|
|
#
?
Apr 16, 2017 17:18
|
|
|
|
| # ? May 17, 2024 19:00 |
|
|
Powaqoatse posted:i know itd just be fun to have a piece of paper on official intelligence letterhead saying "yea this kid is a goddamned commie and probably smoked weeed" there used to be a list of adjudication decisions online regarding clearances, but I can't seem to find it at the moment. in your example it would probably be listed as "person has deep and undisclosed ties to groups that have a stated goal of undermining the goverment. was not truthful about past drug use. clearance denied."
|
|
#
?
Apr 16, 2017 17:19
|
|
|
Actually-I-was-wrong-the-accused-is-not-guilty-and-as-prosecutor-I.rest
|
|
#
?
Apr 16, 2017 17:20
|
|
|
lmao what channel?
|
|
#
?
Apr 16, 2017 17:20
|
|
|
#r_netsec on freenode he has since left
|
|
#
?
Apr 16, 2017 17:21
|
|
|
Mr. Nice! posted:there used to be a list of adjudication decisions online regarding clearances, but I can't seem to find it at the moment. in your example it would probably be listed as "person has deep and undisclosed ties to groups that have a stated goal of undermining the goverment. was not truthful about past drug use. clearance denied." http://ogc.osd.mil/doha/industrial/2017.html this year's crop is pretty boring so far
|
|
#
?
Apr 16, 2017 17:26
|
|
|
quote:Applicant purchased proprietary software from a major competitor using a shell company as the purchaser without disclosing his affiliation with the real purchaser in interest. He based his concealment of his employer on his not wanting the seller to know his real employer. When later completing his security clearance application, Applicant deliberately omitted the Company B federal lawsuit from his application. Personal conduct concerns are not mitigated. Clearance is denied. CASE NO: 15-01014.h1
|
|
#
?
Apr 16, 2017 17:28
|
|
|
MononcQc posted:Actually-I-was-wrong-the-accused-is-not-guilty-and-as-prosecutor-I.rest not a prosecutor, but
|
|
#
?
Apr 16, 2017 17:30
|
|
|
pseudorandom name posted:http://ogc.osd.mil/doha/industrial/2017.html keep in mind too that these are just department of defense clearances, ic would have even better stuff in theirs
|
|
#
?
Apr 16, 2017 17:32
|
|
|
pseudorandom name posted:http://ogc.osd.mil/doha/industrial/2017.html
|
|
#
?
Apr 16, 2017 17:33
|
|
|
quote:Applicant credibly testified that he did not meet woman X for sex or to break the
|
|
#
?
Apr 16, 2017 17:51
|
|
|
Midjack posted:keep in mind too that these are just department of defense clearances, ic would have even better stuff in theirs About 2/3s of the ic is under the dod, including the nsa. The big ones that aren't are the cia and fbi.
|
|
#
?
Apr 16, 2017 18:12
|
|
|
i think you might have found an application for forum user tumor looking batty there
|
|
#
?
Apr 16, 2017 18:28
|
|
|
|
|
#
?
Apr 16, 2017 20:31
|
|
|
spankmeister posted:Nice way to make yourself not look like an idiot because you had a bog-standard DLL hijacking vulnerability. I don't think there was actually a vulnerability, they were just replacing the DLL inside program files and the signing is more of a "gently caress you" than an increase in security
|
|
#
?
Apr 16, 2017 20:57
|
|
|
yeah it looks like it loads the dll from the same directory as the exe, so it's not a secfuck at all
|
|
#
?
Apr 16, 2017 23:45
|
|
|
vOv posted:yeah it looks like it loads the dll from the same directory as the exe, so it's not a secfuck at all
|
|
#
?
Apr 17, 2017 00:42
|
|
|
Security Fuckup Megathread - airtight hatchway, etc etc
|
|
#
?
Apr 17, 2017 04:15
|
|
|
 except a tumor pops out
|
|
#
?
Apr 17, 2017 04:56
|
|
|
vOv posted:yeah it looks like it loads the dll from the same directory as the exe, so it's not a secfuck at all actually,
|
|
#
?
Apr 17, 2017 09:54
|
|
|
Shaggar posted:2 factor windows sign in is coming soon so maybe they could add that to DPAPI so you get a push notification on your phone when something wants to pull something out of DPAPI like a web credential.
|
|
#
?
Apr 17, 2017 14:47
|
|
|
itym 
|
|
#
?
Apr 17, 2017 15:18
|
|
|
A/V continues to be the skid mark in the underwear of Info Sec. https://arstechnica.com/information-technology/2017/04/the-mystery-of-the-malware-that-wasnt/ quote:One of the vendors had provided a set of malware samples to test—48 files in an archive stored in the vendor's Box cloud storage account. The vendor providing those samples was Cylance, the information security company behind Protect, a "next generation" endpoint protection system built on machine learning. In testing, Protect identified all 48 of the samples as malicious, while competing products flagged most but not all of them. Curious, the engineer took a closer look at the files in question—and found that seven weren't malware at all.
|
|
#
?
Apr 17, 2017 15:28
|
|
|
the most aggressively stupid coworker got laid off during layoffs at work last year and now works at cylance where his official title is "wizard". I have no clue what he's doing there and I know he lied about his degree and it would be painful obvious to any hiring manager just talking to him
|
|
#
?
Apr 17, 2017 15:57
|
|
|
flosofl posted:A/V continues to be the skid mark in the underwear of Info Sec. What a shocker. Cylance lying about its product?
|
|
#
?
Apr 17, 2017 16:08
|
|
|
i just overheard our sysadmin talking about how much he loves getting targeted advertising because it's helpful and he's okay with them harvesting all his data because "it's anonymous"
|
|
#
?
Apr 17, 2017 16:29
|
|
|
ate all the Oreos posted:i just overheard our sysadmin talking about how much he loves getting targeted advertising because it's helpful and he's okay with them harvesting all his data because "it's anonymous" He knows they're listening
|
|
#
?
Apr 17, 2017 16:36
|
|
|
spankmeister posted:actually, it's an interesting fact that's often overlooked! everything in a program's directory becomes part of that program, often unintentionally. beware of running setup programs straight from your download directory!
|
|
#
?
Apr 17, 2017 16:53
|
|
|
ate all the Oreos posted:i just overheard our sysadmin talking about how much he loves getting targeted advertising because it's helpful and he's okay with them harvesting all his data because "it's anonymous" lol forever at people who think like this most that I know work for advertising companies and rationalize their own line of work like this so they can pretend that what they do isn't profoundly unethical see also: people working for "relevant marketing" companies and insisting that what they do isn't advertising at all
|
|
#
?
Apr 17, 2017 17:27
|
|
|
COACHS SPORT BAR posted:lol forever at people who think like this I would "lol" at them, except that their idiocy makes my life worse and some of them get elected.
|
|
#
?
Apr 17, 2017 17:31
|
|
|
flosofl posted:A/V continues to be the skid mark in the underwear of Info Sec. less a skid mark, more a full-on brick
|
|
#
?
Apr 17, 2017 17:41
|
|
|
OSI bean dip posted:What a shocker. Cylance lying about its product? lol selling a prettier ui to a DenyAll AppLocker policy and charging money for it is kinda brilliant but yeah cylance stank like poo poo from the word go
|
|
#
?
Apr 18, 2017 00:03
|
|
|
gonna make my own av program. just gonna be something that makes a windows process that wastes a few resources doing nothing, puts something into the tray, pops up notifications twice a day saying you aren't protected or you should upgrade to the gold platinum plus package, and then when you do a manual scan, it just moves a status bar to 100% slowly. probably less bad than the major av's
|
|
#
?
Apr 18, 2017 01:28
|
|
|
i don't have much opinion about av products these days. coincidentally i am no longer a teenager trying to download game cracks and porn mag scans from sketchy ftps
|
|
#
?
Apr 18, 2017 01:42
|
|
|
Wild EEPROM posted:gonna make my own av program. yeah uh i think the average popup ad has you beaten by a decade and a half by now
|
|
#
?
Apr 18, 2017 02:01
|
|
|
Lutha Mahtin posted:i don't have much opinion about av products these days. coincidentally i am no longer a teenager trying to download game cracks and porn mag scans from sketchy ftps well then what the gently caress are you doing posting in yospos
|
|
#
?
Apr 18, 2017 02:07
|
|
|
Wild EEPROM posted:gonna make my own av program. there's kits floating around that will basically let you sell a program that uses the windows defender/mse engine and definitions files to do the scan while letting you sell the product and take a cut of the money.. so basically you get a "real" antivirus for your idiot grandma customers that will work as well as any other, and its easier than faking it.
|
|
#
?
Apr 18, 2017 02:14
|
|
|
also right now delta.com loads fine over http but the connection consistently times out over https so there's clearly a security fuckup in progress
|
|
#
?
Apr 18, 2017 02:34
|
|
|
inline elements denied boarding
|
|
#
?
Apr 18, 2017 02:57
|
|
|
|
| # ? May 17, 2024 19:00 |
|
|
Thanks Ants posted:less a skid mark, more a full-on brick https://www.youtube.com/watch?v=swXrBKoTVv4 quote:Cylance creates test methodology where they pack malware with Mpress or VMProtect. CylanceProtect detects every software packed with Mpress or VMProtect as malicious. I even found strings in one of their files where it mentions Mpress or VMprotect. Cylance denies this is their file, they claim it must be malware. I created this video to proof this is their file, as it is digitally signed by Cylance ... I've been around Cylance employees touting that they are hottest poo poo on the planet about their "cutting edge AV". It's good to see that cutting edge technology has to do with just flagging the attributes that normal files have.
|
|
#
?
Apr 18, 2017 03:08
|
|
