|
Maximum Leader posted:how illegal would this be? Depends on the situation. Most military bases in the southwest US like in the middle of cities etc, are pretty chill about people coming on them. Lots even have public spaces for people to actually come have a picnic and visit on-base housing. Kirtland, Holloman, and Lackland are the ones I went to fairly often. I suppose if you are an idiot you could be charged with espionage or something.
|
#
?
Jul 14, 2017 15:53
|
|
|
|
| # ? May 15, 2024 01:51 |
|
|
ate poo poo on live tv posted:Depends on the situation. Most military bases in the southwest US like in the middle of cities etc, are pretty chill about people coming on them. Lots even have public spaces for people to actually come have a picnic and visit on-base housing. to put it in context the security gate and badge check i'm talking about didn't even exist until 2001. there was a security station (a bit further up the road) but nobody actually had to stop or anything, it just marked the perimeter. you could drive all over the unrestricted parts of the space center without anyone caring or bothering you, in fact one of the main ways to get from Merritt Island to Titusville used to run right through KSC itself. then  happened and they walled it all off (creating massive traffic jams every morning of course) and rerouted that road to go around the perimeter fence and now everything sucks and all the cool stuff is too far away to see very well, thanks a lot terrorisme: i remember for a few years right after 9/11 they had little makeshift sandbag pill boxes set up along the road manned round the clock by military guys with very scary machine guns pointed at the oncoming highway traffic, like not even in the secure areas just along the public highway, that sure was fun Shame Boy fucked around with this message at 16:29 on Jul 14, 2017 |
|
#
?
Jul 14, 2017 16:27
|
|
|
ate all the Oreos posted:e: i remember for a few years right after 9/11 they had little makeshift sandbag pill boxes set up along the road manned round the clock by military guys with very scary machine guns pointed at the oncoming highway traffic, like not even in the secure areas just along the public highway, that sure was fun From what I hear those guns aren't even loaded most of the time. The "sit out by the highway in a concrete box under a hot sun" job isn't exactly the one they give to the top of the graduating class. Unlike most police forces the military doesn't think it's a good idea to let some goober gun down civilians everytime they get started by a stray shadow.
|
|
#
?
Jul 14, 2017 16:47
|
|
|
ate poo poo on live tv posted:Depends on the situation. Most military bases in the southwest US like in the middle of cities etc, are pretty chill about people coming on them. Lots even have public spaces for people to actually come have a picnic and visit on-base housing.
|
|
#
?
Jul 14, 2017 16:47
|
|
|
mrmcd posted:From what I hear those guns aren't even loaded most of the time. The "sit out by the highway in a concrete box under a hot sun" job isn't exactly the one they give to the top of the graduating class. Unlike most police forces the military doesn't think it's a good idea to let some goober gun down civilians everytime they get started by a stray shadow. well that and cookoffs are a real thing and blowing an ND into aunt agnes' bridge group is going to raise some funny questions
|
|
#
?
Jul 14, 2017 17:16
|
|
|
we're going to get pentested this weekend by some local infosec firm and i don't know which i would rather get to see: a printout of nessus scan results we already have, or for my boss to bug out over getting serious about security
|
|
#
?
Jul 14, 2017 20:45
|
|
|
ate all the Oreos posted:e: i remember for a few years right after 9/11 they had little makeshift sandbag pill boxes set up along the road manned round the clock by military guys with very scary machine guns pointed at the oncoming highway traffic, like not even in the secure areas just along the public highway, that sure was fun yeah i remember hearing that they closed down a1a past patrick afb so if you wanted to get from satellite to cocoa you had to cut through merritt island, and also made it so hard to get on and off pafb that a bunch of good restaurants and also a chinese buffet closed
|
|
#
?
Jul 14, 2017 20:49
|
|
|
Cocoa Crispies posted:yeah i remember hearing that they closed down a1a past patrick afb so if you wanted to get from satellite to cocoa you had to cut through merritt island, and also made it so hard to get on and off pafb that a bunch of good restaurants and also a chinese buffet closed lol yep i remember that happening, traffic was loving disastrous for a little while, and even after that there was a bunch of uncertainty because whenever the TERRORISMS ALERT LEVEL would go red they'd shut it down again. eventually they reenforced the base enough that that stopped i guess? we still occasionally get local news reports about POSSIBLE TERRORISM GUY CAUGHT TRYING TO ESCAPE OVER THE FENCE and then it turns out it was just like, some contractor who forgot his badge and was scared that he'd get fired if he was caught
|
|
#
?
Jul 14, 2017 20:54
|
|
|
anthonypants posted:we're going to get pentested this weekend by some local infosec firm and i don't know which i would rather get to see: a printout of nessus scan results we already have, or for my boss to bug out over getting serious about security remember to embarass them by filling out the phishing email wrong
|
|
#
?
Jul 14, 2017 21:00
|
|
|
ate all the Oreos posted:lol yep i remember that happening, traffic was loving disastrous for a little while, and even after that there was a bunch of uncertainty because whenever the TERRORISMS ALERT LEVEL would go red they'd shut it down again. eventually they reenforced the base enough that that stopped i guess? they probably realized nobody gives a poo poo about patrick except retirees that use their golf course and marina and high schoolers that use their bowling alley
|
|
#
?
Jul 14, 2017 21:03
|
|
|
Powaqoatse posted:remember to embarass them by filling out the phishing email wrong
|
|
#
?
Jul 14, 2017 21:08
|
|
|
auth hashes in whois results: https://theobsidiantower.com/2017/07/12/aef453e9f6c1a6125bcb97cc6a97ec2fde128574.html
|
|
#
?
Jul 14, 2017 21:14
|
|
|
anthonypants posted:one of the guys assigned to this pentest is an owasp member, and the one who will be doing the actual work is some guy who's only worked with them for about a month, so i'm very looking forward to how this is going to go that sounds super professional haha
|
|
#
?
Jul 14, 2017 21:16
|
|
|
Powaqoatse posted:that sounds super professional haha
|
|
#
?
Jul 14, 2017 21:24
|
|
|
why even tell you the guy is a newbie though??
|
|
#
?
Jul 14, 2017 21:26
|
|
|
Powaqoatse posted:why tell you the guy is a newbie though??
|
|
#
?
Jul 14, 2017 21:26
|
|
|
is the person new to pentesting or just that company? pentesters cycle through companies all the time.
|
|
#
?
Jul 14, 2017 21:26
|
|
|
anthonypants posted:i looked up his linkedin profile and it says he started with them june 2017 ahaha ok thats better. dudes gotta start somewhere
|
|
#
?
Jul 14, 2017 21:26
|
|
|
Subjunctive posted:is the person new to pentesting or just that company? pentesters cycle through companies all the time. maybe he's just real good at opsec lol anthonypants fucked around with this message at 21:30 on Jul 14, 2017 |
|
#
?
Jul 14, 2017 21:28
|
|
|
those are in reverse chronological order right? to me that could describe a natural talent finding their way (unless the last 3 are all the same employer)
|
|
#
?
Jul 14, 2017 22:03
|
|
|
Powaqoatse posted:those are in reverse chronological order right?
|
|
#
?
Jul 14, 2017 22:39
|
|
|
Powaqoatse posted:why even tell you the guy is a newbie though?? i wasn't even allowed to speak on calls or acknowledge I existed until i had worked more than 6 months at my last job because we didn't want to give the customers the impression that we were putting the rookie on their Very Important Project
|
|
#
?
Jul 14, 2017 22:40
|
|
|
https://twitter.com/CNN/status/885692095616487424
|
|
#
?
Jul 14, 2017 22:41
|
|
|
https://www.orpheus-lyre.info
|
|
#
?
Jul 14, 2017 22:48
|
|
|
|
|
#
?
Jul 14, 2017 23:05
|
|
|
word on the street is that Mafiaboy is involved if so then lol
|
|
#
?
Jul 14, 2017 23:20
|
|
|
ate all the Oreos posted:i wasn't even allowed to speak on calls or acknowledge I existed until i had worked more than 6 months at my last job because we didn't want to give the customers the impression that we were putting the rookie on their Very Important Project exactly also i would hate to be put as the main contact in my first couple months anywhere
|
|
#
?
Jul 15, 2017 01:44
|
|
|
Carbon dioxide posted:Several weeks ago I got a letter from my housing company, informing me that they had made a new website (subdomain of their main site) with a secure environment where their customers, (tenants), could login to view their personal information and update it online. The letter assured me that the website was double checked by some security company and deemed safe. the site has obviously been compromised and the email you sent was received by whoever is in control. alerted by your snooping, they just added a cert temporarily and in about a week once you'll never visit that site again they'll just revert the change and resume passive capture of the data & credentials since anyway the scrub tier bottom-of-the-barrel ~web developer~ your housing company contracted the work to will eventually have to respond to the multiple daily, panic filled voice mails left by their client. he'll leap into action and reset the credentials of the account, stored in the web server he runs in his basement. it's an older machine, but it's still able to run that cracked copy of adobe cs6 he got off of thepiratebay. slightly concerned about the integrity of his client's data, he'll copy over the plain text file in which client info & financials are stored to the always plugged in thumb drive. "good, that's taken care of", he thinks, as he starts writing an excuse filled email to the client, explaining how he was super busy over the last couple weeks but how he also spent a ton of time doing advanced threat analysis and that his bill for this month will be a bit higher. meanwhile, unaware that your info has already been sold over and over again, you decide to treat yourself and buy that thing you wanted off of ebay. you place the order, but strangely a couple days later you get an email mentioning the order was cancelled. "bah, no biggie, the seller must've ran out, i'll shop for the thing again when i have a moment next weekend". since you're a busy guy, you forget about the whole thing and a few weeks later the police show up at your door; they'd like to ask you a few questions about your recent suspicious activity, turns out the gift card was purchased with a stolen credit card.
|
|
#
?
Jul 15, 2017 01:59
|
|
|
yoloer420 posted:It emulates a keyboard to pop your browser and enter a url. So it isn't a flash drive or whatever. i've seen a usb-drive-in-a-pet-collar at my local store, i'm not 100% sure why you wouldn't just get an engraved medal with your phone number but whatever.  you could get a bunch of the cutest kittens and puppies from your local shelters, strap them with malware drives and start dropping them in and around your target's building. i mean, what kind of monster wouldn't try to get a lost pet home? please don't do this
|
|
#
?
Jul 15, 2017 02:23
|
|
|
surebet posted:the site has obviously been compromised and the email you sent was received by whoever is in control. alerted by your snooping, they just added a cert temporarily and in about a week once you'll never visit that site again they'll just revert the change and resume passive capture of the data & credentials since anyway the scrub tier bottom-of-the-barrel ~web developer~ your housing company contracted the work to will eventually have to respond to the multiple daily, panic filled voice mails left by their client. wow I need a cig after that
|
|
#
?
Jul 15, 2017 02:32
|
|
|
surebet posted:you could get a bunch of the cutest kittens and puppies from your local shelters, strap them with malware drives and start dropping them in and around your target's building. No you want to get your cats on the black market. Shelter cats are all microchipped and they could trace it back to you
|
|
#
?
Jul 15, 2017 02:33
|
|
|
pro tip: barns and harbors are unregistered cat centrals
|
|
#
?
Jul 15, 2017 02:36
|
|
|
surebet posted:i've seen a usb-drive-in-a-pet-collar at my local store, i'm not 100% sure why you wouldn't just get an engraved medal with your phone number but whatever. someone someday will do this and it will confirm that this truly is the worst timeline
|
|
#
?
Jul 15, 2017 03:00
|
|
|
Ciaphas posted:someone someday will do this and it will confirm that this truly is the worst timeline you're using the future tense there
|
|
#
?
Jul 15, 2017 03:12
|
|
|
Midjack posted:you're using the future tense there i mean probably but it's not confirmed until someone does the cat malware thing, 'sall i'm saying
|
|
#
?
Jul 15, 2017 03:16
|
|
|
https://www.youtube.com/watch?v=DMNSvHswljM
|
|
#
?
Jul 15, 2017 03:59
|
|
|
im the denial of service dog
|
|
#
?
Jul 15, 2017 04:04
|
|
|
Powaqoatse posted:denial of service dog mods plzzzzzzzz
|
|
#
?
Jul 15, 2017 04:29
|
|
|
https://mobile.twitter.com/selenalarson/status/885897597197533185
|
|
#
?
Jul 15, 2017 07:24
|
|
|
|
| # ? May 15, 2024 01:51 |
|
|
Carbon dioxide posted:Several weeks ago I got a letter from my housing company, informing me that they had made a new website (subdomain of their main site) with a secure environment where their customers, (tenants), could login to view their personal information and update it online. The letter assured me that the website was double checked by some security company and deemed safe. Hey I happen to know which country you're from and by far the most companies respond fairly well to responsible disclosures. The culture and legal climate are very very different from the US. I get why some people itt say "full disclosure always" but here it's not the case at all. Biggest issue is companies simply not responding or responding positively initially and then going into radio silence mode. But f you find something and don't touch the poop (follow responsible disclosure guidelines) then no judge will convict you. If you find a serious issue and the company doesn't respond or doesn't fix the issue in a reasonable amount of time or properly then the government will actually help you and act as intermediary. This works 99% of the time. spankmeister fucked around with this message at 08:06 on Jul 15, 2017 |
|
#
?
Jul 15, 2017 08:03
|
|
