|
Cocoa Crispies posted:even warning you that it's a non-https connection to that server is a very recent thing https://twitter.com/internetofshit/status/847444546741047297
|
# ? Apr 3, 2017 07:49 |
|
|
# ? May 15, 2024 21:10 |
|
CrazyLittle posted:yes because browser stores are notoriously insecure. Firefox used to store in clear text the number 1 reason you're using randomly generated passwords and using a password manager is when a random site gets its login information leaked, all your logins everywhere are not immediately hosed. if you have malware on your computer that can leak your browser's password database, you're already dead. if your browser vendor's cloud sync platform gets popped, welp,
|
# ? Apr 3, 2017 07:52 |
|
pseudorandom name posted:Firefox Sync used to use strong crypto which required you to pair new devices with an existing client to do the key exchange, but users were too stupid to understand the concept and thought Sync was a backup mechanism and got mad when they lost everything when they deleted all their Firefox installs i'm not too stupid to understand the concept, but i wanted to sync my bookmarks from my home computer to my work laptop and it told me to type the code that's displayed on my home computer's screen (or other way around, i don't remember). anyway it was unusable unless i remembered to specifically prepare for the sync process
|
# ? Apr 3, 2017 07:57 |
|
Wheany posted:the number 1 reason you're using randomly generated passwords and using a password manager is when a random site gets its login information leaked, all your logins everywhere are not immediately hosed. there could also just be an exploit that lets someone read arbitrary files as you but doesn't give them code execution or anything someone post the warning ie6 displayed when you were connecting over https
|
# ? Apr 3, 2017 08:02 |
|
|
# ? Apr 3, 2017 08:22 |
|
https://twitter.com/FakeUnicode/status/848836903860289536
|
# ? Apr 3, 2017 11:09 |
|
microsoft: "WARNING! THINGS ARE OKAY. IS THAT OKAY? *CLICKS OK*"
|
# ? Apr 3, 2017 12:37 |
|
haha, legit a funny one, though it will not have a whole lot of impact
|
# ? Apr 3, 2017 12:43 |
|
I DON'T CLICK LEARN MORE
|
# ? Apr 3, 2017 12:48 |
|
ate all the Oreos posted:I DON'T CLICK LEARN MORE learning is for nerds
|
# ? Apr 3, 2017 13:40 |
|
minivanmegafun posted:learning is for nerds
|
# ? Apr 3, 2017 13:45 |
|
Today in the secfuck thread: "if you suddenly get weird new popups in your browser, be sure to click on them"
|
# ? Apr 3, 2017 13:50 |
|
|
# ? Apr 3, 2017 13:53 |
|
ate all the Oreos posted:I DON'T CLICK LEARN MORE
|
# ? Apr 3, 2017 13:55 |
|
Wheany posted:Today in the secfuck thread: "if you suddenly get weird new popups in your browser, be sure to click on them" clicking inside a web page can't really do anything that the web page couldn't already do
|
# ? Apr 3, 2017 13:58 |
|
Wheany posted:Today in the secfuck thread: "if you suddenly get weird new popups in your browser, be sure to click on them" i mean, i'm all for people not clicking on random popups, but how do you propose a browser implement a new feature like this? this will all be over in a month or two and then people will know that this particular popup is by mozilla telling them the website is poo poo and people will go on with their lives
|
# ? Apr 3, 2017 13:59 |
|
i think the better part is the person who used google's predictive search to gauge how real something was, like i don't even think they actually hit enter on the search they just waited to see if google would suggest the thing they said and deemed it suspicious when it didn't i mean that's clever in a really stupid way i guess?
|
# ? Apr 3, 2017 14:05 |
|
Dylan16807 posted:clicking inside a web page can't really do anything that the web page couldn't already do how can the user tell the difference between a safe thing to click and a non-safe thing?
|
# ? Apr 3, 2017 14:45 |
|
Truga posted:i mean, i'm all for people not clicking on random popups, but how do you propose a browser implement a new feature like this? stick it in the url field like what chome does w/ the / across the http. also the learned behavior will be "oh firefox always gives that error and nothing happens so I click ignore"
|
# ? Apr 3, 2017 14:56 |
|
Unicode was a mistake.
|
# ? Apr 3, 2017 14:58 |
|
I ▯ UNICODE would still be a good t-shirt
|
# ? Apr 3, 2017 15:04 |
|
unicode sure has a ton of useless control characters
|
# ? Apr 3, 2017 15:04 |
|
Wheany posted:how can the user tell the difference between a safe thing to click and a non-safe thing? make it an actual clear OS popup window or something more closely integrated in the browser that doesn't look like it's just part of the website would be a good start, i mean it wouldn't catch the idiots who fall for those fake windows XP popup adds about YOUR COMPUTER HAS 5 MILLION VIRUSES but they're kinda beyond saving anyway
|
# ? Apr 3, 2017 15:09 |
|
Wheany posted:wanted to sync my bookmarks from my home computer to my work laptop use xmarks for this, but disable browser syncing of bookmarks or you may get duplicates
|
# ? Apr 3, 2017 15:09 |
|
or just completely block submitting passwords on non-https and watch the lols
|
# ? Apr 3, 2017 15:09 |
|
quote:Beau du Jour found that the Siime Eye creates a WiFi internet access point whose password, by default, is "88888888." That way, anyone in range can connect to it by guessing the simple password, as he explained in a blog post published on Monday. By looking at the code of the mobile app that comes with the dildo, the researcher also found that once on the dildo's WiFi, you can access its webserver. This has a login portal, but the user is "admin" and the password is blank.
|
# ? Apr 3, 2017 15:12 |
|
why does a dildo have a webserver why does a dildo have a webserver
|
# ? Apr 3, 2017 15:16 |
|
a radiation source, built by the lowest bidder, inserted into the body cavity where your gonads are doesn't sound too smart even before you get stupid iot poo poo like web servers involved
|
# ? Apr 3, 2017 15:17 |
|
ate all the Oreos posted:why does a dildo have a webserver how else are you going to get the images from the camera?
|
# ? Apr 3, 2017 15:20 |
|
pseudorandom name posted:how else are you going to get the images from the camera? std card
|
# ? Apr 3, 2017 15:21 |
|
https://twitter.com/feldpos/status/848554527204794368
|
# ? Apr 3, 2017 15:22 |
|
yes heart-eye emoji i sure am enjoying that discussion
|
# ? Apr 3, 2017 15:23 |
|
ate all the Oreos posted:why does a dildo have a webserver ever heard of penetration testing
|
# ? Apr 3, 2017 15:23 |
|
Meat Beat Agent posted:ever heard of penetration testing booooooooo
|
# ? Apr 3, 2017 15:23 |
|
ate all the Oreos posted:or just completely block submitting passwords on non-https and watch the lols this is the correct choice tbh it'll have worked for symantec
|
# ? Apr 3, 2017 15:25 |
|
ate all the Oreos posted:why does a dildo have a webserver Security Fuckup Megathread v13.4 - why does a dildo have a webserver
|
# ? Apr 3, 2017 15:29 |
|
two idiots having an idiot-off
|
# ? Apr 3, 2017 15:29 |
|
Pikavangelist posted:Security Fuckup Megathread v13.4 - why does a dildo have a webserver what does
|
# ? Apr 3, 2017 15:30 |
|
Pikavangelist posted:Security Fuckup Megathread v13.4 - why does a dildo have a webserver
|
# ? Apr 3, 2017 15:31 |
|
|
# ? May 15, 2024 21:10 |
|
flakeloaf posted:I ▯ UNICODE would still be a good t-shirt I had a I � Unicode shirt a few years ago.
|
# ? Apr 3, 2017 15:34 |