|
i'm here in my room saying some real terrorist stuff and there's no way amber rudd is ever going to find out what it is
|
# ? Mar 26, 2017 13:22 |
|
|
# ? May 17, 2024 01:40 |
|
https://twitter.com/thegrugq/status/845972521761624065
|
# ? Mar 26, 2017 13:57 |
|
Here's some cool walkthroughs of malware reverse engineering: https://vimeo.com/203252505 https://vimeo.com/203356169 https://vimeo.com/208229269 There's some more here: https://vimeo.com/oalabs/videos These guys just started posting these, hopefully they'll keep doing more.
|
# ? Mar 26, 2017 15:21 |
|
big scary monsters posted:i'm here in my room saying some real terrorist stuff and there's no way amber rudd is ever going to find out what it is i'm going to tell on you
|
# ? Mar 26, 2017 17:06 |
|
big scary monsters posted:i'm here in my room saying some real terrorist stuff and there's no way amber rudd is ever going to find out what it is could you speak up a bit, or at least get a bit closer to your television please?
|
# ? Mar 26, 2017 17:41 |
|
Loving Africa Chaps posted:Backdoors are so in again darling The UK is such poo poo.
|
# ? Mar 26, 2017 17:50 |
|
ate poo poo on live tv posted:You call the bank on the phone? whats this phone thing
|
# ? Mar 26, 2017 18:44 |
|
goddamnedtwisto posted:could you speak up a bit, or at least get a bit closer to your television please? I think you mean microwave.
|
# ? Mar 26, 2017 21:44 |
|
how did he get a process to run from chome in the first place?
|
# ? Mar 26, 2017 21:54 |
|
NPAPI plugin wrapper, judging by the name of the lastpass process
|
# ? Mar 26, 2017 22:01 |
|
Westie posted:the forums are so old most exploits probably aren't in it Can you still log in using plain HTTP?
|
# ? Mar 26, 2017 22:02 |
|
Meat Beat Agent posted:NPAPI plugin wrapper, judging by the name of the lastpass process I thought they got rid of that.
|
# ? Mar 26, 2017 22:08 |
|
Shaggar posted:I thought they got rid of that. Doom Mathematic posted:Can you still log in using plain HTTP?
|
# ? Mar 26, 2017 22:15 |
|
PCjr sidecar posted:http://www.bailis.org/papers/acidrain-sigmod2017.pdf lol, ofc daniel kerr is his usual self in the bug reports: https://github.com/opencart/opencart/issues/4811#issuecomment-242966671 https://github.com/opencart/opencart/issues/4812#issuecomment-242966713
|
# ? Mar 26, 2017 23:24 |
|
compuserved posted:lol, ofc daniel kerr is his usual self in the bug reports: god bless him
|
# ? Mar 26, 2017 23:37 |
|
compuserved posted:lol, ofc daniel kerr is his usual self in the bug reports: https://github.com/opencart/opencart/blob/master/upload/install/opencart.sql i know this is probably the least interesting thing about the dumpsterfire that is opencast but omg MyISAM tables in tyool 2017 for those of you that aren't familiar with mysql's bad decisions pre 5.0 myisam doesn't support transactions minivanmegafun fucked around with this message at 23:47 on Mar 26, 2017 |
# ? Mar 26, 2017 23:43 |
|
minivanmegafun posted:myisam doesn't support transactions aren't you a fragile flower
|
# ? Mar 27, 2017 00:12 |
|
compuserved posted:lol, ofc daniel kerr is his usual self in the bug reports: finally finished reading the paper and the authors mention kerr's reaction lol http://www.bailis.org/papers/acidrain-sigmod2017.pdf posted:In contrast, the developer of OpenCart responded to the inventory vulnerability by posting a comment—“use your brain! its [sic] not hard to come up with a solution that does not involve coding!”—then closed both the inventory and voucher vulnerability issues and blocked us from responding. compuserved fucked around with this message at 01:04 on Mar 27, 2017 |
# ? Mar 27, 2017 00:59 |
|
Shaggar posted:how did he get a process to run from chome in the first place? The browser extensions have an optional binary component that allows them to do things beyond what the browser will let them do. https://lastpass.com/support.php?cmd=showfaq&id=826 I'm 90% sure that's what nplastpass.exe is.
|
# ? Mar 27, 2017 01:07 |
|
minivanmegafun posted:https://github.com/opencart/opencart/blob/master/upload/install/opencart.sql didn't it not have foreign keys or maybe that's all of MySqueal? IDK I use that as a job listing filter so hopefully I'll never have to care about it (again)
|
# ? Mar 27, 2017 01:09 |
|
Munkeymon posted:didn't it not have foreign keys or maybe that's all of MySqueal? IDK I use that as a job listing filter so hopefully I'll never have to care about it (again) yeah FK constraints aren't possible using MyISAM tables either. both of theses issues are fixed in InnoDB but it's Not Free as MyISAM or at least wasn't until recently I forget
|
# ? Mar 27, 2017 01:36 |
|
big scary monsters posted:i'm here in my room saying some real terrorist stuff and there's no way amber rudd is ever going to find out what it is what terrorist hashtags are you using, are they the necessary ones i bet they're the necessary ones
|
# ? Mar 27, 2017 03:52 |
|
CrazyLittle posted:probably charging for assigning a public ip quote:The $20/month fee is for your entire account. So no matter how many sites you transition to SSL, the cost is still going to be $20/month. The reason we charge for SSL is that we spin up a server just for your account when we implement SSL. This provides your site with a unique IP address, and a unique server, not a shared asset as the rest of Cloud Sites is implemented. I see there's also a little confusion about why you can't access a Cloud Site using the IP address, rather than the domain name. The IP address for your site is tied to a load balancer that is associated with a particular data pod. Because that loadbalancer is a shared resource, the same IP address is shared with many other accounts. Our system needs to parse the domain name in order to determine which content to retrieve and serve. I hope this clears up any questions you have.
|
# ? Mar 27, 2017 04:20 |
|
Loving Africa Chaps posted:Lol it got better people who don't even know what a loving hashtag is want to break encryption please loving murder me
|
# ? Mar 27, 2017 04:43 |
|
anthonypants posted:the support guy just got back to me Is this overall a good or bad way to run this sort of thing?
|
# ? Mar 27, 2017 05:12 |
|
generally, if you're doing something that profits off ssl, you don't want some shitlord's homegrown nope.js app or ancient wordpress installs anywhere near it, so it's good practice that they do this, but what their motivation for doing it is, i dunno
|
# ? Mar 27, 2017 05:16 |
|
Truga posted:generally, if you're doing something that profits off ssl, you don't want some shitlord's homegrown nope.js app or ancient wordpress installs anywhere near it, so it's good practice that they do this, but what their motivation for doing it is, i dunno if the question is "why does a business do a thing" the answer is "because they think it will make them money somehow"
|
# ? Mar 27, 2017 06:23 |
|
Truga posted:generally, if you're doing something that profits off ssl, you don't want some shitlord's homegrown nope.js app or ancient wordpress installs anywhere near it, so it's good practice that they do this, but what their motivation for doing it is, i dunno Before the SNI days (IE6 times) a unique IP address was a hard requirement for using SSL on your web sight. Web hosters would charge you extra for that. Guess they just never stopped doing that. minivanmegafun posted:yeah FK constraints aren't possible using MyISAM tables either. Innodb is dual licensed but one of them is gpl so only the most of purists would care.
|
# ? Mar 27, 2017 06:49 |
|
I think IE 7 or 8 or maybe java 6 also had problems w/ SNI. i ran into this not too long ago
|
# ? Mar 27, 2017 08:42 |
|
geonetix posted:I think IE 7 or 8 or maybe java 6 also had problems w/ SNI. i ran into this not too long ago Correct but only on XP, IE 7 and 8 on Vista and up supports SNI. Java 6 for sure but there are lot of other reasons why Java 6's TLS implementation sucks rear end.
|
# ? Mar 27, 2017 08:46 |
|
Some people, despite using SNI, still want dedicated IP addresses to avoid having their sites share IPs with some undesirable websites.
|
# ? Mar 27, 2017 12:37 |
|
notably, nobody who uses a commercial CDN of any size
|
# ? Mar 27, 2017 12:42 |
|
Register reporting on an IoT Dishwasher's web server vulnerability: https://www.theregister.co.uk/2017/03/26/miele_joins_internetofst_hall_of_shame/
|
# ? Mar 27, 2017 17:14 |
|
Soylent Pudding posted:Register reporting on an IoT Dishwasher's web server vulnerability: https://www.theregister.co.uk/2017/03/26/miele_joins_internetofst_hall_of_shame/ better to not link to el reg http://seclists.org/fulldisclosure/2017/Mar/63 quote:[CVE-2017-7240] Miele Professional PG 8528 - Web Server Directory Traversal
|
# ? Mar 27, 2017 17:39 |
|
meh, directory traversal is small beer
|
# ? Mar 27, 2017 17:41 |
|
also it's for a lab tool washer, not a dishwasher
|
# ? Mar 27, 2017 17:40 |
|
oh so its our old friend SCADA not our new friend IoT
|
# ? Mar 27, 2017 18:23 |
|
Subjunctive posted:notably, nobody who uses a commercial CDN of any size had them once where a customer had the reverse IP lookup and found their commercial site to be sharing IPs(and in some cases with places like cloudflare, actual certificates) with porn websites and freaked out a whole lot.
|
# ? Mar 27, 2017 18:24 |
|
uhh why is SA trying to load flash player, i'm getting the "plugin blocked" thing when I load the page
|
# ? Mar 27, 2017 18:44 |
|
|
# ? May 17, 2024 01:40 |
|
ate all the Oreos posted:uhh why is SA trying to load flash player, i'm getting the "plugin blocked" thing when I load the page almost certainly an ad
|
# ? Mar 27, 2017 18:45 |