|
Cocoa Crispies posted:authenticating software loads on par with a fuckin' iphone 5s
|
# ? May 30, 2017 03:23 |
|
|
# ? May 22, 2024 16:17 |
|
ratbert90 posted:yo momma has a bunch of open back doors. yo moma outgrew fat32
|
# ? May 30, 2017 05:44 |
|
Cocoa Crispies posted:authenticating software loads on par with a fuckin' iphone 5s if your iPheart dies while you're Facebooking you also die in real life
|
# ? May 30, 2017 05:58 |
|
lmfao https://twitter.com/mikeloss/status/869169958588043265
|
# ? May 30, 2017 06:24 |
|
Bulgogi Hoagie posted:heathrow is having major computer problem, wouldn't be surprised if it's related to the wannacry stuff your run of the mill incompetence Vis-à-vis outsourcing, not testing the backups, and getting rid of senior developers.
|
# ? May 30, 2017 06:45 |
|
a few thoughts on the whole implanted device thing: "if they're in the same room, they could stab you, therefore" murdering someone in a more conventional fashion leaves behind clues that are generally well known and understood by forensic investigators. the first wave of murders-by-ssh will probably be understood as device malfunctions, especially if the device doesn't freeze it's state & firmware at the time of death. this goes double for medical infrastructure that's subject to protest like clinics providing abortion services or hospitals run by/catering to certain groups. "companies are probably really interested in not getting blamed/sued" if the first wave is going to be misunderstood as failure, i'm legit concerned that further fuckery will be handled in the same way that auto manufacturer handled some incidents, where some mba geniuses cost benefited recall expenditures versus lawsuits and opted to hide risks from their customers. if companies aren't held to the highest standards right off the bat, case law and revenue models will form in a way that supports the low security status quo. i 100% that there are more pressing & systemic issues with healthcare security, but between the boomer cohort entering geriatric care and the proliferation of implantable devices, if manufacturers & providers aren't proactive about security concerns, we're heading towards a critical mass of problems in the next decade
|
# ? May 30, 2017 07:28 |
|
surebet posted:i'm legit concerned that further fuckery will be handled in the same way that auto manufacturer handled some incidents, where some mba geniuses cost benefited recall expenditures versus lawsuits and opted to hide risks from their customers. that's fight club
|
# ? May 30, 2017 07:31 |
|
Trabisnikof posted:What part of attacking a pacemaker requires nation state level actors? Right so to even attempt this you need 1. To know the exact model of pacemaker you victim has 2. to buy at least 1 pacemaker of the same type as your target 3. to buy the hardware needed to programme the device 4. the knowledge to reverse engineer and rewrite the firmware for this device 5. a good enough knowledge of physiology to make your changes harmful 6. have access to all of the above and be willing to kill someone Then once you've spent $100,000 and 3 months doing all this, you need to following someone down the street a foot away with a laptop and antenna for the time it takes to update the hardware Meanwhile script kiddies may have actually killed someone with wanna cry because a large number of surgeries had to be cancelled because records couldn't be accessed. Windows XP: a bigger threat to your health than some mastabatory fantasy about death rays. quote:if the first wave
|
# ? May 30, 2017 08:00 |
|
And what if they're using Windows XP to run the pacemaker, eh?
|
# ? May 30, 2017 08:14 |
|
jre posted:That's an unfortunate example you chose there because it required, get this you think I'm talking about stuxnet sport, why don't you chuck your computer in the garbage and then yourself
|
# ? May 30, 2017 08:26 |
|
could you, like, chill, yo
|
# ? May 30, 2017 08:31 |
|
infernal machines posted:they don't require signed binaries either, so it's not impossible that a compromised binary could end up on a legitimate system and affect multiple patients we were talking about this at work the other day, but has there ever been a documented case of bad firmware implementing stringent binary signing and essentially locking the manufacturer out of further updates?
|
# ? May 30, 2017 08:46 |
|
CommunistPancake posted:that's fight club https://en.wikipedia.org/wiki/Ford_Pinto#Cost-benefit_analysis.2C_the_Pinto_Memo
|
# ? May 30, 2017 09:23 |
|
Doom Mathematic posted:And what if they're using Windows XP to run the pacemaker, eh? Windows Embedded surely?
|
# ? May 30, 2017 09:24 |
|
lol I was just there a couple days ago https://twitter.com/wvualphasoldier/status/869264987843432449
|
# ? May 30, 2017 09:29 |
|
Paging luigi30: https://twitter.com/Twylo/status/864655680514342912
|
# ? May 30, 2017 12:14 |
|
i changed my username on the forums. give me something infosec-y that i can use for an avatar
|
# ? May 30, 2017 15:37 |
Lain Iwakura posted:i changed my username on the forums. give me something infosec-y that i can use for an avatar
|
|
# ? May 30, 2017 15:41 |
|
Lain Iwakura posted:i changed my username on the forums. give me something infosec-y that i can use for an avatar i mean, like half the screens from serial experiments lain probably qualify as computery enough, but then youll get chain banned for anime when you post.
|
# ? May 30, 2017 15:41 |
|
cis autodrag posted:i mean, like half the screens from serial experiments lain probably qualify as computery enough, but then youll get chain banned for anime when you post. sounds like a plan to me
|
# ? May 30, 2017 15:43 |
|
ultramiraculous posted:we were talking about this at work the other day, but has there ever been a documented case of bad firmware implementing stringent binary signing and essentially locking the manufacturer out of further updates? this actually rings a bell, but i can't remember any details.
|
# ? May 30, 2017 15:57 |
|
this is pretty good. consider it a candidate also an anime avatar is not the end of the world in yospos
|
# ? May 30, 2017 15:59 |
|
Lain Iwakura posted:this is pretty good. consider it a candidate See forums poster Smoka for anime insights
|
# ? May 30, 2017 16:10 |
|
Lain Iwakura posted:i changed my username on the forums. give me something infosec-y that i can use for an avatar i hear canpol is a good source of avatars
|
# ? May 30, 2017 16:11 |
|
you know the drill https://twitter.com/taviso/status/869545056239104000
|
# ? May 30, 2017 16:13 |
|
flakeloaf posted:i hear canpol is a good source of avatars I don't have any compsci students to annoy though.
|
# ? May 30, 2017 16:22 |
|
only sort of a secfuck but apparently people have been getting banned from nintendo's online 3ds stuff for having custom firmware on their 3dses even if they don't hack in multiplayer or pirate games. nobody knows for sure how nintendo's checking but there's a bunch of telemetry enabled by default which iirc includes a log of what applications are run, and so they might just be banning everyone that runs an app on a blacklist of common cfw apps like FBI (which manages custom apps, cause they're stored in .cia files ) of course you're not banned from the eshop because nintendo will still happily take money from you, they're not *completely* dumb
|
# ? May 30, 2017 17:12 |
|
Lain Iwakura posted:i changed my username on the forums. give me something infosec-y that i can use for an avatar not very info seccy name imo
|
# ? May 30, 2017 17:23 |
|
https://twitter.com/mikko/status/869539641090867200
|
# ? May 30, 2017 18:15 |
|
Lain Iwakura posted:this is pretty good. consider it a candidate yup
|
# ? May 30, 2017 18:17 |
|
i'll miss the bean dip jokes
|
# ? May 30, 2017 18:31 |
|
what is illusive and why is my enterprise talking about dark web security
|
# ? May 30, 2017 18:55 |
|
Nice A ton of my classes used blackboard when I was in college
|
# ? May 30, 2017 19:14 |
|
cool now post the moodle one
|
# ? May 30, 2017 19:14 |
|
That's a classmate of mine. Nice to see his project getting some traction.
|
# ? May 30, 2017 19:37 |
|
blackboard has been a piece of poo poo as far back as 2005 when some of my college courses used it. some super basic poo poo like being able to "review" the correct answers for a test you just started on, and viewing other students submitted work
|
# ? May 30, 2017 19:38 |
|
I should point out that in this case it's the crappy implementation of Blackboard that the University of Amsterdam did that causes most of these issues, not Blackboard itself...
|
# ? May 30, 2017 19:40 |
|
vOv posted:only sort of a secfuck but apparently people have been getting banned from nintendo's online 3ds stuff for having custom firmware on their 3dses even if they don't hack in multiplayer or pirate games. nobody knows for sure how nintendo's checking but there's a bunch of telemetry enabled by default which iirc includes a log of what applications are run, and so they might just be banning everyone that runs an app on a blacklist of common cfw apps like FBI (which manages custom apps, cause they're stored in .cia files ) also since it's idiot video game people, it's impossible to get solid data out of them to figure out what exactly happened. I only say this because I'm annoyed that there are 15 articles about how just having a capture card might blacklist you ~but no one is sure exactly why or how~
|
# ? May 30, 2017 19:46 |
|
https://stablebit.com/CloudDrive is this a secfuck, someone linked it in a group chat i'm in
|
# ? May 30, 2017 20:19 |
|
|
# ? May 22, 2024 16:17 |
|
spankmeister posted:I should point out that in this case it's the crappy implementation of Blackboard that the University of Amsterdam did that causes most of these issues, not Blackboard itself... they're probably not alone in crappy blackboard implementations though
|
# ? May 30, 2017 20:31 |