infrastructure outages collected from sources on the Internet.

# ? Jan 17, 2017 00:34

Subjunctive: Sep 12, 2006; ✨sparkle and shine✨

flosofl posted:

The biggest threat to "cyber" is NOT the Russians (or the NSA).

http://arstechnica.com/information-technology/2017/01/whos-winning-the-cyber-war-the-squirrels-of-course/

I want to know Backhoe's score.

# ? Jan 17, 2017 00:36

Trabisnikof: Dec 24, 2005

flosofl posted:

The biggest threat to "cyber" is NOT the Russians (or the NSA).

http://arstechnica.com/information-technology/2017/01/whos-winning-the-cyber-war-the-squirrels-of-course/

Good to see that the one weirdo cutting fiber lines in the SF Bay Area has a pretty dece score with 15

# ? Jan 17, 2017 00:42

Lain Iwakura: Aug 5, 2004; The body exists only to verify one's own existence.; Taco Defender

Subjunctive posted:

I want to know Backhoe's score.

when i worked at an isp, three years in a row and approximately in the same spot affecting the same fiber line, we'd have a backhoe dig up our link between our data centre in edmonton to a town in northern alberta. it happened like clockwork around the beginning of october

backhoes are a menace

# ? Jan 17, 2017 00:50

Thanks Ants: May 21, 2004; #essereFerrari

was there anything special about october?

# ? Jan 17, 2017 00:56

Proteus Jones: Feb 28, 2013

OSI bean dip posted:

when i worked at an isp, three years in a row and approximately in the same spot affecting the same fiber line, we'd have a backhoe dig up our link between our data centre in edmonton to a town in northern alberta. it happened like clockwork around the beginning of october

backhoes are a menace

I remember in the mid 90s when a backhoe in St Louis took out almost all of MCI's (remember them?) physical fiber that connected the East of the Mississippi ATM network to the West of the Mississippi ATM network. We ended up moving to Frame Relay with a different provider shortly after that.

# ? Jan 17, 2017 01:00

Shaggar: Apr 26, 2006

a backhoe once took out the major phone related fiber Verizon had between Mass and Maine so most of the pstn in maine and parts of NH was down for like 13 hrs cause when they spliced it the first time they did it backwards.

backhoes need to be stopped.

# ? Jan 17, 2017 01:07

Shaggar: Apr 26, 2006

altho technically I think the fiber was owned by rcn so the backwards splicing was their gently caress up

# ? Jan 17, 2017 01:09

canis minor: May 4, 2011

geonetix posted:

welcome back thread!

also

quote:

Swan holds up train by waddling on the track for two miles

# ? Jan 17, 2017 01:14

vOv: Feb 8, 2014

so what happened to the thread, anyway

# ? Jan 17, 2017 01:31

Thanks Ants: May 21, 2004; #essereFerrari

fibre cut talk from a few years back
https://www.theguardian.com/world/2011/apr/06/georgian-woman-cuts-web-access

quote:

An elderly Georgian woman was scavenging for copper to sell as scrap when she accidentally sliced through an underground cable and cut off internet services to all of neighbouring Armenia, it emerged on Wednesday.

# ? Jan 17, 2017 01:32

Hed: Mar 31, 2004; Fun Shoe

there's a reason the 1-800-DIG-RITE or whatever is in your area is free / subsidized by the utilities

flosofl posted:

I remember in the mid 90s when a backhoe in St Louis took out almost all of MCI's (remember them?) physical fiber that connected the East of the Mississippi ATM network to the West of the Mississippi ATM network. We ended up moving to Frame Relay with a different provider shortly after that.

I think I remember this incident

# ? Jan 17, 2017 01:45

Subjunctive: Sep 12, 2006; ✨sparkle and shine✨

yeah, I remember nanog-l going apeshit. it was very exciting

# ? Jan 17, 2017 01:49

fritz: Jul 26, 2003

flosofl posted:

The biggest threat to "cyber" is NOT the Russians (or the NSA).

http://arstechnica.com/information-technology/2017/01/whos-winning-the-cyber-war-the-squirrels-of-course/

the russian version of this adds "moose and" to the "squirrel" category

# ? Jan 17, 2017 01:59

syscall girl: Nov 7, 2009; by FactsAreUseless; Fun Shoe

Shinku ABOOKEN posted:

*that mcrib is back comic but with secfuck is back instead*

that kid is back on the escalator again!

# ? Jan 17, 2017 02:16

Carthag Tuek: Oct 15, 2005; Tider skal komme,
tider skal henrulle,
sl�gt skal f�lge sl�gters gang

hackbunny posted:

just my luck, I get out of kitty jail just in time for the thread to be disappeared <>

italy is currently being rocked by a bizarre scandal of the cyber persuasion. the occhionero siblings, entrepreneurs in the finance sector, freemasons and by all accounts smart people (he's a nuclear engineer, she's a chemistry phd), are found to be conducting a multi-year spearfishing campaign against politicians, entrepreneurs and... other freemasons. their spyware appears to have been entirely developed in-house, and it's been active since at least 2011. kaspersky describes it as "amateurish" but I've gotten my hands on a recent sample and it appears to have been developed by someone who, if not a cybercriminal, has at least an idea of how malware analysis is done and how to slow it down. well, at least the anti-analysis protection and obfuscation was, and I know it's not a commercial framework because the few unobfuscated strings are unique to the malware

on the other hand, the occhionero siblings made huge, gigantic opsec blunders, and I argue that they had outside help with the malware development, because they clearly aren't serious criminals. consider the strongest piece of evidence against them: the malware exfiltrates data by sending e-mails and uses a commercial component to do so, which requires a license code to unlock. not only the malware contains said license code, but italian police asked the fbi for help, the fbi obtained the name of the licensee, and it was the occhionero brother: the guy had virtually embedded his real name in his phishing malware

on the other other hand, when the police came to arrest them, the brother rebooted the bitlocker-encrypted computer and now refuses to provide the password, while the sister locked her smartcard by entering the wrong pin several times. it's not going to help them much because the amount of evidence against them is impressive: they didn't just embed personally identifying information in the malware, they also hosted the c&c server on their company's website, and they talked about their dirty business on regular cleartext phone calls, that the police duly wiretapped

all considered, the campaign wasn't terribly successful. of about 18000 targets, only about 10% are estimated to have been compromised

the motive is still a mystery. insider trading seems to be the current consensus

the malware samples I've seen raise some extremely obvious red flags when run in the simplest of the automated analysis tools, and they're clearly part of a shared lineage dating back years, so it's a little amazing to me that it took so long for it to be noticed

awesome post!

but it does seem that they are "serious criminals" (if guilty) so i dunno what you mean by that one sentence

# ? Jan 17, 2017 02:46

Proteus Jones: Feb 28, 2013

Powaqoatse posted:

awesome post!

but it does seem that they are "serious criminals" (if guilty) so i dunno what you mean by that one sentence

It's being used in the sense of "They weren't taking it seriously"

Or just replace "serious" with "competent"

# ? Jan 17, 2017 03:15

Carthag Tuek: Oct 15, 2005; Tider skal komme,
tider skal henrulle,
sl�gt skal f�lge sl�gters gang

gah of course

sorry

# ? Jan 17, 2017 03:16

Munkeymon: Aug 14, 2003; Motherfucker's got an
armor-piercing crowbar! Rigoddamndicu𝜆ous.

vOv posted:

so what happened to the thread, anyway

I don't know what you're talking about friend vOv

# ? Jan 17, 2017 03:29

Carthag Tuek: Oct 15, 2005; Tider skal komme,
tider skal henrulle,
sl�gt skal f�lge sl�gters gang

i put the thread in my underwear for a bit, so everyone remember to wash your hands!

# ? Jan 17, 2017 03:44

Volmarias: Dec 31, 2002; EMAIL... THE INTERNET... SEARCH ENGINES...

Winkle-Daddy posted:

this is an interesting and cool post. keep us updated on the details because I've not seen much but ~Trump News~ over this way.

This, please never stop posting hack bunny

# ? Jan 17, 2017 03:53

Carthag Tuek: Oct 15, 2005; Tider skal komme,
tider skal henrulle,
sl�gt skal f�lge sl�gters gang

also please dont troll negrotown (i hope thats what it was)

# ? Jan 17, 2017 04:00

Haquer: Nov 15, 2009; That windswept look...

Powaqoatse posted:

also please dont troll negrotown (i hope thats what it was)

No and shut up

# ? Jan 17, 2017 05:34

hackbunny: Jul 22, 2007; I haven't been on SA for years but the person who gave me my previous av as a joke felt guilty for doing so and decided to get me a non-shitty av

flosofl posted:

Cool post, and keep us updated. This seems bizarrely inept.

I'm just wondering what the significance of being a freemason and targeting freemasons was. Is freemasonry different in Italy compared to the US? In my area they seem to be guys who hang out once a week and help sponsor kids/families to the Shriner's hospital. Honestly, they seem like Elks with less pancake breakfasts.

fun fact: they kept the information stolen from other freemasons in a folder (or category, I should reread the report) called "BROS". spankmeister gave a good summary of freemasons in italy and their historical significance

Powaqoatse posted:

but it does seem that they are "serious criminals" (if guilty) so i dunno what you mean by that one sentence

inexperienced and super cocky is what I mean

some gossip: it seems the sister's defense will throw the brother under the bus. italian press is inadvertently playing into their hand by being good ol sexists: they aren't a criminal enterprise but "an engineer and his sister", he is "a nuclear engineer" while she's painted mostly as a healthy eating freak and marathon runner, completely glossing over her considerable professional and academic resume and personal investment in the crime. one article in particular is this whole funny little sketch, where she comes to jail with a bag of expensive designer clothes and as soon as she has to leave it unguarded to go to her first hearing, the lot is stolen. she shakes her head, gets on the phone with a friend, and tells her in a controlled but exasperated tone to bring her a couple changes of the cheapest, ugliest clothes she can find. curtains, polite tittering from the dames

some technical details: contacts in the italian malware research community have shared a recent sample of eyepyramid (the official name of the malware - author given! - and an obvious reference to the all seeing eye). I'm very rusty re. reverse engineering as I haven't done it professionally in years, and only rarely recreationally, but I can tell a few things beyond a shade of doubt:

it was written in visual basic .net. this is super obvious from the heavy usage of the vb.net runtime library, but also from certain other characteristics of the code (I'll explain later). arguably, by a programmer not terribly familiar with the language
symbols (with some glaring omissions) have been obfuscated into big random strings. I'm unfamiliar with .net obfuscators and can't tell if it's a known commercial obfuscator or not (e: DURRRH it says dotfuscator right there I'm dum)
all strings have been obfuscated with an algorithm that's rather trivial to reverse through symbolic execution. if I had a tool like simplify for .net, I could strip this layer of obfuscation in a matter of seconds. I don't and I'm lazy and nobody is paying me for this, so I did it by hand. symbol names of the deobfuscation code have some irregularities that suggest that the string obfuscation class is part of the same suite as the symbol obfuscator
this is where it gets interesting. sensitive strings, such as phone-home addresses and credentials, have been obfuscated with a second, separate obfuscator, that doubles as an anti-debugging/anti-analysis component. symbolic execution won't help: the deobfuscation key isn't hardcoded, but it's derived from 16 runtime checks (was a debugger detected? is the malware in the autorun list? are we running in a vm? etc. and much more specific and kinda bizarre conditions). since it boils down to a 16 bit 3DES key, it's really easy to blindly bruteforce the entire key space, but still. those fuckers. well, don't come tell me someone with no experience in malware writing came up with this. don't tell me it's a commercial component they bought either, because a bug/omission in the symbol obfuscator left some symbols in cleartext, and by googling them all hits are from earlier variants of eyepyramid
finally, an assembly linker was used to merge external libraries (such as the aforementioned mail component with which the siblings doxxed themselves) into the executable. I can totally believe they did this part themselves because instead of link-then-obfuscate, they obfuscate-then-link, making it trivial to separate the external libraries from the malware and greatly simplifying the analysis

I said that it would be obvious it was written in vb.net even if it didn't use the vb.net runtime library, and I'll explain why. let's look at a typical routine, messily and partly incorrectly decompiled by dotpeek:

C# code:

  public static void f6J8eFg3YUvv4j3xEUTV3E1CEBj3xEUTV3E1CE0PYUanFmGRebVA0srGwqvHpDYA()
  {
label_0:
    int num1;
    int num2;
    try
    {
      ProjectData.ClearProjectError();
      num1 = 1;
label_1:
      int num3 = 2;
      if (kPd9dIhV/* long name omitted */.hhqKbrLk/* etc. */())
        goto label_8;
label_2:
      num3 = 5;
      if (!erRFjb3s/* ... */.HEKvagU1/* ... */())
        goto label_8;
      else
        goto label_8;
label_4:
      num2 = num3;
      switch (num1)
      {
        case 1:
          int num4 = num2 + 1;
          num2 = 0;
          switch (num4)
          {
            case 1:
              goto label_0;
            case 2:
              goto label_1;
            case 3:
            case 6:
            case 7:
              goto label_8;
            case 4:
            case 5:
              goto label_2;
          }
      }
    }
    catch (Exception ex) when (ex is Exception & (uint) num1 > 0U & num2 == 0)
    {
      ProjectData.SetProjectError(ex);
      goto label_4;
    }
    throw ProjectData.CreateProjectError(-2146828237);
label_8:
    if (num2 != 0)
    {
      ProjectData.ClearProjectError();
    }
    else
    {
      int num3;
      int num4;
      while (num3 == num4)
      {
        num4 = 1;
        int num5 = num4;
        int num6 = num3;
        num3 = num5;
        if (num3 > num6)
          break;
      }
    }
  }

(ilspy is nearly useless here as it spits out internal garbage when it gets to the switch statement. unsurprising, as those gotos are illegal in c# because the labels are out of scope in the switch statement)

initially I thought this bizarre code pattern (repeated over and over) was a form of code flow obfuscation. it doesn't make sense though, because if you can alter code flow, why do it in this very specific, deterministic way that isn't terribly hard to undo? why a try/catch and a switch? well, thanks to my past experience with visual basic (my first "serious" language!), I soon recognized it as "on error resume next", a notorious error non-handling construct that just throws any errors away. on classic vb, "on error resume next" actually produces more efficient code, as it omits error checks. on a platform like .net where errors are reported through structured exception handling, always, the compiler has to emit... that. mark position, catch exception, switch on current position, goto next statement. the above function simplifies to a more palatable:

C# code:

  public static void f6J8eFg3YUvv4j3xEUTV3E1CEBj3xEUTV3E1CE0PYUanFmGRebVA0srGwqvHpDYA()
  {
    ProjectData.ClearProjectError();

    if (kPd9dIhV/* ... */.hhqKbrLk/* ... */())
      goto label_8;

    if (!erRFjb3s/* ... */.HEKvagU1/* ... */())
      goto label_8;
    else
      goto label_8;

label_8:
    return;
  }

and by removing more useless vb cruft and translating unstructured gotos into structured code by hand, further into:

C# code:

  public static void f6J8eFg3YUvv4j3xEUTV3E1CEBj3xEUTV3E1CE0PYUanFmGRebVA0srGwqvHpDYA()
  {
    if (!kPd9dIhV/* ... */.hhqKbrLk/* ... */()) {
      erRFjb3s/* ... */.HEKvagU1/* ... */();
    }
  }

it would be nice if decompilers could recognize this automatically, but they don't. once you get used to it, though, you can skip all the extraneous code at a glance, without even editing it away

other telltale signs of vb.net are the many reference variables, which are illegal in c# but not in vb (dotpeek can only decompile to c#):

C# code:

  public static int x4SlgKmPmgp18FZP4R6VdaGkIBKWb9HjgdCqVbAKWb9HjgdCqVbAoM5WyXRRPRuA(bool install = false)
  {
    int num;
    try
    {
      string olw48CagNqKpmDleguA = Xpg7jswb/* ... */.JdKDN9YX/* ... */;
      // ISSUE: explicit reference operation
      // ISSUE: variable of a reference type
      string& keypath = @olw48CagNqKpmDleguA;
      string zkpk2Ax1Q44ZvmyRpA = Xpg7jswb/* ... */.gNqKPmDL/* ... */;
      // ISSUE: explicit reference operation
      // ISSUE: variable of a reference type
      string& keyname = @zkpk2Ax1Q44ZvmyRpA;
      // ...

and of course, the many gratuitous reference function arguments, because in vb.net, for backwards compatibility, function arguments are always passed by reference if you don't specify otherwise. oh and all the classes full of static methods that are obvious vb modules. it's all very vb

Powaqoatse posted:

also please dont troll negrotown (i hope thats what it was)

nein tyrante

e: unbroke tables

hackbunny fucked around with this message at 06:31 on Jan 17, 2017

# ? Jan 17, 2017 06:24

Bulgakov: Mar 8, 2009; рукописи не горят

lol

it all seems so heavily petty and quaint

so much half-effort in the name of chasing bigger personal aspirations, all within a sociopolitical construct foreign to me

# ? Jan 17, 2017 06:33

Proteus Jones: Feb 28, 2013

hackbunny posted:

fun fact: they kept the information stolen from other freemasons in a folder (or category, I should reread the report) called "BROS". spankmeister gave a good summary of freemasons in italy and their historical significance

I see they went to the Ross Ulbricht School of Covering Your Tracks.

# ? Jan 17, 2017 06:59

RISCy Business: Jun 17, 2015; bork bork bork bork bork bork bork bork bork bork bork bork bork bork bork bork bork bork bork bork bork bork bork bork bork bork bork bork bork bork bork bork bork bork bork bork bork bork bork bork bork bork bork bork bork bork bork bork bork bork bork bork bork bork bork bork bork bork bork bork; Fun Shoe

https://twitter.com/DaveManouchehri/status/819746837544452096

:nsacloud:

# ? Jan 17, 2017 07:04

Progressive JPEG: Feb 19, 2003

abraham linkedin posted:

https://twitter.com/DaveManouchehri/status/819746837544452096

i like how

i also like how they have a banner at the top of the page for a recall notice on a different model

# ? Jan 17, 2017 07:12

Lain Iwakura: Aug 5, 2004; The body exists only to verify one's own existence.; Taco Defender

abraham linkedin posted:

https://twitter.com/DaveManouchehri/status/819746837544452096

I have had my Samsung washer leak from having a sock in the gasket. I cannot wait to have it gush all over the floor when it gets owned or gets a faulty update.

# ? Jan 17, 2017 07:53

spankmeister: Jun 15, 2008

hackbunny posted:

Did you try de4dot? (and then ilspy)

# ? Jan 17, 2017 07:54

Adbot: ADBOT LOVES YOU

# ? May 15, 2024 20:31

Jimmy Carter: Nov 3, 2005; THIS MOTHERDUCKER
FLIES IN STYLE

Kazinsal posted:

they charge you fifteen bucks to wrap your bag with a pound of cling wrap

the last time I visited Miami there was a huge fiasco over this http://www.miamiherald.com/news/local/community/miami-dade/article40311909.html

# ? Jan 17, 2017 08:56

The Something Awful Forums > Discussion > Serious Hardware/Software Crap > YOSPOS > Security Fuckup Megathread - v13.69 - plugins may violate privacy

«‹›216 »